Gitiles
Code Review Sign In
gerrit.openfyde.cn / android.googlesource.com / platform / system / keymaster / 567a4a04f43d35b785d50508e6459b01f2ab4d14 / . / hmac_operation.cpp
blob: fa243d536bd120b4b4a9e11eaea2cac8442bf498 [file] [log] [blame]
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]1/*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include "hmac_operation.h"
18
19#include <openssl/evp.h>
20#include <openssl/hmac.h>
21
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame^]22#include "openssl_err.h"
Shawn Willden63ac0432014-12-29 14:07:08 -0700[diff] [blame]23#include "symmetric_key.h"
24
Adam Langleya550fba2015-02-13 14:44:14 -0800[diff] [blame]25#if defined(OPENSSL_IS_BORINGSSL)
26typedef size_t openssl_size_t;
27#else
28typedef int openssl_size_t;
29#endif
30
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]31namespace keymaster {
32
Shawn Willden63ac0432014-12-29 14:07:08 -0700[diff] [blame]33/**
34 * Abstract base for HMAC operation factories. This class does all of the work to create
35 * HMAC operations.
36 */
37class HmacOperationFactory : public OperationFactory {
38 public:
39 virtual KeyType registry_key() const { return KeyType(KM_ALGORITHM_HMAC, purpose()); }
40
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame^]41 virtual Operation* CreateOperation(const Key& key, keymaster_error_t* error);
Shawn Willden63ac0432014-12-29 14:07:08 -0700[diff] [blame]42
43 virtual const keymaster_digest_t* SupportedDigests(size_t* digest_count) const;
44
45 virtual keymaster_purpose_t purpose() const = 0;
46};
47
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame^]48Operation* HmacOperationFactory::CreateOperation(const Key& key, keymaster_error_t* error) {
Shawn Willden63ac0432014-12-29 14:07:08 -0700[diff] [blame]49 *error = KM_ERROR_OK;
50
51 uint32_t tag_length;
52 if (!key.authorizations().GetTagValue(TAG_MAC_LENGTH, &tag_length))
53 *error = KM_ERROR_UNSUPPORTED_MAC_LENGTH;
54
55 keymaster_digest_t digest;
56 if (!key.authorizations().GetTagValue(TAG_DIGEST, &digest))
57 *error = KM_ERROR_UNSUPPORTED_DIGEST;
58
59 if (*error != KM_ERROR_OK)
60 return NULL;
61
62 const SymmetricKey* symmetric_key = static_cast<const SymmetricKey*>(&key);
63 if (!symmetric_key) {
64 *error = KM_ERROR_UNKNOWN_ERROR;
65 return NULL;
66 }
67
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame^]68 Operation* op = new HmacOperation(purpose(), symmetric_key->key_data(),
Shawn Willden63ac0432014-12-29 14:07:08 -0700[diff] [blame]69 symmetric_key->key_data_size(), digest, tag_length);
70 if (!op)
71 *error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
72 return op;
73}
74
75static keymaster_digest_t supported_digests[] = {KM_DIGEST_SHA1, KM_DIGEST_SHA_2_224,
76 KM_DIGEST_SHA_2_256, KM_DIGEST_SHA_2_384,
77 KM_DIGEST_SHA_2_512};
78const keymaster_digest_t* HmacOperationFactory::SupportedDigests(size_t* digest_count) const {
79 *digest_count = array_length(supported_digests);
80 return supported_digests;
81}
82
83/**
84 * Concrete factory for creating HMAC signing operations.
85 */
86class HmacSignOperationFactory : public HmacOperationFactory {
87 keymaster_purpose_t purpose() const { return KM_PURPOSE_SIGN; }
88};
89static OperationFactoryRegistry::Registration<HmacSignOperationFactory> sign_registration;
90
91/**
92 * Concrete factory for creating HMAC verification operations.
93 */
94class HmacVerifyOperationFactory : public HmacOperationFactory {
95 keymaster_purpose_t purpose() const { return KM_PURPOSE_VERIFY; }
96};
97static OperationFactoryRegistry::Registration<HmacVerifyOperationFactory> verify_registration;
98
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame^]99HmacOperation::HmacOperation(keymaster_purpose_t purpose, const uint8_t* key_data,
100 size_t key_data_size, keymaster_digest_t digest, size_t tag_length)
101 : Operation(purpose), error_(KM_ERROR_OK), tag_length_(tag_length) {
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]102 // Initialize CTX first, so dtor won't crash even if we error out later.
103 HMAC_CTX_init(&ctx_);
104
105 const EVP_MD* md;
106 switch (digest) {
Shawn Willden62c22862014-12-17 08:36:20 -0700[diff] [blame]107 case KM_DIGEST_SHA_2_224:
108 md = EVP_sha224();
109 break;
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]110 case KM_DIGEST_SHA_2_256:
111 md = EVP_sha256();
112 break;
Shawn Willden62c22862014-12-17 08:36:20 -0700[diff] [blame]113 case KM_DIGEST_SHA_2_384:
114 md = EVP_sha384();
115 break;
116 case KM_DIGEST_SHA_2_512:
117 md = EVP_sha512();
118 break;
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]119 default:
120 error_ = KM_ERROR_UNSUPPORTED_DIGEST;
121 return;
122 }
123
Adam Langleya550fba2015-02-13 14:44:14 -0800[diff] [blame]124 if ((openssl_size_t)tag_length_ > EVP_MD_size(md)) {
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]125 error_ = KM_ERROR_UNSUPPORTED_MAC_LENGTH;
126 return;
127 }
128
129 HMAC_Init_ex(&ctx_, key_data, key_data_size, md, NULL /* engine */);
130}
131
132HmacOperation::~HmacOperation() {
133 HMAC_CTX_cleanup(&ctx_);
134}
135
Shawn Willden111edb32015-02-05 22:44:24 -0700[diff] [blame]136keymaster_error_t HmacOperation::Begin(const AuthorizationSet& /* input_params */,
137 AuthorizationSet* /* output_params */) {
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]138 return error_;
139}
140
Shawn Willden6bfbff02015-02-06 19:48:24 -0700[diff] [blame]141keymaster_error_t HmacOperation::Update(const AuthorizationSet& /* additional_params */,
142 const Buffer& input, Buffer* /* output */,
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]143 size_t* input_consumed) {
144 if (!HMAC_Update(&ctx_, input.peek_read(), input.available_read()))
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame^]145 return TranslateLastOpenSslError();
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]146 *input_consumed = input.available_read();
147 return KM_ERROR_OK;
148}
149
150keymaster_error_t HmacOperation::Abort() {
151 return KM_ERROR_OK;
152}
153
Shawn Willden6bfbff02015-02-06 19:48:24 -0700[diff] [blame]154keymaster_error_t HmacOperation::Finish(const AuthorizationSet& /* additional_params */,
155 const Buffer& signature, Buffer* output) {
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]156 uint8_t digest[EVP_MAX_MD_SIZE];
157 unsigned int digest_len;
158 if (!HMAC_Final(&ctx_, digest, &digest_len))
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame^]159 return TranslateLastOpenSslError();
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]160
161 switch (purpose()) {
162 case KM_PURPOSE_SIGN:
163 output->reserve(tag_length_);
164 output->write(digest, tag_length_);
165 return KM_ERROR_OK;
166 case KM_PURPOSE_VERIFY:
167 if (signature.available_read() != tag_length_)
168 return KM_ERROR_INVALID_INPUT_LENGTH;
169 if (memcmp(signature.peek_read(), digest, tag_length_) != 0)
170 return KM_ERROR_VERIFICATION_FAILED;
171 return KM_ERROR_OK;
172 default:
173 return KM_ERROR_UNSUPPORTED_PURPOSE;
174 }
175}
176
177} // namespace keymaster