1 /*
2  * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *    http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #include "hks_config.h"
20 #endif
21 
22 #include "hks_base_check.h"
23 
24 #include "hks_cmd_id.h"
25 #include "hks_common_check.h"
26 #include "hks_log.h"
27 #include "hks_template.h"
28 
29 #ifdef _CUT_AUTHENTICATE_
30 #undef HKS_SUPPORT_RSA_C
31 #undef HKS_SUPPORT_ECC_C
32 #undef HKS_SUPPORT_ECDH_C
33 #undef HKS_SUPPORT_X25519_C
34 #undef HKS_SUPPORT_ED25519_C
35 #endif
36 
37 #define HKS_BLOCK_CIPHER_CBC_IV_LEN 16
38 #define HKS_AES_CCM_AAD_LEN_MIN     4
39 #define HKS_AES_CCM_NONCE_LEN_MIN   7
40 #define HKS_AES_CCM_NONCE_LEN_MAX   13
41 #define HKS_AES_GCM_NONCE_LEN_MIN   12
42 
43 #define HKS_RSA_OAEP_DIGEST_NUM     2
44 #define HKS_BLOCK_CIPHER_CBC_BLOCK_SIZE 16
45 
46 #define HKS_ECC_SIGN_MAX_TL_SIZE    8
47 
48 #ifdef HKS_SUPPORT_RSA_C
49 static const uint32_t g_rsaKeySize[] = {
50     HKS_RSA_KEY_SIZE_512,
51     HKS_RSA_KEY_SIZE_768,
52     HKS_RSA_KEY_SIZE_1024,
53     HKS_RSA_KEY_SIZE_2048,
54     HKS_RSA_KEY_SIZE_3072,
55     HKS_RSA_KEY_SIZE_4096
56 };
57 static const uint32_t g_rsaPadding[] = {
58     HKS_PADDING_NONE,
59     HKS_PADDING_OAEP,
60     HKS_PADDING_PSS,
61     HKS_PADDING_PKCS1_V1_5
62 };
63 static const uint32_t g_rsaDigest[] = {
64     HKS_DIGEST_MD5,
65     HKS_DIGEST_NONE,
66     HKS_DIGEST_SHA1,
67     HKS_DIGEST_SHA224,
68     HKS_DIGEST_SHA256,
69     HKS_DIGEST_SHA384,
70     HKS_DIGEST_SHA512
71 };
72 static const uint32_t g_rsaSignPadding[] = {
73     HKS_PADDING_PSS,
74     HKS_PADDING_PKCS1_V1_5
75 };
76 static const uint32_t g_rsaCipherPadding[] = {
77     HKS_PADDING_NONE,
78     HKS_PADDING_OAEP,
79     HKS_PADDING_PKCS1_V1_5
80 };
81 #endif
82 
83 #ifdef HKS_SUPPORT_AES_C
84 static const uint32_t g_aesKeySize[] = {
85     HKS_AES_KEY_SIZE_128,
86     HKS_AES_KEY_SIZE_192,
87     HKS_AES_KEY_SIZE_256
88 };
89 static const uint32_t g_aesMacKeySize[] = {
90     HKS_AES_KEY_SIZE_256,
91 };
92 static const uint32_t g_aesPadding[] = {
93     HKS_PADDING_NONE,
94     HKS_PADDING_PKCS7
95 };
96 static const uint32_t g_aesMode[] = {
97     HKS_MODE_CBC,
98     HKS_MODE_CCM,
99     HKS_MODE_CTR,
100     HKS_MODE_ECB,
101     HKS_MODE_GCM
102 };
103 static const uint32_t g_aesCbcPadding[] = {
104     HKS_PADDING_NONE,
105     HKS_PADDING_PKCS7
106 };
107 static const uint32_t g_aesAeadPadding[] = {
108     HKS_PADDING_NONE
109 };
110 static const uint32_t g_aesCtrPadding[] = {
111     HKS_PADDING_NONE
112 };
113 static const uint32_t g_aesEcbPadding[] = {
114     HKS_PADDING_NONE,
115     HKS_PADDING_PKCS7
116 };
117 #endif
118 
119 #ifdef HKS_SUPPORT_SM4_C
120 static const uint32_t g_sm4KeySize[] = {
121     HKS_SM4_KEY_SIZE_128,
122 };
123 static const uint32_t g_sm4Padding[] = {
124     HKS_PADDING_NONE,
125     HKS_PADDING_PKCS7
126 };
127 static const uint32_t g_sm4Purpose[] = {
128     HKS_KEY_PURPOSE_ENCRYPT,
129     HKS_KEY_PURPOSE_DECRYPT,
130     HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT,
131 };
132 static const uint32_t g_sm4Mode[] = {
133     HKS_MODE_CBC,
134     HKS_MODE_CTR,
135     HKS_MODE_ECB,
136     HKS_MODE_CFB,
137     HKS_MODE_OFB,
138 };
139 static const uint32_t g_sm4CbcPadding[] = {
140     HKS_PADDING_NONE,
141     HKS_PADDING_PKCS7
142 };
143 static const uint32_t g_sm4CtrPadding[] = {
144     HKS_PADDING_NONE
145 };
146 static const uint32_t g_sm4EcbPadding[] = {
147     HKS_PADDING_NONE,
148     HKS_PADDING_PKCS7
149 };
150 static const uint32_t g_sm4CfbPadding[] = {
151     HKS_PADDING_NONE
152 };
153 static const uint32_t g_sm4OfbPadding[] = {
154     HKS_PADDING_NONE
155 };
156 #endif
157 
158 #ifdef HKS_SUPPORT_ECC_C
159 static const uint32_t g_eccKeySize[] = {
160     HKS_ECC_KEY_SIZE_224,
161     HKS_ECC_KEY_SIZE_256,
162     HKS_ECC_KEY_SIZE_384,
163     HKS_ECC_KEY_SIZE_521
164 };
165 
166 static const uint32_t g_eccDigest[] = {
167     HKS_DIGEST_NONE,
168     HKS_DIGEST_SHA1,
169     HKS_DIGEST_SHA224,
170     HKS_DIGEST_SHA256,
171     HKS_DIGEST_SHA384,
172     HKS_DIGEST_SHA512
173 };
174 #endif
175 
176 #ifdef HKS_SUPPORT_SM2_C
177 static const uint32_t g_sm2KeySize[] = {
178     HKS_SM2_KEY_SIZE_256
179 };
180 
181 static const uint32_t g_sm2Digest[] = {
182     HKS_DIGEST_SM3,
183     HKS_DIGEST_NONE
184 };
185 
186 static const uint32_t g_sm2CipherPadding[] = {
187     HKS_PADDING_NONE,
188 };
189 #endif
190 
191 #ifdef HKS_SUPPORT_SM3_C
192 static const uint32_t g_sm3Digest[] = {
193     HKS_DIGEST_SM3
194 };
195 #endif
196 
197 static const uint32_t g_digest[] = {
198     HKS_DIGEST_SHA256,
199     HKS_DIGEST_SHA384,
200     HKS_DIGEST_SHA512
201 };
202 
203 static const uint32_t g_macDigest[] = {
204     HKS_DIGEST_SHA256
205 };
206 
207 #ifdef HKS_SUPPORT_ECDH_C
208 static const uint32_t g_ecdhKeySize[] = {
209     HKS_ECC_KEY_SIZE_224,
210     HKS_ECC_KEY_SIZE_256,
211     HKS_ECC_KEY_SIZE_384,
212     HKS_ECC_KEY_SIZE_521
213 };
214 #endif
215 
216 #if defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_ED25519_C)
217 static const uint32_t g_curve25519KeySize[] = {
218     HKS_CURVE25519_KEY_SIZE_256,
219 };
220 #endif
221 #ifdef HKS_SUPPORT_HMAC_C
222 static const uint32_t g_hmacDigest[] = {
223     HKS_DIGEST_SHA1,
224     HKS_DIGEST_SHA224,
225     HKS_DIGEST_SHA256,
226     HKS_DIGEST_SHA384,
227     HKS_DIGEST_SHA512,
228     HKS_DIGEST_SM3
229 };
230 #endif
231 #ifdef HKS_SUPPORT_DSA_C
232 static const uint32_t g_dsaDigest[] = {
233     HKS_DIGEST_NONE,
234     HKS_DIGEST_SHA1,
235     HKS_DIGEST_SHA224,
236     HKS_DIGEST_SHA256,
237     HKS_DIGEST_SHA384,
238     HKS_DIGEST_SHA512
239 };
240 #endif
241 #ifdef HKS_SUPPORT_DH_C
242 static const uint32_t g_dhKeySize[] = {
243     HKS_DH_KEY_SIZE_2048,
244     HKS_DH_KEY_SIZE_3072,
245     HKS_DH_KEY_SIZE_4096
246 };
247 #endif
248 
249 #ifdef HKS_SUPPORT_RSA_C
250 static const struct ParamsValuesChecker g_rsaParamSet[] = {
251     { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { true, 0, false}, { true, 0, false}, { true, 0, false},
252         { false, 0, false} } },
253     { HKS_CHECK_TYPE_USE_KEY, { { true, 0, false}, { true, 0, false}, { true, 0, false}, { true, 0, false},
254         { false, 0, false} } }
255 };
256 static const struct ExpectParamsValuesChecker g_expectRsaParams[] = {
257     { HKS_CHECK_TYPE_GEN_KEY, {
258         { true, g_rsaKeySize, HKS_ARRAY_SIZE(g_rsaKeySize) },
259         { true, g_rsaPadding, HKS_ARRAY_SIZE(g_rsaPadding) },
260         { false, NULL, 0 },
261         { true, g_rsaDigest, HKS_ARRAY_SIZE(g_rsaDigest) },
262         { false, NULL, 0 }
263         }
264     },
265     { HKS_CHECK_TYPE_USE_KEY, {
266         { true, g_rsaKeySize, HKS_ARRAY_SIZE(g_rsaKeySize) },
267         { true, g_rsaPadding, HKS_ARRAY_SIZE(g_rsaPadding) },
268         { false, NULL, 0 },
269         { true, g_rsaDigest, HKS_ARRAY_SIZE(g_rsaDigest) },
270         { false, NULL, 0 }
271         }
272     }
273 };
274 #endif
275 
276 #ifdef HKS_SUPPORT_AES_C
277 static const struct ParamsValuesChecker g_aesParamSet[] = {
278     { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { true, 0, false}, { true, 0, false}, { false, 0, false},
279         { true, 0, false} } },
280 	{ HKS_CHECK_TYPE_USE_KEY, { { false, 0, false}, { true, 0, false}, { true, 0, false}, { false, 0, false},
281         { true, 0, false} } },
282     { HKS_CHECK_TYPE_GEN_MAC_KEY, { { true, 0, false}, { false, 0, false}, { false, 0, false}, { true, 0, false},
283         { false, 0, false} } },
284     { HKS_CHECK_TYPE_GEN_DERIVE_KEY, { { true, 0, false}, { false, 0, false}, { false, 0, false}, { true, 0, false},
285         { false, 0, false} } }
286 };
287 
288 static const struct ExpectParamsValuesChecker g_expectAesParams[] = {
289     { HKS_CHECK_TYPE_GEN_KEY, {
290         { true, g_aesKeySize, HKS_ARRAY_SIZE(g_aesKeySize) },
291         { true, g_aesPadding, HKS_ARRAY_SIZE(g_aesPadding) },
292         { false, NULL, 0 },
293         { false, NULL, 0 },
294         { true, g_aesMode, HKS_ARRAY_SIZE(g_aesMode) }
295         }
296     },
297     { HKS_CHECK_TYPE_USE_KEY, {
298         { false, NULL, 0 },
299         { true, g_aesPadding, HKS_ARRAY_SIZE(g_aesPadding) },
300         { false, NULL, 0 },
301         { false, NULL, 0 },
302         { true, g_aesMode, HKS_ARRAY_SIZE(g_aesMode) }
303         }
304     },
305     { HKS_CHECK_TYPE_GEN_MAC_KEY, {
306         { true, g_aesMacKeySize, HKS_ARRAY_SIZE(g_aesMacKeySize) },
307         { false, NULL, 0 },
308         { false, NULL, 0 },
309         { true, g_macDigest, HKS_ARRAY_SIZE(g_macDigest) },
310         { false, NULL, 0 }
311         }
312     },
313     { HKS_CHECK_TYPE_GEN_DERIVE_KEY, {
314         { true, g_aesKeySize, HKS_ARRAY_SIZE(g_aesKeySize) },
315         { false, NULL, 0 },
316         { false, NULL, 0 },
317         { true, g_digest, HKS_ARRAY_SIZE(g_digest) },
318         { false, NULL, 0 }
319         }
320     }
321 };
322 #endif
323 
324 #ifdef HKS_SUPPORT_ECC_C
325 static const struct ParamsValuesChecker g_eccParamSet[] = {
326     { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
327         { false, 0, false} } },
328     { HKS_CHECK_TYPE_USE_KEY, { { false, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
329         { false, 0, false} } }
330 };
331 static const struct ExpectParamsValuesChecker g_expectEccParams[] = {
332     { HKS_CHECK_TYPE_GEN_KEY, {
333         { true, g_eccKeySize, HKS_ARRAY_SIZE(g_eccKeySize) },
334         { false, NULL, 0 },
335         { false, NULL, 0 },
336         { true, g_eccDigest, HKS_ARRAY_SIZE(g_eccDigest) },
337         { false, NULL, 0 }
338         }
339     },
340     { HKS_CHECK_TYPE_USE_KEY, {
341         { false, NULL, 0 },
342         { false, NULL, 0 },
343         { false, NULL, 0 },
344         { true, g_eccDigest, HKS_ARRAY_SIZE(g_eccDigest) },
345         { false, NULL, 0 }
346         }
347     }
348 };
349 #endif
350 
351 #ifdef HKS_SUPPORT_SM2_C
352 static const struct ParamsValuesChecker g_sm2ParamSet[] = {
353     { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
354         { false, 0, false} } },
355     { HKS_CHECK_TYPE_USE_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
356         { false, 0, false} } }
357 };
358 static const struct ExpectParamsValuesChecker g_expectSm2Params[] = {
359     { HKS_CHECK_TYPE_GEN_KEY, {
360         { true, g_sm2KeySize, HKS_ARRAY_SIZE(g_sm2KeySize) },
361         { false, NULL, 0 },
362         { false, NULL, 0 },
363         { true, g_sm2Digest, HKS_ARRAY_SIZE(g_sm2Digest) },
364         { false, NULL, 0 }
365         }
366     },
367     { HKS_CHECK_TYPE_USE_KEY, {
368         { true, g_sm2KeySize, HKS_ARRAY_SIZE(g_sm2KeySize) },
369         { false, NULL, 0 },
370         { false, NULL, 0 },
371         { true, g_sm2Digest, HKS_ARRAY_SIZE(g_sm2Digest) },
372         { false, NULL, 0 }
373         }
374     }
375 };
376 #endif
377 
378 #ifdef HKS_SUPPORT_SM3_C
379 static const struct ParamsValuesChecker g_sm3ParamSet[] = {
380     { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
381         { false, 0, false} } },
382     { HKS_CHECK_TYPE_GEN_MAC_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
383         { false, 0, false} } }
384 };
385 static const struct ExpectParamsValuesChecker g_expectSm3Params[] = {
386     { HKS_CHECK_TYPE_GEN_KEY, {
387         { false, NULL, 0 },
388         { false, NULL, 0 },
389         { false, NULL, 0 },
390         { true, g_sm3Digest, sizeof(g_sm3Digest) / sizeof(g_sm3Digest[0]) },
391         { false, NULL, 0 }
392         }
393     },
394     { HKS_CHECK_TYPE_GEN_MAC_KEY, {
395         { false, NULL, 0 },
396         { false, NULL, 0 },
397         { false, NULL, 0 },
398         { true, g_sm3Digest, sizeof(g_sm3Digest) / sizeof(g_sm3Digest[0]) },
399         { false, NULL, 0 }
400         }
401     }
402 };
403 #endif
404 
405 #ifdef HKS_SUPPORT_SM4_C
406 static const struct ParamsValuesChecker g_sm4ParamSet[] = {
407     { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { true, 0, false}, { true, 0, false}, { false, 0, false},
408         { true, 0, false} } },
409     { HKS_CHECK_TYPE_USE_KEY, { { true, 0, false}, { true, 0, false}, { true, 0, false}, { false, 0, false},
410         { true, 0, false} } },
411     { HKS_CHECK_TYPE_GEN_DERIVE_KEY, { { true, 0, false}, { false, 0, false}, { false, 0, false}, { true, 0, false},
412         { false, 0, false} } }
413 };
414 static const struct ExpectParamsValuesChecker g_expectSm4Params[] = {
415     { HKS_CHECK_TYPE_GEN_KEY, {
416         { true, g_sm4KeySize, HKS_ARRAY_SIZE(g_sm4KeySize) },
417         { true, g_sm4Padding, HKS_ARRAY_SIZE(g_sm4Padding) },
418         { true, g_sm4Purpose, HKS_ARRAY_SIZE(g_sm4Purpose) },
419         { false, NULL, 0 },
420         { true, g_sm4Mode, HKS_ARRAY_SIZE(g_sm4Mode) }
421         }
422     },
423     { HKS_CHECK_TYPE_USE_KEY, {
424         { true, g_sm4KeySize, HKS_ARRAY_SIZE(g_sm4KeySize) },
425         { true, g_sm4Padding, HKS_ARRAY_SIZE(g_sm4Padding) },
426         { true, g_sm4Purpose, HKS_ARRAY_SIZE(g_sm4Purpose) },
427         { false, NULL, 0 },
428         { true, g_sm4Mode, HKS_ARRAY_SIZE(g_sm4Mode) }
429         }
430     },
431     { HKS_CHECK_TYPE_GEN_DERIVE_KEY, {
432         { true, g_sm4KeySize, HKS_ARRAY_SIZE(g_sm4KeySize) },
433         { false, NULL, 0 },
434         { false, NULL, 0 },
435         { true, g_sm3Digest, HKS_ARRAY_SIZE(g_sm3Digest) },
436         { false, NULL, 0 }
437         }
438     }
439 };
440 #endif
441 
442 #if defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_ED25519_C)
443 static const struct ParamsValuesChecker g_curve25519ParamSet[] = {
444     { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { false, 0, false},
445         { false, 0, false} } },
446     { HKS_CHECK_TYPE_USE_KEY, { { false, 0, false}, { false, 0, false}, { true, 0, false}, { false, 0, false},
447         { false, 0, false} } }
448 };
449 static const struct ExpectParamsValuesChecker g_expectCurve25519Params[] = {
450     { HKS_CHECK_TYPE_GEN_KEY, {
451         { true, g_curve25519KeySize, sizeof(g_curve25519KeySize) / sizeof(g_curve25519KeySize[0]) },
452         { false, NULL, 0 },
453         { false, NULL, 0 },
454         { false, NULL, 0 },
455         { false, NULL, 0 }
456         }
457     },
458     { HKS_CHECK_TYPE_USE_KEY, {
459         { false, NULL, 0 },
460         { false, NULL, 0 },
461         { false, NULL, 0 },
462         { false, NULL, 0 },
463         { false, NULL, 0 }
464         }
465     }
466 };
467 #endif
468 
469 #ifdef HKS_SUPPORT_HMAC_C
470 static const struct ParamsValuesChecker g_hmacParamSet[] = {
471     { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
472         { false, 0, false} } },
473     { HKS_CHECK_TYPE_USE_KEY, { { false, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
474         { false, 0, false} } },
475     { HKS_CHECK_TYPE_GEN_MAC_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
476         { false, 0, false} } }
477 };
478 static const struct ExpectParamsValuesChecker g_expectHmacParams[] = {
479     { HKS_CHECK_TYPE_GEN_KEY, {
480         { false, NULL, 0 },
481         { false, NULL, 0 },
482         { false, NULL, 0 },
483         { true, g_hmacDigest, sizeof(g_hmacDigest) / sizeof(g_hmacDigest[0]) },
484         { false, NULL, 0 }
485         }
486     },
487     { HKS_CHECK_TYPE_USE_KEY, {
488         { false, NULL, 0 },
489         { false, NULL, 0 },
490         { false, NULL, 0 },
491         { true, g_hmacDigest, sizeof(g_hmacDigest) / sizeof(g_hmacDigest[0]) },
492         { false, NULL, 0 }
493         }
494     },
495     { HKS_CHECK_TYPE_GEN_MAC_KEY, {
496         { false, NULL, 0 },
497         { false, NULL, 0 },
498         { false, NULL, 0 },
499         { true, g_hmacDigest, sizeof(g_hmacDigest) / sizeof(g_hmacDigest[0]) },
500         { false, NULL, 0 }
501         }
502     }
503 };
504 #endif
505 
506 #ifdef HKS_SUPPORT_DSA_C
507 static const struct ParamsValuesChecker g_dsaParamSet[] = {
508     { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
509         { false, 0, false} } },
510     { HKS_CHECK_TYPE_USE_KEY, { { false, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
511         { false, 0, false} } }
512 };
513 static const struct ExpectParamsValuesChecker g_expectDsaParams[] = {
514     { HKS_CHECK_TYPE_GEN_KEY, {
515         { false, NULL, 0 },
516         { false, NULL, 0 },
517         { false, NULL, 0 },
518         { true, g_dsaDigest, sizeof(g_dsaDigest) / sizeof(g_dsaDigest[0]) },
519         { false, NULL, 0 }
520         }
521     },
522     { HKS_CHECK_TYPE_USE_KEY, {
523         { false, NULL, 0 },
524         { false, NULL, 0 },
525         { false, NULL, 0 },
526         { true, g_dsaDigest, sizeof(g_dsaDigest) / sizeof(g_dsaDigest[0]) },
527         { false, NULL, 0 }
528         }
529     }
530 };
531 #endif
532 
533 #ifdef HKS_SUPPORT_DH_C
534 static const struct ParamsValuesChecker g_dhParamSet[] = {
535     { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { false, 0, false},
536         { false, 0, false} } },
537     { HKS_CHECK_TYPE_USE_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { false, 0, false},
538         { false, 0, false} } }
539 };
540 static const struct ExpectParamsValuesChecker g_expectDhParams[] = {
541     { HKS_CHECK_TYPE_GEN_KEY, {
542         { true, g_dhKeySize, sizeof(g_dhKeySize) / sizeof(g_dhKeySize[0]) },
543         { false, NULL, 0 },
544         { false, NULL, 0 },
545         { false, NULL, 0 },
546         { false, NULL, 0 }
547         }
548     },
549     { HKS_CHECK_TYPE_USE_KEY, {
550         { true, g_dhKeySize, sizeof(g_dhKeySize) / sizeof(g_dhKeySize[0]) },
551         { false, NULL, 0 },
552         { false, NULL, 0 },
553         { false, NULL, 0 },
554         { false, NULL, 0 }
555         }
556     }
557 };
558 #endif
559 
560 #ifdef HKS_SUPPORT_ECDH_C
561 static const struct ParamsValuesChecker g_ecdhParamSet[] = {
562     { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { false, 0, false},
563         { false, 0, false} } },
564     { HKS_CHECK_TYPE_USE_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { false, 0, false},
565         { false, 0, false} } }
566 };
567 static const struct ExpectParamsValuesChecker g_expectEcdhParams[] = {
568     { HKS_CHECK_TYPE_GEN_KEY, {
569         { true, g_ecdhKeySize, sizeof(g_ecdhKeySize) / sizeof(g_ecdhKeySize[0]) },
570         { false, NULL, 0 },
571         { false, NULL, 0 },
572         { false, NULL, 0 },
573         { false, NULL, 0 }
574         }
575     },
576     { HKS_CHECK_TYPE_USE_KEY, {
577         { true, g_ecdhKeySize, sizeof(g_ecdhKeySize) / sizeof(g_ecdhKeySize[0]) },
578         { false, NULL, 0 },
579         { false, NULL, 0 },
580         { false, NULL, 0 },
581         { false, NULL, 0 }
582         }
583     }
584 };
585 #endif
586 
587 #ifndef _CUT_AUTHENTICATE_
588 static const uint32_t g_invalidPurpose[][2] = {
589 #ifdef HKS_SUPPORT_RSA_C
590     {
591         HKS_ALG_RSA,
592         HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP |
593             HKS_KEY_PURPOSE_AGREE,
594     },
595 #endif
596 #ifdef HKS_SUPPORT_ECC_C
597     {
598         HKS_ALG_ECC,
599         HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_WRAP |
600             HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT,
601     },
602 #endif
603 #ifdef HKS_SUPPORT_SM2_C
604     {
605         HKS_ALG_SM2,
606         HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_WRAP,
607     },
608 #endif
609 #ifdef HKS_SUPPORT_SM3_C
610     {
611         HKS_ALG_SM3,
612         HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY | HKS_KEY_PURPOSE_WRAP |
613             HKS_KEY_PURPOSE_UNWRAP | HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT | HKS_KEY_PURPOSE_AGREE,
614     },
615 #endif
616 #ifdef HKS_SUPPORT_SM4_C
617     {
618         HKS_ALG_SM4,
619         HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY | HKS_KEY_PURPOSE_WRAP |
620             HKS_KEY_PURPOSE_UNWRAP | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_AGREE,
621     },
622 #endif
623 #ifdef HKS_SUPPORT_AES_C
624     {
625         HKS_ALG_AES,
626         HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY | HKS_KEY_PURPOSE_AGREE | HKS_KEY_PURPOSE_WRAP |
627             HKS_KEY_PURPOSE_UNWRAP,
628     },
629 #endif
630 #ifdef HKS_SUPPORT_ED25519_C
631     {
632         HKS_ALG_ED25519,
633         HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP |
634             HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT,
635     },
636 #endif
637 #ifdef HKS_SUPPORT_X25519_C
638     {
639         HKS_ALG_X25519,
640         HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT |
641             HKS_KEY_PURPOSE_WRAP,
642     },
643 #endif
644 #ifdef HKS_SUPPORT_HMAC_C
645     {
646         HKS_ALG_HMAC,
647         HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY | HKS_KEY_PURPOSE_WRAP |
648             HKS_KEY_PURPOSE_UNWRAP | HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT | HKS_KEY_PURPOSE_AGREE,
649     },
650 #endif
651 #ifdef HKS_SUPPORT_DSA_C
652     {
653         HKS_ALG_DSA,
654         HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP |
655             HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT | HKS_KEY_PURPOSE_AGREE,
656     },
657 #endif
658 #ifdef HKS_SUPPORT_DH_C
659     {
660         HKS_ALG_DH,
661         HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP |
662             HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT | HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY,
663     },
664 #endif
665 #ifdef HKS_SUPPORT_ECDH_C
666     {
667         HKS_ALG_ECDH,
668         HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP |
669             HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT | HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY,
670     },
671 #endif
672 };
673 
674 static const uint32_t g_invalidImportKeyPurpose[][2] = {
675 #ifdef HKS_SUPPORT_ECC_C
676     {
677         HKS_ALG_ECC,
678         HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP,
679     },
680 #endif
681 #ifdef HKS_SUPPORT_X25519_C
682     {
683         HKS_ALG_X25519,
684         HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP,
685     },
686 #endif
687 #ifdef HKS_SUPPORT_SM2_C
688     {
689         HKS_ALG_SM2,
690         HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP,
691     },
692 #endif
693 };
694 #endif
695 
696 #ifdef HKS_SUPPORT_USER_AUTH_ACCESS_CONTROL
697 static const uint32_t g_userAuthChallengeType[] = {
698     HKS_CHALLENGE_TYPE_NORMAL,
699     HKS_CHALLENGE_TYPE_CUSTOM,
700     HKS_CHALLENGE_TYPE_NONE,
701 };
702 
703 static const uint32_t g_validBiometricAuthAccessType[] = {
704     HKS_AUTH_ACCESS_INVALID_NEW_BIO_ENROLL,
705     HKS_AUTH_ACCESS_INVALID_CLEAR_PASSWORD,
706     HKS_AUTH_ACCESS_ALWAYS_VALID
707 };
708 
709 static const uint32_t g_validPinAuthAccessType[] = {
710     HKS_AUTH_ACCESS_INVALID_CLEAR_PASSWORD,
711     HKS_AUTH_ACCESS_ALWAYS_VALID
712 };
713 
714 static const struct AuthAccessTypeChecker g_expectAuthAccessParams[] = {
715     { HKS_USER_AUTH_TYPE_FACE,
716         { true, g_validBiometricAuthAccessType, HKS_ARRAY_SIZE(g_validBiometricAuthAccessType)}
717     },
718     { HKS_USER_AUTH_TYPE_FINGERPRINT,
719         { true, g_validBiometricAuthAccessType, HKS_ARRAY_SIZE(g_validBiometricAuthAccessType)}
720     },
721     { HKS_USER_AUTH_TYPE_PIN,
722         { true, g_validPinAuthAccessType, HKS_ARRAY_SIZE(g_validPinAuthAccessType)}
723     }
724 };
725 
726 static const uint32_t g_supportUserAuthTypes[] = {
727     HKS_USER_AUTH_TYPE_PIN,
728     HKS_USER_AUTH_TYPE_FINGERPRINT,
729     HKS_USER_AUTH_TYPE_FACE,
730     HKS_USER_AUTH_TYPE_PIN | HKS_USER_AUTH_TYPE_FINGERPRINT,
731     HKS_USER_AUTH_TYPE_PIN | HKS_USER_AUTH_TYPE_FACE,
732     HKS_USER_AUTH_TYPE_FACE | HKS_USER_AUTH_TYPE_FINGERPRINT,
733     HKS_USER_AUTH_TYPE_PIN | HKS_USER_AUTH_TYPE_FACE | HKS_USER_AUTH_TYPE_FINGERPRINT
734 };
735 
736 static const uint32_t g_supportSecureSignType[] = {
737     HKS_SECURE_SIGN_WITH_AUTHINFO
738 };
739 
740 #ifdef HKS_SUPPORT_AES_C
741 static const uint32_t g_supportAesPurpose[] = {
742     HKS_KEY_PURPOSE_ENCRYPT,
743     HKS_KEY_PURPOSE_DECRYPT,
744     HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT,
745     HKS_KEY_PURPOSE_DERIVE,
746     HKS_KEY_PURPOSE_MAC
747 };
748 
749 static const uint32_t g_supportAesCipherMode[] = {
750     HKS_MODE_CBC,
751     HKS_MODE_GCM,
752     HKS_MODE_CCM
753 };
754 
755 static const struct KeyInfoParams g_validAesKeyInfo[] = {
756     { true, HKS_TAG_PURPOSE, g_supportAesPurpose, HKS_ARRAY_SIZE(g_supportAesPurpose) },
757     { true, HKS_TAG_BLOCK_MODE, g_supportAesCipherMode, HKS_ARRAY_SIZE(g_supportAesCipherMode) }
758 };
759 #endif
760 
761 #ifdef HKS_SUPPORT_SM4_C
762 static const uint32_t g_supportSm4Purpose[] = {
763     HKS_KEY_PURPOSE_ENCRYPT,
764     HKS_KEY_PURPOSE_DECRYPT,
765     HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT
766 };
767 
768 static const uint32_t g_supportSm4CipherMode[] = {
769     HKS_MODE_CBC
770 };
771 
772 static const struct KeyInfoParams g_validSm4KeyInfo[] = {
773     { true, HKS_TAG_PURPOSE, g_supportSm4Purpose, HKS_ARRAY_SIZE(g_supportSm4Purpose) },
774     { true, HKS_TAG_BLOCK_MODE, g_supportSm4CipherMode, HKS_ARRAY_SIZE(g_supportSm4CipherMode) }
775 };
776 #endif
777 
778 static const struct AuthAcceessKeyInfoChecker g_validKeyInfo[] = {
779 #ifdef HKS_SUPPORT_AES_C
780     { HKS_ALG_AES, g_validAesKeyInfo, HKS_ARRAY_SIZE(g_validAesKeyInfo) },
781 #endif
782 #ifdef HKS_SUPPORT_SM4_C
783     { HKS_ALG_SM4, g_validSm4KeyInfo, HKS_ARRAY_SIZE(g_validSm4KeyInfo) }
784 #endif
785 };
786 #endif
787 
788 #ifndef _CUT_AUTHENTICATE_
789 #ifndef _STORAGE_LITE_
CheckAndGetKeySize(const struct HksBlob * key,const uint32_t * expectKeySize,uint32_t expectCnt,uint32_t * keySize)790 static int32_t CheckAndGetKeySize(const struct HksBlob *key, const uint32_t *expectKeySize,
791     uint32_t expectCnt, uint32_t *keySize)
792 {
793     if (key->size < sizeof(struct HksParamSet)) {
794         HKS_LOG_E("check key size: invalid keyfile size: %" LOG_PUBLIC "u", key->size);
795         return HKS_ERROR_INVALID_KEY_FILE;
796     }
797 
798     struct HksParamSet *keyParamSet = (struct HksParamSet *)key->data;
799     int32_t ret = HksCheckParamSetValidity(keyParamSet);
800     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_KEY_FILE, "check key size: paramset invalid failed")
801 
802     struct HksParam *keySizeParam = NULL;
803     ret = HksGetParam(keyParamSet, HKS_TAG_KEY_SIZE, &keySizeParam);
804     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_KEY_FILE,
805         "check key size: get param get tag:0x%" LOG_PUBLIC "x failed", HKS_TAG_KEY_SIZE)
806 
807     ret = HksCheckValue(keySizeParam->uint32Param, expectKeySize, expectCnt);
808     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_KEY_FILE,
809         "check key size: key size value %" LOG_PUBLIC "u not expected", keySizeParam->uint32Param)
810     *keySize = keySizeParam->uint32Param;
811     return ret;
812 }
813 #else
CheckAndGetKeySize(const struct HksBlob * key,const uint32_t * expectKeySize,uint32_t expectCnt,uint32_t * keySize)814 static int32_t CheckAndGetKeySize(const struct HksBlob *key, const uint32_t *expectKeySize,
815     uint32_t expectCnt, uint32_t *keySize)
816 {
817     if (key->size < sizeof(struct HksStoreKeyInfo)) {
818         HKS_LOG_E("check key size: invalid keyfile size: %" LOG_PUBLIC "u", key->size);
819         return HKS_ERROR_INVALID_KEY_FILE;
820     }
821 
822     struct HksStoreKeyInfo *keyInfo = (struct HksStoreKeyInfo *)key->data;
823     uint32_t keyLen = keyInfo->keyLen;
824     int32_t ret = HksCheckValue(keyLen, expectKeySize, expectCnt);
825     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_KEY_FILE,
826         "check key size: keySize value %" LOG_PUBLIC "u not expected", keyLen)
827     *keySize = keyLen;
828     return ret;
829 }
830 #endif
831 
CheckPurposeUnique(uint32_t inputPurpose)832 static int32_t CheckPurposeUnique(uint32_t inputPurpose)
833 {
834     /* key usage uniqueness */
835     uint32_t purposeCipher = inputPurpose & (HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT);
836     uint32_t purposeSign = inputPurpose & (HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY);
837     uint32_t purposeDerive = inputPurpose & HKS_KEY_PURPOSE_DERIVE;
838     uint32_t purposeWrap = inputPurpose & (HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP);
839     uint32_t purposeMac = inputPurpose & HKS_KEY_PURPOSE_MAC;
840     uint32_t purposeAgree = inputPurpose & HKS_KEY_PURPOSE_AGREE;
841 
842     uint32_t purposeCount = (purposeCipher != 0) ? 1 : 0;
843     purposeCount += (purposeSign != 0) ? 1 : 0;
844     purposeCount += (purposeDerive != 0) ? 1 : 0;
845     purposeCount += (purposeWrap != 0) ? 1 : 0;
846     purposeCount += (purposeMac != 0) ? 1 : 0;
847     purposeCount += (purposeAgree != 0) ? 1 : 0;
848 
849     return (purposeCount == 1) ? HKS_SUCCESS : HKS_ERROR_INVALID_PURPOSE;
850 }
851 
GetInvalidPurpose(uint32_t alg,uint32_t * inputPurpose,uint32_t keyFlag)852 static int32_t GetInvalidPurpose(uint32_t alg, uint32_t *inputPurpose, uint32_t keyFlag)
853 {
854     int32_t result = HKS_ERROR_INVALID_ALGORITHM;
855     if (sizeof(g_invalidPurpose) == 0) {
856         return result;
857     }
858     uint32_t count = sizeof(g_invalidPurpose) / sizeof(g_invalidPurpose[0]);
859     for (uint32_t i = 0; i < count; i++) {
860         if (alg == g_invalidPurpose[i][0]) {
861             result = HKS_SUCCESS;
862             *inputPurpose = g_invalidPurpose[i][1];
863             break;
864         }
865     }
866     if ((keyFlag != HKS_KEY_FLAG_IMPORT_KEY) || (sizeof(g_invalidImportKeyPurpose) == 0)) {
867         return result;
868     }
869     // add invalid purpose for import key additionally
870     count = sizeof(g_invalidImportKeyPurpose) / sizeof(g_invalidImportKeyPurpose[0]);
871     for (uint32_t i = 0; i < count; i++) {
872         if (alg == g_invalidImportKeyPurpose[i][0]) {
873             *inputPurpose |= g_invalidImportKeyPurpose[i][1];
874             break;
875         }
876     }
877     return result;
878 }
879 
CheckPurposeValid(uint32_t alg,uint32_t inputPurpose,uint32_t keyFlag)880 static int32_t CheckPurposeValid(uint32_t alg, uint32_t inputPurpose, uint32_t keyFlag)
881 {
882     uint32_t invalidPurpose = 0;
883 
884     int32_t result = GetInvalidPurpose(alg, &invalidPurpose, keyFlag);
885     HKS_IF_NOT_SUCC_RETURN(result, result)
886 
887     if ((inputPurpose & invalidPurpose) != 0) {
888         return HKS_ERROR_INVALID_PURPOSE;
889     }
890 
891     return HKS_SUCCESS;
892 }
893 #endif /* _CUT_AUTHENTICATE_ */
894 
895 // If tag is optional param, when tag is empty, it is supported.
GetOptionalParams(const struct HksParamSet * paramSet,uint32_t tag,bool needCheck,uint32_t * value,bool * isAbsent)896 static int32_t GetOptionalParams(const struct HksParamSet *paramSet, uint32_t tag, bool needCheck, uint32_t* value,
897     bool* isAbsent)
898 {
899     if (needCheck) {
900         struct HksParam *param;
901         int32_t ret = HksGetParam(paramSet, tag, &param);
902         if (ret == HKS_SUCCESS) {
903             *value = param->uint32Param;
904             return ret;
905         }
906         if (ret == HKS_ERROR_PARAM_NOT_EXIST) {
907             HKS_LOG_I("tag is empty, but it is supported!");
908             *isAbsent = true;
909             return HKS_SUCCESS;
910         }
911         return HKS_ERROR_INVALID_ARGUMENT;
912     }
913     return HKS_SUCCESS;
914 }
915 
GetInputParams(const struct HksParamSet * paramSet,struct ParamsValues * inputParams)916 int32_t GetInputParams(const struct HksParamSet *paramSet, struct ParamsValues *inputParams)
917 {
918     int32_t ret = HKS_SUCCESS;
919     struct HksParam *checkParam = NULL;
920     if (inputParams->keyLen.needCheck) {
921         ret = HksGetParam(paramSet, HKS_TAG_KEY_SIZE, &checkParam);
922         HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_KEY_SIZE_FAIL,
923             "get Param get tag:0x%" LOG_PUBLIC "x failed", HKS_TAG_KEY_SIZE);
924         inputParams->keyLen.value = checkParam->uint32Param;
925     }
926 
927     if (inputParams->purpose.needCheck) {
928         ret = HksGetParam(paramSet, HKS_TAG_PURPOSE, &checkParam);
929         HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_PURPOSE_FAIL,
930             "get Param get tag:0x%" LOG_PUBLIC "x failed", HKS_TAG_PURPOSE);
931         inputParams->purpose.value = checkParam->uint32Param;
932     }
933 
934     ret = GetOptionalParams(paramSet, HKS_TAG_PADDING, inputParams->padding.needCheck, &inputParams->padding.value,
935         &inputParams->padding.isAbsent);
936     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_PADDING_FAIL,
937         "get Param get tag:0x%" LOG_PUBLIC "x failed", HKS_TAG_PADDING);
938     ret = GetOptionalParams(paramSet, HKS_TAG_DIGEST, inputParams->digest.needCheck, &inputParams->digest.value,
939         &inputParams->digest.isAbsent);
940     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_DIGEST_FAIL,
941         "get Param get tag:0x%" LOG_PUBLIC "x failed", HKS_TAG_DIGEST);
942     ret = GetOptionalParams(paramSet, HKS_TAG_BLOCK_MODE, inputParams->mode.needCheck, &inputParams->mode.value,
943         &inputParams->mode.isAbsent);
944     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_MODE_FAIL,
945         "get Param get tag:0x%" LOG_PUBLIC "x failed", HKS_TAG_BLOCK_MODE);
946     return ret;
947 }
948 
InitInputParams(enum CheckKeyType checkType,struct ParamsValues * inputParams,const struct ParamsValuesChecker * checkSet,uint32_t checkSetSize)949 static int32_t InitInputParams(enum CheckKeyType checkType, struct ParamsValues *inputParams,
950     const struct ParamsValuesChecker *checkSet, uint32_t checkSetSize)
951 {
952     for (uint32_t i = 0; i < checkSetSize; ++i) {
953         if (checkType == checkSet[i].checkType) {
954             (void)memcpy_s(inputParams, sizeof(*inputParams), &checkSet[i].paramValues,
955                 sizeof(checkSet[i].paramValues));
956             return HKS_SUCCESS;
957         }
958     }
959     return HKS_ERROR_NOT_SUPPORTED;
960 }
961 
InitInputParamsByAlg(uint32_t alg,enum CheckKeyType checkType,struct ParamsValues * inputParams)962 static int32_t InitInputParamsByAlg(uint32_t alg, enum CheckKeyType checkType, struct ParamsValues *inputParams)
963 {
964     switch (alg) {
965 #ifdef HKS_SUPPORT_RSA_C
966         case HKS_ALG_RSA:
967             return InitInputParams(checkType, inputParams, g_rsaParamSet, HKS_ARRAY_SIZE(g_rsaParamSet));
968 #endif
969         case HKS_ALG_AES:
970             return InitInputParams(checkType, inputParams, g_aesParamSet, HKS_ARRAY_SIZE(g_aesParamSet));
971 #ifdef HKS_SUPPORT_ECC_C
972         case HKS_ALG_ECC:
973             return InitInputParams(checkType, inputParams, g_eccParamSet, HKS_ARRAY_SIZE(g_eccParamSet));
974 #endif
975 #ifdef HKS_SUPPORT_SM2_C
976         case HKS_ALG_SM2:
977             return InitInputParams(checkType, inputParams, g_sm2ParamSet, HKS_ARRAY_SIZE(g_sm2ParamSet));
978 #endif
979 #ifdef HKS_SUPPORT_SM3_C
980         case HKS_ALG_SM3:
981             return InitInputParams(checkType, inputParams, g_sm3ParamSet, HKS_ARRAY_SIZE(g_sm3ParamSet));
982 #endif
983 #ifdef HKS_SUPPORT_SM4_C
984         case HKS_ALG_SM4:
985             return InitInputParams(checkType, inputParams, g_sm4ParamSet, HKS_ARRAY_SIZE(g_sm4ParamSet));
986 #endif
987 #if defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_ED25519_C)
988         case HKS_ALG_X25519:
989         case HKS_ALG_ED25519:
990             return InitInputParams(checkType, inputParams, g_curve25519ParamSet, HKS_ARRAY_SIZE(g_curve25519ParamSet));
991 #endif
992 #ifdef HKS_SUPPORT_HMAC_C
993         case HKS_ALG_HMAC:
994             return InitInputParams(checkType, inputParams, g_hmacParamSet, HKS_ARRAY_SIZE(g_hmacParamSet));
995 #endif
996 #ifdef HKS_SUPPORT_DSA_C
997         case HKS_ALG_DSA:
998             return InitInputParams(checkType, inputParams, g_dsaParamSet, HKS_ARRAY_SIZE(g_dsaParamSet));
999 #endif
1000 #ifdef HKS_SUPPORT_DH_C
1001         case HKS_ALG_DH:
1002             return InitInputParams(checkType, inputParams, g_dhParamSet, HKS_ARRAY_SIZE(g_dhParamSet));
1003 #endif
1004 #ifdef HKS_SUPPORT_ECDH_C
1005         case HKS_ALG_ECDH:
1006             return InitInputParams(checkType, inputParams, g_ecdhParamSet, HKS_ARRAY_SIZE(g_ecdhParamSet));
1007 #endif
1008         default:
1009             return HKS_ERROR_INVALID_ALGORITHM;
1010     }
1011 }
1012 
InitExpectParams(enum CheckKeyType checkType,struct ExpectParamsValues * expectValues,const struct ExpectParamsValuesChecker * checkSet,uint32_t checkSetSize)1013 static int32_t InitExpectParams(enum CheckKeyType checkType, struct ExpectParamsValues *expectValues,
1014     const struct ExpectParamsValuesChecker *checkSet, uint32_t checkSetSize)
1015 {
1016     for (uint32_t i = 0; i < checkSetSize; ++i) {
1017         if (checkType == checkSet[i].checkType) {
1018             (void)memcpy_s(expectValues, sizeof(*expectValues), &checkSet[i].paramValues,
1019                 sizeof(checkSet[i].paramValues));
1020             return HKS_SUCCESS;
1021         }
1022     }
1023     return HKS_ERROR_NOT_SUPPORTED;
1024 }
1025 
GetExpectParams(uint32_t alg,enum CheckKeyType checkType,struct ExpectParamsValues * expectValues)1026 static int32_t GetExpectParams(uint32_t alg, enum CheckKeyType checkType, struct ExpectParamsValues *expectValues)
1027 {
1028     switch (alg) {
1029 #ifdef HKS_SUPPORT_RSA_C
1030         case HKS_ALG_RSA:
1031             return InitExpectParams(checkType, expectValues, g_expectRsaParams, HKS_ARRAY_SIZE(g_expectRsaParams));
1032 #endif
1033         case HKS_ALG_AES:
1034             return InitExpectParams(checkType, expectValues, g_expectAesParams, HKS_ARRAY_SIZE(g_expectAesParams));
1035 #ifdef HKS_SUPPORT_ECC_C
1036         case HKS_ALG_ECC:
1037             return InitExpectParams(checkType, expectValues, g_expectEccParams, HKS_ARRAY_SIZE(g_expectEccParams));
1038 #endif
1039 #ifdef HKS_SUPPORT_SM2_C
1040         case HKS_ALG_SM2:
1041             return InitExpectParams(checkType, expectValues, g_expectSm2Params, HKS_ARRAY_SIZE(g_expectSm2Params));
1042 #endif
1043 #ifdef HKS_SUPPORT_SM3_C
1044         case HKS_ALG_SM3:
1045             return InitExpectParams(checkType, expectValues, g_expectSm3Params, HKS_ARRAY_SIZE(g_expectSm3Params));
1046 #endif
1047 #ifdef HKS_SUPPORT_SM4_C
1048         case HKS_ALG_SM4:
1049             return InitExpectParams(checkType, expectValues, g_expectSm4Params, HKS_ARRAY_SIZE(g_expectSm4Params));
1050 #endif
1051 #if defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_ED25519_C)
1052         case HKS_ALG_X25519:
1053         case HKS_ALG_ED25519:
1054             return InitExpectParams(checkType, expectValues, g_expectCurve25519Params,
1055                 HKS_ARRAY_SIZE(g_expectCurve25519Params));
1056 #endif
1057 #ifdef HKS_SUPPORT_HMAC_C
1058         case HKS_ALG_HMAC:
1059             return InitExpectParams(checkType, expectValues, g_expectHmacParams, HKS_ARRAY_SIZE(g_expectHmacParams));
1060 #endif
1061 #ifdef HKS_SUPPORT_DSA_C
1062         case HKS_ALG_DSA:
1063             return InitExpectParams(checkType, expectValues, g_expectDsaParams, HKS_ARRAY_SIZE(g_expectDsaParams));
1064 #endif
1065 #ifdef HKS_SUPPORT_DH_C
1066         case HKS_ALG_DH:
1067             return InitExpectParams(checkType, expectValues, g_expectDhParams, HKS_ARRAY_SIZE(g_expectDhParams));
1068 #endif
1069 #ifdef HKS_SUPPORT_ECDH_C
1070         case HKS_ALG_ECDH:
1071             return InitExpectParams(checkType, expectValues, g_expectEcdhParams, HKS_ARRAY_SIZE(g_expectEcdhParams));
1072 #endif
1073         default:
1074             return HKS_ERROR_INVALID_ALGORITHM;
1075     }
1076 }
1077 
1078 #ifdef HKS_SUPPORT_ECC_C
CheckEccSignature(uint32_t cmdId,uint32_t keySize,const struct HksBlob * signature)1079 static int32_t CheckEccSignature(uint32_t cmdId, uint32_t keySize, const struct HksBlob *signature)
1080 {
1081     /*
1082      * ecc sign format: 0x30 + len1 + 0x02 + len2 + 0x00 (optional) + r + 0x02 + len3 + 0x00(optional) + s
1083      * sign: signSize no less than 2*keySize/8 + 8;
1084      * verify: signSize no greater than 2*keySize/8 + 8
1085      */
1086     uint32_t eccSignRSize = keySize / HKS_BITS_PER_BYTE + keySize % HKS_BITS_PER_BYTE;
1087     uint32_t eccSignSSize = eccSignRSize;
1088     switch (cmdId) {
1089         case HKS_CMD_ID_SIGN:
1090             if (signature->size < (eccSignRSize + eccSignSSize + HKS_ECC_SIGN_MAX_TL_SIZE)) {
1091                 HKS_LOG_E("eccsign: signature size too small, keySize %" LOG_PUBLIC "u, signatureSize %" LOG_PUBLIC "u",
1092                     keySize, signature->size);
1093                 return HKS_ERROR_BUFFER_TOO_SMALL;
1094             }
1095             break;
1096         case HKS_CMD_ID_VERIFY:
1097             if (signature->size > (eccSignRSize + eccSignSSize + HKS_ECC_SIGN_MAX_TL_SIZE)) {
1098                 HKS_LOG_E("eccverfiy: invalid signature size, keySize %" LOG_PUBLIC "u, signatureSize %" LOG_PUBLIC "u",
1099                     keySize, signature->size);
1100                 return HKS_ERROR_INVALID_SIGNATURE_SIZE;
1101             }
1102             break;
1103         default:
1104             return HKS_ERROR_INVALID_ARGUMENT;
1105     }
1106 
1107     return HKS_SUCCESS;
1108 }
1109 #endif
1110 
1111 #ifdef HKS_SUPPORT_ED25519_C
CheckEd25519Signature(uint32_t cmdId,const struct HksBlob * signature)1112 static int32_t CheckEd25519Signature(uint32_t cmdId, const struct HksBlob *signature)
1113 {
1114     switch (cmdId) {
1115         case HKS_CMD_ID_SIGN:
1116             if (signature->size < HKS_SIGNATURE_MIN_SIZE) {
1117                 HKS_LOG_E("ed25519 sign: signature size too small, signatureSize %" LOG_PUBLIC "u", signature->size);
1118                 return HKS_ERROR_BUFFER_TOO_SMALL;
1119             }
1120             break;
1121         case HKS_CMD_ID_VERIFY:
1122             if (signature->size < HKS_SIGNATURE_MIN_SIZE) {
1123                 HKS_LOG_E("ed25519 verfiy: invalid signature size, signatureSize %" LOG_PUBLIC "u", signature->size);
1124                 return HKS_ERROR_INVALID_SIGNATURE_SIZE;
1125             }
1126             break;
1127         default:
1128             return HKS_ERROR_INVALID_ARGUMENT;
1129     }
1130 
1131     return HKS_SUCCESS;
1132 }
1133 #endif
1134 
1135 #ifdef HKS_SUPPORT_RSA_C
CheckRsaGenKeyPadding(const struct ParamsValues * inputParams)1136 static int32_t CheckRsaGenKeyPadding(const struct ParamsValues *inputParams)
1137 {
1138     if (inputParams->padding.isAbsent) {
1139         return HKS_SUCCESS;
1140     }
1141     if ((inputParams->purpose.value & (HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT)) != 0) {
1142         return HksCheckValue(inputParams->padding.value, g_rsaCipherPadding, HKS_ARRAY_SIZE(g_rsaCipherPadding));
1143     } else if ((inputParams->purpose.value & (HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY)) != 0) {
1144         return HksCheckValue(inputParams->padding.value, g_rsaSignPadding, HKS_ARRAY_SIZE(g_rsaSignPadding));
1145     }
1146     return HKS_SUCCESS;
1147 }
1148 
1149 #ifdef HKS_SUPPORT_RSA_SIGN_VERIFY
CheckRsaSignature(uint32_t cmdId,uint32_t keySize,const struct HksBlob * signature)1150 static int32_t CheckRsaSignature(uint32_t cmdId, uint32_t keySize, const struct HksBlob *signature)
1151 {
1152     /*
1153      * k: the length of the RSA modulus n
1154      * sign: signSize no less than k; verify: signSize is same as k, thus no greater than keySize / 8
1155      */
1156     switch (cmdId) {
1157         case HKS_CMD_ID_SIGN:
1158             if (signature->size < keySize / HKS_BITS_PER_BYTE) {
1159                 HKS_LOG_E("rsasign: signature size too small, keySize %" LOG_PUBLIC "u, signatureSize %" LOG_PUBLIC "u",
1160                     keySize, signature->size);
1161                 return HKS_ERROR_BUFFER_TOO_SMALL;
1162             }
1163             break;
1164         case HKS_CMD_ID_VERIFY:
1165             if (signature->size > keySize / HKS_BITS_PER_BYTE) {
1166                 HKS_LOG_E("rsaverfiy: invalid signature size, keySize %" LOG_PUBLIC "u, signatureSize %" LOG_PUBLIC "u",
1167                     keySize, signature->size);
1168                 return HKS_ERROR_INVALID_SIGNATURE_SIZE;
1169             }
1170             break;
1171         default:
1172             return HKS_ERROR_INVALID_ARGUMENT;
1173     }
1174 
1175     return HKS_SUCCESS;
1176 }
1177 #endif
1178 
1179 #ifdef HKS_SUPPORT_RSA_CRYPT
CheckRsaNoPadCipherData(uint32_t keySize,const struct HksBlob * inData,const struct HksBlob * outData)1180 static int32_t CheckRsaNoPadCipherData(uint32_t keySize, const struct HksBlob *inData,
1181     const struct HksBlob *outData)
1182 {
1183     /* encrypt/decrypt: inSize no greater than keySize, outSize no less than keySize */
1184     if (inData->size > keySize) {
1185         HKS_LOG_E("invalid inData size: %" LOG_PUBLIC "u, keySize: %" LOG_PUBLIC "u", inData->size, keySize);
1186         return HKS_ERROR_INVALID_ARGUMENT;
1187     }
1188 
1189     if (outData->size < keySize) {
1190         HKS_LOG_E("outData buffer too small size: %" LOG_PUBLIC "u, keySize: %" LOG_PUBLIC "u",
1191             outData->size, keySize);
1192         return HKS_ERROR_BUFFER_TOO_SMALL;
1193     }
1194 
1195     return HKS_SUCCESS;
1196 }
1197 
CheckRsaOaepCipherData(uint32_t cmdId,uint32_t keySize,uint32_t digest,const struct HksBlob * inData,const struct HksBlob * outData)1198 static int32_t CheckRsaOaepCipherData(uint32_t cmdId, uint32_t keySize, uint32_t digest,
1199     const struct HksBlob *inData, const struct HksBlob *outData)
1200 {
1201     uint32_t digestLen;
1202     if (digest == HKS_DIGEST_NONE) {
1203         digest = HKS_DIGEST_SHA1;
1204     }
1205     int32_t ret = HksGetDigestLen(digest, &digestLen);
1206     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "GetDigestLen failed, ret = %" LOG_PUBLIC "x", ret)
1207 
1208     /*
1209      * encrypt: inSize no greater than keySize - 2*digestLen - 2, outSize no less than keySize (in: plain; out: cipher)
1210      * decrypt: inSize no greater than keySize, outSize no less than keySize - 2*digestLen - 2 (in: cipher; out: plain)
1211      */
1212     if (keySize <= (HKS_RSA_OAEP_DIGEST_NUM * digestLen + HKS_RSA_OAEP_DIGEST_NUM)) {
1213         return HKS_ERROR_INVALID_KEY_FILE;
1214     }
1215     uint32_t size = keySize - HKS_RSA_OAEP_DIGEST_NUM * digestLen - HKS_RSA_OAEP_DIGEST_NUM;
1216     if (cmdId == HKS_CMD_ID_ENCRYPT) {
1217         if (inData->size > size) {
1218             HKS_LOG_E("encrypt, invalid insize: %" LOG_PUBLIC "u, keySize: %" LOG_PUBLIC "u, "
1219                 "digestLen: %" LOG_PUBLIC "u", inData->size, keySize, digestLen);
1220             return HKS_ERROR_INVALID_ARGUMENT;
1221         }
1222         if (outData->size < keySize) {
1223             HKS_LOG_E("encrypt, outData buffer too small size: %" LOG_PUBLIC "u, keySize: %" LOG_PUBLIC "u",
1224                 outData->size, keySize);
1225             return HKS_ERROR_BUFFER_TOO_SMALL;
1226         }
1227     } else if (cmdId == HKS_CMD_ID_DECRYPT) {
1228         if (inData->size > keySize) {
1229             HKS_LOG_E("decrypt, invalid inData size: %" LOG_PUBLIC "u, keySize: %" LOG_PUBLIC "u",
1230                 inData->size, keySize);
1231             return HKS_ERROR_INVALID_ARGUMENT;
1232         }
1233         if (outData->size < size) {
1234             HKS_LOG_E("decrypt, outData buffer too small size: %" LOG_PUBLIC "u, keySize: %" LOG_PUBLIC "u",
1235                 outData->size, keySize);
1236             return HKS_ERROR_BUFFER_TOO_SMALL;
1237         }
1238     }
1239 
1240     return HKS_SUCCESS;
1241 }
1242 
CheckRsaCipherData(uint32_t cmdId,const struct ParamsValues * inputParams,const struct HksBlob * inData,const struct HksBlob * outData)1243 static int32_t CheckRsaCipherData(uint32_t cmdId, const struct ParamsValues *inputParams,
1244     const struct HksBlob *inData, const struct HksBlob *outData)
1245 {
1246     uint32_t padding = inputParams->padding.value;
1247     uint32_t keySize = inputParams->keyLen.value / HKS_BITS_PER_BYTE;
1248     int32_t ret = HKS_SUCCESS;
1249 
1250     if (padding == HKS_PADDING_NONE) {
1251         ret = CheckRsaNoPadCipherData(keySize, inData, outData);
1252     } else if (padding == HKS_PADDING_OAEP) {
1253         ret = CheckRsaOaepCipherData(cmdId, keySize, inputParams->digest.value, inData, outData);
1254     }
1255 
1256     HKS_IF_NOT_SUCC_LOGE(ret, "Check Rsa CipherData failed, cmdId: %" LOG_PUBLIC "u, padding: %" LOG_PUBLIC "u, "
1257         "keyLen: %" LOG_PUBLIC "u, inData size: %" LOG_PUBLIC "u, outData size: %" LOG_PUBLIC "u",
1258         cmdId, padding, keySize, inData->size, outData->size)
1259 
1260     return ret;
1261 }
1262 #endif
1263 #endif
1264 
1265 #ifdef HKS_SUPPORT_AES_C
1266 static int32_t CheckAesAeCipherData(uint32_t cmdId, const struct HksBlob *inData, const struct HksBlob *outData);
1267 #endif
1268 
1269 #if defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_SM4_C)
CheckBlockCbcCipherData(uint32_t mode,uint32_t cmdId,uint32_t padding,const struct HksBlob * inData,const struct HksBlob * outData)1270 static int32_t CheckBlockCbcCipherData(uint32_t mode, uint32_t cmdId, uint32_t padding,
1271     const struct HksBlob *inData, const struct HksBlob *outData)
1272 {
1273     /*
1274      * encrypt: inSize greater than 0(has been checked), no-padding: inSize need to be integer multiple of 16
1275      *          outSize no less than inSize + (16 - inSize % 16) (in: plain; out: cipher)
1276      * decrypt: inSize greater than 0(has been checked) && inSize is integer multiple of 16
1277      *          outSize no less than inSize (in: cipher; out: plain)
1278      */
1279     switch (cmdId) {
1280         case HKS_CMD_ID_ENCRYPT: {
1281             uint32_t paddingSize = 0;
1282             if (padding == HKS_PADDING_NONE) {
1283                 if ((mode == HKS_MODE_CBC || mode == HKS_MODE_ECB) &&
1284                     inData->size % HKS_BLOCK_CIPHER_CBC_BLOCK_SIZE != 0) {
1285                     HKS_LOG_E("encrypt, mode id: %" LOG_PUBLIC "u, no-padding, invalid inSize: %" LOG_PUBLIC "u",
1286                         mode, inData->size);
1287                     return HKS_ERROR_INVALID_ARGUMENT;
1288                 }
1289             } else {
1290                 paddingSize = HKS_BLOCK_CIPHER_CBC_BLOCK_SIZE - inData->size % HKS_BLOCK_CIPHER_CBC_BLOCK_SIZE;
1291                 if (inData->size > (UINT32_MAX - paddingSize)) {
1292                     HKS_LOG_E("encrypt, invalid inData size: %" LOG_PUBLIC "u", inData->size);
1293                     return HKS_ERROR_INVALID_ARGUMENT;
1294                 }
1295             }
1296             if (outData->size < (inData->size + paddingSize)) {
1297                 HKS_LOG_E("encrypt, outData buffer too small size: %" LOG_PUBLIC "u, need: %" LOG_PUBLIC "u",
1298                     outData->size, inData->size + paddingSize);
1299                 return HKS_ERROR_BUFFER_TOO_SMALL;
1300             }
1301             break;
1302         }
1303         case HKS_CMD_ID_DECRYPT:
1304             if ((mode == HKS_MODE_CBC || mode == HKS_MODE_ECB) && inData->size % HKS_BLOCK_CIPHER_CBC_BLOCK_SIZE != 0) {
1305                 HKS_LOG_E("decrypt, mode id: %" LOG_PUBLIC "u, invalid inData size: %" LOG_PUBLIC "u",
1306                     mode, inData->size);
1307                 return HKS_ERROR_INVALID_ARGUMENT;
1308             }
1309             if (outData->size < inData->size) {
1310                 HKS_LOG_E("decrypt, outData buffer too small size: %" LOG_PUBLIC "u, inDataSize: %" LOG_PUBLIC "u",
1311                     outData->size, inData->size);
1312                 return HKS_ERROR_BUFFER_TOO_SMALL;
1313             }
1314             break;
1315         default:
1316             return HKS_ERROR_INVALID_ARGUMENT;
1317     }
1318 
1319     return HKS_SUCCESS;
1320 }
1321 
CheckBlockCipherData(uint32_t cmdId,const struct ParamsValues * inputParams,const struct HksBlob * inData,const struct HksBlob * outData,uint32_t alg)1322 static int32_t CheckBlockCipherData(uint32_t cmdId, const struct ParamsValues *inputParams,
1323     const struct HksBlob *inData, const struct HksBlob *outData, uint32_t alg)
1324 {
1325     uint32_t mode = inputParams->mode.value;
1326 
1327 #if defined(HKS_SUPPORT_AES_C)
1328     if (alg == HKS_ALG_AES) {
1329         if (mode == HKS_MODE_CBC || mode == HKS_MODE_CTR || mode == HKS_MODE_ECB) {
1330             uint32_t padding = inputParams->padding.value;
1331             return CheckBlockCbcCipherData(mode, cmdId, padding, inData, outData);
1332         } else if (mode == HKS_MODE_GCM || mode == HKS_MODE_CCM) {
1333             return CheckAesAeCipherData(cmdId, inData, outData);
1334         }
1335     }
1336 #endif
1337 
1338 #if defined(HKS_SUPPORT_SM4_C)
1339     if (alg == HKS_ALG_SM4) {
1340         for (uint32_t i = 0; i < HKS_ARRAY_SIZE(g_sm4Mode); i++) {
1341             if (mode == g_sm4Mode[i]) {
1342                 uint32_t padding = inputParams->padding.value;
1343                 return CheckBlockCbcCipherData(mode, cmdId, padding, inData, outData);
1344             }
1345         }
1346     }
1347 #endif
1348 
1349     return HKS_ERROR_INVALID_MODE;
1350 }
1351 
CheckBlockCipherIvMaterial(const struct HksParamSet * paramSet)1352 static int32_t CheckBlockCipherIvMaterial(const struct HksParamSet *paramSet)
1353 {
1354     struct HksParam *ivParam = NULL;
1355     int32_t ret = HksGetParam(paramSet, HKS_TAG_IV, &ivParam);
1356     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_IV_FAIL, "cipher get iv param failed!")
1357 
1358     if ((ivParam->blob.size != HKS_BLOCK_CIPHER_CBC_IV_LEN) || (ivParam->blob.data == NULL)) {
1359         HKS_LOG_E("cbc iv param invalid");
1360         return HKS_ERROR_INVALID_IV;
1361     }
1362 
1363     return ret;
1364 }
1365 #endif // defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_SM4_C)
1366 
1367 #ifdef HKS_SUPPORT_AES_C
CheckAesPadding(const struct ParamsValues * inputParams)1368 static int32_t CheckAesPadding(const struct ParamsValues *inputParams)
1369 {
1370     if ((inputParams->mode.isAbsent) || (inputParams->padding.isAbsent)) {
1371         return HKS_SUCCESS;
1372     }
1373     uint32_t mode = inputParams->mode.value;
1374     uint32_t padding = inputParams->padding.value;
1375     if (mode == HKS_MODE_CBC) {
1376         return HksCheckValue(padding, g_aesCbcPadding, HKS_ARRAY_SIZE(g_aesCbcPadding));
1377     }
1378 
1379     if (mode == HKS_MODE_CTR) {
1380         return HksCheckValue(padding, g_aesCtrPadding, HKS_ARRAY_SIZE(g_aesCtrPadding));
1381     }
1382 
1383     if (mode == HKS_MODE_ECB) {
1384         return HksCheckValue(padding, g_aesEcbPadding, HKS_ARRAY_SIZE(g_aesEcbPadding));
1385     }
1386 
1387     if ((mode == HKS_MODE_GCM) || (mode == HKS_MODE_CCM)) {
1388         return HksCheckValue(padding, g_aesAeadPadding, HKS_ARRAY_SIZE(g_aesAeadPadding));
1389     }
1390 
1391     return HKS_SUCCESS;
1392 }
1393 
CheckAesAeCipherData(uint32_t cmdId,const struct HksBlob * inData,const struct HksBlob * outData)1394 static int32_t CheckAesAeCipherData(uint32_t cmdId, const struct HksBlob *inData, const struct HksBlob *outData)
1395 {
1396     /*
1397      * encrypt: inSize greater than 0(has been checked),
1398      *          outSize no less than inSize + 16(tagLen) (in: plain; out: cipher)
1399      * decrypt: inSize greater than 16(tagLen), outSize no less than inSize - 16(tagLen)
1400      * decryptFinal: inSize greater than 0(has been checked), outSize no less than inSize (in: cipher; out: plain)
1401      */
1402     switch (cmdId) {
1403         case HKS_CMD_ID_ENCRYPT:
1404             if (inData->size > (UINT32_MAX - HKS_AE_TAG_LEN)) {
1405                 HKS_LOG_E("encrypt, invalid inSize: %" LOG_PUBLIC "u", inData->size);
1406                 return HKS_ERROR_INVALID_ARGUMENT;
1407             }
1408             if (outData->size < (inData->size + HKS_AE_TAG_LEN)) {
1409                 HKS_LOG_E("encrypt, out buffer too small size: %" LOG_PUBLIC "u, inSize: %" LOG_PUBLIC "u",
1410                     outData->size, inData->size);
1411                 return HKS_ERROR_BUFFER_TOO_SMALL;
1412             }
1413             break;
1414         case HKS_CMD_ID_DECRYPT:
1415             if ((inData->size < HKS_AE_TAG_LEN) || (outData->size < inData->size - HKS_AE_TAG_LEN)) {
1416                 HKS_LOG_E("decryptfinal, out buffer too small size: %" LOG_PUBLIC "u, inSize: %" LOG_PUBLIC "u",
1417                     outData->size, inData->size);
1418                 return HKS_ERROR_BUFFER_TOO_SMALL;
1419             }
1420             break;
1421         default:
1422             return HKS_ERROR_INVALID_ARGUMENT;
1423     }
1424 
1425     return HKS_SUCCESS;
1426 }
1427 
CheckCipherAeAadMaterial(uint32_t mode,const struct HksParamSet * paramSet)1428 static int32_t CheckCipherAeAadMaterial(uint32_t mode, const struct HksParamSet *paramSet)
1429 {
1430     struct HksParam *aadParam = NULL;
1431     int32_t ret = HksGetParam(paramSet, HKS_TAG_ASSOCIATED_DATA, &aadParam);
1432     if (mode == HKS_MODE_GCM && ret == HKS_ERROR_PARAM_NOT_EXIST) {
1433         HKS_LOG_W("gcm no input aad");
1434         return HKS_SUCCESS;
1435     } else if (ret != HKS_SUCCESS) {
1436         HKS_LOG_E("cipher get aad param failed!");
1437         return HKS_ERROR_CHECK_GET_AAD_FAIL;
1438     }
1439     HKS_IF_NOT_SUCC_RETURN(CheckBlob(&aadParam->blob), HKS_ERROR_INVALID_AAD)
1440 
1441     /* gcmMode: aadSize greater than 0 (has been checked); ccmMode: aadSize no less than 4 */
1442     if (mode == HKS_MODE_CCM) {
1443         if (aadParam->blob.size < HKS_AES_CCM_AAD_LEN_MIN) {
1444             HKS_LOG_E("ccm invalid aad size, aad size = %" LOG_PUBLIC "u", aadParam->blob.size);
1445             return HKS_ERROR_INVALID_AAD;
1446         }
1447     }
1448 
1449     return HKS_SUCCESS;
1450 }
1451 
CheckCipherAeNonceMaterial(uint32_t mode,const struct HksParamSet * paramSet)1452 static int32_t CheckCipherAeNonceMaterial(uint32_t mode, const struct HksParamSet *paramSet)
1453 {
1454     struct HksParam *nonceParam = NULL;
1455     int32_t ret = HksGetParam(paramSet, HKS_TAG_NONCE, &nonceParam);
1456     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_NONCE_FAIL, "cipher get nonce param failed!")
1457     HKS_IF_NOT_SUCC_RETURN(CheckBlob(&nonceParam->blob), HKS_ERROR_INVALID_NONCE)
1458 
1459     /* gcmMode: nonceSize no less than 12; ccmMode: nonceSize no less than 7, and no greater than 13 */
1460     if (mode == HKS_MODE_GCM) {
1461         if (nonceParam->blob.size < HKS_AES_GCM_NONCE_LEN_MIN) {
1462             HKS_LOG_E("gcm invalid nonce size, nonce size = %" LOG_PUBLIC "u", nonceParam->blob.size);
1463             return HKS_ERROR_INVALID_NONCE;
1464         }
1465     } else if (mode == HKS_MODE_CCM) {
1466         if ((nonceParam->blob.size < HKS_AES_CCM_NONCE_LEN_MIN) ||
1467             (nonceParam->blob.size > HKS_AES_CCM_NONCE_LEN_MAX)) {
1468             HKS_LOG_E("ccm invalid nonce size, nonce size = %" LOG_PUBLIC "u", nonceParam->blob.size);
1469             return HKS_ERROR_INVALID_NONCE;
1470         }
1471     }
1472 
1473     return HKS_SUCCESS;
1474 }
1475 
CheckCipherAeMaterial(uint32_t mode,const struct HksParamSet * paramSet)1476 static int32_t CheckCipherAeMaterial(uint32_t mode, const struct HksParamSet *paramSet)
1477 {
1478     int32_t ret = CheckCipherAeAadMaterial(mode, paramSet);
1479     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check ae cipher aad failed!")
1480 
1481     ret = CheckCipherAeNonceMaterial(mode, paramSet);
1482     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check ae cipher nonce failed!")
1483 
1484     return ret;
1485 }
1486 #endif
1487 
1488 #ifdef HKS_SUPPORT_SM4_C
CheckSm4Padding(const struct ParamsValues * inputParams)1489 static int32_t CheckSm4Padding(const struct ParamsValues *inputParams)
1490 {
1491     if ((inputParams->mode.isAbsent) || (inputParams->padding.isAbsent)) {
1492         return HKS_SUCCESS;
1493     }
1494     uint32_t mode = inputParams->mode.value;
1495     uint32_t padding = inputParams->padding.value;
1496     if (mode == HKS_MODE_CBC) {
1497         return HksCheckValue(padding, g_sm4CbcPadding, HKS_ARRAY_SIZE(g_sm4CbcPadding));
1498     }
1499 
1500     if (mode == HKS_MODE_CTR) {
1501         return HksCheckValue(padding, g_sm4CtrPadding, HKS_ARRAY_SIZE(g_sm4CtrPadding));
1502     }
1503 
1504     if (mode == HKS_MODE_ECB) {
1505         return HksCheckValue(padding, g_sm4EcbPadding, HKS_ARRAY_SIZE(g_sm4EcbPadding));
1506     }
1507 
1508     if (mode == HKS_MODE_CFB) {
1509         return HksCheckValue(padding, g_sm4CfbPadding, HKS_ARRAY_SIZE(g_sm4CfbPadding));
1510     }
1511 
1512     if (mode == HKS_MODE_OFB) {
1513         return HksCheckValue(padding, g_sm4OfbPadding, HKS_ARRAY_SIZE(g_sm4OfbPadding));
1514     }
1515 
1516     return HKS_ERROR_INVALID_ARGUMENT;
1517 }
1518 #endif
1519 
HksCheckValue(uint32_t inputValue,const uint32_t * expectValues,uint32_t valuesCount)1520 int32_t HksCheckValue(uint32_t inputValue, const uint32_t *expectValues, uint32_t valuesCount)
1521 {
1522     for (uint32_t i = 0; i < valuesCount; ++i) {
1523         if (inputValue == expectValues[i]) {
1524             return HKS_SUCCESS;
1525         }
1526     }
1527     return HKS_ERROR_INVALID_ARGUMENT;
1528 }
1529 
1530 #ifndef _CUT_AUTHENTICATE_
HksCheckGenKeyPurpose(uint32_t alg,uint32_t inputPurpose,uint32_t keyFlag)1531 int32_t HksCheckGenKeyPurpose(uint32_t alg, uint32_t inputPurpose, uint32_t keyFlag)
1532 {
1533     int32_t ret = CheckPurposeUnique(inputPurpose);
1534     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "gen key purpose not unique")
1535 
1536     return CheckPurposeValid(alg, inputPurpose, keyFlag);
1537 }
1538 
1539 #ifdef HKS_SUPPORT_DSA_C
HksGetDsaKeySize(const struct HksBlob * key,uint32_t * keySize)1540 static int32_t HksGetDsaKeySize(const struct HksBlob *key, uint32_t *keySize)
1541 {
1542     if (key->size < sizeof(struct HksParamSet)) {
1543         HKS_LOG_E("check dsa key size: invalid keyfile size: %" LOG_PUBLIC "u", key->size);
1544         return HKS_ERROR_INVALID_KEY_FILE;
1545     }
1546 
1547     struct HksParamSet *keyParamSet = (struct HksParamSet *)key->data;
1548     int32_t ret = HksCheckParamSetValidity(keyParamSet);
1549     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_KEY_FILE, "check dsa key size: paramset invalid failed")
1550 
1551     struct HksParam *keySizeParam = NULL;
1552     ret = HksGetParam(keyParamSet, HKS_TAG_KEY_SIZE, &keySizeParam);
1553     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_KEY_FILE,
1554         "check dsa key size: get param get tag:0x%" LOG_PUBLIC "x failed", HKS_TAG_KEY_SIZE)
1555     *keySize = keySizeParam->uint32Param;
1556     return ret;
1557 }
1558 #endif
1559 
HksGetKeySize(uint32_t alg,const struct HksBlob * key,uint32_t * keySize)1560 int32_t HksGetKeySize(uint32_t alg, const struct HksBlob *key, uint32_t *keySize)
1561 {
1562     switch (alg) {
1563 #ifdef HKS_SUPPORT_RSA_C
1564         case HKS_ALG_RSA:
1565             return CheckAndGetKeySize(key, g_rsaKeySize, HKS_ARRAY_SIZE(g_rsaKeySize), keySize);
1566 #endif
1567 #ifdef HKS_SUPPORT_DSA_C
1568         case HKS_ALG_DSA:
1569 #ifndef _STORAGE_LITE_
1570             return HksGetDsaKeySize(key, keySize);
1571 #else
1572             return HKS_ERROR_INVALID_ALGORITHM;
1573 #endif
1574 #endif
1575 #ifdef HKS_SUPPORT_ECC_C
1576         case HKS_ALG_ECC:
1577             return CheckAndGetKeySize(key, g_eccKeySize, HKS_ARRAY_SIZE(g_eccKeySize), keySize);
1578 #endif
1579 #ifdef HKS_SUPPORT_ECDH_C
1580         case HKS_ALG_ECDH:
1581             return CheckAndGetKeySize(key, g_ecdhKeySize, HKS_ARRAY_SIZE(g_ecdhKeySize), keySize);
1582 #endif
1583 #if defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_ED25519_C)
1584         case HKS_ALG_X25519:
1585         case HKS_ALG_ED25519:
1586             return CheckAndGetKeySize(key, g_curve25519KeySize, HKS_ARRAY_SIZE(g_curve25519KeySize), keySize);
1587 #endif
1588 #ifdef HKS_SUPPORT_DH_C
1589         case HKS_ALG_DH:
1590             return CheckAndGetKeySize(key, g_dhKeySize, HKS_ARRAY_SIZE(g_dhKeySize), keySize);
1591 #endif
1592 #ifdef HKS_SUPPORT_SM4_C
1593         case HKS_ALG_SM4:
1594             return CheckAndGetKeySize(key, g_sm4KeySize, HKS_ARRAY_SIZE(g_sm4KeySize), keySize);
1595 #endif
1596 #ifdef HKS_SUPPORT_SM2_C
1597         case HKS_ALG_SM2:
1598             return CheckAndGetKeySize(key, g_sm2KeySize, HKS_ARRAY_SIZE(g_sm2KeySize), keySize);
1599 #endif
1600         default:
1601             return HKS_ERROR_INVALID_ALGORITHM;
1602     }
1603 }
1604 #endif /* _CUT_AUTHENTICATE_ */
1605 
HksGetInputParmasByAlg(uint32_t alg,enum CheckKeyType checkType,const struct HksParamSet * paramSet,struct ParamsValues * inputParams)1606 int32_t HksGetInputParmasByAlg(uint32_t alg, enum CheckKeyType checkType, const struct HksParamSet *paramSet,
1607     struct ParamsValues *inputParams)
1608 {
1609     int32_t ret = InitInputParamsByAlg(alg, checkType, inputParams);
1610     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "init input params failed!")
1611 
1612     ret = GetInputParams(paramSet, inputParams);
1613     HKS_IF_NOT_SUCC_LOGE(ret, "get input params failed!")
1614 
1615     return ret;
1616 }
CheckOptionalParams(bool needCheck,bool isAbsent,uint32_t inputValue,const uint32_t * expectValue,uint32_t expectCnt)1617 static int32_t CheckOptionalParams(bool needCheck, bool isAbsent, uint32_t inputValue, const uint32_t* expectValue,
1618     uint32_t expectCnt)
1619 {
1620     if (needCheck) {
1621         if (!isAbsent) {
1622             if (HksCheckValue(inputValue, expectValue, expectCnt) != HKS_SUCCESS) {
1623                 HKS_LOG_E("CheckOptionalParams invalid argument, %d", inputValue);
1624                 return HKS_ERROR_INVALID_ARGUMENT;
1625             }
1626         }
1627     }
1628     return HKS_SUCCESS;
1629 }
1630 
InitCheckOptionalParams(bool needCheck,bool isAbsent,struct HksParam * param,const uint32_t * expectValue,uint32_t expectCnt)1631 static int32_t InitCheckOptionalParams(bool needCheck, bool isAbsent, struct HksParam *param,
1632     const uint32_t* expectValue, uint32_t expectCnt)
1633 {
1634     if (needCheck) {
1635         if (!isAbsent) {
1636             if (HksCheckValue(param->uint32Param, expectValue, expectCnt) != HKS_SUCCESS) {
1637                 return HKS_ERROR_INVALID_ARGUMENT;
1638             }
1639         } else {
1640             HKS_LOG_E("This param is absent, but it is necessary.");
1641             return HKS_ERROR_NOT_EXIST;
1642         }
1643     }
1644     return HKS_SUCCESS;
1645 }
1646 
HksCheckOptionalParam(uint32_t tag,uint32_t alg,uint32_t purpose,bool isAbsent,struct HksParam * param)1647 int32_t HksCheckOptionalParam(uint32_t tag, uint32_t alg, uint32_t purpose, bool isAbsent, struct HksParam *param)
1648 {
1649     enum CheckKeyType checkType = HKS_CHECK_TYPE_GEN_KEY;
1650     if (((purpose & HKS_KEY_PURPOSE_DERIVE) != 0) || ((purpose & HKS_KEY_PURPOSE_MAC) != 0)) {
1651         if (alg != HKS_ALG_AES && alg != HKS_ALG_HMAC && alg != HKS_ALG_SM3) {
1652             HKS_LOG_E("check mac or derive, not aes alg, alg: %u", alg);
1653             return HKS_ERROR_INVALID_PURPOSE;
1654         }
1655         if (purpose == HKS_KEY_PURPOSE_DERIVE) {
1656             checkType = HKS_CHECK_TYPE_GEN_DERIVE_KEY;
1657         } else {
1658             checkType = HKS_CHECK_TYPE_GEN_MAC_KEY;
1659         }
1660     }
1661     struct ExpectParamsValues expectValues = EXPECT_PARAMS_VALUES_INIT;
1662     int32_t ret = GetExpectParams(alg, checkType, &expectValues);
1663     HKS_IF_NOT_SUCC_RETURN(ret, ret)
1664     switch (tag) {
1665         case HKS_TAG_BLOCK_MODE:
1666             ret = InitCheckOptionalParams(expectValues.mode.needCheck, isAbsent, param,
1667                 expectValues.mode.values, expectValues.mode.valueCnt);
1668             HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_MODE_FAIL,
1669                 "check param fail:0x%" LOG_PUBLIC "x failed", HKS_TAG_BLOCK_MODE);
1670             break;
1671         case HKS_TAG_DIGEST:
1672             ret = InitCheckOptionalParams(expectValues.digest.needCheck, isAbsent, param,
1673                 expectValues.digest.values, expectValues.digest.valueCnt);
1674             HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_DIGEST_FAIL,
1675                 "check param fail:0x%" LOG_PUBLIC "x failed", HKS_TAG_DIGEST);
1676             break;
1677         case HKS_TAG_PADDING:
1678             ret = InitCheckOptionalParams(expectValues.padding.needCheck, isAbsent, param,
1679                 expectValues.padding.values, expectValues.padding.valueCnt);
1680             HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_PADDING_FAIL,
1681                 "check param fail:0x%" LOG_PUBLIC "x failed", HKS_TAG_PADDING);
1682             break;
1683         default:
1684             HKS_LOG_E("invalid tag: %d", tag);
1685             ret = HKS_FAILURE;
1686     }
1687     return ret;
1688 }
1689 
HksCheckFixedParams(uint32_t alg,enum CheckKeyType checkType,const struct ParamsValues * inputParams)1690 int32_t HksCheckFixedParams(uint32_t alg, enum CheckKeyType checkType, const struct ParamsValues *inputParams)
1691 {
1692     struct ExpectParamsValues expectValues = EXPECT_PARAMS_VALUES_INIT;
1693     int32_t ret = GetExpectParams(alg, checkType, &expectValues);
1694     HKS_IF_NOT_SUCC_RETURN(ret, ret)
1695 
1696     ret = CheckOptionalParams(expectValues.keyLen.needCheck, inputParams->keyLen.isAbsent, inputParams->keyLen.value,
1697         expectValues.keyLen.values, expectValues.keyLen.valueCnt);
1698     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_KEY_SIZE,
1699             "check keyLen not expected, len = %" LOG_PUBLIC "u", inputParams->keyLen.value);
1700     ret = CheckOptionalParams(expectValues.padding.needCheck, inputParams->padding.isAbsent, inputParams->padding.value,
1701         expectValues.padding.values, expectValues.padding.valueCnt);
1702     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_PADDING,
1703         "check padding not expected, padding = %" LOG_PUBLIC "u", inputParams->padding.value);
1704     ret = CheckOptionalParams(expectValues.purpose.needCheck, inputParams->purpose.isAbsent, inputParams->purpose.value,
1705         expectValues.purpose.values, expectValues.purpose.valueCnt);
1706     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_PURPOSE,
1707         "check purpose not expected, purpose = %" LOG_PUBLIC "u", inputParams->purpose.value);
1708     ret = CheckOptionalParams(expectValues.digest.needCheck, inputParams->digest.isAbsent, inputParams->digest.value,
1709         expectValues.digest.values, expectValues.digest.valueCnt);
1710     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_DIGEST,
1711         "check digest not expected, digest = %" LOG_PUBLIC "u", inputParams->digest.value);
1712     ret = CheckOptionalParams(expectValues.mode.needCheck, inputParams->mode.isAbsent, inputParams->mode.value,
1713         expectValues.mode.values, expectValues.mode.valueCnt);
1714     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_MODE,
1715         "check mode not expected, mode = %" LOG_PUBLIC "u", inputParams->mode.value);
1716     return ret;
1717 }
1718 
1719 #ifndef _CUT_AUTHENTICATE_
HksCheckGenKeyMutableParams(uint32_t alg,const struct ParamsValues * inputParams)1720 int32_t HksCheckGenKeyMutableParams(uint32_t alg, const struct ParamsValues *inputParams)
1721 {
1722     int32_t ret = HKS_SUCCESS;
1723     switch (alg) {
1724 #ifdef HKS_SUPPORT_RSA_C
1725         case HKS_ALG_RSA:
1726             ret = CheckRsaGenKeyPadding(inputParams);
1727             HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_PADDING,
1728                 "Check padding not expected, padding = %" LOG_PUBLIC "u", inputParams->padding.value);
1729             break;
1730 #endif
1731 #ifdef HKS_SUPPORT_AES_C
1732         case HKS_ALG_AES:
1733             ret = CheckAesPadding(inputParams);
1734             HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_PADDING,
1735                 "Check padding not expected, padding = %" LOG_PUBLIC "u", inputParams->padding.value);
1736             break;
1737 #endif
1738 #ifdef HKS_SUPPORT_SM4_C
1739         case HKS_ALG_SM4:
1740             ret = CheckSm4Padding(inputParams);
1741             HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_PADDING,
1742                 "Check padding not expected, padding = %" LOG_PUBLIC "u", inputParams->padding.value);
1743             break;
1744 #endif
1745         default:
1746             /* other alg no need check padding */
1747             break;
1748     }
1749 
1750     return ret;
1751 }
1752 
CheckImportMutableParams(uint32_t alg,const struct ParamsValues * params)1753 int32_t CheckImportMutableParams(uint32_t alg, const struct ParamsValues *params)
1754 {
1755     if (((alg == HKS_ALG_DSA) || (alg == HKS_ALG_ED25519)) &&
1756         (params->purpose.value != HKS_KEY_PURPOSE_VERIFY)) {
1757         HKS_LOG_E("Import key check purpose failed.");
1758         return HKS_ERROR_INVALID_PURPOSE;
1759     }
1760 
1761     if ((alg == HKS_ALG_SM2) &&
1762         ((params->purpose.value != HKS_KEY_PURPOSE_VERIFY) && (params->purpose.value != HKS_KEY_PURPOSE_ENCRYPT))) {
1763         HKS_LOG_E("Import key check purpose failed.");
1764         return HKS_ERROR_INVALID_PURPOSE;
1765     }
1766 
1767     if ((alg == HKS_ALG_ECC) &&
1768         ((params->purpose.value != HKS_KEY_PURPOSE_VERIFY) && (params->purpose.value != HKS_KEY_PURPOSE_UNWRAP) &&
1769         (params->purpose.value != HKS_KEY_PURPOSE_AGREE))) {
1770         HKS_LOG_E("Import key check purpose failed.");
1771         return HKS_ERROR_INVALID_PURPOSE;
1772     }
1773 
1774     if ((alg == HKS_ALG_RSA) &&
1775         ((params->purpose.value != HKS_KEY_PURPOSE_VERIFY) && (params->purpose.value != HKS_KEY_PURPOSE_ENCRYPT))) {
1776         HKS_LOG_E("Import key check purpose failed.");
1777         return HKS_ERROR_INVALID_PURPOSE;
1778     }
1779 
1780     if (alg == HKS_ALG_RSA) {
1781 #ifdef HKS_SUPPORT_RSA_C
1782         if (params->padding.isAbsent) {
1783             return HKS_SUCCESS;
1784         }
1785         if (params->purpose.value == HKS_KEY_PURPOSE_ENCRYPT) {
1786             return HksCheckValue(params->padding.value, g_rsaCipherPadding, HKS_ARRAY_SIZE(g_rsaCipherPadding));
1787         } else if (params->purpose.value == HKS_KEY_PURPOSE_VERIFY) {
1788             return HksCheckValue(params->padding.value, g_rsaSignPadding, HKS_ARRAY_SIZE(g_rsaSignPadding));
1789         }
1790 #else
1791         return HKS_ERROR_NOT_SUPPORTED;
1792 #endif
1793     }
1794 
1795     return HKS_SUCCESS;
1796 }
1797 
HksCheckSignature(uint32_t cmdId,uint32_t alg,uint32_t keySize,const struct HksBlob * signature)1798 int32_t HksCheckSignature(uint32_t cmdId, uint32_t alg, uint32_t keySize, const struct HksBlob *signature)
1799 {
1800     (void)cmdId;
1801     (void)keySize;
1802     (void)signature;
1803     switch (alg) {
1804 #if defined(HKS_SUPPORT_RSA_C) && defined(HKS_SUPPORT_RSA_SIGN_VERIFY)
1805         case HKS_ALG_RSA:
1806             HKS_IF_NOT_SUCC_LOGE_RETURN(HksCheckValue(keySize, g_rsaKeySize, HKS_ARRAY_SIZE(g_rsaKeySize)),
1807                 HKS_ERROR_INVALID_ARGUMENT, "check key size: key size value %" LOG_PUBLIC "u not expected", keySize)
1808             return CheckRsaSignature(cmdId, keySize, signature);
1809 #endif
1810 #if defined(HKS_SUPPORT_DSA_C) && defined(HKS_SUPPORT_DSA_SIGN_VERIFY)
1811         case HKS_ALG_DSA:
1812             return HKS_SUCCESS;
1813 #endif
1814 #ifdef HKS_SUPPORT_ECC_C
1815         case HKS_ALG_ECC:
1816             HKS_IF_NOT_SUCC_LOGE_RETURN(HksCheckValue(keySize, g_eccKeySize, HKS_ARRAY_SIZE(g_eccKeySize)),
1817                 HKS_ERROR_INVALID_ARGUMENT, "check key size: key size value %" LOG_PUBLIC "u not expected", keySize)
1818             return CheckEccSignature(cmdId, keySize, signature);
1819 #endif
1820 #ifdef HKS_SUPPORT_ED25519_C
1821         case HKS_ALG_ED25519:
1822             return CheckEd25519Signature(cmdId, signature);
1823 #endif
1824 #ifdef HKS_SUPPORT_SM2_C
1825         case HKS_ALG_SM2:
1826             HKS_IF_NOT_SUCC_LOGE_RETURN(HksCheckValue(keySize, g_sm2KeySize, HKS_ARRAY_SIZE(g_sm2KeySize)),
1827                 HKS_ERROR_INVALID_ARGUMENT, "check key size: key size value %" LOG_PUBLIC "u not expected", keySize)
1828             return CheckEccSignature(cmdId, keySize, signature);
1829 #endif
1830         default:
1831             return HKS_ERROR_INVALID_ALGORITHM;
1832     }
1833 }
1834 
HksCheckSignVerifyMutableParams(uint32_t cmdId,uint32_t alg,const struct ParamsValues * inputParams)1835 int32_t HksCheckSignVerifyMutableParams(uint32_t cmdId, uint32_t alg, const struct ParamsValues *inputParams)
1836 {
1837     switch (cmdId) {
1838         case HKS_CMD_ID_SIGN:
1839             if ((inputParams->purpose.value & HKS_KEY_PURPOSE_SIGN) == 0) {
1840                 return HKS_ERROR_INVALID_PURPOSE;
1841             }
1842             break;
1843         case HKS_CMD_ID_VERIFY:
1844             if ((inputParams->purpose.value & HKS_KEY_PURPOSE_VERIFY) == 0) {
1845                 return HKS_ERROR_INVALID_PURPOSE;
1846             }
1847             break;
1848         default:
1849             return HKS_ERROR_INVALID_ARGUMENT;
1850     }
1851 
1852     switch (alg) {
1853 #ifdef HKS_SUPPORT_RSA_C
1854         case HKS_ALG_RSA:
1855             HKS_IF_NOT_SUCC_RETURN(HksCheckValue(inputParams->padding.value, g_rsaSignPadding,
1856                 HKS_ARRAY_SIZE(g_rsaSignPadding)), HKS_ERROR_INVALID_PADDING)
1857             break;
1858 #endif
1859 #ifdef HKS_SUPPORT_DSA_C
1860         case HKS_ALG_DSA:
1861             break;
1862 #endif
1863 #ifdef HKS_SUPPORT_ECC_C
1864         case HKS_ALG_ECC:
1865             break;
1866 #endif
1867         default:
1868             /* other alg no need check padding */
1869             break;
1870     }
1871     return HKS_SUCCESS;
1872 }
1873 #endif /* _CUT_AUTHENTICATE_ */
1874 
HksCheckCipherMutableParams(uint32_t cmdId,uint32_t alg,const struct ParamsValues * inputParams)1875 int32_t HksCheckCipherMutableParams(uint32_t cmdId, uint32_t alg, const struct ParamsValues *inputParams)
1876 {
1877     switch (cmdId) {
1878         case HKS_CMD_ID_ENCRYPT:
1879             if ((inputParams->purpose.value & HKS_KEY_PURPOSE_ENCRYPT) == 0) {
1880                 return HKS_ERROR_INVALID_PURPOSE;
1881             }
1882             break;
1883         case HKS_CMD_ID_DECRYPT:
1884             if ((inputParams->purpose.value & HKS_KEY_PURPOSE_DECRYPT) == 0) {
1885                 return HKS_ERROR_INVALID_PURPOSE;
1886             }
1887             break;
1888         default:
1889             return HKS_ERROR_INVALID_ARGUMENT;
1890     }
1891 
1892     int32_t ret = HKS_ERROR_INVALID_PADDING;
1893     switch (alg) {
1894 #ifdef HKS_SUPPORT_RSA_C
1895         case HKS_ALG_RSA:
1896             ret = HksCheckValue(inputParams->padding.value, g_rsaCipherPadding, HKS_ARRAY_SIZE(g_rsaCipherPadding));
1897             break;
1898 #endif
1899 #ifdef HKS_SUPPORT_AES_C
1900         case HKS_ALG_AES:
1901             ret = CheckAesPadding(inputParams);
1902             break;
1903 #endif
1904 #ifdef HKS_SUPPORT_SM4_C
1905         case HKS_ALG_SM4:
1906             ret = CheckSm4Padding(inputParams);
1907             break;
1908 #endif
1909 #ifdef HKS_SUPPORT_SM2_C
1910         case HKS_ALG_SM2:
1911             ret = HksCheckValue(inputParams->padding.value, g_sm2CipherPadding, HKS_ARRAY_SIZE(g_sm2CipherPadding));
1912             break;
1913 #endif
1914         default:
1915             return HKS_ERROR_INVALID_ALGORITHM;
1916     }
1917     HKS_IF_NOT_SUCC_RETURN(ret, HKS_ERROR_INVALID_PADDING)
1918     return ret;
1919 }
1920 
HksCheckCipherData(uint32_t cmdId,uint32_t alg,const struct ParamsValues * inputParams,const struct HksBlob * inData,const struct HksBlob * outData)1921 int32_t HksCheckCipherData(uint32_t cmdId, uint32_t alg, const struct ParamsValues *inputParams,
1922     const struct HksBlob *inData, const struct HksBlob *outData)
1923 {
1924     switch (alg) {
1925 #if defined(HKS_SUPPORT_RSA_C) && defined(HKS_SUPPORT_RSA_CRYPT)
1926         case HKS_ALG_RSA:
1927             return CheckRsaCipherData(cmdId, inputParams, inData, outData);
1928 #endif
1929 #ifdef HKS_SUPPORT_AES_C
1930         case HKS_ALG_AES:
1931             return CheckBlockCipherData(cmdId, inputParams, inData, outData, HKS_ALG_AES);
1932 #endif
1933 #ifdef HKS_SUPPORT_SM4_C
1934         case HKS_ALG_SM4:
1935             return CheckBlockCipherData(cmdId, inputParams, inData, outData, HKS_ALG_SM4);
1936 #endif
1937 #ifdef HKS_SUPPORT_SM2_C
1938         case HKS_ALG_SM2:
1939             return HKS_SUCCESS;
1940 #endif
1941         default:
1942             return HKS_ERROR_INVALID_ALGORITHM;
1943     }
1944 }
1945 
HksCheckCipherMaterialParams(uint32_t alg,const struct ParamsValues * inputParams,const struct HksParamSet * paramSet)1946 int32_t HksCheckCipherMaterialParams(uint32_t alg, const struct ParamsValues *inputParams,
1947     const struct HksParamSet *paramSet)
1948 {
1949 #ifdef HKS_SUPPORT_AES_C
1950     if (alg == HKS_ALG_AES) {
1951         uint32_t mode = inputParams->mode.value;
1952         if (mode == HKS_MODE_CBC) {
1953             return CheckBlockCipherIvMaterial(paramSet);
1954         } else if ((mode == HKS_MODE_CCM) || (mode == HKS_MODE_GCM)) {
1955             return CheckCipherAeMaterial(mode, paramSet);
1956         }
1957     }
1958 #endif
1959 #ifdef HKS_SUPPORT_SM4_C
1960     if (alg == HKS_ALG_SM4) {
1961         uint32_t mode = inputParams->mode.value;
1962         if (mode == HKS_MODE_CBC || mode == HKS_MODE_CTR || mode == HKS_MODE_CFB || mode == HKS_MODE_OFB) {
1963             return CheckBlockCipherIvMaterial(paramSet);
1964         }
1965     }
1966 #endif
1967     return HKS_SUCCESS;
1968 }
1969 
1970 #ifdef HKS_SUPPORT_USER_AUTH_ACCESS_CONTROL
HasValidAuthAccessType(const struct ExpectParams allowAuthAccessTypes,uint32_t authAccessType,uint32_t * matchType)1971 static int32_t HasValidAuthAccessType(const struct ExpectParams allowAuthAccessTypes,
1972     uint32_t authAccessType, uint32_t *matchType)
1973 {
1974     for (uint32_t i = 0; i < allowAuthAccessTypes.valueCnt; i++) {
1975         if ((authAccessType & allowAuthAccessTypes.values[i]) != 0) {
1976             *matchType = allowAuthAccessTypes.values[i];
1977             return HKS_SUCCESS;
1978         }
1979     }
1980     return HKS_ERROR_INVALID_ARGUMENT;
1981 }
1982 
HksCheckAuthAccessTypeByUserAuthType(uint32_t userAuthType,uint32_t authAccessType)1983 static int32_t HksCheckAuthAccessTypeByUserAuthType(uint32_t userAuthType, uint32_t authAccessType)
1984 {
1985     uint32_t valuesCnt = HKS_ARRAY_SIZE(g_expectAuthAccessParams);
1986     uint32_t validAuthAccessType = 0;
1987     uint32_t tempType = 0;
1988     for (uint32_t i = 0; i < valuesCnt; i++) {
1989         struct AuthAccessTypeChecker checker = g_expectAuthAccessParams[i];
1990         if ((checker.userAuthType & userAuthType) != 0 &&
1991             HasValidAuthAccessType(checker.allowAuthAccessTypes, authAccessType, &tempType) == HKS_SUCCESS) {
1992             validAuthAccessType |= tempType;
1993         }
1994     }
1995     if ((authAccessType != 0) && (authAccessType == validAuthAccessType)) {
1996         if ((authAccessType & HKS_AUTH_ACCESS_ALWAYS_VALID) != 0
1997             && (authAccessType &(~HKS_AUTH_ACCESS_ALWAYS_VALID)) != 0) {
1998             HKS_LOG_E("auth access type is invalid: ALWAYS_VALID cannot coexist with other type");
1999             return HKS_ERROR_INVALID_ACCESS_TYPE;
2000         }
2001         return HKS_SUCCESS;
2002     }
2003     HKS_LOG_E("authAccessType %" LOG_PUBLIC "u is not equal to validAuthAccessType %" LOG_PUBLIC "u or is 0",
2004         authAccessType, validAuthAccessType);
2005     return HKS_ERROR_INVALID_ACCESS_TYPE;
2006 }
2007 #endif
2008 
HksCheckUserAuthParams(uint32_t userAuthType,uint32_t authAccessType,uint32_t challengeType)2009 int32_t HksCheckUserAuthParams(uint32_t userAuthType, uint32_t authAccessType, uint32_t challengeType)
2010 {
2011 #ifdef HKS_SUPPORT_USER_AUTH_ACCESS_CONTROL
2012     int32_t ret = HksCheckValue(userAuthType, g_supportUserAuthTypes, HKS_ARRAY_SIZE(g_supportUserAuthTypes));
2013     HKS_IF_NOT_SUCC_RETURN(ret, HKS_ERROR_INVALID_AUTH_TYPE)
2014 
2015     ret = HksCheckValue(challengeType, g_userAuthChallengeType, HKS_ARRAY_SIZE(g_userAuthChallengeType));
2016     HKS_IF_NOT_SUCC_RETURN(ret, HKS_ERROR_INVALID_CHALLENGE_TYPE)
2017 
2018     return HksCheckAuthAccessTypeByUserAuthType(userAuthType, authAccessType);
2019 #else
2020     (void)userAuthType;
2021     (void)authAccessType;
2022     (void)challengeType;
2023     return HKS_SUCCESS;
2024 #endif
2025 }
2026 
HksCheckSecureSignParams(uint32_t secureSignType)2027 int32_t HksCheckSecureSignParams(uint32_t secureSignType)
2028 {
2029 #ifdef HKS_SUPPORT_USER_AUTH_ACCESS_CONTROL
2030     return HksCheckValue(secureSignType, g_supportSecureSignType, HKS_ARRAY_SIZE(g_supportSecureSignType));
2031 #else
2032     (void)secureSignType;
2033     return HKS_SUCCESS;
2034 #endif
2035 }
2036 
2037 /* If the algorithm is ed25519, the plaintext is directly cached, and if the digest is HKS_DIGEST_NONE, the
2038    hash value has been passed in by the user. So the hash value does not need to be free.
2039 */
HksCheckNeedCache(uint32_t alg,uint32_t digest)2040 int32_t HksCheckNeedCache(uint32_t alg, uint32_t digest)
2041 {
2042     if ((alg == HKS_ALG_ED25519) || (digest == HKS_DIGEST_NONE)) {
2043         HKS_LOG_I("need to cache the data");
2044         return HKS_SUCCESS;
2045     }
2046     return HKS_FAILURE;
2047 }
2048 
2049 #ifdef HKS_SUPPORT_USER_AUTH_ACCESS_CONTROL
CheckUserAuthKeyInfoValidity(const struct HksParamSet * paramSet,const struct KeyInfoParams * params,uint32_t paramsCnt)2050 static int32_t CheckUserAuthKeyInfoValidity(const struct HksParamSet *paramSet,
2051     const struct KeyInfoParams *params, uint32_t paramsCnt)
2052 {
2053     for (uint32_t i = 0; i < paramsCnt; i++) {
2054         if (params[i].needCheck) {
2055             struct HksParam *param = NULL;
2056             int32_t ret = HksGetParam(paramSet, params[i].tag, &param);
2057             HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_SUCCESS, "tag is empty and no need to check!")
2058 
2059             ret = HksCheckValue(param->uint32Param, params[i].values, params[i].valueCnt);
2060             HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "not support tag %" LOG_PUBLIC "u and value is %" LOG_PUBLIC "u",
2061                 params[i].tag, param->uint32Param)
2062         }
2063     }
2064     return HKS_SUCCESS;
2065 }
2066 #endif
2067 
HksCheckUserAuthKeyInfoValidity(const struct HksParamSet * paramSet)2068 int32_t HksCheckUserAuthKeyInfoValidity(const struct HksParamSet *paramSet)
2069 {
2070 #ifdef HKS_SUPPORT_USER_AUTH_ACCESS_CONTROL
2071     HKS_IF_NOT_SUCC_LOGE_RETURN(HksCheckParamSet(paramSet, paramSet->paramSetSize),
2072     HKS_ERROR_INVALID_ARGUMENT, "invalid paramSet!")
2073 
2074     struct HksParam *algParam = NULL;
2075     int32_t ret = HksGetParam(paramSet, HKS_TAG_ALGORITHM, &algParam);
2076     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get alg param failed!")
2077 
2078     for (uint32_t i = 0; i < HKS_ARRAY_SIZE(g_validKeyInfo); i++) {
2079         if (algParam->uint32Param == g_validKeyInfo[i].keyAlg) {
2080             ret = CheckUserAuthKeyInfoValidity(paramSet, g_validKeyInfo[i].params, g_validKeyInfo[i].paramsCnt);
2081             HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_NOT_SUPPORTED, "not support set key auth purpose!")
2082         }
2083     }
2084     HKS_LOG_I("support set key auth purpose!");
2085     return ret;
2086 #else
2087     (void)paramSet;
2088     return HKS_SUCCESS;
2089 #endif
2090 }