Gitiles
Code Review Sign In
gerrit.openfyde.cn / android.googlesource.com / platform / system / keymaster / refs/heads/oreo-dev / . / hmac.cpp
blob: 02f739c140dc5148249080083bfd210bb8724b71 [file] [log] [blame]
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]1/*
2 * Copyright 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include "hmac.h"
18
19#include <assert.h>
Shawn Willden0f906ec2015-06-20 09:16:30 -0600[diff] [blame]20
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]21#include <openssl/evp.h>
22#include <openssl/hmac.h>
Shawn Willden0f906ec2015-06-20 09:16:30 -0600[diff] [blame]23#include <openssl/mem.h>
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]24#include <openssl/sha.h>
25
Shawn Willden0f906ec2015-06-20 09:16:30 -0600[diff] [blame]26#include <keymaster/android_keymaster_utils.h>
Adam Langleyc3326552015-04-28 13:20:52 -0700[diff] [blame]27
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]28namespace keymaster {
29
30size_t HmacSha256::DigestLength() const {
31 return SHA256_DIGEST_LENGTH;
32}
33
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]34bool HmacSha256::Init(const Buffer& key) {
35 return Init(key.peek_read(), key.available_read());
36}
37
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]38bool HmacSha256::Init(const uint8_t* key, size_t key_len) {
39 if (!key)
40 return false;
41
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]42 key_len_ = key_len;
Shawn Willden0f906ec2015-06-20 09:16:30 -0600[diff] [blame]43 key_.reset(dup_buffer(key, key_len));
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]44 if (!key_.get()) {
45 return false;
46 }
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]47 return true;
48}
49
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]50bool HmacSha256::Sign(const Buffer& data, uint8_t* out_digest, size_t digest_len) const {
51 return Sign(data.peek_read(), data.available_read(), out_digest, digest_len);
52}
53
54bool HmacSha256::Sign(const uint8_t* data, size_t data_len, uint8_t* out_digest,
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]55 size_t digest_len) const {
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]56 assert(digest_len);
57
58 uint8_t tmp[SHA256_DIGEST_LENGTH];
59 uint8_t* digest = tmp;
60 if (digest_len >= SHA256_DIGEST_LENGTH)
61 digest = out_digest;
62
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]63 if (nullptr == ::HMAC(EVP_sha256(), key_.get(), key_len_, data, data_len, digest, nullptr)) {
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]64 return false;
65 }
66 if (digest_len < SHA256_DIGEST_LENGTH)
67 memcpy(out_digest, tmp, digest_len);
68
69 return true;
70}
71
72bool HmacSha256::Verify(const Buffer& data, const Buffer& digest) const {
73 return Verify(data.peek_read(), data.available_read(), digest.peek_read(),
74 digest.available_read());
75}
76
77bool HmacSha256::Verify(const uint8_t* data, size_t data_len, const uint8_t* digest,
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]78 size_t digest_len) const {
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]79 if (digest_len != SHA256_DIGEST_LENGTH)
80 return false;
81
82 uint8_t computed_digest[SHA256_DIGEST_LENGTH];
83 if (!Sign(data, data_len, computed_digest, sizeof(computed_digest)))
84 return false;
85
86 return 0 == CRYPTO_memcmp(digest, computed_digest, SHA256_DIGEST_LENGTH);
87}
88
89} // namespace keymaster