1 /* 2 * Copyright (C) 2012 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package org.conscrypt; 18 19 import java.security.InvalidAlgorithmParameterException; 20 import java.security.InvalidKeyException; 21 import java.security.Key; 22 import java.security.NoSuchAlgorithmException; 23 import java.security.spec.AlgorithmParameterSpec; 24 25 import javax.crypto.MacSpi; 26 import javax.crypto.SecretKey; 27 28 public abstract class OpenSSLMac extends MacSpi { 29 private final OpenSSLDigestContext ctx = new OpenSSLDigestContext( 30 NativeCrypto.EVP_MD_CTX_create()); 31 32 /** 33 * Holds the EVP_MD for the hashing algorithm, e.g. 34 * EVP_get_digestbyname("sha1"); 35 */ 36 private final long evp_md; 37 38 /** 39 * The key type of the secret key. 40 */ 41 private final int evp_pkey_type; 42 43 /** 44 * The secret key used in this keyed MAC. 45 */ 46 private OpenSSLKey macKey; 47 48 /** 49 * Holds the output size of the message digest. 50 */ 51 private final int size; 52 53 /** 54 * Holds a dummy buffer for writing single bytes to the digest. 55 */ 56 private final byte[] singleByte = new byte[1]; 57 58 private OpenSSLMac(long evp_md, int size, int evp_pkey_type) { 59 this.evp_md = evp_md; 60 this.size = size; 61 this.evp_pkey_type = evp_pkey_type; 62 } 63 64 @Override 65 protected int engineGetMacLength() { 66 return size; 67 } 68 69 @Override 70 protected void engineInit(Key key, AlgorithmParameterSpec params) throws InvalidKeyException, 71 InvalidAlgorithmParameterException { 72 if (!(key instanceof SecretKey)) { 73 throw new InvalidKeyException("key must be a SecretKey"); 74 } 75 76 if (params != null) { 77 throw new InvalidAlgorithmParameterException("unknown parameter type"); 78 } 79 80 if (key instanceof OpenSSLKeyHolder) { 81 macKey = ((OpenSSLKeyHolder) key).getOpenSSLKey(); 82 } else { 83 final byte[] keyBytes = key.getEncoded(); 84 if (keyBytes == null) { 85 throw new InvalidKeyException("key cannot be encoded"); 86 } 87 88 macKey = new OpenSSLKey(NativeCrypto.EVP_PKEY_new_mac_key(evp_pkey_type, keyBytes)); 89 } 90 91 NativeCrypto.EVP_MD_CTX_init(ctx.getContext()); 92 93 reset(); 94 } 95 96 private void reset() { 97 NativeCrypto.EVP_DigestSignInit(ctx.getContext(), evp_md, macKey.getPkeyContext()); 98 } 99 100 @Override 101 protected void engineUpdate(byte input) { 102 singleByte[0] = input; 103 engineUpdate(singleByte, 0, 1); 104 } 105 106 @Override 107 protected void engineUpdate(byte[] input, int offset, int len) { 108 NativeCrypto.EVP_DigestUpdate(ctx.getContext(), input, offset, len); 109 } 110 111 @Override 112 protected byte[] engineDoFinal() { 113 final byte[] output = NativeCrypto.EVP_DigestSignFinal(ctx.getContext()); 114 reset(); 115 return output; 116 } 117 118 @Override 119 protected void engineReset() { 120 reset(); 121 } 122 123 public static class HmacMD5 extends OpenSSLMac { 124 private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("md5"); 125 private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); 126 127 public HmacMD5() { 128 super(EVP_MD, SIZE, NativeCrypto.EVP_PKEY_HMAC); 129 } 130 } 131 132 public static class HmacSHA1 extends OpenSSLMac { 133 private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("sha1"); 134 private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); 135 136 public HmacSHA1() { 137 super(EVP_MD, SIZE, NativeCrypto.EVP_PKEY_HMAC); 138 } 139 } 140 141 public static class HmacSHA256 extends OpenSSLMac { 142 private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("sha256"); 143 private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); 144 145 public HmacSHA256() throws NoSuchAlgorithmException { 146 super(EVP_MD, SIZE, NativeCrypto.EVP_PKEY_HMAC); 147 } 148 } 149 150 public static class HmacSHA384 extends OpenSSLMac { 151 private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("sha384"); 152 private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); 153 154 public HmacSHA384() throws NoSuchAlgorithmException { 155 super(EVP_MD, SIZE, NativeCrypto.EVP_PKEY_HMAC); 156 } 157 } 158 159 public static class HmacSHA512 extends OpenSSLMac { 160 private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("sha512"); 161 private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); 162 163 public HmacSHA512() { 164 super(EVP_MD, SIZE, NativeCrypto.EVP_PKEY_HMAC); 165 } 166 } 167 } 168
