1 /*
2 * This file is part of the openHiTLS project.
3 *
4 * openHiTLS is licensed under the Mulan PSL v2.
5 * You can use this software according to the terms and conditions of the Mulan PSL v2.
6 * You may obtain a copy of Mulan PSL v2 at:
7 *
8 * http://license.coscl.org.cn/MulanPSL2
9 *
10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13 * See the Mulan PSL v2 for more details.
14 */
15
16 #include "hitls_build.h"
17 #ifdef HITLS_CRYPTO_CODECSKEY
18 #include <stdint.h>
19 #include "securec.h"
20 #include "bsl_types.h"
21 #include "bsl_asn1.h"
22 #include "bsl_obj_internal.h"
23 #include "bsl_err_internal.h"
24 #include "crypt_params_key.h"
25 #include "crypt_errno.h"
26 #include "crypt_encode_decode_key.h"
27 #include "crypt_encode_decode_local.h"
28 #include "crypt_eal_kdf.h"
29 #include "crypt_eal_cipher.h"
30 #include "crypt_eal_rand.h"
31
32 #ifdef HITLS_CRYPTO_RSA
33 /**
34 * RSAPrivateKey ::= SEQUENCE {
35 * version Version,
36 * modulus INTEGER, -- n
37 * publicExponent INTEGER, -- e
38 * privateExponent INTEGER, -- d
39 * prime1 INTEGER, -- p
40 * prime2 INTEGER, -- q
41 * exponent1 INTEGER, -- d mod (p-1)
42 * exponent2 INTEGER, -- d mod (q-1)
43 * coefficient INTEGER, -- (inverse of q) mod p
44 * otherPrimeInfos OtherPrimeInfos OPTIONAL
45 * }
46 *
47 * https://datatracker.ietf.org/doc/html/rfc3447#autoid-39
48 */
49
50 static BSL_ASN1_TemplateItem g_rsaPrvTempl[] = {
51 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 0}, /* ignore seq header */
52 {BSL_ASN1_TAG_INTEGER, 0, 1}, /* version */
53 {BSL_ASN1_TAG_INTEGER, 0, 1}, /* n */
54 {BSL_ASN1_TAG_INTEGER, 0, 1}, /* e */
55 {BSL_ASN1_TAG_INTEGER, 0, 1}, /* d */
56 {BSL_ASN1_TAG_INTEGER, 0, 1}, /* p */
57 {BSL_ASN1_TAG_INTEGER, 0, 1}, /* q */
58 {BSL_ASN1_TAG_INTEGER, 0, 1}, /* d mod (p-1) */
59 {BSL_ASN1_TAG_INTEGER, 0, 1}, /* d mod (q-1) */
60 {BSL_ASN1_TAG_INTEGER, 0, 1}, /* q^-1 mod p */
61 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE,
62 BSL_ASN1_FLAG_OPTIONAL | BSL_ASN1_FLAG_HEADERONLY | BSL_ASN1_FLAG_SAME, 1}, /* OtherPrimeInfos OPTIONAL */
63 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 2}, /* OtherPrimeInfo */
64 {BSL_ASN1_TAG_INTEGER, 0, 3}, /* ri */
65 {BSL_ASN1_TAG_INTEGER, 0, 3}, /* di */
66 {BSL_ASN1_TAG_INTEGER, 0, 3} /* ti */
67 };
68
69 /**
70 * RSAPublicKey ::= SEQUENCE {
71 * modulus INTEGER, -- n
72 * publicExponent INTEGER } -- e
73 *
74 * https://datatracker.ietf.org/doc/html/rfc4055#autoid-3
75 */
76 static BSL_ASN1_TemplateItem g_rsaPubTempl[] = {
77 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 0}, /* ignore seq */
78 {BSL_ASN1_TAG_INTEGER, 0, 1}, /* n */
79 {BSL_ASN1_TAG_INTEGER, 0, 1}, /* e */
80 };
81
82 #ifdef HITLS_CRYPTO_KEY_DECODE
83 /**
84 * ref: rfc4055
85 * RSASSA-PSS-params ::= SEQUENCE {
86 * hashAlgorithm [0] HashAlgorithm DEFAULT sha1Identifier,
87 * maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT mgf1SHA1Identifier,
88 * saltLength [2] INTEGER DEFAULT 20,
89 * trailerField [3] INTEGER DEFAULT 1
90 * }
91 * HashAlgorithm ::= AlgorithmIdentifier
92 * MaskGenAlgorithm ::= AlgorithmIdentifier
93 */
94 static BSL_ASN1_TemplateItem g_rsaPssTempl[] = {
95 {BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED | CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_HASH,
96 BSL_ASN1_FLAG_DEFAULT, 0},
97 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 1},
98 {BSL_ASN1_TAG_OBJECT_ID, 0, 2},
99 {BSL_ASN1_TAG_ANY, BSL_ASN1_FLAG_OPTIONAL, 2},
100 {BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED | CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_MASKGEN,
101 BSL_ASN1_FLAG_DEFAULT, 0},
102 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 1},
103 {BSL_ASN1_TAG_OBJECT_ID, 0, 2},
104 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 2},
105 {BSL_ASN1_TAG_OBJECT_ID, 0, 3},
106 {BSL_ASN1_TAG_ANY, BSL_ASN1_FLAG_OPTIONAL, 3},
107 {BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED | CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_SALTLEN,
108 BSL_ASN1_FLAG_DEFAULT, 0},
109 {BSL_ASN1_TAG_INTEGER, 0, 1},
110 {BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED | CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_TRAILED,
111 BSL_ASN1_FLAG_DEFAULT, 0},
112 {BSL_ASN1_TAG_INTEGER, 0, 1}
113 };
114
115 typedef enum {
116 CRYPT_RSAPSS_HASH_IDX,
117 CRYPT_RSAPSS_HASHANY_IDX,
118 CRYPT_RSAPSS_MGF1_IDX,
119 CRYPT_RSAPSS_MGF1PARAM_IDX,
120 CRYPT_RSAPSS_MGF1PARAMANY_IDX,
121 CRYPT_RSAPSS_SALTLEN_IDX,
122 CRYPT_RSAPSS_TRAILED_IDX,
123 CRYPT_RSAPSS_MAX
124 } CRYPT_RSAPSS_IDX;
125 #endif // HITLS_CRYPTO_KEY_DECODE
126
127 #endif
128
129 #if defined(HITLS_CRYPTO_ECDSA) || defined(HITLS_CRYPTO_SM2)
130 /**
131 * ECPrivateKey ::= SEQUENCE {
132 * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
133 * privateKey OCTET STRING,
134 * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
135 * publicKey [1] BIT STRING OPTIONAL
136 * }
137 *
138 * https://datatracker.ietf.org/doc/html/rfc5915#autoid-3
139 */
140
141 #define BSL_ASN1_TAG_EC_PRIKEY_PARAM 0
142 #define BSL_ASN1_TAG_EC_PRIKEY_PUBKEY 1
143
144 static BSL_ASN1_TemplateItem g_ecPriKeyTempl[] = {
145 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 0}, // ignore seq header
146 {BSL_ASN1_TAG_INTEGER, 0, 1}, /* version */
147 {BSL_ASN1_TAG_OCTETSTRING, 0, 1}, /* private key */
148 {BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_EC_PRIKEY_PARAM,
149 BSL_ASN1_FLAG_OPTIONAL, 1},
150 {BSL_ASN1_TAG_OBJECT_ID, 0, 2},
151 {BSL_ASN1_CLASS_CTX_SPECIFIC | BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_EC_PRIKEY_PUBKEY,
152 BSL_ASN1_FLAG_OPTIONAL, 1},
153 {BSL_ASN1_TAG_BITSTRING, 0, 2},
154 };
155 #endif
156
157 /**
158 * PrivateKeyInfo ::= SEQUENCE {
159 * version INTEGER,
160 * privateKeyAlgorithm AlgorithmIdentifier,
161 * privateKey OCTET STRING,
162 * attributes [0] IMPLICIT Attributes OPTIONAL }
163 *
164 * https://datatracker.ietf.org/doc/html/rfc5208#autoid-5
165 */
166 static BSL_ASN1_TemplateItem g_pk8PriKeyTempl[] = {
167 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 0}, // ignore seq header
168 {BSL_ASN1_TAG_INTEGER, 0, 1},
169 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, BSL_ASN1_FLAG_HEADERONLY, 1},
170 {BSL_ASN1_TAG_OCTETSTRING, 0, 1},
171 };
172
173 typedef enum {
174 CRYPT_PK8_PRIKEY_VERSION_IDX = 0,
175 CRYPT_PK8_PRIKEY_ALGID_IDX = 1,
176 CRYPT_PK8_PRIKEY_PRIKEY_IDX = 2,
177 } CRYPT_PK8_PRIKEY_TEMPL_IDX;
178
179 #ifdef HITLS_CRYPTO_KEY_EPKI
180 #ifdef HITLS_CRYPTO_KEY_DECODE
181 /**
182 * EncryptedPrivateKeyInfo ::= SEQUENCE {
183 * encryptionAlgorithm EncryptionAlgorithmIdentifier,
184 * encryptedData EncryptedData }
185 *
186 * https://datatracker.ietf.org/doc/html/rfc5208#autoid-6
187 */
188 static BSL_ASN1_TemplateItem g_pk8EncPriKeyTempl[] = {
189 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 0},
190 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 1}, // EncryptionAlgorithmIdentifier
191 {BSL_ASN1_TAG_OBJECT_ID, 0, 2},
192 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 2},
193 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, BSL_ASN1_FLAG_HEADERONLY, 3}, // derivation param
194 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 3}, // enc scheme
195 {BSL_ASN1_TAG_OBJECT_ID, 0, 4}, // alg
196 {BSL_ASN1_TAG_OCTETSTRING, 0, 4}, // iv
197 {BSL_ASN1_TAG_OCTETSTRING, 0, 1}, // EncryptedData
198 };
199 #endif
200
201 static BSL_ASN1_TemplateItem g_pbkdf2DerParamTempl[] = {
202 {BSL_ASN1_TAG_OBJECT_ID, 0, 0}, // derive alg
203 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 0},
204 {BSL_ASN1_TAG_OCTETSTRING, 0, 1}, // salt
205 {BSL_ASN1_TAG_INTEGER, 0, 1}, // iteration
206 {BSL_ASN1_TAG_INTEGER, BSL_ASN1_FLAG_OPTIONAL, 1}, // keyLen
207 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, BSL_ASN1_FLAG_DEFAULT | BSL_ASN1_FLAG_HEADERONLY, 1}, // prf
208 };
209 #endif // HITLS_CRYPTO_KEY_EPKI
210 /**
211 * SubjectPublicKeyInfo ::= SEQUENCE {
212 * algorithm AlgorithmIdentifier,
213 * subjectPublicKey BIT STRING
214 * }
215 *
216 * https://datatracker.ietf.org/doc/html/rfc5480#autoid-3
217 */
218 static BSL_ASN1_TemplateItem g_subKeyInfoTempl[] = {
219 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, 0, 0},
220 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, BSL_ASN1_FLAG_HEADERONLY, 1},
221 {BSL_ASN1_TAG_BITSTRING, 0, 1},
222 };
223
224 static BSL_ASN1_TemplateItem g_subKeyInfoInnerTempl[] = {
225 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, BSL_ASN1_FLAG_HEADERONLY, 0},
226 {BSL_ASN1_TAG_BITSTRING, 0, 0},
227 };
228
229 /**
230 * AlgorithmIdentifier ::= SEQUENCE {
231 * algorithm OBJECT IDENTIFIER,
232 * parameters ANY DEFINED BY algorithm OPTIONAL }
233 *
234 * https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.1.2
235 */
236 static BSL_ASN1_TemplateItem g_algoIdTempl[] = {
237 {BSL_ASN1_TAG_OBJECT_ID, 0, 0},
238 {BSL_ASN1_TAG_ANY, BSL_ASN1_FLAG_OPTIONAL, 0},
239 };
240
241 #ifdef HITLS_CRYPTO_KEY_EPKI
242 typedef enum {
243 CRYPT_PKCS_ENC_DERALG_IDX,
244 CRYPT_PKCS_ENC_DERSALT_IDX,
245 CRYPT_PKCS_ENC_DERITER_IDX,
246 CRYPT_PKCS_ENC_DERKEYLEN_IDX,
247 CRYPT_PKCS_ENC_DERPRF_IDX,
248 CRYPT_PKCS_ENC_DERPARAM_MAX
249 } CRYPT_PKCS_ENC_DERIVEPARAM_IDX;
250
CRYPT_ENCODE_DECODE_DecryptEncData(CRYPT_EAL_LibCtx * libctx,const char * attrName,BSL_Buffer * ivData,BSL_Buffer * enData,int32_t alg,bool isEnc,BSL_Buffer * key,uint8_t * output,uint32_t * dataLen)251 static int32_t CRYPT_ENCODE_DECODE_DecryptEncData(CRYPT_EAL_LibCtx *libctx, const char *attrName, BSL_Buffer *ivData,
252 BSL_Buffer *enData, int32_t alg, bool isEnc, BSL_Buffer *key, uint8_t *output, uint32_t *dataLen)
253 {
254 uint32_t buffLen = *dataLen;
255 CRYPT_EAL_CipherCtx *ctx = CRYPT_EAL_ProviderCipherNewCtx(libctx, alg, attrName);
256 if (ctx == NULL) {
257 BSL_ERR_PUSH_ERROR(BSL_MALLOC_FAIL);
258 return BSL_MALLOC_FAIL;
259 }
260
261 int32_t ret = CRYPT_EAL_CipherInit(ctx, key->data, key->dataLen, ivData->data, ivData->dataLen, isEnc);
262 if (ret != CRYPT_SUCCESS) {
263 BSL_ERR_PUSH_ERROR(ret);
264 goto EXIT;
265 }
266 uint32_t blockSize;
267 ret = CRYPT_EAL_CipherCtrl(ctx, CRYPT_CTRL_GET_BLOCKSIZE, &blockSize, sizeof(blockSize));
268 if (ret != CRYPT_SUCCESS) {
269 BSL_ERR_PUSH_ERROR(ret);
270 goto EXIT;
271 }
272 if (blockSize != 1) {
273 ret = CRYPT_EAL_CipherSetPadding(ctx, CRYPT_PADDING_PKCS7);
274 if (ret != CRYPT_SUCCESS) {
275 BSL_ERR_PUSH_ERROR(ret);
276 goto EXIT;
277 }
278 }
279 ret = CRYPT_EAL_CipherUpdate(ctx, enData->data, enData->dataLen, output, dataLen);
280 if (ret != CRYPT_SUCCESS) {
281 BSL_ERR_PUSH_ERROR(ret);
282 goto EXIT;
283 }
284 buffLen -= *dataLen;
285 ret = CRYPT_EAL_CipherFinal(ctx, output + *dataLen, &buffLen);
286 if (ret != CRYPT_SUCCESS) {
287 BSL_ERR_PUSH_ERROR(ret);
288 goto EXIT;
289 }
290 *dataLen += buffLen;
291 EXIT:
292 CRYPT_EAL_CipherFreeCtx(ctx);
293 return ret;
294 }
295
PbkdfDeriveKey(CRYPT_EAL_LibCtx * libctx,const char * attrName,uint32_t iter,int32_t prfId,BSL_Buffer * salt,const uint8_t * pwd,uint32_t pwdLen,BSL_Buffer * key)296 static int32_t PbkdfDeriveKey(CRYPT_EAL_LibCtx *libctx, const char *attrName, uint32_t iter, int32_t prfId,
297 BSL_Buffer *salt, const uint8_t *pwd, uint32_t pwdLen, BSL_Buffer *key)
298 {
299 CRYPT_EAL_KdfCTX *kdfCtx = CRYPT_EAL_ProviderKdfNewCtx(libctx, CRYPT_KDF_PBKDF2, attrName);
300 if (kdfCtx == NULL) {
301 BSL_ERR_PUSH_ERROR(CRYPT_PBKDF2_NOT_SUPPORTED);
302 return CRYPT_PBKDF2_NOT_SUPPORTED;
303 }
304
305 BSL_Param params[5] = {{0}, {0}, {0}, {0}, BSL_PARAM_END};
306 (void)BSL_PARAM_InitValue(¶ms[0], CRYPT_PARAM_KDF_MAC_ID, BSL_PARAM_TYPE_UINT32, &prfId, sizeof(prfId));
307 (void)BSL_PARAM_InitValue(¶ms[1], CRYPT_PARAM_KDF_PASSWORD, BSL_PARAM_TYPE_OCTETS,
308 (uint8_t *)(uintptr_t)pwd, pwdLen); // Fixed pwd parameter
309 (void)BSL_PARAM_InitValue(¶ms[2], CRYPT_PARAM_KDF_SALT, BSL_PARAM_TYPE_OCTETS, salt->data, salt->dataLen);
310 (void)BSL_PARAM_InitValue(¶ms[3], CRYPT_PARAM_KDF_ITER, BSL_PARAM_TYPE_UINT32, &iter, sizeof(iter));
311 int32_t ret = CRYPT_EAL_KdfSetParam(kdfCtx, params);
312 if (ret != CRYPT_SUCCESS) {
313 BSL_ERR_PUSH_ERROR(ret);
314 goto EXIT;
315 }
316 ret = CRYPT_EAL_KdfDerive(kdfCtx, key->data, key->dataLen);
317 EXIT:
318 CRYPT_EAL_KdfFreeCtx(kdfCtx);
319 return ret;
320 }
321 #endif // HITLS_CRYPTO_EPKI
322 #ifdef HITLS_CRYPTO_KEY_DECODE
323
324 #if defined(HITLS_CRYPTO_ECDSA) || defined(HITLS_CRYPTO_SM2)
CRYPT_DECODE_PrikeyAsn1Buff(uint8_t * buffer,uint32_t bufferLen,BSL_ASN1_Buffer * asn1,uint32_t arrNum)325 int32_t CRYPT_DECODE_PrikeyAsn1Buff(uint8_t *buffer, uint32_t bufferLen, BSL_ASN1_Buffer *asn1, uint32_t arrNum)
326 {
327 uint8_t *tmpBuff = buffer;
328 uint32_t tmpBuffLen = bufferLen;
329 BSL_ASN1_Template templ = {g_ecPriKeyTempl, sizeof(g_ecPriKeyTempl) / sizeof(g_ecPriKeyTempl[0])};
330 int32_t ret = BSL_ASN1_DecodeTemplate(&templ, NULL, &tmpBuff, &tmpBuffLen, asn1, arrNum);
331 if (ret != CRYPT_SUCCESS) {
332 BSL_ERR_PUSH_ERROR(ret);
333 }
334 return ret;
335 }
336 #endif
337
338 #ifdef HITLS_CRYPTO_RSA
CRYPT_DECODE_RsaPubkeyAsn1Buff(uint8_t * buff,uint32_t buffLen,BSL_ASN1_Buffer * pubAsn1,uint32_t arrNum)339 int32_t CRYPT_DECODE_RsaPubkeyAsn1Buff(uint8_t *buff, uint32_t buffLen, BSL_ASN1_Buffer *pubAsn1, uint32_t arrNum)
340 {
341 if (buff == NULL || pubAsn1 == NULL) {
342 BSL_ERR_PUSH_ERROR(CRYPT_NULL_INPUT);
343 return CRYPT_NULL_INPUT;
344 }
345
346 uint8_t *tmpBuff = buff;
347 uint32_t tmpBuffLen = buffLen;
348
349 BSL_ASN1_Template pubTempl = {g_rsaPubTempl, sizeof(g_rsaPubTempl) / sizeof(g_rsaPubTempl[0])};
350 int32_t ret = BSL_ASN1_DecodeTemplate(&pubTempl, NULL, &tmpBuff, &tmpBuffLen, pubAsn1, arrNum);
351 if (ret != CRYPT_SUCCESS) {
352 BSL_ERR_PUSH_ERROR(ret);
353 }
354
355 return ret;
356 }
357
CRYPT_DECODE_RsaPrikeyAsn1Buff(uint8_t * buff,uint32_t buffLen,BSL_ASN1_Buffer * asn1,uint32_t asn1Num)358 int32_t CRYPT_DECODE_RsaPrikeyAsn1Buff(uint8_t *buff, uint32_t buffLen, BSL_ASN1_Buffer *asn1, uint32_t asn1Num)
359 {
360 uint8_t *tmpBuff = buff;
361 uint32_t tmpBuffLen = buffLen;
362
363 BSL_ASN1_Template templ = {g_rsaPrvTempl, sizeof(g_rsaPrvTempl) / sizeof(g_rsaPrvTempl[0])};
364 int32_t ret = BSL_ASN1_DecodeTemplate(&templ, NULL, &tmpBuff, &tmpBuffLen, asn1, asn1Num);
365 if (ret != CRYPT_SUCCESS) {
366 BSL_ERR_PUSH_ERROR(ret);
367 }
368 return ret;
369 }
370
RsaPssTagGetOrCheck(int32_t type,uint32_t idx,void * data,void * expVal)371 static int32_t RsaPssTagGetOrCheck(int32_t type, uint32_t idx, void *data, void *expVal)
372 {
373 (void) idx;
374 (void) data;
375 if (type == BSL_ASN1_TYPE_GET_ANY_TAG) {
376 *(uint8_t *) expVal = BSL_ASN1_TAG_NULL; // is null
377 return CRYPT_SUCCESS;
378 }
379 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_ERR_RSSPSS_GET_ANY_TAG);
380 return CRYPT_DECODE_ERR_RSSPSS_GET_ANY_TAG;
381 }
382
CRYPT_EAL_ParseRsaPssAlgParam(BSL_ASN1_Buffer * param,CRYPT_RSA_PssPara * para)383 int32_t CRYPT_EAL_ParseRsaPssAlgParam(BSL_ASN1_Buffer *param, CRYPT_RSA_PssPara *para)
384 {
385 para->mdId = (CRYPT_MD_AlgId)BSL_CID_SHA1; // hashAlgorithm [0] HashAlgorithm DEFAULT sha1Identifier,
386 para->mgfId = (CRYPT_MD_AlgId)BSL_CID_SHA1; // maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT mgf1SHA1Identifier,
387 para->saltLen = 20; // saltLength [2] INTEGER DEFAULT 20
388
389 uint8_t *temp = param->buff;
390 uint32_t tempLen = param->len;
391 BSL_ASN1_Buffer asns[CRYPT_RSAPSS_MAX] = {0};
392 BSL_ASN1_Template templ = {g_rsaPssTempl, sizeof(g_rsaPssTempl) / sizeof(g_rsaPssTempl[0])};
393 int32_t ret = BSL_ASN1_DecodeTemplate(&templ, RsaPssTagGetOrCheck, &temp, &tempLen, asns, CRYPT_RSAPSS_MAX);
394 if (ret != BSL_SUCCESS) {
395 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_ERR_RSSPSS);
396 return CRYPT_DECODE_ERR_RSSPSS;
397 }
398
399 if (asns[CRYPT_RSAPSS_HASH_IDX].tag != 0) {
400 BslOidString hashOid = {asns[CRYPT_RSAPSS_HASH_IDX].len, (char *)asns[CRYPT_RSAPSS_HASH_IDX].buff, 0};
401 para->mdId = (CRYPT_MD_AlgId)BSL_OBJ_GetCID(&hashOid);
402 if (para->mdId == (CRYPT_MD_AlgId)BSL_CID_UNKNOWN) {
403 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_ERR_RSSPSS_MD);
404 return CRYPT_DECODE_ERR_RSSPSS_MD;
405 }
406 }
407 if (asns[CRYPT_RSAPSS_MGF1PARAM_IDX].tag != 0) {
408 BslOidString mgf1 = {asns[CRYPT_RSAPSS_MGF1PARAM_IDX].len, (char *)asns[CRYPT_RSAPSS_MGF1PARAM_IDX].buff, 0};
409 para->mgfId = (CRYPT_MD_AlgId)BSL_OBJ_GetCID(&mgf1);
410 if (para->mgfId == (CRYPT_MD_AlgId)BSL_CID_UNKNOWN) {
411 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_ERR_RSSPSS_MGF1MD);
412 return CRYPT_DECODE_ERR_RSSPSS_MGF1MD;
413 }
414 }
415
416 if (asns[CRYPT_RSAPSS_SALTLEN_IDX].tag != 0) {
417 ret = BSL_ASN1_DecodePrimitiveItem(&asns[CRYPT_RSAPSS_SALTLEN_IDX], ¶->saltLen);
418 if (ret != BSL_SUCCESS) {
419 BSL_ERR_PUSH_ERROR(ret);
420 return ret;
421 }
422 }
423
424 if (asns[CRYPT_RSAPSS_TRAILED_IDX].tag != 0) {
425 // trailerField
426 ret = BSL_ASN1_DecodePrimitiveItem(&asns[CRYPT_RSAPSS_TRAILED_IDX], &tempLen);
427 if (ret != BSL_SUCCESS) {
428 BSL_ERR_PUSH_ERROR(ret);
429 return ret;
430 }
431 if (tempLen != 1) {
432 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_ERR_RSSPSS_TRAILER);
433 return CRYPT_DECODE_ERR_RSSPSS_TRAILER;
434 }
435 }
436 return ret;
437 }
438 #endif
439
DecSubKeyInfoCb(int32_t type,uint32_t idx,void * data,void * expVal)440 static int32_t DecSubKeyInfoCb(int32_t type, uint32_t idx, void *data, void *expVal)
441 {
442 (void)idx;
443 BSL_ASN1_Buffer *param = (BSL_ASN1_Buffer *)data;
444
445 switch (type) {
446 case BSL_ASN1_TYPE_GET_ANY_TAG: {
447 BslOidString oidStr = {param->len, (char *)param->buff, 0};
448 BslCid cid = BSL_OBJ_GetCID(&oidStr);
449 if (cid == BSL_CID_EC_PUBLICKEY || cid == BSL_CID_SM2PRIME256) {
450 // note: any It can be encoded empty or it can be null
451 *(uint8_t *)expVal = BSL_ASN1_TAG_OBJECT_ID;
452 } else if (cid == BSL_CID_RSASSAPSS) {
453 *(uint8_t *)expVal = BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE;
454 } else if (cid == BSL_CID_ED25519) {
455 /* RFC8410: Ed25519 has no algorithm parameters */
456 *(uint8_t *)expVal = BSL_ASN1_TAG_EMPTY; // is empty
457 } else {
458 *(uint8_t *)expVal = BSL_ASN1_TAG_NULL; // is null
459 }
460 return CRYPT_SUCCESS;
461 }
462 default:
463 break;
464 }
465 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_ASN1_BUFF_FAILED);
466 return CRYPT_DECODE_ASN1_BUFF_FAILED;
467 }
468
CRYPT_DECODE_ParseSubKeyInfo(uint8_t * buff,uint32_t buffLen,BSL_ASN1_Buffer * pubAsn1,bool isComplete)469 int32_t CRYPT_DECODE_ParseSubKeyInfo(uint8_t *buff, uint32_t buffLen, BSL_ASN1_Buffer *pubAsn1, bool isComplete)
470 {
471 uint8_t *tmpBuff = buff;
472 uint32_t tmpBuffLen = buffLen;
473 // decode sub pubkey info
474 BSL_ASN1_Template pubTempl;
475 if (isComplete) {
476 pubTempl.templItems = g_subKeyInfoTempl;
477 pubTempl.templNum = sizeof(g_subKeyInfoTempl) / sizeof(g_subKeyInfoTempl[0]);
478 } else {
479 pubTempl.templItems = g_subKeyInfoInnerTempl;
480 pubTempl.templNum = sizeof(g_subKeyInfoInnerTempl) / sizeof(g_subKeyInfoInnerTempl[0]);
481 }
482 int32_t ret = BSL_ASN1_DecodeTemplate(&pubTempl, DecSubKeyInfoCb, &tmpBuff, &tmpBuffLen, pubAsn1,
483 CRYPT_SUBKEYINFO_BITSTRING_IDX + 1);
484 if (ret != CRYPT_SUCCESS) {
485 BSL_ERR_PUSH_ERROR(ret);
486 }
487 return ret;
488 }
489
CRYPT_DECODE_AlgoIdAsn1Buff(uint8_t * buff,uint32_t buffLen,BSL_ASN1_DecTemplCallBack keyInfoCb,BSL_ASN1_Buffer * algoId,uint32_t algoIdNum)490 int32_t CRYPT_DECODE_AlgoIdAsn1Buff(uint8_t *buff, uint32_t buffLen, BSL_ASN1_DecTemplCallBack keyInfoCb,
491 BSL_ASN1_Buffer *algoId, uint32_t algoIdNum)
492 {
493 uint8_t *tmpBuff = buff;
494 uint32_t tmpBuffLen = buffLen;
495 BSL_ASN1_DecTemplCallBack cb = keyInfoCb == NULL ? DecSubKeyInfoCb : keyInfoCb;
496 BSL_ASN1_Template templ = {g_algoIdTempl, sizeof(g_algoIdTempl) / sizeof(g_algoIdTempl[0])};
497 return BSL_ASN1_DecodeTemplate(&templ, cb, &tmpBuff, &tmpBuffLen, algoId, algoIdNum);
498 }
499
CRYPT_DECODE_SubPubkey(uint8_t * buff,uint32_t buffLen,BSL_ASN1_DecTemplCallBack keyInfoCb,CRYPT_DECODE_SubPubkeyInfo * subPubkeyInfo,bool isComplete)500 int32_t CRYPT_DECODE_SubPubkey(uint8_t *buff, uint32_t buffLen, BSL_ASN1_DecTemplCallBack keyInfoCb,
501 CRYPT_DECODE_SubPubkeyInfo *subPubkeyInfo, bool isComplete)
502 {
503 if (buff == NULL || subPubkeyInfo == NULL) {
504 BSL_ERR_PUSH_ERROR(CRYPT_NULL_INPUT);
505 return CRYPT_NULL_INPUT;
506 }
507 BSL_ASN1_Buffer pubAsn1[CRYPT_SUBKEYINFO_BITSTRING_IDX + 1] = {0};
508 BSL_ASN1_BitString bitPubkey = {0};
509 BSL_ASN1_Buffer algoId[BSL_ASN1_TAG_ALGOID_ANY_IDX + 1] = {0};
510 int32_t ret = CRYPT_DECODE_ParseSubKeyInfo(buff, buffLen, pubAsn1, isComplete);
511 if (ret != CRYPT_SUCCESS) {
512 BSL_ERR_PUSH_ERROR(ret);
513 return ret;
514 }
515 ret = CRYPT_DECODE_AlgoIdAsn1Buff(pubAsn1->buff, pubAsn1->len, keyInfoCb, algoId, BSL_ASN1_TAG_ALGOID_ANY_IDX + 1);
516 if (ret != CRYPT_SUCCESS) {
517 BSL_ERR_PUSH_ERROR(ret);
518 return ret;
519 }
520 BSL_ASN1_Buffer *oid = algoId;
521 BSL_ASN1_Buffer *pubkey = &pubAsn1[CRYPT_SUBKEYINFO_BITSTRING_IDX];
522 ret = BSL_ASN1_DecodePrimitiveItem(pubkey, &bitPubkey);
523 if (ret != CRYPT_SUCCESS) {
524 BSL_ERR_PUSH_ERROR(ret);
525 return ret;
526 }
527 BslOidString oidStr = {oid->len, (char *)oid->buff, 0};
528 BslCid cid = BSL_OBJ_GetCID(&oidStr);
529 if (cid == BSL_CID_UNKNOWN) {
530 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_UNKNOWN_OID);
531 return CRYPT_DECODE_UNKNOWN_OID;
532 }
533 subPubkeyInfo->keyType = cid;
534 subPubkeyInfo->keyParam = *(algoId + 1);
535 subPubkeyInfo->pubKey = bitPubkey;
536 return CRYPT_SUCCESS;
537 }
538
ParsePk8PriParamAsn1(BSL_ASN1_Buffer * encode,BSL_ASN1_DecTemplCallBack keyInfoCb,BslCid * keyType,BSL_ASN1_Buffer * keyParam)539 static int32_t ParsePk8PriParamAsn1(BSL_ASN1_Buffer *encode, BSL_ASN1_DecTemplCallBack keyInfoCb, BslCid *keyType,
540 BSL_ASN1_Buffer *keyParam)
541 {
542 BSL_ASN1_Buffer *algo = &encode[CRYPT_PK8_PRIKEY_ALGID_IDX]; // AlgorithmIdentifier
543 BSL_ASN1_Buffer algoId[BSL_ASN1_TAG_ALGOID_ANY_IDX + 1] = {0};
544 int32_t ret = CRYPT_DECODE_AlgoIdAsn1Buff(algo->buff, algo->len, keyInfoCb,
545 algoId, BSL_ASN1_TAG_ALGOID_ANY_IDX + 1);
546 if (ret != CRYPT_SUCCESS) {
547 return ret;
548 }
549 BslOidString oidStr = {algoId[0].len, (char *)algoId[0].buff, 0};
550 BslCid cid = BSL_OBJ_GetCID(&oidStr);
551 if (cid == BSL_CID_UNKNOWN) {
552 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_UNKNOWN_OID);
553 return CRYPT_DECODE_UNKNOWN_OID;
554 }
555
556 *keyType = cid;
557 *keyParam = *(algoId + 1);
558
559 return CRYPT_SUCCESS;
560 }
561
CRYPT_DECODE_Pkcs8Info(uint8_t * buff,uint32_t buffLen,BSL_ASN1_DecTemplCallBack keyInfoCb,CRYPT_ENCODE_DECODE_Pk8PrikeyInfo * pk8PrikeyInfo)562 int32_t CRYPT_DECODE_Pkcs8Info(uint8_t *buff, uint32_t buffLen, BSL_ASN1_DecTemplCallBack keyInfoCb,
563 CRYPT_ENCODE_DECODE_Pk8PrikeyInfo *pk8PrikeyInfo)
564 {
565 if (buff == NULL || buffLen == 0 || pk8PrikeyInfo == NULL) {
566 BSL_ERR_PUSH_ERROR(CRYPT_NULL_INPUT);
567 return CRYPT_NULL_INPUT;
568 }
569 uint8_t *tmpBuff = buff;
570 uint32_t tmpBuffLen = buffLen;
571 int32_t version = 0;
572 BslCid keyType = BSL_CID_UNKNOWN;
573 BSL_ASN1_Buffer keyParam = {0};
574 BSL_ASN1_Buffer asn1[CRYPT_PK8_PRIKEY_PRIKEY_IDX + 1] = {0};
575 BSL_ASN1_Template templ = {g_pk8PriKeyTempl, sizeof(g_pk8PriKeyTempl) / sizeof(g_pk8PriKeyTempl[0])};
576 int32_t ret = BSL_ASN1_DecodeTemplate(&templ, NULL, &tmpBuff, &tmpBuffLen, asn1, CRYPT_PK8_PRIKEY_PRIKEY_IDX + 1);
577 if (ret != CRYPT_SUCCESS) {
578 BSL_ERR_PUSH_ERROR(ret);
579 return ret;
580 }
581 ret = BSL_ASN1_DecodePrimitiveItem(&asn1[CRYPT_PK8_PRIKEY_VERSION_IDX], &version);
582 if (ret != CRYPT_SUCCESS) {
583 BSL_ERR_PUSH_ERROR(ret);
584 return ret;
585 }
586 BSL_ASN1_Buffer octPriKey = asn1[CRYPT_PK8_PRIKEY_PRIKEY_IDX];
587 ret = ParsePk8PriParamAsn1(asn1, keyInfoCb, &keyType, &keyParam);
588 if (ret != CRYPT_SUCCESS) {
589 BSL_ERR_PUSH_ERROR(ret);
590 return ret;
591 }
592 pk8PrikeyInfo->version = version;
593 pk8PrikeyInfo->keyType = keyType;
594 pk8PrikeyInfo->pkeyRawKey = octPriKey.buff;
595 pk8PrikeyInfo->pkeyRawKeyLen = octPriKey.len;
596 pk8PrikeyInfo->keyParam = keyParam;
597 pk8PrikeyInfo->attrs = NULL;
598
599 return CRYPT_SUCCESS;
600 }
601
602 #ifdef HITLS_CRYPTO_KEY_EPKI
ParseDeriveKeyPrfAlgId(BSL_ASN1_Buffer * asn,int32_t * prfId,BSL_ASN1_DecTemplCallBack keyInfoCb)603 static int32_t ParseDeriveKeyPrfAlgId(BSL_ASN1_Buffer *asn, int32_t *prfId, BSL_ASN1_DecTemplCallBack keyInfoCb)
604 {
605 if (asn->len != 0) {
606 BSL_ASN1_Buffer algoId[2] = {0};
607 int32_t ret = CRYPT_DECODE_AlgoIdAsn1Buff(asn->buff, asn->len, keyInfoCb, algoId, 2);
608 if (ret != CRYPT_SUCCESS) {
609 BSL_ERR_PUSH_ERROR(ret);
610 return ret;
611 }
612 BslOidString oidStr = {algoId[BSL_ASN1_TAG_ALGOID_IDX].len,
613 (char *)algoId[BSL_ASN1_TAG_ALGOID_IDX].buff, 0};
614 *prfId = BSL_OBJ_GetCID(&oidStr);
615 if (*prfId == BSL_CID_UNKNOWN) {
616 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_PKCS8_INVALID_ALGO_PARAM);
617 return CRYPT_DECODE_PKCS8_INVALID_ALGO_PARAM;
618 }
619 } else {
620 *prfId = BSL_CID_HMAC_SHA1;
621 }
622 return CRYPT_SUCCESS;
623 }
624
ParseDeriveKeyParam(BSL_Buffer * derivekeyData,uint32_t * iter,uint32_t * keyLen,BSL_Buffer * salt,int32_t * prfId,BSL_ASN1_DecTemplCallBack keyInfoCb)625 static int32_t ParseDeriveKeyParam(BSL_Buffer *derivekeyData, uint32_t *iter, uint32_t *keyLen, BSL_Buffer *salt,
626 int32_t *prfId, BSL_ASN1_DecTemplCallBack keyInfoCb)
627 {
628 uint8_t *tmpBuff = derivekeyData->data;
629 uint32_t tmpBuffLen = derivekeyData->dataLen;
630 BSL_ASN1_Buffer derParam[CRYPT_PKCS_ENC_DERPARAM_MAX] = {0};
631 BSL_ASN1_Template templ = {g_pbkdf2DerParamTempl, sizeof(g_pbkdf2DerParamTempl) / sizeof(g_pbkdf2DerParamTempl[0])};
632 int32_t ret = BSL_ASN1_DecodeTemplate(&templ, NULL,
633 &tmpBuff, &tmpBuffLen, derParam, CRYPT_PKCS_ENC_DERPARAM_MAX);
634 if (ret != CRYPT_SUCCESS) {
635 BSL_ERR_PUSH_ERROR(ret);
636 return ret;
637 }
638 BslOidString oidStr = {derParam[CRYPT_PKCS_ENC_DERALG_IDX].len,
639 (char *)derParam[CRYPT_PKCS_ENC_DERALG_IDX].buff, 0};
640 BslCid cid = BSL_OBJ_GetCID(&oidStr);
641 if (cid != BSL_CID_PBKDF2) { // only pbkdf2 is supported
642 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_PKCS8_INVALID_ALGO_PARAM);
643 return CRYPT_DECODE_PKCS8_INVALID_ALGO_PARAM;
644 }
645 ret = BSL_ASN1_DecodePrimitiveItem(&derParam[CRYPT_PKCS_ENC_DERITER_IDX], iter);
646 if (ret != BSL_SUCCESS) {
647 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_PKCS8_INVALID_ITER);
648 return CRYPT_DECODE_PKCS8_INVALID_ITER;
649 }
650 if (derParam[CRYPT_PKCS_ENC_DERKEYLEN_IDX].len != 0) {
651 ret = BSL_ASN1_DecodePrimitiveItem(&derParam[CRYPT_PKCS_ENC_DERKEYLEN_IDX], keyLen);
652 if (ret != BSL_SUCCESS) {
653 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_PKCS8_INVALID_KEYLEN);
654 return CRYPT_DECODE_PKCS8_INVALID_KEYLEN;
655 }
656 }
657 salt->data = derParam[CRYPT_PKCS_ENC_DERSALT_IDX].buff;
658 salt->dataLen = derParam[CRYPT_PKCS_ENC_DERSALT_IDX].len;
659 return ParseDeriveKeyPrfAlgId(&derParam[CRYPT_PKCS_ENC_DERPRF_IDX], prfId, keyInfoCb);
660 }
661
CRYPT_DECODE_ParseEncDataAsn1(CRYPT_EAL_LibCtx * libctx,const char * attrName,BslCid symAlg,EncryptPara * encPara,const BSL_Buffer * pwd,BSL_ASN1_DecTemplCallBack keyInfoCb,BSL_Buffer * decode)662 int32_t CRYPT_DECODE_ParseEncDataAsn1(CRYPT_EAL_LibCtx *libctx, const char *attrName, BslCid symAlg,
663 EncryptPara *encPara, const BSL_Buffer *pwd, BSL_ASN1_DecTemplCallBack keyInfoCb, BSL_Buffer *decode)
664 {
665 uint32_t iter;
666 int32_t prfId;
667 uint32_t keylen = 0;
668 uint8_t key[512] = {0}; // The maximum length of the symmetry algorithm
669 BSL_Buffer salt = {0};
670 int32_t ret = ParseDeriveKeyParam(encPara->derivekeyData, &iter, &keylen, &salt, &prfId, keyInfoCb);
671 if (ret != CRYPT_SUCCESS) {
672 BSL_ERR_PUSH_ERROR(ret);
673 return ret;
674 }
675
676 uint32_t symKeyLen;
677 ret = CRYPT_EAL_CipherGetInfo((CRYPT_CIPHER_AlgId)symAlg, CRYPT_INFO_KEY_LEN, &symKeyLen);
678 if (ret != CRYPT_SUCCESS) {
679 BSL_ERR_PUSH_ERROR(ret);
680 return ret;
681 }
682 if (keylen != 0 && symKeyLen != keylen) {
683 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_PKCS8_INVALID_KEYLEN);
684 return CRYPT_DECODE_PKCS8_INVALID_KEYLEN;
685 }
686 BSL_Buffer keyBuff = {key, symKeyLen};
687
688 ret = PbkdfDeriveKey(libctx, attrName, iter, prfId, &salt, pwd->data, pwd->dataLen, &keyBuff);
689 if (ret != CRYPT_SUCCESS) {
690 BSL_ERR_PUSH_ERROR(ret);
691 return ret;
692 }
693
694 if (encPara->enData->dataLen != 0) {
695 uint8_t *output = BSL_SAL_Malloc(encPara->enData->dataLen);
696 if (output == NULL) {
697 (void)memset_s(key, sizeof(key), 0, sizeof(key));
698 BSL_ERR_PUSH_ERROR(BSL_MALLOC_FAIL);
699 return BSL_MALLOC_FAIL;
700 }
701 uint32_t dataLen = encPara->enData->dataLen;
702 ret = CRYPT_ENCODE_DECODE_DecryptEncData(libctx, attrName, encPara->ivData, encPara->enData, symAlg, false,
703 &keyBuff, output, &dataLen);
704 if (ret != CRYPT_SUCCESS) {
705 (void)memset_s(key, sizeof(key), 0, sizeof(key));
706 BSL_SAL_Free(output);
707 BSL_ERR_PUSH_ERROR(ret);
708 return ret;
709 }
710 decode->data = output;
711 decode->dataLen = dataLen;
712 }
713 (void)memset_s(key, sizeof(key), 0, sizeof(key));
714 return CRYPT_SUCCESS;
715 }
716
CRYPT_DECODE_Pkcs8PrvDecrypt(CRYPT_EAL_LibCtx * libctx,const char * attrName,BSL_Buffer * buff,const BSL_Buffer * pwd,BSL_ASN1_DecTemplCallBack keyInfoCb,BSL_Buffer * decode)717 int32_t CRYPT_DECODE_Pkcs8PrvDecrypt(CRYPT_EAL_LibCtx *libctx, const char *attrName, BSL_Buffer *buff,
718 const BSL_Buffer *pwd, BSL_ASN1_DecTemplCallBack keyInfoCb, BSL_Buffer *decode)
719 {
720 if (buff == NULL || buff->dataLen == 0 || pwd == NULL || decode == NULL) {
721 BSL_ERR_PUSH_ERROR(CRYPT_NULL_INPUT);
722 return CRYPT_NULL_INPUT;
723 }
724 if (pwd->dataLen > PWD_MAX_LEN || (pwd->data == NULL && pwd->dataLen != 0)) {
725 BSL_ERR_PUSH_ERROR(CRYPT_INVALID_ARG);
726 return CRYPT_INVALID_ARG;
727 }
728 uint8_t *tmpBuff = buff->data;
729 uint32_t tmpBuffLen = buff->dataLen;
730
731 BSL_ASN1_Buffer asn1[CRYPT_PKCS_ENCPRIKEY_MAX] = {0};
732 BSL_ASN1_Template templ = {g_pk8EncPriKeyTempl, sizeof(g_pk8EncPriKeyTempl) / sizeof(g_pk8EncPriKeyTempl[0])};
733 int32_t ret = BSL_ASN1_DecodeTemplate(&templ, NULL, &tmpBuff, &tmpBuffLen, asn1, CRYPT_PKCS_ENCPRIKEY_MAX);
734 if (ret != CRYPT_SUCCESS) {
735 BSL_ERR_PUSH_ERROR(ret);
736 return ret;
737 }
738
739 BslOidString encOidStr = {asn1[CRYPT_PKCS_ENCPRIKEY_ENCALG_IDX].len,
740 (char *)asn1[CRYPT_PKCS_ENCPRIKEY_ENCALG_IDX].buff, 0};
741 BslCid cid = BSL_OBJ_GetCID(&encOidStr);
742 if (cid != BSL_CID_PBES2) {
743 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_UNKNOWN_OID);
744 return CRYPT_DECODE_UNKNOWN_OID;
745 }
746 // parse sym alg id
747 BslOidString symOidStr = {asn1[CRYPT_PKCS_ENCPRIKEY_SYMALG_IDX].len,
748 (char *)asn1[CRYPT_PKCS_ENCPRIKEY_SYMALG_IDX].buff, 0};
749 BslCid symId = BSL_OBJ_GetCID(&symOidStr);
750 if (symId == BSL_CID_UNKNOWN) {
751 BSL_ERR_PUSH_ERROR(CRYPT_DECODE_UNKNOWN_OID);
752 return CRYPT_DECODE_UNKNOWN_OID;
753 }
754
755 BSL_Buffer derivekeyData = {asn1[CRYPT_PKCS_ENCPRIKEY_DERPARAM_IDX].buff,
756 asn1[CRYPT_PKCS_ENCPRIKEY_DERPARAM_IDX].len};
757 BSL_Buffer ivData = {asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].buff, asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].len};
758 BSL_Buffer enData = {asn1[CRYPT_PKCS_ENCPRIKEY_ENCDATA_IDX].buff, asn1[CRYPT_PKCS_ENCPRIKEY_ENCDATA_IDX].len};
759 EncryptPara encPara = {
760 .derivekeyData = &derivekeyData,
761 .ivData = &ivData,
762 .enData = &enData,
763 };
764 ret = CRYPT_DECODE_ParseEncDataAsn1(libctx, attrName, symId, &encPara, pwd, keyInfoCb, decode);
765 if (ret != CRYPT_SUCCESS) {
766 BSL_ERR_PUSH_ERROR(ret);
767 }
768 return ret;
769 }
770 #endif /* HITLS_CRYPTO_KEY_EPKI */
771
CRYPT_DECODE_ConstructBufferOutParam(BSL_Param ** outParam,uint8_t * buffer,uint32_t bufferLen)772 int32_t CRYPT_DECODE_ConstructBufferOutParam(BSL_Param **outParam, uint8_t *buffer, uint32_t bufferLen)
773 {
774 BSL_Param *result = BSL_SAL_Calloc(2, sizeof(BSL_Param));
775 if (result == NULL) {
776 BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
777 return CRYPT_MEM_ALLOC_FAIL;
778 }
779 int32_t ret = BSL_PARAM_InitValue(&result[0], CRYPT_PARAM_DECODE_BUFFER_DATA, BSL_PARAM_TYPE_OCTETS,
780 buffer, bufferLen);
781 if (ret != CRYPT_SUCCESS) {
782 BSL_SAL_Free(result);
783 BSL_ERR_PUSH_ERROR(ret);
784 return ret;
785 }
786 *outParam = result;
787 return ret;
788 }
789 #endif /* HITLS_CRYPTO_KEY_DECODE */
790
791 #ifdef HITLS_CRYPTO_KEY_ENCODE
792
793 #if defined(HITLS_CRYPTO_ECDSA) || defined(HITLS_CRYPTO_SM2)
CRYPT_ENCODE_EccPrikeyAsn1Buff(BSL_ASN1_Buffer * asn1,uint32_t asn1Num,BSL_Buffer * encode)794 int32_t CRYPT_ENCODE_EccPrikeyAsn1Buff(BSL_ASN1_Buffer *asn1, uint32_t asn1Num, BSL_Buffer *encode)
795 {
796 BSL_ASN1_Template templ = {g_ecPriKeyTempl, sizeof(g_ecPriKeyTempl) / sizeof(g_ecPriKeyTempl[0])};
797 return BSL_ASN1_EncodeTemplate(&templ, asn1, asn1Num, &encode->data, &encode->dataLen);
798 }
799 #endif /* HITLS_CRYPTO_ECDSA || HITLS_CRYPTO_SM2 */
800
801 #ifdef HITLS_CRYPTO_RSA
CRYPT_ENCODE_RsaPubkeyAsn1Buff(BSL_ASN1_Buffer * pubAsn1,BSL_Buffer * encodePub)802 int32_t CRYPT_ENCODE_RsaPubkeyAsn1Buff(BSL_ASN1_Buffer *pubAsn1, BSL_Buffer *encodePub)
803 {
804 BSL_ASN1_Template pubTempl = {g_rsaPubTempl, sizeof(g_rsaPubTempl) / sizeof(g_rsaPubTempl[0])};
805 int32_t ret = BSL_ASN1_EncodeTemplate(&pubTempl, pubAsn1, CRYPT_RSA_PUB_E_IDX + 1,
806 &encodePub->data, &encodePub->dataLen);
807 if (ret != CRYPT_SUCCESS) {
808 BSL_ERR_PUSH_ERROR(ret);
809 }
810 return CRYPT_SUCCESS;
811 }
812
CRYPT_ENCODE_RsaPrikeyAsn1Buff(BSL_ASN1_Buffer * asn1,uint32_t asn1Num,BSL_Buffer * encode)813 int32_t CRYPT_ENCODE_RsaPrikeyAsn1Buff(BSL_ASN1_Buffer *asn1, uint32_t asn1Num, BSL_Buffer *encode)
814 {
815 BSL_ASN1_Template templ = {g_rsaPrvTempl, sizeof(g_rsaPrvTempl) / sizeof(g_rsaPrvTempl[0])};
816 int32_t ret = BSL_ASN1_EncodeTemplate(&templ, asn1, asn1Num, &encode->data, &encode->dataLen);
817 if (ret != CRYPT_SUCCESS) {
818 BSL_ERR_PUSH_ERROR(ret);
819 }
820 return ret;
821 }
822
823 #endif
824
CRYPT_ENCODE_SubPubkeyByInfo(BSL_ASN1_Buffer * algo,BSL_Buffer * bitStr,BSL_Buffer * encodeH,bool isComplete)825 int32_t CRYPT_ENCODE_SubPubkeyByInfo(BSL_ASN1_Buffer *algo, BSL_Buffer *bitStr, BSL_Buffer *encodeH,
826 bool isComplete)
827 {
828 BSL_ASN1_Buffer encode[CRYPT_SUBKEYINFO_BITSTRING_IDX + 1] = {0};
829 encode[CRYPT_SUBKEYINFO_ALGOID_IDX].buff = algo->buff;
830 encode[CRYPT_SUBKEYINFO_ALGOID_IDX].len = algo->len;
831 encode[CRYPT_SUBKEYINFO_ALGOID_IDX].tag = BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE;
832 BSL_ASN1_BitString bitPubkey = {bitStr->data, bitStr->dataLen, 0};
833 encode[CRYPT_SUBKEYINFO_BITSTRING_IDX].buff = (uint8_t *)&bitPubkey;
834 encode[CRYPT_SUBKEYINFO_BITSTRING_IDX].len = sizeof(BSL_ASN1_BitString);
835 encode[CRYPT_SUBKEYINFO_BITSTRING_IDX].tag = BSL_ASN1_TAG_BITSTRING;
836
837 BSL_ASN1_Template pubTempl;
838 if (isComplete) {
839 pubTempl.templItems = g_subKeyInfoTempl;
840 pubTempl.templNum = sizeof(g_subKeyInfoTempl) / sizeof(g_subKeyInfoTempl[0]);
841 } else {
842 pubTempl.templItems = g_subKeyInfoInnerTempl;
843 pubTempl.templNum = sizeof(g_subKeyInfoInnerTempl) / sizeof(g_subKeyInfoInnerTempl[0]);
844 }
845 int32_t ret = BSL_ASN1_EncodeTemplate(&pubTempl,
846 encode, CRYPT_SUBKEYINFO_BITSTRING_IDX + 1, &encodeH->data, &encodeH->dataLen);
847 if (ret != CRYPT_SUCCESS) {
848 BSL_ERR_PUSH_ERROR(ret);
849 }
850 return ret;
851 }
852
853
CRYPT_ENCODE_AlgoIdAsn1Buff(BSL_ASN1_Buffer * algoId,uint32_t algoIdNum,uint8_t ** buff,uint32_t * buffLen)854 int32_t CRYPT_ENCODE_AlgoIdAsn1Buff(BSL_ASN1_Buffer *algoId, uint32_t algoIdNum, uint8_t **buff,
855 uint32_t *buffLen)
856 {
857 BSL_ASN1_Template templ = {g_algoIdTempl, sizeof(g_algoIdTempl) / sizeof(g_algoIdTempl[0])};
858 return BSL_ASN1_EncodeTemplate(&templ, algoId, algoIdNum, buff, buffLen);
859 }
860
861 #ifdef HITLS_CRYPTO_KEY_EPKI
EncodeDeriveKeyParam(CRYPT_EAL_LibCtx * libCtx,CRYPT_Pbkdf2Param * param,BSL_Buffer * encode,BSL_Buffer * salt)862 static int32_t EncodeDeriveKeyParam(CRYPT_EAL_LibCtx *libCtx, CRYPT_Pbkdf2Param *param, BSL_Buffer *encode,
863 BSL_Buffer *salt)
864 {
865 BSL_ASN1_Buffer derParam[CRYPT_PKCS_ENC_DERPRF_IDX + 1] = {0};
866 /* deralg */
867 BslOidString *oidPbkdf = BSL_OBJ_GetOID((BslCid)param->pbkdfId);
868 if (oidPbkdf == NULL) {
869 BSL_ERR_PUSH_ERROR(CRYPT_ERR_ALGID);
870 return CRYPT_ERR_ALGID;
871 }
872 derParam[CRYPT_PKCS_ENC_DERALG_IDX].buff = (uint8_t *)oidPbkdf->octs;
873 derParam[CRYPT_PKCS_ENC_DERALG_IDX].len = oidPbkdf->octetLen;
874 derParam[CRYPT_PKCS_ENC_DERALG_IDX].tag = BSL_ASN1_TAG_OBJECT_ID;
875 /* salt */
876 int32_t ret = CRYPT_EAL_RandbytesEx(libCtx, salt->data, salt->dataLen);
877 if (ret != CRYPT_SUCCESS) {
878 BSL_ERR_PUSH_ERROR(ret);
879 return ret;
880 }
881 derParam[CRYPT_PKCS_ENC_DERSALT_IDX].buff = salt->data;
882 derParam[CRYPT_PKCS_ENC_DERSALT_IDX].len = salt->dataLen;
883 derParam[CRYPT_PKCS_ENC_DERSALT_IDX].tag = BSL_ASN1_TAG_OCTETSTRING;
884 /* iter */
885 ret = BSL_ASN1_EncodeLimb(BSL_ASN1_TAG_INTEGER, param->itCnt, &derParam[CRYPT_PKCS_ENC_DERITER_IDX]);
886 if (ret != CRYPT_SUCCESS) {
887 BSL_ERR_PUSH_ERROR(ret);
888 return ret;
889 }
890 BSL_ASN1_Template templ = {g_pbkdf2DerParamTempl, sizeof(g_pbkdf2DerParamTempl) / sizeof(g_pbkdf2DerParamTempl[0])};
891 if (param->hmacId == CRYPT_MAC_HMAC_SHA1) {
892 ret = BSL_ASN1_EncodeTemplate(&templ, derParam, CRYPT_PKCS_ENC_DERPRF_IDX + 1, &encode->data, &encode->dataLen);
893 if (ret != CRYPT_SUCCESS) {
894 BSL_ERR_PUSH_ERROR(ret);
895 }
896 BSL_SAL_FREE(derParam[CRYPT_PKCS_ENC_DERITER_IDX].buff);
897 return ret;
898 }
899 BslOidString *oidHmac = BSL_OBJ_GetOID((BslCid)param->hmacId);
900 if (oidHmac == NULL) {
901 BSL_SAL_FREE(derParam[CRYPT_PKCS_ENC_DERITER_IDX].buff);
902 BSL_ERR_PUSH_ERROR(CRYPT_ERR_ALGID);
903 return CRYPT_ERR_ALGID;
904 }
905 BSL_Buffer algo = {0};
906 BSL_ASN1_Buffer algoId[BSL_ASN1_TAG_ALGOID_ANY_IDX + 1] = {
907 {BSL_ASN1_TAG_OBJECT_ID, oidHmac->octetLen, (uint8_t *)oidHmac->octs},
908 {BSL_ASN1_TAG_NULL, 0, NULL},
909 };
910 ret = CRYPT_ENCODE_AlgoIdAsn1Buff(algoId, BSL_ASN1_TAG_ALGOID_ANY_IDX + 1, &algo.data, &algo.dataLen);
911 if (ret != CRYPT_SUCCESS) {
912 BSL_SAL_FREE(derParam[CRYPT_PKCS_ENC_DERITER_IDX].buff);
913 BSL_ERR_PUSH_ERROR(ret);
914 return ret;
915 }
916 derParam[CRYPT_PKCS_ENC_DERPRF_IDX].buff = algo.data;
917 derParam[CRYPT_PKCS_ENC_DERPRF_IDX].len = algo.dataLen;
918 derParam[CRYPT_PKCS_ENC_DERPRF_IDX].tag = BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE;
919
920 ret = BSL_ASN1_EncodeTemplate(&templ,
921 derParam, CRYPT_PKCS_ENC_DERPRF_IDX + 1, &encode->data, &encode->dataLen);
922 BSL_SAL_FREE(algo.data);
923 BSL_SAL_FREE(derParam[CRYPT_PKCS_ENC_DERITER_IDX].buff);
924 return ret;
925 }
926
EncodeEncryptedData(CRYPT_EAL_LibCtx * libCtx,const char * attrName,CRYPT_Pbkdf2Param * pkcsParam,BSL_Buffer * unEncrypted,BSL_Buffer * salt,BSL_ASN1_Buffer * asn1)927 static int32_t EncodeEncryptedData(CRYPT_EAL_LibCtx *libCtx, const char *attrName, CRYPT_Pbkdf2Param *pkcsParam,
928 BSL_Buffer *unEncrypted, BSL_Buffer *salt, BSL_ASN1_Buffer *asn1)
929 {
930 int32_t ret;
931 uint8_t *output = NULL;
932 BSL_Buffer keyBuff = {0};
933 do {
934 ret = CRYPT_EAL_CipherGetInfo(pkcsParam->symId, CRYPT_INFO_KEY_LEN, &keyBuff.dataLen);
935 if (ret != CRYPT_SUCCESS) {
936 BSL_ERR_PUSH_ERROR(ret);
937 break;
938 }
939 keyBuff.data = (uint8_t *)BSL_SAL_Malloc(keyBuff.dataLen);
940 if (keyBuff.data == NULL) {
941 ret = BSL_MALLOC_FAIL;
942 BSL_ERR_PUSH_ERROR(ret);
943 break;
944 }
945
946 ret = PbkdfDeriveKey(libCtx, attrName, pkcsParam->itCnt, pkcsParam->hmacId, salt,
947 pkcsParam->pwd, pkcsParam->pwdLen, &keyBuff);
948 if (ret != CRYPT_SUCCESS) {
949 BSL_ERR_PUSH_ERROR(ret);
950 break;
951 }
952
953 uint32_t pkcsDataLen = unEncrypted->dataLen + 16; // extras 16 for padding.
954 output = (uint8_t *)BSL_SAL_Malloc(pkcsDataLen);
955 if (output == NULL) {
956 ret = BSL_MALLOC_FAIL;
957 BSL_ERR_PUSH_ERROR(ret);
958 break;
959 }
960 BSL_Buffer enData = {unEncrypted->data, unEncrypted->dataLen};
961 BSL_Buffer ivData = {asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].buff, asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].len};
962 ret = CRYPT_ENCODE_DECODE_DecryptEncData(libCtx, attrName, &ivData, &enData,
963 (int32_t)pkcsParam->symId, true, &keyBuff, output, &pkcsDataLen);
964 if (ret != CRYPT_SUCCESS) {
965 break;
966 }
967 asn1[CRYPT_PKCS_ENCPRIKEY_ENCDATA_IDX].buff = output;
968 asn1[CRYPT_PKCS_ENCPRIKEY_ENCDATA_IDX].len = pkcsDataLen;
969 asn1[CRYPT_PKCS_ENCPRIKEY_ENCDATA_IDX].tag = BSL_ASN1_TAG_OCTETSTRING;
970 BSL_SAL_ClearFree(keyBuff.data, keyBuff.dataLen);
971 return ret;
972 } while (0);
973
974 BSL_SAL_ClearFree(keyBuff.data, keyBuff.dataLen);
975 BSL_SAL_FREE(output);
976 return ret;
977 }
978
GenRandIv(CRYPT_EAL_LibCtx * libCtx,CRYPT_Pbkdf2Param * pkcsParam,BSL_ASN1_Buffer * asn1)979 static int32_t GenRandIv(CRYPT_EAL_LibCtx *libCtx, CRYPT_Pbkdf2Param *pkcsParam, BSL_ASN1_Buffer *asn1)
980 {
981 int32_t ret;
982 BslOidString *oidSym = BSL_OBJ_GetOID((BslCid)pkcsParam->symId);
983 if (oidSym == NULL) {
984 return CRYPT_ERR_ALGID;
985 }
986 asn1[CRYPT_PKCS_ENCPRIKEY_SYMALG_IDX].buff = (uint8_t *)oidSym->octs;
987 asn1[CRYPT_PKCS_ENCPRIKEY_SYMALG_IDX].len = oidSym->octetLen;
988 asn1[CRYPT_PKCS_ENCPRIKEY_SYMALG_IDX].tag = BSL_ASN1_TAG_OBJECT_ID;
989
990 uint32_t ivLen;
991 ret = CRYPT_EAL_CipherGetInfo(pkcsParam->symId, CRYPT_INFO_IV_LEN, &ivLen);
992 if (ret != CRYPT_SUCCESS) {
993 BSL_ERR_PUSH_ERROR(ret);
994 return ret;
995 }
996 if (ivLen == 0) {
997 asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].tag = BSL_ASN1_TAG_OCTETSTRING;
998 return CRYPT_SUCCESS;
999 }
1000 uint8_t *iv = (uint8_t *)BSL_SAL_Malloc(ivLen);
1001 if (iv == NULL) {
1002 BSL_ERR_PUSH_ERROR(BSL_MALLOC_FAIL);
1003 return BSL_MALLOC_FAIL;
1004 }
1005 ret = CRYPT_EAL_RandbytesEx(libCtx, iv, ivLen);
1006 if (ret != CRYPT_SUCCESS) {
1007 BSL_SAL_FREE(iv);
1008 BSL_ERR_PUSH_ERROR(ret);
1009 return ret;
1010 }
1011 asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].buff = iv;
1012 asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].len = ivLen;
1013 asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].tag = BSL_ASN1_TAG_OCTETSTRING;
1014 return ret;
1015 }
1016
CRYPT_ENCODE_PkcsEncryptedBuff(CRYPT_EAL_LibCtx * libCtx,const char * attrName,CRYPT_Pbkdf2Param * pkcsParam,BSL_Buffer * unEncrypted,BSL_ASN1_Buffer * asn1)1017 int32_t CRYPT_ENCODE_PkcsEncryptedBuff(CRYPT_EAL_LibCtx *libCtx, const char *attrName,
1018 CRYPT_Pbkdf2Param *pkcsParam, BSL_Buffer *unEncrypted, BSL_ASN1_Buffer *asn1)
1019 {
1020 int32_t ret;
1021 BslOidString *oidPbes = BSL_OBJ_GetOID((BslCid)pkcsParam->pbesId);
1022 if (oidPbes == NULL) {
1023 BSL_ERR_PUSH_ERROR(CRYPT_ERR_ALGID);
1024 return CRYPT_ERR_ALGID;
1025 }
1026 /* derivation param */
1027 BSL_Buffer derParam = {0};
1028 uint8_t *saltData = (uint8_t *)BSL_SAL_Malloc(pkcsParam->saltLen);
1029 if (saltData == NULL) {
1030 BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
1031 return CRYPT_MEM_ALLOC_FAIL;
1032 }
1033 do {
1034 BSL_Buffer salt = {saltData, pkcsParam->saltLen};
1035 ret = EncodeDeriveKeyParam(libCtx, pkcsParam, &derParam, &salt);
1036 if (ret != CRYPT_SUCCESS) {
1037 BSL_ERR_PUSH_ERROR(ret);
1038 break;
1039 }
1040 asn1[CRYPT_PKCS_ENCPRIKEY_DERPARAM_IDX].buff = derParam.data;
1041 asn1[CRYPT_PKCS_ENCPRIKEY_DERPARAM_IDX].len = derParam.dataLen;
1042 asn1[CRYPT_PKCS_ENCPRIKEY_DERPARAM_IDX].tag = BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE;
1043 /* iv */
1044 ret = GenRandIv(libCtx, pkcsParam, asn1);
1045 if (ret != CRYPT_SUCCESS) {
1046 BSL_ERR_PUSH_ERROR(ret);
1047 break;
1048 }
1049 /* encryptedData */
1050 ret = EncodeEncryptedData(libCtx, attrName, pkcsParam, unEncrypted, &salt, asn1);
1051 if (ret != CRYPT_SUCCESS) {
1052 BSL_ERR_PUSH_ERROR(ret);
1053 break;
1054 }
1055 BSL_SAL_ClearFree(saltData, pkcsParam->saltLen);
1056 asn1[CRYPT_PKCS_ENCPRIKEY_ENCALG_IDX].buff = (uint8_t *)oidPbes->octs;
1057 asn1[CRYPT_PKCS_ENCPRIKEY_ENCALG_IDX].len = oidPbes->octetLen;
1058 asn1[CRYPT_PKCS_ENCPRIKEY_ENCALG_IDX].tag = BSL_ASN1_TAG_OBJECT_ID;
1059 return CRYPT_SUCCESS;
1060 } while (0);
1061 BSL_SAL_ClearFree(saltData, pkcsParam->saltLen);
1062 BSL_SAL_ClearFree(asn1[CRYPT_PKCS_ENCPRIKEY_DERPARAM_IDX].buff, asn1[CRYPT_PKCS_ENCPRIKEY_DERPARAM_IDX].len);
1063 BSL_SAL_ClearFree(asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].buff, asn1[CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX].len);
1064 return ret;
1065 }
1066 #endif // HITLS_CRYPTO_KEY_EPKI
1067
CRYPT_ENCODE_Pkcs8Info(CRYPT_ENCODE_DECODE_Pk8PrikeyInfo * pk8PrikeyInfo,BSL_Buffer * asn1)1068 int32_t CRYPT_ENCODE_Pkcs8Info(CRYPT_ENCODE_DECODE_Pk8PrikeyInfo *pk8PrikeyInfo, BSL_Buffer *asn1)
1069 {
1070 if (pk8PrikeyInfo == NULL || asn1 == NULL) {
1071 BSL_ERR_PUSH_ERROR(CRYPT_INVALID_ARG);
1072 return CRYPT_INVALID_ARG;
1073 }
1074 int32_t ret;
1075 BSL_ASN1_Buffer algo = {0};
1076 BSL_ASN1_Buffer algoId[BSL_ASN1_TAG_ALGOID_ANY_IDX + 1] = {0};
1077 do {
1078 BslOidString *oidStr = BSL_OBJ_GetOID((BslCid)pk8PrikeyInfo->keyType);
1079 if (oidStr == NULL) {
1080 BSL_ERR_PUSH_ERROR(CRYPT_ERR_ALGID);
1081 ret = CRYPT_ERR_ALGID;
1082 break;
1083 }
1084 algoId[BSL_ASN1_TAG_ALGOID_IDX].buff = (uint8_t *)oidStr->octs;
1085 algoId[BSL_ASN1_TAG_ALGOID_IDX].len = oidStr->octetLen;
1086 algoId[BSL_ASN1_TAG_ALGOID_IDX].tag = BSL_ASN1_TAG_OBJECT_ID;
1087 algoId[BSL_ASN1_TAG_ALGOID_ANY_IDX] = pk8PrikeyInfo->keyParam;
1088 ret = CRYPT_ENCODE_AlgoIdAsn1Buff(algoId, BSL_ASN1_TAG_ALGOID_ANY_IDX + 1, &algo.buff, &algo.len);
1089 if (ret != CRYPT_SUCCESS) {
1090 BSL_ERR_PUSH_ERROR(ret);
1091 break;
1092 }
1093
1094 BSL_ASN1_Buffer encode[CRYPT_PK8_PRIKEY_PRIKEY_IDX + 1] = {
1095 {BSL_ASN1_TAG_INTEGER, sizeof(pk8PrikeyInfo->version), (uint8_t *)&pk8PrikeyInfo->version},
1096 {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE, algo.len, algo.buff},
1097 {BSL_ASN1_TAG_OCTETSTRING, pk8PrikeyInfo->pkeyRawKeyLen, pk8PrikeyInfo->pkeyRawKey}
1098 };
1099 BSL_ASN1_Template pubTempl = {g_pk8PriKeyTempl, sizeof(g_pk8PriKeyTempl) / sizeof(g_pk8PriKeyTempl[0])};
1100 ret = BSL_ASN1_EncodeTemplate(&pubTempl, encode, CRYPT_PK8_PRIKEY_PRIKEY_IDX + 1, &asn1->data, &asn1->dataLen);
1101 } while (0);
1102
1103 BSL_SAL_ClearFree(algo.buff, algo.len);
1104 return ret;
1105 }
1106
1107 #endif /* HITLS_CRYPTO_KEY_ENCODE */
1108 #endif /* HITLS_CRYPTO_CODECSKEY */
1109