Gitiles
Code Review Sign In
gerrit.openfyde.cn / android.googlesource.com / platform / system / keymaster / 82114e7cbf97f65348d32b2685dd52427525146d / . / hmac_operation.cpp
blob: e9d1a89f30c4cf1b9268dfe9c682e513ce5d55fc [file] [log] [blame]
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]1/*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include "hmac_operation.h"
18
19#include <openssl/evp.h>
20#include <openssl/hmac.h>
21
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame]22#include "openssl_err.h"
Shawn Willden63ac0432014-12-29 14:07:08 -0700[diff] [blame]23#include "symmetric_key.h"
24
Adam Langleya550fba2015-02-13 14:44:14 -0800[diff] [blame]25#if defined(OPENSSL_IS_BORINGSSL)
26typedef size_t openssl_size_t;
27#else
28typedef int openssl_size_t;
29#endif
30
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]31namespace keymaster {
32
Shawn Willden63ac0432014-12-29 14:07:08 -0700[diff] [blame]33/**
34 * Abstract base for HMAC operation factories. This class does all of the work to create
35 * HMAC operations.
36 */
37class HmacOperationFactory : public OperationFactory {
38 public:
39 virtual KeyType registry_key() const { return KeyType(KM_ALGORITHM_HMAC, purpose()); }
40
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame]41 virtual Operation* CreateOperation(const Key& key, keymaster_error_t* error);
Shawn Willden63ac0432014-12-29 14:07:08 -0700[diff] [blame]42
43 virtual const keymaster_digest_t* SupportedDigests(size_t* digest_count) const;
44
45 virtual keymaster_purpose_t purpose() const = 0;
46};
47
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame]48Operation* HmacOperationFactory::CreateOperation(const Key& key, keymaster_error_t* error) {
Shawn Willden63ac0432014-12-29 14:07:08 -0700[diff] [blame]49 *error = KM_ERROR_OK;
50
51 uint32_t tag_length;
52 if (!key.authorizations().GetTagValue(TAG_MAC_LENGTH, &tag_length))
53 *error = KM_ERROR_UNSUPPORTED_MAC_LENGTH;
54
55 keymaster_digest_t digest;
56 if (!key.authorizations().GetTagValue(TAG_DIGEST, &digest))
57 *error = KM_ERROR_UNSUPPORTED_DIGEST;
58
59 if (*error != KM_ERROR_OK)
60 return NULL;
61
62 const SymmetricKey* symmetric_key = static_cast<const SymmetricKey*>(&key);
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame]63 Operation* op = new HmacOperation(purpose(), symmetric_key->key_data(),
Shawn Willden63ac0432014-12-29 14:07:08 -0700[diff] [blame]64 symmetric_key->key_data_size(), digest, tag_length);
65 if (!op)
66 *error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
67 return op;
68}
69
70static keymaster_digest_t supported_digests[] = {KM_DIGEST_SHA1, KM_DIGEST_SHA_2_224,
71 KM_DIGEST_SHA_2_256, KM_DIGEST_SHA_2_384,
72 KM_DIGEST_SHA_2_512};
73const keymaster_digest_t* HmacOperationFactory::SupportedDigests(size_t* digest_count) const {
74 *digest_count = array_length(supported_digests);
75 return supported_digests;
76}
77
78/**
79 * Concrete factory for creating HMAC signing operations.
80 */
81class HmacSignOperationFactory : public HmacOperationFactory {
82 keymaster_purpose_t purpose() const { return KM_PURPOSE_SIGN; }
83};
84static OperationFactoryRegistry::Registration<HmacSignOperationFactory> sign_registration;
85
86/**
87 * Concrete factory for creating HMAC verification operations.
88 */
89class HmacVerifyOperationFactory : public HmacOperationFactory {
90 keymaster_purpose_t purpose() const { return KM_PURPOSE_VERIFY; }
91};
92static OperationFactoryRegistry::Registration<HmacVerifyOperationFactory> verify_registration;
93
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame]94HmacOperation::HmacOperation(keymaster_purpose_t purpose, const uint8_t* key_data,
95 size_t key_data_size, keymaster_digest_t digest, size_t tag_length)
96 : Operation(purpose), error_(KM_ERROR_OK), tag_length_(tag_length) {
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]97 // Initialize CTX first, so dtor won't crash even if we error out later.
98 HMAC_CTX_init(&ctx_);
99
100 const EVP_MD* md;
101 switch (digest) {
Shawn Willden51d5e0e2014-12-18 10:44:03 -0700[diff] [blame]102 case KM_DIGEST_SHA1:
103 md = EVP_sha1();
104 break;
Shawn Willden62c22862014-12-17 08:36:20 -0700[diff] [blame]105 case KM_DIGEST_SHA_2_224:
106 md = EVP_sha224();
107 break;
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]108 case KM_DIGEST_SHA_2_256:
109 md = EVP_sha256();
110 break;
Shawn Willden62c22862014-12-17 08:36:20 -0700[diff] [blame]111 case KM_DIGEST_SHA_2_384:
112 md = EVP_sha384();
113 break;
114 case KM_DIGEST_SHA_2_512:
115 md = EVP_sha512();
116 break;
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]117 default:
118 error_ = KM_ERROR_UNSUPPORTED_DIGEST;
119 return;
120 }
121
Adam Langleya550fba2015-02-13 14:44:14 -0800[diff] [blame]122 if ((openssl_size_t)tag_length_ > EVP_MD_size(md)) {
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]123 error_ = KM_ERROR_UNSUPPORTED_MAC_LENGTH;
124 return;
125 }
126
127 HMAC_Init_ex(&ctx_, key_data, key_data_size, md, NULL /* engine */);
128}
129
130HmacOperation::~HmacOperation() {
131 HMAC_CTX_cleanup(&ctx_);
132}
133
Shawn Willden111edb32015-02-05 22:44:24 -0700[diff] [blame]134keymaster_error_t HmacOperation::Begin(const AuthorizationSet& /* input_params */,
135 AuthorizationSet* /* output_params */) {
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]136 return error_;
137}
138
Shawn Willden6bfbff02015-02-06 19:48:24 -0700[diff] [blame]139keymaster_error_t HmacOperation::Update(const AuthorizationSet& /* additional_params */,
140 const Buffer& input, Buffer* /* output */,
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]141 size_t* input_consumed) {
142 if (!HMAC_Update(&ctx_, input.peek_read(), input.available_read()))
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame]143 return TranslateLastOpenSslError();
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]144 *input_consumed = input.available_read();
145 return KM_ERROR_OK;
146}
147
148keymaster_error_t HmacOperation::Abort() {
149 return KM_ERROR_OK;
150}
151
Shawn Willden6bfbff02015-02-06 19:48:24 -0700[diff] [blame]152keymaster_error_t HmacOperation::Finish(const AuthorizationSet& /* additional_params */,
153 const Buffer& signature, Buffer* output) {
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]154 uint8_t digest[EVP_MAX_MD_SIZE];
155 unsigned int digest_len;
156 if (!HMAC_Final(&ctx_, digest, &digest_len))
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame]157 return TranslateLastOpenSslError();
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]158
159 switch (purpose()) {
160 case KM_PURPOSE_SIGN:
161 output->reserve(tag_length_);
162 output->write(digest, tag_length_);
163 return KM_ERROR_OK;
164 case KM_PURPOSE_VERIFY:
165 if (signature.available_read() != tag_length_)
166 return KM_ERROR_INVALID_INPUT_LENGTH;
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]167 if (CRYPTO_memcmp(signature.peek_read(), digest, tag_length_) != 0)
Shawn Willden0d560bf2014-12-15 17:44:02 -0700[diff] [blame]168 return KM_ERROR_VERIFICATION_FAILED;
169 return KM_ERROR_OK;
170 default:
171 return KM_ERROR_UNSUPPORTED_PURPOSE;
172 }
173}
174
175} // namespace keymaster