3 * $Id: hmac.h,v 1.6 2001/04/19 18:24:45 mdw Exp $
5 * Generic code for HMAC and NMAC
7 * (c) 1998 Straylight/Edgeware
10 /*----- Licensing notice --------------------------------------------------*
12 * This file is part of Catacomb.
14 * Catacomb is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU Library General Public License as
16 * published by the Free Software Foundation; either version 2 of the
17 * License, or (at your option) any later version.
19 * Catacomb is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU Library General Public License for more details.
24 * You should have received a copy of the GNU Library General Public
25 * License along with Catacomb; if not, write to the Free
26 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
30 /*----- Revision history --------------------------------------------------*
33 * Revision 1.6 2001/04/19 18:24:45 mdw
34 * Provide correct key sizes for NMAC, HMAC and SSLMAC.
36 * Revision 1.5 2001/04/03 19:35:45 mdw
37 * Support the SSL HMAC variant (untested).
39 * Revision 1.4 2000/10/15 19:09:20 mdw
40 * Support HMAC mode for hash functions which need to store more state than
41 * the hash output size.
43 * Revision 1.3 2000/06/17 11:23:57 mdw
44 * New key size interface.
46 * Revision 1.2 1999/12/10 23:17:39 mdw
47 * Split mode macros into interface and implementation.
49 * Revision 1.1 1999/09/03 08:41:12 mdw
54 /*----- Notes on the HMAC and NMAC constructions --------------------------*
56 * Designed by Mihir Bellare, Ran Canetti and Hugo Krawczyk, NMAC is a method
57 * for constructing keyed message authentication algorithms from unkeyed hash
58 * functions. It has been proven to provide useful security given reasonable
59 * assumptions about the underlying hash function. HMAC is an alternative
60 * formulation which doesn't require low-level access to the hash function's
61 * implementation. NMAC was designed to allow MD5 has a suitable underlying
62 * hash function, even though doubts were already being raised about its
63 * collision resistance.
66 #ifndef CATACOMB_HMAC_H
67 #define CATACOMB_HMAC_H
73 /*----- Header files ------------------------------------------------------*/
77 #include <mLib/bits.h>
79 #ifndef CATACOMB_GMAC_H
83 /*----- Macros ------------------------------------------------------------*/
85 /* --- @HMAC_DECL@ --- *
87 * Arguments: @PRE@, @pre@ = prefixes for the underlying hash function
89 * Use: Creates declarations for the HMAC and NMAC functions.
92 #define HMAC_DECL(PRE, pre) \
94 /* --- An HMAC or NMAC key --- */ \
96 typedef struct pre##_mackey { \
97 octet ochain[PRE##_STATESZ]; /* Chaining for outer hash */ \
98 unsigned ocount; /* Byte count for outer hash */ \
99 octet ichain[PRE##_STATESZ]; /* Chaining for inner hash */ \
100 unsigned icount; /* Byte count for inner hash */ \
103 /* --- An HMAC or NMAC hashing context --- */ \
105 typedef struct pre##_macctx { \
106 pre##_ctx ctx; /* Context for main hashing */ \
107 octet chain[PRE##_STATESZ]; /* Chaining for outer hash */ \
108 unsigned count; /* Byte count for outer hash */ \
111 /* --- Other useful constants --- */ \
113 extern const octet pre##_hmackeysz[]; \
114 extern const octet pre##_nmackeysz[]; \
115 extern const octet pre##_sslmackeysz[]; \
117 /* --- @pre_nmacinit@ --- * \
119 * Arguments: @pre_macctx *key@ = pointer to a MAC key object \
120 * @const void *ok@ = pointer to outer hash init vector \
121 * @const void *ik@ = pointer to inner hash init vector \
125 * Use: Initializes a MAC key for doing NMAC hashing. \
128 extern void pre##_nmacinit(pre##_mackey */*key*/, \
129 const void */*ok*/, const void */*ik*/); \
131 /* --- @pre_hmacinit@ --- * \
133 * Arguments: @pre_mackey *key@ = pointer to MAC key object \
134 * @const void *k@ = pointer to key to use \
135 * @size_t sz@ = size of key data \
139 * Use: Initializes a MAC key for doing HMAC hashing. Keys \
140 * longer than the hash function's output size aren't very \
141 * useful, but are accepted. Keys longer than the hash's \
142 * block size are also accepted; they are hashed before \
143 * use, as specified in RFC2104. \
146 extern void pre##_hmacinit(pre##_mackey */*key*/, \
147 const void */*k*/, size_t /*sz*/); \
149 /* --- @pre_sslmacinit@ --- * \
151 * Arguments: @pre_mackey *key@ = pointer to MAC key object \
152 * @const void *k@ = pointer to key to use \
153 * @size_t sz@ = size of key data \
157 * Use: Initializes a MAC key for doing hasing using the SSL3 \
161 extern void pre##_sslmacinit(pre##_mackey */*key*/, \
162 const void */*k*/, size_t /*sz*/); \
164 /* --- @pre_macinit@ --- * \
166 * Arguments: @pre_macctx *ctx@ = pointer to MAC context block \
167 * @const pre_mackey *key@ = pointer to MAC key block \
171 * Use: Instantiates a MAC context from a key block. \
174 extern void pre##_macinit(pre##_macctx */*ctx*/, \
175 const pre##_mackey */*key*/); \
177 /* --- @pre_machash@ --- * \
179 * Arguments: @pre_macctx *ctx@ = pointer to MAC context block \
180 * @const void *buf@ = pointer to buffer \
181 * @size_t sz@ = size of the buffer \
185 * Use: Hashes a buffer. \
188 extern void pre##_machash(pre##_macctx */*ctx*/, \
189 const void */*buf*/, size_t /*sz*/); \
191 /* --- @pre_macdone@ --- * \
193 * Arguments: @pre_macctx *ctx@ = pointer to MAC context block \
194 * @void *mac@ = pointer to buffer to receive MAC \
198 * Use: Returns the result of a MAC computation. \
201 extern void pre##_macdone(pre##_macctx */*ctx*/, void */*mac*/); \
203 /* --- Generic MAC interface --- */ \
205 extern const gcmac pre##_hmac; \
206 extern const gcmac pre##_nmac; \
207 extern const gcmac pre##_sslmac;
209 /*----- That's all, folks -------------------------------------------------*/