A library for setting up Secure Socket Layer (SSL) connections and verifying remote hosts using certificates. Contains only the source files for mbed platform implementation of the library.

Dependents:   HTTPClient-SSL HTTPClient-SSL HTTPClient-SSL HTTPClient-SSL

Revision:
0:b86d15c6ba29
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/cyassl/ctaocrypt/hmac.h	Mon Jan 19 21:45:42 2015 +0000
@@ -0,0 +1,201 @@
+/* hmac.h
+ *
+ * Copyright (C) 2006-2014 wolfSSL Inc.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+
+#ifndef NO_HMAC
+
+#ifndef CTAO_CRYPT_HMAC_H
+#define CTAO_CRYPT_HMAC_H
+
+#include <cyassl/ctaocrypt/types.h>
+
+#ifndef NO_MD5
+    #include <cyassl/ctaocrypt/md5.h>
+#endif
+
+#ifndef NO_SHA
+    #include <cyassl/ctaocrypt/sha.h>
+#endif
+
+#ifndef NO_SHA256
+    #include <cyassl/ctaocrypt/sha256.h>
+#endif
+
+#ifdef CYASSL_SHA512
+    #include <cyassl/ctaocrypt/sha512.h>
+#endif
+
+#ifdef HAVE_BLAKE2 
+    #include <cyassl/ctaocrypt/blake2.h>
+#endif
+
+#ifdef HAVE_CAVIUM
+    #include <cyassl/ctaocrypt/logging.h>
+    #include "cavium_common.h"
+#endif
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+#define CYASSL_HMAC_CAVIUM_MAGIC 0xBEEF0005
+
+enum {
+    HMAC_FIPS_MIN_KEY = 14,   /* 112 bit key length minimum */
+
+    IPAD    = 0x36,
+    OPAD    = 0x5C,
+
+/* If any hash is not enabled, add the ID here. */
+#ifdef NO_MD5
+    MD5     = 0,
+#endif
+#ifdef NO_SHA
+    SHA     = 1,
+#endif
+#ifdef NO_SHA256
+    SHA256  = 2,
+#endif
+#ifndef CYASSL_SHA512
+    SHA512  = 4,
+#endif
+#ifndef CYASSL_SHA384
+    SHA384  = 5,
+#endif
+#ifndef HAVE_BLAKE2 
+    BLAKE2B_ID = 7,
+#endif
+
+/* Select the largest available hash for the buffer size. */
+#if defined(CYASSL_SHA512)
+    MAX_DIGEST_SIZE = SHA512_DIGEST_SIZE,
+    HMAC_BLOCK_SIZE = SHA512_BLOCK_SIZE
+#elif defined(HAVE_BLAKE2)
+    MAX_DIGEST_SIZE = BLAKE2B_OUTBYTES,
+    HMAC_BLOCK_SIZE = BLAKE2B_BLOCKBYTES,
+#elif defined(CYASSL_SHA384)
+    MAX_DIGEST_SIZE = SHA384_DIGEST_SIZE,
+    HMAC_BLOCK_SIZE = SHA384_BLOCK_SIZE
+#elif !defined(NO_SHA256)
+    MAX_DIGEST_SIZE = SHA256_DIGEST_SIZE,
+    HMAC_BLOCK_SIZE = SHA256_BLOCK_SIZE
+#elif !defined(NO_SHA)
+    MAX_DIGEST_SIZE = SHA_DIGEST_SIZE,
+    HMAC_BLOCK_SIZE = SHA_BLOCK_SIZE
+#elif !defined(NO_MD5)
+    MAX_DIGEST_SIZE = MD5_DIGEST_SIZE,
+    HMAC_BLOCK_SIZE = MD5_BLOCK_SIZE
+#else
+    #error "You have to have some kind of hash if you want to use HMAC."
+#endif
+};
+
+
+/* hash union */
+typedef union {
+    #ifndef NO_MD5
+        Md5 md5;
+    #endif
+    #ifndef NO_SHA
+        Sha sha;
+    #endif
+    #ifndef NO_SHA256
+        Sha256 sha256;
+    #endif
+    #ifdef CYASSL_SHA384
+        Sha384 sha384;
+    #endif
+    #ifdef CYASSL_SHA512
+        Sha512 sha512;
+    #endif
+    #ifdef HAVE_BLAKE2 
+        Blake2b blake2b;
+    #endif
+} Hash;
+
+/* Hmac digest */
+typedef struct Hmac {
+    Hash    hash;
+    word32  ipad[HMAC_BLOCK_SIZE  / sizeof(word32)];  /* same block size all*/
+    word32  opad[HMAC_BLOCK_SIZE  / sizeof(word32)];
+    word32  innerHash[MAX_DIGEST_SIZE / sizeof(word32)];
+    byte    macType;                                     /* md5 sha or sha256 */
+    byte    innerHashKeyed;                              /* keyed flag */
+#ifdef HAVE_CAVIUM
+    word16   keyLen;          /* hmac key length */
+    word16   dataLen;
+    HashType type;            /* hmac key type */
+    int      devId;           /* nitrox device id */
+    word32   magic;           /* using cavium magic */
+    word64   contextHandle;   /* nitrox context memory handle */
+    byte*    data;            /* buffered input data for one call */
+#endif
+} Hmac;
+
+
+/* does init */
+CYASSL_API int HmacSetKey(Hmac*, int type, const byte* key, word32 keySz);
+CYASSL_API int HmacUpdate(Hmac*, const byte*, word32);
+CYASSL_API int HmacFinal(Hmac*, byte*);
+
+#ifdef HAVE_CAVIUM
+    CYASSL_API int  HmacInitCavium(Hmac*, int);
+    CYASSL_API void HmacFreeCavium(Hmac*);
+#endif
+
+CYASSL_API int CyaSSL_GetHmacMaxSize(void);
+
+
+#ifdef HAVE_HKDF
+
+CYASSL_API int HKDF(int type, const byte* inKey, word32 inKeySz,
+                    const byte* salt, word32 saltSz,
+                    const byte* info, word32 infoSz,
+                    byte* out, word32 outSz);
+
+#endif /* HAVE_HKDF */
+
+
+#ifdef HAVE_FIPS
+    /* fips wrapper calls, user can call direct */
+    CYASSL_API int HmacSetKey_fips(Hmac*, int type, const byte* key,
+                                   word32 keySz);
+    CYASSL_API int HmacUpdate_fips(Hmac*, const byte*, word32);
+    CYASSL_API int HmacFinal_fips(Hmac*, byte*);
+    #ifndef FIPS_NO_WRAPPERS
+        /* if not impl or fips.c impl wrapper force fips calls if fips build */
+        #define HmacSetKey HmacSetKey_fips
+        #define HmacUpdate HmacUpdate_fips
+        #define HmacFinal  HmacFinal_fips
+    #endif /* FIPS_NO_WRAPPERS */
+
+#endif /* HAVE_FIPS */
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* CTAO_CRYPT_HMAC_H */
+
+#endif /* NO_HMAC */
+