1*4185b066SAndroid Build Coastguard Worker // Copyright 2023 Google LLC 2*4185b066SAndroid Build Coastguard Worker // 3*4185b066SAndroid Build Coastguard Worker // Licensed under the Apache License, Version 2.0 (the "License"); 4*4185b066SAndroid Build Coastguard Worker // you may not use this file except in compliance with the License. 5*4185b066SAndroid Build Coastguard Worker // You may obtain a copy of the License at 6*4185b066SAndroid Build Coastguard Worker // 7*4185b066SAndroid Build Coastguard Worker // http://www.apache.org/licenses/LICENSE-2.0 8*4185b066SAndroid Build Coastguard Worker // 9*4185b066SAndroid Build Coastguard Worker // Unless required by applicable law or agreed to in writing, software 10*4185b066SAndroid Build Coastguard Worker // distributed under the License is distributed on an "AS IS" BASIS, 11*4185b066SAndroid Build Coastguard Worker // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*4185b066SAndroid Build Coastguard Worker // See the License for the specific language governing permissions and 13*4185b066SAndroid Build Coastguard Worker // limitations under the License. 14*4185b066SAndroid Build Coastguard Worker // 15*4185b066SAndroid Build Coastguard Worker //////////////////////////////////////////////////////////////////////////////// 16*4185b066SAndroid Build Coastguard Worker 17*4185b066SAndroid Build Coastguard Worker //! BoringSSL-based implementation for the AuthGraph HMAC-related traits. 18*4185b066SAndroid Build Coastguard Worker use authgraph_core::{ 19*4185b066SAndroid Build Coastguard Worker error::Error, 20*4185b066SAndroid Build Coastguard Worker key::{EcdhSecret, HmacKey, PseudoRandKey, SHA_256_LEN}, 21*4185b066SAndroid Build Coastguard Worker traits::{Hkdf, Hmac, Sha256}, 22*4185b066SAndroid Build Coastguard Worker vec_try, 23*4185b066SAndroid Build Coastguard Worker }; 24*4185b066SAndroid Build Coastguard Worker 25*4185b066SAndroid Build Coastguard Worker /// BoringSSL-based implementation of the [`Hmac`] trait. Note that this implementation relies on 26*4185b066SAndroid Build Coastguard Worker /// the Android-specific `openssl::hmac` extension to the `rust-openssl` crate. 27*4185b066SAndroid Build Coastguard Worker pub struct BoringHmac; 28*4185b066SAndroid Build Coastguard Worker 29*4185b066SAndroid Build Coastguard Worker impl Hmac for BoringHmac { compute_hmac(&self, key: &HmacKey, data: &[u8]) -> Result<Vec<u8>, Error>30*4185b066SAndroid Build Coastguard Worker fn compute_hmac(&self, key: &HmacKey, data: &[u8]) -> Result<Vec<u8>, Error> { 31*4185b066SAndroid Build Coastguard Worker let md = openssl::md::Md::sha256(); 32*4185b066SAndroid Build Coastguard Worker let mut out = vec_try![0; md.size()]?; 33*4185b066SAndroid Build Coastguard Worker ossl!(openssl::hmac::hmac(md, &key.0, data, &mut out))?; 34*4185b066SAndroid Build Coastguard Worker Ok(out) 35*4185b066SAndroid Build Coastguard Worker } 36*4185b066SAndroid Build Coastguard Worker } 37*4185b066SAndroid Build Coastguard Worker 38*4185b066SAndroid Build Coastguard Worker /// BoringSSL-based implementation of the [`Hkdf`] trait. Note that this implementation relies on 39*4185b066SAndroid Build Coastguard Worker /// the Android-specific `openssl::hkdf` extension to the `rust-openssl` crate. 40*4185b066SAndroid Build Coastguard Worker pub struct BoringHkdf; 41*4185b066SAndroid Build Coastguard Worker 42*4185b066SAndroid Build Coastguard Worker impl Hkdf for BoringHkdf { extract(&self, salt: &[u8], ikm: &EcdhSecret) -> Result<PseudoRandKey, Error>43*4185b066SAndroid Build Coastguard Worker fn extract(&self, salt: &[u8], ikm: &EcdhSecret) -> Result<PseudoRandKey, Error> { 44*4185b066SAndroid Build Coastguard Worker let md = openssl::md::Md::sha256(); 45*4185b066SAndroid Build Coastguard Worker let mut out = PseudoRandKey([0; 32]); 46*4185b066SAndroid Build Coastguard Worker ossl!(openssl::hkdf::hkdf_extract(&mut out.0, md, &ikm.0, salt))?; 47*4185b066SAndroid Build Coastguard Worker Ok(out) 48*4185b066SAndroid Build Coastguard Worker } 49*4185b066SAndroid Build Coastguard Worker expand(&self, prk: &PseudoRandKey, context: &[u8]) -> Result<PseudoRandKey, Error>50*4185b066SAndroid Build Coastguard Worker fn expand(&self, prk: &PseudoRandKey, context: &[u8]) -> Result<PseudoRandKey, Error> { 51*4185b066SAndroid Build Coastguard Worker let md = openssl::md::Md::sha256(); 52*4185b066SAndroid Build Coastguard Worker let mut out = PseudoRandKey([0; 32]); 53*4185b066SAndroid Build Coastguard Worker ossl!(openssl::hkdf::hkdf_expand(&mut out.0, md, &prk.0, context))?; 54*4185b066SAndroid Build Coastguard Worker Ok(out) 55*4185b066SAndroid Build Coastguard Worker } 56*4185b066SAndroid Build Coastguard Worker } 57*4185b066SAndroid Build Coastguard Worker 58*4185b066SAndroid Build Coastguard Worker /// BoringSSL-based implementation of the [`Sha256`] trait. 59*4185b066SAndroid Build Coastguard Worker pub struct BoringSha256; 60*4185b066SAndroid Build Coastguard Worker 61*4185b066SAndroid Build Coastguard Worker impl Sha256 for BoringSha256 { compute_sha256(&self, data: &[u8]) -> Result<[u8; SHA_256_LEN], Error>62*4185b066SAndroid Build Coastguard Worker fn compute_sha256(&self, data: &[u8]) -> Result<[u8; SHA_256_LEN], Error> { 63*4185b066SAndroid Build Coastguard Worker let mut sha256 = openssl::sha::Sha256::new(); 64*4185b066SAndroid Build Coastguard Worker sha256.update(data); 65*4185b066SAndroid Build Coastguard Worker Ok(sha256.finish()) 66*4185b066SAndroid Build Coastguard Worker } 67*4185b066SAndroid Build Coastguard Worker } 68