1 /*
2  * Copyright (C) 2022-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *    http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "signature.h"
17 
18 #include <securec.h>
19 
20 #include "config.h"
21 #include "dsa_openssl.h"
22 #include "ecdsa_openssl.h"
23 #include "log.h"
24 #include "memory.h"
25 #include "params_parser.h"
26 #include "signature_spi.h"
27 #include "signature_rsa_openssl.h"
28 #include "sm2_openssl.h"
29 #include "ed25519_openssl.h"
30 #include "utils.h"
31 
32 typedef HcfResult (*HcfSignSpiCreateFunc)(HcfSignatureParams *, HcfSignSpi **);
33 typedef HcfResult (*HcfVerifySpiCreateFunc)(HcfSignatureParams *, HcfVerifySpi **);
34 
35 typedef struct {
36     HcfSign base;
37 
38     HcfSignSpi *spiObj;
39 
40     char algoName[HCF_MAX_ALGO_NAME_LEN];
41 } HcfSignImpl;
42 
43 typedef struct {
44     HcfVerify base;
45 
46     HcfVerifySpi *spiObj;
47 
48     char algoName[HCF_MAX_ALGO_NAME_LEN];
49 } HcfVerifyImpl;
50 
51 typedef struct {
52     HcfAlgValue algo;
53 
54     HcfSignSpiCreateFunc createFunc;
55 } HcfSignGenAbility;
56 
57 typedef struct {
58     HcfAlgValue algo;
59 
60     HcfVerifySpiCreateFunc createFunc;
61 } HcfVerifyGenAbility;
62 
63 static const HcfSignGenAbility SIGN_GEN_ABILITY_SET[] = {
64     { HCF_ALG_ECC, HcfSignSpiEcdsaCreate },
65     { HCF_ALG_RSA, HcfSignSpiRsaCreate },
66     { HCF_ALG_DSA, HcfSignSpiDsaCreate },
67     { HCF_ALG_SM2, HcfSignSpiSm2Create },
68     { HCF_ALG_ECC_BRAINPOOL, HcfSignSpiEcdsaCreate },
69     { HCF_ALG_ED25519, HcfSignSpiEd25519Create },
70 };
71 
72 static const HcfVerifyGenAbility VERIFY_GEN_ABILITY_SET[] = {
73     { HCF_ALG_ECC, HcfVerifySpiEcdsaCreate },
74     { HCF_ALG_RSA, HcfVerifySpiRsaCreate },
75     { HCF_ALG_DSA, HcfVerifySpiDsaCreate },
76     { HCF_ALG_SM2, HcfVerifySpiSm2Create },
77     { HCF_ALG_ECC_BRAINPOOL, HcfVerifySpiEcdsaCreate },
78     { HCF_ALG_ED25519, HcfVerifySpiEd25519Create },
79 };
80 
FindSignAbility(HcfSignatureParams * params)81 static HcfSignSpiCreateFunc FindSignAbility(HcfSignatureParams *params)
82 {
83     if (params->operation == HCF_ALG_ONLY_SIGN && params->algo != HCF_ALG_RSA) {
84         LOGE("Algo not support in OnlySign! [Algo]: %d", params->algo);
85         return NULL;
86     }
87 
88     for (uint32_t i = 0; i < sizeof(SIGN_GEN_ABILITY_SET) / sizeof(SIGN_GEN_ABILITY_SET[0]); i++) {
89         if (SIGN_GEN_ABILITY_SET[i].algo == params->algo) {
90             return SIGN_GEN_ABILITY_SET[i].createFunc;
91         }
92     }
93     LOGE("Algo not support! [Algo]: %d", params->algo);
94     return NULL;
95 }
96 
FindVerifyAbility(HcfSignatureParams * params)97 static HcfVerifySpiCreateFunc FindVerifyAbility(HcfSignatureParams *params)
98 {
99     if (params->operation == HCF_ALG_VERIFY_RECOVER && params->algo != HCF_ALG_RSA) {
100         LOGE("Failed to check recover params!");
101         return NULL;
102     }
103 
104     for (uint32_t i = 0; i < sizeof(VERIFY_GEN_ABILITY_SET) / sizeof(VERIFY_GEN_ABILITY_SET[0]); i++) {
105         if (VERIFY_GEN_ABILITY_SET[i].algo == params->algo) {
106             return VERIFY_GEN_ABILITY_SET[i].createFunc;
107         }
108     }
109     LOGE("Algo not support! [Algo]: %d", params->algo);
110     return NULL;
111 }
112 
SetKeyTypeDefault(HcfAlgParaValue value,HcfSignatureParams * paramsObj)113 static void SetKeyTypeDefault(HcfAlgParaValue value,  HcfSignatureParams *paramsObj)
114 {
115     switch (value) {
116         case HCF_ALG_ECC_DEFAULT:
117             paramsObj->algo = HCF_ALG_ECC;
118             break;
119         case HCF_ALG_RSA_DEFAULT:
120             paramsObj->algo = HCF_ALG_RSA;
121             break;
122         case HCF_ALG_DSA_DEFAULT:
123             paramsObj->algo = HCF_ALG_DSA;
124             break;
125         case HCF_ALG_SM2_DEFAULT:
126             paramsObj->algo = HCF_ALG_SM2;
127             break;
128         case HCF_ALG_ECC_BRAINPOOL_DEFAULT:
129             paramsObj->algo = HCF_ALG_ECC_BRAINPOOL;
130             break;
131         default:
132             LOGE("Invalid algo %u.", value);
133             break;
134     }
135 }
136 
SetKeyType(HcfAlgParaValue value,HcfSignatureParams * paramsObj)137 static void SetKeyType(HcfAlgParaValue value, HcfSignatureParams *paramsObj)
138 {
139     switch (value) {
140         case HCF_ALG_ECC_224:
141         case HCF_ALG_ECC_256:
142         case HCF_ALG_ECC_384:
143         case HCF_ALG_ECC_521:
144         case HCF_ALG_ECC_SECP256K1:
145             paramsObj->algo = HCF_ALG_ECC;
146             break;
147         case HCF_ALG_ECC_BP160R1:
148         case HCF_ALG_ECC_BP160T1:
149         case HCF_ALG_ECC_BP192R1:
150         case HCF_ALG_ECC_BP192T1:
151         case HCF_ALG_ECC_BP224R1:
152         case HCF_ALG_ECC_BP224T1:
153         case HCF_ALG_ECC_BP256R1:
154         case HCF_ALG_ECC_BP256T1:
155         case HCF_ALG_ECC_BP320R1:
156         case HCF_ALG_ECC_BP320T1:
157         case HCF_ALG_ECC_BP384R1:
158         case HCF_ALG_ECC_BP384T1:
159         case HCF_ALG_ECC_BP512R1:
160         case HCF_ALG_ECC_BP512T1:
161             paramsObj->algo = HCF_ALG_ECC_BRAINPOOL;
162             break;
163         case HCF_OPENSSL_RSA_512:
164         case HCF_OPENSSL_RSA_768:
165         case HCF_OPENSSL_RSA_1024:
166         case HCF_OPENSSL_RSA_2048:
167         case HCF_OPENSSL_RSA_3072:
168         case HCF_OPENSSL_RSA_4096:
169         case HCF_OPENSSL_RSA_8192:
170             paramsObj->algo = HCF_ALG_RSA;
171             break;
172         case HCF_ALG_DSA_1024:
173         case HCF_ALG_DSA_2048:
174         case HCF_ALG_DSA_3072:
175             paramsObj->algo = HCF_ALG_DSA;
176             break;
177         case HCF_ALG_SM2_256:
178             paramsObj->algo = HCF_ALG_SM2;
179             break;
180         case HCF_ALG_ED25519_256:
181             paramsObj->algo = HCF_ALG_ED25519;
182             break;
183         default:
184             LOGE("there is not matched algorithm.");
185             break;
186     }
187 }
188 
ParseSignatureParams(const HcfParaConfig * config,void * params)189 static HcfResult ParseSignatureParams(const HcfParaConfig *config, void *params)
190 {
191     if (config == NULL || params == NULL) {
192         LOGE("Invalid signature params");
193         return HCF_INVALID_PARAMS;
194     }
195     HcfResult ret = HCF_SUCCESS;
196     HcfSignatureParams *paramsObj = (HcfSignatureParams *)params;
197     LOGD("Set Parameter: %s", config->tag);
198     switch (config->paraType) {
199         case HCF_ALG_TYPE:
200             SetKeyTypeDefault(config->paraValue, paramsObj);
201             break;
202         case HCF_ALG_KEY_TYPE:
203             SetKeyType(config->paraValue, paramsObj);
204             break;
205         case HCF_ALG_DIGEST:
206             paramsObj->md = config->paraValue;
207             break;
208         case HCF_ALG_PADDING_TYPE:
209             paramsObj->padding = config->paraValue;
210             break;
211         case HCF_ALG_MGF1_DIGEST:
212             paramsObj->mgf1md = config->paraValue;
213             break;
214         case HCF_ALG_SIGN_TYPE:
215             paramsObj->operation = config->paraValue;
216             break;
217         case HCF_ALG_VERIFY_TYPE:
218             paramsObj->operation = config->paraValue;
219             break;
220         default:
221             ret = HCF_INVALID_PARAMS;
222             break;
223     }
224     return ret;
225 }
226 
GetSignClass(void)227 static const char *GetSignClass(void)
228 {
229     return "HcfSign";
230 }
231 
GetVerifyClass(void)232 static const char *GetVerifyClass(void)
233 {
234     return "HcfVerify";
235 }
236 
GetSignAlgoName(HcfSign * self)237 static const char *GetSignAlgoName(HcfSign *self)
238 {
239     if (self == NULL) {
240         LOGE("The input self ptr is NULL!");
241         return NULL;
242     }
243     if (!HcfIsClassMatch((HcfObjectBase *)self, GetSignClass())) {
244         return NULL;
245     }
246     return ((HcfSignImpl *)self)->algoName;
247 }
248 
GetVerifyAlgoName(HcfVerify * self)249 static const char *GetVerifyAlgoName(HcfVerify *self)
250 {
251     if (self == NULL) {
252         LOGE("The input self ptr is NULL!");
253         return NULL;
254     }
255     if (!HcfIsClassMatch((HcfObjectBase *)self, GetVerifyClass())) {
256         return NULL;
257     }
258     return ((HcfVerifyImpl *)self)->algoName;
259 }
260 
DestroySign(HcfObjectBase * self)261 static void DestroySign(HcfObjectBase *self)
262 {
263     if (self == NULL) {
264         return;
265     }
266     if (!HcfIsClassMatch(self, GetSignClass())) {
267         LOGE("Class not match.");
268         return;
269     }
270     HcfSignImpl *impl = (HcfSignImpl *)self;
271     HcfObjDestroy(impl->spiObj);
272     impl->spiObj = NULL;
273     HcfFree(impl);
274 }
275 
DestroyVerify(HcfObjectBase * self)276 static void DestroyVerify(HcfObjectBase *self)
277 {
278     if (self == NULL) {
279         return;
280     }
281     if (!HcfIsClassMatch(self, GetVerifyClass())) {
282         LOGE("Class not match.");
283         return;
284     }
285     HcfVerifyImpl *impl = (HcfVerifyImpl *)self;
286     HcfObjDestroy(impl->spiObj);
287     impl->spiObj = NULL;
288     HcfFree(impl);
289 }
290 
SetSignSpecInt(HcfSign * self,SignSpecItem item,int32_t saltLen)291 static HcfResult SetSignSpecInt(HcfSign *self, SignSpecItem item, int32_t saltLen)
292 {
293     if (self == NULL) {
294         LOGE("Invalid input parameter.");
295         return HCF_INVALID_PARAMS;
296     }
297     if (!HcfIsClassMatch((HcfObjectBase *)self, GetSignClass())) {
298         LOGE("Class not match.");
299         return HCF_INVALID_PARAMS;
300     }
301     HcfSignImpl *tmpSelf = (HcfSignImpl *)self;
302     return tmpSelf->spiObj->engineSetSignSpecInt(tmpSelf->spiObj, item, saltLen);
303 }
304 
GetSignSpecString(HcfSign * self,SignSpecItem item,char ** returnString)305 static HcfResult GetSignSpecString(HcfSign *self, SignSpecItem item, char **returnString)
306 {
307     if (self == NULL || returnString == NULL) {
308         LOGE("Invalid input parameter.");
309         return HCF_INVALID_PARAMS;
310     }
311     if (!HcfIsClassMatch((HcfObjectBase *)self, GetSignClass())) {
312         LOGE("Class not match.");
313         return HCF_INVALID_PARAMS;
314     }
315     HcfSignImpl *tmpSelf = (HcfSignImpl *)self;
316     return tmpSelf->spiObj->engineGetSignSpecString(tmpSelf->spiObj, item, returnString);
317 }
318 
SetSignSpecUint8Array(HcfSign * self,SignSpecItem item,HcfBlob blob)319 static HcfResult SetSignSpecUint8Array(HcfSign *self, SignSpecItem item, HcfBlob blob)
320 {
321     if (self == NULL) {
322         LOGE("Invalid input parameter.");
323         return HCF_INVALID_PARAMS;
324     }
325     if (!HcfIsClassMatch((HcfObjectBase *)self, GetSignClass())) {
326         LOGE("Class not match.");
327         return HCF_INVALID_PARAMS;
328     }
329     HcfSignImpl *tmpSelf = (HcfSignImpl *)self;
330     return tmpSelf->spiObj->engineSetSignSpecUint8Array(tmpSelf->spiObj, item, blob);
331 }
332 
GetSignSpecInt(HcfSign * self,SignSpecItem item,int32_t * returnInt)333 static HcfResult GetSignSpecInt(HcfSign *self, SignSpecItem item, int32_t *returnInt)
334 {
335     if (self == NULL || returnInt == NULL) {
336         LOGE("Invalid input parameter.");
337         return HCF_INVALID_PARAMS;
338     }
339     if (!HcfIsClassMatch((HcfObjectBase *)self, GetSignClass())) {
340         LOGE("Class not match.");
341         return HCF_INVALID_PARAMS;
342     }
343     HcfSignImpl *tmpSelf = (HcfSignImpl *)self;
344     return tmpSelf->spiObj->engineGetSignSpecInt(tmpSelf->spiObj, item, returnInt);
345 }
346 
SignInit(HcfSign * self,HcfParamsSpec * params,HcfPriKey * privateKey)347 static HcfResult SignInit(HcfSign *self, HcfParamsSpec *params, HcfPriKey *privateKey)
348 {
349     if (self == NULL) {
350         LOGE("Invalid input parameter.");
351         return HCF_INVALID_PARAMS;
352     }
353 
354     if (!HcfIsClassMatch((HcfObjectBase *)self, GetSignClass())) {
355         LOGE("Class not match.");
356         return HCF_INVALID_PARAMS;
357     }
358     return ((HcfSignImpl *)self)->spiObj->engineInit(((HcfSignImpl *)self)->spiObj, params, privateKey);
359 }
360 
SignUpdate(HcfSign * self,HcfBlob * data)361 static HcfResult SignUpdate(HcfSign *self, HcfBlob *data)
362 {
363     if (self == NULL) {
364         LOGE("Invalid input parameter.");
365         return HCF_INVALID_PARAMS;
366     }
367 
368     if (!HcfIsClassMatch((HcfObjectBase *)self, GetSignClass())) {
369         LOGE("Class not match.");
370         return HCF_INVALID_PARAMS;
371     }
372     return ((HcfSignImpl *)self)->spiObj->engineUpdate(((HcfSignImpl *)self)->spiObj, data);
373 }
374 
SignDoFinal(HcfSign * self,HcfBlob * data,HcfBlob * returnSignatureData)375 static HcfResult SignDoFinal(HcfSign *self, HcfBlob *data, HcfBlob *returnSignatureData)
376 {
377     if (self == NULL) {
378         LOGE("Invalid input parameter.");
379         return HCF_INVALID_PARAMS;
380     }
381 
382     if (!HcfIsClassMatch((HcfObjectBase *)self, GetSignClass())) {
383         LOGE("Class not match.");
384         return HCF_INVALID_PARAMS;
385     }
386     return ((HcfSignImpl *)self)->spiObj->engineSign(((HcfSignImpl *)self)->spiObj, data, returnSignatureData);
387 }
388 
SetVerifySpecInt(HcfVerify * self,SignSpecItem item,int32_t saltLen)389 static HcfResult SetVerifySpecInt(HcfVerify *self, SignSpecItem item, int32_t saltLen)
390 {
391     if (self == NULL) {
392         LOGE("Invalid input parameter.");
393         return HCF_INVALID_PARAMS;
394     }
395     if (!HcfIsClassMatch((HcfObjectBase *)self, GetVerifyClass())) {
396         LOGE("Class not match.");
397         return HCF_INVALID_PARAMS;
398     }
399     HcfVerifyImpl *tmpSelf = (HcfVerifyImpl *)self;
400     return tmpSelf->spiObj->engineSetVerifySpecInt(tmpSelf->spiObj, item, saltLen);
401 }
402 
GetVerifySpecString(HcfVerify * self,SignSpecItem item,char ** returnString)403 static HcfResult GetVerifySpecString(HcfVerify *self, SignSpecItem item, char **returnString)
404 {
405     if (self == NULL || returnString == NULL) {
406         LOGE("Invalid input parameter.");
407         return HCF_INVALID_PARAMS;
408     }
409     if (!HcfIsClassMatch((HcfObjectBase *)self, GetVerifyClass())) {
410         LOGE("Class not match.");
411         return HCF_INVALID_PARAMS;
412     }
413     HcfVerifyImpl *tmpSelf = (HcfVerifyImpl *)self;
414     return tmpSelf->spiObj->engineGetVerifySpecString(tmpSelf->spiObj, item, returnString);
415 }
416 
SetVerifySpecUint8Array(HcfVerify * self,SignSpecItem item,HcfBlob blob)417 static HcfResult SetVerifySpecUint8Array(HcfVerify *self, SignSpecItem item, HcfBlob blob)
418 {
419     if (self == NULL) {
420         LOGE("Invalid input parameter.");
421         return HCF_INVALID_PARAMS;
422     }
423     if (!HcfIsClassMatch((HcfObjectBase *)self, GetVerifyClass())) {
424         LOGE("Class not match.");
425         return HCF_INVALID_PARAMS;
426     }
427     HcfVerifyImpl *tmpSelf = (HcfVerifyImpl *)self;
428     return tmpSelf->spiObj->engineSetVerifySpecUint8Array(tmpSelf->spiObj, item, blob);
429 }
430 
GetVerifySpecInt(HcfVerify * self,SignSpecItem item,int32_t * returnInt)431 static HcfResult GetVerifySpecInt(HcfVerify *self, SignSpecItem item, int32_t *returnInt)
432 {
433     if (self == NULL || returnInt == NULL) {
434         LOGE("Invalid input parameter.");
435         return HCF_INVALID_PARAMS;
436     }
437     if (!HcfIsClassMatch((HcfObjectBase *)self, GetVerifyClass())) {
438         LOGE("Class not match.");
439         return HCF_INVALID_PARAMS;
440     }
441     HcfVerifyImpl *tmpSelf = (HcfVerifyImpl *)self;
442     return tmpSelf->spiObj->engineGetVerifySpecInt(tmpSelf->spiObj, item, returnInt);
443 }
444 
VerifyInit(HcfVerify * self,HcfParamsSpec * params,HcfPubKey * publicKey)445 static HcfResult VerifyInit(HcfVerify *self, HcfParamsSpec *params, HcfPubKey *publicKey)
446 {
447     if (self == NULL) {
448         LOGE("Invalid input parameter.");
449         return HCF_INVALID_PARAMS;
450     }
451 
452     if (!HcfIsClassMatch((HcfObjectBase *)self, GetVerifyClass())) {
453         LOGE("Class not match.");
454         return HCF_INVALID_PARAMS;
455     }
456     return ((HcfVerifyImpl *)self)->spiObj->engineInit(((HcfVerifyImpl *)self)->spiObj, params, publicKey);
457 }
458 
VerifyUpdate(HcfVerify * self,HcfBlob * data)459 static HcfResult VerifyUpdate(HcfVerify *self, HcfBlob *data)
460 {
461     if (self == NULL) {
462         LOGE("Invalid input parameter.");
463         return HCF_INVALID_PARAMS;
464     }
465 
466     if (!HcfIsClassMatch((HcfObjectBase *)self, GetVerifyClass())) {
467         LOGE("Class not match.");
468         return HCF_INVALID_PARAMS;
469     }
470     return ((HcfVerifyImpl *)self)->spiObj->engineUpdate(((HcfVerifyImpl *)self)->spiObj, data);
471 }
472 
VerifyDoFinal(HcfVerify * self,HcfBlob * data,HcfBlob * signatureData)473 static bool VerifyDoFinal(HcfVerify *self, HcfBlob *data, HcfBlob *signatureData)
474 {
475     if (self == NULL) {
476         LOGE("Invalid input parameter.");
477         return false;
478     }
479     if (!HcfIsClassMatch((HcfObjectBase *)self, GetVerifyClass())) {
480         LOGE("Class not match.");
481         return false;
482     }
483     return ((HcfVerifyImpl *)self)->spiObj->engineVerify(((HcfVerifyImpl *)self)->spiObj, data, signatureData);
484 }
485 
VerifyRecover(HcfVerify * self,HcfBlob * signatureData,HcfBlob * rawSignatureData)486 static HcfResult VerifyRecover(HcfVerify *self, HcfBlob *signatureData, HcfBlob *rawSignatureData)
487 {
488     if (self == NULL) {
489         LOGE("Invalid input parameter.");
490         return HCF_INVALID_PARAMS;
491     }
492     if (!HcfIsClassMatch((HcfObjectBase *)self, GetVerifyClass())) {
493         LOGE("Class not match.");
494         return HCF_INVALID_PARAMS;
495     }
496     HcfVerifySpi *verifySpiObj = ((HcfVerifyImpl *)self)->spiObj;
497     if (verifySpiObj->engineRecover == NULL) {
498         LOGE("Not support verify recover operation.");
499         return HCF_INVALID_PARAMS;
500     }
501 
502     return verifySpiObj->engineRecover(verifySpiObj, signatureData, rawSignatureData);
503 }
504 
HcfSignCreate(const char * algoName,HcfSign ** returnObj)505 HcfResult HcfSignCreate(const char *algoName, HcfSign **returnObj)
506 {
507     LOGD("HcfSignCreate start");
508     if ((!HcfIsStrValid(algoName, HCF_MAX_ALGO_NAME_LEN)) || (returnObj == NULL)) {
509         return HCF_INVALID_PARAMS;
510     }
511 
512     HcfSignatureParams params = { 0 };
513     if (ParseAndSetParameter(algoName, &params, ParseSignatureParams) != HCF_SUCCESS) {
514         LOGE("Failed to parse params!");
515         return HCF_INVALID_PARAMS;
516     }
517 
518     HcfSignSpiCreateFunc createSpiFunc = FindSignAbility(&params);
519     if (createSpiFunc == NULL) {
520         LOGE("Can not find ability.");
521         return HCF_NOT_SUPPORT;
522     }
523 
524     HcfSignImpl *returnSign = (HcfSignImpl *)HcfMalloc(sizeof(HcfSignImpl), 0);
525     if (returnSign == NULL) {
526         LOGE("Failed to allocate returnSign memory!");
527         return HCF_ERR_MALLOC;
528     }
529     if (strcpy_s(returnSign->algoName, HCF_MAX_ALGO_NAME_LEN, algoName) != EOK) {
530         LOGE("Failed to copy algoName!");
531         HcfFree(returnSign);
532         return HCF_INVALID_PARAMS;
533     }
534     HcfSignSpi *spiObj = NULL;
535     HcfResult res = createSpiFunc(&params, &spiObj);
536     if (res != HCF_SUCCESS) {
537         LOGE("Failed to create spi object!");
538         HcfFree(returnSign);
539         return res;
540     }
541     returnSign->base.base.destroy = DestroySign;
542     returnSign->base.base.getClass = GetSignClass;
543     returnSign->base.getAlgoName = GetSignAlgoName;
544     returnSign->base.init = SignInit;
545     returnSign->base.update = SignUpdate;
546     returnSign->base.sign = SignDoFinal;
547     returnSign->base.setSignSpecInt = SetSignSpecInt;
548     returnSign->base.getSignSpecInt = GetSignSpecInt;
549     returnSign->base.getSignSpecString = GetSignSpecString;
550     returnSign->base.setSignSpecUint8Array = SetSignSpecUint8Array;
551     returnSign->spiObj = spiObj;
552 
553     *returnObj = (HcfSign *)returnSign;
554     LOGD("HcfSignCreate end");
555     return HCF_SUCCESS;
556 }
557 
HcfVerifyCreate(const char * algoName,HcfVerify ** returnObj)558 HcfResult HcfVerifyCreate(const char *algoName, HcfVerify **returnObj)
559 {
560     LOGD("HcfVerifyCreate start");
561     if ((!HcfIsStrValid(algoName, HCF_MAX_ALGO_NAME_LEN)) || (returnObj == NULL)) {
562         return HCF_INVALID_PARAMS;
563     }
564     HcfSignatureParams params = {0};
565     if (ParseAndSetParameter(algoName, &params, ParseSignatureParams) != HCF_SUCCESS) {
566         LOGE("Failed to parse params!");
567         return HCF_INVALID_PARAMS;
568     }
569 
570     HcfVerifySpiCreateFunc createSpiFunc = FindVerifyAbility(&params);
571     if (createSpiFunc == NULL) {
572         return HCF_NOT_SUPPORT;
573     }
574 
575     HcfVerifyImpl *returnVerify = (HcfVerifyImpl *)HcfMalloc(sizeof(HcfVerifyImpl), 0);
576     if (returnVerify == NULL) {
577         LOGE("Failed to allocate returnVerify memory!");
578         return HCF_ERR_MALLOC;
579     }
580     if (strcpy_s(returnVerify->algoName, HCF_MAX_ALGO_NAME_LEN, algoName) != EOK) {
581         LOGE("Failed to copy algoName!");
582         HcfFree(returnVerify);
583         return HCF_INVALID_PARAMS;
584     }
585     HcfVerifySpi *spiObj = NULL;
586     HcfResult res = createSpiFunc(&params, &spiObj);
587     if (res != HCF_SUCCESS) {
588         LOGE("Failed to create spi object!");
589         HcfFree(returnVerify);
590         return res;
591     }
592     returnVerify->base.base.destroy = DestroyVerify;
593     returnVerify->base.base.getClass = GetVerifyClass;
594     returnVerify->base.getAlgoName = GetVerifyAlgoName;
595     returnVerify->base.init = VerifyInit;
596     returnVerify->base.update = VerifyUpdate;
597     returnVerify->base.verify = VerifyDoFinal;
598     returnVerify->base.recover = VerifyRecover;
599     returnVerify->base.setVerifySpecInt = SetVerifySpecInt;
600     returnVerify->base.getVerifySpecInt = GetVerifySpecInt;
601     returnVerify->base.getVerifySpecString = GetVerifySpecString;
602     returnVerify->base.setVerifySpecUint8Array = SetVerifySpecUint8Array;
603     returnVerify->spiObj = spiObj;
604     *returnObj = (HcfVerify *)returnVerify;
605     LOGD("HcfVerifyCreate end");
606     return HCF_SUCCESS;
607 }
608