3 * Copyright (C) 2006-2014 wolfSSL Inc.
5 * This file is part of CyaSSL.
7 * CyaSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
12 * CyaSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
25 #ifndef CTAO_CRYPT_HMAC_H
26 #define CTAO_CRYPT_HMAC_H
28 #include <cyassl/ctaocrypt/types.h>
31 #include <cyassl/ctaocrypt/md5.h>
35 #include <cyassl/ctaocrypt/sha.h>
39 #include <cyassl/ctaocrypt/sha256.h>
43 #include <cyassl/ctaocrypt/sha512.h>
47 #include <cyassl/ctaocrypt/blake2.h>
51 #include <cyassl/ctaocrypt/logging.h>
52 #include "cavium_common.h"
60 #define CYASSL_HMAC_CAVIUM_MAGIC 0xBEEF0005
63 HMAC_FIPS_MIN_KEY = 14, /* 112 bit key length minimum */
68 /* If any hash is not enabled, add the ID here. */
88 /* Select the largest available hash for the buffer size. */
89 #if defined(CYASSL_SHA512)
90 MAX_DIGEST_SIZE = SHA512_DIGEST_SIZE,
91 HMAC_BLOCK_SIZE = SHA512_BLOCK_SIZE
92 #elif defined(HAVE_BLAKE2)
93 MAX_DIGEST_SIZE = BLAKE2B_OUTBYTES,
94 HMAC_BLOCK_SIZE = BLAKE2B_BLOCKBYTES,
95 #elif defined(CYASSL_SHA384)
96 MAX_DIGEST_SIZE = SHA384_DIGEST_SIZE,
97 HMAC_BLOCK_SIZE = SHA384_BLOCK_SIZE
98 #elif !defined(NO_SHA256)
99 MAX_DIGEST_SIZE = SHA256_DIGEST_SIZE,
100 HMAC_BLOCK_SIZE = SHA256_BLOCK_SIZE
101 #elif !defined(NO_SHA)
102 MAX_DIGEST_SIZE = SHA_DIGEST_SIZE,
103 HMAC_BLOCK_SIZE = SHA_BLOCK_SIZE
104 #elif !defined(NO_MD5)
105 MAX_DIGEST_SIZE = MD5_DIGEST_SIZE,
106 HMAC_BLOCK_SIZE = MD5_BLOCK_SIZE
108 #error "You have to have some kind of hash if you want to use HMAC."
136 typedef struct Hmac {
138 word32 ipad[HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
139 word32 opad[HMAC_BLOCK_SIZE / sizeof(word32)];
140 word32 innerHash[MAX_DIGEST_SIZE / sizeof(word32)];
141 byte macType; /* md5 sha or sha256 */
142 byte innerHashKeyed; /* keyed flag */
144 word16 keyLen; /* hmac key length */
146 HashType type; /* hmac key type */
147 int devId; /* nitrox device id */
148 word32 magic; /* using cavium magic */
149 word64 contextHandle; /* nitrox context memory handle */
150 byte* data; /* buffered input data for one call */
156 CYASSL_API int HmacSetKey(Hmac*, int type, const byte* key, word32 keySz);
157 CYASSL_API int HmacUpdate(Hmac*, const byte*, word32);
158 CYASSL_API int HmacFinal(Hmac*, byte*);
161 CYASSL_API int HmacInitCavium(Hmac*, int);
162 CYASSL_API void HmacFreeCavium(Hmac*);
165 CYASSL_API int CyaSSL_GetHmacMaxSize(void);
170 CYASSL_API int HKDF(int type, const byte* inKey, word32 inKeySz,
171 const byte* salt, word32 saltSz,
172 const byte* info, word32 infoSz,
173 byte* out, word32 outSz);
175 #endif /* HAVE_HKDF */
179 /* fips wrapper calls, user can call direct */
180 CYASSL_API int HmacSetKey_fips(Hmac*, int type, const byte* key,
182 CYASSL_API int HmacUpdate_fips(Hmac*, const byte*, word32);
183 CYASSL_API int HmacFinal_fips(Hmac*, byte*);
184 #ifndef FIPS_NO_WRAPPERS
185 /* if not impl or fips.c impl wrapper force fips calls if fips build */
186 #define HmacSetKey HmacSetKey_fips
187 #define HmacUpdate HmacUpdate_fips
188 #define HmacFinal HmacFinal_fips
189 #endif /* FIPS_NO_WRAPPERS */
191 #endif /* HAVE_FIPS */
198 #endif /* CTAO_CRYPT_HMAC_H */