1 /*
2 * Copyright (C) 2021 HiSilicon (Shanghai) Technologies CO., LIMITED.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version 2
7 * of the License, or (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 */
18
19 #include "cryp_rsa.h"
20 #include "drv_osal_lib.h"
21 #include "drv_srsa.h"
22 #include "cryp_trng.h"
23 #include "mbedtls/rsa.h"
24 #include "mbedtls/bignum.h"
25 #include "securec.h"
26
27 /* Internal Structure Definition */
28 #define RSA_PKCS1_TYPE_MIN_PAD_LEN 11
29
30 /* rsa padding value 0xff. */
31 #define RSA_PADDING_VAL_FF 0xFF
32
33 /* rsa key len in bits */
34 #define RSA_BITS_1024 1024
35 #define RSA_BITS_2048 2048
36 #define RSA_BITS_3072 3072
37 #define RSA_BITS_4096 4096
38
39 /* rsa mutex */
40 static CRYPTO_MUTEX g_rsa_mutex;
41
42 #define kapi_rsa_lock_err_return() \
43 do { \
44 ret = crypto_mutex_lock(&g_rsa_mutex); \
45 if (ret != HI_SUCCESS) { \
46 hi_log_error("error, rsa lock failed\n"); \
47 return ret; \
48 } \
49 } while (0)
50
51 #define kapi_rsa_unlock() crypto_mutex_unlock(&g_rsa_mutex)
52
53 #ifdef SOFT_RSA_PADDING_SUPPORT
54 static hi_u32 g_rsa_key_ca_type = HI_CIPHER_KEY_SRC_USER;
55
56 /* API Code for cryp rsa */
mbedtls_mpi_print(const mbedtls_mpi * x,const char * name)57 static hi_void mbedtls_mpi_print(const mbedtls_mpi *x, const char *name)
58 {
59 #ifdef CIPHER_DEBUG_SUPPORT
60 int ret;
61 size_t n;
62 hi_u8 buf[RSA_KEY_WIDTH_4096] = {0};
63
64 n = mbedtls_mpi_size(x);
65 if (n > RSA_KEY_WIDTH_4096) {
66 hi_log_error("length overflow!\n");
67 return;
68 }
69 MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(x, buf, n));
70 hi_print_hex(name, (hi_u8 *)buf, n);
71
72 cleanup:
73 return;
74 #else
75 crypto_unused(x);
76 crypto_unused(name);
77 return;
78 #endif
79 }
80
81 #ifdef CHIP_RSA_SUPPORT
rsa_get_klen(unsigned long module_len,hi_u32 * keylen,rsa_key_width * width)82 static hi_s32 rsa_get_klen(unsigned long module_len, hi_u32 *keylen, rsa_key_width *width)
83 {
84 if (module_len > RSA_KEY_LEN_4096) {
85 hi_log_error("error, invalid key len %lu\n", module_len);
86 hi_log_print_err_code(HI_ERR_CIPHER_INVALID_PARAM);
87 return HI_ERR_CIPHER_INVALID_PARAM;
88 #ifdef CHIP_RSA1024_SUPPORT
89 } else if (module_len <= RSA_KEY_LEN_1024) {
90 *keylen = RSA_KEY_LEN_1024;
91 *width = RSA_KEY_WIDTH_1024;
92 #endif
93 } else if (module_len <= RSA_KEY_LEN_2048) {
94 *keylen = RSA_KEY_LEN_2048;
95 *width = RSA_KEY_WIDTH_2048;
96 #ifdef CHIP_RSA3072_SUPPORT
97 } else if (module_len <= RSA_KEY_LEN_3072) {
98 *keylen = RSA_KEY_LEN_3072;
99 *width = RSA_KEY_WIDTH_3072;
100 #endif
101 } else {
102 *keylen = RSA_KEY_LEN_4096;
103 *width = RSA_KEY_WIDTH_4096;
104 }
105
106 return HI_SUCCESS;
107 }
108
cryp_check_data(const hi_u8 * n,const hi_u8 * e,const hi_u8 * mc,hi_u32 len)109 static hi_s32 cryp_check_data(const hi_u8 *n, const hi_u8 *e, const hi_u8 *mc, hi_u32 len)
110 {
111 hi_u32 i;
112
113 /* MC > 0 */
114 for (i = 0; i < len; i++) {
115 if (mc[i] > 0) {
116 break;
117 }
118 }
119 if (i >= len) {
120 hi_log_error("RSA M/C is zero, error!\n");
121 hi_log_print_err_code(HI_ERR_CIPHER_INVALID_PARAM);
122 return HI_ERR_CIPHER_INVALID_PARAM;
123 }
124
125 /* MC < N */
126 for (i = 0; i < len; i++) {
127 if (mc[i] < n[i]) {
128 break;
129 }
130 }
131 if (i >= len) {
132 hi_log_error("RSA M/C is larger than N, error!\n");
133 hi_log_print_err_code(HI_ERR_CIPHER_INVALID_PARAM);
134 return HI_ERR_CIPHER_INVALID_PARAM;
135 }
136
137 /* E >= 1 */
138 for (i = 0; i < len; i++) {
139 if (e[i] > 0) {
140 break;
141 }
142 }
143 if (i >= len) {
144 hi_log_error("RSA D/E is zero, error!\n");
145 hi_log_print_err_code(HI_ERR_CIPHER_INVALID_PARAM);
146 return HI_ERR_CIPHER_INVALID_PARAM;
147 }
148
149 return HI_SUCCESS;
150 }
151
cryp_ifep_rsa_exp_mod(hi_u32 ca_type,mbedtls_mpi * x,const mbedtls_mpi * a,const mbedtls_mpi * e,const mbedtls_mpi * n)152 static int cryp_ifep_rsa_exp_mod(hi_u32 ca_type, mbedtls_mpi *x, const mbedtls_mpi *a,
153 const mbedtls_mpi *e, const mbedtls_mpi *n)
154 {
155 hi_u32 module_len;
156 hi_u8 *buf = HI_NULL;
157 hi_u8 *tmp_n = HI_NULL;
158 hi_u8 *k = HI_NULL;
159 hi_u8 *in = HI_NULL;
160 hi_u8 *out = HI_NULL;
161 hi_u32 keylen = 0;
162 rsa_key_width width = 0;
163 mbedtls_mpi tmp_a;
164 hi_s32 ret;
165
166 hi_log_func_enter();
167
168 /* computes valid bits of N */
169 module_len = crypto_max(mbedtls_mpi_size(n), mbedtls_mpi_size(e));
170
171 ret = rsa_get_klen(module_len, &keylen, &width);
172 if (ret != HI_SUCCESS) {
173 hi_log_print_func_err(rsa_get_klen, ret);
174 return ret;
175 }
176
177 /* malloc buf to store n || k(e or d) || in || out */
178 buf = crypto_calloc(MUL_VAL_4, keylen);
179 if (buf == HI_NULL) {
180 hi_log_print_func_err(crypto_calloc, HI_ERR_CIPHER_FAILED_MEM);
181 return HI_ERR_CIPHER_FAILED_MEM;
182 }
183
184 tmp_n = buf;
185 k = tmp_n + keylen;
186 in = k + keylen;
187 out = in + keylen;
188
189 mbedtls_mpi_init(&tmp_a);
190 crypto_chk_err_goto(mbedtls_mpi_mod_mpi(&tmp_a, a, n));
191
192 /* read A, E, N */
193 crypto_chk_err_goto(mbedtls_mpi_write_binary(&tmp_a, in, keylen));
194 crypto_chk_err_goto(mbedtls_mpi_write_binary(e, k, keylen));
195 crypto_chk_err_goto(mbedtls_mpi_write_binary(n, tmp_n, keylen));
196
197 /* key and data valid ? */
198 crypto_chk_err_goto(cryp_check_data(tmp_n, k, in, keylen));
199
200 /* out = in ^ k mod n */
201 ret = drv_ifep_rsa_exp_mod(ca_type, tmp_n, k, in, out, width);
202 if (ret == HI_SUCCESS) {
203 /* write d */
204 mbedtls_mpi_read_binary(x, out, keylen);
205 }
206
207 exit__:
208 mbedtls_mpi_free(&tmp_a);
209 crypto_free(buf);
210 buf = HI_NULL;
211
212 hi_log_func_exit();
213
214 return ret;
215 }
216 #endif
217
mbedtls_mpi_exp_mod(mbedtls_mpi * x,const mbedtls_mpi * a,const mbedtls_mpi * e,const mbedtls_mpi * n,mbedtls_mpi * rr)218 int mbedtls_mpi_exp_mod(mbedtls_mpi *x, const mbedtls_mpi *a, const mbedtls_mpi *e, const mbedtls_mpi *n,
219 mbedtls_mpi *rr)
220 {
221 hi_s32 ret;
222 #if defined(CHIP_IFEP_RSA_VER_V100)
223 hi_u32 elen;
224 #endif
225
226 hi_log_func_enter();
227
228 hi_log_chk_param_return(x == HI_NULL);
229 hi_log_chk_param_return(a == HI_NULL);
230 hi_log_chk_param_return(e == HI_NULL);
231 hi_log_chk_param_return(n == HI_NULL);
232
233 mbedtls_mpi_print(a, "M");
234 mbedtls_mpi_print(e, "E");
235 mbedtls_mpi_print(n, "N");
236
237 #if defined(CHIP_IFEP_RSA_VER_V100)
238 elen = mbedtls_mpi_size(e);
239 if (elen <= RSA_KEY_LEN_4096) {
240 /* The private key may be not from user when generate rsa key pare
241 * in this case use klad key will failed.
242 */
243 ret = cryp_ifep_rsa_exp_mod(g_rsa_key_ca_type, x, a, e, n);
244 } else {
245 if (g_rsa_key_ca_type != HI_CIPHER_KEY_SRC_USER) {
246 hi_log_error("software rsa nonsupport klad key\n");
247 return HI_ERR_CIPHER_ILLEGAL_KEY;
248 }
249
250 ret = mbedtls_mpi_exp_mod_sw(x, a, e, n, rr);
251 }
252 #else
253 if (g_rsa_key_ca_type != HI_CIPHER_KEY_SRC_USER) {
254 hi_log_error("sofrware rsa nonsupport klad key\n");
255 return HI_ERR_CIPHER_ILLEGAL_KEY;
256 }
257
258 ret = mbedtls_mpi_exp_mod_sw(x, a, e, n, rr);
259 #endif
260 mbedtls_mpi_print(x, "X");
261
262 if (ret != HI_SUCCESS) {
263 hi_log_error("rsa mpi_exp_mod failed, ret = 0x%x\n", ret);
264 return ret;
265 }
266
267 hi_log_func_exit();
268 return HI_SUCCESS;
269 }
270
mbedtls_get_random(hi_void * param,hi_u8 * rand,size_t size)271 int mbedtls_get_random(hi_void *param, hi_u8 *rand, size_t size)
272 {
273 hi_s32 ret;
274 hi_u32 i, randnum, left_size;
275
276 crypto_unused(param);
277
278 hi_log_chk_param_return(rand == HI_NULL);
279
280 for (i = 0; i < (hi_u32)size; i += WORD_WIDTH) {
281 ret = cryp_trng_get_random(&randnum, CRYP_TRNG_TIMEOUT);
282 if (ret != HI_SUCCESS) {
283 hi_log_print_func_err(cryp_trng_get_random, ret);
284 return ret;
285 }
286
287 left_size = (size - i) > WORD_WIDTH ? WORD_WIDTH : (size - i);
288 switch (left_size) {
289 case WORD_IDX_4:
290 rand[i + WORD_IDX_3] = (hi_u8)(randnum >> SHIFT_24BITS) & MAX_LOW_8BITS;
291 /* fall through */
292 case WORD_IDX_3:
293 rand[i + WORD_IDX_2] = (hi_u8)(randnum >> SHIFT_16BITS) & MAX_LOW_8BITS;
294 /* fall through */
295 case WORD_IDX_2:
296 rand[i + WORD_IDX_1] = (hi_u8)(randnum >> SHIFT_8BITS) & MAX_LOW_8BITS;
297 /* fall through */
298 case WORD_IDX_1:
299 rand[i + WORD_IDX_0] = (hi_u8)(randnum) & MAX_LOW_8BITS;
300 break;
301 default:
302 hi_log_error("left size %u is error\n", left_size);
303 return HI_ERR_CIPHER_INVALID_LEN;
304 }
305 }
306
307 return HI_SUCCESS;
308 }
309
cryp_rsa_deinit_key(mbedtls_rsa_context * rsa)310 static hi_void cryp_rsa_deinit_key(mbedtls_rsa_context *rsa)
311 {
312 hi_log_func_enter();
313
314 mbedtls_mpi_free(&rsa->N);
315 mbedtls_mpi_free(&rsa->E);
316 mbedtls_mpi_free(&rsa->D);
317 mbedtls_mpi_free(&rsa->P);
318 mbedtls_mpi_free(&rsa->Q);
319 mbedtls_mpi_free(&rsa->DP);
320 mbedtls_mpi_free(&rsa->DQ);
321 mbedtls_mpi_free(&rsa->QP);
322
323 hi_log_func_exit();
324 }
325
cryp_rsa_init_key(const cryp_rsa_key * key,hi_u32 * mode,mbedtls_rsa_context * rsa)326 static hi_s32 cryp_rsa_init_key(const cryp_rsa_key *key, hi_u32 *mode, mbedtls_rsa_context *rsa)
327 {
328 hi_s32 ret;
329
330 hi_log_func_enter();
331
332 mbedtls_mpi_init(&rsa->N);
333 mbedtls_mpi_init(&rsa->E);
334 mbedtls_mpi_init(&rsa->D);
335 mbedtls_mpi_init(&rsa->P);
336 mbedtls_mpi_init(&rsa->Q);
337 mbedtls_mpi_init(&rsa->DP);
338 mbedtls_mpi_init(&rsa->DQ);
339 mbedtls_mpi_init(&rsa->QP);
340
341 crypto_chk_err_goto(mbedtls_mpi_read_binary(&rsa->N, key->n, key->klen));
342 rsa->len = ((mbedtls_mpi_bitlen(&rsa->N) + 7) >> SHIFT_3BITS); /* 7 make sure to round up */
343 if ((rsa->len < RSA_MIN_KEY_LEN) || (rsa->len > RSA_MAX_KEY_LEN)) {
344 hi_log_error("RSA invalid keylen: 0x%x!\n", (hi_u32)rsa->len);
345 hi_log_print_err_code(HI_ERR_CIPHER_INVALID_PARAM);
346 ret = HI_ERR_CIPHER_INVALID_PARAM;
347 goto exit__;
348 }
349
350 if (key->public) {
351 crypto_chk_err_goto(mbedtls_mpi_read_binary(&rsa->E, (hi_u8 *)&key->e, WORD_WIDTH));
352 *mode = MBEDTLS_RSA_PUBLIC;
353 } else {
354 if (key->d != HI_NULL) { /* Non CRT */
355 crypto_chk_err_goto(mbedtls_mpi_read_binary(&rsa->D, key->d, key->klen));
356 *mode = MBEDTLS_RSA_PRIVATE;
357 } else { /* CRT */
358 crypto_chk_err_goto(mbedtls_mpi_read_binary(&rsa->P, key->p, key->klen / MUL_VAL_2));
359 crypto_chk_err_goto(mbedtls_mpi_read_binary(&rsa->Q, key->q, key->klen / MUL_VAL_2));
360 crypto_chk_err_goto(mbedtls_mpi_read_binary(&rsa->DP, key->dp, key->klen / MUL_VAL_2));
361 crypto_chk_err_goto(mbedtls_mpi_read_binary(&rsa->DQ, key->dq, key->klen / MUL_VAL_2));
362 crypto_chk_err_goto(mbedtls_mpi_read_binary(&rsa->QP, key->qp, key->klen / MUL_VAL_2));
363 *mode = MBEDTLS_RSA_PRIVATE;
364 }
365 }
366
367 g_rsa_key_ca_type = key->ca_type;
368
369 hi_log_debug("mode %u, e 0x%x\n", *mode, key->e);
370
371 hi_log_func_exit();
372 return HI_SUCCESS;
373
374 exit__:
375 cryp_rsa_deinit_key(rsa);
376
377 return ret;
378 }
379
cryp_rsa_get_alg(hi_u32 scheme,int * padding,int * hash_id,int * hashlen)380 static hi_s32 cryp_rsa_get_alg(hi_u32 scheme, int *padding, int *hash_id, int *hashlen)
381 {
382 switch (scheme) {
383 case HI_CIPHER_RSA_ENCRYPT_SCHEME_NO_PADDING:
384 case HI_CIPHER_RSA_ENCRYPT_SCHEME_BLOCK_TYPE_0:
385 case HI_CIPHER_RSA_ENCRYPT_SCHEME_BLOCK_TYPE_1:
386 case HI_CIPHER_RSA_ENCRYPT_SCHEME_BLOCK_TYPE_2:
387 *padding = 0x00;
388 *hash_id = 0;
389 *hashlen = 0;
390 break;
391 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_PKCS1_V1_5:
392 *padding = MBEDTLS_RSA_PKCS_V15;
393 *hash_id = 0;
394 *hashlen = 0;
395 break;
396 case HI_CIPHER_RSA_SIGN_SCHEME_RSASSA_PKCS1_V15_SHA1:
397 *padding = MBEDTLS_RSA_PKCS_V15;
398 *hash_id = MBEDTLS_MD_SHA1;
399 *hashlen = SHA1_RESULT_SIZE;
400 break;
401 case HI_CIPHER_RSA_SIGN_SCHEME_RSASSA_PKCS1_V15_SHA224:
402 *padding = MBEDTLS_RSA_PKCS_V15;
403 *hash_id = MBEDTLS_MD_SHA224;
404 *hashlen = SHA224_RESULT_SIZE;
405 break;
406 case HI_CIPHER_RSA_SIGN_SCHEME_RSASSA_PKCS1_V15_SHA256:
407 *padding = MBEDTLS_RSA_PKCS_V15;
408 *hash_id = MBEDTLS_MD_SHA256;
409 *hashlen = SHA256_RESULT_SIZE;
410 break;
411 case HI_CIPHER_RSA_SIGN_SCHEME_RSASSA_PKCS1_V15_SHA384:
412 *padding = MBEDTLS_RSA_PKCS_V15;
413 *hash_id = MBEDTLS_MD_SHA384;
414 *hashlen = SHA384_RESULT_SIZE;
415 break;
416 case HI_CIPHER_RSA_SIGN_SCHEME_RSASSA_PKCS1_V15_SHA512:
417 *padding = MBEDTLS_RSA_PKCS_V15;
418 *hash_id = MBEDTLS_MD_SHA512;
419 *hashlen = SHA512_RESULT_SIZE;
420 break;
421 case HI_CIPHER_RSA_SIGN_SCHEME_RSASSA_PKCS1_PSS_SHA1:
422 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_OAEP_SHA1:
423 *padding = MBEDTLS_RSA_PKCS_V21;
424 *hash_id = MBEDTLS_MD_SHA1;
425 *hashlen = SHA1_RESULT_SIZE;
426 break;
427 case HI_CIPHER_RSA_SIGN_SCHEME_RSASSA_PKCS1_PSS_SHA224:
428 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_OAEP_SHA224:
429 *padding = MBEDTLS_RSA_PKCS_V21;
430 *hash_id = MBEDTLS_MD_SHA224;
431 *hashlen = SHA224_RESULT_SIZE;
432 break;
433 case HI_CIPHER_RSA_SIGN_SCHEME_RSASSA_PKCS1_PSS_SHA256:
434 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_OAEP_SHA256:
435 *padding = MBEDTLS_RSA_PKCS_V21;
436 *hash_id = MBEDTLS_MD_SHA256;
437 *hashlen = SHA256_RESULT_SIZE;
438 break;
439 case HI_CIPHER_RSA_SIGN_SCHEME_RSASSA_PKCS1_PSS_SHA384:
440 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_OAEP_SHA384:
441 *padding = MBEDTLS_RSA_PKCS_V21;
442 *hash_id = MBEDTLS_MD_SHA384;
443 *hashlen = SHA384_RESULT_SIZE;
444 break;
445 case HI_CIPHER_RSA_SIGN_SCHEME_RSASSA_PKCS1_PSS_SHA512:
446 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_OAEP_SHA512:
447 *padding = MBEDTLS_RSA_PKCS_V21;
448 *hash_id = MBEDTLS_MD_SHA512;
449 *hashlen = SHA512_RESULT_SIZE;
450 break;
451 default:
452 hi_log_error("RSA padding mode error, mode = 0x%x.\n", scheme);
453 hi_log_print_err_code(HI_ERR_CIPHER_INVALID_PARAM);
454 return HI_ERR_CIPHER_INVALID_PARAM;
455 }
456
457 hi_log_debug("padding %d, hash_id %d, hashlen %d\n", *padding, *hash_id, *hashlen);
458 return HI_SUCCESS;
459 }
460
461 /*
462 * PKCS #1: block type 0, 1, 2 message padding.
463 * description: EB = 00 || BT || PS || 00 || D
464 * description: PS_LEN >= 8, mlen < key_len - 11
465 */
ext_rsa_calc(mbedtls_rsa_context * rsa,hi_u32 mode,const hi_u8 * in,hi_u8 * out,hi_u32 len)466 static hi_s32 ext_rsa_calc(mbedtls_rsa_context *rsa, hi_u32 mode, const hi_u8 *in, hi_u8 *out, hi_u32 len)
467 {
468 hi_s32 ret;
469
470 crypto_unused(len);
471
472 if (mode == MBEDTLS_RSA_PUBLIC) {
473 ret = mbedtls_rsa_public(rsa, in, out);
474 if (ret != HI_SUCCESS) {
475 hi_log_print_func_err(mbedtls_rsa_public, ret);
476 return HI_ERR_CIPHER_RSA_CRYPT_FAILED;
477 }
478 } else {
479 ret = mbedtls_rsa_private(rsa, HI_NULL, 0, in, out);
480 if (ret != HI_SUCCESS) {
481 hi_log_print_func_err(mbedtls_rsa_private, ret);
482 return HI_ERR_CIPHER_RSA_CRYPT_FAILED;
483 }
484 }
485
486 return HI_SUCCESS;
487 }
488
rsa_pkcs1_block_padding(hi_u8 bt,hi_u8 * buf,hi_u32 buf_len)489 static hi_s32 rsa_pkcs1_block_padding(hi_u8 bt, hi_u8 *buf, hi_u32 buf_len)
490 {
491 switch (bt) {
492 case RSA_BLOCK_TYPE_0:
493 /* For block type 00, the octets shall have value 0x00 */
494 (hi_void)memset_s(buf, buf_len, 0x00, buf_len);
495 break;
496 case RSA_BLOCK_TYPE_1:
497 /* for block type 01, they shall have value 0xFF */
498 (hi_void)memset_s(buf, buf_len, RSA_PADDING_VAL_FF, buf_len);
499 break;
500 case RSA_BLOCK_TYPE_2: {
501 hi_u32 i;
502
503 /* for block type 02, they shall be pseudorandomly generated and nonzero. */
504 (hi_void)mbedtls_get_random(HI_NULL, buf, buf_len);
505
506 /* make sure nonzero */
507 for (i = 0; i < buf_len; i++) {
508 if (buf[i] == 0) {
509 buf[i] = CRYPTO_NUM_1;
510 }
511 }
512 break;
513 }
514 default: {
515 hi_log_error("BT(0x%x) is invalid.\n", buf_len);
516 hi_log_print_err_code(HI_ERR_CIPHER_INVALID_PARAM);
517 return HI_ERR_CIPHER_INVALID_PARAM;
518 }
519 }
520
521 return HI_SUCCESS;
522 }
523
rsa_padding_add_pkcs1_type(mbedtls_rsa_context * rsa,rsa_padding_pack * pad)524 static hi_s32 rsa_padding_add_pkcs1_type(mbedtls_rsa_context *rsa, rsa_padding_pack *pad)
525 {
526 hi_s32 ret;
527 hi_u32 plen;
528 hi_u8 *peb = HI_NULL;
529
530 hi_log_func_enter();
531
532 crypto_unused(pad->out_len);
533
534 if (pad->in_len > pad->klen - RSA_PKCS1_TYPE_MIN_PAD_LEN) {
535 hi_log_print_err_code(HI_ERR_CIPHER_INVALID_PARAM);
536 return HI_ERR_CIPHER_INVALID_PARAM;
537 }
538
539 peb = pad->out;
540
541 /* first byte is 0x00 */
542 *(peb++) = 0;
543
544 /* Private Key BT (Block Type) */
545 *(peb++) = pad->bt;
546
547 /*
548 * The padding string PS shall consist of k-3-||D|| octets, 3 bytes is used by 0x00||BT||...||0x00, the last 0
549 * follow PS.
550 */
551 plen = pad->klen - CRYPTO_NUM_3 - pad->in_len;
552
553 ret = rsa_pkcs1_block_padding(pad->bt, peb, plen);
554 if (ret != HI_SUCCESS) {
555 hi_log_print_func_err(rsa_pkcs1_block_padding, ret);
556 return ret;
557 }
558
559 /* skip the padding string */
560 peb += plen;
561
562 /* set 0x00 follow PS */
563 *(peb++) = 0x00;
564
565 /* input data */
566 if (memcpy_s(peb, pad->klen - (peb - pad->out), pad->in, pad->in_len) != EOK) {
567 hi_log_print_func_err(memcpy_s, HI_ERR_CIPHER_MEMCPY_S_FAILED);
568 return HI_ERR_CIPHER_MEMCPY_S_FAILED;
569 }
570
571 ret = ext_rsa_calc(rsa, pad->mode, pad->out, pad->out, *pad->out_len);
572 if (ret != HI_SUCCESS) {
573 hi_log_print_func_err(ext_rsa_calc, ret);
574 return ret;
575 }
576
577 hi_log_func_exit();
578 return HI_SUCCESS;
579 }
580
581 /*
582 * PKCS #1: block type 0, 1, 2 message padding.
583 * description: EB = 00 || BT || PS || 00 || D.
584 * description: PS_LEN >= 8, mlen < key_len - 11.
585 */
rsa_pkcs1_chk_block_padding(hi_u8 * peb,hi_u32 * idx,rsa_padding_pack * pad)586 static hi_s32 rsa_pkcs1_chk_block_padding(hi_u8 *peb, hi_u32 *idx, rsa_padding_pack *pad)
587 {
588 hi_u32 offset = *idx;
589
590 switch (pad->bt) {
591 case RSA_BLOCK_TYPE_0:
592 /* For block type 00, the octets shall have value 00 */
593 for (; offset < pad->in_len - 1; offset++) {
594 if ((peb[offset] == 0x00) && (peb[offset + 1] != 0)) {
595 break;
596 }
597 }
598 break;
599 case RSA_BLOCK_TYPE_1:
600 /* For block type 0x01 the octets shall have value 0xFF */
601 for (; offset < pad->in_len - 1; offset++) {
602 if (peb[offset] == 0xFF) {
603 continue;
604 } else if (peb[offset] == 0x00) {
605 break;
606 } else {
607 offset = pad->in_len - 1;
608 break;
609 }
610 }
611 break;
612 case RSA_BLOCK_TYPE_2:
613 /* for block type 02, they shall be pseudorandomly generated and nonzero. */
614 for (; offset < pad->in_len - 1; offset++) {
615 if (peb[offset] == 0) {
616 break;
617 }
618 }
619 break;
620 default:
621 hi_log_error("BT(0x%x) is invalid.\n", pad->bt);
622 hi_log_print_err_code(HI_ERR_CIPHER_INVALID_PARAM);
623 return HI_ERR_CIPHER_INVALID_PARAM;
624 }
625
626 if (offset >= pad->in_len - 1) {
627 hi_log_error("PS Error.\n");
628 hi_log_print_err_code(HI_ERR_CIPHER_INVALID_PARAM);
629 return HI_ERR_CIPHER_INVALID_PARAM;
630 }
631
632 *idx = offset;
633 return HI_SUCCESS;
634 }
635
rsa_padding_check_pkcs1_type(mbedtls_rsa_context * rsa,rsa_padding_pack * pad)636 static hi_s32 rsa_padding_check_pkcs1_type(mbedtls_rsa_context *rsa, rsa_padding_pack *pad)
637 {
638 hi_s32 ret;
639 hi_u8 *peb = HI_NULL;
640 hi_u32 idx;
641
642 hi_log_func_enter();
643
644 ret = ext_rsa_calc(rsa, pad->mode, pad->in, pad->in, pad->in_len);
645 if (ret != HI_SUCCESS) {
646 hi_log_print_func_err(ext_rsa_calc, ret);
647 return ret;
648 }
649
650 *(pad->out_len) = 0x00;
651 peb = pad->in;
652 idx = 0;
653
654 /* first byte must be 0x00 */
655 if (peb[idx] != 0x00) {
656 hi_log_error("EB[0] != 0x00.\n");
657 hi_log_print_err_code(HI_ERR_CIPHER_INVALID_PARAM);
658 return HI_ERR_CIPHER_INVALID_PARAM;
659 }
660 idx++;
661
662 /* Private Key BT (Block Type) */
663 if (peb[idx] != pad->bt) {
664 hi_log_error("EB[1] != BT(0x%x).\n", pad->bt);
665 hi_log_print_err_code(HI_ERR_CIPHER_INVALID_PARAM);
666 return HI_ERR_CIPHER_INVALID_PARAM;
667 }
668 idx++;
669
670 /* Block Type padding. */
671 ret = rsa_pkcs1_chk_block_padding(peb, &idx, pad);
672 if (ret != HI_SUCCESS) {
673 hi_log_print_func_err(rsa_pkcs1_chk_block_padding, ret);
674 return ret;
675 }
676
677 /* skip 0x00 after PS */
678 idx++;
679
680 /* get payload data */
681 *(pad->out_len) = pad->klen - idx;
682 if (memcpy_s(pad->out, pad->klen, &peb[idx], *(pad->out_len)) != EOK) {
683 hi_log_print_func_err(memcpy_s, HI_ERR_CIPHER_MEMCPY_S_FAILED);
684 return HI_ERR_CIPHER_MEMCPY_S_FAILED;
685 }
686
687 hi_log_func_exit();
688 return HI_SUCCESS;
689 }
690
rsa_no_padding(mbedtls_rsa_context * rsa,rsa_padding_pack * no_pad)691 static hi_s32 rsa_no_padding(mbedtls_rsa_context *rsa, rsa_padding_pack *no_pad)
692 {
693 hi_s32 ret;
694
695 hi_log_func_enter();
696
697 /* NO PADDING scheme inlen must be the same as klen */
698 hi_log_chk_param_return(no_pad->in_len != no_pad->klen);
699
700 ret = ext_rsa_calc(rsa, no_pad->mode, no_pad->in, no_pad->out, no_pad->in_len);
701 if (ret != HI_SUCCESS) {
702 hi_log_print_func_err(ext_rsa_calc, ret);
703 return ret;
704 }
705
706 hi_log_func_exit();
707 return HI_SUCCESS;
708 }
709
ext_rsa_encrypt(hi_cipher_rsa_encrypt_scheme scheme,mbedtls_rsa_context * rsa,rsa_padding_pack * pad)710 static hi_s32 ext_rsa_encrypt(hi_cipher_rsa_encrypt_scheme scheme, mbedtls_rsa_context *rsa, rsa_padding_pack *pad)
711 {
712 hi_s32 ret;
713
714 switch (scheme) {
715 case HI_CIPHER_RSA_ENCRYPT_SCHEME_NO_PADDING:
716 ret = rsa_no_padding(rsa, pad);
717 if (ret != HI_SUCCESS) {
718 hi_log_print_func_err(rsa_no_padding, ret);
719 return ret;
720 }
721 break;
722 case HI_CIPHER_RSA_ENCRYPT_SCHEME_BLOCK_TYPE_0:
723 case HI_CIPHER_RSA_ENCRYPT_SCHEME_BLOCK_TYPE_1:
724 case HI_CIPHER_RSA_ENCRYPT_SCHEME_BLOCK_TYPE_2:
725 pad->bt = scheme - HI_CIPHER_RSA_ENCRYPT_SCHEME_BLOCK_TYPE_0;
726 ret = rsa_padding_add_pkcs1_type(rsa, pad);
727 if (ret != HI_SUCCESS) {
728 hi_log_print_func_err(rsa_padding_add_pkcs1_type, ret);
729 return ret;
730 }
731 break;
732 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_OAEP_SHA1:
733 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_OAEP_SHA224:
734 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_OAEP_SHA256:
735 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_OAEP_SHA384:
736 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_OAEP_SHA512:
737 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_PKCS1_V1_5:
738 ret = mbedtls_rsa_pkcs1_encrypt(rsa, mbedtls_get_random, HI_NULL, pad->mode, pad->in_len, pad->in,
739 pad->out);
740 if (ret != HI_SUCCESS) {
741 hi_log_print_func_err(mbedtls_rsa_pkcs1_encrypt, ret);
742 return ret;
743 }
744 break;
745 default:
746 hi_log_error("RSA padding mode error, mode = 0x%x.\n", scheme);
747 hi_log_print_err_code(HI_ERR_CIPHER_INVALID_PARAM);
748 return HI_ERR_CIPHER_INVALID_PARAM;
749 }
750
751 return HI_SUCCESS;
752 }
753
cryp_rsa_encrypt(const cryp_rsa_key * key,cryp_rsa_crypt_data * rsa_crypt)754 hi_s32 cryp_rsa_encrypt(const cryp_rsa_key *key, cryp_rsa_crypt_data *rsa_crypt)
755 {
756 hi_s32 ret;
757 int padding = 0;
758 int hash_id = 0;
759 int hashlen = 0;
760 mbedtls_rsa_context rsa;
761 rsa_padding_pack pad;
762
763 hi_log_func_enter();
764
765 hi_log_chk_param_return(key == HI_NULL);
766 hi_log_chk_param_return(rsa_crypt == HI_NULL);
767 hi_log_chk_param_return(rsa_crypt->in == HI_NULL);
768 hi_log_chk_param_return(rsa_crypt->out == HI_NULL);
769 hi_log_chk_param_return(key->klen > RSA_KEY_LEN_4096);
770 hi_log_chk_param_return(rsa_crypt->in_len > key->klen);
771 hi_log_chk_param_return(key->ca_type >= HI_CIPHER_KEY_SRC_BUTT);
772
773 ret = cryp_rsa_get_alg(rsa_crypt->scheme, &padding, &hash_id, &hashlen);
774 if (ret != HI_SUCCESS) {
775 hi_log_print_func_err(cryp_rsa_get_alg, ret);
776 return ret;
777 }
778
779 kapi_rsa_lock_err_return();
780
781 mbedtls_rsa_init(&rsa, padding, hash_id);
782 (hi_void)memset_s(&pad, sizeof(pad), 0, sizeof(pad));
783
784 ret = cryp_rsa_init_key(key, &pad.mode, &rsa);
785 if (ret != HI_SUCCESS) {
786 hi_log_print_func_err(cryp_rsa_init_key, ret);
787 kapi_rsa_unlock();
788 return ret;
789 }
790
791 pad.in = rsa_crypt->in;
792 pad.in_len = rsa_crypt->in_len;
793 pad.out = rsa_crypt->out;
794 pad.out_len = &rsa_crypt->out_len;
795 pad.klen = key->klen;
796 ret = ext_rsa_encrypt(rsa_crypt->scheme, &rsa, &pad);
797 if (ret != HI_SUCCESS) {
798 hi_log_print_func_err(ext_rsa_encrypt, ret);
799 cryp_rsa_deinit_key(&rsa);
800 kapi_rsa_unlock();
801 return ret;
802 }
803
804 rsa_crypt->out_len = key->klen;
805 cryp_rsa_deinit_key(&rsa);
806 kapi_rsa_unlock();
807 hi_log_func_exit();
808 return ret;
809 }
810
ext_rsa_decrypt(hi_cipher_rsa_encrypt_scheme scheme,mbedtls_rsa_context * rsa,rsa_padding_pack * pad)811 static hi_s32 ext_rsa_decrypt(hi_cipher_rsa_encrypt_scheme scheme, mbedtls_rsa_context *rsa, rsa_padding_pack *pad)
812 {
813 hi_s32 ret;
814 size_t out_size = 0;
815
816 switch (scheme) {
817 case HI_CIPHER_RSA_ENCRYPT_SCHEME_NO_PADDING:
818 ret = rsa_no_padding(rsa, pad);
819 if (ret != HI_SUCCESS) {
820 hi_log_print_func_err(rsa_no_padding, ret);
821 return ret;
822 }
823 *pad->out_len = pad->klen;
824 break;
825 case HI_CIPHER_RSA_ENCRYPT_SCHEME_BLOCK_TYPE_0:
826 case HI_CIPHER_RSA_ENCRYPT_SCHEME_BLOCK_TYPE_1:
827 case HI_CIPHER_RSA_ENCRYPT_SCHEME_BLOCK_TYPE_2:
828 pad->bt = scheme - HI_CIPHER_RSA_ENCRYPT_SCHEME_BLOCK_TYPE_0;
829 ret = rsa_padding_check_pkcs1_type(rsa, pad);
830 if (ret != HI_SUCCESS) {
831 hi_log_print_func_err(rsa_padding_check_pkcs1_type, ret);
832 hi_log_print_err_code(HI_ERR_CIPHER_FAILED_DECRYPT);
833 return HI_ERR_CIPHER_FAILED_DECRYPT;
834 }
835 break;
836 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_OAEP_SHA1:
837 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_OAEP_SHA224:
838 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_OAEP_SHA256:
839 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_OAEP_SHA384:
840 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_OAEP_SHA512:
841 case HI_CIPHER_RSA_ENCRYPT_SCHEME_RSAES_PKCS1_V1_5:
842 ret = mbedtls_rsa_pkcs1_decrypt(rsa, mbedtls_get_random, HI_NULL, pad->mode, &out_size,
843 pad->in, pad->out, pad->klen);
844 *pad->out_len = (hi_u32)out_size;
845 if (ret != HI_SUCCESS) {
846 hi_log_print_func_err(mbedtls_rsa_pkcs1_decrypt, ret);
847 hi_log_print_err_code(HI_ERR_CIPHER_FAILED_DECRYPT);
848 return HI_ERR_CIPHER_FAILED_DECRYPT;
849 }
850 break;
851 default:
852 hi_log_error("RSA padding mode error, mode = 0x%x.\n", scheme);
853 hi_log_print_err_code(HI_ERR_CIPHER_INVALID_PARAM);
854 return HI_ERR_CIPHER_INVALID_PARAM;
855 }
856
857 return HI_SUCCESS;
858 }
859
cryp_rsa_decrypt(const cryp_rsa_key * key,cryp_rsa_crypt_data * rsa_crypt)860 hi_s32 cryp_rsa_decrypt(const cryp_rsa_key *key, cryp_rsa_crypt_data *rsa_crypt)
861 {
862 hi_s32 ret;
863 int padding = 0;
864 int hash_id = 0;
865 int hashlen = 0;
866 mbedtls_rsa_context rsa;
867 rsa_padding_pack pad;
868
869 hi_log_func_enter();
870
871 hi_log_chk_param_return(key == HI_NULL);
872 hi_log_chk_param_return(rsa_crypt == HI_NULL);
873 hi_log_chk_param_return(rsa_crypt->in == HI_NULL);
874 hi_log_chk_param_return(rsa_crypt->out == HI_NULL);
875 hi_log_chk_param_return(key->klen > RSA_KEY_LEN_4096);
876 hi_log_chk_param_return(rsa_crypt->in_len != key->klen);
877 hi_log_chk_param_return(key->ca_type >= HI_CIPHER_KEY_SRC_BUTT);
878
879 ret = cryp_rsa_get_alg(rsa_crypt->scheme, &padding, &hash_id, &hashlen);
880 if (ret != HI_SUCCESS) {
881 hi_log_print_func_err(cryp_rsa_get_alg, ret);
882 return ret;
883 }
884
885 kapi_rsa_lock_err_return();
886
887 mbedtls_rsa_init(&rsa, padding, hash_id);
888 (hi_void)memset_s(&pad, sizeof(pad), 0, sizeof(pad));
889
890 ret = cryp_rsa_init_key(key, &pad.mode, &rsa);
891 if (ret != HI_SUCCESS) {
892 hi_log_print_func_err(cryp_rsa_init_key, ret);
893 kapi_rsa_unlock();
894 return ret;
895 }
896
897 pad.in = rsa_crypt->in;
898 pad.in_len = rsa_crypt->in_len;
899 pad.out = rsa_crypt->out;
900 pad.out_len = &rsa_crypt->out_len;
901 pad.klen = key->klen;
902 ret = ext_rsa_decrypt(rsa_crypt->scheme, &rsa, &pad);
903 if (ret != HI_SUCCESS) {
904 hi_log_print_func_err(ext_rsa_decrypt, ret);
905 cryp_rsa_deinit_key(&rsa);
906 kapi_rsa_unlock();
907 return ret;
908 }
909
910 rsa_crypt->out_len = *pad.out_len;
911 cryp_rsa_deinit_key(&rsa);
912 kapi_rsa_unlock();
913 hi_log_func_exit();
914 return HI_SUCCESS;
915 }
916
cryp_rsa_sign_hash(const cryp_rsa_key * key,cryp_rsa_sign_data * rsa_sign)917 hi_s32 cryp_rsa_sign_hash(const cryp_rsa_key *key, cryp_rsa_sign_data *rsa_sign)
918 {
919 hi_s32 ret;
920 hi_u32 mode = 0;
921 int padding = 0;
922 int hash_id = 0;
923 int hashlen = 0;
924 mbedtls_rsa_context rsa;
925
926 hi_log_func_enter();
927
928 hi_log_chk_param_return(key == HI_NULL);
929 hi_log_chk_param_return(rsa_sign == HI_NULL);
930 hi_log_chk_param_return(rsa_sign->in == HI_NULL);
931 hi_log_chk_param_return(rsa_sign->out == HI_NULL);
932 hi_log_chk_param_return(key->klen > RSA_KEY_LEN_4096);
933 hi_log_chk_param_return(rsa_sign->in_len > key->klen);
934
935 ret = cryp_rsa_get_alg(rsa_sign->scheme, &padding, &hash_id, &hashlen);
936 if (ret != HI_SUCCESS) {
937 hi_log_print_func_err(cryp_rsa_get_alg, ret);
938 return ret;
939 }
940 hi_log_chk_param_return(rsa_sign->in_len < (hi_u32)hashlen);
941
942 kapi_rsa_lock_err_return();
943
944 mbedtls_rsa_init(&rsa, padding, hash_id);
945
946 ret = cryp_rsa_init_key(key, &mode, &rsa);
947 if (ret != HI_SUCCESS) {
948 hi_log_print_func_err(cryp_rsa_init_key, ret);
949 kapi_rsa_unlock();
950 return ret;
951 }
952
953 /* rsa_sign->in is input hash data, rsa_sign->out is output sign data. */
954 ret = mbedtls_rsa_pkcs1_sign(&rsa, mbedtls_get_random, HI_NULL,
955 mode, hash_id, hashlen, rsa_sign->in, rsa_sign->out);
956 if (ret != HI_SUCCESS) {
957 hi_log_print_func_err(mbedtls_rsa_pkcs1_sign, ret);
958 hi_log_print_err_code(HI_ERR_CIPHER_RSA_SIGN);
959 cryp_rsa_deinit_key(&rsa);
960 kapi_rsa_unlock();
961 return HI_ERR_CIPHER_RSA_SIGN;
962 }
963
964 rsa_sign->out_len = key->klen;
965 cryp_rsa_deinit_key(&rsa);
966
967 kapi_rsa_unlock();
968 hi_log_func_exit();
969 return HI_SUCCESS;
970 }
971
cryp_rsa_verify_hash(const cryp_rsa_key * key,const cryp_rsa_sign_data * rsa_verify)972 hi_s32 cryp_rsa_verify_hash(const cryp_rsa_key *key, const cryp_rsa_sign_data *rsa_verify)
973 {
974 hi_s32 ret;
975 int padding = 0;
976 int hash_id = 0;
977 int hashlen = 0;
978 hi_u32 mode = 0;
979 mbedtls_rsa_context rsa;
980
981 hi_log_func_enter();
982
983 hi_log_chk_param_return(key == HI_NULL);
984 hi_log_chk_param_return(rsa_verify == HI_NULL);
985 hi_log_chk_param_return(rsa_verify->in == HI_NULL);
986 hi_log_chk_param_return(rsa_verify->out == HI_NULL);
987 hi_log_chk_param_return(key->klen > RSA_KEY_LEN_4096);
988 hi_log_chk_param_return(rsa_verify->in_len != key->klen);
989 hi_log_chk_param_return(rsa_verify->out_len > key->klen);
990 hi_log_chk_param_return(key->ca_type != HI_CIPHER_KEY_SRC_USER);
991
992 ret = cryp_rsa_get_alg(rsa_verify->scheme, &padding, &hash_id, &hashlen);
993 if (ret != HI_SUCCESS) {
994 hi_log_print_func_err(cryp_rsa_get_alg, ret);
995 return ret;
996 }
997 hi_log_chk_param_return(rsa_verify->in_len < (hi_u32)hashlen);
998
999 kapi_rsa_lock_err_return();
1000
1001 mbedtls_rsa_init(&rsa, padding, hash_id);
1002
1003 ret = cryp_rsa_init_key(key, &mode, &rsa);
1004 if (ret != HI_SUCCESS) {
1005 hi_log_print_func_err(cryp_rsa_init_key, ret);
1006 kapi_rsa_unlock();
1007 return ret;
1008 }
1009
1010 /* rsa_verify->out is input hash data, rsa_verify->in is input sign data. */
1011 ret = mbedtls_rsa_pkcs1_verify(&rsa, mbedtls_get_random, HI_NULL,
1012 mode, hash_id, hashlen, rsa_verify->out, rsa_verify->in);
1013 if (ret != HI_SUCCESS) {
1014 hi_log_print_func_err(mbedtls_rsa_pkcs1_verify, ret);
1015 hi_log_print_err_code(HI_ERR_CIPHER_RSA_VERIFY);
1016 cryp_rsa_deinit_key(&rsa);
1017 kapi_rsa_unlock();
1018 return HI_ERR_CIPHER_RSA_VERIFY;
1019 }
1020
1021 cryp_rsa_deinit_key(&rsa);
1022 kapi_rsa_unlock();
1023 hi_log_func_exit();
1024 return HI_SUCCESS;
1025 }
1026 #else
cryp_rsa_encrypt(cryp_rsa_key * key,cryp_rsa_crypt_data * rsa_crypt)1027 hi_s32 cryp_rsa_encrypt(cryp_rsa_key *key, cryp_rsa_crypt_data *rsa_crypt)
1028 {
1029 hi_log_error("Unsupported rsa encrypt.\n");
1030 return HI_ERR_CIPHER_RSA_CRYPT_FAILED;
1031 }
1032
cryp_rsa_decrypt(cryp_rsa_key * key,cryp_rsa_crypt_data * rsa_crypt)1033 hi_s32 cryp_rsa_decrypt(cryp_rsa_key *key, cryp_rsa_crypt_data *rsa_crypt)
1034 {
1035 hi_log_error("Unsupported rsa decrypt.\n");
1036 return HI_ERR_CIPHER_RSA_CRYPT_FAILED;
1037 }
1038
cryp_rsa_sign_hash(cryp_rsa_key * key,cryp_rsa_sign_data * rsa_sign)1039 hi_s32 cryp_rsa_sign_hash(cryp_rsa_key *key, cryp_rsa_sign_data *rsa_sign)
1040 {
1041 hi_log_error("Unsupported rsa sign.\n");
1042 return HI_ERR_CIPHER_RSA_SIGN;
1043 }
1044
cryp_rsa_verify_hash(cryp_rsa_key * key,cryp_rsa_sign_data * rsa_verify)1045 hi_s32 cryp_rsa_verify_hash(cryp_rsa_key *key, cryp_rsa_sign_data *rsa_verify)
1046 {
1047 hi_log_error("Unsupported rsa verify.\n");
1048 return HI_ERR_CIPHER_RSA_VERIFY;
1049 }
1050 #endif
1051
cryp_rsa_bn_exp_mod(cryp_rsa_exp_mod * exp_mod)1052 hi_s32 cryp_rsa_bn_exp_mod(cryp_rsa_exp_mod *exp_mod)
1053 {
1054 hi_s32 ret;
1055 rsa_key_width width;
1056
1057 switch (exp_mod->length) {
1058 #ifdef CHIP_RSA1024_SUPPORT
1059 case RSA_KEY_LEN_1024:
1060 width = RSA_KEY_WIDTH_1024;
1061 break;
1062 #endif
1063 case RSA_KEY_LEN_2048:
1064 width = RSA_KEY_WIDTH_2048;
1065 break;
1066 #ifdef CHIP_RSA3072_SUPPORT
1067 case RSA_KEY_LEN_3072:
1068 width = RSA_KEY_WIDTH_3072;
1069 break;
1070 #endif
1071 case RSA_KEY_LEN_4096:
1072 width = RSA_KEY_WIDTH_4096;
1073 break;
1074 default:
1075 hi_log_error("Invalid key length %d\n", exp_mod->length);
1076 return HI_ERR_CIPHER_INVALID_PARAM;
1077 }
1078
1079 kapi_rsa_lock_err_return();
1080
1081 ret = drv_ifep_rsa_exp_mod(HI_CIPHER_KEY_SRC_USER,
1082 exp_mod->n, exp_mod->k, exp_mod->in, exp_mod->out, width);
1083 if (ret != HI_SUCCESS) {
1084 kapi_rsa_unlock();
1085 hi_log_print_func_err(drv_ifep_rsa_exp_mod, ret);
1086 return ret;
1087 }
1088
1089 kapi_rsa_unlock();
1090
1091 return ret;
1092 }
1093
cryp_rsa_init(hi_void)1094 int cryp_rsa_init(hi_void)
1095 {
1096 hi_log_func_enter();
1097
1098 crypto_mutex_init(&g_rsa_mutex);
1099
1100 #if defined(CHIP_IFEP_RSA_VER_V100)
1101 {
1102 hi_s32 ret;
1103
1104 ret = drv_rsa_init();
1105 if (ret != HI_SUCCESS) {
1106 hi_log_print_func_err(drv_rsa_init, ret);
1107 return ret;
1108 }
1109 }
1110 #endif
1111
1112 hi_log_func_exit();
1113 return HI_SUCCESS;
1114 }
1115
cryp_rsa_deinit(hi_void)1116 hi_void cryp_rsa_deinit(hi_void)
1117 {
1118 #if defined(CHIP_IFEP_RSA_VER_V100)
1119 rsa_capacity capacity;
1120
1121 drv_ifep_rsa_get_capacity(&capacity);
1122
1123 /* recovery the rsa function of mbedtls */
1124 if (capacity.rsa) {
1125 drv_rsa_deinit();
1126 }
1127 #endif
1128
1129 crypto_mutex_destroy(&g_rsa_mutex);
1130 }
1131
1132