From 6eec192884f84d31039a50debb7408151147f0be Mon Sep 17 00:00:00 2001 From: xwb Date: Mon, 15 May 2023 14:51:33 +0800 Subject: [PATCH] review ECC Signed-off-by: xwb --- frameworks/crypto_operation/key_agreement.c | 19 +- .../js/napi/crypto/src/napi_key_agreement.cpp | 76 +- .../detailed_ecc_key_params.h | 80 + .../common/inc/ecc_openssl_common.h | 533 +++++++ .../common/src/openssl_adapter.c | 784 +++++++++- .../key_agreement/src/ecdh_openssl.c | 70 +- .../signature/src/ecdsa_openssl.c | 71 +- .../src/ecc_asy_key_generator_openssl.c | 1363 +++++++++++++++-- 8 files changed, 2718 insertions(+), 278 deletions(-) create mode 100644 interfaces/innerkits/algorithm_parameter/detailed_ecc_key_params.h create mode 100644 plugin/openssl_plugin/common/inc/ecc_openssl_common.h diff --git a/frameworks/crypto_operation/key_agreement.c b/frameworks/crypto_operation/key_agreement.c index 5a49e3b..ef0591b 100644 --- a/frameworks/crypto_operation/key_agreement.c +++ b/frameworks/crypto_operation/key_agreement.c @@ -63,7 +63,6 @@ static void SetKeyType(HCF_ALG_PARA_VALUE value, HcfKeyAgreementParams *paramsOb case HCF_ALG_ECC_256: case HCF_ALG_ECC_384: case HCF_ALG_ECC_521: - paramsObj->keyLen = value; paramsObj->algo = HCF_ALG_ECC; break; default: @@ -71,6 +70,18 @@ static void SetKeyType(HCF_ALG_PARA_VALUE value, HcfKeyAgreementParams *paramsOb } } +static void SetKeyTypeDefault(HCF_ALG_PARA_VALUE value, HcfKeyAgreementParams *paramsObj) +{ + switch (value) { + case HCF_ALG_ECC_DEFAULT: + paramsObj->algo = HCF_ALG_ECC; + break; + default: + LOGE("Invalid algo %u.", value); + break; + } +} + static HcfResult ParseKeyAgreementParams(const HcfParaConfig* config, void *params) { if (config == NULL || params == NULL) { @@ -80,6 +91,8 @@ static HcfResult ParseKeyAgreementParams(const HcfParaConfig* config, void *para HcfKeyAgreementParams *paramsObj = (HcfKeyAgreementParams *)params; LOGI("Set Parameter: %s", config->tag); switch (config->paraType) { + case HCF_ALG_TYPE: + SetKeyTypeDefault(config->paraValue, paramsObj); case HCF_ALG_KEY_TYPE: SetKeyType(config->paraValue, paramsObj); break; @@ -162,10 +175,10 @@ HcfResult HcfKeyAgreementCreate(const char *algoName, HcfKeyAgreement **returnOb if (strcpy_s(returnGenerator->algoName, HCF_MAX_ALGO_NAME_LEN, algoName) != EOK) { LOGE("Failed to copy algoName!"); HcfFree(returnGenerator); - return HCF_ERR_COPY; + return HCF_INVALID_PARAMS; } HcfKeyAgreementSpi *spiObj = NULL; - int32_t res = createSpiFunc(¶ms, &spiObj); + HcfResult res = createSpiFunc(¶ms, &spiObj); if (res != HCF_SUCCESS) { LOGE("Failed to create spi object!"); HcfFree(returnGenerator); diff --git a/frameworks/js/napi/crypto/src/napi_key_agreement.cpp b/frameworks/js/napi/crypto/src/napi_key_agreement.cpp index 7fb23eb..9202578 100644 --- a/frameworks/js/napi/crypto/src/napi_key_agreement.cpp +++ b/frameworks/js/napi/crypto/src/napi_key_agreement.cpp @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022 Huawei Device Co., Ltd. + * Copyright (C) 2022-2023 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -39,7 +39,8 @@ struct KeyAgreementCtx { HcfPriKey *priKey; HcfPubKey *pubKey; - HcfResult result; + HcfResult errCode = HCF_SUCCESS; + const char *errMsg = nullptr; HcfBlob returnSecret; }; @@ -79,16 +80,14 @@ static bool BuildKeyAgreementJsCtx(napi_env env, napi_callback_info info, KeyAgr napi_get_cb_info(env, info, &argc, argv, &thisVar, nullptr); if (argc != expectedArgc && argc != expectedArgc - 1) { LOGE("wrong argument num. require %zu or %zu arguments. [Argc]: %zu!", expectedArgc - 1, expectedArgc, argc); - napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "params num error.")); return false; } - ctx->asyncType = (argc == expectedArgc) ? ASYNC_CALLBACK : ASYNC_PROMISE; + ctx->asyncType = isCallback(env, argv[expectedArgc - 1], argc, expectedArgc) ? ASYNC_CALLBACK : ASYNC_PROMISE; NapiKeyAgreement *napiKeyAgreement = nullptr; napi_status status = napi_unwrap(env, thisVar, reinterpret_cast(&napiKeyAgreement)); if (status != napi_ok) { LOGE("failed to unwrap napi verify obj."); - napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "[Self]: param unwarp error.")); return false; } @@ -97,7 +96,6 @@ static bool BuildKeyAgreementJsCtx(napi_env env, napi_callback_info info, KeyAgr status = napi_unwrap(env, argv[index], reinterpret_cast(&napiPriKey)); if (status != napi_ok) { LOGE("failed to unwrap priKey verify obj."); - napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "[PriKey]: param unwarp error.")); return false; } @@ -106,7 +104,6 @@ static bool BuildKeyAgreementJsCtx(napi_env env, napi_callback_info info, KeyAgr status = napi_unwrap(env, argv[index], reinterpret_cast(&napiPubKey)); if (status != napi_ok) { LOGE("failed to unwrap napi pubKey obj."); - napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "[PubKey]: param unwarp error.")); return false; } @@ -125,8 +122,8 @@ static bool BuildKeyAgreementJsCtx(napi_env env, napi_callback_info info, KeyAgr static void ReturnCallbackResult(napi_env env, KeyAgreementCtx *ctx, napi_value result) { napi_value businessError = nullptr; - if (ctx->result != HCF_SUCCESS) { - businessError = GenerateBusinessError(env, ctx->result, COMMON_ERR_MSG.c_str()); + if (ctx->errCode != HCF_SUCCESS) { + businessError = GenerateBusinessError(env, ctx->errCode, ctx->errMsg); } napi_value params[ARGS_SIZE_TWO] = { businessError, result }; @@ -142,11 +139,11 @@ static void ReturnCallbackResult(napi_env env, KeyAgreementCtx *ctx, napi_value static void ReturnPromiseResult(napi_env env, KeyAgreementCtx *ctx, napi_value result) { - if (ctx->result == HCF_SUCCESS) { + if (ctx->errCode == HCF_SUCCESS) { napi_resolve_deferred(env, ctx->deferred, result); } else { napi_reject_deferred(env, ctx->deferred, - GenerateBusinessError(env, ctx->result, COMMON_ERR_MSG.c_str())); + GenerateBusinessError(env, ctx->errCode, ctx->errMsg)); } } @@ -154,12 +151,12 @@ void KeyAgreementAsyncWorkProcess(napi_env env, void *data) { KeyAgreementCtx *ctx = static_cast(data); - HcfResult res = ctx->keyAgreement->generateSecret(ctx->keyAgreement, + ctx->errCode = ctx->keyAgreement->generateSecret(ctx->keyAgreement, ctx->priKey, ctx->pubKey, &ctx->returnSecret); - - ctx->result = res; - if (res != HCF_SUCCESS) { + if (ctx->errCode != HCF_SUCCESS) { + napi_throw(env, GenerateBusinessError(env, ctx->errCode, "generate secret fail.")); LOGE("generate secret fail."); + ctx->errMsg = "generate secret fail."; } } @@ -168,7 +165,7 @@ void KeyAgreementAsyncWorkReturn(napi_env env, napi_status status, void *data) KeyAgreementCtx *ctx = static_cast(data); napi_value dataBlob = nullptr; - if (ctx->result == HCF_SUCCESS) { + if (ctx->errCode == HCF_SUCCESS) { dataBlob = ConvertBlobToNapiValue(env, &ctx->returnSecret); } @@ -183,9 +180,9 @@ void KeyAgreementAsyncWorkReturn(napi_env env, napi_status status, void *data) static napi_value NewKeyAgreementAsyncWork(napi_env env, KeyAgreementCtx *ctx) { napi_value resourceName = nullptr; - napi_create_string_utf8(env, "generateSecret", NAPI_AUTO_LENGTH, &resourceName); + NAPI_CALL(env, napi_create_string_utf8(env, "generateSecret", NAPI_AUTO_LENGTH, &resourceName)); - napi_create_async_work( + NAPI_CALL(env, napi_create_async_work( env, nullptr, resourceName, [](napi_env env, void *data) { KeyAgreementAsyncWorkProcess(env, data); @@ -196,15 +193,13 @@ static napi_value NewKeyAgreementAsyncWork(napi_env env, KeyAgreementCtx *ctx) return; }, static_cast(ctx), - &ctx->asyncWork); + &ctx->asyncWork)); - napi_queue_async_work(env, ctx->asyncWork); + NAPI_CALL(env, napi_queue_async_work(env, ctx->asyncWork)); if (ctx->asyncType == ASYNC_PROMISE) { return ctx->promise; } else { - napi_value result = nullptr; - napi_get_null(env, &result); - return result; + return NapiGetNull(env); } } @@ -225,14 +220,15 @@ HcfKeyAgreement *NapiKeyAgreement::GetKeyAgreement() napi_value NapiKeyAgreement::JsGenerateSecret(napi_env env, napi_callback_info info) { - LOGI("enter ..."); KeyAgreementCtx *ctx = static_cast(HcfMalloc(sizeof(KeyAgreementCtx), 0)); if (ctx == nullptr) { + napi_throw(env, GenerateBusinessError(env, HCF_ERR_MALLOC, "create context fail.")); LOGE("create context fail."); return nullptr; } if (!BuildKeyAgreementJsCtx(env, info, ctx)) { + napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "build context fail.")); LOGE("build context fail."); FreeKeyAgreementCtx(env, ctx); return nullptr; @@ -243,46 +239,48 @@ napi_value NapiKeyAgreement::JsGenerateSecret(napi_env env, napi_callback_info i napi_value NapiKeyAgreement::KeyAgreementConstructor(napi_env env, napi_callback_info info) { - LOGI("enter ..."); - napi_value thisVar = nullptr; - napi_get_cb_info(env, info, nullptr, nullptr, &thisVar, nullptr); - - LOGI("out ..."); + NAPI_CALL(env, napi_get_cb_info(env, info, nullptr, nullptr, &thisVar, nullptr)); return thisVar; } napi_value NapiKeyAgreement::CreateJsKeyAgreement(napi_env env, napi_callback_info info) { - LOGI("enter ..."); size_t expectedArgc = PARAMS_NUM_ONE; size_t argc = PARAMS_NUM_ONE; napi_value argv[PARAMS_NUM_ONE] = { nullptr }; - napi_get_cb_info(env, info, &argc, argv, nullptr, nullptr); - + NAPI_CALL(env, napi_get_cb_info(env, info, &argc, argv, nullptr, nullptr)); if (argc != expectedArgc) { + napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "The input args num is invalid.")); LOGE("The input args num is invalid."); return nullptr; } napi_value instance; napi_value constructor = nullptr; - napi_get_reference_value(env, classRef_, &constructor); - napi_new_instance(env, constructor, argc, argv, &instance); + NAPI_CALL(env, napi_get_reference_value(env, classRef_, &constructor)); + NAPI_CALL(env, napi_new_instance(env, constructor, argc, argv, &instance)); std::string algName; if (!GetStringFromJSParams(env, argv[0], algName)) { + napi_throw(env, GenerateBusinessError(env, HCF_INVALID_PARAMS, "Get algName is invalid.")); return nullptr; } HcfKeyAgreement *keyAgreement = nullptr; - int32_t res = HcfKeyAgreementCreate(algName.c_str(), &keyAgreement); + HcfResult res = HcfKeyAgreementCreate(algName.c_str(), &keyAgreement); if (res != HCF_SUCCESS) { + napi_throw(env, GenerateBusinessError(env, res, "create c keyAgreement fail.")); LOGE("create c keyAgreement fail."); return nullptr; } - NapiKeyAgreement *napiKeyAgreement = new NapiKeyAgreement(keyAgreement); + NapiKeyAgreement *napiKeyAgreement = new (std::nothrow) NapiKeyAgreement(keyAgreement); + if (napiKeyAgreement == nullptr) { + napi_throw(env, GenerateBusinessError(env, HCF_ERR_MALLOC, "new napi key agreement failed.")); + LOGE("new napi key agreement failed"); + return nullptr; + } napi_wrap( env, instance, napiKeyAgreement, @@ -295,10 +293,8 @@ napi_value NapiKeyAgreement::CreateJsKeyAgreement(napi_env env, napi_callback_in nullptr); napi_value napiAlgName = nullptr; - napi_create_string_utf8(env, algName.c_str(), NAPI_AUTO_LENGTH, &napiAlgName); - napi_set_named_property(env, instance, CRYPTO_TAG_ALG_NAME.c_str(), napiAlgName); - - LOGI("out ..."); + NAPI_CALL(env, napi_create_string_utf8(env, algName.c_str(), NAPI_AUTO_LENGTH, &napiAlgName)); + NAPI_CALL(env, napi_set_named_property(env, instance, CRYPTO_TAG_ALG_NAME.c_str(), napiAlgName)); return instance; } diff --git a/interfaces/innerkits/algorithm_parameter/detailed_ecc_key_params.h b/interfaces/innerkits/algorithm_parameter/detailed_ecc_key_params.h new file mode 100644 index 0000000..a2af540 --- /dev/null +++ b/interfaces/innerkits/algorithm_parameter/detailed_ecc_key_params.h @@ -0,0 +1,80 @@ +/* + * Copyright (C) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef HCF_DETAILED_ECC_KEY_PARAMS_H +#define HCF_DETAILED_ECC_KEY_PARAMS_H + +#include +#include + +#include "asy_key_params.h" +#include "big_integer.h" + +typedef struct HcfECField { + char *fieldType; +} HcfECField; + +typedef struct HcfECFieldFp { + HcfECField base; + HcfBigInteger p; +} HcfECFieldFp; + +typedef struct HcfPoint HcfPoint; +struct HcfPoint { + HcfBigInteger x; + HcfBigInteger y; +}; + +typedef struct HcfEccCommParamsSpec { + HcfAsyKeyParamsSpec base; + HcfECField *field; + HcfBigInteger a; + HcfBigInteger b; + HcfPoint g; + HcfBigInteger n; + int32_t h; +} HcfEccCommParamsSpec; + +typedef struct HcfEccPubKeyParamsSpec { + HcfEccCommParamsSpec base; + HcfPoint pk; +} HcfEccPubKeyParamsSpec; + +typedef struct HcfEccPriKeyParamsSpec { + HcfEccCommParamsSpec base; + HcfBigInteger sk; +} HcfEccPriKeyParamsSpec; + +typedef struct HcfEccKeyPairParamsSpec { + HcfEccCommParamsSpec base; + HcfBigInteger sk; + HcfPoint pk; +} HcfEccKeyPairParamsSpec; +#ifdef __cplusplus +extern "C" { +#endif + +void FreeEccCommParamsSpec(HcfEccCommParamsSpec *spec); + +void DestroyEccPriKeySpec(HcfEccPriKeyParamsSpec *spec); + +void DestroyEccPubKeySpec(HcfEccPubKeyParamsSpec *spec); + +void DestroyEccKeyPairSpec(HcfEccKeyPairParamsSpec *spec); + +#ifdef __cplusplus +} +#endif +#endif \ No newline at end of file diff --git a/plugin/openssl_plugin/common/inc/ecc_openssl_common.h b/plugin/openssl_plugin/common/inc/ecc_openssl_common.h new file mode 100644 index 0000000..e05110b --- /dev/null +++ b/plugin/openssl_plugin/common/inc/ecc_openssl_common.h @@ -0,0 +1,533 @@ +/* + * Copyright (C) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef HCF_ECC_OPENSSL_COMMON_H +#define HCF_ECC_OPENSSL_COMMON_H + +#include "utils.h" + +static const int32_t NID_secp224r1_len = 28; +static const int32_t NID_X9_62_prime256v1_len = 32; +static const int32_t NID_secp384r1_len = 48; +static const int32_t NID_secp521r1_len = 66; + +static unsigned char g_ecc224CorrectBigP[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x01 +}; + +static unsigned char g_ecc224CorrectBigA[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFE +}; + +static unsigned char g_ecc224CorrectBigB[] = { + 0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, 0x32, 0x56, + 0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43, + 0x23, 0x55, 0xFF, 0xB4 +}; + +static unsigned char g_ecc224CorrectBigGX[] = { + 0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, 0x90, 0xB9, + 0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6, + 0x11, 0x5C, 0x1D, 0x21 +}; + +static unsigned char g_ecc224CorrectBigGY[] = { + 0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, 0xdf, 0xe6, + 0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, 0x81, 0x99, + 0x85, 0x00, 0x7e, 0x34 +}; + +static unsigned char g_ecc224CorrectBigN[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45, + 0x5C, 0x5C, 0x2A, 0x3D +}; + +static unsigned char g_ecc224CorrectBigSk[] = { + 0x3F, 0x0C, 0x48, 0x8E, 0x98, 0x7C, 0x80, 0xBE, 0x0F, 0xEE, 0x52, 0x1F, + 0x8D, 0x90, 0xBE, 0x60, 0x34, 0xEC, 0x69, 0xAE, 0x11, 0xCA, 0x72, 0xAA, + 0x77, 0x74, 0x81, 0xE8 +}; + +static unsigned char g_ecc224CorrectBigPkX[] = { + 0xE8, 0x4F, 0xB0, 0xB8, 0xE7, 0x00, 0x0C, 0xB6, 0x57, 0xD7, 0x97, 0x3C, + 0xF6, 0xB4, 0x2E, 0xD7, 0x8B, 0x30, 0x16, 0x74, 0x27, 0x6D, 0xF7, 0x44, + 0xAF, 0x13, 0x0B, 0x3E +}; + +static unsigned char g_ecc224CorrectBigPkY[] = { + 0x43, 0x76, 0x67, 0x5C, 0x6F, 0xC5, 0x61, 0x2C, 0x21, 0xA0, 0xFF, 0x2D, + 0x2A, 0x89, 0xD2, 0x98, 0x7D, 0xF7, 0xA2, 0xBC, 0x52, 0x18, 0x3B, 0x59, + 0x82, 0x29, 0x85, 0x55 +}; + +static unsigned char g_ecc224CorrectLittleP[] = { + 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff +}; + +static unsigned char g_ecc224CorrectLittleA[] = { + 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff +}; + +static unsigned char g_ecc224CorrectLittleB[] = { + 0xb4, 0xff, 0x55, 0x23, 0x43, 0x39, 0x0b, 0x27, 0xba, 0xd8, 0xbf, 0xd7, + 0xb7, 0xb0, 0x44, 0x50, 0x56, 0x32, 0x41, 0xf5, 0xab, 0xb3, 0x04, 0x0c, + 0x85, 0x0a, 0x05, 0xb4 +}; + +static unsigned char g_ecc224CorrectLittleGX[] = { + 0x21, 0x1d, 0x5c, 0x11, 0xd6, 0x80, 0x32, 0x34, 0x22, 0x11, 0xc2, 0x56, + 0xd3, 0xc1, 0x03, 0x4a, 0xb9, 0x90, 0x13, 0x32, 0x7f, 0xbf, 0xb4, 0x6b, + 0xbd, 0x0c, 0x0e, 0xb7 +}; + +static unsigned char g_ecc224CorrectLittleGY[] = { + 0x34, 0x7e, 0x00, 0x85, 0x99, 0x81, 0xd5, 0x44, 0x64, 0x47, 0x07, 0x5a, + 0xa0, 0x75, 0x43, 0xcd, 0xe6, 0xdf, 0x22, 0x4c, 0xfb, 0x23, 0xf7, 0xb5, + 0x88, 0x63, 0x37, 0xbd +}; + +static unsigned char g_ecc224CorrectLittleN[] = { + 0x3d, 0x2a, 0x5c, 0x5c, 0x45, 0x29, 0xdd, 0x13, 0x3e, 0xf0, 0xb8, 0xe0, + 0xa2, 0x16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff +}; + +static unsigned char g_ecc224CorrectLittleSk[] = { + 0xe8, 0x81, 0x74, 0x77, 0xaa, 0x72, 0xca, 0x11, 0xae, 0x69, 0xec, 0x34, + 0x60, 0xbe, 0x90, 0x8d, 0x1f, 0x52, 0xee, 0x0f, 0xbe, 0x80, 0x7c, 0x98, + 0x8e, 0x48, 0x0c, 0x3f +}; + +static unsigned char g_ecc224CorrectLittlePkX[] = { + 0x3e, 0x0b, 0x13, 0xaf, 0x44, 0xf7, 0x6d, 0x27, 0x74, 0x16, 0x30, 0x8b, + 0xd7, 0x2e, 0xb4, 0xf6, 0x3c, 0x97, 0xd7, 0x57, 0xb6, 0x0c, 0x00, 0xe7, + 0xb8, 0xb0, 0x4f, 0xe8 +}; + +static unsigned char g_ecc224CorrectLittlePkY[] = { + 0x55, 0x85, 0x29, 0x82, 0x59, 0x3b, 0x18, 0x52, 0xbc, 0xa2, 0xf7, 0x7d, + 0x98, 0xd2, 0x89, 0x2a, 0x2d, 0xff, 0xa0, 0x21, 0x2c, 0x61, 0xc5, 0x6f, + 0x5c, 0x67, 0x76, 0x43 +}; + +// ECC256 +static unsigned char g_ecc256CorrectBigP[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF +}; + +static unsigned char g_ecc256CorrectBigA[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC +}; + +static unsigned char g_ecc256CorrectBigB[] = { + 0x5A, 0xC6, 0x35, 0xD8, 0xAA, 0x3A, 0x93, 0xE7, 0xB3, 0xEB, 0xBD, 0x55, + 0x76, 0x98, 0x86, 0xBC, 0x65, 0x1D, 0x06, 0xB0, 0xCC, 0x53, 0xB0, 0xF6, + 0x3B, 0xCE, 0x3C, 0x3E, 0x27, 0xD2, 0x60, 0x4B +}; + +static unsigned char g_ecc256CorrectBigGX[] = { + 0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC, 0xE6, 0xE5, + 0x63, 0xA4, 0x40, 0xF2, 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0, + 0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96 +}; + +static unsigned char g_ecc256CorrectBigGY[] = { + 0x4F, 0xE3, 0x42, 0xE2, 0xFE, 0x1A, 0x7F, 0x9B, 0x8E, 0xE7, 0xEB, 0x4A, + 0x7C, 0x0F, 0x9E, 0x16, 0x2B, 0xCE, 0x33, 0x57, 0x6B, 0x31, 0x5E, 0xCE, + 0xCB, 0xB6, 0x40, 0x68, 0x37, 0xBF, 0x51, 0xF5 +}; + +static unsigned char g_ecc256CorrectBigN[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, + 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51 +}; + +static unsigned char g_ecc256CorrectBigSk[] = { + 0xB2, 0x81, 0x28, 0x15, 0x22, 0x43, 0x2D, 0xAB, 0x54, 0x67, 0xC3, 0x0D, + 0x1F, 0x2C, 0x5F, 0xA4, 0x5D, 0x2C, 0xC8, 0x9F, 0x30, 0x47, 0xDC, 0x6E, + 0x8C, 0xEC, 0xBA, 0x1E, 0xBE, 0xC2, 0x05, 0x67 +}; + +static unsigned char g_ecc256CorrectBigPkX[] = { + 0x9C, 0x7A, 0xB7, 0x70, 0xD0, 0x15, 0x29, 0x18, 0xB7, 0xCA, 0x13, 0x76, + 0x66, 0xC6, 0xAA, 0xB7, 0x68, 0x19, 0x4F, 0x0C, 0x15, 0xC5, 0xF2, 0x38, + 0xC5, 0xA7, 0xF1, 0xC6, 0x0E, 0x0B, 0x39, 0x23 +}; + +static unsigned char g_ecc256CorrectBigPkY[] = { + 0xA6, 0x31, 0xB0, 0x15, 0x06, 0x44, 0x82, 0x40, 0xD5, 0x10, 0xA9, 0xF7, + 0xDF, 0x79, 0xC1, 0xDE, 0xBD, 0xE4, 0x7E, 0xC2, 0x4F, 0x7D, 0xAC, 0xFF, + 0xF7, 0x47, 0x4E, 0x1C, 0x9F, 0xBA, 0x48, 0xAA +}; + +static unsigned char g_ecc256CorrectLittleP[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF +}; + +static unsigned char g_ecc256CorrectLittleA[] = { + 0xFC, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF +}; + +static unsigned char g_ecc256CorrectLittleB[] = { + 0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B, 0xF6, 0xB0, 0x53, 0xCC, + 0xB0, 0x06, 0x1D, 0x65, 0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD, 0xEB, 0xB3, + 0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A +}; + +static unsigned char g_ecc256CorrectLittleGX[] = { + 0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4, 0xA0, 0x33, 0xEB, 0x2D, + 0x81, 0x7D, 0x03, 0x77, 0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8, + 0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B +}; + +static unsigned char g_ecc256CorrectLittleGY[] = { + 0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB, 0xCE, 0x5E, 0x31, 0x6B, + 0x57, 0x33, 0xCE, 0x2B, 0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E, + 0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F +}; + +static unsigned char g_ecc256CorrectLittleN[] = { + 0x51, 0x25, 0x63, 0xFC, 0xC2, 0xCA, 0xB9, 0xF3, 0x84, 0x9E, 0x17, 0xA7, + 0xAD, 0xFA, 0xE6, 0xBC, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF +}; + +static unsigned char g_ecc256CorrectLittleSk[] = { + 0x67, 0x05, 0xC2, 0xBE, 0x1E, 0xBA, 0xEC, 0x8C, 0x6E, 0xDC, 0x47, 0x30, + 0x9F, 0xC8, 0x2C, 0x5D, 0xA4, 0x5F, 0x2C, 0x1F, 0x0D, 0xC3, 0x67, 0x54, + 0xAB, 0x2D, 0x43, 0x22, 0x15, 0x28, 0x81, 0xB2 +}; + +static unsigned char g_ecc256CorrectLittlePkX[] = { + 0x23, 0x39, 0x0B, 0x0E, 0xC6, 0xF1, 0xA7, 0xC5, 0x38, 0xF2, 0xC5, 0x15, + 0x0C, 0x4F, 0x19, 0x68, 0xB7, 0xAA, 0xC6, 0x66, 0x76, 0x13, 0xCA, 0xB7, + 0x18, 0x29, 0x15, 0xD0, 0x70, 0xB7, 0x7A, 0x9C +}; + +static unsigned char g_ecc256CorrectLittlePkY[] = { + 0xAA, 0x48, 0xBA, 0x9F, 0x1C, 0x4E, 0x47, 0xF7, 0xFF, 0xAC, 0x7D, 0x4F, + 0xC2, 0x7E, 0xE4, 0xBD, 0xDE, 0xC1, 0x79, 0xDF, 0xF7, 0xA9, 0x10, 0xD5, + 0x40, 0x82, 0x44, 0x06, 0x15, 0xB0, 0x31, 0xA6, +}; + +// ECC384 +static unsigned char g_ecc384CorrectBigP[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF +}; + +static unsigned char g_ecc384CorrectBigA[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFC +}; + +static unsigned char g_ecc384CorrectBigB[] = { + 0xB3, 0x31, 0x2F, 0xA7, 0xE2, 0x3E, 0xE7, 0xE4, 0x98, 0x8E, 0x05, 0x6B, + 0xE3, 0xF8, 0x2D, 0x19, 0x18, 0x1D, 0x9C, 0x6E, 0xFE, 0x81, 0x41, 0x12, + 0x03, 0x14, 0x08, 0x8F, 0x50, 0x13, 0x87, 0x5A, 0xC6, 0x56, 0x39, 0x8D, + 0x8A, 0x2E, 0xD1, 0x9D, 0x2A, 0x85, 0xC8, 0xED, 0xD3, 0xEC, 0x2A, 0xEF +}; + +static unsigned char g_ecc384CorrectBigGX[] = { + 0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37, 0x8E, 0xB1, 0xC7, 0x1E, + 0xF3, 0x20, 0xAD, 0x74, 0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98, + 0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38, 0x55, 0x02, 0xF2, 0x5D, + 0xBF, 0x55, 0x29, 0x6C, 0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7 +}; + +static unsigned char g_ecc384CorrectBigGY[] = { + 0x36, 0x17, 0xDE, 0x4A, 0x96, 0x26, 0x2C, 0x6F, 0x5D, 0x9E, 0x98, 0xBF, + 0x92, 0x92, 0xDC, 0x29, 0xF8, 0xF4, 0x1D, 0xBD, 0x28, 0x9A, 0x14, 0x7C, + 0xE9, 0xDA, 0x31, 0x13, 0xB5, 0xF0, 0xB8, 0xC0, 0x0A, 0x60, 0xB1, 0xCE, + 0x1D, 0x7E, 0x81, 0x9D, 0x7A, 0x43, 0x1D, 0x7C, 0x90, 0xEA, 0x0E, 0x5F, +}; + +static unsigned char g_ecc384CorrectBigN[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xC7, 0x63, 0x4D, 0x81, 0xF4, 0x37, 0x2D, 0xDF, 0x58, 0x1A, 0x0D, 0xB2, + 0x48, 0xB0, 0xA7, 0x7A, 0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73 +}; + +static unsigned char g_ecc384CorrectBigSk[] = { + 0x93, 0xFA, 0x94, 0x79, 0x43, 0xB2, 0xA4, 0x0B, 0x60, 0xB8, 0x88, 0x51, + 0x45, 0xE5, 0xD7, 0x74, 0x9A, 0x16, 0x10, 0x61, 0x6B, 0xE8, 0xD7, 0x69, + 0xE5, 0x01, 0xF0, 0x8F, 0xED, 0xE3, 0x5B, 0xF2, 0x0E, 0x0A, 0xCC, 0x70, + 0xF6, 0xD7, 0xDF, 0x9A, 0x89, 0x45, 0xB5, 0xCA, 0x34, 0xB2, 0xAA, 0xD8 +}; + +static unsigned char g_ecc384CorrectBigPkX[] = { + 0x66, 0x44, 0xA4, 0x54, 0xF9, 0xC2, 0x3F, 0x47, 0x03, 0xF1, 0xD8, 0x7A, + 0xE4, 0xE9, 0xC5, 0x94, 0xEB, 0x19, 0x99, 0x76, 0x9E, 0x34, 0xD6, 0x3A, + 0x57, 0x89, 0x3F, 0xF2, 0x6B, 0x6F, 0xE7, 0x6E, 0x22, 0x9E, 0x3A, 0x28, + 0x2D, 0xBE, 0x8B, 0x52, 0xFA, 0xDC, 0xE2, 0xB0, 0x5F, 0x5F, 0x82, 0x1A +}; + +static unsigned char g_ecc384CorrectBigPkY[] = { + 0x78, 0x19, 0x7B, 0x9C, 0xD4, 0x13, 0x7B, 0xFB, 0xD5, 0x5B, 0x95, 0x80, + 0xBB, 0xEE, 0x7E, 0x4F, 0x30, 0x7D, 0xA4, 0x66, 0xD5, 0xB9, 0xC3, 0x95, + 0xB5, 0x62, 0x18, 0x9E, 0x48, 0xCB, 0x1B, 0xC9, 0xE6, 0x2B, 0xB5, 0xA0, + 0xF1, 0xCB, 0x2D, 0xFD, 0x13, 0x15, 0x82, 0x7D, 0xF7, 0x3F, 0x69, 0x1A +}; + +static unsigned char g_ecc384CorrectLittleP[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF +}; + +static unsigned char g_ecc384CorrectLittleA[] = { + 0xFC, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF +}; + +static unsigned char g_ecc384CorrectLittleB[] = { + 0xEF, 0x2A, 0xEC, 0xD3, 0xED, 0xC8, 0x85, 0x2A, 0x9D, 0xD1, 0x2E, 0x8A, + 0x8D, 0x39, 0x56, 0xC6, 0x5A, 0x87, 0x13, 0x50, 0x8F, 0x08, 0x14, 0x03, + 0x12, 0x41, 0x81, 0xFE, 0x6E, 0x9C, 0x1D, 0x18, 0x19, 0x2D, 0xF8, 0xE3, + 0x6B, 0x05, 0x8E, 0x98, 0xE4, 0xE7, 0x3E, 0xE2, 0xA7, 0x2F, 0x31, 0xB3 +}; + +static unsigned char g_ecc384CorrectLittleGX[] = { + 0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A, 0x6C, 0x29, 0x55, 0xBF, + 0x5D, 0xF2, 0x02, 0x55, 0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59, + 0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E, 0x74, 0xAD, 0x20, 0xF3, + 0x1E, 0xC7, 0xB1, 0x8E, 0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA +}; + +static unsigned char g_ecc384CorrectLittleGY[] = { + 0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A, 0x9D, 0x81, 0x7E, 0x1D, + 0xCE, 0xB1, 0x60, 0x0A, 0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9, + 0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8, 0x29, 0xDC, 0x92, 0x92, + 0xBF, 0x98, 0x9E, 0x5D, 0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36 +}; + +static unsigned char g_ecc384CorrectLittleN[] = { + 0x73, 0x29, 0xC5, 0xCC, 0x6A, 0x19, 0xEC, 0xEC, 0x7A, 0xA7, 0xB0, 0x48, + 0xB2, 0x0D, 0x1A, 0x58, 0xDF, 0x2D, 0x37, 0xF4, 0x81, 0x4D, 0x63, 0xC7, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF +}; + +static unsigned char g_ecc384CorrectLittleSk[] = { + 0xD8, 0xAA, 0xB2, 0x34, 0xCA, 0xB5, 0x45, 0x89, 0x9A, 0xDF, 0xD7, 0xF6, + 0x70, 0xCC, 0x0A, 0x0E, 0xF2, 0x5B, 0xE3, 0xED, 0x8F, 0xF0, 0x01, 0xE5, + 0x69, 0xD7, 0xE8, 0x6B, 0x61, 0x10, 0x16, 0x9A, 0x74, 0xD7, 0xE5, 0x45, + 0x51, 0x88, 0xB8, 0x60, 0x0B, 0xA4, 0xB2, 0x43, 0x79, 0x94, 0xFA, 0x93 +}; + +static unsigned char g_ecc384CorrectLittlePkX[] = { + 0x1A, 0x82, 0x5F, 0x5F, 0xB0, 0xE2, 0xDC, 0xFA, 0x52, 0x8B, 0xBE, 0x2D, + 0x28, 0x3A, 0x9E, 0x22, 0x6E, 0xE7, 0x6F, 0x6B, 0xF2, 0x3F, 0x89, 0x57, + 0x3A, 0xD6, 0x34, 0x9E, 0x76, 0x99, 0x19, 0xEB, 0x94, 0xC5, 0xE9, 0xE4, + 0x7A, 0xD8, 0xF1, 0x03, 0x47, 0x3F, 0xC2, 0xF9, 0x54, 0xA4, 0x44, 0x66 +}; + +static unsigned char g_ecc384CorrectLittlePkY[] = { + 0x1A, 0x69, 0x3F, 0xF7, 0x7D, 0x82, 0x15, 0x13, 0xFD, 0x2D, 0xCB, 0xF1, + 0xA0, 0xB5, 0x2B, 0xE6, 0xC9, 0x1B, 0xCB, 0x48, 0x9E, 0x18, 0x62, 0xB5, + 0x95, 0xC3, 0xB9, 0xD5, 0x66, 0xA4, 0x7D, 0x30, 0x4F, 0x7E, 0xEE, 0xBB, + 0x80, 0x95, 0x5B, 0xD5, 0xFB, 0x7B, 0x13, 0xD4, 0x9C, 0x7B, 0x19, 0x78 +}; + +// ECC521 +static unsigned char g_ecc521CorrectBigP[] = { + 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF +}; + +static unsigned char g_ecc521CorrectBigA[] = { + 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC +}; + +static unsigned char g_ecc521CorrectBigB[] = { + 0x00, 0x51, 0x95, 0x3E, 0xB9, 0x61, 0x8E, 0x1C, 0x9A, 0x1F, 0x92, 0x9A, + 0x21, 0xA0, 0xB6, 0x85, 0x40, 0xEE, 0xA2, 0xDA, 0x72, 0x5B, 0x99, 0xB3, + 0x15, 0xF3, 0xB8, 0xB4, 0x89, 0x91, 0x8E, 0xF1, 0x09, 0xE1, 0x56, 0x19, + 0x39, 0x51, 0xEC, 0x7E, 0x93, 0x7B, 0x16, 0x52, 0xC0, 0xBD, 0x3B, 0xB1, + 0xBF, 0x07, 0x35, 0x73, 0xDF, 0x88, 0x3D, 0x2C, 0x34, 0xF1, 0xEF, 0x45, + 0x1F, 0xD4, 0x6B, 0x50, 0x3F, 0x00 +}; + +static unsigned char g_ecc521CorrectBigGX[] = { + 0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04, 0xE9, 0xCD, 0x9E, 0x3E, + 0xCB, 0x66, 0x23, 0x95, 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F, + 0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D, 0x3D, 0xBA, 0xA1, 0x4B, + 0x5E, 0x77, 0xEF, 0xE7, 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF, + 0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A, 0x42, 0x9B, 0xF9, 0x7E, + 0x7E, 0x31, 0xC2, 0xE5, 0xBD, 0x66 +}; + +static unsigned char g_ecc521CorrectBigGY[] = { + 0x01, 0x18, 0x39, 0x29, 0x6A, 0x78, 0x9A, 0x3B, 0xC0, 0x04, 0x5C, 0x8A, + 0x5F, 0xB4, 0x2C, 0x7D, 0x1B, 0xD9, 0x98, 0xF5, 0x44, 0x49, 0x57, 0x9B, + 0x44, 0x68, 0x17, 0xAF, 0xBD, 0x17, 0x27, 0x3E, 0x66, 0x2C, 0x97, 0xEE, + 0x72, 0x99, 0x5E, 0xF4, 0x26, 0x40, 0xC5, 0x50, 0xB9, 0x01, 0x3F, 0xAD, + 0x07, 0x61, 0x35, 0x3C, 0x70, 0x86, 0xA2, 0x72, 0xC2, 0x40, 0x88, 0xBE, + 0x94, 0x76, 0x9F, 0xD1, 0x66, 0x50 +}; + +static unsigned char g_ecc521CorrectBigN[] = { + 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFA, 0x51, 0x86, + 0x87, 0x83, 0xBF, 0x2F, 0x96, 0x6B, 0x7F, 0xCC, 0x01, 0x48, 0xF7, 0x09, + 0xA5, 0xD0, 0x3B, 0xB5, 0xC9, 0xB8, 0x89, 0x9C, 0x47, 0xAE, 0xBB, 0x6F, + 0xB7, 0x1E, 0x91, 0x38, 0x64, 0x09 +}; + +static unsigned char g_ecc521CorrectBigSk[] = { + 0x00, 0x89, 0xCE, 0xDE, 0x8D, 0xB8, 0x59, 0x2C, 0x29, 0xD2, 0x0F, 0x8A, + 0x2F, 0x4C, 0xF6, 0x1D, 0x84, 0xC9, 0x46, 0x3B, 0x13, 0xF1, 0x75, 0x41, + 0x83, 0x39, 0x16, 0x5D, 0xA4, 0xD1, 0x66, 0x70, 0xCA, 0x78, 0x18, 0x9D, + 0x52, 0xF5, 0x11, 0x60, 0x12, 0xB1, 0xE1, 0x9E, 0x77, 0x5B, 0xD2, 0x45, + 0x19, 0x53, 0x75, 0x31, 0x40, 0x82, 0x90, 0x8C, 0x71, 0x60, 0xBC, 0x92, + 0x68, 0x98, 0xBD, 0x70, 0xC2, 0x5B +}; + +static unsigned char g_ecc521CorrectBigPkX[] = { + 0x00, 0x8A, 0x43, 0xDD, 0x43, 0x18, 0xE0, 0x03, 0x86, 0x2C, 0xF8, 0x9E, + 0x88, 0xB0, 0x46, 0x44, 0x9E, 0x89, 0x10, 0x61, 0x1F, 0xE8, 0x3C, 0x0A, + 0xBF, 0xB2, 0x80, 0xB5, 0x3F, 0xDC, 0xD1, 0x1A, 0x12, 0xB2, 0x31, 0x2A, + 0xB0, 0x4B, 0xF1, 0x60, 0x98, 0x94, 0x2E, 0xB0, 0xF3, 0x46, 0x5E, 0xB3, + 0x55, 0x10, 0xC4, 0xEC, 0x74, 0x8A, 0xC3, 0xF0, 0x53, 0x25, 0x37, 0x8C, + 0xB2, 0x11, 0x08, 0x66, 0xE3, 0x14 +}; + +static unsigned char g_ecc521CorrectBigPkY[] = { + 0x00, 0x64, 0x25, 0xD3, 0x03, 0x97, 0xF5, 0xC1, 0x59, 0xFE, 0xEC, 0xDF, + 0x24, 0x92, 0x68, 0x2A, 0xBA, 0xE8, 0x8B, 0x8F, 0xD6, 0x28, 0xA8, 0x93, + 0x22, 0x5C, 0x46, 0xF4, 0xE4, 0xA0, 0x48, 0xBD, 0x0D, 0x3F, 0xB2, 0xEA, + 0xAD, 0xB1, 0xD7, 0x08, 0xC7, 0xE2, 0xF3, 0x78, 0x96, 0x33, 0x1D, 0x9F, + 0x84, 0xC8, 0xCE, 0xFB, 0x67, 0xF0, 0x58, 0x2A, 0x1F, 0x7F, 0xBD, 0x82, + 0xA2, 0x59, 0x8F, 0xDC, 0x3E, 0xD5 +}; + +static unsigned char g_ecc521CorrectLittleP[] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x01 +}; + +static unsigned char g_ecc521CorrectLittleA[] = { + 0xFC, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x01 +}; + +static unsigned char g_ecc521CorrectLittleB[] = { + 0x00, 0x3F, 0x50, 0x6B, 0xD4, 0x1F, 0x45, 0xEF, 0xF1, 0x34, 0x2C, 0x3D, + 0x88, 0xDF, 0x73, 0x35, 0x07, 0xBF, 0xB1, 0x3B, 0xBD, 0xC0, 0x52, 0x16, + 0x7B, 0x93, 0x7E, 0xEC, 0x51, 0x39, 0x19, 0x56, 0xE1, 0x09, 0xF1, 0x8E, + 0x91, 0x89, 0xB4, 0xB8, 0xF3, 0x15, 0xB3, 0x99, 0x5B, 0x72, 0xDA, 0xA2, + 0xEE, 0x40, 0x85, 0xB6, 0xA0, 0x21, 0x9A, 0x92, 0x1F, 0x9A, 0x1C, 0x8E, + 0x61, 0xB9, 0x3E, 0x95, 0x51, 0x00 +}; + +static unsigned char g_ecc521CorrectLittleGX[] = { + 0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9, 0x9B, 0x42, 0x6A, 0x85, + 0xC1, 0xB3, 0x48, 0x33, 0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE, + 0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1, 0xBA, 0x3D, 0x4D, 0x6B, + 0x60, 0xAF, 0x28, 0xF8, 0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C, + 0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E, 0xCD, 0xE9, 0x04, 0x04, + 0xB7, 0x06, 0x8E, 0x85, 0xC6, 0x00 +}; + +static unsigned char g_ecc521CorrectLittleGY[] = { + 0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88, 0x40, 0xC2, 0x72, 0xA2, + 0x86, 0x70, 0x3C, 0x35, 0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5, + 0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97, 0x2C, 0x66, 0x3E, 0x27, + 0x17, 0xBD, 0xAF, 0x17, 0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98, + 0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C, 0x04, 0xC0, 0x3B, 0x9A, + 0x78, 0x6A, 0x29, 0x39, 0x18, 0x01 +}; + +static unsigned char g_ecc521CorrectLittleN[] = { + 0x09, 0x64, 0x38, 0x91, 0x1E, 0xB7, 0x6F, 0xBB, 0xAE, 0x47, 0x9C, 0x89, + 0xB8, 0xC9, 0xB5, 0x3B, 0xD0, 0xA5, 0x09, 0xF7, 0x48, 0x01, 0xCC, 0x7F, + 0x6B, 0x96, 0x2F, 0xBF, 0x83, 0x87, 0x86, 0x51, 0xFA, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x01 +}; + +static unsigned char g_ecc521CorrectLittleSk[] = { + 0x5B, 0xC2, 0x70, 0xBD, 0x98, 0x68, 0x92, 0xBC, 0x60, 0x71, 0x8C, 0x90, + 0x82, 0x40, 0x31, 0x75, 0x53, 0x19, 0x45, 0xD2, 0x5B, 0x77, 0x9E, 0xE1, + 0xB1, 0x12, 0x60, 0x11, 0xF5, 0x52, 0x9D, 0x18, 0x78, 0xCA, 0x70, 0x66, + 0xD1, 0xA4, 0x5D, 0x16, 0x39, 0x83, 0x41, 0x75, 0xF1, 0x13, 0x3B, 0x46, + 0xC9, 0x84, 0x1D, 0xF6, 0x4C, 0x2F, 0x8A, 0x0F, 0xD2, 0x29, 0x2C, 0x59, + 0xB8, 0x8D, 0xDE, 0xCE, 0x89, 0x00 +}; + +static unsigned char g_ecc521CorrectLittlePkX[] = { + 0x14, 0xE3, 0x66, 0x08, 0x11, 0xB2, 0x8C, 0x37, 0x25, 0x53, 0xF0, 0xC3, + 0x8A, 0x74, 0xEC, 0xC4, 0x10, 0x55, 0xB3, 0x5E, 0x46, 0xF3, 0xB0, 0x2E, + 0x94, 0x98, 0x60, 0xF1, 0x4B, 0xB0, 0x2A, 0x31, 0xB2, 0x12, 0x1A, 0xD1, + 0xDC, 0x3F, 0xB5, 0x80, 0xB2, 0xBF, 0x0A, 0x3C, 0xE8, 0x1F, 0x61, 0x10, + 0x89, 0x9E, 0x44, 0x46, 0xB0, 0x88, 0x9E, 0xF8, 0x2C, 0x86, 0x03, 0xE0, + 0x18, 0x43, 0xDD, 0x43, 0x8A, 0x00 +}; + +static unsigned char g_ecc521CorrectLittlePkY[] = { + 0xD5, 0x3E, 0xDC, 0x8F, 0x59, 0xA2, 0x82, 0xBD, 0x7F, 0x1F, 0x2A, 0x58, + 0xF0, 0x67, 0xFB, 0xCE, 0xC8, 0x84, 0x9F, 0x1D, 0x33, 0x96, 0x78, 0xF3, + 0xE2, 0xC7, 0x08, 0xD7, 0xB1, 0xAD, 0xEA, 0xB2, 0x3F, 0x0D, 0xBD, 0x48, + 0xA0, 0xE4, 0xF4, 0x46, 0x5C, 0x22, 0x93, 0xA8, 0x28, 0xD6, 0x8F, 0x8B, + 0xE8, 0xBA, 0x2A, 0x68, 0x92, 0x24, 0xDF, 0xEC, 0xFE, 0x59, 0xC1, 0xF5, + 0x97, 0x03, 0xD3, 0x25, 0x64, 0x00 +}; + +#endif diff --git a/plugin/openssl_plugin/common/src/openssl_adapter.c b/plugin/openssl_plugin/common/src/openssl_adapter.c index 4d0b40c..97794ba 100644 --- a/plugin/openssl_plugin/common/src/openssl_adapter.c +++ b/plugin/openssl_plugin/common/src/openssl_adapter.c @@ -33,6 +33,76 @@ void Openssl_BN_clear_free(BIGNUM *a) BN_clear_free(a); } +BIGNUM *Openssl_BN_new(void) +{ + return BN_new(); +} + +void Openssl_BN_free(BIGNUM *a) +{ + BN_free(a); +} + +BIGNUM *Openssl_BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret) +{ + return BN_bin2bn(s, len, ret); +} + +BIGNUM *Openssl_BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret) +{ + return BN_lebin2bn(s, len, ret); +} + +int Openssl_BN_bn2binpad(const BIGNUM *a, unsigned char *to, int toLen) +{ + return BN_bn2binpad(a, to, toLen); +} + +int Openssl_BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int toLen) +{ + return BN_bn2lebinpad(a, to, toLen); +} + +BN_CTX *Openssl_BN_CTX_new(void) +{ + return BN_CTX_new(); +} + +void Openssl_BN_CTX_free(BN_CTX *ctx) +{ + BN_CTX_free(ctx); +} + +int Openssl_BN_num_bytes(const BIGNUM *a) +{ + return BN_num_bytes(a); +} + +int Openssl_BN_set_word(BIGNUM *a, unsigned int w) +{ + return BN_set_word(a, w); +} + +unsigned int Openssl_BN_get_word(const BIGNUM *a) +{ + return BN_get_word(a); +} + +int Openssl_BN_num_bits(const BIGNUM *a) +{ + return BN_num_bits(a); +} + +int Openssl_BN_hex2bn(BIGNUM **a, const char *str) +{ + return BN_hex2bn(a, str); +} + +int Openssl_BN_cmp(const BIGNUM *a, const BIGNUM *b) +{ + return BN_cmp(a, b); +} + EC_KEY *Openssl_EC_KEY_new_by_curve_name(int nid) { return EC_KEY_new_by_curve_name(nid); @@ -43,9 +113,9 @@ EC_POINT *Openssl_EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group) return EC_POINT_dup(src, group); } -int Openssl_EC_KEY_generate_key(EC_KEY *eckey) +int Openssl_EC_KEY_generate_key(EC_KEY *ecKey) { - return EC_KEY_generate_key(eckey); + return EC_KEY_generate_key(ecKey); } int Openssl_EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub) @@ -103,9 +173,9 @@ void Openssl_EC_KEY_set_asn1_flag(EC_KEY *key, int flag) EC_KEY_set_asn1_flag(key, flag); } -void Openssl_EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags) +void Openssl_EC_KEY_set_enc_flags(EC_KEY *ecKey, unsigned int flags) { - EC_KEY_set_enc_flags(eckey, flags); + EC_KEY_set_enc_flags(ecKey, flags); } void Openssl_EC_KEY_free(EC_KEY *key) @@ -118,6 +188,100 @@ void Openssl_EC_POINT_free(EC_POINT *point) EC_POINT_free(point); } +EC_GROUP *Openssl_EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) +{ + return EC_GROUP_new_curve_GFp(p, a, b, ctx); +} + +void Openssl_EC_GROUP_free(EC_GROUP *group) +{ + EC_GROUP_free(group); +} + +EC_POINT *Openssl_EC_POINT_new(const EC_GROUP *group) +{ + return EC_POINT_new(group); +} + +int Openssl_EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, const BIGNUM *x, + const BIGNUM *y, BN_CTX *ctx) +{ + return EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx); +} + +int Openssl_EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, + const BIGNUM *cofactor) +{ + return EC_GROUP_set_generator(group, generator, order, cofactor); +} + +EC_KEY *Openssl_EC_KEY_new(void) +{ + return EC_KEY_new(); +} + +EC_KEY *Openssl_EC_KEY_dup(const EC_KEY *ecKey) +{ + return EC_KEY_dup(ecKey); +} + +int Openssl_EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group) +{ + return EC_KEY_set_group(key, group); +} + +int Openssl_EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) +{ + return EC_GROUP_get_curve_GFp(group, p, a, b, ctx); +} + +const EC_POINT *Openssl_EC_GROUP_get0_generator(const EC_GROUP *group) +{ + return EC_GROUP_get0_generator(group); +} + +int Openssl_EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, + BIGNUM *y, BN_CTX *ctx) +{ + return EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx); +} + +int Openssl_EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx) +{ + return EC_GROUP_get_order(group, order, ctx); +} + +int Openssl_EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx) +{ + return EC_GROUP_get_cofactor(group, cofactor, ctx); +} + +int Openssl_EC_GROUP_get_degree(const EC_GROUP *group) +{ + return EC_GROUP_get_degree(group); +} + +EC_GROUP *Openssl_EC_GROUP_dup(const EC_GROUP *a) +{ + return EC_GROUP_dup(a); +} + +void Openssl_EC_GROUP_set_curve_name(EC_GROUP *group, int nid) +{ + EC_GROUP_set_curve_name(group, nid); +} + +int Openssl_EC_GROUP_get_curve_name(const EC_GROUP *group) +{ + return EC_GROUP_get_curve_name(group); +} + +int Openssl_EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar, const EC_POINT *point, + const BIGNUM *p_scalar, BN_CTX *ctx) +{ + return EC_POINT_mul(group, r, g_scalar, point, p_scalar, ctx); +} + EVP_MD_CTX *Openssl_EVP_MD_CTX_new(void) { return EVP_MD_CTX_new(); @@ -158,6 +322,28 @@ int Openssl_EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, siz return EVP_DigestVerifyFinal(ctx, sig, siglen); } +int Openssl_EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) +{ + return EVP_PKEY_sign_init(ctx); +} + +int Openssl_EVP_PKEY_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, + size_t tbslen) +{ + return EVP_PKEY_sign(ctx, sig, siglen, tbs, tbslen); +} + +int Openssl_EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) +{ + return EVP_PKEY_verify_init(ctx); +} + +int Openssl_EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, + size_t tbslen) +{ + return EVP_PKEY_verify(ctx, sig, siglen, tbs, tbslen); +} + EVP_PKEY *Openssl_EVP_PKEY_new(void) { return EVP_PKEY_new(); @@ -196,4 +382,594 @@ int Openssl_EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keyle void Openssl_EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx) { EVP_PKEY_CTX_free(ctx); +} + +int Openssl_EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, + const unsigned char *in, size_t inlen) +{ + return EVP_PKEY_encrypt(ctx, out, outlen, in, inlen); +} + +int Openssl_EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, + const unsigned char *in, size_t inlen) +{ + return EVP_PKEY_decrypt(ctx, out, outlen, in, inlen); +} + +int Openssl_EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) +{ + return EVP_PKEY_encrypt_init(ctx); +} + +int Openssl_EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) +{ + return EVP_PKEY_decrypt_init(ctx); +} + +EVP_PKEY_CTX *Openssl_EVP_PKEY_CTX_new_id(int id, ENGINE *e) +{ + return EVP_PKEY_CTX_new_id(id, e); +} + +int Openssl_EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx) +{ + return EVP_PKEY_paramgen_init(ctx); +} + +int Openssl_EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits) +{ + return EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits); +} + +int Openssl_EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) +{ + return EVP_PKEY_paramgen(ctx, ppkey); +} + +int Openssl_EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx) +{ + return EVP_PKEY_keygen_init(ctx); +} + +int Openssl_EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) +{ + return EVP_PKEY_keygen(ctx, ppkey); +} + +int Openssl_EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) +{ + return EVP_PKEY_set1_DSA(pkey, key); +} + +DSA *Openssl_EVP_PKEY_get1_DSA(EVP_PKEY *pkey) +{ + return EVP_PKEY_get1_DSA(pkey); +} + +DSA *Openssl_DSA_new(void) +{ + return DSA_new(); +} + +void Openssl_DSA_free(DSA *dsa) +{ + DSA_free(dsa); +} + +int Openssl_DSA_up_ref(DSA *dsa) +{ + return DSA_up_ref(dsa); +} + +int Openssl_DSA_set0_pqg(DSA *dsa, BIGNUM *p, BIGNUM *q, BIGNUM *g) +{ + return DSA_set0_pqg(dsa, p, q, g); +} + +int Openssl_DSA_set0_key(DSA *dsa, BIGNUM *pub_key, BIGNUM *pri_key) +{ + return DSA_set0_key(dsa, pub_key, pri_key); +} + +const BIGNUM *Openssl_DSA_get0_p(const DSA *dsa) +{ + return DSA_get0_p(dsa); +} + +const BIGNUM *Openssl_DSA_get0_q(const DSA *dsa) +{ + return DSA_get0_q(dsa); +} + +const BIGNUM *Openssl_DSA_get0_g(const DSA *dsa) +{ + return DSA_get0_g(dsa); +} + +const BIGNUM *Openssl_DSA_get0_pub_key(const DSA *dsa) +{ + return DSA_get0_pub_key(dsa); +} + +const BIGNUM *Openssl_DSA_get0_priv_key(const DSA *dsa) +{ + return DSA_get0_priv_key(dsa); +} + +int Openssl_DSA_generate_key(DSA *a) +{ + return DSA_generate_key(a); +} + +DSA *Openssl_d2i_DSA_PUBKEY(DSA **dsa, const unsigned char **ppin, long length) +{ + return d2i_DSA_PUBKEY(dsa, ppin, length); +} + +DSA *Openssl_d2i_DSAPrivateKey(DSA **dsa, const unsigned char **ppin, long length) +{ + return d2i_DSAPrivateKey(dsa, ppin, length); +} + +int Openssl_i2d_DSA_PUBKEY(DSA *dsa, unsigned char **ppout) +{ + return i2d_DSA_PUBKEY(dsa, ppout); +} + +int Openssl_i2d_DSAPrivateKey(DSA *dsa, unsigned char **ppout) +{ + return i2d_DSAPrivateKey(dsa, ppout); +} + +RSA *Openssl_RSA_new(void) +{ + return RSA_new(); +} + +void Openssl_RSA_free(RSA *rsa) +{ + RSA_free(rsa); +} + +int Openssl_RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes, + BIGNUM *e, BN_GENCB *cb) +{ + return RSA_generate_multi_prime_key(rsa, bits, primes, e, cb); +} + +int Openssl_RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) +{ + return RSA_generate_key_ex(rsa, bits, e, cb); +} + +int Openssl_RSA_bits(const RSA *rsa) +{ + return RSA_bits(rsa); +} + +int Openssl_RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) +{ + return RSA_set0_key(r, n, e, d); +} + +void Openssl_RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) +{ + RSA_get0_key(r, n, e, d); +} + +const BIGNUM *Openssl_RSA_get0_n(const RSA *d) +{ + return RSA_get0_n(d); +} + +const BIGNUM *Openssl_RSA_get0_e(const RSA *d) +{ + return RSA_get0_e(d); +} + +const BIGNUM *Openssl_RSA_get0_d(const RSA *d) +{ + return RSA_get0_d(d); +} + +void Openssl_RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) +{ + RSA_get0_factors(r, p, q); +} + +RSA *Openssl_RSAPublicKey_dup(RSA *rsa) +{ + return RSAPublicKey_dup(rsa); +} + +RSA *Openssl_RSAPrivateKey_dup(RSA *rsa) +{ + return RSAPrivateKey_dup(rsa); +} + +RSA *Openssl_d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length) +{ + return d2i_RSA_PUBKEY(a, pp, length); +} + +int Openssl_i2d_RSA_PUBKEY(RSA *a, unsigned char **pp) +{ + return i2d_RSA_PUBKEY(a, pp); +} + +int Openssl_EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int saltlen) +{ + return EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, saltlen); +} + +int Openssl_EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *saltlen) +{ + return EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, saltlen); +} + +int Openssl_EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad) +{ + return EVP_PKEY_CTX_set_rsa_padding(ctx, pad); +} + +int Openssl_EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md) +{ + return EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md); +} + +int Openssl_EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md) +{ + return EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md); +} + +int Openssl_EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, void *label, int len) +{ + return EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, label, len); +} + +int Openssl_EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label) +{ + return EVP_PKEY_CTX_get0_rsa_oaep_label(ctx, label); +} + +EVP_PKEY *Openssl_d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, long length) +{ + return d2i_AutoPrivateKey(a, pp, length); +} + +struct rsa_st *Openssl_EVP_PKEY_get1_RSA(EVP_PKEY *pkey) +{ + return EVP_PKEY_get1_RSA(pkey); +} + +int Openssl_EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key) +{ + return EVP_PKEY_set1_RSA(pkey, key); +} + +int Openssl_EVP_PKEY_assign_RSA(EVP_PKEY *pkey, struct rsa_st *key) +{ + return EVP_PKEY_assign_RSA(pkey, key); +} + +int Openssl_i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, + char *kstr, int klen, pem_password_cb *cb, void *u) +{ + return i2d_PKCS8PrivateKey_bio(bp, x, enc, kstr, klen, cb, u); +} + +BIO *Openssl_BIO_new(const BIO_METHOD *type) +{ + return BIO_new(type); +} + +const BIO_METHOD *Openssl_BIO_s_mem(void) +{ + return BIO_s_mem(); +} + +int Openssl_BIO_read(BIO *b, void *data, int dlen) +{ + return BIO_read(b, data, dlen); +} + +void Openssl_BIO_free_all(BIO *a) +{ + return BIO_free_all(a); +} + +int Openssl_RAND_priv_bytes(unsigned char *buf, int num) +{ + return RAND_priv_bytes(buf, num); +} + +void Openssl_RAND_seed(const void *buf, int num) +{ + RAND_seed(buf, num); +} + +const EVP_MD *Openssl_EVP_sha1(void) +{ + return EVP_sha1(); +} + +const EVP_MD *Openssl_EVP_sha224(void) +{ + return EVP_sha224(); +} + +const EVP_MD *Openssl_EVP_sha256(void) +{ + return EVP_sha256(); +} + +const EVP_MD *Openssl_EVP_sha384(void) +{ + return EVP_sha384(); +} + +const EVP_MD *Openssl_EVP_sha512(void) +{ + return EVP_sha512(); +} + +const EVP_MD *Openssl_EVP_md5(void) +{ + return EVP_md5(); +} + +int Openssl_EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) +{ + return EVP_DigestFinal_ex(ctx, md, size); +} + +int Openssl_EVP_MD_CTX_size(const EVP_MD_CTX *ctx) +{ + return EVP_MD_CTX_size(ctx); +} + +int Openssl_EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) +{ + return EVP_DigestInit_ex(ctx, type, impl); +} + +int Openssl_HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md, ENGINE *impl) +{ + return HMAC_Init_ex(ctx, key, len, md, impl); +} + +int Openssl_HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) +{ + return HMAC_Final(ctx, md, len); +} + +size_t Openssl_HMAC_size(const HMAC_CTX *ctx) +{ + return HMAC_size(ctx); +} + +void Openssl_HMAC_CTX_free(HMAC_CTX *ctx) +{ + HMAC_CTX_free(ctx); +} + +HMAC_CTX *Openssl_HMAC_CTX_new(void) +{ + return HMAC_CTX_new(); +} + +void Openssl_EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) +{ + EVP_CIPHER_CTX_free(ctx); +} + +const EVP_CIPHER *Openssl_EVP_aes_128_ecb(void) +{ + return EVP_aes_128_ecb(); +} + +const EVP_CIPHER *Openssl_EVP_aes_192_ecb(void) +{ + return EVP_aes_192_ecb(); +} + +const EVP_CIPHER *Openssl_EVP_aes_256_ecb(void) +{ + return EVP_aes_256_ecb(); +} + +const EVP_CIPHER *Openssl_EVP_aes_128_cbc(void) +{ + return EVP_aes_128_cbc(); +} + +const EVP_CIPHER *Openssl_EVP_aes_192_cbc(void) +{ + return EVP_aes_192_cbc(); +} + +const EVP_CIPHER *Openssl_EVP_aes_256_cbc(void) +{ + return EVP_aes_256_cbc(); +} + +const EVP_CIPHER *Openssl_EVP_aes_128_ctr(void) +{ + return EVP_aes_128_ctr(); +} + +const EVP_CIPHER *Openssl_EVP_aes_192_ctr(void) +{ + return EVP_aes_192_ctr(); +} + +const EVP_CIPHER *Openssl_EVP_aes_256_ctr(void) +{ + return EVP_aes_256_ctr(); +} + +const EVP_CIPHER *Openssl_EVP_aes_128_ofb(void) +{ + return EVP_aes_128_ofb(); +} + +const EVP_CIPHER *Openssl_EVP_aes_192_ofb(void) +{ + return EVP_aes_192_ofb(); +} + +const EVP_CIPHER *Openssl_EVP_aes_256_ofb(void) +{ + return EVP_aes_256_ofb(); +} + +const EVP_CIPHER *Openssl_EVP_aes_128_cfb(void) +{ + return EVP_aes_128_cfb(); +} + +const EVP_CIPHER *Openssl_EVP_aes_192_cfb(void) +{ + return EVP_aes_192_cfb(); +} + +const EVP_CIPHER *Openssl_EVP_aes_256_cfb(void) +{ + return EVP_aes_256_cfb(); +} + +const EVP_CIPHER *Openssl_EVP_aes_128_cfb1(void) +{ + return EVP_aes_128_cfb1(); +} + +const EVP_CIPHER *Openssl_EVP_aes_192_cfb1(void) +{ + return EVP_aes_192_cfb1(); +} + +const EVP_CIPHER *Openssl_EVP_aes_256_cfb1(void) +{ + return EVP_aes_256_cfb1(); +} + +const EVP_CIPHER *Openssl_EVP_aes_128_cfb128(void) +{ + return EVP_aes_128_cfb128(); +} + +const EVP_CIPHER *Openssl_EVP_aes_192_cfb128(void) +{ + return EVP_aes_192_cfb128(); +} + +const EVP_CIPHER *Openssl_EVP_aes_256_cfb128(void) +{ + return EVP_aes_256_cfb128(); +} + +const EVP_CIPHER *Openssl_EVP_aes_128_cfb8(void) +{ + return EVP_aes_128_cfb8(); +} + +const EVP_CIPHER *Openssl_EVP_aes_192_cfb8(void) +{ + return EVP_aes_192_cfb8(); +} + +const EVP_CIPHER *Openssl_EVP_aes_256_cfb8(void) +{ + return EVP_aes_256_cfb8(); +} + +const EVP_CIPHER *Openssl_EVP_aes_128_ccm(void) +{ + return EVP_aes_128_ccm(); +} + +const EVP_CIPHER *Openssl_EVP_aes_192_ccm(void) +{ + return EVP_aes_192_ccm(); +} + +const EVP_CIPHER *Openssl_EVP_aes_256_ccm(void) +{ + return EVP_aes_256_ccm(); +} + +const EVP_CIPHER *Openssl_EVP_aes_128_gcm(void) +{ + return EVP_aes_128_gcm(); +} + +const EVP_CIPHER *Openssl_EVP_aes_192_gcm(void) +{ + return EVP_aes_192_gcm(); +} + +const EVP_CIPHER *Openssl_EVP_aes_256_gcm(void) +{ + return EVP_aes_256_gcm(); +} + +EVP_CIPHER_CTX *Openssl_EVP_CIPHER_CTX_new(void) +{ + return EVP_CIPHER_CTX_new(); +} + +int Openssl_EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, + const unsigned char *key, const unsigned char *iv, int enc) +{ + return EVP_CipherInit(ctx, cipher, key, iv, enc); +} + +int Openssl_EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad) +{ + return EVP_CIPHER_CTX_set_padding(ctx, pad); +} + +int Openssl_EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) +{ + return EVP_CIPHER_CTX_ctrl(ctx, type, arg, ptr); +} + +int Openssl_EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) +{ + return EVP_CipherFinal_ex(ctx, out, outl); +} + +int Openssl_EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl) +{ + return EVP_CipherUpdate(ctx, out, outl, in, inl); +} + +const EVP_CIPHER *Openssl_EVP_des_ede3_ecb(void) +{ + return EVP_des_ede3_ecb(); +} + +const EVP_CIPHER *Openssl_EVP_des_ede3_cbc(void) +{ + return EVP_des_ede3_cbc(); +} + +const EVP_CIPHER *Openssl_EVP_des_ede3_ofb(void) +{ + return EVP_des_ede3_ofb(); +} + +const EVP_CIPHER *Openssl_EVP_des_ede3_cfb64(void) +{ + return EVP_des_ede3_cfb64(); +} + +const EVP_CIPHER *Openssl_EVP_des_ede3_cfb1(void) +{ + return EVP_des_ede3_cfb1(); +} + +const EVP_CIPHER *Openssl_EVP_des_ede3_cfb8(void) +{ + return EVP_des_ede3_cfb8(); } \ No newline at end of file diff --git a/plugin/openssl_plugin/crypto_operation/key_agreement/src/ecdh_openssl.c b/plugin/openssl_plugin/crypto_operation/key_agreement/src/ecdh_openssl.c index 2ab284a..a318ffa 100644 --- a/plugin/openssl_plugin/crypto_operation/key_agreement/src/ecdh_openssl.c +++ b/plugin/openssl_plugin/crypto_operation/key_agreement/src/ecdh_openssl.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022 Huawei Device Co., Ltd. + * Copyright (C) 2022-2023 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -28,22 +28,10 @@ typedef struct { HcfKeyAgreementSpi base; - - int32_t curveId; } HcfKeyAgreementSpiEcdhOpensslImpl; -static EVP_PKEY *NewPKeyByEccPubKey(int32_t curveId, HcfOpensslEccPubKey *publicKey) +static EVP_PKEY *AssignEcKeyToPkey(EC_KEY *ecKey) { - EC_KEY *ecKey = Openssl_EC_KEY_new_by_curve_name(curveId); - if (ecKey == NULL) { - HcfPrintOpensslError(); - return NULL; - } - if (Openssl_EC_KEY_set_public_key(ecKey, (publicKey->pk)) != HCF_OPENSSL_SUCCESS) { - HcfPrintOpensslError(); - Openssl_EC_KEY_free(ecKey); - return NULL; - } EVP_PKEY *pKey = Openssl_EVP_PKEY_new(); if (pKey == NULL) { HcfPrintOpensslError(); @@ -52,38 +40,25 @@ static EVP_PKEY *NewPKeyByEccPubKey(int32_t curveId, HcfOpensslEccPubKey *public } if (Openssl_EVP_PKEY_assign_EC_KEY(pKey, ecKey) != HCF_OPENSSL_SUCCESS) { HcfPrintOpensslError(); - Openssl_EVP_PKEY_free(pKey); Openssl_EC_KEY_free(ecKey); + Openssl_EVP_PKEY_free(pKey); return NULL; } return pKey; } -static EVP_PKEY *NewPKeyByEccPriKey(int32_t curveId, HcfOpensslEccPriKey *privateKey) +static EVP_PKEY *NewPKeyByEccPubKey(HcfOpensslEccPubKey *publicKey) { - EC_KEY *ecKey = Openssl_EC_KEY_new_by_curve_name(curveId); - if (ecKey == NULL) { - HcfPrintOpensslError(); - return NULL; - } - if (Openssl_EC_KEY_set_private_key(ecKey, (privateKey->sk)) != HCF_OPENSSL_SUCCESS) { - HcfPrintOpensslError(); - EC_KEY_free(ecKey); - return NULL; - } - EVP_PKEY *pKey = Openssl_EVP_PKEY_new(); - if (pKey == NULL) { - HcfPrintOpensslError(); - Openssl_EC_KEY_free(ecKey); - return NULL; - } - if (Openssl_EVP_PKEY_assign_EC_KEY(pKey, ecKey) != HCF_OPENSSL_SUCCESS) { - HcfPrintOpensslError(); - Openssl_EVP_PKEY_free(pKey); - Openssl_EC_KEY_free(ecKey); - return NULL; - } - return pKey; + EC_KEY *ecKey = NULL; + ecKey = Openssl_EC_KEY_dup(publicKey->ecKey); + return AssignEcKeyToPkey(ecKey); +} + +static EVP_PKEY *NewPKeyByEccPriKey(HcfOpensslEccPriKey *privateKey) +{ + EC_KEY *ecKey = NULL; + ecKey = Openssl_EC_KEY_dup(privateKey->ecKey); + return AssignEcKeyToPkey(ecKey); } static HcfResult EcdhDerive(EVP_PKEY *priPKey, EVP_PKEY *pubPKey, HcfBlob *returnSecret) @@ -130,11 +105,10 @@ static HcfResult EcdhDerive(EVP_PKEY *priPKey, EVP_PKEY *pubPKey, HcfBlob *retur } returnSecret->data = secretData; - returnSecret->len = (uint32_t)actualLen; + returnSecret->len = actualLen; return HCF_SUCCESS; } -// export interfaces static const char *GetEcdhClass(void) { return "HcfKeyAgreement.HcfKeyAgreementSpiEcdhOpensslImpl"; @@ -154,7 +128,6 @@ static void DestroyEcdh(HcfObjectBase *self) static HcfResult EngineGenerateSecret(HcfKeyAgreementSpi *self, HcfPriKey *priKey, HcfPubKey *pubKey, HcfBlob *returnSecret) { - LOGI("start ..."); if ((self == NULL) || (priKey == NULL) || (pubKey == NULL) || (returnSecret == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; @@ -165,21 +138,19 @@ static HcfResult EngineGenerateSecret(HcfKeyAgreementSpi *self, HcfPriKey *priKe return HCF_INVALID_PARAMS; } - HcfKeyAgreementSpiEcdhOpensslImpl *impl = (HcfKeyAgreementSpiEcdhOpensslImpl *)self; - EVP_PKEY *priPKey = NewPKeyByEccPriKey(impl->curveId, (HcfOpensslEccPriKey *)priKey); + EVP_PKEY *priPKey = NewPKeyByEccPriKey((HcfOpensslEccPriKey *)priKey); if (priPKey == NULL) { return HCF_ERR_CRYPTO_OPERATION; } - EVP_PKEY *pubPKey = NewPKeyByEccPubKey(impl->curveId, (HcfOpensslEccPubKey *)pubKey); + EVP_PKEY *pubPKey = NewPKeyByEccPubKey((HcfOpensslEccPubKey *)pubKey); if (pubPKey == NULL) { EVP_PKEY_free(priPKey); return HCF_ERR_CRYPTO_OPERATION; } - int32_t res = EcdhDerive(priPKey, pubPKey, returnSecret); + HcfResult res = EcdhDerive(priPKey, pubPKey, returnSecret); Openssl_EVP_PKEY_free(priPKey); Openssl_EVP_PKEY_free(pubPKey); - LOGI("end ..."); return res; } @@ -189,10 +160,6 @@ HcfResult HcfKeyAgreementSpiEcdhCreate(HcfKeyAgreementParams *params, HcfKeyAgre LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } - int32_t curveId; - if (GetOpensslCurveId(params->keyLen, &curveId) != HCF_SUCCESS) { - return HCF_INVALID_PARAMS; - } HcfKeyAgreementSpiEcdhOpensslImpl *returnImpl = (HcfKeyAgreementSpiEcdhOpensslImpl *)HcfMalloc( sizeof(HcfKeyAgreementSpiEcdhOpensslImpl), 0); @@ -203,7 +170,6 @@ HcfResult HcfKeyAgreementSpiEcdhCreate(HcfKeyAgreementParams *params, HcfKeyAgre returnImpl->base.base.getClass = GetEcdhClass; returnImpl->base.base.destroy = DestroyEcdh; returnImpl->base.engineGenerateSecret = EngineGenerateSecret; - returnImpl->curveId = curveId; *returnObj = (HcfKeyAgreementSpi *)returnImpl; return HCF_SUCCESS; diff --git a/plugin/openssl_plugin/crypto_operation/signature/src/ecdsa_openssl.c b/plugin/openssl_plugin/crypto_operation/signature/src/ecdsa_openssl.c index 8701015..521bedf 100644 --- a/plugin/openssl_plugin/crypto_operation/signature/src/ecdsa_openssl.c +++ b/plugin/openssl_plugin/crypto_operation/signature/src/ecdsa_openssl.c @@ -29,12 +29,6 @@ #define OPENSSL_ECC_SIGN_CLASS "OPENSSL.ECC.SIGN" #define OPENSSL_ECC_VERIFY_CLASS "OPENSSL.ECC.VERIFY" -typedef enum { - UNINITIALIZED = 0, - INITIALIZED = 1, - READY = 2, -} EcdsaStatus; - typedef struct { HcfSignSpi base; @@ -42,9 +36,7 @@ typedef struct { EVP_MD_CTX *ctx; - int32_t curveId; - - EcdsaStatus status; + CryptoStatus status; } HcfSignSpiEcdsaOpensslImpl; typedef struct { @@ -54,15 +46,14 @@ typedef struct { EVP_MD_CTX *ctx; - int32_t curveId; - - EcdsaStatus status; + CryptoStatus status; } HcfVerifySpiEcdsaOpensslImpl; static bool IsDigestAlgValid(uint32_t alg) { - if ((alg == HCF_OPENSSL_DIGEST_SHA1) || (alg == HCF_OPENSSL_DIGEST_SHA224) || (alg == HCF_OPENSSL_DIGEST_SHA256) || - (alg == HCF_OPENSSL_DIGEST_SHA384) || (alg == HCF_OPENSSL_DIGEST_SHA512)) { + if ((alg == HCF_OPENSSL_DIGEST_SHA1) || (alg == HCF_OPENSSL_DIGEST_SHA224) || + (alg == HCF_OPENSSL_DIGEST_SHA256) ||(alg == HCF_OPENSSL_DIGEST_SHA384) || + (alg == HCF_OPENSSL_DIGEST_SHA512)) { return true; } else { LOGE("Invalid digest num is %u.", alg); @@ -111,7 +102,6 @@ static void DestroyEcdsaVerify(HcfObjectBase *self) static HcfResult EngineSignInit(HcfSignSpi *self, HcfParamsSpec *params, HcfPriKey *privateKey) { - LOGI("start ..."); (void)params; if ((self == NULL) || (privateKey == NULL)) { LOGE("Invalid input parameter."); @@ -127,16 +117,12 @@ static HcfResult EngineSignInit(HcfSignSpi *self, HcfParamsSpec *params, HcfPriK LOGE("Repeated initialization is not allowed."); return HCF_INVALID_PARAMS; } - EC_KEY *ecKey = Openssl_EC_KEY_new_by_curve_name(impl->curveId); + EC_KEY *ecKey = NULL; + ecKey = Openssl_EC_KEY_dup(((HcfOpensslEccPriKey *)privateKey)->ecKey); if (ecKey == NULL) { HcfPrintOpensslError(); return HCF_ERR_CRYPTO_OPERATION; } - if (Openssl_EC_KEY_set_private_key(ecKey, ((HcfOpensslEccPriKey *)privateKey)->sk) != HCF_OPENSSL_SUCCESS) { - HcfPrintOpensslError(); - Openssl_EC_KEY_free(ecKey); - return HCF_ERR_CRYPTO_OPERATION; - } EVP_PKEY *pKey = Openssl_EVP_PKEY_new(); if (pKey == NULL) { HcfPrintOpensslError(); @@ -145,8 +131,8 @@ static HcfResult EngineSignInit(HcfSignSpi *self, HcfParamsSpec *params, HcfPriK } if (Openssl_EVP_PKEY_assign_EC_KEY(pKey, ecKey) != HCF_OPENSSL_SUCCESS) { HcfPrintOpensslError(); - Openssl_EVP_PKEY_free(pKey); Openssl_EC_KEY_free(ecKey); + Openssl_EVP_PKEY_free(pKey); return HCF_ERR_CRYPTO_OPERATION; } if (Openssl_EVP_DigestSignInit(impl->ctx, NULL, impl->digestAlg, NULL, pKey) != HCF_OPENSSL_SUCCESS) { @@ -156,13 +142,11 @@ static HcfResult EngineSignInit(HcfSignSpi *self, HcfParamsSpec *params, HcfPriK } Openssl_EVP_PKEY_free(pKey); impl->status = INITIALIZED; - LOGI("end ..."); return HCF_SUCCESS; } static HcfResult EngineSignUpdate(HcfSignSpi *self, HcfBlob *data) { - LOGI("start ..."); if ((self == NULL) || (!IsBlobValid(data))) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; @@ -180,13 +164,11 @@ static HcfResult EngineSignUpdate(HcfSignSpi *self, HcfBlob *data) return HCF_ERR_CRYPTO_OPERATION; } impl->status = READY; - LOGI("end ..."); return HCF_SUCCESS; } static HcfResult EngineSignDoFinal(HcfSignSpi *self, HcfBlob *data, HcfBlob *returnSignatureData) { - LOGI("start ..."); if ((self == NULL) || (returnSignatureData == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; @@ -231,13 +213,11 @@ static HcfResult EngineSignDoFinal(HcfSignSpi *self, HcfBlob *data, HcfBlob *ret returnSignatureData->data = outData; returnSignatureData->len = (uint32_t)actualLen; - LOGI("end ..."); return HCF_SUCCESS; } static HcfResult EngineVerifyInit(HcfVerifySpi *self, HcfParamsSpec *params, HcfPubKey *publicKey) { - LOGI("start ..."); (void)params; if ((self == NULL) || (publicKey == NULL)) { LOGE("Invalid input parameter."); @@ -253,16 +233,12 @@ static HcfResult EngineVerifyInit(HcfVerifySpi *self, HcfParamsSpec *params, Hcf LOGE("Repeated initialization is not allowed."); return HCF_INVALID_PARAMS; } - EC_KEY *ecKey = Openssl_EC_KEY_new_by_curve_name(impl->curveId); + EC_KEY *ecKey = NULL; + ecKey = Openssl_EC_KEY_dup(((HcfOpensslEccPubKey *)publicKey)->ecKey); if (ecKey == NULL) { HcfPrintOpensslError(); return HCF_ERR_CRYPTO_OPERATION; } - if (Openssl_EC_KEY_set_public_key(ecKey, ((HcfOpensslEccPubKey *)publicKey)->pk) != HCF_OPENSSL_SUCCESS) { - HcfPrintOpensslError(); - Openssl_EC_KEY_free(ecKey); - return HCF_ERR_CRYPTO_OPERATION; - } EVP_PKEY *pKey = Openssl_EVP_PKEY_new(); if (pKey == NULL) { HcfPrintOpensslError(); @@ -271,8 +247,8 @@ static HcfResult EngineVerifyInit(HcfVerifySpi *self, HcfParamsSpec *params, Hcf } if (Openssl_EVP_PKEY_assign_EC_KEY(pKey, ecKey) != HCF_OPENSSL_SUCCESS) { HcfPrintOpensslError(); - Openssl_EVP_PKEY_free(pKey); Openssl_EC_KEY_free(ecKey); + Openssl_EVP_PKEY_free(pKey); return HCF_ERR_CRYPTO_OPERATION; } if (Openssl_EVP_DigestVerifyInit(impl->ctx, NULL, impl->digestAlg, NULL, pKey) != HCF_OPENSSL_SUCCESS) { @@ -282,13 +258,11 @@ static HcfResult EngineVerifyInit(HcfVerifySpi *self, HcfParamsSpec *params, Hcf } Openssl_EVP_PKEY_free(pKey); impl->status = INITIALIZED; - LOGI("end ..."); return HCF_SUCCESS; } static HcfResult EngineVerifyUpdate(HcfVerifySpi *self, HcfBlob *data) { - LOGI("start ..."); if ((self == NULL) || (!IsBlobValid(data))) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; @@ -307,13 +281,11 @@ static HcfResult EngineVerifyUpdate(HcfVerifySpi *self, HcfBlob *data) return HCF_ERR_CRYPTO_OPERATION; } impl->status = READY; - LOGI("end ..."); return HCF_SUCCESS; } static bool EngineVerifyDoFinal(HcfVerifySpi *self, HcfBlob *data, HcfBlob *signatureData) { - LOGI("start ..."); if ((self == NULL) || (!IsBlobValid(signatureData))) { LOGE("Invalid input parameter."); return false; @@ -338,7 +310,6 @@ static bool EngineVerifyDoFinal(HcfVerifySpi *self, HcfBlob *data, HcfBlob *sign HcfPrintOpensslError(); return false; } - LOGI("end ..."); return true; } @@ -348,14 +319,15 @@ HcfResult HcfSignSpiEcdsaCreate(HcfSignatureParams *params, HcfSignSpi **returnO LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } - int32_t curveId; - if (GetOpensslCurveId(params->keyLen, &curveId) != HCF_SUCCESS) { + if (!IsDigestAlgValid(params->md)) { return HCF_INVALID_PARAMS; } - if (!IsDigestAlgValid(params->md)) { + EVP_MD *opensslAlg = NULL; + int32_t ret = GetOpensslDigestAlg(params->md, &opensslAlg); + if (ret != HCF_SUCCESS || opensslAlg == NULL) { + LOGE("Failed to Invalid digest!"); return HCF_INVALID_PARAMS; } - const EVP_MD *opensslAlg = GetOpensslDigestAlg(params->md); HcfSignSpiEcdsaOpensslImpl *returnImpl = (HcfSignSpiEcdsaOpensslImpl *)HcfMalloc( sizeof(HcfSignSpiEcdsaOpensslImpl), 0); @@ -368,7 +340,6 @@ HcfResult HcfSignSpiEcdsaCreate(HcfSignatureParams *params, HcfSignSpi **returnO returnImpl->base.engineInit = EngineSignInit; returnImpl->base.engineUpdate = EngineSignUpdate; returnImpl->base.engineSign = EngineSignDoFinal; - returnImpl->curveId = curveId; returnImpl->digestAlg = opensslAlg; returnImpl->status = UNINITIALIZED; returnImpl->ctx = Openssl_EVP_MD_CTX_new(); @@ -388,14 +359,15 @@ HcfResult HcfVerifySpiEcdsaCreate(HcfSignatureParams *params, HcfVerifySpi **ret LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } - int32_t curveId; - if (GetOpensslCurveId(params->keyLen, &curveId) != HCF_SUCCESS) { + if (!IsDigestAlgValid(params->md)) { return HCF_INVALID_PARAMS; } - if (!IsDigestAlgValid(params->md)) { + EVP_MD *opensslAlg = NULL; + int32_t ret = GetOpensslDigestAlg(params->md, &opensslAlg); + if (ret != HCF_SUCCESS || opensslAlg == NULL) { + LOGE("Failed to Invalid digest!"); return HCF_INVALID_PARAMS; } - const EVP_MD *opensslAlg = GetOpensslDigestAlg(params->md); HcfVerifySpiEcdsaOpensslImpl *returnImpl = (HcfVerifySpiEcdsaOpensslImpl *)HcfMalloc( sizeof(HcfVerifySpiEcdsaOpensslImpl), 0); @@ -408,7 +380,6 @@ HcfResult HcfVerifySpiEcdsaCreate(HcfSignatureParams *params, HcfVerifySpi **ret returnImpl->base.engineInit = EngineVerifyInit; returnImpl->base.engineUpdate = EngineVerifyUpdate; returnImpl->base.engineVerify = EngineVerifyDoFinal; - returnImpl->curveId = curveId; returnImpl->digestAlg = opensslAlg; returnImpl->status = UNINITIALIZED; returnImpl->ctx = Openssl_EVP_MD_CTX_new(); diff --git a/plugin/openssl_plugin/key/asy_key_generator/src/ecc_asy_key_generator_openssl.c b/plugin/openssl_plugin/key/asy_key_generator/src/ecc_asy_key_generator_openssl.c index 981d7e1..8a19e80 100644 --- a/plugin/openssl_plugin/key/asy_key_generator/src/ecc_asy_key_generator_openssl.c +++ b/plugin/openssl_plugin/key/asy_key_generator/src/ecc_asy_key_generator_openssl.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2022 Huawei Device Co., Ltd. + * Copyright (C) 2022-2023 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -17,7 +17,8 @@ #include "securec.h" -#include "algorithm_parameter.h" +#include "detailed_ecc_key_params.h" +#include "ecc_openssl_common.h" #include "log.h" #include "memory.h" #include "openssl_adapter.h" @@ -29,14 +30,19 @@ #define OPENSSL_ECC_ALGORITHM "EC" #define OPENSSL_ECC_PUB_KEY_FORMAT "X.509" #define OPENSSL_ECC_PRI_KEY_FORMAT "PKCS#8" +#define OPENSSL_ECC224_BITS 224 +#define OPENSSL_ECC256_BITS 256 +#define OPENSSL_ECC384_BITS 384 +#define OPENSSL_ECC521_BITS 521 +static const char *g_eccGenerateFieldType = "Fp"; typedef struct { HcfAsyKeyGeneratorSpi base; int32_t curveId; } HcfAsyKeyGeneratorSpiOpensslEccImpl; -static HcfResult NewEcKeyPairByOpenssl(int32_t curveId, EC_POINT **returnPubKey, BIGNUM **returnPriKey) +static HcfResult NewEcKeyPair(int32_t curveId, EC_KEY **returnEcKey) { EC_KEY *ecKey = Openssl_EC_KEY_new_by_curve_name(curveId); if (ecKey == NULL) { @@ -53,35 +59,531 @@ static HcfResult NewEcKeyPairByOpenssl(int32_t curveId, EC_POINT **returnPubKey, Openssl_EC_KEY_free(ecKey); return HCF_ERR_CRYPTO_OPERATION; } - const EC_POINT *pubKey = Openssl_EC_KEY_get0_public_key(ecKey); - const BIGNUM *priKey = Openssl_EC_KEY_get0_private_key(ecKey); + *returnEcKey = ecKey; + return HCF_SUCCESS; +} + +static void FreeCurveBigNum(BIGNUM *pStd, BIGNUM *bStd, BIGNUM *xStd, BIGNUM *yStd) +{ + Openssl_BN_free(pStd); + Openssl_BN_free(bStd); + Openssl_BN_free(xStd); + Openssl_BN_free(yStd); +} + +static HcfResult CheckEc224CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y) +{ + BIGNUM *pStd = NULL, *bStd = NULL, *xStd = NULL, *yStd = NULL; + pStd = Openssl_BN_bin2bn(g_ecc224CorrectBigP, NID_secp224r1_len, NULL); + bStd = Openssl_BN_bin2bn(g_ecc224CorrectBigB, NID_secp224r1_len, NULL); + xStd = Openssl_BN_bin2bn(g_ecc224CorrectBigGX, NID_secp224r1_len, NULL); + yStd = Openssl_BN_bin2bn(g_ecc224CorrectBigGY, NID_secp224r1_len, NULL); + if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) { + LOGE("EC 224 Curve convert to BN fail"); + FreeCurveBigNum(pStd, bStd, xStd, yStd); + return HCF_ERR_CRYPTO_OPERATION; + } + if (!Openssl_BN_cmp(p, pStd) && !Openssl_BN_cmp(b, bStd) && + !Openssl_BN_cmp(x, xStd) && !Openssl_BN_cmp(y, yStd)) { + LOGE("EC 224 compare fail"); + FreeCurveBigNum(pStd, bStd, xStd, yStd); + return HCF_SUCCESS; + } + FreeCurveBigNum(pStd, bStd, xStd, yStd); + return HCF_INVALID_PARAMS; +} + +static HcfResult CheckEc256CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y) +{ + BIGNUM *pStd = NULL, *bStd = NULL, *xStd = NULL, *yStd = NULL; + pStd = Openssl_BN_bin2bn(g_ecc256CorrectBigP, NID_X9_62_prime256v1_len, NULL); + bStd = Openssl_BN_bin2bn(g_ecc256CorrectBigB, NID_X9_62_prime256v1_len, NULL); + xStd = Openssl_BN_bin2bn(g_ecc256CorrectBigGX, NID_X9_62_prime256v1_len, NULL); + yStd = Openssl_BN_bin2bn(g_ecc256CorrectBigGY, NID_X9_62_prime256v1_len, NULL); + if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) { + LOGE("EC 256 Curve convert to BN fail"); + FreeCurveBigNum(pStd, bStd, xStd, yStd); + return HCF_ERR_CRYPTO_OPERATION; + } + if (!Openssl_BN_cmp(p, pStd) && !Openssl_BN_cmp(b, bStd) && + !Openssl_BN_cmp(x, xStd) && !Openssl_BN_cmp(y, yStd)) { + LOGE("EC 256 compare fail"); + FreeCurveBigNum(pStd, bStd, xStd, yStd); + return HCF_SUCCESS; + } + FreeCurveBigNum(pStd, bStd, xStd, yStd); + return HCF_INVALID_PARAMS; +} + +static HcfResult CheckEc384CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y) +{ + BIGNUM *pStd = NULL, *bStd = NULL, *xStd = NULL, *yStd = NULL; + pStd = Openssl_BN_bin2bn(g_ecc384CorrectBigP, NID_secp384r1_len, NULL); + bStd = Openssl_BN_bin2bn(g_ecc384CorrectBigB, NID_secp384r1_len, NULL); + xStd = Openssl_BN_bin2bn(g_ecc384CorrectBigGX, NID_secp384r1_len, NULL); + yStd = Openssl_BN_bin2bn(g_ecc384CorrectBigGY, NID_secp384r1_len, NULL); + if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) { + LOGE("EC 384 Curve convert to BN fail"); + FreeCurveBigNum(pStd, bStd, xStd, yStd); + return HCF_ERR_CRYPTO_OPERATION; + } + if (!Openssl_BN_cmp(p, pStd) && !Openssl_BN_cmp(b, bStd) && + !Openssl_BN_cmp(x, xStd) && !Openssl_BN_cmp(y, yStd)) { + LOGE("EC 384 compare fail"); + FreeCurveBigNum(pStd, bStd, xStd, yStd); + return HCF_SUCCESS; + } + FreeCurveBigNum(pStd, bStd, xStd, yStd); + return HCF_INVALID_PARAMS; +} + +static HcfResult CheckEc521CurveId(BIGNUM *p, BIGNUM *b, BIGNUM *x, BIGNUM *y) +{ + BIGNUM *pStd = NULL, *bStd = NULL, *xStd = NULL, *yStd = NULL; + pStd = Openssl_BN_bin2bn(g_ecc521CorrectBigP, NID_secp521r1_len, NULL); + bStd = Openssl_BN_bin2bn(g_ecc521CorrectBigB, NID_secp521r1_len, NULL); + xStd = Openssl_BN_bin2bn(g_ecc521CorrectBigGX, NID_secp521r1_len, NULL); + yStd = Openssl_BN_bin2bn(g_ecc521CorrectBigGY, NID_secp521r1_len, NULL); + if ((pStd == NULL) || (bStd == NULL) || (xStd == NULL) || (yStd == NULL)) { + LOGE("EC 521 Curve convert to BN fail"); + FreeCurveBigNum(pStd, bStd, xStd, yStd); + return HCF_ERR_CRYPTO_OPERATION; + } + if (!Openssl_BN_cmp(p, pStd) && !Openssl_BN_cmp(b, bStd) && + !Openssl_BN_cmp(x, xStd) && !Openssl_BN_cmp(y, yStd)) { + LOGE("EC 521 compare fail"); + FreeCurveBigNum(pStd, bStd, xStd, yStd); + return HCF_SUCCESS; + } + FreeCurveBigNum(pStd, bStd, xStd, yStd); + return HCF_INVALID_PARAMS; +} + +static HcfResult CheckParamsSpecToGetCurveId(const HcfEccCommParamsSpec *ecParams, int32_t *curveId) +{ + BIGNUM *p = NULL, *b = NULL, *x = NULL, *y = NULL; + HcfECFieldFp *field = (HcfECFieldFp *)(ecParams->field); + if (BigIntegerToBigNum(&(field->p), &p) != HCF_SUCCESS || + BigIntegerToBigNum(&(ecParams->b), &b) != HCF_SUCCESS || + BigIntegerToBigNum(&(ecParams->g.x), &x) != HCF_SUCCESS || + BigIntegerToBigNum(&(ecParams->g.y), &y) != HCF_SUCCESS) { + LOGE("BigIntegerToBigNum failed."); + FreeCurveBigNum(p, b, x, y); + return HCF_ERR_CRYPTO_OPERATION; + } + + int32_t bitLenP = Openssl_BN_num_bits(p); + HcfResult res = HCF_INVALID_PARAMS; + switch (bitLenP) { + case OPENSSL_ECC224_BITS: + res = CheckEc224CurveId(p, b, x, y); + if (res == HCF_SUCCESS) { + *curveId = NID_secp224r1; + } + break; + case OPENSSL_ECC256_BITS: + res = CheckEc256CurveId(p, b, x, y); + if (res == HCF_SUCCESS) { + *curveId = NID_X9_62_prime256v1; + } + break; + case OPENSSL_ECC384_BITS: + res = CheckEc384CurveId(p, b, x, y); + if (res == HCF_SUCCESS) { + *curveId = NID_secp384r1; + } + break; + case OPENSSL_ECC521_BITS: + res = CheckEc521CurveId(p, b, x, y); + if (res == HCF_SUCCESS) { + *curveId = NID_secp521r1; + } + break; + default: + LOGE("Find no bit len"); + break; + } + FreeCurveBigNum(p, b, x, y); + return res; +} + +static HcfResult NewGroupFromCurveGFp(const HcfEccCommParamsSpec *ecParams, EC_GROUP **ecGroup, BN_CTX *ctx) +{ + HcfResult res = HCF_SUCCESS; + HcfECFieldFp *field = (HcfECFieldFp *)(ecParams->field); + BIGNUM *p = NULL, *a = NULL, *b = NULL; + EC_GROUP *group = NULL; + do { + if (BigIntegerToBigNum(&(field->p), &p) != HCF_SUCCESS || + BigIntegerToBigNum(&(ecParams->a), &a) != HCF_SUCCESS || + BigIntegerToBigNum(&(ecParams->b), &b) != HCF_SUCCESS) { + LOGE("BigInteger to BigNum failed"); + res = HCF_ERR_CRYPTO_OPERATION; + break; + } + group = Openssl_EC_GROUP_new_curve_GFp(p, a, b, ctx); + if (group == NULL) { + LOGE("Alloc group memory failed."); + res = HCF_ERR_CRYPTO_OPERATION; + break; + } + } while (0); + Openssl_BN_free(p); + Openssl_BN_free(a); + Openssl_BN_free(b); + + if (res == HCF_SUCCESS) { + *ecGroup = group; + return res; + } + Openssl_EC_GROUP_free(group); + return res; +} + +static HcfResult SetEcPointToGroup(const HcfEccCommParamsSpec *ecParams, EC_GROUP *group, BN_CTX *ctx) +{ + HcfResult res = HCF_SUCCESS; + BIGNUM *x = NULL, *y = NULL; + BIGNUM *order = NULL, *cofactor = NULL; + EC_POINT *generator = NULL; + cofactor = Openssl_BN_new(); + if (cofactor == NULL) { + LOGE("Alloc cofactor memory failed."); + return HCF_ERR_MALLOC; + } + do { + if (BigIntegerToBigNum(&(ecParams->g.x), &x) != HCF_SUCCESS || + BigIntegerToBigNum(&(ecParams->g.y), &y) != HCF_SUCCESS || + BigIntegerToBigNum(&(ecParams->n), &order) != HCF_SUCCESS || + !Openssl_BN_set_word(cofactor, (uint32_t)ecParams->h)) { + LOGE("BigInteger to BigNum failed."); + res = HCF_ERR_CRYPTO_OPERATION; + break; + } + generator = Openssl_EC_POINT_new(group); + if (generator == NULL) { + LOGE("Alloc group memory failed."); + res = HCF_ERR_CRYPTO_OPERATION; + break; + } + if (!Openssl_EC_POINT_set_affine_coordinates_GFp(group, generator, x, y, ctx)) { + LOGE("Openssl_EC_POINT_set_affine_coordinates_GFp failed."); + res = HCF_ERR_CRYPTO_OPERATION; + HcfPrintOpensslError(); + break; + } + + if (!Openssl_EC_GROUP_set_generator(group, generator, order, cofactor)) { + LOGE("Openssl_EC_GROUP_set_generator failed."); + res = HCF_ERR_CRYPTO_OPERATION; + HcfPrintOpensslError(); + break; + } + } while (0); + Openssl_BN_free(x); + Openssl_BN_free(y); + Openssl_BN_free(order); + Openssl_BN_free(cofactor); + Openssl_EC_POINT_free(generator); + return res; +} + +static HcfResult GenerateEcGroupWithParamsSpec(const HcfEccCommParamsSpec *ecParams, EC_GROUP **ecGroup) +{ + if (ecGroup == NULL) { + LOGE("Invalid input parameters."); + return HCF_INVALID_PARAMS; + } + HcfResult res = HCF_SUCCESS; + EC_GROUP *group = NULL; + BN_CTX *ctx = NULL; + ctx = Openssl_BN_CTX_new(); + if (ctx == NULL) { + LOGE("Alloc ctx memory failed."); + res = HCF_ERR_MALLOC; + return res; + } + res = NewGroupFromCurveGFp(ecParams, &group, ctx); + if (res != HCF_SUCCESS) { + LOGE("New Ec group fail"); + Openssl_BN_CTX_free(ctx); + return res; + } + res = SetEcPointToGroup(ecParams, group, ctx); + if (res != HCF_SUCCESS) { + Openssl_BN_CTX_free(ctx); + Openssl_EC_GROUP_free(group); + LOGE("Set Ec point fail"); + return res; + } + *ecGroup = group; + return res; +} + +static HcfResult GenerateEcKeyWithParmasSpec(const HcfEccCommParamsSpec *ecParams, EC_KEY **returnKey) +{ + EC_KEY *ecKey = NULL; + int32_t curveId = 0; + HcfResult res = CheckParamsSpecToGetCurveId(ecParams, &curveId); + if (res == HCF_SUCCESS && curveId != 0) { + ecKey = Openssl_EC_KEY_new_by_curve_name(curveId); + LOGE("generate EC_KEY by curve name"); + if (ecKey == NULL) { + LOGE("new ec key failed."); + return HCF_ERR_CRYPTO_OPERATION; + } + } else { + EC_GROUP *group = NULL; + res = GenerateEcGroupWithParamsSpec(ecParams, &group); + if (res != HCF_SUCCESS) { + LOGE("GenerateEcGroupWithParamsSpec failed."); + return res; + } + ecKey = Openssl_EC_KEY_new(); + if (ecKey == NULL) { + LOGE("Openssl_EC_KEY_new failed."); + Openssl_EC_GROUP_free(group); + return HCF_ERR_CRYPTO_OPERATION; + } + if (Openssl_EC_KEY_set_group(ecKey, group) != HCF_OPENSSL_SUCCESS) { + LOGE("Openssl_EC_KEY_set_group failed."); + Openssl_EC_GROUP_free(group); + Openssl_EC_KEY_free(ecKey); + return HCF_ERR_CRYPTO_OPERATION; + } + Openssl_EC_GROUP_free(group); + LOGD("generate EC_KEY by group spec parmas"); + } + // all exceptions have been returned above. + *returnKey = ecKey; + return HCF_SUCCESS; +} + +static HcfResult InitEcKeyByPubKey(const HcfPoint *pubKey, EC_KEY *ecKey) +{ const EC_GROUP *group = Openssl_EC_KEY_get0_group(ecKey); - if ((pubKey == NULL) || (priKey == NULL) || (group == NULL)) { - LOGE("ec key is invalid."); + if (group == NULL) { + LOGE("Not find group from ecKey."); + return HCF_ERR_CRYPTO_OPERATION; + } + EC_POINT *point = Openssl_EC_POINT_new(group); + if (point == NULL) { + LOGE("New ec point failed."); + return HCF_ERR_CRYPTO_OPERATION; + } + BIGNUM *pkX = NULL, *pkY = NULL; + if (BigIntegerToBigNum(&(pubKey->x), &pkX) != HCF_SUCCESS || + BigIntegerToBigNum(&(pubKey->y), &pkY) != HCF_SUCCESS) { + LOGE("BigInteger to BigNum failed."); + Openssl_EC_POINT_free(point); + Openssl_BN_free(pkX); + Openssl_BN_free(pkY); + return HCF_ERR_CRYPTO_OPERATION; + } + + // only support fp point. + // can use EC_POINT_set_affine_coordinates() set x and y by group, deep copy. + int32_t res = Openssl_EC_POINT_set_affine_coordinates_GFp(group, point, pkX, pkY, NULL); + Openssl_BN_free(pkX); + Openssl_BN_free(pkY); + + if (res != HCF_OPENSSL_SUCCESS) { + LOGE("Openssl_EC_POINT_set_affine_coordinates_GFp failed."); + Openssl_EC_POINT_free(point); + return HCF_ERR_CRYPTO_OPERATION; + } + res = Openssl_EC_KEY_set_public_key(ecKey, point); + if (res != HCF_OPENSSL_SUCCESS) { + LOGE("Openssl_EC_KEY_set_public_key failed."); + Openssl_EC_POINT_free(point); + return HCF_ERR_CRYPTO_OPERATION; + } + Openssl_EC_POINT_free(point); + return HCF_SUCCESS; +} + +static HcfResult InitEcKeyByPriKey(const HcfBigInteger *priKey, EC_KEY *ecKey) +{ + BIGNUM *sk = NULL; + if (BigIntegerToBigNum(priKey, &sk) != HCF_SUCCESS) { + LOGE("BigInteger to BigNum failed."); + return HCF_ERR_CRYPTO_OPERATION; + } + int32_t res = Openssl_EC_KEY_set_private_key(ecKey, sk); + if (res != HCF_OPENSSL_SUCCESS) { + LOGE("Openssl_EC_KEY_set_private_key failed."); + Openssl_BN_free(sk); + return HCF_ERR_CRYPTO_OPERATION; + } + Openssl_BN_free(sk); + return HCF_SUCCESS; +} + +static HcfResult SetEcPubKeyFromPriKey(const HcfBigInteger *priKey, EC_KEY *ecKey) +{ + const EC_GROUP *group = Openssl_EC_KEY_get0_group(ecKey); + if (group == NULL) { + LOGE("Not find group from ecKey."); + return HCF_ERR_CRYPTO_OPERATION; + } + BIGNUM *sk = NULL; + if (BigIntegerToBigNum(priKey, &sk) != HCF_SUCCESS) { + LOGE("BigInteger to BigNum failed."); + return HCF_ERR_CRYPTO_OPERATION; + } + EC_POINT *point = Openssl_EC_POINT_new(group); + if (point == NULL) { + LOGE("Openssl_EC_POINT_new failed."); + Openssl_BN_free(sk); + return HCF_ERR_CRYPTO_OPERATION; + } + if (!Openssl_EC_POINT_mul(group, point, sk, NULL, NULL, NULL)) { + LOGE("Openssl_EC_POINT_new or Openssl_EC_POINT_mul failed."); + Openssl_EC_POINT_free(point); + Openssl_BN_free(sk); + return HCF_ERR_CRYPTO_OPERATION; + } + int32_t res = Openssl_EC_KEY_set_public_key(ecKey, point); + if (res != HCF_OPENSSL_SUCCESS) { + LOGE("Openssl_EC_KEY_set_public_key failed."); + Openssl_EC_POINT_free(point); + Openssl_BN_free(sk); + return HCF_ERR_CRYPTO_OPERATION; + } + Openssl_EC_POINT_free(point); + Openssl_BN_free(sk); + return HCF_SUCCESS; +} + +static HcfResult SetEcKey(const HcfPoint *pubKey, const HcfBigInteger *priKey, EC_KEY *ecKey) +{ + HcfResult res = HCF_SUCCESS; + if (pubKey != NULL) { + res = InitEcKeyByPubKey(pubKey, ecKey); + if (res != HCF_SUCCESS) { + LOGE("InitEcKeyByPubKey failed."); + return HCF_ERR_CRYPTO_OPERATION; + } + } + if (priKey != NULL) { + res = InitEcKeyByPriKey(priKey, ecKey); + if (res != HCF_SUCCESS) { + LOGE("InitEcKeyByPriKey failed."); + return HCF_ERR_CRYPTO_OPERATION; + } + if (pubKey == NULL) { + res = SetEcPubKeyFromPriKey(priKey, ecKey); + if (res != HCF_SUCCESS) { + LOGE("SetEcPubKeyFromPriKey failed."); + return HCF_ERR_CRYPTO_OPERATION; + } + } + } + return res; +} + +static HcfResult NewEcKeyPairWithCommSpec(const HcfEccCommParamsSpec *ecParams, EC_KEY **returnEckey) +{ + LOGD("start gen EC key by comm spec"); + EC_KEY *ecKey = NULL; + HcfResult res = GenerateEcKeyWithParmasSpec(ecParams, &ecKey); + if (res != HCF_SUCCESS) { + LOGE("generate EC key fails"); + return res; + } + if (Openssl_EC_KEY_generate_key(ecKey) != HCF_OPENSSL_SUCCESS) { + LOGE("Openssl_EC_KEY_generate_key failed."); Openssl_EC_KEY_free(ecKey); return HCF_ERR_CRYPTO_OPERATION; } - EC_POINT *newPubKey = Openssl_EC_POINT_dup(pubKey, group); - if (newPubKey == NULL) { - LOGE("copy pubKey fail."); + + if (Openssl_EC_KEY_check_key(ecKey) <= 0) { + LOGE("Check key fail."); Openssl_EC_KEY_free(ecKey); return HCF_ERR_CRYPTO_OPERATION; } - BIGNUM *newPriKey = Openssl_BN_dup(priKey); - if (newPriKey == NULL) { - LOGE("copy priKey fail."); + LOGD("Gen EC_key and check success"); + *returnEckey = ecKey; + return res; +} + +static HcfResult NewEcPubKeyWithPubSpec(const HcfEccPubKeyParamsSpec *ecParams, EC_KEY **returnEcKey) +{ + EC_KEY *ecKey = NULL; + HcfResult res = GenerateEcKeyWithParmasSpec((HcfEccCommParamsSpec *)ecParams, &ecKey); + if (res != HCF_SUCCESS) { + LOGE("generate EC key fails"); + return res; + } + res = SetEcKey(&(ecParams->pk), NULL, ecKey); + if (res != HCF_SUCCESS) { + LOGE("Set pub ecKey failed."); Openssl_EC_KEY_free(ecKey); - Openssl_EC_POINT_free(newPubKey); return HCF_ERR_CRYPTO_OPERATION; } - *returnPubKey = newPubKey; - *returnPriKey = newPriKey; - Openssl_EC_KEY_free(ecKey); - return HCF_SUCCESS; + if (Openssl_EC_KEY_check_key(ecKey) <= 0) { + LOGE("Check key fail."); + Openssl_EC_KEY_free(ecKey); + return HCF_ERR_CRYPTO_OPERATION; + } + *returnEcKey = ecKey; + return res; +} + +static HcfResult NewEcPriKeyWithPriSpec(const HcfEccPriKeyParamsSpec *ecParams, EC_KEY **returnEcKey) +{ + EC_KEY *ecKey = NULL; + HcfResult res = GenerateEcKeyWithParmasSpec((HcfEccCommParamsSpec *)ecParams, &ecKey); + if (res != HCF_SUCCESS) { + LOGE("generate EC key fails"); + return res; + } + res = SetEcKey(NULL, &(ecParams->sk), ecKey); + if (res != HCF_SUCCESS) { + LOGE("Set pri ecKey failed."); + Openssl_EC_KEY_free(ecKey); + return HCF_ERR_CRYPTO_OPERATION; + } + + if (Openssl_EC_KEY_check_key(ecKey) <= 0) { + LOGE("Check key fail."); + Openssl_EC_KEY_free(ecKey); + return HCF_ERR_CRYPTO_OPERATION; + } + *returnEcKey = ecKey; + return res; +} + +static HcfResult NewEcKeyWithKeyPairSpec(const HcfEccKeyPairParamsSpec *ecParams, EC_KEY **returnEcKey, + const bool needPrivate) +{ + EC_KEY *ecKey = NULL; + HcfResult res = GenerateEcKeyWithParmasSpec((HcfEccCommParamsSpec *)ecParams, &ecKey); + if (res != HCF_SUCCESS) { + LOGE("generate EC key fails"); + return res; + } + if (needPrivate) { + res = SetEcKey(&(ecParams->pk), &(ecParams->sk), ecKey); + } else { + res = SetEcKey(&(ecParams->pk), NULL, ecKey); + } + if (res != HCF_SUCCESS) { + LOGE("SetEcKey failed."); + Openssl_EC_KEY_free(ecKey); + return HCF_ERR_CRYPTO_OPERATION; + } + + if (Openssl_EC_KEY_check_key(ecKey) <= 0) { + LOGE("Check key fail."); + Openssl_EC_KEY_free(ecKey); + return HCF_ERR_CRYPTO_OPERATION; + } + *returnEcKey = ecKey; + return res; } -// export interfaces static const char *GetEccKeyPairGeneratorClass(void) { return OPENSSL_ECC_KEY_GENERATOR_CLASS; @@ -122,8 +624,10 @@ static void DestroyEccPubKey(HcfObjectBase *self) return; } HcfOpensslEccPubKey *impl = (HcfOpensslEccPubKey *)self; - EC_POINT_free(impl->pk); - impl->pk = NULL; + Openssl_EC_KEY_free(impl->ecKey); + impl->ecKey = NULL; + HcfFree(impl->fieldType); + impl->fieldType = NULL; HcfFree(impl); } @@ -136,8 +640,10 @@ static void DestroyEccPriKey(HcfObjectBase *self) return; } HcfOpensslEccPriKey *impl = (HcfOpensslEccPriKey *)self; - BN_clear_free(impl->sk); - impl->sk = NULL; + Openssl_EC_KEY_free(impl->ecKey); + impl->ecKey = NULL; + HcfFree(impl->fieldType); + impl->fieldType = NULL; HcfFree(impl); } @@ -161,11 +667,6 @@ static void DestroyEccKeyPair(HcfObjectBase *self) HcfFree(impl); } -static void DestroyKey(HcfObjectBase *self) -{ - LOGI("Process DestroyKey"); -} - static const char *GetEccPubKeyAlgorithm(HcfKey *self) { if (self == NULL) { @@ -216,7 +717,6 @@ static const char *GetEccPriKeyFormat(HcfKey *self) static HcfResult GetEccPubKeyEncoded(HcfKey *self, HcfBlob *returnBlob) { - LOGI("start ..."); if ((self == NULL) || (returnBlob == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; @@ -226,35 +726,30 @@ static HcfResult GetEccPubKeyEncoded(HcfKey *self, HcfBlob *returnBlob) } HcfOpensslEccPubKey *impl = (HcfOpensslEccPubKey *)self; - EC_KEY *ecKey = Openssl_EC_KEY_new_by_curve_name(impl->curveId); - if (ecKey == NULL) { - LOGE("EC_KEY_new_by_curve_name fail."); - HcfPrintOpensslError(); - return HCF_ERR_CRYPTO_OPERATION; - } - if (Openssl_EC_KEY_set_public_key(ecKey, impl->pk) <= 0) { - LOGE("EC_KEY_set_public_key fail."); - HcfPrintOpensslError(); - EC_KEY_free(ecKey); - return HCF_ERR_CRYPTO_OPERATION; + if (impl->curveId != 0) { + LOGE("have a curveId"); + Openssl_EC_KEY_set_asn1_flag(impl->ecKey, OPENSSL_EC_NAMED_CURVE); + } else { + Openssl_EC_KEY_set_asn1_flag(impl->ecKey, OPENSSL_EC_EXPLICIT_CURVE); } + unsigned char *returnData = NULL; - int returnDataLen = Openssl_i2d_EC_PUBKEY(ecKey, &returnData); - Openssl_EC_KEY_free(ecKey); + LOGE("Begin trans"); + int returnDataLen = Openssl_i2d_EC_PUBKEY(impl->ecKey, &returnData); + LOGE("ECC i2d complete"); if (returnDataLen <= 0) { LOGE("i2d_EC_PUBKEY fail"); HcfPrintOpensslError(); return HCF_ERR_CRYPTO_OPERATION; } + LOGD("ECC pubKey i2d success"); returnBlob->data = returnData; returnBlob->len = returnDataLen; - LOGI("end ..."); return HCF_SUCCESS; } static HcfResult GetEccPriKeyEncoded(HcfKey *self, HcfBlob *returnBlob) { - LOGI("start ..."); if ((self == NULL) || (returnBlob == NULL)) { LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; @@ -264,31 +759,26 @@ static HcfResult GetEccPriKeyEncoded(HcfKey *self, HcfBlob *returnBlob) } HcfOpensslEccPriKey *impl = (HcfOpensslEccPriKey *)self; - EC_KEY *ecKey = Openssl_EC_KEY_new_by_curve_name(impl->curveId); - if (ecKey == NULL) { - LOGE("EC_KEY_new_by_curve_name fail."); - HcfPrintOpensslError(); - return HCF_ERR_CRYPTO_OPERATION; + if (impl->curveId != 0) { + LOGD("have a curveId"); + Openssl_EC_KEY_set_asn1_flag(impl->ecKey, OPENSSL_EC_NAMED_CURVE); + } else { + Openssl_EC_KEY_set_asn1_flag(impl->ecKey, OPENSSL_EC_EXPLICIT_CURVE); } - if (Openssl_EC_KEY_set_private_key(ecKey, (impl->sk)) != HCF_OPENSSL_SUCCESS) { - LOGE("EC_KEY_set_private_key fail."); - HcfPrintOpensslError(); - Openssl_EC_KEY_free(ecKey); - return HCF_ERR_CRYPTO_OPERATION; - } - Openssl_EC_KEY_set_asn1_flag(ecKey, OPENSSL_EC_NAMED_CURVE); - Openssl_EC_KEY_set_enc_flags(ecKey, EC_PKEY_NO_PUBKEY); + // keep consistence of 3.2 + Openssl_EC_KEY_set_enc_flags(impl->ecKey, EC_PKEY_NO_PUBKEY); + // if the convert key has no pubKey, it will generate pub key automatically, + // and set the no pubKey flag to ensure the consistency of blob. unsigned char *returnData = NULL; - int returnDataLen = Openssl_i2d_ECPrivateKey(ecKey, &returnData); - Openssl_EC_KEY_free(ecKey); + int returnDataLen = Openssl_i2d_ECPrivateKey(impl->ecKey, &returnData); if (returnDataLen <= 0) { LOGE("i2d_ECPrivateKey fail."); HcfPrintOpensslError(); return HCF_ERR_CRYPTO_OPERATION; } + LOGD("ECC priKey i2d success"); returnBlob->data = returnData; returnBlob->len = returnDataLen; - LOGI("end ..."); return HCF_SUCCESS; } @@ -301,43 +791,484 @@ static void EccPriKeyClearMem(HcfPriKey *self) return; } HcfOpensslEccPriKey *impl = (HcfOpensslEccPriKey *)self; - Openssl_BN_clear(impl->sk); + Openssl_EC_KEY_free(impl->ecKey); + impl->ecKey = NULL; +} + +static HcfResult GetCurveGFp(const EC_GROUP *group, const AsyKeySpecItem item, HcfBigInteger *returnBigInteger) +{ + BIGNUM *p = Openssl_BN_new(); + BIGNUM *a = Openssl_BN_new(); + BIGNUM *b = Openssl_BN_new(); + if (p == NULL || a == NULL || b == NULL) { + LOGE("new BN failed."); + Openssl_BN_free(p); + Openssl_BN_free(a); + Openssl_BN_free(b); + return HCF_ERR_CRYPTO_OPERATION; + } + + if (Openssl_EC_GROUP_get_curve_GFp(group, p, a, b, NULL) != HCF_OPENSSL_SUCCESS) { + LOGE("Openssl_EC_GROUP_get_curve_GFp failed."); + Openssl_BN_free(p); + Openssl_BN_free(a); + Openssl_BN_free(b); + return HCF_ERR_CRYPTO_OPERATION; + } + + HcfResult res = HCF_INVALID_PARAMS; + switch (item) { + case ECC_FP_P_BN: + res = BigNumToBigInteger(p, returnBigInteger); + break; + case ECC_A_BN: + res = BigNumToBigInteger(a, returnBigInteger); + break; + case ECC_B_BN: + res = BigNumToBigInteger(b, returnBigInteger); + break; + default: + break; + } + Openssl_BN_free(p); + Openssl_BN_free(a); + Openssl_BN_free(b); + return res; +} + +static HcfResult GetGenerator(const EC_GROUP *group, const AsyKeySpecItem item, HcfBigInteger *returnBigInteger) +{ + const EC_POINT *generator = Openssl_EC_GROUP_get0_generator(group); + if (generator == NULL) { + LOGE("Openssl_EC_GROUP_get0_generator failed."); + return HCF_ERR_CRYPTO_OPERATION; + } + + BIGNUM *gX = Openssl_BN_new(); + BIGNUM *gY = Openssl_BN_new(); + if (gX == NULL || gY == NULL) { + LOGE("new BN failed."); + Openssl_BN_free(gX); + Openssl_BN_free(gY); + return HCF_ERR_CRYPTO_OPERATION; + } + + if (Openssl_EC_POINT_get_affine_coordinates_GFp(group, generator, gX, gY, NULL) != HCF_OPENSSL_SUCCESS) { + LOGE("Openssl_EC_POINT_get_affine_coordinates_GFp failed."); + Openssl_BN_free(gX); + Openssl_BN_free(gY); + return HCF_ERR_CRYPTO_OPERATION; + } + + HcfResult res = HCF_INVALID_PARAMS; + switch (item) { + case ECC_G_X_BN: + res = BigNumToBigInteger(gX, returnBigInteger); + break; + case ECC_G_Y_BN: + res = BigNumToBigInteger(gY, returnBigInteger); + break; + default: + break; + } + Openssl_BN_free(gX); + Openssl_BN_free(gY); + return res; +} + +static HcfResult GetOrder(const EC_GROUP *group, HcfBigInteger *returnBigInteger) +{ + BIGNUM *order = Openssl_BN_new(); + if (order == NULL) { + LOGE("new BN failed."); + return HCF_ERR_CRYPTO_OPERATION; + } + + if (Openssl_EC_GROUP_get_order(group, order, NULL) != HCF_OPENSSL_SUCCESS) { + LOGE("Openssl_EC_POINT_get_affine_coordinates_GFp failed."); + Openssl_BN_free(order); + return HCF_ERR_CRYPTO_OPERATION; + } + + HcfResult res = BigNumToBigInteger(order, returnBigInteger); + Openssl_BN_free(order); + return res; +} + +static HcfResult GetCofactor(const EC_GROUP *group, int *returnCofactor) +{ + BIGNUM *cofactor = Openssl_BN_new(); + if (cofactor == NULL) { + LOGE("new BN failed."); + return HCF_ERR_CRYPTO_OPERATION; + } + + if (Openssl_EC_GROUP_get_cofactor(group, cofactor, NULL) != HCF_OPENSSL_SUCCESS) { + LOGE("Openssl_EC_POINT_get_affine_coordinates_GFp failed."); + Openssl_BN_free(cofactor); + return HCF_ERR_CRYPTO_OPERATION; + } + + *returnCofactor = (int)(Openssl_BN_get_word(cofactor)); + if (*returnCofactor == 0) { + LOGE("Openssl_BN_get_word failed."); + Openssl_BN_free(cofactor); + return HCF_ERR_CRYPTO_OPERATION; + } + Openssl_BN_free(cofactor); + return HCF_SUCCESS; +} + +static HcfResult GetFieldSize(const EC_GROUP *group, int32_t *fieldSize) +{ + *fieldSize = Openssl_EC_GROUP_get_degree(group); + if (*fieldSize == 0) { + LOGE("Openssl_EC_GROUP_get_degree failed."); + return HCF_ERR_CRYPTO_OPERATION; + } + return HCF_SUCCESS; } -static HcfResult CreateEccPubKey(int32_t curveId, EC_POINT *pubKey, HcfOpensslEccPubKey **returnObj) +static HcfResult GetPubKeyXOrY(const EC_GROUP *group, const EC_POINT *point, const AsyKeySpecItem item, + HcfBigInteger *returnBigInteger) +{ + BIGNUM *pkX = Openssl_BN_new(); + BIGNUM *pkY = Openssl_BN_new(); + if (pkX == NULL || pkY == NULL) { + LOGE("new BN failed."); + Openssl_BN_free(pkX); + Openssl_BN_free(pkY); + return HCF_ERR_CRYPTO_OPERATION; + } + + if (Openssl_EC_POINT_get_affine_coordinates_GFp(group, point, pkX, pkY, NULL) != HCF_OPENSSL_SUCCESS) { + LOGE("Openssl_EC_POINT_get_affine_coordinates_GFp failed."); + Openssl_BN_free(pkX); + Openssl_BN_free(pkY); + return HCF_ERR_CRYPTO_OPERATION; + } + + HcfResult res = HCF_INVALID_PARAMS; + switch (item) { + case ECC_PK_X_BN: + res = BigNumToBigInteger(pkX, returnBigInteger); + break; + case ECC_PK_Y_BN: + res = BigNumToBigInteger(pkY, returnBigInteger); + break; + default: + break; + } + Openssl_BN_free(pkX); + Openssl_BN_free(pkY); + return res; +} + +static HcfResult GetFieldType(const HcfKey *self, const bool isPrivate, char **returnString) +{ + char *fieldType = NULL; + if (isPrivate) { + fieldType = ((HcfOpensslEccPriKey *)self)->fieldType; + } else { + fieldType = ((HcfOpensslEccPubKey *)self)->fieldType; + } + + if (fieldType == NULL) { + LOGE("No fieldType in EccPubKey struct."); + return HCF_INVALID_PARAMS; + } + + int32_t len = strlen(fieldType); + *returnString = (char *)HcfMalloc(len + 1, 0); + if (*returnString == NULL) { + LOGE("Alloc returnString memory failed."); + return HCF_ERR_MALLOC; + } + (void)memcpy_s(*returnString, len, fieldType, len); + + return HCF_SUCCESS; +} + +static HcfResult GetCurveName(const HcfKey *self, const bool isPriavte, char **returnString) +{ + int32_t curveId = 0; + if (isPriavte) { + curveId = ((HcfOpensslEccPriKey *)self)->curveId; + } else { + curveId = ((HcfOpensslEccPubKey *)self)->curveId; + } + + char *tmp = NULL; + switch (curveId) { + case NID_secp224r1: + tmp = "NID_secp224r1"; + break; + case NID_X9_62_prime256v1: + tmp = "NID_X9_62_prime256v1"; + break; + case NID_secp384r1: + tmp = "NID_secp384r1"; + break; + case NID_secp521r1: + tmp = "NID_secp521r1"; + break; + default: + LOGE("No curve name."); + return HCF_ERR_CRYPTO_OPERATION; + break; + } + + int32_t len = strlen(tmp); + *returnString = (char *)HcfMalloc(len + 1, 0); + if (*returnString == NULL) { + LOGE("Alloc returnString memory failed."); + return HCF_ERR_MALLOC; + } + (void)memcpy_s(*returnString, len, tmp, len); + return HCF_SUCCESS; +} + +static HcfResult CheckEcKeySelf(const HcfKey *self, bool *isPrivate) +{ + if (IsClassMatch((HcfObjectBase *)self, GetEccPubKeyClass())) { + *isPrivate = false; + return HCF_SUCCESS; + } else if (IsClassMatch((HcfObjectBase *)self, GetEccPriKeyClass())) { + *isPrivate = true; + return HCF_SUCCESS; + } else { + return HCF_INVALID_PARAMS; + } +} + +static HcfResult GetPkSkBigInteger(const HcfKey *self, const bool isPrivate, + const AsyKeySpecItem item, HcfBigInteger *returnBigInteger) +{ + HcfResult res = HCF_INVALID_PARAMS; + if (item == ECC_SK_BN) { + if (!isPrivate) { + LOGE("ecc pub key has no private key spec item"); + return res; + } + res = BigNumToBigInteger(Openssl_EC_KEY_get0_private_key(((HcfOpensslEccPriKey *)self)->ecKey), + returnBigInteger); + } else { + if (isPrivate) { + LOGE("ecc pri key cannot get pub key spec item"); + return res; + } + res = GetPubKeyXOrY(Openssl_EC_KEY_get0_group(((HcfOpensslEccPubKey *)self)->ecKey), + Openssl_EC_KEY_get0_public_key(((HcfOpensslEccPubKey *)self)->ecKey), item, returnBigInteger); + } + return res; +} + +static HcfResult GetEcKeySpecBigInteger(const HcfKey *self, const AsyKeySpecItem item, + HcfBigInteger *returnBigInteger) +{ + if (self == NULL || returnBigInteger == NULL) { + LOGE("Invalid input parameter."); + return HCF_INVALID_PARAMS; + } + bool isPrivate; + HcfResult res = CheckEcKeySelf(self, &isPrivate); + if (res != HCF_SUCCESS) { + LOGE("Invalid input key"); + return HCF_INVALID_PARAMS; + } + const EC_GROUP *group = NULL; + if (isPrivate) { + group = Openssl_EC_KEY_get0_group(((HcfOpensslEccPriKey *)self)->ecKey); + } else { + group = Openssl_EC_KEY_get0_group(((HcfOpensslEccPubKey *)self)->ecKey); + } + switch (item) { + case ECC_FP_P_BN: + case ECC_A_BN: + case ECC_B_BN: + res = GetCurveGFp(group, item, returnBigInteger); + break; + case ECC_G_X_BN: + case ECC_G_Y_BN: + res = GetGenerator(group, item, returnBigInteger); + break; + case ECC_N_BN: + res = GetOrder(group, returnBigInteger); + break; + case ECC_SK_BN: + case ECC_PK_X_BN: + case ECC_PK_Y_BN: + res = GetPkSkBigInteger(self, isPrivate, item, returnBigInteger); + break; + default: + LOGE("Invalid ecc key big number spec!"); + res = HCF_INVALID_PARAMS; + break; + } + return res; +} + +static HcfResult GetEcKeySpecString(const HcfKey *self, const AsyKeySpecItem item, char **returnString) +{ + if (self == NULL || returnString == NULL) { + LOGE("Invalid input parameter."); + return HCF_INVALID_PARAMS; + } + bool isPrivate; + HcfResult res = CheckEcKeySelf(self, &isPrivate); + if (res != HCF_SUCCESS) { + LOGE("Invalid input key"); + return HCF_INVALID_PARAMS; + } + + switch (item) { + case ECC_FIELD_TYPE_STR: + res = GetFieldType(self, isPrivate, returnString); + break; + case ECC_CURVE_NAME_STR: + res = GetCurveName(self, isPrivate, returnString); + break; + default: + res = HCF_INVALID_PARAMS; + LOGE("Invalid spec of ec string"); + break; + } + return res; +} + +static HcfResult GetEcKeySpecInt(const HcfKey *self, const AsyKeySpecItem item, int *returnInt) +{ + if (self == NULL || returnInt == NULL) { + LOGE("Invalid input parameter."); + return HCF_INVALID_PARAMS; + } + bool isPrivate; + HcfResult res = CheckEcKeySelf(self, &isPrivate); + if (res != HCF_SUCCESS) { + LOGE("Invalid input key"); + return HCF_INVALID_PARAMS; + } + const EC_GROUP *group = NULL; + if (isPrivate) { + group = Openssl_EC_KEY_get0_group(((HcfOpensslEccPriKey *)self)->ecKey); + } else { + group = Openssl_EC_KEY_get0_group(((HcfOpensslEccPubKey *)self)->ecKey); + } + switch (item) { + case ECC_H_INT: + res = GetCofactor(group, returnInt); + break; + case ECC_FIELD_SIZE_INT: + res = GetFieldSize(group, returnInt); + break; + default: + res = HCF_INVALID_PARAMS; + LOGE("invalid ec key int spec"); + break; + } + return res; +} + +static HcfResult GetECPubKeySpecBigInteger(const HcfPubKey *self, const AsyKeySpecItem item, + HcfBigInteger *returnBigInteger) +{ + return GetEcKeySpecBigInteger((HcfKey *)self, item, returnBigInteger); +} + +static HcfResult GetECPubKeySpecString(const HcfPubKey *self, const AsyKeySpecItem item, char **returnString) +{ + return GetEcKeySpecString((HcfKey *)self, item, returnString); +} + +static HcfResult GetECPubKeySpecInt(const HcfPubKey *self, const AsyKeySpecItem item, int *returnInt) +{ + return GetEcKeySpecInt((HcfKey *)self, item, returnInt); +} + +static HcfResult GetECPriKeySpecBigInteger(const HcfPriKey *self, const AsyKeySpecItem item, + HcfBigInteger *returnBigInteger) +{ + return GetEcKeySpecBigInteger((HcfKey *)self, item, returnBigInteger); +} + +static HcfResult GetECPriKeySpecString(const HcfPriKey *self, const AsyKeySpecItem item, char **returnString) +{ + return GetEcKeySpecString((HcfKey *)self, item, returnString); +} + +static HcfResult GetECPriKeySpecInt(const HcfPriKey *self, const AsyKeySpecItem item, int *returnInt) +{ + return GetEcKeySpecInt((HcfKey *)self, item, returnInt); +} + +static HcfResult CreateEccPubKey(int32_t curveId, EC_KEY *ecKey, const char *fieldType, + HcfOpensslEccPubKey **returnObj) { HcfOpensslEccPubKey *returnPubKey = (HcfOpensslEccPubKey *)HcfMalloc(sizeof(HcfOpensslEccPubKey), 0); if (returnPubKey == NULL) { LOGE("Failed to allocate returnPubKey memory!"); return HCF_ERR_MALLOC; } - returnPubKey->base.base.base.destroy = DestroyKey; + char *tmpFieldType = NULL; + if (fieldType != NULL) { + int32_t len = strlen(fieldType); + tmpFieldType = (char *)HcfMalloc(len + 1, 0); + if (tmpFieldType == NULL) { + LOGE("Alloc tmpFieldType memory failed."); + HcfFree(returnPubKey); + return HCF_ERR_MALLOC; + } + (void)memcpy_s(tmpFieldType, len, fieldType, len); + } + + returnPubKey->base.base.base.destroy = DestroyEccPubKey; returnPubKey->base.base.base.getClass = GetEccPubKeyClass; returnPubKey->base.base.getAlgorithm = GetEccPubKeyAlgorithm; returnPubKey->base.base.getEncoded = GetEccPubKeyEncoded; returnPubKey->base.base.getFormat = GetEccPubKeyFormat; + returnPubKey->base.getAsyKeySpecBigInteger = GetECPubKeySpecBigInteger; + returnPubKey->base.getAsyKeySpecString = GetECPubKeySpecString; + returnPubKey->base.getAsyKeySpecInt = GetECPubKeySpecInt; returnPubKey->curveId = curveId; - returnPubKey->pk = pubKey; + returnPubKey->ecKey = ecKey; + returnPubKey->fieldType = tmpFieldType; *returnObj = returnPubKey; return HCF_SUCCESS; } -static HcfResult CreateEccPriKey(int32_t curveId, BIGNUM *priKey, HcfOpensslEccPriKey **returnObj) +static HcfResult CreateEccPriKey(int32_t curveId, EC_KEY *ecKey, const char *fieldType, + HcfOpensslEccPriKey **returnObj) { HcfOpensslEccPriKey *returnPriKey = (HcfOpensslEccPriKey *)HcfMalloc(sizeof(HcfOpensslEccPriKey), 0); if (returnPriKey == NULL) { LOGE("Failed to allocate returnPriKey memory!"); return HCF_ERR_MALLOC; } - returnPriKey->base.base.base.destroy = DestroyKey; + char *tmpFieldType = NULL; + if (fieldType != NULL) { + int32_t len = strlen(fieldType); + tmpFieldType = (char *)HcfMalloc(len + 1, 0); + if (tmpFieldType == NULL) { + LOGE("Alloc tmpFieldType memory failed."); + HcfFree(returnPriKey); + return HCF_ERR_MALLOC; + } + (void)memcpy_s(tmpFieldType, len, fieldType, len); + } + + returnPriKey->base.base.base.destroy = DestroyEccPriKey; returnPriKey->base.base.base.getClass = GetEccPriKeyClass; returnPriKey->base.base.getAlgorithm = GetEccPriKeyAlgorithm; returnPriKey->base.base.getEncoded = GetEccPriKeyEncoded; returnPriKey->base.base.getFormat = GetEccPriKeyFormat; returnPriKey->base.clearMem = EccPriKeyClearMem; + returnPriKey->base.getAsyKeySpecBigInteger = GetECPriKeySpecBigInteger; + returnPriKey->base.getAsyKeySpecString = GetECPriKeySpecString; + returnPriKey->base.getAsyKeySpecInt = GetECPriKeySpecInt; returnPriKey->curveId = curveId; - returnPriKey->sk = priKey; + returnPriKey->ecKey = ecKey; + returnPriKey->fieldType = tmpFieldType; *returnObj = returnPriKey; return HCF_SUCCESS; @@ -360,7 +1291,7 @@ static HcfResult CreateEccKeyPair(HcfOpensslEccPubKey *pubKey, HcfOpensslEccPriK return HCF_SUCCESS; } -static HcfResult ConvertEcPubKeyByOpenssl(int32_t curveId, HcfBlob *pubKeyBlob, HcfOpensslEccPubKey **returnPubKey) +static HcfResult ConvertEcPubKey(int32_t curveId, HcfBlob *pubKeyBlob, HcfOpensslEccPubKey **returnPubKey) { const unsigned char *tmpData = (const unsigned char *)(pubKeyBlob->data); EC_KEY *ecKey = Openssl_d2i_EC_PUBKEY(NULL, &tmpData, pubKeyBlob->len); @@ -369,29 +1300,16 @@ static HcfResult ConvertEcPubKeyByOpenssl(int32_t curveId, HcfBlob *pubKeyBlob, HcfPrintOpensslError(); return HCF_ERR_CRYPTO_OPERATION; } - const EC_POINT *pubKey = Openssl_EC_KEY_get0_public_key(ecKey); - const EC_GROUP *group = Openssl_EC_KEY_get0_group(ecKey); - if (pubKey == NULL || group == NULL) { - LOGE("ec key is invalid."); - HcfPrintOpensslError(); - Openssl_EC_KEY_free(ecKey); - return HCF_ERR_CRYPTO_OPERATION; - } - EC_POINT *newPubKey = Openssl_EC_POINT_dup(pubKey, group); - Openssl_EC_KEY_free(ecKey); - if (newPubKey == NULL) { - LOGE("copy pubKey fail."); - return HCF_ERR_CRYPTO_OPERATION; - } - int32_t res = CreateEccPubKey(curveId, newPubKey, returnPubKey); + HcfResult res = CreateEccPubKey(curveId, ecKey, g_eccGenerateFieldType, returnPubKey); if (res != HCF_SUCCESS) { - Openssl_EC_POINT_free(newPubKey); + LOGE("CreateEccPubKey failed."); + Openssl_EC_KEY_free(ecKey); return res; } return HCF_SUCCESS; } -static HcfResult ConvertEcPriKeyByOpenssl(int32_t curveId, HcfBlob *priKeyBlob, HcfOpensslEccPriKey **returnPriKey) +static HcfResult ConvertEcPriKey(int32_t curveId, HcfBlob *priKeyBlob, HcfOpensslEccPriKey **returnPriKey) { const unsigned char *tmpData = (const unsigned char *)(priKeyBlob->data); EC_KEY *ecKey = Openssl_d2i_ECPrivateKey(NULL, &tmpData, priKeyBlob->len); @@ -400,22 +1318,9 @@ static HcfResult ConvertEcPriKeyByOpenssl(int32_t curveId, HcfBlob *priKeyBlob, HcfPrintOpensslError(); return HCF_ERR_CRYPTO_OPERATION; } - const BIGNUM *priKey = Openssl_EC_KEY_get0_private_key(ecKey); - if (priKey == NULL) { - LOGE("ec key is invalid."); - HcfPrintOpensslError(); - Openssl_EC_KEY_free(ecKey); - return HCF_ERR_CRYPTO_OPERATION; - } - BIGNUM *newPriKey = Openssl_BN_dup(priKey); - Openssl_EC_KEY_free(ecKey); - if (newPriKey == NULL) { - LOGE("copy priKey fail."); - return HCF_ERR_CRYPTO_OPERATION; - } - int32_t res = CreateEccPriKey(curveId, newPriKey, returnPriKey); + HcfResult res = CreateEccPriKey(curveId, ecKey, g_eccGenerateFieldType, returnPriKey); if (res != HCF_SUCCESS) { - Openssl_BN_clear_free(newPriKey); + Openssl_EC_KEY_free(ecKey); return res; } return HCF_SUCCESS; @@ -424,7 +1329,6 @@ static HcfResult ConvertEcPriKeyByOpenssl(int32_t curveId, HcfBlob *priKeyBlob, static HcfResult EngineConvertEccKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec *params, HcfBlob *pubKeyBlob, HcfBlob *priKeyBlob, HcfKeyPair **returnKeyPair) { - LOGI("start ..."); (void)params; if ((self == NULL) || (returnKeyPair == NULL)) { LOGE("Invalid input parameter."); @@ -441,19 +1345,19 @@ static HcfResult EngineConvertEccKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec } HcfAsyKeyGeneratorSpiOpensslEccImpl *impl = (HcfAsyKeyGeneratorSpiOpensslEccImpl *)self; - int32_t res = HCF_SUCCESS; + HcfResult res = HCF_SUCCESS; HcfOpensslEccPubKey *pubKey = NULL; HcfOpensslEccPriKey *priKey = NULL; HcfOpensslEccKeyPair *keyPair = NULL; do { if (pubKeyValid) { - res = ConvertEcPubKeyByOpenssl(impl->curveId, pubKeyBlob, &pubKey); + res = ConvertEcPubKey(impl->curveId, pubKeyBlob, &pubKey); if (res != HCF_SUCCESS) { break; } } if (priKeyValid) { - res = ConvertEcPriKeyByOpenssl(impl->curveId, priKeyBlob, &priKey); + res = ConvertEcPriKey(impl->curveId, priKeyBlob, &priKey); if (res != HCF_SUCCESS) { break; } @@ -467,42 +1371,61 @@ static HcfResult EngineConvertEccKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec } *returnKeyPair = (HcfKeyPair *)keyPair; - LOGI("end ..."); return HCF_SUCCESS; } -static HcfResult EngineGenerateKeyPair(HcfAsyKeyGeneratorSpi *self, HcfKeyPair **returnObj) +static HcfResult CreateAndAssignPubKey(const HcfAsyKeyGeneratorSpiOpensslEccImpl *impl, const char *fieldType, + EC_KEY *ecKey, HcfPubKey **returnObj) { - LOGI("start ..."); - if ((self == NULL) || (returnObj == NULL)) { - LOGE("Invalid input parameter."); - return HCF_INVALID_PARAMS; - } - if (!IsClassMatch((HcfObjectBase *)self, GetEccKeyPairGeneratorClass())) { - return HCF_INVALID_PARAMS; + HcfOpensslEccPubKey *pubKey = NULL; + HcfResult res = CreateEccPubKey(impl->curveId, ecKey, fieldType, &pubKey); + if (res != HCF_SUCCESS) { + return res; } + *returnObj = (HcfPubKey *)pubKey; + return HCF_SUCCESS; +} - HcfAsyKeyGeneratorSpiOpensslEccImpl *impl = (HcfAsyKeyGeneratorSpiOpensslEccImpl *)self; - EC_POINT *ecPubKey = NULL; - BIGNUM *ecPriKey = NULL; - int32_t res = NewEcKeyPairByOpenssl(impl->curveId, &ecPubKey, &ecPriKey); +static HcfResult CreateAndAssignPriKey(const HcfAsyKeyGeneratorSpiOpensslEccImpl *impl, const char *fieldType, + EC_KEY *ecKey, HcfPriKey **returnObj) +{ + HcfOpensslEccPriKey *priKey = NULL; + HcfResult res = CreateEccPriKey(impl->curveId, ecKey, fieldType, &priKey); if (res != HCF_SUCCESS) { return res; } - HcfOpensslEccPubKey *pubKey = NULL; - res = CreateEccPubKey(impl->curveId, ecPubKey, &pubKey); + *returnObj = (HcfPriKey *)priKey; + return HCF_SUCCESS; +} + +static HcfResult CreateAndAssignKeyPair(const HcfAsyKeyGeneratorSpiOpensslEccImpl *impl, const char *fieldType, + EC_KEY *ecKey, HcfKeyPair **returnObj) +{ + EC_KEY *ecPriKey = EC_KEY_dup(ecKey); + if (ecPriKey == NULL) { + LOGE("copy ecKey fail."); + return HCF_ERR_CRYPTO_OPERATION; + } + HcfOpensslEccPriKey *priKey = NULL; + HcfResult res = CreateEccPriKey(impl->curveId, ecPriKey, fieldType, &priKey); if (res != HCF_SUCCESS) { - Openssl_EC_POINT_free(ecPubKey); - Openssl_BN_clear_free(ecPriKey); + Openssl_EC_KEY_free(ecPriKey); return res; } - HcfOpensslEccPriKey *priKey = NULL; - res = CreateEccPriKey(impl->curveId, ecPriKey, &priKey); + HcfOpensslEccPubKey *pubKey = NULL; + EC_KEY *ecPubKey = EC_KEY_dup(ecKey); + if (ecPubKey == NULL) { + LOGE("copy ecKey fail."); + HcfObjDestroy(priKey); + return HCF_ERR_CRYPTO_OPERATION; + } + res = CreateEccPubKey(impl->curveId, ecPubKey, fieldType, &pubKey); if (res != HCF_SUCCESS) { - HcfObjDestroy(pubKey); - Openssl_BN_clear_free(ecPriKey); + HcfObjDestroy(priKey); + Openssl_EC_KEY_free(ecPubKey); return res; } + HcfOpensslEccKeyPair *returnKeyPair = (HcfOpensslEccKeyPair *)HcfMalloc(sizeof(HcfOpensslEccKeyPair), 0); if (returnKeyPair == NULL) { LOGE("Failed to allocate returnKeyPair memory!"); @@ -516,7 +1439,183 @@ static HcfResult EngineGenerateKeyPair(HcfAsyKeyGeneratorSpi *self, HcfKeyPair * returnKeyPair->base.priKey = (HcfPriKey *)priKey; *returnObj = (HcfKeyPair *)returnKeyPair; - LOGI("end ..."); + return HCF_SUCCESS; +} + +static HcfResult EngineGenerateKeyPair(HcfAsyKeyGeneratorSpi *self, HcfKeyPair **returnObj) +{ + if ((self == NULL) || (returnObj == NULL)) { + LOGE("Invalid input parameter."); + return HCF_INVALID_PARAMS; + } + if (!IsClassMatch((HcfObjectBase *)self, GetEccKeyPairGeneratorClass())) { + return HCF_INVALID_PARAMS; + } + + HcfAsyKeyGeneratorSpiOpensslEccImpl *impl = (HcfAsyKeyGeneratorSpiOpensslEccImpl *)self; + EC_KEY *ecKey = NULL; + HcfResult res = NewEcKeyPair(impl->curveId, &ecKey); + if (res != HCF_SUCCESS) { + return res; + } + res = CreateAndAssignKeyPair(impl, g_eccGenerateFieldType, ecKey, returnObj); + Openssl_EC_KEY_free(ecKey); + if (res != HCF_SUCCESS) { + LOGE("CreateAndAssignKeyPair failed."); + return res; + } + return HCF_SUCCESS; +} + +static HcfResult GenKeyPairEcKeyBySpec(const HcfAsyKeyParamsSpec *params, EC_KEY **ecKey) +{ + HcfResult res = HCF_INVALID_PARAMS; + switch (params->specType) { + case HCF_COMMON_PARAMS_SPEC: + res = NewEcKeyPairWithCommSpec((HcfEccCommParamsSpec *)params, ecKey); + break; + case HCF_KEY_PAIR_SPEC: + res = NewEcKeyWithKeyPairSpec((HcfEccKeyPairParamsSpec *)params, ecKey, true); + break; + default: + LOGE("Invaild input spec to gen key pair."); + break; + } + return res; +} + +static HcfResult GenPubKeyEcKeyBySpec(const HcfAsyKeyParamsSpec *params, EC_KEY **ecKey) +{ + HcfResult res = HCF_INVALID_PARAMS; + switch (params->specType) { + case HCF_PUBLIC_KEY_SPEC: + res = NewEcPubKeyWithPubSpec((HcfEccPubKeyParamsSpec *)params, ecKey); + break; + case HCF_KEY_PAIR_SPEC: + res = NewEcKeyWithKeyPairSpec((HcfEccKeyPairParamsSpec *)params, ecKey, false); + break; + default: + LOGE("Invaild input spec to gen pub key"); + break; + } + return res; +} + +static HcfResult GenPriKeyEcKeyBySpec(const HcfAsyKeyParamsSpec *params, EC_KEY **ecKey) +{ + HcfResult res = HCF_INVALID_PARAMS; + switch (params->specType) { + case HCF_PRIVATE_KEY_SPEC: + res = NewEcPriKeyWithPriSpec((HcfEccPriKeyParamsSpec *)params, ecKey); + break; + case HCF_KEY_PAIR_SPEC: + res = NewEcKeyWithKeyPairSpec((HcfEccKeyPairParamsSpec *)params, ecKey, true); + break; + default: + LOGE("Invaild input spec to gen pri key"); + break; + } + return res; +} + +static HcfResult EngineGenerateKeyPairBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *params, + HcfKeyPair **returnKeyPair) +{ + if ((self == NULL) || (returnKeyPair == NULL)) { + LOGE("Invalid input parameter."); + return HCF_INVALID_PARAMS; + } + if (!IsClassMatch((HcfObjectBase *)self, GetEccKeyPairGeneratorClass())) { + return HCF_INVALID_PARAMS; + } + + HcfAsyKeyGeneratorSpiOpensslEccImpl *impl = (HcfAsyKeyGeneratorSpiOpensslEccImpl *)self; + EC_KEY *ecKey = NULL; + HcfResult res = GenKeyPairEcKeyBySpec(params, &ecKey); + if (res != HCF_SUCCESS) { + LOGE("Gen ec key pair with spec failed."); + return res; + } + + // curveId == 0 means no curve to match. + int32_t curveId = Openssl_EC_GROUP_get_curve_name(Openssl_EC_KEY_get0_group(ecKey)); + if (curveId != 0) { + impl->curveId = curveId; + } + // deep copy of ecKey, free ecKey whether it succeed or failed. + res = CreateAndAssignKeyPair(impl, ((HcfEccCommParamsSpec *)params)->field->fieldType, ecKey, returnKeyPair); + Openssl_EC_KEY_free(ecKey); + if (res != HCF_SUCCESS) { + LOGE("CreateAndAssignKeyPair failed."); + return res; + } + + return HCF_SUCCESS; +} + +static HcfResult EngineGeneratePubKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *params, + HcfPubKey **returnPubKey) +{ + if ((self == NULL) || (returnPubKey == NULL)) { + LOGE("Invalid input parameter."); + return HCF_INVALID_PARAMS; + } + if (!IsClassMatch((HcfObjectBase *)self, GetEccKeyPairGeneratorClass())) { + return HCF_INVALID_PARAMS; + } + + HcfAsyKeyGeneratorSpiOpensslEccImpl *impl = (HcfAsyKeyGeneratorSpiOpensslEccImpl *)self; + EC_KEY *ecKey = NULL; + HcfResult res = GenPubKeyEcKeyBySpec(params, &ecKey); + if (res != HCF_SUCCESS) { + LOGE("Gen ec pubKey with spec failed."); + return res; + } + int32_t curveId = Openssl_EC_GROUP_get_curve_name(Openssl_EC_KEY_get0_group(ecKey)); + if (curveId != 0) { + impl->curveId = curveId; + } + res = CreateAndAssignPubKey(impl, ((HcfEccCommParamsSpec *)params)->field->fieldType, ecKey, returnPubKey); + if (res != HCF_SUCCESS) { + LOGE("CreateAndAssignPubKey failed."); + Openssl_EC_KEY_free(ecKey); + return res; + } + + return HCF_SUCCESS; +} + +static HcfResult EngineGeneratePriKeyBySpec(const HcfAsyKeyGeneratorSpi *self, const HcfAsyKeyParamsSpec *params, + HcfPriKey **returnPriKey) +{ + if ((self == NULL) || (returnPriKey == NULL)) { + LOGE("Invalid input parameter."); + return HCF_INVALID_PARAMS; + } + if (!IsClassMatch((HcfObjectBase *)self, GetEccKeyPairGeneratorClass())) { + return HCF_INVALID_PARAMS; + } + + HcfAsyKeyGeneratorSpiOpensslEccImpl *impl = (HcfAsyKeyGeneratorSpiOpensslEccImpl *)self; + EC_KEY *ecKey = NULL; + HcfResult res = GenPriKeyEcKeyBySpec(params, &ecKey); + if (res != HCF_SUCCESS) { + LOGE("Gen ec pubKey with spec failed."); + return res; + } + + int32_t curveId = Openssl_EC_GROUP_get_curve_name(Openssl_EC_KEY_get0_group(ecKey)); + if (curveId != 0) { + impl->curveId = curveId; + } + + res = CreateAndAssignPriKey(impl, ((HcfEccCommParamsSpec *)params)->field->fieldType, ecKey, returnPriKey); + if (res != HCF_SUCCESS) { + LOGE("CreateAndAssignPriKey failed."); + Openssl_EC_KEY_free(ecKey); + return res; + } + return HCF_SUCCESS; } @@ -526,10 +1625,13 @@ HcfResult HcfAsyKeyGeneratorSpiEccCreate(HcfAsyKeyGenParams *params, HcfAsyKeyGe LOGE("Invalid input parameter."); return HCF_INVALID_PARAMS; } - int32_t curveId; - if (GetOpensslCurveId(params->bits, &curveId) != HCF_SUCCESS) { - return HCF_INVALID_PARAMS; + int32_t curveId = 0; + if (params->bits != 0) { + if (GetOpensslCurveId(params->bits, &curveId) != HCF_SUCCESS) { + return HCF_INVALID_PARAMS; + } } + HcfAsyKeyGeneratorSpiOpensslEccImpl *returnImpl = (HcfAsyKeyGeneratorSpiOpensslEccImpl *)HcfMalloc( sizeof(HcfAsyKeyGeneratorSpiOpensslEccImpl), 0); if (returnImpl == NULL) { @@ -540,6 +1642,9 @@ HcfResult HcfAsyKeyGeneratorSpiEccCreate(HcfAsyKeyGenParams *params, HcfAsyKeyGe returnImpl->base.base.destroy = DestroyEccKeyPairGenerator; returnImpl->base.engineConvertKey = EngineConvertEccKey; returnImpl->base.engineGenerateKeyPair = EngineGenerateKeyPair; + returnImpl->base.engineGenerateKeyPairBySpec = EngineGenerateKeyPairBySpec; + returnImpl->base.engineGeneratePubKeyBySpec = EngineGeneratePubKeyBySpec; + returnImpl->base.engineGeneratePriKeyBySpec = EngineGeneratePriKeyBySpec; returnImpl->curveId = curveId; *returnObj = (HcfAsyKeyGeneratorSpi *)returnImpl; -- Gitee