1 /*
2 * Copyright (C) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "sm2_asy_key_generator_openssl.h"
17 #include "securec.h"
18 #include "ecc_openssl_common.h"
19 #include "ecc_openssl_common_param_spec.h"
20 #include "log.h"
21 #include "memory.h"
22 #include "openssl_adapter.h"
23 #include "utils.h"
24
25 #define OPENSSL_SM2_256_BITS 256
26 #define OPENSSL_SM2_KEY_GENERATOR_CLASS "OPENSSL.SM2.KEY_GENERATOR_CLASS"
27 #define OPENSSL_SM2_ALGORITHM "SM2"
28 #define OPENSSL_SM2_PUB_KEY_FORMAT "X.509"
29 #define OPENSSL_SM2_PRI_KEY_FORMAT "PKCS#8"
30
31 #define SM2_OCTET_STRING_LEN 65 // strlen(0x04) + strlen(X) + strlen(Y): 1 + 32 + 32
32
33 static const char *const g_sm2GenerateFieldType = "Fp";
34
35 typedef struct {
36 HcfAsyKeyGeneratorSpi base;
37
38 int32_t curveId;
39 } HcfAsyKeyGeneratorSpiOpensslSm2Impl;
40
CheckSm256CurveId(BIGNUM * p,BIGNUM * b,BIGNUM * x,BIGNUM * y)41 static HcfResult CheckSm256CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y)
42 {
43 BIGNUM *pStd = NULL;
44 BIGNUM *bStd = NULL;
45 BIGNUM *xStd = NULL;
46 BIGNUM *yStd = NULL;
47 pStd = OpensslBin2Bn(g_sm256CorrectBigP, NID_X9_62_prime256v1_len, NULL);
48 bStd = OpensslBin2Bn(g_sm256CorrectBigB, NID_X9_62_prime256v1_len, NULL);
49 xStd = OpensslBin2Bn(g_sm256CorrectBigGX, NID_X9_62_prime256v1_len, NULL);
50 yStd = OpensslBin2Bn(g_sm256CorrectBigGY, NID_X9_62_prime256v1_len, NULL);
51 if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) {
52 LOGD("[error] EC 256 Curve convert to BN fail");
53 FreeCurveBigNum(pStd, bStd, xStd, yStd);
54 return HCF_ERR_CRYPTO_OPERATION;
55 }
56 if (OpensslBnCmp(p, pStd) == 0 && OpensslBnCmp(b, bStd) == 0 &&
57 OpensslBnCmp(x, xStd) == 0 && OpensslBnCmp(y, yStd) == 0) {
58 FreeCurveBigNum(pStd, bStd, xStd, yStd);
59 return HCF_SUCCESS;
60 }
61 LOGD("[error] EC 256 compare fail");
62 FreeCurveBigNum(pStd, bStd, xStd, yStd);
63 return HCF_INVALID_PARAMS;
64 }
65
CheckParamsSpecToGetCurveId(const HcfEccCommParamsSpec * ecParams,int32_t * curveId)66 static HcfResult CheckParamsSpecToGetCurveId(const HcfEccCommParamsSpec *ecParams, int32_t *curveId)
67 {
68 BIGNUM *p = NULL;
69 BIGNUM *b = NULL;
70 BIGNUM *x = NULL;
71 BIGNUM *y = NULL;
72 HcfECFieldFp *field = (HcfECFieldFp *)(ecParams->field);
73 if (BigIntegerToBigNum(&(field->p), &p) != HCF_SUCCESS ||
74 BigIntegerToBigNum(&(ecParams->b), &b) != HCF_SUCCESS ||
75 BigIntegerToBigNum(&(ecParams->g.x), &x) != HCF_SUCCESS ||
76 BigIntegerToBigNum(&(ecParams->g.y), &y) != HCF_SUCCESS) {
77 LOGD("[error] BigIntegerToBigNum failed.");
78 FreeCurveBigNum(p, b, x, y);
79 return HCF_ERR_CRYPTO_OPERATION;
80 }
81
82 int32_t bitLenP = (int32_t)OpensslBnNumBits(p);
83 HcfResult ret = HCF_INVALID_PARAMS;
84 if (bitLenP != OPENSSL_SM2_256_BITS) {
85 LOGE("Find no bit len");
86 FreeCurveBigNum(p, b, x, y);
87 return ret;
88 }
89 ret = CheckSm256CurveId(p, b, x, y);
90 if (ret == HCF_SUCCESS) {
91 *curveId = NID_sm2;
92 }
93 FreeCurveBigNum(p, b, x, y);
94 return ret;
95 }
96
GenerateSm2KeyWithParamsSpec(const HcfEccCommParamsSpec * ecParams,EC_KEY ** returnKey)97 static HcfResult GenerateSm2KeyWithParamsSpec(const HcfEccCommParamsSpec *ecParams, EC_KEY **returnKey)
98 {
99 if (ecParams == NULL || returnKey == NULL) {
100 LOGE("Invalid input parameters.");
101 return HCF_INVALID_PARAMS;
102 }
103 EC_KEY *ecKey = NULL;
104 int32_t curveId = 0;
105 HcfResult ret = CheckParamsSpecToGetCurveId(ecParams, &curveId);
106 if (ret == HCF_SUCCESS && curveId != 0) {
107 ecKey = OpensslEcKeyNewByCurveName(curveId);
108 LOGD("Generate EC_KEY by curve name");
109 if (ecKey == NULL) {
110 LOGD("[error] New ec key failed.");
111 return HCF_ERR_CRYPTO_OPERATION;
112 }
113 } else {
114 EC_GROUP *group = NULL;
115 ret = GenerateEcGroupWithParamsSpec(ecParams, &group);
116 if (ret != HCF_SUCCESS) {
117 LOGE("GenerateEcGroupWithParamsSpec failed.");
118 return ret;
119 }
120 ecKey = OpensslEcKeyNew();
121 if (ecKey == NULL) {
122 LOGD("[error] OpensslEcKeyNew failed.");
123 OpensslEcGroupFree(group);
124 return HCF_ERR_CRYPTO_OPERATION;
125 }
126 if (OpensslEcKeySetGroup(ecKey, group) != HCF_OPENSSL_SUCCESS) {
127 LOGD("[error] OpensslEcKeySetGroup failed.");
128 OpensslEcGroupFree(group);
129 OpensslEcKeyFree(ecKey);
130 return HCF_ERR_CRYPTO_OPERATION;
131 }
132 OpensslEcGroupFree(group);
133 LOGD("Generate EC_KEY by group spec parmas");
134 }
135 // all exceptions have been returned above.
136 *returnKey = ecKey;
137 return HCF_SUCCESS;
138 }
139
NewSm2KeyPairWithCommSpec(const HcfEccCommParamsSpec * ecParams,EC_KEY ** returnEckey)140 static HcfResult NewSm2KeyPairWithCommSpec(const HcfEccCommParamsSpec *ecParams, EC_KEY **returnEckey)
141 {
142 if (ecParams == NULL || returnEckey == NULL) {
143 LOGE("Invalid input parameters.");
144 return HCF_INVALID_PARAMS;
145 }
146 EC_KEY *ecKey = NULL;
147 HcfResult ret = GenerateSm2KeyWithParamsSpec(ecParams, &ecKey);
148 if (ret != HCF_SUCCESS) {
149 LOGE("Generate EC key failed");
150 return ret;
151 }
152 if (OpensslEcKeyGenerateKey(ecKey) != HCF_OPENSSL_SUCCESS) {
153 LOGD("[error] OpensslEcKeyGenerateKey failed.");
154 OpensslEcKeyFree(ecKey);
155 return HCF_ERR_CRYPTO_OPERATION;
156 }
157
158 if (OpensslEcKeyCheckKey(ecKey) <= 0) {
159 LOGD("[error] Check ecKey fail.");
160 OpensslEcKeyFree(ecKey);
161 return HCF_ERR_CRYPTO_OPERATION;
162 }
163 *returnEckey = ecKey;
164 return ret;
165 }
166
NewSm2PubKeyWithPubSpec(const HcfEccPubKeyParamsSpec * ecParams,EC_KEY ** returnEcKey)167 static HcfResult NewSm2PubKeyWithPubSpec(const HcfEccPubKeyParamsSpec *ecParams, EC_KEY **returnEcKey)
168 {
169 if (ecParams == NULL || returnEcKey == NULL) {
170 LOGE("Invalid input parameters.");
171 return HCF_INVALID_PARAMS;
172 }
173 EC_KEY *ecKey = NULL;
174 HcfResult ret = GenerateSm2KeyWithParamsSpec((HcfEccCommParamsSpec *)ecParams, &ecKey);
175 if (ret != HCF_SUCCESS) {
176 LOGE("Generate EC key failed");
177 return ret;
178 }
179 ret = SetEcKey(&(ecParams->pk), NULL, ecKey);
180 if (ret != HCF_SUCCESS) {
181 LOGD("[error] Set public ecKey failed.");
182 OpensslEcKeyFree(ecKey);
183 return HCF_ERR_CRYPTO_OPERATION;
184 }
185
186 if (OpensslEcKeyCheckKey(ecKey) <= 0) {
187 LOGD("[error] Check ecKey fail.");
188 OpensslEcKeyFree(ecKey);
189 return HCF_ERR_CRYPTO_OPERATION;
190 }
191 *returnEcKey = ecKey;
192 return ret;
193 }
194
NewSm2PriKeyWithPriSpec(const HcfEccPriKeyParamsSpec * ecParams,EC_KEY ** returnEcKey)195 static HcfResult NewSm2PriKeyWithPriSpec(const HcfEccPriKeyParamsSpec *ecParams, EC_KEY **returnEcKey)
196 {
197 if (ecParams == NULL || returnEcKey == NULL) {
198 LOGE("Invalid input parameters.");
199 return HCF_INVALID_PARAMS;
200 }
201 EC_KEY *ecKey = NULL;
202 HcfResult ret = GenerateSm2KeyWithParamsSpec((HcfEccCommParamsSpec *)ecParams, &ecKey);
203 if (ret != HCF_SUCCESS) {
204 LOGE("Generate EC key failed");
205 return ret;
206 }
207 ret = SetEcKey(NULL, &(ecParams->sk), ecKey);
208 if (ret != HCF_SUCCESS) {
209 LOGD("[error] Set private ecKey failed.");
210 OpensslEcKeyFree(ecKey);
211 return HCF_ERR_CRYPTO_OPERATION;
212 }
213
214 if (OpensslEcKeyCheckKey(ecKey) <= 0) {
215 LOGD("[error] Check ecKey failed.");
216 OpensslEcKeyFree(ecKey);
217 return HCF_ERR_CRYPTO_OPERATION;
218 }
219 *returnEcKey = ecKey;
220 return ret;
221 }
222
NewSm2KeyWithKeyPairSpec(const HcfEccKeyPairParamsSpec * ecParams,EC_KEY ** returnEcKey,bool needPrivate)223 static HcfResult NewSm2KeyWithKeyPairSpec(const HcfEccKeyPairParamsSpec *ecParams, EC_KEY **returnEcKey,
224 bool needPrivate)
225 {
226 if (ecParams == NULL || returnEcKey == NULL) {
227 LOGE("Invalid input parameters.");
228 return HCF_INVALID_PARAMS;
229 }
230 EC_KEY *ecKey = NULL;
231 HcfResult ret = GenerateSm2KeyWithParamsSpec((HcfEccCommParamsSpec *)ecParams, &ecKey);
232 if (ret != HCF_SUCCESS) {
233 LOGD("[error] Generate EC key failed");
234 return ret;
235 }
236 if (needPrivate) {
237 ret = SetEcKey(&(ecParams->pk), &(ecParams->sk), ecKey);
238 } else {
239 ret = SetEcKey(&(ecParams->pk), NULL, ecKey);
240 }
241 if (ret != HCF_SUCCESS) {
242 LOGD("[error] SetEcKey failed.");
243 OpensslEcKeyFree(ecKey);
244 return HCF_ERR_CRYPTO_OPERATION;
245 }
246
247 if (OpensslEcKeyCheckKey(ecKey) <= 0) {
248 LOGE("Check ecKey failed.");
249 OpensslEcKeyFree(ecKey);
250 return HCF_ERR_CRYPTO_OPERATION;
251 }
252 *returnEcKey = ecKey;
253 return ret;
254 }
255
GenKeyPairSm2KeyBySpec(const HcfAsyKeyParamsSpec * params,EC_KEY ** ecKey)256 static HcfResult GenKeyPairSm2KeyBySpec(const HcfAsyKeyParamsSpec *params, EC_KEY **ecKey)
257 {
258 HcfResult ret = HCF_INVALID_PARAMS;
259 switch (params->specType) {
260 case HCF_COMMON_PARAMS_SPEC:
261 ret = NewSm2KeyPairWithCommSpec((HcfEccCommParamsSpec *)params, ecKey);
262 break;
263 case HCF_KEY_PAIR_SPEC:
264 ret = NewSm2KeyWithKeyPairSpec((HcfEccKeyPairParamsSpec *)params, ecKey, true);
265 break;
266 default:
267 LOGE("Invaild input spec to gen key pair.");
268 break;
269 }
270 return ret;
271 }
272
GenPubKeySm2KeyBySpec(const HcfAsyKeyParamsSpec * params,EC_KEY ** ecKey)273 static HcfResult GenPubKeySm2KeyBySpec(const HcfAsyKeyParamsSpec *params, EC_KEY **ecKey)
274 {
275 HcfResult ret = HCF_INVALID_PARAMS;
276 switch (params->specType) {
277 case HCF_PUBLIC_KEY_SPEC:
278 ret = NewSm2PubKeyWithPubSpec((HcfEccPubKeyParamsSpec *)params, ecKey);
279 break;
280 case HCF_KEY_PAIR_SPEC:
281 ret = NewSm2KeyWithKeyPairSpec((HcfEccKeyPairParamsSpec *)params, ecKey, false);
282 break;
283 default:
284 LOGE("Invaild input spec to gen pub key");
285 break;
286 }
287 return ret;
288 }
289
GenPriKeySm2KeyBySpec(const HcfAsyKeyParamsSpec * params,EC_KEY ** ecKey)290 static HcfResult GenPriKeySm2KeyBySpec(const HcfAsyKeyParamsSpec *params, EC_KEY **ecKey)
291 {
292 HcfResult ret = HCF_INVALID_PARAMS;
293 switch (params->specType) {
294 case HCF_PRIVATE_KEY_SPEC:
295 ret = NewSm2PriKeyWithPriSpec((HcfEccPriKeyParamsSpec *)params, ecKey);
296 break;
297 case HCF_KEY_PAIR_SPEC:
298 ret = NewSm2KeyWithKeyPairSpec((HcfEccKeyPairParamsSpec *)params, ecKey, true);
299 break;
300 default:
301 LOGE("Invaild input spec to gen pri key");
302 break;
303 }
304 return ret;
305 }
306
GetSm2KeyPairGeneratorClass(void)307 static const char *GetSm2KeyPairGeneratorClass(void)
308 {
309 return OPENSSL_SM2_KEY_GENERATOR_CLASS;
310 }
311
GetSm2KeyPairClass(void)312 static const char *GetSm2KeyPairClass(void)
313 {
314 return HCF_OPENSSL_SM2_KEY_PAIR_CLASS;
315 }
316
GetSm2PubKeyClass(void)317 static const char *GetSm2PubKeyClass(void)
318 {
319 return HCF_OPENSSL_SM2_PUB_KEY_CLASS;
320 }
321
GetSm2PriKeyClass(void)322 static const char *GetSm2PriKeyClass(void)
323 {
324 return HCF_OPENSSL_SM2_PRI_KEY_CLASS;
325 }
326
DestroySm2KeyPairGenerator(HcfObjectBase * self)327 static void DestroySm2KeyPairGenerator(HcfObjectBase *self)
328 {
329 if (self == NULL) {
330 LOGE("Class is null.");
331 return;
332 }
333 if (!HcfIsClassMatch(self, GetSm2KeyPairGeneratorClass())) {
334 LOGE("Class not match.");
335 return;
336 }
337 HcfFree(self);
338 }
339
DestroySm2PubKey(HcfObjectBase * self)340 static void DestroySm2PubKey(HcfObjectBase *self)
341 {
342 if (self == NULL) {
343 LOGE("Class is null.");
344 return;
345 }
346 if (!HcfIsClassMatch(self, GetSm2PubKeyClass())) {
347 LOGE("Class not match.");
348 return;
349 }
350 HcfOpensslSm2PubKey *impl = (HcfOpensslSm2PubKey *)self;
351 OpensslEcKeyFree(impl->ecKey);
352 impl->ecKey = NULL;
353 HcfFree(impl->fieldType);
354 impl->fieldType = NULL;
355 HcfFree(impl);
356 }
357
DestroySm2PriKey(HcfObjectBase * self)358 static void DestroySm2PriKey(HcfObjectBase *self)
359 {
360 if (self == NULL) {
361 LOGE("Class is null.");
362 return;
363 }
364 if (!HcfIsClassMatch(self, GetSm2PriKeyClass())) {
365 LOGE("Class not match.");
366 return;
367 }
368 HcfOpensslSm2PriKey *impl = (HcfOpensslSm2PriKey *)self;
369 OpensslEcKeyFree(impl->ecKey);
370 impl->ecKey = NULL;
371 HcfFree(impl->fieldType);
372 impl->fieldType = NULL;
373 HcfFree(impl);
374 }
375
DestroySm2KeyPair(HcfObjectBase * self)376 static void DestroySm2KeyPair(HcfObjectBase *self)
377 {
378 if (self == NULL) {
379 LOGE("Class is null.");
380 return;
381 }
382 if (!HcfIsClassMatch(self, GetSm2KeyPairClass())) {
383 LOGE("Class not match.");
384 return;
385 }
386 HcfOpensslSm2KeyPair *impl = (HcfOpensslSm2KeyPair *)self;
387 if (impl->base.pubKey != NULL) {
388 DestroySm2PubKey((HcfObjectBase *)impl->base.pubKey);
389 impl->base.pubKey = NULL;
390 }
391 if (impl->base.priKey != NULL) {
392 DestroySm2PriKey((HcfObjectBase *)impl->base.priKey);
393 impl->base.priKey = NULL;
394 }
395 HcfFree(impl);
396 }
397
GetSm2PubKeyAlgorithm(HcfKey * self)398 static const char *GetSm2PubKeyAlgorithm(HcfKey *self)
399 {
400 if (self == NULL) {
401 LOGE("Invalid input parameter.");
402 return NULL;
403 }
404 if (!HcfIsClassMatch((HcfObjectBase *)self, HCF_OPENSSL_SM2_PUB_KEY_CLASS)) {
405 LOGE("Invalid SM2 public key class for algorithm");
406 return NULL;
407 }
408 return OPENSSL_SM2_ALGORITHM;
409 }
410
GetSm2PriKeyAlgorithm(HcfKey * self)411 static const char *GetSm2PriKeyAlgorithm(HcfKey *self)
412 {
413 if (self == NULL) {
414 LOGE("Invalid input parameter.");
415 return NULL;
416 }
417 if (!HcfIsClassMatch((HcfObjectBase *)self, HCF_OPENSSL_SM2_PRI_KEY_CLASS)) {
418 LOGE("Invalid SM2 private key class for algorithm");
419 return NULL;
420 }
421 return OPENSSL_SM2_ALGORITHM;
422 }
423
GetSm2PubKeyFormat(HcfKey * self)424 static const char *GetSm2PubKeyFormat(HcfKey *self)
425 {
426 if (self == NULL) {
427 LOGE("Invalid input parameter.");
428 return NULL;
429 }
430 if (!HcfIsClassMatch((HcfObjectBase *)self, HCF_OPENSSL_SM2_PUB_KEY_CLASS)) {
431 LOGE("Invalid SM2 public key class for format");
432 return NULL;
433 }
434 return OPENSSL_SM2_PUB_KEY_FORMAT;
435 }
436
GetSm2PriKeyFormat(HcfKey * self)437 static const char *GetSm2PriKeyFormat(HcfKey *self)
438 {
439 if (self == NULL) {
440 LOGE("Invalid input parameter.");
441 return NULL;
442 }
443 if (!HcfIsClassMatch((HcfObjectBase *)self, HCF_OPENSSL_SM2_PRI_KEY_CLASS)) {
444 LOGE("Invalid SM2 private key class for format");
445 return NULL;
446 }
447 return OPENSSL_SM2_PRI_KEY_FORMAT;
448 }
449
GetSm2PubKeyEncoded(HcfKey * self,HcfBlob * returnBlob)450 static HcfResult GetSm2PubKeyEncoded(HcfKey *self, HcfBlob *returnBlob)
451 {
452 if ((self == NULL) || (returnBlob == NULL)) {
453 LOGE("Invalid input parameter.");
454 return HCF_INVALID_PARAMS;
455 }
456 if (!HcfIsClassMatch((HcfObjectBase *)self, HCF_OPENSSL_SM2_PUB_KEY_CLASS)) {
457 LOGE("Invalid SM2 public key class for encode");
458 return HCF_INVALID_PARAMS;
459 }
460
461 HcfOpensslSm2PubKey *impl = (HcfOpensslSm2PubKey *)self;
462 if (impl->curveId != 0) {
463 LOGD("Have a curveId");
464 OpensslEcKeySetAsn1Flag(impl->ecKey, OPENSSL_EC_NAMED_CURVE);
465 } else {
466 OpensslEcKeySetAsn1Flag(impl->ecKey, OPENSSL_EC_EXPLICIT_CURVE);
467 }
468
469 unsigned char *returnData = NULL;
470 int returnDataLen = OpensslI2dEcPubKey(impl->ecKey, &returnData);
471 if (returnDataLen <= 0) {
472 LOGD("[error] Call i2d_EC_PUBKEY fail");
473 HcfPrintOpensslError();
474 return HCF_ERR_CRYPTO_OPERATION;
475 }
476 returnBlob->data = returnData;
477 returnBlob->len = returnDataLen;
478 return HCF_SUCCESS;
479 }
480
GetSm2PubKeyEncodedPem(HcfKey * self,const char * format,char ** returnString)481 static HcfResult GetSm2PubKeyEncodedPem(HcfKey *self, const char *format, char **returnString)
482 {
483 (void)self;
484 (void)format;
485 (void)returnString;
486 return HCF_INVALID_PARAMS;
487 }
488
GetSm2PriKeyEncoded(HcfKey * self,HcfBlob * returnBlob)489 static HcfResult GetSm2PriKeyEncoded(HcfKey *self, HcfBlob *returnBlob)
490 {
491 if ((self == NULL) || (returnBlob == NULL)) {
492 LOGE("Invalid input parameter.");
493 return HCF_INVALID_PARAMS;
494 }
495 if (!HcfIsClassMatch((HcfObjectBase *)self, HCF_OPENSSL_SM2_PRI_KEY_CLASS)) {
496 LOGE("Invalid SM2 private key class for encode");
497 return HCF_INVALID_PARAMS;
498 }
499
500 HcfOpensslSm2PriKey *impl = (HcfOpensslSm2PriKey *)self;
501 if (impl->curveId != 0) {
502 LOGD("Have a curveId");
503 OpensslEcKeySetAsn1Flag(impl->ecKey, OPENSSL_EC_NAMED_CURVE);
504 } else {
505 OpensslEcKeySetAsn1Flag(impl->ecKey, OPENSSL_EC_EXPLICIT_CURVE);
506 }
507 // keep consistence of 3.2
508 OpensslEcKeySetEncFlags(impl->ecKey, EC_PKEY_NO_PUBKEY);
509 // if the convert key has no pubKey, it will generate pub key automatically,
510 // and set the no pubKey flag to ensure the consistency of blob.
511 unsigned char *returnData = NULL;
512 int returnDataLen = OpensslI2dEcPrivateKey(impl->ecKey, &returnData);
513 if (returnDataLen <= 0) {
514 LOGD("[error] Call i2d_ECPrivateKey fail.");
515 HcfPrintOpensslError();
516 return HCF_ERR_CRYPTO_OPERATION;
517 }
518 returnBlob->data = returnData;
519 returnBlob->len = returnDataLen;
520 return HCF_SUCCESS;
521 }
522
GetSm2PriKeyEncodedPem(const HcfPriKey * self,HcfParamsSpec * paramsSpec,const char * format,char ** returnString)523 static HcfResult GetSm2PriKeyEncodedPem(const HcfPriKey *self, HcfParamsSpec *paramsSpec, const char *format,
524 char **returnString)
525 {
526 (void)self;
527 (void)paramsSpec;
528 (void)format;
529 (void)returnString;
530 return HCF_INVALID_PARAMS;
531 }
532
Sm2PriKeyClearMem(HcfPriKey * self)533 static void Sm2PriKeyClearMem(HcfPriKey *self)
534 {
535 if (self == NULL) {
536 LOGE("Class is null.");
537 return;
538 }
539 if (!HcfIsClassMatch((HcfObjectBase *)self, GetSm2PriKeyClass())) {
540 LOGE("Class not match.");
541 return;
542 }
543 HcfOpensslSm2PriKey *impl = (HcfOpensslSm2PriKey *)self;
544 OpensslEcKeyFree(impl->ecKey);
545 impl->ecKey = NULL;
546 }
547
GetCurveName(const HcfKey * self,bool isPriavte,char ** returnString)548 static HcfResult GetCurveName(const HcfKey *self, bool isPriavte, char **returnString)
549 {
550 int32_t curveId = 0;
551 if (isPriavte) {
552 curveId = ((HcfOpensslSm2PriKey *)self)->curveId;
553 } else {
554 curveId = ((HcfOpensslSm2PubKey *)self)->curveId;
555 }
556
557 if (curveId != NID_sm2) {
558 LOGD("[error] Invalid curve name.");
559 return HCF_ERR_CRYPTO_OPERATION;
560 }
561
562 char *curveIdStr = "NID_sm2";
563 size_t len = HcfStrlen(curveIdStr);
564 if (len == 0) {
565 LOGE("CurveIdStr is empty!");
566 return HCF_INVALID_PARAMS;
567 }
568 *returnString = (char *)HcfMalloc(len + 1, 0);
569 if (*returnString == NULL) {
570 LOGE("Allocate returnString memory failed.");
571 return HCF_ERR_MALLOC;
572 }
573 (void)memcpy_s(*returnString, len, curveIdStr, len);
574 return HCF_SUCCESS;
575 }
576
CheckSm2KeySelf(const HcfKey * self,bool * isPrivate)577 static HcfResult CheckSm2KeySelf(const HcfKey *self, bool *isPrivate)
578 {
579 if (HcfIsClassMatch((HcfObjectBase *)self, GetSm2PubKeyClass())) {
580 *isPrivate = false;
581 return HCF_SUCCESS;
582 } else if (HcfIsClassMatch((HcfObjectBase *)self, GetSm2PriKeyClass())) {
583 if (((HcfOpensslSm2PriKey *)self)->ecKey == NULL) {
584 LOGE("Cannot use priKey after free");
585 return HCF_INVALID_PARAMS;
586 }
587 *isPrivate = true;
588 return HCF_SUCCESS;
589 } else {
590 return HCF_INVALID_PARAMS;
591 }
592 }
593
GetSm2KeySpecBigInteger(const HcfKey * self,const AsyKeySpecItem item,HcfBigInteger * returnBigInteger)594 static HcfResult GetSm2KeySpecBigInteger(const HcfKey *self, const AsyKeySpecItem item,
595 HcfBigInteger *returnBigInteger)
596 {
597 if (self == NULL || returnBigInteger == NULL) {
598 LOGE("Invalid input parameter.");
599 return HCF_INVALID_PARAMS;
600 }
601 bool isPrivate = false;
602 HcfResult ret = CheckSm2KeySelf(self, &isPrivate);
603 if (ret != HCF_SUCCESS) {
604 LOGE("Invalid input key");
605 return HCF_INVALID_PARAMS;
606 }
607 const EC_GROUP *group = NULL;
608 if (isPrivate) {
609 group = OpensslEcKeyGet0Group(((HcfOpensslSm2PriKey *)self)->ecKey);
610 } else {
611 group = OpensslEcKeyGet0Group(((HcfOpensslSm2PubKey *)self)->ecKey);
612 }
613 if (group == NULL) {
614 LOGE("Get group failed");
615 return HCF_INVALID_PARAMS;
616 }
617 switch (item) {
618 case ECC_FP_P_BN:
619 case ECC_A_BN:
620 case ECC_B_BN:
621 ret = GetCurveGFp(group, item, returnBigInteger);
622 break;
623 case ECC_G_X_BN:
624 case ECC_G_Y_BN:
625 ret = GetGenerator(group, item, returnBigInteger);
626 break;
627 case ECC_N_BN:
628 ret = GetOrder(group, returnBigInteger);
629 break;
630 case ECC_SK_BN:
631 case ECC_PK_X_BN:
632 case ECC_PK_Y_BN:
633 ret = GetPkSkBigInteger(self, isPrivate, item, returnBigInteger);
634 break;
635 default:
636 LOGE("Invalid ecc key big number spec!");
637 ret = HCF_INVALID_PARAMS;
638 break;
639 }
640 return ret;
641 }
642
GetSm2KeySpecString(const HcfKey * self,const AsyKeySpecItem item,char ** returnString)643 static HcfResult GetSm2KeySpecString(const HcfKey *self, const AsyKeySpecItem item, char **returnString)
644 {
645 if (self == NULL || returnString == NULL) {
646 LOGE("Invalid input parameter.");
647 return HCF_INVALID_PARAMS;
648 }
649 bool isPrivate = false;
650 HcfResult ret = CheckSm2KeySelf(self, &isPrivate);
651 if (ret != HCF_SUCCESS) {
652 LOGE("Invalid input key");
653 return HCF_INVALID_PARAMS;
654 }
655
656 switch (item) {
657 case ECC_FIELD_TYPE_STR:
658 ret = GetFieldType(self, isPrivate, returnString);
659 break;
660 case ECC_CURVE_NAME_STR:
661 ret = GetCurveName(self, isPrivate, returnString);
662 break;
663 default:
664 ret = HCF_INVALID_PARAMS;
665 LOGE("Invalid spec of ec string");
666 break;
667 }
668 return ret;
669 }
670
GetSm2KeySpecInt(const HcfKey * self,const AsyKeySpecItem item,int * returnInt)671 static HcfResult GetSm2KeySpecInt(const HcfKey *self, const AsyKeySpecItem item, int *returnInt)
672 {
673 if (self == NULL || returnInt == NULL) {
674 LOGE("Invalid input parameter.");
675 return HCF_INVALID_PARAMS;
676 }
677 bool isPrivate = false;
678 HcfResult ret = CheckSm2KeySelf(self, &isPrivate);
679 if (ret != HCF_SUCCESS) {
680 LOGE("Invalid input key");
681 return HCF_INVALID_PARAMS;
682 }
683 const EC_GROUP *group = NULL;
684 if (isPrivate) {
685 group = OpensslEcKeyGet0Group(((HcfOpensslSm2PriKey *)self)->ecKey);
686 } else {
687 group = OpensslEcKeyGet0Group(((HcfOpensslSm2PubKey *)self)->ecKey);
688 }
689 if (group == NULL) {
690 LOGE("Get group failed");
691 return HCF_INVALID_PARAMS;
692 }
693 switch (item) {
694 case ECC_H_INT:
695 ret = GetCofactor(group, returnInt);
696 break;
697 case ECC_FIELD_SIZE_INT:
698 ret = GetFieldSize(group, returnInt);
699 break;
700 default:
701 ret = HCF_INVALID_PARAMS;
702 LOGE("Invalid ec key int spec");
703 break;
704 }
705 return ret;
706 }
707
GetSm2PubKeySpecBigInteger(const HcfPubKey * self,const AsyKeySpecItem item,HcfBigInteger * returnBigInteger)708 static HcfResult GetSm2PubKeySpecBigInteger(const HcfPubKey *self, const AsyKeySpecItem item,
709 HcfBigInteger *returnBigInteger)
710 {
711 return GetSm2KeySpecBigInteger((HcfKey *)self, item, returnBigInteger);
712 }
713
GetSm2PriKeySpecBigInteger(const HcfPriKey * self,const AsyKeySpecItem item,HcfBigInteger * returnBigInteger)714 static HcfResult GetSm2PriKeySpecBigInteger(const HcfPriKey *self, const AsyKeySpecItem item,
715 HcfBigInteger *returnBigInteger)
716 {
717 return GetSm2KeySpecBigInteger((HcfKey *)self, item, returnBigInteger);
718 }
719
GetSm2PubKeySpecString(const HcfPubKey * self,const AsyKeySpecItem item,char ** returnString)720 static HcfResult GetSm2PubKeySpecString(const HcfPubKey *self, const AsyKeySpecItem item, char **returnString)
721 {
722 return GetSm2KeySpecString((HcfKey *)self, item, returnString);
723 }
724
GetSm2PriKeySpecString(const HcfPriKey * self,const AsyKeySpecItem item,char ** returnString)725 static HcfResult GetSm2PriKeySpecString(const HcfPriKey *self, const AsyKeySpecItem item, char **returnString)
726 {
727 return GetSm2KeySpecString((HcfKey *)self, item, returnString);
728 }
729
GetSm2PubKeySpecInt(const HcfPubKey * self,const AsyKeySpecItem item,int * returnInt)730 static HcfResult GetSm2PubKeySpecInt(const HcfPubKey *self, const AsyKeySpecItem item, int *returnInt)
731 {
732 return GetSm2KeySpecInt((HcfKey *)self, item, returnInt);
733 }
734
GetSm2PriKeySpecInt(const HcfPriKey * self,const AsyKeySpecItem item,int * returnInt)735 static HcfResult GetSm2PriKeySpecInt(const HcfPriKey *self, const AsyKeySpecItem item, int *returnInt)
736 {
737 return GetSm2KeySpecInt((HcfKey *)self, item, returnInt);
738 }
739
GetSm2PubKeyEncodedDer(const HcfPubKey * self,const char * format,HcfBlob * returnBlob)740 static HcfResult GetSm2PubKeyEncodedDer(const HcfPubKey *self, const char *format, HcfBlob *returnBlob)
741 {
742 (void)self;
743 (void)format;
744 (void)returnBlob;
745 return HCF_INVALID_PARAMS;
746 }
747
PackSm2PubKey(int32_t curveId,EC_KEY * ecKey,const char * fieldType,HcfOpensslSm2PubKey ** returnObj)748 static HcfResult PackSm2PubKey(int32_t curveId, EC_KEY *ecKey, const char *fieldType,
749 HcfOpensslSm2PubKey **returnObj)
750 {
751 HcfOpensslSm2PubKey *returnPubKey = (HcfOpensslSm2PubKey *)HcfMalloc(sizeof(HcfOpensslSm2PubKey), 0);
752 if (returnPubKey == NULL) {
753 LOGE("Failed to allocate returnPubKey memory!");
754 return HCF_ERR_MALLOC;
755 }
756
757 char *tmpFieldType = NULL;
758 if (fieldType != NULL) {
759 size_t len = HcfStrlen(fieldType);
760 if (len == 0) {
761 LOGE("FieldType is empty!");
762 HcfFree(returnPubKey);
763 returnPubKey = NULL;
764 return HCF_INVALID_PARAMS;
765 }
766 tmpFieldType = (char *)HcfMalloc(len + 1, 0);
767 if (tmpFieldType == NULL) {
768 LOGE("Allocate tmpFieldType memory failed.");
769 HcfFree(returnPubKey);
770 returnPubKey = NULL;
771 return HCF_ERR_MALLOC;
772 }
773 (void)memcpy_s(tmpFieldType, len, fieldType, len);
774 }
775 returnPubKey->base.base.base.destroy = DestroySm2PubKey;
776 returnPubKey->base.base.base.getClass = GetSm2PubKeyClass;
777 returnPubKey->base.base.getAlgorithm = GetSm2PubKeyAlgorithm;
778 returnPubKey->base.base.getEncoded = GetSm2PubKeyEncoded;
779 returnPubKey->base.base.getEncodedPem = GetSm2PubKeyEncodedPem;
780 returnPubKey->base.base.getFormat = GetSm2PubKeyFormat;
781 returnPubKey->base.getAsyKeySpecBigInteger = GetSm2PubKeySpecBigInteger;
782 returnPubKey->base.getAsyKeySpecString = GetSm2PubKeySpecString;
783 returnPubKey->base.getAsyKeySpecInt = GetSm2PubKeySpecInt;
784 returnPubKey->base.getEncodedDer = GetSm2PubKeyEncodedDer;
785 returnPubKey->curveId = curveId;
786 returnPubKey->ecKey = ecKey;
787 returnPubKey->fieldType = tmpFieldType;
788
789 *returnObj = returnPubKey;
790 return HCF_SUCCESS;
791 }
792
GetSm2PriKeyEncodedDer(const HcfPriKey * self,const char * format,HcfBlob * returnBlob)793 static HcfResult GetSm2PriKeyEncodedDer(const HcfPriKey *self, const char *format, HcfBlob *returnBlob)
794 {
795 (void)self;
796 (void)format;
797 (void)returnBlob;
798 return HCF_INVALID_PARAMS;
799 }
800
PackSm2PriKey(int32_t curveId,EC_KEY * ecKey,const char * fieldType,HcfOpensslSm2PriKey ** returnObj)801 static HcfResult PackSm2PriKey(int32_t curveId, EC_KEY *ecKey, const char *fieldType,
802 HcfOpensslSm2PriKey **returnObj)
803 {
804 HcfOpensslSm2PriKey *returnPriKey = (HcfOpensslSm2PriKey *)HcfMalloc(sizeof(HcfOpensslSm2PriKey), 0);
805 if (returnPriKey == NULL) {
806 LOGE("Failed to allocate returnPriKey memory!");
807 return HCF_ERR_MALLOC;
808 }
809
810 char *tmpFieldType = NULL;
811 if (fieldType != NULL) {
812 size_t len = HcfStrlen(fieldType);
813 if (len == 0) {
814 LOGE("FieldType is empty!");
815 HcfFree(returnPriKey);
816 returnPriKey = NULL;
817 return HCF_INVALID_PARAMS;
818 }
819 tmpFieldType = (char *)HcfMalloc(len + 1, 0);
820 if (tmpFieldType == NULL) {
821 LOGE("Allocate tmpFieldType memory failed.");
822 HcfFree(returnPriKey);
823 returnPriKey = NULL;
824 return HCF_ERR_MALLOC;
825 }
826 (void)memcpy_s(tmpFieldType, len, fieldType, len);
827 }
828 returnPriKey->base.base.base.destroy = DestroySm2PriKey;
829 returnPriKey->base.base.base.getClass = GetSm2PriKeyClass;
830 returnPriKey->base.base.getAlgorithm = GetSm2PriKeyAlgorithm;
831 returnPriKey->base.base.getEncoded = GetSm2PriKeyEncoded;
832 returnPriKey->base.getEncodedPem = GetSm2PriKeyEncodedPem;
833 returnPriKey->base.base.getFormat = GetSm2PriKeyFormat;
834 returnPriKey->base.getAsyKeySpecBigInteger = GetSm2PriKeySpecBigInteger;
835 returnPriKey->base.getAsyKeySpecString = GetSm2PriKeySpecString;
836 returnPriKey->base.getAsyKeySpecInt = GetSm2PriKeySpecInt;
837 returnPriKey->base.clearMem = Sm2PriKeyClearMem;
838 returnPriKey->base.getEncodedDer = GetSm2PriKeyEncodedDer;
839 returnPriKey->curveId = curveId;
840 returnPriKey->ecKey = ecKey;
841 returnPriKey->fieldType = tmpFieldType;
842
843 *returnObj = returnPriKey;
844 return HCF_SUCCESS;
845 }
846
PackSm2KeyPair(HcfOpensslSm2PubKey * pubKey,HcfOpensslSm2PriKey * priKey,HcfOpensslSm2KeyPair ** returnObj)847 static HcfResult PackSm2KeyPair(HcfOpensslSm2PubKey *pubKey, HcfOpensslSm2PriKey *priKey,
848 HcfOpensslSm2KeyPair **returnObj)
849 {
850 HcfOpensslSm2KeyPair *returnKeyPair = (HcfOpensslSm2KeyPair *)HcfMalloc(sizeof(HcfOpensslSm2KeyPair), 0);
851 if (returnKeyPair == NULL) {
852 LOGE("Failed to allocate returnKeyPair memory!");
853 return HCF_ERR_MALLOC;
854 }
855 returnKeyPair->base.base.getClass = GetSm2KeyPairClass;
856 returnKeyPair->base.base.destroy = DestroySm2KeyPair;
857 returnKeyPair->base.pubKey = (HcfPubKey *)pubKey;
858 returnKeyPair->base.priKey = (HcfPriKey *)priKey;
859
860 *returnObj = returnKeyPair;
861 return HCF_SUCCESS;
862 }
863
ConvertEcPubKey(int32_t curveId,HcfBlob * pubKeyBlob,HcfOpensslSm2PubKey ** returnPubKey)864 static HcfResult ConvertEcPubKey(int32_t curveId, HcfBlob *pubKeyBlob, HcfOpensslSm2PubKey **returnPubKey)
865 {
866 const unsigned char *tmpData = (const unsigned char *)(pubKeyBlob->data);
867 EC_KEY *ecKey = OpensslD2iEcPubKey(NULL, &tmpData, pubKeyBlob->len);
868 if (ecKey == NULL) {
869 LOGD("[error] Call d2i_EC_PUBKEY fail.");
870 HcfPrintOpensslError();
871 return HCF_ERR_CRYPTO_OPERATION;
872 }
873 HcfResult ret = PackSm2PubKey(curveId, ecKey, g_sm2GenerateFieldType, returnPubKey);
874 if (ret != HCF_SUCCESS) {
875 LOGE("CreateSm2PubKey failed.");
876 OpensslEcKeyFree(ecKey);
877 return ret;
878 }
879 return HCF_SUCCESS;
880 }
881
ConvertEcPriKey(int32_t curveId,HcfBlob * priKeyBlob,HcfOpensslSm2PriKey ** returnPriKey)882 static HcfResult ConvertEcPriKey(int32_t curveId, HcfBlob *priKeyBlob, HcfOpensslSm2PriKey **returnPriKey)
883 {
884 const unsigned char *tmpData = (const unsigned char *)(priKeyBlob->data);
885 EC_KEY *ecKey = OpensslD2iEcPrivateKey(NULL, &tmpData, priKeyBlob->len);
886 if (ecKey == NULL) {
887 LOGD("[error] Call d2i_ECPrivateKey fail");
888 HcfPrintOpensslError();
889 return HCF_ERR_CRYPTO_OPERATION;
890 }
891 HcfResult ret = PackSm2PriKey(curveId, ecKey, g_sm2GenerateFieldType, returnPriKey);
892 if (ret != HCF_SUCCESS) {
893 LOGE("CreateSm2PriKey failed.");
894 OpensslEcKeyFree(ecKey);
895 return ret;
896 }
897 return HCF_SUCCESS;
898 }
899
EngineConvertSm2Key(HcfAsyKeyGeneratorSpi * self,HcfParamsSpec * params,HcfBlob * pubKeyBlob,HcfBlob * priKeyBlob,HcfKeyPair ** returnKeyPair)900 static HcfResult EngineConvertSm2Key(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec *params, HcfBlob *pubKeyBlob,
901 HcfBlob *priKeyBlob, HcfKeyPair **returnKeyPair)
902 {
903 (void)params;
904 if ((self == NULL) || (returnKeyPair == NULL)) {
905 LOGE("Invalid input parameter.");
906 return HCF_INVALID_PARAMS;
907 }
908 if (!HcfIsClassMatch((HcfObjectBase *)self, self->base.getClass())) {
909 LOGE("Class not match.");
910 return HCF_INVALID_PARAMS;
911 }
912 bool pubKeyValid = HcfIsBlobValid(pubKeyBlob);
913 bool priKeyValid = HcfIsBlobValid(priKeyBlob);
914 if ((!pubKeyValid) && (!priKeyValid)) {
915 LOGE("The private key and public key cannot both be NULL.");
916 return HCF_INVALID_PARAMS;
917 }
918
919 HcfAsyKeyGeneratorSpiOpensslSm2Impl *impl = (HcfAsyKeyGeneratorSpiOpensslSm2Impl *)self;
920 HcfResult ret = HCF_SUCCESS;
921 HcfOpensslSm2PubKey *pubKey = NULL;
922 HcfOpensslSm2PriKey *priKey = NULL;
923 HcfOpensslSm2KeyPair *keyPair = NULL;
924 do {
925 if (pubKeyValid) {
926 ret = ConvertEcPubKey(impl->curveId, pubKeyBlob, &pubKey);
927 if (ret != HCF_SUCCESS) {
928 LOGD("[error] Convert ec pubKey failed.");
929 break;
930 }
931 }
932 if (priKeyValid) {
933 ret = ConvertEcPriKey(impl->curveId, priKeyBlob, &priKey);
934 if (ret != HCF_SUCCESS) {
935 LOGD("[error] Convert ec priKey failed.");
936 break;
937 }
938 }
939 ret = PackSm2KeyPair(pubKey, priKey, &keyPair);
940 } while (0);
941 if (ret != HCF_SUCCESS) {
942 LOGD("[error] Convert sm2 keyPair failed.");
943 HcfObjDestroy(pubKey);
944 pubKey = NULL;
945 HcfObjDestroy(priKey);
946 priKey = NULL;
947 return ret;
948 }
949
950 *returnKeyPair = (HcfKeyPair *)keyPair;
951 return HCF_SUCCESS;
952 }
953
GetSm2EckeyformPubKey(const EVP_PKEY * pkey)954 static EC_KEY *GetSm2EckeyformPubKey(const EVP_PKEY *pkey)
955 {
956 EC_KEY *ecKey = NULL;
957 const EC_GROUP *group = NULL;
958 EC_POINT *pubPoint = NULL;
959 unsigned char octetKey[SM2_OCTET_STRING_LEN];
960 size_t octetKeyLen = 0;
961
962 ecKey = OpensslEcKeyNewbyCurveNameEx(NULL, NULL, NID_sm2);
963 if (ecKey == NULL) {
964 LOGE("Failed to init ec key.");
965 return NULL;
966 }
967
968 group = OpensslEcKeyGet0Group(ecKey);
969 if (group == NULL) {
970 LOGE("Failed to get group while get ec key.");
971 OpensslEcKeyFree(ecKey);
972 return NULL;
973 }
974
975 pubPoint = OpensslEcPointNew(group);
976 if (pubPoint == NULL) {
977 LOGE("Failed to init ec point while get ec key.");
978 OpensslEcKeyFree(ecKey);
979 return NULL;
980 }
981
982 if (!OpensslEvpPkeyGetOctetStringParam(pkey, OSSL_PKEY_PARAM_PUB_KEY, octetKey, sizeof(octetKey),
983 &octetKeyLen)) {
984 LOGE("Failed to get octet string param while get ec key.");
985 OpensslEcKeyFree(ecKey);
986 OpensslEcPointFree(pubPoint);
987 return NULL;
988 }
989
990 if (!OpensslEcOct2Point(group, pubPoint, octetKey, octetKeyLen, NULL)) {
991 LOGE("Failed to convert oct to point while get ec key.");
992 OpensslEcKeyFree(ecKey);
993 OpensslEcPointFree(pubPoint);
994 return NULL;
995 }
996
997 OpensslEcKeySetFlags(ecKey, EC_FLAG_SM2_RANGE);
998 if (!OpensslEcKeySetPublicKey(ecKey, pubPoint)) {
999 LOGE("Failed to set public key while get ec key.");
1000 OpensslEcKeyFree(ecKey);
1001 OpensslEcPointFree(pubPoint);
1002 return NULL;
1003 }
1004 OpensslEcPointFree(pubPoint);
1005
1006 return ecKey;
1007 }
1008
GetSm2EckeyformPriKey(const EVP_PKEY * pkey)1009 static EC_KEY *GetSm2EckeyformPriKey(const EVP_PKEY *pkey)
1010 {
1011 EC_KEY *ecKey = NULL;
1012 BIGNUM *outPriv = NULL;
1013
1014 ecKey = OpensslEcKeyNewbyCurveNameEx(NULL, NULL, NID_sm2);
1015 if (ecKey == NULL) {
1016 LOGE("Failed to init ec key.");
1017 return NULL;
1018 }
1019
1020 if (OpensslEvpPkeyGetBnParam(pkey, OSSL_PKEY_PARAM_PRIV_KEY, &outPriv) != HCF_OPENSSL_SUCCESS) {
1021 LOGE("Failed to get bn param while get ec key.");
1022 OpensslEcKeyFree(ecKey);
1023 return NULL;
1024 }
1025
1026 OpensslEcKeySetFlags(ecKey, EC_FLAG_SM2_RANGE);
1027 if (OpensslEcKeySetPrivateKey(ecKey, outPriv) != HCF_OPENSSL_SUCCESS) {
1028 LOGE("Failed to set private key while get ec key.");
1029 OpensslEcKeyFree(ecKey);
1030 OpensslBnClearFree(outPriv);
1031 return NULL;
1032 }
1033 OpensslBnClearFree(outPriv);
1034
1035 return ecKey;
1036 }
1037
ConvertSM2PemPubKey(int32_t curveId,const char * pubKeyStr,HcfOpensslSm2PubKey ** returnPubKey)1038 static HcfResult ConvertSM2PemPubKey(int32_t curveId, const char *pubKeyStr, HcfOpensslSm2PubKey **returnPubKey)
1039 {
1040 EVP_PKEY *pkey = NULL;
1041 const char *keyType = "SM2";
1042 HcfResult ret = ConvertPubPemStrToKey(&pkey, keyType, EVP_PKEY_PUBLIC_KEY, pubKeyStr);
1043 if (ret != HCF_SUCCESS) {
1044 LOGE("Convert sm2 pem public key failed.");
1045 return ret;
1046 }
1047
1048 EC_KEY *ecKey = GetSm2EckeyformPubKey(pkey);
1049 OpensslEvpPkeyFree(pkey);
1050 if (ecKey == NULL) {
1051 LOGE("Get sm2 ec pkey fail.");
1052 HcfPrintOpensslError();
1053 return HCF_ERR_CRYPTO_OPERATION;
1054 }
1055
1056 ret = PackSm2PubKey(curveId, ecKey, g_sm2GenerateFieldType, returnPubKey);
1057 if (ret != HCF_SUCCESS) {
1058 LOGE("Create sm2 public key failed.");
1059 OpensslEcKeyFree(ecKey);
1060 return ret;
1061 }
1062
1063 return HCF_SUCCESS;
1064 }
1065
ConvertSM2PemPriKey(int32_t curveId,const char * priKeyStr,HcfOpensslSm2PriKey ** returnPriKey)1066 static HcfResult ConvertSM2PemPriKey(int32_t curveId, const char *priKeyStr, HcfOpensslSm2PriKey **returnPriKey)
1067 {
1068 EVP_PKEY *pkey = NULL;
1069 const char *keyType = "SM2";
1070 HcfResult ret = ConvertPriPemStrToKey(priKeyStr, &pkey, keyType);
1071 if (ret != HCF_SUCCESS) {
1072 LOGE("Convert sm2 pem private key failed.");
1073 return ret;
1074 }
1075
1076 EC_KEY *ecKey = GetSm2EckeyformPriKey(pkey);
1077 OpensslEvpPkeyFree(pkey);
1078 if (ecKey == NULL) {
1079 LOGE("Get sm2 ec pkey fail.");
1080 HcfPrintOpensslError();
1081 return HCF_ERR_CRYPTO_OPERATION;
1082 }
1083
1084 ret = PackSm2PriKey(curveId, ecKey, g_sm2GenerateFieldType, returnPriKey);
1085 if (ret != HCF_SUCCESS) {
1086 LOGE("Create sm2 private key failed.");
1087 OpensslEcKeyFree(ecKey);
1088 return ret;
1089 }
1090
1091 return HCF_SUCCESS;
1092 }
1093
EngineConvertSm2PemKey(HcfAsyKeyGeneratorSpi * self,HcfParamsSpec * params,const char * pubKeyStr,const char * priKeyStr,HcfKeyPair ** returnKeyPair)1094 static HcfResult EngineConvertSm2PemKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec *params, const char *pubKeyStr,
1095 const char *priKeyStr, HcfKeyPair **returnKeyPair)
1096 {
1097 (void)params;
1098 if ((self == NULL) || (returnKeyPair == NULL) || ((pubKeyStr == NULL) && (priKeyStr == NULL))) {
1099 LOGE("Invalid input parameter.");
1100 return HCF_INVALID_PARAMS;
1101 }
1102 if (!HcfIsClassMatch((HcfObjectBase *)self, self->base.getClass())) {
1103 LOGE("Class not match.");
1104 return HCF_INVALID_PARAMS;
1105 }
1106
1107 HcfAsyKeyGeneratorSpiOpensslSm2Impl *impl = (HcfAsyKeyGeneratorSpiOpensslSm2Impl *)self;
1108 HcfResult ret = HCF_SUCCESS;
1109 HcfOpensslSm2PubKey *pubKey = NULL;
1110 HcfOpensslSm2PriKey *priKey = NULL;
1111 HcfOpensslSm2KeyPair *keyPair = NULL;
1112
1113 do {
1114 if (pubKeyStr != NULL && strlen(pubKeyStr) != 0) {
1115 ret = ConvertSM2PemPubKey(impl->curveId, pubKeyStr, &pubKey);
1116 if (ret != HCF_SUCCESS) {
1117 break;
1118 }
1119 }
1120 if (priKeyStr != NULL && strlen(priKeyStr) != 0) {
1121 ret = ConvertSM2PemPriKey(impl->curveId, priKeyStr, &priKey);
1122 if (ret != HCF_SUCCESS) {
1123 break;
1124 }
1125 }
1126 ret = PackSm2KeyPair(pubKey, priKey, &keyPair);
1127 } while (0);
1128 if (ret != HCF_SUCCESS) {
1129 LOGE("Convert sm2 keyPair failed.");
1130 HcfObjDestroy(pubKey);
1131 pubKey = NULL;
1132 HcfObjDestroy(priKey);
1133 priKey = NULL;
1134 return ret;
1135 }
1136
1137 *returnKeyPair = (HcfKeyPair *)keyPair;
1138 return HCF_SUCCESS;
1139 }
1140
PackAndAssignPubKey(const HcfAsyKeyGeneratorSpiOpensslSm2Impl * impl,const char * fieldType,EC_KEY * ecKey,HcfPubKey ** returnObj)1141 static HcfResult PackAndAssignPubKey(const HcfAsyKeyGeneratorSpiOpensslSm2Impl *impl, const char *fieldType,
1142 EC_KEY *ecKey, HcfPubKey **returnObj)
1143 {
1144 HcfOpensslSm2PubKey *pubKey = NULL;
1145 HcfResult ret = PackSm2PubKey(impl->curveId, ecKey, fieldType, &pubKey);
1146 if (ret != HCF_SUCCESS) {
1147 LOGD("[error] Create sm2 pubKey failed.");
1148 return ret;
1149 }
1150 *returnObj = (HcfPubKey *)pubKey;
1151 return HCF_SUCCESS;
1152 }
1153
PackAndAssignPriKey(const HcfAsyKeyGeneratorSpiOpensslSm2Impl * impl,const char * fieldType,EC_KEY * ecKey,HcfPriKey ** returnObj)1154 static HcfResult PackAndAssignPriKey(const HcfAsyKeyGeneratorSpiOpensslSm2Impl *impl, const char *fieldType,
1155 EC_KEY *ecKey, HcfPriKey **returnObj)
1156 {
1157 HcfOpensslSm2PriKey *priKey = NULL;
1158 HcfResult ret = PackSm2PriKey(impl->curveId, ecKey, fieldType, &priKey);
1159 if (ret != HCF_SUCCESS) {
1160 LOGD("[error] Create sm2 priKey failed.");
1161 return ret;
1162 }
1163 *returnObj = (HcfPriKey *)priKey;
1164 return HCF_SUCCESS;
1165 }
1166
CreateAndAssignKeyPair(const HcfAsyKeyGeneratorSpiOpensslSm2Impl * impl,const char * fieldType,EC_KEY * ecKey,HcfKeyPair ** returnObj)1167 static HcfResult CreateAndAssignKeyPair(const HcfAsyKeyGeneratorSpiOpensslSm2Impl *impl, const char *fieldType,
1168 EC_KEY *ecKey, HcfKeyPair **returnObj)
1169 {
1170 EC_KEY *ecPriKey = EC_KEY_dup(ecKey);
1171 if (ecPriKey == NULL) {
1172 LOGD("[error] Dup ecKey fail.");
1173 return HCF_ERR_CRYPTO_OPERATION;
1174 }
1175 HcfOpensslSm2PriKey *priKey = NULL;
1176 HcfResult ret = PackSm2PriKey(impl->curveId, ecPriKey, fieldType, &priKey);
1177 if (ret != HCF_SUCCESS) {
1178 LOGD("[error] Create sm2 priKey failed.");
1179 OpensslEcKeyFree(ecPriKey);
1180 return ret;
1181 }
1182 HcfOpensslSm2PubKey *pubKey = NULL;
1183 EC_KEY *ecPubKey = EC_KEY_dup(ecKey);
1184 if (ecPubKey == NULL) {
1185 LOGD("[error] Dup ecKey fail.");
1186 HcfObjDestroy(priKey);
1187 priKey = NULL;
1188 return HCF_ERR_CRYPTO_OPERATION;
1189 }
1190 ret = PackSm2PubKey(impl->curveId, ecPubKey, fieldType, &pubKey);
1191 if (ret != HCF_SUCCESS) {
1192 LOGD("[error] Create sm2 pubKey failed.");
1193 HcfObjDestroy(priKey);
1194 priKey = NULL;
1195 OpensslEcKeyFree(ecPubKey);
1196 return ret;
1197 }
1198
1199 HcfOpensslSm2KeyPair *returnKeyPair = NULL;
1200 ret = PackSm2KeyPair(pubKey, priKey, &returnKeyPair);
1201 if (ret != HCF_SUCCESS) {
1202 LOGE("Create sm2 keyPair failed.");
1203 HcfObjDestroy(pubKey);
1204 pubKey = NULL;
1205 HcfObjDestroy(priKey);
1206 priKey = NULL;
1207 }
1208 *returnObj = (HcfKeyPair *)returnKeyPair;
1209 return ret;
1210 }
1211
EngineGenerateKeyPair(HcfAsyKeyGeneratorSpi * self,HcfKeyPair ** returnObj)1212 static HcfResult EngineGenerateKeyPair(HcfAsyKeyGeneratorSpi *self, HcfKeyPair **returnObj)
1213 {
1214 if ((self == NULL) || (returnObj == NULL)) {
1215 LOGE("Invalid input parameter.");
1216 return HCF_INVALID_PARAMS;
1217 }
1218 if (!HcfIsClassMatch((HcfObjectBase *)self, self->base.getClass())) {
1219 LOGE("Class not match.");
1220 return HCF_INVALID_PARAMS;
1221 }
1222
1223 HcfAsyKeyGeneratorSpiOpensslSm2Impl *impl = (HcfAsyKeyGeneratorSpiOpensslSm2Impl *)self;
1224 EC_KEY *ecKey = NULL;
1225 HcfResult ret = NewEcKeyPair(impl->curveId, &ecKey);
1226 if (ret == HCF_SUCCESS) {
1227 ret = CreateAndAssignKeyPair(impl, g_sm2GenerateFieldType, ecKey, returnObj);
1228 if (ret != HCF_SUCCESS) {
1229 LOGD("[error] CreateAndAssignKeyPair failed.");
1230 }
1231 OpensslEcKeyFree(ecKey);
1232 }
1233 return ret;
1234 }
1235
EngineGenerateKeyPairBySpec(const HcfAsyKeyGeneratorSpi * self,const HcfAsyKeyParamsSpec * params,HcfKeyPair ** returnKeyPair)1236 static HcfResult EngineGenerateKeyPairBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *params,
1237 HcfKeyPair **returnKeyPair)
1238 {
1239 if ((self == NULL) || (returnKeyPair == NULL) || (params == NULL) ||
1240 (((HcfEccCommParamsSpec *)params)->field == NULL)) {
1241 LOGE("Invalid input parameter.");
1242 return HCF_INVALID_PARAMS;
1243 }
1244 if (!HcfIsClassMatch((HcfObjectBase *)self, GetSm2KeyPairGeneratorClass())) {
1245 LOGE("Class not match.");
1246 return HCF_INVALID_PARAMS;
1247 }
1248
1249 HcfAsyKeyGeneratorSpiOpensslSm2Impl *impl = (HcfAsyKeyGeneratorSpiOpensslSm2Impl *)self;
1250 EC_KEY *ecKey = NULL;
1251 HcfResult ret = GenKeyPairSm2KeyBySpec(params, &ecKey);
1252 if (ret != HCF_SUCCESS) {
1253 LOGD("[error] Gen ec key pair with spec failed.");
1254 return ret;
1255 }
1256
1257 // curveId == 0 means no curve to match.
1258 int32_t curveId = (int32_t)OpensslEcGroupGetCurveName(OpensslEcKeyGet0Group(ecKey));
1259 if (curveId != 0) {
1260 impl->curveId = curveId;
1261 }
1262 // deep copy of ecKey, free ecKey whether it succeed or failed.
1263 ret = CreateAndAssignKeyPair(impl, ((HcfEccCommParamsSpec *)params)->field->fieldType, ecKey, returnKeyPair);
1264 OpensslEcKeyFree(ecKey);
1265 if (ret != HCF_SUCCESS) {
1266 LOGD("[error] CreateAndAssignKeyPair failed.");
1267 return ret;
1268 }
1269 return HCF_SUCCESS;
1270 }
1271
EngineGeneratePubKeyBySpec(const HcfAsyKeyGeneratorSpi * self,const HcfAsyKeyParamsSpec * params,HcfPubKey ** returnPubKey)1272 static HcfResult EngineGeneratePubKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *params,
1273 HcfPubKey **returnPubKey)
1274 {
1275 if ((self == NULL) || (returnPubKey == NULL) || (params == NULL) ||
1276 (((HcfEccCommParamsSpec *)params)->field == NULL)) {
1277 LOGE("Invalid input parameter.");
1278 return HCF_INVALID_PARAMS;
1279 }
1280 if (!HcfIsClassMatch((HcfObjectBase *)self, GetSm2KeyPairGeneratorClass())) {
1281 LOGE("Class not match.");
1282 return HCF_INVALID_PARAMS;
1283 }
1284
1285 HcfAsyKeyGeneratorSpiOpensslSm2Impl *impl = (HcfAsyKeyGeneratorSpiOpensslSm2Impl *)self;
1286 EC_KEY *ecKey = NULL;
1287 HcfResult ret = GenPubKeySm2KeyBySpec(params, &ecKey);
1288 if (ret != HCF_SUCCESS) {
1289 LOGD("[error] Gen ec pubKey with spec failed.");
1290 return ret;
1291 }
1292 int32_t curveId = (int32_t)OpensslEcGroupGetCurveName(OpensslEcKeyGet0Group(ecKey));
1293 if (curveId != 0) {
1294 impl->curveId = curveId;
1295 }
1296 ret = PackAndAssignPubKey(impl, ((HcfEccCommParamsSpec *)params)->field->fieldType, ecKey, returnPubKey);
1297 if (ret != HCF_SUCCESS) {
1298 LOGD("[error] PackAndAssignPubKey failed.");
1299 OpensslEcKeyFree(ecKey);
1300 return ret;
1301 }
1302 return HCF_SUCCESS;
1303 }
1304
EngineGeneratePriKeyBySpec(const HcfAsyKeyGeneratorSpi * self,const HcfAsyKeyParamsSpec * params,HcfPriKey ** returnPriKey)1305 static HcfResult EngineGeneratePriKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *params,
1306 HcfPriKey **returnPriKey)
1307 {
1308 if ((self == NULL) || (returnPriKey == NULL) || (params == NULL) ||
1309 (((HcfEccCommParamsSpec *)params)->field == NULL)) {
1310 LOGE("Invalid input parameter.");
1311 return HCF_INVALID_PARAMS;
1312 }
1313 if (!HcfIsClassMatch((HcfObjectBase *)self, GetSm2KeyPairGeneratorClass())) {
1314 LOGE("Class not match.");
1315 return HCF_INVALID_PARAMS;
1316 }
1317
1318 HcfAsyKeyGeneratorSpiOpensslSm2Impl *impl = (HcfAsyKeyGeneratorSpiOpensslSm2Impl *)self;
1319 EC_KEY *ecKey = NULL;
1320 HcfResult ret = GenPriKeySm2KeyBySpec(params, &ecKey);
1321 if (ret != HCF_SUCCESS) {
1322 LOGD("[error] Gen ec priKey with spec failed.");
1323 return ret;
1324 }
1325
1326 int32_t curveId = (int32_t)OpensslEcGroupGetCurveName(OpensslEcKeyGet0Group(ecKey));
1327 if (curveId != 0) {
1328 impl->curveId = curveId;
1329 }
1330
1331 ret = PackAndAssignPriKey(impl, ((HcfEccCommParamsSpec *)params)->field->fieldType, ecKey, returnPriKey);
1332 if (ret != HCF_SUCCESS) {
1333 LOGD("[error] PackAndAssignPriKey failed.");
1334 OpensslEcKeyFree(ecKey);
1335 return ret;
1336 }
1337 return HCF_SUCCESS;
1338 }
1339
HcfAsyKeyGeneratorSpiSm2Create(HcfAsyKeyGenParams * params,HcfAsyKeyGeneratorSpi ** returnObj)1340 HcfResult HcfAsyKeyGeneratorSpiSm2Create(HcfAsyKeyGenParams *params, HcfAsyKeyGeneratorSpi **returnObj)
1341 {
1342 if (params == NULL || returnObj == NULL) {
1343 LOGE("Invalid input parameter.");
1344 return HCF_INVALID_PARAMS;
1345 }
1346 int32_t curveId = 0;
1347 if (params->bits != 0) {
1348 if (GetOpensslCurveId(params->bits, &curveId) != HCF_SUCCESS) {
1349 LOGE("Get curve id failed.");
1350 return HCF_INVALID_PARAMS;
1351 }
1352 }
1353
1354 HcfAsyKeyGeneratorSpiOpensslSm2Impl *returnImpl = (HcfAsyKeyGeneratorSpiOpensslSm2Impl *)HcfMalloc(
1355 sizeof(HcfAsyKeyGeneratorSpiOpensslSm2Impl), 0);
1356 if (returnImpl == NULL) {
1357 LOGE("Failed to allocate returnImpl memroy!");
1358 return HCF_ERR_MALLOC;
1359 }
1360 returnImpl->base.base.getClass = GetSm2KeyPairGeneratorClass;
1361 returnImpl->base.base.destroy = DestroySm2KeyPairGenerator;
1362 returnImpl->base.engineConvertKey = EngineConvertSm2Key;
1363 returnImpl->base.engineConvertPemKey = EngineConvertSm2PemKey;
1364 returnImpl->base.engineGenerateKeyPair = EngineGenerateKeyPair;
1365 returnImpl->base.engineGenerateKeyPairBySpec = EngineGenerateKeyPairBySpec;
1366 returnImpl->base.engineGeneratePubKeyBySpec = EngineGeneratePubKeyBySpec;
1367 returnImpl->base.engineGeneratePriKeyBySpec = EngineGeneratePriKeyBySpec;
1368 returnImpl->curveId = curveId;
1369
1370 *returnObj = (HcfAsyKeyGeneratorSpi *)returnImpl;
1371 return HCF_SUCCESS;
1372 }
1373