1 /*
2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #include "hks_config.h"
20 #endif
21
22 #include "hks_core_service_three_stage.h"
23
24 #include <stdbool.h>
25 #include <stddef.h>
26 #include <stdint.h>
27
28 #include "hks_auth.h"
29 #include "hks_base_check.h"
30 #include "hks_check_paramset.h"
31 #include "hks_client_service_adapter_common.h"
32 #include "hks_cmd_id.h"
33 #include "hks_common_check.h"
34 #include "hks_core_service.h"
35 #include "hks_crypto_adapter.h"
36 #include "hks_crypto_hal.h"
37 #include "hks_keyblob.h"
38 #include "hks_log.h"
39 #include "hks_mem.h"
40 #include "hks_param.h"
41 #include "hks_template.h"
42 #include "securec.h"
43
44 #ifndef _CUT_AUTHENTICATE_
45 #define CURVE25519_KEY_BYTE_SIZE HKS_KEY_BYTES(HKS_CURVE25519_KEY_SIZE_256)
46
47 #ifdef HKS_SUPPORT_ED25519_TO_X25519
48
49 #endif
50 #define HKS_RSA_OAEP_DIGEST_NUM 2
51 #define HKS_SM2_C1_LEN_NUM 2
52 #define HKS_BLOCK_CIPHER_CBC_BLOCK_SIZE 16
53 #define HKS_TEMP_SIZE 32
54 #define MAX_BUF_SIZE (5 * 1024 * 1024)
55 #define HKS_AES_GCM_NONCE_LEN 12
56
CheckRsaCipherData(bool isEncrypt,uint32_t keyLen,struct HksUsageSpec * usageSpec,const struct HksBlob * outData)57 static int32_t CheckRsaCipherData(bool isEncrypt, uint32_t keyLen, struct HksUsageSpec *usageSpec,
58 const struct HksBlob *outData)
59 {
60 uint32_t keySize = keyLen / HKS_BITS_PER_BYTE;
61 uint32_t padding = usageSpec->padding;
62 uint32_t digest = usageSpec->digest;
63
64 if (padding == HKS_PADDING_NONE) {
65 if (outData->size < keySize) {
66 HKS_LOG_E("outData buffer too small size: %" LOG_PUBLIC "u, keySize: %" LOG_PUBLIC "u",
67 outData->size, keySize);
68 return HKS_ERROR_BUFFER_TOO_SMALL;
69 }
70 } else if (padding == HKS_PADDING_OAEP) {
71 uint32_t digestLen;
72 int32_t ret = HksGetDigestLen(digest, &digestLen);
73 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "GetDigestLen failed, ret = %" LOG_PUBLIC "x", ret)
74
75 if (keySize <= (HKS_RSA_OAEP_DIGEST_NUM * digestLen + HKS_RSA_OAEP_DIGEST_NUM)) {
76 return HKS_ERROR_INVALID_KEY_FILE;
77 }
78
79 uint32_t size = keySize - HKS_RSA_OAEP_DIGEST_NUM * digestLen - HKS_RSA_OAEP_DIGEST_NUM;
80 if (isEncrypt) {
81 if (outData->size < keySize) {
82 HKS_LOG_E("encrypt, outData buffer too small size: %" LOG_PUBLIC "u, keySize: %" LOG_PUBLIC "u",
83 outData->size, keySize);
84 return HKS_ERROR_BUFFER_TOO_SMALL;
85 }
86 } else {
87 if (outData->size < size) {
88 HKS_LOG_E("decrypt, outData buffer too small size: %" LOG_PUBLIC "u, keySize: %" LOG_PUBLIC "u",
89 outData->size, keySize);
90 return HKS_ERROR_BUFFER_TOO_SMALL;
91 }
92 }
93 }
94
95 return HKS_SUCCESS;
96 }
97
CheckSm2CipherData(bool isEncrypt,const struct HksUsageSpec * usageSpec,const struct HksBlob * inData,const struct HksBlob * outData)98 static int32_t CheckSm2CipherData(bool isEncrypt, const struct HksUsageSpec *usageSpec, const struct HksBlob *inData,
99 const struct HksBlob *outData)
100 {
101 if (!isEncrypt) {
102 return HKS_SUCCESS;
103 }
104 uint32_t digest = usageSpec->digest;
105 uint32_t digestLen;
106 int32_t ret = HksGetDigestLen(digest, &digestLen);
107 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "GetDigestLen failed, ret = %" LOG_PUBLIC "x", ret)
108 uint32_t lenC1 = HKS_SM2_C1_LEN_NUM * HKS_KEY_BYTES(HKS_SM2_KEY_SIZE_256) + 1;
109 uint32_t needLen = (lenC1 + digestLen + inData->size);
110
111 if (outData->size < needLen) {
112 HKS_LOG_E("encrypt, outData buffer too small size: %" LOG_PUBLIC "u, needLen: %"
113 LOG_PUBLIC "d", outData->size, needLen);
114 return HKS_ERROR_BUFFER_TOO_SMALL;
115 }
116 return HKS_SUCCESS;
117 }
118
CheckAesCipherAead(bool isEncrypt,const struct HksBlob * inData,const struct HksBlob * outData)119 static int32_t CheckAesCipherAead(bool isEncrypt, const struct HksBlob *inData,
120 const struct HksBlob *outData)
121 {
122 if (isEncrypt) {
123 if (outData->size < (inData->size + HKS_AE_TAG_LEN)) {
124 HKS_LOG_E("encrypt, out buffer too small size: %" LOG_PUBLIC "u, inSize: %" LOG_PUBLIC "u",
125 outData->size, inData->size);
126 return HKS_ERROR_BUFFER_TOO_SMALL;
127 }
128 } else {
129 if (outData->size < inData->size) {
130 HKS_LOG_E("decryptfinal, out buffer too small size: %" LOG_PUBLIC "u, inSize: %" LOG_PUBLIC "u",
131 outData->size, inData->size);
132 return HKS_ERROR_BUFFER_TOO_SMALL;
133 }
134 }
135 return HKS_SUCCESS;
136 }
137
CheckBlockCipherOther(bool isEncrypt,uint32_t padding,const struct HksBlob * inData,const struct HksBlob * outData)138 static int32_t CheckBlockCipherOther(bool isEncrypt, uint32_t padding, const struct HksBlob *inData,
139 const struct HksBlob *outData)
140 {
141 uint32_t paddingSize = 0;
142
143 if (isEncrypt) {
144 if (padding == HKS_PADDING_NONE) {
145 if (inData->size % HKS_BLOCK_CIPHER_CBC_BLOCK_SIZE != 0) {
146 HKS_LOG_E("encrypt cbc no-padding, invalid inSize: %" LOG_PUBLIC "u", inData->size);
147 return HKS_ERROR_INVALID_ARGUMENT;
148 }
149 } else {
150 paddingSize = HKS_BLOCK_CIPHER_CBC_BLOCK_SIZE - inData->size % HKS_BLOCK_CIPHER_CBC_BLOCK_SIZE;
151 if (inData->size > (UINT32_MAX - paddingSize)) {
152 HKS_LOG_E("encrypt, invalid inData size: %" LOG_PUBLIC "u", inData->size);
153 return HKS_ERROR_INVALID_ARGUMENT;
154 }
155 }
156 if (outData->size < (inData->size + paddingSize)) {
157 HKS_LOG_E("encrypt, outData buffer too small size: %" LOG_PUBLIC "u, need: %" LOG_PUBLIC "u",
158 outData->size, inData->size + paddingSize);
159 return HKS_ERROR_BUFFER_TOO_SMALL;
160 }
161 } else {
162 if (outData->size < inData->size) {
163 HKS_LOG_E("decrypt, outData buffer too small size: %" LOG_PUBLIC "u, inDataSize: %" LOG_PUBLIC "u",
164 outData->size, inData->size);
165 return HKS_ERROR_BUFFER_TOO_SMALL;
166 }
167 }
168
169 return HKS_SUCCESS;
170 }
171
CheckBlockCipherData(bool isEncrypt,const struct HksUsageSpec * usageSpec,const struct HksBlob * inData,const struct HksBlob * outData)172 static int32_t CheckBlockCipherData(bool isEncrypt, const struct HksUsageSpec *usageSpec,
173 const struct HksBlob *inData, const struct HksBlob *outData)
174 {
175 const uint32_t padding = usageSpec->padding;
176 const uint32_t mode = usageSpec->mode;
177 const uint32_t alg = usageSpec->algType;
178 int32_t ret = HKS_ERROR_NOT_SUPPORTED;
179 if (((alg == HKS_ALG_AES) || (alg == HKS_ALG_SM4)) &&
180 ((mode == HKS_MODE_CBC) || (mode == HKS_MODE_CTR) || (mode == HKS_MODE_ECB))) {
181 ret = CheckBlockCipherOther(isEncrypt, padding, inData, outData);
182 } else if ((alg == HKS_ALG_AES) && ((mode == HKS_MODE_GCM) || (mode == HKS_MODE_CCM))) {
183 ret = CheckAesCipherAead(isEncrypt, inData, outData);
184 }
185
186 return ret;
187 }
188
HksCheckFinishOutSize(bool isEncrypt,struct HksParamSet * paramSet,const struct HksBlob * inData,const struct HksBlob * outData)189 static int32_t HksCheckFinishOutSize(bool isEncrypt, struct HksParamSet *paramSet,
190 const struct HksBlob *inData, const struct HksBlob *outData)
191 {
192 struct HksUsageSpec usageSpec = {0};
193 HksFillUsageSpec(paramSet, &usageSpec);
194 struct HksKeySpec cipherSpec = {0};
195 HksFillKeySpec(paramSet, &cipherSpec);
196 uint32_t alg = usageSpec.algType;
197
198 switch (alg) {
199 case HKS_ALG_RSA:
200 return CheckRsaCipherData(isEncrypt, cipherSpec.keyLen, &usageSpec, outData);
201 case HKS_ALG_SM2:
202 return CheckSm2CipherData(isEncrypt, &usageSpec, inData, outData);
203 case HKS_ALG_AES:
204 return CheckBlockCipherData(isEncrypt, &usageSpec, inData, outData);
205 case HKS_ALG_SM4:
206 return CheckBlockCipherData(isEncrypt, &usageSpec, inData, outData);
207 default:
208 return HKS_ERROR_INVALID_ALGORITHM;
209 }
210 }
211
SignVerifyAuth(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet)212 static int32_t SignVerifyAuth(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet)
213 {
214 struct HksParam *algParam = NULL;
215 int32_t ret = HksGetParam(paramSet, HKS_TAG_ALGORITHM, &algParam);
216 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "append sign/verify get alg param failed!")
217
218 if (algParam->uint32Param == HKS_ALG_ECC || algParam->uint32Param == HKS_ALG_SM2 ||
219 algParam->uint32Param == HKS_ALG_DSA) {
220 return HksThreeStageAuth(HKS_AUTH_ID_SIGN_VERIFY_ECC, keyNode);
221 } else if (algParam->uint32Param == HKS_ALG_RSA) {
222 struct HksParam *padding = NULL;
223 ret = HksGetParam(paramSet, HKS_TAG_PADDING, &padding);
224 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "append sign/verify get padding param failed!")
225 if (padding->uint32Param == HKS_PADDING_PSS) {
226 ret = HksCheckParamsetOneAndPatamsetTwoExist(keyNode->keyBlobParamSet, keyNode->runtimeParamSet,
227 HKS_TAG_RSA_PSS_SALT_LEN_TYPE);
228 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckParamsetOneAndPatamsetTwoExist failed!")
229 }
230 return HksThreeStageAuth(HKS_AUTH_ID_SIGN_VERIFY_RSA, keyNode);
231 } else if (algParam->uint32Param == HKS_ALG_ED25519) {
232 return HksThreeStageAuth(HKS_AUTH_ID_SIGN_VERIFY_ED25519, keyNode);
233 }
234 return HKS_ERROR_INVALID_ALGORITHM;
235 }
236
AgreeAuth(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet)237 static int32_t AgreeAuth(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet)
238 {
239 struct HksParam *algParam = NULL;
240 int32_t ret = HksGetParam(paramSet, HKS_TAG_ALGORITHM, &algParam);
241 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "append agree get alg param failed!")
242
243 if (algParam->uint32Param == HKS_ALG_ECDH || algParam->uint32Param == HKS_ALG_X25519 ||
244 algParam->uint32Param == HKS_ALG_DH || algParam->uint32Param == HKS_ALG_SM2) {
245 return HksThreeStageAuth(HKS_AUTH_ID_AGREE, keyNode);
246 }
247 return HKS_ERROR_INVALID_ALGORITHM;
248 }
249
HmacAuth(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet)250 static int32_t HmacAuth(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet)
251 {
252 struct HksParam *algParam = NULL;
253 int32_t ret = HksGetParam(paramSet, HKS_TAG_ALGORITHM, &algParam);
254 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "append hmac get alg param failed!")
255
256 if (algParam->uint32Param == HKS_ALG_HMAC) {
257 return HksThreeStageAuth(HKS_AUTH_ID_MAC_HMAC, keyNode);
258 } else if (algParam->uint32Param == HKS_ALG_SM3) {
259 return HksThreeStageAuth(HKS_AUTH_ID_MAC_SM3, keyNode);
260 }
261 return HKS_ERROR_INVALID_ALGORITHM;
262 }
263
CipherAuth(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet)264 static int32_t CipherAuth(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet)
265 {
266 struct HksParam *algParam = NULL;
267 int32_t ret = HksGetParam(paramSet, HKS_TAG_ALGORITHM, &algParam);
268 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "append cipher get alg param failed!")
269
270 if (algParam->uint32Param == HKS_ALG_AES) {
271 return HksThreeStageAuth(HKS_AUTH_ID_SYM_CIPHER, keyNode);
272 } else if ((algParam->uint32Param == HKS_ALG_RSA) || (algParam->uint32Param == HKS_ALG_SM2)) {
273 return HksThreeStageAuth(HKS_AUTH_ID_ASYM_CIPHER, keyNode);
274 } else if (algParam->uint32Param == HKS_ALG_SM4) {
275 return HksThreeStageAuth(HKS_AUTH_ID_SYM_CIPHER, keyNode);
276 }
277 return HKS_ERROR_INVALID_ALGORITHM;
278 }
279
GetCryptoCtx(const struct HuksKeyNode * keyNode)280 static void *GetCryptoCtx(const struct HuksKeyNode *keyNode)
281 {
282 struct HksParam *ctxParam = NULL;
283 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
284
285 return (ret != HKS_SUCCESS || ctxParam == NULL) ? NULL : (void *)(uintptr_t)ctxParam->uint64Param;
286 }
287
ClearCryptoCtx(const struct HuksKeyNode * keyNode)288 static void ClearCryptoCtx(const struct HuksKeyNode *keyNode)
289 {
290 struct HksParam *ctxParam = NULL;
291 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
292 if (ret != HKS_SUCCESS || ctxParam == NULL) {
293 return;
294 }
295
296 ctxParam->uint64Param = (uint64_t)(uintptr_t)NULL;
297 return;
298 }
299
SetCacheModeCtx(const struct HuksKeyNode * keyNode)300 static int32_t SetCacheModeCtx(const struct HuksKeyNode *keyNode)
301 {
302 struct HksParam *ctxParam = NULL;
303 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
304 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "get ctx from keyNode failed!")
305
306 struct HksBlob *tempData = (struct HksBlob *)HksMalloc(sizeof(struct HksBlob));
307 HKS_IF_NULL_LOGE_RETURN(tempData, HKS_ERROR_MALLOC_FAIL, "get cache mode ctx malloc fail.")
308
309 tempData->size = 0;
310 tempData->data = NULL;
311 ctxParam->uint64Param = (uint64_t)(uintptr_t)tempData;
312 return HKS_SUCCESS;
313 }
314
CopyNewCachedData(const struct HksBlob * cachedBlob,const struct HksBlob * inData,uint8_t * newData,uint32_t newSize)315 static int32_t CopyNewCachedData(const struct HksBlob *cachedBlob, const struct HksBlob *inData,
316 uint8_t *newData, uint32_t newSize)
317 {
318 if (cachedBlob->size != 0) {
319 if (memcpy_s(newData, newSize, cachedBlob->data, cachedBlob->size) != EOK) {
320 HKS_LOG_E("memcpy cached data failed");
321 return HKS_ERROR_INSUFFICIENT_MEMORY;
322 }
323 }
324 if (inData->size != 0) {
325 if (memcpy_s(newData + cachedBlob->size, newSize - cachedBlob->size, inData->data, inData->size) != EOK) {
326 HKS_LOG_E("memcpy in data failed");
327 return HKS_ERROR_INSUFFICIENT_MEMORY;
328 }
329 }
330 return HKS_SUCCESS;
331 }
332
GetNewCachedData(const struct HksBlob * cachedBlob,const struct HksBlob * inData,struct HksBlob * newBlob)333 static int32_t GetNewCachedData(const struct HksBlob *cachedBlob, const struct HksBlob *inData,
334 struct HksBlob *newBlob)
335 {
336 if ((cachedBlob->size > MAX_BUF_SIZE) || (inData->size > (MAX_BUF_SIZE - cachedBlob->size))) {
337 HKS_LOG_E("input data size too large, size = %" LOG_PUBLIC "u", inData->size);
338 return HKS_ERROR_INVALID_ARGUMENT;
339 }
340
341 uint32_t newSize = cachedBlob->size + inData->size;
342 uint8_t *newData = (uint8_t *)HksMalloc(newSize);
343 HKS_IF_NULL_LOGE_RETURN(newData, HKS_ERROR_MALLOC_FAIL, "update cache data malloc fail.")
344
345 int32_t ret = CopyNewCachedData(cachedBlob, inData, newData, newSize);
346 if (ret != HKS_SUCCESS) {
347 HKS_FREE(newData);
348 return ret;
349 }
350
351 newBlob->data = newData;
352 newBlob->size = newSize;
353 return HKS_SUCCESS;
354 }
355
UpdateCachedData(const struct HuksKeyNode * keyNode,const struct HksBlob * srcData)356 static int32_t UpdateCachedData(const struct HuksKeyNode *keyNode, const struct HksBlob *srcData)
357 {
358 struct HksParam *ctxParam = NULL;
359 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
360 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "get ctx from keyNode failed!")
361
362 void *ctx = (void *)(uintptr_t)ctxParam->uint64Param;
363 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_BAD_STATE, "ctx is invalid: null!")
364
365 struct HksBlob *cachedData = (struct HksBlob *)ctx;
366 struct HksBlob *newCachedBlob = (struct HksBlob *)HksMalloc(sizeof(struct HksBlob));
367 HKS_IF_NULL_LOGE_RETURN(newCachedBlob, HKS_ERROR_MALLOC_FAIL, "malloc new blob failed")
368
369 ret = GetNewCachedData(cachedData, srcData, newCachedBlob);
370 if (ret != HKS_SUCCESS) {
371 HKS_LOG_E("get new cached data failed, ret = %" LOG_PUBLIC "d", ret);
372 HKS_FREE(newCachedBlob);
373 return ret;
374 }
375
376 HKS_FREE(cachedData->data);
377 HKS_FREE(cachedData);
378 ctxParam->uint64Param = (uint64_t)(uintptr_t)newCachedBlob;
379 return HKS_SUCCESS;
380 }
381
FreeCachedData(struct HksBlob ** cachedData)382 static void FreeCachedData(struct HksBlob **cachedData)
383 {
384 if ((cachedData == NULL) || (*cachedData == NULL)) {
385 return;
386 }
387 if ((*cachedData)->data != NULL) {
388 (void)memset_s((*cachedData)->data, (*cachedData)->size, 0, (*cachedData)->size);
389 HKS_FREE((*cachedData)->data);
390 }
391 HKS_FREE(*cachedData);
392 }
393
FinishCachedData(const struct HuksKeyNode * keyNode,const struct HksBlob * srcData,struct HksBlob * outData)394 static int32_t FinishCachedData(const struct HuksKeyNode *keyNode, const struct HksBlob *srcData,
395 struct HksBlob *outData)
396 {
397 struct HksParam *ctxParam = NULL;
398 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
399 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "get ctx from keyNode failed!")
400
401 void *ctx = (void *)(uintptr_t)ctxParam->uint64Param;
402 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_BAD_STATE, "ctx is invalid: null!")
403
404 struct HksBlob *cachedData = (struct HksBlob *)ctx;
405 ret = GetNewCachedData(cachedData, srcData, outData);
406 HKS_IF_NOT_SUCC_LOGE(ret, "get new cached data failed, ret = %" LOG_PUBLIC "d", ret)
407
408 FreeCachedData(&cachedData);
409 ctxParam->uint64Param = 0; /* clear ctx to NULL */
410 return ret;
411 }
412
CoreHashInit(const struct HuksKeyNode * keyNode,uint32_t alg)413 static int32_t CoreHashInit(const struct HuksKeyNode *keyNode, uint32_t alg)
414 {
415 struct HksParam *ctxParam = NULL;
416 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
417 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "get ctx from keyNode failed!")
418
419 void *ctx = NULL;
420
421 ret = HksCryptoHalHashInit(alg, &ctx);
422 if (ret != HKS_SUCCESS) {
423 HKS_LOG_E("hal hash init failed ret : %" LOG_PUBLIC "d", ret);
424 return ret;
425 }
426 ctxParam->uint64Param = (uint64_t)(uintptr_t)ctx;
427 return HKS_SUCCESS;
428 }
429
CoreHashUpdate(const struct HuksKeyNode * keyNode,const struct HksBlob * srcData)430 static int32_t CoreHashUpdate(const struct HuksKeyNode *keyNode, const struct HksBlob *srcData)
431 {
432 void *ctx = GetCryptoCtx(keyNode);
433 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_BAD_STATE, "ctx is invalid: null!")
434
435 int32_t ret = HksCryptoHalHashUpdate(srcData, ctx);
436 HKS_IF_NOT_SUCC_LOGE(ret, "hal hash update failed ret : %" LOG_PUBLIC "d", ret)
437
438 return ret;
439 }
440
CoreHashFinish(const struct HuksKeyNode * keyNode,const struct HksBlob * srcData,struct HksBlob * outData)441 static int32_t CoreHashFinish(const struct HuksKeyNode *keyNode, const struct HksBlob *srcData,
442 struct HksBlob *outData)
443 {
444 struct HksParam *ctxParam = NULL;
445 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
446 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "get ctx from keyNode failed!")
447
448 void *ctx = (void *)(uintptr_t)ctxParam->uint64Param;
449 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_BAD_STATE, "ctx is invalid: null!")
450
451 outData->size = MAX_HASH_SIZE;
452 outData->data = (uint8_t *)HksMalloc(MAX_HASH_SIZE);
453 HKS_IF_NULL_LOGE_RETURN(outData->data, HKS_ERROR_MALLOC_FAIL, "malloc fail.")
454
455 ret = HksCryptoHalHashFinal(srcData, &ctx, outData);
456 if (ret != HKS_SUCCESS) {
457 HKS_LOG_E("hal hash final failed ret : %" LOG_PUBLIC "d", ret);
458 HKS_FREE_BLOB(*outData);
459 }
460
461 ctxParam->uint64Param = 0; /* clear ctx to NULL */
462 return ret;
463 }
464
CheckSignVerifyParams(const struct HuksKeyNode * keyNode,const struct HksBlob * outData)465 static int32_t CheckSignVerifyParams(const struct HuksKeyNode *keyNode, const struct HksBlob *outData)
466 {
467 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckBlob(outData), HKS_ERROR_INVALID_ARGUMENT, "invalid outData")
468
469 struct HksParam *tmpParam = NULL;
470 int32_t ret = HksGetParam(keyNode->keyBlobParamSet, HKS_TAG_ALGORITHM, &tmpParam);
471 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get alg from keyNode failed!")
472
473 uint32_t alg = tmpParam->uint32Param;
474
475 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_PURPOSE, &tmpParam);
476 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get purpoes from keyNode failed!")
477
478 uint32_t purpose = tmpParam->uint32Param;
479
480 ret = HksGetParam(keyNode->keyBlobParamSet, HKS_TAG_KEY_SIZE, &tmpParam);
481 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get key size from keyNode failed!")
482
483 uint32_t keySize = tmpParam->uint32Param;
484
485 ret = HksCheckSignature((purpose == HKS_KEY_PURPOSE_SIGN) ? HKS_CMD_ID_SIGN : HKS_CMD_ID_VERIFY,
486 alg, keySize, outData);
487 HKS_IF_NOT_SUCC_LOGE(ret, "check signature failed!")
488
489 return ret;
490 }
491
CoreSignVerify(const struct HuksKeyNode * keyNode,const struct HksBlob * inData,struct HksBlob * outData)492 static int32_t CoreSignVerify(const struct HuksKeyNode *keyNode, const struct HksBlob *inData,
493 struct HksBlob *outData)
494 {
495 int32_t ret = CheckSignVerifyParams(keyNode, outData);
496 HKS_IF_NOT_SUCC_RETURN(ret, ret)
497
498 struct HksBlob rawKey = { 0, NULL };
499 ret = HksGetRawKey(keyNode->keyBlobParamSet, &rawKey);
500 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "SignVerify get raw key failed!")
501
502 struct HksUsageSpec usageSpec;
503 (void)memset_s(&usageSpec, sizeof(struct HksUsageSpec), 0, sizeof(struct HksUsageSpec));
504 HksFillUsageSpec(keyNode->runtimeParamSet, &usageSpec);
505 SetRsaPssSaltLenType(keyNode->runtimeParamSet, &usageSpec);
506
507 if (usageSpec.purpose == HKS_KEY_PURPOSE_SIGN) {
508 ret = HksCryptoHalSign(&rawKey, &usageSpec, inData, outData);
509 } else {
510 ret = HksCryptoHalVerify(&rawKey, &usageSpec, inData, outData);
511 }
512 HKS_IF_NOT_SUCC_LOGE(ret, "SignVerify Finish failed, purpose = 0x%" LOG_PUBLIC "x, ret = %" LOG_PUBLIC "d",
513 usageSpec.purpose, ret)
514
515 (void)memset_s(rawKey.data, rawKey.size, 0, rawKey.size);
516 HKS_FREE(rawKey.data);
517 return ret;
518 }
519
FreeSignVerifyCtx(const struct HuksKeyNode * keyNode)520 static void FreeSignVerifyCtx(const struct HuksKeyNode *keyNode)
521 {
522 struct HksParam *ctxParam = NULL;
523 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
524 if (ret != HKS_SUCCESS) {
525 HKS_LOG_E("get ctx from keyNode failed!");
526 return;
527 }
528 void *ctx = (void *)(uintptr_t)ctxParam->uint64Param;
529 if (ctx == NULL) {
530 return;
531 }
532
533 struct HksParam *algParam = NULL;
534 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_ALGORITHM, &algParam);
535 if (ret != HKS_SUCCESS) {
536 HKS_LOG_E("append cipher get alg param failed!");
537 return;
538 }
539 struct HksParam *digestParam = NULL;
540 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_DIGEST, &digestParam);
541 if (ret != HKS_SUCCESS) {
542 HKS_LOG_E("append cipher get digest param failed!");
543 return;
544 }
545 if (HksCheckNeedCache(algParam->uint32Param, digestParam->uint32Param) == HKS_SUCCESS) {
546 struct HksBlob *cachedData = (struct HksBlob *)ctx;
547 FreeCachedData(&cachedData);
548 } else {
549 HksCryptoHalHashFreeCtx(&ctx);
550 }
551
552 ctxParam->uint64Param = 0; /* clear ctx to NULL */
553 }
554
CheckWhetherUpdateAesGcmNonce(struct HksParamSet ** runtimeParamSet,const struct HksParamSet * keyBlobParamSet,bool * needRegenerateNonce)555 static int32_t CheckWhetherUpdateAesGcmNonce(struct HksParamSet **runtimeParamSet,
556 const struct HksParamSet *keyBlobParamSet, bool *needRegenerateNonce)
557 {
558 struct HksParam *modeParam = NULL;
559 int32_t ret = HksGetParam(*runtimeParamSet, HKS_TAG_BLOCK_MODE, &modeParam);
560 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get mode param failed!")
561 struct HksParam *algParam = NULL;
562 ret = HksGetParam(*runtimeParamSet, HKS_TAG_ALGORITHM, &algParam);
563 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get alg param failed!")
564 struct HksParam *purposeParam = NULL;
565 ret = HksGetParam(*runtimeParamSet, HKS_TAG_PURPOSE, &purposeParam);
566 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get purpose param failed!")
567 if (algParam->uint32Param != HKS_ALG_AES || modeParam->uint32Param != HKS_MODE_GCM ||
568 purposeParam->uint32Param != HKS_KEY_PURPOSE_ENCRYPT) {
569 *needRegenerateNonce = false;
570 return HKS_SUCCESS;
571 }
572
573 struct HksParam *authPurposeParam = NULL;
574 int32_t ret1 = HksGetParam(keyBlobParamSet, HKS_TAG_KEY_AUTH_PURPOSE, &authPurposeParam);
575 struct HksParam *nonceParam = NULL;
576 int32_t ret2 = HksGetParam(*runtimeParamSet, HKS_TAG_NONCE, &nonceParam);
577 if (ret1 == HKS_SUCCESS && ret2 == HKS_SUCCESS) {
578 HKS_LOG_E("do not support pass access control and nonce params together");
579 return HKS_ERROR_NOT_SUPPORTED;
580 }
581 if (ret1 != HKS_SUCCESS && ret2 == HKS_SUCCESS) {
582 *needRegenerateNonce = false;
583 return HKS_SUCCESS;
584 }
585 *needRegenerateNonce = true;
586 return HKS_SUCCESS;
587 }
588
AddNonceToParamSet(struct HksParamSet ** runtimeParamSet,struct HksParam * nonceParams,uint32_t paramsCnt)589 static int32_t AddNonceToParamSet(struct HksParamSet **runtimeParamSet, struct HksParam *nonceParams,
590 uint32_t paramsCnt)
591 {
592 struct HksParamSet *paramSet = NULL;
593 int32_t ret = HksInitParamSet(¶mSet);
594 if (ret != HKS_SUCCESS) {
595 HKS_LOG_E("init keyNode param set fail");
596 return ret;
597 }
598 for (uint32_t i = 0; i < (*runtimeParamSet)->paramsCnt; ++i) {
599 if ((*runtimeParamSet)->params[i].tag != HKS_TAG_NONCE) {
600 ret = HksAddParams(paramSet, &(*runtimeParamSet)->params[i], 1);
601 if (ret != HKS_SUCCESS) {
602 HksFreeParamSet(¶mSet);
603 HKS_LOG_E("add runtime params fail");
604 return ret;
605 }
606 }
607 }
608 ret = HksAddParams(paramSet, nonceParams, paramsCnt);
609 if (ret != HKS_SUCCESS) {
610 HksFreeParamSet(¶mSet);
611 HKS_LOG_E("add nonceParams fail");
612 return ret;
613 }
614 ret = HksBuildParamSet(¶mSet);
615 if (ret != HKS_SUCCESS) {
616 HksFreeParamSet(¶mSet);
617 HKS_LOG_E("build paramSet fail");
618 return ret;
619 }
620 HksFreeParamSet(runtimeParamSet);
621 *runtimeParamSet = paramSet;
622
623 return HKS_SUCCESS;
624 }
625
UpdateAesGcmNonce(struct HksParamSet ** runtimeParamSet,const struct HksParamSet * keyBlobParamSet)626 static int32_t UpdateAesGcmNonce(struct HksParamSet **runtimeParamSet, const struct HksParamSet *keyBlobParamSet)
627 {
628 bool needRegenerateNonce = false;
629 int32_t ret = CheckWhetherUpdateAesGcmNonce(runtimeParamSet, keyBlobParamSet, &needRegenerateNonce);
630 if (ret != HKS_SUCCESS) {
631 return ret;
632 }
633 if (needRegenerateNonce == false) {
634 return ret;
635 }
636
637 struct HksParam params[] = {
638 {
639 .tag = HKS_TAG_NONCE,
640 .blob.data = HksMalloc(HKS_AES_GCM_NONCE_LEN),
641 .blob.size = HKS_AES_GCM_NONCE_LEN
642 }, {
643 .tag = HKS_TAG_AES_GCM_NEED_REGENERATE_NONCE,
644 .boolParam = true
645 },
646 };
647 HKS_IF_NULL_LOGE_RETURN(params[0].blob.data, HKS_ERROR_MALLOC_FAIL, "malloc nonce param set failed!")
648 ret = HksCryptoHalFillRandom(¶ms[0].blob);
649 if (ret != HKS_SUCCESS) {
650 HKS_FREE(params[0].blob.data);
651 HKS_LOG_E("get random failed");
652 return ret;
653 }
654
655 ret = AddNonceToParamSet(runtimeParamSet, params, HKS_ARRAY_SIZE(params));
656 HKS_FREE(params[0].blob.data);
657 if (ret != HKS_SUCCESS) {
658 HKS_LOG_E("add nonce failed");
659 return ret;
660 }
661 return HKS_SUCCESS;
662 }
663
CoreCipherInit(const struct HuksKeyNode * keyNode)664 static int32_t CoreCipherInit(const struct HuksKeyNode *keyNode)
665 {
666 int32_t ret = UpdateAesGcmNonce((struct HksParamSet **)(unsigned long)&keyNode->runtimeParamSet,
667 keyNode->keyBlobParamSet);
668 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "update aes gcm nonce failed")
669
670 struct HksParam *ctxParam = NULL;
671 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
672 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "get ctx from keyNode failed!")
673
674 struct HksParam *purposeParam = NULL;
675 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_PURPOSE, &purposeParam);
676 HKS_IF_NOT_SUCC_RETURN(ret, HKS_ERROR_CHECK_GET_PURPOSE_FAIL)
677
678 struct HksBlob rawKey = { 0, NULL };
679 struct HksUsageSpec *usageSpec = NULL;
680 do {
681 uint8_t tmpData[HKS_TEMP_SIZE] = {0};
682 struct HksBlob tmpInData = { HKS_TEMP_SIZE, tmpData };
683 bool isEncrypt = (purposeParam->uint32Param == HKS_KEY_PURPOSE_ENCRYPT) ? true : false;
684 ret = HksBuildCipherUsageSpec(keyNode->runtimeParamSet, isEncrypt, &tmpInData, &usageSpec);
685 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "build cipher usage failed")
686
687 ret = HksGetRawKey(keyNode->keyBlobParamSet, &rawKey);
688 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "cipher get raw key failed")
689
690 void *ctx = NULL;
691 if (purposeParam->uint32Param == HKS_KEY_PURPOSE_ENCRYPT) {
692 ret = HksCryptoHalEncryptInit(&rawKey, usageSpec, &ctx);
693 } else {
694 ret = HksCryptoHalDecryptInit(&rawKey, usageSpec, &ctx);
695 }
696 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "cipher ctx init failed, ret = %" LOG_PUBLIC "d", ret)
697 ctxParam->uint64Param = (uint64_t)(uintptr_t)ctx;
698 } while (0);
699
700 if (rawKey.data != NULL) {
701 (void)memset_s(rawKey.data, rawKey.size, 0, rawKey.size);
702 }
703 HKS_FREE(rawKey.data);
704 HksFreeUsageSpec(&usageSpec);
705 return ret;
706 }
707
CoreCipherUpdate(const struct HuksKeyNode * keyNode,const struct HksBlob * inData,struct HksBlob * outData,uint32_t alg)708 static int32_t CoreCipherUpdate(const struct HuksKeyNode *keyNode, const struct HksBlob *inData,
709 struct HksBlob *outData, uint32_t alg)
710 {
711 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckBlob(outData), HKS_ERROR_INVALID_ARGUMENT, "invalid outData")
712
713 if (outData->size < inData->size) {
714 HKS_LOG_E("cipher update, out buffer too small size: %" LOG_PUBLIC "u, inSize: %" LOG_PUBLIC "u",
715 outData->size, inData->size);
716 return HKS_ERROR_BUFFER_TOO_SMALL;
717 }
718
719 void *ctx = GetCryptoCtx(keyNode);
720 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_NULL_POINTER, "ctx is invalid: null!")
721
722 struct HksParam *purposeParam = NULL;
723 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_PURPOSE, &purposeParam);
724 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "append cipher get purpose param failed!")
725
726 if (purposeParam->uint32Param == HKS_KEY_PURPOSE_ENCRYPT) {
727 ret = HksCryptoHalEncryptUpdate(inData, ctx, outData, alg);
728 } else {
729 ret = HksCryptoHalDecryptUpdate(inData, ctx, outData, alg);
730 }
731 HKS_IF_NOT_SUCC_LOGE(ret, "cipher update failed! ret : %" LOG_PUBLIC "d", ret)
732 return ret;
733 }
734
AppendNonceWhenNeeded(const struct HuksKeyNode * keyNode,const struct HksBlob * inData,struct HksBlob * outData,struct HksBlob tag)735 static int32_t AppendNonceWhenNeeded(const struct HuksKeyNode *keyNode,
736 const struct HksBlob *inData, struct HksBlob *outData, struct HksBlob tag)
737 {
738 struct HksParam *needAppendNonce = NULL;
739 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_AES_GCM_NEED_REGENERATE_NONCE, &needAppendNonce);
740 if (ret != HKS_SUCCESS) {
741 return HKS_SUCCESS;
742 }
743 if (needAppendNonce->boolParam != true) {
744 HKS_LOG_E("need regenerate nonce value invalid!");
745 return HKS_ERROR_INVALID_ARGUMENT;
746 }
747 struct HksParam *nonceParam = NULL;
748 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_NONCE, &nonceParam);
749 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_NONCE_FAIL, "append cipher get nonce param failed!")
750 if (nonceParam->blob.size != HKS_AES_GCM_NONCE_LEN) {
751 HKS_LOG_E("nonce size invalid!");
752 return HKS_ERROR_INVALID_ARGUMENT;
753 }
754 if (memcpy_s(outData->data + inData->size + tag.size, HKS_AES_GCM_NONCE_LEN,
755 nonceParam->blob.data, nonceParam->blob.size) != EOK) {
756 HKS_LOG_E("memcpy cached data failed");
757 return HKS_ERROR_INSUFFICIENT_MEMORY;
758 }
759 outData->size += nonceParam->blob.size;
760 return HKS_SUCCESS;
761 }
762
CoreAesEncryptFinish(const struct HuksKeyNode * keyNode,const struct HksBlob * inData,struct HksBlob * outData,uint32_t alg)763 static int32_t CoreAesEncryptFinish(const struct HuksKeyNode *keyNode,
764 const struct HksBlob *inData, struct HksBlob *outData, uint32_t alg)
765 {
766 struct HksBlob tag = { 0, NULL };
767 int32_t ret = HksGetEncryptAeTag(keyNode->runtimeParamSet, inData, outData, &tag);
768 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "cipher encrypt get ae tag failed!")
769
770 ret = HksCheckFinishOutSize(true, keyNode->runtimeParamSet, inData, outData);
771 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "aes encrypt finish check data size failed")
772
773 struct HksParam *ctxParam = NULL;
774 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
775 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get ctx from keyNode failed!")
776
777 void *ctx = (void *)(uintptr_t)ctxParam->uint64Param;
778 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_NULL_POINTER, "ctx is invalid: null!")
779
780 struct HksParam *needAppendNonce = NULL;
781 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_AES_GCM_NEED_REGENERATE_NONCE, &needAppendNonce);
782 if (ret == HKS_SUCCESS && needAppendNonce->boolParam == true) {
783 if (outData->size < (inData->size + HKS_AE_TAG_LEN + HKS_AES_GCM_NONCE_LEN)) {
784 HKS_LOG_E("too small out buf!");
785 return HKS_ERROR_INVALID_ARGUMENT;
786 }
787 }
788
789 ret = HksCryptoHalEncryptFinal(inData, &ctx, outData, &tag, alg);
790 ctxParam->uint64Param = 0; /* clear ctx to NULL */
791 if (ret != HKS_SUCCESS) {
792 HKS_LOG_E("aes encrypt Finish failed! ret : %" LOG_PUBLIC "d", ret);
793 return ret;
794 }
795
796 ret = AppendNonceWhenNeeded(keyNode, inData, outData, tag);
797 if (ret != HKS_SUCCESS) {
798 HKS_LOG_E("appned nonce failed!");
799 return ret;
800 }
801
802 outData->size += tag.size;
803 return HKS_SUCCESS;
804 }
805
CoreAesDecryptFinish(const struct HuksKeyNode * keyNode,const struct HksBlob * inData,struct HksBlob * outData,uint32_t alg)806 static int32_t CoreAesDecryptFinish(const struct HuksKeyNode *keyNode,
807 const struct HksBlob *inData, struct HksBlob *outData, uint32_t alg)
808 {
809 bool isAes = false;
810 bool isAeMode = false;
811 int32_t ret = HksCheckAesAeMode(keyNode->runtimeParamSet, &isAes, &isAeMode);
812 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get aeMode failed!")
813
814 struct HksBlob tag = { 0, NULL };
815 if (isAes && isAeMode) {
816 struct HksParam *tagParam = NULL;
817 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_AE_TAG, &tagParam);
818 if (ret != HKS_SUCCESS || tagParam == NULL) {
819 HKS_LOG_E("get tag failed!");
820 return ret;
821 }
822 tag = tagParam->blob;
823 }
824
825 ret = HksCheckFinishOutSize(false, keyNode->runtimeParamSet, inData, outData);
826 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "aes decrypt finish check data size failed")
827
828 struct HksParam *ctxParam = NULL;
829 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
830 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get ctx from keyNode failed!")
831
832 void *ctx = (void *)(uintptr_t)ctxParam->uint64Param;
833 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_NULL_POINTER, "ctx is invalid: null!")
834
835 ret = HksCryptoHalDecryptFinal(inData, &ctx, outData, &tag, alg);
836 HKS_IF_NOT_SUCC_LOGE(ret, "cipher DecryptFinish failed! ret : %" LOG_PUBLIC "d", ret)
837
838 ctxParam->uint64Param = 0; /* clear ctx to NULL */
839 return ret;
840 }
841
842
CoreSm4EncryptFinish(const struct HuksKeyNode * keyNode,const struct HksBlob * inData,struct HksBlob * outData,uint32_t alg)843 static int32_t CoreSm4EncryptFinish(const struct HuksKeyNode *keyNode,
844 const struct HksBlob *inData, struct HksBlob *outData, uint32_t alg)
845 {
846 int32_t ret = HksCheckFinishOutSize(true, keyNode->runtimeParamSet, inData, outData);
847 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "aes encrypt finish check data size failed")
848
849 struct HksParam *ctxParam = NULL;
850 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
851 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get ctx from keyNode failed!")
852
853 void *ctx = (void *)(uintptr_t)ctxParam->uint64Param;
854 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_NULL_POINTER, "ctx is invalid: null!")
855
856 ret = HksCryptoHalEncryptFinal(inData, &ctx, outData, NULL, alg);
857 if (ret != HKS_SUCCESS) {
858 HKS_LOG_E("aes encrypt Finish failed! ret : %" LOG_PUBLIC "d", ret);
859 ctxParam->uint64Param = 0; /* clear ctx to NULL */
860 return ret;
861 }
862
863 ctxParam->uint64Param = 0; /* clear ctx to NULL */
864 return HKS_SUCCESS;
865 }
866
CoreSm4DecryptFinish(const struct HuksKeyNode * keyNode,const struct HksBlob * inData,struct HksBlob * outData,uint32_t alg)867 static int32_t CoreSm4DecryptFinish(const struct HuksKeyNode *keyNode,
868 const struct HksBlob *inData, struct HksBlob *outData, uint32_t alg)
869 {
870 int32_t ret = HksCheckFinishOutSize(false, keyNode->runtimeParamSet, inData, outData);
871 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "sm4 decrypt finish check data size failed")
872
873 struct HksParam *ctxParam = NULL;
874 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
875 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get ctx from keyNode failed!")
876
877 void *ctx = (void *)(uintptr_t)ctxParam->uint64Param;
878 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_NULL_POINTER, "ctx is invalid: null!")
879
880 ret = HksCryptoHalDecryptFinal(inData, &ctx, outData, NULL, alg);
881 HKS_IF_NOT_SUCC_LOGE(ret, "cipher DecryptFinish failed! ret : %" LOG_PUBLIC "d", ret)
882
883 ctxParam->uint64Param = 0; /* clear ctx to NULL */
884 return ret;
885 }
886
RsaCipherFinish(const struct HuksKeyNode * keyNode,const struct HksBlob * inData,struct HksBlob * outData)887 static int32_t RsaCipherFinish(const struct HuksKeyNode *keyNode, const struct HksBlob *inData,
888 struct HksBlob *outData)
889 {
890 HKS_LOG_E("rsa inData.size = %" LOG_PUBLIC "u", inData->size);
891 struct HksBlob rawKey = { 0, NULL };
892 int32_t ret = HksGetRawKey(keyNode->keyBlobParamSet, &rawKey);
893 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "SignVerify get raw key failed!")
894
895 struct HksUsageSpec usageSpec;
896 (void)memset_s(&usageSpec, sizeof(struct HksUsageSpec), 0, sizeof(struct HksUsageSpec));
897 HksFillUsageSpec(keyNode->runtimeParamSet, &usageSpec);
898
899 bool isEncrypt = (usageSpec.purpose == HKS_KEY_PURPOSE_ENCRYPT);
900 ret = HksCheckFinishOutSize(isEncrypt, keyNode->runtimeParamSet, inData, outData);
901 if (ret != HKS_SUCCESS) {
902 HKS_LOG_E("rsa cipher finish check data size failed");
903 (void)memset_s(rawKey.data, rawKey.size, 0, rawKey.size);
904 HKS_FREE(rawKey.data);
905 return ret;
906 }
907
908 if (usageSpec.purpose == HKS_KEY_PURPOSE_ENCRYPT) {
909 struct HksBlob tag = { 0, NULL };
910 ret = HksCryptoHalEncrypt(&rawKey, &usageSpec, inData, outData, &tag);
911 } else {
912 ret = HksCryptoHalDecrypt(&rawKey, &usageSpec, inData, outData);
913 }
914 HKS_IF_NOT_SUCC_LOGE(ret, "rsa cipher Finish failed, purpose = 0x%" LOG_PUBLIC "x, ret = %" LOG_PUBLIC "d",
915 usageSpec.purpose, ret)
916
917 (void)memset_s(rawKey.data, rawKey.size, 0, rawKey.size);
918 HKS_FREE(rawKey.data);
919 return ret;
920 }
921
Sm2CipherFinish(const struct HuksKeyNode * keyNode,const struct HksBlob * inData,struct HksBlob * outData)922 static int32_t Sm2CipherFinish(const struct HuksKeyNode *keyNode, const struct HksBlob *inData,
923 struct HksBlob *outData)
924 {
925 HKS_LOG_I("sm2 CipherFinish, inData.size = %" LOG_PUBLIC "u", inData->size);
926 struct HksBlob rawKey = { 0, NULL };
927 int32_t ret = HksGetRawKey(keyNode->keyBlobParamSet, &rawKey);
928 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "SignVerify get raw key failed!")
929
930 struct HksUsageSpec usageSpec = {0};
931 HksFillUsageSpec(keyNode->runtimeParamSet, &usageSpec);
932
933 bool isEncrypt = (usageSpec.purpose == HKS_KEY_PURPOSE_ENCRYPT);
934 ret = HksCheckFinishOutSize(isEncrypt, keyNode->runtimeParamSet, inData, outData);
935 if (ret != HKS_SUCCESS) {
936 HKS_LOG_E("sm2 cipher finish check data size failed");
937 (void)memset_s(rawKey.data, rawKey.size, 0, rawKey.size);
938 HKS_FREE(rawKey.data);
939 return ret;
940 }
941
942 if (usageSpec.purpose == HKS_KEY_PURPOSE_ENCRYPT) {
943 struct HksBlob tag = { 0, NULL };
944 ret = HksCryptoHalEncrypt(&rawKey, &usageSpec, inData, outData, &tag);
945 } else {
946 ret = HksCryptoHalDecrypt(&rawKey, &usageSpec, inData, outData);
947 }
948 HKS_IF_NOT_SUCC_LOGE(ret, "sm2 cipher Finish failed, purpose = 0x%" LOG_PUBLIC "x, ret = %" LOG_PUBLIC "d",
949 usageSpec.purpose, ret)
950
951 (void)memset_s(rawKey.data, rawKey.size, 0, rawKey.size);
952 HKS_FREE(rawKey.data);
953 return ret;
954 }
955
CoreRsaCipherFinish(const struct HuksKeyNode * keyNode,const struct HksBlob * inData,struct HksBlob * outData)956 static int32_t CoreRsaCipherFinish(const struct HuksKeyNode *keyNode, const struct HksBlob *inData,
957 struct HksBlob *outData)
958 {
959 struct HksBlob tempInData = { 0, NULL };
960 int32_t ret = FinishCachedData(keyNode, inData, &tempInData);
961 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get rsa cipher cached data failed")
962
963 ret = RsaCipherFinish(keyNode, &tempInData, outData);
964 HKS_FREE_BLOB(tempInData);
965 return ret;
966 }
967
CoreSm2CipherFinish(const struct HuksKeyNode * keyNode,const struct HksBlob * inData,struct HksBlob * outData)968 static int32_t CoreSm2CipherFinish(const struct HuksKeyNode *keyNode, const struct HksBlob *inData,
969 struct HksBlob *outData)
970 {
971 struct HksBlob tempInData = { 0, NULL };
972 int32_t ret = FinishCachedData(keyNode, inData, &tempInData);
973 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get sm2 cipher cached data failed")
974
975 ret = Sm2CipherFinish(keyNode, &tempInData, outData);
976 HKS_FREE_BLOB(tempInData);
977 return ret;
978 }
979
FreeCryptoCtx(const struct HuksKeyNode * keyNode,uint32_t alg)980 static void FreeCryptoCtx(const struct HuksKeyNode *keyNode, uint32_t alg)
981 {
982 struct HksParam *ctxParam = NULL;
983 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
984 if (ret != HKS_SUCCESS) {
985 HKS_LOG_E("get ctx from keyNode failed!");
986 return;
987 }
988 void *ctx = (void *)(uintptr_t)ctxParam->uint64Param;
989 if (ctx == NULL) {
990 return;
991 }
992
993 if (alg == HKS_ALG_AES || alg == HKS_ALG_SM4) {
994 HksCryptoHalEncryptFreeCtx(&ctx, alg);
995 } else {
996 struct HksBlob *cachedData = (struct HksBlob *)ctx;
997 FreeCachedData(&cachedData);
998 }
999 ctxParam->uint64Param = 0; /* clear ctx to NULL */
1000 }
1001
GetRawkey(const struct HuksKeyNode * keyNode,struct HksBlob * rawKey)1002 static int32_t GetRawkey(const struct HuksKeyNode *keyNode, struct HksBlob *rawKey)
1003 {
1004 if (GetCryptoCtx(keyNode) != NULL) {
1005 HKS_LOG_E("avoid running into this function multiple times!");
1006 return HKS_FAILURE;
1007 }
1008
1009 int32_t ret = HksThreeStageAuth(HKS_AUTH_ID_DERIVE, keyNode);
1010 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "derive auth failed!")
1011
1012 ret = HksGetRawKey(keyNode->keyBlobParamSet, rawKey);
1013 HKS_IF_NOT_SUCC_LOGE(ret, "Derive get raw key failed!")
1014
1015 return ret;
1016 }
1017
FreeOutBlob(struct HksBlob ** out)1018 static void FreeOutBlob(struct HksBlob **out)
1019 {
1020 if ((out == NULL) || (*out == NULL)) {
1021 return;
1022 }
1023 HKS_FREE((*out)->data);
1024 HKS_FREE(*out);
1025 }
1026
ConstructDervieBlob(const struct HksParamSet * paramSet,struct HksBlob ** out)1027 static int32_t ConstructDervieBlob(const struct HksParamSet *paramSet, struct HksBlob **out)
1028 {
1029 struct HksParam *deriveSizeParam = NULL;
1030 int32_t ret = HksGetParam(paramSet, HKS_TAG_DERIVE_KEY_SIZE, &deriveSizeParam);
1031 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_ARGUMENT, "get derive size failed, ret = %" LOG_PUBLIC "d", ret)
1032
1033 uint32_t deriveSize = deriveSizeParam->uint32Param;
1034 if ((deriveSize == 0) || (deriveSize > MAX_OUT_BLOB_SIZE)) {
1035 HKS_LOG_E("derive size invalid, size = %" LOG_PUBLIC "u", deriveSize);
1036 return HKS_ERROR_INVALID_ARGUMENT;
1037 }
1038
1039 struct HksBlob *tempOut = (struct HksBlob *)HksMalloc(sizeof(struct HksBlob));
1040 HKS_IF_NULL_LOGE_RETURN(tempOut, HKS_ERROR_MALLOC_FAIL, "construct derive blob malloc failed")
1041
1042 tempOut->data = (uint8_t *)HksMalloc(deriveSize);
1043 if (tempOut->data == NULL) {
1044 HKS_FREE(tempOut);
1045 HKS_LOG_E("malloc out derive blob data failed.");
1046 return HKS_ERROR_MALLOC_FAIL;
1047 }
1048 tempOut->size = deriveSize;
1049 *out = tempOut;
1050 return HKS_SUCCESS;
1051 }
1052
ConstructAgreeBlob(struct HksBlob ** agreeOut)1053 static int32_t ConstructAgreeBlob(struct HksBlob **agreeOut)
1054 {
1055 struct HksBlob *agreeTemp = (struct HksBlob *)HksMalloc(sizeof(struct HksBlob));
1056 HKS_IF_NULL_LOGE_RETURN(agreeTemp, HKS_ERROR_MALLOC_FAIL, "malloc agreeTemp failed.")
1057
1058 agreeTemp->size = MAX_KEY_SIZE;
1059 agreeTemp->data = (uint8_t *)HksMalloc(MAX_KEY_SIZE);
1060 if (agreeTemp->data == NULL) {
1061 HKS_LOG_E("malloc agreeTemp data failed.");
1062 HKS_FREE(agreeTemp);
1063 return HKS_ERROR_MALLOC_FAIL;
1064 }
1065 *agreeOut = agreeTemp;
1066 return HKS_SUCCESS;
1067 }
1068
1069
HksCoreSignVerifyThreeStageInit(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,uint32_t alg)1070 int32_t HksCoreSignVerifyThreeStageInit(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1071 uint32_t alg)
1072 {
1073 (void)paramSet;
1074 int32_t ret = SignVerifyAuth(keyNode, keyNode->runtimeParamSet);
1075 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCoreSignVerifyThreeStageInit SignAuth fail ret : %" LOG_PUBLIC "d", ret)
1076
1077 struct HksParam *algParam = NULL;
1078 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_ALGORITHM, &algParam);
1079 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_ALG_FAIL,
1080 "get param get 0x%" LOG_PUBLIC "x failed", HKS_TAG_ALGORITHM)
1081
1082 uint32_t digest = alg; // In signature or verify scenario, alg represents digest. See code {GetPurposeAndAlgorithm}
1083 HKS_LOG_I("Init cache or hash init.");
1084 if (HksCheckNeedCache(algParam->uint32Param, digest) == HKS_SUCCESS) {
1085 return SetCacheModeCtx(keyNode);
1086 } else {
1087 return CoreHashInit(keyNode, alg);
1088 }
1089 }
1090
HksCoreSignVerifyThreeStageUpdate(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,const struct HksBlob * srcData,struct HksBlob * signature,uint32_t alg)1091 int32_t HksCoreSignVerifyThreeStageUpdate(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1092 const struct HksBlob *srcData, struct HksBlob *signature, uint32_t alg)
1093 {
1094 (void)signature;
1095 (void)alg;
1096 (void)paramSet;
1097
1098 struct HksParam *algParam = NULL;
1099 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_ALGORITHM, &algParam);
1100 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_ALG_FAIL,
1101 "get param get 0x%" LOG_PUBLIC "x failed", HKS_TAG_ALGORITHM)
1102
1103 uint32_t digest = alg; // In signature or verify scenario, alg represents digest. See code {GetPurposeAndAlgorithm}
1104 HKS_LOG_I("Update cache or hash update.");
1105 if (HksCheckNeedCache(algParam->uint32Param, digest) == HKS_SUCCESS) {
1106 return UpdateCachedData(keyNode, srcData);
1107 } else {
1108 return CoreHashUpdate(keyNode, srcData);
1109 }
1110 }
1111
HksCoreSignVerifyThreeStageFinish(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData,uint32_t alg)1112 int32_t HksCoreSignVerifyThreeStageFinish(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1113 const struct HksBlob *inData, struct HksBlob *outData, uint32_t alg)
1114 {
1115 (void)paramSet;
1116 (void)alg;
1117
1118 struct HksBlob message = { 0, NULL };
1119 struct HksParam *purposeParam = NULL;
1120 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_PURPOSE, &purposeParam);
1121 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_PURPOSE_FAIL,
1122 "get param get 0x%" LOG_PUBLIC "x failed", HKS_TAG_PURPOSE)
1123
1124 if (purposeParam->uint32Param == HKS_KEY_PURPOSE_SIGN) { /* inData indicates signature when processing verify */
1125 message.data = inData->data;
1126 message.size = inData->size;
1127 }
1128
1129 struct HksParam *algParam = NULL;
1130 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_ALGORITHM, &algParam);
1131 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_ALG_FAIL,
1132 "get param get 0x%" LOG_PUBLIC "x failed", HKS_TAG_ALGORITHM)
1133
1134 uint32_t digest = alg; // In signature or verify scenario, alg represents digest. See code {GetPurposeAndAlgorithm}
1135
1136 struct HksBlob signVerifyData = { 0, NULL };
1137 if (HksCheckNeedCache(algParam->uint32Param, digest) == HKS_SUCCESS) {
1138 ret = FinishCachedData(keyNode, &message, &signVerifyData);
1139 } else {
1140 ret = CoreHashFinish(keyNode, &message, &signVerifyData);
1141 }
1142 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "signVerify Finish get Data failed, ret = %" LOG_PUBLIC "d", ret)
1143
1144 /* inData indicates signature when processing verify */
1145 ret = CoreSignVerify(keyNode, &signVerifyData,
1146 (purposeParam->uint32Param == HKS_KEY_PURPOSE_SIGN) ? outData : (struct HksBlob *)inData);
1147 HKS_FREE_BLOB(signVerifyData);
1148 return ret;
1149 }
1150
HksCoreSignVerifyThreeStageAbort(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,uint32_t alg)1151 int32_t HksCoreSignVerifyThreeStageAbort(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1152 uint32_t alg)
1153 {
1154 (void)paramSet;
1155 (void)alg;
1156
1157 FreeSignVerifyCtx(keyNode);
1158 return HKS_SUCCESS;
1159 }
1160
HksCoreCryptoThreeStageInit(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,uint32_t alg)1161 int32_t HksCoreCryptoThreeStageInit(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1162 uint32_t alg)
1163 {
1164 (void)alg;
1165
1166 int32_t ret = CipherAuth(keyNode, paramSet);
1167 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "cipher init failed, ret = %" LOG_PUBLIC "d", ret)
1168
1169 struct HksParam *algParam = NULL;
1170 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_ALGORITHM, &algParam);
1171 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_ALG_FAIL,
1172 "get param get 0x%" LOG_PUBLIC "x failed", HKS_TAG_ALGORITHM)
1173
1174 HKS_LOG_I("Init cache or cipher init.");
1175
1176 if ((algParam->uint32Param == HKS_ALG_RSA) || (algParam->uint32Param == HKS_ALG_SM2)) {
1177 return SetCacheModeCtx(keyNode);
1178 } else if (algParam->uint32Param == HKS_ALG_AES) {
1179 return CoreCipherInit(keyNode);
1180 } else if (algParam->uint32Param == HKS_ALG_SM4) {
1181 return CoreCipherInit(keyNode);
1182 } else {
1183 return HKS_ERROR_INVALID_ALGORITHM;
1184 }
1185 }
1186
HksCoreCryptoThreeStageUpdate(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData,uint32_t alg)1187 int32_t HksCoreCryptoThreeStageUpdate(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1188 const struct HksBlob *inData, struct HksBlob *outData, uint32_t alg)
1189 {
1190 (void)paramSet;
1191 struct HksParam *algParam = NULL;
1192 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_ALGORITHM, &algParam);
1193 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_ALG_FAIL,
1194 "get param get 0x%" LOG_PUBLIC "x failed", HKS_TAG_ALGORITHM)
1195
1196 if ((algParam->uint32Param == HKS_ALG_RSA) || (algParam->uint32Param == HKS_ALG_SM2)) {
1197 return UpdateCachedData(keyNode, inData);
1198 } else if (algParam->uint32Param == HKS_ALG_AES) {
1199 return CoreCipherUpdate(keyNode, inData, outData, alg);
1200 } else if (algParam->uint32Param == HKS_ALG_SM4) {
1201 return CoreCipherUpdate(keyNode, inData, outData, alg);
1202 } else {
1203 return HKS_ERROR_INVALID_ALGORITHM;
1204 }
1205 }
1206
HksCoreEncryptThreeStageFinish(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData,uint32_t alg)1207 int32_t HksCoreEncryptThreeStageFinish(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1208 const struct HksBlob *inData, struct HksBlob *outData, uint32_t alg)
1209 {
1210 (void)paramSet;
1211 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckBlob(outData), HKS_ERROR_INVALID_ARGUMENT, "invalid outData")
1212
1213 struct HksParam *algParam = NULL;
1214 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_ALGORITHM, &algParam);
1215 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_ALG_FAIL,
1216 "get param get 0x%" LOG_PUBLIC "x failed", HKS_TAG_ALGORITHM)
1217
1218 if (algParam->uint32Param == HKS_ALG_RSA) {
1219 return CoreRsaCipherFinish(keyNode, inData, outData);
1220 } else if (algParam->uint32Param == HKS_ALG_SM2) {
1221 return CoreSm2CipherFinish(keyNode, inData, outData);
1222 } else if (algParam->uint32Param == HKS_ALG_AES) {
1223 return CoreAesEncryptFinish(keyNode, inData, outData, alg);
1224 } else if (algParam->uint32Param == HKS_ALG_SM4) {
1225 return CoreSm4EncryptFinish(keyNode, inData, outData, alg);
1226 } else {
1227 return HKS_ERROR_INVALID_ALGORITHM;
1228 }
1229 }
1230
HksCoreDecryptThreeStageFinish(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData,uint32_t alg)1231 int32_t HksCoreDecryptThreeStageFinish(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1232 const struct HksBlob *inData, struct HksBlob *outData, uint32_t alg)
1233 {
1234 (void)paramSet;
1235 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckBlob(outData), HKS_ERROR_INVALID_ARGUMENT, "invalid outData")
1236
1237 struct HksParam *algParam = NULL;
1238 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_ALGORITHM, &algParam);
1239 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_ALG_FAIL,
1240 "get param get 0x%" LOG_PUBLIC "x failed", HKS_TAG_ALGORITHM)
1241
1242 if (algParam->uint32Param == HKS_ALG_RSA) {
1243 return CoreRsaCipherFinish(keyNode, inData, outData);
1244 } else if (algParam->uint32Param == HKS_ALG_SM2) {
1245 return CoreSm2CipherFinish(keyNode, inData, outData);
1246 } else if (algParam->uint32Param == HKS_ALG_AES) {
1247 return CoreAesDecryptFinish(keyNode, inData, outData, alg);
1248 } else if (algParam->uint32Param == HKS_ALG_SM4) {
1249 return CoreSm4DecryptFinish(keyNode, inData, outData, alg);
1250 } else {
1251 return HKS_ERROR_INVALID_ALGORITHM;
1252 }
1253 }
1254
HksCoreCryptoThreeStageAbort(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,uint32_t alg)1255 int32_t HksCoreCryptoThreeStageAbort(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1256 uint32_t alg)
1257 {
1258 (void)paramSet;
1259 FreeCryptoCtx(keyNode, alg);
1260 return HKS_SUCCESS;
1261 }
1262
HksCoreDeriveThreeStageInit(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,uint32_t alg)1263 int32_t HksCoreDeriveThreeStageInit(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1264 uint32_t alg)
1265 {
1266 (void)keyNode;
1267 (void)paramSet;
1268 (void)alg;
1269
1270 HKS_LOG_D("HksCoreDeriveThreeStageInit start");
1271 return HKS_SUCCESS;
1272 }
1273
HksCoreDeriveThreeStageUpdate(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,const struct HksBlob * srcData,struct HksBlob * derive,uint32_t alg)1274 int32_t HksCoreDeriveThreeStageUpdate(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1275 const struct HksBlob *srcData, struct HksBlob *derive, uint32_t alg)
1276 {
1277 (void)srcData;
1278 (void)alg;
1279 (void)derive;
1280 (void)paramSet;
1281 struct HksParam *ctxParam = NULL;
1282 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
1283 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "get ctx from keyNode failed!")
1284
1285 struct HksBlob rawKey = { 0, NULL };
1286 do {
1287 ret = GetRawkey(keyNode, &rawKey);
1288 HKS_IF_NOT_SUCC_BREAK(ret)
1289
1290 struct HksBlob *deriveBlob = NULL;
1291 ret = ConstructDervieBlob(keyNode->runtimeParamSet, &deriveBlob);
1292 HKS_IF_NOT_SUCC_BREAK(ret)
1293
1294 struct HksKeyDerivationParam derParam = { { 0, NULL }, { 0, NULL }, 0, 0 };
1295 struct HksKeySpec derivationSpec = { 0, 0, &derParam };
1296 HksFillKeySpec(keyNode->runtimeParamSet, &derivationSpec);
1297 HksFillKeyDerivationParam(keyNode->runtimeParamSet, &derParam);
1298
1299 ret = HksCryptoHalDeriveKey(&rawKey, &derivationSpec, deriveBlob);
1300 if (ret != HKS_SUCCESS) {
1301 HKS_LOG_E("HksCryptoHalDeriveKey fail");
1302 FreeOutBlob(&deriveBlob);
1303 break;
1304 }
1305
1306 ctxParam->uint64Param = (uint64_t)(uintptr_t)deriveBlob;
1307 } while (0);
1308
1309 if (rawKey.data != NULL) {
1310 (void)memset_s(rawKey.data, rawKey.size, 0, rawKey.size);
1311 }
1312 HKS_FREE(rawKey.data);
1313
1314 return ret;
1315 }
1316
DoBuildKeyBlobOrGetOutDataAction(const struct HksParamSet * paramSet,const struct HksBlob * restoreData,struct HksBlob * outData,uint8_t keyFlag,bool isNeedStorage)1317 static int32_t DoBuildKeyBlobOrGetOutDataAction(const struct HksParamSet *paramSet, const struct HksBlob *restoreData,
1318 struct HksBlob *outData, uint8_t keyFlag, bool isNeedStorage)
1319 {
1320 if (isNeedStorage) {
1321 return HksBuildKeyBlob(NULL, keyFlag, restoreData, paramSet, outData);
1322 }
1323 if (outData->size < restoreData->size) {
1324 HKS_LOG_E("outData size is too small, size : %" LOG_PUBLIC "u", outData->size);
1325 return HKS_ERROR_BUFFER_TOO_SMALL;
1326 }
1327 outData->size = restoreData->size;
1328 (void)memcpy_s(outData->data, outData->size, restoreData->data, outData->size);
1329 return HKS_SUCCESS;
1330 }
1331
BuildAgreeDeriveKeyBlobOrGetOutData(const struct HksParamSet * paramSet,const struct HksBlob * restoreData,struct HksBlob * outData,uint8_t keyFlag,const struct HuksKeyNode * keyNode)1332 static int32_t BuildAgreeDeriveKeyBlobOrGetOutData(const struct HksParamSet *paramSet,
1333 const struct HksBlob *restoreData, struct HksBlob *outData, uint8_t keyFlag, const struct HuksKeyNode *keyNode)
1334 {
1335 bool isNeedStorageOrExported = false;
1336 struct HksParam *keyStorageFlagParam = NULL;
1337 uint32_t storageFlag = 0;
1338 int32_t ret = HksGetParam(keyNode->keyBlobParamSet, HKS_TAG_DERIVE_AGREE_KEY_STORAGE_FLAG, &keyStorageFlagParam);
1339 if (ret == HKS_ERROR_INVALID_ARGUMENT) {
1340 return ret;
1341 }
1342 if (ret == HKS_SUCCESS) {
1343 storageFlag = keyStorageFlagParam->uint32Param;
1344 } else {
1345 isNeedStorageOrExported = true;
1346 }
1347
1348 bool isNeedStorage = false;
1349 HksCheckKeyNeedStored(paramSet, &isNeedStorage);
1350
1351 if (isNeedStorage) {
1352 // the paramset is only used when the key needs be stored
1353 ret = HksCoreCheckAgreeDeriveFinishParams(restoreData, paramSet);
1354 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check agree finish key paramset failed!")
1355 }
1356
1357 if (isNeedStorageOrExported) {
1358 // Whether the derived/agreed key needs to be stored was not specified when generating the key
1359 HKS_LOG_D("default mode of storage");
1360 return DoBuildKeyBlobOrGetOutDataAction(paramSet, restoreData, outData, keyFlag, isNeedStorage);
1361 }
1362 if ((storageFlag == HKS_STORAGE_ONLY_USED_IN_HUKS) == isNeedStorage) {
1363 HKS_LOG_D("need store flag: %" LOG_PUBLIC "d", storageFlag);
1364 ret = DoBuildKeyBlobOrGetOutDataAction(paramSet, restoreData, outData, keyFlag, isNeedStorage);
1365 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "DoBuildKeyBlobOrGetOutDataAction failed!")
1366 } else {
1367 HKS_LOG_E("store flags do not match: genKey flag is %" LOG_PUBLIC "d, use flag is %" LOG_PUBLIC "d",
1368 (storageFlag == HKS_STORAGE_ONLY_USED_IN_HUKS), isNeedStorage);
1369 ret = HKS_ERROR_BAD_STATE;
1370 }
1371 return ret;
1372 }
1373
HksCoreDeriveThreeStageFinish(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData,uint32_t alg)1374 int32_t HksCoreDeriveThreeStageFinish(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1375 const struct HksBlob *inData, struct HksBlob *outData, uint32_t alg)
1376 {
1377 HKS_LOG_D("HksCoreDeriveThreeStageFinish start");
1378 (void)inData;
1379 (void)alg;
1380 int32_t ret = CheckBlob(outData);
1381 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_ARGUMENT, "invalid outData")
1382
1383 void *ctx = GetCryptoCtx(keyNode);
1384 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_NULL_POINTER, "ctx is NULL!")
1385
1386 struct HksBlob *restoreData = (struct HksBlob *)ctx;
1387
1388 ret = BuildAgreeDeriveKeyBlobOrGetOutData(paramSet, restoreData, outData, HKS_KEY_FLAG_DERIVE_KEY, keyNode);
1389
1390 FreeCachedData(&restoreData);
1391 ClearCryptoCtx(keyNode);
1392 return ret;
1393 }
1394
HksCoreDeriveThreeStageAbort(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,uint32_t alg)1395 int32_t HksCoreDeriveThreeStageAbort(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1396 uint32_t alg)
1397 {
1398 (void)paramSet;
1399 (void)alg;
1400
1401 void *ctx = GetCryptoCtx(keyNode);
1402 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_NULL_POINTER, "ctx is NULL!")
1403
1404 struct HksBlob *restoreData = (struct HksBlob *)ctx;
1405
1406 FreeCachedData(&restoreData);
1407 ClearCryptoCtx(keyNode);
1408 return HKS_SUCCESS;
1409 }
1410
HksCoreAgreeThreeStageInit(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,uint32_t alg)1411 int32_t HksCoreAgreeThreeStageInit(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1412 uint32_t alg)
1413 {
1414 (void)keyNode;
1415 (void)paramSet;
1416 (void)alg;
1417
1418 int32_t ret = AgreeAuth(keyNode, keyNode->runtimeParamSet);
1419 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCoreAgreeThreeStageInit AgreeAuth fail ret : %" LOG_PUBLIC "d", ret)
1420
1421 return HKS_SUCCESS;
1422 }
1423
HksCoreAgreeThreeStageUpdate(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,const struct HksBlob * srcData,struct HksBlob * signature,uint32_t alg)1424 int32_t HksCoreAgreeThreeStageUpdate(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1425 const struct HksBlob *srcData, struct HksBlob *signature, uint32_t alg)
1426 {
1427 (void)signature;
1428 (void)paramSet;
1429 (void)alg;
1430
1431 struct HksParam *ctxParam = NULL;
1432 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
1433 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "get ctx from keyNode failed!")
1434
1435 if (ctxParam->uint64Param != 0) {
1436 HKS_LOG_E("avoid running into this function multiple times!");
1437 return HKS_FAILURE;
1438 }
1439
1440 struct HksBlob rawKey = { 0, NULL };
1441 struct HksBlob publicKey = { 0, NULL };
1442
1443 do {
1444 ret = GetHksPubKeyInnerFormat(keyNode->runtimeParamSet, srcData, &publicKey);
1445 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get public key from x509 format failed, ret = %" LOG_PUBLIC "d.", ret)
1446
1447 struct HksBlob *agreeTemp = NULL;
1448 ret = ConstructAgreeBlob(&agreeTemp);
1449 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCoreAgreeBuildData failed, ret = %" LOG_PUBLIC "d.", ret)
1450
1451 ret = HksGetRawKey(keyNode->keyBlobParamSet, &rawKey);
1452 if (ret != HKS_SUCCESS) {
1453 HKS_LOG_E("agree get raw key failed!");
1454 FreeOutBlob(&agreeTemp);
1455 break;
1456 }
1457
1458 struct HksKeySpec agreeSpec = { 0 };
1459 HksFillKeySpec(keyNode->runtimeParamSet, &agreeSpec);
1460
1461 ret = HksCryptoHalAgreeKey(&rawKey, &publicKey, &agreeSpec, agreeTemp);
1462 if (ret != HKS_SUCCESS) {
1463 HKS_LOG_E("HksCryptoHalAgreeKey failed, ret = %" LOG_PUBLIC "d.", ret);
1464 FreeOutBlob(&agreeTemp);
1465 break;
1466 }
1467
1468 ctxParam->uint64Param = (uint64_t)(uintptr_t)agreeTemp;
1469 } while (0);
1470
1471 if (rawKey.data != NULL) {
1472 (void)memset_s(rawKey.data, rawKey.size, 0, rawKey.size);
1473 }
1474 HKS_FREE(rawKey.data);
1475 HKS_FREE(publicKey.data);
1476 return ret;
1477 }
1478
HksCoreAgreeThreeStageFinish(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData,uint32_t alg)1479 int32_t HksCoreAgreeThreeStageFinish(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1480 const struct HksBlob *inData, struct HksBlob *outData, uint32_t alg)
1481 {
1482 (void)inData;
1483 (void)alg;
1484 int32_t ret = CheckBlob(outData);
1485 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_ARGUMENT, "invalid outData")
1486
1487 void *ctx = GetCryptoCtx(keyNode);
1488 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_NULL_POINTER, "ctx is NULL!")
1489
1490 struct HksBlob *restoreData = (struct HksBlob *)ctx;
1491
1492 ret = BuildAgreeDeriveKeyBlobOrGetOutData(paramSet, restoreData, outData, HKS_KEY_FLAG_AGREE_KEY, keyNode);
1493
1494 FreeCachedData(&restoreData);
1495 ClearCryptoCtx(keyNode);
1496 return ret;
1497 }
1498
HksCoreAgreeThreeStageAbort(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,uint32_t alg)1499 int32_t HksCoreAgreeThreeStageAbort(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet, uint32_t alg)
1500 {
1501 (void)paramSet;
1502 (void)alg;
1503
1504 void *ctx = GetCryptoCtx(keyNode);
1505 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_NULL_POINTER, "ctx is NULL!")
1506
1507 struct HksBlob *restoreData = (struct HksBlob *)ctx;
1508
1509 FreeCachedData(&restoreData);
1510 ClearCryptoCtx(keyNode);
1511 return HKS_SUCCESS;
1512 }
1513
HksCoreMacThreeStageInit(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,uint32_t alg)1514 int32_t HksCoreMacThreeStageInit(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1515 uint32_t alg)
1516 {
1517 (void)paramSet;
1518 int32_t ret = HmacAuth(keyNode, keyNode->runtimeParamSet);
1519 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCoreMacThreeStageInit MacAuth fail ret : %" LOG_PUBLIC "d", ret)
1520
1521 struct HksParam *ctxParam = NULL;
1522 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
1523 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "get ctx from keyNode failed!")
1524
1525 struct HksBlob rawKey = { 0, NULL };
1526 do {
1527 ret = HksGetRawKey(keyNode->keyBlobParamSet, &rawKey);
1528 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "Derive get raw key failed!")
1529
1530 void *ctx = NULL;
1531 ret = HksCryptoHalHmacInit(&rawKey, alg, &ctx);
1532 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hmac init failed! ret : %" LOG_PUBLIC "d", ret)
1533
1534 ctxParam->uint64Param = (uint64_t)(uintptr_t)ctx;
1535 } while (0);
1536
1537 if (rawKey.data != NULL) {
1538 (void)memset_s(rawKey.data, rawKey.size, 0, rawKey.size);
1539 }
1540 HKS_FREE(rawKey.data);
1541
1542 return ret;
1543 }
1544
HksCoreMacThreeStageUpdate(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,const struct HksBlob * srcData,struct HksBlob * mac,uint32_t alg)1545 int32_t HksCoreMacThreeStageUpdate(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1546 const struct HksBlob *srcData, struct HksBlob *mac, uint32_t alg)
1547 {
1548 (void)paramSet;
1549 (void)mac;
1550 (void)alg;
1551 int32_t ret;
1552
1553 void *ctx = GetCryptoCtx(keyNode);
1554 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_NULL_POINTER, "ctx is NULL!")
1555
1556 ret = HksCryptoHalHmacUpdate(srcData, ctx);
1557 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "hmac update failed! ret : %" LOG_PUBLIC "d", ret)
1558
1559 return HKS_SUCCESS;
1560 }
1561
HksCoreMacThreeStageFinish(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData,uint32_t alg)1562 int32_t HksCoreMacThreeStageFinish(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet,
1563 const struct HksBlob *inData, struct HksBlob *outData, uint32_t alg)
1564 {
1565 (void)paramSet;
1566 (void)alg;
1567
1568 struct HksParam *digestParam = NULL;
1569 int32_t ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_DIGEST, &digestParam);
1570 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_DIGEST_FAIL, "get ctx from keyNode failed!")
1571
1572 uint32_t macLen;
1573 ret = HksGetDigestLen(digestParam->uint32Param, &macLen);
1574 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get digest len failed")
1575
1576 if ((CheckBlob(outData) != HKS_SUCCESS) || (outData->size < macLen)) {
1577 HKS_LOG_E("out buffer too small");
1578 return HKS_ERROR_BUFFER_TOO_SMALL;
1579 }
1580
1581 struct HksParam *ctxParam = NULL;
1582 ret = HksGetParam(keyNode->runtimeParamSet, HKS_TAG_CRYPTO_CTX, &ctxParam);
1583 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "get ctx from keyNode failed!")
1584
1585 void *ctx = (void *)(uintptr_t)ctxParam->uint64Param;
1586 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_NULL_POINTER, "ctx invalid")
1587
1588 ret = HksCryptoHalHmacFinal(inData, &ctx, outData);
1589 HKS_IF_NOT_SUCC_LOGE(ret, "hmac final failed! ret : %" LOG_PUBLIC "d", ret)
1590
1591 ctxParam->uint64Param = 0; /* clear ctx to NULL */
1592 return ret;
1593 }
1594
HksCoreMacThreeStageAbort(const struct HuksKeyNode * keyNode,const struct HksParamSet * paramSet,uint32_t alg)1595 int32_t HksCoreMacThreeStageAbort(const struct HuksKeyNode *keyNode, const struct HksParamSet *paramSet, uint32_t alg)
1596 {
1597 (void)alg;
1598 (void)paramSet;
1599
1600 void *ctx = GetCryptoCtx(keyNode);
1601 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_NULL_POINTER, "ctx invalid")
1602
1603 HksCryptoHalHmacFreeCtx(&ctx);
1604 ClearCryptoCtx(keyNode);
1605
1606 return HKS_SUCCESS;
1607 }
1608
1609 #endif /* _CUT_AUTHENTICATE_ */