1 /*
2 * Copyright (C) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "ecc_asy_key_generator_openssl.h"
17
18 #include "securec.h"
19
20 #include "ecc_openssl_common.h"
21 #include "ecc_openssl_common_param_spec.h"
22 #include "log.h"
23 #include "memory.h"
24 #include "openssl_adapter.h"
25 #include <openssl/param_build.h>
26 #include "utils.h"
27
28 #define OPENSSL_ECC_KEY_GENERATOR_CLASS "OPENSSL.ECC.KEY_GENERATOR_CLASS"
29 #define OPENSSL_ECC_ALGORITHM "EC"
30 #define OPENSSL_ECC_PUB_KEY_FORMAT "X.509"
31 #define OPENSSL_ECC_PRI_KEY_FORMAT "PKCS#8"
32 #define OPENSSL_ECC160_BITS 160
33 #define OPENSSL_ECC192_BITS 192
34 #define OPENSSL_ECC224_BITS 224
35 #define OPENSSL_ECC256_BITS 256
36 #define OPENSSL_ECC320_BITS 320
37 #define OPENSSL_ECC384_BITS 384
38 #define OPENSSL_ECC512_BITS 512
39 #define OPENSSL_ECC521_BITS 521
40
41 #define UNCOMPRESSED_FORMAT "UNCOMPRESSED"
42 #define COMPRESSED_FORMAT "COMPRESSED"
43
44 static const char *g_eccGenerateFieldType = "Fp";
45
46 typedef struct {
47 BIGNUM *p;
48 BIGNUM *b;
49 BIGNUM *x;
50 BIGNUM *y;
51 }HcfBigIntegerParams;
52
53 typedef struct {
54 HcfAsyKeyGeneratorSpi base;
55
56 int32_t curveId;
57 } HcfAsyKeyGeneratorSpiOpensslEccImpl;
58
CheckEc224CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)59 static HcfResult CheckEc224CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
60 {
61 BIGNUM *pStd = OpensslBin2Bn(g_ecc224CorrectBigP, NID_secp224r1_len, NULL);
62 BIGNUM *bStd = OpensslBin2Bn(g_ecc224CorrectBigB, NID_secp224r1_len, NULL);
63 BIGNUM *xStd = OpensslBin2Bn(g_ecc224CorrectBigGX, NID_secp224r1_len, NULL);
64 BIGNUM *yStd = OpensslBin2Bn(g_ecc224CorrectBigGY, NID_secp224r1_len, NULL);
65 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
66 LOGD("[error] EC 224 Curve convert to BN fail");
67 FreeCurveBigNum(pStd, bStd, xStd, yStd);
68 return HCF_ERR_CRYPTO_OPERATION;
69 }
70 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
71 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
72 FreeCurveBigNum(pStd, bStd, xStd, yStd);
73 return HCF_SUCCESS;
74 }
75 LOGD("[error] EC 224 compare fail");
76 FreeCurveBigNum(pStd, bStd, xStd, yStd);
77 return HCF_INVALID_PARAMS;
78 }
79
CheckEc256CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)80 static HcfResult CheckEc256CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
81 {
82 BIGNUM *pStd = OpensslBin2Bn(g_ecc256CorrectBigP, NID_X9_62_prime256v1_len, NULL);
83 BIGNUM *bStd = OpensslBin2Bn(g_ecc256CorrectBigB, NID_X9_62_prime256v1_len, NULL);
84 BIGNUM *xStd = OpensslBin2Bn(g_ecc256CorrectBigGX, NID_X9_62_prime256v1_len, NULL);
85 BIGNUM *yStd = OpensslBin2Bn(g_ecc256CorrectBigGY, NID_X9_62_prime256v1_len, NULL);
86 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
87 LOGD("[error] EC 256 Curve convert to BN fail");
88 FreeCurveBigNum(pStd, bStd, xStd, yStd);
89 return HCF_ERR_CRYPTO_OPERATION;
90 }
91 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
92 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
93 FreeCurveBigNum(pStd, bStd, xStd, yStd);
94 return HCF_SUCCESS;
95 }
96 LOGD("[error] EC 256 compare fail");
97 FreeCurveBigNum(pStd, bStd, xStd, yStd);
98 return HCF_INVALID_PARAMS;
99 }
100
CheckEc384CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)101 static HcfResult CheckEc384CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
102 {
103 BIGNUM *pStd = OpensslBin2Bn(g_ecc384CorrectBigP, NID_secp384r1_len, NULL);
104 BIGNUM *bStd = OpensslBin2Bn(g_ecc384CorrectBigB, NID_secp384r1_len, NULL);
105 BIGNUM *xStd = OpensslBin2Bn(g_ecc384CorrectBigGX, NID_secp384r1_len, NULL);
106 BIGNUM *yStd = OpensslBin2Bn(g_ecc384CorrectBigGY, NID_secp384r1_len, NULL);
107 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
108 LOGD("[error] EC 384 Curve convert to BN fail");
109 FreeCurveBigNum(pStd, bStd, xStd, yStd);
110 return HCF_ERR_CRYPTO_OPERATION;
111 }
112 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
113 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
114 FreeCurveBigNum(pStd, bStd, xStd, yStd);
115 return HCF_SUCCESS;
116 }
117 LOGD("[error] EC 384 compare fail");
118 FreeCurveBigNum(pStd, bStd, xStd, yStd);
119 return HCF_INVALID_PARAMS;
120 }
121
CheckEc521CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)122 static HcfResult CheckEc521CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
123 {
124 BIGNUM *pStd = OpensslBin2Bn(g_ecc521CorrectBigP, NID_secp521r1_len, NULL);
125 BIGNUM *bStd = OpensslBin2Bn(g_ecc521CorrectBigB, NID_secp521r1_len, NULL);
126 BIGNUM *xStd = OpensslBin2Bn(g_ecc521CorrectBigGX, NID_secp521r1_len, NULL);
127 BIGNUM *yStd = OpensslBin2Bn(g_ecc521CorrectBigGY, NID_secp521r1_len, NULL);
128 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
129 LOGD("[error] EC 521 Curve convert to BN fail");
130 FreeCurveBigNum(pStd, bStd, xStd, yStd);
131 return HCF_ERR_CRYPTO_OPERATION;
132 }
133 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
134 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
135 FreeCurveBigNum(pStd, bStd, xStd, yStd);
136 return HCF_SUCCESS;
137 }
138 LOGD("[error] EC 521 compare fail");
139 FreeCurveBigNum(pStd, bStd, xStd, yStd);
140 return HCF_INVALID_PARAMS;
141 }
142
CheckBP160r1CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)143 static HcfResult CheckBP160r1CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
144 {
145 BIGNUM *pStd = OpensslBin2Bn(g_bp160r1CorrectBigP, NID_brainpoolP160r1_len, NULL);
146 BIGNUM *bStd = OpensslBin2Bn(g_bp160r1CorrectBigB, NID_brainpoolP160r1_len, NULL);
147 BIGNUM *xStd = OpensslBin2Bn(g_bp160r1CorrectBigGX, NID_brainpoolP160r1_len, NULL);
148 BIGNUM *yStd = OpensslBin2Bn(g_bp160r1CorrectBigGY, NID_brainpoolP160r1_len, NULL);
149 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
150 LOGD("[error] BP 160r1 Curve convert to BN fail");
151 FreeCurveBigNum(pStd, bStd, xStd, yStd);
152 return HCF_ERR_CRYPTO_OPERATION;
153 }
154 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
155 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
156 FreeCurveBigNum(pStd, bStd, xStd, yStd);
157 return HCF_SUCCESS;
158 }
159 LOGD("[error] BP 160r1 compare fail");
160 FreeCurveBigNum(pStd, bStd, xStd, yStd);
161 return HCF_INVALID_PARAMS;
162 }
163
CheckBP160t1CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)164 static HcfResult CheckBP160t1CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
165 {
166 BIGNUM *pStd = OpensslBin2Bn(g_bp160t1CorrectBigP, NID_brainpoolP160t1_len, NULL);
167 BIGNUM *bStd = OpensslBin2Bn(g_bp160t1CorrectBigB, NID_brainpoolP160t1_len, NULL);
168 BIGNUM *xStd = OpensslBin2Bn(g_bp160t1CorrectBigGX, NID_brainpoolP160t1_len, NULL);
169 BIGNUM *yStd = OpensslBin2Bn(g_bp160t1CorrectBigGY, NID_brainpoolP160t1_len, NULL);
170 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
171 LOGD("[error] BP 160t1 Curve convert to BN fail");
172 FreeCurveBigNum(pStd, bStd, xStd, yStd);
173 return HCF_ERR_CRYPTO_OPERATION;
174 }
175 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
176 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
177 FreeCurveBigNum(pStd, bStd, xStd, yStd);
178 return HCF_SUCCESS;
179 }
180 LOGD("[error] BP 160t1 compare fail");
181 FreeCurveBigNum(pStd, bStd, xStd, yStd);
182 return HCF_INVALID_PARAMS;
183 }
184
CheckBP192r1CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)185 static HcfResult CheckBP192r1CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
186 {
187 BIGNUM *pStd = OpensslBin2Bn(g_bp192r1CorrectBigP, NID_brainpoolP192r1_len, NULL);
188 BIGNUM *bStd = OpensslBin2Bn(g_bp192r1CorrectBigB, NID_brainpoolP192r1_len, NULL);
189 BIGNUM *xStd = OpensslBin2Bn(g_bp192r1CorrectBigGX, NID_brainpoolP192r1_len, NULL);
190 BIGNUM *yStd = OpensslBin2Bn(g_bp192r1CorrectBigGY, NID_brainpoolP192r1_len, NULL);
191 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
192 LOGD("[error] BP 192r1 Curve convert to BN fail");
193 FreeCurveBigNum(pStd, bStd, xStd, yStd);
194 return HCF_ERR_CRYPTO_OPERATION;
195 }
196 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
197 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
198 FreeCurveBigNum(pStd, bStd, xStd, yStd);
199 return HCF_SUCCESS;
200 }
201 LOGD("[error] BP 192r1 compare fail");
202 FreeCurveBigNum(pStd, bStd, xStd, yStd);
203 return HCF_INVALID_PARAMS;
204 }
205
CheckBP192t1CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)206 static HcfResult CheckBP192t1CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
207 {
208 BIGNUM *pStd = OpensslBin2Bn(g_bp192t1CorrectBigP, NID_brainpoolP192t1_len, NULL);
209 BIGNUM *bStd = OpensslBin2Bn(g_bp192t1CorrectBigB, NID_brainpoolP192t1_len, NULL);
210 BIGNUM *xStd = OpensslBin2Bn(g_bp192t1CorrectBigGX, NID_brainpoolP192t1_len, NULL);
211 BIGNUM *yStd = OpensslBin2Bn(g_bp192t1CorrectBigGY, NID_brainpoolP192t1_len, NULL);
212 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
213 LOGD("[error] BP 192t1 Curve convert to BN fail");
214 FreeCurveBigNum(pStd, bStd, xStd, yStd);
215 return HCF_ERR_CRYPTO_OPERATION;
216 }
217 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
218 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
219 FreeCurveBigNum(pStd, bStd, xStd, yStd);
220 return HCF_SUCCESS;
221 }
222 LOGD("[error] BP 192t1 compare fail");
223 FreeCurveBigNum(pStd, bStd, xStd, yStd);
224 return HCF_INVALID_PARAMS;
225 }
226
CheckBP224r1CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)227 static HcfResult CheckBP224r1CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
228 {
229 BIGNUM *pStd = OpensslBin2Bn(g_bp224r1CorrectBigP, NID_brainpoolP224r1_len, NULL);
230 BIGNUM *bStd = OpensslBin2Bn(g_bp224r1CorrectBigB, NID_brainpoolP224r1_len, NULL);
231 BIGNUM *xStd = OpensslBin2Bn(g_bp224r1CorrectBigGX, NID_brainpoolP224r1_len, NULL);
232 BIGNUM *yStd = OpensslBin2Bn(g_bp224r1CorrectBigGY, NID_brainpoolP224r1_len, NULL);
233 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
234 LOGD("[error] BP 224r1 Curve convert to BN fail");
235 FreeCurveBigNum(pStd, bStd, xStd, yStd);
236 return HCF_ERR_CRYPTO_OPERATION;
237 }
238 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
239 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
240 FreeCurveBigNum(pStd, bStd, xStd, yStd);
241 return HCF_SUCCESS;
242 }
243 LOGD("[error] BP 224r1 compare fail");
244 FreeCurveBigNum(pStd, bStd, xStd, yStd);
245 return HCF_INVALID_PARAMS;
246 }
247
CheckBP224t1CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)248 static HcfResult CheckBP224t1CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
249 {
250 BIGNUM *pStd = OpensslBin2Bn(g_bp224t1CorrectBigP, NID_brainpoolP224t1_len, NULL);
251 BIGNUM *bStd = OpensslBin2Bn(g_bp224t1CorrectBigB, NID_brainpoolP224t1_len, NULL);
252 BIGNUM *xStd = OpensslBin2Bn(g_bp224t1CorrectBigGX, NID_brainpoolP224t1_len, NULL);
253 BIGNUM *yStd = OpensslBin2Bn(g_bp224t1CorrectBigGY, NID_brainpoolP224t1_len, NULL);
254 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
255 LOGD("[error] BP 224t1 Curve convert to BN fail");
256 FreeCurveBigNum(pStd, bStd, xStd, yStd);
257 return HCF_ERR_CRYPTO_OPERATION;
258 }
259 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
260 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
261 FreeCurveBigNum(pStd, bStd, xStd, yStd);
262 return HCF_SUCCESS;
263 }
264 LOGD("[error] BP 224t1 compare fail");
265 FreeCurveBigNum(pStd, bStd, xStd, yStd);
266 return HCF_INVALID_PARAMS;
267 }
268
CheckBP256r1CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)269 static HcfResult CheckBP256r1CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
270 {
271 BIGNUM *pStd = OpensslBin2Bn(g_bp256r1CorrectBigP, NID_brainpoolP256r1_len, NULL);
272 BIGNUM *bStd = OpensslBin2Bn(g_bp256r1CorrectBigB, NID_brainpoolP256r1_len, NULL);
273 BIGNUM *xStd = OpensslBin2Bn(g_bp256r1CorrectBigGX, NID_brainpoolP256r1_len, NULL);
274 BIGNUM *yStd = OpensslBin2Bn(g_bp256r1CorrectBigGY, NID_brainpoolP256r1_len, NULL);
275 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
276 LOGD("[error] BP 256r1 Curve convert to BN fail");
277 FreeCurveBigNum(pStd, bStd, xStd, yStd);
278 return HCF_ERR_CRYPTO_OPERATION;
279 }
280 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
281 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
282 FreeCurveBigNum(pStd, bStd, xStd, yStd);
283 return HCF_SUCCESS;
284 }
285 LOGD("[error] BP 256r1 compare fail");
286 FreeCurveBigNum(pStd, bStd, xStd, yStd);
287 return HCF_INVALID_PARAMS;
288 }
289
CheckBP256t1CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)290 static HcfResult CheckBP256t1CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
291 {
292 BIGNUM *pStd = OpensslBin2Bn(g_bp256t1CorrectBigP, NID_brainpoolP256t1_len, NULL);
293 BIGNUM *bStd = OpensslBin2Bn(g_bp256t1CorrectBigB, NID_brainpoolP256t1_len, NULL);
294 BIGNUM *xStd = OpensslBin2Bn(g_bp256t1CorrectBigGX, NID_brainpoolP256t1_len, NULL);
295 BIGNUM *yStd = OpensslBin2Bn(g_bp256t1CorrectBigGY, NID_brainpoolP256t1_len, NULL);
296 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
297 LOGD("[error] BP 256t1 Curve convert to BN fail");
298 FreeCurveBigNum(pStd, bStd, xStd, yStd);
299 return HCF_ERR_CRYPTO_OPERATION;
300 }
301 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
302 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
303 FreeCurveBigNum(pStd, bStd, xStd, yStd);
304 return HCF_SUCCESS;
305 }
306 FreeCurveBigNum(pStd, bStd, xStd, yStd);
307 return HCF_INVALID_PARAMS;
308 }
309
CheckSecp256k1CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)310 static HcfResult CheckSecp256k1CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
311 {
312 BIGNUM *pStd = OpensslBin2Bn(g_secp256k1CorrectBigP, NID_secp256k1_len, NULL);
313 BIGNUM *bStd = OpensslBin2Bn(g_secp256k1CorrectBigB, NID_secp256k1_len, NULL);
314 BIGNUM *xStd = OpensslBin2Bn(g_secp256k1CorrectBigGX, NID_secp256k1_len, NULL);
315 BIGNUM *yStd = OpensslBin2Bn(g_secp256k1CorrectBigGY, NID_secp256k1_len, NULL);
316 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
317 LOGD("[error] Secp256k1 Curve convert to BN fail");
318 FreeCurveBigNum(pStd, bStd, xStd, yStd);
319 return HCF_ERR_CRYPTO_OPERATION;
320 }
321 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
322 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
323 FreeCurveBigNum(pStd, bStd, xStd, yStd);
324 return HCF_SUCCESS;
325 }
326 FreeCurveBigNum(pStd, bStd, xStd, yStd);
327 return HCF_INVALID_PARAMS;
328 }
329
CheckBP320r1CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)330 static HcfResult CheckBP320r1CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
331 {
332 BIGNUM *pStd = OpensslBin2Bn(g_bp320r1CorrectBigP, NID_brainpoolP320r1_len, NULL);
333 BIGNUM *bStd = OpensslBin2Bn(g_bp320r1CorrectBigB, NID_brainpoolP320r1_len, NULL);
334 BIGNUM *xStd = OpensslBin2Bn(g_bp320r1CorrectBigGX, NID_brainpoolP320r1_len, NULL);
335 BIGNUM *yStd = OpensslBin2Bn(g_bp320r1CorrectBigGY, NID_brainpoolP320r1_len, NULL);
336 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
337 LOGD("[error] BP 320r1 Curve convert to BN fail");
338 FreeCurveBigNum(pStd, bStd, xStd, yStd);
339 return HCF_ERR_CRYPTO_OPERATION;
340 }
341 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
342 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
343 FreeCurveBigNum(pStd, bStd, xStd, yStd);
344 return HCF_SUCCESS;
345 }
346 FreeCurveBigNum(pStd, bStd, xStd, yStd);
347 return HCF_INVALID_PARAMS;
348 }
349
CheckBP320t1CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)350 static HcfResult CheckBP320t1CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
351 {
352 BIGNUM *pStd = OpensslBin2Bn(g_bp320t1CorrectBigP, NID_brainpoolP320t1_len, NULL);
353 BIGNUM *bStd = OpensslBin2Bn(g_bp320t1CorrectBigB, NID_brainpoolP320t1_len, NULL);
354 BIGNUM *xStd = OpensslBin2Bn(g_bp320t1CorrectBigGX, NID_brainpoolP320t1_len, NULL);
355 BIGNUM *yStd = OpensslBin2Bn(g_bp320t1CorrectBigGY, NID_brainpoolP320t1_len, NULL);
356 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
357 LOGD("[error] BP 320t1 Curve convert to BN fail");
358 FreeCurveBigNum(pStd, bStd, xStd, yStd);
359 return HCF_ERR_CRYPTO_OPERATION;
360 }
361 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
362 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
363 FreeCurveBigNum(pStd, bStd, xStd, yStd);
364 return HCF_SUCCESS;
365 }
366 FreeCurveBigNum(pStd, bStd, xStd, yStd);
367 return HCF_INVALID_PARAMS;
368 }
369
CheckBP384r1CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)370 static HcfResult CheckBP384r1CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
371 {
372 BIGNUM *pStd = OpensslBin2Bn(g_bp384r1CorrectBigP, NID_brainpoolP384r1_len, NULL);
373 BIGNUM *bStd = OpensslBin2Bn(g_bp384r1CorrectBigB, NID_brainpoolP384r1_len, NULL);
374 BIGNUM *xStd = OpensslBin2Bn(g_bp384r1CorrectBigGX, NID_brainpoolP384r1_len, NULL);
375 BIGNUM *yStd = OpensslBin2Bn(g_bp384r1CorrectBigGY, NID_brainpoolP384r1_len, NULL);
376 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
377 LOGD("[error] BP 384r1 Curve convert to BN fail");
378 FreeCurveBigNum(pStd, bStd, xStd, yStd);
379 return HCF_ERR_CRYPTO_OPERATION;
380 }
381 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
382 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
383 FreeCurveBigNum(pStd, bStd, xStd, yStd);
384 return HCF_SUCCESS;
385 }
386 FreeCurveBigNum(pStd, bStd, xStd, yStd);
387 return HCF_INVALID_PARAMS;
388 }
389
CheckBP384t1CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)390 static HcfResult CheckBP384t1CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
391 {
392 BIGNUM *pStd = OpensslBin2Bn(g_bp384t1CorrectBigP, NID_brainpoolP384t1_len, NULL);
393 BIGNUM *bStd = OpensslBin2Bn(g_bp384t1CorrectBigB, NID_brainpoolP384t1_len, NULL);
394 BIGNUM *xStd = OpensslBin2Bn(g_bp384t1CorrectBigGX, NID_brainpoolP384t1_len, NULL);
395 BIGNUM *yStd = OpensslBin2Bn(g_bp384t1CorrectBigGY, NID_brainpoolP384t1_len, NULL);
396 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
397 LOGD("[error] BP 384t1 Curve convert to BN fail");
398 FreeCurveBigNum(pStd, bStd, xStd, yStd);
399 return HCF_ERR_CRYPTO_OPERATION;
400 }
401 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
402 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
403 FreeCurveBigNum(pStd, bStd, xStd, yStd);
404 return HCF_SUCCESS;
405 }
406 FreeCurveBigNum(pStd, bStd, xStd, yStd);
407 return HCF_INVALID_PARAMS;
408 }
409
CheckBP512r1CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)410 static HcfResult CheckBP512r1CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
411 {
412 BIGNUM *pStd = OpensslBin2Bn(g_bp512r1CorrectBigP, NID_brainpoolP512r1_len, NULL);
413 BIGNUM *bStd = OpensslBin2Bn(g_bp512r1CorrectBigB, NID_brainpoolP512r1_len, NULL);
414 BIGNUM *xStd = OpensslBin2Bn(g_bp512r1CorrectBigGX, NID_brainpoolP512r1_len, NULL);
415 BIGNUM *yStd = OpensslBin2Bn(g_bp512r1CorrectBigGY, NID_brainpoolP512r1_len, NULL);
416 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
417 LOGD("[error] BP 512r1 Curve convert to BN fail");
418 FreeCurveBigNum(pStd, bStd, xStd, yStd);
419 return HCF_ERR_CRYPTO_OPERATION;
420 }
421 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
422 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
423 FreeCurveBigNum(pStd, bStd, xStd, yStd);
424 return HCF_SUCCESS;
425 }
426 FreeCurveBigNum(pStd, bStd, xStd, yStd);
427 return HCF_INVALID_PARAMS;
428 }
429
CheckBP512t1CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)430 static HcfResult CheckBP512t1CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
431 {
432 BIGNUM *pStd = OpensslBin2Bn(g_bp512t1CorrectBigP, NID_brainpoolP512t1_len, NULL);
433 BIGNUM *bStd = OpensslBin2Bn(g_bp512t1CorrectBigB, NID_brainpoolP512t1_len, NULL);
434 BIGNUM *xStd = OpensslBin2Bn(g_bp512t1CorrectBigGX, NID_brainpoolP512t1_len, NULL);
435 BIGNUM *yStd = OpensslBin2Bn(g_bp512t1CorrectBigGY, NID_brainpoolP512t1_len, NULL);
436 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
437 LOGD("[error] BP 512t1 Curve convert to BN fail");
438 FreeCurveBigNum(pStd, bStd, xStd, yStd);
439 return HCF_ERR_CRYPTO_OPERATION;
440 }
441 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
442 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
443 FreeCurveBigNum(pStd, bStd, xStd, yStd);
444 return HCF_SUCCESS;
445 }
446 FreeCurveBigNum(pStd, bStd, xStd, yStd);
447 return HCF_INVALID_PARAMS;
448 }
449
CompareOpenssl160BitsType(const HcfEccCommParamsSpec * ecParams,int32_t * curveId,HcfBigIntegerParams * bigIntegerParams)450 static HcfResult CompareOpenssl160BitsType(const HcfEccCommParamsSpec *ecParams, int32_t *curveId,
451 HcfBigIntegerParams *bigIntegerParams)
452 {
453 if (CheckBP160r1CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x,
454 bigIntegerParams->y) == HCF_SUCCESS) {
455 *curveId = NID_brainpoolP160r1;
456 return HCF_SUCCESS;
457 } else if (CheckBP160t1CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x,
458 bigIntegerParams->y) == HCF_SUCCESS) {
459 *curveId = NID_brainpoolP160t1;
460 return HCF_SUCCESS;
461 }
462 return HCF_NOT_SUPPORT;
463 }
464
CompareOpenssl192BitsType(const HcfEccCommParamsSpec * ecParams,int32_t * curveId,HcfBigIntegerParams * bigIntegerParams)465 static HcfResult CompareOpenssl192BitsType(const HcfEccCommParamsSpec *ecParams, int32_t *curveId,
466 HcfBigIntegerParams *bigIntegerParams)
467 {
468 if (CheckBP192r1CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x,
469 bigIntegerParams->y) == HCF_SUCCESS) {
470 *curveId = NID_brainpoolP192r1;
471 return HCF_SUCCESS;
472 } else if (CheckBP192t1CurveId(bigIntegerParams->p, bigIntegerParams->b,
473 bigIntegerParams->x, bigIntegerParams->y) == HCF_SUCCESS) {
474 *curveId = NID_brainpoolP192t1;
475 return HCF_SUCCESS;
476 }
477 return HCF_NOT_SUPPORT;
478 }
479
CompareOpenssl224BitsType(const HcfEccCommParamsSpec * ecParams,int32_t * curveId,HcfBigIntegerParams * bigIntegerParams)480 static HcfResult CompareOpenssl224BitsType(const HcfEccCommParamsSpec *ecParams, int32_t *curveId,
481 HcfBigIntegerParams *bigIntegerParams)
482 {
483 HcfResult res = HCF_INVALID_PARAMS;
484 res = CheckEc224CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x, bigIntegerParams->y);
485 if (res == HCF_SUCCESS) {
486 *curveId = NID_secp224r1;
487 return res;
488 } else if (CheckBP224r1CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x,
489 bigIntegerParams->y) == HCF_SUCCESS) {
490 *curveId = NID_brainpoolP224r1;
491 return HCF_SUCCESS;
492 } else if (CheckBP224t1CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x,
493 bigIntegerParams->y) == HCF_SUCCESS) {
494 *curveId = NID_brainpoolP224t1;
495 return HCF_SUCCESS;
496 }
497 return HCF_NOT_SUPPORT;
498 }
499
CompareOpenssl256BitsType(const HcfEccCommParamsSpec * ecParams,int32_t * curveId,HcfBigIntegerParams * bigIntegerParams)500 static HcfResult CompareOpenssl256BitsType(const HcfEccCommParamsSpec *ecParams, int32_t *curveId,
501 HcfBigIntegerParams *bigIntegerParams)
502 {
503 HcfResult res = HCF_INVALID_PARAMS;
504 res = CheckEc256CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x, bigIntegerParams->y);
505 if (res == HCF_SUCCESS) {
506 *curveId = NID_X9_62_prime256v1;
507 return res;
508 } else if (CheckBP256r1CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x,
509 bigIntegerParams->y) == HCF_SUCCESS) {
510 *curveId = NID_brainpoolP256r1;
511 return HCF_SUCCESS;
512 } else if (CheckBP256t1CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x,
513 bigIntegerParams->y) == HCF_SUCCESS) {
514 *curveId = NID_brainpoolP256t1;
515 return HCF_SUCCESS;
516 } else if (CheckSecp256k1CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x,
517 bigIntegerParams->y) == HCF_SUCCESS) {
518 *curveId = NID_secp256k1;
519 return HCF_SUCCESS;
520 }
521 return HCF_NOT_SUPPORT;
522 }
523
CompareOpenssl320BitsType(const HcfEccCommParamsSpec * ecParams,int32_t * curveId,HcfBigIntegerParams * bigIntegerParams)524 static HcfResult CompareOpenssl320BitsType(const HcfEccCommParamsSpec *ecParams, int32_t *curveId,
525 HcfBigIntegerParams *bigIntegerParams)
526 {
527 if (CheckBP320r1CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x,
528 bigIntegerParams->y) == HCF_SUCCESS) {
529 *curveId = NID_brainpoolP320r1;
530 return HCF_SUCCESS;
531 } else if (CheckBP320t1CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x,
532 bigIntegerParams->y) == HCF_SUCCESS) {
533 *curveId = NID_brainpoolP320t1;
534 return HCF_SUCCESS;
535 }
536 return HCF_NOT_SUPPORT;
537 }
538
CompareOpenssl384BitsType(const HcfEccCommParamsSpec * ecParams,int32_t * curveId,HcfBigIntegerParams * bigIntegerParams)539 static HcfResult CompareOpenssl384BitsType(const HcfEccCommParamsSpec *ecParams, int32_t *curveId,
540 HcfBigIntegerParams *bigIntegerParams)
541 {
542 HcfResult res = HCF_INVALID_PARAMS;
543 res = CheckBP384r1CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x, bigIntegerParams->y);
544 if (res == HCF_SUCCESS) {
545 *curveId = NID_brainpoolP384r1;
546 return res;
547 } else if (CheckEc384CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x,
548 bigIntegerParams->y) == HCF_SUCCESS) {
549 *curveId = NID_secp384r1;
550 return HCF_SUCCESS;
551 } else if (CheckBP384t1CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x,
552 bigIntegerParams->y) == HCF_SUCCESS) {
553 *curveId = NID_brainpoolP384t1;
554 return HCF_SUCCESS;
555 }
556 return HCF_NOT_SUPPORT;
557 }
558
CompareOpenssl512BitsType(const HcfEccCommParamsSpec * ecParams,int32_t * curveId,HcfBigIntegerParams * bigIntegerParams)559 static HcfResult CompareOpenssl512BitsType(const HcfEccCommParamsSpec *ecParams, int32_t *curveId,
560 HcfBigIntegerParams *bigIntegerParams)
561 {
562 if (CheckBP512r1CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x,
563 bigIntegerParams->y) == HCF_SUCCESS) {
564 *curveId = NID_brainpoolP512r1;
565 return HCF_SUCCESS;
566 } else if (CheckBP512t1CurveId(bigIntegerParams->p, bigIntegerParams->b, bigIntegerParams->x,
567 bigIntegerParams->y) == HCF_SUCCESS) {
568 *curveId = NID_brainpoolP512t1;
569 return HCF_SUCCESS;
570 }
571 return HCF_NOT_SUPPORT;
572 }
573
CompareOpenssl521BitsType(const HcfEccCommParamsSpec * ecParams,int32_t * curveId,HcfBigIntegerParams * bigIntegerParams)574 static HcfResult CompareOpenssl521BitsType(const HcfEccCommParamsSpec *ecParams, int32_t *curveId,
575 HcfBigIntegerParams *bigIntegerParams)
576 {
577 HcfResult res = CheckEc521CurveId(bigIntegerParams->p, bigIntegerParams->b,
578 bigIntegerParams->x, bigIntegerParams->y);
579 if (res == HCF_SUCCESS) {
580 *curveId = NID_secp521r1;
581 return res;
582 }
583 return HCF_NOT_SUPPORT;
584 }
585
CheckParamsSpecToGetCurveId(const HcfEccCommParamsSpec * ecParams,int32_t * curveId)586 static HcfResult CheckParamsSpecToGetCurveId(const HcfEccCommParamsSpec *ecParams, int32_t *curveId)
587 {
588 HcfBigIntegerParams bigIntegerParams;
589 bigIntegerParams.p = NULL;
590 bigIntegerParams.b = NULL;
591 bigIntegerParams.x = NULL;
592 bigIntegerParams.y = NULL;
593 HcfECFieldFp *field = (HcfECFieldFp *)(ecParams->field);
594 if (BigIntegerToBigNum(&(field->p), &(bigIntegerParams.p)) != HCF_SUCCESS ||
595 BigIntegerToBigNum(&(ecParams->b), &(bigIntegerParams.b)) != HCF_SUCCESS ||
596 BigIntegerToBigNum(&(ecParams->g.x), &(bigIntegerParams.x)) != HCF_SUCCESS ||
597 BigIntegerToBigNum(&(ecParams->g.y), &(bigIntegerParams.y)) != HCF_SUCCESS) {
598 LOGD("[error] BigIntegerToBigNum failed.");
599 FreeCurveBigNum(bigIntegerParams.p, bigIntegerParams.b, bigIntegerParams.x, bigIntegerParams.y);
600 return HCF_ERR_CRYPTO_OPERATION;
601 }
602
603 int32_t bitLenP = (int32_t)OpensslBnNumBits(bigIntegerParams.p);
604 HcfResult res = HCF_INVALID_PARAMS;
605 switch (bitLenP) {
606 case OPENSSL_ECC160_BITS:
607 res = CompareOpenssl160BitsType(ecParams, curveId, &bigIntegerParams);
608 break;
609 case OPENSSL_ECC192_BITS:
610 res = CompareOpenssl192BitsType(ecParams, curveId, &bigIntegerParams);
611 break;
612 case OPENSSL_ECC224_BITS:
613 res = CompareOpenssl224BitsType(ecParams, curveId, &bigIntegerParams);
614 break;
615 case OPENSSL_ECC256_BITS:
616 res = CompareOpenssl256BitsType(ecParams, curveId, &bigIntegerParams);
617 break;
618 case OPENSSL_ECC320_BITS:
619 res = CompareOpenssl320BitsType(ecParams, curveId, &bigIntegerParams);
620 break;
621 case OPENSSL_ECC384_BITS:
622 res = CompareOpenssl384BitsType(ecParams, curveId, &bigIntegerParams);
623 break;
624 case OPENSSL_ECC512_BITS:
625 res = CompareOpenssl512BitsType(ecParams, curveId, &bigIntegerParams);
626 break;
627 case OPENSSL_ECC521_BITS:
628 res = CompareOpenssl521BitsType(ecParams, curveId, &bigIntegerParams);
629 break;
630 default:
631 LOGE("Find no bit len:%{public}d", bitLenP);
632 break;
633 }
634 FreeCurveBigNum(bigIntegerParams.p, bigIntegerParams.b, bigIntegerParams.x, bigIntegerParams.y);
635 return res;
636 }
637
GenerateEcKeyWithParamsSpec(const HcfEccCommParamsSpec * ecParams,EC_KEY ** returnKey)638 static HcfResult GenerateEcKeyWithParamsSpec(const HcfEccCommParamsSpec *ecParams, EC_KEY **returnKey)
639 {
640 if (ecParams == NULL || returnKey == NULL) {
641 LOGE("Invalid input parameters.");
642 return HCF_INVALID_PARAMS;
643 }
644 EC_KEY *ecKey = NULL;
645 int32_t curveId = 0;
646 HcfResult ret = CheckParamsSpecToGetCurveId(ecParams, &curveId);
647 if (ret == HCF_SUCCESS && curveId != 0) {
648 ecKey = OpensslEcKeyNewByCurveName(curveId);
649 LOGD("generate EC_KEY by curve name");
650 if (ecKey == NULL) {
651 LOGD("[error] new ec key failed.");
652 return HCF_ERR_CRYPTO_OPERATION;
653 }
654 } else {
655 EC_GROUP *group = NULL;
656 ret = GenerateEcGroupWithParamsSpec(ecParams, &group);
657 if (ret != HCF_SUCCESS) {
658 LOGD("[error] GenerateEcGroupWithParamsSpec failed.");
659 return ret;
660 }
661 ecKey = OpensslEcKeyNew();
662 if (ecKey == NULL) {
663 LOGD("[error] OpensslEcKeyNew failed.");
664 OpensslEcGroupFree(group);
665 return HCF_ERR_CRYPTO_OPERATION;
666 }
667 if (OpensslEcKeySetGroup(ecKey, group) != HCF_OPENSSL_SUCCESS) {
668 LOGD("[error] OpensslEcKeySetGroup failed.");
669 OpensslEcGroupFree(group);
670 OpensslEcKeyFree(ecKey);
671 return HCF_ERR_CRYPTO_OPERATION;
672 }
673 OpensslEcGroupFree(group);
674 LOGD("generate EC_KEY by group spec parmas");
675 }
676 // all exceptions have been returned above.
677 *returnKey = ecKey;
678 return HCF_SUCCESS;
679 }
680
NewEcKeyPairWithCommSpec(const HcfEccCommParamsSpec * ecParams,EC_KEY ** returnEckey)681 static HcfResult NewEcKeyPairWithCommSpec(const HcfEccCommParamsSpec *ecParams, EC_KEY **returnEckey)
682 {
683 if (ecParams == NULL || returnEckey == NULL) {
684 LOGE("Invalid input parameters.");
685 return HCF_INVALID_PARAMS;
686 }
687 EC_KEY *ecKey = NULL;
688 HcfResult ret = GenerateEcKeyWithParamsSpec(ecParams, &ecKey);
689 if (ret != HCF_SUCCESS) {
690 LOGE("generate EC key fails");
691 return ret;
692 }
693 if (OpensslEcKeyGenerateKey(ecKey) != HCF_OPENSSL_SUCCESS) {
694 LOGD("[error] OpensslEcKeyGenerateKey failed.");
695 OpensslEcKeyFree(ecKey);
696 return HCF_ERR_CRYPTO_OPERATION;
697 }
698
699 if (OpensslEcKeyCheckKey(ecKey) <= 0) {
700 LOGD("[error] Check key fail.");
701 OpensslEcKeyFree(ecKey);
702 return HCF_ERR_CRYPTO_OPERATION;
703 }
704 *returnEckey = ecKey;
705 return ret;
706 }
707
NewEcPubKeyWithPubSpec(const HcfEccPubKeyParamsSpec * ecParams,EC_KEY ** returnEcKey)708 static HcfResult NewEcPubKeyWithPubSpec(const HcfEccPubKeyParamsSpec *ecParams, EC_KEY **returnEcKey)
709 {
710 if (ecParams == NULL || returnEcKey == NULL) {
711 LOGE("Invalid input parameters.");
712 return HCF_INVALID_PARAMS;
713 }
714 EC_KEY *ecKey = NULL;
715 HcfResult ret = GenerateEcKeyWithParamsSpec((HcfEccCommParamsSpec *)ecParams, &ecKey);
716 if (ret != HCF_SUCCESS) {
717 LOGE("generate EC key fails");
718 return ret;
719 }
720 ret = SetEcKey(&(ecParams->pk), NULL, ecKey);
721 if (ret != HCF_SUCCESS) {
722 LOGD("[error] Set pub ecKey failed.");
723 OpensslEcKeyFree(ecKey);
724 return HCF_ERR_CRYPTO_OPERATION;
725 }
726
727 if (OpensslEcKeyCheckKey(ecKey) <= 0) {
728 LOGD("[error] Check key fail.");
729 OpensslEcKeyFree(ecKey);
730 return HCF_ERR_CRYPTO_OPERATION;
731 }
732 *returnEcKey = ecKey;
733 return ret;
734 }
735
NewEcPriKeyWithPriSpec(const HcfEccPriKeyParamsSpec * ecParams,EC_KEY ** returnEcKey)736 static HcfResult NewEcPriKeyWithPriSpec(const HcfEccPriKeyParamsSpec *ecParams, EC_KEY **returnEcKey)
737 {
738 if (ecParams == NULL || returnEcKey == NULL) {
739 LOGE("Invalid input parameters.");
740 return HCF_INVALID_PARAMS;
741 }
742 EC_KEY *ecKey = NULL;
743 HcfResult ret = GenerateEcKeyWithParamsSpec((HcfEccCommParamsSpec *)ecParams, &ecKey);
744 if (ret != HCF_SUCCESS) {
745 LOGE("generate EC key fails");
746 return ret;
747 }
748 ret = SetEcKey(NULL, &(ecParams->sk), ecKey);
749 if (ret != HCF_SUCCESS) {
750 LOGD("[error] Set pri ecKey failed.");
751 OpensslEcKeyFree(ecKey);
752 return HCF_ERR_CRYPTO_OPERATION;
753 }
754
755 if (OpensslEcKeyCheckKey(ecKey) <= 0) {
756 LOGD("[error] Check key fail.");
757 OpensslEcKeyFree(ecKey);
758 return HCF_ERR_CRYPTO_OPERATION;
759 }
760 *returnEcKey = ecKey;
761 return ret;
762 }
763
NewEcKeyWithKeyPairSpec(const HcfEccKeyPairParamsSpec * ecParams,EC_KEY ** returnEcKey,bool needPrivate)764 static HcfResult NewEcKeyWithKeyPairSpec(const HcfEccKeyPairParamsSpec *ecParams, EC_KEY **returnEcKey,
765 bool needPrivate)
766 {
767 if (ecParams == NULL || returnEcKey == NULL) {
768 LOGE("Invalid input parameters.");
769 return HCF_INVALID_PARAMS;
770 }
771 EC_KEY *ecKey = NULL;
772 HcfResult ret = GenerateEcKeyWithParamsSpec((HcfEccCommParamsSpec *)ecParams, &ecKey);
773 if (ret != HCF_SUCCESS) {
774 LOGE("generate EC key fails");
775 return ret;
776 }
777 if (needPrivate) {
778 ret = SetEcKey(&(ecParams->pk), &(ecParams->sk), ecKey);
779 } else {
780 ret = SetEcKey(&(ecParams->pk), NULL, ecKey);
781 }
782 if (ret != HCF_SUCCESS) {
783 LOGD("[error] SetEcKey failed.");
784 OpensslEcKeyFree(ecKey);
785 return HCF_ERR_CRYPTO_OPERATION;
786 }
787
788 if (OpensslEcKeyCheckKey(ecKey) <= 0) {
789 LOGD("[error] Check key fail.");
790 OpensslEcKeyFree(ecKey);
791 return HCF_ERR_CRYPTO_OPERATION;
792 }
793 *returnEcKey = ecKey;
794 return ret;
795 }
796
GenKeyPairEcKeyBySpec(const HcfAsyKeyParamsSpec * params,EC_KEY ** ecKey)797 static HcfResult GenKeyPairEcKeyBySpec(const HcfAsyKeyParamsSpec *params, EC_KEY **ecKey)
798 {
799 HcfResult ret = HCF_INVALID_PARAMS;
800 switch (params->specType) {
801 case HCF_COMMON_PARAMS_SPEC:
802 ret = NewEcKeyPairWithCommSpec((HcfEccCommParamsSpec *)params, ecKey);
803 break;
804 case HCF_KEY_PAIR_SPEC:
805 ret = NewEcKeyWithKeyPairSpec((HcfEccKeyPairParamsSpec *)params, ecKey, true);
806 break;
807 default:
808 LOGE("Invaild input spec to gen key pair.");
809 break;
810 }
811 return ret;
812 }
813
GenPubKeyEcKeyBySpec(const HcfAsyKeyParamsSpec * params,EC_KEY ** ecKey)814 static HcfResult GenPubKeyEcKeyBySpec(const HcfAsyKeyParamsSpec *params, EC_KEY **ecKey)
815 {
816 HcfResult ret = HCF_INVALID_PARAMS;
817 switch (params->specType) {
818 case HCF_PUBLIC_KEY_SPEC:
819 ret = NewEcPubKeyWithPubSpec((HcfEccPubKeyParamsSpec *)params, ecKey);
820 break;
821 case HCF_KEY_PAIR_SPEC:
822 ret = NewEcKeyWithKeyPairSpec((HcfEccKeyPairParamsSpec *)params, ecKey, false);
823 break;
824 default:
825 LOGE("Invaild input spec to gen pub key");
826 break;
827 }
828 return ret;
829 }
830
GenPriKeyEcKeyBySpec(const HcfAsyKeyParamsSpec * params,EC_KEY ** ecKey)831 static HcfResult GenPriKeyEcKeyBySpec(const HcfAsyKeyParamsSpec *params, EC_KEY **ecKey)
832 {
833 HcfResult ret = HCF_INVALID_PARAMS;
834 switch (params->specType) {
835 case HCF_PRIVATE_KEY_SPEC:
836 ret = NewEcPriKeyWithPriSpec((HcfEccPriKeyParamsSpec *)params, ecKey);
837 break;
838 case HCF_KEY_PAIR_SPEC:
839 ret = NewEcKeyWithKeyPairSpec((HcfEccKeyPairParamsSpec *)params, ecKey, true);
840 break;
841 default:
842 LOGE("Invaild input spec to gen pri key");
843 break;
844 }
845 return ret;
846 }
847
GetEccKeyPairGeneratorClass(void)848 static const char *GetEccKeyPairGeneratorClass(void)
849 {
850 return OPENSSL_ECC_KEY_GENERATOR_CLASS;
851 }
852
GetEccKeyPairClass(void)853 static const char *GetEccKeyPairClass(void)
854 {
855 return HCF_OPENSSL_ECC_KEY_PAIR_CLASS;
856 }
857
GetEccPubKeyClass(void)858 static const char *GetEccPubKeyClass(void)
859 {
860 return HCF_OPENSSL_ECC_PUB_KEY_CLASS;
861 }
862
GetEccPriKeyClass(void)863 static const char *GetEccPriKeyClass(void)
864 {
865 return HCF_OPENSSL_ECC_PRI_KEY_CLASS;
866 }
867
DestroyEccKeyPairGenerator(HcfObjectBase * self)868 static void DestroyEccKeyPairGenerator(HcfObjectBase *self)
869 {
870 if (self == NULL) {
871 return;
872 }
873 if (!HcfIsClassMatch(self, GetEccKeyPairGeneratorClass())) {
874 return;
875 }
876 HcfFree(self);
877 }
878
DestroyEccPubKey(HcfObjectBase * self)879 static void DestroyEccPubKey(HcfObjectBase *self)
880 {
881 if (self == NULL) {
882 return;
883 }
884 if (!HcfIsClassMatch(self, GetEccPubKeyClass())) {
885 return;
886 }
887 HcfOpensslEccPubKey *impl = (HcfOpensslEccPubKey *)self;
888 OpensslEcKeyFree(impl->ecKey);
889 impl->ecKey = NULL;
890 HcfFree(impl->fieldType);
891 impl->fieldType = NULL;
892 HcfFree(impl);
893 }
894
DestroyEccPriKey(HcfObjectBase * self)895 static void DestroyEccPriKey(HcfObjectBase *self)
896 {
897 if (self == NULL) {
898 return;
899 }
900 if (!HcfIsClassMatch(self, GetEccPriKeyClass())) {
901 return;
902 }
903 HcfOpensslEccPriKey *impl = (HcfOpensslEccPriKey *)self;
904 OpensslEcKeyFree(impl->ecKey);
905 impl->ecKey = NULL;
906 HcfFree(impl->fieldType);
907 impl->fieldType = NULL;
908 HcfFree(impl);
909 }
910
DestroyEccKeyPair(HcfObjectBase * self)911 static void DestroyEccKeyPair(HcfObjectBase *self)
912 {
913 if (self == NULL) {
914 return;
915 }
916 if (!HcfIsClassMatch(self, GetEccKeyPairClass())) {
917 return;
918 }
919 HcfOpensslEccKeyPair *impl = (HcfOpensslEccKeyPair *)self;
920 if (impl->base.pubKey != NULL) {
921 DestroyEccPubKey((HcfObjectBase *)impl->base.pubKey);
922 impl->base.pubKey = NULL;
923 }
924 if (impl->base.priKey != NULL) {
925 DestroyEccPriKey((HcfObjectBase *)impl->base.priKey);
926 impl->base.priKey = NULL;
927 }
928 HcfFree(impl);
929 }
930
GetEccPubKeyAlgorithm(HcfKey * self)931 static const char *GetEccPubKeyAlgorithm(HcfKey *self)
932 {
933 if (self == NULL) {
934 LOGE("Invalid input parameter.");
935 return NULL;
936 }
937 if (!HcfIsClassMatch((HcfObjectBase *)self, HCF_OPENSSL_ECC_PUB_KEY_CLASS)) {
938 return NULL;
939 }
940 return OPENSSL_ECC_ALGORITHM;
941 }
942
GetEccPriKeyAlgorithm(HcfKey * self)943 static const char *GetEccPriKeyAlgorithm(HcfKey *self)
944 {
945 if (self == NULL) {
946 LOGE("Invalid input parameter.");
947 return NULL;
948 }
949 if (!HcfIsClassMatch((HcfObjectBase *)self, HCF_OPENSSL_ECC_PRI_KEY_CLASS)) {
950 return NULL;
951 }
952 return OPENSSL_ECC_ALGORITHM;
953 }
954
GetEccPubKeyFormat(HcfKey * self)955 static const char *GetEccPubKeyFormat(HcfKey *self)
956 {
957 if (self == NULL) {
958 LOGE("Invalid input parameter.");
959 return NULL;
960 }
961 if (!HcfIsClassMatch((HcfObjectBase *)self, HCF_OPENSSL_ECC_PUB_KEY_CLASS)) {
962 return NULL;
963 }
964 return OPENSSL_ECC_PUB_KEY_FORMAT;
965 }
966
GetEccPriKeyFormat(HcfKey * self)967 static const char *GetEccPriKeyFormat(HcfKey *self)
968 {
969 if (self == NULL) {
970 LOGE("Invalid input parameter.");
971 return NULL;
972 }
973 if (!HcfIsClassMatch((HcfObjectBase *)self, HCF_OPENSSL_ECC_PRI_KEY_CLASS)) {
974 return NULL;
975 }
976 return OPENSSL_ECC_PRI_KEY_FORMAT;
977 }
978
CheckAndUpdateEccPubKeyFormat(const char ** format)979 static HcfResult CheckAndUpdateEccPubKeyFormat(const char **format)
980 {
981 if (format == NULL || *format == NULL) {
982 LOGE("Invalid format parameter");
983 return HCF_INVALID_PARAMS;
984 }
985
986 const char *x509Str = "X509|";
987
988 if (strncmp(*format, x509Str, HcfStrlen(x509Str)) != 0) {
989 LOGE("Invalid x509Str parameter");
990 return HCF_INVALID_PARAMS;
991 }
992
993 const char *formatPtr = *format + HcfStrlen(x509Str);
994
995 if (strcmp(formatPtr, UNCOMPRESSED_FORMAT) == 0 || strcmp(formatPtr, COMPRESSED_FORMAT) == 0) {
996 *format = formatPtr;
997 return HCF_SUCCESS;
998 } else {
999 LOGE("Invalid formatPtr parameter");
1000 return HCF_INVALID_PARAMS;
1001 }
1002 }
1003
ConvertHcfBlobToOsslParams(const char * groupName,HcfBlob * pointBlob,const char * format)1004 static OSSL_PARAM *ConvertHcfBlobToOsslParams(const char *groupName, HcfBlob *pointBlob, const char *format)
1005 {
1006 OSSL_PARAM_BLD *paramBld = OpensslOsslParamBldNew();
1007 if (paramBld == NULL) {
1008 LOGE("paramBld is null");
1009 return NULL;
1010 }
1011 if (OpensslOsslParamBldPushUtf8String(paramBld, "group", groupName, 0) != HCF_OPENSSL_SUCCESS) {
1012 LOGE("Invalid groupName parameter.");
1013 OpensslOsslParamBldFree(paramBld);
1014 return NULL;
1015 }
1016 if (OpensslOsslParamBldPushUtf8String(paramBld, "point-format", format, 0) != HCF_OPENSSL_SUCCESS) {
1017 LOGE("Invalid format parameter.");
1018 OpensslOsslParamBldFree(paramBld);
1019 return NULL;
1020 }
1021 if (OpensslOsslParamBldPushOctetString(paramBld, "pub", pointBlob->data, pointBlob->len) != HCF_OPENSSL_SUCCESS) {
1022 LOGE("Invalid pointBlob parameter.");
1023 OpensslOsslParamBldFree(paramBld);
1024 return NULL;
1025 }
1026 OSSL_PARAM *params = OpensslOsslParamBldToParam(paramBld);
1027 if (params == NULL) {
1028 LOGE("Failed to convert OSSL_PARAM_BLD to OSSL_PARAM");
1029 HcfPrintOpensslError();
1030 OpensslOsslParamBldFree(paramBld);
1031 return NULL;
1032 }
1033 OpensslOsslParamBldFree(paramBld);
1034 return params;
1035 }
1036
ConvertOsslParamsToEccPubKey(const char * groupName,int32_t curveId,HcfBlob * pointBlob,const char * format)1037 static EC_KEY *ConvertOsslParamsToEccPubKey(const char *groupName, int32_t curveId,
1038 HcfBlob *pointBlob, const char *format)
1039 {
1040 OSSL_PARAM *params = ConvertHcfBlobToOsslParams(groupName, pointBlob, format);
1041 if (params == NULL) {
1042 LOGE("Failed to convert OSSL_PARAM_BLD to OSSL_PARAM");
1043 return NULL;
1044 }
1045 EVP_PKEY_CTX *ctx = NULL;
1046 EVP_PKEY *pkey = NULL;
1047 EC_KEY *returnKey = NULL;
1048 do {
1049 ctx = OpensslEvpPkeyCtxNewId(EVP_PKEY_EC, NULL);
1050 if (ctx == NULL) {
1051 LOGE("Failed to create EVP_PKEY_CTX");
1052 break;
1053 }
1054 if (OpensslEvpPkeyParamGenInit(ctx) <= 0) {
1055 LOGE("Create EVP_PKEY_CTX by curveId fail, curveId is %{public}d", curveId);
1056 break;
1057 }
1058 if (OpensslEvpPkeyCtxSetEcParamgenCurveNid(ctx, curveId) <= 0) {
1059 LOGE("EVP init curveId fail");
1060 HcfPrintOpensslError();
1061 break;
1062 }
1063 if (OpensslEvpPkeyFromDataInit(ctx) != HCF_OPENSSL_SUCCESS) {
1064 LOGE("EVP init fail");
1065 break;
1066 }
1067 if (OpensslEvpPkeyFromData(ctx, &pkey, EVP_PKEY_PUBLIC_KEY, params) != HCF_OPENSSL_SUCCESS) {
1068 LOGE("EVP get pkey fail");
1069 HcfPrintOpensslError();
1070 break;
1071 }
1072 returnKey = OpensslEvpPkeyGet1EcKey(pkey);
1073 if (returnKey == NULL) {
1074 LOGE("Return key is NULL");
1075 break;
1076 }
1077 } while (0);
1078 OpensslEvpPkeyFree(pkey);
1079 OpensslEvpPkeyCtxFree(ctx);
1080 OpensslOsslParamFree(params);
1081 return returnKey;
1082 }
1083
GetCompressedEccPointEncoded(HcfOpensslEccPubKey * impl,HcfBlob * returnBlob)1084 static HcfResult GetCompressedEccPointEncoded(HcfOpensslEccPubKey *impl, HcfBlob *returnBlob)
1085 {
1086 EC_KEY *ecKey = impl->ecKey;
1087 if (ecKey == NULL) {
1088 LOGE("EcKey is NULL.");
1089 return HCF_INVALID_PARAMS;
1090 }
1091 const EC_GROUP *group = OpensslEcKeyGet0Group(ecKey);
1092 if (group == NULL) {
1093 LOGE("Failed to get group.");
1094 return HCF_ERR_CRYPTO_OPERATION;
1095 }
1096 const EC_POINT *point = OpensslEcKeyGet0PublicKey(ecKey);
1097 if (point == NULL) {
1098 LOGE("Failed to get point.");
1099 return HCF_ERR_CRYPTO_OPERATION;
1100 }
1101 size_t returnDataLen = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, NULL);
1102 if (returnDataLen == 0) {
1103 LOGE("Failed to get compressed key length.");
1104 HcfPrintOpensslError();
1105 return HCF_ERR_CRYPTO_OPERATION;
1106 }
1107 uint8_t *returnData = (uint8_t *)HcfMalloc(returnDataLen, 0);
1108 if (returnData == NULL) {
1109 LOGE("Failed to allocate memory for returnBlob data.");
1110 return HCF_ERR_MALLOC;
1111 }
1112 size_t result = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED,
1113 returnData, returnDataLen, NULL);
1114 if (result != returnDataLen) {
1115 LOGE("Failed to convert public key to compressed format.");
1116 HcfPrintOpensslError();
1117 HcfFree(returnData);
1118 returnBlob = NULL;
1119 return HCF_ERR_CRYPTO_OPERATION;
1120 }
1121 returnBlob->data = returnData;
1122 returnBlob->len = returnDataLen;
1123 return HCF_SUCCESS;
1124 }
1125
GetDerEccPubKeyEncoded(EC_KEY * ecKey,HcfBlob * returnBlob)1126 static HcfResult GetDerEccPubKeyEncoded(EC_KEY *ecKey, HcfBlob *returnBlob)
1127 {
1128 unsigned char *returnData = NULL;
1129 int returnDataLen = OpensslI2dEcPubKey(ecKey, &returnData);
1130 if (returnDataLen <= 0) {
1131 LOGE("i2d_EC_PUBKEY fail");
1132 HcfPrintOpensslError();
1133 return HCF_ERR_CRYPTO_OPERATION;
1134 }
1135 returnBlob->data = returnData;
1136 returnBlob->len = returnDataLen;
1137 return HCF_SUCCESS;
1138 }
1139
SetEccKeyAsn1Flag(HcfOpensslEccPubKey * impl)1140 static void SetEccKeyAsn1Flag(HcfOpensslEccPubKey *impl)
1141 {
1142 if (impl->curveId != 0) {
1143 LOGD("have a curveId");
1144 OpensslEcKeySetAsn1Flag(impl->ecKey, OPENSSL_EC_NAMED_CURVE);
1145 } else {
1146 OpensslEcKeySetAsn1Flag(impl->ecKey, OPENSSL_EC_EXPLICIT_CURVE);
1147 }
1148 }
1149
GetEccPubKeyEncodedDer(const HcfPubKey * self,const char * format,HcfBlob * returnBlob)1150 static HcfResult GetEccPubKeyEncodedDer(const HcfPubKey *self, const char *format, HcfBlob *returnBlob)
1151 {
1152 if ((self == NULL) || (returnBlob == NULL)) {
1153 LOGE("Invalid input parameter.");
1154 return HCF_INVALID_PARAMS;
1155 }
1156
1157 if (CheckAndUpdateEccPubKeyFormat(&format) != HCF_SUCCESS) {
1158 LOGE("Invalid format.");
1159 return HCF_INVALID_PARAMS;
1160 }
1161
1162 if (!HcfIsClassMatch((HcfObjectBase *)self, HCF_OPENSSL_ECC_PUB_KEY_CLASS)) {
1163 LOGE("Invalid input parameter type.");
1164 return HCF_INVALID_PARAMS;
1165 }
1166 HcfOpensslEccPubKey *impl = (HcfOpensslEccPubKey *)self;
1167 SetEccKeyAsn1Flag(impl);
1168
1169 char *groupName = NULL;
1170 HcfResult ret = GetGroupNameByNid(impl->curveId, &groupName);
1171 if (ret != HCF_SUCCESS) {
1172 LOGE("Failed to get group name.");
1173 return ret;
1174 }
1175 HcfBlob tmpBlob = { .data = NULL, .len = 0 };
1176 ret = GetCompressedEccPointEncoded(impl, &tmpBlob);
1177 if (ret != HCF_SUCCESS) {
1178 LOGE("Invalid input parameter.");
1179 return ret;
1180 }
1181 EC_KEY *tmpEcKey = ConvertOsslParamsToEccPubKey(groupName, impl->curveId, &tmpBlob, format);
1182 if (tmpEcKey == NULL) {
1183 LOGE("Failed to convert ECC parameters to EC public key.");
1184 HcfBlobDataFree(&tmpBlob);
1185 return HCF_ERR_CRYPTO_OPERATION;
1186 }
1187 ret = GetDerEccPubKeyEncoded(tmpEcKey, returnBlob);
1188 OpensslEcKeyFree(tmpEcKey);
1189 HcfBlobDataFree(&tmpBlob);
1190 return ret;
1191 }
1192
GetEccPubKeyEncoded(HcfKey * self,HcfBlob * returnBlob)1193 static HcfResult GetEccPubKeyEncoded(HcfKey *self, HcfBlob *returnBlob)
1194 {
1195 if ((self == NULL) || (returnBlob == NULL)) {
1196 LOGE("Invalid input parameter.");
1197 return HCF_INVALID_PARAMS;
1198 }
1199 if (!HcfIsClassMatch((HcfObjectBase *)self, HCF_OPENSSL_ECC_PUB_KEY_CLASS)) {
1200 return HCF_INVALID_PARAMS;
1201 }
1202
1203 HcfOpensslEccPubKey *impl = (HcfOpensslEccPubKey *)self;
1204 SetEccKeyAsn1Flag(impl);
1205
1206 unsigned char *returnData = NULL;
1207 int returnDataLen = OpensslI2dEcPubKey(impl->ecKey, &returnData);
1208 if (returnDataLen <= 0) {
1209 LOGD("[error] i2d_EC_PUBKEY fail");
1210 HcfPrintOpensslError();
1211 return HCF_ERR_CRYPTO_OPERATION;
1212 }
1213 LOGD("ECC pubKey i2d success");
1214 returnBlob->data = returnData;
1215 returnBlob->len = returnDataLen;
1216 return HCF_SUCCESS;
1217 }
1218
GetEccPubKeyEncodedPem(HcfKey * self,const char * format,char ** returnString)1219 static HcfResult GetEccPubKeyEncodedPem(HcfKey *self, const char *format, char **returnString)
1220 {
1221 (void)self;
1222 (void)format;
1223 (void)returnString;
1224 return HCF_INVALID_PARAMS;
1225 }
1226
GetEccPriKeyEncoded(HcfKey * self,HcfBlob * returnBlob)1227 static HcfResult GetEccPriKeyEncoded(HcfKey *self, HcfBlob *returnBlob)
1228 {
1229 if ((self == NULL) || (returnBlob == NULL)) {
1230 LOGE("Invalid input parameter.");
1231 return HCF_INVALID_PARAMS;
1232 }
1233 if (!HcfIsClassMatch((HcfObjectBase *)self, HCF_OPENSSL_ECC_PRI_KEY_CLASS)) {
1234 return HCF_INVALID_PARAMS;
1235 }
1236
1237 HcfOpensslEccPriKey *impl = (HcfOpensslEccPriKey *)self;
1238 if (impl->curveId != 0) {
1239 LOGD("have a curveId");
1240 OpensslEcKeySetAsn1Flag(impl->ecKey, OPENSSL_EC_NAMED_CURVE);
1241 } else {
1242 OpensslEcKeySetAsn1Flag(impl->ecKey, OPENSSL_EC_EXPLICIT_CURVE);
1243 }
1244 // keep consistence of 3.2
1245 OpensslEcKeySetEncFlags(impl->ecKey, EC_PKEY_NO_PUBKEY);
1246 // if the convert key has no pubKey, it will generate pub key automatically,
1247 // and set the no pubKey flag to ensure the consistency of blob.
1248 unsigned char *returnData = NULL;
1249 int returnDataLen = OpensslI2dEcPrivateKey(impl->ecKey, &returnData);
1250 if (returnDataLen <= 0) {
1251 LOGD("[error] i2d_ECPrivateKey fail.");
1252 HcfPrintOpensslError();
1253 return HCF_ERR_CRYPTO_OPERATION;
1254 }
1255 LOGD("ECC priKey i2d success");
1256 returnBlob->data = returnData;
1257 returnBlob->len = returnDataLen;
1258 return HCF_SUCCESS;
1259 }
1260
GetEccPriKeyEncodedPem(const HcfPriKey * self,HcfParamsSpec * paramsSpec,const char * format,char ** returnString)1261 static HcfResult GetEccPriKeyEncodedPem(const HcfPriKey *self, HcfParamsSpec *paramsSpec, const char *format,
1262 char **returnString)
1263 {
1264 (void)self;
1265 (void)paramsSpec;
1266 (void)format;
1267 (void)returnString;
1268 return HCF_INVALID_PARAMS;
1269 }
1270
ParamCheck(const HcfPriKey * self,const char * format,const HcfBlob * returnBlob)1271 static HcfResult ParamCheck(const HcfPriKey *self, const char *format, const HcfBlob *returnBlob)
1272 {
1273 if ((self == NULL) || (format == NULL) || (returnBlob == NULL)) {
1274 LOGE("Invalid input parameter.");
1275 return HCF_INVALID_PARAMS;
1276 }
1277 if (!HcfIsClassMatch((HcfObjectBase *)self, HCF_OPENSSL_ECC_PRI_KEY_CLASS)) {
1278 LOGE("Invalid ecc params.");
1279 return HCF_INVALID_PARAMS;
1280 }
1281 if (strcmp(format, "PKCS8") != 0) {
1282 LOGE("Invalid point format.");
1283 return HCF_INVALID_PARAMS;
1284 }
1285 return HCF_SUCCESS;
1286 }
1287
CopyMemFromBIO(BIO * bio,HcfBlob * returnBlob)1288 static HcfResult CopyMemFromBIO(BIO *bio, HcfBlob *returnBlob)
1289 {
1290 int len = BIO_pending(bio);
1291 if (len <= 0) {
1292 LOGE("Bio len less than 0.");
1293 return HCF_INVALID_PARAMS;
1294 }
1295 HcfBlob tmpBlob;
1296 tmpBlob.len = len;
1297 tmpBlob.data = (uint8_t *)HcfMalloc(sizeof(uint8_t) * len, 0);
1298 if (tmpBlob.data == NULL) {
1299 LOGE("Malloc mem for blob fail.");
1300 return HCF_ERR_MALLOC;
1301 }
1302 if (OpensslBioRead(bio, tmpBlob.data, tmpBlob.len) <= 0) {
1303 LOGE("Bio read fail");
1304 HcfPrintOpensslError();
1305 HcfFree(tmpBlob.data);
1306 tmpBlob.data = NULL;
1307 return HCF_ERR_CRYPTO_OPERATION;
1308 }
1309 returnBlob->len = tmpBlob.len;
1310 returnBlob->data = tmpBlob.data;
1311 return HCF_SUCCESS;
1312 }
1313
GetECPriKeyEncodedDer(const HcfPriKey * self,const char * format,HcfBlob * returnBlob)1314 static HcfResult GetECPriKeyEncodedDer(const HcfPriKey *self, const char *format, HcfBlob *returnBlob)
1315 {
1316 HcfResult ret = ParamCheck(self, format, returnBlob);
1317 if (ret != HCF_SUCCESS) {
1318 return ret;
1319 }
1320 HcfOpensslEccPriKey *impl = (HcfOpensslEccPriKey *)self;
1321 if (impl->curveId != 0) {
1322 OpensslEcKeySetAsn1Flag(impl->ecKey, OPENSSL_EC_NAMED_CURVE);
1323 } else {
1324 OpensslEcKeySetAsn1Flag(impl->ecKey, OPENSSL_EC_EXPLICIT_CURVE);
1325 }
1326 // keep consistence of 3.2
1327 OpensslEcKeySetEncFlags(impl->ecKey, EC_PKEY_NO_PUBKEY);
1328 EVP_PKEY *pkey = OpensslEvpPkeyNew();
1329 if (pkey == NULL) {
1330 HcfPrintOpensslError();
1331 LOGE("New pKey failed.");
1332 return HCF_ERR_CRYPTO_OPERATION;
1333 }
1334 if (OpensslEvpPkeySet1EcKey(pkey, impl->ecKey) != HCF_OPENSSL_SUCCESS) {
1335 OpensslEvpPkeyFree(pkey);
1336 HcfPrintOpensslError();
1337 LOGE("set ec key failed.");
1338 return HCF_ERR_CRYPTO_OPERATION;
1339 }
1340 BIO *bio = OpensslBioNew(OpensslBioSMem());
1341 if (bio == NULL) {
1342 LOGE("BIO new fail.");
1343 HcfPrintOpensslError();
1344 ret = HCF_ERR_CRYPTO_OPERATION;
1345 goto ERR2;
1346 }
1347 if (i2d_PKCS8PrivateKey_bio(bio, pkey, NULL, NULL, 0, NULL, NULL) != HCF_OPENSSL_SUCCESS) {
1348 LOGE("i2d privateKey bio fail.");
1349 HcfPrintOpensslError();
1350 ret = HCF_ERR_CRYPTO_OPERATION;
1351 goto ERR1;
1352 }
1353 ret = CopyMemFromBIO(bio, returnBlob);
1354 if (ret != HCF_SUCCESS) {
1355 LOGE("Copy mem from BIO fail.");
1356 }
1357 ERR1:
1358 OpensslBioFreeAll(bio);
1359 ERR2:
1360 OpensslEvpPkeyFree(pkey);
1361 return ret;
1362 }
1363
EccPriKeyClearMem(HcfPriKey * self)1364 static void EccPriKeyClearMem(HcfPriKey *self)
1365 {
1366 if (self == NULL) {
1367 return;
1368 }
1369 if (!HcfIsClassMatch((HcfObjectBase *)self, GetEccPriKeyClass())) {
1370 return;
1371 }
1372 HcfOpensslEccPriKey *impl = (HcfOpensslEccPriKey *)self;
1373 OpensslEcKeyFree(impl->ecKey);
1374 impl->ecKey = NULL;
1375 }
1376
GetCurveName(const HcfKey * self,const bool isPriavte,char ** returnString)1377 static HcfResult GetCurveName(const HcfKey *self, const bool isPriavte, char **returnString)
1378 {
1379 int32_t curveId = 0;
1380 if (isPriavte) {
1381 curveId = ((HcfOpensslEccPriKey *)self)->curveId;
1382 } else {
1383 curveId = ((HcfOpensslEccPubKey *)self)->curveId;
1384 }
1385
1386 char *tmp = NULL;
1387 if (GetCurveNameByCurveId(curveId, &tmp) != HCF_SUCCESS) {
1388 LOGE("get vurveName by curveId failed.");
1389 return HCF_INVALID_PARAMS;
1390 }
1391
1392 if (tmp == NULL) {
1393 LOGE("tmp is null.");
1394 return HCF_INVALID_PARAMS;
1395 }
1396 size_t len = HcfStrlen(tmp);
1397 if (len == 0) {
1398 LOGE("fieldType is empty!");
1399 return HCF_INVALID_PARAMS;
1400 }
1401
1402 *returnString = (char *)HcfMalloc(len + 1, 0);
1403 if (*returnString == NULL) {
1404 LOGE("Alloc returnString memory failed.");
1405 return HCF_ERR_MALLOC;
1406 }
1407 (void)memcpy_s(*returnString, len, tmp, len);
1408 return HCF_SUCCESS;
1409 }
1410
CheckEcKeySelf(const HcfKey * self,bool * isPrivate)1411 static HcfResult CheckEcKeySelf(const HcfKey *self, bool *isPrivate)
1412 {
1413 if (HcfIsClassMatch((HcfObjectBase *)self, GetEccPubKeyClass())) {
1414 *isPrivate = false;
1415 return HCF_SUCCESS;
1416 } else if (HcfIsClassMatch((HcfObjectBase *)self, GetEccPriKeyClass())) {
1417 if (((HcfOpensslEccPriKey *)self)->ecKey == NULL) {
1418 LOGE("Cannot use priKey after free");
1419 return HCF_INVALID_PARAMS;
1420 }
1421 *isPrivate = true;
1422 return HCF_SUCCESS;
1423 } else {
1424 return HCF_INVALID_PARAMS;
1425 }
1426 }
1427
GetEcKeySpecBigInteger(const HcfKey * self,const AsyKeySpecItem item,HcfBigInteger * returnBigInteger)1428 static HcfResult GetEcKeySpecBigInteger(const HcfKey *self, const AsyKeySpecItem item,
1429 HcfBigInteger *returnBigInteger)
1430 {
1431 if (self == NULL || returnBigInteger == NULL) {
1432 LOGE("Invalid input parameter.");
1433 return HCF_INVALID_PARAMS;
1434 }
1435 bool isPrivate = false;
1436 HcfResult res = CheckEcKeySelf(self, &isPrivate);
1437 if (res != HCF_SUCCESS) {
1438 LOGE("Invalid input key");
1439 return HCF_INVALID_PARAMS;
1440 }
1441 const EC_GROUP *group = NULL;
1442 if (isPrivate) {
1443 group = OpensslEcKeyGet0Group(((HcfOpensslEccPriKey *)self)->ecKey);
1444 } else {
1445 group = OpensslEcKeyGet0Group(((HcfOpensslEccPubKey *)self)->ecKey);
1446 }
1447 switch (item) {
1448 case ECC_FP_P_BN:
1449 case ECC_A_BN:
1450 case ECC_B_BN:
1451 res = GetCurveGFp(group, item, returnBigInteger);
1452 break;
1453 case ECC_G_X_BN:
1454 case ECC_G_Y_BN:
1455 res = GetGenerator(group, item, returnBigInteger);
1456 break;
1457 case ECC_N_BN:
1458 res = GetOrder(group, returnBigInteger);
1459 break;
1460 case ECC_SK_BN:
1461 case ECC_PK_X_BN:
1462 case ECC_PK_Y_BN:
1463 res = GetPkSkBigInteger(self, isPrivate, item, returnBigInteger);
1464 break;
1465 default:
1466 LOGE("Invalid ecc key big number spec!");
1467 res = HCF_INVALID_PARAMS;
1468 break;
1469 }
1470 return res;
1471 }
1472
GetEcKeySpecString(const HcfKey * self,const AsyKeySpecItem item,char ** returnString)1473 static HcfResult GetEcKeySpecString(const HcfKey *self, const AsyKeySpecItem item, char **returnString)
1474 {
1475 if (self == NULL || returnString == NULL) {
1476 LOGE("Invalid input parameter.");
1477 return HCF_INVALID_PARAMS;
1478 }
1479 bool isPrivate = false;
1480 HcfResult res = CheckEcKeySelf(self, &isPrivate);
1481 if (res != HCF_SUCCESS) {
1482 LOGE("Invalid input key");
1483 return HCF_INVALID_PARAMS;
1484 }
1485
1486 switch (item) {
1487 case ECC_FIELD_TYPE_STR:
1488 res = GetFieldType(self, isPrivate, returnString);
1489 break;
1490 case ECC_CURVE_NAME_STR:
1491 res = GetCurveName(self, isPrivate, returnString);
1492 break;
1493 default:
1494 res = HCF_INVALID_PARAMS;
1495 LOGE("Invalid spec of ec string");
1496 break;
1497 }
1498 return res;
1499 }
1500
GetEcKeySpecInt(const HcfKey * self,const AsyKeySpecItem item,int * returnInt)1501 static HcfResult GetEcKeySpecInt(const HcfKey *self, const AsyKeySpecItem item, int *returnInt)
1502 {
1503 if (self == NULL || returnInt == NULL) {
1504 LOGE("Invalid input parameter.");
1505 return HCF_INVALID_PARAMS;
1506 }
1507 bool isPrivate = false;
1508 HcfResult res = CheckEcKeySelf(self, &isPrivate);
1509 if (res != HCF_SUCCESS) {
1510 LOGE("Invalid input key");
1511 return HCF_INVALID_PARAMS;
1512 }
1513 const EC_GROUP *group = NULL;
1514 if (isPrivate) {
1515 group = OpensslEcKeyGet0Group(((HcfOpensslEccPriKey *)self)->ecKey);
1516 } else {
1517 group = OpensslEcKeyGet0Group(((HcfOpensslEccPubKey *)self)->ecKey);
1518 }
1519 switch (item) {
1520 case ECC_H_INT:
1521 res = GetCofactor(group, returnInt);
1522 break;
1523 case ECC_FIELD_SIZE_INT:
1524 res = GetFieldSize(group, returnInt);
1525 break;
1526 default:
1527 res = HCF_INVALID_PARAMS;
1528 LOGE("invalid ec key int spec");
1529 break;
1530 }
1531 return res;
1532 }
1533
GetECPubKeySpecBigInteger(const HcfPubKey * self,const AsyKeySpecItem item,HcfBigInteger * returnBigInteger)1534 static HcfResult GetECPubKeySpecBigInteger(const HcfPubKey *self, const AsyKeySpecItem item,
1535 HcfBigInteger *returnBigInteger)
1536 {
1537 return GetEcKeySpecBigInteger((HcfKey *)self, item, returnBigInteger);
1538 }
1539
GetECPubKeySpecString(const HcfPubKey * self,const AsyKeySpecItem item,char ** returnString)1540 static HcfResult GetECPubKeySpecString(const HcfPubKey *self, const AsyKeySpecItem item, char **returnString)
1541 {
1542 return GetEcKeySpecString((HcfKey *)self, item, returnString);
1543 }
1544
GetECPubKeySpecInt(const HcfPubKey * self,const AsyKeySpecItem item,int * returnInt)1545 static HcfResult GetECPubKeySpecInt(const HcfPubKey *self, const AsyKeySpecItem item, int *returnInt)
1546 {
1547 return GetEcKeySpecInt((HcfKey *)self, item, returnInt);
1548 }
1549
GetECPriKeySpecBigInteger(const HcfPriKey * self,const AsyKeySpecItem item,HcfBigInteger * returnBigInteger)1550 static HcfResult GetECPriKeySpecBigInteger(const HcfPriKey *self, const AsyKeySpecItem item,
1551 HcfBigInteger *returnBigInteger)
1552 {
1553 return GetEcKeySpecBigInteger((HcfKey *)self, item, returnBigInteger);
1554 }
1555
GetECPriKeySpecString(const HcfPriKey * self,const AsyKeySpecItem item,char ** returnString)1556 static HcfResult GetECPriKeySpecString(const HcfPriKey *self, const AsyKeySpecItem item, char **returnString)
1557 {
1558 return GetEcKeySpecString((HcfKey *)self, item, returnString);
1559 }
1560
GetECPriKeySpecInt(const HcfPriKey * self,const AsyKeySpecItem item,int * returnInt)1561 static HcfResult GetECPriKeySpecInt(const HcfPriKey *self, const AsyKeySpecItem item, int *returnInt)
1562 {
1563 return GetEcKeySpecInt((HcfKey *)self, item, returnInt);
1564 }
1565
PackEccPubKey(int32_t curveId,EC_KEY * ecKey,const char * fieldType,HcfOpensslEccPubKey ** returnObj)1566 static HcfResult PackEccPubKey(int32_t curveId, EC_KEY *ecKey, const char *fieldType,
1567 HcfOpensslEccPubKey **returnObj)
1568 {
1569 HcfOpensslEccPubKey *returnPubKey = (HcfOpensslEccPubKey *)HcfMalloc(sizeof(HcfOpensslEccPubKey), 0);
1570 if (returnPubKey == NULL) {
1571 LOGE("Failed to allocate returnPubKey memory!");
1572 return HCF_ERR_MALLOC;
1573 }
1574 char *tmpFieldType = NULL;
1575 if (fieldType != NULL) {
1576 size_t len = HcfStrlen(fieldType);
1577 if (len == 0) {
1578 LOGE("fieldType is empty!");
1579 HcfFree(returnPubKey);
1580 returnPubKey = NULL;
1581 return HCF_INVALID_PARAMS;
1582 }
1583 tmpFieldType = (char *)HcfMalloc(len + 1, 0);
1584 if (tmpFieldType == NULL) {
1585 LOGE("Alloc tmpFieldType memory failed.");
1586 HcfFree(returnPubKey);
1587 returnPubKey = NULL;
1588 return HCF_ERR_MALLOC;
1589 }
1590 (void)memcpy_s(tmpFieldType, len, fieldType, len);
1591 }
1592
1593 returnPubKey->base.base.base.destroy = DestroyEccPubKey;
1594 returnPubKey->base.base.base.getClass = GetEccPubKeyClass;
1595 returnPubKey->base.base.getAlgorithm = GetEccPubKeyAlgorithm;
1596 returnPubKey->base.base.getEncoded = GetEccPubKeyEncoded;
1597 returnPubKey->base.base.getEncodedPem = GetEccPubKeyEncodedPem;
1598 returnPubKey->base.base.getFormat = GetEccPubKeyFormat;
1599 returnPubKey->base.getAsyKeySpecBigInteger = GetECPubKeySpecBigInteger;
1600 returnPubKey->base.getAsyKeySpecString = GetECPubKeySpecString;
1601 returnPubKey->base.getAsyKeySpecInt = GetECPubKeySpecInt;
1602 returnPubKey->base.getEncodedDer = GetEccPubKeyEncodedDer;
1603 returnPubKey->curveId = curveId;
1604 returnPubKey->ecKey = ecKey;
1605 returnPubKey->fieldType = tmpFieldType;
1606
1607 *returnObj = returnPubKey;
1608 return HCF_SUCCESS;
1609 }
1610
PackEccPriKey(int32_t curveId,EC_KEY * ecKey,const char * fieldType,HcfOpensslEccPriKey ** returnObj)1611 static HcfResult PackEccPriKey(int32_t curveId, EC_KEY *ecKey, const char *fieldType,
1612 HcfOpensslEccPriKey **returnObj)
1613 {
1614 HcfOpensslEccPriKey *returnPriKey = (HcfOpensslEccPriKey *)HcfMalloc(sizeof(HcfOpensslEccPriKey), 0);
1615 if (returnPriKey == NULL) {
1616 LOGE("Failed to allocate returnPriKey memory!");
1617 return HCF_ERR_MALLOC;
1618 }
1619 char *tmpFieldType = NULL;
1620 if (fieldType != NULL) {
1621 size_t len = HcfStrlen(fieldType);
1622 if (len == 0) {
1623 LOGE("fieldType is empty!");
1624 HcfFree(returnPriKey);
1625 returnPriKey = NULL;
1626 return HCF_INVALID_PARAMS;
1627 }
1628 tmpFieldType = (char *)HcfMalloc(len + 1, 0);
1629 if (tmpFieldType == NULL) {
1630 LOGE("Alloc tmpFieldType memory failed.");
1631 HcfFree(returnPriKey);
1632 returnPriKey = NULL;
1633 return HCF_ERR_MALLOC;
1634 }
1635 (void)memcpy_s(tmpFieldType, len, fieldType, len);
1636 }
1637
1638 returnPriKey->base.base.base.destroy = DestroyEccPriKey;
1639 returnPriKey->base.base.base.getClass = GetEccPriKeyClass;
1640 returnPriKey->base.base.getAlgorithm = GetEccPriKeyAlgorithm;
1641 returnPriKey->base.base.getEncoded = GetEccPriKeyEncoded;
1642 returnPriKey->base.getEncodedPem = GetEccPriKeyEncodedPem;
1643 returnPriKey->base.base.getFormat = GetEccPriKeyFormat;
1644 returnPriKey->base.clearMem = EccPriKeyClearMem;
1645 returnPriKey->base.getAsyKeySpecBigInteger = GetECPriKeySpecBigInteger;
1646 returnPriKey->base.getAsyKeySpecString = GetECPriKeySpecString;
1647 returnPriKey->base.getAsyKeySpecInt = GetECPriKeySpecInt;
1648 returnPriKey->base.getEncodedDer = GetECPriKeyEncodedDer;
1649 returnPriKey->curveId = curveId;
1650 returnPriKey->ecKey = ecKey;
1651 returnPriKey->fieldType = tmpFieldType;
1652
1653 *returnObj = returnPriKey;
1654 return HCF_SUCCESS;
1655 }
1656
PackEccKeyPair(HcfOpensslEccPubKey * pubKey,HcfOpensslEccPriKey * priKey,HcfOpensslEccKeyPair ** returnObj)1657 static HcfResult PackEccKeyPair(HcfOpensslEccPubKey *pubKey, HcfOpensslEccPriKey *priKey,
1658 HcfOpensslEccKeyPair **returnObj)
1659 {
1660 HcfOpensslEccKeyPair *returnKeyPair = (HcfOpensslEccKeyPair *)HcfMalloc(sizeof(HcfOpensslEccKeyPair), 0);
1661 if (returnKeyPair == NULL) {
1662 LOGE("Failed to allocate returnKeyPair memory!");
1663 return HCF_ERR_MALLOC;
1664 }
1665 returnKeyPair->base.base.getClass = GetEccKeyPairClass;
1666 returnKeyPair->base.base.destroy = DestroyEccKeyPair;
1667 returnKeyPair->base.pubKey = (HcfPubKey *)pubKey;
1668 returnKeyPair->base.priKey = (HcfPriKey *)priKey;
1669
1670 *returnObj = returnKeyPair;
1671 return HCF_SUCCESS;
1672 }
1673
ConvertEcPubKey(int32_t curveId,HcfBlob * pubKeyBlob,HcfOpensslEccPubKey ** returnPubKey)1674 static HcfResult ConvertEcPubKey(int32_t curveId, HcfBlob *pubKeyBlob, HcfOpensslEccPubKey **returnPubKey)
1675 {
1676 const unsigned char *tmpData = (const unsigned char *)(pubKeyBlob->data);
1677 EC_KEY *ecKey = OpensslD2iEcPubKey(NULL, &tmpData, pubKeyBlob->len);
1678 if (ecKey == NULL) {
1679 LOGE("d2i_EC_PUBKEY fail.");
1680 HcfPrintOpensslError();
1681 return HCF_ERR_CRYPTO_OPERATION;
1682 }
1683 HcfResult res = PackEccPubKey(curveId, ecKey, g_eccGenerateFieldType, returnPubKey);
1684 if (res != HCF_SUCCESS) {
1685 LOGE("PackEccPubKey failed.");
1686 OpensslEcKeyFree(ecKey);
1687 return res;
1688 }
1689 return HCF_SUCCESS;
1690 }
1691
ConvertPriFromEncoded(EC_KEY ** eckey,HcfBlob * priKeyBlob)1692 static HcfResult ConvertPriFromEncoded(EC_KEY **eckey, HcfBlob *priKeyBlob)
1693 {
1694 const unsigned char *tmpData = (const unsigned char *)(priKeyBlob->data);
1695 EVP_PKEY *pkey = OpensslD2iPrivateKey(EVP_PKEY_EC, NULL, &tmpData, priKeyBlob->len);
1696 if (pkey == NULL) {
1697 HcfPrintOpensslError();
1698 LOGE("d2i pri key failed.");
1699 return HCF_ERR_CRYPTO_OPERATION;
1700 }
1701 *eckey = EVP_PKEY_get1_EC_KEY(pkey);
1702 OpensslEvpPkeyFree(pkey);
1703 if (*eckey == NULL) {
1704 LOGE("Get eckey failed");
1705 HcfPrintOpensslError();
1706 return HCF_ERR_CRYPTO_OPERATION;
1707 }
1708 return HCF_SUCCESS;
1709 }
1710
ConvertEcPriKey(int32_t curveId,HcfBlob * priKeyBlob,HcfOpensslEccPriKey ** returnPriKey)1711 static HcfResult ConvertEcPriKey(int32_t curveId, HcfBlob *priKeyBlob, HcfOpensslEccPriKey **returnPriKey)
1712 {
1713 EC_KEY *ecKey = NULL;
1714 HcfResult res = ConvertPriFromEncoded(&ecKey, priKeyBlob);
1715 if (res != HCF_SUCCESS) {
1716 LOGE("i2d for private key failed");
1717 HcfPrintOpensslError();
1718 return HCF_ERR_CRYPTO_OPERATION;
1719 }
1720 if (ecKey == NULL) {
1721 LOGE("d2i ec private key fail");
1722 HcfPrintOpensslError();
1723 return HCF_ERR_CRYPTO_OPERATION;
1724 }
1725 res = PackEccPriKey(curveId, ecKey, g_eccGenerateFieldType, returnPriKey);
1726 if (res != HCF_SUCCESS) {
1727 LOGE("Pack ec pri key failed.");
1728 OpensslEcKeyFree(ecKey);
1729 return res;
1730 }
1731 return HCF_SUCCESS;
1732 }
1733
EngineConvertEccKey(HcfAsyKeyGeneratorSpi * self,HcfParamsSpec * params,HcfBlob * pubKeyBlob,HcfBlob * priKeyBlob,HcfKeyPair ** returnKeyPair)1734 static HcfResult EngineConvertEccKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec *params, HcfBlob *pubKeyBlob,
1735 HcfBlob *priKeyBlob, HcfKeyPair **returnKeyPair)
1736 {
1737 (void)params;
1738 if ((self == NULL) || (returnKeyPair == NULL)) {
1739 LOGE("Invalid input parameter.");
1740 return HCF_INVALID_PARAMS;
1741 }
1742 if (!HcfIsClassMatch((HcfObjectBase *)self, GetEccKeyPairGeneratorClass())) {
1743 return HCF_INVALID_PARAMS;
1744 }
1745 bool pubKeyValid = HcfIsBlobValid(pubKeyBlob);
1746 bool priKeyValid = HcfIsBlobValid(priKeyBlob);
1747 if ((!pubKeyValid) && (!priKeyValid)) {
1748 LOGE("The private key and public key cannot both be NULL.");
1749 return HCF_INVALID_PARAMS;
1750 }
1751
1752 HcfAsyKeyGeneratorSpiOpensslEccImpl *impl = (HcfAsyKeyGeneratorSpiOpensslEccImpl *)self;
1753 HcfResult res = HCF_SUCCESS;
1754 HcfOpensslEccPubKey *pubKey = NULL;
1755 HcfOpensslEccPriKey *priKey = NULL;
1756 HcfOpensslEccKeyPair *keyPair = NULL;
1757 do {
1758 if (pubKeyValid) {
1759 res = ConvertEcPubKey(impl->curveId, pubKeyBlob, &pubKey);
1760 if (res != HCF_SUCCESS) {
1761 break;
1762 }
1763 }
1764 if (priKeyValid) {
1765 res = ConvertEcPriKey(impl->curveId, priKeyBlob, &priKey);
1766 if (res != HCF_SUCCESS) {
1767 break;
1768 }
1769 }
1770 res = PackEccKeyPair(pubKey, priKey, &keyPair);
1771 } while (0);
1772 if (res != HCF_SUCCESS) {
1773 HcfObjDestroy(pubKey);
1774 pubKey = NULL;
1775 HcfObjDestroy(priKey);
1776 priKey = NULL;
1777 return res;
1778 }
1779
1780 *returnKeyPair = (HcfKeyPair *)keyPair;
1781 return HCF_SUCCESS;
1782 }
1783
ConvertEcPemPubKey(int32_t curveId,const char * pubKeyStr,HcfOpensslEccPubKey ** returnPubKey)1784 static HcfResult ConvertEcPemPubKey(int32_t curveId, const char *pubKeyStr, HcfOpensslEccPubKey **returnPubKey)
1785 {
1786 EVP_PKEY *pkey = NULL;
1787 const char *keyType = "EC";
1788 HcfResult ret = ConvertPubPemStrToKey(&pkey, keyType, EVP_PKEY_PUBLIC_KEY, pubKeyStr);
1789 if (ret != HCF_SUCCESS) {
1790 LOGE("Convert ecc pem public key failed.");
1791 return ret;
1792 }
1793
1794 EC_KEY *ecKey = OpensslEvpPkeyGet1EcKey(pkey);
1795 OpensslEvpPkeyFree(pkey);
1796 if (ecKey == NULL) {
1797 LOGE("Pkey to ec key failed.");
1798 HcfPrintOpensslError();
1799 return HCF_ERR_CRYPTO_OPERATION;
1800 }
1801
1802 HcfResult res = PackEccPubKey(curveId, ecKey, g_eccGenerateFieldType, returnPubKey);
1803 if (res != HCF_SUCCESS) {
1804 LOGE("Pack ec public key failed.");
1805 OpensslEcKeyFree(ecKey);
1806 return res;
1807 }
1808
1809 return HCF_SUCCESS;
1810 }
1811
ConvertEcPemPriKey(int32_t curveId,const char * priKeyStr,HcfOpensslEccPriKey ** returnPriKey)1812 static HcfResult ConvertEcPemPriKey(int32_t curveId, const char *priKeyStr, HcfOpensslEccPriKey **returnPriKey)
1813 {
1814 EVP_PKEY *pkey = NULL;
1815 const char *keyType = "EC";
1816 HcfResult ret = ConvertPriPemStrToKey(priKeyStr, &pkey, keyType);
1817 if (ret != HCF_SUCCESS) {
1818 LOGE("Convert ecc pem private key failed.");
1819 return ret;
1820 }
1821
1822 EC_KEY *ecKey = OpensslEvpPkeyGet1EcKey(pkey);
1823 OpensslEvpPkeyFree(pkey);
1824 if (ecKey == NULL) {
1825 LOGE("Pkey to ec key failed.");
1826 HcfPrintOpensslError();
1827 return HCF_ERR_CRYPTO_OPERATION;
1828 }
1829
1830 ret = PackEccPriKey(curveId, ecKey, g_eccGenerateFieldType, returnPriKey);
1831 if (ret != HCF_SUCCESS) {
1832 LOGE("Pack ec private key failed.");
1833 OpensslEcKeyFree(ecKey);
1834 return ret;
1835 }
1836
1837 return HCF_SUCCESS;
1838 }
1839
EngineConvertEccPemKey(HcfAsyKeyGeneratorSpi * self,HcfParamsSpec * params,const char * pubKeyStr,const char * priKeyStr,HcfKeyPair ** returnKeyPair)1840 static HcfResult EngineConvertEccPemKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec *params, const char *pubKeyStr,
1841 const char *priKeyStr, HcfKeyPair **returnKeyPair)
1842 {
1843 (void)params;
1844 if ((self == NULL) || (returnKeyPair == NULL) || ((pubKeyStr == NULL) && (priKeyStr == NULL))) {
1845 LOGE("Invalid input parameter.");
1846 return HCF_INVALID_PARAMS;
1847 }
1848 if (!HcfIsClassMatch((HcfObjectBase *)self, GetEccKeyPairGeneratorClass())) {
1849 return HCF_INVALID_PARAMS;
1850 }
1851
1852 HcfAsyKeyGeneratorSpiOpensslEccImpl *impl = (HcfAsyKeyGeneratorSpiOpensslEccImpl *)self;
1853 HcfResult res = HCF_SUCCESS;
1854 HcfOpensslEccPubKey *pubKey = NULL;
1855 HcfOpensslEccPriKey *priKey = NULL;
1856 HcfOpensslEccKeyPair *keyPair = NULL;
1857
1858 do {
1859 if (pubKeyStr != NULL && strlen(pubKeyStr) != 0) {
1860 res = ConvertEcPemPubKey(impl->curveId, pubKeyStr, &pubKey);
1861 if (res != HCF_SUCCESS) {
1862 break;
1863 }
1864 }
1865 if (priKeyStr != NULL && strlen(priKeyStr) != 0) {
1866 res = ConvertEcPemPriKey(impl->curveId, priKeyStr, &priKey);
1867 if (res != HCF_SUCCESS) {
1868 break;
1869 }
1870 }
1871 res = PackEccKeyPair(pubKey, priKey, &keyPair);
1872 } while (0);
1873 if (res != HCF_SUCCESS) {
1874 LOGE("Convert ec keyPair failed.");
1875 HcfObjDestroy(pubKey);
1876 pubKey = NULL;
1877 HcfObjDestroy(priKey);
1878 priKey = NULL;
1879 return res;
1880 }
1881
1882 *returnKeyPair = (HcfKeyPair *)keyPair;
1883 return HCF_SUCCESS;
1884 }
1885
PackAndAssignPubKey(const HcfAsyKeyGeneratorSpiOpensslEccImpl * impl,const char * fieldType,EC_KEY * ecKey,HcfPubKey ** returnObj)1886 static HcfResult PackAndAssignPubKey(const HcfAsyKeyGeneratorSpiOpensslEccImpl *impl, const char *fieldType,
1887 EC_KEY *ecKey, HcfPubKey **returnObj)
1888 {
1889 HcfOpensslEccPubKey *pubKey = NULL;
1890 HcfResult res = PackEccPubKey(impl->curveId, ecKey, fieldType, &pubKey);
1891 if (res != HCF_SUCCESS) {
1892 return res;
1893 }
1894 *returnObj = (HcfPubKey *)pubKey;
1895 return HCF_SUCCESS;
1896 }
1897
PackAndAssignPriKey(const HcfAsyKeyGeneratorSpiOpensslEccImpl * impl,const char * fieldType,EC_KEY * ecKey,HcfPriKey ** returnObj)1898 static HcfResult PackAndAssignPriKey(const HcfAsyKeyGeneratorSpiOpensslEccImpl *impl, const char *fieldType,
1899 EC_KEY *ecKey, HcfPriKey **returnObj)
1900 {
1901 HcfOpensslEccPriKey *priKey = NULL;
1902 HcfResult res = PackEccPriKey(impl->curveId, ecKey, fieldType, &priKey);
1903 if (res != HCF_SUCCESS) {
1904 return res;
1905 }
1906 *returnObj = (HcfPriKey *)priKey;
1907 return HCF_SUCCESS;
1908 }
1909
CreateAndAssignKeyPair(const HcfAsyKeyGeneratorSpiOpensslEccImpl * impl,const char * fieldType,EC_KEY * ecKey,HcfKeyPair ** returnObj)1910 static HcfResult CreateAndAssignKeyPair(const HcfAsyKeyGeneratorSpiOpensslEccImpl *impl, const char *fieldType,
1911 EC_KEY *ecKey, HcfKeyPair **returnObj)
1912 {
1913 EC_KEY *ecPriKey = EC_KEY_dup(ecKey);
1914 if (ecPriKey == NULL) {
1915 LOGD("[error] copy ecKey fail.");
1916 return HCF_ERR_CRYPTO_OPERATION;
1917 }
1918 HcfOpensslEccPriKey *priKey = NULL;
1919 HcfResult res = PackEccPriKey(impl->curveId, ecPriKey, fieldType, &priKey);
1920 if (res != HCF_SUCCESS) {
1921 OpensslEcKeyFree(ecPriKey);
1922 return res;
1923 }
1924 HcfOpensslEccPubKey *pubKey = NULL;
1925 EC_KEY *ecPubKey = EC_KEY_dup(ecKey);
1926 if (ecPubKey == NULL) {
1927 LOGD("[error] copy ecKey fail.");
1928 HcfObjDestroy(priKey);
1929 priKey = NULL;
1930 return HCF_ERR_CRYPTO_OPERATION;
1931 }
1932 res = PackEccPubKey(impl->curveId, ecPubKey, fieldType, &pubKey);
1933 if (res != HCF_SUCCESS) {
1934 HcfObjDestroy(priKey);
1935 priKey = NULL;
1936 OpensslEcKeyFree(ecPubKey);
1937 return res;
1938 }
1939
1940 HcfOpensslEccKeyPair *returnKeyPair = (HcfOpensslEccKeyPair *)HcfMalloc(sizeof(HcfOpensslEccKeyPair), 0);
1941 if (returnKeyPair == NULL) {
1942 LOGE("Failed to allocate returnKeyPair memory!");
1943 HcfObjDestroy(pubKey);
1944 pubKey = NULL;
1945 HcfObjDestroy(priKey);
1946 priKey = NULL;
1947 return HCF_ERR_MALLOC;
1948 }
1949 returnKeyPair->base.base.getClass = GetEccKeyPairClass;
1950 returnKeyPair->base.base.destroy = DestroyEccKeyPair;
1951 returnKeyPair->base.pubKey = (HcfPubKey *)pubKey;
1952 returnKeyPair->base.priKey = (HcfPriKey *)priKey;
1953
1954 *returnObj = (HcfKeyPair *)returnKeyPair;
1955 return HCF_SUCCESS;
1956 }
1957
EngineGenerateKeyPair(HcfAsyKeyGeneratorSpi * self,HcfKeyPair ** returnObj)1958 static HcfResult EngineGenerateKeyPair(HcfAsyKeyGeneratorSpi *self, HcfKeyPair **returnObj)
1959 {
1960 if ((self == NULL) || (returnObj == NULL)) {
1961 LOGE("Invalid input parameter.");
1962 return HCF_INVALID_PARAMS;
1963 }
1964 if (!HcfIsClassMatch((HcfObjectBase *)self, GetEccKeyPairGeneratorClass())) {
1965 return HCF_INVALID_PARAMS;
1966 }
1967
1968 HcfAsyKeyGeneratorSpiOpensslEccImpl *impl = (HcfAsyKeyGeneratorSpiOpensslEccImpl *)self;
1969 EC_KEY *ecKey = NULL;
1970 HcfResult res = NewEcKeyPair(impl->curveId, &ecKey);
1971 if (res != HCF_SUCCESS) {
1972 return res;
1973 }
1974 res = CreateAndAssignKeyPair(impl, g_eccGenerateFieldType, ecKey, returnObj);
1975 OpensslEcKeyFree(ecKey);
1976 if (res != HCF_SUCCESS) {
1977 LOGE("CreateAndAssignKeyPair failed.");
1978 return res;
1979 }
1980 return HCF_SUCCESS;
1981 }
1982
EngineGenerateKeyPairBySpec(const HcfAsyKeyGeneratorSpi * self,const HcfAsyKeyParamsSpec * params,HcfKeyPair ** returnKeyPair)1983 static HcfResult EngineGenerateKeyPairBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *params,
1984 HcfKeyPair **returnKeyPair)
1985 {
1986 if ((self == NULL) || (returnKeyPair == NULL) || (params == NULL) ||
1987 (((HcfEccCommParamsSpec *)params)->field == NULL)) {
1988 LOGE("Invalid input parameter.");
1989 return HCF_INVALID_PARAMS;
1990 }
1991 if (!HcfIsClassMatch((HcfObjectBase *)self, GetEccKeyPairGeneratorClass())) {
1992 return HCF_INVALID_PARAMS;
1993 }
1994
1995 HcfAsyKeyGeneratorSpiOpensslEccImpl *impl = (HcfAsyKeyGeneratorSpiOpensslEccImpl *)self;
1996 EC_KEY *ecKey = NULL;
1997 HcfResult res = GenKeyPairEcKeyBySpec(params, &ecKey);
1998 if (res != HCF_SUCCESS) {
1999 LOGE("Gen ec key pair with spec failed.");
2000 return res;
2001 }
2002
2003 // curveId == 0 means no curve to match.
2004 int32_t curveId = (int32_t)OpensslEcGroupGetCurveName(OpensslEcKeyGet0Group(ecKey));
2005 if (curveId != 0) {
2006 impl->curveId = curveId;
2007 }
2008 // deep copy of ecKey, free ecKey whether it succeed or failed.
2009 res = CreateAndAssignKeyPair(impl, ((HcfEccCommParamsSpec *)params)->field->fieldType, ecKey, returnKeyPair);
2010 OpensslEcKeyFree(ecKey);
2011 if (res != HCF_SUCCESS) {
2012 LOGE("CreateAndAssignKeyPair failed.");
2013 return res;
2014 }
2015
2016 return HCF_SUCCESS;
2017 }
2018
EngineGeneratePubKeyBySpec(const HcfAsyKeyGeneratorSpi * self,const HcfAsyKeyParamsSpec * params,HcfPubKey ** returnPubKey)2019 static HcfResult EngineGeneratePubKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *params,
2020 HcfPubKey **returnPubKey)
2021 {
2022 if ((self == NULL) || (returnPubKey == NULL) || (params == NULL) ||
2023 (((HcfEccCommParamsSpec *)params)->field == NULL)) {
2024 LOGE("Invalid input parameter.");
2025 return HCF_INVALID_PARAMS;
2026 }
2027 if (!HcfIsClassMatch((HcfObjectBase *)self, GetEccKeyPairGeneratorClass())) {
2028 return HCF_INVALID_PARAMS;
2029 }
2030
2031 HcfAsyKeyGeneratorSpiOpensslEccImpl *impl = (HcfAsyKeyGeneratorSpiOpensslEccImpl *)self;
2032 EC_KEY *ecKey = NULL;
2033 HcfResult res = GenPubKeyEcKeyBySpec(params, &ecKey);
2034 if (res != HCF_SUCCESS) {
2035 LOGE("Gen ec pubKey with spec failed.");
2036 return res;
2037 }
2038 int32_t curveId = (int32_t)OpensslEcGroupGetCurveName(OpensslEcKeyGet0Group(ecKey));
2039 if (curveId != 0) {
2040 impl->curveId = curveId;
2041 }
2042 res = PackAndAssignPubKey(impl, ((HcfEccCommParamsSpec *)params)->field->fieldType, ecKey, returnPubKey);
2043 if (res != HCF_SUCCESS) {
2044 LOGE("PackAndAssignPubKey failed.");
2045 OpensslEcKeyFree(ecKey);
2046 return res;
2047 }
2048
2049 return HCF_SUCCESS;
2050 }
2051
EngineGeneratePriKeyBySpec(const HcfAsyKeyGeneratorSpi * self,const HcfAsyKeyParamsSpec * params,HcfPriKey ** returnPriKey)2052 static HcfResult EngineGeneratePriKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *params,
2053 HcfPriKey **returnPriKey)
2054 {
2055 if ((self == NULL) || (returnPriKey == NULL) || (params == NULL) ||
2056 (((HcfEccCommParamsSpec *)params)->field == NULL)) {
2057 LOGE("Invalid input parameter.");
2058 return HCF_INVALID_PARAMS;
2059 }
2060 if (!HcfIsClassMatch((HcfObjectBase *)self, GetEccKeyPairGeneratorClass())) {
2061 return HCF_INVALID_PARAMS;
2062 }
2063
2064 HcfAsyKeyGeneratorSpiOpensslEccImpl *impl = (HcfAsyKeyGeneratorSpiOpensslEccImpl *)self;
2065 EC_KEY *ecKey = NULL;
2066 HcfResult res = GenPriKeyEcKeyBySpec(params, &ecKey);
2067 if (res != HCF_SUCCESS) {
2068 LOGE("Gen ec pubKey with spec failed.");
2069 return res;
2070 }
2071
2072 int32_t curveId = (int32_t)OpensslEcGroupGetCurveName(OpensslEcKeyGet0Group(ecKey));
2073 if (curveId != 0) {
2074 impl->curveId = curveId;
2075 }
2076
2077 res = PackAndAssignPriKey(impl, ((HcfEccCommParamsSpec *)params)->field->fieldType, ecKey, returnPriKey);
2078 if (res != HCF_SUCCESS) {
2079 LOGE("PackAndAssignPriKey failed.");
2080 OpensslEcKeyFree(ecKey);
2081 return res;
2082 }
2083
2084 return HCF_SUCCESS;
2085 }
2086
HcfAsyKeyGeneratorSpiEccCreate(HcfAsyKeyGenParams * params,HcfAsyKeyGeneratorSpi ** returnObj)2087 HcfResult HcfAsyKeyGeneratorSpiEccCreate(HcfAsyKeyGenParams *params, HcfAsyKeyGeneratorSpi **returnObj)
2088 {
2089 if (params == NULL || returnObj == NULL) {
2090 LOGE("Invalid input parameter.");
2091 return HCF_INVALID_PARAMS;
2092 }
2093 int32_t curveId = 0;
2094 if (params->bits != 0) {
2095 if (GetOpensslCurveId(params->bits, &curveId) != HCF_SUCCESS) {
2096 return HCF_INVALID_PARAMS;
2097 }
2098 }
2099
2100 HcfAsyKeyGeneratorSpiOpensslEccImpl *returnImpl = (HcfAsyKeyGeneratorSpiOpensslEccImpl *)HcfMalloc(
2101 sizeof(HcfAsyKeyGeneratorSpiOpensslEccImpl), 0);
2102 if (returnImpl == NULL) {
2103 LOGE("Failed to allocate returnImpl memroy!");
2104 return HCF_ERR_MALLOC;
2105 }
2106 returnImpl->base.base.getClass = GetEccKeyPairGeneratorClass;
2107 returnImpl->base.base.destroy = DestroyEccKeyPairGenerator;
2108 returnImpl->base.engineConvertKey = EngineConvertEccKey;
2109 returnImpl->base.engineConvertPemKey = EngineConvertEccPemKey;
2110 returnImpl->base.engineGenerateKeyPair = EngineGenerateKeyPair;
2111 returnImpl->base.engineGenerateKeyPairBySpec = EngineGenerateKeyPairBySpec;
2112 returnImpl->base.engineGeneratePubKeyBySpec = EngineGeneratePubKeyBySpec;
2113 returnImpl->base.engineGeneratePriKeyBySpec = EngineGeneratePriKeyBySpec;
2114 returnImpl->curveId = curveId;
2115
2116 *returnObj = (HcfAsyKeyGeneratorSpi *)returnImpl;
2117 return HCF_SUCCESS;
2118 }
2119