1 /*
2 * This file is part of the openHiTLS project.
3 *
4 * openHiTLS is licensed under the Mulan PSL v2.
5 * You can use this software according to the terms and conditions of the Mulan PSL v2.
6 * You may obtain a copy of Mulan PSL v2 at:
7 *
8 * http://license.coscl.org.cn/MulanPSL2
9 *
10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13 * See the Mulan PSL v2 for more details.
14 */
15
16 #include "hitls_build.h"
17 #if defined(HITLS_TLS_FEATURE_PROVIDER) || defined(HITLS_TLS_CALLBACK_CRYPT)
18 #include <string.h>
19 #include "securec.h"
20 #include "bsl_log_internal.h"
21 #include "bsl_err_internal.h"
22 #include "tls_binlog_id.h"
23 #include "crypt_algid.h"
24 #include "hitls_crypt_type.h"
25 #include "crypt_eal_rand.h"
26 #include "crypt_eal_md.h"
27 #include "crypt_eal_mac.h"
28 #include "crypt_eal_cipher.h"
29 #include "crypt_eal_pkey.h"
30 #include "crypt_eal_kdf.h"
31 #include "crypt_errno.h"
32 #include "hitls_error.h"
33 #include "crypt_default.h"
34 #include "bsl_params.h"
35 #include "crypt_params_key.h"
36 #include "config_type.h"
37 #include "hitls_crypt.h"
38
39 #ifndef HITLS_CRYPTO_EAL
40 #error "Missing definition of HITLS_CRYPTO_EAL"
41 #endif
42
43 #ifdef HITLS_TLS_SUITE_KX_DHE
44 #define MIN_DH8192_SECBITS 192
45 #define MIN_DH4096_SECBITS 152
46 #define MIN_DH3072_SECBITS 128
47 #define MIN_DH2048_SECBITS 112
48 #ifdef HITLS_CRYPTO_PKEY
49 #define MAX_PKEY_PARA_LEN 1024
50 #endif
51 #endif // HITLS_TLS_SUITE_KX_DHE
52
53
54 #define CCM_TLS_TAG_LEN 16u
55 #define CCM8_TLS_TAG_LEN 8u
56
57 /* The default user id as specified in GM/T 0009-2012 */
58 char g_SM2DefaultUserid[] = "1234567812345678";
59 #ifdef HITLS_TLS_PROTO_TLCP11
60 #define SM2_DEFAULT_USERID_LEN 16u
61 #define SM2_PUBKEY_LEN 65
62 #define SM2_PRVKEY_LEN 33
63 #endif // HITLS_TLS_PROTO_TLCP11
64
65 #ifdef HITLS_CRYPTO_MAC
GetHmacAlgId(HITLS_HashAlgo hashAlgo)66 static uint32_t GetHmacAlgId(HITLS_HashAlgo hashAlgo)
67 {
68 switch (hashAlgo) {
69 case HITLS_HASH_SHA_256:
70 return CRYPT_MAC_HMAC_SHA256;
71 case HITLS_HASH_SHA_384:
72 return CRYPT_MAC_HMAC_SHA384;
73 case HITLS_HASH_SHA_512:
74 return CRYPT_MAC_HMAC_SHA512;
75 case HITLS_HASH_MD5:
76 return CRYPT_MAC_HMAC_MD5;
77 case HITLS_HASH_SHA1:
78 return CRYPT_MAC_HMAC_SHA1;
79 case HITLS_HASH_SHA_224:
80 return CRYPT_MAC_HMAC_SHA224;
81 case HITLS_HASH_SM3:
82 return CRYPT_MAC_HMAC_SM3;
83 default:
84 break;
85 }
86 return CRYPT_MAC_MAX;
87 }
88 #endif // HITLS_CRYPTO_MAC
89
90 #ifdef HITLS_CRYPTO_CIPHER
GetCipherAlgId(HITLS_CipherAlgo cipherAlgo)91 static int32_t GetCipherAlgId(HITLS_CipherAlgo cipherAlgo)
92 {
93 switch (cipherAlgo) {
94 case HITLS_CIPHER_AES_128_CCM8:
95 return CRYPT_CIPHER_AES128_CCM;
96 case HITLS_CIPHER_AES_256_CCM8:
97 return CRYPT_CIPHER_AES256_CCM;
98 default:
99 break;
100 }
101 return cipherAlgo;
102 }
103
IsCipherCCM8(HITLS_CipherAlgo cipherAlgo)104 static bool IsCipherCCM8(HITLS_CipherAlgo cipherAlgo)
105 {
106 switch (cipherAlgo) {
107 case HITLS_CIPHER_AES_128_CCM8:
108 return true;
109 case HITLS_CIPHER_AES_256_CCM8:
110 return true;
111 default:
112 break;
113 }
114 return false;
115 }
116 #endif
117
118 #ifdef HITLS_TLS_CALLBACK_CRYPT_HMAC_PRIMITIVES
HITLS_CRYPT_HMAC_Init(HITLS_Lib_Ctx * libCtx,const char * attrName,HITLS_HashAlgo hashAlgo,const uint8_t * key,uint32_t len)119 HITLS_HMAC_Ctx *HITLS_CRYPT_HMAC_Init(HITLS_Lib_Ctx *libCtx, const char *attrName,
120 HITLS_HashAlgo hashAlgo, const uint8_t *key, uint32_t len)
121 {
122 #ifdef HITLS_CRYPTO_MAC
123 CRYPT_MAC_AlgId id = GetHmacAlgId(hashAlgo);
124 if (id == CRYPT_MAC_MAX) {
125 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16618, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "hashAlgo err", 0, 0, 0, 0);
126 return NULL;
127 }
128 CRYPT_EAL_MacCtx *ctx = NULL;
129 ctx = CRYPT_EAL_ProviderMacNewCtx(libCtx, id, attrName);
130 if (ctx == NULL) {
131 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16619, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "MacNewCtx fail", 0, 0, 0, 0);
132 return NULL;
133 }
134
135 int32_t ret = CRYPT_EAL_MacInit(ctx, key, len);
136 if (ret != CRYPT_SUCCESS) {
137 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16620, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "MacInit fail", 0, 0, 0, 0);
138 CRYPT_EAL_MacFreeCtx(ctx);
139 return NULL;
140 }
141
142 return ctx;
143 #else // HITLS_CRYPTO_MAC
144 (void)hashAlgo;
145 (void)key;
146 (void)len;
147 (void)libCtx;
148 (void)attrName;
149 return NULL;
150 #endif // HITLS_CRYPTO_MAC
151 }
152
153
HITLS_CRYPT_HMAC_ReInit(HITLS_HMAC_Ctx * ctx)154 int32_t HITLS_CRYPT_HMAC_ReInit(HITLS_HMAC_Ctx *ctx)
155 {
156 #ifdef HITLS_CRYPTO_MAC
157 return CRYPT_EAL_MacReinit(ctx);
158 #else
159 (void)ctx;
160 return CRYPT_EAL_ALG_NOT_SUPPORT;
161 #endif
162 }
163
HITLS_CRYPT_HMAC_Free(HITLS_HMAC_Ctx * ctx)164 void HITLS_CRYPT_HMAC_Free(HITLS_HMAC_Ctx *ctx)
165 {
166 #ifdef HITLS_CRYPTO_MAC
167 CRYPT_EAL_MacFreeCtx(ctx);
168 #else
169 (void)ctx;
170 #endif
171 return;
172 }
173
HITLS_CRYPT_HMAC_Update(HITLS_HMAC_Ctx * ctx,const uint8_t * data,uint32_t len)174 int32_t HITLS_CRYPT_HMAC_Update(HITLS_HMAC_Ctx *ctx, const uint8_t *data, uint32_t len)
175 {
176 #ifdef HITLS_CRYPTO_MAC
177 return CRYPT_EAL_MacUpdate(ctx, data, len);
178 #else
179 (void)ctx;
180 (void)data;
181 (void)len;
182 return CRYPT_EAL_ALG_NOT_SUPPORT;
183 #endif
184 }
185
HITLS_CRYPT_HMAC_Final(HITLS_HMAC_Ctx * ctx,uint8_t * out,uint32_t * len)186 int32_t HITLS_CRYPT_HMAC_Final(HITLS_HMAC_Ctx *ctx, uint8_t *out, uint32_t *len)
187 {
188 #ifdef HITLS_CRYPTO_MAC
189 return CRYPT_EAL_MacFinal(ctx, out, len);
190 #else
191 (void)ctx;
192 (void)out;
193 (void)len;
194 return CRYPT_EAL_ALG_NOT_SUPPORT;
195 #endif
196 }
197
198 #endif /* HITLS_TLS_CALLBACK_CRYPT_HMAC_PRIMITIVES */
199
HITLS_CRYPT_HMAC(HITLS_Lib_Ctx * libCtx,const char * attrName,HITLS_HashAlgo hashAlgo,const uint8_t * key,uint32_t keyLen,const uint8_t * in,uint32_t inLen,uint8_t * out,uint32_t * outLen)200 int32_t HITLS_CRYPT_HMAC(HITLS_Lib_Ctx *libCtx, const char *attrName,
201 HITLS_HashAlgo hashAlgo, const uint8_t *key, uint32_t keyLen,
202 const uint8_t *in, uint32_t inLen, uint8_t *out, uint32_t *outLen)
203 {
204 #ifdef HITLS_CRYPTO_MAC
205 CRYPT_MAC_AlgId id = GetHmacAlgId(hashAlgo);
206 if (id == CRYPT_MAC_MAX) {
207 return RETURN_ERROR_NUMBER_PROCESS(HITLS_CRYPT_ERR_HMAC, BINLOG_ID16621, "No proper id");
208 }
209 CRYPT_EAL_MacCtx *ctx = NULL;
210 ctx = CRYPT_EAL_ProviderMacNewCtx(libCtx, id, attrName);
211 if (ctx == NULL) {
212 return RETURN_ERROR_NUMBER_PROCESS(HITLS_CRYPT_ERR_HMAC, BINLOG_ID16622, "new ctx fail");
213 }
214
215 int32_t ret = CRYPT_EAL_MacInit(ctx, key, keyLen);
216 if (ret != CRYPT_SUCCESS) {
217 CRYPT_EAL_MacFreeCtx(ctx);
218 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16623, "mac init fail");
219 }
220
221 ret = CRYPT_EAL_MacUpdate(ctx, in, inLen);
222 if (ret != CRYPT_SUCCESS) {
223 BSL_ERR_PUSH_ERROR(ret);
224 CRYPT_EAL_MacFreeCtx(ctx);
225 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16624, "MacUpdate fail");
226 }
227
228 ret = CRYPT_EAL_MacFinal(ctx, out, outLen);
229 if (ret != CRYPT_SUCCESS) {
230 BSL_ERR_PUSH_ERROR(ret);
231 CRYPT_EAL_MacFreeCtx(ctx);
232 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16625, "MacFinal fail");
233 }
234
235 CRYPT_EAL_MacFreeCtx(ctx);
236 return HITLS_SUCCESS;
237 #else // HITLS_CRYPTO_MAC
238 (void)hashAlgo;
239 (void)key;
240 (void)keyLen;
241 (void)in;
242 (void)inLen;
243 (void)out;
244 (void)outLen;
245 (void)libCtx;
246 (void)attrName;
247 return CRYPT_EAL_ALG_NOT_SUPPORT;
248 #endif // HITLS_CRYPTO_MAC
249 }
250
HITLS_CRYPT_DigestInit(HITLS_Lib_Ctx * libCtx,const char * attrName,HITLS_HashAlgo hashAlgo)251 HITLS_HASH_Ctx *HITLS_CRYPT_DigestInit(HITLS_Lib_Ctx *libCtx, const char *attrName, HITLS_HashAlgo hashAlgo)
252 {
253 #ifdef HITLS_CRYPTO_MD
254 CRYPT_EAL_MdCTX *ctx = NULL;
255 ctx = CRYPT_EAL_ProviderMdNewCtx(libCtx, hashAlgo, attrName);
256 if (ctx == NULL) {
257 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16628, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "MdNewCtx fail", 0, 0, 0, 0);
258 return NULL;
259 }
260
261 int32_t ret = CRYPT_EAL_MdInit(ctx);
262 if (ret != CRYPT_SUCCESS) {
263 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16629, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "MdInit fail", 0, 0, 0, 0);
264 CRYPT_EAL_MdFreeCtx(ctx);
265 return NULL;
266 }
267
268 return ctx;
269 #else // HITLS_CRYPTO_MD
270 (void)hashAlgo;
271 (void)libCtx;
272 (void)attrName;
273 return NULL;
274 #endif // HITLS_CRYPTO_MD
275 }
276
HITLS_CRYPT_Digest(HITLS_Lib_Ctx * libCtx,const char * attrName,HITLS_HashAlgo hashAlgo,const uint8_t * in,uint32_t inLen,uint8_t * out,uint32_t * outLen)277 int32_t HITLS_CRYPT_Digest(HITLS_Lib_Ctx *libCtx, const char *attrName,
278 HITLS_HashAlgo hashAlgo, const uint8_t *in, uint32_t inLen,
279 uint8_t *out, uint32_t *outLen)
280 {
281 #ifdef HITLS_CRYPTO_MD
282 int32_t ret;
283 CRYPT_EAL_MdCTX *ctx = NULL;
284 ctx = CRYPT_EAL_ProviderMdNewCtx(libCtx, hashAlgo, attrName);
285 if (ctx == NULL) {
286 return RETURN_ERROR_NUMBER_PROCESS(HITLS_CRYPT_ERR_DIGEST, BINLOG_ID16631, "MdNewCtx fail");
287 }
288
289 ret = CRYPT_EAL_MdInit(ctx);
290 if (ret != CRYPT_SUCCESS) {
291 CRYPT_EAL_MdFreeCtx(ctx);
292 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16632, "MdInit fail");
293 }
294
295 ret = CRYPT_EAL_MdUpdate(ctx, in, inLen);
296 if (ret != CRYPT_SUCCESS) {
297 CRYPT_EAL_MdFreeCtx(ctx);
298 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16633, "MdUpdate fail");
299 }
300
301 ret = CRYPT_EAL_MdFinal(ctx, out, outLen);
302 if (ret != CRYPT_SUCCESS) {
303 CRYPT_EAL_MdFreeCtx(ctx);
304 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16634, "MdFinal fail");
305 }
306
307 CRYPT_EAL_MdFreeCtx(ctx);
308 return HITLS_SUCCESS;
309 #else // HITLS_CRYPTO_MD
310 (void)hashAlgo;
311 (void)in;
312 (void)inLen;
313 (void)out;
314 (void)outLen;
315 (void)libCtx;
316 (void)attrName;
317 return CRYPT_EAL_ALG_NOT_SUPPORT;
318 #endif // HITLS_CRYPTO_MD
319 }
320
SpecialModeEncryptPreSolve(CRYPT_EAL_CipherCtx * ctx,const HITLS_CipherParameters * cipher,uint64_t inLen)321 static int32_t SpecialModeEncryptPreSolve(CRYPT_EAL_CipherCtx *ctx, const HITLS_CipherParameters *cipher,
322 uint64_t inLen)
323 {
324 #ifdef HITLS_CRYPTO_CIPHER
325 int32_t ret = CRYPT_SUCCESS;
326
327 if (IsCipherCCM8(cipher->algo)) {
328 uint32_t tagLen = CCM8_TLS_TAG_LEN;
329 ret = CRYPT_EAL_CipherCtrl(ctx, CRYPT_CTRL_SET_TAGLEN, &tagLen, sizeof(tagLen));
330 if (ret != CRYPT_SUCCESS) {
331 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16635, "SET_TAGLEN fail");
332 }
333 }
334 // In the case of CCM processing, msgLen needs to be set.
335 if ((cipher->algo == HITLS_CIPHER_AES_128_CCM) || (cipher->algo == HITLS_CIPHER_AES_128_CCM8) ||
336 (cipher->algo == HITLS_CIPHER_AES_256_CCM) || (cipher->algo == HITLS_CIPHER_AES_256_CCM8)) {
337 ret = CRYPT_EAL_CipherCtrl(ctx, CRYPT_CTRL_SET_MSGLEN, &inLen, sizeof(inLen));
338 if (ret != CRYPT_SUCCESS) {
339 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16636, "SET_MSGLEN fail");
340 }
341 }
342
343 if (cipher->type == HITLS_AEAD_CIPHER) {
344 ret = CRYPT_EAL_CipherCtrl(ctx, CRYPT_CTRL_SET_AAD, cipher->aad, cipher->aadLen);
345 }
346
347 return ret;
348 #else // HITLS_CRYPTO_CIPHER
349 (void)ctx;
350 (void)cipher;
351 (void)inLen;
352 return CRYPT_EAL_ALG_NOT_SUPPORT;
353 #endif // HITLS_CRYPTO_CIPHER
354 }
355
356 #ifdef HITLS_CRYPTO_CIPHER
GetCipherInitCtx(HITLS_Lib_Ctx * libCtx,const char * attrName,const HITLS_CipherParameters * cipher,CRYPT_EAL_CipherCtx ** ctx,bool enc)357 static int32_t GetCipherInitCtx(HITLS_Lib_Ctx *libCtx, const char *attrName,
358 const HITLS_CipherParameters *cipher, CRYPT_EAL_CipherCtx **ctx, bool enc)
359 {
360 if (*ctx != NULL) {
361 return CRYPT_EAL_CipherReinit(*ctx, (uint8_t *)(uintptr_t)cipher->iv, cipher->ivLen);
362 }
363
364 *ctx = CRYPT_EAL_ProviderCipherNewCtx(libCtx, GetCipherAlgId(cipher->algo), attrName);
365
366 int32_t ret = CRYPT_EAL_CipherInit(*ctx, cipher->key, cipher->keyLen, cipher->iv, cipher->ivLen, enc);
367 if (ret != CRYPT_SUCCESS) {
368 CRYPT_EAL_CipherFreeCtx(*ctx);
369 *ctx = NULL;
370 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16639, "CipherInit fail");
371 }
372 return CRYPT_SUCCESS;
373 }
374 #endif
375
HITLS_CRYPT_Encrypt(HITLS_Lib_Ctx * libCtx,const char * attrName,const HITLS_CipherParameters * cipher,const uint8_t * in,uint32_t inLen,uint8_t * out,uint32_t * outLen)376 int32_t HITLS_CRYPT_Encrypt(HITLS_Lib_Ctx *libCtx, const char *attrName, const HITLS_CipherParameters *cipher,
377 const uint8_t *in, uint32_t inLen, uint8_t *out, uint32_t *outLen)
378 {
379 #ifdef HITLS_CRYPTO_CIPHER
380 if (cipher == NULL) {
381 return RETURN_ERROR_NUMBER_PROCESS(HITLS_NULL_INPUT, BINLOG_ID17313, "encrypt null input");
382 }
383 CRYPT_EAL_CipherCtx *tmpCtx = NULL;
384 CRYPT_EAL_CipherCtx **ctx = cipher->ctx == NULL ? &tmpCtx : (CRYPT_EAL_CipherCtx **)cipher->ctx;
385 int32_t ret = GetCipherInitCtx(libCtx, attrName, cipher, ctx, true);
386 if (ret != CRYPT_SUCCESS) {
387 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16640, "GetCipherInitCtx fail");
388 }
389
390 ret = SpecialModeEncryptPreSolve(*ctx, cipher, inLen);
391 if (ret != CRYPT_SUCCESS) {
392 CRYPT_EAL_CipherFreeCtx(*ctx);
393 *ctx = NULL;
394 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16641, "SpecialModeEncryptPreSolve fail");
395 }
396
397 uint32_t cipherLen = *outLen;
398 ret = CRYPT_EAL_CipherUpdate(*ctx, in, inLen, out, &cipherLen);
399 if (ret != CRYPT_SUCCESS) {
400 CRYPT_EAL_CipherFreeCtx(*ctx);
401 *ctx = NULL;
402 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16642, "CipherUpdate fail");
403 }
404
405 if (*outLen < cipherLen) {
406 CRYPT_EAL_CipherFreeCtx(*ctx);
407 *ctx = NULL;
408 return RETURN_ERROR_NUMBER_PROCESS(HITLS_CRYPT_ERR_ENCRYPT, BINLOG_ID16643, "outLen less than cipherLen");
409 }
410
411 uint32_t finLen = *outLen - cipherLen;
412 if (cipher->type == HITLS_AEAD_CIPHER) {
413 finLen = IsCipherCCM8(cipher->algo) ? CCM8_TLS_TAG_LEN : CCM_TLS_TAG_LEN;
414 ret = CRYPT_EAL_CipherCtrl(*ctx, CRYPT_CTRL_GET_TAG, out + cipherLen, finLen);
415 } else {
416 ret = CRYPT_EAL_CipherFinal(*ctx, out + cipherLen, &finLen);
417 }
418 if (ret != CRYPT_SUCCESS) {
419 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16644, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
420 "%d , get finLen fail", cipher->type, 0, 0, 0);
421 CRYPT_EAL_CipherFreeCtx(*ctx);
422 *ctx = NULL;
423 return ret;
424 }
425 *outLen = cipherLen + finLen;
426 if (cipher->ctx == NULL) {
427 CRYPT_EAL_CipherFreeCtx(*ctx);
428 }
429 return HITLS_SUCCESS;
430 #else // HITLS_CRYPTO_CIPHER
431 (void)cipher;
432 (void)in;
433 (void)inLen;
434 (void)out;
435 (void)outLen;
436 (void)libCtx;
437 (void)attrName;
438 return CRYPT_EAL_ALG_NOT_SUPPORT;
439 #endif // HITLS_CRYPTO_CIPHER
440 }
441
AeadDecrypt(CRYPT_EAL_CipherCtx * ctx,const HITLS_CipherParameters * cipher,const uint8_t * in,uint32_t inLen,uint8_t * out,uint32_t * outLen)442 static int32_t AeadDecrypt(CRYPT_EAL_CipherCtx *ctx, const HITLS_CipherParameters *cipher, const uint8_t *in,
443 uint32_t inLen, uint8_t *out, uint32_t *outLen)
444 {
445 #ifdef HITLS_CRYPTO_CIPHER
446 int32_t ret;
447 uint32_t tagLen = IsCipherCCM8(cipher->algo) ?
448 CCM8_TLS_TAG_LEN : CCM_TLS_TAG_LEN;
449 uint32_t cipherLen = inLen - tagLen;
450 uint32_t plainLen = *outLen;
451
452 ret = CRYPT_EAL_CipherUpdate(ctx, in, cipherLen, out, &plainLen);
453 if (ret != CRYPT_SUCCESS) {
454 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16645, "CipherUpdate fail");
455 }
456
457 if (plainLen != cipherLen) {
458 return RETURN_ERROR_NUMBER_PROCESS(HITLS_CRYPT_ERR_DECRYPT, BINLOG_ID16646, "decrypt err");
459 }
460
461 uint8_t tag[16u] = {0};
462 ret = CRYPT_EAL_CipherCtrl(ctx, CRYPT_CTRL_GET_TAG, tag, tagLen);
463 if (ret != HITLS_SUCCESS) {
464 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16647, "GET_TAG err");
465 }
466
467 if (memcmp(tag, in + cipherLen, tagLen) != 0) {
468 return RETURN_ERROR_NUMBER_PROCESS(HITLS_CRYPT_ERR_DECRYPT, BINLOG_ID16648, "memcmp tag fail");
469 }
470
471 *outLen = plainLen;
472 return HITLS_SUCCESS;
473 #else // HITLS_CRYPTO_CIPHER
474 (void)cipher;
475 (void)out;
476 (void)outLen;
477 (void)in;
478 (void)inLen;
479 return CRYPT_EAL_ALG_NOT_SUPPORT;
480 #endif // HITLS_CRYPTO_CIPHER
481 }
482
483 #ifdef HITLS_TLS_SUITE_CIPHER_CBC
CbcDecrypt(CRYPT_EAL_CipherCtx * ctx,const uint8_t * in,uint32_t inLen,uint8_t * out,uint32_t * outLen)484 int32_t CbcDecrypt(CRYPT_EAL_CipherCtx *ctx, const uint8_t *in, uint32_t inLen, uint8_t *out, uint32_t *outLen)
485 {
486 #ifdef HITLS_CRYPTO_CIPHER
487 int32_t ret;
488 uint32_t plainLen = *outLen;
489
490 ret = CRYPT_EAL_CipherUpdate(ctx, in, inLen, out, &plainLen);
491 if (ret != CRYPT_SUCCESS) {
492 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16649, "CipherUpdate fail");
493 }
494
495 if (*outLen < plainLen) {
496 return RETURN_ERROR_NUMBER_PROCESS(HITLS_CRYPT_ERR_DECRYPT, BINLOG_ID16650, "CipherUpdate fail");
497 }
498
499 uint32_t finLen = *outLen - plainLen;
500 ret = CRYPT_EAL_CipherFinal(ctx, out + plainLen, &finLen);
501 if (ret != CRYPT_SUCCESS) {
502 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16651, "CipherUpdate fail");
503 }
504 plainLen += finLen;
505
506 *outLen = plainLen;
507 return HITLS_SUCCESS;
508 #else
509 (void)ctx;
510 (void)out;
511 (void)outLen;
512 (void)in;
513 (void)inLen;
514 return CRYPT_EAL_ALG_NOT_SUPPORT;
515 #endif
516 }
517 #endif /* HITLS_TLS_SUITE_CIPHER_CBC */
518
519 #ifdef HITLS_CRYPTO_CIPHER
DEFAULT_DecryptPrepare(CRYPT_EAL_CipherCtx * ctx,const HITLS_CipherParameters * cipher,uint32_t inLen)520 static int32_t DEFAULT_DecryptPrepare(CRYPT_EAL_CipherCtx *ctx, const HITLS_CipherParameters *cipher, uint32_t inLen)
521 {
522 int32_t ret = CRYPT_SUCCESS;
523 uint32_t tagLen = CCM_TLS_TAG_LEN;
524 if (IsCipherCCM8(cipher->algo)) {
525 tagLen = CCM8_TLS_TAG_LEN;
526 /* The default value of tagLen is 16 for the ctx generated by the CRYPT_EAL_CipherNewCtx.
527 Therefore, need to set this parameter again. */
528 ret = CRYPT_EAL_CipherCtrl(ctx, CRYPT_CTRL_SET_TAGLEN, &tagLen, sizeof(tagLen));
529 if (ret != CRYPT_SUCCESS) {
530 CRYPT_EAL_CipherFreeCtx(ctx);
531 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16652, "CipherUpdate fail");
532 }
533 }
534 if ((cipher->algo == HITLS_CIPHER_AES_128_CCM) || (cipher->algo == HITLS_CIPHER_AES_128_CCM8) ||
535 (cipher->algo == HITLS_CIPHER_AES_256_CCM) || (cipher->algo == HITLS_CIPHER_AES_256_CCM8)) {
536 // The length of the decrypted ciphertext consists of msgLen and tagLen, so tagLen needs to be subtracted.
537 uint64_t msgLen = inLen - tagLen;
538 ret = CRYPT_EAL_CipherCtrl(ctx, CRYPT_CTRL_SET_MSGLEN, &msgLen, sizeof(msgLen));
539 if (ret != CRYPT_SUCCESS) {
540 CRYPT_EAL_CipherFreeCtx(ctx);
541 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16653, "CipherUpdate fail");
542 }
543 }
544 return ret;
545 }
546 #endif
547
HITLS_CRYPT_Decrypt(HITLS_Lib_Ctx * libCtx,const char * attrName,const HITLS_CipherParameters * cipher,const uint8_t * in,uint32_t inLen,uint8_t * out,uint32_t * outLen)548 int32_t HITLS_CRYPT_Decrypt(HITLS_Lib_Ctx *libCtx, const char *attrName, const HITLS_CipherParameters *cipher,
549 const uint8_t *in, uint32_t inLen, uint8_t *out, uint32_t *outLen)
550 {
551 #ifdef HITLS_CRYPTO_CIPHER
552 if (cipher == NULL) {
553 return RETURN_ERROR_NUMBER_PROCESS(HITLS_NULL_INPUT, BINLOG_ID17312, "encrypt null input");
554 }
555 CRYPT_EAL_CipherCtx *tmpCtx = NULL;
556 CRYPT_EAL_CipherCtx **ctx = cipher->ctx == NULL ? &tmpCtx : (CRYPT_EAL_CipherCtx **)cipher->ctx;
557 int32_t ret = GetCipherInitCtx(libCtx, attrName, cipher, ctx, false);
558 if (ret != CRYPT_SUCCESS) {
559 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16654, "CipherUpdate fail");
560 }
561
562 ret = DEFAULT_DecryptPrepare(*ctx, cipher, inLen);
563 if (ret != CRYPT_SUCCESS) {
564 *ctx = NULL;
565 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16655, "CipherUpdate fail");
566 }
567
568 if (cipher->type == HITLS_AEAD_CIPHER) {
569 ret = CRYPT_EAL_CipherCtrl(*ctx, CRYPT_CTRL_SET_AAD, cipher->aad, cipher->aadLen);
570 if (ret != CRYPT_SUCCESS) {
571 CRYPT_EAL_CipherFreeCtx(*ctx);
572 *ctx = NULL;
573 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16656, "SET_AAD fail");
574 }
575 ret = AeadDecrypt(*ctx, cipher, in, inLen, out, outLen);
576 #ifdef HITLS_TLS_SUITE_CIPHER_CBC
577 } else if (cipher->type == HITLS_CBC_CIPHER) {
578 ret = CbcDecrypt(*ctx, in, inLen, out, outLen);
579 #endif
580 } else {
581 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16657, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
582 "not support other cipher type", 0, 0, 0, 0);
583 ret = HITLS_CRYPT_ERR_DECRYPT;
584 }
585 if (cipher->ctx == NULL) {
586 CRYPT_EAL_CipherFreeCtx(*ctx);
587 }
588 return ret;
589 #else
590 (void)cipher;
591 (void)in;
592 (void)out;
593 (void)outLen;
594 (void)inLen;
595 (void)libCtx;
596 (void)attrName;
597 return CRYPT_EAL_ALG_NOT_SUPPORT;
598 #endif
599 }
600
601 #ifdef HITLS_CRYPTO_PKEY
GeneratePkeyByParaId(HITLS_Lib_Ctx * libCtx,const char * attrName,CRYPT_PKEY_AlgId algId,CRYPT_PKEY_ParaId paraId,bool isKem)602 CRYPT_EAL_PkeyCtx *GeneratePkeyByParaId(HITLS_Lib_Ctx *libCtx, const char *attrName,
603 CRYPT_PKEY_AlgId algId, CRYPT_PKEY_ParaId paraId, bool isKem)
604 {
605 int32_t ret;
606 CRYPT_EAL_PkeyCtx *pkey = NULL;
607 pkey = CRYPT_EAL_ProviderPkeyNewCtx(libCtx, algId, isKem ? CRYPT_EAL_PKEY_KEM_OPERATE : CRYPT_EAL_PKEY_EXCH_OPERATE, attrName);
608 if (pkey == NULL) {
609 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16658, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
610 "PkeyNewCtx fail", 0, 0, 0, 0);
611 return NULL;
612 }
613
614 if (paraId != CRYPT_PKEY_PARAID_MAX) {
615 ret = CRYPT_EAL_PkeySetParaById(pkey, paraId);
616 if (ret != CRYPT_SUCCESS) {
617 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16659, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
618 "PkeySetParaById fail", 0, 0, 0, 0);
619 CRYPT_EAL_PkeyFreeCtx(pkey);
620 return NULL;
621 }
622 }
623
624 ret = CRYPT_EAL_PkeyGen(pkey);
625 if (ret != CRYPT_SUCCESS) {
626 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16660, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "PkeyGen fail %u", ret, 0, 0, 0);
627 CRYPT_EAL_PkeyFreeCtx(pkey);
628 return NULL;
629 }
630
631 return pkey;
632 }
633 #endif
634
GenerateKeyByNamedGroup(HITLS_Lib_Ctx * libCtx,const char * attrName,const HITLS_Config * config,HITLS_NamedGroup groupId)635 CRYPT_EAL_PkeyCtx *GenerateKeyByNamedGroup(HITLS_Lib_Ctx *libCtx, const char *attrName,
636 const HITLS_Config *config, HITLS_NamedGroup groupId)
637 {
638 #ifdef HITLS_CRYPTO_PKEY
639 const TLS_GroupInfo *groupInfo = ConfigGetGroupInfo(config, groupId);
640 if (groupInfo == NULL) {
641 return NULL;
642 }
643 return GeneratePkeyByParaId(libCtx, attrName, groupInfo->algId, groupInfo->paraId, groupInfo->isKem);
644 #else
645 (void)libCtx;
646 (void)attrName;
647 (void)config;
648 (void)groupId;
649 #endif
650 return NULL;
651 }
652
HITLS_CRYPT_GenerateEcdhKey(HITLS_Lib_Ctx * libCtx,const char * attrName,const HITLS_Config * config,const HITLS_ECParameters * curveParams)653 HITLS_CRYPT_Key *HITLS_CRYPT_GenerateEcdhKey(HITLS_Lib_Ctx *libCtx, const char *attrName,
654 const HITLS_Config *config, const HITLS_ECParameters *curveParams)
655 {
656 switch (curveParams->type) {
657 case HITLS_EC_CURVE_TYPE_NAMED_CURVE:
658 return GenerateKeyByNamedGroup(libCtx, attrName, config, curveParams->param.namedcurve);
659 default:
660 break;
661 }
662 return NULL;
663 }
664
665 #ifdef HITLS_CRYPTO_PKEY
666 #ifdef HITLS_TLS_PROTO_TLCP11
SetSM2SelfCtx(CRYPT_EAL_PkeyCtx * selfCtx,HITLS_Sm2GenShareKeyParameters * sm2Params)667 static int32_t SetSM2SelfCtx(CRYPT_EAL_PkeyCtx *selfCtx, HITLS_Sm2GenShareKeyParameters *sm2Params)
668 {
669 uint8_t localPrvData[SM2_PRVKEY_LEN] = {0};
670 CRYPT_EAL_PkeyPrv localPrv = { 0 };
671 localPrv.id = CRYPT_PKEY_SM2;
672 localPrv.key.eccPrv.data = localPrvData;
673 localPrv.key.eccPrv.len = sizeof(localPrvData);
674
675 int32_t ret = CRYPT_EAL_PkeyGetPrv(sm2Params->tmpPriKey, &localPrv);
676 if (ret != CRYPT_SUCCESS) {
677 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16667, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "GetPrv fail", 0, 0, 0, 0);
678 return ret;
679 }
680 ret = CRYPT_EAL_PkeyCtrl(selfCtx, CRYPT_CTRL_SET_SM2_RANDOM, localPrv.key.eccPrv.data, localPrv.key.eccPrv.len);
681 (void)memset_s(localPrvData, SM2_PRVKEY_LEN, 0, SM2_PRVKEY_LEN);
682 if (ret != CRYPT_SUCCESS) {
683 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16668, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
684 "SET_SM2_RANDOM fail", 0, 0, 0, 0);
685 return ret;
686 }
687 ret = CRYPT_EAL_PkeyCtrl(selfCtx, CRYPT_CTRL_SET_SM2_USER_ID, (void *)g_SM2DefaultUserid, SM2_DEFAULT_USERID_LEN);
688 if (ret != CRYPT_SUCCESS) {
689 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16669, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
690 "SET_SM2_USER_ID fail", 0, 0, 0, 0);
691 return ret;
692 }
693 int32_t server = sm2Params->isClient ? 0 : 1;
694 return CRYPT_EAL_PkeyCtrl(selfCtx, CRYPT_CTRL_SET_SM2_SERVER, &server, sizeof(int32_t));
695 }
696
CalcSM2SecretPre(CRYPT_EAL_PkeyCtx * peerCtx,HITLS_Sm2GenShareKeyParameters * sm2Params)697 static int32_t CalcSM2SecretPre(
698 CRYPT_EAL_PkeyCtx *peerCtx, HITLS_Sm2GenShareKeyParameters *sm2Params)
699 {
700 uint8_t peerPubData[SM2_PUBKEY_LEN] = {0};
701 BSL_Param param[2] = { {0}, BSL_PARAM_END };
702 (void)BSL_PARAM_InitValue(param, CRYPT_PARAM_PKEY_ENCODE_PUBKEY, BSL_PARAM_TYPE_OCTETS,
703 peerPubData, SM2_PUBKEY_LEN);
704 int32_t ret = CRYPT_EAL_PkeyGetPubEx(sm2Params->peerPubKey, param);
705 if (ret != CRYPT_SUCCESS) {
706 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16673, "GetPub fail");
707 }
708 param[0].valueLen = param[0].useLen;
709 ret = CRYPT_EAL_PkeySetPubEx(peerCtx, param);
710 if (ret != CRYPT_SUCCESS) {
711 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16674, "SetPub fail");
712 }
713 ret = CRYPT_EAL_PkeyCtrl(peerCtx, CRYPT_CTRL_SET_SM2_R, sm2Params->tmpPeerPubkey, sm2Params->tmpPeerPubKeyLen);
714 if (ret != CRYPT_SUCCESS) {
715 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16675, "SET_SM2_R fail");
716 }
717 ret = CRYPT_EAL_PkeyCtrl(peerCtx, CRYPT_CTRL_SET_SM2_USER_ID, (void *)g_SM2DefaultUserid, SM2_DEFAULT_USERID_LEN);
718 if (ret != CRYPT_SUCCESS) {
719 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16676, "SET_SM2_USER_ID fail");
720 }
721 return CRYPT_SUCCESS;
722 }
723 #endif /* HITLS_TLS_PROTO_TLCP11 */
724 #endif
725
726 #ifdef HITLS_TLS_PROTO_TLCP11
HITLS_CRYPT_CalcSM2SharedSecret(HITLS_Lib_Ctx * libCtx,const char * attrName,HITLS_Sm2GenShareKeyParameters * sm2Params,uint8_t * sharedSecret,uint32_t * sharedSecretLen)727 int32_t HITLS_CRYPT_CalcSM2SharedSecret(HITLS_Lib_Ctx *libCtx, const char *attrName,
728 HITLS_Sm2GenShareKeyParameters *sm2Params, uint8_t *sharedSecret,
729 uint32_t *sharedSecretLen)
730 {
731 #ifdef HITLS_CRYPTO_PKEY
732 if (sm2Params->priKey == NULL || sm2Params->peerPubKey == NULL || sm2Params->tmpPriKey == NULL ||
733 sm2Params->tmpPeerPubkey == NULL) {
734 return RETURN_ERROR_NUMBER_PROCESS(HITLS_CRYPT_ERR_CALC_SHARED_KEY, BINLOG_ID16670, "input null");
735 }
736 CRYPT_EAL_PkeyCtx *selfCtx = (CRYPT_EAL_PkeyCtx *)sm2Params->priKey;
737 int32_t ret = SetSM2SelfCtx(selfCtx, sm2Params);
738 if (ret != CRYPT_SUCCESS) {
739 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16671, "SetSM2SelfCtx fail");
740 }
741 CRYPT_EAL_PkeyCtx *peerCtx = NULL;
742 peerCtx = CRYPT_EAL_ProviderPkeyNewCtx(libCtx, CRYPT_PKEY_SM2, CRYPT_EAL_PKEY_EXCH_OPERATE, attrName);
743 if (peerCtx == NULL) {
744 return RETURN_ERROR_NUMBER_PROCESS(HITLS_CRYPT_ERR_CALC_SHARED_KEY, BINLOG_ID16672, "peerCtx new fail");
745 }
746 ret = CalcSM2SecretPre(peerCtx, sm2Params);
747 if (ret != CRYPT_SUCCESS) {
748 goto EXIT;
749 }
750 ret = CRYPT_EAL_PkeyComputeShareKey(selfCtx, peerCtx, sharedSecret, sharedSecretLen);
751 EXIT:
752 CRYPT_EAL_PkeyFreeCtx(peerCtx);
753 return ret;
754 #else
755 (void)sm2Params;
756 (void)sharedSecret;
757 (void)sharedSecretLen;
758 (void)libCtx;
759 (void)attrName;
760 return CRYPT_EAL_ALG_NOT_SUPPORT;
761 #endif
762 }
763
764 #endif /* HITLS_TLS_PROTO_TLCP11 */
765
HITLS_CRYPT_DhCalcSharedSecret(HITLS_Lib_Ctx * libCtx,const char * attrName,HITLS_CRYPT_Key * key,uint8_t * peerPubkey,uint32_t pubKeyLen,uint8_t * sharedSecret,uint32_t * sharedSecretLen)766 int32_t HITLS_CRYPT_DhCalcSharedSecret(HITLS_Lib_Ctx *libCtx, const char *attrName,
767 HITLS_CRYPT_Key *key, uint8_t *peerPubkey, uint32_t pubKeyLen,
768 uint8_t *sharedSecret, uint32_t *sharedSecretLen)
769 {
770 #ifdef HITLS_CRYPTO_PKEY
771 uint32_t flag = CRYPT_DH_NO_PADZERO;
772 int32_t ret = CRYPT_EAL_PkeyCtrl(key, CRYPT_CTRL_SET_DH_FLAG, (void *)&flag, sizeof(uint32_t));
773 if (ret != CRYPT_SUCCESS) {
774 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID17354, "SET_DH_NOLEANDING_FLAG fail");
775 }
776 return HITLS_CRYPT_EcdhCalcSharedSecret(libCtx, attrName, key, peerPubkey, pubKeyLen, sharedSecret,
777 sharedSecretLen);
778 #else // HITLS_CRYPTO_PKEY
779 (void)key;
780 (void)pubKeyLen;
781 (void)peerPubkey;
782 (void)sharedSecret;
783 (void)sharedSecretLen;
784 (void)libCtx;
785 (void)attrName;
786 return CRYPT_EAL_ALG_NOT_SUPPORT;
787 #endif
788 }
789
HITLS_CRYPT_EcdhCalcSharedSecret(HITLS_Lib_Ctx * libCtx,const char * attrName,HITLS_CRYPT_Key * key,uint8_t * peerPubkey,uint32_t pubKeyLen,uint8_t * sharedSecret,uint32_t * sharedSecretLen)790 int32_t HITLS_CRYPT_EcdhCalcSharedSecret(HITLS_Lib_Ctx *libCtx, const char *attrName,
791 HITLS_CRYPT_Key *key, uint8_t *peerPubkey, uint32_t pubKeyLen,
792 uint8_t *sharedSecret, uint32_t *sharedSecretLen)
793 {
794 #ifdef HITLS_CRYPTO_PKEY
795 int32_t ret;
796 int32_t id = CRYPT_EAL_PkeyGetId(key);
797 CRYPT_EAL_PkeyCtx *peerPk = NULL;
798 peerPk = CRYPT_EAL_ProviderPkeyNewCtx(libCtx, id, CRYPT_EAL_PKEY_EXCH_OPERATE, attrName);
799 if (peerPk == NULL) {
800 return RETURN_ERROR_NUMBER_PROCESS(HITLS_CRYPT_ERR_CALC_SHARED_KEY, BINLOG_ID16678, "peerPk new fail");
801 }
802
803 if (id == CRYPT_PKEY_ECDH) {
804 CRYPT_PKEY_ParaId paraId = CRYPT_EAL_PkeyGetParaId(key);
805 if (paraId == CRYPT_PKEY_PARAID_MAX) {
806 ret = CRYPT_EAL_ERR_ALGID;
807 (void)RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16679, "paraId error");
808 goto EXIT;
809 }
810 ret = CRYPT_EAL_PkeySetParaById(peerPk, paraId);
811 if (ret != CRYPT_SUCCESS) {
812 (void)RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16680, "SetParaById fail");
813 goto EXIT;
814 }
815 }
816 BSL_Param param[2] = { {0}, BSL_PARAM_END };
817 (void)BSL_PARAM_InitValue(param, CRYPT_PARAM_PKEY_ENCODE_PUBKEY, BSL_PARAM_TYPE_OCTETS, peerPubkey, pubKeyLen);
818 ret = CRYPT_EAL_PkeySetPubEx(peerPk, param);
819 if (ret != CRYPT_SUCCESS) {
820 (void)RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16681, "SetPub fail");
821 goto EXIT;
822 }
823
824 ret = CRYPT_EAL_PkeyComputeShareKey(key, peerPk, sharedSecret, sharedSecretLen);
825 if (ret != CRYPT_SUCCESS) {
826 (void)RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16682, "ComputeShareKey fail");
827 }
828
829 EXIT:
830 CRYPT_EAL_PkeyFreeCtx(peerPk);
831 return ret;
832 #else // HITLS_CRYPTO_PKEY
833 (void)key;
834 (void)pubKeyLen;
835 (void)peerPubkey;
836 (void)sharedSecret;
837 (void)sharedSecretLen;
838 (void)libCtx;
839 (void)attrName;
840 return CRYPT_EAL_ALG_NOT_SUPPORT;
841 #endif
842 }
843
844 #ifdef HITLS_TLS_SUITE_KX_DHE
845
HITLS_CRYPT_GenerateDhKeyBySecbits(HITLS_Lib_Ctx * libCtx,const char * attrName,const HITLS_Config * tlsConfig,int32_t secBits)846 HITLS_CRYPT_Key *HITLS_CRYPT_GenerateDhKeyBySecbits(HITLS_Lib_Ctx *libCtx,
847 const char *attrName, const HITLS_Config *tlsConfig, int32_t secBits)
848 {
849 (void)tlsConfig;
850 CRYPT_PKEY_ParaId paraId = CRYPT_DH_RFC2409_1024;
851 if (secBits >= MIN_DH8192_SECBITS) {
852 paraId = CRYPT_DH_RFC3526_8192;
853 } else if (secBits >= MIN_DH4096_SECBITS) {
854 paraId = CRYPT_DH_RFC3526_4096;
855 } else if (secBits >= MIN_DH3072_SECBITS) {
856 paraId = CRYPT_DH_RFC3526_3072;
857 } else if (secBits >= MIN_DH2048_SECBITS) {
858 paraId = CRYPT_DH_RFC3526_2048;
859 }
860 return GeneratePkeyByParaId(libCtx, attrName, CRYPT_PKEY_DH, paraId, false);
861 }
862
HITLS_CRYPT_GenerateDhKeyByParameters(HITLS_Lib_Ctx * libCtx,const char * attrName,uint8_t * p,uint16_t pLen,uint8_t * g,uint16_t gLen)863 HITLS_CRYPT_Key *HITLS_CRYPT_GenerateDhKeyByParameters(HITLS_Lib_Ctx *libCtx,
864 const char *attrName, uint8_t *p, uint16_t pLen, uint8_t *g, uint16_t gLen)
865 {
866 #ifdef HITLS_CRYPTO_DH
867 CRYPT_EAL_PkeyCtx *pkey = NULL;
868 pkey = CRYPT_EAL_ProviderPkeyNewCtx(libCtx, CRYPT_PKEY_DH, CRYPT_EAL_PKEY_EXCH_OPERATE, attrName);
869 if (pkey == NULL) {
870 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16683, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
871 "PkeyNewCtx fail", 0, 0, 0, 0);
872 return NULL;
873 }
874
875 CRYPT_EAL_PkeyPara para = {0};
876 para.id = CRYPT_PKEY_DH;
877 para.para.dhPara.p = p;
878 para.para.dhPara.pLen = pLen;
879 para.para.dhPara.g = g;
880 para.para.dhPara.gLen = gLen;
881
882 int32_t ret = CRYPT_EAL_PkeySetPara(pkey, ¶);
883 if (ret != CRYPT_SUCCESS) {
884 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16684, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "SetPara fail", 0, 0, 0, 0);
885 CRYPT_EAL_PkeyFreeCtx(pkey);
886 return NULL;
887 }
888
889 ret = CRYPT_EAL_PkeyGen(pkey);
890 if (ret != CRYPT_SUCCESS) {
891 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16685, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "PkeyGen fail", 0, 0, 0, 0);
892 CRYPT_EAL_PkeyFreeCtx(pkey);
893 return NULL;
894 }
895
896 return pkey;
897 #else
898 (void)p;
899 (void)pLen;
900 (void)g;
901 (void)gLen;
902 (void)libCtx;
903 (void)attrName;
904 return NULL;
905 #endif
906 }
907
HITLS_CRYPT_GetDhParameters(HITLS_CRYPT_Key * key,uint8_t * p,uint16_t * pLen,uint8_t * g,uint16_t * gLen)908 int32_t HITLS_CRYPT_GetDhParameters(HITLS_CRYPT_Key *key, uint8_t *p, uint16_t *pLen, uint8_t *g, uint16_t *gLen)
909 {
910 #ifdef HITLS_CRYPTO_PKEY
911 int32_t ret;
912 uint8_t tmpP[MAX_PKEY_PARA_LEN] = {0};
913 uint8_t tmpQ[MAX_PKEY_PARA_LEN] = {0};
914 uint8_t tmpG[MAX_PKEY_PARA_LEN] = {0};
915
916 CRYPT_EAL_PkeyPara para = {0};
917 para.id = CRYPT_PKEY_DH;
918 para.para.dhPara.p = p;
919 para.para.dhPara.pLen = *pLen;
920 para.para.dhPara.q = tmpQ;
921 para.para.dhPara.qLen = sizeof(tmpQ);
922 para.para.dhPara.g = g;
923 para.para.dhPara.gLen = *gLen;
924
925 if (p == NULL) {
926 para.para.dhPara.p = tmpP;
927 para.para.dhPara.pLen = sizeof(tmpP);
928 }
929 if (g == NULL) {
930 para.para.dhPara.g = tmpG;
931 para.para.dhPara.gLen = sizeof(tmpG);
932 }
933
934 ret = CRYPT_EAL_PkeyGetPara(key, ¶);
935 if (ret != CRYPT_SUCCESS) {
936 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16686, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "GetPara fail", 0, 0, 0, 0);
937 return ret;
938 }
939
940 *pLen = (uint16_t)para.para.dhPara.pLen;
941 *gLen = (uint16_t)para.para.dhPara.gLen;
942 return HITLS_SUCCESS;
943 #else
944 (void)key;
945 (void)p;
946 (void)pLen;
947 (void)g;
948 (void)gLen;
949 return CRYPT_EAL_ALG_NOT_SUPPORT;
950 #endif
951 }
952
953
954 #endif /* HITLS_TLS_SUITE_KX_DHE */
955
HITLS_CRYPT_HkdfExtract(HITLS_Lib_Ctx * libCtx,const char * attrName,const HITLS_CRYPT_HkdfExtractInput * input,uint8_t * prk,uint32_t * prkLen)956 int32_t HITLS_CRYPT_HkdfExtract(HITLS_Lib_Ctx *libCtx,
957 const char *attrName, const HITLS_CRYPT_HkdfExtractInput *input, uint8_t *prk, uint32_t *prkLen)
958 {
959 #ifdef HITLS_CRYPTO_HKDF
960 int32_t ret;
961 uint32_t tmpLen = *prkLen;
962 CRYPT_MAC_AlgId id = GetHmacAlgId(input->hashAlgo);
963 if (id == CRYPT_MAC_MAX) {
964 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16687, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
965 "GetHmacAlgId fail", 0, 0, 0, 0);
966 return HITLS_CRYPT_ERR_HMAC;
967 }
968 CRYPT_EAL_KdfCTX *kdfCtx = NULL;
969 kdfCtx = CRYPT_EAL_ProviderKdfNewCtx(libCtx, CRYPT_KDF_HKDF, attrName);
970
971 if (kdfCtx == NULL) {
972 return HITLS_CRYPT_ERR_HKDF_EXTRACT;
973 }
974 CRYPT_HKDF_MODE mode = CRYPT_KDF_HKDF_MODE_EXTRACT;
975 BSL_Param params[6] = {{0}, {0}, {0}, {0}, {0}, BSL_PARAM_END};
976 (void)BSL_PARAM_InitValue(¶ms[0], CRYPT_PARAM_KDF_MAC_ID, BSL_PARAM_TYPE_UINT32, &id, sizeof(id));
977 (void)BSL_PARAM_InitValue(¶ms[1], CRYPT_PARAM_KDF_MODE, BSL_PARAM_TYPE_UINT32, &mode, sizeof(mode));
978 (void)BSL_PARAM_InitValue(¶ms[2], CRYPT_PARAM_KDF_KEY, BSL_PARAM_TYPE_OCTETS,
979 (void *)(uintptr_t)input->inputKeyMaterial, input->inputKeyMaterialLen);
980 (void)BSL_PARAM_InitValue(¶ms[3], CRYPT_PARAM_KDF_SALT, BSL_PARAM_TYPE_OCTETS,
981 (void *)(uintptr_t)input->salt, input->saltLen);
982 (void)BSL_PARAM_InitValue(¶ms[4], CRYPT_PARAM_KDF_EXLEN, BSL_PARAM_TYPE_UINT32_PTR, &tmpLen, sizeof(tmpLen));
983 ret = CRYPT_EAL_KdfSetParam(kdfCtx, params);
984 if (ret != CRYPT_SUCCESS) {
985 goto EXIT;
986 }
987
988 ret = CRYPT_EAL_KdfDerive(kdfCtx, prk, tmpLen);
989 if (ret != CRYPT_SUCCESS) {
990 goto EXIT;
991 }
992
993 *prkLen = tmpLen;
994 ret = HITLS_SUCCESS;
995 EXIT:
996 CRYPT_EAL_KdfFreeCtx(kdfCtx);
997 return ret;
998 #else
999 (void)input;
1000 (void)prk;
1001 (void)prkLen;
1002 (void)libCtx;
1003 (void)attrName;
1004 return CRYPT_EAL_ALG_NOT_SUPPORT;
1005 #endif
1006 }
1007
HITLS_CRYPT_HkdfExpand(HITLS_Lib_Ctx * libCtx,const char * attrName,const HITLS_CRYPT_HkdfExpandInput * input,uint8_t * okm,uint32_t okmLen)1008 int32_t HITLS_CRYPT_HkdfExpand(HITLS_Lib_Ctx *libCtx,
1009 const char *attrName, const HITLS_CRYPT_HkdfExpandInput *input, uint8_t *okm, uint32_t okmLen)
1010 {
1011 #ifdef HITLS_CRYPTO_HKDF
1012 int32_t ret;
1013 CRYPT_MAC_AlgId id = GetHmacAlgId(input->hashAlgo);
1014 if (id == CRYPT_MAC_MAX) {
1015 return HITLS_CRYPT_ERR_HMAC;
1016 }
1017 CRYPT_EAL_KdfCTX *kdfCtx = NULL;
1018 kdfCtx = CRYPT_EAL_ProviderKdfNewCtx(libCtx, CRYPT_KDF_HKDF, attrName);
1019 if (kdfCtx == NULL) {
1020 return HITLS_CRYPT_ERR_HKDF_EXPAND;
1021 }
1022 CRYPT_HKDF_MODE mode = CRYPT_KDF_HKDF_MODE_EXPAND;
1023 BSL_Param params[5] = {{0}, {0}, {0}, {0}, BSL_PARAM_END};
1024 (void)BSL_PARAM_InitValue(¶ms[0], CRYPT_PARAM_KDF_MAC_ID, BSL_PARAM_TYPE_UINT32, &id, sizeof(id));
1025 (void)BSL_PARAM_InitValue(¶ms[1], CRYPT_PARAM_KDF_MODE, BSL_PARAM_TYPE_UINT32, &mode, sizeof(mode));
1026 (void)BSL_PARAM_InitValue(¶ms[2], CRYPT_PARAM_KDF_PRK, BSL_PARAM_TYPE_OCTETS,
1027 (void *)(uintptr_t)input->prk, input->prkLen);
1028 (void)BSL_PARAM_InitValue(¶ms[3], CRYPT_PARAM_KDF_INFO, BSL_PARAM_TYPE_OCTETS,
1029 (void *)(uintptr_t)input->info, input->infoLen);
1030 ret = CRYPT_EAL_KdfSetParam(kdfCtx, params);
1031 if (ret != CRYPT_SUCCESS) {
1032 goto EXIT;
1033 }
1034 ret = CRYPT_EAL_KdfDerive(kdfCtx, okm, okmLen);
1035 EXIT:
1036 CRYPT_EAL_KdfFreeCtx(kdfCtx);
1037 return ret;
1038 #else
1039 (void)input;
1040 (void)okm;
1041 (void)okmLen;
1042 (void)libCtx;
1043 (void)attrName;
1044 return CRYPT_EAL_ALG_NOT_SUPPORT;
1045 #endif
1046 }
1047
1048 #ifdef HITLS_TLS_FEATURE_PROVIDER
HITLS_CRYPT_RandbytesEx(HITLS_Lib_Ctx * libCtx,uint8_t * bytes,uint32_t bytesLen)1049 int32_t HITLS_CRYPT_RandbytesEx(HITLS_Lib_Ctx *libCtx, uint8_t *bytes, uint32_t bytesLen)
1050 {
1051 return CRYPT_EAL_RandbytesEx(libCtx, bytes, bytesLen);
1052 }
1053 #endif /*HITLS_TLS_FEATURE_PROVIDER */
1054
HITLS_CRYPT_FreeKey(HITLS_CRYPT_Key * key)1055 void HITLS_CRYPT_FreeKey(HITLS_CRYPT_Key *key)
1056 {
1057 CRYPT_EAL_PkeyFreeCtx(key);
1058 }
1059
HITLS_CRYPT_DigestSize(HITLS_HashAlgo hashAlgo)1060 uint32_t HITLS_CRYPT_DigestSize(HITLS_HashAlgo hashAlgo)
1061 {
1062 #ifdef HITLS_CRYPTO_MD
1063 return CRYPT_EAL_MdGetDigestSize((CRYPT_MD_AlgId)hashAlgo);
1064 #else
1065 (void)hashAlgo;
1066 return 0;
1067 #endif
1068 }
1069
HITLS_CRYPT_DigestCopy(HITLS_HASH_Ctx * ctx)1070 HITLS_HASH_Ctx *HITLS_CRYPT_DigestCopy(HITLS_HASH_Ctx *ctx)
1071 {
1072 #ifdef HITLS_CRYPTO_MD
1073 return CRYPT_EAL_MdDupCtx(ctx);
1074 #else
1075 (void)ctx;
1076 return NULL;
1077 #endif
1078 }
1079
HITLS_CRYPT_DigestFree(HITLS_HASH_Ctx * ctx)1080 void HITLS_CRYPT_DigestFree(HITLS_HASH_Ctx *ctx)
1081 {
1082 #ifdef HITLS_CRYPTO_MD
1083 CRYPT_EAL_MdFreeCtx(ctx);
1084 #else
1085 (void)ctx;
1086 #endif
1087 return;
1088 }
1089
HITLS_CRYPT_DigestUpdate(HITLS_HASH_Ctx * ctx,const uint8_t * data,uint32_t len)1090 int32_t HITLS_CRYPT_DigestUpdate(HITLS_HASH_Ctx *ctx, const uint8_t *data, uint32_t len)
1091 {
1092 #ifdef HITLS_CRYPTO_MD
1093 return CRYPT_EAL_MdUpdate(ctx, data, len);
1094 #else
1095 (void)ctx;
1096 (void)data;
1097 (void)len;
1098 return CRYPT_EAL_ALG_NOT_SUPPORT;
1099 #endif
1100 }
1101
HITLS_CRYPT_DigestFinal(HITLS_HASH_Ctx * ctx,uint8_t * out,uint32_t * len)1102 int32_t HITLS_CRYPT_DigestFinal(HITLS_HASH_Ctx *ctx, uint8_t *out, uint32_t *len)
1103 {
1104 #ifdef HITLS_CRYPTO_MD
1105 return CRYPT_EAL_MdFinal(ctx, out, len);
1106 #else
1107 (void)ctx;
1108 (void)out;
1109 (void)len;
1110 return CRYPT_EAL_ALG_NOT_SUPPORT;
1111 #endif
1112 }
1113
1114
HITLS_CRYPT_CipherFree(HITLS_Cipher_Ctx * ctx)1115 void HITLS_CRYPT_CipherFree(HITLS_Cipher_Ctx *ctx)
1116 {
1117 CRYPT_EAL_CipherFreeCtx(ctx);
1118 }
1119
1120 #ifdef HITLS_TLS_CONFIG_MANUAL_DH
HITLS_CRYPT_DupKey(HITLS_CRYPT_Key * key)1121 HITLS_CRYPT_Key *HITLS_CRYPT_DupKey(HITLS_CRYPT_Key *key)
1122 {
1123 #ifdef HITLS_CRYPTO_PKEY
1124 return CRYPT_EAL_PkeyDupCtx(key);
1125 #else
1126 (void)key;
1127 return NULL;
1128 #endif
1129 }
1130 #endif /* HITLS_TLS_CONFIG_MANUAL_DH */
1131
HITLS_CRYPT_GetPubKey(HITLS_CRYPT_Key * key,uint8_t * pubKeyBuf,uint32_t bufLen,uint32_t * pubKeyLen)1132 int32_t HITLS_CRYPT_GetPubKey(HITLS_CRYPT_Key *key, uint8_t *pubKeyBuf, uint32_t bufLen, uint32_t *pubKeyLen)
1133 {
1134 #ifdef HITLS_CRYPTO_PKEY
1135 BSL_Param param[2] = { {0}, BSL_PARAM_END };
1136 (void)BSL_PARAM_InitValue(param, CRYPT_PARAM_PKEY_ENCODE_PUBKEY, BSL_PARAM_TYPE_OCTETS, pubKeyBuf, bufLen);
1137 int32_t ret = CRYPT_EAL_PkeyGetPubEx(key, param);
1138 if (ret != CRYPT_SUCCESS) {
1139 return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16664, "GetPub fail");
1140 }
1141 *pubKeyLen = param[0].useLen;
1142 return ret;
1143 #else
1144 (void)key;
1145 (void)pubKeyBuf;
1146 (void)bufLen;
1147 (void)pubKeyLen;
1148 return HITLS_CRYPT_ERR_ENCODE_ECDH_KEY;
1149 #endif
1150 }
1151
1152 #ifdef HITLS_TLS_FEATURE_KEM
HITLS_CRYPT_KemEncapsulate(HITLS_Lib_Ctx * libCtx,const char * attrName,const HITLS_Config * config,HITLS_KemEncapsulateParams * params)1153 int32_t HITLS_CRYPT_KemEncapsulate(HITLS_Lib_Ctx *libCtx, const char *attrName,
1154 const HITLS_Config *config, HITLS_KemEncapsulateParams *params)
1155 {
1156 const TLS_GroupInfo *groupInfo = ConfigGetGroupInfo(config, params->groupId);
1157 if (groupInfo == NULL) {
1158 return HITLS_INVALID_INPUT;
1159 }
1160 int32_t ret;
1161 CRYPT_EAL_PkeyCtx *pkey = NULL;
1162 pkey = CRYPT_EAL_ProviderPkeyNewCtx(libCtx, groupInfo->algId, CRYPT_EAL_PKEY_KEM_OPERATE, attrName);
1163 if (pkey == NULL) {
1164 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16658, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
1165 "PkeyNewCtx fail", 0, 0, 0, 0);
1166 return HITLS_CRYPT_ERR_KEM_ENCAPSULATE;
1167 }
1168
1169 if (groupInfo->paraId != CRYPT_PKEY_PARAID_MAX) {
1170 ret = CRYPT_EAL_PkeySetParaById(pkey, groupInfo->paraId);
1171 if (ret != CRYPT_SUCCESS) {
1172 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16659, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
1173 "PkeySetParaById fail", 0, 0, 0, 0);
1174 CRYPT_EAL_PkeyFreeCtx(pkey);
1175 return ret;
1176 }
1177 }
1178 BSL_Param param[2] = { {0}, BSL_PARAM_END };
1179 (void)BSL_PARAM_InitValue(param, CRYPT_PARAM_PKEY_ENCODE_PUBKEY, BSL_PARAM_TYPE_OCTETS, params->peerPubkey,
1180 params->pubKeyLen);
1181 ret = CRYPT_EAL_PkeySetPubEx(pkey, param);
1182 if (ret != CRYPT_SUCCESS) {
1183 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16660, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
1184 "PkeySetPub fail", 0, 0, 0, 0);
1185 CRYPT_EAL_PkeyFreeCtx(pkey);
1186 return ret;
1187 }
1188
1189 ret = CRYPT_EAL_PkeyEncaps(pkey, params->ciphertext, params->ciphertextLen, params->sharedSecret,
1190 params->sharedSecretLen);
1191 if (ret != CRYPT_SUCCESS) {
1192 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16661, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
1193 "PkeyEncaps fail", 0, 0, 0, 0);
1194 }
1195 CRYPT_EAL_PkeyFreeCtx(pkey);
1196 return ret;
1197 }
1198
HITLS_CRYPT_KemDecapsulate(HITLS_CRYPT_Key * key,const uint8_t * ciphertext,uint32_t ciphertextLen,uint8_t * sharedSecret,uint32_t * sharedSecretLen)1199 int32_t HITLS_CRYPT_KemDecapsulate(HITLS_CRYPT_Key *key, const uint8_t *ciphertext, uint32_t ciphertextLen,
1200 uint8_t *sharedSecret, uint32_t *sharedSecretLen)
1201 {
1202 return CRYPT_EAL_PkeyDecaps(key, (uint8_t *)(uintptr_t)ciphertext, ciphertextLen, sharedSecret, sharedSecretLen);
1203 }
1204 #endif /* HITLS_TLS_FEATURE_KEM */
1205
1206 #endif /* HITLS_TLS_CALLBACK_CRYPT || HITLS_TLS_FEATURE_PROVIDER */