EXTERNAL_HEADERS/corecrypto/ccdrbg.h

   1 /*
   2  * Copyright (c) 2007-2010 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 /*!
  25  @header corecrypto/ccdrbg.h
  26  @abstract The functions provided in ccdrbg.h implement high-level accessors
  27  to cryptographically secure random numbers.
  28
  29  */
  30
  31 #ifndef _CORECRYPTO_CCDRBG_H_
  32 #define _CORECRYPTO_CCDRBG_H_
  33
  34 #include <corecrypto/cc.h>
  35 #include <corecrypto/ccdrbg_impl.h>
  36
  37 /* TODO: Error codes ? */
  38 #define CCDRBG_STATUS_OK 0
  39 #define CCDRBG_STATUS_ERROR (-1)
  40 #define CCDRBG_STATUS_NEED_RESEED (-2)
  41 #define CCDRBG_STATUS_PARAM_ERROR (-3)
  42
  43 CC_INLINE size_t ccdrbg_context_size(const struct ccdrbg_info *drbg)
  44 {
  45     return drbg->size;
  46 }
  47
  48 CC_INLINE int ccdrbg_init(const struct ccdrbg_info *info,
  49                         struct ccdrbg_state *drbg,
  50             unsigned long entropyLength, const void* entropy,
  51             unsigned long nonceLength, const void* nonce,
  52             unsigned long psLength, const void* ps)
  53 {
  54         return info->init(info, drbg, entropyLength, entropy, nonceLength, nonce, psLength, ps);
  55 }
  56
  57 CC_INLINE int ccdrbg_reseed(const struct ccdrbg_info *info,
  58                 struct ccdrbg_state *prng,
  59                 unsigned long entropylen, const void *entropy,
  60                 unsigned long inlen, const void *in)
  61 {
  62         return info->reseed(prng, entropylen, entropy, inlen, in);
  63 }
  64
  65
  66 CC_INLINE int ccdrbg_generate(const struct ccdrbg_info *info,
  67                 struct ccdrbg_state *prng,
  68                 unsigned long outlen, void *out,
  69                 unsigned long inlen, const void *in)
  70 {
  71         return info->generate(prng, outlen, out, inlen, in);
  72 }
  73
  74 CC_INLINE void ccdrbg_done(const struct ccdrbg_info *info,
  75                 struct ccdrbg_state *prng)
  76 {
  77         info->done(prng);
  78 }
  79
  80
  81 extern struct ccdrbg_info ccdrbg_dummy_info;
  82 extern struct ccdrbg_info ccdrbg_fipssha1_info;
  83
  84 struct ccdrbg_nistctr_custom {
  85     const struct ccmode_ecb *ecb;
  86     unsigned long keylen;
  87     int strictFIPS;
  88     int use_df;
  89 };
  90
  91 void ccdrbg_factory_nistctr(struct ccdrbg_info *info, const struct ccdrbg_nistctr_custom *custom);
  92
  93 extern struct ccdrbg_info ccdrbg_nistdigest_info;
  94
  95 struct ccdrbg_nisthmac_custom {
  96     const struct ccdigest_info *di;
  97     int strictFIPS;
  98 };
  99
 100 // "class" method on nisthmac dbrg's to ask about their security_strength for a given di
 101 int ccdbrg_nisthmac_security_strength(const struct ccdrbg_nisthmac_custom *custom);
 102
 103 void ccdrbg_factory_nisthmac(struct ccdrbg_info *info, const struct ccdrbg_nisthmac_custom *custom);
 104
 105 #endif /* _CORECRYPTO_CCDRBG_H_ */