1 /*
2 * Copyright (C) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "openssl_common.h"
17
18 #include <string.h>
19 #include <openssl/err.h>
20 #include "config.h"
21 #include "log.h"
22 #include "result.h"
23 #include "params_parser.h"
24
25 #define PRIMES_2 2
26 #define PRIMES_3 3
27 #define PRIMES_4 4
28 #define PRIMES_5 5
29
30 typedef struct {
31 char *oid;
32 char *algorithmName;
33 } OidToAlgorithmName;
34
35 static const OidToAlgorithmName g_oidToNameMap[] = {
36 { "1.2.840.113549.1.1.2", "MD2withRSA" },
37 { "1.2.840.113549.1.1.4", "MD5withRSA" },
38 { "1.2.840.113549.1.1.5", "SHA1withRSA" },
39 { "1.2.840.10040.4.3", "SHA1withDSA" },
40 { "1.2.840.10045.4.1", "SHA1withECDSA" },
41 { "1.2.840.113549.1.1.14", "SHA224withRSA" },
42 { "1.2.840.113549.1.1.11", "SHA256withRSA" },
43 { "1.2.840.113549.1.1.12", "SHA384withRSA" },
44 { "1.2.840.113549.1.1.13", "SHA512withRSA" },
45 { "2.16.840.1.101.3.4.3.1", "SHA224withDSA" },
46 { "2.16.840.1.101.3.4.3.2", "SHA256withDSA" },
47 { "1.2.840.10045.4.3.1", "SHA224withECDSA" },
48 { "1.2.840.10045.4.3.2", "SHA256withECDSA" },
49 { "1.2.840.10045.4.3.3", "SHA384withECDSA" },
50 { "1.2.840.10045.4.3.4", "SHA512withECDSA" }
51 };
52
GetAlgorithmName(const char * oid)53 const char *GetAlgorithmName(const char *oid)
54 {
55 if (oid == NULL) {
56 LOGE("Oid is null!");
57 return NULL;
58 }
59
60 uint32_t oidCount = sizeof(g_oidToNameMap) / sizeof(OidToAlgorithmName);
61 for (uint32_t i = 0; i < oidCount; i++) {
62 if (strcmp(g_oidToNameMap[i].oid, oid) == 0) {
63 return g_oidToNameMap[i].algorithmName;
64 }
65 }
66 LOGE("Can not find algorithmName! [oid]: %s", oid);
67 return NULL;
68 }
69
GetOpensslCurveId(int32_t keyLen,int32_t * returnCurveId)70 int32_t GetOpensslCurveId(int32_t keyLen, int32_t *returnCurveId)
71 {
72 switch (keyLen) {
73 case HCF_ALG_ECC_224:
74 *returnCurveId = NID_secp224r1;
75 break;
76 case HCF_ALG_ECC_256:
77 *returnCurveId = NID_X9_62_prime256v1;
78 break;
79 case HCF_ALG_ECC_384:
80 *returnCurveId = NID_secp384r1;
81 break;
82 case HCF_ALG_ECC_521:
83 *returnCurveId = NID_secp521r1;
84 break;
85 default:
86 LOGE("invalid key size.");
87 return HCF_INVALID_PARAMS;
88 }
89
90 return HCF_SUCCESS;
91 }
92
GetOpensslDigestAlg(uint32_t alg)93 const EVP_MD *GetOpensslDigestAlg(uint32_t alg)
94 {
95 switch (alg) {
96 case HCF_OPENSSL_DIGEST_NONE:
97 return NULL;
98 case HCF_OPENSSL_DIGEST_MD5:
99 LOGI("set EVP_md5");
100 return EVP_md5();
101 case HCF_OPENSSL_DIGEST_SHA1:
102 LOGI("set EVP_sha1");
103 return EVP_sha1();
104 case HCF_OPENSSL_DIGEST_SHA224:
105 LOGI("set EVP_sha224");
106 return EVP_sha224();
107 case HCF_OPENSSL_DIGEST_SHA256:
108 LOGI("set EVP_sha256");
109 return EVP_sha256();
110 case HCF_OPENSSL_DIGEST_SHA384:
111 LOGI("set EVP_sha384");
112 return EVP_sha384();
113 case HCF_OPENSSL_DIGEST_SHA512:
114 LOGI("set EVP_sha512");
115 return EVP_sha512();
116 default:
117 LOGE("Invalid digest num is %u.", alg);
118 return NULL;
119 }
120 }
121
HcfPrintOpensslError(void)122 void HcfPrintOpensslError(void)
123 {
124 char szErr[LOG_PRINT_MAX_LEN] = {0};
125 unsigned long errCode;
126
127 errCode = ERR_get_error();
128 ERR_error_string_n(errCode, szErr, LOG_PRINT_MAX_LEN);
129
130 LOGE("[Openssl]: engine fail, error code = %lu, error string = %s", errCode, szErr);
131 }
132
GetOpensslPadding(int32_t padding,int32_t * opensslPadding)133 int32_t GetOpensslPadding(int32_t padding, int32_t *opensslPadding)
134 {
135 switch (padding) {
136 case HCF_ALG_NOPADDING:
137 LOGI("set RSA_NO_PADDING");
138 *opensslPadding = RSA_NO_PADDING;
139 return HCF_SUCCESS;
140
141 case HCF_OPENSSL_RSA_PKCS1_PADDING:
142 LOGI("set RSA_PKCS1_PADDING");
143 *opensslPadding = RSA_PKCS1_PADDING;
144 return HCF_SUCCESS;
145
146 case HCF_OPENSSL_RSA_PKCS1_OAEP_PADDING:
147 LOGI("set RSA_PKCS1_OAEP_PADDING");
148 *opensslPadding = RSA_PKCS1_OAEP_PADDING;
149 return HCF_SUCCESS;
150
151 case HCF_OPENSSL_RSA_PSS_PADDING:
152 LOGI("set RSA_PKCS1_PSS_PADDING");
153 *opensslPadding = RSA_PKCS1_PSS_PADDING;
154 return HCF_SUCCESS;
155
156 default:
157 LOGE("Invalid framwork padding = %d", padding);
158 return HCF_INVALID_PARAMS;
159 }
160 }
161
GetRealPrimes(int32_t primesFlag)162 int32_t GetRealPrimes(int32_t primesFlag)
163 {
164 switch (primesFlag) {
165 case HCF_OPENSSL_PRIMES_2:
166 LOGI("set primes 2");
167 return PRIMES_2;
168 case HCF_OPENSSL_PRIMES_3:
169 LOGI("set primes 3");
170 return PRIMES_3;
171 case HCF_OPENSSL_PRIMES_4:
172 LOGI("set primes 4");
173 return PRIMES_4;
174 case HCF_OPENSSL_PRIMES_5:
175 LOGI("set primes 5");
176 return PRIMES_5;
177 default:
178 LOGI("set default primes 2");
179 return PRIMES_2;
180 }
181 }
182
183