Blame - hmac_operation.cpp - android.googlesource.com/platform/system/keymaster

blob: 8e6762406a05d71e7d5d4694e0e128ae84ae69be [file] [log] [blame]

Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame]	1	/*
				2	* Copyright 2014 The Android Open Source Project
				3	*
				4	* Licensed under the Apache License, Version 2.0 (the "License");
				5	* you may not use this file except in compliance with the License.
				6	* You may obtain a copy of the License at
				7	*
				8	* http://www.apache.org/licenses/LICENSE-2.0
				9	*
				10	* Unless required by applicable law or agreed to in writing, software
				11	* distributed under the License is distributed on an "AS IS" BASIS,
				12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				13	* See the License for the specific language governing permissions and
				14	* limitations under the License.
				15	*/
				16
				17	#include "hmac_operation.h"
				18
				19	#include <openssl/evp.h>
				20	#include <openssl/hmac.h>
				21
Shawn Willden	63ac043	2014-12-29 14:07:08 -0700	[diff] [blame]	22	#include "symmetric_key.h"
				23
Adam Langley	a550fba	2015-02-13 14:44:14 -0800	[diff] [blame]	24	#if defined(OPENSSL_IS_BORINGSSL)
				25	typedef size_t openssl_size_t;
				26	#else
				27	typedef int openssl_size_t;
				28	#endif
				29
Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame]	30	namespace keymaster {
				31
Shawn Willden	63ac043	2014-12-29 14:07:08 -0700	[diff] [blame]	32	/**
				33	* Abstract base for HMAC operation factories. This class does all of the work to create
				34	* HMAC operations.
				35	*/
				36	class HmacOperationFactory : public OperationFactory {
				37	public:
				38	virtual KeyType registry_key() const { return KeyType(KM_ALGORITHM_HMAC, purpose()); }
				39
				40	virtual Operation* CreateOperation(const Key& key, const Logger& logger,
				41	keymaster_error_t* error);
				42
				43	virtual const keymaster_digest_t* SupportedDigests(size_t* digest_count) const;
				44
				45	virtual keymaster_purpose_t purpose() const = 0;
				46	};
				47
				48	Operation* HmacOperationFactory::CreateOperation(const Key& key, const Logger& logger,
				49	keymaster_error_t* error) {
				50	*error = KM_ERROR_OK;
				51
				52	uint32_t tag_length;
				53	if (!key.authorizations().GetTagValue(TAG_MAC_LENGTH, &tag_length))
				54	*error = KM_ERROR_UNSUPPORTED_MAC_LENGTH;
				55
				56	keymaster_digest_t digest;
				57	if (!key.authorizations().GetTagValue(TAG_DIGEST, &digest))
				58	*error = KM_ERROR_UNSUPPORTED_DIGEST;
				59
				60	if (*error != KM_ERROR_OK)
				61	return NULL;
				62
				63	const SymmetricKey* symmetric_key = static_cast<const SymmetricKey*>(&key);
				64	if (!symmetric_key) {
				65	*error = KM_ERROR_UNKNOWN_ERROR;
				66	return NULL;
				67	}
				68
				69	Operation* op = new HmacOperation(purpose(), logger, symmetric_key->key_data(),
				70	symmetric_key->key_data_size(), digest, tag_length);
				71	if (!op)
				72	*error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
				73	return op;
				74	}
				75
				76	static keymaster_digest_t supported_digests[] = {KM_DIGEST_SHA1, KM_DIGEST_SHA_2_224,
				77	KM_DIGEST_SHA_2_256, KM_DIGEST_SHA_2_384,
				78	KM_DIGEST_SHA_2_512};
				79	const keymaster_digest_t* HmacOperationFactory::SupportedDigests(size_t* digest_count) const {
				80	*digest_count = array_length(supported_digests);
				81	return supported_digests;
				82	}
				83
				84	/**
				85	* Concrete factory for creating HMAC signing operations.
				86	*/
				87	class HmacSignOperationFactory : public HmacOperationFactory {
				88	keymaster_purpose_t purpose() const { return KM_PURPOSE_SIGN; }
				89	};
				90	static OperationFactoryRegistry::Registration<HmacSignOperationFactory> sign_registration;
				91
				92	/**
				93	* Concrete factory for creating HMAC verification operations.
				94	*/
				95	class HmacVerifyOperationFactory : public HmacOperationFactory {
				96	keymaster_purpose_t purpose() const { return KM_PURPOSE_VERIFY; }
				97	};
				98	static OperationFactoryRegistry::Registration<HmacVerifyOperationFactory> verify_registration;
				99
Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame]	100	HmacOperation::HmacOperation(keymaster_purpose_t purpose, const Logger& logger,
				101	const uint8_t* key_data, size_t key_data_size,
				102	keymaster_digest_t digest, size_t tag_length)
				103	: Operation(purpose, logger), error_(KM_ERROR_OK), tag_length_(tag_length) {
				104	// Initialize CTX first, so dtor won't crash even if we error out later.
				105	HMAC_CTX_init(&ctx_);
				106
				107	const EVP_MD* md;
				108	switch (digest) {
Shawn Willden	62c2286	2014-12-17 08:36:20 -0700	[diff] [blame]	109	case KM_DIGEST_SHA_2_224:
				110	md = EVP_sha224();
				111	break;
Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame]	112	case KM_DIGEST_SHA_2_256:
				113	md = EVP_sha256();
				114	break;
Shawn Willden	62c2286	2014-12-17 08:36:20 -0700	[diff] [blame]	115	case KM_DIGEST_SHA_2_384:
				116	md = EVP_sha384();
				117	break;
				118	case KM_DIGEST_SHA_2_512:
				119	md = EVP_sha512();
				120	break;
Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame]	121	default:
				122	error_ = KM_ERROR_UNSUPPORTED_DIGEST;
				123	return;
				124	}
				125
Adam Langley	a550fba	2015-02-13 14:44:14 -0800	[diff] [blame]	126	if ((openssl_size_t)tag_length_ > EVP_MD_size(md)) {
Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame]	127	error_ = KM_ERROR_UNSUPPORTED_MAC_LENGTH;
				128	return;
				129	}
				130
				131	HMAC_Init_ex(&ctx_, key_data, key_data_size, md, NULL /* engine */);
				132	}
				133
				134	HmacOperation::~HmacOperation() {
				135	HMAC_CTX_cleanup(&ctx_);
				136	}
				137
Shawn Willden	111edb3	2015-02-05 22:44:24 -0700	[diff] [blame]	138	keymaster_error_t HmacOperation::Begin(const AuthorizationSet& /* input_params */,
				139	AuthorizationSet* /* output_params */) {
Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame]	140	return error_;
				141	}
				142
Shawn Willden	6bfbff0	2015-02-06 19:48:24 -0700	[diff] [blame]	143	keymaster_error_t HmacOperation::Update(const AuthorizationSet& /* additional_params */,
				144	const Buffer& input, Buffer* /* output */,
Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame]	145	size_t* input_consumed) {
				146	if (!HMAC_Update(&ctx_, input.peek_read(), input.available_read()))
				147	return KM_ERROR_UNKNOWN_ERROR;
				148	*input_consumed = input.available_read();
				149	return KM_ERROR_OK;
				150	}
				151
				152	keymaster_error_t HmacOperation::Abort() {
				153	return KM_ERROR_OK;
				154	}
				155
Shawn Willden	6bfbff0	2015-02-06 19:48:24 -0700	[diff] [blame]	156	keymaster_error_t HmacOperation::Finish(const AuthorizationSet& /* additional_params */,
				157	const Buffer& signature, Buffer* output) {
Shawn Willden	0d560bf	2014-12-15 17:44:02 -0700	[diff] [blame]	158	uint8_t digest[EVP_MAX_MD_SIZE];
				159	unsigned int digest_len;
				160	if (!HMAC_Final(&ctx_, digest, &digest_len))
				161	return KM_ERROR_UNKNOWN_ERROR;
				162
				163	switch (purpose()) {
				164	case KM_PURPOSE_SIGN:
				165	output->reserve(tag_length_);
				166	output->write(digest, tag_length_);
				167	return KM_ERROR_OK;
				168	case KM_PURPOSE_VERIFY:
				169	if (signature.available_read() != tag_length_)
				170	return KM_ERROR_INVALID_INPUT_LENGTH;
				171	if (memcmp(signature.peek_read(), digest, tag_length_) != 0)
				172	return KM_ERROR_VERIFICATION_FAILED;
				173	return KM_ERROR_OK;
				174	default:
				175	return KM_ERROR_UNSUPPORTED_PURPOSE;
				176	}
				177	}
				178
				179	} // namespace keymaster