1 // Copyright 2023 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 //////////////////////////////////////////////////////////////////////////////// 16 17 //! BoringSSL-based implementation for the AuthGraph HMAC-related traits. 18 use authgraph_core::{ 19 error::Error, 20 key::{EcdhSecret, HmacKey, PseudoRandKey, SHA_256_LEN}, 21 traits::{Hkdf, Hmac, Sha256}, 22 vec_try, 23 }; 24 25 /// BoringSSL-based implementation of the [`Hmac`] trait. Note that this implementation relies on 26 /// the Android-specific `openssl::hmac` extension to the `rust-openssl` crate. 27 pub struct BoringHmac; 28 29 impl Hmac for BoringHmac { compute_hmac(&self, key: &HmacKey, data: &[u8]) -> Result<Vec<u8>, Error>30 fn compute_hmac(&self, key: &HmacKey, data: &[u8]) -> Result<Vec<u8>, Error> { 31 let md = openssl::md::Md::sha256(); 32 let mut out = vec_try![0; md.size()]?; 33 ossl!(openssl::hmac::hmac(md, &key.0, data, &mut out))?; 34 Ok(out) 35 } 36 } 37 38 /// BoringSSL-based implementation of the [`Hkdf`] trait. Note that this implementation relies on 39 /// the Android-specific `openssl::hkdf` extension to the `rust-openssl` crate. 40 pub struct BoringHkdf; 41 42 impl Hkdf for BoringHkdf { extract(&self, salt: &[u8], ikm: &EcdhSecret) -> Result<PseudoRandKey, Error>43 fn extract(&self, salt: &[u8], ikm: &EcdhSecret) -> Result<PseudoRandKey, Error> { 44 let md = openssl::md::Md::sha256(); 45 let mut out = PseudoRandKey([0; 32]); 46 ossl!(openssl::hkdf::hkdf_extract(&mut out.0, md, &ikm.0, salt))?; 47 Ok(out) 48 } 49 expand(&self, prk: &PseudoRandKey, context: &[u8]) -> Result<PseudoRandKey, Error>50 fn expand(&self, prk: &PseudoRandKey, context: &[u8]) -> Result<PseudoRandKey, Error> { 51 let md = openssl::md::Md::sha256(); 52 let mut out = PseudoRandKey([0; 32]); 53 ossl!(openssl::hkdf::hkdf_expand(&mut out.0, md, &prk.0, context))?; 54 Ok(out) 55 } 56 } 57 58 /// BoringSSL-based implementation of the [`Sha256`] trait. 59 pub struct BoringSha256; 60 61 impl Sha256 for BoringSha256 { compute_sha256(&self, data: &[u8]) -> Result<[u8; SHA_256_LEN], Error>62 fn compute_sha256(&self, data: &[u8]) -> Result<[u8; SHA_256_LEN], Error> { 63 let mut sha256 = openssl::sha::Sha256::new(); 64 sha256.update(data); 65 Ok(sha256.finish()) 66 } 67 } 68