cc/mac/internal/chunked_mac_impl.cc - third_party/tink - Git at Google

 // Copyright 2022 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 //
 ///////////////////////////////////////////////////////////////////////////////

 #include "tink/mac/internal/chunked_mac_impl.h"

 #include <memory>
 #include <string>
 #include <utility>

 #include "absl/strings/string_view.h"
 #include "openssl/crypto.h"
 #include "tink/chunked_mac.h"
 #include "tink/subtle/mac/stateful_mac.h"
 #include "tink/subtle/stateful_cmac_boringssl.h"
 #include "tink/subtle/stateful_hmac_boringssl.h"
 #include "tink/util/enums.h"
 #include "tink/util/secret_data.h"
 #include "tink/util/status.h"
 #include "tink/util/statusor.h"
 #include "proto/aes_cmac.pb.h"
 #include "proto/hmac.pb.h"

 namespace crypto {
 namespace tink {
 namespace internal {

 using ::google::crypto::tink::AesCmacKey;
 using ::google::crypto::tink::HmacKey;

 util::Status ChunkedMacComputationImpl::Update(absl::string_view data) {
   if (!status_.ok()) return status_;
   return stateful_mac_->Update(data);
 }

 util::StatusOr<std::string> ChunkedMacComputationImpl::ComputeMac() {
   if (!status_.ok()) return status_;
   status_ = util::Status(absl::StatusCode::kFailedPrecondition,
                          "MAC computation already finalized.");
   return stateful_mac_->Finalize();
 }

 util::Status ChunkedMacVerificationImpl::Update(absl::string_view data) {
   if (!status_.ok()) return status_;
   return stateful_mac_->Update(data);
 }

 util::Status ChunkedMacVerificationImpl::VerifyMac() {
   if (!status_.ok()) return status_;
   status_ = util::Status(absl::StatusCode::kFailedPrecondition,
                          "MAC verification already finalized.");
   util::StatusOr<std::string> computed_mac = stateful_mac_->Finalize();
   if (!computed_mac.ok()) {
     return computed_mac.status();
   }
   if (computed_mac->size() != tag_.size()) {
     return util::Status(absl::StatusCode::kInvalidArgument,
                         "Verification failed.");
   }
   if (CRYPTO_memcmp(computed_mac->data(), tag_.data(), computed_mac->size())) {
     return util::Status(absl::StatusCode::kInvalidArgument,
                         "Verification failed.");
   }
   return util::OkStatus();
 }

 util::StatusOr<std::unique_ptr<ChunkedMacComputation>>
 ChunkedMacImpl::CreateComputation() const {
   util::StatusOr<std::unique_ptr<subtle::StatefulMac>> stateful_mac =
       stateful_mac_factory_->Create();
   if (!stateful_mac.ok()) return stateful_mac.status();

   return std::unique_ptr<ChunkedMacComputation>(
       new ChunkedMacComputationImpl(*std::move(stateful_mac)));
 }

 util::StatusOr<std::unique_ptr<ChunkedMacVerification>>
 ChunkedMacImpl::CreateVerification(absl::string_view tag) const {
   util::StatusOr<std::unique_ptr<subtle::StatefulMac>> stateful_mac =
       stateful_mac_factory_->Create();
   if (!stateful_mac.ok()) return stateful_mac.status();

   return std::unique_ptr<ChunkedMacVerification>(
       new ChunkedMacVerificationImpl(*std::move(stateful_mac), tag));
 }

 util::StatusOr<std::unique_ptr<ChunkedMac>> NewChunkedCmac(
     const AesCmacKey& key) {
   if (!key.has_params()) {
     return util::Status(absl::StatusCode::kInvalidArgument,
                         "Invalid key: missing parameters.");
   }
   util::SecretData secret_key_data =
       util::SecretDataFromStringView(key.key_value());
   auto stateful_mac_factory =
       absl::make_unique<subtle::StatefulCmacBoringSslFactory>(
           key.params().tag_size(), secret_key_data);
   return std::unique_ptr<ChunkedMac>(
       new ChunkedMacImpl(std::move(stateful_mac_factory)));
 }

 util::StatusOr<std::unique_ptr<ChunkedMac>> NewChunkedHmac(const HmacKey& key) {
   if (!key.has_params()) {
     return util::Status(absl::StatusCode::kInvalidArgument,
                         "Invalid key: missing paramaters.");
   }
   subtle::HashType hash_type = util::Enums::ProtoToSubtle(key.params().hash());
   util::SecretData secret_key_data =
       util::SecretDataFromStringView(key.key_value());
   auto stateful_mac_factory =
       absl::make_unique<subtle::StatefulHmacBoringSslFactory>(
           hash_type, key.params().tag_size(), secret_key_data);
   return std::unique_ptr<ChunkedMac>(
       new ChunkedMacImpl(std::move(stateful_mac_factory)));
 }

 }  // namespace internal
 }  // namespace tink
 }  // namespace crypto
	// Copyright 2022 Google LLC
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	//
	///////////////////////////////////////////////////////////////////////////////

	#include "tink/mac/internal/chunked_mac_impl.h"

	#include <memory>
	#include <string>
	#include <utility>

	#include "absl/strings/string_view.h"
	#include "openssl/crypto.h"
	#include "tink/chunked_mac.h"
	#include "tink/subtle/mac/stateful_mac.h"
	#include "tink/subtle/stateful_cmac_boringssl.h"
	#include "tink/subtle/stateful_hmac_boringssl.h"
	#include "tink/util/enums.h"
	#include "tink/util/secret_data.h"
	#include "tink/util/status.h"
	#include "tink/util/statusor.h"
	#include "proto/aes_cmac.pb.h"
	#include "proto/hmac.pb.h"

	namespace crypto {
	namespace tink {
	namespace internal {

	using ::google::crypto::tink::AesCmacKey;
	using ::google::crypto::tink::HmacKey;

	util::Status ChunkedMacComputationImpl::Update(absl::string_view data) {
	if (!status_.ok()) return status_;
	return stateful_mac_->Update(data);
	}

	util::StatusOr<std::string> ChunkedMacComputationImpl::ComputeMac() {
	if (!status_.ok()) return status_;
	status_ = util::Status(absl::StatusCode::kFailedPrecondition,
	"MAC computation already finalized.");
	return stateful_mac_->Finalize();
	}

	util::Status ChunkedMacVerificationImpl::Update(absl::string_view data) {
	if (!status_.ok()) return status_;
	return stateful_mac_->Update(data);
	}

	util::Status ChunkedMacVerificationImpl::VerifyMac() {
	if (!status_.ok()) return status_;
	status_ = util::Status(absl::StatusCode::kFailedPrecondition,
	"MAC verification already finalized.");
	util::StatusOr<std::string> computed_mac = stateful_mac_->Finalize();
	if (!computed_mac.ok()) {
	return computed_mac.status();
	}
	if (computed_mac->size() != tag_.size()) {
	return util::Status(absl::StatusCode::kInvalidArgument,
	"Verification failed.");
	}
	if (CRYPTO_memcmp(computed_mac->data(), tag_.data(), computed_mac->size())) {
	return util::Status(absl::StatusCode::kInvalidArgument,
	"Verification failed.");
	}
	return util::OkStatus();
	}

	util::StatusOr<std::unique_ptr<ChunkedMacComputation>>
	ChunkedMacImpl::CreateComputation() const {
	util::StatusOr<std::unique_ptr<subtle::StatefulMac>> stateful_mac =
	stateful_mac_factory_->Create();
	if (!stateful_mac.ok()) return stateful_mac.status();

	return std::unique_ptr<ChunkedMacComputation>(
	new ChunkedMacComputationImpl(*std::move(stateful_mac)));
	}

	util::StatusOr<std::unique_ptr<ChunkedMacVerification>>
	ChunkedMacImpl::CreateVerification(absl::string_view tag) const {
	util::StatusOr<std::unique_ptr<subtle::StatefulMac>> stateful_mac =
	stateful_mac_factory_->Create();
	if (!stateful_mac.ok()) return stateful_mac.status();

	return std::unique_ptr<ChunkedMacVerification>(
	new ChunkedMacVerificationImpl(*std::move(stateful_mac), tag));
	}

	util::StatusOr<std::unique_ptr<ChunkedMac>> NewChunkedCmac(
	const AesCmacKey& key) {
	if (!key.has_params()) {
	return util::Status(absl::StatusCode::kInvalidArgument,
	"Invalid key: missing parameters.");
	}
	util::SecretData secret_key_data =
	util::SecretDataFromStringView(key.key_value());
	auto stateful_mac_factory =
	absl::make_unique<subtle::StatefulCmacBoringSslFactory>(
	key.params().tag_size(), secret_key_data);
	return std::unique_ptr<ChunkedMac>(
	new ChunkedMacImpl(std::move(stateful_mac_factory)));
	}

	util::StatusOr<std::unique_ptr<ChunkedMac>> NewChunkedHmac(const HmacKey& key) {
	if (!key.has_params()) {
	return util::Status(absl::StatusCode::kInvalidArgument,
	"Invalid key: missing paramaters.");
	}
	subtle::HashType hash_type = util::Enums::ProtoToSubtle(key.params().hash());
	util::SecretData secret_key_data =
	util::SecretDataFromStringView(key.key_value());
	auto stateful_mac_factory =
	absl::make_unique<subtle::StatefulHmacBoringSslFactory>(
	hash_type, key.params().tag_size(), secret_key_data);
	return std::unique_ptr<ChunkedMac>(
	new ChunkedMacImpl(std::move(stateful_mac_factory)));
	}

	} // namespace internal
	} // namespace tink
	} // namespace crypto