1 /*
2 * Copyright (C) 2022 Huawei Technologies Co., Ltd.
3 * Licensed under the Mulan PSL v2.
4 * You can use this software according to the terms and conditions of the Mulan PSL v2.
5 * You may obtain a copy of Mulan PSL v2 at:
6 * http://license.coscl.org.cn/MulanPSL2
7 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
8 * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
9 * PURPOSE.
10 * See the Mulan PSL v2 for more details.
11 */
12 #include "crypto_inner_interface.h"
13 #include <mbedtls/bignum.h>
14 #include <mbedtls/rsa.h>
15 #include <securec.h>
16 #include <tee_log.h>
17 #include <tee_defines.h>
18 #include "tee_mem_mgmt_api.h"
19
rsa_generate_keypair(rsa_priv_key_t * priv,rsa_pub_key_t * pub,uint32_t e,uint32_t key_size)20 int32_t rsa_generate_keypair(rsa_priv_key_t *priv, rsa_pub_key_t *pub, uint32_t e, uint32_t key_size)
21 {
22 (void)priv;
23 (void)pub;
24 (void)e;
25 (void)key_size;
26 return -1;
27 }
28
rsa_encrypt(uint8_t * dest_data,uint32_t * dest_len,uint8_t * src_data,uint32_t src_len,rsa_pub_key_t * pub,int32_t padding,int32_t hash_nid)29 int32_t rsa_encrypt(uint8_t *dest_data, uint32_t *dest_len, uint8_t *src_data, uint32_t src_len, rsa_pub_key_t *pub,
30 int32_t padding, int32_t hash_nid)
31 {
32 (void)dest_data;
33 (void)dest_len;
34 (void)src_data;
35 (void)src_len;
36 (void)pub;
37 (void)padding;
38 (void)hash_nid;
39 return -1;
40 }
41
rsa_decrypt(uint8_t * dest_data,uint32_t * dest_len,uint8_t * src_data,uint32_t src_len,rsa_priv_key_t * priv,uint32_t padding,int32_t hash_nid)42 int32_t rsa_decrypt(uint8_t *dest_data, uint32_t *dest_len, uint8_t *src_data, uint32_t src_len, rsa_priv_key_t *priv,
43 uint32_t padding, int32_t hash_nid)
44 {
45 (void)dest_data;
46 (void)dest_len;
47 (void)src_data;
48 (void)src_len;
49 (void)priv;
50 (void)padding;
51 (void)hash_nid;
52 return -1;
53 }
54
rsa_sign_digest(uint8_t * signature,uint32_t * sig_size,uint8_t * in,uint32_t in_len,rsa_priv_key_t * priv,uint32_t salt_len,int32_t hash_nid,int32_t padding)55 int32_t rsa_sign_digest(uint8_t *signature, uint32_t *sig_size, uint8_t *in, uint32_t in_len, rsa_priv_key_t *priv,
56 uint32_t salt_len, int32_t hash_nid, int32_t padding)
57 {
58 (void)signature;
59 (void)sig_size;
60 (void)in;
61 (void)in_len;
62 (void)priv;
63 (void)salt_len;
64 (void)hash_nid;
65 (void)padding;
66 return -1;
67 }
68
69 #define MAX_OUTPUT_LEN 256
rsa_pss_verify_digest(mbedtls_rsa_context * ctx,uint8_t * signature,uint32_t sig_size,uint8_t * in,uint32_t in_len,uint32_t salt_len,int32_t hash_nid)70 static int32_t rsa_pss_verify_digest(mbedtls_rsa_context *ctx, uint8_t *signature, uint32_t sig_size,
71 uint8_t *in, uint32_t in_len, uint32_t salt_len, int32_t hash_nid)
72 {
73 (void)sig_size;
74 const size_t output_max_len = MAX_OUTPUT_LEN;
75 size_t olen;
76 uint8_t *em_buf = TEE_Malloc(output_max_len, 0);
77 if (em_buf == NULL) {
78 tloge("malloc buf failed, len=%u\n", output_max_len);
79 return -1;
80 }
81
82 int32_t rc = mbedtls_rsa_pkcs1_decrypt(ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, &olen,
83 signature, em_buf, output_max_len);
84 if (rc != 0) {
85 tloge("rsa decrypt fail, rc:%d", rc);
86 TEE_Free(em_buf);
87 return -1;
88 }
89
90 rc = mbedtls_rsa_rsassa_pss_verify_ext(ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC,
91 hash_nid, in_len, in, hash_nid, salt_len, em_buf);
92 TEE_Free(em_buf);
93 return rc;
94 }
95
rsa_verify_digest(uint8_t * signature,uint32_t sig_size,uint8_t * in,uint32_t in_len,const rsa_pub_key_t * pub,uint32_t salt_len,int32_t hash_nid,int32_t padding)96 int32_t rsa_verify_digest(uint8_t *signature, uint32_t sig_size, uint8_t *in, uint32_t in_len, const rsa_pub_key_t *pub,
97 uint32_t salt_len, int32_t hash_nid, int32_t padding)
98 {
99 mbedtls_mpi mpi_n, mpi_e;
100 mbedtls_rsa_context ctx;
101 bool check = (signature == NULL || in == NULL || pub == NULL || sig_size == 0 || in_len == 0);
102 if (check) {
103 tloge("param is invalid!");
104 return -1;
105 }
106
107 mbedtls_rsa_init(&ctx, padding, hash_nid);
108 mbedtls_mpi_init(&mpi_n);
109 mbedtls_mpi_init(&mpi_e);
110 int32_t rc = mbedtls_mpi_read_binary(&mpi_n, pub->n, pub->n_len);
111 rc |= mbedtls_mpi_read_binary(&mpi_e, pub->e, pub->e_len);
112 if (rc != 0) {
113 tloge("pub buffer to big num failed, rc:%d", rc);
114 goto clean;
115 }
116
117 rc = mbedtls_rsa_import(&ctx, &mpi_n, NULL, NULL, NULL, &mpi_e);
118 if (rc != 0) {
119 tloge("rsa import fail, rc:%d", rc);
120 goto clean;
121 }
122
123 rc = mbedtls_rsa_complete(&ctx);
124 if (rc != 0) {
125 tloge("rsa complete fail, rc:%d", rc);
126 goto clean;
127 }
128
129 if (padding == MBEDTLS_RSA_PKCS_V21) {
130 rc = rsa_pss_verify_digest(&ctx, signature, sig_size, in, in_len, salt_len, hash_nid);
131 } else if (padding == MBEDTLS_RSA_PKCS_V15) {
132 rc = mbedtls_rsa_pkcs1_verify(&ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, hash_nid, in_len, in, signature);
133 }
134 if (rc != 0)
135 tloge("rsa verify digest failed!, rc:%d", rc);
136
137 clean:
138 mbedtls_mpi_free(&mpi_n);
139 mbedtls_mpi_free(&mpi_e);
140 mbedtls_rsa_free(&ctx);
141 return rc;
142 }
143
generate_rsa_from_secret(rsa_priv_key_t * rsa,uint32_t nbits,uint8_t * secret,uint32_t secret_len,const uint8_t * file_name)144 int generate_rsa_from_secret(rsa_priv_key_t *rsa, uint32_t nbits, uint8_t *secret, uint32_t secret_len,
145 const uint8_t *file_name)
146 {
147 (void)rsa;
148 (void)nbits;
149 (void)secret;
150 (void)secret_len;
151 (void)file_name;
152 return -1;
153 }
154
rsa_import_priv(rsa_priv_key_t * priv,const uint8_t * in,uint32_t in_len)155 int rsa_import_priv(rsa_priv_key_t *priv, const uint8_t *in, uint32_t in_len)
156 {
157 (void)priv;
158 (void)in;
159 (void)in_len;
160 return -1;
161 }
162
rsa_export_pub_sp(uint8_t * out,uint32_t out_size,rsa_pub_key_t * pub)163 int32_t rsa_export_pub_sp(uint8_t *out, uint32_t out_size, rsa_pub_key_t *pub)
164 {
165 (void)out;
166 (void)out_size;
167 (void)pub;
168 return -1;
169 }
170