1 /*
2 * Copyright (c) 2020-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #define HUKS_DISABLE_LOG_AT_FILE_TO_REDUCE_ROM_SIZE
16
17 #ifdef HKS_CONFIG_FILE
18 #include HKS_CONFIG_FILE
19 #else
20 #include "hks_config.h"
21 #endif
22
23 #ifdef _CUT_AUTHENTICATE_
24 #undef HKS_SUPPORT_ECDSA_C
25 #endif /* _CUT_AUTHENTICATE_ */
26
27 #ifdef HKS_SUPPORT_ECDSA_C
28
29 #include "hks_mbedtls_ecdsa.h"
30
31 #include <mbedtls/ctr_drbg.h>
32 #include <mbedtls/ecdsa.h>
33 #include <mbedtls/ecp.h>
34 #include <mbedtls/entropy.h>
35 #include <securec.h>
36
37 #include "hks_log.h"
38 #include "hks_mbedtls_common.h"
39 #include "hks_mbedtls_ecc.h"
40 #include "hks_template.h"
41
42 #ifdef HKS_SUPPORT_ECDSA_SIGN_VERIFY
43 /* users must ensure the input params not null */
HksMbedtlsEcdsaSign(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * signature)44 int32_t HksMbedtlsEcdsaSign(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
45 const struct HksBlob *message, struct HksBlob *signature)
46 {
47 int32_t ret = EccKeyCheck(key);
48 HKS_IF_NOT_SUCC_RETURN(ret, ret)
49
50 mbedtls_ecp_group_id curveNist = MBEDTLS_ECP_DP_NONE;
51 ret = HksMbedtlsEccGetKeyCurveNist((struct KeyMaterialEcc *)(key->data), &curveNist);
52 HKS_IF_NOT_SUCC_RETURN(ret, ret)
53
54 mbedtls_ctr_drbg_context ctrDrbg;
55 mbedtls_entropy_context entropy;
56 (void)memset_s(&entropy, sizeof(mbedtls_entropy_context), 0, sizeof(mbedtls_entropy_context));
57 (void)memset_s(&ctrDrbg, sizeof(mbedtls_ctr_drbg_context), 0, sizeof(mbedtls_ctr_drbg_context));
58 ret = HksCtrDrbgSeed(&ctrDrbg, &entropy);
59 HKS_IF_NOT_SUCC_RETURN(ret, ret)
60
61 mbedtls_ecdsa_context ctx;
62 (void)memset_s(&ctx, sizeof(mbedtls_ecdsa_context), 0, sizeof(mbedtls_ecdsa_context));
63 mbedtls_ecdsa_init(&ctx);
64
65 do {
66 ret = mbedtls_ecp_group_load(&(ctx.MBEDTLS_PRIVATE(grp)), curveNist);
67 if (ret != HKS_MBEDTLS_SUCCESS) {
68 HKS_LOG_E("Mbedtls ecp group load fail! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
69 break;
70 }
71
72 ret = HksEccKeyMaterialToPri(key, &(ctx.MBEDTLS_PRIVATE(d)));
73 HKS_IF_NOT_SUCC_BREAK(ret)
74
75 mbedtls_md_type_t mbedtlsAlg;
76 uint32_t digest = (usageSpec->digest == HKS_DIGEST_NONE) ? HKS_DIGEST_SHA256 : usageSpec->digest;
77 ret = HksToMbedtlsDigestAlg(digest, &mbedtlsAlg);
78 HKS_IF_NOT_SUCC_BREAK(ret)
79 size_t keyLen = (size_t)(signature->size);
80 ret = mbedtls_ecdsa_write_signature(&ctx, (mbedtls_md_type_t)mbedtlsAlg, message->data, (size_t)message->size,
81 signature->data, keyLen, &keyLen, mbedtls_ctr_drbg_random, &ctrDrbg);
82 signature->size = (uint32_t)keyLen;
83 if (ret != HKS_MBEDTLS_SUCCESS || keyLen != (size_t)(signature->size)) {
84 HKS_LOG_E("Ecc mbedtls sign fail! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
85 (void)memset_s(signature->data, signature->size, 0, signature->size);
86 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
87 }
88 } while (0);
89
90 mbedtls_ctr_drbg_free(&ctrDrbg);
91 mbedtls_entropy_free(&entropy);
92 mbedtls_ecdsa_free(&ctx);
93 return ret;
94 }
95
96 /* users must ensure the input params not null */
HksMbedtlsEcdsaVerify(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,const struct HksBlob * signature)97 int32_t HksMbedtlsEcdsaVerify(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
98 const struct HksBlob *message, const struct HksBlob *signature)
99 {
100 (void)usageSpec;
101 int32_t ret = EccKeyCheck(key);
102 HKS_IF_NOT_SUCC_RETURN(ret, ret)
103
104 mbedtls_ecp_group_id curveNist = MBEDTLS_ECP_DP_NONE;
105 ret = HksMbedtlsEccGetKeyCurveNist((struct KeyMaterialEcc *)(key->data), &curveNist);
106 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "Get ecc KeyCureNist fail! ret = 0x%" LOG_PUBLIC "X", ret)
107
108 mbedtls_ecdsa_context ctx;
109 (void)memset_s(&ctx, sizeof(mbedtls_ecdsa_context), 0, sizeof(mbedtls_ecdsa_context));
110 mbedtls_ecdsa_init(&ctx);
111
112 do {
113 ret = mbedtls_ecp_group_load(&(ctx.MBEDTLS_PRIVATE(grp)), curveNist);
114 if (ret != HKS_MBEDTLS_SUCCESS) {
115 HKS_LOG_E("Mbedtls ecp group load fail! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
116 break;
117 }
118
119 ret = HksEccKeyMaterialToPub(key, &(ctx.MBEDTLS_PRIVATE(Q)));
120 HKS_IF_NOT_SUCC_BREAK(ret)
121
122 ret = mbedtls_ecdsa_read_signature(&ctx,
123 message->data, message->size, signature->data, signature->size);
124 if (ret != HKS_MBEDTLS_SUCCESS) {
125 HKS_LOG_E("Ecc mbedtls verify fail! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
126 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
127 }
128 } while (0);
129
130 mbedtls_ecdsa_free(&ctx);
131 return ret;
132 }
133 #endif /* HKS_SUPPORT_ECDSA_SIGN_VERIFY */
134 #endif /* HKS_SUPPORT_ECDSA_C */
135