1 /*
2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #include "hks_config.h"
20 #endif
21
22 #include "hks_crypto_adapter.h"
23
24 #include <stddef.h>
25
26 #include "hks_common_check.h"
27 #include "hks_log.h"
28 #include "hks_mem.h"
29 #include "hks_param.h"
30 #include "hks_template.h"
31 #include "securec.h"
32
HksFillKeySpec(const struct HksParamSet * paramSet,struct HksKeySpec * spec)33 void HksFillKeySpec(const struct HksParamSet *paramSet, struct HksKeySpec *spec)
34 {
35 for (uint32_t i = 0; i < paramSet->paramsCnt; i++) {
36 switch (paramSet->params[i].tag) {
37 case HKS_TAG_ALGORITHM:
38 spec->algType = paramSet->params[i].uint32Param;
39 break;
40 case HKS_TAG_KEY_SIZE:
41 spec->keyLen = paramSet->params[i].uint32Param;
42 break;
43 default:
44 break;
45 }
46 }
47 }
48
HksFillUsageSpec(const struct HksParamSet * paramSet,struct HksUsageSpec * usageSpec)49 void HksFillUsageSpec(const struct HksParamSet *paramSet, struct HksUsageSpec *usageSpec)
50 {
51 for (uint32_t i = 0; i < paramSet->paramsCnt; i++) {
52 switch (paramSet->params[i].tag) {
53 case HKS_TAG_ALGORITHM:
54 usageSpec->algType = paramSet->params[i].uint32Param;
55 break;
56 case HKS_TAG_PADDING:
57 usageSpec->padding = paramSet->params[i].uint32Param;
58 break;
59 case HKS_TAG_DIGEST:
60 usageSpec->digest = paramSet->params[i].uint32Param;
61 break;
62 case HKS_TAG_BLOCK_MODE:
63 usageSpec->mode = paramSet->params[i].uint32Param;
64 break;
65 case HKS_TAG_PURPOSE:
66 usageSpec->purpose = paramSet->params[i].uint32Param;
67 break;
68 default:
69 break;
70 }
71 }
72 usageSpec->algParam = NULL;
73 }
74
HksFreeUsageSpec(struct HksUsageSpec ** usageSpec)75 void HksFreeUsageSpec(struct HksUsageSpec **usageSpec)
76 {
77 if ((usageSpec == NULL) || (*usageSpec == NULL)) {
78 return;
79 }
80
81 if ((*usageSpec)->algParam != NULL) {
82 HKS_FREE_PTR((*usageSpec)->algParam);
83 }
84 HKS_FREE_PTR(*usageSpec);
85 }
86
HksFillKeyDerivationParam(const struct HksParamSet * paramSet,struct HksKeyDerivationParam * param)87 void HksFillKeyDerivationParam(const struct HksParamSet *paramSet, struct HksKeyDerivationParam *param)
88 {
89 for (uint32_t i = 0; i < paramSet->paramsCnt; i++) {
90 switch (paramSet->params[i].tag) {
91 case HKS_TAG_DIGEST:
92 param->digestAlg = paramSet->params[i].uint32Param;
93 break;
94 case HKS_TAG_SALT:
95 param->salt = paramSet->params[i].blob;
96 break;
97 case HKS_TAG_INFO:
98 param->info = paramSet->params[i].blob;
99 break;
100 case HKS_TAG_ITERATION:
101 param->iterations = paramSet->params[i].uint32Param;
102 break;
103 default:
104 break;
105 }
106 }
107 }
108
HksFillAeadParam(const struct HksParamSet * paramSet,struct HksBlob * inputText,struct HksUsageSpec * usageSpec,bool isEncrypt)109 int32_t HksFillAeadParam(
110 const struct HksParamSet *paramSet, struct HksBlob *inputText, struct HksUsageSpec *usageSpec, bool isEncrypt)
111 {
112 struct HksParam *nonceParam = NULL;
113 int32_t ret = HksGetParam(paramSet, HKS_TAG_NONCE, &nonceParam);
114 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksFillAeadParam get nonce param failed!")
115
116 struct HksParam *aadParam = NULL;
117 ret = HksGetParam(paramSet, HKS_TAG_ASSOCIATED_DATA, &aadParam);
118 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksFillAeadParam get aad param failed!")
119
120 struct HksParam tagParam;
121 if (!isEncrypt) {
122 if (inputText->size <= HKS_AE_TAG_LEN) {
123 HKS_LOG_E("too small inputText size");
124 return HKS_ERROR_INVALID_ARGUMENT;
125 }
126 inputText->size -= HKS_AE_TAG_LEN;
127
128 tagParam.blob.size = HKS_AE_TAG_LEN;
129 tagParam.blob.data = inputText->data + inputText->size;
130 }
131
132 struct HksAeadParam *aeadParam = (struct HksAeadParam *)HksMalloc(sizeof(struct HksAeadParam));
133 HKS_IF_NULL_LOGE_RETURN(aeadParam, HKS_ERROR_MALLOC_FAIL, "aeadParam malloc failed!")
134
135 if (!isEncrypt) {
136 aeadParam->tagDec = tagParam.blob;
137 } else {
138 aeadParam->tagLenEnc = HKS_AE_TAG_LEN;
139 }
140
141 aeadParam->nonce = nonceParam->blob;
142 aeadParam->aad = aadParam->blob;
143 aeadParam->payloadLen = 0;
144 usageSpec->algParam = aeadParam;
145 return HKS_SUCCESS;
146 }
147
HksFillIvParam(const struct HksParamSet * paramSet,struct HksUsageSpec * usageSpec)148 int32_t HksFillIvParam(const struct HksParamSet *paramSet, struct HksUsageSpec *usageSpec)
149 {
150 struct HksParam *ivParam = NULL;
151 int32_t ret = HksGetParam(paramSet, HKS_TAG_IV, &ivParam);
152 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "cipher get iv param failed!")
153
154 struct HksCipherParam *param = (struct HksCipherParam *)HksMalloc(sizeof(struct HksCipherParam));
155 HKS_IF_NULL_LOGE_RETURN(param, HKS_ERROR_MALLOC_FAIL, "param malloc failed!")
156
157 param->iv = ivParam->blob;
158 usageSpec->algParam = param;
159 return HKS_SUCCESS;
160 }
161
HksIsAlgorithmSm4(const struct HksParamSet * paramSet)162 static bool HksIsAlgorithmSm4(const struct HksParamSet *paramSet)
163 {
164 struct HksParam *algParam = NULL;
165 int32_t ret = HksGetParam(paramSet, HKS_TAG_ALGORITHM, &algParam);
166 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, false, "check sm4 get alg param failed!")
167 return (algParam->uint32Param == HKS_ALG_SM4);
168 }
169
HksBuildCipherUsageSpec(const struct HksParamSet * paramSet,bool isEncrypt,struct HksBlob * inputText,struct HksUsageSpec ** outUsageSpec)170 int32_t HksBuildCipherUsageSpec(
171 const struct HksParamSet *paramSet, bool isEncrypt, struct HksBlob *inputText, struct HksUsageSpec **outUsageSpec)
172 {
173 bool isAes = false;
174 bool isAeMode = false;
175 int32_t ret = HksCheckAesAeMode(paramSet, &isAes, &isAeMode);
176 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get aeMode failed!")
177
178 struct HksUsageSpec *usageSpec = (struct HksUsageSpec *)HksMalloc(sizeof(struct HksUsageSpec));
179 HKS_IF_NULL_LOGE_RETURN(usageSpec, HKS_ERROR_MALLOC_FAIL, "cipher usageSpec malloc failed!")
180
181 HksFillUsageSpec(paramSet, usageSpec);
182
183 if (usageSpec->algType == HKS_ALG_RSA && usageSpec->digest == HKS_DIGEST_NONE) {
184 usageSpec->digest = HKS_DIGEST_SHA1;
185 }
186
187 if (HksIsAlgorithmSm4(paramSet)) { // is sm4
188 ret = HksFillIvParam(paramSet, usageSpec);
189 } else if (!isAes) { // not sm4, not aes
190 *outUsageSpec = usageSpec;
191 return HKS_SUCCESS;
192 } else if (isAeMode) { // is aes, is ae mode
193 ret = HksFillAeadParam(paramSet, inputText, usageSpec, isEncrypt);
194 } else { // is aes, not ae mode
195 ret = HksFillIvParam(paramSet, usageSpec);
196 }
197
198 if (ret != HKS_SUCCESS) {
199 HksFreeUsageSpec(&usageSpec);
200 HKS_LOG_E("fill[%" LOG_PUBLIC "x] param failed!", isAeMode);
201 return ret;
202 }
203
204 *outUsageSpec = usageSpec;
205 return HKS_SUCCESS;
206 }
207
HksGetEncryptAeTag(const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData,struct HksBlob * tagAead)208 int32_t HksGetEncryptAeTag(
209 const struct HksParamSet *paramSet, const struct HksBlob *inData, struct HksBlob *outData, struct HksBlob *tagAead)
210 {
211 bool isAes = false;
212 bool isAeMode = false;
213 int32_t ret = HksCheckAesAeMode(paramSet, &isAes, &isAeMode);
214 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get aeMode failed!")
215
216 if ((!isAes) || (!isAeMode)) {
217 tagAead->data = NULL;
218 tagAead->size = 0;
219 return HKS_SUCCESS;
220 }
221
222 if (outData->size < (inData->size + HKS_AE_TAG_LEN)) {
223 HKS_LOG_E("too small out buf!");
224 return HKS_ERROR_INVALID_ARGUMENT;
225 }
226
227 tagAead->data = outData->data + inData->size;
228 tagAead->size = HKS_AE_TAG_LEN;
229 return HKS_SUCCESS;
230 }
231
BuildParamSetOut(const struct HksParam * params,uint32_t paramCnt,struct HksParamSet * paramSetOut)232 static int32_t BuildParamSetOut(const struct HksParam *params, uint32_t paramCnt, struct HksParamSet *paramSetOut)
233 {
234 int32_t ret;
235 struct HksParamSet *tmpParamSetOut = NULL;
236
237 ret = HksInitParamSet(&tmpParamSetOut);
238 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "init paramSet failed!")
239
240 ret = HksAddParams(tmpParamSetOut, params, paramCnt);
241 if (ret != HKS_SUCCESS) {
242 HKS_LOG_E("add params failed");
243 HksFreeParamSet(&tmpParamSetOut);
244 return ret;
245 }
246
247 ret = HksBuildParamSet(&tmpParamSetOut);
248 if (ret != HKS_SUCCESS) {
249 HKS_LOG_E("build paramSet failed");
250 HksFreeParamSet(&tmpParamSetOut);
251 return ret;
252 }
253
254 if (memcpy_s(paramSetOut, paramSetOut->paramSetSize, tmpParamSetOut, tmpParamSetOut->paramSetSize) != EOK) {
255 HksFreeParamSet(&tmpParamSetOut);
256 HKS_LOG_E("memcpy paramSet out failed, paramSetOut size = %" LOG_PUBLIC "u", paramSetOut->paramSetSize);
257 return HKS_ERROR_INSUFFICIENT_MEMORY;
258 }
259
260 HksFreeParamSet(&tmpParamSetOut);
261 return HksFreshParamSet(paramSetOut, false);
262 }
263
264 #if defined(HKS_SUPPORT_ECC_C) && defined(HKS_SUPPORT_ECC_GENERATE_KEY)
FormatKeyInner(uint32_t publicKeySize,uint8_t * publicKey,const struct HksBlob * keyIn,struct HksParamSet * paramSetOut)265 static int32_t FormatKeyInner(uint32_t publicKeySize, uint8_t *publicKey, const struct HksBlob *keyIn,
266 struct HksParamSet *paramSetOut)
267 {
268 struct HksParam params[] = {
269 {
270 .tag = HKS_TAG_ASYMMETRIC_PUBLIC_KEY_DATA,
271 .blob = { publicKeySize, publicKey },
272 },
273 {
274 .tag = HKS_TAG_ASYMMETRIC_PRIVATE_KEY_DATA,
275 .blob = { keyIn->size, keyIn->data },
276 },
277 };
278 return BuildParamSetOut(params, HKS_ARRAY_SIZE(params), paramSetOut);
279 }
280 #endif
281
282 #ifndef _CUT_AUTHENTICATE_
SetCurve25519KeyMaterial(bool isPubKey,const struct HksBlob * keyIn,struct HksBlob * keyOut)283 static int32_t SetCurve25519KeyMaterial(bool isPubKey, const struct HksBlob *keyIn, struct HksBlob *keyOut)
284 {
285 struct KeyMaterial25519 curve25519Km = {HKS_ALG_ED25519, 0, 0, 0, 0};
286 curve25519Km.keySize = HKS_CURVE25519_KEY_SIZE_256;
287 curve25519Km.reserved = 0;
288
289 uint32_t offset = sizeof(struct KeyMaterial25519);
290 if (isPubKey) {
291 curve25519Km.pubKeySize = keyIn->size;
292 curve25519Km.priKeySize = 0;
293 } else {
294 curve25519Km.pubKeySize = 0;
295 curve25519Km.priKeySize = keyIn->size;
296 }
297
298 keyOut->size = sizeof(struct KeyMaterial25519) + curve25519Km.pubKeySize + curve25519Km.priKeySize;
299 keyOut->data = (uint8_t *)HksMalloc(keyOut->size);
300 HKS_IF_NULL_RETURN(keyOut->data, HKS_ERROR_MALLOC_FAIL)
301
302 (void)memcpy_s(keyOut->data, keyOut->size, &curve25519Km, sizeof(struct KeyMaterial25519));
303
304 (void)memcpy_s(keyOut->data + offset, keyOut->size - offset, keyIn->data, keyIn->size);
305
306 return HKS_SUCCESS;
307 }
308
CheckCurve25519KeySize(const struct HksBlob * keyIn)309 static int32_t CheckCurve25519KeySize(const struct HksBlob *keyIn)
310 {
311 if (keyIn->size < sizeof(struct KeyMaterial25519)) {
312 HKS_LOG_E("keyIn buffer too small");
313 return HKS_ERROR_INVALID_ARGUMENT;
314 }
315
316 struct KeyMaterial25519 *keyMaterial = (struct KeyMaterial25519 *)keyIn->data;
317
318 /* input pubKeySize and priKeySize of keyMaterial have been guaranteed that the addition will not overflow */
319 if (keyIn->size < (sizeof(struct KeyMaterial25519) + keyMaterial->pubKeySize + keyMaterial->priKeySize)) {
320 HKS_LOG_E("keyIn is not a valid key material");
321 return HKS_ERROR_INVALID_ARGUMENT;
322 }
323
324 return HKS_SUCCESS;
325 }
326
CheckFormatCurve25519Key(const struct HksBlob * keyIn,struct HksParamSet * paramSetOut)327 static int32_t CheckFormatCurve25519Key(const struct HksBlob *keyIn, struct HksParamSet *paramSetOut)
328 {
329 int32_t ret = CheckCurve25519KeySize(keyIn);
330 HKS_IF_NOT_SUCC_RETURN(ret, ret)
331
332 struct KeyMaterial25519 *keyMaterial = (struct KeyMaterial25519 *)keyIn->data;
333 uint32_t offset = sizeof(struct HksParamSet) + (sizeof(struct HksParam) << 1);
334 if (keyMaterial->pubKeySize > MAX_KEY_SIZE || keyMaterial->priKeySize > MAX_KEY_SIZE) {
335 HKS_LOG_E("pubKey or priKey buffer too big");
336 return HKS_ERROR_INVALID_ARGUMENT;
337 }
338 if (paramSetOut->paramSetSize < (offset + keyMaterial->pubKeySize + keyMaterial->priKeySize)) {
339 HKS_LOG_E("pubKey or priKey buffer too small");
340 return HKS_ERROR_BUFFER_TOO_SMALL;
341 }
342
343 return HKS_SUCCESS;
344 }
345
FormatCurve25519Key(const struct HksBlob * keyIn,struct HksParamSet * paramSetOut)346 static int32_t FormatCurve25519Key(const struct HksBlob *keyIn, struct HksParamSet *paramSetOut)
347 {
348 int32_t ret = CheckFormatCurve25519Key(keyIn, paramSetOut);
349 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check curve 25519 key failed")
350
351 struct KeyMaterial25519 *keyMaterial = (struct KeyMaterial25519 *)keyIn->data;
352 struct HksParam params[] = {
353 {
354 .tag = HKS_TAG_ASYMMETRIC_PUBLIC_KEY_DATA,
355 .blob = { keyMaterial->pubKeySize, keyIn->data + sizeof(struct KeyMaterial25519) },
356 },
357 {
358 .tag = HKS_TAG_ASYMMETRIC_PRIVATE_KEY_DATA,
359 .blob = { keyMaterial->priKeySize,
360 keyIn->data + sizeof(struct KeyMaterial25519) + keyMaterial->pubKeySize },
361 },
362 };
363
364 return BuildParamSetOut(params, HKS_ARRAY_SIZE(params), paramSetOut);
365 }
366
GetCurve25519FromKeyMaterial(const bool isPubKey,const struct HksBlob * keyMaterial,struct HksBlob * keyOut)367 int32_t GetCurve25519FromKeyMaterial(const bool isPubKey, const struct HksBlob *keyMaterial,
368 struct HksBlob *keyOut)
369 {
370 int32_t ret = CheckCurve25519KeySize(keyMaterial);
371 HKS_IF_NOT_SUCC_RETURN(ret, ret)
372
373 const struct KeyMaterial25519 *km = (struct KeyMaterial25519 *)(keyMaterial->data);
374
375 uint32_t size = (isPubKey ? km->pubKeySize : km->priKeySize);
376 if (size == 0) {
377 HKS_LOG_E("get key material size invalid, pubSize = %" LOG_PUBLIC "u, priSize = %" LOG_PUBLIC "u",
378 km->pubKeySize, km->priKeySize);
379 return HKS_ERROR_INVALID_KEY_INFO;
380 }
381 uint8_t *buffer = (uint8_t *)HksMalloc(size);
382 HKS_IF_NULL_RETURN(buffer, HKS_ERROR_MALLOC_FAIL)
383
384 uint32_t offset = sizeof(struct KeyMaterial25519);
385 uint8_t *tmp = (isPubKey ? (keyMaterial->data + offset) : (keyMaterial->data + offset + km->pubKeySize));
386 (void)memcpy_s(buffer, size, tmp, size);
387
388 keyOut->data = buffer;
389 keyOut->size = size;
390 return HKS_SUCCESS;
391 }
392
393 #if defined(HKS_SUPPORT_AES_C) || (defined(HKS_SUPPORT_HMAC_C) && defined(HKS_SUPPORT_HMAC_GENERATE_KEY))
FormatAesOrHmacKey(const struct HksBlob * keyIn,struct HksParamSet * paramSetOut)394 static int32_t FormatAesOrHmacKey(const struct HksBlob *keyIn, struct HksParamSet *paramSetOut)
395 {
396 struct HksParam params[] = {
397 {
398 .tag = HKS_TAG_SYMMETRIC_KEY_DATA,
399 .blob = { keyIn->size, keyIn->data },
400 },
401 };
402 return BuildParamSetOut(params, HKS_ARRAY_SIZE(params), paramSetOut);
403 }
404 #endif
405
406 #if defined(HKS_SUPPORT_RSA_C) && defined(HKS_SUPPORT_RSA_GENERATE_KEY)
FormatRsaKey(const struct HksBlob * keyIn,struct HksParamSet * paramSetOut)407 static int32_t FormatRsaKey(const struct HksBlob *keyIn, struct HksParamSet *paramSetOut)
408 {
409 if (keyIn->size < sizeof(struct KeyMaterialRsa)) {
410 return HKS_ERROR_INVALID_ARGUMENT;
411 }
412
413 struct KeyMaterialRsa *keyMaterial = (struct KeyMaterialRsa *)keyIn->data;
414 uint32_t publicKeySize = sizeof(struct KeyMaterialRsa) + keyMaterial->nSize + keyMaterial->eSize;
415 if (keyIn->size < publicKeySize) {
416 HKS_LOG_E("invalid key info.");
417 return HKS_ERROR_INVALID_KEY_INFO;
418 }
419
420 uint8_t *publicKey = (uint8_t *)HksMalloc(publicKeySize);
421 HKS_IF_NULL_LOGE_RETURN(publicKey, HKS_ERROR_MALLOC_FAIL, "malloc public key failed.")
422
423 (void)memcpy_s(publicKey, publicKeySize, keyIn->data, publicKeySize);
424 ((struct KeyMaterialRsa *)publicKey)->dSize = 0;
425
426 int32_t ret = FormatKeyInner(publicKeySize, publicKey, keyIn, paramSetOut);
427 (void)memset_s(publicKey, publicKeySize, 0, publicKeySize);
428 HksFree(publicKey);
429 return ret;
430 }
431 #endif
432
433 #if defined(HKS_SUPPORT_DSA_C) && defined(HKS_SUPPORT_DSA_GENERATE_KEY)
FormatDsaKey(const struct HksBlob * keyIn,struct HksParamSet * paramSetOut)434 static int32_t FormatDsaKey(const struct HksBlob *keyIn, struct HksParamSet *paramSetOut)
435 {
436 if (keyIn->size < sizeof(struct KeyMaterialDsa)) {
437 return HKS_ERROR_INVALID_ARGUMENT;
438 }
439
440 struct KeyMaterialDsa *keyMaterial = (struct KeyMaterialDsa *)keyIn->data;
441 uint32_t publicKeySize = sizeof(struct KeyMaterialDsa) + keyMaterial->ySize + keyMaterial->pSize +
442 keyMaterial->qSize + keyMaterial->gSize;
443 if (keyIn->size < publicKeySize) {
444 HKS_LOG_E("invalid key info.");
445 return HKS_ERROR_INVALID_KEY_INFO;
446 }
447
448 uint8_t *publicKey = (uint8_t *)HksMalloc(publicKeySize);
449 HKS_IF_NULL_LOGE_RETURN(publicKey, HKS_ERROR_MALLOC_FAIL, "malloc key failed.")
450
451 (void)memcpy_s(publicKey, publicKeySize, keyIn->data, sizeof(struct KeyMaterialDsa));
452 uint32_t inOffset = sizeof(struct KeyMaterialDsa);
453 uint32_t outOffset = sizeof(struct KeyMaterialDsa) + keyMaterial->xSize;
454 (void)memcpy_s(publicKey + inOffset, publicKeySize - inOffset, keyIn->data + outOffset, publicKeySize - inOffset);
455 ((struct KeyMaterialDsa *)publicKey)->xSize = 0;
456
457 int32_t ret = FormatKeyInner(publicKeySize, publicKey, keyIn, paramSetOut);
458 (void)memset_s(publicKey, publicKeySize, 0, publicKeySize);
459 HksFree(publicKey);
460 return ret;
461 }
462 #endif
463
464 #if defined(HKS_SUPPORT_ECC_C) && defined(HKS_SUPPORT_ECC_GENERATE_KEY)
FormatEccKey(const struct HksBlob * keyIn,struct HksParamSet * paramSetOut)465 static int32_t FormatEccKey(const struct HksBlob *keyIn, struct HksParamSet *paramSetOut)
466 {
467 if (keyIn->size < sizeof(struct KeyMaterialEcc)) {
468 return HKS_ERROR_INVALID_ARGUMENT;
469 }
470
471 struct KeyMaterialEcc *keyMaterial = (struct KeyMaterialEcc *)keyIn->data;
472 uint32_t publicKeySize = sizeof(struct KeyMaterialEcc) + keyMaterial->xSize + keyMaterial->ySize;
473 if (keyIn->size < publicKeySize) {
474 HKS_LOG_E("invalid key info.");
475 return HKS_ERROR_INVALID_KEY_INFO;
476 }
477
478 uint8_t *publicKey = (uint8_t *)HksMalloc(publicKeySize);
479 HKS_IF_NULL_LOGE_RETURN(publicKey, HKS_ERROR_MALLOC_FAIL, "malloc public key failed.")
480
481 (void)memcpy_s(publicKey, publicKeySize, keyIn->data, publicKeySize);
482 ((struct KeyMaterialEcc *)publicKey)->zSize = 0;
483 int32_t ret = FormatKeyInner(publicKeySize, publicKey, keyIn, paramSetOut);
484 (void)memset_s(publicKey, publicKeySize, 0, publicKeySize);
485 HksFree(publicKey);
486 return ret;
487 }
488 #endif
489
490 #if defined(HKS_SUPPORT_DH_C) && defined(HKS_SUPPORT_DH_GENERATE_KEY)
FormatDhKey(const struct HksBlob * keyIn,struct HksParamSet * paramSetOut)491 static int32_t FormatDhKey(const struct HksBlob *keyIn, struct HksParamSet *paramSetOut)
492 {
493 if (keyIn->size < sizeof(struct KeyMaterialDh)) {
494 return HKS_ERROR_INVALID_ARGUMENT;
495 }
496
497 struct KeyMaterialDh *keyMaterial = (struct KeyMaterialDh *)keyIn->data;
498 uint32_t publicKeySize = sizeof(struct KeyMaterialDh) + keyMaterial->pubKeySize;
499 if (keyIn->size < publicKeySize) {
500 HKS_LOG_E("invalid key info.");
501 return HKS_ERROR_INVALID_KEY_INFO;
502 }
503
504 uint8_t *publicKey = (uint8_t *)HksMalloc(publicKeySize);
505 HKS_IF_NULL_LOGE_RETURN(publicKey, HKS_ERROR_MALLOC_FAIL, "malloc public key failed.")
506
507 (void)memcpy_s(publicKey, publicKeySize, keyIn->data, publicKeySize);
508 ((struct KeyMaterialDh *)publicKey)->priKeySize = 0;
509 int32_t ret = FormatKeyInner(publicKeySize, publicKey, keyIn, paramSetOut);
510 (void)memset_s(publicKey, publicKeySize, 0, publicKeySize);
511 HksFree(publicKey);
512 return ret;
513 }
514 #endif
515
HksSetKeyToMaterial(uint32_t alg,bool isPubKey,const struct HksBlob * key,struct HksBlob * keyMaterial)516 int32_t HksSetKeyToMaterial(uint32_t alg, bool isPubKey, const struct HksBlob *key, struct HksBlob *keyMaterial)
517 {
518 switch (alg) {
519 case HKS_ALG_X25519:
520 case HKS_ALG_ED25519:
521 return SetCurve25519KeyMaterial(isPubKey, key, keyMaterial);
522 case HKS_ALG_RSA:
523 case HKS_ALG_DSA:
524 case HKS_ALG_ECC:
525 case HKS_ALG_ECDH:
526 case HKS_ALG_DH:
527 keyMaterial->size = key->size;
528 keyMaterial->data = (uint8_t *)HksMalloc(keyMaterial->size);
529 if (keyMaterial->data != NULL) {
530 (void)memcpy_s(keyMaterial->data, keyMaterial->size, key->data, key->size);
531 return HKS_SUCCESS;
532 } else {
533 return HKS_ERROR_MALLOC_FAIL;
534 }
535 break;
536 default:
537 HKS_LOG_E("alg not support");
538 return HKS_ERROR_INVALID_ALGORITHM;
539 }
540 }
541
HksGetKeyFromMaterial(uint32_t alg,bool isPubKey,const struct HksBlob * keyMaterial,struct HksBlob * key)542 int32_t HksGetKeyFromMaterial(uint32_t alg, bool isPubKey, const struct HksBlob *keyMaterial, struct HksBlob *key)
543 {
544 switch (alg) {
545 case HKS_ALG_X25519:
546 case HKS_ALG_ED25519:
547 return GetCurve25519FromKeyMaterial(isPubKey, keyMaterial, key);
548 default:
549 HKS_LOG_E("alg not support");
550 return HKS_ERROR_INVALID_ALGORITHM;
551 }
552 }
553
HksFormatKeyFromMaterial(uint32_t alg,const struct HksBlob * keyMaterial,struct HksParamSet * paramSetOut)554 int32_t HksFormatKeyFromMaterial(uint32_t alg, const struct HksBlob *keyMaterial,
555 struct HksParamSet *paramSetOut)
556 {
557 switch (alg) {
558 case HKS_ALG_X25519:
559 case HKS_ALG_ED25519:
560 return FormatCurve25519Key(keyMaterial, paramSetOut);
561 #if defined(HKS_SUPPORT_AES_C) && defined(HKS_SUPPORT_AES_GENERATE_KEY)
562 case HKS_ALG_AES:
563 return FormatAesOrHmacKey(keyMaterial, paramSetOut);
564 #endif
565 #if defined(HKS_SUPPORT_RSA_C) && defined(HKS_SUPPORT_RSA_GENERATE_KEY)
566 case HKS_ALG_RSA:
567 return FormatRsaKey(keyMaterial, paramSetOut);
568 #endif
569 #if defined(HKS_SUPPORT_HMAC_C) && defined(HKS_SUPPORT_HMAC_GENERATE_KEY)
570 case HKS_ALG_HMAC:
571 return FormatAesOrHmacKey(keyMaterial, paramSetOut);
572 #endif
573 #if defined(HKS_SUPPORT_DSA_C) && defined(HKS_SUPPORT_DSA_GENERATE_KEY)
574 case HKS_ALG_DSA:
575 return FormatDsaKey(keyMaterial, paramSetOut);
576 #endif
577 #if defined(HKS_SUPPORT_ECC_C) && defined(HKS_SUPPORT_ECC_GENERATE_KEY)
578 case HKS_ALG_ECC:
579 case HKS_ALG_ECDH:
580 return FormatEccKey(keyMaterial, paramSetOut);
581 #endif
582 #if defined(HKS_SUPPORT_DH_C) && defined(HKS_SUPPORT_DH_GENERATE_KEY)
583 case HKS_ALG_DH:
584 return FormatDhKey(keyMaterial, paramSetOut);
585 #endif
586 default:
587 HKS_LOG_E("alg not support");
588 return HKS_ERROR_INVALID_ALGORITHM;
589 }
590 }
591 #endif
592