aes, hmac: adding apple common crypto support
This commit is contained in:
Richard Aas
parent
53fa177ff6
commit
9a044b2f40
4 changed files with 193 additions and 0 deletions
120
src/aes/apple/aes.c
Normal file
120
src/aes/apple/aes.c
Normal file
|
|
@ -0,0 +1,120 @@
|
|||
/**
|
||||
* @file apple/aes.c AES using Apple CommonCrypto API
|
||||
*
|
||||
* Copyright (C) 2010 Creytiv.com
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
#include <re_types.h>
|
||||
#include <re_mem.h>
|
||||
#include <re_fmt.h>
|
||||
#include <re_aes.h>
|
||||
#include <CommonCrypto/CommonCryptor.h>
|
||||
|
||||
|
||||
struct aes {
|
||||
CCCryptorRef cryptor;
|
||||
uint8_t key[64];
|
||||
size_t key_bytes;
|
||||
};
|
||||
|
||||
|
||||
static void destructor(void *arg)
|
||||
{
|
||||
struct aes *st = arg;
|
||||
|
||||
if (st->cryptor)
|
||||
CCCryptorRelease(st->cryptor);
|
||||
}
|
||||
|
||||
|
||||
int aes_alloc(struct aes **stp, enum aes_mode mode,
|
||||
const uint8_t *key, size_t key_bits,
|
||||
const uint8_t iv[AES_BLOCK_SIZE])
|
||||
{
|
||||
struct aes *st;
|
||||
size_t key_bytes = key_bits / 8;
|
||||
CCCryptorStatus status;
|
||||
int err = 0;
|
||||
|
||||
if (!stp || !key)
|
||||
return EINVAL;
|
||||
|
||||
if (mode != AES_MODE_CTR)
|
||||
return ENOTSUP;
|
||||
|
||||
st = mem_zalloc(sizeof(*st), destructor);
|
||||
if (!st)
|
||||
return ENOMEM;
|
||||
|
||||
if (key_bytes > sizeof(st->key)) {
|
||||
err = EINVAL;
|
||||
goto out;
|
||||
}
|
||||
|
||||
st->key_bytes = key_bytes;
|
||||
memcpy(st->key, key, st->key_bytes);
|
||||
|
||||
/* used for both encryption and decryption because CTR is symmetric */
|
||||
status = CCCryptorCreateWithMode(kCCEncrypt, kCCModeCTR,
|
||||
kCCAlgorithmAES, ccNoPadding,
|
||||
iv, key, key_bytes, NULL, 0, 0,
|
||||
kCCModeOptionCTR_BE, &st->cryptor);
|
||||
if (status != kCCSuccess) {
|
||||
err = EPROTO;
|
||||
goto out;
|
||||
}
|
||||
|
||||
out:
|
||||
if (err)
|
||||
mem_deref(st);
|
||||
else
|
||||
*stp = st;
|
||||
|
||||
return err;
|
||||
}
|
||||
|
||||
|
||||
void aes_set_iv(struct aes *st, const uint8_t iv[AES_BLOCK_SIZE])
|
||||
{
|
||||
CCCryptorStatus status;
|
||||
|
||||
if (!st)
|
||||
return;
|
||||
|
||||
/* we must reset the state when updating IV */
|
||||
status = CCCryptorCreateWithMode(kCCEncrypt, kCCModeCTR,
|
||||
kCCAlgorithmAES, ccNoPadding,
|
||||
iv, st->key, st->key_bytes,
|
||||
NULL, 0, 0, kCCModeOptionCTR_BE,
|
||||
&st->cryptor);
|
||||
if (status != kCCSuccess) {
|
||||
re_fprintf(stderr, "aes: CCCryptorCreateWithMode error (%d)\n",
|
||||
status);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
int aes_encr(struct aes *st, uint8_t *out, const uint8_t *in, size_t len)
|
||||
{
|
||||
CCCryptorStatus status;
|
||||
size_t moved;
|
||||
|
||||
if (!st || !out || !in || !len)
|
||||
return EINVAL;
|
||||
|
||||
status = CCCryptorUpdate(st->cryptor, in, len, out, len, &moved);
|
||||
if (status != kCCSuccess) {
|
||||
re_fprintf(stderr, "aes: CCCryptorUpdate error (%d)\n",
|
||||
status);
|
||||
return EPROTO;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int aes_decr(struct aes *st, uint8_t *out, const uint8_t *in, size_t len)
|
||||
{
|
||||
return aes_encr(st, out, in, len);
|
||||
}
|
||||
|
|
@ -6,6 +6,8 @@
|
|||
|
||||
ifneq ($(USE_OPENSSL),)
|
||||
SRCS += aes/openssl/aes.c
|
||||
else ifneq ($(USE_APPLE_COMMONCRYPTO),)
|
||||
SRCS += aes/apple/aes.c
|
||||
else
|
||||
SRCS += aes/stub.c
|
||||
endif
|
||||
|
|
|
|||
69
src/hmac/apple/hmac.c
Normal file
69
src/hmac/apple/hmac.c
Normal file
|
|
@ -0,0 +1,69 @@
|
|||
/**
|
||||
* @file apple/hmac.c HMAC using Apple API
|
||||
*
|
||||
* Copyright (C) 2010 - 2015 Creytiv.com
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
#include <CommonCrypto/CommonHMAC.h>
|
||||
#include <re_types.h>
|
||||
#include <re_fmt.h>
|
||||
#include <re_mem.h>
|
||||
#include <re_hmac.h>
|
||||
|
||||
|
||||
struct hmac {
|
||||
CCHmacContext ctx;
|
||||
uint8_t key[20];
|
||||
size_t key_len;
|
||||
};
|
||||
|
||||
|
||||
static void destructor(void *arg)
|
||||
{
|
||||
struct hmac *hmac = arg;
|
||||
|
||||
memset(&hmac->ctx, 0, sizeof(hmac->ctx));
|
||||
}
|
||||
|
||||
|
||||
int hmac_create(struct hmac **hmacp, enum hmac_hash hash,
|
||||
const uint8_t *key, size_t key_len)
|
||||
{
|
||||
struct hmac *hmac;
|
||||
|
||||
if (!hmacp || !key || !key_len)
|
||||
return EINVAL;
|
||||
|
||||
if (hash != HMAC_HASH_SHA1)
|
||||
return ENOTSUP;
|
||||
|
||||
hmac = mem_zalloc(sizeof(*hmac), destructor);
|
||||
if (!hmac)
|
||||
return ENOMEM;
|
||||
|
||||
memcpy(hmac->key, key, key_len);
|
||||
hmac->key_len = key_len;
|
||||
|
||||
CCHmacInit(&hmac->ctx, kCCHmacAlgSHA1, key, key_len);
|
||||
|
||||
*hmacp = hmac;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int hmac_digest(struct hmac *hmac, uint8_t *md, size_t md_len,
|
||||
const uint8_t *data, size_t data_len)
|
||||
{
|
||||
if (!hmac || !md || !md_len || !data || !data_len)
|
||||
return EINVAL;
|
||||
|
||||
/* reset state */
|
||||
CCHmacInit(&hmac->ctx, kCCHmacAlgSHA1, hmac->key, hmac->key_len);
|
||||
|
||||
CCHmacUpdate(&hmac->ctx, data, data_len);
|
||||
CCHmacFinal(&hmac->ctx, md);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -8,6 +8,8 @@ SRCS += hmac/hmac_sha1.c
|
|||
|
||||
ifneq ($(USE_OPENSSL),)
|
||||
SRCS += hmac/openssl/hmac.c
|
||||
else ifneq ($(USE_APPLE_COMMONCRYPTO),)
|
||||
SRCS += hmac/apple/hmac.c
|
||||
else
|
||||
SRCS += hmac/hmac.c
|
||||
endif
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue