1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #include "hks_config.h"
20 #endif
21
22 #include "hks_client_service_adapter.h"
23
24 #include <mbedtls/bignum.h>
25 #include <mbedtls/ecp.h>
26 #include <mbedtls/pk.h>
27 #include <mbedtls/rsa.h>
28
29 #include "hks_log.h"
30 #include "hks_mbedtls_common.h"
31 #include "hks_mbedtls_ecc.h"
32 #include "hks_mem.h"
33
34 #ifdef _CUT_AUTHENTICATE_
35 #undef HKS_SUPPORT_HASH_C
36 #undef HKS_SUPPORT_RSA_C
37 #undef HKS_SUPPORT_ECC_C
38 #undef HKS_SUPPORT_X25519_C
39 #undef HKS_SUPPORT_ED25519_C
40 #undef HKS_SUPPORT_KDF_PBKDF2
41 #endif /* _CUT_AUTHENTICATE_ */
42
43 #if defined(HKS_SUPPORT_RSA_C) || defined(HKS_SUPPORT_ECC_C)
PkCtxToX509(mbedtls_pk_context * ctx,struct HksBlob * x509Key)44 static int32_t PkCtxToX509(mbedtls_pk_context *ctx, struct HksBlob *x509Key)
45 {
46 uint8_t *tmpBuf = (uint8_t *)HksMalloc(MAX_KEY_SIZE);
47 if (tmpBuf == NULL) {
48 return HKS_ERROR_MALLOC_FAIL;
49 }
50
51 int32_t ret = HKS_SUCCESS;
52 do {
53 int32_t x509Size = mbedtls_pk_write_pubkey_der(ctx, tmpBuf, MAX_KEY_SIZE);
54 if (x509Size < HKS_MBEDTLS_SUCCESS) {
55 HKS_LOG_E("public key to x509 write der failed! mbedtls ret = 0x%X", x509Size);
56 ret = x509Size;
57 break;
58 }
59
60 uint8_t *x509KeyData = (uint8_t *)HksMalloc(x509Size);
61 if (x509KeyData == NULL) {
62 HKS_LOG_E("Malloc x509 key data failed!");
63 ret = HKS_ERROR_MALLOC_FAIL;
64 break;
65 }
66
67 /* mbedtls_pk_write_pubkey_der use little-endian for storage */
68 if (memcpy_s(x509KeyData, x509Size, tmpBuf + MAX_KEY_SIZE - x509Size, x509Size) != EOK) {
69 HKS_LOG_E("public key to x509 memcpy to x509key failed!");
70 HKS_FREE_PTR(x509KeyData);
71 ret = HKS_ERROR_BAD_STATE;
72 break;
73 }
74
75 x509Key->size = x509Size;
76 x509Key->data = x509KeyData;
77 } while (0);
78
79 HKS_FREE_PTR(tmpBuf);
80 return ret;
81 }
82
83 #ifdef HKS_SUPPORT_RSA_C
InitRsaPkCtx(const struct HksBlob * mod,const struct HksBlob * e,mbedtls_pk_context * ctx)84 static int32_t InitRsaPkCtx(const struct HksBlob *mod, const struct HksBlob *e, mbedtls_pk_context *ctx)
85 {
86 int32_t ret = mbedtls_pk_setup(ctx, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA));
87 if (ret != HKS_MBEDTLS_SUCCESS) {
88 HKS_LOG_E("Mbedtls setup pk context failed! mbedtls ret = 0x%X", ret);
89 return ret;
90 }
91
92 mbedtls_mpi mpiN;
93 mbedtls_mpi mpiE;
94
95 mbedtls_mpi_init(&mpiN);
96 mbedtls_mpi_init(&mpiE);
97
98 do {
99 ret = mbedtls_mpi_read_binary(&mpiN, mod->data, mod->size);
100 if (ret != HKS_MBEDTLS_SUCCESS) {
101 HKS_LOG_E("Hks init rsa pk context read N failed! mbedtls ret = 0x%X", ret);
102 break;
103 }
104
105 ret = mbedtls_mpi_read_binary(&mpiE, e->data, e->size);
106 if (ret != HKS_MBEDTLS_SUCCESS) {
107 HKS_LOG_E("Hks init rsa pk context read E failed! mbedtls ret = 0x%X", ret);
108 break;
109 }
110
111 mbedtls_rsa_context *rsaCtx = mbedtls_pk_rsa(*ctx);
112 ret = mbedtls_rsa_import(rsaCtx, &mpiN, NULL, NULL, NULL, &mpiE);
113 if (ret != HKS_MBEDTLS_SUCCESS) {
114 HKS_LOG_E("Hks init rsa pk context import rsa context failed! mbedtls ret = 0x%X", ret);
115 break;
116 }
117
118 ret = mbedtls_rsa_complete(rsaCtx);
119 if (ret != HKS_MBEDTLS_SUCCESS) {
120 HKS_LOG_E("Hks init rsa pk context complete rsa context failed! mbedtls ret = 0x%X", ret);
121 }
122 } while (0);
123
124 mbedtls_mpi_free(&mpiN);
125 mbedtls_mpi_free(&mpiE);
126 return ret;
127 }
128
RsaToX509PublicKey(const struct HksBlob * mod,const struct HksBlob * e,struct HksBlob * x509Key)129 static int32_t RsaToX509PublicKey(const struct HksBlob *mod, const struct HksBlob *e, struct HksBlob *x509Key)
130 {
131 mbedtls_pk_context ctx;
132 mbedtls_pk_init(&ctx);
133
134 int32_t ret;
135 do {
136 ret = InitRsaPkCtx(mod, e, &ctx);
137 if (ret != HKS_SUCCESS) {
138 break;
139 }
140
141 ret = PkCtxToX509(&ctx, x509Key);
142 if (ret != HKS_SUCCESS) {
143 HKS_LOG_E("Pk context to rsa x509 failed! ret = 0x%X", ret);
144 }
145 } while (0);
146
147 mbedtls_pk_free(&ctx);
148 return ret;
149 }
150 #endif
151
152 #ifdef HKS_SUPPORT_ECC_C
InitEccPkCtx(uint32_t keySize,const struct HksBlob * x,const struct HksBlob * y,mbedtls_pk_context * ctx)153 static int32_t InitEccPkCtx(uint32_t keySize, const struct HksBlob *x, const struct HksBlob *y,
154 mbedtls_pk_context *ctx)
155 {
156 int32_t ret = mbedtls_pk_setup(ctx, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY));
157 if (ret != HKS_MBEDTLS_SUCCESS) {
158 HKS_LOG_E("Mbedtls setup pk context failed! mbedtls ret = 0x%X", ret);
159 return ret;
160 }
161
162 mbedtls_ecp_group_id grp_id;
163 ret = GetEccGroupId(keySize, &grp_id);
164 if (ret != HKS_SUCCESS) {
165 HKS_LOG_E("Get ecc group id failed! ret = 0x%X", ret);
166 return ret;
167 }
168
169 mbedtls_ecp_keypair *pubKey = mbedtls_pk_ec(*ctx);
170 ret = mbedtls_ecp_group_load(&(pubKey->grp), grp_id);
171 if (ret != HKS_MBEDTLS_SUCCESS) {
172 HKS_LOG_E("Hks init ecc pk context load group failed! mbedtls ret = 0x%X", ret);
173 return ret;
174 }
175
176 ret = mbedtls_mpi_read_binary(&(pubKey->Q.X), x->data, x->size);
177 if (ret != HKS_MBEDTLS_SUCCESS) {
178 HKS_LOG_E("Hks init ecc pk context read X failed! mbedtls ret = 0x%X", ret);
179 return ret;
180 }
181
182 ret = mbedtls_mpi_read_binary(&(pubKey->Q.Y), y->data, y->size);
183 if (ret != HKS_MBEDTLS_SUCCESS) {
184 HKS_LOG_E("Hks init ecc pk context read Y failed! mbedtls ret = 0x%X", ret);
185 return ret;
186 }
187
188 /* Z = 1, X and Y are its standard (affine) coordinates */
189 ret = mbedtls_mpi_lset(&(pubKey->Q.Z), 1);
190 if (ret != HKS_MBEDTLS_SUCCESS) {
191 HKS_LOG_E("Hks init ecc pk context set Z failed! mbedtls ret = 0x%X", ret);
192 return ret;
193 }
194
195 return HKS_SUCCESS;
196 }
197
EccToX509PublicKey(uint32_t keySize,const struct HksBlob * x,const struct HksBlob * y,struct HksBlob * x509Key)198 static int32_t EccToX509PublicKey(uint32_t keySize, const struct HksBlob *x, const struct HksBlob *y,
199 struct HksBlob *x509Key)
200 {
201 mbedtls_pk_context ctx;
202 mbedtls_pk_init(&ctx);
203
204 int32_t ret;
205 do {
206 ret = InitEccPkCtx(keySize, x, y, &ctx);
207 if (ret != HKS_SUCCESS) {
208 break;
209 }
210
211 ret = PkCtxToX509(&ctx, x509Key);
212 if (ret != HKS_SUCCESS) {
213 HKS_LOG_E("Pk context to ecc x509 failed! ret = 0x%X", ret);
214 }
215 } while (0);
216
217 mbedtls_pk_free(&ctx);
218 return ret;
219 }
220 #endif
221 #endif
222
223 #if defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_ED25519_C)
Curve25519ToX509PublicKey(const struct HksBlob * publicKey,struct HksBlob * x509Key)224 static int32_t Curve25519ToX509PublicKey(const struct HksBlob *publicKey, struct HksBlob *x509Key)
225 {
226 if (publicKey->size != HKS_KEY_BYTES(HKS_CURVE25519_KEY_SIZE_256)) {
227 HKS_LOG_E("Invalid public key size! key size = 0x%X", publicKey->size);
228 return HKS_ERROR_INVALID_ARGUMENT;
229 }
230
231 x509Key->data = (uint8_t *)HksMalloc(publicKey->size);
232 if (x509Key->data == NULL) {
233 HKS_LOG_E("X25519/Ed25519 to x509 public key malloc x509 key data failed!");
234 return HKS_ERROR_MALLOC_FAIL;
235 }
236
237 if (memcpy_s(x509Key->data, publicKey->size, publicKey->data, publicKey->size) != EOK) {
238 HKS_LOG_E("X25519/Ed25519 to x509 public key memcpy to x509 key data failed!");
239 HKS_FREE_PTR(x509Key->data);
240 return HKS_ERROR_BAD_STATE;
241 }
242 x509Key->size = publicKey->size;
243
244 return HKS_SUCCESS;
245 }
246 #endif
247
TranslateToX509PublicKey(const struct HksBlob * publicKey,struct HksBlob * x509Key)248 int32_t TranslateToX509PublicKey(const struct HksBlob *publicKey, struct HksBlob *x509Key)
249 {
250 #if defined(HKS_SUPPORT_RSA_C) || defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_X25519_C) || \
251 defined(HKS_SUPPORT_ED25519_C)
252 if ((publicKey == NULL) || (publicKey->data == NULL) || (publicKey->size == 0) || (x509Key == NULL)) {
253 HKS_LOG_E("translate to x509 public key invalid args");
254 return HKS_ERROR_INVALID_ARGUMENT;
255 }
256
257 if (publicKey->size < sizeof(struct HksPubKeyInfo)) {
258 HKS_LOG_E("translate to x509 public key invalid publicKey size");
259 return HKS_ERROR_INVALID_ARGUMENT;
260 }
261
262 struct HksPubKeyInfo *publicKeyInfo = (struct HksPubKeyInfo *)publicKey->data;
263 uint32_t offset = sizeof(struct HksPubKeyInfo);
264 if ((publicKey->size - offset) < publicKeyInfo->nOrXSize) {
265 HKS_LOG_E("translate to x509 public key invalid nOrXSize size");
266 return HKS_ERROR_INVALID_ARGUMENT;
267 }
268
269 struct HksBlob material1 = { publicKeyInfo->nOrXSize, publicKey->data + offset };
270 offset += publicKeyInfo->nOrXSize;
271 if ((publicKey->size - offset) < publicKeyInfo->eOrYSize) {
272 HKS_LOG_E("translate to x509 public key invalid eOrYSize size");
273 return HKS_ERROR_INVALID_ARGUMENT;
274 }
275
276 #if defined(HKS_SUPPORT_RSA_C) || defined(HKS_SUPPORT_ECC_C)
277 struct HksBlob material2 = { publicKeyInfo->eOrYSize, publicKey->data + offset };
278 #endif
279 switch (publicKeyInfo->keyAlg) {
280 #ifdef HKS_SUPPORT_RSA_C
281 case HKS_ALG_RSA:
282 return RsaToX509PublicKey(&material1, &material2, x509Key);
283 #endif
284 #ifdef HKS_SUPPORT_ECC_C
285 case HKS_ALG_ECC:
286 return EccToX509PublicKey(publicKeyInfo->keySize, &material1, &material2, x509Key);
287 #endif
288 #if defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_ED25519_C)
289 case HKS_ALG_X25519:
290 case HKS_ALG_ED25519:
291 return Curve25519ToX509PublicKey(&material1, x509Key);
292 #endif
293 default:
294 HKS_LOG_E("Unsupport alg type! type = 0x%X", publicKeyInfo->keyAlg);
295 return HKS_ERROR_INVALID_ARGUMENT;
296 }
297 #else
298 (void)publicKey;
299 (void)x509Key;
300 return HKS_ERROR_NOT_SUPPORTED;
301 #endif
302 }
303
304 #if defined(HKS_SUPPORT_RSA_C) || defined(HKS_SUPPORT_ECC_C)
305 #ifdef HKS_SUPPORT_RSA_C
CheckRsaCtx(const mbedtls_rsa_context * rsaCtx)306 static int32_t CheckRsaCtx(const mbedtls_rsa_context *rsaCtx)
307 {
308 uint32_t maxKeyByteLen = HKS_RSA_KEY_SIZE_4096 / HKS_BITS_PER_BYTE;
309 if (rsaCtx->len > maxKeyByteLen) {
310 HKS_LOG_E("Invalid mbedtls rsa context's len! len = 0x%X", rsaCtx->len);
311 return HKS_ERROR_INVALID_ARGUMENT;
312 }
313
314 return HKS_SUCCESS;
315 }
316
X509PublicKeyToRsa(mbedtls_rsa_context * rsaCtx,struct HksBlob * rsaPublicKey)317 static int32_t X509PublicKeyToRsa(mbedtls_rsa_context *rsaCtx, struct HksBlob *rsaPublicKey)
318 {
319 int32_t ret = CheckRsaCtx(rsaCtx);
320 if (ret != HKS_SUCCESS) {
321 HKS_LOG_E("Check rsa ctx failed! ret = 0x%X", ret);
322 return ret;
323 }
324
325 uint32_t nSize = rsaCtx->len;
326 uint32_t eSize = rsaCtx->len;
327
328 uint32_t totalSize = sizeof(struct HksPubKeyInfo) + nSize + eSize;
329 uint8_t *keyBuffer = (uint8_t *)HksMalloc(totalSize);
330 if (keyBuffer == NULL) {
331 HKS_LOG_E("X509 public key to rsa malloc keyBuffer failed!");
332 return HKS_ERROR_MALLOC_FAIL;
333 }
334
335 struct HksPubKeyInfo *pubKeyInfo = (struct HksPubKeyInfo *)keyBuffer;
336 pubKeyInfo->keyAlg = HKS_ALG_RSA;
337 pubKeyInfo->keySize = rsaCtx->len * HKS_BITS_PER_BYTE;
338 pubKeyInfo->nOrXSize = nSize;
339 pubKeyInfo->eOrYSize = eSize;
340 pubKeyInfo->placeHolder = 0;
341
342 ret = mbedtls_mpi_write_binary(&rsaCtx->N, keyBuffer + sizeof(struct HksPubKeyInfo), nSize);
343 if (ret != HKS_MBEDTLS_SUCCESS) {
344 HKS_LOG_E("X509 public key to rsa write N failed! mbedtls ret = 0x%X", ret);
345 HKS_FREE_PTR(keyBuffer);
346 return ret;
347 }
348
349 ret = mbedtls_mpi_write_binary(&rsaCtx->E, keyBuffer + sizeof(struct HksPubKeyInfo) + nSize, eSize);
350 if (ret != HKS_MBEDTLS_SUCCESS) {
351 HKS_LOG_E("X509 public key to rsa write E failed! mbedtls ret = 0x%X", ret);
352 HKS_FREE_PTR(keyBuffer);
353 return ret;
354 }
355
356 rsaPublicKey->data = keyBuffer;
357 rsaPublicKey->size = totalSize;
358
359 return HKS_SUCCESS;
360 }
361 #endif
362
363 #ifdef HKS_SUPPORT_ECC_C
CheckEccXySize(const uint32_t xSize,const uint32_t ySize)364 static int32_t CheckEccXySize(const uint32_t xSize, const uint32_t ySize)
365 {
366 uint32_t maxKeyByteLen = HKS_ECC_KEY_SIZE_521 / HKS_BITS_PER_BYTE;
367 if ((xSize > maxKeyByteLen) || (ySize > maxKeyByteLen)) {
368 HKS_LOG_E("Invalid ecc public key size! xSize = 0x%X, ySize = 0x%X", xSize, ySize);
369 return HKS_ERROR_INVALID_ARGUMENT;
370 }
371
372 return HKS_SUCCESS;
373 }
374
X509PublicKeyToEcc(mbedtls_ecp_keypair * pubKey,struct HksBlob * eccPublicKey)375 static int32_t X509PublicKeyToEcc(mbedtls_ecp_keypair *pubKey, struct HksBlob *eccPublicKey)
376 {
377 uint32_t xSize = mbedtls_mpi_size(&(pubKey->Q.X));
378 uint32_t ySize = mbedtls_mpi_size(&(pubKey->Q.Y));
379
380 int32_t ret = CheckEccXySize(xSize, ySize);
381 if (ret != HKS_SUCCESS) {
382 HKS_LOG_E("Check ecc public key size failed! ret = 0x%X", ret);
383 return ret;
384 }
385
386 uint32_t totalSize = sizeof(struct HksPubKeyInfo) + xSize + ySize;
387 uint8_t *keyBuffer = (uint8_t *)HksMalloc(totalSize);
388 if (keyBuffer == NULL) {
389 HKS_LOG_E("X509 public key to ecc malloc keyBuffer failed!");
390 return HKS_ERROR_MALLOC_FAIL;
391 }
392
393 if (mbedtls_mpi_size(&(pubKey->grp.P)) > UINT32_MAX / HKS_BITS_PER_BYTE) {
394 HKS_FREE_PTR(keyBuffer);
395 HKS_LOG_E("invalid param, the size is :%u", mbedtls_mpi_size(&(pubKey->grp.P)));
396 return HKS_ERROR_INVALID_ARGUMENT;
397 }
398
399 struct HksPubKeyInfo *pubKeyInfo = (struct HksPubKeyInfo *)keyBuffer;
400 pubKeyInfo->keyAlg = HKS_ALG_ECC;
401 pubKeyInfo->keySize = mbedtls_mpi_size(&(pubKey->grp.P)) * HKS_BITS_PER_BYTE;
402 pubKeyInfo->nOrXSize = xSize;
403 pubKeyInfo->eOrYSize = ySize;
404 pubKeyInfo->placeHolder = 0;
405
406 ret = mbedtls_mpi_write_binary(&(pubKey->Q.X), keyBuffer + sizeof(struct HksPubKeyInfo), xSize);
407 if (ret != HKS_MBEDTLS_SUCCESS) {
408 HKS_LOG_E("X509 public key to ecc write X failed! mbedtls ret = 0x%X", ret);
409 HKS_FREE_PTR(keyBuffer);
410 return ret;
411 }
412
413 ret = mbedtls_mpi_write_binary(&(pubKey->Q.Y), keyBuffer + sizeof(struct HksPubKeyInfo) + xSize, ySize);
414 if (ret != HKS_MBEDTLS_SUCCESS) {
415 HKS_LOG_E("X509 public key to ecc write Y failed! mbedtls ret = 0x%X", ret);
416 HKS_FREE_PTR(keyBuffer);
417 return ret;
418 }
419
420 eccPublicKey->data = keyBuffer;
421 eccPublicKey->size = totalSize;
422
423 return HKS_SUCCESS;
424 }
425 #endif
426 #endif
427
TranslateFromX509PublicKey(const struct HksBlob * x509Key,struct HksBlob * publicKey)428 int32_t TranslateFromX509PublicKey(const struct HksBlob *x509Key, struct HksBlob *publicKey)
429 {
430 #if defined(HKS_SUPPORT_RSA_C) || defined(HKS_SUPPORT_ECC_C)
431 mbedtls_pk_context ctx;
432 mbedtls_pk_init(&ctx);
433
434 int32_t ret = mbedtls_pk_parse_public_key(&ctx, x509Key->data, x509Key->size);
435 if (ret != HKS_MBEDTLS_SUCCESS) {
436 mbedtls_pk_free(&ctx);
437 return HKS_ERROR_INVALID_ARGUMENT;
438 }
439
440 /* 1: if the context can do operations on the given type. */
441 if (mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA) == 1) {
442 #ifdef HKS_SUPPORT_RSA_C
443 ret = X509PublicKeyToRsa(mbedtls_pk_rsa(ctx), publicKey);
444 #else
445 ret = HKS_ERROR_INVALID_ALGORITHM;
446 #endif
447 } else if (mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY) == 1) {
448 #ifdef HKS_SUPPORT_ECC_C
449 ret = X509PublicKeyToEcc(mbedtls_pk_ec(ctx), publicKey);
450 #else
451 ret = HKS_ERROR_INVALID_ALGORITHM;
452 #endif
453 } else {
454 HKS_LOG_E("Unsupport alg type!");
455 ret = HKS_ERROR_INVALID_ARGUMENT;
456 }
457
458 mbedtls_pk_free(&ctx);
459 return ret;
460 #else
461 (void)publicKey;
462 (void)x509Key;
463 return HKS_ERROR_NOT_SUPPORTED;
464 #endif
465 }
466
467 #if defined(HKS_SUPPORT_ED25519_C) || defined(HKS_SUPPORT_X25519_C)
TranslateToInnerCurve25519Format(const uint32_t alg,const struct HksBlob * key,struct HksBlob * publicKey)468 int32_t TranslateToInnerCurve25519Format(const uint32_t alg, const struct HksBlob *key, struct HksBlob *publicKey)
469 {
470 if (key->size != HKS_KEY_BYTES(HKS_CURVE25519_KEY_SIZE_256)) {
471 HKS_LOG_E("Invalid curve25519 public key size! key size = 0x%X", key->size);
472 return HKS_ERROR_INVALID_KEY_INFO;
473 }
474
475 uint32_t totalSize = sizeof(struct HksPubKeyInfo) + key->size;
476 uint8_t *buffer = (uint8_t *)HksMalloc(totalSize);
477 if (buffer == NULL) {
478 HKS_LOG_E("malloc failed! %u", totalSize);
479 return HKS_ERROR_MALLOC_FAIL;
480 }
481 (void)memset_s(buffer, totalSize, 0, totalSize);
482
483 struct HksPubKeyInfo *curve25519Key = (struct HksPubKeyInfo *)buffer;
484 curve25519Key->keyAlg = alg;
485 curve25519Key->keySize = HKS_CURVE25519_KEY_SIZE_256;
486 curve25519Key->nOrXSize = key->size; /* curve25519 public key */
487
488 uint32_t offset = sizeof(struct HksPubKeyInfo);
489 if (memcpy_s(buffer + offset, totalSize - offset, key->data, key->size) != EOK) {
490 HKS_LOG_E("copy pub key failed!");
491 HKS_FREE_PTR(buffer);
492 return HKS_ERROR_BAD_STATE;
493 }
494 publicKey->data = buffer;
495 publicKey->size = totalSize;
496 return HKS_SUCCESS;
497 }
498 #endif
499
500 #ifdef HKS_SUPPORT_AES_C
TranslateToInnerAesFormat(const struct HksBlob * key,struct HksBlob * outKey)501 int32_t TranslateToInnerAesFormat(const struct HksBlob *key, struct HksBlob *outKey)
502 {
503 if ((key->size != HKS_KEY_BYTES(HKS_AES_KEY_SIZE_128)) && (key->size != HKS_KEY_BYTES(HKS_AES_KEY_SIZE_256))) {
504 HKS_LOG_E("Invalid aes key size! key size = 0x%X", key->size);
505 return HKS_ERROR_INVALID_KEY_INFO;
506 }
507
508 uint8_t *keyBuffer = (uint8_t *)HksMalloc(key->size);
509 if (keyBuffer == NULL) {
510 HKS_LOG_E("public key to inner key format malloc keyBuffer failed!");
511 return HKS_ERROR_MALLOC_FAIL;
512 }
513
514 (void)memcpy_s(keyBuffer, key->size, key->data, key->size);
515 outKey->data = keyBuffer;
516 outKey->size = key->size;
517 return HKS_SUCCESS;
518 }
519 #endif
520