1 /*
2 * This file is part of the openHiTLS project.
3 *
4 * openHiTLS is licensed under the Mulan PSL v2.
5 * You can use this software according to the terms and conditions of the Mulan PSL v2.
6 * You may obtain a copy of Mulan PSL v2 at:
7 *
8 * http://license.coscl.org.cn/MulanPSL2
9 *
10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13 * See the Mulan PSL v2 for more details.
14 */
15
16 #include "hitls_build.h"
17 #ifdef HITLS_CRYPTO_CODECSKEY
18
19 #include "securec.h"
20 #include "bsl_asn1.h"
21 #include "bsl_params.h"
22 #include "bsl_err_internal.h"
23 #include "bsl_obj_internal.h"
24 #include "crypt_errno.h"
25 #include "crypt_algid.h"
26 #include "crypt_eal_kdf.h"
27 #include "crypt_eal_rand.h"
28 #include "crypt_eal_cipher.h"
29 #include "crypt_params_key.h"
30 #include "crypt_encode_decode_key.h"
31 #include "crypt_encode_decode_local.h"
32
33 #if defined(HITLS_CRYPTO_KEY_EPKI) && defined(HITLS_CRYPTO_KEY_ENCODE)
34 /**
35 * EncryptedPrivateKeyInfo ::= SEQUENCE {
36 * encryptionAlgorithm EncryptionAlgorithmIdentifier,
37 * encryptedData EncryptedData }
38 *
39 * https://datatracker.ietf.org/doc/html/rfc5208#autoid-6
40 */
41 static BSL_ASN1_TemplateItem g_pk8EncPriKeyTempl[] = {
42 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 0},
43 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 1}, // EncryptionAlgorithmIdentifier
44 {BSL_ASN1_TAG_OBJECT_ID, 0, 2},
45 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 2},
46 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, BSL_ASN1_FLAG_HEADERONLY, 3}, // derivation param
47 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 3}, // enc scheme
48 {BSL_ASN1_TAG_OBJECT_ID, 0, 4}, // alg
49 {BSL_ASN1_TAG_OCTETSTRING, 0, 4}, // iv
50 {BSL_ASN1_TAG_OCTETSTRING, 0, 1}, // EncryptedData
51 };
52 #endif // HITLS_CRYPTO_KEY_EPKI && HITLS_CRYPTO_KEY_ENCODE
53
54 #if defined(HITLS_CRYPTO_RSA) && defined(HITLS_CRYPTO_KEY_DECODE)
CRYPT_EAL_GetRsaPssPara(CRYPT_EAL_PkeyCtx * ealPriKey,CRYPT_RSA_PssPara * rsaPssParam)55 int32_t CRYPT_EAL_GetRsaPssPara(CRYPT_EAL_PkeyCtx *ealPriKey, CRYPT_RSA_PssPara *rsaPssParam)
56 {
57 int32_t ret;
58 ret = CRYPT_EAL_PkeyCtrl(ealPriKey, CRYPT_CTRL_GET_RSA_SALTLEN, &rsaPssParam->saltLen,
59 sizeof(rsaPssParam->saltLen));
60 if (ret != BSL_SUCCESS) {
61 BSL_ERR_PUSH_ERROR(ret);
62 return ret;
63 }
64 ret = CRYPT_EAL_PkeyCtrl(ealPriKey, CRYPT_CTRL_GET_RSA_MD, &rsaPssParam->mdId, sizeof(rsaPssParam->mdId));
65 if (ret != BSL_SUCCESS) {
66 BSL_ERR_PUSH_ERROR(ret);
67 return ret;
68 }
69 ret = CRYPT_EAL_PkeyCtrl(ealPriKey, CRYPT_CTRL_GET_RSA_MGF, &rsaPssParam->mgfId, sizeof(rsaPssParam->mgfId));
70 if (ret != BSL_SUCCESS) {
71 BSL_ERR_PUSH_ERROR(ret);
72 }
73 return ret;
74 }
75
CRYPT_EAL_InitRsaPrv(const CRYPT_EAL_PkeyCtx * ealPriKey,CRYPT_PKEY_AlgId cid,CRYPT_EAL_PkeyPrv * rsaPrv)76 int32_t CRYPT_EAL_InitRsaPrv(const CRYPT_EAL_PkeyCtx *ealPriKey, CRYPT_PKEY_AlgId cid, CRYPT_EAL_PkeyPrv *rsaPrv)
77 {
78 uint32_t bnLen = CRYPT_EAL_PkeyGetKeyLen(ealPriKey);
79 if (bnLen == 0) {
80 return CRYPT_EAL_ALG_NOT_SUPPORT;
81 }
82 uint8_t *pri = (uint8_t *)BSL_SAL_Malloc(bnLen * 8); // 8 items
83 if (pri == NULL) {
84 return CRYPT_MEM_ALLOC_FAIL;
85 }
86 rsaPrv->id = cid;
87 rsaPrv->key.rsaPrv.d = pri;
88 rsaPrv->key.rsaPrv.n = pri + bnLen;
89 rsaPrv->key.rsaPrv.p = pri + bnLen * 2; // 2nd buffer
90 rsaPrv->key.rsaPrv.q = pri + bnLen * 3; // 3rd buffer
91 rsaPrv->key.rsaPrv.dP = pri + bnLen * 4; // 4th buffer
92 rsaPrv->key.rsaPrv.dQ = pri + bnLen * 5; // 5th buffer
93 rsaPrv->key.rsaPrv.qInv = pri + bnLen * 6; // 6th buffer
94 rsaPrv->key.rsaPrv.e = pri + bnLen * 7; // 7th buffer
95
96 rsaPrv->key.rsaPrv.dLen = bnLen;
97 rsaPrv->key.rsaPrv.nLen = bnLen;
98 rsaPrv->key.rsaPrv.pLen = bnLen;
99 rsaPrv->key.rsaPrv.qLen = bnLen;
100 rsaPrv->key.rsaPrv.dPLen = bnLen;
101 rsaPrv->key.rsaPrv.dQLen = bnLen;
102 rsaPrv->key.rsaPrv.qInvLen = bnLen;
103 rsaPrv->key.rsaPrv.eLen = bnLen;
104 return CRYPT_SUCCESS;
105 }
106
CRYPT_EAL_DeinitRsaPrv(CRYPT_EAL_PkeyPrv * rsaPrv)107 void CRYPT_EAL_DeinitRsaPrv(CRYPT_EAL_PkeyPrv *rsaPrv)
108 {
109 BSL_SAL_ClearFree(rsaPrv->key.rsaPrv.d, rsaPrv->key.rsaPrv.dLen * 8); // 8 items
110 }
111 #endif
112
113 #ifdef HITLS_CRYPTO_KEY_DECODE
114 #ifdef HITLS_CRYPTO_RSA
ProcRsaPssParam(BSL_ASN1_Buffer * rsaPssParam,CRYPT_EAL_PkeyCtx * ealPriKey)115 static int32_t ProcRsaPssParam(BSL_ASN1_Buffer *rsaPssParam, CRYPT_EAL_PkeyCtx *ealPriKey)
116 {
117 CRYPT_RsaPadType padType = CRYPT_EMSA_PSS;
118 int32_t ret = CRYPT_EAL_PkeyCtrl(ealPriKey, CRYPT_CTRL_SET_RSA_PADDING, &padType, sizeof(CRYPT_RsaPadType));
119 if (ret != CRYPT_SUCCESS) {
120 BSL_ERR_PUSH_ERROR(ret);
121 return ret;
122 }
123 if (rsaPssParam == NULL || rsaPssParam->buff == NULL) {
124 return CRYPT_SUCCESS;
125 }
126
127 CRYPT_RSA_PssPara para = {0};
128 ret = CRYPT_EAL_ParseRsaPssAlgParam(rsaPssParam, ¶);
129 if (ret != CRYPT_SUCCESS) {
130 return ret;
131 }
132 BSL_Param param[4] = {
133 {CRYPT_PARAM_RSA_MD_ID, BSL_PARAM_TYPE_INT32, ¶.mdId, sizeof(para.mdId), 0},
134 {CRYPT_PARAM_RSA_MGF1_ID, BSL_PARAM_TYPE_INT32, ¶.mgfId, sizeof(para.mgfId), 0},
135 {CRYPT_PARAM_RSA_SALTLEN, BSL_PARAM_TYPE_INT32, ¶.saltLen, sizeof(para.saltLen), 0},
136 BSL_PARAM_END};
137 return CRYPT_EAL_PkeyCtrl(ealPriKey, CRYPT_CTRL_SET_RSA_EMSA_PSS, param, 0);
138 }
139
SetRsaPubKey(const BSL_ASN1_Buffer * n,const BSL_ASN1_Buffer * e,CRYPT_EAL_PkeyCtx * ealPkey)140 static int32_t SetRsaPubKey(const BSL_ASN1_Buffer *n, const BSL_ASN1_Buffer *e, CRYPT_EAL_PkeyCtx *ealPkey)
141 {
142 CRYPT_EAL_PkeyPub rsaPub = {
143 .id = CRYPT_PKEY_RSA, .key.rsaPub = {.n = n->buff, .nLen = n->len, .e = e->buff, .eLen = e->len}};
144 return CRYPT_EAL_PkeySetPub(ealPkey, &rsaPub);
145 }
146
ParseRsaPubkeyAsn1Buff(uint8_t * buff,uint32_t buffLen,BSL_ASN1_Buffer * param,CRYPT_EAL_PkeyCtx ** ealPubKey,BslCid cid)147 int32_t ParseRsaPubkeyAsn1Buff(uint8_t *buff, uint32_t buffLen, BSL_ASN1_Buffer *param, CRYPT_EAL_PkeyCtx **ealPubKey,
148 BslCid cid)
149 {
150 // decode n and e
151 BSL_ASN1_Buffer pubAsn1[CRYPT_RSA_PUB_E_IDX + 1] = {0};
152 int32_t ret = CRYPT_DECODE_RsaPubkeyAsn1Buff(buff, buffLen, pubAsn1, CRYPT_RSA_PUB_E_IDX + 1);
153 if (ret != CRYPT_SUCCESS) {
154 return ret;
155 }
156 CRYPT_EAL_PkeyCtx *pctx = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_RSA);
157 if (pctx == NULL) {
158 BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
159 return CRYPT_MEM_ALLOC_FAIL;
160 }
161 ret = SetRsaPubKey(pubAsn1 + CRYPT_RSA_PUB_N_IDX, pubAsn1 + CRYPT_RSA_PUB_E_IDX, pctx);
162 if (ret != CRYPT_SUCCESS) {
163 CRYPT_EAL_PkeyFreeCtx(pctx);
164 BSL_ERR_PUSH_ERROR(ret);
165 return ret;
166 }
167
168 if (cid != BSL_CID_RSASSAPSS) {
169 *ealPubKey = pctx;
170 return CRYPT_SUCCESS;
171 }
172
173 ret = ProcRsaPssParam(param, pctx);
174 if (ret != CRYPT_SUCCESS) {
175 CRYPT_EAL_PkeyFreeCtx(pctx);
176 BSL_ERR_PUSH_ERROR(ret);
177 return ret;
178 }
179
180 *ealPubKey = pctx;
181 return ret;
182 }
183
ProcEalRsaPrivKey(const BSL_ASN1_Buffer * asn1,CRYPT_EAL_PkeyCtx * ealPkey)184 static int32_t ProcEalRsaPrivKey(const BSL_ASN1_Buffer *asn1, CRYPT_EAL_PkeyCtx *ealPkey)
185 {
186 CRYPT_EAL_PkeyPrv rsaPrv = {0};
187 rsaPrv.id = CRYPT_PKEY_RSA;
188 rsaPrv.key.rsaPrv.d = asn1[CRYPT_RSA_PRV_D_IDX].buff;
189 rsaPrv.key.rsaPrv.dLen = asn1[CRYPT_RSA_PRV_D_IDX].len;
190 rsaPrv.key.rsaPrv.n = asn1[CRYPT_RSA_PRV_N_IDX].buff;
191 rsaPrv.key.rsaPrv.nLen = asn1[CRYPT_RSA_PRV_N_IDX].len;
192 rsaPrv.key.rsaPrv.e = asn1[CRYPT_RSA_PRV_E_IDX].buff;
193 rsaPrv.key.rsaPrv.eLen = asn1[CRYPT_RSA_PRV_E_IDX].len;
194 rsaPrv.key.rsaPrv.p = asn1[CRYPT_RSA_PRV_P_IDX].buff;
195 rsaPrv.key.rsaPrv.pLen = asn1[CRYPT_RSA_PRV_P_IDX].len;
196 rsaPrv.key.rsaPrv.q = asn1[CRYPT_RSA_PRV_Q_IDX].buff;
197 rsaPrv.key.rsaPrv.qLen = asn1[CRYPT_RSA_PRV_Q_IDX].len;
198 rsaPrv.key.rsaPrv.dP = asn1[CRYPT_RSA_PRV_DP_IDX].buff;
199 rsaPrv.key.rsaPrv.dPLen = asn1[CRYPT_RSA_PRV_DP_IDX].len;
200 rsaPrv.key.rsaPrv.dQ = asn1[CRYPT_RSA_PRV_DQ_IDX].buff;
201 rsaPrv.key.rsaPrv.dQLen = asn1[CRYPT_RSA_PRV_DQ_IDX].len;
202 rsaPrv.key.rsaPrv.qInv = asn1[CRYPT_RSA_PRV_QINV_IDX].buff;
203 rsaPrv.key.rsaPrv.qInvLen = asn1[CRYPT_RSA_PRV_QINV_IDX].len;
204
205 return CRYPT_EAL_PkeySetPrv(ealPkey, &rsaPrv);
206 }
207
ProcEalRsaKeyPair(uint8_t * buff,uint32_t buffLen,CRYPT_EAL_PkeyCtx * ealPkey)208 static int32_t ProcEalRsaKeyPair(uint8_t *buff, uint32_t buffLen, CRYPT_EAL_PkeyCtx *ealPkey)
209 {
210 // decode n and e
211 BSL_ASN1_Buffer asn1[CRYPT_RSA_PRV_OTHER_PRIME_IDX + 1] = {0};
212 int32_t ret = CRYPT_DECODE_RsaPrikeyAsn1Buff(buff, buffLen, asn1, CRYPT_RSA_PRV_OTHER_PRIME_IDX + 1);
213 if (ret != CRYPT_SUCCESS) {
214 BSL_ERR_PUSH_ERROR(ret);
215 return ret;
216 }
217
218 ret = ProcEalRsaPrivKey(asn1, ealPkey);
219 if (ret != CRYPT_SUCCESS) {
220 BSL_ERR_PUSH_ERROR(ret);
221 return ret;
222 }
223
224 return SetRsaPubKey(asn1 + CRYPT_RSA_PRV_N_IDX, asn1 + CRYPT_RSA_PRV_E_IDX, ealPkey);
225 }
226
ParseRsaPrikeyAsn1Buff(uint8_t * buff,uint32_t buffLen,BSL_ASN1_Buffer * rsaPssParam,BslCid cid,CRYPT_EAL_PkeyCtx ** ealPriKey)227 int32_t ParseRsaPrikeyAsn1Buff(uint8_t *buff, uint32_t buffLen, BSL_ASN1_Buffer *rsaPssParam, BslCid cid,
228 CRYPT_EAL_PkeyCtx **ealPriKey)
229 {
230 CRYPT_EAL_PkeyCtx *pctx = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_RSA);
231 if (pctx == NULL) {
232 BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
233 return CRYPT_MEM_ALLOC_FAIL;
234 }
235
236 int32_t ret = ProcEalRsaKeyPair(buff, buffLen, pctx);
237 if (ret != CRYPT_SUCCESS) {
238 CRYPT_EAL_PkeyFreeCtx(pctx);
239 BSL_ERR_PUSH_ERROR(ret);
240 return ret;
241 }
242 if (cid != BSL_CID_RSASSAPSS) {
243 *ealPriKey = pctx;
244 return CRYPT_SUCCESS;
245 }
246
247 ret = ProcRsaPssParam(rsaPssParam, pctx);
248 if (ret != CRYPT_SUCCESS) {
249 CRYPT_EAL_PkeyFreeCtx(pctx);
250 return ret;
251 }
252 *ealPriKey = pctx;
253 return ret;
254 }
255 #endif
256
257 #if defined(HITLS_CRYPTO_ECDSA) || defined(HITLS_CRYPTO_SM2)
EccEalKeyNew(BSL_ASN1_Buffer * ecParamOid,int32_t * alg,CRYPT_EAL_PkeyCtx ** ealKey)258 static int32_t EccEalKeyNew(BSL_ASN1_Buffer *ecParamOid, int32_t *alg, CRYPT_EAL_PkeyCtx **ealKey)
259 {
260 int32_t algId;
261 BslOidString oidStr = {ecParamOid->len, (char *)ecParamOid->buff, 0};
262 CRYPT_PKEY_ParaId paraId = (CRYPT_PKEY_ParaId)BSL_OBJ_GetCID(&oidStr);
263 if (paraId == CRYPT_ECC_SM2) {
264 algId = CRYPT_PKEY_SM2;
265 } else if (IsEcdsaEcParaId(paraId)) {
266 algId = CRYPT_PKEY_ECDSA;
267 } else { // scenario ecdh is not considered, and it will be improved in the future
268 return CRYPT_DECODE_UNKNOWN_OID;
269 }
270 CRYPT_EAL_PkeyCtx *key = CRYPT_EAL_PkeyNewCtx(algId);
271 if (key == NULL) {
272 BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
273 return CRYPT_MEM_ALLOC_FAIL;
274 }
275 #ifdef HITLS_CRYPTO_ECDSA
276 if (paraId != CRYPT_ECC_SM2) {
277 int32_t ret = CRYPT_EAL_PkeySetParaById(key, paraId);
278 if (ret != CRYPT_SUCCESS) {
279 CRYPT_EAL_PkeyFreeCtx(key);
280 BSL_ERR_PUSH_ERROR(ret);
281 return ret;
282 }
283 }
284 #endif
285 *ealKey = key;
286 *alg = algId;
287 return CRYPT_SUCCESS;
288 }
289
ParseEccPubkeyAsn1Buff(BSL_ASN1_BitString * bitPubkey,BSL_ASN1_Buffer * ecParamOid,CRYPT_EAL_PkeyCtx ** ealPubKey)290 static int32_t ParseEccPubkeyAsn1Buff(BSL_ASN1_BitString *bitPubkey, BSL_ASN1_Buffer *ecParamOid,
291 CRYPT_EAL_PkeyCtx **ealPubKey)
292 {
293 int32_t algId;
294 CRYPT_EAL_PkeyCtx *pctx = NULL;
295 int32_t ret = EccEalKeyNew(ecParamOid, &algId, &pctx);
296 if (ret != CRYPT_SUCCESS) {
297 BSL_ERR_PUSH_ERROR(ret);
298 return ret;
299 }
300 CRYPT_EAL_PkeyPub pub = {.id = algId, .key.eccPub = {.data = bitPubkey->buff, .len = bitPubkey->len}};
301 ret = CRYPT_EAL_PkeySetPub(pctx, &pub);
302 if (ret != CRYPT_SUCCESS) {
303 CRYPT_EAL_PkeyFreeCtx(pctx);
304 BSL_ERR_PUSH_ERROR(ret);
305 return ret;
306 }
307 *ealPubKey = pctx;
308 return ret;
309 }
310
ParseEccPrikeyAsn1(BSL_ASN1_Buffer * encode,BSL_ASN1_Buffer * pk8AlgoParam,CRYPT_EAL_PkeyCtx ** ealPriKey)311 static int32_t ParseEccPrikeyAsn1(BSL_ASN1_Buffer *encode, BSL_ASN1_Buffer *pk8AlgoParam, CRYPT_EAL_PkeyCtx **ealPriKey)
312 {
313 BSL_ASN1_Buffer *prikey = &encode[CRYPT_ECPRIKEY_PRIKEY_IDX]; // the ECC OID
314 BSL_ASN1_Buffer *ecParamOid = &encode[CRYPT_ECPRIKEY_PARAM_IDX]; // the parameters OID
315 BSL_ASN1_Buffer *pubkey = &encode[CRYPT_ECPRIKEY_PUBKEY_IDX]; // the ECC OID
316 BSL_ASN1_Buffer *param = pk8AlgoParam;
317 if (ecParamOid->len != 0) {
318 // has a valid Algorithm param
319 param = ecParamOid;
320 } else {
321 if (param == NULL) {
322 BSL_ERR_PUSH_ERROR(CRYPT_NULL_INPUT);
323 return CRYPT_NULL_INPUT;
324 }
325 if (param->len == 0) {
326 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_PKCS8_INVALID_ALGO_PARAM);
327 return CRYPT_DECODE_PKCS8_INVALID_ALGO_PARAM;
328 }
329 }
330 if (pubkey->len == 0) {
331 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_ASN1_BUFF_FAILED);
332 return CRYPT_DECODE_ASN1_BUFF_FAILED;
333 }
334 int32_t algId;
335 CRYPT_EAL_PkeyCtx *pctx = NULL;
336 int32_t ret = EccEalKeyNew(param, &algId, &pctx); // Changed ecParamOid to param
337 if (ret != CRYPT_SUCCESS) {
338 return ret;
339 }
340 CRYPT_EAL_PkeyPrv prv = {.id = algId, .key.eccPrv = {.data = prikey->buff, .len = prikey->len}};
341 ret = CRYPT_EAL_PkeySetPrv(pctx, &prv);
342 if (ret != CRYPT_SUCCESS) {
343 CRYPT_EAL_PkeyFreeCtx(pctx);
344 BSL_ERR_PUSH_ERROR(ret);
345 return ret;
346 }
347 // the tag of public key is BSL_ASN1_TAG_BITSTRING, 1 denote unusedBits
348 CRYPT_EAL_PkeyPub pub = {.id = algId, .key.eccPub = {.data = pubkey->buff + 1, .len = pubkey->len - 1}};
349 ret = CRYPT_EAL_PkeySetPub(pctx, &pub);
350 if (ret != CRYPT_SUCCESS) {
351 CRYPT_EAL_PkeyFreeCtx(pctx);
352 BSL_ERR_PUSH_ERROR(ret);
353 return ret;
354 }
355 *ealPriKey = pctx;
356 return ret;
357 }
358
ParseEccPrikeyAsn1Buff(uint8_t * buff,uint32_t buffLen,BSL_ASN1_Buffer * pk8AlgoParam,CRYPT_EAL_PkeyCtx ** ealPriKey)359 int32_t ParseEccPrikeyAsn1Buff(uint8_t *buff, uint32_t buffLen, BSL_ASN1_Buffer *pk8AlgoParam,
360 CRYPT_EAL_PkeyCtx **ealPriKey)
361 {
362 BSL_ASN1_Buffer asn1[CRYPT_ECPRIKEY_PUBKEY_IDX + 1] = {0};
363 int32_t ret = CRYPT_DECODE_PrikeyAsn1Buff(buff, buffLen, asn1, CRYPT_ECPRIKEY_PUBKEY_IDX + 1);
364 if (ret != CRYPT_SUCCESS) {
365 BSL_ERR_PUSH_ERROR(ret);
366 return ret;
367 }
368
369 return ParseEccPrikeyAsn1(asn1, pk8AlgoParam, ealPriKey);
370 }
371 #endif // HITLS_CRYPTO_ECDSA || HITLS_CRYPTO_SM2
372
373 #ifdef HITLS_CRYPTO_ED25519
ParseEd25519PrikeyAsn1Buff(uint8_t * buff,uint32_t buffLen,CRYPT_EAL_PkeyCtx ** ealPriKey)374 static int32_t ParseEd25519PrikeyAsn1Buff(uint8_t *buff, uint32_t buffLen, CRYPT_EAL_PkeyCtx **ealPriKey)
375 {
376 uint8_t *tmpBuff = buff;
377 uint32_t tmpBuffLen = buffLen;
378
379 int32_t ret = BSL_ASN1_DecodeTagLen(BSL_ASN1_TAG_OCTETSTRING, &tmpBuff, &tmpBuffLen, &tmpBuffLen);
380 if (ret != BSL_SUCCESS) {
381 BSL_ERR_PUSH_ERROR(ret);
382 return ret;
383 }
384
385 CRYPT_EAL_PkeyCtx *pctx = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_ED25519);
386 if (pctx == NULL) {
387 BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
388 return CRYPT_MEM_ALLOC_FAIL;
389 }
390 CRYPT_EAL_PkeyPrv prv = {.id = CRYPT_PKEY_ED25519, .key.curve25519Prv = {.data = tmpBuff, .len = tmpBuffLen}};
391 ret = CRYPT_EAL_PkeySetPrv(pctx, &prv);
392 if (ret != CRYPT_SUCCESS) {
393 CRYPT_EAL_PkeyFreeCtx(pctx);
394 BSL_ERR_PUSH_ERROR(ret);
395 return ret;
396 }
397 *ealPriKey = pctx;
398 return CRYPT_SUCCESS;
399 }
400
ParseEd25519PubkeyAsn1Buff(uint8_t * buff,uint32_t buffLen,CRYPT_EAL_PkeyCtx ** ealPubKey)401 static int32_t ParseEd25519PubkeyAsn1Buff(uint8_t *buff, uint32_t buffLen, CRYPT_EAL_PkeyCtx **ealPubKey)
402 {
403 CRYPT_EAL_PkeyCtx *pctx = CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_ED25519);
404 if (pctx == NULL) {
405 BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
406 return CRYPT_MEM_ALLOC_FAIL;
407 }
408 CRYPT_EAL_PkeyPub pub = {.id = CRYPT_PKEY_ED25519, .key.curve25519Pub = {.data = buff, .len = buffLen}};
409 int32_t ret = CRYPT_EAL_PkeySetPub(pctx, &pub);
410 if (ret != CRYPT_SUCCESS) {
411 CRYPT_EAL_PkeyFreeCtx(pctx);
412 BSL_ERR_PUSH_ERROR(ret);
413 return ret;
414 }
415 *ealPubKey = pctx;
416 return ret;
417 }
418 #endif // HITLS_CRYPTO_ED25519
419
ParsePk8PrikeyAsn1(CRYPT_ENCODE_DECODE_Pk8PrikeyInfo * pk8PrikeyInfo,CRYPT_EAL_PkeyCtx ** ealPriKey)420 static int32_t ParsePk8PrikeyAsn1(CRYPT_ENCODE_DECODE_Pk8PrikeyInfo *pk8PrikeyInfo, CRYPT_EAL_PkeyCtx **ealPriKey)
421 {
422 #ifdef HITLS_CRYPTO_RSA
423 if (pk8PrikeyInfo->keyType == BSL_CID_RSA || pk8PrikeyInfo->keyType == BSL_CID_RSASSAPSS) {
424 return ParseRsaPrikeyAsn1Buff(pk8PrikeyInfo->pkeyRawKey, pk8PrikeyInfo->pkeyRawKeyLen,
425 &pk8PrikeyInfo->keyParam, pk8PrikeyInfo->keyType, ealPriKey);
426 }
427 #endif
428 #if defined(HITLS_CRYPTO_ECDSA) || defined(HITLS_CRYPTO_SM2)
429 if (pk8PrikeyInfo->keyType == BSL_CID_EC_PUBLICKEY) {
430 return ParseEccPrikeyAsn1Buff(pk8PrikeyInfo->pkeyRawKey, pk8PrikeyInfo->pkeyRawKeyLen,
431 &pk8PrikeyInfo->keyParam, ealPriKey);
432 }
433 #endif
434 #ifdef HITLS_CRYPTO_ED25519
435 if (pk8PrikeyInfo->keyType == BSL_CID_ED25519) {
436 return ParseEd25519PrikeyAsn1Buff(pk8PrikeyInfo->pkeyRawKey, pk8PrikeyInfo->pkeyRawKeyLen,
437 ealPriKey);
438 }
439 #endif
440 return CRYPT_DECODE_UNSUPPORTED_PKCS8_TYPE;
441 }
442
ParseSubPubkeyAsn1(BSL_ASN1_Buffer * encode,CRYPT_EAL_PkeyCtx ** ealPubKey)443 int32_t ParseSubPubkeyAsn1(BSL_ASN1_Buffer *encode, CRYPT_EAL_PkeyCtx **ealPubKey)
444 {
445 uint8_t *algoBuff = encode->buff; // AlgorithmIdentifier Tag and Len, 2 bytes.
446 uint32_t algoBuffLen = encode->len;
447 BSL_ASN1_Buffer algoId[BSL_ASN1_TAG_ALGOID_ANY_IDX + 1] = {0};
448 int32_t ret = CRYPT_DECODE_AlgoIdAsn1Buff(algoBuff, algoBuffLen, NULL, algoId, BSL_ASN1_TAG_ALGOID_ANY_IDX + 1);
449 if (ret != CRYPT_SUCCESS) {
450 return ret;
451 }
452 BSL_ASN1_Buffer *oid = algoId; // OID
453 BSL_ASN1_Buffer *algParam = algoId + 1; // the parameters
454 BSL_ASN1_Buffer *pubkey = &encode[CRYPT_SUBKEYINFO_BITSTRING_IDX]; // the last BSL_ASN1_Buffer, the pubkey
455 BSL_ASN1_BitString bitPubkey = {0};
456 ret = BSL_ASN1_DecodePrimitiveItem(pubkey, &bitPubkey);
457 if (ret != CRYPT_SUCCESS) {
458 BSL_ERR_PUSH_ERROR(ret);
459 return ret;
460 }
461 BslOidString oidStr = {oid->len, (char *)oid->buff, 0};
462 BslCid cid = BSL_OBJ_GetCID(&oidStr);
463 #if defined(HITLS_CRYPTO_ECDSA) || defined(HITLS_CRYPTO_SM2)
464 if (cid == BSL_CID_EC_PUBLICKEY || cid == BSL_CID_SM2PRIME256) {
465 return ParseEccPubkeyAsn1Buff(&bitPubkey, algParam, ealPubKey);
466 }
467 #endif
468 #ifdef HITLS_CRYPTO_RSA
469 if (cid == BSL_CID_RSA || cid == BSL_CID_RSASSAPSS) {
470 return ParseRsaPubkeyAsn1Buff(bitPubkey.buff, bitPubkey.len, algParam, ealPubKey, cid);
471 }
472 #endif
473 #ifdef HITLS_CRYPTO_ED25519
474 (void)algParam;
475 if (cid == BSL_CID_ED25519) {
476 return ParseEd25519PubkeyAsn1Buff(bitPubkey.buff, bitPubkey.len, ealPubKey);
477 }
478 #endif
479
480 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_UNKNOWN_OID);
481 return CRYPT_DECODE_UNKNOWN_OID;
482 }
483
ParsePk8PriKeyBuff(BSL_Buffer * buff,CRYPT_EAL_PkeyCtx ** ealPriKey)484 int32_t ParsePk8PriKeyBuff(BSL_Buffer *buff, CRYPT_EAL_PkeyCtx **ealPriKey)
485 {
486 uint8_t *tmpBuff = buff->data;
487 uint32_t tmpBuffLen = buff->dataLen;
488
489 CRYPT_ENCODE_DECODE_Pk8PrikeyInfo pk8PrikeyInfo = {0};
490 int32_t ret = CRYPT_DECODE_Pkcs8Info(tmpBuff, tmpBuffLen, NULL, &pk8PrikeyInfo);
491 if (ret != CRYPT_SUCCESS) {
492 BSL_ERR_PUSH_ERROR(ret);
493 return ret;
494 }
495 return ParsePk8PrikeyAsn1(&pk8PrikeyInfo, ealPriKey);
496 }
497
498 #ifdef HITLS_CRYPTO_KEY_EPKI
ParsePk8EncPriKeyBuff(BSL_Buffer * buff,const BSL_Buffer * pwd,CRYPT_EAL_PkeyCtx ** ealPriKey)499 int32_t ParsePk8EncPriKeyBuff(BSL_Buffer *buff, const BSL_Buffer *pwd, CRYPT_EAL_PkeyCtx **ealPriKey)
500 {
501 BSL_Buffer decode = {0};
502 int32_t ret = CRYPT_DECODE_Pkcs8PrvDecrypt(NULL, NULL, buff, pwd, NULL, &decode);
503 if (ret != CRYPT_SUCCESS) {
504 BSL_ERR_PUSH_ERROR(ret);
505 return ret;
506 }
507 ret = ParsePk8PriKeyBuff(&decode, ealPriKey);
508 BSL_SAL_ClearFree(decode.data, decode.dataLen);
509 if (ret != CRYPT_SUCCESS) {
510 BSL_ERR_PUSH_ERROR(ret);
511 }
512 return ret;
513 }
514 #endif
515
CRYPT_EAL_ParseAsn1SubPubkey(uint8_t * buff,uint32_t buffLen,void ** ealPubKey,bool isComplete)516 int32_t CRYPT_EAL_ParseAsn1SubPubkey(uint8_t *buff, uint32_t buffLen, void **ealPubKey, bool isComplete)
517 {
518 // decode sub pubkey info
519 BSL_ASN1_Buffer pubAsn1[CRYPT_SUBKEYINFO_BITSTRING_IDX + 1] = {0};
520 int32_t ret = CRYPT_DECODE_ParseSubKeyInfo(buff, buffLen, pubAsn1, isComplete);
521 if (ret != CRYPT_SUCCESS) {
522 BSL_ERR_PUSH_ERROR(ret);
523 return ret;
524 }
525 return ParseSubPubkeyAsn1(pubAsn1, (CRYPT_EAL_PkeyCtx **)ealPubKey);
526 }
527 #endif // HITLS_CRYPTO_KEY_DECODE
528
529 #ifdef HITLS_CRYPTO_KEY_ENCODE
530
531 #ifdef HITLS_CRYPTO_RSA
EncodePssParam(CRYPT_EAL_PkeyCtx * ealPubKey,BSL_ASN1_Buffer * pssParam)532 static int32_t EncodePssParam(CRYPT_EAL_PkeyCtx *ealPubKey, BSL_ASN1_Buffer *pssParam)
533 {
534 if (pssParam == NULL) {
535 return CRYPT_SUCCESS;
536 }
537 int32_t padType = 0;
538 int32_t ret = CRYPT_EAL_PkeyCtrl(ealPubKey, CRYPT_CTRL_GET_RSA_PADDING, &padType, sizeof(padType));
539 if (ret != CRYPT_SUCCESS) {
540 BSL_ERR_PUSH_ERROR(ret);
541 return ret;
542 }
543 if (padType != CRYPT_EMSA_PSS) {
544 pssParam->tag = BSL_ASN1_TAG_NULL;
545 return CRYPT_SUCCESS;
546 }
547 CRYPT_RSA_PssPara rsaPssParam = {0};
548 ret = CRYPT_EAL_GetRsaPssPara(ealPubKey, &rsaPssParam);
549 if (ret != CRYPT_SUCCESS) {
550 BSL_ERR_PUSH_ERROR(ret);
551 return ret;
552 }
553 pssParam->tag = BSL_ASN1_TAG_SEQUENCE | BSL_ASN1_TAG_CONSTRUCTED;
554 return CRYPT_EAL_EncodeRsaPssAlgParam(&rsaPssParam, &pssParam->buff, &pssParam->len);
555 }
556
EncodeRsaPubkeyAsn1Buff(CRYPT_EAL_PkeyCtx * ealPubKey,BSL_ASN1_Buffer * pssParam,BSL_Buffer * encodePub)557 int32_t EncodeRsaPubkeyAsn1Buff(CRYPT_EAL_PkeyCtx *ealPubKey, BSL_ASN1_Buffer *pssParam, BSL_Buffer *encodePub)
558 {
559 uint32_t bnLen = CRYPT_EAL_PkeyGetKeyLen(ealPubKey);
560 if (bnLen == 0) {
561 BSL_ERR_PUSH_ERROR(CRYPT_EAL_ALG_NOT_SUPPORT);
562 return CRYPT_EAL_ALG_NOT_SUPPORT;
563 }
564 CRYPT_EAL_PkeyPub pub = {0};
565 pub.id = CRYPT_PKEY_RSA;
566 pub.key.rsaPub.n = (uint8_t *)BSL_SAL_Malloc(bnLen);
567 if (pub.key.rsaPub.n == NULL) {
568 BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
569 return CRYPT_MEM_ALLOC_FAIL;
570 }
571 pub.key.rsaPub.e = (uint8_t *)BSL_SAL_Malloc(bnLen);
572 if (pub.key.rsaPub.e == NULL) {
573 BSL_SAL_FREE(pub.key.rsaPub.n);
574 BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
575 return CRYPT_MEM_ALLOC_FAIL;
576 }
577 pub.key.rsaPub.nLen = bnLen;
578 pub.key.rsaPub.eLen = bnLen;
579
580 int32_t ret = CRYPT_EAL_PkeyGetPub(ealPubKey, &pub);
581 if (ret != CRYPT_SUCCESS) {
582 BSL_SAL_FREE(pub.key.rsaPub.n);
583 BSL_SAL_FREE(pub.key.rsaPub.e);
584 BSL_ERR_PUSH_ERROR(ret);
585 return ret;
586 }
587 BSL_ASN1_Buffer pubAsn1[CRYPT_RSA_PUB_E_IDX + 1] = {
588 {BSL_ASN1_TAG_INTEGER, pub.key.rsaPub.nLen, pub.key.rsaPub.n},
589 {BSL_ASN1_TAG_INTEGER, pub.key.rsaPub.eLen, pub.key.rsaPub.e},
590 };
591 ret = CRYPT_ENCODE_RsaPubkeyAsn1Buff(pubAsn1, encodePub);
592 BSL_SAL_FREE(pub.key.rsaPub.n);
593 BSL_SAL_FREE(pub.key.rsaPub.e);
594 if (ret != CRYPT_SUCCESS) {
595 BSL_ERR_PUSH_ERROR(ret);
596 return ret;
597 }
598 ret = EncodePssParam(ealPubKey, pssParam);
599 if (ret != CRYPT_SUCCESS) {
600 BSL_SAL_FREE(encodePub->data);
601 BSL_ERR_PUSH_ERROR(ret);
602 }
603 return ret;
604 }
605
EncodeRsaPrvKey(CRYPT_EAL_PkeyCtx * ealPriKey,BSL_ASN1_Buffer * pk8AlgoParam,BSL_Buffer * bitStr,CRYPT_PKEY_AlgId * cid)606 static int32_t EncodeRsaPrvKey(CRYPT_EAL_PkeyCtx *ealPriKey, BSL_ASN1_Buffer *pk8AlgoParam, BSL_Buffer *bitStr,
607 CRYPT_PKEY_AlgId *cid)
608 {
609 CRYPT_RsaPadType pad = CRYPT_RSA_PADDINGMAX;
610 int32_t ret = CRYPT_EAL_PkeyCtrl(ealPriKey, CRYPT_CTRL_GET_RSA_PADDING, &pad, sizeof(pad));
611 if (ret != CRYPT_SUCCESS) {
612 BSL_ERR_PUSH_ERROR(ret);
613 return ret;
614 }
615 CRYPT_RSA_PssPara rsaPssParam = {0};
616 BSL_Buffer tmp = {0};
617 switch (pad) {
618 case CRYPT_EMSA_PSS:
619 ret = CRYPT_EAL_GetRsaPssPara(ealPriKey, &rsaPssParam);
620 if (ret != BSL_SUCCESS) {
621 return ret;
622 }
623 ret = EncodeRsaPrikeyAsn1Buff(ealPriKey, CRYPT_PKEY_RSA, &tmp);
624 if (ret != BSL_SUCCESS) {
625 return ret;
626 }
627 ret = CRYPT_EAL_EncodeRsaPssAlgParam(&rsaPssParam, &pk8AlgoParam->buff, &pk8AlgoParam->len);
628 if (ret != BSL_SUCCESS) {
629 BSL_SAL_ClearFree(tmp.data, tmp.dataLen);
630 BSL_ERR_PUSH_ERROR(ret);
631 return ret;
632 }
633 pk8AlgoParam->tag = BSL_ASN1_TAG_SEQUENCE | BSL_ASN1_TAG_CONSTRUCTED;
634 *cid = (CRYPT_PKEY_AlgId)BSL_CID_RSASSAPSS;
635 break;
636 default:
637 ret = EncodeRsaPrikeyAsn1Buff(ealPriKey, CRYPT_PKEY_RSA, &tmp);
638 if (ret != BSL_SUCCESS) {
639 BSL_ERR_PUSH_ERROR(ret);
640 return ret;
641 }
642 pk8AlgoParam->tag = BSL_ASN1_TAG_NULL;
643 break;
644 }
645 bitStr->data = tmp.data;
646 bitStr->dataLen = tmp.dataLen;
647 return CRYPT_SUCCESS;
648 }
649
SetRsaPrv2Arr(const CRYPT_EAL_PkeyPrv * rsaPrv,BSL_ASN1_Buffer * asn1)650 static void SetRsaPrv2Arr(const CRYPT_EAL_PkeyPrv *rsaPrv, BSL_ASN1_Buffer *asn1)
651 {
652 asn1[CRYPT_RSA_PRV_D_IDX].buff = rsaPrv->key.rsaPrv.d;
653 asn1[CRYPT_RSA_PRV_D_IDX].len = rsaPrv->key.rsaPrv.dLen;
654 asn1[CRYPT_RSA_PRV_N_IDX].buff = rsaPrv->key.rsaPrv.n;
655 asn1[CRYPT_RSA_PRV_N_IDX].len = rsaPrv->key.rsaPrv.nLen;
656 asn1[CRYPT_RSA_PRV_E_IDX].buff = rsaPrv->key.rsaPrv.e;
657 asn1[CRYPT_RSA_PRV_E_IDX].len = rsaPrv->key.rsaPrv.eLen;
658 asn1[CRYPT_RSA_PRV_P_IDX].buff = rsaPrv->key.rsaPrv.p;
659 asn1[CRYPT_RSA_PRV_P_IDX].len = rsaPrv->key.rsaPrv.pLen;
660 asn1[CRYPT_RSA_PRV_Q_IDX].buff = rsaPrv->key.rsaPrv.q;
661 asn1[CRYPT_RSA_PRV_Q_IDX].len = rsaPrv->key.rsaPrv.qLen;
662 asn1[CRYPT_RSA_PRV_DP_IDX].buff = rsaPrv->key.rsaPrv.dP;
663 asn1[CRYPT_RSA_PRV_DP_IDX].len = rsaPrv->key.rsaPrv.dPLen;
664 asn1[CRYPT_RSA_PRV_DQ_IDX].buff = rsaPrv->key.rsaPrv.dQ;
665 asn1[CRYPT_RSA_PRV_DQ_IDX].len = rsaPrv->key.rsaPrv.dQLen;
666 asn1[CRYPT_RSA_PRV_QINV_IDX].buff = rsaPrv->key.rsaPrv.qInv;
667 asn1[CRYPT_RSA_PRV_QINV_IDX].len = rsaPrv->key.rsaPrv.qInvLen;
668
669 asn1[CRYPT_RSA_PRV_D_IDX].tag = BSL_ASN1_TAG_INTEGER;
670 asn1[CRYPT_RSA_PRV_N_IDX].tag = BSL_ASN1_TAG_INTEGER;
671 asn1[CRYPT_RSA_PRV_E_IDX].tag = BSL_ASN1_TAG_INTEGER;
672 asn1[CRYPT_RSA_PRV_P_IDX].tag = BSL_ASN1_TAG_INTEGER;
673 asn1[CRYPT_RSA_PRV_Q_IDX].tag = BSL_ASN1_TAG_INTEGER;
674 asn1[CRYPT_RSA_PRV_DP_IDX].tag = BSL_ASN1_TAG_INTEGER;
675 asn1[CRYPT_RSA_PRV_DQ_IDX].tag = BSL_ASN1_TAG_INTEGER;
676 asn1[CRYPT_RSA_PRV_QINV_IDX].tag = BSL_ASN1_TAG_INTEGER;
677 }
678
EncodeRsaPrikeyAsn1Buff(CRYPT_EAL_PkeyCtx * ealPriKey,CRYPT_PKEY_AlgId cid,BSL_Buffer * encode)679 int32_t EncodeRsaPrikeyAsn1Buff(CRYPT_EAL_PkeyCtx *ealPriKey, CRYPT_PKEY_AlgId cid, BSL_Buffer *encode)
680 {
681 int32_t ret;
682 BSL_ASN1_Buffer asn1[CRYPT_RSA_PRV_OTHER_PRIME_IDX + 1] = {0};
683
684 CRYPT_EAL_PkeyPrv rsaPrv = {0};
685 ret = CRYPT_EAL_InitRsaPrv(ealPriKey, cid, &rsaPrv);
686 if (ret != CRYPT_SUCCESS) {
687 BSL_ERR_PUSH_ERROR(ret);
688 return ret;
689 }
690 ret = CRYPT_EAL_PkeyGetPrv(ealPriKey, &rsaPrv);
691 if (ret != CRYPT_SUCCESS) {
692 CRYPT_EAL_DeinitRsaPrv(&rsaPrv);
693 BSL_ERR_PUSH_ERROR(ret);
694 return ret;
695 }
696 SetRsaPrv2Arr(&rsaPrv, asn1);
697 uint8_t version = 0;
698 asn1[CRYPT_RSA_PRV_VERSION_IDX].buff = (uint8_t *)&version;
699 asn1[CRYPT_RSA_PRV_VERSION_IDX].len = sizeof(version);
700 asn1[CRYPT_RSA_PRV_VERSION_IDX].tag = BSL_ASN1_TAG_INTEGER;
701 ret = CRYPT_ENCODE_RsaPrikeyAsn1Buff(asn1, CRYPT_RSA_PRV_OTHER_PRIME_IDX + 1, encode);
702 CRYPT_EAL_DeinitRsaPrv(&rsaPrv);
703 if (ret != CRYPT_SUCCESS) {
704 BSL_ERR_PUSH_ERROR(ret);
705 }
706 return ret;
707 }
708 #endif
709
710 #if defined(HITLS_CRYPTO_ECDSA) || defined(HITLS_CRYPTO_SM2)
SetAsn1Buffer(BSL_ASN1_Buffer * asn,uint8_t tag,uint32_t len,uint8_t * buff)711 static inline void SetAsn1Buffer(BSL_ASN1_Buffer *asn, uint8_t tag, uint32_t len, uint8_t *buff)
712 {
713 asn->tag = tag;
714 asn->len = len;
715 asn->buff = buff;
716 }
717
EncodeEccKeyPair(CRYPT_EAL_PkeyCtx * ealPriKey,CRYPT_PKEY_AlgId cid,BSL_ASN1_Buffer * asn1,BSL_Buffer * encode)718 static int32_t EncodeEccKeyPair(CRYPT_EAL_PkeyCtx *ealPriKey, CRYPT_PKEY_AlgId cid,
719 BSL_ASN1_Buffer *asn1, BSL_Buffer *encode)
720 {
721 int32_t ret;
722 uint32_t keyLen = CRYPT_EAL_PkeyGetKeyLen(ealPriKey);
723 if (keyLen == 0) {
724 BSL_ERR_PUSH_ERROR(CRYPT_EAL_ALG_NOT_SUPPORT);
725 return CRYPT_EAL_ALG_NOT_SUPPORT;
726 }
727 uint8_t *pri = (uint8_t *)BSL_SAL_Malloc(keyLen);
728 if (pri == NULL) {
729 BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
730 return CRYPT_MEM_ALLOC_FAIL;
731 }
732 CRYPT_EAL_PkeyPrv prv = {.id = cid, .key.eccPrv = {.data = pri, .len = keyLen}};
733 uint8_t *pub = NULL;
734 do {
735 ret = CRYPT_EAL_PkeyGetPrv(ealPriKey, &prv);
736 if (ret != CRYPT_SUCCESS) {
737 BSL_ERR_PUSH_ERROR(ret);
738 break;
739 }
740 SetAsn1Buffer(asn1 + CRYPT_ECPRIKEY_PRIKEY_IDX, BSL_ASN1_TAG_OCTETSTRING,
741 prv.key.eccPrv.len, prv.key.eccPrv.data);
742 pub = (uint8_t *)BSL_SAL_Malloc(keyLen);
743 if (pub == NULL) {
744 ret = CRYPT_MEM_ALLOC_FAIL;
745 BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
746 break;
747 }
748 CRYPT_EAL_PkeyPub pubKey = {.id = cid, .key.eccPub = {.data = pub, .len = keyLen}};
749 ret = CRYPT_EAL_PkeyCtrl(ealPriKey, CRYPT_CTRL_GEN_ECC_PUBLICKEY, NULL, 0);
750 if (ret != CRYPT_SUCCESS) {
751 BSL_ERR_PUSH_ERROR(ret);
752 break;
753 }
754 ret = CRYPT_EAL_PkeyGetPub(ealPriKey, &pubKey);
755 if (ret != CRYPT_SUCCESS) {
756 BSL_ERR_PUSH_ERROR(ret);
757 break;
758 }
759 BSL_ASN1_BitString bitStr = {pubKey.key.eccPub.data, pubKey.key.eccPub.len, 0};
760 SetAsn1Buffer(asn1 + CRYPT_ECPRIKEY_PUBKEY_IDX, BSL_ASN1_TAG_BITSTRING,
761 sizeof(BSL_ASN1_BitString), (uint8_t *)&bitStr);
762 ret = CRYPT_ENCODE_EccPrikeyAsn1Buff(asn1, CRYPT_ECPRIKEY_PUBKEY_IDX + 1, encode);
763 } while (0);
764 BSL_SAL_ClearFree(pri, keyLen);
765 BSL_SAL_FREE(pub);
766 return ret;
767 }
768
EncodeEccPrikeyAsn1Buff(CRYPT_EAL_PkeyCtx * ealPriKey,BSL_ASN1_Buffer * pk8AlgoParam,BSL_Buffer * encode)769 int32_t EncodeEccPrikeyAsn1Buff(CRYPT_EAL_PkeyCtx *ealPriKey, BSL_ASN1_Buffer *pk8AlgoParam, BSL_Buffer *encode)
770 {
771 uint8_t version = 1;
772 BSL_ASN1_Buffer asn1[CRYPT_ECPRIKEY_PUBKEY_IDX + 1] = {
773 {BSL_ASN1_TAG_INTEGER, sizeof(version), &version}, {0}, {0}, {0}};
774
775 CRYPT_PKEY_AlgId cid = CRYPT_EAL_PkeyGetId(ealPriKey);
776 BslOidString *oid = cid == CRYPT_PKEY_SM2 ? BSL_OBJ_GetOID((BslCid)CRYPT_ECC_SM2)
777 : BSL_OBJ_GetOID((BslCid)CRYPT_EAL_PkeyGetParaId(ealPriKey));
778 if (oid == NULL) {
779 BSL_ERR_PUSH_ERROR(CRYPT_ERR_ALGID);
780 return CRYPT_ERR_ALGID;
781 }
782 if (pk8AlgoParam != NULL) { // pkcs8
783 pk8AlgoParam->buff = (uint8_t *)oid->octs;
784 pk8AlgoParam->len = oid->octetLen;
785 pk8AlgoParam->tag = BSL_ASN1_TAG_OBJECT_ID;
786 } else { // pkcs1
787 asn1[CRYPT_ECPRIKEY_PARAM_IDX].buff = (uint8_t *)oid->octs;
788 asn1[CRYPT_ECPRIKEY_PARAM_IDX].len = oid->octetLen;
789 asn1[CRYPT_ECPRIKEY_PARAM_IDX].tag = BSL_ASN1_TAG_OBJECT_ID;
790 }
791
792 return EncodeEccKeyPair(ealPriKey, cid, asn1, encode);
793 }
794
EncodeEccPubkeyAsn1Buff(CRYPT_EAL_PkeyCtx * ealPubKey,BSL_ASN1_Buffer * ecParamOid,BSL_Buffer * encodePub)795 static int32_t EncodeEccPubkeyAsn1Buff(CRYPT_EAL_PkeyCtx *ealPubKey, BSL_ASN1_Buffer *ecParamOid, BSL_Buffer *encodePub)
796 {
797 int32_t ret;
798 CRYPT_PKEY_ParaId paraId = CRYPT_EAL_PkeyGetParaId(ealPubKey);
799 BslOidString *oid = BSL_OBJ_GetOID((BslCid)paraId);
800 if (CRYPT_EAL_PkeyGetId(ealPubKey) == CRYPT_PKEY_SM2) {
801 oid = BSL_OBJ_GetOID((BslCid)CRYPT_ECC_SM2);
802 }
803 if (oid == NULL) {
804 BSL_ERR_PUSH_ERROR(CRYPT_ERR_ALGID);
805 return CRYPT_ERR_ALGID;
806 }
807 ecParamOid->buff = (uint8_t *)oid->octs;
808 ecParamOid->len = oid->octetLen;
809 ecParamOid->tag = BSL_ASN1_TAG_OBJECT_ID;
810
811 uint32_t pubLen = CRYPT_EAL_PkeyGetKeyLen(ealPubKey);
812 if (pubLen == 0) {
813 BSL_ERR_PUSH_ERROR(CRYPT_EAL_ALG_NOT_SUPPORT);
814 return CRYPT_EAL_ALG_NOT_SUPPORT;
815 }
816 uint8_t *pub = (uint8_t *)BSL_SAL_Malloc(pubLen);
817 if (pub == NULL) {
818 BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
819 return CRYPT_MEM_ALLOC_FAIL;
820 }
821 CRYPT_EAL_PkeyPub pubKey = {.id = CRYPT_EAL_PkeyGetId(ealPubKey), .key.eccPub = {.data = pub, .len = pubLen}};
822 ret = CRYPT_EAL_PkeyGetPub(ealPubKey, &pubKey);
823 if (ret != CRYPT_SUCCESS) {
824 BSL_SAL_FREE(pub);
825 BSL_ERR_PUSH_ERROR(ret);
826 return ret;
827 }
828 encodePub->data = pubKey.key.eccPub.data;
829 encodePub->dataLen = pubKey.key.eccPub.len;
830 return ret;
831 }
832 #endif // HITLS_CRYPTO_ECDSA || HITLS_CRYPTO_SM2
833
834 #ifdef HITLS_CRYPTO_ED25519
EncodeEd25519PubkeyAsn1Buff(CRYPT_EAL_PkeyCtx * ealPubKey,BSL_Buffer * bitStr)835 static int32_t EncodeEd25519PubkeyAsn1Buff(CRYPT_EAL_PkeyCtx *ealPubKey, BSL_Buffer *bitStr)
836 {
837 uint32_t pubLen = CRYPT_EAL_PkeyGetKeyLen(ealPubKey);
838 if (pubLen == 0) {
839 BSL_ERR_PUSH_ERROR(CRYPT_EAL_ALG_NOT_SUPPORT);
840 return CRYPT_EAL_ALG_NOT_SUPPORT;
841 }
842 uint8_t *pub = (uint8_t *)BSL_SAL_Malloc(pubLen);
843 if (pub == NULL) {
844 BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
845 return CRYPT_MEM_ALLOC_FAIL;
846 }
847 CRYPT_EAL_PkeyPub pubKey = {.id = CRYPT_PKEY_ED25519, .key.curve25519Pub = {.data = pub, .len = pubLen}};
848 int32_t ret = CRYPT_EAL_PkeyGetPub(ealPubKey, &pubKey);
849 if (ret != CRYPT_SUCCESS) {
850 BSL_SAL_Free(pub);
851 BSL_ERR_PUSH_ERROR(ret);
852 return ret;
853 }
854 bitStr->data = pubKey.key.curve25519Pub.data;
855 bitStr->dataLen = pubKey.key.curve25519Pub.len;
856 return CRYPT_SUCCESS;
857 }
858
EncodeEd25519PrikeyAsn1Buff(CRYPT_EAL_PkeyCtx * ealPriKey,BSL_Buffer * bitStr)859 static int32_t EncodeEd25519PrikeyAsn1Buff(CRYPT_EAL_PkeyCtx *ealPriKey, BSL_Buffer *bitStr)
860 {
861 uint8_t keyBuff[32] = {0}; // The length of the ed25519 private key is 32
862 CRYPT_EAL_PkeyPrv prv = {.id = CRYPT_PKEY_ED25519, .key.curve25519Prv = {.data = keyBuff, .len = sizeof(keyBuff)}};
863 int32_t ret = CRYPT_EAL_PkeyGetPrv(ealPriKey, &prv);
864 if (ret != CRYPT_SUCCESS) {
865 BSL_ERR_PUSH_ERROR(ret);
866 return ret;
867 }
868 BSL_ASN1_TemplateItem octStr[] = {{BSL_ASN1_TAG_OCTETSTRING, 0, 0}};
869 BSL_ASN1_Template templ = {octStr, 1};
870 BSL_ASN1_Buffer prvAsn1 = {BSL_ASN1_TAG_OCTETSTRING, prv.key.curve25519Prv.len, prv.key.curve25519Prv.data};
871 return BSL_ASN1_EncodeTemplate(&templ, &prvAsn1, 1, &bitStr->data, &bitStr->dataLen);
872 }
873 #endif // HITLS_CRYPTO_ED25519
874
EncodePk8AlgidAny(CRYPT_EAL_PkeyCtx * ealPriKey,BSL_Buffer * bitStr,BSL_ASN1_Buffer * keyParam,BslCid * cidOut)875 static int32_t EncodePk8AlgidAny(CRYPT_EAL_PkeyCtx *ealPriKey, BSL_Buffer *bitStr,
876 BSL_ASN1_Buffer *keyParam, BslCid *cidOut)
877 {
878 (void)keyParam;
879 int32_t ret = CRYPT_DECODE_NO_SUPPORT_TYPE;
880 BSL_Buffer tmp = {0};
881 CRYPT_PKEY_AlgId cid = CRYPT_EAL_PkeyGetId(ealPriKey);
882 switch (cid) {
883 #ifdef HITLS_CRYPTO_RSA
884 case CRYPT_PKEY_RSA:
885 ret = EncodeRsaPrvKey(ealPriKey, keyParam, &tmp, &cid);
886 break;
887 #endif
888 #if defined(HITLS_CRYPTO_ECDSA) || defined(HITLS_CRYPTO_SM2)
889 case CRYPT_PKEY_ECDSA:
890 case CRYPT_PKEY_SM2:
891 cid = (CRYPT_PKEY_AlgId)BSL_CID_EC_PUBLICKEY;
892 ret = EncodeEccPrikeyAsn1Buff(ealPriKey, keyParam, &tmp);
893 break;
894 #endif
895 #ifdef HITLS_CRYPTO_ED25519
896 case CRYPT_PKEY_ED25519:
897 ret = EncodeEd25519PrikeyAsn1Buff(ealPriKey, &tmp);
898 break;
899 #endif
900 default:
901 ret = CRYPT_DECODE_NO_SUPPORT_TYPE;
902 break;
903 }
904 if (ret != CRYPT_SUCCESS) {
905 BSL_ERR_PUSH_ERROR(ret);
906 return ret;
907 }
908 bitStr->data = tmp.data;
909 bitStr->dataLen = tmp.dataLen;
910 *cidOut = (BslCid)cid;
911 return ret;
912 }
913
EncodePk8PriKeyBuff(CRYPT_EAL_PkeyCtx * ealPriKey,BSL_Buffer * asn1)914 int32_t EncodePk8PriKeyBuff(CRYPT_EAL_PkeyCtx *ealPriKey, BSL_Buffer *asn1)
915 {
916 int32_t ret;
917 BSL_Buffer bitStr = {0};
918 CRYPT_ENCODE_DECODE_Pk8PrikeyInfo pk8PrikeyInfo = {0};
919 do {
920 ret = EncodePk8AlgidAny(ealPriKey, &bitStr, &pk8PrikeyInfo.keyParam, &pk8PrikeyInfo.keyType);
921 if (ret != CRYPT_SUCCESS) {
922 break;
923 }
924 pk8PrikeyInfo.pkeyRawKey = bitStr.data;
925 pk8PrikeyInfo.pkeyRawKeyLen = bitStr.dataLen;
926 ret = CRYPT_ENCODE_Pkcs8Info(&pk8PrikeyInfo, asn1);
927 if (ret != CRYPT_SUCCESS) {
928 BSL_ERR_PUSH_ERROR(ret);
929 break;
930 }
931 } while (0);
932 // rsa-pss mode release buffer
933 if (pk8PrikeyInfo.keyParam.tag == (BSL_ASN1_TAG_SEQUENCE | BSL_ASN1_TAG_CONSTRUCTED)) {
934 BSL_SAL_FREE(pk8PrikeyInfo.keyParam.buff);
935 }
936 BSL_SAL_ClearFree(bitStr.data, bitStr.dataLen);
937 return ret;
938 }
939
940 #ifdef HITLS_CRYPTO_KEY_EPKI
CheckEncodeParam(const CRYPT_EncodeParam * encodeParam)941 static int32_t CheckEncodeParam(const CRYPT_EncodeParam *encodeParam)
942 {
943 if (encodeParam == NULL || encodeParam->param == NULL) {
944 BSL_ERR_PUSH_ERROR(CRYPT_NULL_INPUT);
945 return CRYPT_NULL_INPUT;
946 }
947 if (encodeParam->deriveMode != CRYPT_DERIVE_PBKDF2) {
948 BSL_ERR_PUSH_ERROR(CRYPT_ENCODE_NO_SUPPORT_TYPE);
949 return CRYPT_ENCODE_NO_SUPPORT_TYPE;
950 }
951 CRYPT_Pbkdf2Param *pkcsParam = (CRYPT_Pbkdf2Param *)encodeParam->param;
952 if (pkcsParam->pwdLen > PWD_MAX_LEN || (pkcsParam->pwd == NULL && pkcsParam->pwdLen != 0)) {
953 BSL_ERR_PUSH_ERROR(CRYPT_INVALID_ARG);
954 return CRYPT_INVALID_ARG;
955 }
956 if (pkcsParam->pbesId != BSL_CID_PBES2 || pkcsParam->pbkdfId != BSL_CID_PBKDF2) {
957 BSL_ERR_PUSH_ERROR(CRYPT_ERR_ALGID);
958 return CRYPT_ERR_ALGID;
959 }
960 return CRYPT_SUCCESS;
961 }
962
EncodePk8EncPriKeyBuff(CRYPT_EAL_LibCtx * libCtx,const char * attrName,CRYPT_EAL_PkeyCtx * ealPriKey,const CRYPT_EncodeParam * encodeParam,BSL_Buffer * encode)963 int32_t EncodePk8EncPriKeyBuff(CRYPT_EAL_LibCtx *libCtx, const char *attrName, CRYPT_EAL_PkeyCtx *ealPriKey,
964 const CRYPT_EncodeParam *encodeParam, BSL_Buffer *encode)
965 {
966 /* EncAlgid */
967 int32_t ret = CheckEncodeParam(encodeParam);
968 if (ret != CRYPT_SUCCESS) {
969 BSL_ERR_PUSH_ERROR(ret);
970 return ret;
971 }
972 CRYPT_Pbkdf2Param *pkcs8Param = (CRYPT_Pbkdf2Param *)encodeParam->param;
973 BSL_Buffer unEncrypted = {0};
974 ret = EncodePk8PriKeyBuff(ealPriKey, &unEncrypted);
975 if (ret != CRYPT_SUCCESS) {
976 return ret;
977 }
978 BSL_ASN1_Buffer asn1[CRYPT_PKCS_ENCPRIKEY_MAX] = {0};
979
980 ret = CRYPT_ENCODE_PkcsEncryptedBuff(libCtx, attrName, pkcs8Param, &unEncrypted, asn1);
981 if (ret != CRYPT_SUCCESS) {
982 BSL_SAL_ClearFree(unEncrypted.data, unEncrypted.dataLen);
983 return ret;
984 }
985
986 BSL_ASN1_Template templ = {g_pk8EncPriKeyTempl, sizeof(g_pk8EncPriKeyTempl) / sizeof(g_pk8EncPriKeyTempl[0])};
987 ret = BSL_ASN1_EncodeTemplate(&templ, asn1, CRYPT_PKCS_ENCPRIKEY_MAX, &encode->data, &encode->dataLen);
988 BSL_SAL_ClearFree(unEncrypted.data, unEncrypted.dataLen);
989 BSL_SAL_ClearFree(asn1[CRYPT_PKCS_ENCPRIKEY_DERPARAM_IDX].buff, asn1[CRYPT_PKCS_ENCPRIKEY_DERPARAM_IDX].len);
990 BSL_SAL_ClearFree(asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].buff, asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].len);
991 BSL_SAL_FREE(asn1[CRYPT_PKCS_ENCPRIKEY_ENCDATA_IDX].buff);
992 return ret;
993 }
994 #endif // HITLS_CRYPTO_KEY_EPKI
995
CRYPT_EAL_SubPubkeyGetInfo(CRYPT_EAL_PkeyCtx * ealPubKey,BSL_ASN1_Buffer * algo,BSL_Buffer * bitStr)996 static int32_t CRYPT_EAL_SubPubkeyGetInfo(CRYPT_EAL_PkeyCtx *ealPubKey, BSL_ASN1_Buffer *algo, BSL_Buffer *bitStr)
997 {
998 int32_t ret = CRYPT_ERR_ALGID;
999 CRYPT_PKEY_AlgId cid = CRYPT_EAL_PkeyGetId(ealPubKey);
1000 BSL_Buffer bitTmp = {0};
1001 BSL_ASN1_Buffer algoId[BSL_ASN1_TAG_ALGOID_ANY_IDX + 1] = {0};
1002 #ifdef HITLS_CRYPTO_RSA
1003 if (cid == CRYPT_PKEY_RSA) {
1004 ret = EncodeRsaPubkeyAsn1Buff(ealPubKey, &algoId[BSL_ASN1_TAG_ALGOID_ANY_IDX], &bitTmp);
1005 if (algoId[BSL_ASN1_TAG_ALGOID_ANY_IDX].tag == (BSL_ASN1_TAG_SEQUENCE | BSL_ASN1_TAG_CONSTRUCTED)) {
1006 cid = (CRYPT_PKEY_AlgId)BSL_CID_RSASSAPSS;
1007 }
1008 }
1009 #endif
1010 #if defined(HITLS_CRYPTO_ECDSA) || defined(HITLS_CRYPTO_SM2)
1011 if (cid == CRYPT_PKEY_ECDSA || cid == CRYPT_PKEY_SM2) {
1012 cid = (CRYPT_PKEY_AlgId)BSL_CID_EC_PUBLICKEY;
1013 ret = EncodeEccPubkeyAsn1Buff(ealPubKey, &algoId[BSL_ASN1_TAG_ALGOID_ANY_IDX], &bitTmp);
1014 }
1015 #endif
1016 #ifdef HITLS_CRYPTO_ED25519
1017 if (cid == CRYPT_PKEY_ED25519) {
1018 ret = EncodeEd25519PubkeyAsn1Buff(ealPubKey, &bitTmp);
1019 }
1020 #endif
1021 if (ret != CRYPT_SUCCESS) {
1022 BSL_ERR_PUSH_ERROR(ret);
1023 return ret;
1024 }
1025 BslOidString *oidStr = BSL_OBJ_GetOID((BslCid)cid);
1026 if (oidStr == NULL) {
1027 BSL_SAL_FREE(bitTmp.data);
1028 ret = CRYPT_ERR_ALGID;
1029 BSL_ERR_PUSH_ERROR(ret);
1030 goto EXIT;
1031 }
1032 algoId[BSL_ASN1_TAG_ALGOID_IDX].buff = (uint8_t *)oidStr->octs;
1033 algoId[BSL_ASN1_TAG_ALGOID_IDX].len = oidStr->octetLen;
1034 algoId[BSL_ASN1_TAG_ALGOID_IDX].tag = BSL_ASN1_TAG_OBJECT_ID;
1035 ret = CRYPT_ENCODE_AlgoIdAsn1Buff(algoId, BSL_ASN1_TAG_ALGOID_ANY_IDX + 1, &algo->buff, &algo->len);
1036 if (ret != CRYPT_SUCCESS) {
1037 BSL_SAL_FREE(bitTmp.data);
1038 BSL_ERR_PUSH_ERROR(ret);
1039 goto EXIT;
1040 }
1041 bitStr->data = bitTmp.data;
1042 bitStr->dataLen = bitTmp.dataLen;
1043 EXIT:
1044 #ifdef HITLS_CRYPTO_RSA
1045 if (cid == (CRYPT_PKEY_AlgId)BSL_CID_RSASSAPSS) {
1046 BSL_SAL_FREE(algoId[BSL_ASN1_TAG_ALGOID_ANY_IDX].buff);
1047 }
1048 #endif
1049 return ret;
1050 }
1051
CRYPT_EAL_EncodeAsn1SubPubkey(CRYPT_EAL_PkeyCtx * ealPubKey,bool isComplete,BSL_Buffer * encodeH)1052 int32_t CRYPT_EAL_EncodeAsn1SubPubkey(CRYPT_EAL_PkeyCtx *ealPubKey, bool isComplete, BSL_Buffer *encodeH)
1053 {
1054 BSL_ASN1_Buffer algo = {0};
1055 BSL_Buffer bitStr = {0};
1056 int32_t ret = CRYPT_EAL_SubPubkeyGetInfo(ealPubKey, &algo, &bitStr);
1057 if (ret != CRYPT_SUCCESS) {
1058 BSL_ERR_PUSH_ERROR(ret);
1059 return ret;
1060 }
1061 ret = CRYPT_ENCODE_SubPubkeyByInfo(&algo, &bitStr, encodeH, isComplete);
1062 BSL_SAL_FREE(bitStr.data);
1063 BSL_SAL_FREE(algo.buff);
1064 return ret;
1065 }
1066
1067 #ifdef HITLS_CRYPTO_RSA
EncodeHashAlg(CRYPT_MD_AlgId mdId,BSL_ASN1_Buffer * asn)1068 int32_t EncodeHashAlg(CRYPT_MD_AlgId mdId, BSL_ASN1_Buffer *asn)
1069 {
1070 if (mdId == CRYPT_MD_SHA1) {
1071 asn->tag = BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED | CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_HASH;
1072 asn->buff = NULL;
1073 asn->len = 0;
1074 return CRYPT_SUCCESS;
1075 }
1076
1077 BslOidString *oidStr = BSL_OBJ_GetOID((BslCid)mdId);
1078 if (oidStr == NULL) {
1079 BSL_ERR_PUSH_ERROR(CRYPT_ERR_ALGID);
1080 return CRYPT_ERR_ALGID;
1081 }
1082
1083 BSL_ASN1_TemplateItem hashTempl[] = {
1084 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 0},
1085 {BSL_ASN1_TAG_OBJECT_ID, 0, 1},
1086 {BSL_ASN1_TAG_ANY, BSL_ASN1_FLAG_OPTIONAL, 1},
1087 };
1088 BSL_ASN1_Template templ = {hashTempl, sizeof(hashTempl) / sizeof(hashTempl[0])};
1089 BSL_ASN1_Buffer asnArr[2] = {
1090 {BSL_ASN1_TAG_OBJECT_ID, oidStr->octetLen, (uint8_t *)oidStr->octs},
1091 {BSL_ASN1_TAG_NULL, 0, NULL},
1092 };
1093 int32_t ret = BSL_ASN1_EncodeTemplate(&templ, asnArr, 2, &(asn->buff), &(asn->len)); // 2: oid and null
1094 if (ret != CRYPT_SUCCESS) {
1095 BSL_ERR_PUSH_ERROR(ret);
1096 return ret;
1097 }
1098 asn->tag = BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED | CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_HASH;
1099 return CRYPT_SUCCESS;
1100 }
1101
EncodeMgfAlg(CRYPT_MD_AlgId mgfId,BSL_ASN1_Buffer * asn)1102 static int32_t EncodeMgfAlg(CRYPT_MD_AlgId mgfId, BSL_ASN1_Buffer *asn)
1103 {
1104 if (mgfId == CRYPT_MD_SHA1) {
1105 asn->tag = BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED | CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_MASKGEN;
1106 asn->buff = NULL;
1107 asn->len = 0;
1108 return CRYPT_SUCCESS;
1109 }
1110 BslOidString *mgfStr = BSL_OBJ_GetOID(BSL_CID_MGF1);
1111 if (mgfStr == NULL) {
1112 BSL_ERR_PUSH_ERROR(CRYPT_ERR_ALGID);
1113 return CRYPT_ERR_ALGID;
1114 }
1115
1116 BslOidString *oidStr = BSL_OBJ_GetOID((BslCid)mgfId);
1117 if (oidStr == NULL) {
1118 BSL_ERR_PUSH_ERROR(CRYPT_ERR_ALGID);
1119 return CRYPT_ERR_ALGID;
1120 }
1121
1122 BSL_ASN1_TemplateItem mgfTempl[] = {
1123 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 0},
1124 {BSL_ASN1_TAG_OBJECT_ID, 0, 1},
1125 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 1},
1126 {BSL_ASN1_TAG_OBJECT_ID, 0, 2},
1127 {BSL_ASN1_TAG_ANY, BSL_ASN1_FLAG_OPTIONAL, 2},
1128 };
1129 BSL_ASN1_Template templ = {mgfTempl, sizeof(mgfTempl) / sizeof(mgfTempl[0])};
1130 BSL_ASN1_Buffer asnArr[3] = {
1131 {BSL_ASN1_TAG_OBJECT_ID, mgfStr->octetLen, (uint8_t *)mgfStr->octs},
1132 {BSL_ASN1_TAG_OBJECT_ID, oidStr->octetLen, (uint8_t *)oidStr->octs},
1133 {BSL_ASN1_TAG_NULL, 0, NULL}, // param
1134 };
1135 int32_t ret = BSL_ASN1_EncodeTemplate(&templ, asnArr, 3, &(asn->buff), &(asn->len));
1136 if (ret != CRYPT_SUCCESS) {
1137 BSL_ERR_PUSH_ERROR(ret);
1138 return ret;
1139 }
1140 asn->tag = BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED | CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_MASKGEN;
1141 return CRYPT_SUCCESS;
1142 }
1143
EncodeSaltLen(int32_t saltLen,BSL_ASN1_Buffer * asn)1144 static int32_t EncodeSaltLen(int32_t saltLen, BSL_ASN1_Buffer *asn)
1145 {
1146 if (saltLen == 20) { // 20 : default saltLen
1147 asn->tag = BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED |
1148 CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_SALTLEN;
1149 asn->buff = NULL;
1150 asn->len = 0;
1151 return CRYPT_SUCCESS;
1152 }
1153 BSL_ASN1_Buffer saltAsn = {0};
1154 int32_t ret = BSL_ASN1_EncodeLimb(BSL_ASN1_TAG_INTEGER, (uint64_t)saltLen, &saltAsn);
1155 if (ret != CRYPT_SUCCESS) {
1156 BSL_ERR_PUSH_ERROR(ret);
1157 return ret;
1158 }
1159 BSL_ASN1_TemplateItem saltTempl = {BSL_ASN1_TAG_INTEGER, 0, 0};
1160 BSL_ASN1_Template templ = {&saltTempl, 1};
1161 ret = BSL_ASN1_EncodeTemplate(&templ, &saltAsn, 1, &(asn->buff), &(asn->len));
1162 BSL_SAL_Free(saltAsn.buff);
1163 if (ret != CRYPT_SUCCESS) {
1164 BSL_ERR_PUSH_ERROR(ret);
1165 return ret;
1166 }
1167 asn->tag = BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED | CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_SALTLEN;
1168 return CRYPT_SUCCESS;
1169 }
1170
1171 #define X509_RSAPSS_ELEM_NUMBER 4
CRYPT_EAL_EncodeRsaPssAlgParam(const CRYPT_RSA_PssPara * rsaPssParam,uint8_t ** buf,uint32_t * bufLen)1172 int32_t CRYPT_EAL_EncodeRsaPssAlgParam(const CRYPT_RSA_PssPara *rsaPssParam, uint8_t **buf, uint32_t *bufLen)
1173 {
1174 BSL_ASN1_Buffer asnArr[X509_RSAPSS_ELEM_NUMBER] = {0};
1175 int32_t ret = EncodeHashAlg(rsaPssParam->mdId, &asnArr[0]);
1176 if (ret != CRYPT_SUCCESS) {
1177 return ret;
1178 }
1179 ret = EncodeMgfAlg(rsaPssParam->mgfId, &asnArr[1]);
1180 if (ret != CRYPT_SUCCESS) {
1181 goto EXIT;
1182 }
1183
1184 ret = EncodeSaltLen(rsaPssParam->saltLen, &asnArr[2]); // 2: saltLength
1185 if (ret != CRYPT_SUCCESS) {
1186 goto EXIT;
1187 }
1188 if (asnArr[0].len + asnArr[1].len + asnArr[2].len == 0) { // [0]:hash + [1]:mgf + [2]:salt all default
1189 return ret;
1190 }
1191 // 3 : trailed
1192 asnArr[3].tag = BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED | CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_TRAILED;
1193 BSL_ASN1_TemplateItem rsapssTempl[] = {
1194 {BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED | CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_HASH,
1195 BSL_ASN1_FLAG_DEFAULT, 0},
1196 {BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED | CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_MASKGEN,
1197 BSL_ASN1_FLAG_DEFAULT, 0},
1198 {BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED | CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_SALTLEN,
1199 BSL_ASN1_FLAG_DEFAULT, 0},
1200 {BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED | CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_TRAILED,
1201 BSL_ASN1_FLAG_DEFAULT, 0},
1202 };
1203 BSL_ASN1_Template templ = {rsapssTempl, sizeof(rsapssTempl) / sizeof(rsapssTempl[0])};
1204 ret = BSL_ASN1_EncodeTemplate(&templ, asnArr, X509_RSAPSS_ELEM_NUMBER, buf, bufLen);
1205 if (ret != CRYPT_SUCCESS) {
1206 BSL_ERR_PUSH_ERROR(ret);
1207 }
1208 EXIT:
1209 for (uint32_t i = 0; i < X509_RSAPSS_ELEM_NUMBER; i++) {
1210 BSL_SAL_Free(asnArr[i].buff);
1211 }
1212 return ret;
1213 }
1214 #endif // HITLS_CRYPTO_RSA
1215 #endif // HITLS_CRYPTO_KEY_ENCODE
1216
1217 #ifdef HITLS_PKI_PKCS12
1218 #define HITLS_P7_SPECIFIC_ENCONTENTINFO_EXTENSION 0
1219
1220 /**
1221 * EncryptedContentInfo ::= SEQUENCE {
1222 * contentType ContentType,
1223 * contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
1224 * encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL
1225 * }
1226 *
1227 * https://datatracker.ietf.org/doc/html/rfc5652#section-6.1
1228 */
1229
1230 static BSL_ASN1_TemplateItem g_enContentInfoTempl[] = {
1231 /* ContentType */
1232 {BSL_ASN1_TAG_OBJECT_ID, 0, 0},
1233 /* ContentEncryptionAlgorithmIdentifier */
1234 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 0}, // ContentEncryptionAlgorithmIdentifier
1235 {BSL_ASN1_TAG_OBJECT_ID, 0, 1},
1236 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 1},
1237 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, BSL_ASN1_FLAG_HEADERONLY, 2}, // derivation param
1238 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 2}, // enc scheme
1239 {BSL_ASN1_TAG_OBJECT_ID, 0, 3}, // alg
1240 {BSL_ASN1_TAG_OCTETSTRING, 0, 3}, // iv
1241 /* encryptedContent */
1242 {BSL_ASN1_CLASS_CTX_SPECIFIC | HITLS_P7_SPECIFIC_ENCONTENTINFO_EXTENSION, BSL_ASN1_FLAG_OPTIONAL, 0},
1243 };
1244
1245 typedef enum {
1246 HITLS_P7_ENC_CONTINFO_TYPE_IDX,
1247 HITLS_P7_ENC_CONTINFO_ENCALG_IDX,
1248 HITLS_P7_ENC_CONTINFO_DERIVE_PARAM_IDX,
1249 HITLS_P7_ENC_CONTINFO_SYMALG_IDX,
1250 HITLS_P7_ENC_CONTINFO_SYMIV_IDX,
1251 HITLS_P7_ENC_CONTINFO_ENCONTENT_IDX,
1252 HITLS_P7_ENC_CONTINFO_MAX_IDX,
1253 } HITLS_P7_ENC_CONTINFO_IDX;
1254
1255 #define HITLS_P7_SPECIFIC_UNPROTECTEDATTRS_EXTENSION 1
1256
1257 /**
1258 * EncryptedData ::= SEQUENCE {
1259 * version CMSVersion,
1260 * encryptedContentInfo EncryptedContentInfo,
1261 * unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL
1262 * }
1263 *
1264 * https://datatracker.ietf.org/doc/html/rfc5652#page-29
1265 */
1266 static BSL_ASN1_TemplateItem g_encryptedDataTempl[] = {
1267 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 0},
1268 /* version */
1269 {BSL_ASN1_TAG_INTEGER, 0, 1},
1270 /* EncryptedContentInfo */
1271 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, BSL_ASN1_FLAG_HEADERONLY, 1},
1272 /* unprotectedAttrs */
1273 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SET | HITLS_P7_SPECIFIC_UNPROTECTEDATTRS_EXTENSION,
1274 BSL_ASN1_FLAG_OPTIONAL | BSL_ASN1_FLAG_HEADERONLY, 1},
1275 };
1276
1277 typedef enum {
1278 HITLS_P7_ENCRYPTDATA_VERSION_IDX,
1279 HITLS_P7_ENCRYPTDATA_ENCRYPTINFO_IDX,
1280 HITLS_P7_ENCRYPTDATA_UNPROTECTEDATTRS_IDX,
1281 HITLS_P7_ENCRYPTDATA_MAX_IDX,
1282 } HITLS_P7_ENCRYPTDATA_IDX;
1283
1284 #ifdef HITLS_PKI_PKCS12_PARSE
ParsePKCS7EncryptedContentInfo(CRYPT_EAL_LibCtx * libCtx,const char * attrName,BSL_Buffer * encode,const uint8_t * pwd,uint32_t pwdlen,BSL_Buffer * output)1285 static int32_t ParsePKCS7EncryptedContentInfo(CRYPT_EAL_LibCtx *libCtx, const char *attrName, BSL_Buffer *encode,
1286 const uint8_t *pwd, uint32_t pwdlen, BSL_Buffer *output)
1287 {
1288 uint8_t *temp = encode->data;
1289 uint32_t tempLen = encode->dataLen;
1290 BSL_ASN1_Buffer asn1[HITLS_P7_ENC_CONTINFO_MAX_IDX] = {0};
1291 BSL_ASN1_Template templ = {g_enContentInfoTempl, sizeof(g_enContentInfoTempl) / sizeof(g_enContentInfoTempl[0])};
1292 int32_t ret = BSL_ASN1_DecodeTemplate(&templ, NULL, &temp, &tempLen, asn1, HITLS_P7_ENC_CONTINFO_MAX_IDX);
1293 if (ret != BSL_SUCCESS) {
1294 BSL_ERR_PUSH_ERROR(ret);
1295 return ret;
1296 }
1297 BslOidString typeOidStr = {asn1[HITLS_P7_ENC_CONTINFO_TYPE_IDX].len,
1298 (char *)asn1[HITLS_P7_ENC_CONTINFO_TYPE_IDX].buff, 0};
1299 BslCid cid = BSL_OBJ_GetCID(&typeOidStr);
1300 if (cid != BSL_CID_PKCS7_SIMPLEDATA) {
1301 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_UNSUPPORTED_PKCS7_TYPE);
1302 return CRYPT_DECODE_UNSUPPORTED_PKCS7_TYPE;
1303 }
1304 BslOidString encOidStr = {asn1[HITLS_P7_ENC_CONTINFO_ENCALG_IDX].len,
1305 (char *)asn1[HITLS_P7_ENC_CONTINFO_ENCALG_IDX].buff, 0};
1306 cid = BSL_OBJ_GetCID(&encOidStr);
1307 if (cid != BSL_CID_PBES2) {
1308 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_UNSUPPORTED_ENCRYPT_TYPE);
1309 return CRYPT_DECODE_UNSUPPORTED_ENCRYPT_TYPE;
1310 }
1311 // parse sym alg id
1312 BslOidString symOidStr = {asn1[HITLS_P7_ENC_CONTINFO_SYMALG_IDX].len,
1313 (char *)asn1[HITLS_P7_ENC_CONTINFO_SYMALG_IDX].buff, 0};
1314 BslCid symId = BSL_OBJ_GetCID(&symOidStr);
1315 if (symId == BSL_CID_UNKNOWN) {
1316 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_UNKNOWN_OID);
1317 return CRYPT_DECODE_UNKNOWN_OID;
1318 }
1319 BSL_Buffer derivekeyData = {asn1[HITLS_P7_ENC_CONTINFO_DERIVE_PARAM_IDX].buff,
1320 asn1[HITLS_P7_ENC_CONTINFO_DERIVE_PARAM_IDX].len};
1321 BSL_Buffer ivData = {asn1[HITLS_P7_ENC_CONTINFO_SYMIV_IDX].buff, asn1[HITLS_P7_ENC_CONTINFO_SYMIV_IDX].len};
1322 BSL_Buffer enData = {asn1[HITLS_P7_ENC_CONTINFO_ENCONTENT_IDX].buff, asn1[HITLS_P7_ENC_CONTINFO_ENCONTENT_IDX].len};
1323 EncryptPara encPara = {.derivekeyData = &derivekeyData, .ivData = &ivData, .enData = &enData};
1324 BSL_Buffer pwdBuffer = {(uint8_t *)(uintptr_t)pwd, pwdlen};
1325 ret = CRYPT_DECODE_ParseEncDataAsn1(libCtx, attrName, symId, &encPara, &pwdBuffer, NULL, output);
1326 if (ret != CRYPT_SUCCESS) {
1327 BSL_ERR_PUSH_ERROR(ret);
1328 }
1329 return ret;
1330 }
1331
CRYPT_EAL_ParseAsn1PKCS7EncryptedData(CRYPT_EAL_LibCtx * libCtx,const char * attrName,BSL_Buffer * encode,const uint8_t * pwd,uint32_t pwdlen,BSL_Buffer * output)1332 int32_t CRYPT_EAL_ParseAsn1PKCS7EncryptedData(CRYPT_EAL_LibCtx *libCtx, const char *attrName, BSL_Buffer *encode,
1333 const uint8_t *pwd, uint32_t pwdlen, BSL_Buffer *output)
1334 {
1335 if (encode == NULL || pwd == NULL || output == NULL) {
1336 BSL_ERR_PUSH_ERROR(CRYPT_NULL_INPUT);
1337 return CRYPT_NULL_INPUT;
1338 }
1339 if (pwdlen > PWD_MAX_LEN) {
1340 BSL_ERR_PUSH_ERROR(CRYPT_INVALID_ARG);
1341 return CRYPT_INVALID_ARG;
1342 }
1343 uint8_t *temp = encode->data;
1344 uint32_t tempLen = encode->dataLen;
1345 BSL_ASN1_Buffer asn1[HITLS_P7_ENCRYPTDATA_MAX_IDX] = {0};
1346 BSL_ASN1_Template templ = {g_encryptedDataTempl, sizeof(g_encryptedDataTempl) / sizeof(g_encryptedDataTempl[0])};
1347 int32_t ret = BSL_ASN1_DecodeTemplate(&templ, NULL, &temp, &tempLen, asn1, HITLS_P7_ENCRYPTDATA_MAX_IDX);
1348 if (ret != BSL_SUCCESS) {
1349 BSL_ERR_PUSH_ERROR(ret);
1350 return ret;
1351 }
1352 uint32_t version = 0;
1353 ret = BSL_ASN1_DecodePrimitiveItem(&asn1[HITLS_P7_ENCRYPTDATA_VERSION_IDX], &version);
1354 if (ret != BSL_SUCCESS) {
1355 BSL_ERR_PUSH_ERROR(ret);
1356 return ret;
1357 }
1358 if (version == 0 && asn1[HITLS_P7_ENCRYPTDATA_UNPROTECTEDATTRS_IDX].buff != NULL) {
1359 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_PKCS7_INVALIDE_ENCRYPTDATA_TYPE);
1360 return CRYPT_DECODE_PKCS7_INVALIDE_ENCRYPTDATA_TYPE;
1361 }
1362 // In RFC5652, if the encapsulated content type is other than id-data, then the value of version MUST be 2.
1363 if (version == 2 && asn1[HITLS_P7_ENCRYPTDATA_UNPROTECTEDATTRS_IDX].buff == NULL) {
1364 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_PKCS7_INVALIDE_ENCRYPTDATA_TYPE);
1365 return CRYPT_DECODE_PKCS7_INVALIDE_ENCRYPTDATA_TYPE;
1366 }
1367 BSL_Buffer encryptInfo = {asn1[HITLS_P7_ENCRYPTDATA_ENCRYPTINFO_IDX].buff,
1368 asn1[HITLS_P7_ENCRYPTDATA_ENCRYPTINFO_IDX].len};
1369 ret = ParsePKCS7EncryptedContentInfo(libCtx, attrName, &encryptInfo, pwd, pwdlen, output);
1370 if (ret != BSL_SUCCESS) {
1371 BSL_ERR_PUSH_ERROR(ret);
1372 }
1373 return ret;
1374 }
1375 #endif // HITLS_PKI_PKCS12_PARSE
1376
1377 #ifdef HITLS_PKI_PKCS12_GEN
1378 /* Encode PKCS7-EncryptData:only support PBES2 + PBKDF2, the param check ref CheckEncodeParam. */
EncodePKCS7EncryptedContentInfo(CRYPT_EAL_LibCtx * libCtx,const char * attrName,BSL_Buffer * data,const CRYPT_EncodeParam * encodeParam,BSL_Buffer * encode)1379 static int32_t EncodePKCS7EncryptedContentInfo(CRYPT_EAL_LibCtx *libCtx, const char *attrName, BSL_Buffer *data,
1380 const CRYPT_EncodeParam *encodeParam, BSL_Buffer *encode)
1381 {
1382 /* EncAlgid */
1383 int32_t ret = CheckEncodeParam(encodeParam);
1384 if (ret != CRYPT_SUCCESS) {
1385 BSL_ERR_PUSH_ERROR(ret);
1386 return ret;
1387 }
1388 CRYPT_Pbkdf2Param *pkcs7Param = (CRYPT_Pbkdf2Param *)encodeParam->param;
1389 BSL_ASN1_Buffer asn1[CRYPT_PKCS_ENCPRIKEY_MAX] = {0};
1390
1391 ret = CRYPT_ENCODE_PkcsEncryptedBuff(libCtx, attrName, pkcs7Param, data, asn1);
1392 if (ret != CRYPT_SUCCESS) {
1393 BSL_ERR_PUSH_ERROR(ret);
1394 return ret;
1395 }
1396 do {
1397 BslOidString *oidStr = BSL_OBJ_GetOID(BSL_CID_PKCS7_SIMPLEDATA);
1398 if (oidStr == NULL) {
1399 BSL_ERR_PUSH_ERROR(CRYPT_ERR_ALGID);
1400 ret = CRYPT_ERR_ALGID;
1401 break;
1402 }
1403 BSL_ASN1_Buffer p7asn[HITLS_P7_ENC_CONTINFO_MAX_IDX] = {
1404 {BSL_ASN1_TAG_OBJECT_ID, oidStr->octetLen, (uint8_t *)oidStr->octs},
1405 {asn1[CRYPT_PKCS_ENCPRIKEY_ENCALG_IDX].tag,
1406 asn1[CRYPT_PKCS_ENCPRIKEY_ENCALG_IDX].len, asn1[CRYPT_PKCS_ENCPRIKEY_ENCALG_IDX].buff},
1407 {asn1[CRYPT_PKCS_ENCPRIKEY_DERPARAM_IDX].tag,
1408 asn1[CRYPT_PKCS_ENCPRIKEY_DERPARAM_IDX].len, asn1[CRYPT_PKCS_ENCPRIKEY_DERPARAM_IDX].buff},
1409 {asn1[CRYPT_PKCS_ENCPRIKEY_SYMALG_IDX].tag,
1410 asn1[CRYPT_PKCS_ENCPRIKEY_SYMALG_IDX].len, asn1[CRYPT_PKCS_ENCPRIKEY_SYMALG_IDX].buff},
1411 {asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].tag,
1412 asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].len, asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].buff},
1413 {BSL_ASN1_CLASS_CTX_SPECIFIC | HITLS_P7_SPECIFIC_ENCONTENTINFO_EXTENSION,
1414 asn1[CRYPT_PKCS_ENCPRIKEY_ENCDATA_IDX].len, asn1[CRYPT_PKCS_ENCPRIKEY_ENCDATA_IDX].buff},
1415 };
1416 BSL_ASN1_Template templ = {g_enContentInfoTempl,
1417 sizeof(g_enContentInfoTempl) / sizeof(g_enContentInfoTempl[0])};
1418 ret = BSL_ASN1_EncodeTemplate(&templ, p7asn, HITLS_P7_ENC_CONTINFO_MAX_IDX, &encode->data, &encode->dataLen);
1419 } while (0);
1420 BSL_SAL_ClearFree(asn1[CRYPT_PKCS_ENCPRIKEY_DERPARAM_IDX].buff, asn1[CRYPT_PKCS_ENCPRIKEY_DERPARAM_IDX].len);
1421 BSL_SAL_ClearFree(asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].buff, asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].len);
1422 BSL_SAL_FREE(asn1[CRYPT_PKCS_ENCPRIKEY_ENCDATA_IDX].buff);
1423 return ret;
1424 }
1425
CRYPT_EAL_EncodePKCS7EncryptDataBuff(CRYPT_EAL_LibCtx * libCtx,const char * attrName,BSL_Buffer * data,const void * encodeParam,BSL_Buffer * encode)1426 int32_t CRYPT_EAL_EncodePKCS7EncryptDataBuff(CRYPT_EAL_LibCtx *libCtx, const char *attrName, BSL_Buffer *data,
1427 const void *encodeParam, BSL_Buffer *encode)
1428 {
1429 if (data == NULL || encodeParam == NULL || encode == NULL) {
1430 BSL_ERR_PUSH_ERROR(CRYPT_NULL_INPUT);
1431 return CRYPT_NULL_INPUT;
1432 }
1433 BSL_Buffer contentInfo = {0};
1434 int32_t ret = EncodePKCS7EncryptedContentInfo(libCtx, attrName, data, encodeParam, &contentInfo);
1435 if (ret != CRYPT_SUCCESS) {
1436 BSL_ERR_PUSH_ERROR(ret);
1437 return ret;
1438 }
1439 uint8_t version = 0;
1440 BSL_ASN1_Buffer asn1[HITLS_P7_ENCRYPTDATA_MAX_IDX] = {
1441 {BSL_ASN1_TAG_INTEGER, sizeof(version), &version},
1442 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, contentInfo.dataLen, contentInfo.data},
1443 {0, 0, 0},
1444 };
1445 BSL_ASN1_Template templ = {g_encryptedDataTempl, sizeof(g_encryptedDataTempl) / sizeof(g_encryptedDataTempl[0])};
1446 BSL_Buffer tmp = {0};
1447 ret = BSL_ASN1_EncodeTemplate(&templ, asn1, HITLS_P7_ENCRYPTDATA_MAX_IDX, &tmp.data, &tmp.dataLen);
1448 BSL_SAL_FREE(contentInfo.data);
1449 if (ret != BSL_SUCCESS) {
1450 BSL_ERR_PUSH_ERROR(ret);
1451 return ret;
1452 }
1453 encode->data = tmp.data;
1454 encode->dataLen = tmp.dataLen;
1455 return ret;
1456 }
1457 #endif // HITLS_PKI_PKCS12_GEN
1458
1459 #endif // HITLS_PKI_PKCS12
1460
1461 #endif // HITLS_CRYPTO_CODECSKEY
1462