Gitiles
Code Review Sign In
gerrit.openfyde.cn / android.googlesource.com / platform / system / keymaster / c3326552d973ce34f0f3138333a05a4a1865a699 / . / hmac.cpp
blob: 59c873cf55f85587c82b6e452ffadf1856bd04ee [file] [log] [blame]
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]1/*
2 * Copyright 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include "hmac.h"
18
19#include <assert.h>
20#include <openssl/evp.h>
21#include <openssl/hmac.h>
22#include <openssl/sha.h>
23
Adam Langleyc3326552015-04-28 13:20:52 -0700[diff] [blame^]24#if defined(OPENSSL_IS_BORINGSSL)
25#include <openssl/mem.h>
26#endif
27
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]28namespace keymaster {
29
30size_t HmacSha256::DigestLength() const {
31 return SHA256_DIGEST_LENGTH;
32}
33
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]34bool HmacSha256::Init(const Buffer& key) {
35 return Init(key.peek_read(), key.available_read());
36}
37
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]38bool HmacSha256::Init(const uint8_t* key, size_t key_len) {
39 if (!key)
40 return false;
41
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]42 key_len_ = key_len;
43 key_.reset(new uint8_t[key_len]);
44 if (!key_.get()) {
45 return false;
46 }
47 memcpy(key_.get(), key, key_len);
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]48 return true;
49}
50
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]51bool HmacSha256::Sign(const Buffer& data, uint8_t* out_digest, size_t digest_len) const {
52 return Sign(data.peek_read(), data.available_read(), out_digest, digest_len);
53}
54
55bool HmacSha256::Sign(const uint8_t* data, size_t data_len, uint8_t* out_digest,
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]56 size_t digest_len) const {
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]57 assert(digest_len);
58
59 uint8_t tmp[SHA256_DIGEST_LENGTH];
60 uint8_t* digest = tmp;
61 if (digest_len >= SHA256_DIGEST_LENGTH)
62 digest = out_digest;
63
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]64 if (nullptr == ::HMAC(EVP_sha256(), key_.get(), key_len_, data, data_len, digest, nullptr)) {
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]65 return false;
66 }
67 if (digest_len < SHA256_DIGEST_LENGTH)
68 memcpy(out_digest, tmp, digest_len);
69
70 return true;
71}
72
73bool HmacSha256::Verify(const Buffer& data, const Buffer& digest) const {
74 return Verify(data.peek_read(), data.available_read(), digest.peek_read(),
75 digest.available_read());
76}
77
78bool HmacSha256::Verify(const uint8_t* data, size_t data_len, const uint8_t* digest,
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]79 size_t digest_len) const {
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]80 if (digest_len != SHA256_DIGEST_LENGTH)
81 return false;
82
83 uint8_t computed_digest[SHA256_DIGEST_LENGTH];
84 if (!Sign(data, data_len, computed_digest, sizeof(computed_digest)))
85 return false;
86
87 return 0 == CRYPTO_memcmp(digest, computed_digest, SHA256_DIGEST_LENGTH);
88}
89
90} // namespace keymaster