1 /*
2 * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #include "hks_config.h"
20 #endif
21
22 #include "hks_base_check.h"
23
24 #include "hks_cmd_id.h"
25 #include "hks_common_check.h"
26 #include "hks_log.h"
27 #include "hks_template.h"
28
29 #ifdef _CUT_AUTHENTICATE_
30 #undef HKS_SUPPORT_RSA_C
31 #undef HKS_SUPPORT_ECC_C
32 #undef HKS_SUPPORT_ECDH_C
33 #undef HKS_SUPPORT_X25519_C
34 #undef HKS_SUPPORT_ED25519_C
35 #endif
36
37 #define HKS_BLOCK_CIPHER_CBC_IV_LEN 16
38 #define HKS_AES_CCM_AAD_LEN_MIN 4
39 #define HKS_AES_CCM_NONCE_LEN_MIN 7
40 #define HKS_AES_CCM_NONCE_LEN_MAX 13
41 #define HKS_AES_GCM_NONCE_LEN_MIN 12
42
43 #define HKS_RSA_OAEP_DIGEST_NUM 2
44 #define HKS_BLOCK_CIPHER_CBC_BLOCK_SIZE 16
45
46 #define HKS_ECC_SIGN_MAX_TL_SIZE 8
47
48 #ifdef HKS_SUPPORT_RSA_C
49 static const uint32_t g_rsaKeySize[] = {
50 HKS_RSA_KEY_SIZE_512,
51 HKS_RSA_KEY_SIZE_768,
52 HKS_RSA_KEY_SIZE_1024,
53 HKS_RSA_KEY_SIZE_2048,
54 HKS_RSA_KEY_SIZE_3072,
55 HKS_RSA_KEY_SIZE_4096
56 };
57 static const uint32_t g_rsaPadding[] = {
58 HKS_PADDING_NONE,
59 HKS_PADDING_OAEP,
60 HKS_PADDING_PSS,
61 HKS_PADDING_PKCS1_V1_5
62 };
63 static const uint32_t g_rsaDigest[] = {
64 HKS_DIGEST_MD5,
65 HKS_DIGEST_NONE,
66 HKS_DIGEST_SHA1,
67 HKS_DIGEST_SHA224,
68 HKS_DIGEST_SHA256,
69 HKS_DIGEST_SHA384,
70 HKS_DIGEST_SHA512
71 };
72 static const uint32_t g_rsaSignPadding[] = {
73 HKS_PADDING_PSS,
74 HKS_PADDING_PKCS1_V1_5
75 };
76 static const uint32_t g_rsaCipherPadding[] = {
77 HKS_PADDING_NONE,
78 HKS_PADDING_OAEP,
79 HKS_PADDING_PKCS1_V1_5
80 };
81 #endif
82
83 #ifdef HKS_SUPPORT_AES_C
84 static const uint32_t g_aesKeySize[] = {
85 HKS_AES_KEY_SIZE_128,
86 HKS_AES_KEY_SIZE_192,
87 HKS_AES_KEY_SIZE_256
88 };
89 static const uint32_t g_aesMacKeySize[] = {
90 HKS_AES_KEY_SIZE_256,
91 };
92 static const uint32_t g_aesPadding[] = {
93 HKS_PADDING_NONE,
94 HKS_PADDING_PKCS7
95 };
96 static const uint32_t g_aesMode[] = {
97 HKS_MODE_CBC,
98 HKS_MODE_CCM,
99 HKS_MODE_CTR,
100 HKS_MODE_ECB,
101 HKS_MODE_GCM
102 };
103 static const uint32_t g_aesCbcPadding[] = {
104 HKS_PADDING_NONE,
105 HKS_PADDING_PKCS7
106 };
107 static const uint32_t g_aesAeadPadding[] = {
108 HKS_PADDING_NONE
109 };
110 static const uint32_t g_aesCtrPadding[] = {
111 HKS_PADDING_NONE
112 };
113 static const uint32_t g_aesEcbPadding[] = {
114 HKS_PADDING_NONE,
115 HKS_PADDING_PKCS7
116 };
117 #endif
118
119 #ifdef HKS_SUPPORT_SM4_C
120 static const uint32_t g_sm4KeySize[] = {
121 HKS_SM4_KEY_SIZE_128,
122 };
123 static const uint32_t g_sm4Padding[] = {
124 HKS_PADDING_NONE,
125 HKS_PADDING_PKCS7
126 };
127 static const uint32_t g_sm4Purpose[] = {
128 HKS_KEY_PURPOSE_ENCRYPT,
129 HKS_KEY_PURPOSE_DECRYPT,
130 HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT,
131 };
132 static const uint32_t g_sm4Mode[] = {
133 HKS_MODE_CBC,
134 HKS_MODE_CTR,
135 HKS_MODE_ECB,
136 HKS_MODE_CFB,
137 HKS_MODE_OFB,
138 };
139 static const uint32_t g_sm4CbcPadding[] = {
140 HKS_PADDING_NONE,
141 HKS_PADDING_PKCS7
142 };
143 static const uint32_t g_sm4CtrPadding[] = {
144 HKS_PADDING_NONE
145 };
146 static const uint32_t g_sm4EcbPadding[] = {
147 HKS_PADDING_NONE,
148 HKS_PADDING_PKCS7
149 };
150 static const uint32_t g_sm4CfbPadding[] = {
151 HKS_PADDING_NONE
152 };
153 static const uint32_t g_sm4OfbPadding[] = {
154 HKS_PADDING_NONE
155 };
156 #endif
157
158 #ifdef HKS_SUPPORT_ECC_C
159 static const uint32_t g_eccKeySize[] = {
160 HKS_ECC_KEY_SIZE_224,
161 HKS_ECC_KEY_SIZE_256,
162 HKS_ECC_KEY_SIZE_384,
163 HKS_ECC_KEY_SIZE_521
164 };
165
166 static const uint32_t g_eccDigest[] = {
167 HKS_DIGEST_NONE,
168 HKS_DIGEST_SHA1,
169 HKS_DIGEST_SHA224,
170 HKS_DIGEST_SHA256,
171 HKS_DIGEST_SHA384,
172 HKS_DIGEST_SHA512
173 };
174 #endif
175
176 #ifdef HKS_SUPPORT_SM2_C
177 static const uint32_t g_sm2KeySize[] = {
178 HKS_SM2_KEY_SIZE_256
179 };
180
181 static const uint32_t g_sm2Digest[] = {
182 HKS_DIGEST_SM3,
183 HKS_DIGEST_NONE
184 };
185
186 static const uint32_t g_sm2CipherPadding[] = {
187 HKS_PADDING_NONE,
188 };
189 #endif
190
191 #ifdef HKS_SUPPORT_SM3_C
192 static const uint32_t g_sm3Digest[] = {
193 HKS_DIGEST_SM3
194 };
195 #endif
196
197 static const uint32_t g_digest[] = {
198 HKS_DIGEST_SHA256,
199 HKS_DIGEST_SHA384,
200 HKS_DIGEST_SHA512
201 };
202
203 static const uint32_t g_macDigest[] = {
204 HKS_DIGEST_SHA256
205 };
206
207 #ifdef HKS_SUPPORT_ECDH_C
208 static const uint32_t g_ecdhKeySize[] = {
209 HKS_ECC_KEY_SIZE_224,
210 HKS_ECC_KEY_SIZE_256,
211 HKS_ECC_KEY_SIZE_384,
212 HKS_ECC_KEY_SIZE_521
213 };
214 #endif
215
216 #if defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_ED25519_C)
217 static const uint32_t g_curve25519KeySize[] = {
218 HKS_CURVE25519_KEY_SIZE_256,
219 };
220 #endif
221 #ifdef HKS_SUPPORT_HMAC_C
222 static const uint32_t g_hmacDigest[] = {
223 HKS_DIGEST_SHA1,
224 HKS_DIGEST_SHA224,
225 HKS_DIGEST_SHA256,
226 HKS_DIGEST_SHA384,
227 HKS_DIGEST_SHA512,
228 HKS_DIGEST_SM3
229 };
230 #endif
231 #ifdef HKS_SUPPORT_DSA_C
232 static const uint32_t g_dsaDigest[] = {
233 HKS_DIGEST_NONE,
234 HKS_DIGEST_SHA1,
235 HKS_DIGEST_SHA224,
236 HKS_DIGEST_SHA256,
237 HKS_DIGEST_SHA384,
238 HKS_DIGEST_SHA512
239 };
240 #endif
241 #ifdef HKS_SUPPORT_DH_C
242 static const uint32_t g_dhKeySize[] = {
243 HKS_DH_KEY_SIZE_2048,
244 HKS_DH_KEY_SIZE_3072,
245 HKS_DH_KEY_SIZE_4096
246 };
247 #endif
248
249 #ifdef HKS_SUPPORT_RSA_C
250 static const struct ParamsValuesChecker g_rsaParamSet[] = {
251 { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { true, 0, false}, { true, 0, false}, { true, 0, false},
252 { false, 0, false} } },
253 { HKS_CHECK_TYPE_USE_KEY, { { true, 0, false}, { true, 0, false}, { true, 0, false}, { true, 0, false},
254 { false, 0, false} } }
255 };
256 static const struct ExpectParamsValuesChecker g_expectRsaParams[] = {
257 { HKS_CHECK_TYPE_GEN_KEY, {
258 { true, g_rsaKeySize, HKS_ARRAY_SIZE(g_rsaKeySize) },
259 { true, g_rsaPadding, HKS_ARRAY_SIZE(g_rsaPadding) },
260 { false, NULL, 0 },
261 { true, g_rsaDigest, HKS_ARRAY_SIZE(g_rsaDigest) },
262 { false, NULL, 0 }
263 }
264 },
265 { HKS_CHECK_TYPE_USE_KEY, {
266 { true, g_rsaKeySize, HKS_ARRAY_SIZE(g_rsaKeySize) },
267 { true, g_rsaPadding, HKS_ARRAY_SIZE(g_rsaPadding) },
268 { false, NULL, 0 },
269 { true, g_rsaDigest, HKS_ARRAY_SIZE(g_rsaDigest) },
270 { false, NULL, 0 }
271 }
272 }
273 };
274 #endif
275
276 #ifdef HKS_SUPPORT_AES_C
277 static const struct ParamsValuesChecker g_aesParamSet[] = {
278 { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { true, 0, false}, { true, 0, false}, { false, 0, false},
279 { true, 0, false} } },
280 { HKS_CHECK_TYPE_USE_KEY, { { false, 0, false}, { true, 0, false}, { true, 0, false}, { false, 0, false},
281 { true, 0, false} } },
282 { HKS_CHECK_TYPE_GEN_MAC_KEY, { { true, 0, false}, { false, 0, false}, { false, 0, false}, { true, 0, false},
283 { false, 0, false} } },
284 { HKS_CHECK_TYPE_GEN_DERIVE_KEY, { { true, 0, false}, { false, 0, false}, { false, 0, false}, { true, 0, false},
285 { false, 0, false} } }
286 };
287
288 static const struct ExpectParamsValuesChecker g_expectAesParams[] = {
289 { HKS_CHECK_TYPE_GEN_KEY, {
290 { true, g_aesKeySize, HKS_ARRAY_SIZE(g_aesKeySize) },
291 { true, g_aesPadding, HKS_ARRAY_SIZE(g_aesPadding) },
292 { false, NULL, 0 },
293 { false, NULL, 0 },
294 { true, g_aesMode, HKS_ARRAY_SIZE(g_aesMode) }
295 }
296 },
297 { HKS_CHECK_TYPE_USE_KEY, {
298 { false, NULL, 0 },
299 { true, g_aesPadding, HKS_ARRAY_SIZE(g_aesPadding) },
300 { false, NULL, 0 },
301 { false, NULL, 0 },
302 { true, g_aesMode, HKS_ARRAY_SIZE(g_aesMode) }
303 }
304 },
305 { HKS_CHECK_TYPE_GEN_MAC_KEY, {
306 { true, g_aesMacKeySize, HKS_ARRAY_SIZE(g_aesMacKeySize) },
307 { false, NULL, 0 },
308 { false, NULL, 0 },
309 { true, g_macDigest, HKS_ARRAY_SIZE(g_macDigest) },
310 { false, NULL, 0 }
311 }
312 },
313 { HKS_CHECK_TYPE_GEN_DERIVE_KEY, {
314 { true, g_aesKeySize, HKS_ARRAY_SIZE(g_aesKeySize) },
315 { false, NULL, 0 },
316 { false, NULL, 0 },
317 { true, g_digest, HKS_ARRAY_SIZE(g_digest) },
318 { false, NULL, 0 }
319 }
320 }
321 };
322 #endif
323
324 #ifdef HKS_SUPPORT_ECC_C
325 static const struct ParamsValuesChecker g_eccParamSet[] = {
326 { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
327 { false, 0, false} } },
328 { HKS_CHECK_TYPE_USE_KEY, { { false, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
329 { false, 0, false} } }
330 };
331 static const struct ExpectParamsValuesChecker g_expectEccParams[] = {
332 { HKS_CHECK_TYPE_GEN_KEY, {
333 { true, g_eccKeySize, HKS_ARRAY_SIZE(g_eccKeySize) },
334 { false, NULL, 0 },
335 { false, NULL, 0 },
336 { true, g_eccDigest, HKS_ARRAY_SIZE(g_eccDigest) },
337 { false, NULL, 0 }
338 }
339 },
340 { HKS_CHECK_TYPE_USE_KEY, {
341 { false, NULL, 0 },
342 { false, NULL, 0 },
343 { false, NULL, 0 },
344 { true, g_eccDigest, HKS_ARRAY_SIZE(g_eccDigest) },
345 { false, NULL, 0 }
346 }
347 }
348 };
349 #endif
350
351 #ifdef HKS_SUPPORT_SM2_C
352 static const struct ParamsValuesChecker g_sm2ParamSet[] = {
353 { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
354 { false, 0, false} } },
355 { HKS_CHECK_TYPE_USE_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
356 { false, 0, false} } }
357 };
358 static const struct ExpectParamsValuesChecker g_expectSm2Params[] = {
359 { HKS_CHECK_TYPE_GEN_KEY, {
360 { true, g_sm2KeySize, HKS_ARRAY_SIZE(g_sm2KeySize) },
361 { false, NULL, 0 },
362 { false, NULL, 0 },
363 { true, g_sm2Digest, HKS_ARRAY_SIZE(g_sm2Digest) },
364 { false, NULL, 0 }
365 }
366 },
367 { HKS_CHECK_TYPE_USE_KEY, {
368 { true, g_sm2KeySize, HKS_ARRAY_SIZE(g_sm2KeySize) },
369 { false, NULL, 0 },
370 { false, NULL, 0 },
371 { true, g_sm2Digest, HKS_ARRAY_SIZE(g_sm2Digest) },
372 { false, NULL, 0 }
373 }
374 }
375 };
376 #endif
377
378 #ifdef HKS_SUPPORT_SM3_C
379 static const struct ParamsValuesChecker g_sm3ParamSet[] = {
380 { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
381 { false, 0, false} } },
382 { HKS_CHECK_TYPE_GEN_MAC_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
383 { false, 0, false} } }
384 };
385 static const struct ExpectParamsValuesChecker g_expectSm3Params[] = {
386 { HKS_CHECK_TYPE_GEN_KEY, {
387 { false, NULL, 0 },
388 { false, NULL, 0 },
389 { false, NULL, 0 },
390 { true, g_sm3Digest, sizeof(g_sm3Digest) / sizeof(g_sm3Digest[0]) },
391 { false, NULL, 0 }
392 }
393 },
394 { HKS_CHECK_TYPE_GEN_MAC_KEY, {
395 { false, NULL, 0 },
396 { false, NULL, 0 },
397 { false, NULL, 0 },
398 { true, g_sm3Digest, sizeof(g_sm3Digest) / sizeof(g_sm3Digest[0]) },
399 { false, NULL, 0 }
400 }
401 }
402 };
403 #endif
404
405 #ifdef HKS_SUPPORT_SM4_C
406 static const struct ParamsValuesChecker g_sm4ParamSet[] = {
407 { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { true, 0, false}, { true, 0, false}, { false, 0, false},
408 { true, 0, false} } },
409 { HKS_CHECK_TYPE_USE_KEY, { { true, 0, false}, { true, 0, false}, { true, 0, false}, { false, 0, false},
410 { true, 0, false} } },
411 { HKS_CHECK_TYPE_GEN_DERIVE_KEY, { { true, 0, false}, { false, 0, false}, { false, 0, false}, { true, 0, false},
412 { false, 0, false} } }
413 };
414 static const struct ExpectParamsValuesChecker g_expectSm4Params[] = {
415 { HKS_CHECK_TYPE_GEN_KEY, {
416 { true, g_sm4KeySize, HKS_ARRAY_SIZE(g_sm4KeySize) },
417 { true, g_sm4Padding, HKS_ARRAY_SIZE(g_sm4Padding) },
418 { true, g_sm4Purpose, HKS_ARRAY_SIZE(g_sm4Purpose) },
419 { false, NULL, 0 },
420 { true, g_sm4Mode, HKS_ARRAY_SIZE(g_sm4Mode) }
421 }
422 },
423 { HKS_CHECK_TYPE_USE_KEY, {
424 { true, g_sm4KeySize, HKS_ARRAY_SIZE(g_sm4KeySize) },
425 { true, g_sm4Padding, HKS_ARRAY_SIZE(g_sm4Padding) },
426 { true, g_sm4Purpose, HKS_ARRAY_SIZE(g_sm4Purpose) },
427 { false, NULL, 0 },
428 { true, g_sm4Mode, HKS_ARRAY_SIZE(g_sm4Mode) }
429 }
430 },
431 { HKS_CHECK_TYPE_GEN_DERIVE_KEY, {
432 { true, g_sm4KeySize, HKS_ARRAY_SIZE(g_sm4KeySize) },
433 { false, NULL, 0 },
434 { false, NULL, 0 },
435 { true, g_sm3Digest, HKS_ARRAY_SIZE(g_sm3Digest) },
436 { false, NULL, 0 }
437 }
438 }
439 };
440 #endif
441
442 #if defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_ED25519_C)
443 static const struct ParamsValuesChecker g_curve25519ParamSet[] = {
444 { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { false, 0, false},
445 { false, 0, false} } },
446 { HKS_CHECK_TYPE_USE_KEY, { { false, 0, false}, { false, 0, false}, { true, 0, false}, { false, 0, false},
447 { false, 0, false} } }
448 };
449 static const struct ExpectParamsValuesChecker g_expectCurve25519Params[] = {
450 { HKS_CHECK_TYPE_GEN_KEY, {
451 { true, g_curve25519KeySize, sizeof(g_curve25519KeySize) / sizeof(g_curve25519KeySize[0]) },
452 { false, NULL, 0 },
453 { false, NULL, 0 },
454 { false, NULL, 0 },
455 { false, NULL, 0 }
456 }
457 },
458 { HKS_CHECK_TYPE_USE_KEY, {
459 { false, NULL, 0 },
460 { false, NULL, 0 },
461 { false, NULL, 0 },
462 { false, NULL, 0 },
463 { false, NULL, 0 }
464 }
465 }
466 };
467 #endif
468
469 #ifdef HKS_SUPPORT_HMAC_C
470 static const struct ParamsValuesChecker g_hmacParamSet[] = {
471 { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
472 { false, 0, false} } },
473 { HKS_CHECK_TYPE_USE_KEY, { { false, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
474 { false, 0, false} } },
475 { HKS_CHECK_TYPE_GEN_MAC_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
476 { false, 0, false} } }
477 };
478 static const struct ExpectParamsValuesChecker g_expectHmacParams[] = {
479 { HKS_CHECK_TYPE_GEN_KEY, {
480 { false, NULL, 0 },
481 { false, NULL, 0 },
482 { false, NULL, 0 },
483 { true, g_hmacDigest, sizeof(g_hmacDigest) / sizeof(g_hmacDigest[0]) },
484 { false, NULL, 0 }
485 }
486 },
487 { HKS_CHECK_TYPE_USE_KEY, {
488 { false, NULL, 0 },
489 { false, NULL, 0 },
490 { false, NULL, 0 },
491 { true, g_hmacDigest, sizeof(g_hmacDigest) / sizeof(g_hmacDigest[0]) },
492 { false, NULL, 0 }
493 }
494 },
495 { HKS_CHECK_TYPE_GEN_MAC_KEY, {
496 { false, NULL, 0 },
497 { false, NULL, 0 },
498 { false, NULL, 0 },
499 { true, g_hmacDigest, sizeof(g_hmacDigest) / sizeof(g_hmacDigest[0]) },
500 { false, NULL, 0 }
501 }
502 }
503 };
504 #endif
505
506 #ifdef HKS_SUPPORT_DSA_C
507 static const struct ParamsValuesChecker g_dsaParamSet[] = {
508 { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
509 { false, 0, false} } },
510 { HKS_CHECK_TYPE_USE_KEY, { { false, 0, false}, { false, 0, false}, { true, 0, false}, { true, 0, false},
511 { false, 0, false} } }
512 };
513 static const struct ExpectParamsValuesChecker g_expectDsaParams[] = {
514 { HKS_CHECK_TYPE_GEN_KEY, {
515 { false, NULL, 0 },
516 { false, NULL, 0 },
517 { false, NULL, 0 },
518 { true, g_dsaDigest, sizeof(g_dsaDigest) / sizeof(g_dsaDigest[0]) },
519 { false, NULL, 0 }
520 }
521 },
522 { HKS_CHECK_TYPE_USE_KEY, {
523 { false, NULL, 0 },
524 { false, NULL, 0 },
525 { false, NULL, 0 },
526 { true, g_dsaDigest, sizeof(g_dsaDigest) / sizeof(g_dsaDigest[0]) },
527 { false, NULL, 0 }
528 }
529 }
530 };
531 #endif
532
533 #ifdef HKS_SUPPORT_DH_C
534 static const struct ParamsValuesChecker g_dhParamSet[] = {
535 { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { false, 0, false},
536 { false, 0, false} } },
537 { HKS_CHECK_TYPE_USE_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { false, 0, false},
538 { false, 0, false} } }
539 };
540 static const struct ExpectParamsValuesChecker g_expectDhParams[] = {
541 { HKS_CHECK_TYPE_GEN_KEY, {
542 { true, g_dhKeySize, sizeof(g_dhKeySize) / sizeof(g_dhKeySize[0]) },
543 { false, NULL, 0 },
544 { false, NULL, 0 },
545 { false, NULL, 0 },
546 { false, NULL, 0 }
547 }
548 },
549 { HKS_CHECK_TYPE_USE_KEY, {
550 { true, g_dhKeySize, sizeof(g_dhKeySize) / sizeof(g_dhKeySize[0]) },
551 { false, NULL, 0 },
552 { false, NULL, 0 },
553 { false, NULL, 0 },
554 { false, NULL, 0 }
555 }
556 }
557 };
558 #endif
559
560 #ifdef HKS_SUPPORT_ECDH_C
561 static const struct ParamsValuesChecker g_ecdhParamSet[] = {
562 { HKS_CHECK_TYPE_GEN_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { false, 0, false},
563 { false, 0, false} } },
564 { HKS_CHECK_TYPE_USE_KEY, { { true, 0, false}, { false, 0, false}, { true, 0, false}, { false, 0, false},
565 { false, 0, false} } }
566 };
567 static const struct ExpectParamsValuesChecker g_expectEcdhParams[] = {
568 { HKS_CHECK_TYPE_GEN_KEY, {
569 { true, g_ecdhKeySize, sizeof(g_ecdhKeySize) / sizeof(g_ecdhKeySize[0]) },
570 { false, NULL, 0 },
571 { false, NULL, 0 },
572 { false, NULL, 0 },
573 { false, NULL, 0 }
574 }
575 },
576 { HKS_CHECK_TYPE_USE_KEY, {
577 { true, g_ecdhKeySize, sizeof(g_ecdhKeySize) / sizeof(g_ecdhKeySize[0]) },
578 { false, NULL, 0 },
579 { false, NULL, 0 },
580 { false, NULL, 0 },
581 { false, NULL, 0 }
582 }
583 }
584 };
585 #endif
586
587 #ifndef _CUT_AUTHENTICATE_
588 static const uint32_t g_invalidPurpose[][2] = {
589 #ifdef HKS_SUPPORT_RSA_C
590 {
591 HKS_ALG_RSA,
592 HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP |
593 HKS_KEY_PURPOSE_AGREE,
594 },
595 #endif
596 #ifdef HKS_SUPPORT_ECC_C
597 {
598 HKS_ALG_ECC,
599 HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_WRAP |
600 HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT,
601 },
602 #endif
603 #ifdef HKS_SUPPORT_SM2_C
604 {
605 HKS_ALG_SM2,
606 HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_WRAP,
607 },
608 #endif
609 #ifdef HKS_SUPPORT_SM3_C
610 {
611 HKS_ALG_SM3,
612 HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY | HKS_KEY_PURPOSE_WRAP |
613 HKS_KEY_PURPOSE_UNWRAP | HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT | HKS_KEY_PURPOSE_AGREE,
614 },
615 #endif
616 #ifdef HKS_SUPPORT_SM4_C
617 {
618 HKS_ALG_SM4,
619 HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY | HKS_KEY_PURPOSE_WRAP |
620 HKS_KEY_PURPOSE_UNWRAP | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_AGREE,
621 },
622 #endif
623 #ifdef HKS_SUPPORT_AES_C
624 {
625 HKS_ALG_AES,
626 HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY | HKS_KEY_PURPOSE_AGREE | HKS_KEY_PURPOSE_WRAP |
627 HKS_KEY_PURPOSE_UNWRAP,
628 },
629 #endif
630 #ifdef HKS_SUPPORT_ED25519_C
631 {
632 HKS_ALG_ED25519,
633 HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP |
634 HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT,
635 },
636 #endif
637 #ifdef HKS_SUPPORT_X25519_C
638 {
639 HKS_ALG_X25519,
640 HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT |
641 HKS_KEY_PURPOSE_WRAP,
642 },
643 #endif
644 #ifdef HKS_SUPPORT_HMAC_C
645 {
646 HKS_ALG_HMAC,
647 HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY | HKS_KEY_PURPOSE_WRAP |
648 HKS_KEY_PURPOSE_UNWRAP | HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT | HKS_KEY_PURPOSE_AGREE,
649 },
650 #endif
651 #ifdef HKS_SUPPORT_DSA_C
652 {
653 HKS_ALG_DSA,
654 HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP |
655 HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT | HKS_KEY_PURPOSE_AGREE,
656 },
657 #endif
658 #ifdef HKS_SUPPORT_DH_C
659 {
660 HKS_ALG_DH,
661 HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP |
662 HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT | HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY,
663 },
664 #endif
665 #ifdef HKS_SUPPORT_ECDH_C
666 {
667 HKS_ALG_ECDH,
668 HKS_KEY_PURPOSE_DERIVE | HKS_KEY_PURPOSE_MAC | HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP |
669 HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT | HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY,
670 },
671 #endif
672 };
673
674 static const uint32_t g_invalidImportKeyPurpose[][2] = {
675 #ifdef HKS_SUPPORT_ECC_C
676 {
677 HKS_ALG_ECC,
678 HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP,
679 },
680 #endif
681 #ifdef HKS_SUPPORT_X25519_C
682 {
683 HKS_ALG_X25519,
684 HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP,
685 },
686 #endif
687 #ifdef HKS_SUPPORT_SM2_C
688 {
689 HKS_ALG_SM2,
690 HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP,
691 },
692 #endif
693 };
694 #endif
695
696 #ifdef HKS_SUPPORT_USER_AUTH_ACCESS_CONTROL
697 static const uint32_t g_userAuthChallengeType[] = {
698 HKS_CHALLENGE_TYPE_NORMAL,
699 HKS_CHALLENGE_TYPE_CUSTOM,
700 HKS_CHALLENGE_TYPE_NONE,
701 };
702
703 static const uint32_t g_validBiometricAuthAccessType[] = {
704 HKS_AUTH_ACCESS_INVALID_NEW_BIO_ENROLL,
705 HKS_AUTH_ACCESS_INVALID_CLEAR_PASSWORD,
706 HKS_AUTH_ACCESS_ALWAYS_VALID
707 };
708
709 static const uint32_t g_validPinAuthAccessType[] = {
710 HKS_AUTH_ACCESS_INVALID_CLEAR_PASSWORD,
711 HKS_AUTH_ACCESS_ALWAYS_VALID
712 };
713
714 static const struct AuthAccessTypeChecker g_expectAuthAccessParams[] = {
715 { HKS_USER_AUTH_TYPE_FACE,
716 { true, g_validBiometricAuthAccessType, HKS_ARRAY_SIZE(g_validBiometricAuthAccessType)}
717 },
718 { HKS_USER_AUTH_TYPE_FINGERPRINT,
719 { true, g_validBiometricAuthAccessType, HKS_ARRAY_SIZE(g_validBiometricAuthAccessType)}
720 },
721 { HKS_USER_AUTH_TYPE_PIN,
722 { true, g_validPinAuthAccessType, HKS_ARRAY_SIZE(g_validPinAuthAccessType)}
723 }
724 };
725
726 static const uint32_t g_supportUserAuthTypes[] = {
727 HKS_USER_AUTH_TYPE_PIN,
728 HKS_USER_AUTH_TYPE_FINGERPRINT,
729 HKS_USER_AUTH_TYPE_FACE,
730 HKS_USER_AUTH_TYPE_PIN | HKS_USER_AUTH_TYPE_FINGERPRINT,
731 HKS_USER_AUTH_TYPE_PIN | HKS_USER_AUTH_TYPE_FACE,
732 HKS_USER_AUTH_TYPE_FACE | HKS_USER_AUTH_TYPE_FINGERPRINT,
733 HKS_USER_AUTH_TYPE_PIN | HKS_USER_AUTH_TYPE_FACE | HKS_USER_AUTH_TYPE_FINGERPRINT
734 };
735
736 static const uint32_t g_supportSecureSignType[] = {
737 HKS_SECURE_SIGN_WITH_AUTHINFO
738 };
739
740 #ifdef HKS_SUPPORT_AES_C
741 static const uint32_t g_supportAesPurpose[] = {
742 HKS_KEY_PURPOSE_ENCRYPT,
743 HKS_KEY_PURPOSE_DECRYPT,
744 HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT,
745 HKS_KEY_PURPOSE_DERIVE,
746 HKS_KEY_PURPOSE_MAC
747 };
748
749 static const uint32_t g_supportAesCipherMode[] = {
750 HKS_MODE_CBC,
751 HKS_MODE_GCM,
752 HKS_MODE_CCM
753 };
754
755 static const struct KeyInfoParams g_validAesKeyInfo[] = {
756 { true, HKS_TAG_PURPOSE, g_supportAesPurpose, HKS_ARRAY_SIZE(g_supportAesPurpose) },
757 { true, HKS_TAG_BLOCK_MODE, g_supportAesCipherMode, HKS_ARRAY_SIZE(g_supportAesCipherMode) }
758 };
759 #endif
760
761 #ifdef HKS_SUPPORT_SM4_C
762 static const uint32_t g_supportSm4Purpose[] = {
763 HKS_KEY_PURPOSE_ENCRYPT,
764 HKS_KEY_PURPOSE_DECRYPT,
765 HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT
766 };
767
768 static const uint32_t g_supportSm4CipherMode[] = {
769 HKS_MODE_CBC
770 };
771
772 static const struct KeyInfoParams g_validSm4KeyInfo[] = {
773 { true, HKS_TAG_PURPOSE, g_supportSm4Purpose, HKS_ARRAY_SIZE(g_supportSm4Purpose) },
774 { true, HKS_TAG_BLOCK_MODE, g_supportSm4CipherMode, HKS_ARRAY_SIZE(g_supportSm4CipherMode) }
775 };
776 #endif
777
778 static const struct AuthAcceessKeyInfoChecker g_validKeyInfo[] = {
779 #ifdef HKS_SUPPORT_AES_C
780 { HKS_ALG_AES, g_validAesKeyInfo, HKS_ARRAY_SIZE(g_validAesKeyInfo) },
781 #endif
782 #ifdef HKS_SUPPORT_SM4_C
783 { HKS_ALG_SM4, g_validSm4KeyInfo, HKS_ARRAY_SIZE(g_validSm4KeyInfo) }
784 #endif
785 };
786 #endif
787
788 #ifndef _CUT_AUTHENTICATE_
789 #ifndef _STORAGE_LITE_
CheckAndGetKeySize(const struct HksBlob * key,const uint32_t * expectKeySize,uint32_t expectCnt,uint32_t * keySize)790 static int32_t CheckAndGetKeySize(const struct HksBlob *key, const uint32_t *expectKeySize,
791 uint32_t expectCnt, uint32_t *keySize)
792 {
793 if (key->size < sizeof(struct HksParamSet)) {
794 HKS_LOG_E("check key size: invalid keyfile size: %" LOG_PUBLIC "u", key->size);
795 return HKS_ERROR_INVALID_KEY_FILE;
796 }
797
798 struct HksParamSet *keyParamSet = (struct HksParamSet *)key->data;
799 int32_t ret = HksCheckParamSetValidity(keyParamSet);
800 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_KEY_FILE, "check key size: paramset invalid failed")
801
802 struct HksParam *keySizeParam = NULL;
803 ret = HksGetParam(keyParamSet, HKS_TAG_KEY_SIZE, &keySizeParam);
804 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_KEY_FILE,
805 "check key size: get param get tag:0x%" LOG_PUBLIC "x failed", HKS_TAG_KEY_SIZE)
806
807 ret = HksCheckValue(keySizeParam->uint32Param, expectKeySize, expectCnt);
808 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_KEY_FILE,
809 "check key size: key size value %" LOG_PUBLIC "u not expected", keySizeParam->uint32Param)
810 *keySize = keySizeParam->uint32Param;
811 return ret;
812 }
813 #else
CheckAndGetKeySize(const struct HksBlob * key,const uint32_t * expectKeySize,uint32_t expectCnt,uint32_t * keySize)814 static int32_t CheckAndGetKeySize(const struct HksBlob *key, const uint32_t *expectKeySize,
815 uint32_t expectCnt, uint32_t *keySize)
816 {
817 if (key->size < sizeof(struct HksStoreKeyInfo)) {
818 HKS_LOG_E("check key size: invalid keyfile size: %" LOG_PUBLIC "u", key->size);
819 return HKS_ERROR_INVALID_KEY_FILE;
820 }
821
822 struct HksStoreKeyInfo *keyInfo = (struct HksStoreKeyInfo *)key->data;
823 uint32_t keyLen = keyInfo->keyLen;
824 int32_t ret = HksCheckValue(keyLen, expectKeySize, expectCnt);
825 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_KEY_FILE,
826 "check key size: keySize value %" LOG_PUBLIC "u not expected", keyLen)
827 *keySize = keyLen;
828 return ret;
829 }
830 #endif
831
CheckPurposeUnique(uint32_t inputPurpose)832 static int32_t CheckPurposeUnique(uint32_t inputPurpose)
833 {
834 /* key usage uniqueness */
835 uint32_t purposeCipher = inputPurpose & (HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT);
836 uint32_t purposeSign = inputPurpose & (HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY);
837 uint32_t purposeDerive = inputPurpose & HKS_KEY_PURPOSE_DERIVE;
838 uint32_t purposeWrap = inputPurpose & (HKS_KEY_PURPOSE_WRAP | HKS_KEY_PURPOSE_UNWRAP);
839 uint32_t purposeMac = inputPurpose & HKS_KEY_PURPOSE_MAC;
840 uint32_t purposeAgree = inputPurpose & HKS_KEY_PURPOSE_AGREE;
841
842 uint32_t purposeCount = (purposeCipher != 0) ? 1 : 0;
843 purposeCount += (purposeSign != 0) ? 1 : 0;
844 purposeCount += (purposeDerive != 0) ? 1 : 0;
845 purposeCount += (purposeWrap != 0) ? 1 : 0;
846 purposeCount += (purposeMac != 0) ? 1 : 0;
847 purposeCount += (purposeAgree != 0) ? 1 : 0;
848
849 return (purposeCount == 1) ? HKS_SUCCESS : HKS_ERROR_INVALID_PURPOSE;
850 }
851
GetInvalidPurpose(uint32_t alg,uint32_t * inputPurpose,uint32_t keyFlag)852 static int32_t GetInvalidPurpose(uint32_t alg, uint32_t *inputPurpose, uint32_t keyFlag)
853 {
854 int32_t result = HKS_ERROR_INVALID_ALGORITHM;
855 if (sizeof(g_invalidPurpose) == 0) {
856 return result;
857 }
858 uint32_t count = sizeof(g_invalidPurpose) / sizeof(g_invalidPurpose[0]);
859 for (uint32_t i = 0; i < count; i++) {
860 if (alg == g_invalidPurpose[i][0]) {
861 result = HKS_SUCCESS;
862 *inputPurpose = g_invalidPurpose[i][1];
863 break;
864 }
865 }
866 if ((keyFlag != HKS_KEY_FLAG_IMPORT_KEY) || (sizeof(g_invalidImportKeyPurpose) == 0)) {
867 return result;
868 }
869 // add invalid purpose for import key additionally
870 count = sizeof(g_invalidImportKeyPurpose) / sizeof(g_invalidImportKeyPurpose[0]);
871 for (uint32_t i = 0; i < count; i++) {
872 if (alg == g_invalidImportKeyPurpose[i][0]) {
873 *inputPurpose |= g_invalidImportKeyPurpose[i][1];
874 break;
875 }
876 }
877 return result;
878 }
879
CheckPurposeValid(uint32_t alg,uint32_t inputPurpose,uint32_t keyFlag)880 static int32_t CheckPurposeValid(uint32_t alg, uint32_t inputPurpose, uint32_t keyFlag)
881 {
882 uint32_t invalidPurpose = 0;
883
884 int32_t result = GetInvalidPurpose(alg, &invalidPurpose, keyFlag);
885 HKS_IF_NOT_SUCC_RETURN(result, result)
886
887 if ((inputPurpose & invalidPurpose) != 0) {
888 return HKS_ERROR_INVALID_PURPOSE;
889 }
890
891 return HKS_SUCCESS;
892 }
893 #endif /* _CUT_AUTHENTICATE_ */
894
895 // If tag is optional param, when tag is empty, it is supported.
GetOptionalParams(const struct HksParamSet * paramSet,uint32_t tag,bool needCheck,uint32_t * value,bool * isAbsent)896 static int32_t GetOptionalParams(const struct HksParamSet *paramSet, uint32_t tag, bool needCheck, uint32_t* value,
897 bool* isAbsent)
898 {
899 if (needCheck) {
900 struct HksParam *param;
901 int32_t ret = HksGetParam(paramSet, tag, ¶m);
902 if (ret == HKS_SUCCESS) {
903 *value = param->uint32Param;
904 return ret;
905 }
906 if (ret == HKS_ERROR_PARAM_NOT_EXIST) {
907 HKS_LOG_I("tag is empty, but it is supported!");
908 *isAbsent = true;
909 return HKS_SUCCESS;
910 }
911 return HKS_ERROR_INVALID_ARGUMENT;
912 }
913 return HKS_SUCCESS;
914 }
915
GetInputParams(const struct HksParamSet * paramSet,struct ParamsValues * inputParams)916 int32_t GetInputParams(const struct HksParamSet *paramSet, struct ParamsValues *inputParams)
917 {
918 int32_t ret = HKS_SUCCESS;
919 struct HksParam *checkParam = NULL;
920 if (inputParams->keyLen.needCheck) {
921 ret = HksGetParam(paramSet, HKS_TAG_KEY_SIZE, &checkParam);
922 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_KEY_SIZE_FAIL,
923 "get Param get tag:0x%" LOG_PUBLIC "x failed", HKS_TAG_KEY_SIZE);
924 inputParams->keyLen.value = checkParam->uint32Param;
925 }
926
927 if (inputParams->purpose.needCheck) {
928 ret = HksGetParam(paramSet, HKS_TAG_PURPOSE, &checkParam);
929 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_PURPOSE_FAIL,
930 "get Param get tag:0x%" LOG_PUBLIC "x failed", HKS_TAG_PURPOSE);
931 inputParams->purpose.value = checkParam->uint32Param;
932 }
933
934 ret = GetOptionalParams(paramSet, HKS_TAG_PADDING, inputParams->padding.needCheck, &inputParams->padding.value,
935 &inputParams->padding.isAbsent);
936 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_PADDING_FAIL,
937 "get Param get tag:0x%" LOG_PUBLIC "x failed", HKS_TAG_PADDING);
938 ret = GetOptionalParams(paramSet, HKS_TAG_DIGEST, inputParams->digest.needCheck, &inputParams->digest.value,
939 &inputParams->digest.isAbsent);
940 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_DIGEST_FAIL,
941 "get Param get tag:0x%" LOG_PUBLIC "x failed", HKS_TAG_DIGEST);
942 ret = GetOptionalParams(paramSet, HKS_TAG_BLOCK_MODE, inputParams->mode.needCheck, &inputParams->mode.value,
943 &inputParams->mode.isAbsent);
944 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_MODE_FAIL,
945 "get Param get tag:0x%" LOG_PUBLIC "x failed", HKS_TAG_BLOCK_MODE);
946 return ret;
947 }
948
InitInputParams(enum CheckKeyType checkType,struct ParamsValues * inputParams,const struct ParamsValuesChecker * checkSet,uint32_t checkSetSize)949 static int32_t InitInputParams(enum CheckKeyType checkType, struct ParamsValues *inputParams,
950 const struct ParamsValuesChecker *checkSet, uint32_t checkSetSize)
951 {
952 for (uint32_t i = 0; i < checkSetSize; ++i) {
953 if (checkType == checkSet[i].checkType) {
954 (void)memcpy_s(inputParams, sizeof(*inputParams), &checkSet[i].paramValues,
955 sizeof(checkSet[i].paramValues));
956 return HKS_SUCCESS;
957 }
958 }
959 return HKS_ERROR_NOT_SUPPORTED;
960 }
961
InitInputParamsByAlg(uint32_t alg,enum CheckKeyType checkType,struct ParamsValues * inputParams)962 static int32_t InitInputParamsByAlg(uint32_t alg, enum CheckKeyType checkType, struct ParamsValues *inputParams)
963 {
964 switch (alg) {
965 #ifdef HKS_SUPPORT_RSA_C
966 case HKS_ALG_RSA:
967 return InitInputParams(checkType, inputParams, g_rsaParamSet, HKS_ARRAY_SIZE(g_rsaParamSet));
968 #endif
969 case HKS_ALG_AES:
970 return InitInputParams(checkType, inputParams, g_aesParamSet, HKS_ARRAY_SIZE(g_aesParamSet));
971 #ifdef HKS_SUPPORT_ECC_C
972 case HKS_ALG_ECC:
973 return InitInputParams(checkType, inputParams, g_eccParamSet, HKS_ARRAY_SIZE(g_eccParamSet));
974 #endif
975 #ifdef HKS_SUPPORT_SM2_C
976 case HKS_ALG_SM2:
977 return InitInputParams(checkType, inputParams, g_sm2ParamSet, HKS_ARRAY_SIZE(g_sm2ParamSet));
978 #endif
979 #ifdef HKS_SUPPORT_SM3_C
980 case HKS_ALG_SM3:
981 return InitInputParams(checkType, inputParams, g_sm3ParamSet, HKS_ARRAY_SIZE(g_sm3ParamSet));
982 #endif
983 #ifdef HKS_SUPPORT_SM4_C
984 case HKS_ALG_SM4:
985 return InitInputParams(checkType, inputParams, g_sm4ParamSet, HKS_ARRAY_SIZE(g_sm4ParamSet));
986 #endif
987 #if defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_ED25519_C)
988 case HKS_ALG_X25519:
989 case HKS_ALG_ED25519:
990 return InitInputParams(checkType, inputParams, g_curve25519ParamSet, HKS_ARRAY_SIZE(g_curve25519ParamSet));
991 #endif
992 #ifdef HKS_SUPPORT_HMAC_C
993 case HKS_ALG_HMAC:
994 return InitInputParams(checkType, inputParams, g_hmacParamSet, HKS_ARRAY_SIZE(g_hmacParamSet));
995 #endif
996 #ifdef HKS_SUPPORT_DSA_C
997 case HKS_ALG_DSA:
998 return InitInputParams(checkType, inputParams, g_dsaParamSet, HKS_ARRAY_SIZE(g_dsaParamSet));
999 #endif
1000 #ifdef HKS_SUPPORT_DH_C
1001 case HKS_ALG_DH:
1002 return InitInputParams(checkType, inputParams, g_dhParamSet, HKS_ARRAY_SIZE(g_dhParamSet));
1003 #endif
1004 #ifdef HKS_SUPPORT_ECDH_C
1005 case HKS_ALG_ECDH:
1006 return InitInputParams(checkType, inputParams, g_ecdhParamSet, HKS_ARRAY_SIZE(g_ecdhParamSet));
1007 #endif
1008 default:
1009 return HKS_ERROR_INVALID_ALGORITHM;
1010 }
1011 }
1012
InitExpectParams(enum CheckKeyType checkType,struct ExpectParamsValues * expectValues,const struct ExpectParamsValuesChecker * checkSet,uint32_t checkSetSize)1013 static int32_t InitExpectParams(enum CheckKeyType checkType, struct ExpectParamsValues *expectValues,
1014 const struct ExpectParamsValuesChecker *checkSet, uint32_t checkSetSize)
1015 {
1016 for (uint32_t i = 0; i < checkSetSize; ++i) {
1017 if (checkType == checkSet[i].checkType) {
1018 (void)memcpy_s(expectValues, sizeof(*expectValues), &checkSet[i].paramValues,
1019 sizeof(checkSet[i].paramValues));
1020 return HKS_SUCCESS;
1021 }
1022 }
1023 return HKS_ERROR_NOT_SUPPORTED;
1024 }
1025
GetExpectParams(uint32_t alg,enum CheckKeyType checkType,struct ExpectParamsValues * expectValues)1026 static int32_t GetExpectParams(uint32_t alg, enum CheckKeyType checkType, struct ExpectParamsValues *expectValues)
1027 {
1028 switch (alg) {
1029 #ifdef HKS_SUPPORT_RSA_C
1030 case HKS_ALG_RSA:
1031 return InitExpectParams(checkType, expectValues, g_expectRsaParams, HKS_ARRAY_SIZE(g_expectRsaParams));
1032 #endif
1033 case HKS_ALG_AES:
1034 return InitExpectParams(checkType, expectValues, g_expectAesParams, HKS_ARRAY_SIZE(g_expectAesParams));
1035 #ifdef HKS_SUPPORT_ECC_C
1036 case HKS_ALG_ECC:
1037 return InitExpectParams(checkType, expectValues, g_expectEccParams, HKS_ARRAY_SIZE(g_expectEccParams));
1038 #endif
1039 #ifdef HKS_SUPPORT_SM2_C
1040 case HKS_ALG_SM2:
1041 return InitExpectParams(checkType, expectValues, g_expectSm2Params, HKS_ARRAY_SIZE(g_expectSm2Params));
1042 #endif
1043 #ifdef HKS_SUPPORT_SM3_C
1044 case HKS_ALG_SM3:
1045 return InitExpectParams(checkType, expectValues, g_expectSm3Params, HKS_ARRAY_SIZE(g_expectSm3Params));
1046 #endif
1047 #ifdef HKS_SUPPORT_SM4_C
1048 case HKS_ALG_SM4:
1049 return InitExpectParams(checkType, expectValues, g_expectSm4Params, HKS_ARRAY_SIZE(g_expectSm4Params));
1050 #endif
1051 #if defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_ED25519_C)
1052 case HKS_ALG_X25519:
1053 case HKS_ALG_ED25519:
1054 return InitExpectParams(checkType, expectValues, g_expectCurve25519Params,
1055 HKS_ARRAY_SIZE(g_expectCurve25519Params));
1056 #endif
1057 #ifdef HKS_SUPPORT_HMAC_C
1058 case HKS_ALG_HMAC:
1059 return InitExpectParams(checkType, expectValues, g_expectHmacParams, HKS_ARRAY_SIZE(g_expectHmacParams));
1060 #endif
1061 #ifdef HKS_SUPPORT_DSA_C
1062 case HKS_ALG_DSA:
1063 return InitExpectParams(checkType, expectValues, g_expectDsaParams, HKS_ARRAY_SIZE(g_expectDsaParams));
1064 #endif
1065 #ifdef HKS_SUPPORT_DH_C
1066 case HKS_ALG_DH:
1067 return InitExpectParams(checkType, expectValues, g_expectDhParams, HKS_ARRAY_SIZE(g_expectDhParams));
1068 #endif
1069 #ifdef HKS_SUPPORT_ECDH_C
1070 case HKS_ALG_ECDH:
1071 return InitExpectParams(checkType, expectValues, g_expectEcdhParams, HKS_ARRAY_SIZE(g_expectEcdhParams));
1072 #endif
1073 default:
1074 return HKS_ERROR_INVALID_ALGORITHM;
1075 }
1076 }
1077
1078 #ifdef HKS_SUPPORT_ECC_C
CheckEccSignature(uint32_t cmdId,uint32_t keySize,const struct HksBlob * signature)1079 static int32_t CheckEccSignature(uint32_t cmdId, uint32_t keySize, const struct HksBlob *signature)
1080 {
1081 /*
1082 * ecc sign format: 0x30 + len1 + 0x02 + len2 + 0x00 (optional) + r + 0x02 + len3 + 0x00(optional) + s
1083 * sign: signSize no less than 2*keySize/8 + 8;
1084 * verify: signSize no greater than 2*keySize/8 + 8
1085 */
1086 uint32_t eccSignRSize = keySize / HKS_BITS_PER_BYTE + keySize % HKS_BITS_PER_BYTE;
1087 uint32_t eccSignSSize = eccSignRSize;
1088 switch (cmdId) {
1089 case HKS_CMD_ID_SIGN:
1090 if (signature->size < (eccSignRSize + eccSignSSize + HKS_ECC_SIGN_MAX_TL_SIZE)) {
1091 HKS_LOG_E("eccsign: signature size too small, keySize %" LOG_PUBLIC "u, signatureSize %" LOG_PUBLIC "u",
1092 keySize, signature->size);
1093 return HKS_ERROR_BUFFER_TOO_SMALL;
1094 }
1095 break;
1096 case HKS_CMD_ID_VERIFY:
1097 if (signature->size > (eccSignRSize + eccSignSSize + HKS_ECC_SIGN_MAX_TL_SIZE)) {
1098 HKS_LOG_E("eccverfiy: invalid signature size, keySize %" LOG_PUBLIC "u, signatureSize %" LOG_PUBLIC "u",
1099 keySize, signature->size);
1100 return HKS_ERROR_INVALID_SIGNATURE_SIZE;
1101 }
1102 break;
1103 default:
1104 return HKS_ERROR_INVALID_ARGUMENT;
1105 }
1106
1107 return HKS_SUCCESS;
1108 }
1109 #endif
1110
1111 #ifdef HKS_SUPPORT_ED25519_C
CheckEd25519Signature(uint32_t cmdId,const struct HksBlob * signature)1112 static int32_t CheckEd25519Signature(uint32_t cmdId, const struct HksBlob *signature)
1113 {
1114 switch (cmdId) {
1115 case HKS_CMD_ID_SIGN:
1116 if (signature->size < HKS_SIGNATURE_MIN_SIZE) {
1117 HKS_LOG_E("ed25519 sign: signature size too small, signatureSize %" LOG_PUBLIC "u", signature->size);
1118 return HKS_ERROR_BUFFER_TOO_SMALL;
1119 }
1120 break;
1121 case HKS_CMD_ID_VERIFY:
1122 if (signature->size < HKS_SIGNATURE_MIN_SIZE) {
1123 HKS_LOG_E("ed25519 verfiy: invalid signature size, signatureSize %" LOG_PUBLIC "u", signature->size);
1124 return HKS_ERROR_INVALID_SIGNATURE_SIZE;
1125 }
1126 break;
1127 default:
1128 return HKS_ERROR_INVALID_ARGUMENT;
1129 }
1130
1131 return HKS_SUCCESS;
1132 }
1133 #endif
1134
1135 #ifdef HKS_SUPPORT_RSA_C
CheckRsaGenKeyPadding(const struct ParamsValues * inputParams)1136 static int32_t CheckRsaGenKeyPadding(const struct ParamsValues *inputParams)
1137 {
1138 if (inputParams->padding.isAbsent) {
1139 return HKS_SUCCESS;
1140 }
1141 if ((inputParams->purpose.value & (HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT)) != 0) {
1142 return HksCheckValue(inputParams->padding.value, g_rsaCipherPadding, HKS_ARRAY_SIZE(g_rsaCipherPadding));
1143 } else if ((inputParams->purpose.value & (HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY)) != 0) {
1144 return HksCheckValue(inputParams->padding.value, g_rsaSignPadding, HKS_ARRAY_SIZE(g_rsaSignPadding));
1145 }
1146 return HKS_SUCCESS;
1147 }
1148
1149 #ifdef HKS_SUPPORT_RSA_SIGN_VERIFY
CheckRsaSignature(uint32_t cmdId,uint32_t keySize,const struct HksBlob * signature)1150 static int32_t CheckRsaSignature(uint32_t cmdId, uint32_t keySize, const struct HksBlob *signature)
1151 {
1152 /*
1153 * k: the length of the RSA modulus n
1154 * sign: signSize no less than k; verify: signSize is same as k, thus no greater than keySize / 8
1155 */
1156 switch (cmdId) {
1157 case HKS_CMD_ID_SIGN:
1158 if (signature->size < keySize / HKS_BITS_PER_BYTE) {
1159 HKS_LOG_E("rsasign: signature size too small, keySize %" LOG_PUBLIC "u, signatureSize %" LOG_PUBLIC "u",
1160 keySize, signature->size);
1161 return HKS_ERROR_BUFFER_TOO_SMALL;
1162 }
1163 break;
1164 case HKS_CMD_ID_VERIFY:
1165 if (signature->size > keySize / HKS_BITS_PER_BYTE) {
1166 HKS_LOG_E("rsaverfiy: invalid signature size, keySize %" LOG_PUBLIC "u, signatureSize %" LOG_PUBLIC "u",
1167 keySize, signature->size);
1168 return HKS_ERROR_INVALID_SIGNATURE_SIZE;
1169 }
1170 break;
1171 default:
1172 return HKS_ERROR_INVALID_ARGUMENT;
1173 }
1174
1175 return HKS_SUCCESS;
1176 }
1177 #endif
1178
1179 #ifdef HKS_SUPPORT_RSA_CRYPT
CheckRsaNoPadCipherData(uint32_t keySize,const struct HksBlob * inData,const struct HksBlob * outData)1180 static int32_t CheckRsaNoPadCipherData(uint32_t keySize, const struct HksBlob *inData,
1181 const struct HksBlob *outData)
1182 {
1183 /* encrypt/decrypt: inSize no greater than keySize, outSize no less than keySize */
1184 if (inData->size > keySize) {
1185 HKS_LOG_E("invalid inData size: %" LOG_PUBLIC "u, keySize: %" LOG_PUBLIC "u", inData->size, keySize);
1186 return HKS_ERROR_INVALID_ARGUMENT;
1187 }
1188
1189 if (outData->size < keySize) {
1190 HKS_LOG_E("outData buffer too small size: %" LOG_PUBLIC "u, keySize: %" LOG_PUBLIC "u",
1191 outData->size, keySize);
1192 return HKS_ERROR_BUFFER_TOO_SMALL;
1193 }
1194
1195 return HKS_SUCCESS;
1196 }
1197
CheckRsaOaepCipherData(uint32_t cmdId,uint32_t keySize,uint32_t digest,const struct HksBlob * inData,const struct HksBlob * outData)1198 static int32_t CheckRsaOaepCipherData(uint32_t cmdId, uint32_t keySize, uint32_t digest,
1199 const struct HksBlob *inData, const struct HksBlob *outData)
1200 {
1201 uint32_t digestLen;
1202 if (digest == HKS_DIGEST_NONE) {
1203 digest = HKS_DIGEST_SHA1;
1204 }
1205 int32_t ret = HksGetDigestLen(digest, &digestLen);
1206 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "GetDigestLen failed, ret = %" LOG_PUBLIC "x", ret)
1207
1208 /*
1209 * encrypt: inSize no greater than keySize - 2*digestLen - 2, outSize no less than keySize (in: plain; out: cipher)
1210 * decrypt: inSize no greater than keySize, outSize no less than keySize - 2*digestLen - 2 (in: cipher; out: plain)
1211 */
1212 if (keySize <= (HKS_RSA_OAEP_DIGEST_NUM * digestLen + HKS_RSA_OAEP_DIGEST_NUM)) {
1213 return HKS_ERROR_INVALID_KEY_FILE;
1214 }
1215 uint32_t size = keySize - HKS_RSA_OAEP_DIGEST_NUM * digestLen - HKS_RSA_OAEP_DIGEST_NUM;
1216 if (cmdId == HKS_CMD_ID_ENCRYPT) {
1217 if (inData->size > size) {
1218 HKS_LOG_E("encrypt, invalid insize: %" LOG_PUBLIC "u, keySize: %" LOG_PUBLIC "u, "
1219 "digestLen: %" LOG_PUBLIC "u", inData->size, keySize, digestLen);
1220 return HKS_ERROR_INVALID_ARGUMENT;
1221 }
1222 if (outData->size < keySize) {
1223 HKS_LOG_E("encrypt, outData buffer too small size: %" LOG_PUBLIC "u, keySize: %" LOG_PUBLIC "u",
1224 outData->size, keySize);
1225 return HKS_ERROR_BUFFER_TOO_SMALL;
1226 }
1227 } else if (cmdId == HKS_CMD_ID_DECRYPT) {
1228 if (inData->size > keySize) {
1229 HKS_LOG_E("decrypt, invalid inData size: %" LOG_PUBLIC "u, keySize: %" LOG_PUBLIC "u",
1230 inData->size, keySize);
1231 return HKS_ERROR_INVALID_ARGUMENT;
1232 }
1233 if (outData->size < size) {
1234 HKS_LOG_E("decrypt, outData buffer too small size: %" LOG_PUBLIC "u, keySize: %" LOG_PUBLIC "u",
1235 outData->size, keySize);
1236 return HKS_ERROR_BUFFER_TOO_SMALL;
1237 }
1238 }
1239
1240 return HKS_SUCCESS;
1241 }
1242
CheckRsaCipherData(uint32_t cmdId,const struct ParamsValues * inputParams,const struct HksBlob * inData,const struct HksBlob * outData)1243 static int32_t CheckRsaCipherData(uint32_t cmdId, const struct ParamsValues *inputParams,
1244 const struct HksBlob *inData, const struct HksBlob *outData)
1245 {
1246 uint32_t padding = inputParams->padding.value;
1247 uint32_t keySize = inputParams->keyLen.value / HKS_BITS_PER_BYTE;
1248 int32_t ret = HKS_SUCCESS;
1249
1250 if (padding == HKS_PADDING_NONE) {
1251 ret = CheckRsaNoPadCipherData(keySize, inData, outData);
1252 } else if (padding == HKS_PADDING_OAEP) {
1253 ret = CheckRsaOaepCipherData(cmdId, keySize, inputParams->digest.value, inData, outData);
1254 }
1255
1256 HKS_IF_NOT_SUCC_LOGE(ret, "Check Rsa CipherData failed, cmdId: %" LOG_PUBLIC "u, padding: %" LOG_PUBLIC "u, "
1257 "keyLen: %" LOG_PUBLIC "u, inData size: %" LOG_PUBLIC "u, outData size: %" LOG_PUBLIC "u",
1258 cmdId, padding, keySize, inData->size, outData->size)
1259
1260 return ret;
1261 }
1262 #endif
1263 #endif
1264
1265 #ifdef HKS_SUPPORT_AES_C
1266 static int32_t CheckAesAeCipherData(uint32_t cmdId, const struct HksBlob *inData, const struct HksBlob *outData);
1267 #endif
1268
1269 #if defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_SM4_C)
CheckBlockCbcCipherData(uint32_t mode,uint32_t cmdId,uint32_t padding,const struct HksBlob * inData,const struct HksBlob * outData)1270 static int32_t CheckBlockCbcCipherData(uint32_t mode, uint32_t cmdId, uint32_t padding,
1271 const struct HksBlob *inData, const struct HksBlob *outData)
1272 {
1273 /*
1274 * encrypt: inSize greater than 0(has been checked), no-padding: inSize need to be integer multiple of 16
1275 * outSize no less than inSize + (16 - inSize % 16) (in: plain; out: cipher)
1276 * decrypt: inSize greater than 0(has been checked) && inSize is integer multiple of 16
1277 * outSize no less than inSize (in: cipher; out: plain)
1278 */
1279 switch (cmdId) {
1280 case HKS_CMD_ID_ENCRYPT: {
1281 uint32_t paddingSize = 0;
1282 if (padding == HKS_PADDING_NONE) {
1283 if ((mode == HKS_MODE_CBC || mode == HKS_MODE_ECB) &&
1284 inData->size % HKS_BLOCK_CIPHER_CBC_BLOCK_SIZE != 0) {
1285 HKS_LOG_E("encrypt, mode id: %" LOG_PUBLIC "u, no-padding, invalid inSize: %" LOG_PUBLIC "u",
1286 mode, inData->size);
1287 return HKS_ERROR_INVALID_ARGUMENT;
1288 }
1289 } else {
1290 paddingSize = HKS_BLOCK_CIPHER_CBC_BLOCK_SIZE - inData->size % HKS_BLOCK_CIPHER_CBC_BLOCK_SIZE;
1291 if (inData->size > (UINT32_MAX - paddingSize)) {
1292 HKS_LOG_E("encrypt, invalid inData size: %" LOG_PUBLIC "u", inData->size);
1293 return HKS_ERROR_INVALID_ARGUMENT;
1294 }
1295 }
1296 if (outData->size < (inData->size + paddingSize)) {
1297 HKS_LOG_E("encrypt, outData buffer too small size: %" LOG_PUBLIC "u, need: %" LOG_PUBLIC "u",
1298 outData->size, inData->size + paddingSize);
1299 return HKS_ERROR_BUFFER_TOO_SMALL;
1300 }
1301 break;
1302 }
1303 case HKS_CMD_ID_DECRYPT:
1304 if ((mode == HKS_MODE_CBC || mode == HKS_MODE_ECB) && inData->size % HKS_BLOCK_CIPHER_CBC_BLOCK_SIZE != 0) {
1305 HKS_LOG_E("decrypt, mode id: %" LOG_PUBLIC "u, invalid inData size: %" LOG_PUBLIC "u",
1306 mode, inData->size);
1307 return HKS_ERROR_INVALID_ARGUMENT;
1308 }
1309 if (outData->size < inData->size) {
1310 HKS_LOG_E("decrypt, outData buffer too small size: %" LOG_PUBLIC "u, inDataSize: %" LOG_PUBLIC "u",
1311 outData->size, inData->size);
1312 return HKS_ERROR_BUFFER_TOO_SMALL;
1313 }
1314 break;
1315 default:
1316 return HKS_ERROR_INVALID_ARGUMENT;
1317 }
1318
1319 return HKS_SUCCESS;
1320 }
1321
CheckBlockCipherData(uint32_t cmdId,const struct ParamsValues * inputParams,const struct HksBlob * inData,const struct HksBlob * outData,uint32_t alg)1322 static int32_t CheckBlockCipherData(uint32_t cmdId, const struct ParamsValues *inputParams,
1323 const struct HksBlob *inData, const struct HksBlob *outData, uint32_t alg)
1324 {
1325 uint32_t mode = inputParams->mode.value;
1326
1327 #if defined(HKS_SUPPORT_AES_C)
1328 if (alg == HKS_ALG_AES) {
1329 if (mode == HKS_MODE_CBC || mode == HKS_MODE_CTR || mode == HKS_MODE_ECB) {
1330 uint32_t padding = inputParams->padding.value;
1331 return CheckBlockCbcCipherData(mode, cmdId, padding, inData, outData);
1332 } else if (mode == HKS_MODE_GCM || mode == HKS_MODE_CCM) {
1333 return CheckAesAeCipherData(cmdId, inData, outData);
1334 }
1335 }
1336 #endif
1337
1338 #if defined(HKS_SUPPORT_SM4_C)
1339 if (alg == HKS_ALG_SM4) {
1340 for (uint32_t i = 0; i < HKS_ARRAY_SIZE(g_sm4Mode); i++) {
1341 if (mode == g_sm4Mode[i]) {
1342 uint32_t padding = inputParams->padding.value;
1343 return CheckBlockCbcCipherData(mode, cmdId, padding, inData, outData);
1344 }
1345 }
1346 }
1347 #endif
1348
1349 return HKS_ERROR_INVALID_MODE;
1350 }
1351
CheckBlockCipherIvMaterial(const struct HksParamSet * paramSet)1352 static int32_t CheckBlockCipherIvMaterial(const struct HksParamSet *paramSet)
1353 {
1354 struct HksParam *ivParam = NULL;
1355 int32_t ret = HksGetParam(paramSet, HKS_TAG_IV, &ivParam);
1356 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_IV_FAIL, "cipher get iv param failed!")
1357
1358 if ((ivParam->blob.size != HKS_BLOCK_CIPHER_CBC_IV_LEN) || (ivParam->blob.data == NULL)) {
1359 HKS_LOG_E("cbc iv param invalid");
1360 return HKS_ERROR_INVALID_IV;
1361 }
1362
1363 return ret;
1364 }
1365 #endif // defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_SM4_C)
1366
1367 #ifdef HKS_SUPPORT_AES_C
CheckAesPadding(const struct ParamsValues * inputParams)1368 static int32_t CheckAesPadding(const struct ParamsValues *inputParams)
1369 {
1370 if ((inputParams->mode.isAbsent) || (inputParams->padding.isAbsent)) {
1371 return HKS_SUCCESS;
1372 }
1373 uint32_t mode = inputParams->mode.value;
1374 uint32_t padding = inputParams->padding.value;
1375 if (mode == HKS_MODE_CBC) {
1376 return HksCheckValue(padding, g_aesCbcPadding, HKS_ARRAY_SIZE(g_aesCbcPadding));
1377 }
1378
1379 if (mode == HKS_MODE_CTR) {
1380 return HksCheckValue(padding, g_aesCtrPadding, HKS_ARRAY_SIZE(g_aesCtrPadding));
1381 }
1382
1383 if (mode == HKS_MODE_ECB) {
1384 return HksCheckValue(padding, g_aesEcbPadding, HKS_ARRAY_SIZE(g_aesEcbPadding));
1385 }
1386
1387 if ((mode == HKS_MODE_GCM) || (mode == HKS_MODE_CCM)) {
1388 return HksCheckValue(padding, g_aesAeadPadding, HKS_ARRAY_SIZE(g_aesAeadPadding));
1389 }
1390
1391 return HKS_SUCCESS;
1392 }
1393
CheckAesAeCipherData(uint32_t cmdId,const struct HksBlob * inData,const struct HksBlob * outData)1394 static int32_t CheckAesAeCipherData(uint32_t cmdId, const struct HksBlob *inData, const struct HksBlob *outData)
1395 {
1396 /*
1397 * encrypt: inSize greater than 0(has been checked),
1398 * outSize no less than inSize + 16(tagLen) (in: plain; out: cipher)
1399 * decrypt: inSize greater than 16(tagLen), outSize no less than inSize - 16(tagLen)
1400 * decryptFinal: inSize greater than 0(has been checked), outSize no less than inSize (in: cipher; out: plain)
1401 */
1402 switch (cmdId) {
1403 case HKS_CMD_ID_ENCRYPT:
1404 if (inData->size > (UINT32_MAX - HKS_AE_TAG_LEN)) {
1405 HKS_LOG_E("encrypt, invalid inSize: %" LOG_PUBLIC "u", inData->size);
1406 return HKS_ERROR_INVALID_ARGUMENT;
1407 }
1408 if (outData->size < (inData->size + HKS_AE_TAG_LEN)) {
1409 HKS_LOG_E("encrypt, out buffer too small size: %" LOG_PUBLIC "u, inSize: %" LOG_PUBLIC "u",
1410 outData->size, inData->size);
1411 return HKS_ERROR_BUFFER_TOO_SMALL;
1412 }
1413 break;
1414 case HKS_CMD_ID_DECRYPT:
1415 if ((inData->size < HKS_AE_TAG_LEN) || (outData->size < inData->size - HKS_AE_TAG_LEN)) {
1416 HKS_LOG_E("decryptfinal, out buffer too small size: %" LOG_PUBLIC "u, inSize: %" LOG_PUBLIC "u",
1417 outData->size, inData->size);
1418 return HKS_ERROR_BUFFER_TOO_SMALL;
1419 }
1420 break;
1421 default:
1422 return HKS_ERROR_INVALID_ARGUMENT;
1423 }
1424
1425 return HKS_SUCCESS;
1426 }
1427
CheckCipherAeAadMaterial(uint32_t mode,const struct HksParamSet * paramSet)1428 static int32_t CheckCipherAeAadMaterial(uint32_t mode, const struct HksParamSet *paramSet)
1429 {
1430 struct HksParam *aadParam = NULL;
1431 int32_t ret = HksGetParam(paramSet, HKS_TAG_ASSOCIATED_DATA, &aadParam);
1432 if (mode == HKS_MODE_GCM && ret == HKS_ERROR_PARAM_NOT_EXIST) {
1433 HKS_LOG_W("gcm no input aad");
1434 return HKS_SUCCESS;
1435 } else if (ret != HKS_SUCCESS) {
1436 HKS_LOG_E("cipher get aad param failed!");
1437 return HKS_ERROR_CHECK_GET_AAD_FAIL;
1438 }
1439 HKS_IF_NOT_SUCC_RETURN(CheckBlob(&aadParam->blob), HKS_ERROR_INVALID_AAD)
1440
1441 /* gcmMode: aadSize greater than 0 (has been checked); ccmMode: aadSize no less than 4 */
1442 if (mode == HKS_MODE_CCM) {
1443 if (aadParam->blob.size < HKS_AES_CCM_AAD_LEN_MIN) {
1444 HKS_LOG_E("ccm invalid aad size, aad size = %" LOG_PUBLIC "u", aadParam->blob.size);
1445 return HKS_ERROR_INVALID_AAD;
1446 }
1447 }
1448
1449 return HKS_SUCCESS;
1450 }
1451
CheckCipherAeNonceMaterial(uint32_t mode,const struct HksParamSet * paramSet)1452 static int32_t CheckCipherAeNonceMaterial(uint32_t mode, const struct HksParamSet *paramSet)
1453 {
1454 struct HksParam *nonceParam = NULL;
1455 int32_t ret = HksGetParam(paramSet, HKS_TAG_NONCE, &nonceParam);
1456 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_NONCE_FAIL, "cipher get nonce param failed!")
1457 HKS_IF_NOT_SUCC_RETURN(CheckBlob(&nonceParam->blob), HKS_ERROR_INVALID_NONCE)
1458
1459 /* gcmMode: nonceSize no less than 12; ccmMode: nonceSize no less than 7, and no greater than 13 */
1460 if (mode == HKS_MODE_GCM) {
1461 if (nonceParam->blob.size < HKS_AES_GCM_NONCE_LEN_MIN) {
1462 HKS_LOG_E("gcm invalid nonce size, nonce size = %" LOG_PUBLIC "u", nonceParam->blob.size);
1463 return HKS_ERROR_INVALID_NONCE;
1464 }
1465 } else if (mode == HKS_MODE_CCM) {
1466 if ((nonceParam->blob.size < HKS_AES_CCM_NONCE_LEN_MIN) ||
1467 (nonceParam->blob.size > HKS_AES_CCM_NONCE_LEN_MAX)) {
1468 HKS_LOG_E("ccm invalid nonce size, nonce size = %" LOG_PUBLIC "u", nonceParam->blob.size);
1469 return HKS_ERROR_INVALID_NONCE;
1470 }
1471 }
1472
1473 return HKS_SUCCESS;
1474 }
1475
CheckCipherAeMaterial(uint32_t mode,const struct HksParamSet * paramSet)1476 static int32_t CheckCipherAeMaterial(uint32_t mode, const struct HksParamSet *paramSet)
1477 {
1478 int32_t ret = CheckCipherAeAadMaterial(mode, paramSet);
1479 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check ae cipher aad failed!")
1480
1481 ret = CheckCipherAeNonceMaterial(mode, paramSet);
1482 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check ae cipher nonce failed!")
1483
1484 return ret;
1485 }
1486 #endif
1487
1488 #ifdef HKS_SUPPORT_SM4_C
CheckSm4Padding(const struct ParamsValues * inputParams)1489 static int32_t CheckSm4Padding(const struct ParamsValues *inputParams)
1490 {
1491 if ((inputParams->mode.isAbsent) || (inputParams->padding.isAbsent)) {
1492 return HKS_SUCCESS;
1493 }
1494 uint32_t mode = inputParams->mode.value;
1495 uint32_t padding = inputParams->padding.value;
1496 if (mode == HKS_MODE_CBC) {
1497 return HksCheckValue(padding, g_sm4CbcPadding, HKS_ARRAY_SIZE(g_sm4CbcPadding));
1498 }
1499
1500 if (mode == HKS_MODE_CTR) {
1501 return HksCheckValue(padding, g_sm4CtrPadding, HKS_ARRAY_SIZE(g_sm4CtrPadding));
1502 }
1503
1504 if (mode == HKS_MODE_ECB) {
1505 return HksCheckValue(padding, g_sm4EcbPadding, HKS_ARRAY_SIZE(g_sm4EcbPadding));
1506 }
1507
1508 if (mode == HKS_MODE_CFB) {
1509 return HksCheckValue(padding, g_sm4CfbPadding, HKS_ARRAY_SIZE(g_sm4CfbPadding));
1510 }
1511
1512 if (mode == HKS_MODE_OFB) {
1513 return HksCheckValue(padding, g_sm4OfbPadding, HKS_ARRAY_SIZE(g_sm4OfbPadding));
1514 }
1515
1516 return HKS_ERROR_INVALID_ARGUMENT;
1517 }
1518 #endif
1519
HksCheckValue(uint32_t inputValue,const uint32_t * expectValues,uint32_t valuesCount)1520 int32_t HksCheckValue(uint32_t inputValue, const uint32_t *expectValues, uint32_t valuesCount)
1521 {
1522 for (uint32_t i = 0; i < valuesCount; ++i) {
1523 if (inputValue == expectValues[i]) {
1524 return HKS_SUCCESS;
1525 }
1526 }
1527 return HKS_ERROR_INVALID_ARGUMENT;
1528 }
1529
1530 #ifndef _CUT_AUTHENTICATE_
HksCheckGenKeyPurpose(uint32_t alg,uint32_t inputPurpose,uint32_t keyFlag)1531 int32_t HksCheckGenKeyPurpose(uint32_t alg, uint32_t inputPurpose, uint32_t keyFlag)
1532 {
1533 int32_t ret = CheckPurposeUnique(inputPurpose);
1534 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "gen key purpose not unique")
1535
1536 return CheckPurposeValid(alg, inputPurpose, keyFlag);
1537 }
1538
1539 #ifdef HKS_SUPPORT_DSA_C
HksGetDsaKeySize(const struct HksBlob * key,uint32_t * keySize)1540 static int32_t HksGetDsaKeySize(const struct HksBlob *key, uint32_t *keySize)
1541 {
1542 if (key->size < sizeof(struct HksParamSet)) {
1543 HKS_LOG_E("check dsa key size: invalid keyfile size: %" LOG_PUBLIC "u", key->size);
1544 return HKS_ERROR_INVALID_KEY_FILE;
1545 }
1546
1547 struct HksParamSet *keyParamSet = (struct HksParamSet *)key->data;
1548 int32_t ret = HksCheckParamSetValidity(keyParamSet);
1549 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_KEY_FILE, "check dsa key size: paramset invalid failed")
1550
1551 struct HksParam *keySizeParam = NULL;
1552 ret = HksGetParam(keyParamSet, HKS_TAG_KEY_SIZE, &keySizeParam);
1553 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_KEY_FILE,
1554 "check dsa key size: get param get tag:0x%" LOG_PUBLIC "x failed", HKS_TAG_KEY_SIZE)
1555 *keySize = keySizeParam->uint32Param;
1556 return ret;
1557 }
1558 #endif
1559
HksGetKeySize(uint32_t alg,const struct HksBlob * key,uint32_t * keySize)1560 int32_t HksGetKeySize(uint32_t alg, const struct HksBlob *key, uint32_t *keySize)
1561 {
1562 switch (alg) {
1563 #ifdef HKS_SUPPORT_RSA_C
1564 case HKS_ALG_RSA:
1565 return CheckAndGetKeySize(key, g_rsaKeySize, HKS_ARRAY_SIZE(g_rsaKeySize), keySize);
1566 #endif
1567 #ifdef HKS_SUPPORT_DSA_C
1568 case HKS_ALG_DSA:
1569 #ifndef _STORAGE_LITE_
1570 return HksGetDsaKeySize(key, keySize);
1571 #else
1572 return HKS_ERROR_INVALID_ALGORITHM;
1573 #endif
1574 #endif
1575 #ifdef HKS_SUPPORT_ECC_C
1576 case HKS_ALG_ECC:
1577 return CheckAndGetKeySize(key, g_eccKeySize, HKS_ARRAY_SIZE(g_eccKeySize), keySize);
1578 #endif
1579 #ifdef HKS_SUPPORT_ECDH_C
1580 case HKS_ALG_ECDH:
1581 return CheckAndGetKeySize(key, g_ecdhKeySize, HKS_ARRAY_SIZE(g_ecdhKeySize), keySize);
1582 #endif
1583 #if defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_ED25519_C)
1584 case HKS_ALG_X25519:
1585 case HKS_ALG_ED25519:
1586 return CheckAndGetKeySize(key, g_curve25519KeySize, HKS_ARRAY_SIZE(g_curve25519KeySize), keySize);
1587 #endif
1588 #ifdef HKS_SUPPORT_DH_C
1589 case HKS_ALG_DH:
1590 return CheckAndGetKeySize(key, g_dhKeySize, HKS_ARRAY_SIZE(g_dhKeySize), keySize);
1591 #endif
1592 #ifdef HKS_SUPPORT_SM4_C
1593 case HKS_ALG_SM4:
1594 return CheckAndGetKeySize(key, g_sm4KeySize, HKS_ARRAY_SIZE(g_sm4KeySize), keySize);
1595 #endif
1596 #ifdef HKS_SUPPORT_SM2_C
1597 case HKS_ALG_SM2:
1598 return CheckAndGetKeySize(key, g_sm2KeySize, HKS_ARRAY_SIZE(g_sm2KeySize), keySize);
1599 #endif
1600 default:
1601 return HKS_ERROR_INVALID_ALGORITHM;
1602 }
1603 }
1604 #endif /* _CUT_AUTHENTICATE_ */
1605
HksGetInputParmasByAlg(uint32_t alg,enum CheckKeyType checkType,const struct HksParamSet * paramSet,struct ParamsValues * inputParams)1606 int32_t HksGetInputParmasByAlg(uint32_t alg, enum CheckKeyType checkType, const struct HksParamSet *paramSet,
1607 struct ParamsValues *inputParams)
1608 {
1609 int32_t ret = InitInputParamsByAlg(alg, checkType, inputParams);
1610 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "init input params failed!")
1611
1612 ret = GetInputParams(paramSet, inputParams);
1613 HKS_IF_NOT_SUCC_LOGE(ret, "get input params failed!")
1614
1615 return ret;
1616 }
CheckOptionalParams(bool needCheck,bool isAbsent,uint32_t inputValue,const uint32_t * expectValue,uint32_t expectCnt)1617 static int32_t CheckOptionalParams(bool needCheck, bool isAbsent, uint32_t inputValue, const uint32_t* expectValue,
1618 uint32_t expectCnt)
1619 {
1620 if (needCheck) {
1621 if (!isAbsent) {
1622 if (HksCheckValue(inputValue, expectValue, expectCnt) != HKS_SUCCESS) {
1623 HKS_LOG_E("CheckOptionalParams invalid argument, %d", inputValue);
1624 return HKS_ERROR_INVALID_ARGUMENT;
1625 }
1626 }
1627 }
1628 return HKS_SUCCESS;
1629 }
1630
InitCheckOptionalParams(bool needCheck,bool isAbsent,struct HksParam * param,const uint32_t * expectValue,uint32_t expectCnt)1631 static int32_t InitCheckOptionalParams(bool needCheck, bool isAbsent, struct HksParam *param,
1632 const uint32_t* expectValue, uint32_t expectCnt)
1633 {
1634 if (needCheck) {
1635 if (!isAbsent) {
1636 if (HksCheckValue(param->uint32Param, expectValue, expectCnt) != HKS_SUCCESS) {
1637 return HKS_ERROR_INVALID_ARGUMENT;
1638 }
1639 } else {
1640 HKS_LOG_E("This param is absent, but it is necessary.");
1641 return HKS_ERROR_NOT_EXIST;
1642 }
1643 }
1644 return HKS_SUCCESS;
1645 }
1646
HksCheckOptionalParam(uint32_t tag,uint32_t alg,uint32_t purpose,bool isAbsent,struct HksParam * param)1647 int32_t HksCheckOptionalParam(uint32_t tag, uint32_t alg, uint32_t purpose, bool isAbsent, struct HksParam *param)
1648 {
1649 enum CheckKeyType checkType = HKS_CHECK_TYPE_GEN_KEY;
1650 if (((purpose & HKS_KEY_PURPOSE_DERIVE) != 0) || ((purpose & HKS_KEY_PURPOSE_MAC) != 0)) {
1651 if (alg != HKS_ALG_AES && alg != HKS_ALG_HMAC && alg != HKS_ALG_SM3) {
1652 HKS_LOG_E("check mac or derive, not aes alg, alg: %u", alg);
1653 return HKS_ERROR_INVALID_PURPOSE;
1654 }
1655 if (purpose == HKS_KEY_PURPOSE_DERIVE) {
1656 checkType = HKS_CHECK_TYPE_GEN_DERIVE_KEY;
1657 } else {
1658 checkType = HKS_CHECK_TYPE_GEN_MAC_KEY;
1659 }
1660 }
1661 struct ExpectParamsValues expectValues = EXPECT_PARAMS_VALUES_INIT;
1662 int32_t ret = GetExpectParams(alg, checkType, &expectValues);
1663 HKS_IF_NOT_SUCC_RETURN(ret, ret)
1664 switch (tag) {
1665 case HKS_TAG_BLOCK_MODE:
1666 ret = InitCheckOptionalParams(expectValues.mode.needCheck, isAbsent, param,
1667 expectValues.mode.values, expectValues.mode.valueCnt);
1668 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_MODE_FAIL,
1669 "check param fail:0x%" LOG_PUBLIC "x failed", HKS_TAG_BLOCK_MODE);
1670 break;
1671 case HKS_TAG_DIGEST:
1672 ret = InitCheckOptionalParams(expectValues.digest.needCheck, isAbsent, param,
1673 expectValues.digest.values, expectValues.digest.valueCnt);
1674 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_DIGEST_FAIL,
1675 "check param fail:0x%" LOG_PUBLIC "x failed", HKS_TAG_DIGEST);
1676 break;
1677 case HKS_TAG_PADDING:
1678 ret = InitCheckOptionalParams(expectValues.padding.needCheck, isAbsent, param,
1679 expectValues.padding.values, expectValues.padding.valueCnt);
1680 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_CHECK_GET_PADDING_FAIL,
1681 "check param fail:0x%" LOG_PUBLIC "x failed", HKS_TAG_PADDING);
1682 break;
1683 default:
1684 HKS_LOG_E("invalid tag: %d", tag);
1685 ret = HKS_FAILURE;
1686 }
1687 return ret;
1688 }
1689
HksCheckFixedParams(uint32_t alg,enum CheckKeyType checkType,const struct ParamsValues * inputParams)1690 int32_t HksCheckFixedParams(uint32_t alg, enum CheckKeyType checkType, const struct ParamsValues *inputParams)
1691 {
1692 struct ExpectParamsValues expectValues = EXPECT_PARAMS_VALUES_INIT;
1693 int32_t ret = GetExpectParams(alg, checkType, &expectValues);
1694 HKS_IF_NOT_SUCC_RETURN(ret, ret)
1695
1696 ret = CheckOptionalParams(expectValues.keyLen.needCheck, inputParams->keyLen.isAbsent, inputParams->keyLen.value,
1697 expectValues.keyLen.values, expectValues.keyLen.valueCnt);
1698 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_KEY_SIZE,
1699 "check keyLen not expected, len = %" LOG_PUBLIC "u", inputParams->keyLen.value);
1700 ret = CheckOptionalParams(expectValues.padding.needCheck, inputParams->padding.isAbsent, inputParams->padding.value,
1701 expectValues.padding.values, expectValues.padding.valueCnt);
1702 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_PADDING,
1703 "check padding not expected, padding = %" LOG_PUBLIC "u", inputParams->padding.value);
1704 ret = CheckOptionalParams(expectValues.purpose.needCheck, inputParams->purpose.isAbsent, inputParams->purpose.value,
1705 expectValues.purpose.values, expectValues.purpose.valueCnt);
1706 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_PURPOSE,
1707 "check purpose not expected, purpose = %" LOG_PUBLIC "u", inputParams->purpose.value);
1708 ret = CheckOptionalParams(expectValues.digest.needCheck, inputParams->digest.isAbsent, inputParams->digest.value,
1709 expectValues.digest.values, expectValues.digest.valueCnt);
1710 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_DIGEST,
1711 "check digest not expected, digest = %" LOG_PUBLIC "u", inputParams->digest.value);
1712 ret = CheckOptionalParams(expectValues.mode.needCheck, inputParams->mode.isAbsent, inputParams->mode.value,
1713 expectValues.mode.values, expectValues.mode.valueCnt);
1714 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_MODE,
1715 "check mode not expected, mode = %" LOG_PUBLIC "u", inputParams->mode.value);
1716 return ret;
1717 }
1718
1719 #ifndef _CUT_AUTHENTICATE_
HksCheckGenKeyMutableParams(uint32_t alg,const struct ParamsValues * inputParams)1720 int32_t HksCheckGenKeyMutableParams(uint32_t alg, const struct ParamsValues *inputParams)
1721 {
1722 int32_t ret = HKS_SUCCESS;
1723 switch (alg) {
1724 #ifdef HKS_SUPPORT_RSA_C
1725 case HKS_ALG_RSA:
1726 ret = CheckRsaGenKeyPadding(inputParams);
1727 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_PADDING,
1728 "Check padding not expected, padding = %" LOG_PUBLIC "u", inputParams->padding.value);
1729 break;
1730 #endif
1731 #ifdef HKS_SUPPORT_AES_C
1732 case HKS_ALG_AES:
1733 ret = CheckAesPadding(inputParams);
1734 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_PADDING,
1735 "Check padding not expected, padding = %" LOG_PUBLIC "u", inputParams->padding.value);
1736 break;
1737 #endif
1738 #ifdef HKS_SUPPORT_SM4_C
1739 case HKS_ALG_SM4:
1740 ret = CheckSm4Padding(inputParams);
1741 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_INVALID_PADDING,
1742 "Check padding not expected, padding = %" LOG_PUBLIC "u", inputParams->padding.value);
1743 break;
1744 #endif
1745 default:
1746 /* other alg no need check padding */
1747 break;
1748 }
1749
1750 return ret;
1751 }
1752
CheckImportMutableParams(uint32_t alg,const struct ParamsValues * params)1753 int32_t CheckImportMutableParams(uint32_t alg, const struct ParamsValues *params)
1754 {
1755 if (((alg == HKS_ALG_DSA) || (alg == HKS_ALG_ED25519)) &&
1756 (params->purpose.value != HKS_KEY_PURPOSE_VERIFY)) {
1757 HKS_LOG_E("Import key check purpose failed.");
1758 return HKS_ERROR_INVALID_PURPOSE;
1759 }
1760
1761 if ((alg == HKS_ALG_SM2) &&
1762 ((params->purpose.value != HKS_KEY_PURPOSE_VERIFY) && (params->purpose.value != HKS_KEY_PURPOSE_ENCRYPT))) {
1763 HKS_LOG_E("Import key check purpose failed.");
1764 return HKS_ERROR_INVALID_PURPOSE;
1765 }
1766
1767 if ((alg == HKS_ALG_ECC) &&
1768 ((params->purpose.value != HKS_KEY_PURPOSE_VERIFY) && (params->purpose.value != HKS_KEY_PURPOSE_UNWRAP) &&
1769 (params->purpose.value != HKS_KEY_PURPOSE_AGREE))) {
1770 HKS_LOG_E("Import key check purpose failed.");
1771 return HKS_ERROR_INVALID_PURPOSE;
1772 }
1773
1774 if ((alg == HKS_ALG_RSA) &&
1775 ((params->purpose.value != HKS_KEY_PURPOSE_VERIFY) && (params->purpose.value != HKS_KEY_PURPOSE_ENCRYPT))) {
1776 HKS_LOG_E("Import key check purpose failed.");
1777 return HKS_ERROR_INVALID_PURPOSE;
1778 }
1779
1780 if (alg == HKS_ALG_RSA) {
1781 #ifdef HKS_SUPPORT_RSA_C
1782 if (params->padding.isAbsent) {
1783 return HKS_SUCCESS;
1784 }
1785 if (params->purpose.value == HKS_KEY_PURPOSE_ENCRYPT) {
1786 return HksCheckValue(params->padding.value, g_rsaCipherPadding, HKS_ARRAY_SIZE(g_rsaCipherPadding));
1787 } else if (params->purpose.value == HKS_KEY_PURPOSE_VERIFY) {
1788 return HksCheckValue(params->padding.value, g_rsaSignPadding, HKS_ARRAY_SIZE(g_rsaSignPadding));
1789 }
1790 #else
1791 return HKS_ERROR_NOT_SUPPORTED;
1792 #endif
1793 }
1794
1795 return HKS_SUCCESS;
1796 }
1797
HksCheckSignature(uint32_t cmdId,uint32_t alg,uint32_t keySize,const struct HksBlob * signature)1798 int32_t HksCheckSignature(uint32_t cmdId, uint32_t alg, uint32_t keySize, const struct HksBlob *signature)
1799 {
1800 (void)cmdId;
1801 (void)keySize;
1802 (void)signature;
1803 switch (alg) {
1804 #if defined(HKS_SUPPORT_RSA_C) && defined(HKS_SUPPORT_RSA_SIGN_VERIFY)
1805 case HKS_ALG_RSA:
1806 HKS_IF_NOT_SUCC_LOGE_RETURN(HksCheckValue(keySize, g_rsaKeySize, HKS_ARRAY_SIZE(g_rsaKeySize)),
1807 HKS_ERROR_INVALID_ARGUMENT, "check key size: key size value %" LOG_PUBLIC "u not expected", keySize)
1808 return CheckRsaSignature(cmdId, keySize, signature);
1809 #endif
1810 #if defined(HKS_SUPPORT_DSA_C) && defined(HKS_SUPPORT_DSA_SIGN_VERIFY)
1811 case HKS_ALG_DSA:
1812 return HKS_SUCCESS;
1813 #endif
1814 #ifdef HKS_SUPPORT_ECC_C
1815 case HKS_ALG_ECC:
1816 HKS_IF_NOT_SUCC_LOGE_RETURN(HksCheckValue(keySize, g_eccKeySize, HKS_ARRAY_SIZE(g_eccKeySize)),
1817 HKS_ERROR_INVALID_ARGUMENT, "check key size: key size value %" LOG_PUBLIC "u not expected", keySize)
1818 return CheckEccSignature(cmdId, keySize, signature);
1819 #endif
1820 #ifdef HKS_SUPPORT_ED25519_C
1821 case HKS_ALG_ED25519:
1822 return CheckEd25519Signature(cmdId, signature);
1823 #endif
1824 #ifdef HKS_SUPPORT_SM2_C
1825 case HKS_ALG_SM2:
1826 HKS_IF_NOT_SUCC_LOGE_RETURN(HksCheckValue(keySize, g_sm2KeySize, HKS_ARRAY_SIZE(g_sm2KeySize)),
1827 HKS_ERROR_INVALID_ARGUMENT, "check key size: key size value %" LOG_PUBLIC "u not expected", keySize)
1828 return CheckEccSignature(cmdId, keySize, signature);
1829 #endif
1830 default:
1831 return HKS_ERROR_INVALID_ALGORITHM;
1832 }
1833 }
1834
HksCheckSignVerifyMutableParams(uint32_t cmdId,uint32_t alg,const struct ParamsValues * inputParams)1835 int32_t HksCheckSignVerifyMutableParams(uint32_t cmdId, uint32_t alg, const struct ParamsValues *inputParams)
1836 {
1837 switch (cmdId) {
1838 case HKS_CMD_ID_SIGN:
1839 if ((inputParams->purpose.value & HKS_KEY_PURPOSE_SIGN) == 0) {
1840 return HKS_ERROR_INVALID_PURPOSE;
1841 }
1842 break;
1843 case HKS_CMD_ID_VERIFY:
1844 if ((inputParams->purpose.value & HKS_KEY_PURPOSE_VERIFY) == 0) {
1845 return HKS_ERROR_INVALID_PURPOSE;
1846 }
1847 break;
1848 default:
1849 return HKS_ERROR_INVALID_ARGUMENT;
1850 }
1851
1852 switch (alg) {
1853 #ifdef HKS_SUPPORT_RSA_C
1854 case HKS_ALG_RSA:
1855 HKS_IF_NOT_SUCC_RETURN(HksCheckValue(inputParams->padding.value, g_rsaSignPadding,
1856 HKS_ARRAY_SIZE(g_rsaSignPadding)), HKS_ERROR_INVALID_PADDING)
1857 break;
1858 #endif
1859 #ifdef HKS_SUPPORT_DSA_C
1860 case HKS_ALG_DSA:
1861 break;
1862 #endif
1863 #ifdef HKS_SUPPORT_ECC_C
1864 case HKS_ALG_ECC:
1865 break;
1866 #endif
1867 default:
1868 /* other alg no need check padding */
1869 break;
1870 }
1871 return HKS_SUCCESS;
1872 }
1873 #endif /* _CUT_AUTHENTICATE_ */
1874
HksCheckCipherMutableParams(uint32_t cmdId,uint32_t alg,const struct ParamsValues * inputParams)1875 int32_t HksCheckCipherMutableParams(uint32_t cmdId, uint32_t alg, const struct ParamsValues *inputParams)
1876 {
1877 switch (cmdId) {
1878 case HKS_CMD_ID_ENCRYPT:
1879 if ((inputParams->purpose.value & HKS_KEY_PURPOSE_ENCRYPT) == 0) {
1880 return HKS_ERROR_INVALID_PURPOSE;
1881 }
1882 break;
1883 case HKS_CMD_ID_DECRYPT:
1884 if ((inputParams->purpose.value & HKS_KEY_PURPOSE_DECRYPT) == 0) {
1885 return HKS_ERROR_INVALID_PURPOSE;
1886 }
1887 break;
1888 default:
1889 return HKS_ERROR_INVALID_ARGUMENT;
1890 }
1891
1892 int32_t ret = HKS_ERROR_INVALID_PADDING;
1893 switch (alg) {
1894 #ifdef HKS_SUPPORT_RSA_C
1895 case HKS_ALG_RSA:
1896 ret = HksCheckValue(inputParams->padding.value, g_rsaCipherPadding, HKS_ARRAY_SIZE(g_rsaCipherPadding));
1897 break;
1898 #endif
1899 #ifdef HKS_SUPPORT_AES_C
1900 case HKS_ALG_AES:
1901 ret = CheckAesPadding(inputParams);
1902 break;
1903 #endif
1904 #ifdef HKS_SUPPORT_SM4_C
1905 case HKS_ALG_SM4:
1906 ret = CheckSm4Padding(inputParams);
1907 break;
1908 #endif
1909 #ifdef HKS_SUPPORT_SM2_C
1910 case HKS_ALG_SM2:
1911 ret = HksCheckValue(inputParams->padding.value, g_sm2CipherPadding, HKS_ARRAY_SIZE(g_sm2CipherPadding));
1912 break;
1913 #endif
1914 default:
1915 return HKS_ERROR_INVALID_ALGORITHM;
1916 }
1917 HKS_IF_NOT_SUCC_RETURN(ret, HKS_ERROR_INVALID_PADDING)
1918 return ret;
1919 }
1920
HksCheckCipherData(uint32_t cmdId,uint32_t alg,const struct ParamsValues * inputParams,const struct HksBlob * inData,const struct HksBlob * outData)1921 int32_t HksCheckCipherData(uint32_t cmdId, uint32_t alg, const struct ParamsValues *inputParams,
1922 const struct HksBlob *inData, const struct HksBlob *outData)
1923 {
1924 switch (alg) {
1925 #if defined(HKS_SUPPORT_RSA_C) && defined(HKS_SUPPORT_RSA_CRYPT)
1926 case HKS_ALG_RSA:
1927 return CheckRsaCipherData(cmdId, inputParams, inData, outData);
1928 #endif
1929 #ifdef HKS_SUPPORT_AES_C
1930 case HKS_ALG_AES:
1931 return CheckBlockCipherData(cmdId, inputParams, inData, outData, HKS_ALG_AES);
1932 #endif
1933 #ifdef HKS_SUPPORT_SM4_C
1934 case HKS_ALG_SM4:
1935 return CheckBlockCipherData(cmdId, inputParams, inData, outData, HKS_ALG_SM4);
1936 #endif
1937 #ifdef HKS_SUPPORT_SM2_C
1938 case HKS_ALG_SM2:
1939 return HKS_SUCCESS;
1940 #endif
1941 default:
1942 return HKS_ERROR_INVALID_ALGORITHM;
1943 }
1944 }
1945
HksCheckCipherMaterialParams(uint32_t alg,const struct ParamsValues * inputParams,const struct HksParamSet * paramSet)1946 int32_t HksCheckCipherMaterialParams(uint32_t alg, const struct ParamsValues *inputParams,
1947 const struct HksParamSet *paramSet)
1948 {
1949 #ifdef HKS_SUPPORT_AES_C
1950 if (alg == HKS_ALG_AES) {
1951 uint32_t mode = inputParams->mode.value;
1952 if (mode == HKS_MODE_CBC) {
1953 return CheckBlockCipherIvMaterial(paramSet);
1954 } else if ((mode == HKS_MODE_CCM) || (mode == HKS_MODE_GCM)) {
1955 return CheckCipherAeMaterial(mode, paramSet);
1956 }
1957 }
1958 #endif
1959 #ifdef HKS_SUPPORT_SM4_C
1960 if (alg == HKS_ALG_SM4) {
1961 uint32_t mode = inputParams->mode.value;
1962 if (mode == HKS_MODE_CBC || mode == HKS_MODE_CTR || mode == HKS_MODE_CFB || mode == HKS_MODE_OFB) {
1963 return CheckBlockCipherIvMaterial(paramSet);
1964 }
1965 }
1966 #endif
1967 return HKS_SUCCESS;
1968 }
1969
1970 #ifdef HKS_SUPPORT_USER_AUTH_ACCESS_CONTROL
HasValidAuthAccessType(const struct ExpectParams allowAuthAccessTypes,uint32_t authAccessType,uint32_t * matchType)1971 static int32_t HasValidAuthAccessType(const struct ExpectParams allowAuthAccessTypes,
1972 uint32_t authAccessType, uint32_t *matchType)
1973 {
1974 for (uint32_t i = 0; i < allowAuthAccessTypes.valueCnt; i++) {
1975 if ((authAccessType & allowAuthAccessTypes.values[i]) != 0) {
1976 *matchType = allowAuthAccessTypes.values[i];
1977 return HKS_SUCCESS;
1978 }
1979 }
1980 return HKS_ERROR_INVALID_ARGUMENT;
1981 }
1982
HksCheckAuthAccessTypeByUserAuthType(uint32_t userAuthType,uint32_t authAccessType)1983 static int32_t HksCheckAuthAccessTypeByUserAuthType(uint32_t userAuthType, uint32_t authAccessType)
1984 {
1985 uint32_t valuesCnt = HKS_ARRAY_SIZE(g_expectAuthAccessParams);
1986 uint32_t validAuthAccessType = 0;
1987 uint32_t tempType = 0;
1988 for (uint32_t i = 0; i < valuesCnt; i++) {
1989 struct AuthAccessTypeChecker checker = g_expectAuthAccessParams[i];
1990 if ((checker.userAuthType & userAuthType) != 0 &&
1991 HasValidAuthAccessType(checker.allowAuthAccessTypes, authAccessType, &tempType) == HKS_SUCCESS) {
1992 validAuthAccessType |= tempType;
1993 }
1994 }
1995 if ((authAccessType != 0) && (authAccessType == validAuthAccessType)) {
1996 if ((authAccessType & HKS_AUTH_ACCESS_ALWAYS_VALID) != 0
1997 && (authAccessType &(~HKS_AUTH_ACCESS_ALWAYS_VALID)) != 0) {
1998 HKS_LOG_E("auth access type is invalid: ALWAYS_VALID cannot coexist with other type");
1999 return HKS_ERROR_INVALID_ACCESS_TYPE;
2000 }
2001 return HKS_SUCCESS;
2002 }
2003 HKS_LOG_E("authAccessType %" LOG_PUBLIC "u is not equal to validAuthAccessType %" LOG_PUBLIC "u or is 0",
2004 authAccessType, validAuthAccessType);
2005 return HKS_ERROR_INVALID_ACCESS_TYPE;
2006 }
2007 #endif
2008
HksCheckUserAuthParams(uint32_t userAuthType,uint32_t authAccessType,uint32_t challengeType)2009 int32_t HksCheckUserAuthParams(uint32_t userAuthType, uint32_t authAccessType, uint32_t challengeType)
2010 {
2011 #ifdef HKS_SUPPORT_USER_AUTH_ACCESS_CONTROL
2012 int32_t ret = HksCheckValue(userAuthType, g_supportUserAuthTypes, HKS_ARRAY_SIZE(g_supportUserAuthTypes));
2013 HKS_IF_NOT_SUCC_RETURN(ret, HKS_ERROR_INVALID_AUTH_TYPE)
2014
2015 ret = HksCheckValue(challengeType, g_userAuthChallengeType, HKS_ARRAY_SIZE(g_userAuthChallengeType));
2016 HKS_IF_NOT_SUCC_RETURN(ret, HKS_ERROR_INVALID_CHALLENGE_TYPE)
2017
2018 return HksCheckAuthAccessTypeByUserAuthType(userAuthType, authAccessType);
2019 #else
2020 (void)userAuthType;
2021 (void)authAccessType;
2022 (void)challengeType;
2023 return HKS_SUCCESS;
2024 #endif
2025 }
2026
HksCheckSecureSignParams(uint32_t secureSignType)2027 int32_t HksCheckSecureSignParams(uint32_t secureSignType)
2028 {
2029 #ifdef HKS_SUPPORT_USER_AUTH_ACCESS_CONTROL
2030 return HksCheckValue(secureSignType, g_supportSecureSignType, HKS_ARRAY_SIZE(g_supportSecureSignType));
2031 #else
2032 (void)secureSignType;
2033 return HKS_SUCCESS;
2034 #endif
2035 }
2036
2037 /* If the algorithm is ed25519, the plaintext is directly cached, and if the digest is HKS_DIGEST_NONE, the
2038 hash value has been passed in by the user. So the hash value does not need to be free.
2039 */
HksCheckNeedCache(uint32_t alg,uint32_t digest)2040 int32_t HksCheckNeedCache(uint32_t alg, uint32_t digest)
2041 {
2042 if ((alg == HKS_ALG_ED25519) || (digest == HKS_DIGEST_NONE)) {
2043 HKS_LOG_I("need to cache the data");
2044 return HKS_SUCCESS;
2045 }
2046 return HKS_FAILURE;
2047 }
2048
2049 #ifdef HKS_SUPPORT_USER_AUTH_ACCESS_CONTROL
CheckUserAuthKeyInfoValidity(const struct HksParamSet * paramSet,const struct KeyInfoParams * params,uint32_t paramsCnt)2050 static int32_t CheckUserAuthKeyInfoValidity(const struct HksParamSet *paramSet,
2051 const struct KeyInfoParams *params, uint32_t paramsCnt)
2052 {
2053 for (uint32_t i = 0; i < paramsCnt; i++) {
2054 if (params[i].needCheck) {
2055 struct HksParam *param = NULL;
2056 int32_t ret = HksGetParam(paramSet, params[i].tag, ¶m);
2057 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_SUCCESS, "tag is empty and no need to check!")
2058
2059 ret = HksCheckValue(param->uint32Param, params[i].values, params[i].valueCnt);
2060 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "not support tag %" LOG_PUBLIC "u and value is %" LOG_PUBLIC "u",
2061 params[i].tag, param->uint32Param)
2062 }
2063 }
2064 return HKS_SUCCESS;
2065 }
2066 #endif
2067
HksCheckUserAuthKeyInfoValidity(const struct HksParamSet * paramSet)2068 int32_t HksCheckUserAuthKeyInfoValidity(const struct HksParamSet *paramSet)
2069 {
2070 #ifdef HKS_SUPPORT_USER_AUTH_ACCESS_CONTROL
2071 HKS_IF_NOT_SUCC_LOGE_RETURN(HksCheckParamSet(paramSet, paramSet->paramSetSize),
2072 HKS_ERROR_INVALID_ARGUMENT, "invalid paramSet!")
2073
2074 struct HksParam *algParam = NULL;
2075 int32_t ret = HksGetParam(paramSet, HKS_TAG_ALGORITHM, &algParam);
2076 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get alg param failed!")
2077
2078 for (uint32_t i = 0; i < HKS_ARRAY_SIZE(g_validKeyInfo); i++) {
2079 if (algParam->uint32Param == g_validKeyInfo[i].keyAlg) {
2080 ret = CheckUserAuthKeyInfoValidity(paramSet, g_validKeyInfo[i].params, g_validKeyInfo[i].paramsCnt);
2081 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_NOT_SUPPORTED, "not support set key auth purpose!")
2082 }
2083 }
2084 HKS_LOG_I("support set key auth purpose!");
2085 return ret;
2086 #else
2087 (void)paramSet;
2088 return HKS_SUCCESS;
2089 #endif
2090 }