1/* 2 * Copyright (c) 2007-2010 Apple Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24/*! 25 @header corecrypto/ccdrbg.h 26 @abstract The functions provided in ccdrbg.h implement high-level accessors 27 to cryptographically secure random numbers. 28 29 */ 30 31#ifndef _CORECRYPTO_CCDRBG_H_ 32#define _CORECRYPTO_CCDRBG_H_ 33 34#include <corecrypto/cc.h> 35#include <corecrypto/ccdrbg_impl.h> 36 37/* TODO: Error codes ? */ 38#define CCDRBG_STATUS_OK 0 39#define CCDRBG_STATUS_ERROR (-1) 40#define CCDRBG_STATUS_NEED_RESEED (-2) 41#define CCDRBG_STATUS_PARAM_ERROR (-3) 42 43CC_INLINE size_t ccdrbg_context_size(const struct ccdrbg_info *drbg) 44{ 45 return drbg->size; 46} 47 48CC_INLINE int ccdrbg_init(const struct ccdrbg_info *info, 49 struct ccdrbg_state *drbg, 50 unsigned long entropyLength, const void* entropy, 51 unsigned long nonceLength, const void* nonce, 52 unsigned long psLength, const void* ps) 53{ 54 return info->init(info, drbg, entropyLength, entropy, nonceLength, nonce, psLength, ps); 55} 56 57CC_INLINE int ccdrbg_reseed(const struct ccdrbg_info *info, 58 struct ccdrbg_state *prng, 59 unsigned long entropylen, const void *entropy, 60 unsigned long inlen, const void *in) 61{ 62 return info->reseed(prng, entropylen, entropy, inlen, in); 63} 64 65 66CC_INLINE int ccdrbg_generate(const struct ccdrbg_info *info, 67 struct ccdrbg_state *prng, 68 unsigned long outlen, void *out, 69 unsigned long inlen, const void *in) 70{ 71 return info->generate(prng, outlen, out, inlen, in); 72} 73 74CC_INLINE void ccdrbg_done(const struct ccdrbg_info *info, 75 struct ccdrbg_state *prng) 76{ 77 info->done(prng); 78} 79 80 81extern struct ccdrbg_info ccdrbg_dummy_info; 82extern struct ccdrbg_info ccdrbg_fipssha1_info; 83 84struct ccdrbg_nistctr_custom { 85 const struct ccmode_ecb *ecb; 86 unsigned long keylen; 87 int strictFIPS; 88 int use_df; 89}; 90 91void ccdrbg_factory_nistctr(struct ccdrbg_info *info, const struct ccdrbg_nistctr_custom *custom); 92 93extern struct ccdrbg_info ccdrbg_nistdigest_info; 94 95struct ccdrbg_nisthmac_custom { 96 const struct ccdigest_info *di; 97 int strictFIPS; 98}; 99 100// "class" method on nisthmac dbrg's to ask about their security_strength for a given di 101int ccdbrg_nisthmac_security_strength(const struct ccdrbg_nisthmac_custom *custom); 102 103void ccdrbg_factory_nisthmac(struct ccdrbg_info *info, const struct ccdrbg_nisthmac_custom *custom); 104 105#endif /* _CORECRYPTO_CCDRBG_H_ */ 106