openharmony/security_crypto_framework
1
0
Fork 0
mirror of https://gitee.com/openharmony/security_crypto_framework synced 2024-11-27 09:00:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

!409 提供支持外部PEM形式密钥数据转换成算法库密钥对象能力

Browse Source 
Merge pull request !409 from hhhFun/master
This commit is contained in:
openharmony_ci 2024-08-17 12:50:51 +00:00 committed by Gitee
commit d7ba1c0418
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
9 changed files with 758 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
plugin/openssl_plugin/common/inc/openssl_adapter.h
View File

@ -28,6 +28,8 @@
#include <openssl/kdf.h>
#include <openssl/params.h>
#include <openssl/types.h>
#include <openssl/obj_mac.h>
#include <openssl/core_names.h>
#include <crypto/sm2.h>
#include <crypto/x509.h>
@ -217,9 +219,12 @@ int OpensslEvpPkeySet1Rsa(EVP_PKEY *pkey, struct rsa_st *key);
int OpensslEvpPkeyAssignRsa(EVP_PKEY *pkey, struct rsa_st *key);
int OpensslPemWriteBioRsaPublicKey(BIO *bp, RSA *x);
int OpensslPemWriteBioRsaPubKey(BIO *bp, RSA *x);
EVP_PKEY *OpensslPemReadBioPrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u);
// BIO
BIO *OpensslBioNew(const BIO_METHOD *type);
const BIO_METHOD *OpensslBioSMem(void);
int OpensslBioWrite(BIO *b, const void *data, int dlen);
int OpensslBioRead(BIO *b, void *data, int dlen);
void OpensslBioFreeAll(BIO *a);
@ -325,6 +330,7 @@ const BIGNUM *OpensslDhGet0PrivKey(const DH *dh);
int OpensslEvpPkeySet1Dh(EVP_PKEY *pkey, DH *key);
int OpensslEvpPkeyAssignDh(EVP_PKEY *pkey, DH *key);
struct dh_st *OpensslEvpPkeyGet1Dh(EVP_PKEY *pkey);
int OpensslEvpPkeyIsA(const EVP_PKEY *pkey, const char *name);
int OpensslEvpPkeyCtxSetDhParamgenPrimeLen(EVP_PKEY_CTX *ctx, int pbits);
int OpensslEvpPkeyCtxSetSignatureMd(EVP_PKEY_CTX *ctx, const EVP_MD *md);
int OpensslDhUpRef(DH *r);
@ -383,6 +389,12 @@ OSSL_DECODER_CTX *OpensslOsslDecoderCtxNewForPkey(EVP_PKEY **pkey, const char *i
int OpensslOsslDecoderFromData(OSSL_DECODER_CTX *ctx, const unsigned char **pdata,
size_t *len);
void OpensslOsslDecoderCtxFree(OSSL_DECODER_CTX *ctx);
EC_KEY *OpensslEcKeyNewbyCurveNameEx(OSSL_LIB_CTX *ctx, const char *propq, int nid);
int OpensslEvpPkeyGetOctetStringParam(const EVP_PKEY *pkey, const char *keyName, unsigned char *buf, size_t maxBufSz,
size_t *outLen);
void OpensslEcKeySetFlags(EC_KEY *key, int flags);
int OpensslEvpPkeyGetBnParam(const EVP_PKEY *pkey, const char *keyName, BIGNUM **bn);
#ifdef __cplusplus
}
#endif

4
plugin/openssl_plugin/common/inc/openssl_common.h
View File

@ -70,6 +70,10 @@ HcfResult KeyDerive(EVP_PKEY *priKey, EVP_PKEY *pubKey, HcfBlob *returnSecret);
HcfResult GetKeyEncodedPem(EVP_PKEY *pkey, const char *outPutStruct, int selection, char **returnString);
HcfResult ConvertPubPemStrToKey(EVP_PKEY **pkey, const char *keyType, int selection, const char *keyStr);
HcfResult ConvertPriPemStrToKey(const char *keyStr, EVP_PKEY **pkey, const char *keyType);
#ifdef __cplusplus
}
#endif

36
plugin/openssl_plugin/common/src/openssl_adapter.c
View File

@ -819,6 +819,11 @@ int OpensslPemWriteBioRsaPubKey(BIO *bp, RSA *x)
return PEM_write_bio_RSA_PUBKEY(bp, x);
}
EVP_PKEY *OpensslPemReadBioPrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
{
return PEM_read_bio_PrivateKey(bp, x, cb, u);
}
BIO *OpensslBioNew(const BIO_METHOD *type)
{
return BIO_new(type);
@ -834,6 +839,11 @@ int OpensslBioRead(BIO *b, void *data, int dlen)
return BIO_read(b, data, dlen);
}
int OpensslBioWrite(BIO *b, const void *data, int dlen)
{
return BIO_write(b, data, dlen);
}
void OpensslBioFreeAll(BIO *a)
{
return BIO_free_all(a);
@ -1278,6 +1288,11 @@ DH *OpensslEvpPkeyGet1Dh(EVP_PKEY *pkey)
return EVP_PKEY_get1_DH(pkey);
}
int OpensslEvpPkeyIsA(const EVP_PKEY *pkey, const char *name)
{
return EVP_PKEY_is_a(pkey, name);
}
int OpensslEvpPkeyAssignDh(EVP_PKEY *pkey, DH *key)
{
return EVP_PKEY_assign_DH(pkey, key);
@ -1479,3 +1494,24 @@ void OpensslOsslDecoderCtxFree(OSSL_DECODER_CTX *ctx)
{
OSSL_DECODER_CTX_free(ctx);
}
EC_KEY *OpensslEcKeyNewbyCurveNameEx(OSSL_LIB_CTX *ctx, const char *propq, int nid)
{
return EC_KEY_new_by_curve_name_ex(ctx, propq, nid);
}
int OpensslEvpPkeyGetOctetStringParam(const EVP_PKEY *pkey, const char *keyName, unsigned char *buf, size_t maxBufSz,
size_t *outLen)
{
return EVP_PKEY_get_octet_string_param(pkey, keyName, buf, maxBufSz, outLen);
}
void OpensslEcKeySetFlags(EC_KEY *key, int flags)
{
EC_KEY_set_flags(key, flags);
}
int OpensslEvpPkeyGetBnParam(const EVP_PKEY *pkey, const char *keyName, BIGNUM **bn)
{
return EVP_PKEY_get_bn_param(pkey, keyName, bn);
}

53
plugin/openssl_plugin/common/src/openssl_common.c
View File

@ -577,3 +577,56 @@ HcfResult GetKeyEncodedPem(EVP_PKEY *pkey, const char *outPutStruct, int selecti
OpensslOsslEncoderCtxFree(ctx);
return HCF_SUCCESS;
}
HcfResult ConvertPubPemStrToKey(EVP_PKEY **pkey, const char *keyType, int selection, const char *keyStr)
{
OSSL_DECODER_CTX *ctx = OpensslOsslDecoderCtxNewForPkey(pkey, "PEM", NULL, keyType, selection, NULL, NULL);
if (ctx == NULL) {
LOGE("Failed to init pem public key decoder ctx.");
HcfPrintOpensslError();
return HCF_ERR_CRYPTO_OPERATION;
}
size_t pdataLen = strlen(keyStr);
const unsigned char *pdata = (const unsigned char *)keyStr;
int ret = OpensslOsslDecoderFromData(ctx, &pdata, &pdataLen);
OpensslOsslDecoderCtxFree(ctx);
if (ret != HCF_OPENSSL_SUCCESS) {
LOGE("Failed to decode public key from pem data.");
HcfPrintOpensslError();
return HCF_ERR_CRYPTO_OPERATION;
}
return HCF_SUCCESS;
}
HcfResult ConvertPriPemStrToKey(const char *keyStr, EVP_PKEY **pkey, const char *keyType)
{
BIO *bio = OpensslBioNew(OpensslBioSMem());
if (bio == NULL) {
LOGE("Failed to init bio.");
HcfPrintOpensslError();
return HCF_ERR_CRYPTO_OPERATION;
}
if (OpensslBioWrite(bio, keyStr, strlen(keyStr)) <= 0) {
OpensslBioFreeAll(bio);
LOGE("Failed to write pem private key to bio");
HcfPrintOpensslError();
return HCF_ERR_CRYPTO_OPERATION;
}
EVP_PKEY *pkeyRet = OpensslPemReadBioPrivateKey(bio, pkey, NULL, NULL);
OpensslBioFreeAll(bio);
if (pkeyRet == NULL) {
LOGE("Failed to read private key from bio");
HcfPrintOpensslError();
return HCF_ERR_CRYPTO_OPERATION;
}
if (OpensslEvpPkeyIsA(*pkey, keyType) != HCF_OPENSSL_SUCCESS) {
LOGE("Private key type does not match current alg [%s].", keyType);
OpensslEvpPkeyFree(*pkey);
return HCF_INVALID_PARAMS;
}
return HCF_SUCCESS;
}

149
plugin/openssl_plugin/key/asy_key_generator/src/alg_25519_asy_key_generator_openssl.c
View File

@ -774,6 +774,153 @@ static HcfResult EngineConvertAlg25519Key(HcfAsyKeyGeneratorSpi *self, HcfParams
return ret;
}
static HcfResult ConvertAlg25519PemPubKey(int type, const char *pubKeyStr, HcfOpensslAlg25519PubKey **returnPubKey)
{
EVP_PKEY *pkey = NULL;
const char *keyType = NULL;
if (type == EVP_PKEY_ED25519) {
keyType = "ED25519";
}
if (type == EVP_PKEY_X25519) {
keyType = "X25519";
}
HcfResult ret = ConvertPubPemStrToKey(&pkey, keyType, EVP_PKEY_PUBLIC_KEY, pubKeyStr);
if (ret != HCF_SUCCESS) {
LOGE("Convert public key from pem to key failed.");
return ret;
}
ret = CreateAlg25519PubKey(pkey, returnPubKey);
if (ret != HCF_SUCCESS) {
LOGE("Create alg25519 public key failed.");
OpensslEvpPkeyFree(pkey);
}
return ret;
}
static HcfResult ConvertAlg25519PemPriKey(int type, const char *priKeyStr, HcfOpensslAlg25519PriKey **returnPriKey)
{
EVP_PKEY *pkey = NULL;
const char *keyType = NULL;
if (type == EVP_PKEY_ED25519) {
keyType = "ED25519";
}
if (type == EVP_PKEY_X25519) {
keyType = "X25519";
}
HcfResult ret = ConvertPriPemStrToKey(priKeyStr, &pkey, keyType);
if (ret != HCF_SUCCESS) {
LOGE("Convert private key from pem to key failed.");
return ret;
}
ret = CreateAlg25519PriKey(pkey, returnPriKey);
if (ret != HCF_SUCCESS) {
LOGE("Create alg25519 private key failed.");
OpensslEvpPkeyFree(pkey);
}
return ret;
}
static HcfResult ConvertAlg25519PemPubAndPriKey(int type, const char *pubKeyStr, const char *priKeyStr,
HcfOpensslAlg25519PubKey **returnPubKey, HcfOpensslAlg25519PriKey **returnPriKey)
{
if (pubKeyStr != NULL && strlen(pubKeyStr) != 0) {
if (ConvertAlg25519PemPubKey(type, pubKeyStr, returnPubKey) != HCF_SUCCESS) {
LOGE("Convert alg25519 pem public key failed.");
return HCF_ERR_CRYPTO_OPERATION;
}
}
if (priKeyStr != NULL && strlen(priKeyStr) != 0) {
if (ConvertAlg25519PemPriKey(type, priKeyStr, returnPriKey) != HCF_SUCCESS) {
LOGE("Convert alg25519 pem private key failed.");
HcfObjDestroy(*returnPubKey);
*returnPubKey = NULL;
return HCF_ERR_CRYPTO_OPERATION;
}
}
return HCF_SUCCESS;
}
static HcfResult EngineConvertX25519PemKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec *params, const char *pubKeyStr,
const char *priKeyStr, HcfKeyPair **returnKeyPair)
{
(void)params;
if ((self == NULL) || (returnKeyPair == NULL) || ((pubKeyStr == NULL) && (priKeyStr == NULL))) {
LOGE("Invalid input parameter.");
return HCF_INVALID_PARAMS;
}
if (!HcfIsClassMatch((HcfObjectBase *)self, GetX25519KeyGeneratorSpiClass())) {
LOGE("Class not match.");
return HCF_INVALID_PARAMS;
}
HcfOpensslAlg25519PubKey *pubKey = NULL;
HcfOpensslAlg25519PriKey *priKey = NULL;
int type = EVP_PKEY_X25519;
HcfResult ret = ConvertAlg25519PemPubAndPriKey(type, pubKeyStr, priKeyStr, &pubKey, &priKey);
if (ret != HCF_SUCCESS) {
LOGE("Convert alg25519 pem keyPair failed.");
return ret;
}
if (pubKey != NULL) {
pubKey->type = type;
}
if (priKey != NULL) {
priKey->type = type;
}
ret = CreateAlg25519KeyPair(pubKey, priKey, returnKeyPair);
if (ret != HCF_SUCCESS) {
LOGE("Create alg25519 keyPair failed.");
HcfObjDestroy(pubKey);
HcfObjDestroy(priKey);
}
return ret;
}
static HcfResult EngineConvertEd25519PemKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec *params, const char *pubKeyStr,
const char *priKeyStr, HcfKeyPair **returnKeyPair)
{
(void)params;
if ((self == NULL) || (returnKeyPair == NULL) || ((pubKeyStr == NULL) && (priKeyStr == NULL))) {
LOGE("Invalid input parameter.");
return HCF_INVALID_PARAMS;
}
if (!HcfIsClassMatch((HcfObjectBase *)self, GetEd25519KeyGeneratorSpiClass())) {
LOGE("Class not match.");
return HCF_INVALID_PARAMS;
}
HcfOpensslAlg25519PubKey *pubKey = NULL;
HcfOpensslAlg25519PriKey *priKey = NULL;
int type = EVP_PKEY_ED25519;
HcfResult ret = ConvertAlg25519PemPubAndPriKey(type, pubKeyStr, priKeyStr, &pubKey, &priKey);
if (ret != HCF_SUCCESS) {
LOGE("Convert alg25519 pem keyPair failed.");
return ret;
}
if (pubKey != NULL) {
pubKey->type = type;
}
if (priKey != NULL) {
priKey->type = type;
}
ret = CreateAlg25519KeyPair(pubKey, priKey, returnKeyPair);
if (ret != HCF_SUCCESS) {
LOGE("Create alg25519 keyPair failed.");
HcfObjDestroy(pubKey);
HcfObjDestroy(priKey);
}
return ret;
}
static HcfResult CreateOpensslAlg25519PubKey(const HcfBigInteger *pk, const char *algName,
EVP_PKEY **returnAlg25519)
{
@ -1027,6 +1174,7 @@ HcfResult HcfAsyKeyGeneratorSpiEd25519Create(HcfAsyKeyGenParams *params, HcfAsyK
impl->base.base.destroy = DestroyAlg25519KeyGeneratorSpiImpl;
impl->base.engineGenerateKeyPair = EngineGenerateAlg25519KeyPair;
impl->base.engineConvertKey = EngineConvertAlg25519Key;
impl->base.engineConvertPemKey = EngineConvertEd25519PemKey;
impl->base.engineGenerateKeyPairBySpec = EngineGenerateAlg25519KeyPairBySpec;
impl->base.engineGeneratePubKeyBySpec = EngineGenerateAlg25519PubKeyBySpec;
impl->base.engineGeneratePriKeyBySpec = EngineGenerateAlg25519PriKeyBySpec;
@ -1052,6 +1200,7 @@ HcfResult HcfAsyKeyGeneratorSpiX25519Create(HcfAsyKeyGenParams *params, HcfAsyKe
impl->base.base.destroy = DestroyAlg25519KeyGeneratorSpiImpl;
impl->base.engineGenerateKeyPair = EngineGenerateAlg25519KeyPair;
impl->base.engineConvertKey = EngineConvertAlg25519Key;
impl->base.engineConvertPemKey = EngineConvertX25519PemKey;
impl->base.engineGenerateKeyPairBySpec = EngineGenerateAlg25519KeyPairBySpec;
impl->base.engineGeneratePubKeyBySpec = EngineGenerateAlg25519PubKeyBySpec;
impl->base.engineGeneratePriKeyBySpec = EngineGenerateAlg25519PriKeyBySpec;

109
plugin/openssl_plugin/key/asy_key_generator/src/dh_asy_key_generator_openssl.c
View File

@ -1048,6 +1048,114 @@ static HcfResult EngineConvertDhKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec *
return ret;
}
static HcfResult ConvertDhPemPubKey(const char *pubKeyStr, HcfOpensslDhPubKey **returnPubKey)
{
EVP_PKEY *pkey = NULL;
const char *keyType = "DH";
HcfResult ret = ConvertPubPemStrToKey(&pkey, keyType, EVP_PKEY_PUBLIC_KEY, pubKeyStr);
if (ret != HCF_SUCCESS) {
LOGE("Convert dh pem public key failed.");
return ret;
}
DH *dh = OpensslEvpPkeyGet1Dh(pkey);
OpensslEvpPkeyFree(pkey);
if (dh == NULL) {
LOGE("Pkey to dh key failed.");
HcfPrintOpensslError();
return HCF_ERR_CRYPTO_OPERATION;
}
ret = CreateDhPubKey(dh, returnPubKey);
if (ret != HCF_SUCCESS) {
LOGE("Create dh public key failed.");
OpensslDhFree(dh);
}
return ret;
}
static HcfResult ConvertDhPemPriKey(const char *priKeyStr, HcfOpensslDhPriKey **returnPriKey)
{
EVP_PKEY *pkey = NULL;
const char *keyType = "DH";
HcfResult ret = ConvertPriPemStrToKey(priKeyStr, &pkey, keyType);
if (ret != HCF_SUCCESS) {
LOGE("Convert dh pem private key failed.");
return ret;
}
DH *dh = OpensslEvpPkeyGet1Dh(pkey);
OpensslEvpPkeyFree(pkey);
if (dh == NULL) {
LOGE("Pkey to dh key failed.");
HcfPrintOpensslError();
return HCF_ERR_CRYPTO_OPERATION;
}
ret = CreateDhPriKey(dh, returnPriKey);
if (ret != HCF_SUCCESS) {
LOGE("Create DH private key failed.");
OpensslDhFree(dh);
}
return ret;
}
static HcfResult ConvertDhPemPubAndPriKey(const char *pubKeyStr, const char *priKeyStr,
HcfOpensslDhPubKey **returnPubKey, HcfOpensslDhPriKey **returnPriKey)
{
if (pubKeyStr != NULL && strlen(pubKeyStr) != 0) {
if (ConvertDhPemPubKey(pubKeyStr, returnPubKey) != HCF_SUCCESS) {
LOGE("Convert dh pem public key failed.");
return HCF_ERR_CRYPTO_OPERATION;
}
}
if (priKeyStr != NULL && strlen(priKeyStr) != 0) {
if (ConvertDhPemPriKey(priKeyStr, returnPriKey) != HCF_SUCCESS) {
LOGE("Convert dh pem private key failed.");
HcfObjDestroy(*returnPubKey);
*returnPubKey = NULL;
return HCF_ERR_CRYPTO_OPERATION;
}
}
return HCF_SUCCESS;
}
static HcfResult EngineConvertDhPemKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec *params, const char *pubKeyStr,
const char *priKeyStr, HcfKeyPair **returnKeyPair)
{
(void)params;
if ((self == NULL) || (returnKeyPair == NULL) || ((pubKeyStr == NULL) && (priKeyStr == NULL))) {
LOGE("Invalid input parameter.");
return HCF_INVALID_PARAMS;
}
if (!HcfIsClassMatch((HcfObjectBase *)self, GetDhKeyGeneratorSpiClass())) {
LOGE("Class not match.");
return HCF_INVALID_PARAMS;
}
HcfOpensslDhPubKey *pubKey = NULL;
HcfOpensslDhPriKey *priKey = NULL;
HcfResult ret = ConvertDhPemPubAndPriKey(pubKeyStr, priKeyStr, &pubKey, &priKey);
if (ret != HCF_SUCCESS) {
LOGE("Convert dh pem pubKey and priKey failed.");
return ret;
}
ret = CreateDhKeyPair(pubKey, priKey, returnKeyPair);
if (ret != HCF_SUCCESS) {
LOGE("Create dh keyPair failed.");
HcfObjDestroy(pubKey);
HcfObjDestroy(priKey);
}
return ret;
}
static HcfResult EngineGenerateDhKeyPairBySpec(const HcfAsyKeyGeneratorSpi *self,
const HcfAsyKeyParamsSpec *paramsSpec, HcfKeyPair **returnKeyPair)
{
@ -1140,6 +1248,7 @@ HcfResult HcfAsyKeyGeneratorSpiDhCreate(HcfAsyKeyGenParams *params, HcfAsyKeyGen
impl->base.base.destroy = DestroyDhKeyGeneratorSpiImpl;
impl->base.engineGenerateKeyPair = EngineGenerateDhKeyPair;
impl->base.engineConvertKey = EngineConvertDhKey;
impl->base.engineConvertPemKey = EngineConvertDhPemKey;
impl->base.engineGenerateKeyPairBySpec = EngineGenerateDhKeyPairBySpec;
impl->base.engineGeneratePubKeyBySpec = EngineGenerateDhPubKeyBySpec;
impl->base.engineGeneratePriKeyBySpec = EngineGenerateDhPriKeyBySpec;

105
plugin/openssl_plugin/key/asy_key_generator/src/dsa_asy_key_generator_openssl.c
View File

@ -902,6 +902,110 @@ static HcfResult EngineConvertDsaKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec
return ret;
}
static HcfResult ConvertDsaPemPubKey(const char *pubKeyStr, HcfOpensslDsaPubKey **returnPubKey)
{
EVP_PKEY *pkey = NULL;
const char *keyType = "DSA";
HcfResult ret = ConvertPubPemStrToKey(&pkey, keyType, EVP_PKEY_PUBLIC_KEY, pubKeyStr);
if (ret != HCF_SUCCESS) {
LOGE("Convert dsa pem public key failed.");
return ret;
}
DSA *dsa = OpensslEvpPkeyGet1Dsa(pkey);
OpensslEvpPkeyFree(pkey);
if (dsa == NULL) {
LOGE("Pkey to dsa key failed.");
HcfPrintOpensslError();
return HCF_ERR_CRYPTO_OPERATION;
}
ret = CreateDsaPubKey(dsa, returnPubKey);
if (ret != HCF_SUCCESS) {
LOGE("Create dsa public key failed");
OpensslDsaFree(dsa);
}
return ret;
}
static HcfResult ConvertDsaPemPriKey(const char *priKeyStr, HcfOpensslDsaPriKey **returnPriKey)
{
EVP_PKEY *pkey = NULL;
const char *keyType = "DSA";
HcfResult ret = ConvertPriPemStrToKey(priKeyStr, &pkey, keyType);
if (ret != HCF_SUCCESS) {
LOGE("Convert dsa pem private key failed.");
return ret;
}
DSA *dsa = OpensslEvpPkeyGet1Dsa(pkey);
OpensslEvpPkeyFree(pkey);
if (dsa == NULL) {
LOGE("Pkey to dsa key failed.");
HcfPrintOpensslError();
return HCF_ERR_CRYPTO_OPERATION;
}
ret = CreateDsaPriKey(dsa, returnPriKey);
if (ret != HCF_SUCCESS) {
LOGE("Create dsa private key failed");
OpensslDsaFree(dsa);
}
return ret;
}
static HcfResult ConvertDsaPemPubAndPriKey(const char *pubKeyStr, const char *priKeyStr,
HcfOpensslDsaPubKey **returnPubKey, HcfOpensslDsaPriKey **returnPriKey)
{
if (pubKeyStr != NULL && strlen(pubKeyStr) != 0) {
if (ConvertDsaPemPubKey(pubKeyStr, returnPubKey) != HCF_SUCCESS) {
LOGE("Convert dsa pem public key failed.");
return HCF_ERR_CRYPTO_OPERATION;
}
}
if (priKeyStr != NULL && strlen(priKeyStr) != 0) {
if (ConvertDsaPemPriKey(priKeyStr, returnPriKey) != HCF_SUCCESS) {
LOGE("Convert dsa pem private key failed.");
HcfObjDestroy(*returnPubKey);
*returnPubKey = NULL;
return HCF_ERR_CRYPTO_OPERATION;
}
}
return HCF_SUCCESS;
}
static HcfResult EngineConvertDsaPemKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec *params, const char *pubKeyStr,
const char *priKeyStr, HcfKeyPair **returnKeyPair)
{
(void)params;
if ((self == NULL) || (returnKeyPair == NULL) || ((pubKeyStr == NULL) && (priKeyStr == NULL))) {
LOGE("Invalid input parameter.");
return HCF_INVALID_PARAMS;
}
if (!HcfIsClassMatch((HcfObjectBase *)self, GetDsaKeyGeneratorSpiClass())) {
LOGE("Class not match.");
return HCF_INVALID_PARAMS;
}
HcfOpensslDsaPubKey *pubKey = NULL;
HcfOpensslDsaPriKey *priKey = NULL;
HcfResult ret = ConvertDsaPemPubAndPriKey(pubKeyStr, priKeyStr, &pubKey, &priKey);
if (ret != HCF_SUCCESS) {
return ret;
}
ret = CreateDsaKeyPair(pubKey, priKey, returnKeyPair);
if (ret != HCF_SUCCESS) {
HcfObjDestroy(pubKey);
HcfObjDestroy(priKey);
}
return ret;
}
static HcfResult EngineGenerateDsaKeyPairBySpec(const HcfAsyKeyGeneratorSpi *self,
const HcfAsyKeyParamsSpec *paramsSpec, HcfKeyPair **returnKeyPair)
{
@ -993,6 +1097,7 @@ HcfResult HcfAsyKeyGeneratorSpiDsaCreate(HcfAsyKeyGenParams *params, HcfAsyKeyGe
impl->base.base.destroy = DestroyDsaKeyGeneratorSpiImpl;
impl->base.engineGenerateKeyPair = EngineGenerateDsaKeyPair;
impl->base.engineConvertKey = EngineConvertDsaKey;
impl->base.engineConvertPemKey = EngineConvertDsaPemKey;
impl->base.engineGenerateKeyPairBySpec = EngineGenerateDsaKeyPairBySpec;
impl->base.engineGeneratePubKeyBySpec = EngineGenerateDsaPubKeyBySpec;
impl->base.engineGeneratePriKeyBySpec = EngineGenerateDsaPriKeyBySpec;

101
plugin/openssl_plugin/key/asy_key_generator/src/ecc_asy_key_generator_openssl.c
View File

@ -1816,6 +1816,106 @@ static HcfResult EngineConvertEccKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec
return HCF_SUCCESS;
}
static HcfResult ConvertEcPemPubKey(int32_t curveId, const char *pubKeyStr, HcfOpensslEccPubKey **returnPubKey)
{
EVP_PKEY *pkey = NULL;
const char *keyType = "EC";
HcfResult ret = ConvertPubPemStrToKey(&pkey, keyType, EVP_PKEY_PUBLIC_KEY, pubKeyStr);
if (ret != HCF_SUCCESS) {
LOGE("Convert ecc pem public key failed.");
return ret;
}
EC_KEY *ecKey = OpensslEvpPkeyGet1EcKey(pkey);
OpensslEvpPkeyFree(pkey);
if (ecKey == NULL) {
LOGE("Pkey to ec key failed.");
HcfPrintOpensslError();
return HCF_ERR_CRYPTO_OPERATION;
}
HcfResult res = PackEccPubKey(curveId, ecKey, g_eccGenerateFieldType, returnPubKey);
if (res != HCF_SUCCESS) {
LOGE("Pack ec public key failed.");
OpensslEcKeyFree(ecKey);
return res;
}
return HCF_SUCCESS;
}
static HcfResult ConvertEcPemPriKey(int32_t curveId, const char *priKeyStr, HcfOpensslEccPriKey **returnPriKey)
{
EVP_PKEY *pkey = NULL;
const char *keyType = "EC";
HcfResult ret = ConvertPriPemStrToKey(priKeyStr, &pkey, keyType);
if (ret != HCF_SUCCESS) {
LOGE("Convert ecc pem private key failed.");
return ret;
}
EC_KEY *ecKey = OpensslEvpPkeyGet1EcKey(pkey);
OpensslEvpPkeyFree(pkey);
if (ecKey == NULL) {
LOGE("Pkey to ec key failed.");
HcfPrintOpensslError();
return HCF_ERR_CRYPTO_OPERATION;
}
ret = PackEccPriKey(curveId, ecKey, g_eccGenerateFieldType, returnPriKey);
if (ret != HCF_SUCCESS) {
LOGE("Pack ec private key failed.");
OpensslEcKeyFree(ecKey);
return ret;
}
return HCF_SUCCESS;
}
static HcfResult EngineConvertEccPemKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec *params, const char *pubKeyStr,
const char *priKeyStr, HcfKeyPair **returnKeyPair)
{
(void)params;
if ((self == NULL) || (returnKeyPair == NULL) || ((pubKeyStr == NULL) && (priKeyStr == NULL))) {
LOGE("Invalid input parameter.");
return HCF_INVALID_PARAMS;
}
if (!HcfIsClassMatch((HcfObjectBase *)self, GetEccKeyPairGeneratorClass())) {
return HCF_INVALID_PARAMS;
}
HcfAsyKeyGeneratorSpiOpensslEccImpl *impl = (HcfAsyKeyGeneratorSpiOpensslEccImpl *)self;
HcfResult res = HCF_SUCCESS;
HcfOpensslEccPubKey *pubKey = NULL;
HcfOpensslEccPriKey *priKey = NULL;
HcfOpensslEccKeyPair *keyPair = NULL;
do {
if (pubKeyStr != NULL && strlen(pubKeyStr) != 0) {
res = ConvertEcPemPubKey(impl->curveId, pubKeyStr, &pubKey);
if (res != HCF_SUCCESS) {
break;
}
}
if (priKeyStr != NULL && strlen(priKeyStr) != 0) {
res = ConvertEcPemPriKey(impl->curveId, priKeyStr, &priKey);
if (res != HCF_SUCCESS) {
break;
}
}
res = PackEccKeyPair(pubKey, priKey, &keyPair);
} while (0);
if (res != HCF_SUCCESS) {
LOGE("Convert ec keyPair failed.");
HcfObjDestroy(pubKey);
HcfObjDestroy(priKey);
return res;
}
*returnKeyPair = (HcfKeyPair *)keyPair;
return HCF_SUCCESS;
}
static HcfResult PackAndAssignPubKey(const HcfAsyKeyGeneratorSpiOpensslEccImpl *impl, const char *fieldType,
EC_KEY *ecKey, HcfPubKey **returnObj)
{
@ -2032,6 +2132,7 @@ HcfResult HcfAsyKeyGeneratorSpiEccCreate(HcfAsyKeyGenParams *params, HcfAsyKeyGe
returnImpl->base.base.getClass = GetEccKeyPairGeneratorClass;
returnImpl->base.base.destroy = DestroyEccKeyPairGenerator;
returnImpl->base.engineConvertKey = EngineConvertEccKey;
returnImpl->base.engineConvertPemKey = EngineConvertEccPemKey;
returnImpl->base.engineGenerateKeyPair = EngineGenerateKeyPair;
returnImpl->base.engineGenerateKeyPairBySpec = EngineGenerateKeyPairBySpec;
returnImpl->base.engineGeneratePubKeyBySpec = EngineGeneratePubKeyBySpec;

189
plugin/openssl_plugin/key/asy_key_generator/src/sm2_asy_key_generator_openssl.c
View File

@ -27,6 +27,9 @@
#define OPENSSL_SM2_ALGORITHM "SM2"
#define OPENSSL_SM2_PUB_KEY_FORMAT "X.509"
#define OPENSSL_SM2_PRI_KEY_FORMAT "PKCS#8"
#define SM2_OCTET_STRING_LEN 65 // strlen(0x04) + strlen(X) + strlen(Y): 1 + 32 + 32
static const char *const g_sm2GenerateFieldType = "Fp";
typedef struct {
@ -944,6 +947,191 @@ static HcfResult EngineConvertSm2Key(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec
return HCF_SUCCESS;
}
static EC_KEY *GetSm2EckeyformPubKey(const EVP_PKEY *pkey)
{
EC_KEY *ecKey = NULL;
const EC_GROUP *group = NULL;
EC_POINT *pubPoint = NULL;
unsigned char octetKey[SM2_OCTET_STRING_LEN];
size_t octetKeyLen = 0;
ecKey = OpensslEcKeyNewbyCurveNameEx(NULL, NULL, NID_sm2);
if (ecKey == NULL) {
LOGE("Failed to init ec key.");
return NULL;
}
group = OpensslEcKeyGet0Group(ecKey);
if (group == NULL) {
LOGE("Failed to get group while get ec key.");
OpensslEcKeyFree(ecKey);
return NULL;
}
pubPoint = OpensslEcPointNew(group);
if (pubPoint == NULL) {
LOGE("Failed to init ec point while get ec key.");
OpensslEcKeyFree(ecKey);
return NULL;
}
if (!OpensslEvpPkeyGetOctetStringParam(pkey, OSSL_PKEY_PARAM_PUB_KEY, octetKey, sizeof(octetKey),
&octetKeyLen)) {
LOGE("Failed to get octet string param while get ec key.");
OpensslEcKeyFree(ecKey);
OpensslEcPointFree(pubPoint);
return NULL;
}
if (!OpensslEcOct2Point(group, pubPoint, octetKey, octetKeyLen, NULL)) {
LOGE("Failed to convert oct to point while get ec key.");
OpensslEcKeyFree(ecKey);
OpensslEcPointFree(pubPoint);
return NULL;
}
OpensslEcKeySetFlags(ecKey, EC_FLAG_SM2_RANGE);
if (!OpensslEcKeySetPublicKey(ecKey, pubPoint)) {
LOGE("Failed to set public key while get ec key.");
OpensslEcKeyFree(ecKey);
OpensslEcPointFree(pubPoint);
return NULL;
}
OpensslEcPointFree(pubPoint);
return ecKey;
}
static EC_KEY *GetSm2EckeyformPriKey(const EVP_PKEY *pkey)
{
EC_KEY *ecKey = NULL;
BIGNUM *outPriv = NULL;
ecKey = OpensslEcKeyNewbyCurveNameEx(NULL, NULL, NID_sm2);
if (ecKey == NULL) {
LOGE("Failed to init ec key.");
return NULL;
}
if (OpensslEvpPkeyGetBnParam(pkey, OSSL_PKEY_PARAM_PRIV_KEY, &outPriv) != HCF_OPENSSL_SUCCESS) {
LOGE("Failed to get bn param while get ec key.");
OpensslEcKeyFree(ecKey);
return NULL;
}
OpensslEcKeySetFlags(ecKey, EC_FLAG_SM2_RANGE);
if (OpensslEcKeySetPrivateKey(ecKey, outPriv) != HCF_OPENSSL_SUCCESS) {
LOGE("Failed to set private key while get ec key.");
OpensslEcKeyFree(ecKey);
OpensslBnClearFree(outPriv);
return NULL;
}
OpensslBnClearFree(outPriv);
return ecKey;
}
static HcfResult ConvertSM2PemPubKey(int32_t curveId, const char *pubKeyStr, HcfOpensslSm2PubKey **returnPubKey)
{
EVP_PKEY *pkey = NULL;
const char *keyType = "SM2";
HcfResult ret = ConvertPubPemStrToKey(&pkey, keyType, EVP_PKEY_PUBLIC_KEY, pubKeyStr);
if (ret != HCF_SUCCESS) {
LOGE("Convert sm2 pem public key failed.");
return ret;
}
EC_KEY *ecKey = GetSm2EckeyformPubKey(pkey);
OpensslEvpPkeyFree(pkey);
if (ecKey == NULL) {
LOGE("Get sm2 ec pkey fail.");
HcfPrintOpensslError();
return HCF_ERR_CRYPTO_OPERATION;
}
ret = PackSm2PubKey(curveId, ecKey, g_sm2GenerateFieldType, returnPubKey);
if (ret != HCF_SUCCESS) {
LOGE("Create sm2 public key failed.");
OpensslEcKeyFree(ecKey);
return ret;
}
return HCF_SUCCESS;
}
static HcfResult ConvertSM2PemPriKey(int32_t curveId, const char *priKeyStr, HcfOpensslSm2PriKey **returnPriKey)
{
EVP_PKEY *pkey = NULL;
const char *keyType = "SM2";
HcfResult ret = ConvertPriPemStrToKey(priKeyStr, &pkey, keyType);
if (ret != HCF_SUCCESS) {
LOGE("Convert sm2 pem private key failed.");
return ret;
}
EC_KEY *ecKey = GetSm2EckeyformPriKey(pkey);
OpensslEvpPkeyFree(pkey);
if (ecKey == NULL) {
LOGE("Get sm2 ec pkey fail.");
HcfPrintOpensslError();
return HCF_ERR_CRYPTO_OPERATION;
}
ret = PackSm2PriKey(curveId, ecKey, g_sm2GenerateFieldType, returnPriKey);
if (ret != HCF_SUCCESS) {
LOGE("Create sm2 private key failed.");
OpensslEcKeyFree(ecKey);
return ret;
}
return HCF_SUCCESS;
}
static HcfResult EngineConvertSm2PemKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec *params, const char *pubKeyStr,
const char *priKeyStr, HcfKeyPair **returnKeyPair)
{
(void)params;
if ((self == NULL) || (returnKeyPair == NULL) || ((pubKeyStr == NULL) && (priKeyStr == NULL))) {
LOGE("Invalid input parameter.");
return HCF_INVALID_PARAMS;
}
if (!HcfIsClassMatch((HcfObjectBase *)self, self->base.getClass())) {
LOGE("Class not match.");
return HCF_INVALID_PARAMS;
}
HcfAsyKeyGeneratorSpiOpensslSm2Impl *impl = (HcfAsyKeyGeneratorSpiOpensslSm2Impl *)self;
HcfResult ret = HCF_SUCCESS;
HcfOpensslSm2PubKey *pubKey = NULL;
HcfOpensslSm2PriKey *priKey = NULL;
HcfOpensslSm2KeyPair *keyPair = NULL;
do {
if (pubKeyStr != NULL && strlen(pubKeyStr) != 0) {
ret = ConvertSM2PemPubKey(impl->curveId, pubKeyStr, &pubKey);
if (ret != HCF_SUCCESS) {
break;
}
}
if (priKeyStr != NULL && strlen(priKeyStr) != 0) {
ret = ConvertSM2PemPriKey(impl->curveId, priKeyStr, &priKey);
if (ret != HCF_SUCCESS) {
break;
}
}
ret = PackSm2KeyPair(pubKey, priKey, &keyPair);
} while (0);
if (ret != HCF_SUCCESS) {
LOGE("Convert sm2 keyPair failed.");
HcfObjDestroy(pubKey);
HcfObjDestroy(priKey);
return ret;
}
*returnKeyPair = (HcfKeyPair *)keyPair;
return HCF_SUCCESS;
}
static HcfResult PackAndAssignPubKey(const HcfAsyKeyGeneratorSpiOpensslSm2Impl *impl, const char *fieldType,
EC_KEY *ecKey, HcfPubKey **returnObj)
{
@ -1159,6 +1347,7 @@ HcfResult HcfAsyKeyGeneratorSpiSm2Create(HcfAsyKeyGenParams *params, HcfAsyKeyGe
returnImpl->base.base.getClass = GetSm2KeyPairGeneratorClass;
returnImpl->base.base.destroy = DestroySm2KeyPairGenerator;
returnImpl->base.engineConvertKey = EngineConvertSm2Key;
returnImpl->base.engineConvertPemKey = EngineConvertSm2PemKey;
returnImpl->base.engineGenerateKeyPair = EngineGenerateKeyPair;
returnImpl->base.engineGenerateKeyPairBySpec = EngineGenerateKeyPairBySpec;
returnImpl->base.engineGeneratePubKeyBySpec = EngineGeneratePubKeyBySpec;