1 /*
2 * Copyright (C) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "openssl_common.h"
17
18 #include "securec.h"
19
20 #include <string.h>
21 #include <openssl/err.h>
22 #include "config.h"
23 #include "log.h"
24 #include "memory.h"
25 #include "openssl_adapter.h"
26 #include "result.h"
27 #include "params_parser.h"
28 #include "utils.h"
29
30 #define HCF_OPENSSL_DIGEST_NONE_STR "NONE"
31 #define HCF_OPENSSL_DIGEST_MD5_STR "MD5"
32 #define HCF_OPENSSL_DIGEST_SM3_STR "SM3"
33 #define HCF_OPENSSL_DIGEST_SHA1_STR "SHA1"
34 #define HCF_OPENSSL_DIGEST_SHA224_STR "SHA224"
35 #define HCF_OPENSSL_DIGEST_SHA256_STR "SHA256"
36 #define HCF_OPENSSL_DIGEST_SHA384_STR "SHA384"
37 #define HCF_OPENSSL_DIGEST_SHA512_STR "SHA512"
38 #define HCF_OPENSSL_MGF1 "MGF1"
39
40 static const uint32_t ASCII_CODE_ZERO = 48;
41
42 typedef struct {
43 int32_t bits; // keyLen
44 int32_t nid; // nid
45 char *groupName;
46 } NidTypeAlg;
47
48 static const NidTypeAlg NID_TYPE_MAP[] = {
49 { HCF_ALG_ECC_224, NID_secp224r1, "secp224r1" },
50 { HCF_ALG_ECC_256, NID_X9_62_prime256v1, "prime256v1" },
51 { HCF_ALG_ECC_384, NID_secp384r1, "secp384r1" },
52 { HCF_ALG_ECC_521, NID_secp521r1, "secp521r1" },
53 { HCF_ALG_SM2_256, NID_sm2, "sm2" },
54 { HCF_ALG_ECC_BP160R1, NID_brainpoolP160r1, "brainpoolP160r1" },
55 { HCF_ALG_ECC_BP160T1, NID_brainpoolP160t1, "brainpoolP160t1" },
56 { HCF_ALG_ECC_BP192R1, NID_brainpoolP192r1, "brainpoolP192r1" },
57 { HCF_ALG_ECC_BP192T1, NID_brainpoolP192t1, "brainpoolP192t1" },
58 { HCF_ALG_ECC_BP224R1, NID_brainpoolP224r1, "brainpoolP224r1" },
59 { HCF_ALG_ECC_BP224T1, NID_brainpoolP224t1, "brainpoolP224t1" },
60 { HCF_ALG_ECC_BP256R1, NID_brainpoolP256r1, "brainpoolP256r1" },
61 { HCF_ALG_ECC_BP256T1, NID_brainpoolP256t1, "brainpoolP256t1" },
62 { HCF_ALG_ECC_BP320R1, NID_brainpoolP320r1, "brainpoolP320r1" },
63 { HCF_ALG_ECC_BP320T1, NID_brainpoolP320t1, "brainpoolP320t1" },
64 { HCF_ALG_ECC_BP384R1, NID_brainpoolP384r1, "brainpoolP384r1" },
65 { HCF_ALG_ECC_BP384T1, NID_brainpoolP384t1, "brainpoolP384t1" },
66 { HCF_ALG_ECC_BP512R1, NID_brainpoolP512r1, "brainpoolP512r1" },
67 { HCF_ALG_ECC_BP512T1, NID_brainpoolP512t1, "brainpoolP512t1" },
68 { HCF_ALG_ECC_SECP256K1, NID_secp256k1, "secp256k1" },
69 };
70
71 typedef struct {
72 int32_t curveId;
73 char *curveName;
74 } CurveNameAlg;
75
76 static const CurveNameAlg CURVE_NAME_MAP[] = {
77 { NID_secp224r1, "NID_secp224r1" },
78 { NID_X9_62_prime256v1, "NID_X9_62_prime256v1" },
79 { NID_secp384r1, "NID_secp384r1" },
80 { NID_secp521r1, "NID_secp521r1" },
81 { NID_brainpoolP160r1, "NID_brainpoolP160r1" },
82 { NID_brainpoolP160t1, "NID_brainpoolP160t1" },
83 { NID_brainpoolP192r1, "NID_brainpoolP192r1" },
84 { NID_brainpoolP192t1, "NID_brainpoolP192t1" },
85 { NID_brainpoolP224r1, "NID_brainpoolP224r1" },
86 { NID_brainpoolP224t1, "NID_brainpoolP224t1" },
87 { NID_brainpoolP256r1, "NID_brainpoolP256r1" },
88 { NID_brainpoolP256t1, "NID_brainpoolP256t1" },
89 { NID_brainpoolP320r1, "NID_brainpoolP320r1" },
90 { NID_brainpoolP320t1, "NID_brainpoolP320t1" },
91 { NID_brainpoolP384r1, "NID_brainpoolP384r1" },
92 { NID_brainpoolP384t1, "NID_brainpoolP384t1" },
93 { NID_brainpoolP512r1, "NID_brainpoolP512r1" },
94 { NID_brainpoolP512t1, "NID_brainpoolP512t1" },
95 { NID_secp256k1, "NID_secp256k1" }
96 };
97
98 typedef struct {
99 int32_t bits;
100 char *algName;
101 } AlgNameType;
102
103 static const AlgNameType ALG_NAME_TYPE_MAP[] = {
104 { HCF_ALG_ECC_224, "ECC" },
105 { HCF_ALG_ECC_256, "ECC" },
106 { HCF_ALG_ECC_384, "ECC" },
107 { HCF_ALG_ECC_521, "ECC" },
108 { HCF_ALG_SM2_256, "SM2" },
109 { HCF_ALG_ECC_BP160R1, "ECC" },
110 { HCF_ALG_ECC_BP160T1, "ECC" },
111 { HCF_ALG_ECC_BP192R1, "ECC" },
112 { HCF_ALG_ECC_BP192T1, "ECC" },
113 { HCF_ALG_ECC_BP224R1, "ECC" },
114 { HCF_ALG_ECC_BP224T1, "ECC" },
115 { HCF_ALG_ECC_BP256R1, "ECC" },
116 { HCF_ALG_ECC_BP256T1, "ECC" },
117 { HCF_ALG_ECC_BP320R1, "ECC" },
118 { HCF_ALG_ECC_BP320T1, "ECC" },
119 { HCF_ALG_ECC_BP384R1, "ECC" },
120 { HCF_ALG_ECC_BP384T1, "ECC" },
121 { HCF_ALG_ECC_BP512R1, "ECC" },
122 { HCF_ALG_ECC_BP512T1, "ECC" },
123 { HCF_ALG_ECC_SECP256K1, "ECC" }
124 };
125
126 typedef struct {
127 int32_t formatValue;
128 int32_t formatType;
129 } FormatType;
130
131 static const FormatType FORMAT_TYPE_MAP[] = {
132 { HCF_UNCOMPRESSED_FORMAT_VALUE, POINT_CONVERSION_UNCOMPRESSED },
133 { HCF_COMPRESSED_FORMAT_VALUE, POINT_CONVERSION_COMPRESSED }
134 };
135
GetCurveNameByCurveId(int32_t curveId,char ** curveName)136 HcfResult GetCurveNameByCurveId(int32_t curveId, char **curveName)
137 {
138 if (curveName == NULL) {
139 LOGE("Invalid curveName");
140 return HCF_INVALID_PARAMS;
141 }
142 for (uint32_t i = 0; i < sizeof(CURVE_NAME_MAP) / sizeof(CURVE_NAME_MAP[0]); i++) {
143 if (CURVE_NAME_MAP[i].curveId == curveId) {
144 *curveName = CURVE_NAME_MAP[i].curveName;
145 return HCF_SUCCESS;
146 }
147 }
148 LOGE("Invalid curve id:%d", curveId);
149 return HCF_INVALID_PARAMS;
150 }
151
GetNidByCurveNameValue(int32_t curveNameValue,int32_t * nid)152 HcfResult GetNidByCurveNameValue(int32_t curveNameValue, int32_t *nid)
153 {
154 if (nid == NULL) {
155 LOGE("Invalid nid");
156 return HCF_INVALID_PARAMS;
157 }
158 for (uint32_t i = 0; i < sizeof(NID_TYPE_MAP) / sizeof(NID_TYPE_MAP[0]); i++) {
159 if (NID_TYPE_MAP[i].bits == curveNameValue) {
160 *nid = NID_TYPE_MAP[i].nid;
161 return HCF_SUCCESS;
162 }
163 }
164 LOGE("Invalid curveNameValue value: %d", curveNameValue);
165 return HCF_INVALID_PARAMS;
166 }
167
GetGroupNameByNid(int32_t nid,char ** groupName)168 HcfResult GetGroupNameByNid(int32_t nid, char **groupName)
169 {
170 if (groupName == NULL) {
171 LOGE("Invalid groupName");
172 return HCF_INVALID_PARAMS;
173 }
174 for (uint32_t i = 0; i < sizeof(NID_TYPE_MAP) / sizeof(NID_TYPE_MAP[0]); i++) {
175 if (NID_TYPE_MAP[i].nid == nid) {
176 *groupName = NID_TYPE_MAP[i].groupName;
177 return HCF_SUCCESS;
178 }
179 }
180 LOGE("Invalid nid:%d", nid);
181 return HCF_INVALID_PARAMS;
182 }
183
GetFormatTypeByFormatValue(int32_t formatValue,int32_t * formatType)184 HcfResult GetFormatTypeByFormatValue(int32_t formatValue, int32_t *formatType)
185 {
186 if (formatType == NULL) {
187 LOGE("Invalid formatType");
188 return HCF_INVALID_PARAMS;
189 }
190 for (uint32_t i = 0; i < sizeof(FORMAT_TYPE_MAP) / sizeof(FORMAT_TYPE_MAP[0]); i++) {
191 if (FORMAT_TYPE_MAP[i].formatValue == formatValue) {
192 *formatType = FORMAT_TYPE_MAP[i].formatType;
193 return HCF_SUCCESS;
194 }
195 }
196 LOGE("Invalid format value: %d", formatValue);
197 return HCF_INVALID_PARAMS;
198 }
199
GetAlgNameByBits(int32_t keyLen,char ** algName)200 HcfResult GetAlgNameByBits(int32_t keyLen, char **algName)
201 {
202 if (algName == NULL) {
203 LOGE("Invalid algName");
204 return HCF_INVALID_PARAMS;
205 }
206 for (uint32_t i = 0; i < sizeof(ALG_NAME_TYPE_MAP) / sizeof(ALG_NAME_TYPE_MAP[0]); i++) {
207 if (ALG_NAME_TYPE_MAP[i].bits == keyLen) {
208 size_t srcAlgNameLen = HcfStrlen(ALG_NAME_TYPE_MAP[i].algName);
209 if (srcAlgNameLen == 0) {
210 LOGE("algName is empty!");
211 return HCF_ERR_MALLOC;
212 }
213 *algName = (char *)HcfMalloc(srcAlgNameLen + 1, 0);
214 if (*algName == NULL) {
215 LOGE("algName malloc failed.");
216 return HCF_ERR_MALLOC;
217 }
218 if (memcpy_s(*algName, srcAlgNameLen, ALG_NAME_TYPE_MAP[i].algName, srcAlgNameLen) != EOK) {
219 LOGE("memcpy algName failed.");
220 HcfFree(*algName);
221 *algName = NULL;
222 return HCF_ERR_MALLOC;
223 }
224 return HCF_SUCCESS;
225 }
226 }
227 LOGD("[error] Invalid key size:%d", keyLen);
228 return HCF_INVALID_PARAMS;
229 }
230
GetOpensslCurveId(int32_t keyLen,int32_t * returnCurveId)231 HcfResult GetOpensslCurveId(int32_t keyLen, int32_t *returnCurveId)
232 {
233 if (returnCurveId == NULL) {
234 LOGE("Invalid algName");
235 return HCF_INVALID_PARAMS;
236 }
237 for (uint32_t i = 0; i < sizeof(NID_TYPE_MAP) / sizeof(NID_TYPE_MAP[0]); i++) {
238 if (NID_TYPE_MAP[i].bits == keyLen) {
239 *returnCurveId = NID_TYPE_MAP[i].nid;
240 return HCF_SUCCESS;
241 }
242 }
243 LOGE("invalid key size:%d", keyLen);
244 return HCF_INVALID_PARAMS;
245 }
246
GetOpensslDigestAlg(uint32_t alg,EVP_MD ** digestAlg)247 HcfResult GetOpensslDigestAlg(uint32_t alg, EVP_MD **digestAlg)
248 {
249 if (digestAlg == NULL) {
250 LOGE("Invalid MD pointer");
251 return HCF_INVALID_PARAMS;
252 }
253 switch (alg) {
254 case HCF_OPENSSL_DIGEST_NONE:
255 *digestAlg = NULL;
256 break;
257 case HCF_OPENSSL_DIGEST_MD5:
258 *digestAlg = (EVP_MD *)EVP_md5();
259 break;
260 case HCF_OPENSSL_DIGEST_SM3:
261 *digestAlg = (EVP_MD *)EVP_sm3();
262 break;
263 case HCF_OPENSSL_DIGEST_SHA1:
264 *digestAlg = (EVP_MD *)EVP_sha1();
265 break;
266 case HCF_OPENSSL_DIGEST_SHA224:
267 *digestAlg = (EVP_MD *)EVP_sha224();
268 break;
269 case HCF_OPENSSL_DIGEST_SHA256:
270 *digestAlg = (EVP_MD *)EVP_sha256();
271 break;
272 case HCF_OPENSSL_DIGEST_SHA384:
273 *digestAlg = (EVP_MD *)EVP_sha384();
274 break;
275 case HCF_OPENSSL_DIGEST_SHA512:
276 *digestAlg = (EVP_MD *)EVP_sha512();
277 break;
278 default:
279 LOGD("[error] Invalid digest num is %u.", alg);
280 return HCF_INVALID_PARAMS;
281 }
282 return HCF_SUCCESS;
283 }
284
GetRsaSpecStringMd(const HcfAlgParaValue md,char ** returnString)285 HcfResult GetRsaSpecStringMd(const HcfAlgParaValue md, char **returnString)
286 {
287 if (returnString == NULL) {
288 LOGE("return string is null");
289 return HCF_INVALID_PARAMS;
290 }
291 char *tmp = NULL;
292 switch (md) {
293 case HCF_OPENSSL_DIGEST_MD5:
294 tmp = HCF_OPENSSL_DIGEST_MD5_STR;
295 break;
296 case HCF_OPENSSL_DIGEST_SM3:
297 tmp = HCF_OPENSSL_DIGEST_SM3_STR;
298 break;
299 case HCF_OPENSSL_DIGEST_SHA1:
300 tmp = HCF_OPENSSL_DIGEST_SHA1_STR;
301 break;
302 case HCF_OPENSSL_DIGEST_SHA224:
303 tmp = HCF_OPENSSL_DIGEST_SHA224_STR;
304 break;
305 case HCF_OPENSSL_DIGEST_SHA256:
306 tmp = HCF_OPENSSL_DIGEST_SHA256_STR;
307 break;
308 case HCF_OPENSSL_DIGEST_SHA384:
309 tmp = HCF_OPENSSL_DIGEST_SHA384_STR;
310 break;
311 case HCF_OPENSSL_DIGEST_SHA512:
312 tmp = HCF_OPENSSL_DIGEST_SHA512_STR;
313 break;
314 default:
315 LOGE("Invalid digest num is %u.", md);
316 return HCF_INVALID_PARAMS;
317 }
318 size_t mdLen = HcfStrlen(tmp);
319 if (mdLen == 0) {
320 LOGE("mdLen is empty!");
321 return HCF_ERR_MALLOC;
322 }
323 char *mdStr = (char *)HcfMalloc(mdLen + 1, 0);
324 if (mdStr == NULL) {
325 LOGE("Failed to allocate md name memory");
326 return HCF_ERR_MALLOC;
327 }
328 (void)memcpy_s(mdStr, mdLen, tmp, mdLen);
329 *returnString = mdStr;
330 return HCF_SUCCESS;
331 }
332
GetRsaSpecStringMGF(char ** returnString)333 HcfResult GetRsaSpecStringMGF(char **returnString)
334 {
335 if (returnString == NULL) {
336 LOGE("return string is null");
337 return HCF_INVALID_PARAMS;
338 }
339 size_t mgf1Len = HcfStrlen(HCF_OPENSSL_MGF1);
340 if (mgf1Len == 0) {
341 LOGE("mgf1Len is empty!");
342 return HCF_ERR_MALLOC;
343 }
344 char *mgf1Str = (char *)HcfMalloc(mgf1Len + 1, 0);
345 if (mgf1Str == NULL) {
346 LOGE("Failed to allocate mgf1 name memory");
347 return HCF_ERR_MALLOC;
348 }
349 (void)memcpy_s(mgf1Str, mgf1Len, HCF_OPENSSL_MGF1, mgf1Len);
350 *returnString = mgf1Str;
351 return HCF_SUCCESS;
352 }
353
GetSm2SpecStringSm3(char ** returnString)354 HcfResult GetSm2SpecStringSm3(char **returnString)
355 {
356 if (returnString == NULL) {
357 LOGE("return string is null");
358 return HCF_INVALID_PARAMS;
359 }
360 size_t sm2Len = HcfStrlen(HCF_OPENSSL_DIGEST_SM3_STR);
361 if (sm2Len == 0) {
362 LOGE("sm2Len is empty!");
363 return HCF_ERR_MALLOC;
364 }
365 char *sm2Str = (char *)HcfMalloc(sm2Len + 1, 0);
366 if (sm2Str == NULL) {
367 LOGE("Failed to allocate sm2 name memory");
368 return HCF_ERR_MALLOC;
369 }
370 if (memcpy_s(sm2Str, sm2Len, HCF_OPENSSL_DIGEST_SM3_STR, sm2Len) != EOK) {
371 LOGE("memcpy sm2Str failed.");
372 HcfFree(sm2Str);
373 return HCF_ERR_MALLOC;
374 }
375 *returnString = sm2Str;
376 return HCF_SUCCESS;
377 }
378
HcfPrintOpensslError(void)379 void HcfPrintOpensslError(void)
380 {
381 char szErr[LOG_PRINT_MAX_LEN] = {0}; // Then maximum length of the OpenSSL error string is 256.
382 unsigned long errCode;
383
384 errCode = ERR_get_error();
385 ERR_error_string_n(errCode, szErr, LOG_PRINT_MAX_LEN);
386
387 LOGD("[error] [Openssl]: engine fail, error code = %lu, error string = %s", errCode, szErr);
388 }
389
GetOpensslPadding(int32_t padding,int32_t * opensslPadding)390 HcfResult GetOpensslPadding(int32_t padding, int32_t *opensslPadding)
391 {
392 if (opensslPadding == NULL) {
393 LOGE("return openssl padding pointer is null");
394 return HCF_INVALID_PARAMS;
395 }
396 switch (padding) {
397 case HCF_ALG_NOPADDING:
398 *opensslPadding = RSA_NO_PADDING;
399 return HCF_SUCCESS;
400
401 case HCF_OPENSSL_RSA_PKCS1_PADDING:
402 *opensslPadding = RSA_PKCS1_PADDING;
403 return HCF_SUCCESS;
404
405 case HCF_OPENSSL_RSA_PKCS1_OAEP_PADDING:
406 *opensslPadding = RSA_PKCS1_OAEP_PADDING;
407 return HCF_SUCCESS;
408
409 case HCF_OPENSSL_RSA_PSS_PADDING:
410 *opensslPadding = RSA_PKCS1_PSS_PADDING;
411 return HCF_SUCCESS;
412
413 default:
414 LOGD("[error] Invalid framwork padding = %d", padding);
415 return HCF_INVALID_PARAMS;
416 }
417 }
418
IsBigEndian(void)419 bool IsBigEndian(void)
420 {
421 uint32_t *pointer = (uint32_t *)&ASCII_CODE_ZERO;
422 char firstChar = *((char *)pointer);
423 if (firstChar == '0') {
424 return false;
425 } else {
426 return true;
427 }
428 }
429
BigIntegerToBigNum(const HcfBigInteger * src,BIGNUM ** dest)430 HcfResult BigIntegerToBigNum(const HcfBigInteger *src, BIGNUM **dest)
431 {
432 if (src == NULL || dest == NULL) {
433 LOGE("Invalid input parameter.");
434 return HCF_INVALID_PARAMS;
435 }
436
437 if (IsBigEndian()) {
438 *dest = OpensslBin2Bn((src->data), (src->len), *dest);
439 } else {
440 *dest = OpensslLeBin2Bn((src->data), (src->len), *dest);
441 }
442
443 if (*dest == NULL) {
444 LOGD("[error] translate BigInteger to BIGNUM failed.");
445 HcfPrintOpensslError();
446 return HCF_ERR_CRYPTO_OPERATION;
447 }
448 return HCF_SUCCESS;
449 }
450
BigNumToBigIntegerSecp256k1(const BIGNUM * src,HcfBigInteger * dest)451 HcfResult BigNumToBigIntegerSecp256k1(const BIGNUM *src, HcfBigInteger *dest)
452 {
453 if (src == NULL || dest == NULL) {
454 LOGE("Invalid input parameter.");
455 return HCF_INVALID_PARAMS;
456 }
457 int len = 1;
458 dest->data = (unsigned char *)HcfMalloc(len, 0);
459 if (dest->data == NULL) {
460 LOGE("Alloc dest->data memeory failed.");
461 return HCF_ERR_MALLOC;
462 }
463 dest->len = len;
464 dest->data[0] = 0;
465 return HCF_SUCCESS;
466 }
467
BigNumToBigInteger(const BIGNUM * src,HcfBigInteger * dest)468 HcfResult BigNumToBigInteger(const BIGNUM *src, HcfBigInteger *dest)
469 {
470 if (src == NULL || dest == NULL) {
471 LOGE("Invalid input parameter.");
472 return HCF_INVALID_PARAMS;
473 }
474
475 int len = OpensslBnNumBytes(src);
476 if (len <= 0) {
477 LOGD("[error] Invalid input parameter.");
478 HcfPrintOpensslError();
479 return HCF_ERR_CRYPTO_OPERATION;
480 }
481 dest->data = (unsigned char *)HcfMalloc(len, 0);
482 if (dest->data == NULL) {
483 LOGE("Alloc dest->data memeory failed.");
484 return HCF_ERR_MALLOC;
485 }
486 dest->len = len;
487
488 int resLen = -1;
489 if (IsBigEndian()) {
490 resLen = OpensslBn2BinPad(src, dest->data, dest->len);
491 } else {
492 resLen = OpensslBn2LeBinPad(src, dest->data, dest->len);
493 }
494
495 if (resLen != len) {
496 LOGD("[error] translate BIGNUM to BigInteger failed.");
497 HcfPrintOpensslError();
498 HcfFree(dest->data);
499 dest->data = NULL;
500 dest->len = 0;
501 return HCF_ERR_CRYPTO_OPERATION;
502 }
503 return HCF_SUCCESS;
504 }
505
KeyDerive(EVP_PKEY * priKey,EVP_PKEY * pubKey,HcfBlob * returnSecret)506 HcfResult KeyDerive(EVP_PKEY *priKey, EVP_PKEY *pubKey, HcfBlob *returnSecret)
507 {
508 EVP_PKEY_CTX *ctx = OpensslEvpPkeyCtxNew(priKey, NULL);
509 if (ctx == NULL) {
510 LOGD("[error] EVP_PKEY_CTX_new failed!");
511 HcfPrintOpensslError();
512 return HCF_ERR_CRYPTO_OPERATION;
513 }
514 HcfResult ret = HCF_ERR_CRYPTO_OPERATION;
515 do {
516 if (OpensslEvpPkeyDeriveInit(ctx) != HCF_OPENSSL_SUCCESS) {
517 LOGD("[error] Evp key derive init failed!");
518 HcfPrintOpensslError();
519 break;
520 }
521 if (OpensslEvpPkeyDeriveSetPeer(ctx, pubKey) != HCF_OPENSSL_SUCCESS) {
522 LOGD("[error] Evp key derive set peer failed!");
523 HcfPrintOpensslError();
524 break;
525 }
526 size_t maxLen;
527 if (OpensslEvpPkeyDerive(ctx, NULL, &maxLen) != HCF_OPENSSL_SUCCESS) {
528 LOGD("[error] Evp key derive failed!");
529 HcfPrintOpensslError();
530 break;
531 }
532 uint8_t *secretData = (uint8_t *)HcfMalloc(maxLen, 0);
533 if (secretData == NULL) {
534 LOGE("Failed to allocate secretData memory!");
535 ret = HCF_ERR_MALLOC;
536 break;
537 }
538
539 if (OpensslEvpPkeyDerive(ctx, secretData, &maxLen) != HCF_OPENSSL_SUCCESS) {
540 LOGD("[error] Evp key derive failed!");
541 HcfPrintOpensslError();
542 HcfFree(secretData);
543 break;
544 }
545
546 returnSecret->data = secretData;
547 returnSecret->len = maxLen;
548 ret = HCF_SUCCESS;
549 } while (0);
550 OpensslEvpPkeyCtxFree(ctx);
551 return ret;
552 }
553
GetKeyEncodedPem(EVP_PKEY * pkey,const char * outPutStruct,int selection,char ** returnString)554 HcfResult GetKeyEncodedPem(EVP_PKEY *pkey, const char *outPutStruct, int selection, char **returnString)
555 {
556 OSSL_ENCODER_CTX *ctx = OpensslOsslEncoderCtxNewForPkey(pkey, selection, "PEM", outPutStruct, NULL);
557 if (ctx == NULL) {
558 LOGE("OSSL_ENCODER_CTX_new_for_pkey failed.");
559 HcfPrintOpensslError();
560 return HCF_ERR_CRYPTO_OPERATION;
561 }
562
563 unsigned char *data = NULL;
564 size_t dataLen = 0;
565 if (OpensslOsslEncoderToData(ctx, &data, &dataLen) != HCF_OPENSSL_SUCCESS) {
566 HcfPrintOpensslError();
567 OpensslOsslEncoderCtxFree(ctx);
568 return HCF_ERR_CRYPTO_OPERATION;
569 }
570 *returnString = (char *)data;
571 OpensslOsslEncoderCtxFree(ctx);
572 return HCF_SUCCESS;
573 }
574