1 /*
2 * Copyright (c) 2020-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #include "hks_config.h"
20 #endif
21
22 #ifdef HKS_SUPPORT_AES_C
23
24 #include "hks_mbedtls_aes.h"
25
26 #include <mbedtls/aes.h>
27 #include <mbedtls/ccm.h>
28 #include <mbedtls/cipher.h>
29 #include <mbedtls/ctr_drbg.h>
30 #include <mbedtls/entropy.h>
31 #include <mbedtls/gcm.h>
32 #include <securec.h>
33
34 #include "hks_log.h"
35 #include "hks_mbedtls_common.h"
36 #include "hks_mem.h"
37 #include "hks_template.h"
38
39 #define HKS_AES_CBC_NOPADDING_IV_SIZE 16
40 #define HKS_AES_CBC_DATA_BLOB_SIZE 16
41 #define HKS_AES_CCM_DATA_SIZE_MAX (1 * 1024 * 1024) // 1M
42
43 struct HksMbedtlsAesCtx {
44 uint32_t algType;
45 uint32_t mode;
46 uint32_t padding;
47 uint8_t *append;
48 uint8_t iv[HKS_AES_CBC_NOPADDING_IV_SIZE];
49 uint8_t *nonce;
50 uint32_t nonceSize;
51 uint8_t *aad;
52 uint32_t aadSize;
53 } HksMbedtlsAesCtx;
54
55 #ifdef HKS_SUPPORT_AES_GENERATE_KEY
HksMbedtlsAesGenerateKey(const struct HksKeySpec * spec,struct HksBlob * key)56 int32_t HksMbedtlsAesGenerateKey(const struct HksKeySpec *spec, struct HksBlob *key)
57 {
58 if (spec->keyLen != HKS_AES_KEY_SIZE_128 && spec->keyLen != HKS_AES_KEY_SIZE_192 &&
59 spec->keyLen != HKS_AES_KEY_SIZE_256) {
60 return HKS_ERROR_INVALID_ARGUMENT;
61 }
62
63 const uint32_t keyByteLen = spec->keyLen / HKS_BITS_PER_BYTE;
64
65 uint8_t *outKey = (uint8_t *)HksMalloc(keyByteLen);
66 HKS_IF_NULL_RETURN(outKey, HKS_ERROR_MALLOC_FAIL)
67
68 mbedtls_entropy_context entropy;
69 mbedtls_ctr_drbg_context ctrDrbg;
70 (void)memset_s(&entropy, sizeof(mbedtls_entropy_context), 0, sizeof(mbedtls_entropy_context));
71 (void)memset_s(&ctrDrbg, sizeof(mbedtls_ctr_drbg_context), 0, sizeof(mbedtls_ctr_drbg_context));
72 int32_t ret = HksCtrDrbgSeed(&ctrDrbg, &entropy);
73 if (ret != HKS_SUCCESS) {
74 HKS_FREE(outKey);
75 return ret;
76 }
77
78 do {
79 ret = mbedtls_ctr_drbg_random(&ctrDrbg, outKey, keyByteLen);
80 if (ret != HKS_MBEDTLS_SUCCESS) {
81 HKS_LOG_E("Mbedtls ctr drbg random failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
82 (void)memset_s(outKey, keyByteLen, 0, keyByteLen);
83 HKS_FREE(outKey);
84 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
85 break;
86 }
87
88 key->data = outKey;
89 key->size = keyByteLen;
90 } while (0);
91
92 mbedtls_ctr_drbg_free(&ctrDrbg);
93 mbedtls_entropy_free(&entropy);
94 return ret;
95 }
96 #endif /* HKS_SUPPORT_AES_GENERATE_KEY */
97
98 #ifdef HKS_SUPPORT_AES_CBC_NOPADDING
AesCbcNoPaddingCrypt(const struct HksBlob * key,const struct HksCipherParam * cipherParam,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)99 static int32_t AesCbcNoPaddingCrypt(const struct HksBlob *key, const struct HksCipherParam *cipherParam,
100 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
101 {
102 mbedtls_aes_context ctx;
103 mbedtls_aes_init(&ctx);
104
105 int32_t ret;
106 do {
107 if (encrypt) {
108 ret = mbedtls_aes_setkey_enc(&ctx, key->data, key->size * HKS_BITS_PER_BYTE);
109 } else {
110 ret = mbedtls_aes_setkey_dec(&ctx, key->data, key->size * HKS_BITS_PER_BYTE);
111 }
112 if (ret != HKS_MBEDTLS_SUCCESS) {
113 HKS_LOG_E("Mbedtls aes set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
114 break;
115 }
116
117 /* mbedtls_aes_crypt_cbc will refresh iv, so need a temp iv */
118 uint8_t tmpIv[HKS_AES_CBC_NOPADDING_IV_SIZE];
119 if (memcpy_s(tmpIv, HKS_AES_CBC_NOPADDING_IV_SIZE, cipherParam->iv.data, cipherParam->iv.size) != EOK) {
120 HKS_LOG_E("Memcpy temp iv failed!");
121 ret = HKS_ERROR_INVALID_IV;
122 break;
123 }
124
125 ret = mbedtls_aes_crypt_cbc(&ctx,
126 (encrypt ? MBEDTLS_AES_ENCRYPT : MBEDTLS_AES_DECRYPT),
127 message->size,
128 tmpIv,
129 message->data,
130 cipherText->data);
131 if (ret != HKS_MBEDTLS_SUCCESS) {
132 HKS_LOG_E("Mbedtks aes cbc crypt failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
133 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
134 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
135 break;
136 }
137 cipherText->size = message->size;
138 } while (0);
139
140 mbedtls_aes_free(&ctx);
141 return ret;
142 }
143
AesCbcNoPaddingCryptInit(void ** cryptoCtx,const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const bool encrypt)144 static int32_t AesCbcNoPaddingCryptInit(void **cryptoCtx, const struct HksBlob *key,
145 const struct HksUsageSpec *usageSpec, const bool encrypt)
146 {
147 mbedtls_aes_context *ctx = (mbedtls_aes_context *)HksMalloc(sizeof(mbedtls_aes_context));
148 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_MALLOC_FAIL, "initialize ctx fail")
149 mbedtls_aes_init(ctx);
150
151 int32_t ret;
152 if (encrypt) {
153 ret = mbedtls_aes_setkey_enc(ctx, key->data, key->size * HKS_BITS_PER_BYTE);
154 } else {
155 ret = mbedtls_aes_setkey_dec(ctx, key->data, key->size * HKS_BITS_PER_BYTE);
156 }
157 if (ret != HKS_MBEDTLS_SUCCESS) {
158 HKS_LOG_E("Mbedtls aes set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
159 mbedtls_aes_free(ctx);
160 HKS_FREE(ctx);
161 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
162 }
163
164 struct HksCipherParam *iv = (struct HksCipherParam *)(usageSpec->algParam);
165 if (iv->iv.size != HKS_AES_CBC_NOPADDING_IV_SIZE) {
166 HKS_LOG_E("initialize iv fail");
167 mbedtls_aes_free(ctx);
168 HKS_FREE(ctx);
169 return HKS_ERROR_INVALID_IV;
170 }
171
172 struct HksMbedtlsAesCtx *outCtx = (struct HksMbedtlsAesCtx *)HksMalloc(sizeof(HksMbedtlsAesCtx));
173 if (outCtx == NULL) {
174 HKS_LOG_E("initialize outCtx fail");
175 mbedtls_aes_free(ctx);
176 HKS_FREE(ctx);
177 return HKS_ERROR_MALLOC_FAIL;
178 }
179
180 outCtx->append = (void *)ctx;
181 outCtx->mode = usageSpec->mode;
182 outCtx->padding = usageSpec->padding;
183 (void)memcpy_s(outCtx->iv, HKS_AES_CBC_NOPADDING_IV_SIZE, iv->iv.data, HKS_AES_CBC_NOPADDING_IV_SIZE);
184
185 *cryptoCtx = (void *)outCtx;
186
187 return ret;
188 }
189
AesCbcNoPaddingCryptUpdate(void * cryptoCtx,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)190 static int32_t AesCbcNoPaddingCryptUpdate(void *cryptoCtx,
191 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
192 {
193 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)cryptoCtx;
194 HKS_IF_NULL_RETURN(aesCtx, HKS_ERROR_NULL_POINTER)
195
196 mbedtls_aes_context *cbcNoPaddingCtx = (mbedtls_aes_context *)aesCtx->append;
197
198 HKS_IF_NULL_RETURN(cbcNoPaddingCtx, HKS_ERROR_NULL_POINTER)
199
200 int32_t ret;
201 do {
202 if (message->size % HKS_AES_CBC_DATA_BLOB_SIZE != 0) {
203 HKS_LOG_E("AesCbcNoPaddingCryptUpdate data size invalid!");
204 ret = HKS_ERROR_INVALID_ARGUMENT;
205 break;
206 }
207
208 /* mbedtls_aes_crypt_cbc will refresh iv, so need a temp iv */
209 uint8_t tmpIv[HKS_AES_CBC_NOPADDING_IV_SIZE];
210 if (memcpy_s(tmpIv, HKS_AES_CBC_NOPADDING_IV_SIZE, aesCtx->iv, HKS_AES_CBC_NOPADDING_IV_SIZE) != EOK) {
211 HKS_LOG_E("Memcpy temp iv failed!");
212 ret = HKS_ERROR_INVALID_IV;
213 break;
214 }
215
216 ret = mbedtls_aes_crypt_cbc(cbcNoPaddingCtx,
217 (encrypt ? MBEDTLS_AES_ENCRYPT : MBEDTLS_AES_DECRYPT),
218 message->size,
219 tmpIv,
220 message->data,
221 cipherText->data);
222 if (ret != HKS_MBEDTLS_SUCCESS) {
223 HKS_LOG_E("Mbedtks aes cbc nopadding crypt failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
224 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
225 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
226 break;
227 }
228
229 cipherText->size = message->size;
230 if (memcpy_s(aesCtx->iv, HKS_AES_CBC_NOPADDING_IV_SIZE, tmpIv, HKS_AES_CBC_NOPADDING_IV_SIZE) != EOK) {
231 HKS_LOG_E("copy aesCtx failed!");
232 ret = HKS_ERROR_INSUFFICIENT_MEMORY;
233 break;
234 }
235 } while (0);
236
237 return ret;
238 }
239
AesCbcNoPaddingCryptFinal(void ** cryptoCtx,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)240 static int32_t AesCbcNoPaddingCryptFinal(void **cryptoCtx,
241 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
242 {
243 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)*cryptoCtx;
244 mbedtls_aes_context *cbcNoPaddingCtx = (mbedtls_aes_context *)aesCtx->append;
245
246 if (cbcNoPaddingCtx == NULL) {
247 HKS_FREE(*cryptoCtx);
248 return HKS_ERROR_NULL_POINTER;
249 }
250
251 int32_t ret = HKS_SUCCESS;
252 do {
253 if (message->size % HKS_AES_CBC_DATA_BLOB_SIZE != 0) {
254 HKS_LOG_E("AesCbcNoPaddingCryptFinal data size invalid!");
255 ret = HKS_ERROR_INVALID_ARGUMENT;
256 break;
257 }
258
259 if (message->size != 0) {
260 /* mbedtls_aes_crypt_cbc will refresh iv, so need a temp iv */
261 uint8_t tmpIv[HKS_AES_CBC_NOPADDING_IV_SIZE];
262 if (memcpy_s(tmpIv, HKS_AES_CBC_NOPADDING_IV_SIZE, aesCtx->iv, HKS_AES_CBC_NOPADDING_IV_SIZE) != EOK) {
263 HKS_LOG_E("Memcpy temp iv failed!");
264 ret = HKS_ERROR_INVALID_IV;
265 break;
266 }
267 ret = mbedtls_aes_crypt_cbc(cbcNoPaddingCtx,
268 (encrypt ? MBEDTLS_AES_ENCRYPT : MBEDTLS_AES_DECRYPT),
269 message->size,
270 tmpIv,
271 message->data,
272 cipherText->data);
273 if (ret != HKS_MBEDTLS_SUCCESS) {
274 HKS_LOG_E("Mbedtls aes gcm encryot failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
275 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
276 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
277 break;
278 }
279 }
280 cipherText->size = message->size;
281 } while (0);
282
283 mbedtls_aes_free(cbcNoPaddingCtx);
284 HKS_FREE(aesCtx->append);
285 HKS_FREE(*cryptoCtx);
286
287 return ret;
288 }
289 #endif /* HKS_SUPPORT_AES_CBC_NOPADDING */
290
291 #ifdef HKS_SUPPORT_AES_CBC_PKCS7
AesCbcPkcs7Crypt(const struct HksBlob * key,const struct HksCipherParam * cipherParam,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)292 static int32_t AesCbcPkcs7Crypt(const struct HksBlob *key, const struct HksCipherParam *cipherParam,
293 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
294 {
295 const uint32_t keyBitLen = key->size * HKS_BITS_PER_BYTE;
296 const mbedtls_cipher_info_t *info =
297 mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, keyBitLen, MBEDTLS_MODE_CBC);
298
299 mbedtls_cipher_context_t ctx;
300 mbedtls_cipher_init(&ctx);
301
302 int32_t ret;
303 do {
304 ret = mbedtls_cipher_setup(&ctx, info);
305 if (ret != HKS_MBEDTLS_SUCCESS) {
306 HKS_LOG_E("Mbedtls cbc pkcs7 setup ctx failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
307 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
308 break;
309 }
310
311 ret = mbedtls_cipher_setkey(&ctx, key->data, keyBitLen, (encrypt ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT));
312 if (ret != HKS_MBEDTLS_SUCCESS) {
313 HKS_LOG_E("Mbedtls cbc pkcs7 set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
314 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
315 break;
316 }
317 size_t keyLen = cipherText->size;
318 ret = mbedtls_cipher_crypt(&ctx,
319 cipherParam->iv.data,
320 cipherParam->iv.size,
321 message->data,
322 message->size,
323 cipherText->data,
324 &keyLen);
325 cipherText->size = (uint32_t)keyLen;
326 if (ret != HKS_MBEDTLS_SUCCESS) {
327 HKS_LOG_E("Mbedtls cbc pkcs7 crypt failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
328 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
329 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
330 }
331 } while (0);
332
333 mbedtls_cipher_free(&ctx);
334 return ret;
335 }
336
AesCbcPkcs7CryptInitParam(const struct HksBlob * key,mbedtls_cipher_context_t * cbcPkcs7ctx,const bool encrypt)337 static int32_t AesCbcPkcs7CryptInitParam(const struct HksBlob *key, mbedtls_cipher_context_t *cbcPkcs7ctx,
338 const bool encrypt)
339 {
340 const uint32_t keyBitLen = key->size * HKS_BITS_PER_BYTE;
341 const mbedtls_cipher_info_t *info =
342 mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, keyBitLen, MBEDTLS_MODE_CBC);
343 if (info == NULL) {
344 HKS_LOG_E("get cipher info from values failed!");
345 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
346 }
347 int32_t ret = mbedtls_cipher_setup(cbcPkcs7ctx, info);
348 if (ret != HKS_MBEDTLS_SUCCESS) {
349 HKS_LOG_E("Mbedtls cbc pkcs7 setup ctx failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
350 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
351 }
352
353 ret = mbedtls_cipher_setkey(cbcPkcs7ctx, key->data, keyBitLen, (encrypt ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT));
354 if (ret != HKS_MBEDTLS_SUCCESS) {
355 HKS_LOG_E("Mbedtls cbc pkcs7 set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
356 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
357 }
358 return HKS_SUCCESS;
359 }
360
AesCbcPkcs7CryptInit(void ** cryptoCtx,const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const bool encrypt)361 static int32_t AesCbcPkcs7CryptInit(void **cryptoCtx, const struct HksBlob *key,
362 const struct HksUsageSpec *usageSpec, const bool encrypt)
363 {
364 mbedtls_cipher_context_t *cbcPkcs7ctx = (mbedtls_cipher_context_t *)HksMalloc(sizeof(mbedtls_cipher_context_t));
365 HKS_IF_NULL_LOGE_RETURN(cbcPkcs7ctx, HKS_ERROR_MALLOC_FAIL, "malloc cbcPkcs7ctx fail")
366 mbedtls_cipher_init(cbcPkcs7ctx);
367
368 int32_t ret = AesCbcPkcs7CryptInitParam(key, cbcPkcs7ctx, encrypt);
369 if (ret != HKS_SUCCESS) {
370 HKS_LOG_E("AesCbcPkcs7CryptInitParam fail %" LOG_PUBLIC "d", ret);
371 mbedtls_cipher_free(cbcPkcs7ctx);
372 HKS_FREE(cbcPkcs7ctx);
373 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
374 }
375
376 const struct HksCipherParam *cipherParam = (struct HksCipherParam *)(usageSpec->algParam);
377 ret = mbedtls_cipher_set_padding_mode(cbcPkcs7ctx, MBEDTLS_PADDING_PKCS7);
378 if (ret != HKS_MBEDTLS_SUCCESS) {
379 HKS_LOG_E("Mbedtls cbc pkcs7 set padding mode failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
380 mbedtls_cipher_free(cbcPkcs7ctx);
381 HKS_FREE(cbcPkcs7ctx);
382 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
383 }
384
385 ret = mbedtls_cipher_set_iv(cbcPkcs7ctx, cipherParam->iv.data, cipherParam->iv.size);
386 if (ret != HKS_MBEDTLS_SUCCESS) {
387 HKS_LOG_E("Mbedtls cbc pkcs7 set iv failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
388 mbedtls_cipher_free(cbcPkcs7ctx);
389 HKS_FREE(cbcPkcs7ctx);
390 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
391 }
392 ret = mbedtls_cipher_reset(cbcPkcs7ctx);
393 if (ret != HKS_MBEDTLS_SUCCESS) {
394 HKS_LOG_E("Mbedtls cbc pkcs7 reset failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
395 mbedtls_cipher_free(cbcPkcs7ctx);
396 HKS_FREE(cbcPkcs7ctx);
397 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
398 }
399
400 struct HksMbedtlsAesCtx *outCtx = (struct HksMbedtlsAesCtx *)HksMalloc(sizeof(HksMbedtlsAesCtx));
401 if (outCtx == NULL) {
402 HKS_LOG_E("malloc outCtx fail");
403 mbedtls_cipher_free(cbcPkcs7ctx);
404 HKS_FREE(cbcPkcs7ctx);
405 return HKS_ERROR_MALLOC_FAIL;
406 }
407
408 outCtx->mode = usageSpec->mode;
409 outCtx->padding = usageSpec->padding;
410 outCtx->append = (void *)cbcPkcs7ctx;
411
412 *cryptoCtx = (void *)outCtx;
413
414 return ret;
415 }
416
AesCbcPkcs7CryptUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)417 static int32_t AesCbcPkcs7CryptUpdate(void *cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText)
418 {
419 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)cryptoCtx;
420 mbedtls_cipher_context_t *cbcPkcs7ctx = (mbedtls_cipher_context_t *)aesCtx->append;
421
422 HKS_IF_NULL_RETURN(cbcPkcs7ctx, HKS_ERROR_NULL_POINTER)
423 size_t keyLen = cipherText->size;
424 int32_t ret = mbedtls_cipher_update(cbcPkcs7ctx, message->data, message->size, cipherText->data,
425 &keyLen);
426 cipherText->size = (uint32_t)keyLen;
427 if (ret != HKS_MBEDTLS_SUCCESS) {
428 HKS_LOG_E("Mbedtls cbc pkcs7 crypt update failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
429 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
430 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
431 }
432 return ret;
433 }
434
AesCbcPkcs7CryptFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)435 static int32_t AesCbcPkcs7CryptFinal(void **cryptoCtx, const struct HksBlob *message,
436 struct HksBlob *cipherText)
437 {
438 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)*cryptoCtx;
439 mbedtls_cipher_context_t *cbcPkcs7ctx = (mbedtls_cipher_context_t *)aesCtx->append;
440
441 if (cbcPkcs7ctx == NULL) {
442 HKS_FREE(*cryptoCtx);
443 return HKS_ERROR_NULL_POINTER;
444 }
445
446 size_t finish_olen;
447 int32_t ret;
448 do {
449 cipherText->size = 0;
450 if (message->size != 0) {
451 size_t keyLen = cipherText->size;
452 ret = mbedtls_cipher_update(cbcPkcs7ctx, message->data, message->size, cipherText->data,
453 &keyLen);
454 cipherText->size = (uint32_t)keyLen;
455 if (ret != HKS_MBEDTLS_SUCCESS) {
456 HKS_LOG_E("Mbedtls cbc pkcs7 crypt update failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
457 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
458 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
459 break;
460 }
461 }
462
463 size_t olen = (size_t)cipherText->size;
464 ret = mbedtls_cipher_finish(cbcPkcs7ctx, cipherText->data + olen, &finish_olen);
465 if (ret != HKS_MBEDTLS_SUCCESS) {
466 HKS_LOG_E("Mbedtls cbc pkcs7 crypt finish failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
467 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
468 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
469 break;
470 }
471 cipherText->size = olen + finish_olen;
472 } while (0);
473
474 mbedtls_cipher_free(cbcPkcs7ctx);
475 HKS_FREE(aesCtx->append);
476 HKS_FREE(*cryptoCtx);
477
478 return ret;
479 }
480 #endif /* HKS_SUPPORT_AES_CBC_PKCS7 */
481
482 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
AesCbcCrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)483 static int32_t AesCbcCrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
484 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
485 {
486 const struct HksCipherParam *cipherParam = (struct HksCipherParam *)(usageSpec->algParam);
487
488 switch (usageSpec->padding) {
489 #ifdef HKS_SUPPORT_AES_CBC_NOPADDING
490 case HKS_PADDING_NONE:
491 return AesCbcNoPaddingCrypt(key, cipherParam, message, encrypt, cipherText);
492 #endif
493 #ifdef HKS_SUPPORT_AES_CBC_PKCS7
494 case HKS_PADDING_PKCS7:
495 return AesCbcPkcs7Crypt(key, cipherParam, message, encrypt, cipherText);
496 #endif
497 default:
498 HKS_LOG_E("Unsupport padding! mode = 0x%" LOG_PUBLIC "X", usageSpec->padding);
499 return HKS_ERROR_INVALID_PADDING;
500 }
501 }
502
AesCbcCryptInit(void ** cryptoCtx,const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const bool encrypt)503 static int32_t AesCbcCryptInit(void **cryptoCtx, const struct HksBlob *key,
504 const struct HksUsageSpec *usageSpec, const bool encrypt)
505 {
506 switch (usageSpec->padding) {
507 #ifdef HKS_SUPPORT_AES_CBC_NOPADDING
508 case HKS_PADDING_NONE:
509 return AesCbcNoPaddingCryptInit(cryptoCtx, key, usageSpec, encrypt);
510 #endif
511 #ifdef HKS_SUPPORT_AES_CBC_PKCS7
512 case HKS_PADDING_PKCS7:
513 return AesCbcPkcs7CryptInit(cryptoCtx, key, usageSpec, encrypt);
514 #endif
515 default:
516 HKS_LOG_E("Unsupport padding! mode = 0x%" LOG_PUBLIC "X", usageSpec->padding);
517 return HKS_ERROR_INVALID_PADDING;
518 }
519 }
520
AesCbcCryptUpdate(void * cryptoCtx,const uint8_t padding,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)521 static int32_t AesCbcCryptUpdate(void *cryptoCtx, const uint8_t padding,
522 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
523 {
524 switch (padding) {
525 #ifdef HKS_SUPPORT_AES_CBC_NOPADDING
526 case HKS_PADDING_NONE:
527 return AesCbcNoPaddingCryptUpdate(cryptoCtx, message, encrypt, cipherText);
528 #endif
529 #ifdef HKS_SUPPORT_AES_CBC_PKCS7
530 case HKS_PADDING_PKCS7:
531 return AesCbcPkcs7CryptUpdate(cryptoCtx, message, cipherText);
532 #endif
533 default:
534 HKS_LOG_E("Unsupport padding! mode = 0x%" LOG_PUBLIC "X", padding);
535 return HKS_ERROR_INVALID_PADDING;
536 }
537 }
538
AesCbcCryptFinal(void ** cryptoCtx,const uint8_t padding,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)539 static int32_t AesCbcCryptFinal(void **cryptoCtx, const uint8_t padding,
540 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
541 {
542 switch (padding) {
543 #ifdef HKS_SUPPORT_AES_CBC_NOPADDING
544 case HKS_PADDING_NONE:
545 return AesCbcNoPaddingCryptFinal(cryptoCtx, message, encrypt, cipherText);
546 #endif
547 #ifdef HKS_SUPPORT_AES_CBC_PKCS7
548 case HKS_PADDING_PKCS7:
549 return AesCbcPkcs7CryptFinal(cryptoCtx, message, cipherText);
550 #endif
551 default:
552 HKS_LOG_E("Unsupport padding! mode = 0x%" LOG_PUBLIC "X", padding);
553 return HKS_ERROR_INVALID_PADDING;
554 }
555 }
556 #endif /* HKS_SUPPORT_AES_CBC_NOPADDING or HKS_SUPPORT_AES_CBC_PKCS7 */
557
558 #ifdef HKS_SUPPORT_AES_GCM
AesEncryptGcm(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)559 static int32_t AesEncryptGcm(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
560 const struct HksBlob *message, struct HksBlob *cipherText, struct HksBlob *tagAead)
561 {
562 mbedtls_gcm_context ctx;
563 mbedtls_gcm_init(&ctx);
564
565 int32_t ret;
566 do {
567 ret = mbedtls_gcm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key->data, key->size * HKS_BITS_PER_BYTE);
568 if (ret != HKS_MBEDTLS_SUCCESS) {
569 HKS_LOG_E("Mbedtls aes gcm set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
570 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
571 break;
572 }
573
574 const struct HksAeadParam *aeadParam = (struct HksAeadParam *)(usageSpec->algParam);
575 ret = mbedtls_gcm_crypt_and_tag(&ctx,
576 MBEDTLS_GCM_ENCRYPT,
577 message->size,
578 aeadParam->nonce.data,
579 aeadParam->nonce.size,
580 aeadParam->aad.data,
581 aeadParam->aad.size,
582 message->data,
583 cipherText->data,
584 tagAead->size,
585 tagAead->data);
586 if (ret != HKS_MBEDTLS_SUCCESS) {
587 HKS_LOG_E("Mbedtls aes gcm encryot failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
588 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
589 (void)memset_s(tagAead->data, tagAead->size, 0, tagAead->size);
590 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
591 break;
592 }
593 cipherText->size = message->size;
594 } while (0);
595
596 mbedtls_gcm_free(&ctx);
597 return ret;
598 }
599
AesEncryptGcmInit(void ** cryptoCtx,const struct HksUsageSpec * usageSpec,const struct HksBlob * key)600 static int32_t AesEncryptGcmInit(void **cryptoCtx, const struct HksUsageSpec *usageSpec, const struct HksBlob *key)
601 {
602 mbedtls_gcm_context *gcmCtx = (mbedtls_gcm_context *)HksMalloc(sizeof(mbedtls_gcm_context));
603 HKS_IF_NULL_LOGE_RETURN(gcmCtx, HKS_ERROR_MALLOC_FAIL, "Gcm gcmCtx malloc fail")
604
605 mbedtls_gcm_init(gcmCtx);
606
607 int32_t ret = mbedtls_gcm_setkey(gcmCtx, MBEDTLS_CIPHER_ID_AES, key->data, key->size * HKS_BITS_PER_BYTE);
608 if (ret != HKS_MBEDTLS_SUCCESS) {
609 HKS_LOG_E("Mbedtls aes gcm set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
610 mbedtls_gcm_free(gcmCtx);
611 HKS_FREE(gcmCtx);
612 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
613 }
614
615 const struct HksAeadParam *aeadParam = (struct HksAeadParam *)(usageSpec->algParam);
616 #ifdef USE_HISI_MBED
617 ret = mbedtls_gcm_starts(gcmCtx, MBEDTLS_GCM_ENCRYPT, aeadParam->nonce.data,
618 aeadParam->nonce.size, aeadParam->aad.data, aeadParam->aad.size);
619 #else
620 ret = mbedtls_gcm_starts(gcmCtx, MBEDTLS_GCM_ENCRYPT, aeadParam->nonce.data,
621 aeadParam->nonce.size);
622 #endif
623 if (ret != HKS_MBEDTLS_SUCCESS) {
624 HKS_LOG_E("Mbedtls aes gcm start failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
625 mbedtls_gcm_free(gcmCtx);
626 HKS_FREE(gcmCtx);
627 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
628 }
629
630 struct HksMbedtlsAesCtx *outCtx = (struct HksMbedtlsAesCtx *)HksMalloc(sizeof(struct HksMbedtlsAesCtx));
631 if (outCtx == NULL) {
632 HKS_LOG_E("initialize outCtx fail");
633 mbedtls_gcm_free(gcmCtx);
634 HKS_FREE(gcmCtx);
635 return HKS_ERROR_MALLOC_FAIL;
636 }
637
638 outCtx->mode = usageSpec->mode;
639 outCtx->append = (void *)gcmCtx;
640 *cryptoCtx = (void *)outCtx;
641
642 return ret;
643 }
644
MbedtlsGcmUpdate(mbedtls_gcm_context * gcmCtx,const struct HksBlob * message,struct HksBlob * cipherText,bool isEncrypt)645 static int32_t MbedtlsGcmUpdate(mbedtls_gcm_context *gcmCtx, const struct HksBlob *message,
646 struct HksBlob *cipherText, bool isEncrypt)
647 {
648 int32_t ret;
649 #ifdef USE_HISI_MBED
650 ret = mbedtls_gcm_update(gcmCtx, message->size, message->data, cipherText->data);
651 #else
652 size_t size = 0;
653 ret = mbedtls_gcm_update(gcmCtx, message->data, message->size, cipherText->data, cipherText->size, &size);
654 #endif
655 if (ret != HKS_MBEDTLS_SUCCESS) {
656 if (isEncrypt) {
657 HKS_LOG_E("Mbedtls aes gcm encrypt update failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
658 } else {
659 HKS_LOG_E("Mbedtls aes gcm decrypt update failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
660 }
661 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
662 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
663 }
664 return ret;
665 }
666
MbedtlsGcmFinish(mbedtls_gcm_context * gcmCtx,uint8_t * tagAeadData,uint32_t tagAeadSize,bool isEncrypt)667 static int32_t MbedtlsGcmFinish(mbedtls_gcm_context *gcmCtx, uint8_t *tagAeadData, uint32_t tagAeadSize, bool isEncrypt)
668 {
669 int32_t ret;
670 #ifdef USE_HISI_MBED
671 ret = mbedtls_gcm_finish(gcmCtx, tagAeadData, tagAeadSize);
672 #else
673 size_t size = 0;
674 ret = mbedtls_gcm_finish(gcmCtx, tagAeadData, tagAeadSize, &size, tagAeadData, tagAeadSize);
675 #endif
676 if (ret != HKS_MBEDTLS_SUCCESS) {
677 if (isEncrypt) {
678 HKS_LOG_E("Mbedtls aes gcm encrypt update failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
679 } else {
680 HKS_LOG_E("Mbedtls aes gcm decrypt update failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
681 }
682 (void)memset_s(tagAeadData, tagAeadSize, 0, tagAeadSize);
683 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
684 }
685 return ret;
686 }
687
AesEncryptGcmUpdate(void * cryptoCtx,const uint8_t padding,const struct HksBlob * message,struct HksBlob * cipherText)688 static int32_t AesEncryptGcmUpdate(void *cryptoCtx, const uint8_t padding, const struct HksBlob *message,
689 struct HksBlob *cipherText)
690 {
691 (void)padding;
692
693 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)cryptoCtx;
694 mbedtls_gcm_context *gcmCtx = (mbedtls_gcm_context *)aesCtx->append;
695 HKS_IF_NULL_LOGE_RETURN(gcmCtx, HKS_ERROR_NULL_POINTER, "GcmUpdate gcmCtx is null")
696
697 int32_t ret = MbedtlsGcmUpdate(gcmCtx, message, cipherText, true);
698 if (ret == HKS_MBEDTLS_SUCCESS) {
699 cipherText->size = message->size;
700 }
701 return ret;
702 }
703
AesEncryptGcmFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)704 static int32_t AesEncryptGcmFinal(void **cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText,
705 struct HksBlob *tagAead)
706 {
707 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)*cryptoCtx;
708 mbedtls_gcm_context *gcmCtx = (mbedtls_gcm_context *)aesCtx->append;
709 if (gcmCtx == NULL) {
710 HKS_LOG_E("GcmFinal gcmCtx is null");
711 HKS_FREE(*cryptoCtx);
712 return HKS_ERROR_NULL_POINTER;
713 }
714
715 int32_t ret;
716 do {
717 if (message->size != 0) {
718 ret = MbedtlsGcmUpdate(gcmCtx, message, cipherText, true);
719 if (ret != HKS_MBEDTLS_SUCCESS) {
720 break;
721 }
722 }
723 cipherText->size = message->size;
724 ret = MbedtlsGcmFinish(gcmCtx, tagAead->data, tagAead->size, true);
725 if (ret != HKS_MBEDTLS_SUCCESS) {
726 break;
727 }
728 } while (0);
729
730 mbedtls_gcm_free(gcmCtx);
731 HKS_FREE(aesCtx->append);
732 HKS_FREE(*cryptoCtx);
733 return ret;
734 }
735
AesDecryptGcm(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText)736 static int32_t AesDecryptGcm(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
737 const struct HksBlob *message, struct HksBlob *cipherText)
738 {
739 mbedtls_gcm_context ctx;
740 (void)memset_s(&ctx, sizeof(mbedtls_gcm_context), 0, sizeof(mbedtls_gcm_context));
741 mbedtls_gcm_init(&ctx);
742
743 int32_t ret;
744 do {
745 ret = mbedtls_gcm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key->data, key->size * HKS_BITS_PER_BYTE);
746 if (ret != HKS_MBEDTLS_SUCCESS) {
747 HKS_LOG_E("Mbedtls aes gcm set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
748 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
749 break;
750 }
751
752 const struct HksAeadParam *aeadParam = (struct HksAeadParam *)(usageSpec->algParam);
753 ret = mbedtls_gcm_auth_decrypt(&ctx,
754 message->size,
755 aeadParam->nonce.data,
756 aeadParam->nonce.size,
757 aeadParam->aad.data,
758 aeadParam->aad.size,
759 aeadParam->tagDec.data,
760 aeadParam->tagDec.size,
761 message->data,
762 cipherText->data);
763 if (ret != HKS_MBEDTLS_SUCCESS) {
764 HKS_LOG_E("Mbedtls aes gcm decrypt failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
765 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
766 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
767 break;
768 }
769 cipherText->size = message->size;
770 } while (0);
771
772 mbedtls_gcm_free(&ctx);
773 return ret;
774 }
775
AesDecryptGcmInit(void ** cryptoCtx,const struct HksBlob * key,const struct HksUsageSpec * usageSpec)776 static int32_t AesDecryptGcmInit(void **cryptoCtx, const struct HksBlob *key, const struct HksUsageSpec *usageSpec)
777 {
778 mbedtls_gcm_context *gcmCtx = (mbedtls_gcm_context*)HksMalloc(sizeof(mbedtls_gcm_context));
779 HKS_IF_NULL_LOGE_RETURN(gcmCtx, HKS_ERROR_MALLOC_FAIL, "Decrtyt Gcm gcmCtx malloc fail")
780
781 mbedtls_gcm_init(gcmCtx);
782
783 int32_t ret = mbedtls_gcm_setkey(gcmCtx, MBEDTLS_CIPHER_ID_AES, key->data, key->size * HKS_BITS_PER_BYTE);
784 if (ret != HKS_MBEDTLS_SUCCESS) {
785 HKS_LOG_E("Mbedtls aes gcm set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
786 mbedtls_gcm_free(gcmCtx);
787 HKS_FREE(gcmCtx);
788 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
789 }
790
791 const struct HksAeadParam *aeadParam = (struct HksAeadParam *)(usageSpec->algParam);
792 #ifdef USE_HISI_MBED
793 ret = mbedtls_gcm_starts(gcmCtx, MBEDTLS_GCM_DECRYPT, aeadParam->nonce.data,
794 aeadParam->nonce.size, aeadParam->aad.data, aeadParam->aad.size);
795 #else
796 ret = mbedtls_gcm_starts(gcmCtx, MBEDTLS_GCM_DECRYPT, aeadParam->nonce.data,
797 aeadParam->nonce.size);
798 #endif
799 if (ret != HKS_MBEDTLS_SUCCESS) {
800 HKS_LOG_E("Mbedtls aes gcm start failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
801 mbedtls_gcm_free(gcmCtx);
802 HKS_FREE(gcmCtx);
803 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
804 }
805
806 struct HksMbedtlsAesCtx *outCtx = (struct HksMbedtlsAesCtx *)HksMalloc(sizeof(struct HksMbedtlsAesCtx));
807 if (outCtx == NULL) {
808 mbedtls_gcm_free(gcmCtx);
809 HKS_FREE(gcmCtx);
810 return HKS_ERROR_MALLOC_FAIL;
811 }
812
813 outCtx->mode = usageSpec->mode;
814 outCtx->append = (void *)gcmCtx;
815 *cryptoCtx = (void *)outCtx;
816
817 return ret;
818 }
819
AesDecryptGcmUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)820 static int32_t AesDecryptGcmUpdate(void *cryptoCtx,
821 const struct HksBlob *message, struct HksBlob *cipherText)
822 {
823 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)cryptoCtx;
824 mbedtls_gcm_context *gcmCtx = (mbedtls_gcm_context *)aesCtx->append;
825 HKS_IF_NULL_LOGE_RETURN(gcmCtx, HKS_FAILURE, "GcmUpdate gcmCtx is null")
826
827 int32_t ret = MbedtlsGcmUpdate(gcmCtx, message, cipherText, false);
828 if (ret == HKS_MBEDTLS_SUCCESS) {
829 cipherText->size = message->size;
830 }
831
832 return ret;
833 }
834
AesDecryptGcmFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)835 static int32_t AesDecryptGcmFinal(void **cryptoCtx, const struct HksBlob *message,
836 struct HksBlob *cipherText, struct HksBlob *tagAead)
837 {
838 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)*cryptoCtx;
839 mbedtls_gcm_context *gcmCtx = (mbedtls_gcm_context *)aesCtx->append;
840 if (gcmCtx == NULL) {
841 HKS_LOG_E("GcmFinal gcmCtx is null");
842 HKS_FREE(*cryptoCtx);
843 return HKS_FAILURE;
844 }
845
846 int32_t ret;
847 do {
848 if (message->size != 0) {
849 ret = MbedtlsGcmUpdate(gcmCtx, message, cipherText, false);
850 if (ret != HKS_MBEDTLS_SUCCESS) {
851 break;
852 }
853 }
854 cipherText->size = message->size;
855
856 uint8_t check_tag[16];
857 ret = MbedtlsGcmFinish(gcmCtx, check_tag, tagAead->size, false);
858 if (ret != HKS_MBEDTLS_SUCCESS) {
859 break;
860 }
861
862 uint8_t diff;
863 size_t i;
864 /* Check tag in "constant-time" */
865 for (diff = 0, i = 0; i < tagAead->size; i++) {
866 diff |= tagAead->data[i] ^ check_tag[i];
867 }
868
869 if (diff != 0) {
870 mbedtls_platform_zeroize(cipherText->data, message->size);
871 HKS_LOG_E("gcm auth failed!");
872 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
873 break;
874 }
875 } while (0);
876
877 mbedtls_gcm_free(gcmCtx);
878 HKS_FREE(aesCtx->append);
879 HKS_FREE(*cryptoCtx);
880
881 return ret;
882 }
883 #endif /* HKS_SUPPORT_AES_GCM */
884
885 #ifdef HKS_SUPPORT_AES_CCM
AesEncryptCcm(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)886 static int32_t AesEncryptCcm(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
887 const struct HksBlob *message, struct HksBlob *cipherText, struct HksBlob *tagAead)
888 {
889 mbedtls_ccm_context ctx;
890 (void)memset_s(&ctx, sizeof(mbedtls_ccm_context), 0, sizeof(mbedtls_ccm_context));
891 mbedtls_ccm_init(&ctx);
892
893 int32_t ret;
894 do {
895 ret = mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key->data, key->size * HKS_BITS_PER_BYTE);
896 if (ret != HKS_MBEDTLS_SUCCESS) {
897 HKS_LOG_E("Mbedtls aes ccm set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
898 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
899 break;
900 }
901
902 const struct HksAeadParam *aeadParam = (struct HksAeadParam *)(usageSpec->algParam);
903 ret = mbedtls_ccm_encrypt_and_tag(&ctx,
904 message->size,
905 aeadParam->nonce.data,
906 aeadParam->nonce.size,
907 aeadParam->aad.data,
908 aeadParam->aad.size,
909 message->data,
910 cipherText->data,
911 tagAead->data,
912 tagAead->size);
913 if (ret != HKS_MBEDTLS_SUCCESS) {
914 HKS_LOG_E("Mbedtls aes ccm encrypt failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
915 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
916 (void)memset_s(tagAead->data, tagAead->size, 0, tagAead->size);
917 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
918 break;
919 }
920 cipherText->size = message->size;
921 } while (0);
922
923 mbedtls_ccm_free(&ctx);
924 return ret;
925 }
926
AesDecryptCcm(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText)927 static int32_t AesDecryptCcm(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
928 const struct HksBlob *message, struct HksBlob *cipherText)
929 {
930 mbedtls_ccm_context ctx;
931 (void)memset_s(&ctx, sizeof(mbedtls_ccm_context), 0, sizeof(mbedtls_ccm_context));
932 mbedtls_ccm_init(&ctx);
933
934 int32_t ret;
935 do {
936 ret = mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key->data, key->size * HKS_BITS_PER_BYTE);
937 if (ret != HKS_MBEDTLS_SUCCESS) {
938 HKS_LOG_E("Mbedtls aes ccm set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
939 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
940 break;
941 }
942
943 const struct HksAeadParam *aeadParam = (struct HksAeadParam *)(usageSpec->algParam);
944 ret = mbedtls_ccm_auth_decrypt(&ctx,
945 message->size,
946 aeadParam->nonce.data,
947 aeadParam->nonce.size,
948 aeadParam->aad.data,
949 aeadParam->aad.size,
950 message->data,
951 cipherText->data,
952 aeadParam->tagDec.data,
953 aeadParam->tagDec.size);
954 if (ret != HKS_MBEDTLS_SUCCESS) {
955 HKS_LOG_E("Mbedtls aes ccm decrypt failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
956 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
957 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
958 break;
959 }
960 cipherText->size = message->size;
961 } while (0);
962
963 mbedtls_ccm_free(&ctx);
964 return ret;
965 }
966 #endif /* HKS_SUPPORT_AES_CCM */
967
968 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
AesCtrCrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)969 static int32_t AesCtrCrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
970 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
971 {
972 const struct HksCipherParam *cipherParam = (struct HksCipherParam *)(usageSpec->algParam);
973 mbedtls_cipher_context_t ctx;
974 (void)memset_s(&ctx, sizeof(mbedtls_cipher_context_t), 0, sizeof(mbedtls_cipher_context_t));
975 mbedtls_cipher_init(&ctx);
976
977 int32_t ret;
978 do {
979 const mbedtls_cipher_info_t *info =
980 mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, key->size * HKS_BITS_PER_BYTE, MBEDTLS_MODE_CTR);
981 if (info == NULL) {
982 HKS_LOG_E("get cipher info from values failed!");
983 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
984 break;
985 }
986 ret = mbedtls_cipher_setup(&ctx, info);
987 if (ret != HKS_MBEDTLS_SUCCESS) {
988 HKS_LOG_E("Mbedtls failed ret = %" LOG_PUBLIC "d", ret);
989 break;
990 }
991
992 ret = mbedtls_cipher_setkey(
993 &ctx, key->data, key->size * HKS_BITS_PER_BYTE, encrypt ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT);
994 if (ret != HKS_MBEDTLS_SUCCESS) {
995 HKS_LOG_E("Mbedtls failed ret = %" LOG_PUBLIC "d", ret);
996 break;
997 }
998
999 size_t outLen;
1000 ret = mbedtls_cipher_crypt(
1001 &ctx, cipherParam->iv.data, cipherParam->iv.size, message->data, message->size, cipherText->data, &outLen);
1002 if (ret != HKS_MBEDTLS_SUCCESS) {
1003 HKS_LOG_E("Mbedtls failed ret = 0x%" LOG_PUBLIC "X", ret);
1004 break;
1005 }
1006 cipherText->size = outLen;
1007
1008 mbedtls_cipher_free(&ctx);
1009 return HKS_SUCCESS;
1010 } while (0);
1011
1012 mbedtls_cipher_free(&ctx);
1013 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1014 }
1015
AesCtrCryptInitParam(const struct HksBlob * key,mbedtls_cipher_context_t * ctrCtx,const bool encrypt)1016 static int32_t AesCtrCryptInitParam(const struct HksBlob *key, mbedtls_cipher_context_t *ctrCtx,
1017 const bool encrypt)
1018 {
1019 int32_t ret;
1020 const mbedtls_cipher_info_t *info =
1021 mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, key->size * HKS_BITS_PER_BYTE, MBEDTLS_MODE_CTR);
1022 if (info == NULL) {
1023 HKS_LOG_E("get cipher info from values failed!");
1024 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1025 }
1026 ret = mbedtls_cipher_setup(ctrCtx, info);
1027 if (ret != HKS_MBEDTLS_SUCCESS) {
1028 HKS_LOG_E("Mbedtls failed ret = %" LOG_PUBLIC "d", ret);
1029 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1030 }
1031
1032 ret = mbedtls_cipher_setkey(
1033 ctrCtx, key->data, key->size * HKS_BITS_PER_BYTE, encrypt ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT);
1034 if (ret != HKS_MBEDTLS_SUCCESS) {
1035 HKS_LOG_E("Mbedtls failed ret = %" LOG_PUBLIC "d", ret);
1036 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1037 }
1038 return HKS_SUCCESS;
1039 }
1040
AesCtrCryptInit(void ** cryptoCtx,const struct HksUsageSpec * usageSpec,const struct HksBlob * key,const bool encrypt)1041 static int32_t AesCtrCryptInit(void **cryptoCtx, const struct HksUsageSpec *usageSpec,
1042 const struct HksBlob *key, const bool encrypt)
1043 {
1044 mbedtls_cipher_context_t *ctrCtx = (mbedtls_cipher_context_t *)HksMalloc(sizeof(mbedtls_cipher_context_t));
1045 HKS_IF_NULL_LOGE_RETURN(ctrCtx, HKS_ERROR_MALLOC_FAIL, "Ctr ctrCtx malloc fail")
1046
1047 mbedtls_cipher_init(ctrCtx);
1048
1049 int32_t ret;
1050 ret = AesCtrCryptInitParam(key, ctrCtx, encrypt);
1051 if (ret != HKS_SUCCESS) {
1052 HKS_LOG_E("AesCtrCryptInitParam failed ret = 0x%" LOG_PUBLIC "X", ret);
1053 mbedtls_cipher_free(ctrCtx);
1054 HKS_FREE(ctrCtx);
1055 return ret;
1056 }
1057
1058 const struct HksCipherParam *cipherParam = (struct HksCipherParam *)(usageSpec->algParam);
1059 if (cipherParam == NULL) {
1060 HKS_LOG_E("Gcm cipherParam is null");
1061 mbedtls_cipher_free(ctrCtx);
1062 HKS_FREE(ctrCtx);
1063 return HKS_FAILURE;
1064 }
1065
1066 ret = mbedtls_cipher_set_iv(ctrCtx, cipherParam->iv.data, cipherParam->iv.size);
1067 if (ret != HKS_SUCCESS) {
1068 HKS_LOG_E("Mbedtls cbc pkcs7 set iv failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
1069 mbedtls_cipher_free(ctrCtx);
1070 HKS_FREE(ctrCtx);
1071 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1072 }
1073 ret = mbedtls_cipher_reset(ctrCtx);
1074 if (ret != HKS_SUCCESS) {
1075 HKS_LOG_E("Mbedtls cbc pkcs7 reset failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
1076 mbedtls_cipher_free(ctrCtx);
1077 HKS_FREE(ctrCtx);
1078 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1079 }
1080
1081 struct HksMbedtlsAesCtx *outCtx = (struct HksMbedtlsAesCtx *)HksMalloc(sizeof(HksMbedtlsAesCtx));
1082 if (outCtx == NULL) {
1083 mbedtls_cipher_free(ctrCtx);
1084 HKS_FREE(ctrCtx);
1085 return HKS_ERROR_MALLOC_FAIL;
1086 }
1087
1088 outCtx->mode = usageSpec->mode;
1089 outCtx->padding = usageSpec->padding;
1090 outCtx->append = (void *)ctrCtx;
1091
1092 *cryptoCtx = (void *)outCtx;
1093 return ret;
1094 }
1095
AesCtrCryptUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)1096 static int32_t AesCtrCryptUpdate(void *cryptoCtx,
1097 const struct HksBlob *message, struct HksBlob *cipherText)
1098 {
1099 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)cryptoCtx;
1100 mbedtls_cipher_context_t *ctrCtx = (mbedtls_cipher_context_t *)aesCtx->append;
1101 HKS_IF_NULL_LOGE_RETURN(ctrCtx, HKS_FAILURE, "CtrUpdate ctrCtx is null")
1102
1103 size_t olen;
1104 int32_t ret = mbedtls_cipher_update(ctrCtx, message->data, message->size, cipherText->data, &olen);
1105 if (ret != HKS_MBEDTLS_SUCCESS) {
1106 HKS_LOG_E("Mbedtls cipher update failed ret = 0x%" LOG_PUBLIC "X", ret);
1107 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1108 }
1109
1110 cipherText->size = olen;
1111 return ret;
1112 }
1113
AesCtrCryptFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)1114 static int32_t AesCtrCryptFinal(void **cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText)
1115 {
1116 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)*cryptoCtx;
1117 mbedtls_cipher_context_t *ctrCtx = (mbedtls_cipher_context_t *)aesCtx->append;
1118 if (ctrCtx == NULL) {
1119 HKS_LOG_E("CtrFinal ctrCtx is null");
1120 HKS_FREE(*cryptoCtx);
1121 return HKS_FAILURE;
1122 }
1123
1124 int32_t ret;
1125 do {
1126 size_t olen = (size_t)cipherText->size;
1127 if (message->size != 0) {
1128 ret = mbedtls_cipher_update(ctrCtx, message->data, message->size, cipherText->data, &olen);
1129 if (ret != HKS_MBEDTLS_SUCCESS) {
1130 HKS_LOG_E("Mbedtls cipher update failed ret = 0x%" LOG_PUBLIC "X", ret);
1131 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
1132 break;
1133 }
1134 }
1135
1136 size_t finish_olen;
1137 ret = mbedtls_cipher_finish(ctrCtx, cipherText->data + olen, &finish_olen);
1138 if (ret != HKS_MBEDTLS_SUCCESS) {
1139 HKS_LOG_E("Mbedtls cipher update failed ret = 0x%" LOG_PUBLIC "X", ret);
1140 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
1141 break;
1142 } else {
1143 cipherText->size = (uint32_t)(olen + finish_olen);
1144 }
1145 } while (0);
1146
1147 mbedtls_cipher_free(ctrCtx);
1148 HKS_FREE(aesCtx->append);
1149 HKS_FREE(*cryptoCtx);
1150 return ret;
1151 }
1152 #endif
1153
1154 #ifdef HKS_SUPPORT_AES_ECB_NOPADDING
AesEcbNoPaddingCrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)1155 static int32_t AesEcbNoPaddingCrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
1156 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
1157 {
1158 (void)usageSpec;
1159 mbedtls_cipher_context_t ctx;
1160 (void)memset_s(&ctx, sizeof(mbedtls_cipher_context_t), 0, sizeof(mbedtls_cipher_context_t));
1161 mbedtls_cipher_init(&ctx);
1162
1163 int32_t ret;
1164 do {
1165 const mbedtls_cipher_info_t *info =
1166 mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, key->size * HKS_BITS_PER_BYTE, MBEDTLS_MODE_ECB);
1167 if (info == NULL) {
1168 HKS_LOG_E("get cipher info from values failed!");
1169 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
1170 break;
1171 }
1172 ret = mbedtls_cipher_setup(&ctx, info);
1173 if (ret != HKS_MBEDTLS_SUCCESS) {
1174 HKS_LOG_E("Mbedtls failed ret = %" LOG_PUBLIC "d", ret);
1175 break;
1176 }
1177
1178 ret = mbedtls_cipher_setkey(
1179 &ctx, key->data, key->size * HKS_BITS_PER_BYTE, encrypt ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT);
1180 if (ret != HKS_MBEDTLS_SUCCESS) {
1181 HKS_LOG_E("Mbedtls failed ret = %" LOG_PUBLIC "d", ret);
1182 break;
1183 }
1184
1185 size_t outLen;
1186 ret = mbedtls_cipher_crypt(&ctx, NULL, 0, message->data, message->size, cipherText->data, &outLen);
1187 if (ret != HKS_MBEDTLS_SUCCESS) {
1188 HKS_LOG_E("Mbedtls failed ret = 0x%" LOG_PUBLIC "X", ret);
1189 break;
1190 }
1191 cipherText->size = outLen;
1192
1193 mbedtls_cipher_free(&ctx);
1194 return HKS_SUCCESS;
1195 } while (0);
1196
1197 mbedtls_cipher_free(&ctx);
1198 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1199 }
1200
AesEcbNoPaddingCryptInitParam(const struct HksBlob * key,mbedtls_cipher_context_t * ecbCtx,const bool encrypt)1201 static int32_t AesEcbNoPaddingCryptInitParam(const struct HksBlob *key, mbedtls_cipher_context_t *ecbCtx,
1202 const bool encrypt)
1203 {
1204 const mbedtls_cipher_info_t *info =
1205 mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, key->size * HKS_BITS_PER_BYTE, MBEDTLS_MODE_ECB);
1206 if (info == NULL) {
1207 HKS_LOG_E("get cipher info from values failed!");
1208 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1209 }
1210 int32_t ret = mbedtls_cipher_setup(ecbCtx, info);
1211 if (ret != HKS_MBEDTLS_SUCCESS) {
1212 HKS_LOG_E("Mbedtls cipher setup failed ret = %" LOG_PUBLIC "d", ret);
1213 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1214 }
1215
1216 ret = mbedtls_cipher_setkey(
1217 ecbCtx, key->data, key->size * HKS_BITS_PER_BYTE, encrypt ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT);
1218 if (ret != HKS_MBEDTLS_SUCCESS) {
1219 HKS_LOG_E("Mbedtls setkey failed ret = %" LOG_PUBLIC "d", ret);
1220 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1221 }
1222
1223 ret = mbedtls_cipher_set_iv(ecbCtx, NULL, 0);
1224 if (ret != HKS_MBEDTLS_SUCCESS) {
1225 HKS_LOG_E("Mbedtls set iv failed ret = %" LOG_PUBLIC "d", ret);
1226 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1227 }
1228 return HKS_SUCCESS;
1229 }
1230
AesEcbNoPaddingCryptInit(void ** cryptoCtx,const struct HksUsageSpec * usageSpec,const struct HksBlob * key,const bool encrypt)1231 static int32_t AesEcbNoPaddingCryptInit(void **cryptoCtx, const struct HksUsageSpec *usageSpec,
1232 const struct HksBlob *key, const bool encrypt)
1233 {
1234 mbedtls_cipher_context_t *ecbCtx = (mbedtls_cipher_context_t *)HksMalloc(sizeof(mbedtls_cipher_context_t));
1235 HKS_IF_NULL_LOGE_RETURN(ecbCtx, HKS_ERROR_MALLOC_FAIL, "Ecb ecbCtx malloc fail")
1236
1237 mbedtls_cipher_init(ecbCtx);
1238
1239 int32_t ret = AesEcbNoPaddingCryptInitParam(key, ecbCtx, encrypt);
1240 if (ret != HKS_SUCCESS) {
1241 HKS_LOG_E("AesEcbNoPaddingCryptInitParam failed ret = %" LOG_PUBLIC "d", ret);
1242 mbedtls_cipher_free(ecbCtx);
1243 HKS_FREE(ecbCtx);
1244 return ret;
1245 }
1246
1247 ret = mbedtls_cipher_reset(ecbCtx);
1248 if (ret != HKS_MBEDTLS_SUCCESS) {
1249 HKS_LOG_E("Mbedtls reset failed ret = %" LOG_PUBLIC "d", ret);
1250 mbedtls_cipher_free(ecbCtx);
1251 HKS_FREE(ecbCtx);
1252 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1253 }
1254
1255 struct HksMbedtlsAesCtx *outCtx = (struct HksMbedtlsAesCtx *)HksMalloc(sizeof(HksMbedtlsAesCtx));
1256 if (outCtx == NULL) {
1257 HKS_LOG_E("initialize outCtx fail");
1258 mbedtls_cipher_free(ecbCtx);
1259 HKS_FREE(ecbCtx);
1260 return HKS_ERROR_MALLOC_FAIL;
1261 }
1262
1263 outCtx->algType = usageSpec->algType;
1264 outCtx->mode = usageSpec->mode;
1265 outCtx->padding = usageSpec->padding;
1266 outCtx->append = (void *)ecbCtx;
1267 *cryptoCtx = (void *)outCtx;
1268
1269 return ret;
1270 }
1271
AesEcbNoPaddingData(mbedtls_cipher_context_t * ecbNoPadingctx,size_t blockSize,const struct HksBlob * message,struct HksBlob * cipherText,size_t * olenTotal)1272 static int32_t AesEcbNoPaddingData(mbedtls_cipher_context_t *ecbNoPadingctx, size_t blockSize,
1273 const struct HksBlob *message, struct HksBlob *cipherText, size_t *olenTotal)
1274 {
1275 int32_t ret;
1276
1277 uint8_t *tmpMessage = (uint8_t *)HksMalloc(blockSize);
1278 HKS_IF_NULL_LOGE_RETURN(tmpMessage, HKS_ERROR_INSUFFICIENT_MEMORY, "EcbNoPaddingUpdate tmpMessage is null")
1279
1280 if (message->size <= blockSize) {
1281 (void)memset_s(tmpMessage, blockSize, 0, blockSize);
1282 (void)memcpy_s(tmpMessage, message->size, message->data, message->size);
1283 ret = mbedtls_cipher_update(ecbNoPadingctx, tmpMessage, blockSize, cipherText->data, olenTotal);
1284 if (ret != HKS_MBEDTLS_SUCCESS) {
1285 HKS_LOG_E("Mbedtls ecb no padding update failed ret = 0x%" LOG_PUBLIC "X", ret);
1286 HKS_FREE(tmpMessage);
1287 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1288 }
1289 } else {
1290 uint32_t point = 0;
1291 while (point < message->size) {
1292 (void)memset_s(tmpMessage, blockSize, 0, blockSize);
1293 uint32_t tmpSize = (message->size - point) >= blockSize ? blockSize : (message->size - point);
1294 if (memcpy_s(tmpMessage, blockSize, message->data + point, tmpSize)) {
1295 HKS_LOG_E("copy data failed");
1296 HKS_FREE(tmpMessage);
1297 return HKS_ERROR_INSUFFICIENT_MEMORY;
1298 }
1299 size_t olen;
1300 ret = mbedtls_cipher_update(ecbNoPadingctx, tmpMessage, tmpSize, cipherText->data + point, &olen);
1301 if (ret != HKS_MBEDTLS_SUCCESS) {
1302 HKS_LOG_E("Mbedtls ecb no padding update failed ret = 0x%" LOG_PUBLIC "X", ret);
1303 HKS_FREE(tmpMessage);
1304 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1305 }
1306 *olenTotal += olen;
1307 point += blockSize;
1308 }
1309 }
1310 HKS_FREE(tmpMessage);
1311 return HKS_SUCCESS;
1312 }
1313
GetAesEcbNoPaddingCtx(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,size_t * olenTotal)1314 static mbedtls_cipher_context_t *GetAesEcbNoPaddingCtx(void *cryptoCtx, const struct HksBlob *message,
1315 struct HksBlob *cipherText, size_t *olenTotal)
1316 {
1317 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)cryptoCtx;
1318 mbedtls_cipher_context_t *ecbNoPadingctx = (mbedtls_cipher_context_t *)aesCtx->append;
1319 HKS_IF_NULL_LOGE_RETURN(ecbNoPadingctx, NULL, "EcbNoPaddingUpdate ecbNoPadingctx is null")
1320
1321 int32_t ret = HKS_SUCCESS;
1322 do {
1323 if (message == NULL) {
1324 HKS_LOG_E("The message is null.");
1325 ret = HKS_FAILURE;
1326 break;
1327 }
1328
1329 if (message->size != 0) {
1330 size_t blockSize = mbedtls_cipher_get_block_size(ecbNoPadingctx);
1331 HKS_LOG_E("Ecb No padding update!message.size[%" LOG_PUBLIC "d] blockSize[%" LOG_PUBLIC "d]",
1332 message->size, blockSize);
1333 if (blockSize == 0 || (message->size % blockSize != 0)) {
1334 HKS_LOG_E("The size of message is invalid.");
1335 ret = HKS_ERROR_INVALID_ARGUMENT;
1336 break;
1337 }
1338
1339 ret = AesEcbNoPaddingData(ecbNoPadingctx, blockSize, message, cipherText, olenTotal);
1340 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "AesEcbNoPaddingData failed")
1341 }
1342 } while (0);
1343
1344 HKS_IF_NOT_SUCC_RETURN(ret, NULL)
1345
1346 return ecbNoPadingctx;
1347 }
1348
AesEcbNoPaddingCryptUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)1349 static int32_t AesEcbNoPaddingCryptUpdate(void *cryptoCtx, const struct HksBlob *message,
1350 struct HksBlob *cipherText)
1351 {
1352 size_t olenTotal = 0;
1353 HKS_IF_NULL_RETURN(GetAesEcbNoPaddingCtx(cryptoCtx, message, cipherText, &olenTotal), HKS_ERROR_NULL_POINTER)
1354
1355 cipherText->size = olenTotal;
1356 return HKS_SUCCESS;
1357 }
1358
AesEcbNoPaddingCryptFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)1359 static int32_t AesEcbNoPaddingCryptFinal(void **cryptoCtx, const struct HksBlob *message,
1360 struct HksBlob *cipherText)
1361 {
1362 size_t olenTotal = 0;
1363 mbedtls_cipher_context_t *ecbNoPadingctx = GetAesEcbNoPaddingCtx(*cryptoCtx, message, cipherText, &olenTotal);
1364 if (ecbNoPadingctx == NULL) {
1365 HKS_FREE(*cryptoCtx);
1366 return HKS_ERROR_NULL_POINTER;
1367 }
1368
1369 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)*cryptoCtx;
1370 size_t finish_olen;
1371 size_t olen = olenTotal;
1372 int32_t ret = mbedtls_cipher_finish(ecbNoPadingctx, cipherText->data + olen, &finish_olen);
1373 if (ret != HKS_MBEDTLS_SUCCESS) {
1374 HKS_LOG_E("Mbedtls ecb nopadding crypt update failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
1375 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
1376 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
1377 } else {
1378 cipherText->size = olen + finish_olen;
1379 }
1380
1381 mbedtls_cipher_free(ecbNoPadingctx);
1382 HKS_FREE(aesCtx->append);
1383 HKS_FREE(*cryptoCtx);
1384
1385 return ret;
1386 }
1387 #endif
1388
1389 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
AesEcbCrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)1390 static int32_t AesEcbCrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
1391 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
1392 {
1393 switch (usageSpec->padding) {
1394 #ifdef HKS_SUPPORT_AES_ECB_NOPADDING
1395 case HKS_PADDING_NONE:
1396 return AesEcbNoPaddingCrypt(key, usageSpec, message, encrypt, cipherText);
1397 #endif
1398 case HKS_PADDING_PKCS7:
1399 return HKS_ERROR_NOT_SUPPORTED;
1400 default:
1401 HKS_LOG_E("Unsupport padding! mode = 0x%" LOG_PUBLIC "X", usageSpec->padding);
1402 return HKS_ERROR_INVALID_PADDING;
1403 }
1404 }
1405
AesEcbCryptInit(void ** cryptoCtx,const struct HksUsageSpec * usageSpec,const struct HksBlob * key,const bool encrypt)1406 static int32_t AesEcbCryptInit(void **cryptoCtx, const struct HksUsageSpec *usageSpec,
1407 const struct HksBlob *key, const bool encrypt)
1408 {
1409 switch (usageSpec->padding) {
1410 #ifdef HKS_SUPPORT_AES_ECB_NOPADDING
1411 case HKS_PADDING_NONE:
1412 return AesEcbNoPaddingCryptInit(cryptoCtx, usageSpec, key, encrypt);
1413 #endif
1414 case HKS_PADDING_PKCS7:
1415 return HKS_ERROR_NOT_SUPPORTED;
1416 default:
1417 HKS_LOG_E("Unsupport padding! mode = 0x%" LOG_PUBLIC "X", usageSpec->padding);
1418 return HKS_ERROR_INVALID_PADDING;
1419 }
1420 }
1421
AesEcbCryptUpdate(void * cryptoCtx,const uint8_t padding,const struct HksBlob * message,struct HksBlob * cipherText)1422 static int32_t AesEcbCryptUpdate(void *cryptoCtx, const uint8_t padding, const struct HksBlob *message,
1423 struct HksBlob *cipherText)
1424 {
1425 switch (padding) {
1426 #ifdef HKS_SUPPORT_AES_ECB_NOPADDING
1427 case HKS_PADDING_NONE:
1428 return AesEcbNoPaddingCryptUpdate(cryptoCtx, message, cipherText);
1429 #endif
1430 case HKS_PADDING_PKCS7:
1431 return HKS_ERROR_NOT_SUPPORTED;
1432 default:
1433 HKS_LOG_E("Unsupport padding! mode = 0x%" LOG_PUBLIC "X", padding);
1434 return HKS_ERROR_INVALID_PADDING;
1435 }
1436 }
1437
AesEcbCryptFinal(void ** cryptoCtx,const uint8_t padding,const struct HksBlob * message,struct HksBlob * cipherText)1438 static int32_t AesEcbCryptFinal(void **cryptoCtx, const uint8_t padding, const struct HksBlob *message,
1439 struct HksBlob *cipherText)
1440 {
1441 switch (padding) {
1442 #ifdef HKS_SUPPORT_AES_ECB_NOPADDING
1443 case HKS_PADDING_NONE:
1444 return AesEcbNoPaddingCryptFinal(cryptoCtx, message, cipherText);
1445 #endif
1446 case HKS_PADDING_PKCS7:
1447 return HKS_ERROR_NOT_SUPPORTED;
1448 default:
1449 HKS_LOG_E("Unsupport padding! mode = 0x%" LOG_PUBLIC "X", padding);
1450 return HKS_ERROR_INVALID_PADDING;
1451 }
1452 }
1453 #endif
1454
CheckKeySize(const struct HksBlob * key)1455 static int32_t CheckKeySize(const struct HksBlob *key)
1456 {
1457 if ((key->size != HKS_KEY_BYTES(HKS_AES_KEY_SIZE_128)) && (key->size != HKS_KEY_BYTES(HKS_AES_KEY_SIZE_192)) &&
1458 (key->size != HKS_KEY_BYTES(HKS_AES_KEY_SIZE_256))) {
1459 return HKS_ERROR_INVALID_KEY_SIZE;
1460 }
1461
1462 return HKS_SUCCESS;
1463 }
1464
HksMbedtlsAesEncrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)1465 int32_t HksMbedtlsAesEncrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
1466 const struct HksBlob *message, struct HksBlob *cipherText, struct HksBlob *tagAead)
1467 {
1468 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckKeySize(key), HKS_ERROR_INVALID_KEY_SIZE,
1469 "Invalid aes keySiz = 0x%" LOG_PUBLIC "X", key->size)
1470
1471 switch (usageSpec->mode) {
1472 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1473 case HKS_MODE_CBC:
1474 return AesCbcCrypt(key, usageSpec, message, true, cipherText);
1475 #endif
1476 #ifdef HKS_SUPPORT_AES_GCM
1477 case HKS_MODE_GCM:
1478 return AesEncryptGcm(key, usageSpec, message, cipherText, tagAead);
1479 #endif
1480 #ifdef HKS_SUPPORT_AES_CCM
1481 case HKS_MODE_CCM:
1482 return AesEncryptCcm(key, usageSpec, message, cipherText, tagAead);
1483 #endif
1484 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1485 case HKS_MODE_CTR:
1486 return AesCtrCrypt(key, usageSpec, message, true, cipherText);
1487 #endif
1488 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1489 case HKS_MODE_ECB:
1490 return AesEcbCrypt(key, usageSpec, message, true, cipherText);
1491 #endif
1492 default:
1493 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", usageSpec->mode);
1494 return HKS_ERROR_NOT_SUPPORTED;
1495 }
1496 }
1497
HksMbedtlsAesEncryptInit(void ** cryptoCtx,const struct HksBlob * key,const struct HksUsageSpec * usageSpec)1498 int32_t HksMbedtlsAesEncryptInit(void** cryptoCtx, const struct HksBlob *key, const struct HksUsageSpec *usageSpec)
1499 {
1500 if (CheckKeySize(key) != HKS_SUCCESS || cryptoCtx == NULL || usageSpec == NULL) {
1501 HKS_LOG_E("Invalid aes keySiz = 0x%" LOG_PUBLIC "X", key->size);
1502 return HKS_ERROR_INVALID_ARGUMENT;
1503 }
1504
1505 switch (usageSpec->mode) {
1506 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1507 case HKS_MODE_CBC:
1508 return AesCbcCryptInit(cryptoCtx, key, usageSpec, true);
1509 #endif
1510 #ifdef HKS_SUPPORT_AES_GCM
1511 case HKS_MODE_GCM:
1512 return AesEncryptGcmInit(cryptoCtx, usageSpec, key);
1513 #endif
1514 #ifdef HKS_SUPPORT_AES_CCM
1515 case HKS_MODE_CCM:
1516 return HKS_ERROR_INVALID_ARGUMENT;
1517 #endif
1518 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1519 case HKS_MODE_CTR:
1520 return AesCtrCryptInit(cryptoCtx, usageSpec, key, true);
1521 #endif
1522 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1523 case HKS_MODE_ECB:
1524 return AesEcbCryptInit(cryptoCtx, usageSpec, key, true);
1525 #endif
1526 default:
1527 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", usageSpec->mode);
1528 return HKS_ERROR_NOT_SUPPORTED;
1529 }
1530 }
1531
HksMbedtlsAesEncryptUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)1532 int32_t HksMbedtlsAesEncryptUpdate(void *cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText)
1533 {
1534 HKS_IF_NULL_LOGE_RETURN(cryptoCtx, HKS_ERROR_INVALID_ARGUMENT, "Mbedtls AES encrypt update param is null")
1535
1536 struct HksMbedtlsAesCtx *aesEncryptCtx = (struct HksMbedtlsAesCtx *)cryptoCtx;
1537
1538 switch (aesEncryptCtx->mode) {
1539 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1540 case HKS_MODE_CBC:
1541 return AesCbcCryptUpdate(cryptoCtx, aesEncryptCtx->padding, message, true, cipherText);
1542 #endif
1543 #ifdef HKS_SUPPORT_AES_GCM
1544 case HKS_MODE_GCM:
1545 return AesEncryptGcmUpdate(cryptoCtx, aesEncryptCtx->padding, message, cipherText);
1546 #endif
1547 #ifdef HKS_SUPPORT_AES_CCM
1548 case HKS_MODE_CCM:
1549 return HKS_ERROR_INVALID_ARGUMENT;
1550 #endif
1551 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1552 case HKS_MODE_CTR:
1553 return AesCtrCryptUpdate(cryptoCtx, message, cipherText);
1554 #endif
1555 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1556 case HKS_MODE_ECB:
1557 return AesEcbCryptUpdate(cryptoCtx, aesEncryptCtx->padding, message, cipherText);
1558 #endif
1559 default:
1560 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", aesEncryptCtx->mode);
1561 return HKS_ERROR_INVALID_ARGUMENT;
1562 }
1563 }
1564
HksMbedtlsAesEncryptFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)1565 int32_t HksMbedtlsAesEncryptFinal(void** cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText,
1566 struct HksBlob *tagAead)
1567 {
1568 struct HksMbedtlsAesCtx *aesEncryptCtx = (struct HksMbedtlsAesCtx *)*cryptoCtx;
1569
1570 switch (aesEncryptCtx->mode) {
1571 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1572 case HKS_MODE_CBC:
1573 return AesCbcCryptFinal(cryptoCtx, aesEncryptCtx->padding, message, true, cipherText);
1574 #endif
1575 #ifdef HKS_SUPPORT_AES_GCM
1576 case HKS_MODE_GCM:
1577 return AesEncryptGcmFinal(cryptoCtx, message, cipherText, tagAead);
1578 #endif
1579 #ifdef HKS_SUPPORT_AES_CCM
1580 case HKS_MODE_CCM:
1581 return HKS_ERROR_INVALID_ARGUMENT;
1582 #endif
1583 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1584 case HKS_MODE_CTR:
1585 return AesCtrCryptFinal(cryptoCtx, message, cipherText);
1586 #endif
1587 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1588 case HKS_MODE_ECB:
1589 return AesEcbCryptFinal(cryptoCtx, aesEncryptCtx->padding, message, cipherText);
1590 #endif
1591 default:
1592 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", aesEncryptCtx->mode);
1593 return HKS_ERROR_INVALID_ARGUMENT;
1594 }
1595 }
1596
HksMbedtlsAesDecrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText)1597 int32_t HksMbedtlsAesDecrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
1598 const struct HksBlob *message, struct HksBlob *cipherText)
1599 {
1600 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckKeySize(key), HKS_ERROR_INVALID_KEY_SIZE,
1601 "Invalid aes keySize = 0x%" LOG_PUBLIC "X", key->size)
1602
1603 switch (usageSpec->mode) {
1604 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1605 case HKS_MODE_CBC:
1606 return AesCbcCrypt(key, usageSpec, message, false, cipherText);
1607 #endif
1608 #ifdef HKS_SUPPORT_AES_GCM
1609 case HKS_MODE_GCM:
1610 return AesDecryptGcm(key, usageSpec, message, cipherText);
1611 #endif
1612 #ifdef HKS_SUPPORT_AES_CCM
1613 case HKS_MODE_CCM:
1614 return AesDecryptCcm(key, usageSpec, message, cipherText);
1615 #endif
1616 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1617 case HKS_MODE_CTR:
1618 return AesCtrCrypt(key, usageSpec, message, false, cipherText);
1619 #endif
1620 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1621 case HKS_MODE_ECB:
1622 return AesEcbCrypt(key, usageSpec, message, false, cipherText);
1623 #endif
1624 default:
1625 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", usageSpec->mode);
1626 return HKS_ERROR_INVALID_ARGUMENT;
1627 }
1628 }
1629
HksMbedtlsAesDecryptInit(void ** cryptoCtx,const struct HksBlob * key,const struct HksUsageSpec * usageSpec)1630 int32_t HksMbedtlsAesDecryptInit(void **cryptoCtx, const struct HksBlob *key, const struct HksUsageSpec *usageSpec)
1631 {
1632 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckKeySize(key), HKS_ERROR_INVALID_ARGUMENT,
1633 "Invalid aes keySize = 0x%" LOG_PUBLIC "X", key->size)
1634
1635 switch (usageSpec->mode) {
1636 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1637 case HKS_MODE_CBC:
1638 return AesCbcCryptInit(cryptoCtx, key, usageSpec, false);
1639 #endif
1640 #ifdef HKS_SUPPORT_AES_GCM
1641 case HKS_MODE_GCM:
1642 return AesDecryptGcmInit(cryptoCtx, key, usageSpec);
1643 #endif
1644 #ifdef HKS_SUPPORT_AES_CCM
1645 case HKS_MODE_CCM:
1646 return HKS_ERROR_INVALID_ARGUMENT;
1647 #endif
1648 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1649 case HKS_MODE_CTR:
1650 return AesCtrCryptInit(cryptoCtx, usageSpec, key, false);
1651 #endif
1652 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1653 case HKS_MODE_ECB:
1654 return AesEcbCryptInit(cryptoCtx, usageSpec, key, false);
1655 #endif
1656 default:
1657 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", usageSpec->mode);
1658 return HKS_ERROR_INVALID_ARGUMENT;
1659 }
1660 }
1661
HksMbedtlsAesDecryptUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)1662 int32_t HksMbedtlsAesDecryptUpdate(void *cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText)
1663 {
1664 struct HksMbedtlsAesCtx *aesDecryptCtx = (struct HksMbedtlsAesCtx *)cryptoCtx;
1665 switch (aesDecryptCtx->mode) {
1666 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1667 case HKS_MODE_CBC:
1668 return AesCbcCryptUpdate(cryptoCtx, aesDecryptCtx->padding, message, false, cipherText);
1669 #endif
1670 #ifdef HKS_SUPPORT_AES_GCM
1671 case HKS_MODE_GCM:
1672 return AesDecryptGcmUpdate(cryptoCtx, message, cipherText);
1673 #endif
1674 #ifdef HKS_SUPPORT_AES_CCM
1675 case HKS_MODE_CCM:
1676 return HKS_ERROR_INVALID_ARGUMENT;
1677 #endif
1678 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1679 case HKS_MODE_CTR:
1680 return AesCtrCryptUpdate(cryptoCtx, message, cipherText);
1681 #endif
1682 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1683 case HKS_MODE_ECB:
1684 return AesEcbCryptUpdate(cryptoCtx, aesDecryptCtx->padding, message, cipherText);
1685 #endif
1686 default:
1687 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", aesDecryptCtx->mode);
1688 return HKS_ERROR_INVALID_ARGUMENT;
1689 }
1690 }
1691
HksMbedtlsAesDecryptFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)1692 int32_t HksMbedtlsAesDecryptFinal(void **cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText,
1693 struct HksBlob *tagAead)
1694 {
1695 struct HksMbedtlsAesCtx *aesDecryptCtx = (struct HksMbedtlsAesCtx *)*cryptoCtx;
1696
1697 switch (aesDecryptCtx->mode) {
1698 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1699 case HKS_MODE_CBC:
1700 return AesCbcCryptFinal(cryptoCtx, aesDecryptCtx->padding, message, false, cipherText);
1701 #endif
1702 #ifdef HKS_SUPPORT_AES_GCM
1703 case HKS_MODE_GCM:
1704 return AesDecryptGcmFinal(cryptoCtx, message, cipherText, tagAead);
1705 #endif
1706 #ifdef HKS_SUPPORT_AES_CCM
1707 case HKS_MODE_CCM:
1708 return HKS_ERROR_INVALID_ARGUMENT;
1709 #endif
1710 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1711 case HKS_MODE_CTR:
1712 return AesCtrCryptFinal(cryptoCtx, message, cipherText);
1713 #endif
1714 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1715 case HKS_MODE_ECB:
1716 return AesEcbCryptFinal(cryptoCtx, aesDecryptCtx->padding, message, cipherText);
1717 #endif
1718 default:
1719 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", aesDecryptCtx->mode);
1720 return HKS_ERROR_INVALID_ARGUMENT;
1721 }
1722 }
1723
HksMbedtlsAesCryptoInit(void ** cryptoCtx,const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const bool encrypt)1724 int32_t HksMbedtlsAesCryptoInit(void **cryptoCtx, const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
1725 const bool encrypt)
1726 {
1727 if (encrypt) {
1728 return HksMbedtlsAesEncryptInit(cryptoCtx, key, usageSpec);
1729 } else {
1730 return HksMbedtlsAesDecryptInit(cryptoCtx, key, usageSpec);
1731 }
1732 }
1733
HksMbedtlsAesCryptoUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,const bool encrypt)1734 int32_t HksMbedtlsAesCryptoUpdate(void *cryptoCtx, const struct HksBlob *message,
1735 struct HksBlob *cipherText, const bool encrypt)
1736 {
1737 if (encrypt) {
1738 return HksMbedtlsAesEncryptUpdate(cryptoCtx, message, cipherText);
1739 } else {
1740 return HksMbedtlsAesDecryptUpdate(cryptoCtx, message, cipherText);
1741 }
1742 }
1743
HksMbedtlsAesCryptoFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead,const bool encrypt)1744 int32_t HksMbedtlsAesCryptoFinal(void **cryptoCtx, const struct HksBlob *message,
1745 struct HksBlob *cipherText, struct HksBlob *tagAead, const bool encrypt)
1746 {
1747 if (encrypt) {
1748 return HksMbedtlsAesEncryptFinal(cryptoCtx, message, cipherText, tagAead);
1749 } else {
1750 return HksMbedtlsAesDecryptFinal(cryptoCtx, message, cipherText, tagAead);
1751 }
1752 }
1753
1754 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
HksMbedtlsAesHalModecbcFreeCtx(void ** cryptCtx)1755 void HksMbedtlsAesHalModecbcFreeCtx(void **cryptCtx)
1756 {
1757 if (cryptCtx == NULL || *cryptCtx == NULL) {
1758 HKS_LOG_E("FreeCtx cryptCtx param is null");
1759 return;
1760 }
1761
1762 struct HksMbedtlsAesCtx *mbedtlsAesCtx = (struct HksMbedtlsAesCtx *)*cryptCtx;
1763 if (mbedtlsAesCtx->padding == HKS_PADDING_NONE) {
1764 if (mbedtlsAesCtx->append != NULL) {
1765 mbedtls_aes_free((mbedtls_aes_context *)(mbedtlsAesCtx->append));
1766 HKS_FREE(mbedtlsAesCtx->append);
1767 }
1768 } else if (mbedtlsAesCtx->padding == HKS_PADDING_PKCS7) {
1769 if (mbedtlsAesCtx->append != NULL) {
1770 mbedtls_cipher_free((mbedtls_cipher_context_t *)mbedtlsAesCtx->append);
1771 HKS_FREE(mbedtlsAesCtx->append);
1772 }
1773 }
1774 }
1775 #endif
1776 #ifdef HKS_SUPPORT_AES_GCM
HksMbedtlsAesHalModegcmFreeCtx(void ** cryptCtx)1777 void HksMbedtlsAesHalModegcmFreeCtx(void **cryptCtx)
1778 {
1779 if (cryptCtx == NULL || *cryptCtx == NULL) {
1780 HKS_LOG_E("FreeCtx cryptCtx param is null");
1781 return;
1782 }
1783
1784 struct HksMbedtlsAesCtx *mbedtlsAesCtx = (struct HksMbedtlsAesCtx *)*cryptCtx;
1785 if (mbedtlsAesCtx->append != NULL) {
1786 mbedtls_gcm_free((mbedtls_gcm_context *)mbedtlsAesCtx->append);
1787 HKS_FREE(mbedtlsAesCtx->append);
1788 }
1789 }
1790 #endif
1791
1792 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
HksMbedtlsAesHalModectrFreeCtx(void ** cryptCtx)1793 void HksMbedtlsAesHalModectrFreeCtx(void **cryptCtx)
1794 {
1795 if (cryptCtx == NULL || *cryptCtx == NULL) {
1796 HKS_LOG_E("FreeCtx cryptCtx param is null");
1797 return;
1798 }
1799
1800 struct HksMbedtlsAesCtx *mbedtlsAesCtx = (struct HksMbedtlsAesCtx *)*cryptCtx;
1801 if (mbedtlsAesCtx->append != NULL) {
1802 mbedtls_cipher_free((mbedtls_cipher_context_t *)mbedtlsAesCtx->append);
1803 HKS_FREE(mbedtlsAesCtx->append);
1804 }
1805 }
1806 #endif
1807
1808 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
HksMbedtlsAesHalModeecbFreeCtx(void ** cryptCtx)1809 void HksMbedtlsAesHalModeecbFreeCtx(void **cryptCtx)
1810 {
1811 if (cryptCtx == NULL || *cryptCtx == NULL) {
1812 HKS_LOG_E("FreeCtx cryptCtx param is null");
1813 return;
1814 }
1815
1816 struct HksMbedtlsAesCtx *mbedtlsAesCtx = (struct HksMbedtlsAesCtx *)*cryptCtx;
1817 if (mbedtlsAesCtx->padding == HKS_PADDING_NONE) {
1818 if (mbedtlsAesCtx->append != NULL) {
1819 mbedtls_cipher_free((mbedtls_cipher_context_t *)mbedtlsAesCtx->append);
1820 HKS_FREE(mbedtlsAesCtx->append);
1821 }
1822 }
1823 }
1824 #endif
1825
HksMbedtlsAesHalFreeCtx(void ** cryptCtx)1826 void HksMbedtlsAesHalFreeCtx(void **cryptCtx)
1827 {
1828 if (cryptCtx == NULL || *cryptCtx == NULL) {
1829 HKS_LOG_E("FreeCtx param context null");
1830 return;
1831 }
1832
1833 struct HksMbedtlsAesCtx *mbedtlsAesCtx = (struct HksMbedtlsAesCtx *)*cryptCtx;
1834 switch (mbedtlsAesCtx->mode) {
1835 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1836 case HKS_MODE_CBC:
1837 HksMbedtlsAesHalModecbcFreeCtx(cryptCtx);
1838 break;
1839 #endif
1840 #ifdef HKS_SUPPORT_AES_GCM
1841 case HKS_MODE_GCM:
1842 HksMbedtlsAesHalModegcmFreeCtx(cryptCtx);
1843 break;
1844 #endif
1845 #ifdef HKS_SUPPORT_AES_CCM
1846 case HKS_MODE_CCM:
1847 break;
1848 #endif
1849 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1850 case HKS_MODE_CTR:
1851 HksMbedtlsAesHalModectrFreeCtx(cryptCtx);
1852 break;
1853 #endif
1854 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1855 case HKS_MODE_ECB:
1856 HksMbedtlsAesHalModeecbFreeCtx(cryptCtx);
1857 break;
1858 #endif
1859 default:
1860 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", mbedtlsAesCtx->mode);
1861 break;
1862 }
1863
1864 HKS_FREE(*cryptCtx);
1865 }
1866 #endif /* HKS_SUPPORT_AES_C */
1867