1 /*
2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #include "hks_config.h"
20 #endif
21
22 #include "hks_openssl_aes.h"
23
24 #include <openssl/evp.h>
25 #include <stddef.h>
26
27 #include "hks_log.h"
28 #include "hks_mem.h"
29 #include "hks_openssl_common.h"
30 #include "hks_openssl_engine.h"
31 #include "hks_template.h"
32
33 #if defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_SM4_C)
34 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7) || \
35 defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING) || defined(HKS_SUPPORT_AES_CTR_NOPADDING) || \
36 defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_GCM) || \
37 defined(HKS_SUPPORT_SM4_CBC_NOPADDING) || defined(HKS_SUPPORT_SM4_CBC_PKCS7) || \
38 defined(HKS_SUPPORT_SM4_CTR_NOPADDING) || defined(HKS_SUPPORT_SM4_ECB_NOPADDING) || \
39 defined(HKS_SUPPORT_SM4_ECB_PKCS7)
40
GetBlockCipherType(uint32_t keySize,uint32_t mode,const EVP_CIPHER * (* getCbcCipherType)(uint32_t keySize),const EVP_CIPHER * (* getCtrCipherType)(uint32_t keySize),const EVP_CIPHER * (* getEcbCipherType)(uint32_t keySize))41 const EVP_CIPHER *GetBlockCipherType(uint32_t keySize, uint32_t mode,
42 const EVP_CIPHER *(*getCbcCipherType)(uint32_t keySize),
43 const EVP_CIPHER *(*getCtrCipherType)(uint32_t keySize),
44 const EVP_CIPHER *(*getEcbCipherType)(uint32_t keySize))
45 {
46 if (mode == HKS_MODE_CBC) {
47 return getCbcCipherType(keySize);
48 } else if (mode == HKS_MODE_CTR) {
49 return getCtrCipherType(keySize);
50 } else if (mode == HKS_MODE_ECB) {
51 return getEcbCipherType(keySize);
52 }
53 return NULL;
54 }
55
OpensslBlockCipherCryptInitParams(const struct HksBlob * key,EVP_CIPHER_CTX * ctx,struct HksCipherParam * cipherParam,bool isEncrypt,const struct HksUsageSpec * usageSpec)56 static int32_t OpensslBlockCipherCryptInitParams(const struct HksBlob *key, EVP_CIPHER_CTX *ctx,
57 struct HksCipherParam *cipherParam, bool isEncrypt, const struct HksUsageSpec *usageSpec)
58 {
59 int32_t ret;
60 if (isEncrypt) {
61 ret = EVP_EncryptInit_ex(ctx, NULL, NULL, key->data, (cipherParam == NULL) ? NULL : cipherParam->iv.data);
62 } else {
63 ret = EVP_DecryptInit_ex(ctx, NULL, NULL, key->data, (cipherParam == NULL) ? NULL : cipherParam->iv.data);
64 }
65 if (ret != HKS_OPENSSL_SUCCESS) {
66 HksLogOpensslError();
67 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
68 }
69
70 if (usageSpec->padding == HKS_PADDING_PKCS7) {
71 // set chipher padding enable
72 ret = EVP_CIPHER_CTX_set_padding(ctx, OPENSSL_CTX_PADDING_ENABLE);
73 } else if (usageSpec->padding == HKS_PADDING_NONE) {
74 // set chipher padding none
75 ret = EVP_CIPHER_CTX_set_padding(ctx, OPENSSL_CTX_PADDING_NONE);
76 }
77 if (ret != HKS_OPENSSL_SUCCESS) {
78 HksLogOpensslError();
79 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
80 }
81 return HKS_SUCCESS;
82 }
83
OpensslBlockCipherCryptInit(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,bool isEncrypt,void ** cryptoCtx,const EVP_CIPHER * (* getCipherType)(uint32_t keySize,uint32_t mode))84 int32_t OpensslBlockCipherCryptInit(
85 const struct HksBlob *key, const struct HksUsageSpec *usageSpec, bool isEncrypt, void **cryptoCtx,
86 const EVP_CIPHER *(*getCipherType)(uint32_t keySize, uint32_t mode))
87 {
88 int32_t ret;
89 struct HksCipherParam *cipherParam = (struct HksCipherParam *)usageSpec->algParam;
90
91 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
92 if (ctx == NULL) {
93 HksLogOpensslError();
94 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
95 }
96
97 const EVP_CIPHER *cipher = getCipherType(key->size, usageSpec->mode);
98 if (cipher == NULL) {
99 EVP_CIPHER_CTX_free(ctx);
100 return HKS_ERROR_INVALID_ARGUMENT;
101 }
102
103 if (isEncrypt) {
104 ret = EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL);
105 } else {
106 ret = EVP_DecryptInit_ex(ctx, cipher, NULL, NULL, NULL);
107 }
108 if (ret != HKS_OPENSSL_SUCCESS) {
109 HksLogOpensslError();
110 EVP_CIPHER_CTX_free(ctx);
111 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
112 }
113
114 ret = OpensslBlockCipherCryptInitParams(key, ctx, cipherParam, isEncrypt, usageSpec);
115 if (ret != HKS_SUCCESS) {
116 EVP_CIPHER_CTX_free(ctx);
117 HKS_LOG_E("OpensslBlockCipherCryptInitParams fail, ret = %" LOG_PUBLIC "d", ret);
118 return ret;
119 }
120
121 struct HksOpensslBlockCipherCtx *outCtx =
122 (struct HksOpensslBlockCipherCtx *)HksMalloc(sizeof(HksOpensslBlockCipherCtx));
123 if (outCtx == NULL) {
124 EVP_CIPHER_CTX_free(ctx);
125 return HKS_ERROR_MALLOC_FAIL;
126 }
127 outCtx->algType = usageSpec->algType;
128 outCtx->mode = usageSpec->mode;
129 outCtx->padding = usageSpec->padding;
130 outCtx->append = (void *)ctx;
131
132 *cryptoCtx = (void *)outCtx;
133
134 return HKS_SUCCESS;
135 }
136
137 // blob data and size have been checked in hks_core_service_three_stage.c
OpensslBlockCipherEncryptUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)138 int32_t OpensslBlockCipherEncryptUpdate(
139 void *cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText)
140 {
141 struct HksOpensslBlockCipherCtx *blockCipherCtx = (struct HksOpensslBlockCipherCtx *)cryptoCtx;
142 EVP_CIPHER_CTX *ctx = (EVP_CIPHER_CTX *)blockCipherCtx->append;
143
144 HKS_IF_NULL_RETURN(ctx, HKS_ERROR_NULL_POINTER)
145
146 int32_t outLen = 0;
147 if (EVP_EncryptUpdate(ctx, cipherText->data, &outLen, message->data, message->size) != HKS_OPENSSL_SUCCESS) {
148 HksLogOpensslError();
149 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
150 }
151 cipherText->size = (uint32_t)outLen;
152
153 return HKS_SUCCESS;
154 }
155
156 // blob data and size have been checked in hks_core_service_three_stage.c
OpensslBlockCipherEncryptFinalThree(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)157 int32_t OpensslBlockCipherEncryptFinalThree(
158 void **cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText)
159 {
160 struct HksOpensslBlockCipherCtx *blockCipherCtx = (struct HksOpensslBlockCipherCtx *)*cryptoCtx;
161 EVP_CIPHER_CTX *ctx = (EVP_CIPHER_CTX *)blockCipherCtx->append;
162
163 if (ctx == NULL) {
164 HKS_FREE_PTR(*cryptoCtx);
165 return HKS_ERROR_NULL_POINTER;
166 }
167
168 int32_t ret = HKS_SUCCESS;
169 do {
170 int32_t outLen = 0;
171 if (message->size != 0) {
172 if (EVP_EncryptUpdate(ctx, cipherText->data, &outLen, message->data,
173 message->size) != HKS_OPENSSL_SUCCESS) {
174 HksLogOpensslError();
175 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
176 break;
177 }
178 }
179 cipherText->size = (uint32_t)outLen;
180
181 if (EVP_EncryptFinal_ex(ctx, (cipherText->data + outLen), &outLen) != HKS_OPENSSL_SUCCESS) {
182 HksLogOpensslError();
183 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
184 break;
185 }
186 cipherText->size += (uint32_t)outLen;
187 } while (0);
188
189 EVP_CIPHER_CTX_free(ctx);
190 blockCipherCtx->append = NULL;
191 HKS_FREE_PTR(*cryptoCtx);
192
193 return ret;
194 }
195
196 // blob data and size have been checked in hks_core_service_three_stage.c
OpensslBlockCipherDecryptUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * plainText)197 int32_t OpensslBlockCipherDecryptUpdate(
198 void *cryptoCtx, const struct HksBlob *message, struct HksBlob *plainText)
199 {
200 struct HksOpensslBlockCipherCtx *blockCipherCtx = (struct HksOpensslBlockCipherCtx *)cryptoCtx;
201 EVP_CIPHER_CTX *ctx = (EVP_CIPHER_CTX *)blockCipherCtx->append;
202
203 HKS_IF_NULL_RETURN(ctx, HKS_ERROR_NULL_POINTER)
204
205 int32_t outLen = 0;
206 if (EVP_DecryptUpdate(ctx, plainText->data, &outLen, message->data, message->size) != HKS_OPENSSL_SUCCESS) {
207 HksLogOpensslError();
208 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
209 }
210 plainText->size = (uint32_t)outLen;
211
212 return HKS_SUCCESS;
213 }
214
215 // blob data and size have been checked in hks_core_service_three_stage.c
OpensslBlockCipherDecryptFinalThree(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * plainText)216 int32_t OpensslBlockCipherDecryptFinalThree(
217 void **cryptoCtx, const struct HksBlob *message, struct HksBlob *plainText)
218 {
219 struct HksOpensslBlockCipherCtx *blockCipherCtx = (struct HksOpensslBlockCipherCtx *)*cryptoCtx;
220 EVP_CIPHER_CTX *ctx = (EVP_CIPHER_CTX *)blockCipherCtx->append;
221 if (ctx == NULL) {
222 HKS_FREE_PTR(*cryptoCtx);
223 return HKS_ERROR_NULL_POINTER;
224 }
225
226 int32_t ret = HKS_SUCCESS;
227 do {
228 int32_t outLen = 0;
229 if (message->size != 0) {
230 if (EVP_DecryptUpdate(ctx, plainText->data, &outLen, message->data, message->size) != HKS_OPENSSL_SUCCESS) {
231 HksLogOpensslError();
232 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
233 break;
234 }
235 }
236 plainText->size = (uint32_t)outLen;
237
238 if (EVP_DecryptFinal_ex(ctx, plainText->data + outLen, &outLen) != HKS_OPENSSL_SUCCESS) {
239 HksLogOpensslError();
240 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
241 break;
242 }
243 plainText->size += (uint32_t)outLen;
244 } while (0);
245
246 EVP_CIPHER_CTX_free(ctx);
247 blockCipherCtx->append = NULL;
248 HKS_FREE_PTR(*cryptoCtx);
249 return ret;
250 }
251 #endif
252 #endif /* defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_SM4_C) */
253
254 #ifdef HKS_SUPPORT_AES_C
255 #ifdef HKS_SUPPORT_AES_GENERATE_KEY
AesGenKeyCheckParam(const struct HksKeySpec * spec)256 static int32_t AesGenKeyCheckParam(const struct HksKeySpec *spec)
257 {
258 if ((spec->keyLen != HKS_AES_KEY_SIZE_128) && (spec->keyLen != HKS_AES_KEY_SIZE_192) &&
259 (spec->keyLen != HKS_AES_KEY_SIZE_256)) {
260 HKS_LOG_E("Invlid aes key len %" LOG_PUBLIC "x!", spec->keyLen);
261 return HKS_ERROR_INVALID_ARGUMENT;
262 }
263 return HKS_SUCCESS;
264 }
265
HksOpensslAesGenerateKey(const struct HksKeySpec * spec,struct HksBlob * key)266 int32_t HksOpensslAesGenerateKey(const struct HksKeySpec *spec, struct HksBlob *key)
267 {
268 HKS_IF_NOT_SUCC_LOGE_RETURN(AesGenKeyCheckParam(spec), HKS_ERROR_INVALID_ARGUMENT,
269 "aes generate key invalid params!")
270
271 return HksOpensslGenerateRandomKey(spec->keyLen, key);
272 }
273 #endif
274
GetAesCbcCipherType(uint32_t keySize)275 static const EVP_CIPHER *GetAesCbcCipherType(uint32_t keySize)
276 {
277 switch (keySize) {
278 case HKS_KEY_BYTES(HKS_AES_KEY_SIZE_128):
279 return EVP_aes_128_cbc();
280 case HKS_KEY_BYTES(HKS_AES_KEY_SIZE_192):
281 return EVP_aes_192_cbc();
282 case HKS_KEY_BYTES(HKS_AES_KEY_SIZE_256):
283 return EVP_aes_256_cbc();
284 default:
285 return NULL;
286 }
287 }
288
GetAesCtrCipherType(uint32_t keySize)289 static const EVP_CIPHER *GetAesCtrCipherType(uint32_t keySize)
290 {
291 switch (keySize) {
292 case HKS_KEY_BYTES(HKS_AES_KEY_SIZE_128):
293 return EVP_aes_128_ctr();
294 case HKS_KEY_BYTES(HKS_AES_KEY_SIZE_192):
295 return EVP_aes_192_ctr();
296 case HKS_KEY_BYTES(HKS_AES_KEY_SIZE_256):
297 return EVP_aes_256_ctr();
298 default:
299 return NULL;
300 }
301 }
302
GetAesEcbCipherType(uint32_t keySize)303 static const EVP_CIPHER *GetAesEcbCipherType(uint32_t keySize)
304 {
305 switch (keySize) {
306 case HKS_KEY_BYTES(HKS_AES_KEY_SIZE_128):
307 return EVP_aes_128_ecb();
308 case HKS_KEY_BYTES(HKS_AES_KEY_SIZE_192):
309 return EVP_aes_192_ecb();
310 case HKS_KEY_BYTES(HKS_AES_KEY_SIZE_256):
311 return EVP_aes_256_ecb();
312 default:
313 return NULL;
314 }
315 }
316
GetGcmCipherType(uint32_t keySize)317 static const EVP_CIPHER *GetGcmCipherType(uint32_t keySize)
318 {
319 switch (keySize) {
320 case (HKS_AES_KEY_SIZE_128 / HKS_BITS_PER_BYTE):
321 return EVP_aes_128_gcm();
322 case (HKS_AES_KEY_SIZE_192 / HKS_BITS_PER_BYTE):
323 return EVP_aes_192_gcm();
324 case (HKS_AES_KEY_SIZE_256 / HKS_BITS_PER_BYTE):
325 return EVP_aes_256_gcm();
326 default:
327 return NULL;
328 }
329 }
330
GetAesCipherType(uint32_t keySize,uint32_t mode)331 static const EVP_CIPHER *GetAesCipherType(uint32_t keySize, uint32_t mode)
332 {
333 return GetBlockCipherType(keySize, mode, GetAesCbcCipherType, GetAesCtrCipherType, GetAesEcbCipherType);
334 }
335
GetAeadCipherType(uint32_t keySize,uint32_t mode)336 static const EVP_CIPHER *GetAeadCipherType(uint32_t keySize, uint32_t mode)
337 {
338 if (mode == HKS_MODE_GCM) {
339 return GetGcmCipherType(keySize);
340 }
341 return NULL;
342 }
343
344 #ifdef HKS_SUPPORT_AES_GCM
OpensslAesAeadInit(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,bool isEncrypt,EVP_CIPHER_CTX ** ctx)345 static int32_t OpensslAesAeadInit(
346 const struct HksBlob *key, const struct HksUsageSpec *usageSpec, bool isEncrypt, EVP_CIPHER_CTX **ctx)
347 {
348 int32_t ret;
349 struct HksAeadParam *aeadParam = (struct HksAeadParam *)usageSpec->algParam;
350 HKS_IF_NULL_RETURN(aeadParam, HKS_ERROR_INVALID_ARGUMENT)
351
352 *ctx = EVP_CIPHER_CTX_new();
353 if (*ctx == NULL) {
354 HksLogOpensslError();
355 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
356 }
357
358 if (isEncrypt) {
359 ret = EVP_EncryptInit_ex(*ctx, GetAeadCipherType(key->size, usageSpec->mode), NULL, NULL, NULL);
360 } else {
361 ret = EVP_DecryptInit_ex(*ctx, GetAeadCipherType(key->size, usageSpec->mode), NULL, NULL, NULL);
362 }
363 if (ret != HKS_OPENSSL_SUCCESS) {
364 HksLogOpensslError();
365 EVP_CIPHER_CTX_free(*ctx);
366 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
367 }
368
369 ret = EVP_CIPHER_CTX_ctrl(*ctx, EVP_CTRL_AEAD_SET_IVLEN, aeadParam->nonce.size, NULL);
370 if (ret != HKS_OPENSSL_SUCCESS) {
371 HksLogOpensslError();
372 EVP_CIPHER_CTX_free(*ctx);
373 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
374 }
375
376 if (isEncrypt) {
377 ret = EVP_EncryptInit_ex(*ctx, NULL, NULL, key->data, aeadParam->nonce.data);
378 } else {
379 ret = EVP_DecryptInit_ex(*ctx, NULL, NULL, key->data, aeadParam->nonce.data);
380 }
381 if (ret != HKS_OPENSSL_SUCCESS) {
382 HksLogOpensslError();
383 EVP_CIPHER_CTX_free(*ctx);
384 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
385 }
386
387 return HKS_SUCCESS;
388 }
389
OpensslAesAeadEncryptFinal(EVP_CIPHER_CTX * ctx,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)390 static int32_t OpensslAesAeadEncryptFinal(EVP_CIPHER_CTX *ctx, const struct HksUsageSpec *usageSpec,
391 const struct HksBlob *message, struct HksBlob *cipherText, struct HksBlob *tagAead)
392 {
393 int outLen = 0;
394 struct HksAeadParam *aeadParam = (struct HksAeadParam *)usageSpec->algParam;
395
396 if (EVP_EncryptUpdate(ctx, NULL, &outLen, aeadParam->aad.data, aeadParam->aad.size) != HKS_OPENSSL_SUCCESS) {
397 HksLogOpensslError();
398 EVP_CIPHER_CTX_free(ctx);
399 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
400 }
401
402 if (EVP_EncryptUpdate(ctx, cipherText->data, &outLen, message->data, message->size) != HKS_OPENSSL_SUCCESS) {
403 HksLogOpensslError();
404 EVP_CIPHER_CTX_free(ctx);
405 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
406 }
407 cipherText->size = (uint32_t)outLen;
408
409 if (EVP_EncryptFinal_ex(ctx, cipherText->data, &outLen) != HKS_OPENSSL_SUCCESS) {
410 HksLogOpensslError();
411 EVP_CIPHER_CTX_free(ctx);
412 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
413 }
414
415 if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, HKS_AE_TAG_LEN, tagAead->data) != HKS_OPENSSL_SUCCESS) {
416 HksLogOpensslError();
417 EVP_CIPHER_CTX_free(ctx);
418 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
419 }
420
421 EVP_CIPHER_CTX_free(ctx);
422 return HKS_SUCCESS;
423 }
424
OpensslAesAeadDecryptFinal(EVP_CIPHER_CTX * ctx,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * plainText)425 static int32_t OpensslAesAeadDecryptFinal(
426 EVP_CIPHER_CTX *ctx, const struct HksUsageSpec *usageSpec, const struct HksBlob *message, struct HksBlob *plainText)
427 {
428 int outLen = 0;
429 struct HksAeadParam *aeadParam = (struct HksAeadParam *)usageSpec->algParam;
430
431 if (EVP_DecryptUpdate(ctx, NULL, &outLen, aeadParam->aad.data, aeadParam->aad.size) != HKS_OPENSSL_SUCCESS) {
432 HksLogOpensslError();
433 EVP_CIPHER_CTX_free(ctx);
434 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
435 }
436
437 if (EVP_DecryptUpdate(ctx, plainText->data, &outLen, message->data, message->size) != HKS_OPENSSL_SUCCESS) {
438 HksLogOpensslError();
439 EVP_CIPHER_CTX_free(ctx);
440 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
441 }
442 plainText->size = (uint32_t)outLen;
443
444 if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, aeadParam->tagDec.size, aeadParam->tagDec.data) !=
445 HKS_OPENSSL_SUCCESS) {
446 HksLogOpensslError();
447 EVP_CIPHER_CTX_free(ctx);
448 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
449 }
450
451 if (EVP_DecryptFinal_ex(ctx, plainText->data, &outLen) != HKS_OPENSSL_SUCCESS) {
452 HksLogOpensslError();
453 EVP_CIPHER_CTX_free(ctx);
454 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
455 }
456
457 EVP_CIPHER_CTX_free(ctx);
458 return HKS_SUCCESS;
459 }
460
OpensslAesAeadCryptSetParam(const struct HksBlob * key,struct HksAeadParam * aeadParam,bool isEncrypt,EVP_CIPHER_CTX * ctx)461 static int32_t OpensslAesAeadCryptSetParam(const struct HksBlob *key, struct HksAeadParam *aeadParam,
462 bool isEncrypt, EVP_CIPHER_CTX *ctx)
463 {
464 if (aeadParam == NULL || key == NULL) {
465 return HKS_ERROR_INVALID_ARGUMENT;
466 }
467
468 int32_t ret = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, aeadParam->nonce.size, NULL);
469 if (ret != HKS_OPENSSL_SUCCESS) {
470 HksLogOpensslError();
471 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
472 }
473
474 if (isEncrypt) {
475 ret = EVP_EncryptInit_ex(ctx, NULL, NULL, key->data, aeadParam->nonce.data);
476 } else {
477 ret = EVP_DecryptInit_ex(ctx, NULL, NULL, key->data, aeadParam->nonce.data);
478 }
479 if (ret != HKS_OPENSSL_SUCCESS) {
480 HksLogOpensslError();
481 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
482 }
483
484 return HKS_SUCCESS;
485 }
486
487
OpensslAesAeadCryptInit(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,bool isEncrypt,void ** cryptoCtx)488 static int32_t OpensslAesAeadCryptInit(
489 const struct HksBlob *key, const struct HksUsageSpec *usageSpec, bool isEncrypt, void **cryptoCtx)
490 {
491 int32_t ret;
492 int outLen = 0;
493 struct HksAeadParam *aeadParam = (struct HksAeadParam *)usageSpec->algParam;
494 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
495 if (ctx == NULL) {
496 HksLogOpensslError();
497 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
498 }
499
500 if (isEncrypt) {
501 ret = EVP_EncryptInit_ex(ctx, GetAeadCipherType(key->size, usageSpec->mode), NULL, NULL, NULL);
502 } else {
503 ret = EVP_DecryptInit_ex(ctx, GetAeadCipherType(key->size, usageSpec->mode), NULL, NULL, NULL);
504 }
505 if (ret != HKS_OPENSSL_SUCCESS) {
506 HksLogOpensslError();
507 EVP_CIPHER_CTX_free(ctx);
508 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
509 }
510
511 ret = OpensslAesAeadCryptSetParam(key, aeadParam, isEncrypt, ctx);
512 if (ret != HKS_SUCCESS) {
513 HksLogOpensslError();
514 EVP_CIPHER_CTX_free(ctx);
515 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
516 }
517
518 if (isEncrypt) {
519 ret = EVP_EncryptUpdate(ctx, NULL, &outLen, aeadParam->aad.data, aeadParam->aad.size);
520 } else {
521 ret = EVP_DecryptUpdate(ctx, NULL, &outLen, aeadParam->aad.data, aeadParam->aad.size);
522 }
523 if (ret != HKS_OPENSSL_SUCCESS) {
524 HksLogOpensslError();
525 HKS_LOG_E("update aad faild, outLen->%" LOG_PUBLIC "d", outLen);
526 EVP_CIPHER_CTX_free(ctx);
527 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
528 }
529
530 struct HksOpensslBlockCipherCtx *outCtx =
531 (struct HksOpensslBlockCipherCtx *)HksMalloc(sizeof(HksOpensslBlockCipherCtx));
532 if (outCtx == NULL) {
533 HKS_LOG_E("HksOpensslBlockCipherCtx malloc fail");
534 EVP_CIPHER_CTX_free(ctx);
535 return HKS_ERROR_MALLOC_FAIL;
536 }
537 outCtx->algType = usageSpec->algType;
538 outCtx->mode = usageSpec->mode;
539 outCtx->append = (void *)ctx;
540
541 *cryptoCtx = (void *)outCtx;
542
543 return HKS_SUCCESS;
544 }
545
OpensslAesAeadEnryptUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)546 static int32_t OpensslAesAeadEnryptUpdate(void *cryptoCtx, const struct HksBlob *message,
547 struct HksBlob *cipherText)
548 {
549 struct HksOpensslBlockCipherCtx *aesCtx = (struct HksOpensslBlockCipherCtx *)cryptoCtx;
550 EVP_CIPHER_CTX *ctx = (EVP_CIPHER_CTX *)aesCtx->append;
551
552 int32_t outLen = 0;
553
554 if (EVP_EncryptUpdate(ctx, cipherText->data, &outLen, message->data, message->size) != HKS_OPENSSL_SUCCESS) {
555 HksLogOpensslError();
556 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
557 }
558 cipherText->size = (uint32_t)outLen;
559
560 return HKS_SUCCESS;
561 }
562
OpensslAesAeadDecryptUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * plainText)563 static int32_t OpensslAesAeadDecryptUpdate(void *cryptoCtx,
564 const struct HksBlob *message, struct HksBlob *plainText)
565 {
566 struct HksOpensslBlockCipherCtx *aesCtx = (struct HksOpensslBlockCipherCtx *)cryptoCtx;
567 EVP_CIPHER_CTX *ctx = (EVP_CIPHER_CTX *)aesCtx->append;
568 int32_t outLen = 0;
569
570 if (EVP_DecryptUpdate(ctx, plainText->data, &outLen, message->data, message->size) != HKS_OPENSSL_SUCCESS) {
571 HksLogOpensslError();
572 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
573 }
574
575 plainText->size = (uint32_t)outLen;
576
577 return HKS_SUCCESS;
578 }
579
OpensslAesAeadEncryptFinalGCM(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)580 static int32_t OpensslAesAeadEncryptFinalGCM(void **cryptoCtx, const struct HksBlob *message,
581 struct HksBlob *cipherText, struct HksBlob *tagAead)
582 {
583 struct HksOpensslBlockCipherCtx *aesCtx = (struct HksOpensslBlockCipherCtx *)*cryptoCtx;
584 EVP_CIPHER_CTX *ctx = (EVP_CIPHER_CTX *)aesCtx->append;
585
586 if (ctx == NULL) {
587 HKS_FREE_PTR(*cryptoCtx);
588 return HKS_ERROR_NULL_POINTER;
589 }
590
591 int32_t ret = HKS_SUCCESS;
592 do {
593 int32_t outLen = 0;
594 if (message->size != 0) {
595 if (EVP_EncryptUpdate(ctx, cipherText->data, &outLen, message->data,
596 message->size) != HKS_OPENSSL_SUCCESS) {
597 HksLogOpensslError();
598 HKS_LOG_E("EVP_EncryptUpdate cipherText data faild, outLen->%" LOG_PUBLIC "d", outLen);
599 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
600 break;
601 }
602 }
603 cipherText->size = (uint32_t)outLen;
604
605 if (EVP_EncryptFinal_ex(ctx, cipherText->data + outLen, &outLen) != HKS_OPENSSL_SUCCESS) {
606 HksLogOpensslError();
607 HKS_LOG_E("EVP_EncryptFinal_ex faild, outLen->%" LOG_PUBLIC "d", outLen);
608 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
609 break;
610 }
611 cipherText->size += (uint32_t)outLen;
612 if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, HKS_AE_TAG_LEN, tagAead->data) != HKS_OPENSSL_SUCCESS) {
613 HksLogOpensslError();
614 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
615 break;
616 }
617 } while (0);
618
619 EVP_CIPHER_CTX_free(ctx);
620 aesCtx->append = NULL;
621 HKS_FREE_PTR(*cryptoCtx);
622
623 return ret;
624 }
625
OpensslAesAeadDecryptFinalGCM(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * plainText,struct HksBlob * tagAead)626 static int32_t OpensslAesAeadDecryptFinalGCM(void **cryptoCtx, const struct HksBlob *message,
627 struct HksBlob *plainText, struct HksBlob *tagAead)
628 {
629 struct HksOpensslBlockCipherCtx *aesCtx = (struct HksOpensslBlockCipherCtx *)*cryptoCtx;
630 EVP_CIPHER_CTX *ctx = (EVP_CIPHER_CTX *)aesCtx->append;
631
632 if (ctx == NULL) {
633 HksFree(aesCtx);
634 *cryptoCtx = NULL;
635 return HKS_ERROR_NULL_POINTER;
636 }
637
638 int32_t ret = HKS_SUCCESS;
639 do {
640 int32_t outLen = 0;
641 if (message->size != 0) {
642 if (EVP_DecryptUpdate(ctx, plainText->data, &outLen, message->data, message->size) !=
643 HKS_OPENSSL_SUCCESS) {
644 HksLogOpensslError();
645 HKS_LOG_E("EVP_DecryptUpdate plainText data faild, outLen->%" LOG_PUBLIC "d", outLen);
646 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
647 break;
648 }
649 }
650 plainText->size = (uint32_t)outLen;
651
652 if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tagAead->size, tagAead->data) !=
653 HKS_OPENSSL_SUCCESS) {
654 HKS_LOG_E("EVP_CIPHER_CTX_ctrl failed, tagAead->size->%" LOG_PUBLIC "d", tagAead->size);
655 HksLogOpensslError();
656 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
657 break;
658 }
659
660 if (EVP_DecryptFinal_ex(ctx, plainText->data + outLen, &outLen) != HKS_OPENSSL_SUCCESS) {
661 HksLogOpensslError();
662 HKS_LOG_E("EVP_DecryptFinal_ex faild, outLen->%" LOG_PUBLIC "d", outLen);
663 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
664 break;
665 }
666 plainText->size += (uint32_t)outLen;
667 } while (0);
668
669 EVP_CIPHER_CTX_free(ctx);
670 aesCtx->append = NULL;
671 HKS_FREE_PTR(*cryptoCtx);
672 return ret;
673 }
674 #endif
675
676 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7) || \
677 defined(HKS_SUPPORT_AES_CTR_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_NOPADDING) || \
678 defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
OpensslAesCipherInit(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,bool isEncrypt,EVP_CIPHER_CTX ** ctx)679 static int32_t OpensslAesCipherInit(
680 const struct HksBlob *key, const struct HksUsageSpec *usageSpec, bool isEncrypt, EVP_CIPHER_CTX **ctx)
681 {
682 int32_t ret;
683 struct HksCipherParam *cipherParam = (struct HksCipherParam *)usageSpec->algParam;
684
685 *ctx = EVP_CIPHER_CTX_new();
686 if (*ctx == NULL) {
687 HksLogOpensslError();
688 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
689 }
690
691 const EVP_CIPHER *cipher = GetAesCipherType(key->size, usageSpec->mode);
692 if (cipher == NULL) {
693 EVP_CIPHER_CTX_free(*ctx);
694 return HKS_ERROR_INVALID_ARGUMENT;
695 }
696
697 if (isEncrypt) {
698 ret = EVP_EncryptInit_ex(*ctx, cipher, NULL, NULL, NULL);
699 } else {
700 ret = EVP_DecryptInit_ex(*ctx, cipher, NULL, NULL, NULL);
701 }
702 if (ret != HKS_OPENSSL_SUCCESS) {
703 HksLogOpensslError();
704 EVP_CIPHER_CTX_free(*ctx);
705 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
706 }
707
708 if (isEncrypt) {
709 ret = EVP_EncryptInit_ex(*ctx, NULL, NULL, key->data, (cipherParam == NULL) ? NULL : cipherParam->iv.data);
710 } else {
711 ret = EVP_DecryptInit_ex(*ctx, NULL, NULL, key->data, (cipherParam == NULL) ? NULL : cipherParam->iv.data);
712 }
713 if (ret != HKS_OPENSSL_SUCCESS) {
714 HksLogOpensslError();
715 EVP_CIPHER_CTX_free(*ctx);
716 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
717 }
718
719 if (usageSpec->padding == HKS_PADDING_PKCS7) {
720 ret = EVP_CIPHER_CTX_set_padding(*ctx, OPENSSL_CTX_PADDING_ENABLE);
721 } else if (usageSpec->padding == HKS_PADDING_NONE) {
722 ret = EVP_CIPHER_CTX_set_padding(*ctx, OPENSSL_CTX_PADDING_NONE);
723 }
724 if (ret != HKS_OPENSSL_SUCCESS) {
725 HksLogOpensslError();
726 EVP_CIPHER_CTX_free(*ctx);
727 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
728 }
729
730 return HKS_SUCCESS;
731 }
732
OpensslAesCipherEncryptFinal(EVP_CIPHER_CTX * ctx,const struct HksBlob * message,struct HksBlob * cipherText)733 static int32_t OpensslAesCipherEncryptFinal(
734 EVP_CIPHER_CTX *ctx, const struct HksBlob *message, struct HksBlob *cipherText)
735 {
736 int32_t outLen = 0;
737
738 if (EVP_EncryptUpdate(ctx, cipherText->data, &outLen, message->data, message->size) != HKS_OPENSSL_SUCCESS) {
739 HksLogOpensslError();
740 EVP_CIPHER_CTX_free(ctx);
741 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
742 }
743 cipherText->size = (uint32_t)outLen;
744
745 if (EVP_EncryptFinal_ex(ctx, cipherText->data + outLen, &outLen) != HKS_OPENSSL_SUCCESS) {
746 HksLogOpensslError();
747 EVP_CIPHER_CTX_free(ctx);
748 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
749 }
750 cipherText->size += (uint32_t)outLen;
751
752 EVP_CIPHER_CTX_free(ctx);
753 return HKS_SUCCESS;
754 }
755
OpensslAesCipherDecryptFinal(EVP_CIPHER_CTX * ctx,const struct HksBlob * message,struct HksBlob * plainText)756 static int32_t OpensslAesCipherDecryptFinal(
757 EVP_CIPHER_CTX *ctx, const struct HksBlob *message, struct HksBlob *plainText)
758 {
759 int32_t outLen = 0;
760
761 if (EVP_DecryptUpdate(ctx, plainText->data, &outLen, message->data, message->size) != HKS_OPENSSL_SUCCESS) {
762 HksLogOpensslError();
763 EVP_CIPHER_CTX_free(ctx);
764 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
765 }
766 plainText->size = (uint32_t)outLen;
767
768 if (EVP_DecryptFinal_ex(ctx, plainText->data + outLen, &outLen) != HKS_OPENSSL_SUCCESS) {
769 HksLogOpensslError();
770 EVP_CIPHER_CTX_free(ctx);
771 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
772 }
773 plainText->size += (uint32_t)outLen;
774
775 EVP_CIPHER_CTX_free(ctx);
776 return HKS_SUCCESS;
777 }
778 #endif
779
HksOpensslAesEncryptInit(void ** cryptoCtx,const struct HksBlob * key,const struct HksUsageSpec * usageSpec)780 int32_t HksOpensslAesEncryptInit(void **cryptoCtx, const struct HksBlob *key, const struct HksUsageSpec *usageSpec)
781 {
782 int32_t ret;
783 switch (usageSpec->mode) {
784 #ifdef HKS_SUPPORT_AES_GCM
785 case HKS_MODE_GCM:
786 ret = OpensslAesAeadCryptInit(key, usageSpec, true, cryptoCtx);
787 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "OpensslAesAeadInit fail, ret = %" LOG_PUBLIC "d", ret)
788 break;
789 #endif
790 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7) || \
791 defined(HKS_SUPPORT_AES_CTR_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_NOPADDING) || \
792 defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
793 case HKS_MODE_CBC:
794 case HKS_MODE_CTR:
795 case HKS_MODE_ECB:
796 ret = OpensslBlockCipherCryptInit(key, usageSpec, true, cryptoCtx, GetAesCipherType);
797 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
798 "OpensslBlockCipherCryptInit for aes fail, ret = %" LOG_PUBLIC "d", ret)
799 break;
800 #endif
801 default:
802 HKS_LOG_E("Unsupport aes mode! mode = 0x%" LOG_PUBLIC "x", usageSpec->mode);
803 return HKS_ERROR_INVALID_ARGUMENT;
804 }
805
806 return HKS_SUCCESS;
807 }
808
HksOpensslAesEncryptUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)809 int32_t HksOpensslAesEncryptUpdate(void *cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText)
810 {
811 struct HksOpensslBlockCipherCtx *contex = (struct HksOpensslBlockCipherCtx *)cryptoCtx;
812 uint32_t mode = contex->mode;
813
814 int32_t ret;
815 switch (mode) {
816 #ifdef HKS_SUPPORT_AES_GCM
817 case HKS_MODE_GCM:
818 ret = OpensslAesAeadEnryptUpdate(cryptoCtx, message, cipherText);
819 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
820 "OpensslAesAeadEnryptUpdate for aes fail, ret = %" LOG_PUBLIC "d", ret)
821 break;
822 #endif
823 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7) || \
824 defined(HKS_SUPPORT_AES_CTR_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_NOPADDING) || \
825 defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
826 case HKS_MODE_CBC:
827 case HKS_MODE_CTR:
828 case HKS_MODE_ECB:
829 ret = OpensslBlockCipherEncryptUpdate(cryptoCtx, message, cipherText);
830 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
831 "OpensslBlockCipherEncryptUpdate for aes fail, ret = %" LOG_PUBLIC "d", ret)
832 break;
833 #endif
834 default:
835 HKS_LOG_E("Unsupport aes mode! mode = 0x%" LOG_PUBLIC "x", mode);
836 return HKS_ERROR_INVALID_ARGUMENT;
837 }
838
839 return HKS_SUCCESS;
840 }
841
HksOpensslAesEncryptFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)842 int32_t HksOpensslAesEncryptFinal(void **cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText,
843 struct HksBlob *tagAead)
844 {
845 struct HksOpensslBlockCipherCtx *contex = (struct HksOpensslBlockCipherCtx *)*cryptoCtx;
846 uint32_t mode = contex->mode;
847
848 int32_t ret;
849 switch (mode) {
850 #ifdef HKS_SUPPORT_AES_GCM
851 case HKS_MODE_GCM:
852 ret = OpensslAesAeadEncryptFinalGCM(cryptoCtx, message, cipherText, tagAead);
853 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
854 "OpensslAesAeadEncryptFinalGCM for aes fail, ret = %" LOG_PUBLIC "d", ret)
855 break;
856 #endif
857 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7) || \
858 defined(HKS_SUPPORT_AES_CTR_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_NOPADDING) || \
859 defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
860 case HKS_MODE_CBC:
861 case HKS_MODE_CTR:
862 case HKS_MODE_ECB:
863 ret = OpensslBlockCipherEncryptFinalThree(cryptoCtx, message, cipherText);
864 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
865 "OpensslBlockCipherEncryptFinalThree for aes fail, ret = %" LOG_PUBLIC "d", ret)
866 break;
867 #endif
868 default:
869 HKS_LOG_E("Unsupport aes mode! mode = 0x%" LOG_PUBLIC "x", mode);
870 return HKS_ERROR_INVALID_ARGUMENT;
871 }
872
873 return HKS_SUCCESS;
874 }
875
HksOpensslAesDecryptInit(void ** cryptoCtx,const struct HksBlob * key,const struct HksUsageSpec * usageSpec)876 int32_t HksOpensslAesDecryptInit(void **cryptoCtx, const struct HksBlob *key,
877 const struct HksUsageSpec *usageSpec)
878 {
879 int32_t ret;
880 switch (usageSpec->mode) {
881 case HKS_MODE_GCM:
882 ret = OpensslAesAeadCryptInit(key, usageSpec, false, cryptoCtx);
883 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
884 "OpensslAesAeadDecryptInit for aes fail, ret = %" LOG_PUBLIC "d", ret)
885 break;
886 case HKS_MODE_CBC:
887 case HKS_MODE_CTR:
888 case HKS_MODE_ECB:
889 ret = OpensslBlockCipherCryptInit(key, usageSpec, false, cryptoCtx, GetAesCipherType);
890 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
891 "OpensslBlockCipherCryptInit for aes fail, ret = %" LOG_PUBLIC "d", ret)
892 break;
893 default:
894 HKS_LOG_E("Unsupport aes mode! mode = 0x%" LOG_PUBLIC "x", usageSpec->mode);
895 return HKS_ERROR_INVALID_ARGUMENT;
896 }
897
898 return ret;
899 }
900
HksOpensslAesDecryptUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * plainText)901 int32_t HksOpensslAesDecryptUpdate(void *cryptoCtx, const struct HksBlob *message, struct HksBlob *plainText)
902 {
903 struct HksOpensslBlockCipherCtx *contex = (struct HksOpensslBlockCipherCtx *)cryptoCtx;
904 uint32_t mode = contex->mode;
905
906 int32_t ret;
907 switch (mode) {
908 case HKS_MODE_GCM:
909 ret = OpensslAesAeadDecryptUpdate(cryptoCtx, message, plainText);
910 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
911 "OpensslAesAeadDecryptUpdate for aes fail, ret = %" LOG_PUBLIC "d", ret)
912 break;
913 case HKS_MODE_CBC:
914 case HKS_MODE_CTR:
915 case HKS_MODE_ECB:
916 ret = OpensslBlockCipherDecryptUpdate(cryptoCtx, message, plainText);
917 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
918 "OpensslBlockCipherDecryptUpdate for aes fail, ret = %" LOG_PUBLIC "d", ret)
919 break;
920 default:
921 HKS_LOG_E("Unsupport aes mode! mode = 0x%" LOG_PUBLIC "x", mode);
922 return HKS_ERROR_INVALID_ARGUMENT;
923 }
924
925 return ret;
926 }
927
HksOpensslAesDecryptFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)928 int32_t HksOpensslAesDecryptFinal(void **cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText,
929 struct HksBlob *tagAead)
930 {
931 struct HksOpensslBlockCipherCtx *contex = (struct HksOpensslBlockCipherCtx *)*cryptoCtx;
932 uint32_t mode = contex->mode;
933
934 int32_t ret;
935 switch (mode) {
936 #ifdef HKS_SUPPORT_AES_GCM
937 case HKS_MODE_GCM:
938 ret = OpensslAesAeadDecryptFinalGCM(cryptoCtx, message, cipherText, tagAead);
939 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
940 "OpensslAesAeadDecryptFinalGCM for aes fail, ret = %" LOG_PUBLIC "d", ret)
941 break;
942 #endif
943 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7) || \
944 defined(HKS_SUPPORT_AES_CTR_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_NOPADDING) || \
945 defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
946 case HKS_MODE_CBC:
947 case HKS_MODE_CTR:
948 case HKS_MODE_ECB:
949 ret = OpensslBlockCipherDecryptFinalThree(cryptoCtx, message, cipherText);
950 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
951 "OpensslBlockCipherDecryptFinalThree for aes fail, ret = %" LOG_PUBLIC "d", ret)
952 break;
953 #endif
954 default:
955 HKS_LOG_E("Unsupport aes mode! mode = 0x%" LOG_PUBLIC "x", mode);
956 return HKS_ERROR_INVALID_ARGUMENT;
957 }
958
959 return HKS_SUCCESS;
960 }
961
HksOpensslAesHalFreeCtx(void ** cryptoCtx)962 void HksOpensslAesHalFreeCtx(void **cryptoCtx)
963 {
964 if (cryptoCtx == NULL || *cryptoCtx == NULL) {
965 HKS_LOG_E("Openssl aes free ctx is null");
966 return;
967 }
968
969 struct HksOpensslBlockCipherCtx *opensslAesCtx = (struct HksOpensslBlockCipherCtx *)*cryptoCtx;
970 switch (opensslAesCtx->mode) {
971 #ifdef HKS_SUPPORT_AES_GCM
972 case HKS_MODE_GCM:
973 if ((EVP_CIPHER_CTX *)opensslAesCtx->append != NULL) {
974 EVP_CIPHER_CTX_free((EVP_CIPHER_CTX *)opensslAesCtx->append);
975 opensslAesCtx->append = NULL;
976 }
977 break;
978 #endif
979 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7) || \
980 defined(HKS_SUPPORT_AES_CTR_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_NOPADDING) || \
981 defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
982 case HKS_MODE_CBC:
983 case HKS_MODE_CTR:
984 case HKS_MODE_ECB:
985 if ((EVP_CIPHER_CTX *)opensslAesCtx->append != NULL) {
986 EVP_CIPHER_CTX_free((EVP_CIPHER_CTX *)opensslAesCtx->append);
987 opensslAesCtx->append = NULL;
988 }
989 break;
990 #endif
991 default:
992 HKS_LOG_E("Unsupport aes mode! mode = 0x%" LOG_PUBLIC "x", opensslAesCtx->mode);
993 break;
994 }
995
996 HKS_FREE_PTR(*cryptoCtx);
997 }
998
HksOpensslAesEncrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)999 int32_t HksOpensslAesEncrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
1000 const struct HksBlob *message, struct HksBlob *cipherText, struct HksBlob *tagAead)
1001 {
1002 EVP_CIPHER_CTX *ctx = NULL;
1003 struct HksBlob tmpCipherText = *cipherText;
1004
1005 int32_t ret;
1006 switch (usageSpec->mode) {
1007 #ifdef HKS_SUPPORT_AES_GCM
1008 case HKS_MODE_GCM:
1009 ret = OpensslAesAeadInit(key, usageSpec, true, &ctx);
1010 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
1011 "OpensslAesAeadInit for aes fail, ret = %" LOG_PUBLIC "d", ret)
1012
1013 ret = OpensslAesAeadEncryptFinal(ctx, usageSpec, message, &tmpCipherText, tagAead);
1014 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
1015 "OpensslAesAeadEncryptFinal fail, ret = %" LOG_PUBLIC "d", ret)
1016 break;
1017 #endif
1018 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7) || \
1019 defined(HKS_SUPPORT_AES_CTR_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_NOPADDING) || \
1020 defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1021 case HKS_MODE_CBC:
1022 case HKS_MODE_CTR:
1023 case HKS_MODE_ECB:
1024 ret = OpensslAesCipherInit(key, usageSpec, true, &ctx);
1025 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
1026 "OpensslAesCipherInit fail, ret = %" LOG_PUBLIC "d", ret)
1027
1028 ret = OpensslAesCipherEncryptFinal(ctx, message, &tmpCipherText);
1029 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
1030 "OpensslAesCipherEncryptFinal fail, ret = %" LOG_PUBLIC "d", ret)
1031 break;
1032 #endif
1033 default:
1034 HKS_LOG_E("Unsupport aes mode! mode = 0x%" LOG_PUBLIC "x", usageSpec->mode);
1035 return HKS_ERROR_INVALID_ARGUMENT;
1036 }
1037
1038 cipherText->size = tmpCipherText.size;
1039 return HKS_SUCCESS;
1040 }
1041
HksOpensslAesDecrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * plainText)1042 int32_t HksOpensslAesDecrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
1043 const struct HksBlob *message, struct HksBlob *plainText)
1044 {
1045 EVP_CIPHER_CTX *ctx = NULL;
1046 struct HksBlob tmpPlainText = *plainText;
1047
1048 int32_t ret;
1049 switch (usageSpec->mode) {
1050 case HKS_MODE_GCM:
1051 ret = OpensslAesAeadInit(key, usageSpec, false, &ctx);
1052 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
1053 "OpensslAesAeadDecryptInit fail, ret = %" LOG_PUBLIC "d", ret)
1054
1055 ret = OpensslAesAeadDecryptFinal(ctx, usageSpec, message, &tmpPlainText);
1056 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
1057 "OpensslAesAeadDecryptFinal fail, ret = %" LOG_PUBLIC "d", ret)
1058 break;
1059 case HKS_MODE_CBC:
1060 case HKS_MODE_CTR:
1061 case HKS_MODE_ECB:
1062 ret = OpensslAesCipherInit(key, usageSpec, false, &ctx);
1063 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
1064 "OpensslAesCipherInit fail, ret = %" LOG_PUBLIC "d", ret)
1065
1066 ret = OpensslAesCipherDecryptFinal(ctx, message, &tmpPlainText);
1067 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret,
1068 "OpensslAesCipherDecryptFinal fail, ret = %" LOG_PUBLIC "d", ret)
1069 break;
1070 default:
1071 HKS_LOG_E("Unsupport aes mode! mode = 0x%" LOG_PUBLIC "x", usageSpec->mode);
1072 return HKS_ERROR_INVALID_ARGUMENT;
1073 }
1074
1075 plainText->size = tmpPlainText.size;
1076 return ret;
1077 }
1078 #endif
1079