1 /*
2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #include "hks_config.h"
20 #endif
21
22 #include "hks_openssl_engine.h"
23
24 #include <openssl/err.h>
25 #include <openssl/evp.h>
26 #include <stdbool.h>
27 #include <stddef.h>
28
29 #include "hks_ability.h"
30 #include "hks_crypto_hal.h"
31 #include "hks_log.h"
32 #include "hks_template.h"
33
HksLogOpensslError(void)34 void HksLogOpensslError(void)
35 {
36 char szErr[HKS_OPENSSL_ERROR_LEN] = {0};
37 unsigned long errCode;
38
39 errCode = ERR_get_error();
40 ERR_error_string_n(errCode, szErr, HKS_OPENSSL_ERROR_LEN);
41
42 HKS_LOG_E("Openssl engine fail, error code = %lu, error string = %" LOG_PUBLIC "s", errCode, szErr);
43 }
44
HksOpensslCheckBlob(const struct HksBlob * blob)45 inline int32_t HksOpensslCheckBlob(const struct HksBlob *blob)
46 {
47 if ((blob == NULL) || (blob->data == NULL) || (blob->size == 0)) {
48 return HKS_ERROR_INVALID_ARGUMENT;
49 }
50 return HKS_SUCCESS;
51 }
52
GenKeyCheckParam(const struct HksKeySpec * spec,const struct HksBlob * key)53 static int32_t GenKeyCheckParam(const struct HksKeySpec *spec, const struct HksBlob *key)
54 {
55 if ((spec == NULL) || (key == NULL)) {
56 HKS_LOG_E("Invalid params!");
57 return HKS_ERROR_INVALID_ARGUMENT;
58 }
59
60 return HKS_SUCCESS;
61 }
62
SignVerifyCheckParam(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,const struct HksBlob * signature)63 static int32_t SignVerifyCheckParam(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
64 const struct HksBlob *message, const struct HksBlob *signature)
65 {
66 HKS_IF_NOT_SUCC_LOGE_RETURN(HksOpensslCheckBlob(key), HKS_ERROR_INVALID_ARGUMENT, "Invalid param key!")
67
68 HKS_IF_NOT_SUCC_LOGE_RETURN(HksOpensslCheckBlob(message), HKS_ERROR_INVALID_ARGUMENT, "Invalid param message!")
69
70 HKS_IF_NOT_SUCC_LOGE_RETURN(HksOpensslCheckBlob(signature), HKS_ERROR_INVALID_ARGUMENT, "Invalid param signature!")
71
72 HKS_IF_NULL_LOGE_RETURN(usageSpec, HKS_ERROR_INVALID_ARGUMENT, "Invalid param usageSpec!")
73
74 return HKS_SUCCESS;
75 }
76
DeriveKeyCheckParam(const struct HksBlob * mainKey,const struct HksKeySpec * derivationSpec,const struct HksBlob * derivedKey)77 static int32_t DeriveKeyCheckParam(
78 const struct HksBlob *mainKey, const struct HksKeySpec *derivationSpec, const struct HksBlob *derivedKey)
79 {
80 HKS_IF_NOT_SUCC_LOGE_RETURN(HksOpensslCheckBlob(mainKey), HKS_ERROR_INVALID_ARGUMENT,
81 "Invalid mainKey params!")
82
83 if ((derivationSpec == NULL) || (derivationSpec->algParam == NULL)) {
84 HKS_LOG_E("Invalid params!");
85 return HKS_ERROR_INVALID_ARGUMENT;
86 }
87
88 HKS_IF_NULL_LOGE_RETURN(derivedKey, HKS_ERROR_INVALID_ARGUMENT, "Invalid params!")
89
90 return HKS_SUCCESS;
91 }
92
AgreeKeyCheckParam(const struct HksBlob * nativeKey,const struct HksBlob * pubKey,const struct HksKeySpec * spec,const struct HksBlob * sharedKey)93 static int32_t AgreeKeyCheckParam(const struct HksBlob *nativeKey, const struct HksBlob *pubKey,
94 const struct HksKeySpec *spec, const struct HksBlob *sharedKey)
95 {
96 HKS_IF_NOT_SUCC_LOGE_RETURN(HksOpensslCheckBlob(nativeKey),
97 HKS_ERROR_INVALID_ARGUMENT, "Invalid nativeKey params!")
98
99 HKS_IF_NOT_SUCC_LOGE_RETURN(HksOpensslCheckBlob(pubKey), HKS_ERROR_INVALID_ARGUMENT, "Invalid pubKey params!")
100
101 HKS_IF_NULL_LOGE_RETURN(spec, HKS_ERROR_INVALID_ARGUMENT, "Invalid spec params!")
102
103 HKS_IF_NULL_LOGE_RETURN(sharedKey, HKS_ERROR_INVALID_ARGUMENT, "Invalid sharedKey params!")
104
105 return HKS_SUCCESS;
106 }
107
EncryptCheckParam(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText)108 static int32_t EncryptCheckParam(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
109 const struct HksBlob *message, struct HksBlob *cipherText)
110 {
111 HKS_IF_NOT_SUCC_LOGE_RETURN(HksOpensslCheckBlob(key), HKS_ERROR_INVALID_ARGUMENT, "Invalid param key!")
112
113 HKS_IF_NOT_SUCC_LOGE_RETURN(HksOpensslCheckBlob(message), HKS_ERROR_INVALID_ARGUMENT, "Invalid param message!")
114
115 HKS_IF_NOT_SUCC_LOGE_RETURN(HksOpensslCheckBlob(cipherText),
116 HKS_ERROR_INVALID_ARGUMENT, "Invalid param cipherText!")
117
118 HKS_IF_NULL_LOGE_RETURN(usageSpec, HKS_ERROR_INVALID_ARGUMENT, "Invalid param usageSpec!")
119
120 return HKS_SUCCESS;
121 }
122
DecryptCheckParam(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText)123 static int32_t DecryptCheckParam(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
124 const struct HksBlob *message, struct HksBlob *cipherText)
125 {
126 return EncryptCheckParam(key, usageSpec, message, cipherText);
127 }
128
GetOpensslAlg(uint32_t alg)129 const EVP_MD *GetOpensslAlg(uint32_t alg)
130 {
131 switch (alg) {
132 case HKS_DIGEST_MD5:
133 return EVP_md5();
134 case HKS_DIGEST_SHA1:
135 return EVP_sha1();
136 case HKS_DIGEST_SHA224:
137 return EVP_sha224();
138 case HKS_DIGEST_SHA256:
139 return EVP_sha256();
140 case HKS_DIGEST_SHA384:
141 return EVP_sha384();
142 case HKS_DIGEST_SHA512:
143 return EVP_sha512();
144 default:
145 return NULL;
146 }
147 }
148
GetOpensslAlgFromLen(uint32_t len)149 const EVP_MD *GetOpensslAlgFromLen(uint32_t len)
150 {
151 HKS_LOG_I("GetOpensslAlgFromLen, %" LOG_PUBLIC "d", len);
152 switch (len) {
153 case AFTER_HASH_LEN_16:
154 return EVP_md5();
155 case AFTER_HASH_LEN_20:
156 return EVP_sha1();
157 case AFTER_HASH_LEN_28:
158 return EVP_sha224();
159 case AFTER_HASH_LEN_32:
160 return EVP_sha256();
161 case AFTER_HASH_LEN_48:
162 return EVP_sha384();
163 case AFTER_HASH_LEN_64:
164 return EVP_sha512();
165 default:
166 return NULL;
167 }
168 }
169
HksCryptoHalFillRandom(struct HksBlob * randomData)170 int32_t HksCryptoHalFillRandom(struct HksBlob *randomData)
171 {
172 HKS_IF_NOT_SUCC_LOGE_RETURN(HksOpensslCheckBlob(randomData), HKS_ERROR_INVALID_ARGUMENT, "Invalid params!")
173
174 FillRandom func = (FillRandom)GetAbility(HKS_CRYPTO_ABILITY_FILL_RANDOM);
175 HKS_IF_NULL_RETURN(func, HKS_ERROR_INVALID_ARGUMENT)
176 return func(randomData);
177 }
178
HksCryptoHalFillPrivRandom(struct HksBlob * randomData)179 int32_t HksCryptoHalFillPrivRandom(struct HksBlob *randomData)
180 {
181 HKS_IF_NOT_SUCC_LOGE_RETURN(HksOpensslCheckBlob(randomData), HKS_ERROR_INVALID_ARGUMENT, "Invalid params!")
182
183 FillRandom func = (FillRandom)GetAbility(HKS_CRYPTO_ABILITY_FILL_PRI_RANDOM);
184 HKS_IF_NULL_RETURN(func, HKS_ERROR_INVALID_ARGUMENT)
185 return func(randomData);
186 }
187
HksCryptoHalGetPubKey(const struct HksBlob * keyIn,struct HksBlob * keyOut)188 int32_t HksCryptoHalGetPubKey(const struct HksBlob *keyIn, struct HksBlob *keyOut)
189 {
190 if (CheckBlob(keyIn) != HKS_SUCCESS || CheckBlob(keyOut) != HKS_SUCCESS) {
191 HKS_LOG_E("Invalid params!");
192 return HKS_ERROR_INVALID_ARGUMENT;
193 }
194
195 /* KeyMaterialRsa, KeyMaterialEcc, KeyMaterial25519's size are same */
196 if (keyIn->size < sizeof(struct KeyMaterialRsa)) {
197 HKS_LOG_E("Invalid params key size!");
198 return HKS_ERROR_INVALID_KEY_SIZE;
199 }
200
201 struct KeyMaterialRsa *key = (struct KeyMaterialRsa *)(keyIn->data);
202 PubKey func = (PubKey)GetAbility(HKS_CRYPTO_ABILITY_GET_PUBLIC_KEY(key->keyAlg));
203 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT,
204 "PubKey func is null, keyAlg:%" LOG_PUBLIC "d", key->keyAlg)
205 return func(keyIn, keyOut);
206 }
207
HksCryptoHalGetMainKey(const struct HksBlob * message,struct HksBlob * mainKey)208 int32_t HksCryptoHalGetMainKey(const struct HksBlob *message, struct HksBlob *mainKey)
209 {
210 GetMainKey func = (GetMainKey)GetAbility(HKS_CRYPTO_ABILITY_GET_MAIN_KEY);
211 HKS_IF_NULL_RETURN(func, HKS_ERROR_INVALID_ARGUMENT)
212 return func(message, mainKey);
213 }
214
HksCryptoHalHmac(const struct HksBlob * key,uint32_t digestAlg,const struct HksBlob * msg,struct HksBlob * mac)215 int32_t HksCryptoHalHmac(const struct HksBlob *key, uint32_t digestAlg, const struct HksBlob *msg, struct HksBlob *mac)
216 {
217 if (CheckBlob(key) != HKS_SUCCESS || CheckBlob(msg) != HKS_SUCCESS) {
218 HKS_LOG_E("Invalid params!");
219 return HKS_ERROR_INVALID_ARGUMENT;
220 }
221
222 Hmac func = (Hmac)GetAbility(HKS_CRYPTO_ABILITY_HMAC);
223 HKS_IF_NULL_RETURN(func, HKS_ERROR_INVALID_ARGUMENT)
224 return func(key, digestAlg, msg, mac);
225 }
226
HksCryptoHalHmacInit(const struct HksBlob * key,uint32_t digestAlg,void ** ctx)227 int32_t HksCryptoHalHmacInit(const struct HksBlob *key, uint32_t digestAlg, void **ctx)
228 {
229 if (CheckBlob(key) != HKS_SUCCESS || ctx == NULL) {
230 HKS_LOG_E("Invalid params!");
231 return HKS_ERROR_INVALID_ARGUMENT;
232 }
233
234 HmacInit func = (HmacInit)GetAbility(HKS_CRYPTO_ABILITY_HMAC_INIT);
235 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "HmacInit func is null!")
236
237 return func(ctx, key, digestAlg);
238 }
239
HksCryptoHalHmacUpdate(const struct HksBlob * chunk,void * ctx)240 int32_t HksCryptoHalHmacUpdate(const struct HksBlob *chunk, void *ctx)
241 {
242 if (CheckBlob(chunk) != HKS_SUCCESS || ctx == NULL) {
243 HKS_LOG_E("Invalid params!");
244 return HKS_ERROR_INVALID_ARGUMENT;
245 }
246
247 HmacUpdate func = (HmacUpdate)GetAbility(HKS_CRYPTO_ABILITY_HMAC_UPDATE);
248 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "HmacUpdate func is null!")
249
250 return func(ctx, chunk);
251 }
252
HksCryptoHalHmacFinal(const struct HksBlob * msg,void ** ctx,struct HksBlob * mac)253 int32_t HksCryptoHalHmacFinal(const struct HksBlob *msg, void **ctx, struct HksBlob *mac)
254 {
255 if (msg == NULL || ctx == NULL || CheckBlob(mac) != HKS_SUCCESS) {
256 HKS_LOG_E("Invalid params!");
257 return HKS_ERROR_INVALID_ARGUMENT;
258 }
259
260 HmacFinal func = (HmacFinal)GetAbility(HKS_CRYPTO_ABILITY_HMAC_FINAL);
261 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "HmacFinal func is null!")
262
263 return func(ctx, msg, mac);
264 }
265
HksCryptoHalHmacFreeCtx(void ** ctx)266 void HksCryptoHalHmacFreeCtx(void **ctx)
267 {
268 FreeCtx func = (FreeCtx)GetAbility(HKS_CRYPTO_ABILITY_HMAC_FREE_CTX);
269 if (func == NULL) {
270 HKS_LOG_E("CryptoHalHmacFreeCtx func is null");
271 return;
272 }
273
274 return func(ctx);
275 }
276
HksCryptoHalHash(uint32_t alg,const struct HksBlob * msg,struct HksBlob * hash)277 int32_t HksCryptoHalHash(uint32_t alg, const struct HksBlob *msg, struct HksBlob *hash)
278 {
279 Hash func = (Hash)GetAbility(HKS_CRYPTO_ABILITY_HASH);
280 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "Hash func is null!")
281 return func(alg, msg, hash);
282 }
283
HksCryptoHalHashInit(uint32_t alg,void ** ctx)284 int32_t HksCryptoHalHashInit(uint32_t alg, void **ctx)
285 {
286 HashInit func = (HashInit)GetAbility(HKS_CRYPTO_ABILITY_HASH_INIT);
287 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "HashInit func is null!")
288
289 return func(ctx, alg);
290 }
291
HksCryptoHalHashUpdate(const struct HksBlob * msg,void * ctx)292 int32_t HksCryptoHalHashUpdate(const struct HksBlob *msg, void *ctx)
293 {
294 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckBlob(msg), HKS_ERROR_INVALID_ARGUMENT, "Invalid params!")
295
296 HashUpdate func = (HashUpdate)GetAbility(HKS_CRYPTO_ABILITY_HASH_UPDATE);
297 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "HashUpdate func is null!")
298
299 return func(ctx, msg);
300 }
301
HksCryptoHalHashFinal(const struct HksBlob * msg,void ** ctx,struct HksBlob * hash)302 int32_t HksCryptoHalHashFinal(const struct HksBlob *msg, void **ctx, struct HksBlob *hash)
303 {
304 HashFinal func = (HashFinal)GetAbility(HKS_CRYPTO_ABILITY_HASH_FINAL);
305 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "HashFinal func is null!")
306
307 return func(ctx, msg, hash);
308 }
309
HksCryptoHalHashFreeCtx(void ** ctx)310 void HksCryptoHalHashFreeCtx(void **ctx)
311 {
312 FreeCtx func = (FreeCtx)GetAbility(HKS_CRYPTO_ABILITY_HASH_FREE_CTX);
313 if (func == NULL) {
314 HKS_LOG_E("CryptoHalHashFreeCtx func is null");
315 return;
316 }
317
318 func(ctx);
319 }
320
HksCryptoHalBnExpMod(struct HksBlob * x,const struct HksBlob * a,const struct HksBlob * e,const struct HksBlob * n)321 int32_t HksCryptoHalBnExpMod(
322 struct HksBlob *x, const struct HksBlob *a, const struct HksBlob *e, const struct HksBlob *n)
323 {
324 BnExpMod func = (BnExpMod)GetAbility(HKS_CRYPTO_ABILITY_BN_EXP_MOD);
325 HKS_IF_NULL_RETURN(func, HKS_ERROR_INVALID_ARGUMENT)
326 return func(x, a, e, n);
327 }
328
HksCryptoHalGenerateKey(const struct HksKeySpec * spec,struct HksBlob * key)329 int32_t HksCryptoHalGenerateKey(const struct HksKeySpec *spec, struct HksBlob *key)
330 {
331 int32_t ret = GenKeyCheckParam(spec, key);
332 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_ARGUMENT, "Invalid params!")
333
334 GenerateKey func = (GenerateKey)GetAbility(HKS_CRYPTO_ABILITY_GENERATE_KEY(spec->algType));
335 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "GenerateKey func is null!")
336 return func(spec, key);
337 }
338
HksCryptoHalAgreeKey(const struct HksBlob * nativeKey,const struct HksBlob * pubKey,const struct HksKeySpec * spec,struct HksBlob * sharedKey)339 int32_t HksCryptoHalAgreeKey(const struct HksBlob *nativeKey, const struct HksBlob *pubKey,
340 const struct HksKeySpec *spec, struct HksBlob *sharedKey)
341 {
342 int32_t ret = AgreeKeyCheckParam(nativeKey, pubKey, spec, sharedKey);
343 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_ARGUMENT, "Invalid params!")
344
345 AgreeKey func = (AgreeKey)GetAbility(HKS_CRYPTO_ABILITY_AGREE_KEY(spec->algType));
346 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "AgreeKey func is null!")
347 return func(nativeKey, pubKey, spec, sharedKey);
348 }
349
HksCryptoHalSign(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * signature)350 int32_t HksCryptoHalSign(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
351 const struct HksBlob *message, struct HksBlob *signature)
352 {
353 int32_t ret = SignVerifyCheckParam(key, usageSpec, message, signature);
354 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_ARGUMENT, "Invalid params!")
355
356 Sign func = (Sign)GetAbility(HKS_CRYPTO_ABILITY_SIGN(usageSpec->algType));
357 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "Sign func is null!")
358 return func(key, usageSpec, message, signature);
359 }
360
HksCryptoHalVerify(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,const struct HksBlob * signature)361 int32_t HksCryptoHalVerify(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
362 const struct HksBlob *message, const struct HksBlob *signature)
363 {
364 int32_t ret = SignVerifyCheckParam(key, usageSpec, message, signature);
365 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_ARGUMENT, "Invalid params!")
366
367 Verify func = (Verify)GetAbility(HKS_CRYPTO_ABILITY_VERIFY(usageSpec->algType));
368 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "Verify func is null!")
369 return func(key, usageSpec, message, signature);
370 }
371
HksCryptoHalDeriveKey(const struct HksBlob * masterKey,const struct HksKeySpec * derivationSpec,struct HksBlob * derivedKey)372 int32_t HksCryptoHalDeriveKey(
373 const struct HksBlob *masterKey, const struct HksKeySpec *derivationSpec, struct HksBlob *derivedKey)
374 {
375 int32_t ret = DeriveKeyCheckParam(masterKey, derivationSpec, derivedKey);
376 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_ARGUMENT, "Invalid params!")
377
378 DeriveKey func = (DeriveKey)GetAbility(HKS_CRYPTO_ABILITY_DERIVE_KEY(derivationSpec->algType));
379 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "DeriveKey func is null!")
380 return func(masterKey, derivationSpec, derivedKey);
381 }
382
HksCryptoHalEncrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)383 int32_t HksCryptoHalEncrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
384 const struct HksBlob *message, struct HksBlob *cipherText, struct HksBlob *tagAead)
385 {
386 int32_t ret = EncryptCheckParam(key, usageSpec, message, cipherText);
387 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_ARGUMENT, "Invalid params!")
388
389 Encrypt func = (Encrypt)GetAbility(HKS_CRYPTO_ABILITY_ENCRYPT(usageSpec->algType));
390 HKS_IF_NULL_RETURN(func, HKS_ERROR_INVALID_ARGUMENT)
391 return func(key, usageSpec, message, cipherText, tagAead);
392 }
393
HksCryptoHalEncryptInit(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,void ** ctx)394 int32_t HksCryptoHalEncryptInit(const struct HksBlob *key, const struct HksUsageSpec *usageSpec, void **ctx)
395 {
396 if (HksOpensslCheckBlob(key) != HKS_SUCCESS || ctx == NULL) {
397 HKS_LOG_E("Invalid param key!");
398 return HKS_ERROR_INVALID_ARGUMENT;
399 }
400
401 HKS_IF_NULL_LOGE_RETURN(usageSpec, HKS_ERROR_INVALID_ARGUMENT, "Invalid param usageSpec!")
402
403 EncryptInit func = (EncryptInit)GetAbility(HKS_CRYPTO_ABILITY_ENCRYPT_INIT(usageSpec->algType));
404 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "EncryptInit func is null!")
405
406 return func(ctx, key, usageSpec, true);
407 }
408
HksCryptoHalEncryptUpdate(const struct HksBlob * message,void * ctx,struct HksBlob * out,const uint32_t algtype)409 int32_t HksCryptoHalEncryptUpdate(const struct HksBlob *message,
410 void *ctx, struct HksBlob *out, const uint32_t algtype)
411 {
412 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckBlob(message), HKS_ERROR_INVALID_ARGUMENT, "Invalid param message!")
413
414 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckBlob(out), HKS_ERROR_INVALID_ARGUMENT, "Invalid param outdata!")
415
416 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_INVALID_ARGUMENT, "Invalid param ctx!")
417
418 EncryptUpdate func = (EncryptUpdate)GetAbility(HKS_CRYPTO_ABILITY_ENCRYPT_UPDATE(algtype));
419 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "EncryptUpdate func is null!")
420
421 return func(ctx, message, out, true);
422 }
423
HksCryptoHalEncryptFinal(const struct HksBlob * message,void ** ctx,struct HksBlob * cipherText,struct HksBlob * tagAead,const uint32_t algtype)424 int32_t HksCryptoHalEncryptFinal(const struct HksBlob *message, void **ctx, struct HksBlob *cipherText,
425 struct HksBlob *tagAead, const uint32_t algtype)
426 {
427 HKS_IF_NULL_LOGE_RETURN(message, HKS_ERROR_INVALID_ARGUMENT, "Invalid param message!")
428
429 if (ctx == NULL || *ctx == NULL) {
430 HKS_LOG_E("Invalid param ctx!");
431 return HKS_ERROR_INVALID_ARGUMENT;
432 }
433
434 EncryptFinal func = (EncryptFinal)GetAbility(HKS_CRYPTO_ABILITY_ENCRYPT_FINAL(algtype));
435 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "EncryptFinal func is null!")
436
437 return func(ctx, message, cipherText, tagAead, true);
438 }
439
HksCryptoHalEncryptFreeCtx(void ** ctx,const uint32_t algtype)440 void HksCryptoHalEncryptFreeCtx(void **ctx, const uint32_t algtype)
441 {
442 FreeCtx func = (FreeCtx)GetAbility(HKS_CRYPTO_ABILITY_ENCRYPT_FREE_CTX(algtype));
443 if (func == NULL) {
444 HKS_LOG_E("CryptoHalEncryptFreeCtx func is null");
445 return;
446 }
447
448 return func(ctx);
449 }
450
HksCryptoHalDecrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText)451 int32_t HksCryptoHalDecrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
452 const struct HksBlob *message, struct HksBlob *cipherText)
453 {
454 int32_t ret = DecryptCheckParam(key, usageSpec, message, cipherText);
455 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_ARGUMENT, "Invalid params!")
456
457 Decrypt func = (Decrypt)GetAbility(HKS_CRYPTO_ABILITY_DECRYPT(usageSpec->algType));
458 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "Unsupport alg now!")
459 return func(key, usageSpec, message, cipherText);
460 }
461
HksCryptoHalDecryptInit(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,void ** ctx)462 int32_t HksCryptoHalDecryptInit(const struct HksBlob *key, const struct HksUsageSpec *usageSpec, void **ctx)
463 {
464 HKS_IF_NOT_SUCC_LOGE_RETURN(HksOpensslCheckBlob(key), HKS_ERROR_INVALID_ARGUMENT, "Invalid param key!")
465
466 HKS_IF_NULL_LOGE_RETURN(usageSpec, HKS_ERROR_INVALID_ARGUMENT, "Invalid param usageSpec!")
467
468 DecryptInit func = (DecryptInit)GetAbility(HKS_CRYPTO_ABILITY_DECRYPT_INIT(usageSpec->algType));
469 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "DecryptInit func is null!")
470
471 return func(ctx, key, usageSpec, false);
472 }
473
HksCryptoHalDecryptUpdate(const struct HksBlob * message,void * ctx,struct HksBlob * out,const uint32_t algtype)474 int32_t HksCryptoHalDecryptUpdate(const struct HksBlob *message,
475 void *ctx, struct HksBlob *out, const uint32_t algtype)
476 {
477 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckBlob(message), HKS_ERROR_INVALID_ARGUMENT, "Invalid param message!")
478
479 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckBlob(out), HKS_ERROR_INVALID_ARGUMENT, "Invalid param outdata!")
480
481 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_INVALID_ARGUMENT, "Invalid param ctx !")
482
483 DecryptUpdate func = (DecryptUpdate)GetAbility(HKS_CRYPTO_ABILITY_DECRYPT_UPDATE(algtype));
484 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "Unsupport alg now!")
485 return func(ctx, message, out, false);
486 }
487
HksCryptoHalDecryptFinal(const struct HksBlob * message,void ** ctx,struct HksBlob * cipherText,struct HksBlob * tagAead,const uint32_t algtype)488 int32_t HksCryptoHalDecryptFinal(const struct HksBlob *message, void **ctx, struct HksBlob *cipherText,
489 struct HksBlob *tagAead, const uint32_t algtype)
490 {
491 HKS_IF_NULL_LOGE_RETURN(message, HKS_ERROR_INVALID_ARGUMENT, "Invalid param message!")
492
493 if (ctx == NULL || *ctx == NULL) {
494 HKS_LOG_E("Invalid param ctx!");
495 return HKS_ERROR_INVALID_ARGUMENT;
496 }
497
498 DecryptFinal func = (DecryptFinal)GetAbility(HKS_CRYPTO_ABILITY_DECRYPT_FINAL(algtype));
499 HKS_IF_NULL_LOGE_RETURN(func, HKS_ERROR_INVALID_ARGUMENT, "DecryptFinal func is null!")
500
501 return func(ctx, message, cipherText, tagAead, false);
502 }
503
HksCryptoHalDecryptFreeCtx(void ** ctx,const uint32_t algtype)504 void HksCryptoHalDecryptFreeCtx(void **ctx, const uint32_t algtype)
505 {
506 FreeCtx func = (FreeCtx)GetAbility(HKS_CRYPTO_ABILITY_DECRYPT_FREE_CTX(algtype));
507 if (func == NULL) {
508 HKS_LOG_E("CryptoHalDecryptFreeCtx func is null");
509 return;
510 }
511
512 return func(ctx);
513 }
514