cc/mac/hmac_key_manager.cc

*e7b1675dSTing-Kang Chang// Copyright 2017 Google Inc.
*e7b1675dSTing-Kang Chang//
*e7b1675dSTing-Kang Chang// Licensed under the Apache License, Version 2.0 (the "License");
*e7b1675dSTing-Kang Chang// you may not use this file except in compliance with the License.
*e7b1675dSTing-Kang Chang// You may obtain a copy of the License at
*e7b1675dSTing-Kang Chang//
*e7b1675dSTing-Kang Chang//     http://www.apache.org/licenses/LICENSE-2.0
*e7b1675dSTing-Kang Chang//
*e7b1675dSTing-Kang Chang// Unless required by applicable law or agreed to in writing, software
*e7b1675dSTing-Kang Chang// distributed under the License is distributed on an "AS IS" BASIS,
*e7b1675dSTing-Kang Chang// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
*e7b1675dSTing-Kang Chang// See the License for the specific language governing permissions and
*e7b1675dSTing-Kang Chang// limitations under the License.
*e7b1675dSTing-Kang Chang//
*e7b1675dSTing-Kang Chang///////////////////////////////////////////////////////////////////////////////
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang#include "tink/mac/hmac_key_manager.h"
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang#include <map>
*e7b1675dSTing-Kang Chang#include <string>
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang#include "absl/status/status.h"
*e7b1675dSTing-Kang Chang#include "absl/strings/string_view.h"
*e7b1675dSTing-Kang Chang#include "tink/mac.h"
*e7b1675dSTing-Kang Chang#include "tink/subtle/hmac_boringssl.h"
*e7b1675dSTing-Kang Chang#include "tink/subtle/random.h"
*e7b1675dSTing-Kang Chang#include "tink/util/enums.h"
*e7b1675dSTing-Kang Chang#include "tink/util/errors.h"
*e7b1675dSTing-Kang Chang#include "tink/util/input_stream_util.h"
*e7b1675dSTing-Kang Chang#include "tink/util/protobuf_helper.h"
*e7b1675dSTing-Kang Chang#include "tink/util/status.h"
*e7b1675dSTing-Kang Chang#include "tink/util/statusor.h"
*e7b1675dSTing-Kang Chang#include "tink/util/validation.h"
*e7b1675dSTing-Kang Chang#include "proto/common.pb.h"
*e7b1675dSTing-Kang Chang#include "proto/hmac.pb.h"
*e7b1675dSTing-Kang Chang#include "proto/tink.pb.h"
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Changnamespace crypto {
*e7b1675dSTing-Kang Changnamespace tink {
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Changusing crypto::tink::util::Enums;
*e7b1675dSTing-Kang Changusing crypto::tink::util::Status;
*e7b1675dSTing-Kang Changusing crypto::tink::util::StatusOr;
*e7b1675dSTing-Kang Changusing google::crypto::tink::HashType;
*e7b1675dSTing-Kang Changusing google::crypto::tink::HmacKey;
*e7b1675dSTing-Kang Changusing google::crypto::tink::HmacKeyFormat;
*e7b1675dSTing-Kang Changusing google::crypto::tink::HmacParams;
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Changnamespace {
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Changconstexpr int kMinKeySizeInBytes = 16;
*e7b1675dSTing-Kang Changconstexpr int kMinTagSizeInBytes = 10;
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang}  // namespace
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang ChangStatusOr<HmacKey> HmacKeyManager::CreateKey(
*e7b1675dSTing-Kang Chang    const HmacKeyFormat& hmac_key_format) const {
*e7b1675dSTing-Kang Chang  HmacKey hmac_key;
*e7b1675dSTing-Kang Chang  hmac_key.set_version(get_version());
*e7b1675dSTing-Kang Chang  *(hmac_key.mutable_params()) = hmac_key_format.params();
*e7b1675dSTing-Kang Chang  hmac_key.set_key_value(
*e7b1675dSTing-Kang Chang      subtle::Random::GetRandomBytes(hmac_key_format.key_size()));
*e7b1675dSTing-Kang Chang  return hmac_key;
*e7b1675dSTing-Kang Chang}
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang ChangStatusOr<HmacKey> HmacKeyManager::DeriveKey(
*e7b1675dSTing-Kang Chang    const HmacKeyFormat& hmac_key_format, InputStream* input_stream) const {
*e7b1675dSTing-Kang Chang  crypto::tink::util::Status status =
*e7b1675dSTing-Kang Chang      ValidateVersion(hmac_key_format.version(), get_version());
*e7b1675dSTing-Kang Chang  if (!status.ok()) return status;
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang  crypto::tink::util::StatusOr<std::string> randomness =
*e7b1675dSTing-Kang Chang      ReadBytesFromStream(hmac_key_format.key_size(), input_stream);
*e7b1675dSTing-Kang Chang  if (!randomness.ok()) {
*e7b1675dSTing-Kang Chang    if (randomness.status().code() == absl::StatusCode::kOutOfRange) {
*e7b1675dSTing-Kang Chang      return crypto::tink::util::Status(
*e7b1675dSTing-Kang Chang          absl::StatusCode::kInvalidArgument,
*e7b1675dSTing-Kang Chang          "Could not get enough pseudorandomness from input stream");
*e7b1675dSTing-Kang Chang    }
*e7b1675dSTing-Kang Chang    return randomness.status();
*e7b1675dSTing-Kang Chang  }
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang  HmacKey hmac_key;
*e7b1675dSTing-Kang Chang  hmac_key.set_version(get_version());
*e7b1675dSTing-Kang Chang  *(hmac_key.mutable_params()) = hmac_key_format.params();
*e7b1675dSTing-Kang Chang  hmac_key.set_key_value(randomness.value());
*e7b1675dSTing-Kang Chang  return hmac_key;
*e7b1675dSTing-Kang Chang}
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang ChangStatus HmacKeyManager::ValidateParams(const HmacParams& params) const {
*e7b1675dSTing-Kang Chang  if (params.tag_size() < kMinTagSizeInBytes) {
*e7b1675dSTing-Kang Chang    return ToStatusF(absl::StatusCode::kInvalidArgument,
*e7b1675dSTing-Kang Chang                     "Invalid HmacParams: tag_size %d is too small.",
*e7b1675dSTing-Kang Chang                     params.tag_size());
*e7b1675dSTing-Kang Chang  }
*e7b1675dSTing-Kang Chang  std::map<HashType, uint32_t> max_tag_size = {{HashType::SHA1, 20},
*e7b1675dSTing-Kang Chang                                               {HashType::SHA224, 28},
*e7b1675dSTing-Kang Chang                                               {HashType::SHA256, 32},
*e7b1675dSTing-Kang Chang                                               {HashType::SHA384, 48},
*e7b1675dSTing-Kang Chang                                               {HashType::SHA512, 64}};
*e7b1675dSTing-Kang Chang  if (max_tag_size.find(params.hash()) == max_tag_size.end()) {
*e7b1675dSTing-Kang Chang    return ToStatusF(absl::StatusCode::kInvalidArgument,
*e7b1675dSTing-Kang Chang                     "Invalid HmacParams: HashType '%s' not supported.",
*e7b1675dSTing-Kang Chang                     Enums::HashName(params.hash()));
*e7b1675dSTing-Kang Chang  } else {
*e7b1675dSTing-Kang Chang    if (params.tag_size() > max_tag_size[params.hash()]) {
*e7b1675dSTing-Kang Chang      return ToStatusF(
*e7b1675dSTing-Kang Chang          absl::StatusCode::kInvalidArgument,
*e7b1675dSTing-Kang Chang          "Invalid HmacParams: tag_size %d is too big for HashType '%s'.",
*e7b1675dSTing-Kang Chang          params.tag_size(), Enums::HashName(params.hash()));
*e7b1675dSTing-Kang Chang    }
*e7b1675dSTing-Kang Chang  }
*e7b1675dSTing-Kang Chang  return util::OkStatus();
*e7b1675dSTing-Kang Chang}
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang ChangStatus HmacKeyManager::ValidateKey(const HmacKey& key) const {
*e7b1675dSTing-Kang Chang  Status status = ValidateVersion(key.version(), get_version());
*e7b1675dSTing-Kang Chang  if (!status.ok()) return status;
*e7b1675dSTing-Kang Chang  if (key.key_value().size() < kMinKeySizeInBytes) {
*e7b1675dSTing-Kang Chang    return util::Status(absl::StatusCode::kInvalidArgument,
*e7b1675dSTing-Kang Chang                        "Invalid HmacKey: key_value is too short.");
*e7b1675dSTing-Kang Chang  }
*e7b1675dSTing-Kang Chang  return ValidateParams(key.params());
*e7b1675dSTing-Kang Chang}
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang// static
*e7b1675dSTing-Kang ChangStatus HmacKeyManager::ValidateKeyFormat(
*e7b1675dSTing-Kang Chang    const HmacKeyFormat& key_format) const {
*e7b1675dSTing-Kang Chang  if (key_format.key_size() < kMinKeySizeInBytes) {
*e7b1675dSTing-Kang Chang    return util::Status(absl::StatusCode::kInvalidArgument,
*e7b1675dSTing-Kang Chang                        "Invalid HmacKeyFormat: key_size is too small.");
*e7b1675dSTing-Kang Chang  }
*e7b1675dSTing-Kang Chang  return ValidateParams(key_format.params());
*e7b1675dSTing-Kang Chang}
*e7b1675dSTing-Kang Chang
*e7b1675dSTing-Kang Chang}  // namespace tink
*e7b1675dSTing-Kang Chang}  // namespace crypto