Gitiles
Code Review Sign In
review.blissroms.org / platform_system_keymaster / refs/heads/17 / . / km_openssl / hmac.cpp
blob: cb788d0fecc31cf1a8073d36801d5a10aa455361 [file] [log] [blame]
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]1/*
2 * Copyright 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]17#include <keymaster/km_openssl/hmac.h>
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]18
19#include <assert.h>
Shawn Willden0f906ec2015-06-20 09:16:30 -0600[diff] [blame]20
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]21#include <openssl/evp.h>
22#include <openssl/hmac.h>
Shawn Willden0f906ec2015-06-20 09:16:30 -0600[diff] [blame]23#include <openssl/mem.h>
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]24#include <openssl/sha.h>
25
Shawn Willden0f906ec2015-06-20 09:16:30 -0600[diff] [blame]26#include <keymaster/android_keymaster_utils.h>
Adam Langleyc3326552015-04-28 13:20:52 -0700[diff] [blame]27
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]28namespace keymaster {
29
30size_t HmacSha256::DigestLength() const {
31 return SHA256_DIGEST_LENGTH;
32}
33
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]34bool HmacSha256::Init(const Buffer& key) {
35 return Init(key.peek_read(), key.available_read());
36}
37
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]38bool HmacSha256::Init(const uint8_t* key, size_t key_len) {
Shawn Willden32873522020-12-14 22:29:46 -0700[diff] [blame]39 if (!key) return false;
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]40
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]41 key_len_ = key_len;
Shawn Willden0f906ec2015-06-20 09:16:30 -0600[diff] [blame]42 key_.reset(dup_buffer(key, key_len));
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]43 if (!key_.get()) {
44 return false;
45 }
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]46 return true;
47}
48
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]49bool HmacSha256::Sign(const Buffer& data, uint8_t* out_digest, size_t digest_len) const {
50 return Sign(data.peek_read(), data.available_read(), out_digest, digest_len);
51}
52
53bool HmacSha256::Sign(const uint8_t* data, size_t data_len, uint8_t* out_digest,
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]54 size_t digest_len) const {
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]55 assert(digest_len);
56
57 uint8_t tmp[SHA256_DIGEST_LENGTH];
58 uint8_t* digest = tmp;
Shawn Willden32873522020-12-14 22:29:46 -0700[diff] [blame]59 if (digest_len >= SHA256_DIGEST_LENGTH) digest = out_digest;
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]60
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]61 if (nullptr == ::HMAC(EVP_sha256(), key_.get(), key_len_, data, data_len, digest, nullptr)) {
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]62 return false;
63 }
Shawn Willden32873522020-12-14 22:29:46 -0700[diff] [blame]64 if (digest_len < SHA256_DIGEST_LENGTH) memcpy(out_digest, tmp, digest_len);
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]65
66 return true;
67}
68
69bool HmacSha256::Verify(const Buffer& data, const Buffer& digest) const {
70 return Verify(data.peek_read(), data.available_read(), digest.peek_read(),
71 digest.available_read());
72}
73
74bool HmacSha256::Verify(const uint8_t* data, size_t data_len, const uint8_t* digest,
Thai Duong60eebdc2015-03-25 17:20:24 -0700[diff] [blame]75 size_t digest_len) const {
Shawn Willden32873522020-12-14 22:29:46 -0700[diff] [blame]76 if (digest_len != SHA256_DIGEST_LENGTH) return false;
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]77
78 uint8_t computed_digest[SHA256_DIGEST_LENGTH];
Shawn Willden32873522020-12-14 22:29:46 -0700[diff] [blame]79 if (!Sign(data, data_len, computed_digest, sizeof(computed_digest))) return false;
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]80
81 return 0 == CRYPTO_memcmp(digest, computed_digest, SHA256_DIGEST_LENGTH);
82}
83
84} // namespace keymaster