17628033348e20c0d958f6317c075a68f099ca954Darren Krahn/* 27628033348e20c0d958f6317c075a68f099ca954Darren Krahn * Copyright (C) 2016 The Android Open Source Project 37628033348e20c0d958f6317c075a68f099ca954Darren Krahn * 47628033348e20c0d958f6317c075a68f099ca954Darren Krahn * Permission is hereby granted, free of charge, to any person 57628033348e20c0d958f6317c075a68f099ca954Darren Krahn * obtaining a copy of this software and associated documentation 67628033348e20c0d958f6317c075a68f099ca954Darren Krahn * files (the "Software"), to deal in the Software without 77628033348e20c0d958f6317c075a68f099ca954Darren Krahn * restriction, including without limitation the rights to use, copy, 87628033348e20c0d958f6317c075a68f099ca954Darren Krahn * modify, merge, publish, distribute, sublicense, and/or sell copies 97628033348e20c0d958f6317c075a68f099ca954Darren Krahn * of the Software, and to permit persons to whom the Software is 107628033348e20c0d958f6317c075a68f099ca954Darren Krahn * furnished to do so, subject to the following conditions: 117628033348e20c0d958f6317c075a68f099ca954Darren Krahn * 127628033348e20c0d958f6317c075a68f099ca954Darren Krahn * The above copyright notice and this permission notice shall be 137628033348e20c0d958f6317c075a68f099ca954Darren Krahn * included in all copies or substantial portions of the Software. 147628033348e20c0d958f6317c075a68f099ca954Darren Krahn * 157628033348e20c0d958f6317c075a68f099ca954Darren Krahn * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 167628033348e20c0d958f6317c075a68f099ca954Darren Krahn * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 177628033348e20c0d958f6317c075a68f099ca954Darren Krahn * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 187628033348e20c0d958f6317c075a68f099ca954Darren Krahn * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 197628033348e20c0d958f6317c075a68f099ca954Darren Krahn * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 207628033348e20c0d958f6317c075a68f099ca954Darren Krahn * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 217628033348e20c0d958f6317c075a68f099ca954Darren Krahn * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 227628033348e20c0d958f6317c075a68f099ca954Darren Krahn * SOFTWARE. 237628033348e20c0d958f6317c075a68f099ca954Darren Krahn */ 247628033348e20c0d958f6317c075a68f099ca954Darren Krahn 257628033348e20c0d958f6317c075a68f099ca954Darren Krahn#ifndef OPENSSL_OPS_H_ 267628033348e20c0d958f6317c075a68f099ca954Darren Krahn#define OPENSSL_OPS_H_ 277628033348e20c0d958f6317c075a68f099ca954Darren Krahn 287628033348e20c0d958f6317c075a68f099ca954Darren Krahn#include "atap_ops_delegate.h" 297628033348e20c0d958f6317c075a68f099ca954Darren Krahn 307628033348e20c0d958f6317c075a68f099ca954Darren Krahnnamespace atap { 317628033348e20c0d958f6317c075a68f099ca954Darren Krahn 327628033348e20c0d958f6317c075a68f099ca954Darren Krahn// A partial delegate implementation which implements all crypto ops with 337628033348e20c0d958f6317c075a68f099ca954Darren Krahn// openssl. All instances of this class must be created on the same thread. 347628033348e20c0d958f6317c075a68f099ca954Darren Krahnclass OpensslOps : public AtapOpsDelegate { 357628033348e20c0d958f6317c075a68f099ca954Darren Krahn public: 367628033348e20c0d958f6317c075a68f099ca954Darren Krahn OpensslOps(); 377628033348e20c0d958f6317c075a68f099ca954Darren Krahn ~OpensslOps() override; 387628033348e20c0d958f6317c075a68f099ca954Darren Krahn 397628033348e20c0d958f6317c075a68f099ca954Darren Krahn // Overridden AtapOpsDelegate methods. 407628033348e20c0d958f6317c075a68f099ca954Darren Krahn AtapResult get_random_bytes(uint8_t* buf, uint32_t buf_size) override; 417628033348e20c0d958f6317c075a68f099ca954Darren Krahn 427628033348e20c0d958f6317c075a68f099ca954Darren Krahn AtapResult ecdh_shared_secret_compute( 437628033348e20c0d958f6317c075a68f099ca954Darren Krahn AtapCurveType curve, 447628033348e20c0d958f6317c075a68f099ca954Darren Krahn const uint8_t other_public_key[ATAP_ECDH_KEY_LEN], 457628033348e20c0d958f6317c075a68f099ca954Darren Krahn uint8_t public_key[ATAP_ECDH_KEY_LEN], 467628033348e20c0d958f6317c075a68f099ca954Darren Krahn uint8_t shared_secret[ATAP_ECDH_KEY_LEN]) override; 477628033348e20c0d958f6317c075a68f099ca954Darren Krahn 487628033348e20c0d958f6317c075a68f099ca954Darren Krahn AtapResult aes_gcm_128_encrypt(const uint8_t* plaintext, 497628033348e20c0d958f6317c075a68f099ca954Darren Krahn uint32_t len, 507628033348e20c0d958f6317c075a68f099ca954Darren Krahn const uint8_t iv[ATAP_GCM_IV_LEN], 517628033348e20c0d958f6317c075a68f099ca954Darren Krahn const uint8_t key[ATAP_AES_128_KEY_LEN], 527628033348e20c0d958f6317c075a68f099ca954Darren Krahn uint8_t* ciphertext, 537628033348e20c0d958f6317c075a68f099ca954Darren Krahn uint8_t tag[ATAP_GCM_TAG_LEN]) override; 547628033348e20c0d958f6317c075a68f099ca954Darren Krahn 557628033348e20c0d958f6317c075a68f099ca954Darren Krahn AtapResult aes_gcm_128_decrypt(const uint8_t* ciphertext, 567628033348e20c0d958f6317c075a68f099ca954Darren Krahn uint32_t len, 577628033348e20c0d958f6317c075a68f099ca954Darren Krahn const uint8_t iv[ATAP_GCM_IV_LEN], 587628033348e20c0d958f6317c075a68f099ca954Darren Krahn const uint8_t key[ATAP_AES_128_KEY_LEN], 597628033348e20c0d958f6317c075a68f099ca954Darren Krahn const uint8_t tag[ATAP_GCM_TAG_LEN], 607628033348e20c0d958f6317c075a68f099ca954Darren Krahn uint8_t* plaintext) override; 617628033348e20c0d958f6317c075a68f099ca954Darren Krahn 627628033348e20c0d958f6317c075a68f099ca954Darren Krahn AtapResult sha256(const uint8_t* plaintext, 637628033348e20c0d958f6317c075a68f099ca954Darren Krahn uint32_t plaintext_len, 647628033348e20c0d958f6317c075a68f099ca954Darren Krahn uint8_t hash[ATAP_SHA256_DIGEST_LEN]) override; 657628033348e20c0d958f6317c075a68f099ca954Darren Krahn 667628033348e20c0d958f6317c075a68f099ca954Darren Krahn AtapResult hkdf_sha256(const uint8_t* salt, 677628033348e20c0d958f6317c075a68f099ca954Darren Krahn uint32_t salt_len, 687628033348e20c0d958f6317c075a68f099ca954Darren Krahn const uint8_t* ikm, 697628033348e20c0d958f6317c075a68f099ca954Darren Krahn uint32_t ikm_len, 707628033348e20c0d958f6317c075a68f099ca954Darren Krahn const uint8_t* info, 717628033348e20c0d958f6317c075a68f099ca954Darren Krahn uint32_t info_len, 727628033348e20c0d958f6317c075a68f099ca954Darren Krahn uint8_t* okm, 737628033348e20c0d958f6317c075a68f099ca954Darren Krahn int32_t okm_len) override; 747628033348e20c0d958f6317c075a68f099ca954Darren Krahn 757628033348e20c0d958f6317c075a68f099ca954Darren Krahn // Can be used during testing to get predictable 'ephemeral' ECDH keys. This 767628033348e20c0d958f6317c075a68f099ca954Darren Krahn // must never be called except during testing. For X25519, the expected format 777628033348e20c0d958f6317c075a68f099ca954Darren Krahn // is a 32-byte private key. For P256, the expected format is X9.62 DER. 787628033348e20c0d958f6317c075a68f099ca954Darren Krahn void SetEcdhKeyForTesting(const void* key_data, size_t size_in_bytes); 797628033348e20c0d958f6317c075a68f099ca954Darren Krahn 807628033348e20c0d958f6317c075a68f099ca954Darren Krahn private: 817628033348e20c0d958f6317c075a68f099ca954Darren Krahn uint8_t test_key_[512]; 827628033348e20c0d958f6317c075a68f099ca954Darren Krahn size_t test_key_size_{0}; 837628033348e20c0d958f6317c075a68f099ca954Darren Krahn}; 847628033348e20c0d958f6317c075a68f099ca954Darren Krahn 857628033348e20c0d958f6317c075a68f099ca954Darren Krahn} // namespace atap 867628033348e20c0d958f6317c075a68f099ca954Darren Krahn 877628033348e20c0d958f6317c075a68f099ca954Darren Krahn#endif /* OPENSSL_OPS_H_ */ 88