1 /*
2  * Copyright 2014 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef SYSTEM_KEYMASTER_HMAC_OPERATION_H_
18 #define SYSTEM_KEYMASTER_HMAC_OPERATION_H_
19 
20 #include "operation.h"
21 
22 #include <openssl/hmac.h>
23 
24 namespace keymaster {
25 
26 class HmacOperation : public Operation {
27   public:
28     HmacOperation(keymaster_purpose_t purpose, const uint8_t* key_data, size_t key_data_size,
29                   keymaster_digest_t digest, size_t mac_length, size_t min_mac_length);
30     ~HmacOperation();
31 
32     virtual keymaster_error_t Begin(const AuthorizationSet& input_params,
33                                     AuthorizationSet* output_params);
34     virtual keymaster_error_t Update(const AuthorizationSet& additional_params, const Buffer& input,
35                                      AuthorizationSet* output_params, Buffer* output,
36                                      size_t* input_consumed);
37     virtual keymaster_error_t Abort();
38     virtual keymaster_error_t Finish(const AuthorizationSet& additional_params, const Buffer& input,
39                                      const Buffer& signature, AuthorizationSet* output_params,
40                                      Buffer* output);
41 
error()42     keymaster_error_t error() { return error_; }
43 
44   private:
45     HMAC_CTX ctx_;
46     keymaster_error_t error_;
47     const size_t mac_length_;
48     const size_t min_mac_length_;
49 };
50 
51 /**
52  * Abstract base for HMAC operation factories.  This class does all of the work to create
53  * HMAC operations.
54  */
55 class HmacOperationFactory : public OperationFactory {
56   public:
registry_key()57     virtual KeyType registry_key() const { return KeyType(KM_ALGORITHM_HMAC, purpose()); }
58 
59     virtual Operation* CreateOperation(const Key& key, const AuthorizationSet& begin_params,
60                                        keymaster_error_t* error);
61 
62     virtual const keymaster_digest_t* SupportedDigests(size_t* digest_count) const;
63 
64     virtual keymaster_purpose_t purpose() const = 0;
65 };
66 
67 class HmacSignOperationFactory : public HmacOperationFactory {
purpose()68     keymaster_purpose_t purpose() const { return KM_PURPOSE_SIGN; }
69 };
70 
71 class HmacVerifyOperationFactory : public HmacOperationFactory {
purpose()72     keymaster_purpose_t purpose() const { return KM_PURPOSE_VERIFY; }
73 };
74 
75 }  // namespace keymaster
76 
77 #endif  // SYSTEM_KEYMASTER_HMAC_OPERATION_H_
78