1 /*
2 * Copyright (c) 2020-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #include "hks_config.h"
20 #endif
21
22 #ifdef _CUT_AUTHENTICATE_
23 #undef HKS_SUPPORT_RSA_C
24 #endif
25
26 #ifdef HKS_SUPPORT_RSA_C
27
28 #include "hks_mbedtls_rsa.h"
29
30 #include <mbedtls/bignum.h>
31 #include <mbedtls/ctr_drbg.h>
32 #include <mbedtls/entropy.h>
33 #include <mbedtls/rsa.h>
34
35 #include "hks_log.h"
36 #include "hks_mbedtls_common.h"
37 #include "hks_mem.h"
38 #include "hks_template.h"
39
40 #define HKS_RSA_PUBLIC_EXPONENT 65537
41 #define HKS_RSA_KEYPAIR_CNT 3
42 #define MBEDTLS_RSA_PUBLIC 0
43 #define MBEDTLS_RSA_PRIVATE 1
44
RsaCheckKeySize(const uint32_t keySize)45 static int32_t RsaCheckKeySize(const uint32_t keySize)
46 {
47 switch (keySize) {
48 case HKS_RSA_KEY_SIZE_512:
49 case HKS_RSA_KEY_SIZE_768:
50 case HKS_RSA_KEY_SIZE_1024:
51 case HKS_RSA_KEY_SIZE_2048:
52 case HKS_RSA_KEY_SIZE_3072:
53 case HKS_RSA_KEY_SIZE_4096:
54 break;
55 default:
56 HKS_LOG_E("Invalid rsa key size! keySize = 0x%" LOG_PUBLIC "X", keySize);
57 return HKS_ERROR_INVALID_KEY_SIZE;
58 }
59
60 return HKS_SUCCESS;
61 }
62
RsaKeyMaterialNedSizeCheck(const struct KeyMaterialRsa * keyMaterial)63 static int32_t RsaKeyMaterialNedSizeCheck(const struct KeyMaterialRsa *keyMaterial)
64 {
65 const uint32_t maxKeyByteLen = HKS_RSA_KEY_SIZE_4096 / HKS_BITS_PER_BYTE;
66 if ((keyMaterial->nSize > maxKeyByteLen) || (keyMaterial->eSize > maxKeyByteLen) ||
67 (keyMaterial->dSize > maxKeyByteLen)) {
68 HKS_LOG_E("Invalid rsa keyMaterial! nSize = 0x%" LOG_PUBLIC "X, eSize = 0x%" LOG_PUBLIC "X, "
69 "dSize = 0x%" LOG_PUBLIC "X",
70 keyMaterial->nSize,
71 keyMaterial->eSize,
72 keyMaterial->dSize);
73 return HKS_ERROR_INVALID_ARGUMENT;
74 }
75
76 return HKS_SUCCESS;
77 }
78
RsaKeyCheck(const struct HksBlob * key)79 static int32_t RsaKeyCheck(const struct HksBlob *key)
80 {
81 const struct KeyMaterialRsa *keyMaterial = (struct KeyMaterialRsa *)(key->data);
82
83 int32_t ret = RsaCheckKeySize(keyMaterial->keySize);
84 HKS_IF_NOT_SUCC_RETURN(ret, ret)
85
86 ret = RsaKeyMaterialNedSizeCheck(keyMaterial);
87 HKS_IF_NOT_SUCC_RETURN(ret, ret)
88
89 if (key->size < (sizeof(struct KeyMaterialRsa) + keyMaterial->nSize + keyMaterial->eSize + keyMaterial->dSize)) {
90 HKS_LOG_E("Rsa key size too small! key size = 0x%" LOG_PUBLIC "X", key->size);
91 return HKS_ERROR_INVALID_KEY_INFO;
92 }
93
94 return HKS_SUCCESS;
95 }
96
97 #ifdef HKS_SUPPORT_RSA_GENERATE_KEY
RsaSaveKeyMaterial(const mbedtls_rsa_context * ctx,const uint32_t keySize,struct HksBlob * key)98 static int32_t RsaSaveKeyMaterial(const mbedtls_rsa_context *ctx, const uint32_t keySize, struct HksBlob *key)
99 {
100 const uint32_t keyByteLen = keySize / HKS_BITS_PER_BYTE;
101 const uint32_t rawMaterialLen = sizeof(struct KeyMaterialRsa) + keyByteLen * HKS_RSA_KEYPAIR_CNT;
102 uint8_t *rawMaterial = (uint8_t *)HksMalloc(rawMaterialLen);
103 HKS_IF_NULL_RETURN(rawMaterial, HKS_ERROR_MALLOC_FAIL)
104 (void)memset_s(rawMaterial, rawMaterialLen, 0, rawMaterialLen);
105
106 /* RSA key data internal struct: struct KeyMaterialRsa + nData + eData + dData */
107 struct KeyMaterialRsa *keyMaterial = (struct KeyMaterialRsa *)rawMaterial;
108 keyMaterial->keyAlg = HKS_ALG_RSA;
109 keyMaterial->keySize = keySize;
110 keyMaterial->nSize = keyByteLen;
111 keyMaterial->eSize = keyByteLen;
112 keyMaterial->dSize = keyByteLen;
113
114 int32_t ret;
115 do {
116 uint32_t offset = sizeof(*keyMaterial);
117 ret = mbedtls_mpi_write_binary(&(ctx->MBEDTLS_PRIVATE(N)), rawMaterial + offset, keyMaterial->nSize);
118 if (ret != HKS_MBEDTLS_SUCCESS) {
119 HKS_LOG_E("Rsa save keyMaterial mpi write N failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
120 break;
121 }
122
123 offset = offset + keyMaterial->nSize;
124 ret = mbedtls_mpi_write_binary(&(ctx->MBEDTLS_PRIVATE(E)), rawMaterial + offset, keyMaterial->eSize);
125 if (ret != HKS_MBEDTLS_SUCCESS) {
126 HKS_LOG_E("Rsa save keyMaterial mpi write E failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
127 break;
128 }
129
130 offset = offset + keyMaterial->eSize;
131 ret = mbedtls_mpi_write_binary(&(ctx->MBEDTLS_PRIVATE(D)), rawMaterial + offset, keyMaterial->dSize);
132 if (ret != HKS_MBEDTLS_SUCCESS) {
133 HKS_LOG_E("Rsa save keyMaterial mpi write D failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
134 break;
135 }
136
137 key->data = rawMaterial;
138 key->size = rawMaterialLen;
139 } while (0);
140
141 if (ret != HKS_MBEDTLS_SUCCESS) {
142 (void)memset_s(rawMaterial, rawMaterialLen, 0, rawMaterialLen);
143 HKS_FREE(rawMaterial);
144 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
145 }
146
147 return ret;
148 }
149
HksMbedtlsRsaGenerateKey(const struct HksKeySpec * spec,struct HksBlob * key)150 int32_t HksMbedtlsRsaGenerateKey(const struct HksKeySpec *spec, struct HksBlob *key)
151 {
152 mbedtls_rsa_context ctx;
153 (void)memset_s(&ctx, sizeof(mbedtls_rsa_context), 0, sizeof(mbedtls_rsa_context));
154 mbedtls_rsa_init(&ctx);
155 ctx.MBEDTLS_PRIVATE(padding) = 0;
156 ctx.MBEDTLS_PRIVATE(hash_id) = 0;
157
158 mbedtls_ctr_drbg_context ctrDrbg;
159 mbedtls_entropy_context entropy;
160 (void)memset_s(&entropy, sizeof(mbedtls_entropy_context), 0, sizeof(mbedtls_entropy_context));
161 (void)memset_s(&ctrDrbg, sizeof(mbedtls_ctr_drbg_context), 0, sizeof(mbedtls_ctr_drbg_context));
162 int32_t ret = HksCtrDrbgSeed(&ctrDrbg, &entropy);
163 if (ret != HKS_SUCCESS) {
164 mbedtls_rsa_free(&ctx);
165 return ret;
166 }
167
168 do {
169 ret = mbedtls_rsa_gen_key(&ctx, mbedtls_ctr_drbg_random, &ctrDrbg, spec->keyLen, HKS_RSA_PUBLIC_EXPONENT);
170 if (ret != HKS_MBEDTLS_SUCCESS) {
171 HKS_LOG_E("Mbedtls rsa generate key failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
172 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
173 break;
174 }
175
176 ret = RsaSaveKeyMaterial(&ctx, spec->keyLen, key);
177 } while (0);
178
179 mbedtls_rsa_free(&ctx);
180 mbedtls_ctr_drbg_free(&ctrDrbg);
181 mbedtls_entropy_free(&entropy);
182 return ret;
183 }
184 #endif /* HKS_SUPPORT_RSA_GENERATE_KEY */
185
186 #if defined(HKS_SUPPORT_RSA_CRYPT) || defined(HKS_SUPPORT_RSA_SIGN_VERIFY)
RsaKeyMaterialToCtx(const struct HksBlob * key,const bool needPrivateExponent,mbedtls_rsa_context * ctx)187 static int32_t RsaKeyMaterialToCtx(const struct HksBlob *key, const bool needPrivateExponent, mbedtls_rsa_context *ctx)
188 {
189 const struct KeyMaterialRsa *keyMaterial = (struct KeyMaterialRsa *)(key->data);
190
191 mbedtls_mpi n;
192 mbedtls_mpi e;
193 mbedtls_mpi d;
194
195 mbedtls_mpi_init(&n);
196 mbedtls_mpi_init(&e);
197 mbedtls_mpi_init(&d);
198
199 int32_t ret;
200 do {
201 uint32_t offset = sizeof(*keyMaterial);
202 ret = mbedtls_mpi_read_binary(&n, key->data + offset, keyMaterial->nSize);
203 if (ret != HKS_MBEDTLS_SUCCESS) {
204 HKS_LOG_E("Mbedtls rsa keyMaterial to ctx read N failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
205 break;
206 }
207
208 offset = offset + keyMaterial->nSize;
209 ret = mbedtls_mpi_read_binary(&e, key->data + offset, keyMaterial->eSize);
210 if (ret != HKS_MBEDTLS_SUCCESS) {
211 HKS_LOG_E("Mbedtls rsa keyMaterial to ctx read E failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
212 break;
213 }
214
215 if (needPrivateExponent) {
216 offset = offset + keyMaterial->eSize;
217 ret = mbedtls_mpi_read_binary(&d, key->data + offset, keyMaterial->dSize);
218 if (ret != HKS_MBEDTLS_SUCCESS) {
219 HKS_LOG_E("Mbedtls rsa keyMaterial to ctx read D failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
220 break;
221 }
222 }
223
224 ret = mbedtls_rsa_import(ctx, &n, NULL, NULL, (needPrivateExponent ? &d : NULL), &e);
225 if (ret != HKS_MBEDTLS_SUCCESS) {
226 HKS_LOG_E("Mbedtls rsa keyMaterial to ctx import failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
227 break;
228 }
229
230 ret = mbedtls_rsa_complete(ctx);
231 if (ret != HKS_MBEDTLS_SUCCESS) {
232 HKS_LOG_E("Mbedtls rsa keyMaterial to ctx complete failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
233 }
234 } while (0);
235
236 mbedtls_mpi_free(&n);
237 mbedtls_mpi_free(&e);
238 mbedtls_mpi_free(&d);
239
240 if (ret != HKS_MBEDTLS_SUCCESS) {
241 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
242 }
243 return ret;
244 }
245 #endif /* HKS_SUPPORT_RSA_CRYPT or HKS_SUPPORT_RSA_SIGN_VERIFY */
246
247 #ifdef HKS_SUPPORT_RSA_CRYPT
HksToMbedtlsPadding(uint32_t hksPadding,int32_t * padding)248 static int32_t HksToMbedtlsPadding(uint32_t hksPadding, int32_t *padding)
249 {
250 switch (hksPadding) {
251 case HKS_PADDING_PKCS1_V1_5:
252 *padding = MBEDTLS_RSA_PKCS_V15;
253 break;
254 case HKS_PADDING_OAEP:
255 *padding = MBEDTLS_RSA_PKCS_V21;
256 break;
257 default:
258 return HKS_ERROR_NOT_SUPPORTED;
259 }
260 return HKS_SUCCESS;
261 }
262
HksMbedtlsRsaCrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,const bool encrypt,struct HksBlob * cipherText)263 static int32_t HksMbedtlsRsaCrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
264 const struct HksBlob *message, const bool encrypt, struct HksBlob *cipherText)
265 {
266 int32_t ret = RsaKeyCheck(key);
267 HKS_IF_NOT_SUCC_RETURN(ret, ret)
268
269 int32_t padding;
270 ret = HksToMbedtlsPadding(usageSpec->padding, &padding);
271 HKS_IF_NOT_SUCC_RETURN(ret, ret)
272
273 uint32_t mbedtlsAlg;
274 if (padding == MBEDTLS_RSA_PKCS_V21) {
275 ret = HksToMbedtlsDigestAlg(usageSpec->digest, &mbedtlsAlg);
276 HKS_IF_NOT_SUCC_RETURN(ret, ret)
277 }
278
279 mbedtls_ctr_drbg_context ctrDrbg;
280 mbedtls_entropy_context entropy;
281 (void)memset_s(&entropy, sizeof(mbedtls_entropy_context), 0, sizeof(mbedtls_entropy_context));
282 (void)memset_s(&ctrDrbg, sizeof(mbedtls_ctr_drbg_context), 0, sizeof(mbedtls_ctr_drbg_context));
283 ret = HksCtrDrbgSeed(&ctrDrbg, &entropy);
284 HKS_IF_NOT_SUCC_RETURN(ret, ret)
285
286 mbedtls_rsa_context ctx;
287 (void)memset_s(&ctx, sizeof(mbedtls_rsa_context), 0, sizeof(mbedtls_rsa_context));
288 mbedtls_rsa_init(&ctx); /* only support oaep padding */
289
290 do {
291 ret = RsaKeyMaterialToCtx(key, !encrypt, &ctx); /* encrypt don't need private exponent (d) */
292 HKS_IF_NOT_SUCC_BREAK(ret)
293
294 size_t outlen;
295 if (encrypt) {
296 ret = mbedtls_rsa_pkcs1_encrypt(&ctx, mbedtls_ctr_drbg_random,
297 &ctrDrbg, (size_t)message->size, message->data, cipherText->data);
298 outlen = mbedtls_rsa_get_len(&ctx);
299 } else {
300 ret = mbedtls_rsa_pkcs1_decrypt(&ctx, mbedtls_ctr_drbg_random, &ctrDrbg,
301 &outlen, message->data, cipherText->data, (size_t)cipherText->size);
302 }
303 if (ret != HKS_SUCCESS) {
304 HKS_LOG_E("Mbedtls rsa crypt failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
305 (void)memset_s(cipherText->data, cipherText->size, 0, cipherText->size);
306 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
307 break;
308 }
309 cipherText->size = (uint32_t)outlen;
310 } while (0);
311
312 mbedtls_rsa_free(&ctx);
313 mbedtls_ctr_drbg_free(&ctrDrbg);
314 mbedtls_entropy_free(&entropy);
315 return ret;
316 }
317
HksMbedtlsRsaEncrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText,struct HksBlob * tagAead)318 int32_t HksMbedtlsRsaEncrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
319 const struct HksBlob *message, struct HksBlob *cipherText, struct HksBlob *tagAead)
320 {
321 (void)tagAead;
322 return HksMbedtlsRsaCrypt(key, usageSpec, message, true, cipherText);
323 }
324
HksMbedtlsRsaDecrypt(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * cipherText)325 int32_t HksMbedtlsRsaDecrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
326 const struct HksBlob *message, struct HksBlob *cipherText)
327 {
328 return HksMbedtlsRsaCrypt(key, usageSpec, message, false, cipherText);
329 }
330 #endif /* HKS_SUPPORT_RSA_CRYPT */
331
332 #ifdef HKS_SUPPORT_RSA_SIGN_VERIFY
HksToMbedtlsSignPadding(uint32_t hksPadding,int32_t * padding)333 static int32_t HksToMbedtlsSignPadding(uint32_t hksPadding, int32_t *padding)
334 {
335 switch (hksPadding) {
336 case HKS_PADDING_PKCS1_V1_5:
337 *padding = MBEDTLS_RSA_PKCS_V15;
338 break;
339 case HKS_PADDING_PSS:
340 *padding = MBEDTLS_RSA_PKCS_V21;
341 break;
342 default:
343 return HKS_ERROR_NOT_SUPPORTED;
344 }
345 return HKS_SUCCESS;
346 }
347
HksMbedtlsRsaSignVerify(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,const bool sign,struct HksBlob * signature)348 static int32_t HksMbedtlsRsaSignVerify(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
349 const struct HksBlob *message, const bool sign, struct HksBlob *signature)
350 {
351 uint32_t mbedtlsAlg;
352 int32_t ret = HksToMbedtlsDigestAlg(usageSpec->digest, &mbedtlsAlg);
353 HKS_IF_NOT_SUCC_RETURN(ret, ret)
354 int32_t padding;
355 ret = HksToMbedtlsSignPadding(usageSpec->padding, &padding);
356 HKS_IF_NOT_SUCC_RETURN(ret, ret)
357
358 mbedtls_ctr_drbg_context ctrDrbg;
359 mbedtls_entropy_context entropy;
360 (void)memset_s(&entropy, sizeof(mbedtls_entropy_context), 0, sizeof(mbedtls_entropy_context));
361 (void)memset_s(&ctrDrbg, sizeof(mbedtls_ctr_drbg_context), 0, sizeof(mbedtls_ctr_drbg_context));
362 ret = HksCtrDrbgSeed(&ctrDrbg, &entropy);
363 HKS_IF_NOT_SUCC_RETURN(ret, ret)
364
365 mbedtls_rsa_context ctx;
366 (void)memset_s(&ctx, sizeof(mbedtls_rsa_context), 0, sizeof(mbedtls_rsa_context));
367 mbedtls_rsa_init(&ctx);
368
369 do {
370 ret = RsaKeyMaterialToCtx(key, sign, &ctx); /* sign need private exponent (d) */
371 HKS_IF_NOT_SUCC_BREAK(ret)
372 if (sign) {
373 ret = mbedtls_rsa_pkcs1_sign(&ctx, mbedtls_ctr_drbg_random, &ctrDrbg,
374 (mbedtls_md_type_t)mbedtlsAlg, message->size, message->data, signature->data);
375 } else {
376 ret = mbedtls_rsa_pkcs1_verify(&ctx,
377 (mbedtls_md_type_t)mbedtlsAlg, message->size, message->data, signature->data);
378 }
379 if (ret != HKS_MBEDTLS_SUCCESS) {
380 HKS_LOG_E("Mbedtls rsa sign/verify failed! mbedtls ret = 0x%" LOG_PUBLIC "X", ret);
381 ret = HKS_ERROR_CRYPTO_ENGINE_ERROR;
382 (void)memset_s(signature->data, signature->size, 0, signature->size);
383 }
384 } while (0);
385
386 if (sign) {
387 signature->size = mbedtls_rsa_get_len(&ctx);
388 }
389
390 mbedtls_rsa_free(&ctx);
391 mbedtls_ctr_drbg_free(&ctrDrbg);
392 mbedtls_entropy_free(&entropy);
393 return ret;
394 }
395
HksMbedtlsRsaSign(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,struct HksBlob * signature)396 int32_t HksMbedtlsRsaSign(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
397 const struct HksBlob *message, struct HksBlob *signature)
398 {
399 int32_t ret = RsaKeyCheck(key);
400 HKS_IF_NOT_SUCC_RETURN(ret, ret)
401
402 return HksMbedtlsRsaSignVerify(key, usageSpec, message, true, signature); /* true: is sign */
403 }
404
HksMbedtlsRsaVerify(const struct HksBlob * key,const struct HksUsageSpec * usageSpec,const struct HksBlob * message,const struct HksBlob * signature)405 int32_t HksMbedtlsRsaVerify(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
406 const struct HksBlob *message, const struct HksBlob *signature)
407 {
408 int32_t ret = RsaKeyCheck(key);
409 HKS_IF_NOT_SUCC_RETURN(ret, ret)
410
411 return HksMbedtlsRsaSignVerify(key, usageSpec, message, false, (struct HksBlob *)signature); /* false: is verify */
412 }
413 #endif /* HKS_SUPPORT_RSA_SIGN_VERIFY */
414
415 #ifdef HKS_SUPPORT_RSA_GET_PUBLIC_KEY
GetRsaPubKeyCheckParams(const struct HksBlob * keyIn,const struct HksBlob * keyOut)416 static int32_t GetRsaPubKeyCheckParams(const struct HksBlob *keyIn, const struct HksBlob *keyOut)
417 {
418 int32_t ret = RsaKeyCheck(keyIn);
419 HKS_IF_NOT_SUCC_RETURN(ret, ret)
420
421 /* check keyOut size */
422 const struct KeyMaterialRsa *keyMaterial = (struct KeyMaterialRsa *)(keyIn->data);
423 if (keyOut->size < (sizeof(struct HksPubKeyInfo) + keyMaterial->nSize + keyMaterial->eSize)) {
424 HKS_LOG_E("Rsa public keyOut size too small! keyOut size = 0x%" LOG_PUBLIC "X", keyOut->size);
425 return HKS_ERROR_BUFFER_TOO_SMALL;
426 }
427
428 return HKS_SUCCESS;
429 }
430
HksMbedtlsGetRsaPubKey(const struct HksBlob * keyIn,struct HksBlob * keyOut)431 int32_t HksMbedtlsGetRsaPubKey(const struct HksBlob *keyIn, struct HksBlob *keyOut)
432 {
433 int32_t ret = GetRsaPubKeyCheckParams(keyIn, keyOut);
434 HKS_IF_NOT_SUCC_RETURN(ret, ret)
435
436 /* n + e, so need size is: sizeof(struct HksPubKeyInfo) + nSize + eSize */
437 const struct KeyMaterialRsa *keyMaterial = (struct KeyMaterialRsa *)(keyIn->data);
438 const uint32_t outLen = sizeof(struct HksPubKeyInfo) + keyMaterial->nSize + keyMaterial->eSize;
439 if (memcpy_s(keyOut->data, keyOut->size, (void *)keyMaterial, outLen) != EOK) {
440 HKS_LOG_E("Memcpy rsa pub key failed!");
441 (void)memset_s(keyOut->data, keyOut->size, 0, keyOut->size);
442 return HKS_ERROR_INSUFFICIENT_MEMORY;
443 }
444 ((struct KeyMaterialRsa *)(keyOut->data))->dSize = 0;
445 keyOut->size = outLen;
446
447 return HKS_SUCCESS;
448 }
449 #endif /* HKS_SUPPORT_RSA_GET_PUBLIC_KEY */
450 #endif /* HKS_SUPPORT_RSA_C */
451