1 /*
2 * Copyright (C) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "dh_common_param_spec_generator_openssl.h"
17 #include "dh_openssl_common.h"
18 #include "securec.h"
19
20 #include "log.h"
21 #include "memory.h"
22 #include "openssl_adapter.h"
23 #include "openssl_class.h"
24 #include "openssl_common.h"
25 #include "utils.h"
26
27 #define PARAMS_NUM_TWO 2
28 #define PARAMS_NUM_THREE 3
29
GenerateDhUnknownGroupEvpKey(int32_t pLen,EVP_PKEY ** ppkey)30 static HcfResult GenerateDhUnknownGroupEvpKey(int32_t pLen, EVP_PKEY **ppkey)
31 {
32 EVP_PKEY_CTX *paramsCtx = Openssl_EVP_PKEY_CTX_new_id(EVP_PKEY_DH, NULL);
33 if (paramsCtx == NULL) {
34 HcfPrintOpensslError();
35 LOGD("[error] Create params ctx failed.");
36 return HCF_ERR_CRYPTO_OPERATION;
37 }
38 HcfResult ret = HCF_SUCCESS;
39 do {
40 if (Openssl_EVP_PKEY_paramgen_init(paramsCtx) != HCF_OPENSSL_SUCCESS) {
41 HcfPrintOpensslError();
42 LOGD("[error] Params ctx paramgen init failed.");
43 ret = HCF_ERR_CRYPTO_OPERATION;
44 break;
45 }
46 if (Openssl_EVP_PKEY_CTX_set_dh_paramgen_prime_len(paramsCtx, pLen) <= 0) {
47 HcfPrintOpensslError();
48 LOGD("[error] Set prime length of bits to params ctx failed.");
49 ret = HCF_ERR_CRYPTO_OPERATION;
50 break;
51 }
52 if (Openssl_EVP_PKEY_paramgen(paramsCtx, ppkey) != HCF_OPENSSL_SUCCESS) {
53 HcfPrintOpensslError();
54 LOGD("[error] Generate params pkey failed.");
55 ret = HCF_ERR_CRYPTO_OPERATION;
56 break;
57 }
58 } while (0);
59 Openssl_EVP_PKEY_CTX_free(paramsCtx);
60 return ret;
61 }
62
GenerateDhKnownGroupEvpKey(int32_t skLen,char * nidName,EVP_PKEY ** ppkey)63 static HcfResult GenerateDhKnownGroupEvpKey(int32_t skLen, char *nidName, EVP_PKEY **ppkey)
64 {
65 HcfResult ret = HCF_SUCCESS;
66 EVP_PKEY_CTX *paramsCtx = NULL;
67 OSSL_PARAM params[PARAMS_NUM_THREE];
68
69 params[0] = Openssl_OSSL_PARAM_construct_utf8_string("group", nidName, 0);
70 if (skLen != 0) {
71 params[1] = Openssl_OSSL_PARAM_construct_int("priv_len", &skLen);
72 params[PARAMS_NUM_TWO] = Openssl_OSSL_PARAM_construct_end();
73 } else {
74 params[1] = Openssl_OSSL_PARAM_construct_end();
75 }
76 do {
77 paramsCtx = Openssl_EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL);
78 if (paramsCtx == NULL) {
79 LOGD("[error] New paramsCtx from name failed.");
80 ret = HCF_ERR_CRYPTO_OPERATION;
81 break;
82 }
83 if (Openssl_EVP_PKEY_keygen_init(paramsCtx) != HCF_OPENSSL_SUCCESS) {
84 LOGD("[error] Pkey keygen init failed.");
85 HcfPrintOpensslError();
86 ret = HCF_ERR_CRYPTO_OPERATION;
87 break;
88 }
89 if (Openssl_EVP_PKEY_CTX_set_params(paramsCtx, params) != HCF_OPENSSL_SUCCESS) {
90 LOGD("[error] Set paramsCtx failed.");
91 HcfPrintOpensslError();
92 ret = HCF_ERR_CRYPTO_OPERATION;
93 break;
94 }
95 if (Openssl_EVP_PKEY_generate(paramsCtx, ppkey) != HCF_OPENSSL_SUCCESS) {
96 LOGD("[error] Generate pKey failed.");
97 HcfPrintOpensslError();
98 ret = HCF_ERR_CRYPTO_OPERATION;
99 break;
100 }
101 } while (0);
102 if (paramsCtx != NULL) {
103 Openssl_EVP_PKEY_CTX_free(paramsCtx);
104 }
105 return ret;
106 }
107
BuildCommonParam(EVP_PKEY * dhKey,HcfDhCommParamsSpecSpi * returnCommonParamSpec)108 static HcfResult BuildCommonParam(EVP_PKEY *dhKey, HcfDhCommParamsSpecSpi *returnCommonParamSpec)
109 {
110 DH *sk = Openssl_EVP_PKEY_get1_DH(dhKey);
111 if (sk == NULL) {
112 LOGD("[error] Get dh private key from pkey failed");
113 HcfPrintOpensslError();
114 return HCF_ERR_CRYPTO_OPERATION;
115 }
116 if (BigNumToBigInteger(Openssl_DH_get0_p(sk), &(returnCommonParamSpec->paramsSpec.p)) != HCF_SUCCESS) {
117 LOGD("[error] BuildCommonParamPrime failed.");
118 Openssl_DH_free(sk);
119 return HCF_ERR_CRYPTO_OPERATION;
120 }
121 if (BigNumToBigInteger(Openssl_DH_get0_g(sk), &(returnCommonParamSpec->paramsSpec.g)) != HCF_SUCCESS) {
122 LOGD("[error] BuildCommonParamGenerator failed.");
123 Openssl_DH_free(sk);
124 HcfFree(returnCommonParamSpec->paramsSpec.p.data);
125 return HCF_ERR_CRYPTO_OPERATION;
126 }
127 Openssl_DH_free(sk);
128 return HCF_SUCCESS;
129 }
130
SetAlgName(const char * algName,char ** returnAlgName)131 static HcfResult SetAlgName(const char *algName, char **returnAlgName)
132 {
133 size_t srcAlgNameLen = HcfStrlen(algName);
134 if (!srcAlgNameLen) {
135 LOGE("AlgName is empty!");
136 return HCF_INVALID_PARAMS;
137 }
138 *returnAlgName = (char *)HcfMalloc(srcAlgNameLen + 1, 0);
139 if (*returnAlgName == NULL) {
140 LOGE("Failed to malloc algName memory.");
141 return HCF_ERR_MALLOC;
142 }
143 if (memcpy_s(*returnAlgName, srcAlgNameLen, algName, srcAlgNameLen) != EOK) {
144 LOGD("[error] Failed to memcpy algName.");
145 HcfFree(*returnAlgName);
146 return HCF_ERR_CRYPTO_OPERATION;
147 }
148 return HCF_SUCCESS;
149 }
150
HcfDhCommonParamSpecCreate(int32_t pLen,int32_t skLen,HcfDhCommParamsSpecSpi ** returnCommonParamSpec)151 HcfResult HcfDhCommonParamSpecCreate(int32_t pLen, int32_t skLen, HcfDhCommParamsSpecSpi **returnCommonParamSpec)
152 {
153 if (returnCommonParamSpec == NULL) {
154 LOGE("Invalid input parameter.");
155 return HCF_INVALID_PARAMS;
156 }
157 EVP_PKEY *dhKey = NULL;
158 char *nidName = GetNidNameByDhPLen(pLen);
159 if (nidName == NULL) {
160 if (GenerateDhUnknownGroupEvpKey(pLen, &dhKey) != HCF_SUCCESS) {
161 LOGD("[error] Generate dh unknown group evpKey failed.");
162 return HCF_ERR_CRYPTO_OPERATION;
163 }
164 } else {
165 if (GenerateDhKnownGroupEvpKey(skLen, nidName, &dhKey) != HCF_SUCCESS) {
166 LOGD("[error] Generate dh known group evpKey failed.");
167 return HCF_ERR_CRYPTO_OPERATION;
168 }
169 }
170 HcfDhCommParamsSpecSpi *object = (HcfDhCommParamsSpecSpi*)HcfMalloc(sizeof(HcfDhCommParamsSpecSpi), 0);
171 if (object == NULL) {
172 LOGE("Build dh common params object failed.");
173 Openssl_EVP_PKEY_free(dhKey);
174 return HCF_ERR_MALLOC;
175 }
176 const char *algName = "DH";
177 object->paramsSpec.base.specType = HCF_COMMON_PARAMS_SPEC;
178 object->paramsSpec.length = skLen;
179 if (SetAlgName(algName, &(object->paramsSpec.base.algName)) != HCF_SUCCESS) {
180 LOGE("Set algName parameter failed.");
181 HcfFree(object);
182 Openssl_EVP_PKEY_free(dhKey);
183 return HCF_INVALID_PARAMS;
184 }
185 if (BuildCommonParam(dhKey, object)!= HCF_SUCCESS) {
186 LOGD("[error] Get common params failed.");
187 HcfFree(object->paramsSpec.base.algName);
188 HcfFree(object);
189 Openssl_EVP_PKEY_free(dhKey);
190 return HCF_ERR_CRYPTO_OPERATION;
191 }
192 *returnCommonParamSpec = object;
193 Openssl_EVP_PKEY_free(dhKey);
194 return HCF_SUCCESS;
195 }
196