1 /*
2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #include "hks_config.h"
20 #endif
21
22 #ifdef HKS_SUPPORT_RSA_C
23
24 #include "hks_openssl_rsa.h"
25
26 #include <openssl/bn.h>
27 #include <openssl/evp.h>
28 #include <openssl/ossl_typ.h>
29 #include <openssl/rsa.h>
30 #include <stdbool.h>
31 #include <stddef.h>
32
33 #include "hks_log.h"
34 #include "hks_mem.h"
35 #include "hks_openssl_engine.h"
36 #include "hks_template.h"
37 #include "securec.h"
38
RsaGenKeyCheckParam(const struct HksKeySpec * spec)39 static int32_t RsaGenKeyCheckParam(const struct HksKeySpec *spec)
40 {
41 switch (spec->keyLen) {
42 case HKS_RSA_KEY_SIZE_512:
43 case HKS_RSA_KEY_SIZE_768:
44 case HKS_RSA_KEY_SIZE_1024:
45 case HKS_RSA_KEY_SIZE_2048:
46 case HKS_RSA_KEY_SIZE_3072:
47 case HKS_RSA_KEY_SIZE_4096:
48 return HKS_SUCCESS;
49 default:
50 HKS_LOG_E("Invlid rsa key len %" LOG_PUBLIC "x!", spec->keyLen);
51 return HKS_ERROR_INVALID_ARGUMENT;
52 }
53 }
54
RsaCheckKeyMaterial(const struct HksBlob * key)55 static int32_t RsaCheckKeyMaterial(const struct HksBlob *key)
56 {
57 const struct KeyMaterialRsa *keyMaterial = (struct KeyMaterialRsa *)(key->data);
58 if (keyMaterial->keyAlg != HKS_ALG_RSA) {
59 return HKS_ERROR_INVALID_KEY_INFO;
60 }
61 if (key->size != sizeof(struct KeyMaterialRsa) + keyMaterial->nSize + keyMaterial->eSize + keyMaterial->dSize) {
62 return HKS_ERROR_INVALID_KEY_INFO;
63 }
64 return HKS_SUCCESS;
65 }
66
InitRsaKeyBuf(const struct KeyMaterialRsa * keyMaterial,struct HksBlob * bufBlob)67 int32_t InitRsaKeyBuf(const struct KeyMaterialRsa *keyMaterial, struct HksBlob *bufBlob)
68 {
69 uint32_t maxSize;
70 if (keyMaterial->nSize >= keyMaterial->eSize) {
71 maxSize = keyMaterial->nSize;
72 } else {
73 maxSize = keyMaterial->eSize;
74 }
75
76 if (maxSize < keyMaterial->dSize) {
77 maxSize = keyMaterial->dSize;
78 }
79
80 bufBlob->data = (uint8_t *)HksMalloc(maxSize);
81 HKS_IF_NULL_LOGE_RETURN(bufBlob->data, HKS_ERROR_MALLOC_FAIL, "HksMalloc failed!")
82
83 bufBlob->size = maxSize;
84 return HKS_SUCCESS;
85 }
86
InitRsaStruct(const struct HksBlob * key,const bool needPrivateExponent)87 static RSA *InitRsaStruct(const struct HksBlob *key, const bool needPrivateExponent)
88 {
89 const struct KeyMaterialRsa *keyMaterial = (struct KeyMaterialRsa *)(key->data);
90 struct HksBlob bufBlob = { 0, NULL };
91 int32_t ret = InitRsaKeyBuf(keyMaterial, &bufBlob);
92 HKS_IF_NOT_SUCC_RETURN(ret, NULL)
93
94 bool copyFail = false;
95 uint32_t offset = sizeof(*keyMaterial);
96 if (memcpy_s(bufBlob.data, bufBlob.size, key->data + offset, keyMaterial->nSize) != EOK) {
97 copyFail = true;
98 }
99 BIGNUM *n = BN_bin2bn(bufBlob.data, keyMaterial->nSize, NULL);
100 offset += keyMaterial->nSize;
101 if (memcpy_s(bufBlob.data, bufBlob.size, key->data + offset, keyMaterial->eSize) != EOK) {
102 copyFail = true;
103 }
104 BIGNUM *e = BN_bin2bn(bufBlob.data, keyMaterial->eSize, NULL);
105 offset += keyMaterial->eSize;
106 BIGNUM *d = NULL;
107 if (needPrivateExponent) {
108 if (memcpy_s(bufBlob.data, bufBlob.size, key->data + offset, keyMaterial->dSize) != EOK) {
109 copyFail = true;
110 }
111 d = BN_bin2bn(bufBlob.data, keyMaterial->dSize, NULL);
112 }
113
114 RSA *rsa = NULL;
115 do {
116 if (copyFail) {
117 break;
118 }
119
120 rsa = RSA_new();
121 if (rsa != NULL) {
122 ret = RSA_set0_key(rsa, n, e, d);
123 if (ret != HKS_OPENSSL_SUCCESS) {
124 RSA_free(rsa);
125 rsa = NULL;
126 break;
127 }
128 }
129 } while (0);
130
131 if (rsa == NULL) {
132 SELF_FREE_PTR(n, BN_free);
133 SELF_FREE_PTR(e, BN_free);
134 SELF_FREE_PTR(d, BN_free);
135 }
136
137 (void)memset_s(bufBlob.data, bufBlob.size, 0, HKS_KEY_BYTES(keyMaterial->keySize));
138 HksFree(bufBlob.data);
139 return rsa;
140 }
141
142 #ifdef HKS_SUPPORT_RSA_GENERATE_KEY
RsaSaveKeyMaterial(const RSA * rsa,const uint32_t keySize,struct HksBlob * key)143 static int32_t RsaSaveKeyMaterial(const RSA *rsa, const uint32_t keySize, struct HksBlob *key)
144 {
145 const uint32_t keyByteLen = keySize / HKS_BITS_PER_BYTE;
146 const uint32_t rawMaterialLen = sizeof(struct KeyMaterialRsa) + keyByteLen * HKS_RSA_KEYPAIR_CNT;
147 uint8_t *rawMaterial = (uint8_t *)HksMalloc(rawMaterialLen);
148 HKS_IF_NULL_RETURN(rawMaterial, HKS_ERROR_MALLOC_FAIL)
149
150 (void)memset_s(rawMaterial, rawMaterialLen, 0, rawMaterialLen);
151
152 struct KeyMaterialRsa *keyMaterial = (struct KeyMaterialRsa *)rawMaterial;
153 keyMaterial->keyAlg = HKS_ALG_RSA;
154 keyMaterial->keySize = keySize;
155
156 uint8_t tmp_buff[keyByteLen];
157 if (memset_s(tmp_buff, keyByteLen, 0, keyByteLen) != EOK) {
158 HksFree(rawMaterial);
159 return HKS_ERROR_INSUFFICIENT_MEMORY;
160 }
161
162 uint32_t offset = sizeof(*keyMaterial);
163 keyMaterial->nSize = (uint32_t)BN_bn2bin(RSA_get0_n(rsa), tmp_buff);
164 if (memcpy_s(rawMaterial + offset, keyByteLen, tmp_buff, keyMaterial->nSize) != EOK) {
165 HksFree(rawMaterial);
166 return HKS_ERROR_INSUFFICIENT_MEMORY;
167 }
168
169 offset += keyMaterial->nSize;
170 keyMaterial->eSize = (uint32_t)BN_bn2bin(RSA_get0_e(rsa), tmp_buff);
171 if (memcpy_s(rawMaterial + offset, keyByteLen, tmp_buff, keyMaterial->eSize) != EOK) {
172 HksFree(rawMaterial);
173 return HKS_ERROR_INSUFFICIENT_MEMORY;
174 }
175
176 offset += keyMaterial->eSize;
177 keyMaterial->dSize = (uint32_t)BN_bn2bin(RSA_get0_d(rsa), tmp_buff);
178 if (memcpy_s(rawMaterial + offset, keyByteLen, tmp_buff, keyMaterial->dSize) != EOK) {
179 HksFree(rawMaterial);
180 return HKS_ERROR_INSUFFICIENT_MEMORY;
181 }
182
183 key->data = rawMaterial;
184 key->size = sizeof(struct KeyMaterialRsa) + keyMaterial->nSize + keyMaterial->eSize + keyMaterial->dSize;
185
186 return HKS_SUCCESS;
187 }
188
HksOpensslRsaGenerateKey(const struct HksKeySpec * spec,struct HksBlob * key)189 int32_t HksOpensslRsaGenerateKey(const struct HksKeySpec *spec, struct HksBlob *key)
190 {
191 HKS_IF_NOT_SUCC_LOGE_RETURN(RsaGenKeyCheckParam(spec),
192 HKS_ERROR_INVALID_ARGUMENT, "rsa generate key invalid params!")
193
194 RSA *rsa = RSA_new();
195 BIGNUM *e = BN_new();
196 if (rsa == NULL || e == NULL) {
197 SELF_FREE_PTR(rsa, RSA_free);
198 SELF_FREE_PTR(e, BN_free);
199 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
200 }
201
202 if (BN_set_word(e, RSA_F4) != HKS_OPENSSL_SUCCESS) {
203 SELF_FREE_PTR(rsa, RSA_free);
204 SELF_FREE_PTR(e, BN_free);
205 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
206 }
207
208 if (RSA_generate_key_ex(rsa, spec->keyLen, e, NULL) != HKS_OPENSSL_SUCCESS) {
209 HksLogOpensslError();
210 BN_free(e);
211 RSA_free(rsa);
212 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
213 }
214 BN_free(e);
215
216 int32_t ret = RsaSaveKeyMaterial(rsa, spec->keyLen, key);
217
218 RSA_free(rsa);
219
220 return ret;
221 }
222 #endif /* HKS_SUPPORT_RSA_GENERATE_KEY */
223
224 #ifdef HKS_SUPPORT_RSA_GET_PUBLIC_KEY
HksOpensslGetRsaPubKey(const struct HksBlob * input,struct HksBlob * output)225 int32_t HksOpensslGetRsaPubKey(const struct HksBlob *input, struct HksBlob *output)
226 {
227 struct KeyMaterialRsa *keyMaterial = (struct KeyMaterialRsa *)input->data;
228 output->size = sizeof(struct KeyMaterialRsa) + keyMaterial->nSize + keyMaterial->eSize;
229
230 struct KeyMaterialRsa *publickeyMaterial = (struct KeyMaterialRsa *)output->data;
231 publickeyMaterial->keyAlg = keyMaterial->keyAlg;
232 publickeyMaterial->keySize = keyMaterial->keySize;
233 publickeyMaterial->nSize = keyMaterial->nSize;
234 publickeyMaterial->eSize = keyMaterial->eSize;
235 publickeyMaterial->dSize = 0;
236
237 (void)memcpy_s(output->data + sizeof(struct KeyMaterialRsa), output->size - sizeof(struct KeyMaterialRsa),
238 input->data + sizeof(struct KeyMaterialRsa), keyMaterial->nSize + keyMaterial->eSize);
239
240 return HKS_SUCCESS;
241 }
242 #endif /* HKS_SUPPORT_RSA_GET_PUBLIC_KEY */
243
244 #ifdef HKS_SUPPORT_RSA_CRYPT
GetRsaCryptPadding(uint32_t padding,uint32_t * rsaPadding)245 static int32_t GetRsaCryptPadding(uint32_t padding, uint32_t *rsaPadding)
246 {
247 switch (padding) {
248 #ifdef HKS_SUPPORT_RSA_ECB_NOPADDING
249 case HKS_PADDING_NONE:
250 *rsaPadding = RSA_NO_PADDING;
251 return HKS_SUCCESS;
252 #endif
253 #ifdef HKS_SUPPORT_RSA_ECB_PKCS1PADDING
254 case HKS_PADDING_PKCS1_V1_5:
255 *rsaPadding = RSA_PKCS1_PADDING;
256 return HKS_SUCCESS;
257 #endif
258 #if defined(HKS_SUPPORT_RSA_ECB_OEAPPADDING) || defined(HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA1MGF1) || \
259 defined(HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA224MGF1) || defined(HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA256MGF1) || \
260 defined(HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA384MGF1) || defined(HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA512MGF1)
261 case HKS_PADDING_OAEP:
262 *rsaPadding = RSA_PKCS1_OAEP_PADDING;
263 return HKS_SUCCESS;
264 #endif
265 default:
266 return HKS_ERROR_NOT_SUPPORTED;
267 }
268 }
269
InitEvpPkeyCtx(const struct HksBlob * key,bool encrypt)270 static EVP_PKEY_CTX *InitEvpPkeyCtx(const struct HksBlob *key, bool encrypt)
271 {
272 int32_t ret = RsaCheckKeyMaterial(key);
273 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, NULL, "check key material failed")
274
275 RSA *rsa = InitRsaStruct(key, !encrypt);
276 HKS_IF_NULL_LOGE_RETURN(rsa, NULL, "initialize rsa key failed")
277
278 EVP_PKEY *pkey = EVP_PKEY_new();
279 if (pkey == NULL) {
280 RSA_free(rsa);
281 HksLogOpensslError();
282 return NULL;
283 }
284
285 ret = EVP_PKEY_assign_RSA(pkey, rsa);
286 if (ret != HKS_OPENSSL_SUCCESS) {
287 HksLogOpensslError();
288 RSA_free(rsa);
289 EVP_PKEY_free(pkey);
290 return NULL;
291 }
292
293 EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(pkey, NULL);
294 if (ctx == NULL) {
295 HksLogOpensslError();
296 EVP_PKEY_free(pkey);
297 return NULL;
298 }
299
300 if (encrypt) {
301 ret = EVP_PKEY_encrypt_init(ctx);
302 } else {
303 ret = EVP_PKEY_decrypt_init(ctx);
304 }
305 if (ret != HKS_OPENSSL_SUCCESS) {
306 HksLogOpensslError();
307 EVP_PKEY_free(pkey);
308 EVP_PKEY_CTX_free(ctx);
309 return NULL;
310 }
311
312 EVP_PKEY_free(pkey);
313 return ctx;
314 }
315
HksOpensslRsaCryptInit(EVP_PKEY_CTX * ctx,const struct HksUsageSpec * usageSpec)316 static int32_t HksOpensslRsaCryptInit(EVP_PKEY_CTX *ctx, const struct HksUsageSpec *usageSpec)
317 {
318 int32_t ret;
319 uint32_t padding = 0;
320 HKS_IF_NOT_SUCC_LOGE_RETURN(GetRsaCryptPadding(usageSpec->padding, &padding),
321 HKS_ERROR_CRYPTO_ENGINE_ERROR, "Unsupport padding.")
322
323 ret = EVP_PKEY_CTX_set_rsa_padding(ctx, padding);
324 if (ret <= 0) {
325 HksLogOpensslError();
326 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
327 }
328
329 if (usageSpec->padding == HKS_PADDING_OAEP) {
330 const EVP_MD *md = GetOpensslAlg(usageSpec->digest);
331 if ((md == NULL) || (EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md) <= 0) ||
332 (EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) <= 0)) {
333 HksLogOpensslError();
334 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
335 }
336 }
337 return HKS_SUCCESS;
338 }
339
HksOpensslRsaCrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)340 static int32_t HksOpensslRsaCrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
341 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
342 {
343 int32_t ret;
344 EVP_PKEY_CTX *ctx = InitEvpPkeyCtx(key, encrypt);
345 if (ctx == NULL) {
346 HksLogOpensslError();
347 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
348 }
349
350 if (HksOpensslRsaCryptInit(ctx, usageSpec) != HKS_SUCCESS) {
351 EVP_PKEY_CTX_free(ctx);
352 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
353 }
354
355 size_t outLen;
356 if (encrypt) {
357 ret = EVP_PKEY_encrypt(ctx, NULL, &outLen, message->data, message->size);
358 } else {
359 ret = EVP_PKEY_decrypt(ctx, NULL, &outLen, message->data, message->size);
360 }
361 if (ret != HKS_OPENSSL_SUCCESS) {
362 HksLogOpensslError();
363 EVP_PKEY_CTX_free(ctx);
364 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
365 }
366
367 if (outLen > cipherText->size) {
368 HksLogOpensslError();
369 EVP_PKEY_CTX_free(ctx);
370 return HKS_ERROR_INVALID_ARGUMENT;
371 }
372
373 if (encrypt) {
374 ret = EVP_PKEY_encrypt(ctx, cipherText->data, &outLen, message->data, message->size);
375 } else {
376 ret = EVP_PKEY_decrypt(ctx, cipherText->data, &outLen, message->data, message->size);
377 }
378 if (ret != HKS_OPENSSL_SUCCESS) {
379 HksLogOpensslError();
380 EVP_PKEY_CTX_free(ctx);
381 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
382 }
383 cipherText->size = outLen;
384
385 EVP_PKEY_CTX_free(ctx);
386 return HKS_SUCCESS;
387 }
388
HksOpensslRsaEncrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)389 int32_t HksOpensslRsaEncrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
390 const struct HksBlob *message, struct HksBlob *cipherText, struct HksBlob *tagAead)
391 {
392 (void)tagAead;
393 return HksOpensslRsaCrypt(key, usageSpec, message, true, cipherText);
394 }
395
HksOpensslRsaDecrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText)396 int32_t HksOpensslRsaDecrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
397 const struct HksBlob *message, struct HksBlob *cipherText)
398 {
399 return HksOpensslRsaCrypt(key, usageSpec, message, false, cipherText);
400 }
401 #endif /* HKS_SUPPORT_RSA_CRYPT */
402
403 #ifdef HKS_SUPPORT_RSA_SIGN_VERIFY
GetRsaSignPadding(uint32_t padding,uint32_t * rsaPadding)404 static int32_t GetRsaSignPadding(uint32_t padding, uint32_t *rsaPadding)
405 {
406 switch (padding) {
407 case HKS_PADDING_PKCS1_V1_5:
408 *rsaPadding = RSA_PKCS1_PADDING;
409 return HKS_SUCCESS;
410 case HKS_PADDING_PSS:
411 *rsaPadding = RSA_PKCS1_PSS_PADDING;
412 return HKS_SUCCESS;
413 case HKS_PADDING_NONE:
414 *rsaPadding = RSA_NO_PADDING;
415 return HKS_SUCCESS;
416 default:
417 return HKS_ERROR_NOT_SUPPORTED;
418 }
419 }
420
SetRsaPadding(EVP_PKEY_CTX * ctx,const struct HksUsageSpec * usageSpec)421 static int32_t SetRsaPadding(EVP_PKEY_CTX *ctx, const struct HksUsageSpec *usageSpec)
422 {
423 uint32_t opensslPadding = 0;
424 int32_t ret = GetRsaSignPadding(usageSpec->padding, &opensslPadding);
425 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_PADDING, "Unsupport padding.")
426
427 if (EVP_PKEY_CTX_set_rsa_padding(ctx, opensslPadding) != HKS_OPENSSL_SUCCESS) {
428 HksLogOpensslError();
429 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
430 }
431 return HKS_SUCCESS;
432 }
433
InitRsaEvpKey(const struct HksBlob * key,bool signing)434 static EVP_PKEY *InitRsaEvpKey(const struct HksBlob *key, bool signing)
435 {
436 RSA *rsa = InitRsaStruct(key, signing);
437 HKS_IF_NULL_LOGE_RETURN(rsa, NULL, "initialize rsa key failed")
438
439 EVP_PKEY *pkey = EVP_PKEY_new();
440 if (pkey == NULL) {
441 HKS_LOG_E("evp pkey new failed");
442 SELF_FREE_PTR(rsa, RSA_free);
443 return NULL;
444 }
445
446 if (EVP_PKEY_assign_RSA(pkey, rsa) != HKS_OPENSSL_SUCCESS) {
447 HksLogOpensslError();
448 SELF_FREE_PTR(rsa, RSA_free);
449 SELF_FREE_PTR(pkey, EVP_PKEY_free);
450 return NULL;
451 }
452
453 return pkey;
454 }
455
InitRsaCtx(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,bool signing,uint32_t len)456 static EVP_PKEY_CTX *InitRsaCtx(const struct HksBlob *key, const struct HksUsageSpec *usageSpec, bool signing,
457 uint32_t len)
458 {
459 const EVP_MD *opensslAlg = GetOpensslAlg(usageSpec->digest);
460 if (usageSpec->digest == HKS_DIGEST_NONE) {
461 opensslAlg = GetOpensslAlgFromLen(len);
462 }
463
464 if (opensslAlg == NULL) {
465 HKS_LOG_E("get openssl algorithm fail");
466 return NULL;
467 }
468 EVP_PKEY *pkey = NULL;
469 EVP_PKEY_CTX *ctx = NULL;
470 int32_t ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
471 do {
472 pkey = InitRsaEvpKey(key, signing);
473 HKS_IF_NULL_BREAK(pkey)
474
475 ctx = EVP_PKEY_CTX_new(pkey, NULL);
476 HKS_IF_NULL_BREAK(ctx)
477
478 if (signing) {
479 ret = EVP_PKEY_sign_init(ctx);
480 } else {
481 ret = EVP_PKEY_verify_init(ctx);
482 }
483 if (ret != HKS_OPENSSL_SUCCESS) {
484 break;
485 }
486
487 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
488 HKS_IF_NOT_SUCC_BREAK(SetRsaPadding(ctx, usageSpec))
489 if (EVP_PKEY_CTX_set_signature_md(ctx, opensslAlg) != HKS_OPENSSL_SUCCESS) {
490 break;
491 }
492 ret = HKS_SUCCESS;
493 } while (0);
494
495 SELF_FREE_PTR(pkey, EVP_PKEY_free);
496 if (ret != HKS_SUCCESS) {
497 HksLogOpensslError();
498 SELF_FREE_PTR(ctx, EVP_PKEY_CTX_free);
499 }
500
501 return ctx;
502 }
503
HksOpensslRsaSign(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * signature)504 int32_t HksOpensslRsaSign(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
505 const struct HksBlob *message, struct HksBlob *signature)
506 {
507 EVP_PKEY_CTX *ctx = InitRsaCtx(key, usageSpec, true, message->size);
508 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_INVALID_KEY_INFO, "initialize rsa context failed")
509
510 size_t sigSize = (size_t)signature->size;
511 if (EVP_PKEY_sign(ctx, signature->data, &sigSize, message->data, message->size) != HKS_OPENSSL_SUCCESS) {
512 HksLogOpensslError();
513 EVP_PKEY_CTX_free(ctx);
514 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
515 }
516 signature->size = (uint32_t)sigSize;
517 EVP_PKEY_CTX_free(ctx);
518 return HKS_SUCCESS;
519 }
520
HksOpensslRsaVerify(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,const struct HksBlob * signature)521 int32_t HksOpensslRsaVerify(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
522 const struct HksBlob *message, const struct HksBlob *signature)
523 {
524 EVP_PKEY_CTX *ctx = InitRsaCtx(key, usageSpec, false, message->size);
525 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_INVALID_KEY_INFO, "initialize rsa context failed")
526
527 if (EVP_PKEY_verify(ctx, signature->data, signature->size, message->data, message->size) != HKS_OPENSSL_SUCCESS) {
528 HksLogOpensslError();
529 EVP_PKEY_CTX_free(ctx);
530 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
531 }
532 EVP_PKEY_CTX_free(ctx);
533 return HKS_SUCCESS;
534 }
535 #endif /* HKS_SUPPORT_RSA_SIGN_VERIFY */
536 #endif /* HKS_SUPPORT_RSA_C */