1 /*
2 * This file is part of the openHiTLS project.
3 *
4 * openHiTLS is licensed under the Mulan PSL v2.
5 * You can use this software according to the terms and conditions of the Mulan PSL v2.
6 * You may obtain a copy of Mulan PSL v2 at:
7 *
8 * http://license.coscl.org.cn/MulanPSL2
9 *
10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13 * See the Mulan PSL v2 for more details.
14 */
15
16 #ifndef CRYPT_ENCODE_DECODE_KEY_LOCAL_H
17 #define CRYPT_ENCODE_DECODE_KEY_LOCAL_H
18
19 #include "hitls_build.h"
20 #ifdef HITLS_CRYPTO_CODECSKEY
21
22 #include "bsl_types.h"
23 #include "bsl_asn1.h"
24 #include "crypt_types.h"
25 #include "crypt_eal_pkey.h"
26
27 #ifdef HITLS_CRYPTO_RSA
28 #include "crypt_rsa.h"
29 #endif
30 #ifdef HITLS_CRYPTO_SM2
31 #include "crypt_sm2.h"
32 #endif
33 #ifdef HITLS_CRYPTO_ED25519
34 #include "crypt_curve25519.h"
35 #endif
36
37 #ifdef __cplusplus
38 extern "C" {
39 #endif /* __cpluscplus */
40
41 typedef struct {
42 BSL_Buffer *derivekeyData;
43 BSL_Buffer *ivData;
44 BSL_Buffer *enData;
45 } EncryptPara;
46
47 typedef enum {
48 CRYPT_RSA_PUB_N_IDX = 0,
49 CRYPT_RSA_PUB_E_IDX = 1,
50 } CRYPT_RSA_PUB_TEMPL_IDX;
51
52 typedef enum {
53 BSL_ASN1_TAG_ALGOID_IDX = 0,
54 BSL_ASN1_TAG_ALGOID_ANY_IDX = 1,
55 } ALGOID_TEMPL_IDX;
56
57 typedef enum {
58 CRYPT_SUBKEYINFO_ALGOID_IDX = 0,
59 CRYPT_SUBKEYINFO_BITSTRING_IDX = 1,
60 } CRYPT_SUBKEYINFO_TEMPL_IDX;
61
62 typedef enum {
63 CRYPT_PKCS_ENCPRIKEY_ENCALG_IDX,
64 CRYPT_PKCS_ENCPRIKEY_DERPARAM_IDX,
65 CRYPT_PKCS_ENCPRIKEY_SYMALG_IDX,
66 CRYPT_PKCS_ENCPRIKEY_SYMIV_IDX,
67 CRYPT_PKCS_ENCPRIKEY_ENCDATA_IDX,
68 CRYPT_PKCS_ENCPRIKEY_MAX
69 } CRYPT_PKCS_ENCPRIKEY_TEMPL_IDX;
70
71 typedef enum {
72 CRYPT_ECPRIKEY_VERSION_IDX = 0,
73 CRYPT_ECPRIKEY_PRIKEY_IDX = 1,
74 CRYPT_ECPRIKEY_PARAM_IDX = 2,
75 CRYPT_ECPRIKEY_PUBKEY_IDX = 3,
76 } CRYPT_ECPRIKEY_TEMPL_IDX;
77
78 typedef enum {
79 CRYPT_RSA_PRV_VERSION_IDX = 0,
80 CRYPT_RSA_PRV_N_IDX = 1,
81 CRYPT_RSA_PRV_E_IDX = 2,
82 CRYPT_RSA_PRV_D_IDX = 3,
83 CRYPT_RSA_PRV_P_IDX = 4,
84 CRYPT_RSA_PRV_Q_IDX = 5,
85 CRYPT_RSA_PRV_DP_IDX = 6,
86 CRYPT_RSA_PRV_DQ_IDX = 7,
87 CRYPT_RSA_PRV_QINV_IDX = 8,
88 CRYPT_RSA_PRV_OTHER_PRIME_IDX = 9
89 } CRYPT_RSA_PRV_TEMPL_IDX;
90
91 #define CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_HASH 0
92 #define CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_MASKGEN 1
93 #define CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_SALTLEN 2
94 #define CRYPT_ASN1_CTX_SPECIFIC_TAG_RSAPSS_TRAILED 3
95
96 #define PATH_MAX_LEN 4096
97 #define PWD_MAX_LEN 4096
98
99 #ifdef HITLS_CRYPTO_KEY_DECODE
100 int32_t ParseSubPubkeyAsn1(BSL_ASN1_Buffer *encode, CRYPT_EAL_PkeyCtx **ealPubKey);
101
102 int32_t ParseRsaPubkeyAsn1Buff(uint8_t *buff, uint32_t buffLen, BSL_ASN1_Buffer *param, CRYPT_EAL_PkeyCtx **ealPubKey,
103 BslCid cid);
104
105 int32_t ParseRsaPrikeyAsn1Buff(uint8_t *buff, uint32_t buffLen, BSL_ASN1_Buffer *rsaPssParam, BslCid cid,
106 CRYPT_EAL_PkeyCtx **ealPriKey);
107
108 int32_t ParseEccPrikeyAsn1Buff(uint8_t *buff, uint32_t buffLen, BSL_ASN1_Buffer *pk8AlgoParam,
109 CRYPT_EAL_PkeyCtx **ealPriKey);
110
111 int32_t ParsePk8PriKeyBuff(BSL_Buffer *buff, CRYPT_EAL_PkeyCtx **ealPriKey);
112
113 #ifdef HITLS_CRYPTO_KEY_EPKI
114 int32_t ParsePk8EncPriKeyBuff(BSL_Buffer *buff, const BSL_Buffer *pwd, CRYPT_EAL_PkeyCtx **ealPriKey);
115
116 int32_t CRYPT_DECODE_Pkcs8PrvDecrypt(CRYPT_EAL_LibCtx *libctx, const char *attrName, BSL_Buffer *buff,
117 const BSL_Buffer *pwd, BSL_ASN1_DecTemplCallBack keyInfoCb, BSL_Buffer *decode);
118
119 int32_t CRYPT_DECODE_ParseEncDataAsn1(CRYPT_EAL_LibCtx *libctx, const char *attrName, BslCid symAlg,
120 EncryptPara *encPara, const BSL_Buffer *pwd, BSL_ASN1_DecTemplCallBack keyInfoCb, BSL_Buffer *decode);
121
122 #endif
123
124 int32_t CRYPT_EAL_ParseAsn1SubPubkey(uint8_t *buff, uint32_t buffLen, void **ealPubKey, bool isComplete);
125
126 int32_t CRYPT_DECODE_AlgoIdAsn1Buff(uint8_t *buff, uint32_t buffLen, BSL_ASN1_DecTemplCallBack keyInfoCb,
127 BSL_ASN1_Buffer *algoId, uint32_t algoIdNum);
128
129 int32_t CRYPT_DECODE_ConstructBufferOutParam(BSL_Param **outParam, uint8_t *buffer, uint32_t bufferLen);
130
131 int32_t CRYPT_DECODE_ParseSubKeyInfo(uint8_t *buff, uint32_t buffLen, BSL_ASN1_Buffer *pubAsn1, bool isComplete);
132
133 int32_t CRYPT_DECODE_PrikeyAsn1Buff(uint8_t *buffer, uint32_t bufferLen, BSL_ASN1_Buffer *asn1, uint32_t arrNum);
134
135 #ifdef HITLS_CRYPTO_RSA
136 int32_t CRYPT_DECODE_RsaPubkeyAsn1Buff(uint8_t *buff, uint32_t buffLen, BSL_ASN1_Buffer *pubAsn1, uint32_t arrNum);
137
138 int32_t CRYPT_DECODE_RsaPrikeyAsn1Buff(uint8_t *buff, uint32_t buffLen, BSL_ASN1_Buffer *asn1, uint32_t asn1Num);
139
140 int32_t CRYPT_RSA_ParsePubkeyAsn1Buff(uint8_t *buff, uint32_t buffLen, BSL_ASN1_Buffer *param,
141 CRYPT_RSA_Ctx **rsaPubKey, BslCid cid);
142 int32_t CRYPT_RSA_ParsePkcs8Key(uint8_t *buff, uint32_t buffLen, CRYPT_RSA_Ctx **rsaPriKey);
143
144 int32_t CRYPT_RSA_ParseSubPubkeyAsn1Buff(uint8_t *buff, uint32_t buffLen, CRYPT_RSA_Ctx **pubKey, bool isComplete);
145
146 int32_t CRYPT_RSA_ParsePrikeyAsn1Buff(uint8_t *buff, uint32_t buffLen, BSL_ASN1_Buffer *rsaPssParam,
147 CRYPT_RSA_Ctx **rsaPriKey);
148 #endif
149
150 #if defined(HITLS_CRYPTO_ECDSA) || defined(HITLS_CRYPTO_ECDH)
151 int32_t CRYPT_ECC_ParseSubPubkeyAsn1Buff(uint8_t *buff, uint32_t buffLen, void **pubKey, bool isComplete);
152
153 int32_t CRYPT_ECC_ParsePkcs8Key(uint8_t *buff, uint32_t buffLen, void **ecdsaPriKey);
154
155 int32_t CRYPT_ECC_ParsePrikeyAsn1Buff(uint8_t *buffer, uint32_t bufferLen, BSL_ASN1_Buffer *pk8AlgoParam,
156 void **ecPriKey);
157 #endif
158
159 #ifdef HITLS_CRYPTO_SM2
160 int32_t CRYPT_SM2_ParseSubPubkeyAsn1Buff(uint8_t *buff, uint32_t buffLen, CRYPT_SM2_Ctx **pubKey, bool isComplete);
161 int32_t CRYPT_SM2_ParsePrikeyAsn1Buff(uint8_t *buffer, uint32_t bufferLen, BSL_ASN1_Buffer *pk8AlgoParam,
162 CRYPT_SM2_Ctx **sm2PriKey);
163 int32_t CRYPT_SM2_ParsePkcs8Key(uint8_t *buff, uint32_t buffLen, CRYPT_SM2_Ctx **sm2PriKey);
164 #endif
165
166 #ifdef HITLS_CRYPTO_ED25519
167 int32_t CRYPT_ED25519_ParsePkcs8Key(uint8_t *buffer, uint32_t bufferLen, CRYPT_CURVE25519_Ctx **ed25519PriKey);
168 int32_t CRYPT_ED25519_ParseSubPubkeyAsn1Buff(uint8_t *buff, uint32_t buffLen, CRYPT_CURVE25519_Ctx **pubKey,
169 bool isComplete);
170 #endif
171
172 #endif
173
174 #ifdef HITLS_CRYPTO_KEY_ENCODE
175 int32_t EncodeRsaPubkeyAsn1Buff(CRYPT_EAL_PkeyCtx *ealPubKey, BSL_ASN1_Buffer *pssParam, BSL_Buffer *encodePub);
176
177 int32_t EncodeRsaPrikeyAsn1Buff(CRYPT_EAL_PkeyCtx *ealPriKey, CRYPT_PKEY_AlgId cid, BSL_Buffer *encode);
178
179 int32_t EncodeEccPrikeyAsn1Buff(CRYPT_EAL_PkeyCtx *ealPriKey, BSL_ASN1_Buffer *pk8AlgoParam, BSL_Buffer *encode);
180
181 int32_t EncodePk8PriKeyBuff(CRYPT_EAL_PkeyCtx *ealPriKey, BSL_Buffer *asn1);
182
183 int32_t CRYPT_ENCODE_SubPubkeyByInfo(BSL_ASN1_Buffer *algo, BSL_Buffer *bitStr, BSL_Buffer *encodeH,
184 bool isComplete);
185
186 int32_t CRYPT_ENCODE_AlgoIdAsn1Buff(BSL_ASN1_Buffer *algoId, uint32_t algoIdNum, uint8_t **buff,
187 uint32_t *buffLen);
188
189 int32_t CRYPT_ENCODE_PkcsEncryptedBuff(CRYPT_EAL_LibCtx *libCtx, const char *attrName, CRYPT_Pbkdf2Param *pkcsParam,
190 BSL_Buffer *unEncrypted, BSL_ASN1_Buffer *asn1);
191
192 int32_t CRYPT_ENCODE_EccPrikeyAsn1Buff(BSL_ASN1_Buffer *asn1, uint32_t asn1Num, BSL_Buffer *encode);
193
194 #ifdef HITLS_CRYPTO_KEY_EPKI
195 int32_t EncodePk8EncPriKeyBuff(CRYPT_EAL_LibCtx *libCtx, const char *attrName, CRYPT_EAL_PkeyCtx *ealPriKey,
196 const CRYPT_EncodeParam *encodeParam, BSL_Buffer *encode);
197 #endif
198
199 int32_t CRYPT_EAL_EncodeAsn1SubPubkey(CRYPT_EAL_PkeyCtx *ealPubKey, bool isComplete, BSL_Buffer *encodeH);
200
201 #ifdef HITLS_CRYPTO_RSA
202 int32_t CRYPT_ENCODE_RsaPrikeyAsn1Buff(BSL_ASN1_Buffer *asn1, uint32_t asn1Num, BSL_Buffer *encode);
203
204 int32_t CRYPT_ENCODE_RsaPubkeyAsn1Buff(BSL_ASN1_Buffer *pubAsn1, BSL_Buffer *encodePub);
205 #endif
206 #endif
207
IsEcdsaEcParaId(int32_t paraId)208 static inline bool IsEcdsaEcParaId(int32_t paraId)
209 {
210 return paraId == CRYPT_ECC_NISTP224 || paraId == CRYPT_ECC_NISTP256 ||
211 paraId == CRYPT_ECC_NISTP384 || paraId == CRYPT_ECC_NISTP521 ||
212 paraId == CRYPT_ECC_BRAINPOOLP256R1 || paraId == CRYPT_ECC_BRAINPOOLP384R1 ||
213 paraId == CRYPT_ECC_BRAINPOOLP512R1;
214 }
215
216 #ifdef __cplusplus
217 }
218 #endif
219
220 #endif // HITLS_CRYPTO_CODECSKEY
221
222 #endif // CRYPT_ENCODE_DECODE_KEY_LOCAL_H
223