1 /*
2 * Copyright (C) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "signature.h"
17
18 #include <securec.h>
19
20 #include "config.h"
21 #include "dsa_openssl.h"
22 #include "ecdsa_openssl.h"
23 #include "log.h"
24 #include "memory.h"
25 #include "params_parser.h"
26 #include "signature_spi.h"
27 #include "signature_rsa_openssl.h"
28 #include "sm2_openssl.h"
29 #include "utils.h"
30
31 typedef HcfResult (*HcfSignSpiCreateFunc)(HcfSignatureParams *, HcfSignSpi **);
32 typedef HcfResult (*HcfVerifySpiCreateFunc)(HcfSignatureParams *, HcfVerifySpi **);
33
34 typedef struct {
35 HcfSign base;
36
37 HcfSignSpi *spiObj;
38
39 char algoName[HCF_MAX_ALGO_NAME_LEN];
40 } HcfSignImpl;
41
42 typedef struct {
43 HcfVerify base;
44
45 HcfVerifySpi *spiObj;
46
47 char algoName[HCF_MAX_ALGO_NAME_LEN];
48 } HcfVerifyImpl;
49
50 typedef struct {
51 HcfAlgValue algo;
52
53 HcfSignSpiCreateFunc createFunc;
54 } HcfSignGenAbility;
55
56 typedef struct {
57 HcfAlgValue algo;
58
59 HcfVerifySpiCreateFunc createFunc;
60 } HcfVerifyGenAbility;
61
62 static const HcfSignGenAbility SIGN_GEN_ABILITY_SET[] = {
63 { HCF_ALG_ECC, HcfSignSpiEcdsaCreate },
64 { HCF_ALG_RSA, HcfSignSpiRsaCreate },
65 { HCF_ALG_DSA, HcfSignSpiDsaCreate },
66 { HCF_ALG_SM2, HcfSignSpiSm2Create }
67 };
68
69 static const HcfVerifyGenAbility VERIFY_GEN_ABILITY_SET[] = {
70 { HCF_ALG_ECC, HcfVerifySpiEcdsaCreate },
71 { HCF_ALG_RSA, HcfVerifySpiRsaCreate },
72 { HCF_ALG_DSA, HcfVerifySpiDsaCreate },
73 { HCF_ALG_SM2, HcfVerifySpiSm2Create }
74 };
75
FindSignAbility(HcfSignatureParams * params)76 static HcfSignSpiCreateFunc FindSignAbility(HcfSignatureParams *params)
77 {
78 for (uint32_t i = 0; i < sizeof(SIGN_GEN_ABILITY_SET) / sizeof(SIGN_GEN_ABILITY_SET[0]); i++) {
79 if (SIGN_GEN_ABILITY_SET[i].algo == params->algo) {
80 return SIGN_GEN_ABILITY_SET[i].createFunc;
81 }
82 }
83 LOGE("Algo not support! [Algo]: %d", params->algo);
84 return NULL;
85 }
86
FindVerifyAbility(HcfSignatureParams * params)87 static HcfVerifySpiCreateFunc FindVerifyAbility(HcfSignatureParams *params)
88 {
89 for (uint32_t i = 0; i < sizeof(VERIFY_GEN_ABILITY_SET) / sizeof(VERIFY_GEN_ABILITY_SET[0]); i++) {
90 if (VERIFY_GEN_ABILITY_SET[i].algo == params->algo) {
91 return VERIFY_GEN_ABILITY_SET[i].createFunc;
92 }
93 }
94 LOGE("Algo not support! [Algo]: %d", params->algo);
95 return NULL;
96 }
97
SetKeyTypeDefault(HcfAlgParaValue value,HcfSignatureParams * paramsObj)98 static void SetKeyTypeDefault(HcfAlgParaValue value, HcfSignatureParams *paramsObj)
99 {
100 switch (value) {
101 case HCF_ALG_ECC_DEFAULT:
102 paramsObj->algo = HCF_ALG_ECC;
103 break;
104 case HCF_ALG_RSA_DEFAULT:
105 paramsObj->algo = HCF_ALG_RSA;
106 break;
107 case HCF_ALG_DSA_DEFAULT:
108 paramsObj->algo = HCF_ALG_DSA;
109 break;
110 case HCF_ALG_SM2_DEFAULT:
111 paramsObj->algo = HCF_ALG_SM2;
112 break;
113 default:
114 LOGE("Invalid algo %u.", value);
115 break;
116 }
117 }
118
SetKeyType(HcfAlgParaValue value,HcfSignatureParams * paramsObj)119 static void SetKeyType(HcfAlgParaValue value, HcfSignatureParams *paramsObj)
120 {
121 switch (value) {
122 case HCF_ALG_ECC_224:
123 case HCF_ALG_ECC_256:
124 case HCF_ALG_ECC_384:
125 case HCF_ALG_ECC_521:
126 paramsObj->algo = HCF_ALG_ECC;
127 break;
128 case HCF_OPENSSL_RSA_512:
129 case HCF_OPENSSL_RSA_768:
130 case HCF_OPENSSL_RSA_1024:
131 case HCF_OPENSSL_RSA_2048:
132 case HCF_OPENSSL_RSA_3072:
133 case HCF_OPENSSL_RSA_4096:
134 case HCF_OPENSSL_RSA_8192:
135 paramsObj->algo = HCF_ALG_RSA;
136 break;
137 case HCF_ALG_DSA_1024:
138 case HCF_ALG_DSA_2048:
139 case HCF_ALG_DSA_3072:
140 paramsObj->algo = HCF_ALG_DSA;
141 break;
142 case HCF_ALG_SM2_256:
143 paramsObj->algo = HCF_ALG_SM2;
144 break;
145 default:
146 LOGE("there is not matched algorithm.");
147 break;
148 }
149 }
150
ParseSignatureParams(const HcfParaConfig * config,void * params)151 static HcfResult ParseSignatureParams(const HcfParaConfig* config, void *params)
152 {
153 if (config == NULL || params == NULL) {
154 return HCF_INVALID_PARAMS;
155 }
156 HcfResult ret = HCF_SUCCESS;
157 HcfSignatureParams *paramsObj = (HcfSignatureParams *)params;
158 LOGD("Set Parameter: %s", config->tag);
159 switch (config->paraType) {
160 case HCF_ALG_TYPE:
161 SetKeyTypeDefault(config->paraValue, paramsObj);
162 break;
163 case HCF_ALG_KEY_TYPE:
164 SetKeyType(config->paraValue, paramsObj);
165 break;
166 case HCF_ALG_DIGEST:
167 paramsObj->md = config->paraValue;
168 break;
169 case HCF_ALG_PADDING_TYPE:
170 paramsObj->padding = config->paraValue;
171 break;
172 case HCF_ALG_MGF1_DIGEST:
173 paramsObj->mgf1md = config->paraValue;
174 break;
175 default:
176 ret = HCF_INVALID_PARAMS;
177 break;
178 }
179 return ret;
180 }
181
GetSignClass(void)182 static const char *GetSignClass(void)
183 {
184 return "HcfSign";
185 }
186
GetVerifyClass(void)187 static const char *GetVerifyClass(void)
188 {
189 return "HcfVerify";
190 }
191
GetSignAlgoName(HcfSign * self)192 static const char *GetSignAlgoName(HcfSign *self)
193 {
194 if (self == NULL) {
195 LOGE("The input self ptr is NULL!");
196 return NULL;
197 }
198 if (!IsClassMatch((HcfObjectBase *)self, GetSignClass())) {
199 return NULL;
200 }
201 return ((HcfSignImpl *)self)->algoName;
202 }
203
GetVerifyAlgoName(HcfVerify * self)204 static const char *GetVerifyAlgoName(HcfVerify *self)
205 {
206 if (self == NULL) {
207 LOGE("The input self ptr is NULL!");
208 return NULL;
209 }
210 if (!IsClassMatch((HcfObjectBase *)self, GetVerifyClass())) {
211 return NULL;
212 }
213 return ((HcfVerifyImpl *)self)->algoName;
214 }
215
DestroySign(HcfObjectBase * self)216 static void DestroySign(HcfObjectBase *self)
217 {
218 if (self == NULL) {
219 return;
220 }
221 if (!IsClassMatch(self, GetSignClass())) {
222 return;
223 }
224 HcfSignImpl *impl = (HcfSignImpl *)self;
225 HcfObjDestroy(impl->spiObj);
226 impl->spiObj = NULL;
227 HcfFree(impl);
228 }
229
DestroyVerify(HcfObjectBase * self)230 static void DestroyVerify(HcfObjectBase *self)
231 {
232 if (self == NULL) {
233 return;
234 }
235 if (!IsClassMatch(self, GetVerifyClass())) {
236 return;
237 }
238 HcfVerifyImpl *impl = (HcfVerifyImpl *)self;
239 HcfObjDestroy(impl->spiObj);
240 impl->spiObj = NULL;
241 HcfFree(impl);
242 }
243
SetSignSpecInt(HcfSign * self,SignSpecItem item,int32_t saltLen)244 static HcfResult SetSignSpecInt(HcfSign *self, SignSpecItem item, int32_t saltLen)
245 {
246 if (self == NULL) {
247 LOGE("Invalid input parameter.");
248 return HCF_INVALID_PARAMS;
249 }
250 if (!IsClassMatch((HcfObjectBase *)self, GetSignClass())) {
251 return HCF_INVALID_PARAMS;
252 }
253 HcfSignImpl *tmpSelf = (HcfSignImpl *)self;
254 return tmpSelf->spiObj->engineSetSignSpecInt(tmpSelf->spiObj, item, saltLen);
255 }
256
GetSignSpecString(HcfSign * self,SignSpecItem item,char ** returnString)257 static HcfResult GetSignSpecString(HcfSign *self, SignSpecItem item, char **returnString)
258 {
259 if (self == NULL || returnString == NULL) {
260 LOGE("Invalid input parameter.");
261 return HCF_INVALID_PARAMS;
262 }
263 if (!IsClassMatch((HcfObjectBase *)self, GetSignClass())) {
264 return HCF_INVALID_PARAMS;
265 }
266 HcfSignImpl *tmpSelf = (HcfSignImpl *)self;
267 return tmpSelf->spiObj->engineGetSignSpecString(tmpSelf->spiObj, item, returnString);
268 }
269
GetSignSpecInt(HcfSign * self,SignSpecItem item,int32_t * returnInt)270 static HcfResult GetSignSpecInt(HcfSign *self, SignSpecItem item, int32_t *returnInt)
271 {
272 if (self == NULL || returnInt == NULL) {
273 LOGE("Invalid input parameter.");
274 return HCF_INVALID_PARAMS;
275 }
276 if (!IsClassMatch((HcfObjectBase *)self, GetSignClass())) {
277 return HCF_INVALID_PARAMS;
278 }
279 HcfSignImpl *tmpSelf = (HcfSignImpl *)self;
280 return tmpSelf->spiObj->engineGetSignSpecInt(tmpSelf->spiObj, item, returnInt);
281 }
282
SignInit(HcfSign * self,HcfParamsSpec * params,HcfPriKey * privateKey)283 static HcfResult SignInit(HcfSign *self, HcfParamsSpec *params, HcfPriKey *privateKey)
284 {
285 if (self == NULL) {
286 LOGE("Invalid input parameter.");
287 return HCF_INVALID_PARAMS;
288 }
289
290 if (!IsClassMatch((HcfObjectBase *)self, GetSignClass())) {
291 return HCF_INVALID_PARAMS;
292 }
293 return ((HcfSignImpl *)self)->spiObj->engineInit(((HcfSignImpl *)self)->spiObj, params, privateKey);
294 }
295
SignUpdate(HcfSign * self,HcfBlob * data)296 static HcfResult SignUpdate(HcfSign *self, HcfBlob *data)
297 {
298 if (self == NULL) {
299 LOGE("Invalid input parameter.");
300 return HCF_INVALID_PARAMS;
301 }
302
303 if (!IsClassMatch((HcfObjectBase *)self, GetSignClass())) {
304 return HCF_INVALID_PARAMS;
305 }
306 return ((HcfSignImpl *)self)->spiObj->engineUpdate(((HcfSignImpl *)self)->spiObj, data);
307 }
308
SignDoFinal(HcfSign * self,HcfBlob * data,HcfBlob * returnSignatureData)309 static HcfResult SignDoFinal(HcfSign *self, HcfBlob *data, HcfBlob *returnSignatureData)
310 {
311 if (self == NULL) {
312 LOGE("Invalid input parameter.");
313 return HCF_INVALID_PARAMS;
314 }
315
316 if (!IsClassMatch((HcfObjectBase *)self, GetSignClass())) {
317 return HCF_INVALID_PARAMS;
318 }
319 return ((HcfSignImpl *)self)->spiObj->engineSign(((HcfSignImpl *)self)->spiObj, data, returnSignatureData);
320 }
321
SetVerifySpecInt(HcfVerify * self,SignSpecItem item,int32_t saltLen)322 static HcfResult SetVerifySpecInt(HcfVerify *self, SignSpecItem item, int32_t saltLen)
323 {
324 if (self == NULL) {
325 LOGE("Invalid input parameter.");
326 return HCF_INVALID_PARAMS;
327 }
328 if (!IsClassMatch((HcfObjectBase *)self, GetVerifyClass())) {
329 return HCF_INVALID_PARAMS;
330 }
331 HcfVerifyImpl *tmpSelf = (HcfVerifyImpl *)self;
332 return tmpSelf->spiObj->engineSetVerifySpecInt(tmpSelf->spiObj, item, saltLen);
333 }
334
GetVerifySpecString(HcfVerify * self,SignSpecItem item,char ** returnString)335 static HcfResult GetVerifySpecString(HcfVerify *self, SignSpecItem item, char **returnString)
336 {
337 if (self == NULL || returnString == NULL) {
338 LOGE("Invalid input parameter.");
339 return HCF_INVALID_PARAMS;
340 }
341 if (!IsClassMatch((HcfObjectBase *)self, GetVerifyClass())) {
342 return HCF_INVALID_PARAMS;
343 }
344 HcfVerifyImpl *tmpSelf = (HcfVerifyImpl *)self;
345 return tmpSelf->spiObj->engineGetVerifySpecString(tmpSelf->spiObj, item, returnString);
346 }
347
GetVerifySpecInt(HcfVerify * self,SignSpecItem item,int32_t * returnInt)348 static HcfResult GetVerifySpecInt(HcfVerify *self, SignSpecItem item, int32_t *returnInt)
349 {
350 if (self == NULL || returnInt == NULL) {
351 LOGE("Invalid input parameter.");
352 return HCF_INVALID_PARAMS;
353 }
354 if (!IsClassMatch((HcfObjectBase *)self, GetVerifyClass())) {
355 return HCF_INVALID_PARAMS;
356 }
357 HcfVerifyImpl *tmpSelf = (HcfVerifyImpl *)self;
358 return tmpSelf->spiObj->engineGetVerifySpecInt(tmpSelf->spiObj, item, returnInt);
359 }
360
VerifyInit(HcfVerify * self,HcfParamsSpec * params,HcfPubKey * publicKey)361 static HcfResult VerifyInit(HcfVerify *self, HcfParamsSpec *params, HcfPubKey *publicKey)
362 {
363 if (self == NULL) {
364 LOGE("Invalid input parameter.");
365 return HCF_INVALID_PARAMS;
366 }
367
368 if (!IsClassMatch((HcfObjectBase *)self, GetVerifyClass())) {
369 return HCF_INVALID_PARAMS;
370 }
371 return ((HcfVerifyImpl *)self)->spiObj->engineInit(((HcfVerifyImpl *)self)->spiObj, params, publicKey);
372 }
373
VerifyUpdate(HcfVerify * self,HcfBlob * data)374 static HcfResult VerifyUpdate(HcfVerify *self, HcfBlob *data)
375 {
376 if (self == NULL) {
377 LOGE("Invalid input parameter.");
378 return HCF_INVALID_PARAMS;
379 }
380
381 if (!IsClassMatch((HcfObjectBase *)self, GetVerifyClass())) {
382 return HCF_INVALID_PARAMS;
383 }
384 return ((HcfVerifyImpl *)self)->spiObj->engineUpdate(((HcfVerifyImpl *)self)->spiObj, data);
385 }
386
VerifyDoFinal(HcfVerify * self,HcfBlob * data,HcfBlob * signatureData)387 static bool VerifyDoFinal(HcfVerify *self, HcfBlob *data, HcfBlob *signatureData)
388 {
389 if (self == NULL) {
390 LOGE("Invalid input parameter.");
391 return false;
392 }
393 if (!IsClassMatch((HcfObjectBase *)self, GetVerifyClass())) {
394 return false;
395 }
396 return ((HcfVerifyImpl *)self)->spiObj->engineVerify(((HcfVerifyImpl *)self)->spiObj, data, signatureData);
397 }
398
HcfSignCreate(const char * algoName,HcfSign ** returnObj)399 HcfResult HcfSignCreate(const char *algoName, HcfSign **returnObj)
400 {
401 LOGD("HcfSignCreate start");
402 if ((!IsStrValid(algoName, HCF_MAX_ALGO_NAME_LEN)) || (returnObj == NULL)) {
403 return HCF_INVALID_PARAMS;
404 }
405
406 HcfSignatureParams params = { 0 };
407 if (ParseAndSetParameter(algoName, ¶ms, ParseSignatureParams) != HCF_SUCCESS) {
408 LOGE("Failed to parser parmas!");
409 return HCF_INVALID_PARAMS;
410 }
411
412 HcfSignSpiCreateFunc createSpiFunc = FindSignAbility(¶ms);
413 if (createSpiFunc == NULL) {
414 LOGE("Can not find ability.");
415 return HCF_NOT_SUPPORT;
416 }
417
418 HcfSignImpl *returnSign = (HcfSignImpl *)HcfMalloc(sizeof(HcfSignImpl), 0);
419 if (returnSign == NULL) {
420 LOGE("Failed to allocate returnSign memory!");
421 return HCF_ERR_MALLOC;
422 }
423 if (strcpy_s(returnSign->algoName, HCF_MAX_ALGO_NAME_LEN, algoName) != EOK) {
424 LOGE("Failed to copy algoName!");
425 HcfFree(returnSign);
426 return HCF_INVALID_PARAMS;
427 }
428 HcfSignSpi *spiObj = NULL;
429 HcfResult res = createSpiFunc(¶ms, &spiObj);
430 if (res != HCF_SUCCESS) {
431 LOGE("Failed to create spi object!");
432 HcfFree(returnSign);
433 return res;
434 }
435 returnSign->base.base.destroy = DestroySign;
436 returnSign->base.base.getClass = GetSignClass;
437 returnSign->base.getAlgoName = GetSignAlgoName;
438 returnSign->base.init = SignInit;
439 returnSign->base.update = SignUpdate;
440 returnSign->base.sign = SignDoFinal;
441 returnSign->base.setSignSpecInt = SetSignSpecInt;
442 returnSign->base.getSignSpecInt = GetSignSpecInt;
443 returnSign->base.getSignSpecString = GetSignSpecString;
444 returnSign->spiObj = spiObj;
445
446 *returnObj = (HcfSign *)returnSign;
447 LOGD("HcfSignCreate end");
448 return HCF_SUCCESS;
449 }
450
HcfVerifyCreate(const char * algoName,HcfVerify ** returnObj)451 HcfResult HcfVerifyCreate(const char *algoName, HcfVerify **returnObj)
452 {
453 LOGD("HcfVerifyCreate start");
454 if ((!IsStrValid(algoName, HCF_MAX_ALGO_NAME_LEN)) || (returnObj == NULL)) {
455 return HCF_INVALID_PARAMS;
456 }
457 HcfSignatureParams params = {0};
458 if (ParseAndSetParameter(algoName, ¶ms, ParseSignatureParams) != HCF_SUCCESS) {
459 LOGE("Failed to parser parmas!");
460 return HCF_INVALID_PARAMS;
461 }
462
463 HcfVerifySpiCreateFunc createSpiFunc = FindVerifyAbility(¶ms);
464 if (createSpiFunc == NULL) {
465 return HCF_NOT_SUPPORT;
466 }
467
468 HcfVerifyImpl *returnVerify = (HcfVerifyImpl *)HcfMalloc(sizeof(HcfVerifyImpl), 0);
469 if (returnVerify == NULL) {
470 LOGE("Failed to allocate returnVerify memory!");
471 return HCF_ERR_MALLOC;
472 }
473 if (strcpy_s(returnVerify->algoName, HCF_MAX_ALGO_NAME_LEN, algoName) != EOK) {
474 LOGE("Failed to copy algoName!");
475 HcfFree(returnVerify);
476 return HCF_INVALID_PARAMS;
477 }
478 HcfVerifySpi *spiObj = NULL;
479 HcfResult res = createSpiFunc(¶ms, &spiObj);
480 if (res != HCF_SUCCESS) {
481 LOGE("Failed to create spi object!");
482 HcfFree(returnVerify);
483 return res;
484 }
485 returnVerify->base.base.destroy = DestroyVerify;
486 returnVerify->base.base.getClass = GetVerifyClass;
487 returnVerify->base.getAlgoName = GetVerifyAlgoName;
488 returnVerify->base.init = VerifyInit;
489 returnVerify->base.update = VerifyUpdate;
490 returnVerify->base.verify = VerifyDoFinal;
491 returnVerify->base.setVerifySpecInt = SetVerifySpecInt;
492 returnVerify->base.getVerifySpecInt = GetVerifySpecInt;
493 returnVerify->base.getVerifySpecString = GetVerifySpecString;
494 returnVerify->spiObj = spiObj;
495 *returnObj = (HcfVerify *)returnVerify;
496 LOGD("HcfVerifyCreate end");
497 return HCF_SUCCESS;
498 }
499