hmac_operation.cpp revision 51d5e0e6be1d77b06715028abbc42211411cf671
1/* 2 * Copyright 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#include "hmac_operation.h" 18 19#include <openssl/evp.h> 20#include <openssl/hmac.h> 21 22#include "openssl_err.h" 23#include "symmetric_key.h" 24 25#if defined(OPENSSL_IS_BORINGSSL) 26typedef size_t openssl_size_t; 27#else 28typedef int openssl_size_t; 29#endif 30 31namespace keymaster { 32 33/** 34 * Abstract base for HMAC operation factories. This class does all of the work to create 35 * HMAC operations. 36 */ 37class HmacOperationFactory : public OperationFactory { 38 public: 39 virtual KeyType registry_key() const { return KeyType(KM_ALGORITHM_HMAC, purpose()); } 40 41 virtual Operation* CreateOperation(const Key& key, keymaster_error_t* error); 42 43 virtual const keymaster_digest_t* SupportedDigests(size_t* digest_count) const; 44 45 virtual keymaster_purpose_t purpose() const = 0; 46}; 47 48Operation* HmacOperationFactory::CreateOperation(const Key& key, keymaster_error_t* error) { 49 *error = KM_ERROR_OK; 50 51 uint32_t tag_length; 52 if (!key.authorizations().GetTagValue(TAG_MAC_LENGTH, &tag_length)) 53 *error = KM_ERROR_UNSUPPORTED_MAC_LENGTH; 54 55 keymaster_digest_t digest; 56 if (!key.authorizations().GetTagValue(TAG_DIGEST, &digest)) 57 *error = KM_ERROR_UNSUPPORTED_DIGEST; 58 59 if (*error != KM_ERROR_OK) 60 return NULL; 61 62 const SymmetricKey* symmetric_key = static_cast<const SymmetricKey*>(&key); 63 if (!symmetric_key) { 64 *error = KM_ERROR_UNKNOWN_ERROR; 65 return NULL; 66 } 67 68 Operation* op = new HmacOperation(purpose(), symmetric_key->key_data(), 69 symmetric_key->key_data_size(), digest, tag_length); 70 if (!op) 71 *error = KM_ERROR_MEMORY_ALLOCATION_FAILED; 72 return op; 73} 74 75static keymaster_digest_t supported_digests[] = {KM_DIGEST_SHA1, KM_DIGEST_SHA_2_224, 76 KM_DIGEST_SHA_2_256, KM_DIGEST_SHA_2_384, 77 KM_DIGEST_SHA_2_512}; 78const keymaster_digest_t* HmacOperationFactory::SupportedDigests(size_t* digest_count) const { 79 *digest_count = array_length(supported_digests); 80 return supported_digests; 81} 82 83/** 84 * Concrete factory for creating HMAC signing operations. 85 */ 86class HmacSignOperationFactory : public HmacOperationFactory { 87 keymaster_purpose_t purpose() const { return KM_PURPOSE_SIGN; } 88}; 89static OperationFactoryRegistry::Registration<HmacSignOperationFactory> sign_registration; 90 91/** 92 * Concrete factory for creating HMAC verification operations. 93 */ 94class HmacVerifyOperationFactory : public HmacOperationFactory { 95 keymaster_purpose_t purpose() const { return KM_PURPOSE_VERIFY; } 96}; 97static OperationFactoryRegistry::Registration<HmacVerifyOperationFactory> verify_registration; 98 99HmacOperation::HmacOperation(keymaster_purpose_t purpose, const uint8_t* key_data, 100 size_t key_data_size, keymaster_digest_t digest, size_t tag_length) 101 : Operation(purpose), error_(KM_ERROR_OK), tag_length_(tag_length) { 102 // Initialize CTX first, so dtor won't crash even if we error out later. 103 HMAC_CTX_init(&ctx_); 104 105 const EVP_MD* md; 106 switch (digest) { 107 case KM_DIGEST_SHA1: 108 md = EVP_sha1(); 109 break; 110 case KM_DIGEST_SHA_2_224: 111 md = EVP_sha224(); 112 break; 113 case KM_DIGEST_SHA_2_256: 114 md = EVP_sha256(); 115 break; 116 case KM_DIGEST_SHA_2_384: 117 md = EVP_sha384(); 118 break; 119 case KM_DIGEST_SHA_2_512: 120 md = EVP_sha512(); 121 break; 122 default: 123 error_ = KM_ERROR_UNSUPPORTED_DIGEST; 124 return; 125 } 126 127 if ((openssl_size_t)tag_length_ > EVP_MD_size(md)) { 128 error_ = KM_ERROR_UNSUPPORTED_MAC_LENGTH; 129 return; 130 } 131 132 HMAC_Init_ex(&ctx_, key_data, key_data_size, md, NULL /* engine */); 133} 134 135HmacOperation::~HmacOperation() { 136 HMAC_CTX_cleanup(&ctx_); 137} 138 139keymaster_error_t HmacOperation::Begin(const AuthorizationSet& /* input_params */, 140 AuthorizationSet* /* output_params */) { 141 return error_; 142} 143 144keymaster_error_t HmacOperation::Update(const AuthorizationSet& /* additional_params */, 145 const Buffer& input, Buffer* /* output */, 146 size_t* input_consumed) { 147 if (!HMAC_Update(&ctx_, input.peek_read(), input.available_read())) 148 return TranslateLastOpenSslError(); 149 *input_consumed = input.available_read(); 150 return KM_ERROR_OK; 151} 152 153keymaster_error_t HmacOperation::Abort() { 154 return KM_ERROR_OK; 155} 156 157keymaster_error_t HmacOperation::Finish(const AuthorizationSet& /* additional_params */, 158 const Buffer& signature, Buffer* output) { 159 uint8_t digest[EVP_MAX_MD_SIZE]; 160 unsigned int digest_len; 161 if (!HMAC_Final(&ctx_, digest, &digest_len)) 162 return TranslateLastOpenSslError(); 163 164 switch (purpose()) { 165 case KM_PURPOSE_SIGN: 166 output->reserve(tag_length_); 167 output->write(digest, tag_length_); 168 return KM_ERROR_OK; 169 case KM_PURPOSE_VERIFY: 170 if (signature.available_read() != tag_length_) 171 return KM_ERROR_INVALID_INPUT_LENGTH; 172 if (memcmp(signature.peek_read(), digest, tag_length_) != 0) 173 return KM_ERROR_VERIFICATION_FAILED; 174 return KM_ERROR_OK; 175 default: 176 return KM_ERROR_UNSUPPORTED_PURPOSE; 177 } 178} 179 180} // namespace keymaster 181