[u/mdw/catacomb] / hmac.h

/* -*-c-*-
 *
 * $Id: hmac.h,v 1.6 2001/04/19 18:24:45 mdw Exp $
 *
 * Generic code for HMAC and NMAC
 *
 * (c) 1998 Straylight/Edgeware
 */

/*----- Licensing notice --------------------------------------------------* 
 *
 * This file is part of Catacomb.
 *
 * Catacomb is free software; you can redistribute it and/or modify
 * it under the terms of the GNU Library General Public License as
 * published by the Free Software Foundation; either version 2 of the
 * License, or (at your option) any later version.
 * 
 * Catacomb is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Library General Public License for more details.
 * 
 * You should have received a copy of the GNU Library General Public
 * License along with Catacomb; if not, write to the Free
 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
 * MA 02111-1307, USA.
 */

/*----- Revision history --------------------------------------------------* 
 *
 * $Log: hmac.h,v $
 * Revision 1.6  2001/04/19 18:24:45  mdw
 * Provide correct key sizes for NMAC, HMAC and SSLMAC.
 *
 * Revision 1.5  2001/04/03 19:35:45  mdw
 * Support the SSL HMAC variant (untested).
 *
 * Revision 1.4  2000/10/15 19:09:20  mdw
 * Support HMAC mode for hash functions which need to store more state than
 * the hash output size.
 *
 * Revision 1.3  2000/06/17 11:23:57  mdw
 * New key size interface.
 *
 * Revision 1.2  1999/12/10 23:17:39  mdw
 * Split mode macros into interface and implementation.
 *
 * Revision 1.1  1999/09/03 08:41:12  mdw
 * Initial import.
 *
 */

/*----- Notes on the HMAC and NMAC constructions --------------------------*
 *
 * Designed by Mihir Bellare, Ran Canetti and Hugo Krawczyk, NMAC is a method
 * for constructing keyed message authentication algorithms from unkeyed hash
 * functions.  It has been proven to provide useful security given reasonable
 * assumptions about the underlying hash function.  HMAC is an alternative
 * formulation which doesn't require low-level access to the hash function's
 * implementation.  NMAC was designed to allow MD5 has a suitable underlying
 * hash function, even though doubts were already being raised about its
 * collision resistance.
 */

#ifndef CATACOMB_HMAC_H
#define CATACOMB_HMAC_H

#ifdef __cplusplus
  extern "C" {
#endif

/*----- Header files ------------------------------------------------------*/

#include <stddef.h>

#include <mLib/bits.h>

#ifndef CATACOMB_GMAC_H
#  include "gmac.h"
#endif

/*----- Macros ------------------------------------------------------------*/

/* --- @HMAC_DECL@ --- *
 *
 * Arguments:	@PRE@, @pre@ = prefixes for the underlying hash function
 *
 * Use:		Creates declarations for the HMAC and NMAC functions.
 */

#define HMAC_DECL(PRE, pre)						\
									\
/* --- An HMAC or NMAC key --- */					\
									\
typedef struct pre##_mackey {						\
  octet ochain[PRE##_STATESZ];		/* Chaining for outer hash */	\
  unsigned ocount;			/* Byte count for outer hash */	\
  octet ichain[PRE##_STATESZ];		/* Chaining for inner hash */	\
  unsigned icount;			/* Byte count for inner hash */	\
} pre##_mackey;								\
									\
/* --- An HMAC or NMAC hashing context --- */				\
									\
typedef struct pre##_macctx {						\
  pre##_ctx ctx;			/* Context for main hashing */	\
  octet chain[PRE##_STATESZ];		/* Chaining for outer hash */	\
  unsigned count;			/* Byte count for outer hash */	\
} pre##_macctx;								\
									\
/* --- Other useful constants --- */					\
									\
extern const octet pre##_hmackeysz[];					\
extern const octet pre##_nmackeysz[];					\
extern const octet pre##_sslmackeysz[];					\
									\
/* --- @pre_nmacinit@ --- *						\
 *									\
 * Arguments:	@pre_macctx *key@ = pointer to a MAC key object		\
 *		@const void *ok@ = pointer to outer hash init vector	\
 *		@const void *ik@ = pointer to inner hash init vector	\
 *									\
 * Returns:	---							\
 *									\
 * Use:		Initializes a MAC key for doing NMAC hashing.		\
 */									\
									\
extern void pre##_nmacinit(pre##_mackey */*key*/,			\
			   const void */*ok*/, const void */*ik*/);	\
									\
/* --- @pre_hmacinit@ --- *						\
 *									\
 * Arguments:	@pre_mackey *key@ = pointer to MAC key object		\
 *		@const void *k@ = pointer to key to use			\
 *		@size_t sz@ = size of key data				\
 *									\
 * Returns:	---							\
 *									\
 * Use:		Initializes a MAC key for doing HMAC hashing.  Keys	\
 *		longer than the hash function's output size aren't very	\
 *		useful, but are accepted.  Keys longer than the hash's	\
 *		block size are also accepted; they are hashed before	\
 *		use, as specified in RFC2104.				\
 */									\
									\
extern void pre##_hmacinit(pre##_mackey */*key*/, 			\
			   const void */*k*/, size_t /*sz*/);		\
									\
/* --- @pre_sslmacinit@ --- *						\
 *									\
 * Arguments:	@pre_mackey *key@ = pointer to MAC key object		\
 *		@const void *k@ = pointer to key to use			\
 *		@size_t sz@ = size of key data				\
 *									\
 * Returns:	---							\
 *									\
 * Use:		Initializes a MAC key for doing hasing using the SSL3	\
 *		variant of HMAC.					\
 */									\
									\
extern void pre##_sslmacinit(pre##_mackey */*key*/,			\
			     const void */*k*/, size_t /*sz*/);		\
									\
/* --- @pre_macinit@ --- *						\
 *									\
 * Arguments:	@pre_macctx *ctx@ = pointer to MAC context block	\
 *		@const pre_mackey *key@ = pointer to MAC key block	\
 *									\
 * Returns:	---							\
 *									\
 * Use:		Instantiates a MAC context from a key block.		\
 */									\
									\
extern void pre##_macinit(pre##_macctx */*ctx*/,			\
			  const pre##_mackey */*key*/);			\
									\
/* --- @pre_machash@ --- *						\
 *									\
 * Arguments:	@pre_macctx *ctx@ = pointer to MAC context block	\
 *		@const void *buf@ = pointer to buffer			\
 *		@size_t sz@ = size of the buffer			\
 *									\
 * Returns:	---							\
 *									\
 * Use:		Hashes a buffer.					\
 */									\
									\
extern void pre##_machash(pre##_macctx */*ctx*/,			\
			  const void */*buf*/, size_t /*sz*/);		\
									\
/* --- @pre_macdone@ --- *						\
 *									\
 * Arguments:	@pre_macctx *ctx@ = pointer to MAC context block	\
 *		@void *mac@ = pointer to buffer to receive MAC		\
 *									\
 * Returns:	---							\
 *									\
 * Use:		Returns the result of a MAC computation.		\
 */									\
									\
extern void pre##_macdone(pre##_macctx */*ctx*/, void */*mac*/);	\
									\
/* --- Generic MAC interface --- */					\
									\
extern const gcmac pre##_hmac;						\
extern const gcmac pre##_nmac;						\
extern const gcmac pre##_sslmac;

/*----- That's all, folks -------------------------------------------------*/

#ifdef __cplusplus
  }
#endif

#endif
Commit	Line	Data
d03ab969	1	/* --c--
d03ab969	2	*
2a62e96d	3	* $Id: hmac.h,v 1.6 2001/04/19 18:24:45 mdw Exp $
d03ab969	4	*
	5	* Generic code for HMAC and NMAC
	6	*
	7	* (c) 1998 Straylight/Edgeware
	8	*/
	9
	10	/----- Licensing notice --------------------------------------------------
	11	*
	12	* This file is part of Catacomb.
	13	*
	14	* Catacomb is free software; you can redistribute it and/or modify
	15	* it under the terms of the GNU Library General Public License as
	16	* published by the Free Software Foundation; either version 2 of the
	17	* License, or (at your option) any later version.
	18	*
	19	* Catacomb is distributed in the hope that it will be useful,
	20	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	21	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	22	* GNU Library General Public License for more details.
	23	*
	24	* You should have received a copy of the GNU Library General Public
	25	* License along with Catacomb; if not, write to the Free
	26	* Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
	27	* MA 02111-1307, USA.
	28	*/
	29
	30	/----- Revision history --------------------------------------------------
	31	*
	32	* $Log: hmac.h,v $
2a62e96d	33	* Revision 1.6 2001/04/19 18:24:45 mdw
	34	* Provide correct key sizes for NMAC, HMAC and SSLMAC.
	35	*
36c67859	36	* Revision 1.5 2001/04/03 19:35:45 mdw
	37	* Support the SSL HMAC variant (untested).
	38	*
c850c0da	39	* Revision 1.4 2000/10/15 19:09:20 mdw
	40	* Support HMAC mode for hash functions which need to store more state than
	41	* the hash output size.
	42	*
6ced98bd	43	* Revision 1.3 2000/06/17 11:23:57 mdw
	44	* New key size interface.
	45	*
79ba130c	46	* Revision 1.2 1999/12/10 23:17:39 mdw
	47	* Split mode macros into interface and implementation.
	48	*
d03ab969	49	* Revision 1.1 1999/09/03 08:41:12 mdw
	50	* Initial import.
	51	*
	52	*/
	53
	54	/----- Notes on the HMAC and NMAC constructions --------------------------
	55	*
79ba130c	56	* Designed by Mihir Bellare, Ran Canetti and Hugo Krawczyk, NMAC is a method
	57	* for constructing keyed message authentication algorithms from unkeyed hash
	58	* functions. It has been proven to provide useful security given reasonable
	59	* assumptions about the underlying hash function. HMAC is an alternative
	60	* formulation which doesn't require low-level access to the hash function's
	61	* implementation. NMAC was designed to allow MD5 has a suitable underlying
	62	* hash function, even though doubts were already being raised about its
	63	* collision resistance.
d03ab969	64	*/
d03ab969	65
79ba130c	66	#ifndef CATACOMB_HMAC_H
79ba130c	67	#define CATACOMB_HMAC_H
d03ab969	68
	69	#ifdef __cplusplus
	70	extern "C" {
	71	#endif
	72
	73	/----- Header files ------------------------------------------------------/
	74
79ba130c	75	#include <stddef.h>
d03ab969	76
	77	#include <mLib/bits.h>
	78
79ba130c	79	#ifndef CATACOMB_GMAC_H
79ba130c	80	# include "gmac.h"
d03ab969	81	#endif
	82
	83	/----- Macros ------------------------------------------------------------/
	84
	85	/* --- @HMAC_DECL@ --- *
	86	*
	87	* Arguments: @PRE@, @pre@ = prefixes for the underlying hash function
	88	*
	89	* Use: Creates declarations for the HMAC and NMAC functions.
	90	*/
	91
	92	#define HMAC_DECL(PRE, pre) \
	93	\
79ba130c	94	/* --- An HMAC or NMAC key --- */ \
79ba130c	95	\
d03ab969	96	typedef struct pre##_mackey { \
c850c0da	97	octet ochain[PRE##_STATESZ]; /* Chaining for outer hash */ \
79ba130c	98	unsigned ocount; /* Byte count for outer hash */ \
c850c0da	99	octet ichain[PRE##_STATESZ]; /* Chaining for inner hash */ \
79ba130c	100	unsigned icount; /* Byte count for inner hash */ \
d03ab969	101	} pre##_mackey; \
d03ab969	102	\
79ba130c	103	/* --- An HMAC or NMAC hashing context --- */ \
79ba130c	104	\
d03ab969	105	typedef struct pre##_macctx { \
d03ab969	106	pre##_ctx ctx; /* Context for main hashing */ \
c850c0da	107	octet chain[PRE##_STATESZ]; /* Chaining for outer hash */ \
79ba130c	108	unsigned count; /* Byte count for outer hash */ \
d03ab969	109	} pre##_macctx; \
d03ab969	110	\
6ced98bd	111	/* --- Other useful constants --- */ \
6ced98bd	112	\
2a62e96d	113	extern const octet pre##_hmackeysz[]; \
	114	extern const octet pre##_nmackeysz[]; \
	115	extern const octet pre##_sslmackeysz[]; \
6ced98bd	116	\
79ba130c	117	/* --- @pre_nmacinit@ --- * \
d03ab969	118	* \
	119	* Arguments: @pre_macctx *key@ = pointer to a MAC key object \
	120	* @const void *ok@ = pointer to outer hash init vector \
	121	* @const void *ik@ = pointer to inner hash init vector \
	122	* \
	123	* Returns: --- \
	124	* \
	125	* Use: Initializes a MAC key for doing NMAC hashing. \
	126	*/ \
	127	\
79ba130c	128	extern void pre##_nmacinit(pre##_mackey /key*/, \
79ba130c	129	const void /ok/, const void /ik/); \
d03ab969	130	\
79ba130c	131	/* --- @pre_hmacinit@ --- * \
d03ab969	132	* \
	133	* Arguments: @pre_mackey *key@ = pointer to MAC key object \
	134	* @const void *k@ = pointer to key to use \
	135	* @size_t sz@ = size of key data \
	136	* \
	137	* Returns: --- \
	138	* \
	139	* Use: Initializes a MAC key for doing HMAC hashing. Keys \
	140	* longer than the hash function's output size aren't very \
	141	* useful, but are accepted. Keys longer than the hash's \
	142	* block size are also accepted; they are hashed before \
	143	* use, as specified in RFC2104. \
	144	*/ \
	145	\
79ba130c	146	extern void pre##_hmacinit(pre##_mackey /key*/, \
79ba130c	147	const void /k/, size_t /sz*/); \
d03ab969	148	\
36c67859	149	/* --- @pre_sslmacinit@ --- * \
	150	* \
	151	* Arguments: @pre_mackey *key@ = pointer to MAC key object \
	152	* @const void *k@ = pointer to key to use \
	153	* @size_t sz@ = size of key data \
	154	* \
	155	* Returns: --- \
	156	* \
	157	* Use: Initializes a MAC key for doing hasing using the SSL3 \
	158	* variant of HMAC. \
	159	*/ \
	160	\
	161	extern void pre##_sslmacinit(pre##_mackey /key*/, \
	162	const void /k/, size_t /sz*/); \
	163	\
d03ab969	164	/* --- @pre_macinit@ --- * \
	165	* \
	166	* Arguments: @pre_macctx *ctx@ = pointer to MAC context block \
	167	* @const pre_mackey *key@ = pointer to MAC key block \
	168	* \
	169	* Returns: --- \
	170	* \
	171	* Use: Instantiates a MAC context from a key block. \
	172	*/ \
	173	\
79ba130c	174	extern void pre##_macinit(pre##_macctx /ctx*/, \
79ba130c	175	const pre##_mackey /key*/); \
d03ab969	176	\
79ba130c	177	/* --- @pre_machash@ --- * \
d03ab969	178	* \
	179	* Arguments: @pre_macctx *ctx@ = pointer to MAC context block \
	180	* @const void *buf@ = pointer to buffer \
	181	* @size_t sz@ = size of the buffer \
	182	* \
	183	* Returns: --- \
	184	* \
	185	* Use: Hashes a buffer. \
	186	*/ \
	187	\
79ba130c	188	extern void pre##_machash(pre##_macctx /ctx*/, \
79ba130c	189	const void /buf/, size_t /sz*/); \
d03ab969	190	\
	191	/* --- @pre_macdone@ --- * \
	192	* \
	193	* Arguments: @pre_macctx *ctx@ = pointer to MAC context block \
	194	* @void *mac@ = pointer to buffer to receive MAC \
	195	* \
	196	* Returns: --- \
	197	* \
	198	* Use: Returns the result of a MAC computation. \
	199	*/ \
	200	\
79ba130c	201	extern void pre##_macdone(pre##_macctx /ctx/, void /mac/); \
d03ab969	202	\
79ba130c	203	/* --- Generic MAC interface --- */ \
d03ab969	204	\
2a62e96d	205	extern const gcmac pre##_hmac; \
	206	extern const gcmac pre##_nmac; \
	207	extern const gcmac pre##_sslmac;
d03ab969	208
	209	/----- That's all, folks -------------------------------------------------/
	210
	211	#ifdef __cplusplus
	212	}
	213	#endif
	214
	215	#endif