1 /*
2 * Copyright 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <keymaster/km_openssl/hmac.h>
18
19 #include <assert.h>
20
21 #include <openssl/evp.h>
22 #include <openssl/hmac.h>
23 #include <openssl/mem.h>
24 #include <openssl/sha.h>
25
26 #include <keymaster/android_keymaster_utils.h>
27
28 namespace keymaster {
29
DigestLength() const30 size_t HmacSha256::DigestLength() const {
31 return SHA256_DIGEST_LENGTH;
32 }
33
Init(const Buffer & key)34 bool HmacSha256::Init(const Buffer& key) {
35 return Init(key.peek_read(), key.available_read());
36 }
37
Init(const uint8_t * key,size_t key_len)38 bool HmacSha256::Init(const uint8_t* key, size_t key_len) {
39 if (!key) return false;
40
41 key_len_ = key_len;
42 key_.reset(dup_buffer(key, key_len));
43 if (!key_.get()) {
44 return false;
45 }
46 return true;
47 }
48
Sign(const Buffer & data,uint8_t * out_digest,size_t digest_len) const49 bool HmacSha256::Sign(const Buffer& data, uint8_t* out_digest, size_t digest_len) const {
50 return Sign(data.peek_read(), data.available_read(), out_digest, digest_len);
51 }
52
Sign(const uint8_t * data,size_t data_len,uint8_t * out_digest,size_t digest_len) const53 bool HmacSha256::Sign(const uint8_t* data, size_t data_len, uint8_t* out_digest,
54 size_t digest_len) const {
55 assert(digest_len);
56
57 uint8_t tmp[SHA256_DIGEST_LENGTH];
58 uint8_t* digest = tmp;
59 if (digest_len >= SHA256_DIGEST_LENGTH) digest = out_digest;
60
61 if (nullptr == ::HMAC(EVP_sha256(), key_.get(), key_len_, data, data_len, digest, nullptr)) {
62 return false;
63 }
64 if (digest_len < SHA256_DIGEST_LENGTH) memcpy(out_digest, tmp, digest_len);
65
66 return true;
67 }
68
Verify(const Buffer & data,const Buffer & digest) const69 bool HmacSha256::Verify(const Buffer& data, const Buffer& digest) const {
70 return Verify(data.peek_read(), data.available_read(), digest.peek_read(),
71 digest.available_read());
72 }
73
Verify(const uint8_t * data,size_t data_len,const uint8_t * digest,size_t digest_len) const74 bool HmacSha256::Verify(const uint8_t* data, size_t data_len, const uint8_t* digest,
75 size_t digest_len) const {
76 if (digest_len != SHA256_DIGEST_LENGTH) return false;
77
78 uint8_t computed_digest[SHA256_DIGEST_LENGTH];
79 if (!Sign(data, data_len, computed_digest, sizeof(computed_digest))) return false;
80
81 return 0 == CRYPTO_memcmp(digest, computed_digest, SHA256_DIGEST_LENGTH);
82 }
83
84 } // namespace keymaster
85