1 /*
2 * Copyright (c) 2020-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #include "hks_config.h"
20 #endif
21
22 #ifdef HKS_SUPPORT_AES_C
23
24 #include "hks_mbedtls_aes.h"
25
26 #include <mbedtls/aes.h>
27 #include <mbedtls/ccm.h>
28 #include <mbedtls/cipher.h>
29 #include <mbedtls/ctr_drbg.h>
30 #include <mbedtls/entropy.h>
31 #include <mbedtls/gcm.h>
32
33 #include "hks_log.h"
34 #include "hks_mbedtls_common.h"
35 #include "hks_mem.h"
36 #include "hks_template.h"
37
38 #define HKS_AES_CBC_NOPADDING_IV_SIZE 16
39 #define HKS_AES_CBC_DATA_BLOB_SIZE 16
40 #define HKS_AES_CCM_DATA_SIZE_MAX (1 * 1024 * 1024) // 1M
41
42 struct HksMbedtlsAesCtx {
43 uint32_t algType;
44 uint32_t mode;
45 uint32_t padding;
46 uint8_t *append;
47 uint8_t iv[HKS_AES_CBC_NOPADDING_IV_SIZE];
48 uint8_t *nonce;
49 uint32_t nonceSize;
50 uint8_t *aad;
51 uint32_t aadSize;
52 } HksMbedtlsAesCtx;
53
54 #ifdef HKS_SUPPORT_AES_GENERATE_KEY
HksMbedtlsAesGenerateKey(const struct HksKeySpec * spec,struct HksBlob * key)55 int32_t HksMbedtlsAesGenerateKey(const struct HksKeySpec *spec, struct HksBlob *key)
56 {
57 if (spec->keyLen != HKS_AES_KEY_SIZE_128 && spec->keyLen != HKS_AES_KEY_SIZE_192 &&
58 spec->keyLen != HKS_AES_KEY_SIZE_256) {
59 return HKS_ERROR_INVALID_ARGUMENT;
60 }
61
62 const uint32_t keyByteLen = spec->keyLen / HKS_BITS_PER_BYTE;
63
64 uint8_t *outKey = (uint8_t *)HksMalloc(keyByteLen);
65 HKS_IF_NULL_RETURN(outKey, HKS_ERROR_MALLOC_FAIL)
66
67 mbedtls_entropy_context entropy;
68 mbedtls_ctr_drbg_context ctrDrbg;
69 (void)memset_s(&entropy, sizeof(mbedtls_entropy_context), 0, sizeof(mbedtls_entropy_context));
70 (void)memset_s(&ctrDrbg, sizeof(mbedtls_ctr_drbg_context), 0, sizeof(mbedtls_ctr_drbg_context));
71 int32_t ret = HksCtrDrbgSeed(&ctrDrbg, &entropy);
72 if (ret != HKS_SUCCESS) {
73 HKS_FREE(outKey);
74 return ret;
75 }
76
77 do {
78 ret = mbedtls_ctr_drbg_random(&ctrDrbg, outKey, keyByteLen);
79 if (ret != HKS_MBEDTLS_SUCCESS) {
80 HKS_LOG_E("Mbedtls ctr drbg random failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
81 (void)memset_s(outKey, keyByteLen, 0, keyByteLen);
82 HKS_FREE(outKey);
83 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
84 break;
85 }
86
87 key->data = outKey;
88 key->size = keyByteLen;
89 } while (0);
90
91 mbedtls_ctr_drbg_free(&ctrDrbg);
92 mbedtls_entropy_free(&entropy);
93 return ret;
94 }
95 #endif /* HKS_SUPPORT_AES_GENERATE_KEY */
96
97 #ifdef HKS_SUPPORT_AES_CBC_NOPADDING
AesCbcNoPaddingCrypt(const struct HksBlob * key,const struct HksCipherParam * cipherParam,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)98 static int32_t AesCbcNoPaddingCrypt(const struct HksBlob *key, const struct HksCipherParam *cipherParam,
99 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
100 {
101 mbedtls_aes_context ctx;
102 mbedtls_aes_init(&ctx);
103
104 int32_t ret;
105 do {
106 if (encrypt) {
107 ret = mbedtls_aes_setkey_enc(&ctx, key->data, key->size * HKS_BITS_PER_BYTE);
108 } else {
109 ret = mbedtls_aes_setkey_dec(&ctx, key->data, key->size * HKS_BITS_PER_BYTE);
110 }
111 if (ret != HKS_MBEDTLS_SUCCESS) {
112 HKS_LOG_E("Mbedtls aes set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
113 break;
114 }
115
116 /* mbedtls_aes_crypt_cbc will refresh iv, so need a temp iv */
117 uint8_t tmpIv[HKS_AES_CBC_NOPADDING_IV_SIZE];
118 if (memcpy_s(tmpIv, HKS_AES_CBC_NOPADDING_IV_SIZE, cipherParam->iv.data, cipherParam->iv.size) != EOK) {
119 HKS_LOG_E("Memcpy temp iv failed!");
120 ret = HKS_ERROR_INVALID_IV;
121 break;
122 }
123
124 ret = mbedtls_aes_crypt_cbc(&ctx,
125 (encrypt ? MBEDTLS_AES_ENCRYPT : MBEDTLS_AES_DECRYPT),
126 message->size,
127 tmpIv,
128 message->data,
129 cipherText->data);
130 if (ret != HKS_MBEDTLS_SUCCESS) {
131 HKS_LOG_E("Mbedtks aes cbc crypt failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
132 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
133 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
134 break;
135 }
136 cipherText->size = message->size;
137 } while (0);
138
139 mbedtls_aes_free(&ctx);
140 return ret;
141 }
142
AesCbcNoPaddingCryptInit(void ** cryptoCtx,const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const bool encrypt)143 static int32_t AesCbcNoPaddingCryptInit(void **cryptoCtx, const struct HksBlob *key,
144 const struct HksUsageSpec *usageSpec, const bool encrypt)
145 {
146 mbedtls_aes_context *ctx = (mbedtls_aes_context *)HksMalloc(sizeof(mbedtls_aes_context));
147 HKS_IF_NULL_LOGE_RETURN(ctx, HKS_ERROR_MALLOC_FAIL, "initialize ctx fail")
148 mbedtls_aes_init(ctx);
149
150 int32_t ret;
151 if (encrypt) {
152 ret = mbedtls_aes_setkey_enc(ctx, key->data, key->size * HKS_BITS_PER_BYTE);
153 } else {
154 ret = mbedtls_aes_setkey_dec(ctx, key->data, key->size * HKS_BITS_PER_BYTE);
155 }
156 if (ret != HKS_MBEDTLS_SUCCESS) {
157 HKS_LOG_E("Mbedtls aes set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
158 mbedtls_aes_free(ctx);
159 HKS_FREE(ctx);
160 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
161 }
162
163 struct HksMbedtlsAesCtx *outCtx = (struct HksMbedtlsAesCtx *)HksMalloc(sizeof(HksMbedtlsAesCtx));
164 if (outCtx == NULL) {
165 HKS_LOG_E("initialize outCtx fail");
166 mbedtls_aes_free(ctx);
167 HKS_FREE(ctx);
168 return HKS_ERROR_MALLOC_FAIL;
169 }
170
171 outCtx->append = (void *)ctx;
172 outCtx->mode = usageSpec->mode;
173 outCtx->padding = usageSpec->padding;
174 struct HksCipherParam *iv = (struct HksCipherParam *)(usageSpec->algParam);
175 (void)memcpy_s(outCtx->iv, HKS_AES_CBC_NOPADDING_IV_SIZE, iv->iv.data, HKS_AES_CBC_NOPADDING_IV_SIZE);
176
177 *cryptoCtx = (void *)outCtx;
178
179 return ret;
180 }
181
AesCbcNoPaddingCryptUpdate(void * cryptoCtx,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)182 static int32_t AesCbcNoPaddingCryptUpdate(void *cryptoCtx,
183 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
184 {
185 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)cryptoCtx;
186 HKS_IF_NULL_RETURN(aesCtx, HKS_ERROR_NULL_POINTER)
187
188 mbedtls_aes_context *cbcNoPaddingCtx = (mbedtls_aes_context *)aesCtx->append;
189
190 HKS_IF_NULL_RETURN(cbcNoPaddingCtx, HKS_ERROR_NULL_POINTER)
191
192 int32_t ret;
193 do {
194 if (message->size % HKS_AES_CBC_DATA_BLOB_SIZE != 0) {
195 HKS_LOG_E("AesCbcNoPaddingCryptUpdate data size invalid!");
196 ret = HKS_ERROR_INVALID_ARGUMENT;
197 break;
198 }
199
200 /* mbedtls_aes_crypt_cbc will refresh iv, so need a temp iv */
201 uint8_t tmpIv[HKS_AES_CBC_NOPADDING_IV_SIZE];
202 if (memcpy_s(tmpIv, HKS_AES_CBC_NOPADDING_IV_SIZE, aesCtx->iv, HKS_AES_CBC_NOPADDING_IV_SIZE) != EOK) {
203 HKS_LOG_E("Memcpy temp iv failed!");
204 ret = HKS_ERROR_INVALID_IV;
205 break;
206 }
207
208 ret = mbedtls_aes_crypt_cbc(cbcNoPaddingCtx,
209 (encrypt ? MBEDTLS_AES_ENCRYPT : MBEDTLS_AES_DECRYPT),
210 message->size,
211 tmpIv,
212 message->data,
213 cipherText->data);
214 if (ret != HKS_MBEDTLS_SUCCESS) {
215 HKS_LOG_E("Mbedtks aes cbc nopadding crypt failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
216 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
217 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
218 break;
219 }
220
221 cipherText->size = message->size;
222 (void)memcpy_s(aesCtx->iv, HKS_AES_CBC_NOPADDING_IV_SIZE, tmpIv, HKS_AES_CBC_NOPADDING_IV_SIZE);
223 } while (0);
224
225 return ret;
226 }
227
AesCbcNoPaddingCryptFinal(void ** cryptoCtx,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)228 static int32_t AesCbcNoPaddingCryptFinal(void **cryptoCtx,
229 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
230 {
231 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)*cryptoCtx;
232 mbedtls_aes_context *cbcNoPaddingCtx = (mbedtls_aes_context *)aesCtx->append;
233
234 if (cbcNoPaddingCtx == NULL) {
235 HKS_FREE(*cryptoCtx);
236 return HKS_ERROR_NULL_POINTER;
237 }
238
239 int32_t ret = HKS_SUCCESS;
240 do {
241 if (message->size % HKS_AES_CBC_DATA_BLOB_SIZE != 0) {
242 HKS_LOG_E("AesCbcNoPaddingCryptFinal data size invalid!");
243 ret = HKS_ERROR_INVALID_ARGUMENT;
244 break;
245 }
246
247 if (message->size != 0) {
248 /* mbedtls_aes_crypt_cbc will refresh iv, so need a temp iv */
249 uint8_t tmpIv[HKS_AES_CBC_NOPADDING_IV_SIZE];
250 if (memcpy_s(tmpIv, HKS_AES_CBC_NOPADDING_IV_SIZE, aesCtx->iv, HKS_AES_CBC_NOPADDING_IV_SIZE) != EOK) {
251 HKS_LOG_E("Memcpy temp iv failed!");
252 ret = HKS_ERROR_INVALID_IV;
253 break;
254 }
255 ret = mbedtls_aes_crypt_cbc(cbcNoPaddingCtx,
256 (encrypt ? MBEDTLS_AES_ENCRYPT : MBEDTLS_AES_DECRYPT),
257 message->size,
258 tmpIv,
259 message->data,
260 cipherText->data);
261 if (ret != HKS_MBEDTLS_SUCCESS) {
262 HKS_LOG_E("Mbedtls aes gcm encryot failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
263 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
264 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
265 break;
266 }
267 }
268 cipherText->size = message->size;
269 } while (0);
270
271 mbedtls_aes_free(cbcNoPaddingCtx);
272 HKS_FREE(aesCtx->append);
273 HKS_FREE(*cryptoCtx);
274
275 return ret;
276 }
277 #endif /* HKS_SUPPORT_AES_CBC_NOPADDING */
278
279 #ifdef HKS_SUPPORT_AES_CBC_PKCS7
AesCbcPkcs7Crypt(const struct HksBlob * key,const struct HksCipherParam * cipherParam,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)280 static int32_t AesCbcPkcs7Crypt(const struct HksBlob *key, const struct HksCipherParam *cipherParam,
281 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
282 {
283 const uint32_t keyBitLen = key->size * HKS_BITS_PER_BYTE;
284 const mbedtls_cipher_info_t *info =
285 mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, keyBitLen, MBEDTLS_MODE_CBC);
286
287 mbedtls_cipher_context_t ctx;
288 mbedtls_cipher_init(&ctx);
289
290 int32_t ret;
291 do {
292 ret = mbedtls_cipher_setup(&ctx, info);
293 if (ret != HKS_MBEDTLS_SUCCESS) {
294 HKS_LOG_E("Mbedtls cbc pkcs7 setup ctx failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
295 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
296 break;
297 }
298
299 ret = mbedtls_cipher_setkey(&ctx, key->data, keyBitLen, (encrypt ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT));
300 if (ret != HKS_MBEDTLS_SUCCESS) {
301 HKS_LOG_E("Mbedtls cbc pkcs7 set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
302 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
303 break;
304 }
305 size_t keyLen = cipherText->size;
306 ret = mbedtls_cipher_crypt(&ctx,
307 cipherParam->iv.data,
308 cipherParam->iv.size,
309 message->data,
310 message->size,
311 cipherText->data,
312 &keyLen);
313 cipherText->size = (uint32_t)keyLen;
314 if (ret != HKS_MBEDTLS_SUCCESS) {
315 HKS_LOG_E("Mbedtls cbc pkcs7 crypt failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
316 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
317 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
318 }
319 } while (0);
320
321 mbedtls_cipher_free(&ctx);
322 return ret;
323 }
324
AesCbcPkcs7CryptInitParam(const struct HksBlob * key,mbedtls_cipher_context_t * cbcPkcs7ctx,const bool encrypt)325 static int32_t AesCbcPkcs7CryptInitParam(const struct HksBlob *key, mbedtls_cipher_context_t *cbcPkcs7ctx,
326 const bool encrypt)
327 {
328 const uint32_t keyBitLen = key->size * HKS_BITS_PER_BYTE;
329 const mbedtls_cipher_info_t *info =
330 mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, keyBitLen, MBEDTLS_MODE_CBC);
331 if (info == NULL) {
332 HKS_LOG_E("get cipher info from values failed!");
333 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
334 }
335 int32_t ret = mbedtls_cipher_setup(cbcPkcs7ctx, info);
336 if (ret != HKS_MBEDTLS_SUCCESS) {
337 HKS_LOG_E("Mbedtls cbc pkcs7 setup ctx failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
338 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
339 }
340
341 ret = mbedtls_cipher_setkey(cbcPkcs7ctx, key->data, keyBitLen, (encrypt ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT));
342 if (ret != HKS_MBEDTLS_SUCCESS) {
343 HKS_LOG_E("Mbedtls cbc pkcs7 set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
344 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
345 }
346 return HKS_SUCCESS;
347 }
348
AesCbcPkcs7CryptInit(void ** cryptoCtx,const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const bool encrypt)349 static int32_t AesCbcPkcs7CryptInit(void **cryptoCtx, const struct HksBlob *key,
350 const struct HksUsageSpec *usageSpec, const bool encrypt)
351 {
352 mbedtls_cipher_context_t *cbcPkcs7ctx = (mbedtls_cipher_context_t *)HksMalloc(sizeof(mbedtls_cipher_context_t));
353 HKS_IF_NULL_LOGE_RETURN(cbcPkcs7ctx, HKS_ERROR_MALLOC_FAIL, "malloc cbcPkcs7ctx fail")
354 mbedtls_cipher_init(cbcPkcs7ctx);
355
356 int32_t ret = AesCbcPkcs7CryptInitParam(key, cbcPkcs7ctx, encrypt);
357 if (ret != HKS_SUCCESS) {
358 HKS_LOG_E("AesCbcPkcs7CryptInitParam fail %" LOG_PUBLIC "d", ret);
359 mbedtls_cipher_free(cbcPkcs7ctx);
360 HKS_FREE(cbcPkcs7ctx);
361 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
362 }
363
364 const struct HksCipherParam *cipherParam = (struct HksCipherParam *)(usageSpec->algParam);
365 ret = mbedtls_cipher_set_iv(cbcPkcs7ctx, cipherParam->iv.data, cipherParam->iv.size);
366 if (ret != HKS_MBEDTLS_SUCCESS) {
367 HKS_LOG_E("Mbedtls cbc pkcs7 set iv failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
368 mbedtls_cipher_free(cbcPkcs7ctx);
369 HKS_FREE(cbcPkcs7ctx);
370 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
371 }
372 ret = mbedtls_cipher_reset(cbcPkcs7ctx);
373 if (ret != HKS_MBEDTLS_SUCCESS) {
374 HKS_LOG_E("Mbedtls cbc pkcs7 reset failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
375 mbedtls_cipher_free(cbcPkcs7ctx);
376 HKS_FREE(cbcPkcs7ctx);
377 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
378 }
379
380 struct HksMbedtlsAesCtx *outCtx = (struct HksMbedtlsAesCtx *)HksMalloc(sizeof(HksMbedtlsAesCtx));
381 if (outCtx == NULL) {
382 HKS_LOG_E("malloc outCtx fail");
383 mbedtls_cipher_free(cbcPkcs7ctx);
384 HKS_FREE(cbcPkcs7ctx);
385 return HKS_ERROR_MALLOC_FAIL;
386 }
387
388 outCtx->mode = usageSpec->mode;
389 outCtx->padding = usageSpec->padding;
390 outCtx->append = (void *)cbcPkcs7ctx;
391
392 *cryptoCtx = (void *)outCtx;
393
394 return ret;
395 }
396
AesCbcPkcs7CryptUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)397 static int32_t AesCbcPkcs7CryptUpdate(void *cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText)
398 {
399 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)cryptoCtx;
400 mbedtls_cipher_context_t *cbcPkcs7ctx = (mbedtls_cipher_context_t *)aesCtx->append;
401
402 HKS_IF_NULL_RETURN(cbcPkcs7ctx, HKS_ERROR_NULL_POINTER)
403 size_t keyLen = cipherText->size;
404 int32_t ret = mbedtls_cipher_update(cbcPkcs7ctx, message->data, message->size, cipherText->data,
405 &keyLen);
406 cipherText->size = (uint32_t)keyLen;
407 if (ret != HKS_MBEDTLS_SUCCESS) {
408 HKS_LOG_E("Mbedtls cbc pkcs7 crypt update failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
409 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
410 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
411 }
412 return ret;
413 }
414
AesCbcPkcs7CryptFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)415 static int32_t AesCbcPkcs7CryptFinal(void **cryptoCtx, const struct HksBlob *message,
416 struct HksBlob *cipherText)
417 {
418 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)*cryptoCtx;
419 mbedtls_cipher_context_t *cbcPkcs7ctx = (mbedtls_cipher_context_t *)aesCtx->append;
420
421 if (cbcPkcs7ctx == NULL) {
422 HKS_FREE(*cryptoCtx);
423 return HKS_ERROR_NULL_POINTER;
424 }
425
426 size_t finish_olen;
427 int32_t ret;
428 do {
429 cipherText->size = 0;
430 if (message->size != 0) {
431 size_t keyLen = cipherText->size;
432 ret = mbedtls_cipher_update(cbcPkcs7ctx, message->data, message->size, cipherText->data,
433 &keyLen);
434 cipherText->size = (uint32_t)keyLen;
435 if (ret != HKS_MBEDTLS_SUCCESS) {
436 HKS_LOG_E("Mbedtls cbc pkcs7 crypt update failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
437 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
438 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
439 break;
440 }
441 }
442
443 size_t olen = (size_t)cipherText->size;
444 ret = mbedtls_cipher_finish(cbcPkcs7ctx, cipherText->data + olen, &finish_olen);
445 if (ret != HKS_MBEDTLS_SUCCESS) {
446 HKS_LOG_E("Mbedtls cbc pkcs7 crypt finish failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
447 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
448 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
449 break;
450 }
451 cipherText->size = olen + finish_olen;
452 } while (0);
453
454 mbedtls_cipher_free(cbcPkcs7ctx);
455 HKS_FREE(aesCtx->append);
456 HKS_FREE(*cryptoCtx);
457
458 return ret;
459 }
460 #endif /* HKS_SUPPORT_AES_CBC_PKCS7 */
461
462 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
AesCbcCrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)463 static int32_t AesCbcCrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
464 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
465 {
466 const struct HksCipherParam *cipherParam = (struct HksCipherParam *)(usageSpec->algParam);
467
468 switch (usageSpec->padding) {
469 #ifdef HKS_SUPPORT_AES_CBC_NOPADDING
470 case HKS_PADDING_NONE:
471 return AesCbcNoPaddingCrypt(key, cipherParam, message, encrypt, cipherText);
472 #endif
473 #ifdef HKS_SUPPORT_AES_CBC_PKCS7
474 case HKS_PADDING_PKCS7:
475 return AesCbcPkcs7Crypt(key, cipherParam, message, encrypt, cipherText);
476 #endif
477 default:
478 HKS_LOG_E("Unsupport padding! mode = 0x%" LOG_PUBLIC "X", usageSpec->padding);
479 return HKS_ERROR_INVALID_PADDING;
480 }
481 }
482
AesCbcCryptInit(void ** cryptoCtx,const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const bool encrypt)483 static int32_t AesCbcCryptInit(void **cryptoCtx, const struct HksBlob *key,
484 const struct HksUsageSpec *usageSpec, const bool encrypt)
485 {
486 switch (usageSpec->padding) {
487 #ifdef HKS_SUPPORT_AES_CBC_NOPADDING
488 case HKS_PADDING_NONE:
489 return AesCbcNoPaddingCryptInit(cryptoCtx, key, usageSpec, encrypt);
490 #endif
491 #ifdef HKS_SUPPORT_AES_CBC_PKCS7
492 case HKS_PADDING_PKCS7:
493 return AesCbcPkcs7CryptInit(cryptoCtx, key, usageSpec, encrypt);
494 #endif
495 default:
496 HKS_LOG_E("Unsupport padding! mode = 0x%" LOG_PUBLIC "X", usageSpec->padding);
497 return HKS_ERROR_INVALID_PADDING;
498 }
499 }
500
AesCbcCryptUpdate(void * cryptoCtx,const uint8_t padding,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)501 static int32_t AesCbcCryptUpdate(void *cryptoCtx, const uint8_t padding,
502 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
503 {
504 switch (padding) {
505 #ifdef HKS_SUPPORT_AES_CBC_NOPADDING
506 case HKS_PADDING_NONE:
507 return AesCbcNoPaddingCryptUpdate(cryptoCtx, message, encrypt, cipherText);
508 #endif
509 #ifdef HKS_SUPPORT_AES_CBC_PKCS7
510 case HKS_PADDING_PKCS7:
511 return AesCbcPkcs7CryptUpdate(cryptoCtx, message, cipherText);
512 #endif
513 default:
514 HKS_LOG_E("Unsupport padding! mode = 0x%" LOG_PUBLIC "X", padding);
515 return HKS_ERROR_INVALID_PADDING;
516 }
517 }
518
AesCbcCryptFinal(void ** cryptoCtx,const uint8_t padding,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)519 static int32_t AesCbcCryptFinal(void **cryptoCtx, const uint8_t padding,
520 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
521 {
522 switch (padding) {
523 #ifdef HKS_SUPPORT_AES_CBC_NOPADDING
524 case HKS_PADDING_NONE:
525 return AesCbcNoPaddingCryptFinal(cryptoCtx, message, encrypt, cipherText);
526 #endif
527 #ifdef HKS_SUPPORT_AES_CBC_PKCS7
528 case HKS_PADDING_PKCS7:
529 return AesCbcPkcs7CryptFinal(cryptoCtx, message, cipherText);
530 #endif
531 default:
532 HKS_LOG_E("Unsupport padding! mode = 0x%" LOG_PUBLIC "X", padding);
533 return HKS_ERROR_INVALID_PADDING;
534 }
535 }
536 #endif /* HKS_SUPPORT_AES_CBC_NOPADDING or HKS_SUPPORT_AES_CBC_PKCS7 */
537
538 #ifdef HKS_SUPPORT_AES_GCM
AesEncryptGcm(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)539 static int32_t AesEncryptGcm(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
540 const struct HksBlob *message, struct HksBlob *cipherText, struct HksBlob *tagAead)
541 {
542 mbedtls_gcm_context ctx;
543 mbedtls_gcm_init(&ctx);
544
545 int32_t ret;
546 do {
547 ret = mbedtls_gcm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key->data, key->size * HKS_BITS_PER_BYTE);
548 if (ret != HKS_MBEDTLS_SUCCESS) {
549 HKS_LOG_E("Mbedtls aes gcm set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
550 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
551 break;
552 }
553
554 const struct HksAeadParam *aeadParam = (struct HksAeadParam *)(usageSpec->algParam);
555 ret = mbedtls_gcm_crypt_and_tag(&ctx,
556 MBEDTLS_GCM_ENCRYPT,
557 message->size,
558 aeadParam->nonce.data,
559 aeadParam->nonce.size,
560 aeadParam->aad.data,
561 aeadParam->aad.size,
562 message->data,
563 cipherText->data,
564 tagAead->size,
565 tagAead->data);
566 if (ret != HKS_MBEDTLS_SUCCESS) {
567 HKS_LOG_E("Mbedtls aes gcm encryot failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
568 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
569 (void)memset_s(tagAead->data, tagAead->size, 0, tagAead->size);
570 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
571 break;
572 }
573 cipherText->size = message->size;
574 } while (0);
575
576 mbedtls_gcm_free(&ctx);
577 return ret;
578 }
579
AesEncryptGcmInit(void ** cryptoCtx,const struct HksUsageSpec * usageSpec,const struct HksBlob * key)580 static int32_t AesEncryptGcmInit(void **cryptoCtx, const struct HksUsageSpec *usageSpec, const struct HksBlob *key)
581 {
582 mbedtls_gcm_context *gcmCtx = (mbedtls_gcm_context *)HksMalloc(sizeof(mbedtls_gcm_context));
583 HKS_IF_NULL_LOGE_RETURN(gcmCtx, HKS_ERROR_MALLOC_FAIL, "Gcm gcmCtx malloc fail")
584
585 mbedtls_gcm_init(gcmCtx);
586
587 int32_t ret = mbedtls_gcm_setkey(gcmCtx, MBEDTLS_CIPHER_ID_AES, key->data, key->size * HKS_BITS_PER_BYTE);
588 if (ret != HKS_MBEDTLS_SUCCESS) {
589 HKS_LOG_E("Mbedtls aes gcm set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
590 mbedtls_gcm_free(gcmCtx);
591 HKS_FREE(gcmCtx);
592 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
593 }
594
595 const struct HksAeadParam *aeadParam = (struct HksAeadParam *)(usageSpec->algParam);
596 #ifdef USE_HISI_MBED
597 ret = mbedtls_gcm_starts(gcmCtx, MBEDTLS_GCM_ENCRYPT, aeadParam->nonce.data,
598 aeadParam->nonce.size, aeadParam->aad.data, aeadParam->aad.size);
599 #else
600 ret = mbedtls_gcm_starts(gcmCtx, MBEDTLS_GCM_ENCRYPT, aeadParam->nonce.data,
601 aeadParam->nonce.size);
602 #endif
603 if (ret != HKS_MBEDTLS_SUCCESS) {
604 HKS_LOG_E("Mbedtls aes gcm start failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
605 mbedtls_gcm_free(gcmCtx);
606 HKS_FREE(gcmCtx);
607 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
608 }
609
610 struct HksMbedtlsAesCtx *outCtx = (struct HksMbedtlsAesCtx *)HksMalloc(sizeof(struct HksMbedtlsAesCtx));
611 if (outCtx == NULL) {
612 HKS_LOG_E("initialize outCtx fail");
613 mbedtls_gcm_free(gcmCtx);
614 HKS_FREE(gcmCtx);
615 return HKS_ERROR_MALLOC_FAIL;
616 }
617
618 outCtx->mode = usageSpec->mode;
619 outCtx->append = (void *)gcmCtx;
620 *cryptoCtx = (void *)outCtx;
621
622 return ret;
623 }
624
MbedtlsGcmUpdate(mbedtls_gcm_context * gcmCtx,const struct HksBlob * message,struct HksBlob * cipherText,bool isEncrypt)625 static int32_t MbedtlsGcmUpdate(mbedtls_gcm_context *gcmCtx, const struct HksBlob *message,
626 struct HksBlob *cipherText, bool isEncrypt)
627 {
628 int32_t ret;
629 #ifdef USE_HISI_MBED
630 ret = mbedtls_gcm_update(gcmCtx, message->size, message->data, cipherText->data);
631 #else
632 size_t size = 0;
633 ret = mbedtls_gcm_update(gcmCtx, message->data, message->size, cipherText->data, cipherText->size, &size);
634 #endif
635 if (ret != HKS_MBEDTLS_SUCCESS) {
636 if (isEncrypt) {
637 HKS_LOG_E("Mbedtls aes gcm encrypt update failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
638 } else {
639 HKS_LOG_E("Mbedtls aes gcm decrypt update failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
640 }
641 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
642 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
643 }
644 return ret;
645 }
646
MbedtlsGcmFinish(mbedtls_gcm_context * gcmCtx,uint8_t * tagAeadData,uint32_t tagAeadSize,bool isEncrypt)647 static int32_t MbedtlsGcmFinish(mbedtls_gcm_context *gcmCtx, uint8_t *tagAeadData, uint32_t tagAeadSize, bool isEncrypt)
648 {
649 int32_t ret;
650 #ifdef USE_HISI_MBED
651 ret = mbedtls_gcm_finish(gcmCtx, tagAeadData, tagAeadSize);
652 #else
653 size_t size = 0;
654 ret = mbedtls_gcm_finish(gcmCtx, tagAeadData, tagAeadSize, &size, tagAeadData, tagAeadSize);
655 #endif
656 if (ret != HKS_MBEDTLS_SUCCESS) {
657 if (isEncrypt) {
658 HKS_LOG_E("Mbedtls aes gcm encrypt update failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
659 } else {
660 HKS_LOG_E("Mbedtls aes gcm decrypt update failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
661 }
662 (void)memset_s(tagAeadData, tagAeadSize, 0, tagAeadSize);
663 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
664 }
665 return ret;
666 }
667
AesEncryptGcmUpdate(void * cryptoCtx,const uint8_t padding,const struct HksBlob * message,struct HksBlob * cipherText)668 static int32_t AesEncryptGcmUpdate(void *cryptoCtx, const uint8_t padding, const struct HksBlob *message,
669 struct HksBlob *cipherText)
670 {
671 (void)padding;
672
673 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)cryptoCtx;
674 mbedtls_gcm_context *gcmCtx = (mbedtls_gcm_context *)aesCtx->append;
675 HKS_IF_NULL_LOGE_RETURN(gcmCtx, HKS_ERROR_NULL_POINTER, "GcmUpdate gcmCtx is null")
676
677 int32_t ret = MbedtlsGcmUpdate(gcmCtx, message, cipherText, true);
678 if (ret == HKS_MBEDTLS_SUCCESS) {
679 cipherText->size = message->size;
680 }
681 return ret;
682 }
683
AesEncryptGcmFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)684 static int32_t AesEncryptGcmFinal(void **cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText,
685 struct HksBlob *tagAead)
686 {
687 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)*cryptoCtx;
688 mbedtls_gcm_context *gcmCtx = (mbedtls_gcm_context *)aesCtx->append;
689 if (gcmCtx == NULL) {
690 HKS_LOG_E("GcmFinal gcmCtx is null");
691 HKS_FREE(*cryptoCtx);
692 return HKS_ERROR_NULL_POINTER;
693 }
694
695 int32_t ret;
696 do {
697 if (message->size != 0) {
698 ret = MbedtlsGcmUpdate(gcmCtx, message, cipherText, true);
699 if (ret != HKS_MBEDTLS_SUCCESS) {
700 break;
701 }
702 }
703 cipherText->size = message->size;
704 ret = MbedtlsGcmFinish(gcmCtx, tagAead->data, tagAead->size, true);
705 if (ret != HKS_MBEDTLS_SUCCESS) {
706 break;
707 }
708 } while (0);
709
710 mbedtls_gcm_free(gcmCtx);
711 HKS_FREE(aesCtx->append);
712 HKS_FREE(*cryptoCtx);
713 return ret;
714 }
715
AesDecryptGcm(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText)716 static int32_t AesDecryptGcm(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
717 const struct HksBlob *message, struct HksBlob *cipherText)
718 {
719 mbedtls_gcm_context ctx;
720 (void)memset_s(&ctx, sizeof(mbedtls_gcm_context), 0, sizeof(mbedtls_gcm_context));
721 mbedtls_gcm_init(&ctx);
722
723 int32_t ret;
724 do {
725 ret = mbedtls_gcm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key->data, key->size * HKS_BITS_PER_BYTE);
726 if (ret != HKS_MBEDTLS_SUCCESS) {
727 HKS_LOG_E("Mbedtls aes gcm set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
728 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
729 break;
730 }
731
732 const struct HksAeadParam *aeadParam = (struct HksAeadParam *)(usageSpec->algParam);
733 ret = mbedtls_gcm_auth_decrypt(&ctx,
734 message->size,
735 aeadParam->nonce.data,
736 aeadParam->nonce.size,
737 aeadParam->aad.data,
738 aeadParam->aad.size,
739 aeadParam->tagDec.data,
740 aeadParam->tagDec.size,
741 message->data,
742 cipherText->data);
743 if (ret != HKS_MBEDTLS_SUCCESS) {
744 HKS_LOG_E("Mbedtls aes gcm decrypt failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
745 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
746 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
747 break;
748 }
749 cipherText->size = message->size;
750 } while (0);
751
752 mbedtls_gcm_free(&ctx);
753 return ret;
754 }
755
AesDecryptGcmInit(void ** cryptoCtx,const struct HksBlob * key,const struct HksUsageSpec * usageSpec)756 static int32_t AesDecryptGcmInit(void **cryptoCtx, const struct HksBlob *key, const struct HksUsageSpec *usageSpec)
757 {
758 mbedtls_gcm_context *gcmCtx = (mbedtls_gcm_context*)HksMalloc(sizeof(mbedtls_gcm_context));
759 HKS_IF_NULL_LOGE_RETURN(gcmCtx, HKS_ERROR_MALLOC_FAIL, "Decrtyt Gcm gcmCtx malloc fail")
760
761 mbedtls_gcm_init(gcmCtx);
762
763 int32_t ret = mbedtls_gcm_setkey(gcmCtx, MBEDTLS_CIPHER_ID_AES, key->data, key->size * HKS_BITS_PER_BYTE);
764 if (ret != HKS_MBEDTLS_SUCCESS) {
765 HKS_LOG_E("Mbedtls aes gcm set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
766 mbedtls_gcm_free(gcmCtx);
767 HKS_FREE(gcmCtx);
768 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
769 }
770
771 const struct HksAeadParam *aeadParam = (struct HksAeadParam *)(usageSpec->algParam);
772 #ifdef USE_HISI_MBED
773 ret = mbedtls_gcm_starts(gcmCtx, MBEDTLS_GCM_DECRYPT, aeadParam->nonce.data,
774 aeadParam->nonce.size, aeadParam->aad.data, aeadParam->aad.size);
775 #else
776 ret = mbedtls_gcm_starts(gcmCtx, MBEDTLS_GCM_DECRYPT, aeadParam->nonce.data,
777 aeadParam->nonce.size);
778 #endif
779 if (ret != HKS_MBEDTLS_SUCCESS) {
780 HKS_LOG_E("Mbedtls aes gcm start failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
781 mbedtls_gcm_free(gcmCtx);
782 HKS_FREE(gcmCtx);
783 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
784 }
785
786 struct HksMbedtlsAesCtx *outCtx = (struct HksMbedtlsAesCtx *)HksMalloc(sizeof(struct HksMbedtlsAesCtx));
787 if (outCtx == NULL) {
788 mbedtls_gcm_free(gcmCtx);
789 HKS_FREE(gcmCtx);
790 return HKS_ERROR_MALLOC_FAIL;
791 }
792
793 outCtx->mode = usageSpec->mode;
794 outCtx->append = (void *)gcmCtx;
795 *cryptoCtx = (void *)outCtx;
796
797 return ret;
798 }
799
AesDecryptGcmUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)800 static int32_t AesDecryptGcmUpdate(void *cryptoCtx,
801 const struct HksBlob *message, struct HksBlob *cipherText)
802 {
803 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)cryptoCtx;
804 mbedtls_gcm_context *gcmCtx = (mbedtls_gcm_context *)aesCtx->append;
805 HKS_IF_NULL_LOGE_RETURN(gcmCtx, HKS_FAILURE, "GcmUpdate gcmCtx is null")
806
807 int32_t ret = MbedtlsGcmUpdate(gcmCtx, message, cipherText, false);
808 if (ret == HKS_MBEDTLS_SUCCESS) {
809 cipherText->size = message->size;
810 }
811
812 return ret;
813 }
814
AesDecryptGcmFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)815 static int32_t AesDecryptGcmFinal(void **cryptoCtx, const struct HksBlob *message,
816 struct HksBlob *cipherText, struct HksBlob *tagAead)
817 {
818 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)*cryptoCtx;
819 mbedtls_gcm_context *gcmCtx = (mbedtls_gcm_context *)aesCtx->append;
820 if (gcmCtx == NULL) {
821 HKS_LOG_E("GcmFinal gcmCtx is null");
822 HKS_FREE(*cryptoCtx);
823 return HKS_FAILURE;
824 }
825
826 int32_t ret;
827 do {
828 if (message->size != 0) {
829 ret = MbedtlsGcmUpdate(gcmCtx, message, cipherText, false);
830 if (ret != HKS_MBEDTLS_SUCCESS) {
831 break;
832 }
833 }
834 cipherText->size = message->size;
835
836 uint8_t check_tag[16];
837 ret = MbedtlsGcmFinish(gcmCtx, check_tag, tagAead->size, false);
838 if (ret != HKS_MBEDTLS_SUCCESS) {
839 break;
840 }
841
842 uint8_t diff;
843 size_t i;
844 /* Check tag in "constant-time" */
845 for (diff = 0, i = 0; i < tagAead->size; i++) {
846 diff |= tagAead->data[i] ^ check_tag[i];
847 }
848
849 if (diff != 0) {
850 mbedtls_platform_zeroize(cipherText->data, message->size);
851 HKS_LOG_E("gcm auth failed!");
852 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
853 break;
854 }
855 } while (0);
856
857 mbedtls_gcm_free(gcmCtx);
858 HKS_FREE(aesCtx->append);
859 HKS_FREE(*cryptoCtx);
860
861 return ret;
862 }
863 #endif /* HKS_SUPPORT_AES_GCM */
864
865 #ifdef HKS_SUPPORT_AES_CCM
AesEncryptCcm(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)866 static int32_t AesEncryptCcm(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
867 const struct HksBlob *message, struct HksBlob *cipherText, struct HksBlob *tagAead)
868 {
869 mbedtls_ccm_context ctx;
870 (void)memset_s(&ctx, sizeof(mbedtls_ccm_context), 0, sizeof(mbedtls_ccm_context));
871 mbedtls_ccm_init(&ctx);
872
873 int32_t ret;
874 do {
875 ret = mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key->data, key->size * HKS_BITS_PER_BYTE);
876 if (ret != HKS_MBEDTLS_SUCCESS) {
877 HKS_LOG_E("Mbedtls aes ccm set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
878 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
879 break;
880 }
881
882 const struct HksAeadParam *aeadParam = (struct HksAeadParam *)(usageSpec->algParam);
883 ret = mbedtls_ccm_encrypt_and_tag(&ctx,
884 message->size,
885 aeadParam->nonce.data,
886 aeadParam->nonce.size,
887 aeadParam->aad.data,
888 aeadParam->aad.size,
889 message->data,
890 cipherText->data,
891 tagAead->data,
892 tagAead->size);
893 if (ret != HKS_MBEDTLS_SUCCESS) {
894 HKS_LOG_E("Mbedtls aes ccm encrypt failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
895 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
896 (void)memset_s(tagAead->data, tagAead->size, 0, tagAead->size);
897 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
898 break;
899 }
900 cipherText->size = message->size;
901 } while (0);
902
903 mbedtls_ccm_free(&ctx);
904 return ret;
905 }
906
AesDecryptCcm(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText)907 static int32_t AesDecryptCcm(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
908 const struct HksBlob *message, struct HksBlob *cipherText)
909 {
910 mbedtls_ccm_context ctx;
911 (void)memset_s(&ctx, sizeof(mbedtls_ccm_context), 0, sizeof(mbedtls_ccm_context));
912 mbedtls_ccm_init(&ctx);
913
914 int32_t ret;
915 do {
916 ret = mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key->data, key->size * HKS_BITS_PER_BYTE);
917 if (ret != HKS_MBEDTLS_SUCCESS) {
918 HKS_LOG_E("Mbedtls aes ccm set key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
919 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
920 break;
921 }
922
923 const struct HksAeadParam *aeadParam = (struct HksAeadParam *)(usageSpec->algParam);
924 ret = mbedtls_ccm_auth_decrypt(&ctx,
925 message->size,
926 aeadParam->nonce.data,
927 aeadParam->nonce.size,
928 aeadParam->aad.data,
929 aeadParam->aad.size,
930 message->data,
931 cipherText->data,
932 aeadParam->tagDec.data,
933 aeadParam->tagDec.size);
934 if (ret != HKS_MBEDTLS_SUCCESS) {
935 HKS_LOG_E("Mbedtls aes ccm decrypt failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
936 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
937 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
938 break;
939 }
940 cipherText->size = message->size;
941 } while (0);
942
943 mbedtls_ccm_free(&ctx);
944 return ret;
945 }
946 #endif /* HKS_SUPPORT_AES_CCM */
947
948 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
AesCtrCrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)949 static int32_t AesCtrCrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
950 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
951 {
952 const struct HksCipherParam *cipherParam = (struct HksCipherParam *)(usageSpec->algParam);
953 mbedtls_cipher_context_t ctx;
954 (void)memset_s(&ctx, sizeof(mbedtls_cipher_context_t), 0, sizeof(mbedtls_cipher_context_t));
955 mbedtls_cipher_init(&ctx);
956
957 int32_t ret;
958 do {
959 const mbedtls_cipher_info_t *info =
960 mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, key->size * HKS_BITS_PER_BYTE, MBEDTLS_MODE_CTR);
961 if (info == NULL) {
962 HKS_LOG_E("get cipher info from values failed!");
963 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
964 break;
965 }
966 ret = mbedtls_cipher_setup(&ctx, info);
967 if (ret != HKS_MBEDTLS_SUCCESS) {
968 HKS_LOG_E("Mbedtls failed ret = %" LOG_PUBLIC "d", ret);
969 break;
970 }
971
972 ret = mbedtls_cipher_setkey(
973 &ctx, key->data, key->size * HKS_BITS_PER_BYTE, encrypt ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT);
974 if (ret != HKS_MBEDTLS_SUCCESS) {
975 HKS_LOG_E("Mbedtls failed ret = %" LOG_PUBLIC "d", ret);
976 break;
977 }
978
979 size_t outLen;
980 ret = mbedtls_cipher_crypt(
981 &ctx, cipherParam->iv.data, cipherParam->iv.size, message->data, message->size, cipherText->data, &outLen);
982 if (ret != HKS_MBEDTLS_SUCCESS) {
983 HKS_LOG_E("Mbedtls failed ret = 0x%" LOG_PUBLIC "X", ret);
984 break;
985 }
986 cipherText->size = outLen;
987
988 mbedtls_cipher_free(&ctx);
989 return HKS_SUCCESS;
990 } while (0);
991
992 mbedtls_cipher_free(&ctx);
993 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
994 }
995
AesCtrCryptInitParam(const struct HksBlob * key,mbedtls_cipher_context_t * ctrCtx,const bool encrypt)996 static int32_t AesCtrCryptInitParam(const struct HksBlob *key, mbedtls_cipher_context_t *ctrCtx,
997 const bool encrypt)
998 {
999 int32_t ret;
1000 const mbedtls_cipher_info_t *info =
1001 mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, key->size * HKS_BITS_PER_BYTE, MBEDTLS_MODE_CTR);
1002 if (info == NULL) {
1003 HKS_LOG_E("get cipher info from values failed!");
1004 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1005 }
1006 ret = mbedtls_cipher_setup(ctrCtx, info);
1007 if (ret != HKS_MBEDTLS_SUCCESS) {
1008 HKS_LOG_E("Mbedtls failed ret = %" LOG_PUBLIC "d", ret);
1009 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1010 }
1011
1012 ret = mbedtls_cipher_setkey(
1013 ctrCtx, key->data, key->size * HKS_BITS_PER_BYTE, encrypt ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT);
1014 if (ret != HKS_MBEDTLS_SUCCESS) {
1015 HKS_LOG_E("Mbedtls failed ret = %" LOG_PUBLIC "d", ret);
1016 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1017 }
1018 return HKS_SUCCESS;
1019 }
1020
AesCtrCryptInit(void ** cryptoCtx,const struct HksUsageSpec * usageSpec,const struct HksBlob * key,const bool encrypt)1021 static int32_t AesCtrCryptInit(void **cryptoCtx, const struct HksUsageSpec *usageSpec,
1022 const struct HksBlob *key, const bool encrypt)
1023 {
1024 mbedtls_cipher_context_t *ctrCtx = (mbedtls_cipher_context_t *)HksMalloc(sizeof(mbedtls_cipher_context_t));
1025 HKS_IF_NULL_LOGE_RETURN(ctrCtx, HKS_ERROR_MALLOC_FAIL, "Ctr ctrCtx malloc fail")
1026
1027 mbedtls_cipher_init(ctrCtx);
1028
1029 int32_t ret;
1030 ret = AesCtrCryptInitParam(key, ctrCtx, encrypt);
1031 if (ret != HKS_SUCCESS) {
1032 HKS_LOG_E("AesCtrCryptInitParam failed ret = 0x%" LOG_PUBLIC "X", ret);
1033 mbedtls_cipher_free(ctrCtx);
1034 HKS_FREE(ctrCtx);
1035 return ret;
1036 }
1037
1038 const struct HksCipherParam *cipherParam = (struct HksCipherParam *)(usageSpec->algParam);
1039 if (cipherParam == NULL) {
1040 HKS_LOG_E("Gcm cipherParam is null");
1041 mbedtls_cipher_free(ctrCtx);
1042 HKS_FREE(ctrCtx);
1043 return HKS_FAILURE;
1044 }
1045
1046 ret = mbedtls_cipher_set_iv(ctrCtx, cipherParam->iv.data, cipherParam->iv.size);
1047 if (ret != HKS_SUCCESS) {
1048 HKS_LOG_E("Mbedtls cbc pkcs7 set iv failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
1049 mbedtls_cipher_free(ctrCtx);
1050 HKS_FREE(ctrCtx);
1051 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1052 }
1053 ret = mbedtls_cipher_reset(ctrCtx);
1054 if (ret != HKS_SUCCESS) {
1055 HKS_LOG_E("Mbedtls cbc pkcs7 reset failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
1056 mbedtls_cipher_free(ctrCtx);
1057 HKS_FREE(ctrCtx);
1058 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1059 }
1060
1061 struct HksMbedtlsAesCtx *outCtx = (struct HksMbedtlsAesCtx *)HksMalloc(sizeof(HksMbedtlsAesCtx));
1062 if (outCtx == NULL) {
1063 mbedtls_cipher_free(ctrCtx);
1064 HKS_FREE(ctrCtx);
1065 return HKS_ERROR_MALLOC_FAIL;
1066 }
1067
1068 outCtx->mode = usageSpec->mode;
1069 outCtx->padding = usageSpec->padding;
1070 outCtx->append = (void *)ctrCtx;
1071
1072 *cryptoCtx = (void *)outCtx;
1073 return ret;
1074 }
1075
AesCtrCryptUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)1076 static int32_t AesCtrCryptUpdate(void *cryptoCtx,
1077 const struct HksBlob *message, struct HksBlob *cipherText)
1078 {
1079 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)cryptoCtx;
1080 mbedtls_cipher_context_t *ctrCtx = (mbedtls_cipher_context_t *)aesCtx->append;
1081 HKS_IF_NULL_LOGE_RETURN(ctrCtx, HKS_FAILURE, "CtrUpdate ctrCtx is null")
1082
1083 size_t olen;
1084 int32_t ret = mbedtls_cipher_update(ctrCtx, message->data, message->size, cipherText->data, &olen);
1085 if (ret != HKS_MBEDTLS_SUCCESS) {
1086 HKS_LOG_E("Mbedtls cipher update failed ret = 0x%" LOG_PUBLIC "X", ret);
1087 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1088 }
1089
1090 cipherText->size = olen;
1091 return ret;
1092 }
1093
AesCtrCryptFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)1094 static int32_t AesCtrCryptFinal(void **cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText)
1095 {
1096 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)*cryptoCtx;
1097 mbedtls_cipher_context_t *ctrCtx = (mbedtls_cipher_context_t *)aesCtx->append;
1098 if (ctrCtx == NULL) {
1099 HKS_LOG_E("CtrFinal ctrCtx is null");
1100 HKS_FREE(*cryptoCtx);
1101 return HKS_FAILURE;
1102 }
1103
1104 int32_t ret;
1105 do {
1106 size_t olen = (size_t)cipherText->size;
1107 if (message->size != 0) {
1108 ret = mbedtls_cipher_update(ctrCtx, message->data, message->size, cipherText->data, &olen);
1109 if (ret != HKS_MBEDTLS_SUCCESS) {
1110 HKS_LOG_E("Mbedtls cipher update failed ret = 0x%" LOG_PUBLIC "X", ret);
1111 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
1112 break;
1113 }
1114 }
1115
1116 size_t finish_olen;
1117 ret = mbedtls_cipher_finish(ctrCtx, cipherText->data + olen, &finish_olen);
1118 if (ret != HKS_MBEDTLS_SUCCESS) {
1119 HKS_LOG_E("Mbedtls cipher update failed ret = 0x%" LOG_PUBLIC "X", ret);
1120 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
1121 break;
1122 } else {
1123 cipherText->size = (uint32_t)(olen + finish_olen);
1124 }
1125 } while (0);
1126
1127 mbedtls_cipher_free(ctrCtx);
1128 HKS_FREE(aesCtx->append);
1129 HKS_FREE(*cryptoCtx);
1130 return ret;
1131 }
1132 #endif
1133
1134 #ifdef HKS_SUPPORT_AES_ECB_NOPADDING
AesEcbNoPaddingCrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)1135 static int32_t AesEcbNoPaddingCrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
1136 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
1137 {
1138 (void)usageSpec;
1139 mbedtls_cipher_context_t ctx;
1140 (void)memset_s(&ctx, sizeof(mbedtls_cipher_context_t), 0, sizeof(mbedtls_cipher_context_t));
1141 mbedtls_cipher_init(&ctx);
1142
1143 int32_t ret;
1144 do {
1145 const mbedtls_cipher_info_t *info =
1146 mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, key->size * HKS_BITS_PER_BYTE, MBEDTLS_MODE_ECB);
1147 if (info == NULL) {
1148 HKS_LOG_E("get cipher info from values failed!");
1149 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
1150 break;
1151 }
1152 ret = mbedtls_cipher_setup(&ctx, info);
1153 if (ret != HKS_MBEDTLS_SUCCESS) {
1154 HKS_LOG_E("Mbedtls failed ret = %" LOG_PUBLIC "d", ret);
1155 break;
1156 }
1157
1158 ret = mbedtls_cipher_setkey(
1159 &ctx, key->data, key->size * HKS_BITS_PER_BYTE, encrypt ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT);
1160 if (ret != HKS_MBEDTLS_SUCCESS) {
1161 HKS_LOG_E("Mbedtls failed ret = %" LOG_PUBLIC "d", ret);
1162 break;
1163 }
1164
1165 size_t outLen;
1166 ret = mbedtls_cipher_crypt(&ctx, NULL, 0, message->data, message->size, cipherText->data, &outLen);
1167 if (ret != HKS_MBEDTLS_SUCCESS) {
1168 HKS_LOG_E("Mbedtls failed ret = 0x%" LOG_PUBLIC "X", ret);
1169 break;
1170 }
1171 cipherText->size = outLen;
1172
1173 mbedtls_cipher_free(&ctx);
1174 return HKS_SUCCESS;
1175 } while (0);
1176
1177 mbedtls_cipher_free(&ctx);
1178 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1179 }
1180
AesEcbNoPaddingCryptInitParam(const struct HksBlob * key,mbedtls_cipher_context_t * ecbCtx,const bool encrypt)1181 static int32_t AesEcbNoPaddingCryptInitParam(const struct HksBlob *key, mbedtls_cipher_context_t *ecbCtx,
1182 const bool encrypt)
1183 {
1184 const mbedtls_cipher_info_t *info =
1185 mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, key->size * HKS_BITS_PER_BYTE, MBEDTLS_MODE_ECB);
1186 if (info == NULL) {
1187 HKS_LOG_E("get cipher info from values failed!");
1188 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1189 }
1190 int32_t ret = mbedtls_cipher_setup(ecbCtx, info);
1191 if (ret != HKS_MBEDTLS_SUCCESS) {
1192 HKS_LOG_E("Mbedtls cipher setup failed ret = %" LOG_PUBLIC "d", ret);
1193 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1194 }
1195
1196 ret = mbedtls_cipher_setkey(
1197 ecbCtx, key->data, key->size * HKS_BITS_PER_BYTE, encrypt ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT);
1198 if (ret != HKS_MBEDTLS_SUCCESS) {
1199 HKS_LOG_E("Mbedtls setkey failed ret = %" LOG_PUBLIC "d", ret);
1200 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1201 }
1202
1203 ret = mbedtls_cipher_set_iv(ecbCtx, NULL, 0);
1204 if (ret != HKS_MBEDTLS_SUCCESS) {
1205 HKS_LOG_E("Mbedtls set iv failed ret = %" LOG_PUBLIC "d", ret);
1206 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1207 }
1208 return HKS_SUCCESS;
1209 }
1210
AesEcbNoPaddingCryptInit(void ** cryptoCtx,const struct HksUsageSpec * usageSpec,const struct HksBlob * key,const bool encrypt)1211 static int32_t AesEcbNoPaddingCryptInit(void **cryptoCtx, const struct HksUsageSpec *usageSpec,
1212 const struct HksBlob *key, const bool encrypt)
1213 {
1214 mbedtls_cipher_context_t *ecbCtx = (mbedtls_cipher_context_t *)HksMalloc(sizeof(mbedtls_cipher_context_t));
1215 HKS_IF_NULL_LOGE_RETURN(ecbCtx, HKS_ERROR_MALLOC_FAIL, "Ecb ecbCtx malloc fail")
1216
1217 mbedtls_cipher_init(ecbCtx);
1218
1219 int32_t ret = AesEcbNoPaddingCryptInitParam(key, ecbCtx, encrypt);
1220 if (ret != HKS_SUCCESS) {
1221 HKS_LOG_E("AesEcbNoPaddingCryptInitParam failed ret = %" LOG_PUBLIC "d", ret);
1222 mbedtls_cipher_free(ecbCtx);
1223 HKS_FREE(ecbCtx);
1224 return ret;
1225 }
1226
1227 ret = mbedtls_cipher_reset(ecbCtx);
1228 if (ret != HKS_MBEDTLS_SUCCESS) {
1229 HKS_LOG_E("Mbedtls reset failed ret = %" LOG_PUBLIC "d", ret);
1230 mbedtls_cipher_free(ecbCtx);
1231 HKS_FREE(ecbCtx);
1232 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1233 }
1234
1235 struct HksMbedtlsAesCtx *outCtx = (struct HksMbedtlsAesCtx *)HksMalloc(sizeof(HksMbedtlsAesCtx));
1236 if (outCtx == NULL) {
1237 HKS_LOG_E("initialize outCtx fail");
1238 mbedtls_cipher_free(ecbCtx);
1239 HKS_FREE(ecbCtx);
1240 return HKS_ERROR_MALLOC_FAIL;
1241 }
1242
1243 outCtx->algType = usageSpec->algType;
1244 outCtx->mode = usageSpec->mode;
1245 outCtx->padding = usageSpec->padding;
1246 outCtx->append = (void *)ecbCtx;
1247 *cryptoCtx = (void *)outCtx;
1248
1249 return ret;
1250 }
1251
AesEcbNoPaddingData(mbedtls_cipher_context_t * ecbNoPadingctx,size_t blockSize,const struct HksBlob * message,struct HksBlob * cipherText,size_t * olenTotal)1252 static int32_t AesEcbNoPaddingData(mbedtls_cipher_context_t *ecbNoPadingctx, size_t blockSize,
1253 const struct HksBlob *message, struct HksBlob *cipherText, size_t *olenTotal)
1254 {
1255 int32_t ret;
1256
1257 uint8_t *tmpMessage = (uint8_t *)HksMalloc(blockSize);
1258 HKS_IF_NULL_LOGE_RETURN(tmpMessage, HKS_ERROR_INSUFFICIENT_MEMORY, "EcbNoPaddingUpdate tmpMessage is null")
1259
1260 if (message->size <= blockSize) {
1261 (void)memset_s(tmpMessage, blockSize, 0, blockSize);
1262 (void)memcpy_s(tmpMessage, message->size, message->data, message->size);
1263 ret = mbedtls_cipher_update(ecbNoPadingctx, tmpMessage, blockSize, cipherText->data, olenTotal);
1264 if (ret != HKS_MBEDTLS_SUCCESS) {
1265 HKS_LOG_E("Mbedtls ecb no padding update failed ret = 0x%" LOG_PUBLIC "X", ret);
1266 HKS_FREE(tmpMessage);
1267 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1268 }
1269 } else {
1270 uint32_t point = 0;
1271 while (point < message->size) {
1272 (void)memset_s(tmpMessage, blockSize, 0, blockSize);
1273 uint32_t tmpSize = (message->size - point) >= blockSize ? blockSize : (message->size - point);
1274 if (memcpy_s(tmpMessage, blockSize, message->data + point, tmpSize)) {
1275 HKS_LOG_E("copy data failed");
1276 HKS_FREE(tmpMessage);
1277 return HKS_ERROR_INSUFFICIENT_MEMORY;
1278 }
1279 size_t olen;
1280 ret = mbedtls_cipher_update(ecbNoPadingctx, tmpMessage, tmpSize, cipherText->data + point, &olen);
1281 if (ret != HKS_MBEDTLS_SUCCESS) {
1282 HKS_LOG_E("Mbedtls ecb no padding update failed ret = 0x%" LOG_PUBLIC "X", ret);
1283 HKS_FREE(tmpMessage);
1284 return HKS_ERROR_CRYPTO_ENGINE_ERROR;
1285 }
1286 *olenTotal += olen;
1287 point += blockSize;
1288 }
1289 }
1290 HKS_FREE(tmpMessage);
1291 return HKS_SUCCESS;
1292 }
1293
GetAesEcbNoPaddingCtx(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,size_t * olenTotal)1294 static mbedtls_cipher_context_t *GetAesEcbNoPaddingCtx(void *cryptoCtx, const struct HksBlob *message,
1295 struct HksBlob *cipherText, size_t *olenTotal)
1296 {
1297 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)cryptoCtx;
1298 mbedtls_cipher_context_t *ecbNoPadingctx = (mbedtls_cipher_context_t *)aesCtx->append;
1299 HKS_IF_NULL_LOGE_RETURN(ecbNoPadingctx, NULL, "EcbNoPaddingUpdate ecbNoPadingctx is null")
1300
1301 int32_t ret = HKS_SUCCESS;
1302 do {
1303 if (message == NULL) {
1304 HKS_LOG_E("The message is null.");
1305 ret = HKS_FAILURE;
1306 break;
1307 }
1308
1309 if (message->size != 0) {
1310 size_t blockSize = mbedtls_cipher_get_block_size(ecbNoPadingctx);
1311 HKS_LOG_E("Ecb No padding update!message.size[%" LOG_PUBLIC "d] blockSize[%" LOG_PUBLIC "d]",
1312 message->size, blockSize);
1313 if (blockSize == 0 || (message->size % blockSize != 0)) {
1314 HKS_LOG_E("The size of message is invalid.");
1315 ret = HKS_ERROR_INVALID_ARGUMENT;
1316 break;
1317 }
1318
1319 ret = AesEcbNoPaddingData(ecbNoPadingctx, blockSize, message, cipherText, olenTotal);
1320 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "AesEcbNoPaddingData failed")
1321 }
1322 } while (0);
1323
1324 HKS_IF_NOT_SUCC_RETURN(ret, NULL)
1325
1326 return ecbNoPadingctx;
1327 }
1328
AesEcbNoPaddingCryptUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)1329 static int32_t AesEcbNoPaddingCryptUpdate(void *cryptoCtx, const struct HksBlob *message,
1330 struct HksBlob *cipherText)
1331 {
1332 size_t olenTotal = 0;
1333 HKS_IF_NULL_RETURN(GetAesEcbNoPaddingCtx(cryptoCtx, message, cipherText, &olenTotal), HKS_ERROR_NULL_POINTER)
1334
1335 cipherText->size = olenTotal;
1336 return HKS_SUCCESS;
1337 }
1338
AesEcbNoPaddingCryptFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)1339 static int32_t AesEcbNoPaddingCryptFinal(void **cryptoCtx, const struct HksBlob *message,
1340 struct HksBlob *cipherText)
1341 {
1342 size_t olenTotal = 0;
1343 mbedtls_cipher_context_t *ecbNoPadingctx = GetAesEcbNoPaddingCtx(*cryptoCtx, message, cipherText, &olenTotal);
1344 if (ecbNoPadingctx == NULL) {
1345 HKS_FREE(*cryptoCtx);
1346 return HKS_ERROR_NULL_POINTER;
1347 }
1348
1349 struct HksMbedtlsAesCtx *aesCtx = (struct HksMbedtlsAesCtx *)*cryptoCtx;
1350 size_t finish_olen;
1351 size_t olen = olenTotal;
1352 int32_t ret = mbedtls_cipher_finish(ecbNoPadingctx, cipherText->data + olen, &finish_olen);
1353 if (ret != HKS_MBEDTLS_SUCCESS) {
1354 HKS_LOG_E("Mbedtls ecb nopadding crypt update failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
1355 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
1356 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
1357 } else {
1358 cipherText->size = olen + finish_olen;
1359 }
1360
1361 mbedtls_cipher_free(ecbNoPadingctx);
1362 HKS_FREE(aesCtx->append);
1363 HKS_FREE(*cryptoCtx);
1364
1365 return ret;
1366 }
1367 #endif
1368
1369 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
AesEcbCrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)1370 static int32_t AesEcbCrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
1371 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
1372 {
1373 switch (usageSpec->padding) {
1374 #ifdef HKS_SUPPORT_AES_ECB_NOPADDING
1375 case HKS_PADDING_NONE:
1376 return AesEcbNoPaddingCrypt(key, usageSpec, message, encrypt, cipherText);
1377 #endif
1378 case HKS_PADDING_PKCS7:
1379 return HKS_ERROR_NOT_SUPPORTED;
1380 default:
1381 HKS_LOG_E("Unsupport padding! mode = 0x%" LOG_PUBLIC "X", usageSpec->padding);
1382 return HKS_ERROR_INVALID_PADDING;
1383 }
1384 }
1385
AesEcbCryptInit(void ** cryptoCtx,const struct HksUsageSpec * usageSpec,const struct HksBlob * key,const bool encrypt)1386 static int32_t AesEcbCryptInit(void **cryptoCtx, const struct HksUsageSpec *usageSpec,
1387 const struct HksBlob *key, const bool encrypt)
1388 {
1389 switch (usageSpec->padding) {
1390 #ifdef HKS_SUPPORT_AES_ECB_NOPADDING
1391 case HKS_PADDING_NONE:
1392 return AesEcbNoPaddingCryptInit(cryptoCtx, usageSpec, key, encrypt);
1393 #endif
1394 case HKS_PADDING_PKCS7:
1395 return HKS_ERROR_NOT_SUPPORTED;
1396 default:
1397 HKS_LOG_E("Unsupport padding! mode = 0x%" LOG_PUBLIC "X", usageSpec->padding);
1398 return HKS_ERROR_INVALID_PADDING;
1399 }
1400 }
1401
AesEcbCryptUpdate(void * cryptoCtx,const uint8_t padding,const struct HksBlob * message,struct HksBlob * cipherText)1402 static int32_t AesEcbCryptUpdate(void *cryptoCtx, const uint8_t padding, const struct HksBlob *message,
1403 struct HksBlob *cipherText)
1404 {
1405 switch (padding) {
1406 #ifdef HKS_SUPPORT_AES_ECB_NOPADDING
1407 case HKS_PADDING_NONE:
1408 return AesEcbNoPaddingCryptUpdate(cryptoCtx, message, cipherText);
1409 #endif
1410 case HKS_PADDING_PKCS7:
1411 return HKS_ERROR_NOT_SUPPORTED;
1412 default:
1413 HKS_LOG_E("Unsupport padding! mode = 0x%" LOG_PUBLIC "X", padding);
1414 return HKS_ERROR_INVALID_PADDING;
1415 }
1416 }
1417
AesEcbCryptFinal(void ** cryptoCtx,const uint8_t padding,const struct HksBlob * message,struct HksBlob * cipherText)1418 static int32_t AesEcbCryptFinal(void **cryptoCtx, const uint8_t padding, const struct HksBlob *message,
1419 struct HksBlob *cipherText)
1420 {
1421 switch (padding) {
1422 #ifdef HKS_SUPPORT_AES_ECB_NOPADDING
1423 case HKS_PADDING_NONE:
1424 return AesEcbNoPaddingCryptFinal(cryptoCtx, message, cipherText);
1425 #endif
1426 case HKS_PADDING_PKCS7:
1427 return HKS_ERROR_NOT_SUPPORTED;
1428 default:
1429 HKS_LOG_E("Unsupport padding! mode = 0x%" LOG_PUBLIC "X", padding);
1430 return HKS_ERROR_INVALID_PADDING;
1431 }
1432 }
1433 #endif
1434
CheckKeySize(const struct HksBlob * key)1435 static int32_t CheckKeySize(const struct HksBlob *key)
1436 {
1437 if ((key->size != HKS_KEY_BYTES(HKS_AES_KEY_SIZE_128)) && (key->size != HKS_KEY_BYTES(HKS_AES_KEY_SIZE_192)) &&
1438 (key->size != HKS_KEY_BYTES(HKS_AES_KEY_SIZE_256))) {
1439 return HKS_ERROR_INVALID_KEY_SIZE;
1440 }
1441
1442 return HKS_SUCCESS;
1443 }
1444
HksMbedtlsAesEncrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)1445 int32_t HksMbedtlsAesEncrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
1446 const struct HksBlob *message, struct HksBlob *cipherText, struct HksBlob *tagAead)
1447 {
1448 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckKeySize(key), HKS_ERROR_INVALID_KEY_SIZE,
1449 "Invalid aes keySiz = 0x%" LOG_PUBLIC "X", key->size)
1450
1451 switch (usageSpec->mode) {
1452 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1453 case HKS_MODE_CBC:
1454 return AesCbcCrypt(key, usageSpec, message, true, cipherText);
1455 #endif
1456 #ifdef HKS_SUPPORT_AES_GCM
1457 case HKS_MODE_GCM:
1458 return AesEncryptGcm(key, usageSpec, message, cipherText, tagAead);
1459 #endif
1460 #ifdef HKS_SUPPORT_AES_CCM
1461 case HKS_MODE_CCM:
1462 return AesEncryptCcm(key, usageSpec, message, cipherText, tagAead);
1463 #endif
1464 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1465 case HKS_MODE_CTR:
1466 return AesCtrCrypt(key, usageSpec, message, true, cipherText);
1467 #endif
1468 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1469 case HKS_MODE_ECB:
1470 return AesEcbCrypt(key, usageSpec, message, true, cipherText);
1471 #endif
1472 default:
1473 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", usageSpec->mode);
1474 return HKS_ERROR_NOT_SUPPORTED;
1475 }
1476 }
1477
HksMbedtlsAesEncryptInit(void ** cryptoCtx,const struct HksBlob * key,const struct HksUsageSpec * usageSpec)1478 int32_t HksMbedtlsAesEncryptInit(void** cryptoCtx, const struct HksBlob *key, const struct HksUsageSpec *usageSpec)
1479 {
1480 if (CheckKeySize(key) != HKS_SUCCESS || cryptoCtx == NULL || usageSpec == NULL) {
1481 HKS_LOG_E("Invalid aes keySiz = 0x%" LOG_PUBLIC "X", key->size);
1482 return HKS_ERROR_INVALID_ARGUMENT;
1483 }
1484
1485 switch (usageSpec->mode) {
1486 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1487 case HKS_MODE_CBC:
1488 return AesCbcCryptInit(cryptoCtx, key, usageSpec, true);
1489 #endif
1490 #ifdef HKS_SUPPORT_AES_GCM
1491 case HKS_MODE_GCM:
1492 return AesEncryptGcmInit(cryptoCtx, usageSpec, key);
1493 #endif
1494 #ifdef HKS_SUPPORT_AES_CCM
1495 case HKS_MODE_CCM:
1496 return HKS_ERROR_INVALID_ARGUMENT;
1497 #endif
1498 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1499 case HKS_MODE_CTR:
1500 return AesCtrCryptInit(cryptoCtx, usageSpec, key, true);
1501 #endif
1502 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1503 case HKS_MODE_ECB:
1504 return AesEcbCryptInit(cryptoCtx, usageSpec, key, true);
1505 #endif
1506 default:
1507 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", usageSpec->mode);
1508 return HKS_ERROR_NOT_SUPPORTED;
1509 }
1510 }
1511
HksMbedtlsAesEncryptUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)1512 int32_t HksMbedtlsAesEncryptUpdate(void *cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText)
1513 {
1514 HKS_IF_NULL_LOGE_RETURN(cryptoCtx, HKS_ERROR_INVALID_ARGUMENT, "Mbedtls AES encrypt update param is null")
1515
1516 struct HksMbedtlsAesCtx *aesEncryptCtx = (struct HksMbedtlsAesCtx *)cryptoCtx;
1517
1518 switch (aesEncryptCtx->mode) {
1519 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1520 case HKS_MODE_CBC:
1521 return AesCbcCryptUpdate(cryptoCtx, aesEncryptCtx->padding, message, true, cipherText);
1522 #endif
1523 #ifdef HKS_SUPPORT_AES_GCM
1524 case HKS_MODE_GCM:
1525 return AesEncryptGcmUpdate(cryptoCtx, aesEncryptCtx->padding, message, cipherText);
1526 #endif
1527 #ifdef HKS_SUPPORT_AES_CCM
1528 case HKS_MODE_CCM:
1529 return HKS_ERROR_INVALID_ARGUMENT;
1530 #endif
1531 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1532 case HKS_MODE_CTR:
1533 return AesCtrCryptUpdate(cryptoCtx, message, cipherText);
1534 #endif
1535 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1536 case HKS_MODE_ECB:
1537 return AesEcbCryptUpdate(cryptoCtx, aesEncryptCtx->padding, message, cipherText);
1538 #endif
1539 default:
1540 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", aesEncryptCtx->mode);
1541 return HKS_ERROR_INVALID_ARGUMENT;
1542 }
1543 }
1544
HksMbedtlsAesEncryptFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)1545 int32_t HksMbedtlsAesEncryptFinal(void** cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText,
1546 struct HksBlob *tagAead)
1547 {
1548 struct HksMbedtlsAesCtx *aesEncryptCtx = (struct HksMbedtlsAesCtx *)*cryptoCtx;
1549
1550 switch (aesEncryptCtx->mode) {
1551 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1552 case HKS_MODE_CBC:
1553 return AesCbcCryptFinal(cryptoCtx, aesEncryptCtx->padding, message, true, cipherText);
1554 #endif
1555 #ifdef HKS_SUPPORT_AES_GCM
1556 case HKS_MODE_GCM:
1557 return AesEncryptGcmFinal(cryptoCtx, message, cipherText, tagAead);
1558 #endif
1559 #ifdef HKS_SUPPORT_AES_CCM
1560 case HKS_MODE_CCM:
1561 return HKS_ERROR_INVALID_ARGUMENT;
1562 #endif
1563 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1564 case HKS_MODE_CTR:
1565 return AesCtrCryptFinal(cryptoCtx, message, cipherText);
1566 #endif
1567 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1568 case HKS_MODE_ECB:
1569 return AesEcbCryptFinal(cryptoCtx, aesEncryptCtx->padding, message, cipherText);
1570 #endif
1571 default:
1572 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", aesEncryptCtx->mode);
1573 return HKS_ERROR_INVALID_ARGUMENT;
1574 }
1575 }
1576
HksMbedtlsAesDecrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText)1577 int32_t HksMbedtlsAesDecrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
1578 const struct HksBlob *message, struct HksBlob *cipherText)
1579 {
1580 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckKeySize(key), HKS_ERROR_INVALID_KEY_SIZE,
1581 "Invalid aes keySize = 0x%" LOG_PUBLIC "X", key->size)
1582
1583 switch (usageSpec->mode) {
1584 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1585 case HKS_MODE_CBC:
1586 return AesCbcCrypt(key, usageSpec, message, false, cipherText);
1587 #endif
1588 #ifdef HKS_SUPPORT_AES_GCM
1589 case HKS_MODE_GCM:
1590 return AesDecryptGcm(key, usageSpec, message, cipherText);
1591 #endif
1592 #ifdef HKS_SUPPORT_AES_CCM
1593 case HKS_MODE_CCM:
1594 return AesDecryptCcm(key, usageSpec, message, cipherText);
1595 #endif
1596 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1597 case HKS_MODE_CTR:
1598 return AesCtrCrypt(key, usageSpec, message, false, cipherText);
1599 #endif
1600 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1601 case HKS_MODE_ECB:
1602 return AesEcbCrypt(key, usageSpec, message, false, cipherText);
1603 #endif
1604 default:
1605 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", usageSpec->mode);
1606 return HKS_ERROR_INVALID_ARGUMENT;
1607 }
1608 }
1609
HksMbedtlsAesDecryptInit(void ** cryptoCtx,const struct HksBlob * key,const struct HksUsageSpec * usageSpec)1610 int32_t HksMbedtlsAesDecryptInit(void **cryptoCtx, const struct HksBlob *key, const struct HksUsageSpec *usageSpec)
1611 {
1612 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckKeySize(key), HKS_ERROR_INVALID_ARGUMENT,
1613 "Invalid aes keySize = 0x%" LOG_PUBLIC "X", key->size)
1614
1615 switch (usageSpec->mode) {
1616 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1617 case HKS_MODE_CBC:
1618 return AesCbcCryptInit(cryptoCtx, key, usageSpec, false);
1619 #endif
1620 #ifdef HKS_SUPPORT_AES_GCM
1621 case HKS_MODE_GCM:
1622 return AesDecryptGcmInit(cryptoCtx, key, usageSpec);
1623 #endif
1624 #ifdef HKS_SUPPORT_AES_CCM
1625 case HKS_MODE_CCM:
1626 return HKS_ERROR_INVALID_ARGUMENT;
1627 #endif
1628 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1629 case HKS_MODE_CTR:
1630 return AesCtrCryptInit(cryptoCtx, usageSpec, key, false);
1631 #endif
1632 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1633 case HKS_MODE_ECB:
1634 return AesEcbCryptInit(cryptoCtx, usageSpec, key, false);
1635 #endif
1636 default:
1637 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", usageSpec->mode);
1638 return HKS_ERROR_INVALID_ARGUMENT;
1639 }
1640 }
1641
HksMbedtlsAesDecryptUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText)1642 int32_t HksMbedtlsAesDecryptUpdate(void *cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText)
1643 {
1644 struct HksMbedtlsAesCtx *aesDecryptCtx = (struct HksMbedtlsAesCtx *)cryptoCtx;
1645 switch (aesDecryptCtx->mode) {
1646 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1647 case HKS_MODE_CBC:
1648 return AesCbcCryptUpdate(cryptoCtx, aesDecryptCtx->padding, message, false, cipherText);
1649 #endif
1650 #ifdef HKS_SUPPORT_AES_GCM
1651 case HKS_MODE_GCM:
1652 return AesDecryptGcmUpdate(cryptoCtx, message, cipherText);
1653 #endif
1654 #ifdef HKS_SUPPORT_AES_CCM
1655 case HKS_MODE_CCM:
1656 return HKS_ERROR_INVALID_ARGUMENT;
1657 #endif
1658 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1659 case HKS_MODE_CTR:
1660 return AesCtrCryptUpdate(cryptoCtx, message, cipherText);
1661 #endif
1662 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1663 case HKS_MODE_ECB:
1664 return AesEcbCryptUpdate(cryptoCtx, aesDecryptCtx->padding, message, cipherText);
1665 #endif
1666 default:
1667 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", aesDecryptCtx->mode);
1668 return HKS_ERROR_INVALID_ARGUMENT;
1669 }
1670 }
1671
HksMbedtlsAesDecryptFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)1672 int32_t HksMbedtlsAesDecryptFinal(void **cryptoCtx, const struct HksBlob *message, struct HksBlob *cipherText,
1673 struct HksBlob *tagAead)
1674 {
1675 struct HksMbedtlsAesCtx *aesDecryptCtx = (struct HksMbedtlsAesCtx *)*cryptoCtx;
1676
1677 switch (aesDecryptCtx->mode) {
1678 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1679 case HKS_MODE_CBC:
1680 return AesCbcCryptFinal(cryptoCtx, aesDecryptCtx->padding, message, false, cipherText);
1681 #endif
1682 #ifdef HKS_SUPPORT_AES_GCM
1683 case HKS_MODE_GCM:
1684 return AesDecryptGcmFinal(cryptoCtx, message, cipherText, tagAead);
1685 #endif
1686 #ifdef HKS_SUPPORT_AES_CCM
1687 case HKS_MODE_CCM:
1688 return HKS_ERROR_INVALID_ARGUMENT;
1689 #endif
1690 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1691 case HKS_MODE_CTR:
1692 return AesCtrCryptFinal(cryptoCtx, message, cipherText);
1693 #endif
1694 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1695 case HKS_MODE_ECB:
1696 return AesEcbCryptFinal(cryptoCtx, aesDecryptCtx->padding, message, cipherText);
1697 #endif
1698 default:
1699 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", aesDecryptCtx->mode);
1700 return HKS_ERROR_INVALID_ARGUMENT;
1701 }
1702 }
1703
HksMbedtlsAesCryptoInit(void ** cryptoCtx,const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const bool encrypt)1704 int32_t HksMbedtlsAesCryptoInit(void **cryptoCtx, const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
1705 const bool encrypt)
1706 {
1707 if (encrypt) {
1708 return HksMbedtlsAesEncryptInit(cryptoCtx, key, usageSpec);
1709 } else {
1710 return HksMbedtlsAesDecryptInit(cryptoCtx, key, usageSpec);
1711 }
1712 }
1713
HksMbedtlsAesCryptoUpdate(void * cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,const bool encrypt)1714 int32_t HksMbedtlsAesCryptoUpdate(void *cryptoCtx, const struct HksBlob *message,
1715 struct HksBlob *cipherText, const bool encrypt)
1716 {
1717 if (encrypt) {
1718 return HksMbedtlsAesEncryptUpdate(cryptoCtx, message, cipherText);
1719 } else {
1720 return HksMbedtlsAesDecryptUpdate(cryptoCtx, message, cipherText);
1721 }
1722 }
1723
HksMbedtlsAesCryptoFinal(void ** cryptoCtx,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead,const bool encrypt)1724 int32_t HksMbedtlsAesCryptoFinal(void **cryptoCtx, const struct HksBlob *message,
1725 struct HksBlob *cipherText, struct HksBlob *tagAead, const bool encrypt)
1726 {
1727 if (encrypt) {
1728 return HksMbedtlsAesEncryptFinal(cryptoCtx, message, cipherText, tagAead);
1729 } else {
1730 return HksMbedtlsAesDecryptFinal(cryptoCtx, message, cipherText, tagAead);
1731 }
1732 }
1733
1734 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
HksMbedtlsAesHalModecbcFreeCtx(void ** cryptCtx)1735 void HksMbedtlsAesHalModecbcFreeCtx(void **cryptCtx)
1736 {
1737 if (cryptCtx == NULL || *cryptCtx == NULL) {
1738 HKS_LOG_E("FreeCtx cryptCtx param is null");
1739 return;
1740 }
1741
1742 struct HksMbedtlsAesCtx *mbedtlsAesCtx = (struct HksMbedtlsAesCtx *)*cryptCtx;
1743 if (mbedtlsAesCtx->padding == HKS_PADDING_NONE) {
1744 if (mbedtlsAesCtx->append != NULL) {
1745 mbedtls_aes_free((mbedtls_aes_context *)(mbedtlsAesCtx->append));
1746 HKS_FREE(mbedtlsAesCtx->append);
1747 }
1748 } else if (mbedtlsAesCtx->padding == HKS_PADDING_PKCS7) {
1749 if (mbedtlsAesCtx->append != NULL) {
1750 mbedtls_cipher_free((mbedtls_cipher_context_t *)mbedtlsAesCtx->append);
1751 HKS_FREE(mbedtlsAesCtx->append);
1752 }
1753 }
1754 }
1755 #endif
1756 #ifdef HKS_SUPPORT_AES_GCM
HksMbedtlsAesHalModegcmFreeCtx(void ** cryptCtx)1757 void HksMbedtlsAesHalModegcmFreeCtx(void **cryptCtx)
1758 {
1759 if (cryptCtx == NULL || *cryptCtx == NULL) {
1760 HKS_LOG_E("FreeCtx cryptCtx param is null");
1761 return;
1762 }
1763
1764 struct HksMbedtlsAesCtx *mbedtlsAesCtx = (struct HksMbedtlsAesCtx *)*cryptCtx;
1765 if (mbedtlsAesCtx->append != NULL) {
1766 mbedtls_gcm_free((mbedtls_gcm_context *)mbedtlsAesCtx->append);
1767 HKS_FREE(mbedtlsAesCtx->append);
1768 }
1769 }
1770 #endif
1771
1772 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
HksMbedtlsAesHalModectrFreeCtx(void ** cryptCtx)1773 void HksMbedtlsAesHalModectrFreeCtx(void **cryptCtx)
1774 {
1775 if (cryptCtx == NULL || *cryptCtx == NULL) {
1776 HKS_LOG_E("FreeCtx cryptCtx param is null");
1777 return;
1778 }
1779
1780 struct HksMbedtlsAesCtx *mbedtlsAesCtx = (struct HksMbedtlsAesCtx *)*cryptCtx;
1781 if (mbedtlsAesCtx->append != NULL) {
1782 mbedtls_cipher_free((mbedtls_cipher_context_t *)mbedtlsAesCtx->append);
1783 HKS_FREE(mbedtlsAesCtx->append);
1784 }
1785 }
1786 #endif
1787
1788 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
HksMbedtlsAesHalModeecbFreeCtx(void ** cryptCtx)1789 void HksMbedtlsAesHalModeecbFreeCtx(void **cryptCtx)
1790 {
1791 if (cryptCtx == NULL || *cryptCtx == NULL) {
1792 HKS_LOG_E("FreeCtx cryptCtx param is null");
1793 return;
1794 }
1795
1796 struct HksMbedtlsAesCtx *mbedtlsAesCtx = (struct HksMbedtlsAesCtx *)*cryptCtx;
1797 if (mbedtlsAesCtx->padding == HKS_PADDING_NONE) {
1798 if (mbedtlsAesCtx->append != NULL) {
1799 mbedtls_cipher_free((mbedtls_cipher_context_t *)mbedtlsAesCtx->append);
1800 HKS_FREE(mbedtlsAesCtx->append);
1801 }
1802 }
1803 }
1804 #endif
1805
HksMbedtlsAesHalFreeCtx(void ** cryptCtx)1806 void HksMbedtlsAesHalFreeCtx(void **cryptCtx)
1807 {
1808 if (cryptCtx == NULL || *cryptCtx == NULL) {
1809 HKS_LOG_E("FreeCtx param context null");
1810 return;
1811 }
1812
1813 struct HksMbedtlsAesCtx *mbedtlsAesCtx = (struct HksMbedtlsAesCtx *)*cryptCtx;
1814 switch (mbedtlsAesCtx->mode) {
1815 #if defined(HKS_SUPPORT_AES_CBC_NOPADDING) || defined(HKS_SUPPORT_AES_CBC_PKCS7)
1816 case HKS_MODE_CBC:
1817 HksMbedtlsAesHalModecbcFreeCtx(cryptCtx);
1818 break;
1819 #endif
1820 #ifdef HKS_SUPPORT_AES_GCM
1821 case HKS_MODE_GCM:
1822 HksMbedtlsAesHalModegcmFreeCtx(cryptCtx);
1823 break;
1824 #endif
1825 #ifdef HKS_SUPPORT_AES_CCM
1826 case HKS_MODE_CCM:
1827 break;
1828 #endif
1829 #ifdef HKS_SUPPORT_AES_CTR_NOPADDING
1830 case HKS_MODE_CTR:
1831 HksMbedtlsAesHalModectrFreeCtx(cryptCtx);
1832 break;
1833 #endif
1834 #if defined(HKS_SUPPORT_AES_ECB_NOPADDING) || defined(HKS_SUPPORT_AES_ECB_PKCS7PADDING)
1835 case HKS_MODE_ECB:
1836 HksMbedtlsAesHalModeecbFreeCtx(cryptCtx);
1837 break;
1838 #endif
1839 default:
1840 HKS_LOG_E("Unsupport key alg! mode = 0x%" LOG_PUBLIC "X", mbedtlsAesCtx->mode);
1841 break;
1842 }
1843
1844 HKS_FREE(*cryptCtx);
1845 }
1846 #endif /* HKS_SUPPORT_AES_C */
1847