atap/ops/openssl_ops.h

7628033348e20c0d958f6317c075a68f099ca954Darren Krahn/*
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * Copyright (C) 2016 The Android Open Source Project
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn *
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * Permission is hereby granted, free of charge, to any person
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * obtaining a copy of this software and associated documentation
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * files (the "Software"), to deal in the Software without
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * restriction, including without limitation the rights to use, copy,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * modify, merge, publish, distribute, sublicense, and/or sell copies
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * of the Software, and to permit persons to whom the Software is
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * furnished to do so, subject to the following conditions:
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn *
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * The above copyright notice and this permission notice shall be
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * included in all copies or substantial portions of the Software.
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn *
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn * SOFTWARE.
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn */
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn#ifndef OPENSSL_OPS_H_
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn#define OPENSSL_OPS_H_
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn#include "atap_ops_delegate.h"
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn
7628033348e20c0d958f6317c075a68f099ca954Darren Krahnnamespace atap {
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn// A partial delegate implementation which implements all crypto ops with
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn// openssl. All instances of this class must be created on the same thread.
7628033348e20c0d958f6317c075a68f099ca954Darren Krahnclass OpensslOps : public AtapOpsDelegate {
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn public:
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn  OpensslOps();
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn  ~OpensslOps() override;
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn  // Overridden AtapOpsDelegate methods.
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn  AtapResult get_random_bytes(uint8_t* buf, uint32_t buf_size) override;
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn  AtapResult ecdh_shared_secret_compute(
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn      AtapCurveType curve,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn      const uint8_t other_public_key[ATAP_ECDH_KEY_LEN],
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn      uint8_t public_key[ATAP_ECDH_KEY_LEN],
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn      uint8_t shared_secret[ATAP_ECDH_KEY_LEN]) override;
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn  AtapResult aes_gcm_128_encrypt(const uint8_t* plaintext,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                                 uint32_t len,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                                 const uint8_t iv[ATAP_GCM_IV_LEN],
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                                 const uint8_t key[ATAP_AES_128_KEY_LEN],
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                                 uint8_t* ciphertext,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                                 uint8_t tag[ATAP_GCM_TAG_LEN]) override;
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn  AtapResult aes_gcm_128_decrypt(const uint8_t* ciphertext,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                                 uint32_t len,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                                 const uint8_t iv[ATAP_GCM_IV_LEN],
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                                 const uint8_t key[ATAP_AES_128_KEY_LEN],
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                                 const uint8_t tag[ATAP_GCM_TAG_LEN],
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                                 uint8_t* plaintext) override;
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn  AtapResult sha256(const uint8_t* plaintext,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                    uint32_t plaintext_len,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                    uint8_t hash[ATAP_SHA256_DIGEST_LEN]) override;
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn  AtapResult hkdf_sha256(const uint8_t* salt,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                         uint32_t salt_len,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                         const uint8_t* ikm,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                         uint32_t ikm_len,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                         const uint8_t* info,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                         uint32_t info_len,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                         uint8_t* okm,
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn                         int32_t okm_len) override;
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn  // Can be used during testing to get predictable 'ephemeral' ECDH keys. This
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn  // must never be called except during testing. For X25519, the expected format
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn  // is a 32-byte private key. For P256, the expected format is X9.62 DER.
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn  void SetEcdhKeyForTesting(const void* key_data, size_t size_in_bytes);
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn private:
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn  uint8_t test_key_[512];
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn  size_t test_key_size_{0};
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn};
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn}  // namespace atap
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn
7628033348e20c0d958f6317c075a68f099ca954Darren Krahn#endif /* OPENSSL_OPS_H_ */