mirror of
https://github.com/Ai-Thinker-Open/Ai-Thinker-Open_RTL8710BX_ALIOS_SDK.git
synced 2026-07-13 13:35:38 +00:00
rel_1.6.0 init
This commit is contained in:
commit
27b3e2883d
19359 changed files with 8093121 additions and 0 deletions
83
Living_SDK/security/alicrypto/libalicrypto/Makefile
Normal file
83
Living_SDK/security/alicrypto/libalicrypto/Makefile
Normal file
|
|
@ -0,0 +1,83 @@
|
|||
#
|
||||
# Copyright (C) 2017 The YunOS Project. All rights reserved.
|
||||
#
|
||||
|
||||
TOP := ../
|
||||
|
||||
#TOOLCHAIN_PRE := arm-none-eabi-
|
||||
#TOOLCHAIN_PRE := arm-linux-gnueabihf-
|
||||
TOOLCHAIN_PRE :=
|
||||
CC = $(TOOLCHAIN_PRE)gcc
|
||||
LD = $(TOOLCHAIN_PRE)ld
|
||||
AR = $(TOOLCHAIN_PRE)ar
|
||||
RANLIB = $(TOOLCHAIN_PRE)ranlib
|
||||
|
||||
LOCAL_DIR := .
|
||||
|
||||
CRYPT_TEST := N
|
||||
CRYPT_TYPE := MBED
|
||||
|
||||
LIB := $(TOP)/mbedtls/library/libmbedcrypto.a
|
||||
|
||||
CFLAGS = -Wall -g -O2 -I$(LOCAL_DIR)/mbed/inc -I$(LOCAL_DIR)/sw \
|
||||
-I$(LOCAL_DIR)/inc -I$(TOP)/mbedtls/include/mbedtls/ \
|
||||
-I$(TOP)/../yunos_iot/aos/include
|
||||
|
||||
ifeq ($(m32),1)
|
||||
CFLAGS += -m32
|
||||
endif
|
||||
|
||||
CFLAGS += -Wformat
|
||||
CFLAGS += -DCONFIG_CRYPT_MBED=1 -DCONFIG_DBG_CRYPT=1
|
||||
#-DCONFIG_NO_ALIOS=1
|
||||
|
||||
ifeq ($(gcov),1)
|
||||
CFLAGS += -fprofile-arcs -ftest-coverage
|
||||
LDFLAGS += --coverage
|
||||
endif
|
||||
|
||||
ifeq ($(CRYPT_TYPE), MBED)
|
||||
SRCS += \
|
||||
$(LOCAL_DIR)/mbed/cipher/aes.c \
|
||||
$(LOCAL_DIR)/mbed/hash/hash.c \
|
||||
$(LOCAL_DIR)/mbed/asym/rsa.c \
|
||||
$(LOCAL_DIR)/mbed/mac/hmac.c \
|
||||
|
||||
endif
|
||||
|
||||
ifeq ($(CRYPT_TEST), Y)
|
||||
#TEST_SRCS += $(LOCAL_DIR)/mbed/test/mbed_rsa_test.c
|
||||
TEST_SRCS += \
|
||||
$(LOCAL_DIR)/test/ali_crypto_test.c \
|
||||
$(LOCAL_DIR)/test/ali_crypto_test_comm.c \
|
||||
$(LOCAL_DIR)/test/ali_crypto_test_hash.c \
|
||||
$(LOCAL_DIR)/test/ali_crypto_test_rand.c \
|
||||
$(LOCAL_DIR)/test/ali_crypto_test_aes.c \
|
||||
$(LOCAL_DIR)/test/ali_crypto_test_rsa.c \
|
||||
$(LOCAL_DIR)/test/ali_crypto_test_hmac.c \
|
||||
|
||||
CFLAGS += -I$(LOCAL_DIR)/test/inc
|
||||
OUT_E := ali_crypto_test
|
||||
endif
|
||||
|
||||
SRCS += $(LOCAL_DIR)/sw/ali_crypto_rand.c
|
||||
CFLAGS += -I$(LOCAL_DIR)/sw/inc
|
||||
|
||||
SRCS += $(LOCAL_DIR)/ali_crypto.c
|
||||
OBJS := $(patsubst %.cxx,%.o,$(patsubst %.c,%.o,$(SRCS)))
|
||||
TEST_OBJS := $(patsubst %.cxx,%.o,$(patsubst %.c,%.o,$(TEST_SRCS)))
|
||||
OUT := libalicrypto.a
|
||||
|
||||
all: $(OUT_E) $(OUT) $(OBJS) $(TEST_OBJS)
|
||||
$(OUT): $(OBJS) $(LIB)
|
||||
$(AR) rc $(OUT) $(OBJS)
|
||||
$(RANLIB) $(OUT)
|
||||
$(OUT_E): $(OBJS) $(TEST_OBJS) $(LIB)
|
||||
$(CC) $(LDFLAGS) $(CFLAGS) $(LIB) $^ -o $@.elf
|
||||
$(CC) $(LDFLAGS) $(CFLAGS) $(LIB) $^ -o $@
|
||||
%.o: %.c
|
||||
echo $(CC) $(CFLAGS) $<
|
||||
$(CC) -c $(CFLAGS) $< -o $*.o
|
||||
|
||||
clean:
|
||||
rm -f $(OBJS) $(OUT_E) $(OUT_E).elf $(OUT) $(TEST_OBJS)
|
||||
51
Living_SDK/security/alicrypto/libalicrypto/ali_crypto.c
Normal file
51
Living_SDK/security/alicrypto/libalicrypto/ali_crypto.c
Normal file
|
|
@ -0,0 +1,51 @@
|
|||
/**
|
||||
* Copyright (C) 2016 The YunOS Project. All rights reserved.
|
||||
**/
|
||||
|
||||
#include "ali_crypto.h"
|
||||
|
||||
#if CONFIG_CRYPT_MBED
|
||||
#include "mbed_crypto.h"
|
||||
#endif
|
||||
|
||||
#if CONFIG_CRYPT_MBED
|
||||
ali_crypto_result mbed_crypto_init(void)
|
||||
{
|
||||
ali_crypto_result ret = ALI_CRYPTO_SUCCESS;
|
||||
#if defined(MBEDTLS_THREADING_ALT)
|
||||
//mbedtls_threading_set_alt(OSA_mutex_init, OSA_mutex_free, OSA_mutex_lock,
|
||||
// OSA_mutex_unlock);
|
||||
#endif
|
||||
/* TODO */
|
||||
return ret;
|
||||
}
|
||||
|
||||
void mbed_crypto_cleanup(void)
|
||||
{
|
||||
/* TODO */
|
||||
#if defined(MBEDTLS_THREADING_ALT)
|
||||
//mbedtls_threading_free_alt();
|
||||
#endif
|
||||
return;
|
||||
}
|
||||
#endif
|
||||
|
||||
ali_crypto_result ali_crypto_init(void)
|
||||
{
|
||||
ali_crypto_result ret = ALI_CRYPTO_SUCCESS;
|
||||
|
||||
#if CONFIG_CRYPT_MBED
|
||||
ret = mbed_crypto_init();
|
||||
#endif
|
||||
|
||||
return ret;
|
||||
}
|
||||
void ali_crypto_cleanup(void)
|
||||
{
|
||||
#if CONFIG_CRYPT_MBED
|
||||
mbed_crypto_cleanup();
|
||||
#endif
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
7
Living_SDK/security/alicrypto/libalicrypto/b.sh
Executable file
7
Living_SDK/security/alicrypto/libalicrypto/b.sh
Executable file
|
|
@ -0,0 +1,7 @@
|
|||
#!/bin/bash
|
||||
|
||||
make gcov=1
|
||||
./ali_crypto_test
|
||||
sudo lcov -c -b . -d ./mbed -d ./sw -o test.info
|
||||
genhtml test.info -o yos_test_report
|
||||
|
||||
762
Living_SDK/security/alicrypto/libalicrypto/inc/ali_crypto.h
Normal file
762
Living_SDK/security/alicrypto/libalicrypto/inc/ali_crypto.h
Normal file
|
|
@ -0,0 +1,762 @@
|
|||
/**
|
||||
* Copyright (C) 2016 The YunOS Project. All rights reserved.
|
||||
**/
|
||||
|
||||
/* Alibaba TEE Crypto API: version 1.1 */
|
||||
|
||||
#ifndef _ALI_CRYPTO_H_
|
||||
#define _ALI_CRYPTO_H_
|
||||
|
||||
#include "ali_crypto_types.h"
|
||||
|
||||
typedef enum _ali_crypto_result
|
||||
{
|
||||
ALI_CRYPTO_ERROR = (int)0xffff0000, /* Generic Error */
|
||||
ALI_CRYPTO_NOSUPPORT, /* Scheme not support */
|
||||
ALI_CRYPTO_INVALID_KEY, /* Invalid Key in asymmetric scheme: RSA/DSA/ECCP/DH
|
||||
etc */
|
||||
ALI_CRYPTO_INVALID_TYPE, /* Invalid
|
||||
aes_type/des_type/authenc_type/hash_type/cbcmac_type/cmac_type
|
||||
*/
|
||||
ALI_CRYPTO_INVALID_CONTEXT, /* Invalid context in multi-thread
|
||||
cipher/authenc/mac/hash etc */
|
||||
ALI_CRYPTO_INVALID_PADDING, /* Invalid
|
||||
sym_padding/rsassa_padding/rsaes_padding */
|
||||
ALI_CRYPTO_INVALID_AUTHENTICATION, /* Invalid authentication in
|
||||
AuthEnc(AES-CCM/AES-GCM)/asymmetric
|
||||
verify(RSA/DSA/ECCP DSA) */
|
||||
ALI_CRYPTO_INVALID_ARG, /* Invalid arguments */
|
||||
ALI_CRYPTO_INVALID_PACKET, /* Invalid packet in asymmetric enc/dec(RSA) */
|
||||
ALI_CRYPTO_LENGTH_ERR, /* Invalid Length in arguments */
|
||||
ALI_CRYPTO_OUTOFMEM, /* Memory alloc NULL */
|
||||
ALI_CRYPTO_SHORT_BUFFER, /* Output buffer is too short to store result */
|
||||
ALI_CRYPTO_NULL, /* NULL pointer in arguments */
|
||||
ALI_CRYPTO_ERR_STATE, /* Bad state in mulit-thread cipher/authenc/mac/hash
|
||||
etc */
|
||||
ALI_CRYPTO_SUCCESS = 0, /* Success */
|
||||
} ali_crypto_result;
|
||||
|
||||
#define AES_BLOCK_SIZE \
|
||||
16 /* don't change this value,since AES only support 16 byte block size */
|
||||
#define AES_IV_SIZE 16
|
||||
#define DES_BLOCK_SIZE 8
|
||||
#define DES_IV_SIZE 8
|
||||
|
||||
typedef enum _sym_padding_t
|
||||
{
|
||||
SYM_NOPAD = 0,
|
||||
SYM_PKCS5_PAD = 1,
|
||||
SYM_ZERO_PAD = 2,
|
||||
} sym_padding_t;
|
||||
|
||||
typedef enum _aes_type_t
|
||||
{
|
||||
AES_ECB = 0,
|
||||
AES_CBC = 1,
|
||||
AES_CTR = 2,
|
||||
AES_CTS = 3,
|
||||
AES_XTS = 4,
|
||||
AES_CFB8 = 6,
|
||||
AES_CFB128 = 7,
|
||||
} aes_type_t;
|
||||
|
||||
typedef enum _des_type_t
|
||||
{
|
||||
DES_ECB = 0,
|
||||
DES_CBC = 1,
|
||||
DES3_ECB = 2,
|
||||
DES3_CBC = 3,
|
||||
} des_type_t;
|
||||
|
||||
typedef enum _authenc_type_t
|
||||
{
|
||||
AES_CCM = 0,
|
||||
AES_GCM = 1,
|
||||
} authenc_type_t;
|
||||
|
||||
typedef enum _hash_type_t
|
||||
{
|
||||
HASH_NONE = 0,
|
||||
SHA1 = 1,
|
||||
SHA224 = 2,
|
||||
SHA256 = 3,
|
||||
SHA384 = 4,
|
||||
SHA512 = 5,
|
||||
MD5 = 6,
|
||||
} hash_type_t;
|
||||
|
||||
enum
|
||||
{
|
||||
MD5_HASH_SIZE = 16,
|
||||
SHA1_HASH_SIZE = 20,
|
||||
SHA224_HASH_SIZE = 28,
|
||||
SHA256_HASH_SIZE = 32,
|
||||
SHA384_HASH_SIZE = 48,
|
||||
SHA512_HASH_SIZE = 64,
|
||||
MAX_HASH_SIZE = 64,
|
||||
};
|
||||
|
||||
#define HASH_SIZE(type) \
|
||||
(((type) == SHA1) \
|
||||
? (SHA1_HASH_SIZE) \
|
||||
: (((type) == SHA224) \
|
||||
? (SHA224_HASH_SIZE) \
|
||||
: (((type) == SHA256) \
|
||||
? (SHA256_HASH_SIZE) \
|
||||
: (((type) == SHA384) \
|
||||
? (SHA384_HASH_SIZE) \
|
||||
: (((type) == SHA512) \
|
||||
? (SHA512_HASH_SIZE) \
|
||||
: (((type) == MD5) ? (MD5_HASH_SIZE) : (0)))))))
|
||||
|
||||
typedef enum _cbcmac_type_t
|
||||
{
|
||||
AESCBCMAC = 0,
|
||||
DESCBCMAC = 1,
|
||||
DES3CBCMAC = 2,
|
||||
} cbcmac_type_t;
|
||||
|
||||
typedef enum _cmac_type_t
|
||||
{
|
||||
AESCMAC = 0,
|
||||
} cmac_type_t;
|
||||
|
||||
typedef enum _rsa_key_attr_t
|
||||
{
|
||||
RSA_MODULUS = 0x130,
|
||||
RSA_PUBLIC_EXPONENT = 0x230,
|
||||
RSA_PRIVATE_EXPONENT = 0x330,
|
||||
RSA_PRIME1 = 0x430,
|
||||
RSA_PRIME2 = 0x530,
|
||||
RSA_EXPONENT1 = 0x630,
|
||||
RSA_EXPONENT2 = 0x730,
|
||||
RSA_COEFFICIENT = 0x830,
|
||||
} rsa_key_attr_t;
|
||||
|
||||
typedef enum _dh_key_attr_t
|
||||
{
|
||||
DH_PRIME = 0x140,
|
||||
DH_BASE = 0x240,
|
||||
DH_PRIVATE = 0x340,
|
||||
DH_PUBLIC = 0x440,
|
||||
DH_SUBPRIME = 0x540,
|
||||
DH_X_BITS = 0x640,
|
||||
} dh_key_attr_t;
|
||||
|
||||
typedef enum _dsa_key_attr_t
|
||||
{
|
||||
DSA_PRIME = 0x150,
|
||||
DSA_SUBPRIME = 0x250,
|
||||
DSA_BASE = 0x350,
|
||||
DSA_PRIVATE = 0x450,
|
||||
DSA_PUBLIC = 0x550,
|
||||
} dsa_key_attr_t;
|
||||
|
||||
typedef enum _rsa_pad_type_t
|
||||
{
|
||||
RSA_NOPAD = 0,
|
||||
|
||||
/* encrypt */
|
||||
RSAES_PKCS1_V1_5 = 10,
|
||||
RSAES_PKCS1_OAEP_MGF1 = 11,
|
||||
|
||||
/* sign */
|
||||
RSASSA_PKCS1_V1_5 = 20,
|
||||
RSASSA_PKCS1_PSS_MGF1 = 21,
|
||||
} rsa_pad_type_t;
|
||||
|
||||
typedef struct _rsa_padding_t
|
||||
{
|
||||
rsa_pad_type_t type;
|
||||
union
|
||||
{
|
||||
struct
|
||||
{
|
||||
hash_type_t type;
|
||||
} rsaes_oaep;
|
||||
struct
|
||||
{
|
||||
hash_type_t type; /* md5/sha1/sha224/sha256/sha384/sha512 */
|
||||
} rsassa_v1_5;
|
||||
struct
|
||||
{
|
||||
hash_type_t type; /* sha1/sha224/sha256/sha384/sha512 */
|
||||
size_t salt_len;
|
||||
} rsassa_pss;
|
||||
} pad;
|
||||
} rsa_padding_t;
|
||||
|
||||
typedef enum _dsa_padding_t
|
||||
{
|
||||
DSA_SHA1 = 0,
|
||||
DSA_SHA224 = 1,
|
||||
DSA_SHA256 = 2,
|
||||
} dsa_padding_t;
|
||||
|
||||
enum
|
||||
{
|
||||
CRYPTO_STATUS_CLEAN = 0,
|
||||
CRYPTO_STATUS_INITIALIZED = 1,
|
||||
CRYPTO_STATUS_PROCESSING = 2,
|
||||
CRYPTO_STATUS_FINISHED = 3,
|
||||
};
|
||||
|
||||
/* internal data types */
|
||||
typedef struct __rsa_keypair rsa_keypair_t;
|
||||
typedef struct __rsa_pubkey rsa_pubkey_t;
|
||||
|
||||
typedef struct __dsa_keypair dsa_keypair_t;
|
||||
typedef struct __dsa_pubkey dsa_pubkey_t;
|
||||
|
||||
typedef struct __dh_keypair dh_keypair_t;
|
||||
typedef struct __dh_pubkey dh_pubkey_t;
|
||||
|
||||
typedef struct __ecc_keypair ecc_keypair_t;
|
||||
typedef struct __ecc_pubkey ecc_pubkey_t;
|
||||
|
||||
/********************************************************************/
|
||||
/* SYM */
|
||||
/********************************************************************/
|
||||
|
||||
/*
|
||||
* type[in]: must be AES_ECB/AES_CBC/AES_CTR/AES_CTS/AES_XTS
|
||||
* size[out]: check size != NULL
|
||||
* -- caller will alloc "size" memory as context buffer later
|
||||
*/
|
||||
ali_crypto_result ali_aes_get_ctx_size(aes_type_t type, size_t *size);
|
||||
|
||||
/*
|
||||
* type[in]: must be AES_ECB/AES_CBC/AES_CTR/AES_CTS/AES_XTS
|
||||
* is_enc[in]: [true] for encrypt, [false] for decrypt
|
||||
* key1[in]: the encrypt key
|
||||
* key2[in]: the tweak encrypt key for XTS mode
|
||||
* keybytes[in]: the key length of the keys(each) in bytes, should be
|
||||
* 16/24/32 bytes iv[in]: only valid for
|
||||
* AES_CBC/AES_CTR/AES_CTS/AES_XTS
|
||||
* -- function can read 16 bytes from this address as the
|
||||
* internal iv context[in/out]: caller allocated memory used as internal
|
||||
* context, which size is got through ali_aes_get_ctx_size
|
||||
* -- [in]: status of context should be CLEAN or FINISHED
|
||||
* -- [out]: status of context is changed to INITIALIZED
|
||||
*/
|
||||
ali_crypto_result ali_aes_init(aes_type_t type, bool is_enc,
|
||||
const uint8_t *key1, const uint8_t *key2,
|
||||
size_t keybytes, const uint8_t *iv,
|
||||
void *context);
|
||||
|
||||
/*
|
||||
* src[in]: plaintext for encrypt, ciphertext for decrypt
|
||||
* dst[out]: ciphertext for encrypt, plaintext for decrypt
|
||||
* size[in]: the number of bytes to process
|
||||
* -- ECB/CBC/CTS/XTS, must be multiple of the cipher block
|
||||
* size
|
||||
* -- CTR, any positive integer
|
||||
* context[in/out]: internal context
|
||||
* -- [in]: status of context should be INITED or PROCESSING
|
||||
* -- [out]: status of context is changed to PROCESSING
|
||||
*/
|
||||
ali_crypto_result ali_aes_process(const uint8_t *src, uint8_t *dst, size_t size,
|
||||
void *context);
|
||||
|
||||
/*
|
||||
* src[in]: source data, plaintext for encrypt/ciphertext for decrypt
|
||||
* -- may be NULL, which identify that no input data, only
|
||||
* terminate crypto src_size[in]: the number of bytes to process, src_size
|
||||
* == 0 if src == NULL
|
||||
* -- encrypt: SYM_NOPAD - must be multiple of the cipher
|
||||
* block size
|
||||
* -- decrypt: ECB/CBC - must be multiple of the cipher
|
||||
* block size dst[out]: destination data, which is used to save
|
||||
* processed data
|
||||
* -- may be NULL if no input src data(src == NULL &&
|
||||
* src_size == 0)
|
||||
* -- ciphertext for encrypt, plaintext for decrypt
|
||||
* -- if no SYM_NOPAD, should remove padding data
|
||||
* accordingly dst_size[in/out]: the length of processed data, may be NULL if
|
||||
* dst == NULL
|
||||
* -- [in]: buffer size
|
||||
* -- [out]: the actual encrypted/decrypted data size
|
||||
* padding[in]: padding type for aes mode
|
||||
* -- ECB/CBC: only support SYM_NOPAD
|
||||
* -- CTR/CTS/XTS: padding is ignored
|
||||
* context[in/out]: internal context
|
||||
* -- [in]: status of context should be INITED or
|
||||
* PROCESSING
|
||||
* -- [out]: status of context is changed to FINISHED
|
||||
*/
|
||||
ali_crypto_result ali_aes_finish(const uint8_t *src, size_t src_size,
|
||||
uint8_t *dst, size_t *dst_size,
|
||||
sym_padding_t padding, void *context);
|
||||
|
||||
ali_crypto_result ali_aes_reset(void *context);
|
||||
ali_crypto_result ali_aes_copy_context(void *dst_ctx, void *src_ctx);
|
||||
/* des include des3 */
|
||||
/*
|
||||
type: must be DES_ECB/DES_CBC/DES3_ECB/DES3_CBC
|
||||
size: check size != NULL
|
||||
*/
|
||||
ali_crypto_result ali_des_get_ctx_size(des_type_t type, size_t *size);
|
||||
|
||||
/*
|
||||
type: must be DES_ECB/DES_CBC/DES3_ECB/DES3_CBC
|
||||
is_enc: [true] for encrypt, [false] for decrypt.
|
||||
key: function will read 'keybytes' of data as key.
|
||||
keybytes: for DES_ECB/DES_CBC, must be 64.
|
||||
for DES3_ECB/DES3_CBC, must be 128 or 192.
|
||||
iv: for DES_ECB/DES3_ECB: must be NULL.
|
||||
for DES_CBC/DES3_CBC: function will read 8 bytes as algo iv.
|
||||
context: function will use size which return from function
|
||||
'ali_des_get_ctx_size' as internal context. function will check the [status[ of
|
||||
'context', must be CLEAN or FINISH. function will initialize the [status] of
|
||||
'context' to INIT. function will save the 'type', 'is_enc', or maybe 'iv',
|
||||
'key', 'keybytes' in 'context'. function will initialize the 'context' to a
|
||||
valid context.
|
||||
*/
|
||||
ali_crypto_result ali_des_init(des_type_t type, bool is_enc, const uint8_t *key,
|
||||
size_t keybytes, const uint8_t *iv,
|
||||
void *context);
|
||||
|
||||
/*
|
||||
src: function will read 'size' of data from this area as source data.
|
||||
MUST be NULL if 'size' is 0
|
||||
dst: function will write 'size' of data to this area as destination data.
|
||||
MUST be NULL if 'size' is 0
|
||||
size: the length of source data.
|
||||
must be multiple of 8 bytes. or 0.
|
||||
if size == 0, src MUST be NULL, dst MUST be NULL, return
|
||||
TEE_SUCCESS. context: function will use size which return from function
|
||||
'ali_des_get_ctx_size' as internal context. function will check it is a valid
|
||||
context. function will check the [status] of 'context', must be INIT or PROCESS.
|
||||
function will change the [status] of 'context' to PROCESS.
|
||||
function will do encrypt or decrypt indicated by the content in
|
||||
'context'.
|
||||
*/
|
||||
ali_crypto_result ali_des_process(const uint8_t *src, uint8_t *dst, size_t size,
|
||||
void *context);
|
||||
/*
|
||||
src: function will read 'src_size' of data from this area as source data.
|
||||
MUST be NULL if 'src_size' is 0.
|
||||
src_size: the length of source data. this have different rules for differnt
|
||||
'type' and 'padding'. a. for 'padding' is SYM_NOPAD: a.1 MUST be multiple of 16
|
||||
bytes. or 0. b. for other 'padding': b.1 can be any integer or 0. if 'src_size'
|
||||
== 0, 'src' MUST be NULL, 'dst' MUST be NULL, and this function will reaturn
|
||||
SUCCESS. dst: function will write certain length which is retuned by
|
||||
'dst_size' of data to this area as destination data. MUST be NULL if 'size' is 0
|
||||
dst_size: function will wirte some integer to this area to indicate the length
|
||||
of destination data. the return value depends on 'src_size' and 'padding' a.1
|
||||
for 'padding' is SYM_NOPAD, dst_size is equal to src_size. a.2 for other
|
||||
'padding', 'dst_size' is 16 bytes align up of 'src_size'. padding: the
|
||||
padding type of finish. can be anyone of SYM_NOPAD/SYM_PKCS5_PAD/SYM_ZERO_PAD.
|
||||
context: function will use size which return from function
|
||||
'ali_des_get_ctx_size' as internal context. function will check it is a valid
|
||||
context. function will check the [status] of 'context', must be INIT or PROCESS.
|
||||
function will change the [status] of 'context' to FINISH.
|
||||
function will do encrypt or decrypt indicated by the content in
|
||||
'context'. function MUST clean the content of context before this fucntion
|
||||
return.
|
||||
*/
|
||||
ali_crypto_result ali_des_finish(const uint8_t *src, size_t src_size,
|
||||
uint8_t *dst, size_t *dst_size,
|
||||
sym_padding_t padding, void *context);
|
||||
|
||||
ali_crypto_result ali_des_reset(void *context);
|
||||
ali_crypto_result ali_des_copy_context(void *dst_ctx, void *src_ctx);
|
||||
|
||||
/********************************************************************/
|
||||
/* Authenticated Encryption */
|
||||
/********************************************************************/
|
||||
/*
|
||||
type: MUST be AES_CCM/AES_GCM
|
||||
size: check size != NULL
|
||||
*/
|
||||
ali_crypto_result ali_authenc_get_ctx_size(authenc_type_t type, size_t *size);
|
||||
/*
|
||||
type: MUST be AES_CCM/AES_GCM
|
||||
is_enc: [true] for encrypt, [false] for decrypt.
|
||||
key: function will read 'keybytes' of data as key.
|
||||
keybytes: MUST be 16(128 bits)/24(256 bits)/32(512 bits).
|
||||
nonce: the operation 'nonce' for AES_CCM, the IV of AES_GCM.
|
||||
function will read 'nonce_len' of data as nonce or IV.
|
||||
nonce_len: the nonce length for AES_CCM, the IV length for AES_GCM.
|
||||
tag_len: the tag byte length.
|
||||
payload_len: only valid for AES_CCM, the payload length. Ignore for AES_GCM.
|
||||
aad_len: only valid for AES_CCM, the aad length. Ignore for AES_GCM.
|
||||
context: function will use size which return from function
|
||||
'ali_authenc_get_ctx_size' as internal context. function will check the [status]
|
||||
of 'context', must be CLEAN or FINISH. function will initialize the [status] of
|
||||
'context' to INIT. function will save the 'type', 'is_enc', or maybe 'nonce',
|
||||
'nonce_len', 'tag_len', 'payload_len', 'aad_len' in 'context'. function will
|
||||
initialize the 'context' to a valid context.
|
||||
*/
|
||||
ali_crypto_result ali_authenc_init(authenc_type_t type, bool is_enc,
|
||||
const uint8_t *key, size_t keybytes,
|
||||
const uint8_t *nonce, size_t nonce_len,
|
||||
size_t tag_len,
|
||||
size_t payload_len, /* valid only in CCM */
|
||||
size_t aad_len, /* valid only in CCM */
|
||||
void * context);
|
||||
/*
|
||||
aad: the address of aad.
|
||||
function will read 'aad_size' of data from this address as aad.
|
||||
aad_size: the length in bytes of aad.
|
||||
for AES_CCM:
|
||||
the total summary of 'aad_size' of multiple calling this
|
||||
function MUST equal to the 'aad_len' parameter in ali_authenc_init. context:
|
||||
function will use size which return from function 'ali_authenc_get_ctx_size' as
|
||||
internal context. function will check it is a valid context. function will check
|
||||
the [status] of 'context', must be INIT or UPDATE_AAD. function will change the
|
||||
[status] of 'context' to UPDATE_AAD.
|
||||
*/
|
||||
ali_crypto_result ali_authenc_update_aad(const uint8_t *aad, size_t aad_size,
|
||||
void *context);
|
||||
/*
|
||||
|
||||
src: function will read 'size' of data from this area as source data.
|
||||
MUST be NULL if 'size' is 0
|
||||
dst: function will write 'size' of data to this area as destination data.
|
||||
MUST be NULL if 'size' is 0
|
||||
size: the length of source data, can be any integer or 0.
|
||||
for AES_CCM.
|
||||
the total summary of 'size' of multiple calling this function
|
||||
MUST equal to the 'payload_len' parameter in ali_authenc_init. context: function
|
||||
will use size which return from function 'ali_authenc_get_ctx_size' as internal
|
||||
context. function will check it is a valid context. function will check the
|
||||
[status] of 'context', must be UPDATE_AAD or PROCESS. function will change the
|
||||
[status] of 'context' to PROCESS. function will do encrypt or decrypt indicated
|
||||
by the content in 'context'.
|
||||
*/
|
||||
ali_crypto_result ali_authenc_process(const uint8_t *src, uint8_t *dst,
|
||||
size_t size, void *context);
|
||||
/*
|
||||
src: function will read 'size' of data from this area as source data.
|
||||
MUST be NULL if 'src_size' is 0.
|
||||
src_size: the length of source data.
|
||||
if 'src_size' == 0, 'src' MUST be NULL, 'dst' MUST be NULL, and this
|
||||
function will reaturn SUCCESS. dst: function will write certain length
|
||||
which is retuned by 'dst_size' of data to this area as destination data. MUST be
|
||||
NULL if 'size' is 0 dst_size: function will wirte some integer to this area to
|
||||
indicate the length of destination data. tag: the tag returned by ae
|
||||
encrypt. tag_len: the tag length. context: function will use size which
|
||||
return from function 'ali_authenc_get_ctx_size' as internal context. function
|
||||
will check it is a valid context. function will check the [status] of 'context',
|
||||
must be UPDATE_AAD or PROCESS. function will change the [status] of 'context' to
|
||||
FINISH. the 'is_enc' indicated by the content in 'context' MUST be ture.
|
||||
function will do encrypt or decrypt indicated by the content in
|
||||
'context'. function MUST clean the content of context before this fucntion
|
||||
return.
|
||||
*/
|
||||
ali_crypto_result ali_authenc_enc_finish(const uint8_t *src, size_t src_size,
|
||||
uint8_t *dst, size_t *dst_size,
|
||||
uint8_t *tag, size_t *tag_len,
|
||||
void *context);
|
||||
/*
|
||||
src: function will read 'size' of data from this area as source data.
|
||||
MUST be NULL if 'src_size' is 0.
|
||||
src_size: the length of source data.
|
||||
if 'src_size' == 0, 'src' MUST be NULL, 'dst' MUST be NULL, and this
|
||||
function will reaturn SUCCESS. dst: function will write certain length
|
||||
which is retuned by 'dst_size' of data to this area as destination data. MUST be
|
||||
NULL if 'size' is 0 dst_size: function will wirte some integer to this area to
|
||||
indicate the length of destination data. tag: the tag parameter. function
|
||||
will read 'tag_len' of data from this address as the decrypt tag. tag_len: the
|
||||
tag length. context: function will use size which return from function
|
||||
'ali_authenc_get_ctx_size' as internal context. function will check it is a
|
||||
valid context. function will check the [status] of 'context', must be UPDATE_AAD
|
||||
or PROCESS. function will change the [status] of 'context' to FINISH. the
|
||||
'is_enc' indicated by the content in 'context' MUST be false. function will do
|
||||
encrypt or decrypt indicated by the content in 'context'. function MUST clean
|
||||
the content of context before this fucntion return.
|
||||
*/
|
||||
ali_crypto_result ali_authenc_dec_finish(const uint8_t *src, size_t src_size,
|
||||
uint8_t *dst, size_t *dst_size,
|
||||
const uint8_t *tag, size_t tag_len,
|
||||
void *context);
|
||||
ali_crypto_result ali_authenc_reset(void *context);
|
||||
ali_crypto_result ali_authenc_copy_context(void *dst_ctx, void *src_ctx);
|
||||
/********************************************************************/
|
||||
/* HASH */
|
||||
/********************************************************************/
|
||||
ali_crypto_result ali_hash_get_ctx_size(hash_type_t type, size_t *size);
|
||||
ali_crypto_result ali_hash_init(hash_type_t type, void *context);
|
||||
ali_crypto_result ali_hash_update(const uint8_t *src, size_t size,
|
||||
void *context);
|
||||
ali_crypto_result ali_hash_final(uint8_t *dgst, void *context);
|
||||
ali_crypto_result ali_hash_reset(void *context);
|
||||
ali_crypto_result ali_hash_copy_context(void *dst_ctx, void *src_ctx);
|
||||
|
||||
ali_crypto_result ali_hash_digest(hash_type_t type, const uint8_t *src,
|
||||
size_t size, uint8_t *dgst);
|
||||
|
||||
/********************************************************************/
|
||||
/* MAC */
|
||||
/********************************************************************/
|
||||
/* hmac */
|
||||
ali_crypto_result ali_hmac_get_ctx_size(hash_type_t type, size_t *size);
|
||||
ali_crypto_result ali_hmac_init(hash_type_t type, const uint8_t *key,
|
||||
size_t keybytes, void *context);
|
||||
ali_crypto_result ali_hmac_update(const uint8_t *src, size_t size,
|
||||
void *context);
|
||||
ali_crypto_result ali_hmac_final(uint8_t *dgst, void *context);
|
||||
ali_crypto_result ali_hmac_reset(void *context);
|
||||
ali_crypto_result ali_hmac_copy_context(void *dst_ctx, void *src_ctx);
|
||||
ali_crypto_result ali_hmac_digest(hash_type_t type, const uint8_t *key,
|
||||
size_t keybytes, const uint8_t *src,
|
||||
size_t size, uint8_t *dgst);
|
||||
|
||||
/* cbcmac */
|
||||
ali_crypto_result ali_cbcmac_get_ctx_size(cbcmac_type_t type, size_t *size);
|
||||
ali_crypto_result ali_cbcmac_init(cbcmac_type_t type, const uint8_t *key,
|
||||
size_t keybytes, void *context);
|
||||
ali_crypto_result ali_cbcmac_update(const uint8_t *src, size_t size,
|
||||
void *context);
|
||||
ali_crypto_result ali_cbcmac_final(sym_padding_t padding, uint8_t *dgst,
|
||||
void *context);
|
||||
ali_crypto_result ali_cbcmac_reset(void *context);
|
||||
ali_crypto_result ali_cbcmac_copy_context(void *dst_ctx, void *src_ctx);
|
||||
ali_crypto_result ali_cbcmac_digest(cbcmac_type_t type, const uint8_t *key,
|
||||
size_t keybytes, const uint8_t *src,
|
||||
size_t size, sym_padding_t padding,
|
||||
uint8_t *dgst);
|
||||
|
||||
/* cmac */
|
||||
ali_crypto_result ali_cmac_get_ctx_size(cmac_type_t type, size_t *size);
|
||||
ali_crypto_result ali_cmac_init(cmac_type_t type, const uint8_t *key,
|
||||
size_t keybytes, void *context);
|
||||
ali_crypto_result ali_cmac_update(const uint8_t *src, size_t size,
|
||||
void *context);
|
||||
ali_crypto_result ali_cmac_final(sym_padding_t padding, uint8_t *dgst,
|
||||
void *context);
|
||||
ali_crypto_result ali_cmac_reset(void *context);
|
||||
ali_crypto_result ali_cmac_copy_context(void *dst_ctx, void *src_ctx);
|
||||
ali_crypto_result ali_cmac_digest(cmac_type_t type, const uint8_t *key,
|
||||
size_t keybytes, const uint8_t *src,
|
||||
size_t size, sym_padding_t padding,
|
||||
uint8_t *dgst);
|
||||
|
||||
/********************************************************************/
|
||||
/* ASYM */
|
||||
/********************************************************************/
|
||||
/* RSA */
|
||||
/*
|
||||
* e: Public exponent
|
||||
* d: Private exponent
|
||||
* n: Modulus
|
||||
*
|
||||
* Optional CRT parameters
|
||||
* p, q: N = pq
|
||||
* qp: 1/q mod p
|
||||
* dp: d mod (p-1)
|
||||
* dq: d mod (q-1)
|
||||
*/
|
||||
|
||||
/*
|
||||
* keybits[in]: key length in bits
|
||||
* size[out]: total size in bytes of rsa keypair
|
||||
*/
|
||||
ali_crypto_result ali_rsa_get_keypair_size(size_t keybits, size_t *size);
|
||||
|
||||
/*
|
||||
* keybits[in]: key length in bits
|
||||
* size[out]: total size in bytes of rsa public key
|
||||
*/
|
||||
ali_crypto_result ali_rsa_get_pubkey_size(size_t keybits, size_t *size);
|
||||
|
||||
/*
|
||||
* Initialize RSA keypair
|
||||
*
|
||||
* keybits[in]: rsa keypair length in bits
|
||||
* n/n_size[in]: rsa modulus data and size in bytes
|
||||
* e/e_size[in]: rsa public exponent data and size in bytes
|
||||
* d/d_size[in]: rsa private exponent data and size in bytes
|
||||
* p/p_size[in]: rsa prime1 data and size in bits, may be NULL/0
|
||||
* q/q_size[in]: rsa prime2 data and size in bits, may be NULL/0
|
||||
* dp/dp_size[in]: rsa exponent2 data and size in bits, may be NULL/0
|
||||
* dq/dq_size[in]: rsa exponent2 data and size in bits, may be NULL/0
|
||||
* dq/dq_size[in]: rsa coefficient data and size in bits, may be NULL/0
|
||||
* keypair[out]: output buffer, which is used to save initialized rsa key pair
|
||||
*/
|
||||
ali_crypto_result ali_rsa_init_keypair(
|
||||
size_t keybits, const uint8_t *n, size_t n_size, const uint8_t *e,
|
||||
size_t e_size, const uint8_t *d, size_t d_size, const uint8_t *p,
|
||||
size_t p_size, const uint8_t *q, size_t q_size, const uint8_t *dp,
|
||||
size_t dp_size, const uint8_t *dq, size_t dq_size, const uint8_t *qp,
|
||||
size_t qp_size, rsa_keypair_t *keypair);
|
||||
|
||||
/*
|
||||
* Initialize RSA public key
|
||||
*
|
||||
* keybits[in]: rsa key length in bits
|
||||
* n/n_size[in]: rsa modulus data and size in bytes
|
||||
* e/e_size[in]: rsa public exponent data and size in bytes
|
||||
* pubkey[out]: output buffer, which is used to save initialized rsa public
|
||||
* key
|
||||
*/
|
||||
ali_crypto_result ali_rsa_init_pubkey(size_t keybits, const uint8_t *n,
|
||||
size_t n_size, const uint8_t *e,
|
||||
size_t e_size, rsa_pubkey_t *pubkey);
|
||||
|
||||
/*
|
||||
* Generate RSA keypair
|
||||
*
|
||||
* keybits[in]: rsa key length in bits
|
||||
* e[in]: optional, public exponent
|
||||
* e_size[in]: optional, public exponent size in bytes
|
||||
* keypair[out]: output buffer, which is used to save generated rsa key pair
|
||||
*/
|
||||
ali_crypto_result ali_rsa_gen_keypair(size_t keybits, const uint8_t *e,
|
||||
size_t e_size, rsa_keypair_t *keypair);
|
||||
|
||||
/*
|
||||
* Get key attribute
|
||||
*
|
||||
* attr[in]: rsa key attribute ID
|
||||
* keypair[in]: rsa keypair buffer
|
||||
* buffer[out]: buffer, which is used to save required attribute
|
||||
* size[in/out]: buffer max size and key attribute actual size in bytes
|
||||
*/
|
||||
ali_crypto_result ali_rsa_get_key_attr(rsa_key_attr_t attr,
|
||||
rsa_keypair_t *keypair, void *buffer,
|
||||
size_t *size);
|
||||
|
||||
ali_crypto_result ali_rsa_public_encrypt(const rsa_pubkey_t *pub_key,
|
||||
const uint8_t *src, size_t src_size,
|
||||
uint8_t *dst, size_t *dst_size,
|
||||
rsa_padding_t padding);
|
||||
ali_crypto_result ali_rsa_private_decrypt(const rsa_keypair_t *priv_key,
|
||||
const uint8_t *src, size_t src_size,
|
||||
uint8_t *dst, size_t *dst_size,
|
||||
rsa_padding_t padding);
|
||||
|
||||
/*
|
||||
* dig[in]: the digest to sign
|
||||
* dig_size[in]: the length of the digest to sign (byte)
|
||||
* sig[out]: the signature data
|
||||
* sig_size[in/out]: the buffer size and resulting size of signature
|
||||
*/
|
||||
ali_crypto_result ali_rsa_sign(const rsa_keypair_t *priv_key,
|
||||
const uint8_t *dig, size_t dig_size,
|
||||
uint8_t *sig, size_t *sig_size,
|
||||
rsa_padding_t padding);
|
||||
|
||||
/*
|
||||
* dig[in]: the digest of message that was signed
|
||||
* dig_size[in]: the digest size in bytes
|
||||
* sig[in]: the signature data
|
||||
* sig_size[in]: the length of the signature data (byte)
|
||||
*/
|
||||
ali_crypto_result ali_rsa_verify(const rsa_pubkey_t *pub_key,
|
||||
const uint8_t *dig, size_t dig_size,
|
||||
const uint8_t *sig, size_t sig_size,
|
||||
rsa_padding_t padding, bool *result);
|
||||
|
||||
/* DSA sign/verify */
|
||||
/*
|
||||
g: Generator of subgroup (public)
|
||||
p: Prime number (public)
|
||||
q: Order of subgroup (public)
|
||||
y: Public key
|
||||
x: Private key
|
||||
*/
|
||||
ali_crypto_result ali_dsa_get_keypair_size(size_t keybits, size_t *size);
|
||||
ali_crypto_result ali_dsa_get_pubkey_size(size_t keybits, size_t *size);
|
||||
ali_crypto_result ali_dsa_init_keypair(size_t keybits, const uint8_t *g,
|
||||
size_t g_size, const uint8_t *p,
|
||||
size_t p_size, const uint8_t *q,
|
||||
size_t q_size, const uint8_t *y,
|
||||
size_t y_size, const uint8_t *x,
|
||||
size_t x_size, dsa_keypair_t *keypair);
|
||||
ali_crypto_result ali_dsa_init_pubkey(size_t keybits, const uint8_t *g,
|
||||
size_t g_size, const uint8_t *p,
|
||||
size_t p_size, const uint8_t *q,
|
||||
size_t q_size, const uint8_t *y,
|
||||
size_t y_size, dsa_pubkey_t *pubkey);
|
||||
ali_crypto_result ali_dsa_gen_keypair(size_t keybit, const uint8_t *g,
|
||||
size_t g_size, const uint8_t *p,
|
||||
size_t p_size, const uint8_t *q,
|
||||
size_t q_size, dsa_keypair_t *keypair);
|
||||
ali_crypto_result ali_dsa_sign(const dsa_keypair_t *priv_key,
|
||||
const uint8_t *src, size_t src_size,
|
||||
uint8_t *signature, size_t *sig_size,
|
||||
dsa_padding_t padding);
|
||||
ali_crypto_result ali_dsa_verify(const dsa_pubkey_t *pub_key,
|
||||
const uint8_t *src, size_t src_size,
|
||||
const uint8_t *signature, size_t sig_size,
|
||||
dsa_padding_t padding, bool *result);
|
||||
|
||||
ali_crypto_result ali_dsa_get_key_attr(dsa_key_attr_t attr,
|
||||
dsa_keypair_t *keypair, void *buffer,
|
||||
uint32_t *size);
|
||||
|
||||
/* DH derive shared secret */
|
||||
/*
|
||||
g: Generator of Z_p
|
||||
p: Prime modulus
|
||||
y: Public key
|
||||
x: Private key
|
||||
q: Optional
|
||||
xbits: Optional
|
||||
*/
|
||||
ali_crypto_result ali_dh_get_keypair_size(size_t keybits, size_t *size);
|
||||
ali_crypto_result ali_dh_get_pubkey_size(size_t keybits, size_t *size);
|
||||
ali_crypto_result ali_dh_init_keypair(size_t keybits, const uint8_t *g,
|
||||
size_t g_size, const uint8_t *p,
|
||||
size_t p_size, const uint8_t *y,
|
||||
size_t y_size, const uint8_t *x,
|
||||
size_t x_size, const uint8_t *q,
|
||||
size_t q_size, /* optional */
|
||||
size_t xbits, /* optional */
|
||||
dh_keypair_t *keypair);
|
||||
ali_crypto_result ali_dh_init_pubkey(size_t keybits, const uint8_t *y,
|
||||
size_t y_size, dh_pubkey_t *pubkey);
|
||||
ali_crypto_result ali_dh_gen_keypair(size_t keybit, const uint8_t *g,
|
||||
size_t g_size, const uint8_t *p,
|
||||
size_t p_size, const uint8_t *q,
|
||||
size_t q_size, size_t xbits,
|
||||
dh_keypair_t *keypair);
|
||||
ali_crypto_result ali_dh_derive_secret(const dh_keypair_t *priv_key,
|
||||
const dh_pubkey_t * peer_pub_key,
|
||||
uint8_t * shared_secret,
|
||||
size_t * secret_size);
|
||||
ali_crypto_result ali_dh_get_key_attr(dh_key_attr_t attr, dh_keypair_t *keypair,
|
||||
void *buffer, uint32_t *size);
|
||||
|
||||
/*
|
||||
d: Private value
|
||||
x: Public value x
|
||||
y: Public value y
|
||||
curve: Curve type
|
||||
*/
|
||||
ali_crypto_result ali_ecc_get_keypair_size(size_t curve, size_t *size);
|
||||
ali_crypto_result ali_ecc_get_pubkey_size(size_t curve, size_t *size);
|
||||
ali_crypto_result ali_ecc_init_keypair(const uint8_t *x, size_t x_size,
|
||||
const uint8_t *y, size_t y_size,
|
||||
const uint8_t *d, size_t d_size,
|
||||
size_t curve, ecc_keypair_t *keypair);
|
||||
ali_crypto_result ali_ecc_init_pubkey(const uint8_t *x, size_t x_size,
|
||||
const uint8_t *y, size_t y_size,
|
||||
size_t curve, ecc_pubkey_t *pubkey);
|
||||
ali_crypto_result ali_ecc_gen_keypair(size_t curve, ecc_keypair_t *keypair);
|
||||
|
||||
/* ECDSA sign/verify */
|
||||
ali_crypto_result ali_ecdsa_sign(const ecc_keypair_t *priv_key,
|
||||
const uint8_t *src, size_t src_size,
|
||||
uint8_t *signature, size_t *sig_size);
|
||||
ali_crypto_result ali_ecdsa_verify(const ecc_pubkey_t *pub_key,
|
||||
const uint8_t *src, size_t src_size,
|
||||
const uint8_t *signature, size_t sig_size,
|
||||
bool *result);
|
||||
|
||||
/* ECDH derive shared secret */
|
||||
ali_crypto_result ali_ecdh_derive_secret(const ecc_keypair_t *priv_key,
|
||||
const ecc_pubkey_t * peer_pubkey_key,
|
||||
uint8_t * shared_secret,
|
||||
size_t * secret_size);
|
||||
|
||||
/* random generator */
|
||||
ali_crypto_result ali_seed(uint8_t *seed, size_t seed_len);
|
||||
ali_crypto_result ali_rand_gen(uint8_t *buf, size_t len);
|
||||
|
||||
ali_crypto_result ali_crypto_init(void);
|
||||
void ali_crypto_cleanup(void);
|
||||
|
||||
#endif /* _ALI_CRYPTO_H_ */
|
||||
|
|
@ -0,0 +1,28 @@
|
|||
/**
|
||||
* Copyright (C) 2017 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#ifndef _ALI_CRYPTO_TYPES_H_
|
||||
#define _ALI_CRYPTO_TYPES_H_
|
||||
|
||||
#include <stdint.h>
|
||||
#include <stddef.h> /* for size_t */
|
||||
#include <stdbool.h>
|
||||
|
||||
#if 0
|
||||
typedef unsigned char bool;
|
||||
#endif
|
||||
|
||||
#ifndef false
|
||||
#define false (0)
|
||||
#endif
|
||||
|
||||
#ifndef true
|
||||
#define true (1)
|
||||
#endif
|
||||
|
||||
#ifndef NULL
|
||||
#define NULL ((void *)0)
|
||||
#endif
|
||||
|
||||
#endif /* _ALI_CRYPTO_TYPES_H_ */
|
||||
264
Living_SDK/security/alicrypto/libalicrypto/inc/crypto.h
Normal file
264
Living_SDK/security/alicrypto/libalicrypto/inc/crypto.h
Normal file
|
|
@ -0,0 +1,264 @@
|
|||
#ifndef _CRYPTO_H_
|
||||
#define _CRYPTO_H_
|
||||
#include "ali_crypto.h"
|
||||
|
||||
|
||||
#define crypto_aes_get_ctx_size(type, size) ali_aes_get_ctx_size((type), (size))
|
||||
|
||||
#define crypto_aes_init(type, is_enc, key1, key2, keybytes, iv, contex) \
|
||||
ali_aes_init(type, is_enc, key1, key2, keybytes, iv, contex)
|
||||
|
||||
#define crypto_aes_process(src, dst, size, context) \
|
||||
ali_aes_process(src, dst, size, context)
|
||||
|
||||
#define crypto_aes_finish(src, src_size, dst, dst_size, padding, context) \
|
||||
ali_aes_finish(src, src_size, dst, dst_size, padding, context)
|
||||
|
||||
#define crypto_aes_reset(context) ali_aes_reset(context)
|
||||
|
||||
#define crypto_aes_copy_context(dst_ctx, src_ctx) \
|
||||
ali_aes_copy_context(dst_ctx, src_ctx)
|
||||
|
||||
#define crypto_des_get_ctx_size(type, size) ali_des_get_ctx_size(type, size)
|
||||
|
||||
#define crypto_des_init(type, is_enc, key, keybytes, iv, context) \
|
||||
ali_des_init(type, is_enc, key, keybytes, iv, context)
|
||||
|
||||
#define crypto_des_process(src, dst, size, context) \
|
||||
ali_des_process(src, dst, size, context)
|
||||
|
||||
#define crypto_des_finish(src, src_size, dst, dst_size, padding, context) \
|
||||
ali_des_finish(src, src_size, dst, dst_size, padding, context)
|
||||
|
||||
#define crypto_des_reset(context) ali_des_reset(context)
|
||||
|
||||
#define crypto_des_copy_context(dst_ctx, src_ctx) \
|
||||
ali_des_copy_context(dst_ctx, src_ctx)
|
||||
|
||||
#define crypto_authenc_get_ctx_size(type, size) \
|
||||
ali_authenc_get_ctx_size(type, size)
|
||||
|
||||
#define crypto_authenc_init(type, is_enc, key, keybytes, nonce, nonce_len, \
|
||||
tag_len, payload_len, aad_len, context) \
|
||||
ali_authenc_init(type, is_enc, key, keybytes, nonce, nonce_len, tag_len, \
|
||||
payload_len, aad_len, context)
|
||||
|
||||
#define crypto_authenc_update_aad(aad, aad_size, context) \
|
||||
ali_authenc_update_aad(aad, aad_size, context)
|
||||
|
||||
#define crypto_authenc_process(src, dst, size, context) \
|
||||
ali_authenc_process(src, dst, size, context)
|
||||
#define crypto_authenc_enc_finish(src, src_size, dst, dst_size, tag, tag_len, \
|
||||
context) \
|
||||
ali_authenc_enc_finish(src, src_size, dst, dst_size, tag, tag_len, context)
|
||||
#define crypto_authenc_dec_finish(src, src_size, dst, dst_size, tag, tag_len, \
|
||||
context) \
|
||||
ali_authenc_dec_finish(src, src_size, dst, dst_size, tag, tag_len, context)
|
||||
|
||||
#define crypto_authenc_reset(context) ali_authenc_reset(context)
|
||||
|
||||
#define crypto_authenc_copy_context(dst_ctx, src_ctx) \
|
||||
ali_authenc_copy_context(dst_ctx, src_ctx)
|
||||
#define crypto_hash_get_ctx_size(type, size) ali_hash_get_ctx_size(type, size)
|
||||
|
||||
#define crypto_hash_init(type, context) ali_hash_init(type, context)
|
||||
|
||||
#define crypto_hash_update(src, size, context) \
|
||||
ali_hash_update(src, size, context)
|
||||
|
||||
#define crypto_hash_final(dgst, context) ali_hash_final(dgst, context)
|
||||
|
||||
#define crypto_hash_reset(context) ali_hash_reset(context)
|
||||
|
||||
#define crypto_hash_copy_context(dst_ctx, src_ctx) \
|
||||
ali_hash_copy_context(dst_ctx, src_ctx)
|
||||
|
||||
#define crypto_hash_digest(type, src, size, dgst) \
|
||||
ali_hash_digest(type, src, size, dgst)
|
||||
|
||||
#define crypto_hmac_get_ctx_size(type, size) ali_hmac_get_ctx_size(type, size)
|
||||
|
||||
#define crypto_hmac_init(type, key, keybytes, context) \
|
||||
ali_hmac_init(type, key, keybytes, context)
|
||||
|
||||
#define crypto_hmac_update(src, size, context) \
|
||||
ali_hmac_update(src, size, context)
|
||||
|
||||
#define crypto_hmac_final(dgst, context) ali_hmac_final(dgst, context)
|
||||
|
||||
#define crypto_hmac_reset(context) ali_hmac_reset(context)
|
||||
|
||||
#define crypto_hmac_copy_context(dst_ctx, src_ctx) \
|
||||
ali_hmac_copy_context(dst_ctx, src_ctx)
|
||||
|
||||
#define crypto_hmac_digest(type, key, keybytes, src, size, dgst) \
|
||||
ali_hmac_digest(type, key, keybytes, src, size, dgst)
|
||||
|
||||
#define crypto_cbcmac_get_ctx_size(type, size) \
|
||||
ali_cbcmac_get_ctx_size(type, size)
|
||||
|
||||
#define crypto_cbcmac_init(type, key, keybytes, context) \
|
||||
ali_cbcmac_init(type, key, keybytes, context)
|
||||
|
||||
#define crypto_cbcmac_update(src, size, context) \
|
||||
ali_cbcmac_update(src, size, context)
|
||||
|
||||
#define crypto_cbcmac_final(padding, dgst, context) \
|
||||
ali_cbcmac_final(padding, dgst, context)
|
||||
|
||||
#define crypto_cbcmac_reset(context) ali_cbcmac_reset(context)
|
||||
|
||||
#define crypto_cbcmac_copy_context(dst_ctx, src_ctx) \
|
||||
ali_cbcmac_copy_context(dst_ctx, src_ctx)
|
||||
|
||||
#define crypto_cbcmac_digest(type, key, keybytes, src, size, padding, dgst) \
|
||||
ali_cbcmac_digest(type, key, keybytes, src, size, padding, dgst)
|
||||
|
||||
#define crypto_cmac_get_ctx_size(type, size) ali_cmac_get_ctx_size(type, size)
|
||||
|
||||
#define crypto_cmac_init(type, key, keybytes, context) \
|
||||
ali_cmac_init(type, key, keybytes, context)
|
||||
|
||||
#define crypto_cmac_update(src, size, context) \
|
||||
ali_cmac_update(src, size, context)
|
||||
|
||||
#define crypto_cmac_final(padding, dgst, context) \
|
||||
ali_cmac_final(padding, dgst, context)
|
||||
|
||||
#define crypto_cmac_reset(context) ali_cmac_reset(context)
|
||||
|
||||
#define crypto_cmac_copy_context(dst_ctx, src_ctx) \
|
||||
ali_cmac_copy_context(dst_ctx, src_ctx)
|
||||
|
||||
#define crypto_cmac_digest(type, key, keybytes, src, size, padding, dgst) \
|
||||
ali_cmac_digest(type, key, keybytes, src, size, padding, dgst)
|
||||
|
||||
#define crypto_rsa_get_keypair_size(keybits, size) \
|
||||
ali_rsa_get_keypair_size(keybits, size)
|
||||
|
||||
#define crypto_rsa_get_pubkey_size(keybits, size) \
|
||||
ali_rsa_get_pubkey_size(keybits, size)
|
||||
|
||||
#define crypto_rsa_init_keypair(keybits, n, n_size, e, e_size, d, d_size, p, \
|
||||
p_size, q, q_size, dp, dp_size, dq, dq_size, \
|
||||
qp, qp_size, keypair) \
|
||||
ali_rsa_init_keypair(keybits, n, n_size, e, e_size, d, d_size, p, p_size, \
|
||||
q, q_size, dp, dp_size, dq, dq_size, qp, qp_size, \
|
||||
keypair)
|
||||
|
||||
#define crypto_rsa_init_pubkey(keybits, n, n_size, e, e_size, pubkey) \
|
||||
ali_rsa_init_pubkey(keybits, n, n_size, e, e_size, pubkey)
|
||||
|
||||
#define crypto_rsa_gen_keypair(keybits, e, e_size, keypair) \
|
||||
ali_rsa_gen_keypair(keybits, e, e_size, keypair)
|
||||
|
||||
#define crypto_rsa_get_key_attr(attr, keypair, buffer, size) \
|
||||
ali_rsa_get_key_attr(attr, keypair, buffer, size)
|
||||
|
||||
#define crypto_rsa_public_encrypt(pub_key, src, src_size, dst, dst_size, \
|
||||
padding) \
|
||||
ali_rsa_public_encrypt(pub_key, src, src_size, dst, dst_size, padding)
|
||||
|
||||
#define crypto_rsa_private_decrypt(priv_key, src, src_size, dst, dst_size, \
|
||||
padding) \
|
||||
ali_rsa_private_decrypt(priv_key, src, src_size, dst, dst_size, padding)
|
||||
|
||||
#define crypto_rsa_sign(priv_key, dig, dig_size, sig, sig_size, padding) \
|
||||
ali_rsa_sign(priv_key, dig, dig_size, sig, sig_size, padding)
|
||||
|
||||
#define crypto_rsa_verify(pub_key, dig, dig_size, sig, sig_size, padding, \
|
||||
result) \
|
||||
ali_rsa_verify(pub_key, dig, dig_size, sig, sig_size, padding, result)
|
||||
|
||||
#define crypto_dsa_get_keypair_size(keybits, size) \
|
||||
ali_dsa_get_keypair_size(keybits, size)
|
||||
|
||||
#define crypto_dsa_get_pubkey_size(keybits, size) \
|
||||
ali_dsa_get_pubkey_size(keybits, size)
|
||||
|
||||
#define crypto_dsa_init_keypair(keybits, g, g_size, p, p_size, q, q_size, y, \
|
||||
y_size, x, x_size, keypair) \
|
||||
ali_dsa_init_keypair(keybits, g, g_size, p, p_size, q, q_size, y, y_size, \
|
||||
x, x_size, keypair)
|
||||
|
||||
#define crypto_dsa_init_pubkey(keybits, g, g_size, p, p_size, q, q_size, y, \
|
||||
y_size, pubkey) \
|
||||
ali_dsa_init_pubkey(keybits, g, g_size, p, p_size, q, q_size, y, y_size, \
|
||||
pubkey)
|
||||
|
||||
#define crypto_dsa_gen_keypair(keybit, g, g_size, p, p_size, q, q_size, \
|
||||
keypair) \
|
||||
ali_dsa_gen_keypair(keybit, g, g_size, p, p_size, q, q_size, keypair)
|
||||
|
||||
#define crypto_dsa_sign(priv_key, src, src_size, signature, sig_size, padding) \
|
||||
ali_dsa_sign(priv_key, src, src_size, signature, sig_size, padding)
|
||||
|
||||
#define crypto_dsa_verify(pub_key, src, src_size, signature, sig_size, \
|
||||
padding, result) \
|
||||
ali_dsa_verify(pub_key, src, src_size, signature, sig_size, padding, result)
|
||||
|
||||
#define crypto_dsa_get_key_attr(attr, keypair, buffer, size) \
|
||||
ali_dsa_get_key_attr(attr, keypair, buffer, size)
|
||||
|
||||
#define crypto_dh_get_keypair_size(keybits, size) \
|
||||
ali_dh_get_keypair_size(keybits, size)
|
||||
|
||||
#define crypto_dh_get_pubkey_size(keybits, size) \
|
||||
ali_dh_get_pubkey_size(keybits, size)
|
||||
|
||||
#define crypto_dh_init_keypair(keybits, g, g_size, p, p_size, y, y_size, x, \
|
||||
x_size, q, q_size, xbits, keypair) \
|
||||
ali_dh_init_keypair(keybits, g, g_size, p, p_size, y, y_size, x, x_size, \
|
||||
q, q_size, xbits, keypair)
|
||||
|
||||
#define crypto_dh_init_pubkey(keybits, y, y_size, pubkey) \
|
||||
ali_dh_init_pubkey(keybits, y, y_size, pubkey)
|
||||
|
||||
#define crypto_dh_gen_keypair(keybit, g, g_size, p, p_size, q, q_size, xbits, \
|
||||
keypair) \
|
||||
ali_dh_gen_keypair(keybit, g, g_size, p, p_size, q, q_size, xbits, keypair)
|
||||
|
||||
#define crypto_dh_derive_secret(priv_key, peer_pub_key, shared_secret, \
|
||||
secret_size) \
|
||||
ali_dh_derive_secret(priv_key, peer_pub_key, shared_secret, secret_size)
|
||||
|
||||
#define crypto_dh_get_key_attr(attr, keypair, buffer, size) \
|
||||
ali_dh_get_key_attr(attr, keypair, buffer, size)
|
||||
|
||||
#define crypto_ecc_get_keypair_size(curve, size) \
|
||||
ali_ecc_get_keypair_size(curve, size)
|
||||
|
||||
#define crypto_ecc_get_pubkey_size(curve, size) \
|
||||
ali_ecc_get_pubkey_size(curve, size)
|
||||
|
||||
#define crypto_ecc_init_keypair(x, x_size, y, y_size, d, d_size, curve, \
|
||||
keypair) \
|
||||
ali_ecc_init_keypair(x, x_size, y, y_size, d, d_size, curve, keypair)
|
||||
|
||||
#define crypto_ecc_init_pubkey(x, x_size, y, y_size, curve, pubkey) \
|
||||
ali_ecc_init_pubkey(x, x_size, y, y_size, curve, pubkey)
|
||||
|
||||
#define crypto_ecc_gen_keypair(curve, keypair) \
|
||||
ali_ecc_gen_keypair(curve, keypair)
|
||||
|
||||
#define crypto_ecdsa_sign(priv_key, src, src_size, signature, sig_size) \
|
||||
ali_ecdsa_sign(priv_key, src, src_size, signature, sig_size)
|
||||
|
||||
#define crypto_ecdsa_verify(pub_key, src, src_size, signature, sig_size, \
|
||||
result) \
|
||||
ali_ecdsa_verify(pub_key, src, src_size, signature, sig_size, result)
|
||||
|
||||
#define crypto_ecdh_derive_secret(priv_key, peer_pubkey_key, shared_secret, \
|
||||
secret_size) \
|
||||
ali_ecdh_derive_secret(priv_key, peer_pubkey_key, shared_secret, \
|
||||
secret_size)
|
||||
|
||||
#define crypto_seed(seed, seed_len) ali_seed(seed, seed_len)
|
||||
|
||||
#define crypto_rand_gen(buf, len) ali_rand_gen(buf, len)
|
||||
|
||||
#define crypto_init() ali_crypto_init()
|
||||
|
||||
#define crypto_cleanup() ali_crypto_cleanup()
|
||||
|
||||
#endif /* _CRYPTO_H_ */
|
||||
1099
Living_SDK/security/alicrypto/libalicrypto/mbed/asym/rsa.c
Normal file
1099
Living_SDK/security/alicrypto/libalicrypto/mbed/asym/rsa.c
Normal file
File diff suppressed because it is too large
Load diff
874
Living_SDK/security/alicrypto/libalicrypto/mbed/cipher/aes.c
Normal file
874
Living_SDK/security/alicrypto/libalicrypto/mbed/cipher/aes.c
Normal file
|
|
@ -0,0 +1,874 @@
|
|||
/**
|
||||
* Copyright (C) 2017 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#include "mbed_crypto.h"
|
||||
#include "ali_crypto.h"
|
||||
|
||||
/* pkcs5 only support 8 bytes block size
|
||||
* pcks7 support 8,16 bytes block size, so in aes pkcs5 equal pkcs7 */
|
||||
/*
|
||||
* output: buf
|
||||
* output_len: block size
|
||||
* data_len: cur_data_len */
|
||||
static void _add_pkcs_padding(unsigned char *output, size_t output_len,
|
||||
size_t data_len)
|
||||
{
|
||||
size_t padding_len = output_len - data_len;
|
||||
unsigned char i;
|
||||
|
||||
for (i = 0; i < padding_len; i++) {
|
||||
output[data_len + i] = (unsigned char)padding_len;
|
||||
}
|
||||
}
|
||||
|
||||
static int _get_pkcs_padding(unsigned char *input, size_t input_len,
|
||||
size_t *data_len)
|
||||
{
|
||||
size_t i, pad_idx;
|
||||
unsigned char padding_len, bad = 0;
|
||||
|
||||
if (NULL == input || NULL == data_len) {
|
||||
return ALI_CRYPTO_INVALID_ARG;
|
||||
}
|
||||
|
||||
padding_len = input[input_len - 1];
|
||||
*data_len = input_len - padding_len;
|
||||
|
||||
/* Avoid logical || since it results in a branch */
|
||||
bad |= padding_len > input_len;
|
||||
bad |= padding_len == 0;
|
||||
|
||||
/* The number of bytes checked must be independent of padding_len,
|
||||
* so pick input_len, which is usually 8 or 16 (one block) */
|
||||
pad_idx = input_len - padding_len;
|
||||
for (i = 0; i < input_len; i++) {
|
||||
bad |= (input[i] ^ padding_len) * (i >= pad_idx);
|
||||
}
|
||||
|
||||
return (ALI_CRYPTO_INVALID_PADDING * (bad != 0));
|
||||
}
|
||||
|
||||
static ali_crypto_result _ali_aes_ecb_final(const uint8_t *src, size_t src_size,
|
||||
uint8_t *dst, size_t *dst_size,
|
||||
sym_padding_t padding,
|
||||
aes_ctx_t * ctx)
|
||||
{
|
||||
int ret;
|
||||
uint8_t block[AES_BLOCK_SIZE];
|
||||
int mode;
|
||||
size_t round = 0;
|
||||
size_t data_len;
|
||||
|
||||
if (ctx == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ecb_final: invalid context!\n");
|
||||
}
|
||||
|
||||
if (!(padding == SYM_NOPAD || padding == SYM_PKCS5_PAD)) {
|
||||
/* not support zero padding */
|
||||
PRINT_RET(ALI_CRYPTO_NOSUPPORT,
|
||||
"ecb_final: only support no-padding and pkcs5/7!\n");
|
||||
}
|
||||
|
||||
if (padding == SYM_NOPAD) {
|
||||
if (src == NULL || src_size == 0) {
|
||||
if (dst_size != NULL) {
|
||||
*dst_size = 0;
|
||||
}
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
} else if (padding == SYM_PKCS5_PAD) {
|
||||
/* pkcs5 finish must have input data */
|
||||
if (NULL == src || 0 == src_size) {
|
||||
if (dst_size != NULL) {
|
||||
*dst_size = 0;
|
||||
}
|
||||
return ALI_CRYPTO_INVALID_ARG;
|
||||
}
|
||||
}
|
||||
|
||||
if (dst_size == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ecb_final: invalid arg!\n");
|
||||
}
|
||||
|
||||
if ((0 != *dst_size) && (dst == NULL)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ecb_final: invalid arg!\n");
|
||||
}
|
||||
|
||||
if (ctx->is_enc) {
|
||||
mode = MBEDTLS_AES_ENCRYPT;
|
||||
} else {
|
||||
mode = MBEDTLS_AES_DECRYPT;
|
||||
}
|
||||
|
||||
if (padding == SYM_NOPAD) {
|
||||
if (src_size % AES_BLOCK_SIZE != 0) {
|
||||
PRINT_RET(ALI_CRYPTO_LENGTH_ERR,
|
||||
"ecb_final: no pad invalid size(%d vs %d)\n",
|
||||
(int)src_size, (int)*dst_size);
|
||||
}
|
||||
if (src_size > *dst_size) {
|
||||
*dst_size = src_size;
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"ecb_final: no pad short buffer\n");
|
||||
}
|
||||
} else if (padding == SYM_PKCS5_PAD) {
|
||||
if (ctx->is_enc) {
|
||||
if ((src_size + (AES_BLOCK_SIZE - src_size % AES_BLOCK_SIZE)) >
|
||||
*dst_size) {
|
||||
*dst_size =
|
||||
src_size + (AES_BLOCK_SIZE - src_size % AES_BLOCK_SIZE);
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"ecb_final: enc pkcs short buffer(%d vs %d)\n",
|
||||
(int)src_size, (int)*dst_size);
|
||||
}
|
||||
} else {
|
||||
if (src_size % AES_BLOCK_SIZE != 0) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_PADDING,
|
||||
"ecb_final: cipher size is not block align(%d)\n",
|
||||
(int)src_size);
|
||||
}
|
||||
if ((src_size - AES_BLOCK_SIZE) > *dst_size) {
|
||||
ret = mbedtls_aes_crypt_ecb(
|
||||
&(ctx->ctx), mode, src + (src_size - AES_BLOCK_SIZE), block);
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"ecb_final: mbedtls_aes_crypt_ecb fail(%d)\n",
|
||||
ret);
|
||||
}
|
||||
|
||||
ret = _get_pkcs_padding(block, AES_BLOCK_SIZE, &data_len);
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"get pkcs padding fail(0x%08x)\n", ret);
|
||||
}
|
||||
*dst_size = src_size - (AES_BLOCK_SIZE - data_len);
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"ecb_final: dec pkcs short buffer(%d vs %d)\n",
|
||||
(int)src_size, (int)*dst_size);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (MBEDTLS_AES_ENCRYPT == mode) {
|
||||
/* encrypt */
|
||||
size_t cur_len;
|
||||
round = 0;
|
||||
while (round < (src_size / AES_BLOCK_SIZE)) {
|
||||
ret = mbedtls_aes_crypt_ecb(&(ctx->ctx), mode,
|
||||
src + round * AES_BLOCK_SIZE,
|
||||
dst + round * AES_BLOCK_SIZE);
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"ecb_final: mbedtls_aes_crypt_ecb fail(%d)\n", ret);
|
||||
}
|
||||
round++;
|
||||
}
|
||||
|
||||
cur_len = round * AES_BLOCK_SIZE;
|
||||
if (padding == SYM_NOPAD) {
|
||||
if (src_size != cur_len) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"ecb_final: src size not block align(%d)\n", cur_len);
|
||||
}
|
||||
|
||||
*dst_size = cur_len;
|
||||
} else if (padding == SYM_PKCS5_PAD) {
|
||||
OSA_memcpy(block, src + cur_len, src_size - cur_len);
|
||||
_add_pkcs_padding(block, AES_BLOCK_SIZE, src_size - cur_len);
|
||||
|
||||
ret =
|
||||
mbedtls_aes_crypt_ecb(&(ctx->ctx), mode, block, dst + cur_len);
|
||||
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"ecb_final: mbedtls_aes_crypt_ecb fail(%d)\n", ret);
|
||||
}
|
||||
|
||||
*dst_size = cur_len + AES_BLOCK_SIZE;
|
||||
}
|
||||
} else {
|
||||
/* dencrypt */
|
||||
uint8_t *tmp_dst = OSA_malloc(src_size);
|
||||
|
||||
if (NULL == tmp_dst) {
|
||||
PRINT_RET(ALI_CRYPTO_OUTOFMEM, "ecb_final: out of memory\n");
|
||||
}
|
||||
round = 0;
|
||||
while (round < (src_size / AES_BLOCK_SIZE)) {
|
||||
ret = mbedtls_aes_crypt_ecb(&(ctx->ctx), mode,
|
||||
src + round * AES_BLOCK_SIZE,
|
||||
tmp_dst + round * AES_BLOCK_SIZE);
|
||||
if (0 != ret) {
|
||||
OSA_free(tmp_dst);
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"ecb_final: mbedtls_aes_crypt_ecb fail(%d)\n", ret);
|
||||
}
|
||||
round++;
|
||||
}
|
||||
|
||||
if (padding == SYM_NOPAD) {
|
||||
if (src_size > *dst_size) {
|
||||
*dst_size = src_size;
|
||||
OSA_free(tmp_dst);
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"ecb_final: dec no pad short buffer(src size %d vs "
|
||||
"dst size %d)\n",
|
||||
src_size, *dst_size);
|
||||
}
|
||||
|
||||
OSA_memcpy(dst, tmp_dst, src_size);
|
||||
*dst_size = src_size;
|
||||
} else if (padding == SYM_PKCS5_PAD) {
|
||||
ret = _get_pkcs_padding(tmp_dst + (round - 1) * AES_BLOCK_SIZE,
|
||||
AES_BLOCK_SIZE, &data_len);
|
||||
if (0 != ret) {
|
||||
OSA_free(tmp_dst);
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"ecb_final: get pkcs padding fail(0x%08x)\n", ret);
|
||||
}
|
||||
if (*dst_size < src_size - (AES_BLOCK_SIZE - data_len)) {
|
||||
OSA_free(tmp_dst);
|
||||
*dst_size = src_size - (AES_BLOCK_SIZE - data_len);
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"ecb_final: dec pkcs short buffer\n");
|
||||
}
|
||||
|
||||
OSA_memcpy(dst, tmp_dst, src_size - (AES_BLOCK_SIZE - data_len));
|
||||
*dst_size = src_size - (AES_BLOCK_SIZE - data_len);
|
||||
}
|
||||
|
||||
OSA_free(tmp_dst);
|
||||
tmp_dst = NULL;
|
||||
}
|
||||
|
||||
return (ali_crypto_result)ret;
|
||||
}
|
||||
|
||||
static ali_crypto_result _ali_aes_cbc_final(const uint8_t *src, size_t src_size,
|
||||
uint8_t *dst, size_t *dst_size,
|
||||
sym_padding_t padding,
|
||||
aes_ctx_t * ctx)
|
||||
{
|
||||
int ret;
|
||||
int mode;
|
||||
size_t data_len;
|
||||
uint8_t *tmp_dst = NULL;
|
||||
|
||||
if (ctx == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "cbc_final: invalid context!\n");
|
||||
}
|
||||
|
||||
if (!(padding == SYM_NOPAD || padding == SYM_PKCS5_PAD)) {
|
||||
PRINT_RET(ALI_CRYPTO_NOSUPPORT,
|
||||
"ecb_final: only support no-padding and pkcs5/7!\n");
|
||||
}
|
||||
|
||||
if (padding == SYM_NOPAD) {
|
||||
if (src == NULL || src_size == 0) {
|
||||
if (dst_size != NULL) {
|
||||
*dst_size = 0;
|
||||
}
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
} else if (padding == SYM_PKCS5_PAD) {
|
||||
/* pkcs5 finish must have input data */
|
||||
if (NULL == src || 0 == src_size) {
|
||||
if (dst_size != NULL) {
|
||||
*dst_size = 0;
|
||||
}
|
||||
return ALI_CRYPTO_INVALID_ARG;
|
||||
}
|
||||
}
|
||||
|
||||
if (dst_size == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "cbc_final: invalid arg!\n");
|
||||
}
|
||||
|
||||
if ((0 != *dst_size) && (dst == NULL)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "cbc_final: invalid arg!\n");
|
||||
}
|
||||
if (ctx->is_enc) {
|
||||
mode = MBEDTLS_AES_ENCRYPT;
|
||||
} else {
|
||||
mode = MBEDTLS_AES_DECRYPT;
|
||||
}
|
||||
|
||||
if (padding == SYM_NOPAD) {
|
||||
if (src_size % AES_BLOCK_SIZE != 0) {
|
||||
PRINT_RET(ALI_CRYPTO_LENGTH_ERR,
|
||||
"cbc_final: no pad invalid size(%d vs %d)\n",
|
||||
(int)src_size, (int)*dst_size);
|
||||
}
|
||||
if (src_size > *dst_size) {
|
||||
*dst_size = src_size;
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER, "cbc_final: short buffer\n");
|
||||
} else {
|
||||
*dst_size = src_size;
|
||||
}
|
||||
} else if (padding == SYM_PKCS5_PAD) {
|
||||
if (ctx->is_enc) {
|
||||
if ((src_size + (AES_BLOCK_SIZE - src_size % AES_BLOCK_SIZE)) >
|
||||
*dst_size) {
|
||||
*dst_size =
|
||||
src_size + (AES_BLOCK_SIZE - src_size % AES_BLOCK_SIZE);
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"ecb_final: enc pkcs5 short buffer(%d vs %d)\n",
|
||||
(int)src_size, (int)*dst_size);
|
||||
}
|
||||
} else {
|
||||
if (src_size % AES_BLOCK_SIZE != 0) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_PADDING,
|
||||
"cbc_final: cipher size is not block align(%d)\n",
|
||||
(int)src_size);
|
||||
}
|
||||
if ((src_size - AES_BLOCK_SIZE) > *dst_size) {
|
||||
tmp_dst = OSA_malloc(src_size);
|
||||
if (NULL == tmp_dst) {
|
||||
PRINT_RET(ALI_CRYPTO_OUTOFMEM,
|
||||
"cbc_final: out of memory\n");
|
||||
}
|
||||
ret =
|
||||
mbedtls_aes_crypt_cbc(&(ctx->ctx), mode, src_size,
|
||||
(unsigned char *)ctx->iv, src, tmp_dst);
|
||||
if (0 != ret) {
|
||||
OSA_free(tmp_dst);
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"cbc_final: mbedtls_aes_crypt_cbc fail(%d)\n",
|
||||
ret);
|
||||
}
|
||||
|
||||
ret = _get_pkcs_padding(tmp_dst + src_size - AES_BLOCK_SIZE,
|
||||
AES_BLOCK_SIZE, &data_len);
|
||||
if (0 != ret) {
|
||||
OSA_free(tmp_dst);
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"cbc_final: get pkcs padding fail(0x%08x)\n",
|
||||
ret);
|
||||
}
|
||||
*dst_size = src_size - (AES_BLOCK_SIZE - data_len);
|
||||
|
||||
OSA_free(tmp_dst);
|
||||
tmp_dst = NULL;
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"cbc_final: dec pkcs short buffer(%d vs %d)\n",
|
||||
(int)src_size, (int)*dst_size);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (MBEDTLS_AES_ENCRYPT == mode) {
|
||||
/* encrypt, short buffer will be blocked above */
|
||||
size_t cur_len;
|
||||
uint8_t block[AES_BLOCK_SIZE];
|
||||
|
||||
cur_len = src_size & (~(AES_BLOCK_SIZE - 1));
|
||||
ret = mbedtls_aes_crypt_cbc(
|
||||
&(ctx->ctx), mode, cur_len, (unsigned char *)ctx->iv,
|
||||
(const unsigned char *)src, (unsigned char *)dst);
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"cbc_final: mbedtls_aes_crypt_cbc fail(%d)\n", ret);
|
||||
}
|
||||
|
||||
if (padding == SYM_PKCS5_PAD) {
|
||||
OSA_memcpy(block, src + cur_len, src_size - cur_len);
|
||||
_add_pkcs_padding(block, AES_BLOCK_SIZE, src_size - cur_len);
|
||||
ret = mbedtls_aes_crypt_cbc(
|
||||
&(ctx->ctx), mode, AES_BLOCK_SIZE, (unsigned char *)ctx->iv,
|
||||
(const unsigned char *)block, (unsigned char *)(dst + cur_len));
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"cbc_final: mbedtls_aes_crypt_cbc fail(%d)\n", ret);
|
||||
}
|
||||
*dst_size = cur_len + AES_BLOCK_SIZE;
|
||||
}
|
||||
} else {
|
||||
/* dencrypt */
|
||||
if (padding == SYM_NOPAD) {
|
||||
ret = mbedtls_aes_crypt_cbc(
|
||||
&(ctx->ctx), mode, src_size, (unsigned char *)ctx->iv,
|
||||
(const unsigned char *)src, (unsigned char *)dst);
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"cbc_final: mbedtls_aes_crypt_cbc fail(%d)\n", ret);
|
||||
}
|
||||
|
||||
*dst_size = src_size;
|
||||
} else if (padding == SYM_PKCS5_PAD) {
|
||||
/* avoid dst size is not enougth */
|
||||
tmp_dst = OSA_malloc(src_size);
|
||||
if (NULL == tmp_dst) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR, "cbc_final: out of memory\n");
|
||||
}
|
||||
ret = mbedtls_aes_crypt_cbc(
|
||||
&(ctx->ctx), mode, src_size, (unsigned char *)ctx->iv,
|
||||
(const unsigned char *)src, (unsigned char *)tmp_dst);
|
||||
if (0 != ret) {
|
||||
OSA_free(tmp_dst);
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"cbc_final: mbedtls_aes_crypt_cbc fail(%d)\n", ret);
|
||||
}
|
||||
|
||||
ret = _get_pkcs_padding(tmp_dst + src_size - AES_BLOCK_SIZE,
|
||||
AES_BLOCK_SIZE, &data_len);
|
||||
if (0 != ret) {
|
||||
OSA_free(tmp_dst);
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"cbc_final: get pkcs padding fail(0x%08x)\n", ret);
|
||||
}
|
||||
if (*dst_size < src_size - (AES_BLOCK_SIZE - data_len)) {
|
||||
OSA_free(tmp_dst);
|
||||
*dst_size = src_size - (AES_BLOCK_SIZE - data_len);
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"cbc_final: dec pkcs short buffer\n");
|
||||
}
|
||||
OSA_memcpy(dst, tmp_dst, src_size - (AES_BLOCK_SIZE - data_len));
|
||||
*dst_size = src_size - (AES_BLOCK_SIZE - data_len);
|
||||
OSA_free(tmp_dst);
|
||||
}
|
||||
}
|
||||
|
||||
return (ali_crypto_result)ret;
|
||||
}
|
||||
|
||||
static ali_crypto_result _ali_aes_ctr_final(const uint8_t *src, size_t src_size,
|
||||
uint8_t *dst, size_t *dst_size,
|
||||
aes_ctx_t *ctx)
|
||||
{
|
||||
int ret;
|
||||
if (ctx == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ctr_final: invalid context!\n");
|
||||
}
|
||||
|
||||
if (src == NULL || src_size == 0) {
|
||||
if (dst_size != NULL) {
|
||||
*dst_size = 0;
|
||||
}
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
if (dst_size == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ctr_final: invalid arg!\n");
|
||||
}
|
||||
|
||||
if (src_size > *dst_size) {
|
||||
*dst_size = src_size;
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"ctr_final: short buffer(%d vs %d)\n", (int)src_size,
|
||||
(int)*dst_size);
|
||||
}
|
||||
|
||||
ret = mbedtls_aes_crypt_ctr(
|
||||
&(ctx->ctx), src_size, &(ctx->offset), (unsigned char *)ctx->iv,
|
||||
(unsigned char *)ctx->stream_block, (const unsigned char *)src,
|
||||
(unsigned char *)dst);
|
||||
|
||||
*dst_size = src_size;
|
||||
|
||||
return (ali_crypto_result)ret;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
static ali_crypto_result _ali_aes_cfb_final(const uint8_t *src, size_t src_size,
|
||||
uint8_t *dst, size_t *dst_size,
|
||||
aes_ctx_t *ctx)
|
||||
{
|
||||
int ret;
|
||||
int mode;
|
||||
|
||||
if (ctx == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "cfb_final: invalid context!\n");
|
||||
}
|
||||
|
||||
if (src == NULL || src_size == 0) {
|
||||
if (dst_size != NULL) {
|
||||
*dst_size = 0;
|
||||
}
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
if (dst == NULL || dst_size == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "cfb_final: invalid arg!\n");
|
||||
}
|
||||
|
||||
if (src_size > *dst_size) {
|
||||
*dst_size = src_size;
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"cfb_final: short buffer(%d vs %d)\n", (int)src_size,
|
||||
(int)*dst_size);
|
||||
}
|
||||
|
||||
if (ctx->is_enc) {
|
||||
mode = MBEDTLS_AES_ENCRYPT;
|
||||
} else {
|
||||
mode = MBEDTLS_AES_DECRYPT;
|
||||
}
|
||||
|
||||
if (ctx->type == AES_CFB8) {
|
||||
ret = mbedtls_aes_crypt_cfb8(
|
||||
&(ctx->ctx), mode, src_size, (unsigned char *)ctx->iv,
|
||||
(const unsigned char *)src, (unsigned char *)dst);
|
||||
} else if (ctx->type == AES_CFB128) {
|
||||
ret = mbedtls_aes_crypt_cfb128(
|
||||
&(ctx->ctx), mode, src_size, &(ctx->offset), (unsigned char *)ctx->iv,
|
||||
(const unsigned char *)src, (unsigned char *)dst);
|
||||
} else {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "cfb_final: invalid cfb type!\n");
|
||||
}
|
||||
|
||||
*dst_size = src_size;
|
||||
|
||||
return (ali_crypto_result)ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
ali_crypto_result ali_aes_get_ctx_size(aes_type_t type, size_t *size)
|
||||
{
|
||||
if (size == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "aes_get_ctx_size: bad input!\n");
|
||||
}
|
||||
switch (type) {
|
||||
case AES_ECB:
|
||||
case AES_CBC:
|
||||
case AES_CTR:
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
case AES_CFB8:
|
||||
case AES_CFB128:
|
||||
#endif
|
||||
break;
|
||||
case AES_CTS:
|
||||
case AES_XTS:
|
||||
PRINT_RET(ALI_CRYPTO_NOSUPPORT,
|
||||
"ali_aes_init: invalid aes type(%d)\n", type);
|
||||
default:
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_TYPE,
|
||||
"ali_aes_init: invalid aes type(%d)\n", type);
|
||||
}
|
||||
*size = sizeof(aes_ctx_t);
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_aes_init(aes_type_t type, bool is_enc,
|
||||
const uint8_t *key1, const uint8_t *key2,
|
||||
size_t keybytes, const uint8_t *iv,
|
||||
void *context)
|
||||
{
|
||||
int ret = ALI_CRYPTO_SUCCESS;
|
||||
aes_ctx_t *aes_ctx;
|
||||
|
||||
(void)key2;
|
||||
if (key1 == NULL || context == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_aes_init: bad input args!\n");
|
||||
}
|
||||
|
||||
if (keybytes != 16 && keybytes != 24 && keybytes != 32) {
|
||||
PRINT_RET(ALI_CRYPTO_LENGTH_ERR, "ali_aes_init: bad key lenth(%d)\n",
|
||||
(int)keybytes);
|
||||
}
|
||||
|
||||
aes_ctx = (aes_ctx_t *)context;
|
||||
if ((IS_VALID_CTX_MAGIC(aes_ctx->magic) &&
|
||||
aes_ctx->status != CRYPTO_STATUS_FINISHED) &&
|
||||
aes_ctx->status != CRYPTO_STATUS_CLEAN) {
|
||||
PRINT_RET(ALI_CRYPTO_ERR_STATE, "ali_aes_init: bad status(%d)\n",
|
||||
(int)aes_ctx->status);
|
||||
}
|
||||
|
||||
switch (type) {
|
||||
case AES_ECB:
|
||||
break;
|
||||
case AES_CBC: {
|
||||
if (iv == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG,
|
||||
"ali_aes_init: cbc iv is null\n");
|
||||
}
|
||||
|
||||
OSA_memcpy(aes_ctx->iv, iv, 16);
|
||||
break;
|
||||
}
|
||||
case AES_CTR: {
|
||||
if (iv == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG,
|
||||
"ali_aes_init: ctr iv is null\n");
|
||||
}
|
||||
OSA_memcpy(aes_ctx->iv, iv, 16);
|
||||
break;
|
||||
}
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
case AES_CFB8:
|
||||
case AES_CFB128: {
|
||||
if (iv == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG,
|
||||
"ali_aes_init: cfb iv is null\n");
|
||||
}
|
||||
OSA_memcpy(aes_ctx->iv, iv, 16);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
case AES_CTS:
|
||||
case AES_XTS:
|
||||
PRINT_RET(ALI_CRYPTO_NOSUPPORT,
|
||||
"ali_aes_init: not support aes type(%d)\n", type);
|
||||
break;
|
||||
default:
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_TYPE,
|
||||
"ali_aes_init: invalid aes type(%d)\n", type);
|
||||
}
|
||||
|
||||
mbedtls_aes_init(&(aes_ctx->ctx));
|
||||
aes_ctx->is_enc = is_enc;
|
||||
|
||||
if (aes_ctx->is_enc) {
|
||||
ret = mbedtls_aes_setkey_enc(&(aes_ctx->ctx), key1, keybytes * 8);
|
||||
} else {
|
||||
if (AES_CTR == type || AES_CFB8 == type || AES_CFB128 == type) {
|
||||
ret = mbedtls_aes_setkey_enc(&(aes_ctx->ctx), key1, keybytes * 8);
|
||||
} else {
|
||||
ret = mbedtls_aes_setkey_dec(&(aes_ctx->ctx), key1, keybytes * 8);
|
||||
}
|
||||
}
|
||||
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR, "ALI_aes_init: start mode(%d) fail(%d)\n",
|
||||
type, ret);
|
||||
}
|
||||
|
||||
aes_ctx->offset = 0;
|
||||
aes_ctx->type = type;
|
||||
aes_ctx->status = CRYPTO_STATUS_INITIALIZED;
|
||||
INIT_CTX_MAGIC(aes_ctx->magic);
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_aes_process(const uint8_t *src, uint8_t *dst, size_t size,
|
||||
void *context)
|
||||
{
|
||||
int ret;
|
||||
aes_ctx_t *aes_ctx;
|
||||
int mode;
|
||||
|
||||
if (context == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_aes_process: bad ctx!\n");
|
||||
}
|
||||
|
||||
if (src == NULL || dst == NULL || size == 0) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_aes_process: bad args!\n");
|
||||
}
|
||||
|
||||
aes_ctx = (aes_ctx_t *)context;
|
||||
if (!IS_VALID_CTX_MAGIC(aes_ctx->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_aes_process: bad magic!\n");
|
||||
}
|
||||
|
||||
if ((aes_ctx->status != CRYPTO_STATUS_INITIALIZED) &&
|
||||
(aes_ctx->status != CRYPTO_STATUS_PROCESSING)) {
|
||||
PRINT_RET(ALI_CRYPTO_ERR_STATE, "ali_aes_update: bad status(%d)\n",
|
||||
(int)aes_ctx->status);
|
||||
}
|
||||
|
||||
if (aes_ctx->is_enc) {
|
||||
mode = MBEDTLS_AES_ENCRYPT;
|
||||
} else {
|
||||
mode = MBEDTLS_AES_DECRYPT;
|
||||
}
|
||||
switch (aes_ctx->type) {
|
||||
/* FIXME, limitation, size must be block size aigned */
|
||||
case AES_ECB: {
|
||||
size_t cur_len = 0;
|
||||
if (size % AES_BLOCK_SIZE != 0) {
|
||||
PRINT_RET(ALI_CRYPTO_LENGTH_ERR,
|
||||
"ali_aes_process: invalid size(%d)\n", (int)size);
|
||||
}
|
||||
|
||||
while (cur_len < size) {
|
||||
ret = mbedtls_aes_crypt_ecb(&(aes_ctx->ctx), mode,
|
||||
src + cur_len, dst + cur_len);
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"mbedtls_aes_crypt_ecb fail(%d)\n", ret);
|
||||
}
|
||||
cur_len += AES_BLOCK_SIZE;
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
case AES_CBC: {
|
||||
if (size % AES_BLOCK_SIZE != 0) {
|
||||
PRINT_RET(ALI_CRYPTO_LENGTH_ERR,
|
||||
"ali_aes_process: invalid size(%d)\n", (int)size);
|
||||
}
|
||||
|
||||
ret = mbedtls_aes_crypt_cbc(
|
||||
&(aes_ctx->ctx), mode, size, (unsigned char *)aes_ctx->iv,
|
||||
(const unsigned char *)src, (unsigned char *)dst);
|
||||
|
||||
#if 0 /* mbedtls have copy it */
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
OSA_memcpy(aes_ctx->iv, src - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
|
||||
}
|
||||
#endif
|
||||
|
||||
break;
|
||||
}
|
||||
case AES_CTR: {
|
||||
ret = mbedtls_aes_crypt_ctr(
|
||||
&(aes_ctx->ctx), size, &(aes_ctx->offset),
|
||||
(unsigned char *)aes_ctx->iv,
|
||||
(unsigned char *)aes_ctx->stream_block,
|
||||
(const unsigned char *)src, (unsigned char *)dst);
|
||||
break;
|
||||
}
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
case AES_CFB8: {
|
||||
ret = mbedtls_aes_crypt_cfb8(
|
||||
&(aes_ctx->ctx), mode, size, (unsigned char *)aes_ctx->iv,
|
||||
(const unsigned char *)src, (unsigned char *)dst);
|
||||
break;
|
||||
}
|
||||
case AES_CFB128: {
|
||||
ret = mbedtls_aes_crypt_cfb128(
|
||||
&(aes_ctx->ctx), mode, size, &(aes_ctx->offset),
|
||||
(unsigned char *)aes_ctx->iv, (const unsigned char *)src,
|
||||
(unsigned char *)dst);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
case AES_CTS:
|
||||
case AES_XTS:
|
||||
default:
|
||||
PRINT_RET(ALI_CRYPTO_NOSUPPORT,
|
||||
"ali_aes_process: invalid hash type(%d)\n",
|
||||
aes_ctx->type);
|
||||
}
|
||||
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
if (aes_ctx->is_enc) {
|
||||
MBED_DBG_E("ali_aes_process: encrypt(%d) fail!\n", aes_ctx->type);
|
||||
} else {
|
||||
MBED_DBG_E("ali_aes_process: decrypt(%d) fail!\n", aes_ctx->type);
|
||||
}
|
||||
return ALI_CRYPTO_ERROR;
|
||||
}
|
||||
|
||||
aes_ctx->status = CRYPTO_STATUS_PROCESSING;
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_aes_finish(const uint8_t *src, size_t src_size,
|
||||
uint8_t *dst, size_t *dst_size,
|
||||
sym_padding_t padding, void *context)
|
||||
{
|
||||
ali_crypto_result ret;
|
||||
aes_ctx_t * aes_ctx;
|
||||
|
||||
if ((src == NULL && src_size != 0) ||
|
||||
((dst_size != NULL) && (dst == NULL && *dst_size != 0)) ||
|
||||
context == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_aes_finish: bad input args!\n");
|
||||
}
|
||||
|
||||
aes_ctx = (aes_ctx_t *)context;
|
||||
if (!IS_VALID_CTX_MAGIC(aes_ctx->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_aes_finish: bad magic!\n");
|
||||
}
|
||||
|
||||
if ((aes_ctx->status != CRYPTO_STATUS_INITIALIZED) &&
|
||||
(aes_ctx->status != CRYPTO_STATUS_PROCESSING)) {
|
||||
PRINT_RET(ALI_CRYPTO_ERR_STATE, "ali_aes_finish: bad status(%d)\n",
|
||||
(int)aes_ctx->status);
|
||||
}
|
||||
|
||||
switch (aes_ctx->type) {
|
||||
case AES_ECB: {
|
||||
ret = _ali_aes_ecb_final(src, src_size, dst, dst_size, padding,
|
||||
aes_ctx);
|
||||
break;
|
||||
}
|
||||
case AES_CBC: {
|
||||
ret = _ali_aes_cbc_final(src, src_size, dst, dst_size, padding,
|
||||
aes_ctx);
|
||||
break;
|
||||
}
|
||||
case AES_CTR: {
|
||||
ret = _ali_aes_ctr_final(src, src_size, dst, dst_size, aes_ctx);
|
||||
break;
|
||||
}
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
case AES_CFB8:
|
||||
case AES_CFB128: {
|
||||
ret = _ali_aes_cfb_final(src, src_size, dst, dst_size, aes_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
case AES_CTS:
|
||||
case AES_XTS:
|
||||
default:
|
||||
PRINT_RET(ALI_CRYPTO_NOSUPPORT,
|
||||
"ali_aes_finish: invalid aes type(%d)\n", aes_ctx->type);
|
||||
}
|
||||
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
mbedtls_aes_free(&(aes_ctx->ctx));
|
||||
PRINT_RET(ret, "ali_aes_process: aes type(%d) final fail(%08x)\n",
|
||||
aes_ctx->type, ret);
|
||||
}
|
||||
|
||||
CLEAN_CTX_MAGIC(aes_ctx->magic);
|
||||
aes_ctx->status = CRYPTO_STATUS_FINISHED;
|
||||
aes_ctx->offset = 0;
|
||||
|
||||
mbedtls_aes_free(&(aes_ctx->ctx));
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_aes_reset(void *context)
|
||||
{
|
||||
aes_ctx_t *aes_ctx;
|
||||
|
||||
if (context == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_aes_reset: bad input args!\n");
|
||||
}
|
||||
|
||||
aes_ctx = (aes_ctx_t *)context;
|
||||
#if 0
|
||||
if (!IS_VALID_CTX_MAGIC(aes_ctx->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_aes_reset: bad magic!\n");
|
||||
}
|
||||
#endif
|
||||
|
||||
OSA_memset(aes_ctx, 0, sizeof(aes_ctx_t));
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_aes_copy_context(void *dst_ctx, void *src_ctx)
|
||||
{
|
||||
aes_ctx_t *aes_ctx_src, *aes_ctx_dst;
|
||||
|
||||
if ((dst_ctx == NULL) || (src_ctx == NULL)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG,
|
||||
"ali_aes_copy_context: bad input args!\n");
|
||||
}
|
||||
|
||||
aes_ctx_src = (aes_ctx_t *)src_ctx;
|
||||
if (!IS_VALID_CTX_MAGIC(aes_ctx_src->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT,
|
||||
"ali_aes_copy_context: bad magic!\n");
|
||||
}
|
||||
|
||||
/* only can copy to one un-initialized context */
|
||||
aes_ctx_dst = (aes_ctx_t *)dst_ctx;
|
||||
if ((IS_VALID_CTX_MAGIC(aes_ctx_dst->magic)) &&
|
||||
((aes_ctx_dst->status == CRYPTO_STATUS_INITIALIZED) ||
|
||||
(aes_ctx_dst->status == CRYPTO_STATUS_PROCESSING) ||
|
||||
(aes_ctx_dst->status == CRYPTO_STATUS_FINISHED))) {
|
||||
PRINT_RET(ALI_CRYPTO_ERR_STATE, "ali_aes_init: bad dst status(%d)\n",
|
||||
(int)aes_ctx_dst->status);
|
||||
}
|
||||
|
||||
OSA_memcpy(aes_ctx_dst, aes_ctx_src, sizeof(aes_ctx_t));
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
|
@ -0,0 +1,56 @@
|
|||
/**
|
||||
* Copyright (C) 2016 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#include "ali_crypto.h"
|
||||
|
||||
ali_crypto_result ali_ecc_get_keypair_size(size_t curve, size_t *size)
|
||||
{
|
||||
return ALI_CRYPTO_NOSUPPORT;
|
||||
}
|
||||
ali_crypto_result ali_ecc_get_pubkey_size(size_t curve, size_t *size)
|
||||
{
|
||||
return ALI_CRYPTO_NOSUPPORT;
|
||||
}
|
||||
ali_crypto_result ali_ecc_init_keypair(
|
||||
const uint8_t *x, size_t x_size,
|
||||
const uint8_t *y, size_t y_size,
|
||||
const uint8_t *d, size_t d_size,
|
||||
size_t curve, ecc_keypair_t *keypair)
|
||||
{
|
||||
return ALI_CRYPTO_NOSUPPORT;
|
||||
}
|
||||
ali_crypto_result ali_ecc_init_pubkey(
|
||||
const uint8_t *x, size_t x_size,
|
||||
const uint8_t *y, size_t y_size,
|
||||
size_t curve, ecc_pubkey_t *pubkey)
|
||||
{
|
||||
return ALI_CRYPTO_NOSUPPORT;
|
||||
}
|
||||
ali_crypto_result ali_ecc_gen_keypair(
|
||||
size_t curve, ecc_keypair_t *keypair)
|
||||
{
|
||||
return ALI_CRYPTO_NOSUPPORT;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_ecdsa_sign(const ecc_keypair_t *priv_key,
|
||||
const uint8_t *src, size_t src_size,
|
||||
uint8_t *signature, size_t *sig_size)
|
||||
{
|
||||
return ALI_CRYPTO_NOSUPPORT;
|
||||
}
|
||||
ali_crypto_result ali_ecdsa_verify(const ecc_pubkey_t *pub_key,
|
||||
const uint8_t *src, size_t src_size,
|
||||
const uint8_t *signature, size_t sig_size,
|
||||
bool *result)
|
||||
{
|
||||
return ALI_CRYPTO_NOSUPPORT;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_ecdh_derive_secret(
|
||||
const ecc_keypair_t *priv_key,
|
||||
const ecc_pubkey_t *peer_pubkey_key,
|
||||
uint8_t *shared_secret, size_t *secret_size)
|
||||
{
|
||||
return ALI_CRYPTO_NOSUPPORT;
|
||||
}
|
||||
401
Living_SDK/security/alicrypto/libalicrypto/mbed/hash/hash.c
Normal file
401
Living_SDK/security/alicrypto/libalicrypto/mbed/hash/hash.c
Normal file
|
|
@ -0,0 +1,401 @@
|
|||
/**
|
||||
* Copyright (C) 2017 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#include "mbed_crypto.h"
|
||||
#include "ali_crypto.h"
|
||||
|
||||
ali_crypto_result ali_hash_get_ctx_size(hash_type_t type, size_t *size)
|
||||
{
|
||||
if (NULL == size) {
|
||||
MBED_DBG_E("get_ctx_size: bad input!\n");
|
||||
return ALI_CRYPTO_INVALID_ARG;
|
||||
}
|
||||
|
||||
switch(type) {
|
||||
case SHA1:
|
||||
case SHA224:
|
||||
case SHA256:
|
||||
case SHA384:
|
||||
case SHA512:
|
||||
case MD5:
|
||||
break;
|
||||
|
||||
default:
|
||||
MBED_DBG_E("get_ctx_size: invalid hash type(%d)\n", type);
|
||||
return ALI_CRYPTO_INVALID_TYPE;
|
||||
}
|
||||
|
||||
*size = sizeof(hash_ctx_t);
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hash_init(hash_type_t type, void *context)
|
||||
{
|
||||
hash_ctx_t *hash_ctx;
|
||||
|
||||
if (NULL == context) {
|
||||
MBED_DBG_E("ali_hash_init: bad ctx!\n");
|
||||
return ALI_CRYPTO_INVALID_CONTEXT;
|
||||
}
|
||||
|
||||
hash_ctx = (hash_ctx_t *)context;
|
||||
if ((IS_VALID_CTX_MAGIC(hash_ctx->magic) &&
|
||||
hash_ctx->status != CRYPTO_STATUS_FINISHED) &&
|
||||
hash_ctx->status != CRYPTO_STATUS_CLEAN) {
|
||||
MBED_DBG_E("ali_hash_init: bad status(%d)\n", (int)hash_ctx->status);
|
||||
return ALI_CRYPTO_ERR_STATE;
|
||||
}
|
||||
|
||||
switch(type) {
|
||||
#ifdef MBEDTLS_SHA1_C
|
||||
case SHA1: {
|
||||
mbedtls_sha1_init(&hash_ctx->sha1_ctx);
|
||||
mbedtls_sha1_starts(&hash_ctx->sha1_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA256_C
|
||||
case SHA224: {
|
||||
mbedtls_sha256_init(&hash_ctx->sha256_ctx);
|
||||
mbedtls_sha256_starts(&hash_ctx->sha256_ctx, 1);
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA256: {
|
||||
mbedtls_sha256_init(&hash_ctx->sha256_ctx);
|
||||
mbedtls_sha256_starts(&hash_ctx->sha256_ctx, 0);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA512_C
|
||||
case SHA384: {
|
||||
mbedtls_sha512_init(&hash_ctx->sha512_ctx);
|
||||
mbedtls_sha512_starts(&hash_ctx->sha512_ctx, 1);
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA512: {
|
||||
mbedtls_sha512_init(&hash_ctx->sha512_ctx);
|
||||
mbedtls_sha512_starts(&hash_ctx->sha512_ctx, 0);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_MD5_C
|
||||
case MD5: {
|
||||
mbedtls_md5_init(&hash_ctx->md5_ctx);
|
||||
mbedtls_md5_starts(&hash_ctx->md5_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
default:
|
||||
MBED_DBG_E("ali_hash_init: invalid hash type(%d)\n", type);
|
||||
return ALI_CRYPTO_INVALID_TYPE;
|
||||
}
|
||||
|
||||
hash_ctx->type = type;
|
||||
hash_ctx->status = CRYPTO_STATUS_INITIALIZED;
|
||||
INIT_CTX_MAGIC(hash_ctx->magic);
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hash_update(const uint8_t *src, size_t size, void *context)
|
||||
{
|
||||
hash_ctx_t *hash_ctx;
|
||||
|
||||
if (context == NULL) {
|
||||
MBED_DBG_E("ali_hash_update: bad ctx!\n");
|
||||
return ALI_CRYPTO_INVALID_CONTEXT;
|
||||
}
|
||||
|
||||
if (src == NULL && size != 0) {
|
||||
MBED_DBG_E("ali_hash_update: bad args!\n");
|
||||
return ALI_CRYPTO_INVALID_ARG;
|
||||
}
|
||||
|
||||
hash_ctx = (hash_ctx_t *)context;
|
||||
if (!IS_VALID_CTX_MAGIC(hash_ctx->magic)) {
|
||||
MBED_DBG_E("ali_hash_update: bad magic!\n");
|
||||
return ALI_CRYPTO_INVALID_CONTEXT;
|
||||
}
|
||||
|
||||
if ((hash_ctx->status != CRYPTO_STATUS_INITIALIZED) &&
|
||||
(hash_ctx->status != CRYPTO_STATUS_PROCESSING)) {
|
||||
MBED_DBG_E("ali_hash_update: bad status(%d)\n", (int)hash_ctx->status);
|
||||
return ALI_CRYPTO_ERR_STATE;
|
||||
}
|
||||
|
||||
switch(hash_ctx->type) {
|
||||
#ifdef MBEDTLS_SHA1_C
|
||||
case SHA1: {
|
||||
mbedtls_sha1_update(&hash_ctx->sha1_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA256_C
|
||||
case SHA224: {
|
||||
mbedtls_sha256_update(&hash_ctx->sha256_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA256: {
|
||||
mbedtls_sha256_update(&hash_ctx->sha256_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA512_C
|
||||
case SHA384: {
|
||||
mbedtls_sha512_update(&hash_ctx->sha512_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA512: {
|
||||
mbedtls_sha512_update(&hash_ctx->sha512_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_MD5_C
|
||||
case MD5: {
|
||||
mbedtls_md5_update(&hash_ctx->md5_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
default:
|
||||
MBED_DBG_E("ali_hash_update: invalid hash type(%d)\n", hash_ctx->type);
|
||||
return ALI_CRYPTO_INVALID_TYPE;
|
||||
}
|
||||
|
||||
hash_ctx->status = CRYPTO_STATUS_PROCESSING;
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hash_final(uint8_t *dgst, void *context)
|
||||
{
|
||||
hash_ctx_t *hash_ctx;
|
||||
|
||||
if (context == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_hash_final: invalid context!\n");
|
||||
}
|
||||
if (dgst == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_hash_final: bad input args!\n");
|
||||
}
|
||||
|
||||
hash_ctx = (hash_ctx_t *)context;
|
||||
if (!IS_VALID_CTX_MAGIC(hash_ctx->magic)) {
|
||||
MBED_DBG_E("ali_hash_final: bad magic!\n");
|
||||
return ALI_CRYPTO_INVALID_CONTEXT;
|
||||
}
|
||||
|
||||
if ((hash_ctx->status != CRYPTO_STATUS_INITIALIZED) &&
|
||||
(hash_ctx->status != CRYPTO_STATUS_PROCESSING)) {
|
||||
MBED_DBG_E("ali_hash_final: bad status(%d)\n", (int)hash_ctx->status);
|
||||
return ALI_CRYPTO_ERR_STATE;
|
||||
}
|
||||
|
||||
switch(hash_ctx->type) {
|
||||
#ifdef MBEDTLS_SHA1_C
|
||||
case SHA1: {
|
||||
mbedtls_sha1_finish(&hash_ctx->sha1_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha1_free(&hash_ctx->sha1_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA256_C
|
||||
case SHA224: {
|
||||
mbedtls_sha256_finish(&hash_ctx->sha256_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha256_free(&hash_ctx->sha256_ctx);
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA256: {
|
||||
mbedtls_sha256_finish(&hash_ctx->sha256_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha256_free(&hash_ctx->sha256_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA512_C
|
||||
case SHA384: {
|
||||
mbedtls_sha512_finish(&hash_ctx->sha512_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha512_free(&hash_ctx->sha512_ctx);
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA512: {
|
||||
mbedtls_sha512_finish(&hash_ctx->sha512_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha512_free(&hash_ctx->sha512_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_MD5_C
|
||||
case MD5: {
|
||||
mbedtls_md5_finish(&hash_ctx->md5_ctx, (unsigned char *)dgst);
|
||||
mbedtls_md5_free(&hash_ctx->md5_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
default:
|
||||
MBED_DBG_E("ali_hash_final: invalid hash type(%d)\n", hash_ctx->type);
|
||||
return ALI_CRYPTO_INVALID_TYPE;
|
||||
}
|
||||
|
||||
CLEAN_CTX_MAGIC(hash_ctx->magic);
|
||||
hash_ctx->status = CRYPTO_STATUS_FINISHED;
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hash_digest(hash_type_t type,
|
||||
const uint8_t *src, size_t size, uint8_t *dgst)
|
||||
{
|
||||
hash_ctx_t hash_ctx;
|
||||
|
||||
if ((src == NULL && size != 0) || dgst == NULL) {
|
||||
MBED_DBG_E("ali_hash_digest: bad input args!\n");
|
||||
return ALI_CRYPTO_INVALID_ARG;
|
||||
}
|
||||
|
||||
switch(type) {
|
||||
#ifdef MBEDTLS_SHA1_C
|
||||
case SHA1: {
|
||||
mbedtls_sha1_init(&hash_ctx.sha1_ctx);
|
||||
mbedtls_sha1_starts(&hash_ctx.sha1_ctx);
|
||||
mbedtls_sha1_update(&hash_ctx.sha1_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
mbedtls_sha1_finish(&hash_ctx.sha1_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha1_free(&hash_ctx.sha1_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA256_C
|
||||
case SHA224: {
|
||||
mbedtls_sha256_init(&hash_ctx.sha256_ctx);
|
||||
mbedtls_sha256_starts(&hash_ctx.sha256_ctx, 1);
|
||||
mbedtls_sha256_update(&hash_ctx.sha256_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
mbedtls_sha256_finish(&hash_ctx.sha256_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha256_free(&hash_ctx.sha256_ctx);
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA256: {
|
||||
mbedtls_sha256_init(&hash_ctx.sha256_ctx);
|
||||
mbedtls_sha256_starts(&hash_ctx.sha256_ctx, 0);
|
||||
mbedtls_sha256_update(&hash_ctx.sha256_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
mbedtls_sha256_finish(&hash_ctx.sha256_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha256_free(&hash_ctx.sha256_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA512_C
|
||||
case SHA384: {
|
||||
mbedtls_sha512_init(&hash_ctx.sha512_ctx);
|
||||
mbedtls_sha512_starts(&hash_ctx.sha512_ctx, 1);
|
||||
mbedtls_sha512_update(&hash_ctx.sha512_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
mbedtls_sha512_finish(&hash_ctx.sha512_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha512_free(&hash_ctx.sha512_ctx);
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA512: {
|
||||
mbedtls_sha512_init(&hash_ctx.sha512_ctx);
|
||||
mbedtls_sha512_starts(&hash_ctx.sha512_ctx, 0);
|
||||
mbedtls_sha512_update(&hash_ctx.sha512_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
mbedtls_sha512_finish(&hash_ctx.sha512_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha512_free(&hash_ctx.sha512_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_MD5_C
|
||||
case MD5: {
|
||||
mbedtls_md5_init(&hash_ctx.md5_ctx);
|
||||
mbedtls_md5_starts(&hash_ctx.md5_ctx);
|
||||
mbedtls_md5_update(&hash_ctx.md5_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
mbedtls_md5_finish(&hash_ctx.md5_ctx, (unsigned char *)dgst);
|
||||
mbedtls_md5_free(&hash_ctx.md5_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
default:
|
||||
MBED_DBG_E("ali_hash_digest: invalid hash type(%d)\n", type);
|
||||
return ALI_CRYPTO_INVALID_TYPE;
|
||||
}
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hash_reset(void *context)
|
||||
{
|
||||
hash_ctx_t *hash_ctx;
|
||||
|
||||
if (context == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_hash_reset: invalid context!\n");
|
||||
}
|
||||
|
||||
hash_ctx = (hash_ctx_t *)context;
|
||||
#if 0
|
||||
if (!IS_VALID_CTX_MAGIC(hash_ctx->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_hash_reset: bad magic!");
|
||||
}
|
||||
#endif
|
||||
|
||||
OSA_memset(hash_ctx, 0, sizeof(hash_ctx_t));
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hash_copy_context(void *dst_ctx, void *src_ctx)
|
||||
{
|
||||
hash_ctx_t *hash_ctx_src, *hash_ctx_dst;
|
||||
|
||||
if ((src_ctx == NULL) || (dst_ctx == NULL)) {
|
||||
MBED_DBG_E("ali_hash_copy_context: bad input args!\n");
|
||||
return ALI_CRYPTO_INVALID_ARG;
|
||||
}
|
||||
|
||||
hash_ctx_src = (hash_ctx_t *)src_ctx;
|
||||
if (!IS_VALID_CTX_MAGIC(hash_ctx_src->magic)) {
|
||||
MBED_DBG_E("ali_hash_copy_context: bad magic!\n");
|
||||
return ALI_CRYPTO_INVALID_CONTEXT;
|
||||
}
|
||||
/* only can copy to one un-initialized context */
|
||||
hash_ctx_dst = (hash_ctx_t *)dst_ctx;
|
||||
if ((IS_VALID_CTX_MAGIC(hash_ctx_dst->magic)) &&
|
||||
((hash_ctx_dst->status == CRYPTO_STATUS_INITIALIZED) ||
|
||||
(hash_ctx_dst->status == CRYPTO_STATUS_PROCESSING) ||
|
||||
(hash_ctx_dst->status == CRYPTO_STATUS_FINISHED))) {
|
||||
MBED_DBG_E("ali_hash_copy_context: bad status(%d)\n",
|
||||
(int)hash_ctx_dst->status);
|
||||
return ALI_CRYPTO_ERR_STATE;
|
||||
}
|
||||
|
||||
OSA_memcpy(hash_ctx_dst, hash_ctx_src, sizeof(hash_ctx_t));
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
|
@ -0,0 +1,155 @@
|
|||
/*
|
||||
* Copyright (C) 2017 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#ifndef _MBED_CRYPTO_H_
|
||||
#define _MBED_CRYPTO_H_
|
||||
|
||||
#include "ali_crypto.h"
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include "aes.h"
|
||||
#include "sha1.h"
|
||||
#include "sha256.h"
|
||||
#include "sha512.h"
|
||||
#include "md.h"
|
||||
#include "hash.h"
|
||||
#include "md5.h"
|
||||
#include "rsa.h"
|
||||
#include "hmac.h"
|
||||
|
||||
#if CONFIG_DBG_CRYPT
|
||||
#define MBED_DBG_E(_f, _a ...) \
|
||||
printf("E %s %d: "_f, __FUNCTION__, __LINE__, ##_a)
|
||||
#define MBED_DBG_I(_f, ...) \
|
||||
printf("I %s %d: "_f, __FUNCTION__, __LINE__, ##_a)
|
||||
#else
|
||||
#define MBED_DBG_E(_f, _a...)
|
||||
#define MBED_DBG_I(_f, _a...)
|
||||
#endif
|
||||
|
||||
#define PRINT_RET(_ret, _f, ...) \
|
||||
do { \
|
||||
MBED_DBG_E(_f, ##__VA_ARGS__); \
|
||||
return (ali_crypto_result)_ret; \
|
||||
} while (0);
|
||||
|
||||
#define GO_RET(_ret, _f, ...) \
|
||||
do { \
|
||||
MBED_DBG_E(_f, ##__VA_ARGS__); \
|
||||
result = (ali_crypto_result)_ret; \
|
||||
goto _OUT; \
|
||||
} while (0);
|
||||
|
||||
#define INIT_CTX_MAGIC(m) (m = 0x12345678)
|
||||
#define IS_VALID_CTX_MAGIC(m) (0x12345678 == m)
|
||||
#define CLEAN_CTX_MAGIC(m) (m = 0x0)
|
||||
|
||||
#ifdef MBEDTLS_IOT_PLAT_AOS
|
||||
#include <aos/kernel.h>
|
||||
#define OSA_malloc(_size) aos_malloc(_size)
|
||||
#define OSA_free(_ptr) aos_free(_ptr)
|
||||
#else
|
||||
#define OSA_malloc(_size) malloc(_size)
|
||||
#define OSA_free(_ptr) free(_ptr)
|
||||
#endif
|
||||
|
||||
#define OSA_memcpy(_dst, _src, _size) memcpy(_dst, _src, _size)
|
||||
#define OSA_memset(_src, _val, _size) memset(_src, _val, _size)
|
||||
#define OSA_memcmp(_dst, _src, _size) memcmp(_dst, _src, _size)
|
||||
#define OSA_strlen(_str) strlen(_str)
|
||||
|
||||
enum
|
||||
{
|
||||
PK_PUBLIC = 0,
|
||||
PK_PRIVATE = 1
|
||||
};
|
||||
|
||||
typedef struct _hash_ctx_t
|
||||
{
|
||||
uint32_t magic;
|
||||
uint32_t status;
|
||||
hash_type_t type;
|
||||
|
||||
union
|
||||
{
|
||||
uint8_t sym_ctx[1];
|
||||
mbedtls_md5_context md5_ctx;
|
||||
mbedtls_sha1_context sha1_ctx;
|
||||
mbedtls_sha256_context sha256_ctx;
|
||||
mbedtls_sha512_context sha512_ctx;
|
||||
};
|
||||
} hash_ctx_t;
|
||||
|
||||
typedef struct _hmac_ctx_t
|
||||
{
|
||||
uint32_t magic;
|
||||
uint32_t status;
|
||||
hash_type_t type;
|
||||
|
||||
union
|
||||
{
|
||||
uint8_t sym_ctx[1];
|
||||
mbedtls_hash_context_t ctx;
|
||||
};
|
||||
} hmac_ctx_t;
|
||||
|
||||
typedef struct _cts_ctx_t
|
||||
{
|
||||
uint32_t is_ecb;
|
||||
} cts_ctx_t;
|
||||
|
||||
typedef struct _xts_ctx_t
|
||||
{
|
||||
uint8_t tweak[16];
|
||||
} xts_ctx_t;
|
||||
|
||||
typedef struct _aes_ctx_t
|
||||
{
|
||||
uint32_t magic;
|
||||
uint32_t status;
|
||||
aes_type_t type;
|
||||
uint32_t is_enc;
|
||||
uint8_t iv[AES_IV_SIZE];
|
||||
size_t offset;
|
||||
uint8_t stream_block[AES_BLOCK_SIZE];
|
||||
union
|
||||
{
|
||||
uint8_t sym_ctx[1];
|
||||
mbedtls_aes_context ctx;
|
||||
};
|
||||
} aes_ctx_t;
|
||||
|
||||
|
||||
typedef struct _des_ctx_t
|
||||
{
|
||||
uint32_t magic;
|
||||
uint32_t status;
|
||||
des_type_t type;
|
||||
uint32_t is_enc;
|
||||
union
|
||||
{
|
||||
uint8_t sym_ctx[1];
|
||||
};
|
||||
} des_ctx_t;
|
||||
|
||||
typedef struct _ae_ctx_t
|
||||
{
|
||||
uint32_t magic;
|
||||
uint32_t status;
|
||||
authenc_type_t type;
|
||||
uint32_t is_enc;
|
||||
uint32_t tag_len;
|
||||
} ae_ctx_t;
|
||||
|
||||
ali_crypto_result mbed_crypto_init(void);
|
||||
void mbed_crypto_cleanup(void);
|
||||
|
||||
#endif /* _MBED_CRYPTO_H_ */
|
||||
309
Living_SDK/security/alicrypto/libalicrypto/mbed/mac/hmac.c
Normal file
309
Living_SDK/security/alicrypto/libalicrypto/mbed/mac/hmac.c
Normal file
|
|
@ -0,0 +1,309 @@
|
|||
/**
|
||||
* Copyright (C) 2017 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#include "mbed_crypto.h"
|
||||
#include "ali_crypto.h"
|
||||
|
||||
ali_crypto_result ali_hmac_get_ctx_size(hash_type_t type, size_t *size)
|
||||
{
|
||||
if (size == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "get_ctx_size: bad input!\n");
|
||||
}
|
||||
|
||||
switch(type) {
|
||||
case SHA1:
|
||||
case SHA224:
|
||||
case SHA256:
|
||||
case SHA384:
|
||||
case SHA512:
|
||||
case MD5:
|
||||
break;
|
||||
|
||||
default:
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_TYPE,
|
||||
"get_ctx_size: invalid hmac type(%d)\n", type);
|
||||
}
|
||||
|
||||
*size = sizeof(hmac_ctx_t);
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hmac_init(hash_type_t type,
|
||||
const uint8_t *key, size_t keybytes, void *context)
|
||||
{
|
||||
int ret;
|
||||
hmac_ctx_t *hmac_ctx;
|
||||
const mbedtls_hash_info_t *md_info;
|
||||
mbedtls_md_type_t md_type;
|
||||
int zero_tmp_key;
|
||||
|
||||
if (context == NULL ||
|
||||
((key == NULL) && (keybytes != 0))) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_hmac_init: bad input args!\n");
|
||||
}
|
||||
|
||||
hmac_ctx = (hmac_ctx_t *)context;
|
||||
if ((IS_VALID_CTX_MAGIC(hmac_ctx->magic) &&
|
||||
hmac_ctx->status != CRYPTO_STATUS_FINISHED) &&
|
||||
hmac_ctx->status != CRYPTO_STATUS_CLEAN) {
|
||||
PRINT_RET(ALI_CRYPTO_ERR_STATE,
|
||||
"ali_hmac_init: bad status(%d)\n", (int)hmac_ctx->status);
|
||||
}
|
||||
|
||||
mbedtls_hash_init(&hmac_ctx->ctx);
|
||||
|
||||
switch(type) {
|
||||
case SHA1: {
|
||||
md_type = MBEDTLS_MD_SHA1;
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA224: {
|
||||
md_type = MBEDTLS_MD_SHA224;
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA256: {
|
||||
md_type = MBEDTLS_MD_SHA256;
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA384: {
|
||||
md_type = MBEDTLS_MD_SHA384;
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA512: {
|
||||
md_type = MBEDTLS_MD_SHA512;
|
||||
break;
|
||||
}
|
||||
|
||||
case MD5: {
|
||||
md_type = MBEDTLS_MD_MD5;
|
||||
break;
|
||||
}
|
||||
|
||||
default:
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_TYPE,
|
||||
"ali_hmac_init: invalid hash type(%d)\n", type);
|
||||
}
|
||||
|
||||
md_info = mbedtls_hash_info_from_type(md_type);
|
||||
if(NULL == md_info) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_TYPE,
|
||||
"ali_hmac_init: invalid hash type(%d)\n", md_type);
|
||||
}
|
||||
|
||||
ret = mbedtls_hash_setup(&hmac_ctx->ctx, md_info, 1);
|
||||
if(0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_TYPE,
|
||||
"ali_hmac_init: invalid hash type(%d)\n", md_type);
|
||||
}
|
||||
|
||||
if (keybytes) {
|
||||
ret = mbedtls_hmac_starts(&hmac_ctx->ctx, key, keybytes);
|
||||
} else {
|
||||
/* feed 4 bytes zero key */
|
||||
zero_tmp_key = 0;
|
||||
ret = mbedtls_hmac_starts(&hmac_ctx->ctx,
|
||||
(const unsigned char *)&zero_tmp_key,
|
||||
(size_t)(sizeof(zero_tmp_key)));
|
||||
}
|
||||
|
||||
if (ALI_CRYPTO_SUCCESS != ret) {
|
||||
mbedtls_hash_free(&hmac_ctx->ctx);
|
||||
PRINT_RET(ALI_CRYPTO_ERROR, "ali_hmac_init: fail to init hmac!\n");
|
||||
}
|
||||
|
||||
hmac_ctx->type = type;
|
||||
hmac_ctx->status = CRYPTO_STATUS_INITIALIZED;
|
||||
INIT_CTX_MAGIC(hmac_ctx->magic);
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hmac_update(const uint8_t *src, size_t size, void *context)
|
||||
{
|
||||
int ret;
|
||||
hmac_ctx_t *hmac_ctx;
|
||||
|
||||
if (context == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_hmac_update: bad ctx!\n");
|
||||
}
|
||||
|
||||
if (src == NULL && size != 0) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_hmac_update: bad args!\n");
|
||||
}
|
||||
|
||||
hmac_ctx = (hmac_ctx_t *)context;
|
||||
if (!IS_VALID_CTX_MAGIC(hmac_ctx->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_hmac_update: bad magic!\n");
|
||||
}
|
||||
|
||||
if ((hmac_ctx->status != CRYPTO_STATUS_INITIALIZED) &&
|
||||
(hmac_ctx->status != CRYPTO_STATUS_PROCESSING)) {
|
||||
PRINT_RET(ALI_CRYPTO_ERR_STATE,
|
||||
"ali_hmac_update: bad status(%d)\n", (int)hmac_ctx->status);
|
||||
}
|
||||
|
||||
ret = mbedtls_hmac_update(&hmac_ctx->ctx,
|
||||
(const unsigned char *)src, size);
|
||||
if (ALI_CRYPTO_SUCCESS != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR, "ali_hmac_update: hmac_process fail!\n");
|
||||
}
|
||||
|
||||
hmac_ctx->status = CRYPTO_STATUS_PROCESSING;
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hmac_final(uint8_t *dgst, void *context)
|
||||
{
|
||||
int ret;
|
||||
hmac_ctx_t *hmac_ctx;
|
||||
|
||||
if (context == NULL || dgst == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_hmac_final: bad input args!\n");
|
||||
}
|
||||
|
||||
hmac_ctx = (hmac_ctx_t *)context;
|
||||
if (!IS_VALID_CTX_MAGIC(hmac_ctx->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_hmac_final: bad magic!\n");
|
||||
}
|
||||
|
||||
if ((hmac_ctx->status != CRYPTO_STATUS_INITIALIZED) &&
|
||||
(hmac_ctx->status != CRYPTO_STATUS_PROCESSING)) {
|
||||
PRINT_RET(ALI_CRYPTO_ERR_STATE,
|
||||
"ali_hmac_final: bad status(%d)\n", (int)hmac_ctx->status);
|
||||
}
|
||||
|
||||
ret = mbedtls_hmac_finish(&hmac_ctx->ctx, dgst);
|
||||
if (ALI_CRYPTO_SUCCESS != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR, "ali_hmac_final: hmac_done fail!\n");
|
||||
}
|
||||
|
||||
CLEAN_CTX_MAGIC(hmac_ctx->magic);
|
||||
hmac_ctx->status = CRYPTO_STATUS_FINISHED;
|
||||
|
||||
mbedtls_hash_free(&hmac_ctx->ctx);
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hmac_digest(hash_type_t type,
|
||||
const uint8_t *key, size_t keybytes,
|
||||
const uint8_t *src, size_t size, uint8_t *dgst)
|
||||
{
|
||||
int ret;
|
||||
const mbedtls_hash_info_t *md_info;
|
||||
mbedtls_md_type_t md_type;
|
||||
|
||||
if ((src == NULL && size != 0) ||
|
||||
key == NULL || keybytes == 0|| dgst == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_hmac_digest: bad input args!\n");
|
||||
}
|
||||
|
||||
switch(type) {
|
||||
case SHA1: {
|
||||
md_type = MBEDTLS_MD_SHA1;
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA224: {
|
||||
md_type = MBEDTLS_MD_SHA224;
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA256: {
|
||||
md_type = MBEDTLS_MD_SHA256;
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA384: {
|
||||
md_type = MBEDTLS_MD_SHA384;
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA512: {
|
||||
md_type = MBEDTLS_MD_SHA512;
|
||||
break;
|
||||
}
|
||||
|
||||
case MD5: {
|
||||
md_type = MBEDTLS_MD_MD5;
|
||||
break;
|
||||
}
|
||||
|
||||
default:
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_TYPE,
|
||||
"ali_hmac_digest: invalid hash type(%d)\n", type);
|
||||
}
|
||||
|
||||
md_info = mbedtls_hash_info_from_type(md_type);
|
||||
if(NULL == md_info) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_TYPE,
|
||||
"ali_hmac_init: invalid hash type(%d)\n", md_type);
|
||||
}
|
||||
|
||||
ret = mbedtls_hash_hmac(md_info, key, keybytes, src, size, dgst);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR, "ali_hmac_digest: hmac_memory fail!\n");
|
||||
}
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hmac_reset(void *context)
|
||||
{
|
||||
hmac_ctx_t *hmac_ctx;
|
||||
int32_t ret;
|
||||
|
||||
if (context == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_hmac_reset: bad input args!\n");
|
||||
}
|
||||
|
||||
hmac_ctx = (hmac_ctx_t *)context;
|
||||
if (!IS_VALID_CTX_MAGIC(hmac_ctx->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_hmac_reset: bad magic!\n");
|
||||
}
|
||||
|
||||
ret = mbedtls_hmac_reset(&hmac_ctx->ctx);
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"ali_hmac_reset: mbedtls_md_hmac_reset fial %d!\n", (int)ret);
|
||||
}
|
||||
|
||||
OSA_memset(hmac_ctx, 0, sizeof(hmac_ctx_t));
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hmac_copy_context(void *dst_ctx, void *src_ctx)
|
||||
{
|
||||
hmac_ctx_t *hmac_ctx_src, *hmac_ctx_dst;
|
||||
|
||||
if ((src_ctx == NULL) || (dst_ctx == NULL)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG,
|
||||
"ali_hmac_copy_context: bad input args!\n");
|
||||
}
|
||||
|
||||
hmac_ctx_src = (hmac_ctx_t *)src_ctx;
|
||||
if (!IS_VALID_CTX_MAGIC(hmac_ctx_src->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT,
|
||||
"ali_hmac_copy_context: bad magic!\n");
|
||||
}
|
||||
|
||||
/* only can copy to one un-initialized context */
|
||||
hmac_ctx_dst = (hmac_ctx_t *)dst_ctx;
|
||||
if ((IS_VALID_CTX_MAGIC(hmac_ctx_dst->magic)) &&
|
||||
((hmac_ctx_dst->status == CRYPTO_STATUS_INITIALIZED) ||
|
||||
(hmac_ctx_dst->status == CRYPTO_STATUS_PROCESSING) ||
|
||||
(hmac_ctx_dst->status == CRYPTO_STATUS_FINISHED))) {
|
||||
PRINT_RET(ALI_CRYPTO_ERR_STATE,
|
||||
"ali_hmac_copy_context: bad status(%d)\n", (int)hmac_ctx_dst->status);
|
||||
}
|
||||
OSA_memcpy(hmac_ctx_dst, hmac_ctx_src, sizeof(hmac_ctx_t));
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
|
||||
/**
|
||||
* Copyright (C) 2017 The YunOS Project. All rights reserved.
|
||||
**/
|
||||
|
||||
|
|
@ -0,0 +1,444 @@
|
|||
/**
|
||||
* Copyright (C) 2016 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#include "tee_osa.h"
|
||||
#include "tomcrypt.h"
|
||||
|
||||
static int _g_prng_idx = 0;
|
||||
static prng_state _g_prng_state;
|
||||
|
||||
static uint8_t RSA_1024_N[128] = {
|
||||
0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58,
|
||||
0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1,
|
||||
0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4,
|
||||
0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91,
|
||||
0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62,
|
||||
0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3,
|
||||
0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb,
|
||||
0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf,
|
||||
0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b,
|
||||
0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77,
|
||||
0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70,
|
||||
0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1,
|
||||
0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2,
|
||||
0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4,
|
||||
0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8,
|
||||
0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37
|
||||
};
|
||||
static uint8_t RSA_1024_E[3] = {0x01, 0x00, 0x01};
|
||||
static uint8_t RSA_1024_D[128] = {
|
||||
0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f,
|
||||
0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47,
|
||||
0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae,
|
||||
0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8,
|
||||
0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f,
|
||||
0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8,
|
||||
0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1,
|
||||
0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a,
|
||||
0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70,
|
||||
0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27,
|
||||
0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83,
|
||||
0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c,
|
||||
0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37,
|
||||
0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b,
|
||||
0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc,
|
||||
0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25
|
||||
};
|
||||
|
||||
static void _print_data(const char *name, uint8_t *data, size_t size)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
if (data == NULL || size == 0) {
|
||||
printf("print_data: no data\n");
|
||||
return;
|
||||
}
|
||||
|
||||
printf("%s size: %d\n", name, size);
|
||||
for (i = 0; i < size - size % 8; i += 8) {
|
||||
printf("%s data: %02x%02x %02x%02x %02x%02x %02x%02x\n",
|
||||
name,
|
||||
data[i+0], data[i+1], data[i+2], data[i+3],
|
||||
data[i+4], data[i+5], data[i+6], data[i+7]);
|
||||
}
|
||||
while(i < size) {
|
||||
printf("%s data: %02x\n", name, data[i]);
|
||||
i++;
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
static void _print_rsa_key(rsa_key *key)
|
||||
{
|
||||
uint32_t len;
|
||||
uint8_t tmp[256];
|
||||
|
||||
printf("RSA %s key:\n", (key->type == PK_PUBLIC)? "public" : "private");
|
||||
if (key->type == PK_PUBLIC) {
|
||||
len = mp_unsigned_bin_size(key->N);
|
||||
mp_to_unsigned_bin(key->N, tmp);
|
||||
_print_data("RSA N", tmp, len);
|
||||
|
||||
len = mp_unsigned_bin_size(key->e);
|
||||
mp_to_unsigned_bin(key->e, tmp);
|
||||
_print_data("RSA e", tmp, len);
|
||||
} else {
|
||||
len = mp_unsigned_bin_size(key->N);
|
||||
mp_to_unsigned_bin(key->N, tmp);
|
||||
_print_data("RSA N", tmp, len);
|
||||
|
||||
len = mp_unsigned_bin_size(key->e);
|
||||
mp_to_unsigned_bin(key->e, tmp);
|
||||
_print_data("RSA e", tmp, len);
|
||||
|
||||
len = mp_unsigned_bin_size(key->d);
|
||||
mp_to_unsigned_bin(key->d, tmp);
|
||||
_print_data("RSA d", tmp, len);
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
static int _rsa_test_gen_key(rsa_key *key)
|
||||
{
|
||||
int ret;
|
||||
|
||||
ret = rsa_make_key(&_g_prng_state, _g_prng_idx, 1024/8, 65537, key);
|
||||
if (ret != CRYPT_OK) {
|
||||
printf("rsa make key fail(%d)\n", ret);
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int _rsa_test_init_key(rsa_key *key)
|
||||
{
|
||||
int ret;
|
||||
int type;
|
||||
|
||||
type = key->type;
|
||||
memset(key, 0, sizeof(rsa_key));
|
||||
key->type = type;
|
||||
|
||||
ret = mp_init_multi(&key->N, &key->e, &key->d, NULL);
|
||||
if (ret < 0) {
|
||||
printf("init_key: mp init multi fail(%d)\n", ret);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (key->type == PK_PUBLIC) {
|
||||
mp_read_unsigned_bin(key->N, RSA_1024_N, 1024/8);
|
||||
mp_read_unsigned_bin(key->e, RSA_1024_E, 3);
|
||||
} else {
|
||||
mp_read_unsigned_bin(key->N, RSA_1024_N, 1024/8);
|
||||
mp_read_unsigned_bin(key->e, RSA_1024_E, 3);
|
||||
mp_read_unsigned_bin(key->d, RSA_1024_D, 1024/8);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int _rsa_test_encrypt_decrypt_nopad(void)
|
||||
{
|
||||
int ret = 0;
|
||||
rsa_key key;
|
||||
uint8_t src_data[128];
|
||||
uint8_t plaintext[128];
|
||||
uint8_t ciphertext[128];
|
||||
ulong_t src_size = 128;
|
||||
ulong_t dst_size = 128;
|
||||
|
||||
ret = _rsa_test_gen_key(&key);
|
||||
if (ret < 0) {
|
||||
printf("rsa gen key fail\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* public encrypt */
|
||||
memset(src_data, 0xa, src_size);
|
||||
ret = rsa_exptmod(src_data, src_size,
|
||||
ciphertext, &dst_size, PK_PUBLIC, &key);
|
||||
if (ret != CRYPT_OK) {
|
||||
printf("public encrypt fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
/* private decrypt */
|
||||
dst_size = 128;
|
||||
ret = rsa_exptmod(ciphertext, src_size,
|
||||
plaintext, &dst_size, PK_PRIVATE, &key);
|
||||
if (ret != CRYPT_OK) {
|
||||
printf("private decrypt fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
if (memcmp(src_data, plaintext, src_size)) {
|
||||
printf("RSA encrypt and decrypt with no-padding fail!\n");
|
||||
_print_data("plaintext", plaintext, dst_size);
|
||||
_print_data("ciphertext", ciphertext, dst_size);
|
||||
} else {
|
||||
printf("RSA encrypt and decrypt with no-padding success!\n");
|
||||
}
|
||||
|
||||
_out:
|
||||
rsa_free(&key);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int _rsa_test_encrypt_decrypt_v1_5(void)
|
||||
{
|
||||
int ret, stat;
|
||||
rsa_key key;
|
||||
uint8_t src_data[128];
|
||||
uint8_t plaintext[128];
|
||||
uint8_t ciphertext[128];
|
||||
ulong_t src_size = 117;
|
||||
ulong_t dst_size = 128;
|
||||
|
||||
ret = _rsa_test_gen_key(&key);
|
||||
if (ret < 0) {
|
||||
printf("rsa gen key fail\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* public encrypt */
|
||||
memset(src_data, 0xa, src_size);
|
||||
ret = rsa_encrypt_key_ex(src_data, src_size, ciphertext, &dst_size,
|
||||
NULL, 0, &_g_prng_state, _g_prng_idx, 0, LTC_PKCS_1_V1_5, &key);
|
||||
if (ret != CRYPT_OK) {
|
||||
printf("public encrypt with pkcs1_v1_5 fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
/* private decrypt */
|
||||
dst_size = 128;
|
||||
ret = rsa_decrypt_key_ex(ciphertext, 128, plaintext, &dst_size,
|
||||
NULL, 0, 0, LTC_PKCS_1_V1_5, &stat, &key);
|
||||
if (ret != CRYPT_OK || stat != 1) {
|
||||
printf("private decrypt with pkcs1_v1_5 fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
if (memcmp(src_data, plaintext, src_size)) {
|
||||
printf("RSA encrypt and decrypt with pkcs1_v1_5 fail!\n");
|
||||
_print_data("plaintext", plaintext, src_size);
|
||||
_print_data("ciphertext", ciphertext, dst_size);
|
||||
} else {
|
||||
printf("RSA encrypt and decrypt with pkcs1_v_5 success!\n");
|
||||
}
|
||||
|
||||
_out:
|
||||
rsa_free(&key);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int _rsa_test_encrypt_decrypt_oaep(void)
|
||||
{
|
||||
int ret, stat;
|
||||
rsa_key key;
|
||||
int hash_idx;
|
||||
uint8_t src_data[128];
|
||||
uint8_t plaintext[128];
|
||||
uint8_t ciphertext[128];
|
||||
ulong_t src_size = 86;
|
||||
ulong_t dst_size = 128;
|
||||
uint8_t lparam[] = {0x01, 0x02, 0x03, 0x04};
|
||||
|
||||
key.type = PK_PRIVATE;
|
||||
ret = _rsa_test_init_key(&key);
|
||||
if (ret < 0) {
|
||||
printf("rsa init key fail\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
hash_idx = find_hash("sha1");
|
||||
if (hash_idx < 0) {
|
||||
printf("not find sha1\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* public encrypt without lparam */
|
||||
memset(src_data, 0xa, src_size);
|
||||
ret = rsa_encrypt_key_ex(src_data, src_size, ciphertext, &dst_size,
|
||||
NULL, 0, &_g_prng_state, _g_prng_idx, hash_idx, LTC_PKCS_1_OAEP, &key);
|
||||
if (ret != CRYPT_OK) {
|
||||
printf("public encrypt with oaep(without lparam) fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
/* private decrypt without lparam*/
|
||||
ret = rsa_decrypt_key_ex(ciphertext, 128, plaintext, &dst_size,
|
||||
NULL, 0, hash_idx, LTC_PKCS_1_OAEP, &stat, &key);
|
||||
if (ret != CRYPT_OK || stat != 1) {
|
||||
printf("private decrypt with oaep(without lparam) fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
if (memcmp(src_data, plaintext, src_size)) {
|
||||
printf("RSA encrypt and decrypt with pkcs1_oaep(without lparam) fail!\n");
|
||||
_print_data("plaintext", plaintext, src_size);
|
||||
_print_data("ciphertext", ciphertext, dst_size);
|
||||
} else {
|
||||
printf("RSA encrypt and decrypt with pkcs1_oaep(without lparam) success!\n");
|
||||
}
|
||||
|
||||
/* public encrypt with lparam */
|
||||
dst_size = 128;
|
||||
ret = rsa_encrypt_key_ex(src_data, src_size, ciphertext, &dst_size,
|
||||
lparam, sizeof(lparam), &_g_prng_state, _g_prng_idx, hash_idx, LTC_PKCS_1_OAEP, &key);
|
||||
if (ret != CRYPT_OK) {
|
||||
printf("public encrypt with oaep(with lparam) fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
/* private decrypt with lparam*/
|
||||
ret = rsa_decrypt_key_ex(ciphertext, 128, plaintext, &dst_size,
|
||||
lparam, sizeof(lparam), hash_idx, LTC_PKCS_1_OAEP, &stat, &key);
|
||||
if (ret != CRYPT_OK || stat != 1) {
|
||||
printf("private decrypt with oaep(with lparam) fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
if (memcmp(src_data, plaintext, src_size)) {
|
||||
printf("RSA encrypt and decrypt with pkcs1_oaep(with lparam) fail!\n");
|
||||
_print_data("plaintext", plaintext, src_size);
|
||||
_print_data("ciphertext", ciphertext, dst_size);
|
||||
} else {
|
||||
printf("RSA encrypt and decrypt with pkcs1_oaep(with lparam) success!\n");
|
||||
}
|
||||
|
||||
_out:
|
||||
rsa_free(&key);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int _rsa_test_sign_verify(void)
|
||||
{
|
||||
int ret;
|
||||
int stat;
|
||||
rsa_key key;
|
||||
int hash_idx;
|
||||
ulong_t src_size;
|
||||
ulong_t sig_size = 128;
|
||||
uint8_t src_data[64];
|
||||
uint8_t signature[128];
|
||||
|
||||
ret = _rsa_test_gen_key(&key);
|
||||
if (ret < 0) {
|
||||
printf("rsa gen key fail\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
hash_idx = find_hash("sha1");
|
||||
if (hash_idx < 0) {
|
||||
printf("not find hash\n");
|
||||
return -1;
|
||||
}
|
||||
src_size = 20;
|
||||
|
||||
/* private sign with v1_5 padding */
|
||||
memset(src_data, 0xa, 64);
|
||||
ret = rsa_sign_hash_ex(src_data, src_size, signature, &sig_size,
|
||||
LTC_PKCS_1_V1_5, &_g_prng_state, _g_prng_idx,
|
||||
hash_idx, 0, &key);
|
||||
if (ret != CRYPT_OK) {
|
||||
printf("rsa private sign(v1_5) fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
/* public verify with v1_5 padding */
|
||||
key.type = PK_PUBLIC;
|
||||
ret = rsa_verify_hash_ex(signature, sig_size, src_data, src_size,
|
||||
LTC_PKCS_1_V1_5, hash_idx, 0, &stat, &key);
|
||||
if (ret != CRYPT_OK || stat != 1) {
|
||||
printf("RSA public verify(v1_5) fail(ret; %d stat: %d)\n", ret , stat);
|
||||
_print_data("v1_5_sig", signature, sig_size);
|
||||
ret = -1;
|
||||
goto _out;
|
||||
} else {
|
||||
printf("rsa public verify(v1_5) success!\n");
|
||||
}
|
||||
|
||||
/* private sign with pss padding */
|
||||
key.type = PK_PRIVATE;
|
||||
ret = rsa_sign_hash_ex(src_data, src_size, signature, &sig_size,
|
||||
LTC_PKCS_1_PSS, &_g_prng_state, _g_prng_idx,
|
||||
hash_idx, 8, &key);
|
||||
if (ret != CRYPT_OK) {
|
||||
printf("RSA private sign(pss) fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
/* public verify with pss padding */
|
||||
key.type = PK_PUBLIC;
|
||||
ret = rsa_verify_hash_ex(signature, sig_size, src_data, src_size,
|
||||
LTC_PKCS_1_PSS, hash_idx, 8, &stat, &key);
|
||||
if (ret != CRYPT_OK || stat != 1) {
|
||||
printf("RSA public verify(pss) fail(ret; %d stat: %d)\n", ret , stat);
|
||||
_print_data("pss_sig", signature, sig_size);
|
||||
ret = -1;
|
||||
goto _out;
|
||||
} else {
|
||||
printf("RSA public verify(pss) success!\n");
|
||||
}
|
||||
|
||||
_out:
|
||||
rsa_free(&key);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static void _mbed_crypto_rsa_test(uint32_t level)
|
||||
{
|
||||
int ret;
|
||||
rsa_key key;
|
||||
|
||||
#if 0
|
||||
ret = _rsa_test_gen_key(&key);
|
||||
if (ret < 0) {
|
||||
printf("rsa gen key fail\n");
|
||||
return;
|
||||
}
|
||||
rsa_free(&key);
|
||||
#endif
|
||||
|
||||
key.type = PK_PRIVATE;
|
||||
ret = _rsa_test_init_key(&key);
|
||||
if (ret < 0) {
|
||||
printf("rsa gen key fail\n");
|
||||
return;
|
||||
}
|
||||
rsa_free(&key);
|
||||
|
||||
ret = _rsa_test_encrypt_decrypt_nopad();
|
||||
if (ret < 0) {
|
||||
printf("rsa encrypt decrypt with nopad test fail\n");
|
||||
return;
|
||||
}
|
||||
|
||||
ret = _rsa_test_encrypt_decrypt_v1_5();
|
||||
if (ret < 0) {
|
||||
printf("rsa encrypt decrypt with pkcs1_v_5 test fail\n");
|
||||
return;
|
||||
}
|
||||
|
||||
ret = _rsa_test_encrypt_decrypt_oaep();
|
||||
if (ret < 0) {
|
||||
printf("rsa encrypt decrypt with pkcs1_oaep test fail\n");
|
||||
return;
|
||||
}
|
||||
|
||||
ret = _rsa_test_sign_verify();
|
||||
if (ret < 0) {
|
||||
printf("rsa sign verify test fail\n");
|
||||
return;
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
|
@ -0,0 +1,54 @@
|
|||
/**
|
||||
* Copyright (C) 2017 The YunOS Project. All rights reserved.
|
||||
**/
|
||||
|
||||
#include "ali_crypto.h"
|
||||
#include "mbed_crypto.h"
|
||||
|
||||
//static uint32_t next = 1;
|
||||
static uint32_t randseed = 12345;
|
||||
|
||||
uint32_t ali_crypt_rand_word(void)
|
||||
{
|
||||
return (randseed = randseed * 1664525 + 1013904223);
|
||||
}
|
||||
|
||||
ali_crypto_result ali_rand_gen(uint8_t *buf, size_t len)
|
||||
{
|
||||
uint32_t i;
|
||||
uint32_t tmp;
|
||||
|
||||
if (buf == NULL || len == 0) {
|
||||
MBED_DBG_E("ali_rand_gen: invalid input args!\n");
|
||||
return ALI_CRYPTO_INVALID_ARG;
|
||||
}
|
||||
|
||||
tmp = ali_crypt_rand_word();
|
||||
for (i = 0; i < len; i++) {
|
||||
if ((i & 3) == 0) {
|
||||
tmp = ali_crypt_rand_word();
|
||||
}
|
||||
buf[i] = ((tmp >> ((i & 3) << 3)) & 0xff);
|
||||
}
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_seed(uint8_t *seed, size_t seed_len)
|
||||
{
|
||||
uint32_t i, tmp = 0;
|
||||
|
||||
for (i = 0; i < (seed_len - seed_len % 4); i += 4) {
|
||||
tmp ^= seed[i];
|
||||
tmp ^= seed[i + 1] << 8;
|
||||
tmp ^= seed[i + 2] << 16;
|
||||
tmp ^= seed[i + 3] << 24;
|
||||
}
|
||||
while (i < seed_len) {
|
||||
tmp ^= seed[i++];
|
||||
}
|
||||
|
||||
randseed = tmp;
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
|
@ -0,0 +1,14 @@
|
|||
/*
|
||||
* Copyright (C) 2016 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#ifndef _ALI_CRYPTO_RAND_H_
|
||||
#define _ALI_CRYPTO_RAND_H_
|
||||
|
||||
#include "ali_crypto.h"
|
||||
|
||||
extern void ali_crypt_rand_reseed(uint32_t seed);
|
||||
extern uint32_t ali_crypt_rand_word(void);
|
||||
extern uint32_t ali_crypt_rand_bytes(uint8_t *buf, uint32_t len);
|
||||
|
||||
#endif /* _ALI_CRYPTO_RAND_H_ */
|
||||
|
|
@ -0,0 +1,62 @@
|
|||
/**
|
||||
* Copyright (C) 2016 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#include "ali_crypto.h"
|
||||
#include "ali_crypto_test.h"
|
||||
|
||||
void ali_crypto_test_entry(void)
|
||||
{
|
||||
int ret;
|
||||
|
||||
/* for gcov coverage */
|
||||
ali_crypto_print_data("alicrypto TEST", (uint8_t *)"\n", 1);
|
||||
|
||||
ret = ali_crypto_init();
|
||||
if (ret < 0) {
|
||||
goto _OUT;
|
||||
}
|
||||
|
||||
CRYPT_INF("Test hash:\n");
|
||||
ret = ali_crypto_hash_test();
|
||||
if (ret < 0) {
|
||||
goto _OUT;
|
||||
}
|
||||
|
||||
CRYPT_INF("Test hmac:\n");
|
||||
ret = ali_crypto_hmac_test();
|
||||
if (ret < 0) {
|
||||
goto _OUT;
|
||||
}
|
||||
|
||||
CRYPT_INF("Test rand:\n");
|
||||
ret = ali_crypto_rand_test();
|
||||
if (ret < 0) {
|
||||
goto _OUT;
|
||||
}
|
||||
|
||||
CRYPT_INF("Test aes:\n");
|
||||
ret = ali_crypto_aes_test();
|
||||
if (ret < 0) {
|
||||
goto _OUT;
|
||||
}
|
||||
|
||||
CRYPT_INF("Test rsa:\n");
|
||||
ret = ali_crypto_rsa_test();
|
||||
if (ret < 0) {
|
||||
goto _OUT;
|
||||
}
|
||||
|
||||
_OUT:
|
||||
ali_crypto_cleanup();
|
||||
return;
|
||||
}
|
||||
|
||||
#if 0
|
||||
int main(void)
|
||||
{
|
||||
ali_crypto_test_entry();
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
File diff suppressed because it is too large
Load diff
|
|
@ -0,0 +1,29 @@
|
|||
/**
|
||||
* Copyright (C) 2016 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#include "ali_crypto_test.h"
|
||||
|
||||
void ali_crypto_print_data(const char *name, uint8_t *data, size_t size)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
if (data == NULL || size == 0) {
|
||||
CRYPT_ERR("print_data: no data\n");
|
||||
return;
|
||||
}
|
||||
|
||||
CRYPT_INF("%s size: %d\n", name, (int)size);
|
||||
for (i = 0; i < size - size % 8; i += 8) {
|
||||
CRYPT_INF("%s data: %02x%02x %02x%02x %02x%02x %02x%02x\n",
|
||||
name,
|
||||
data[i+0], data[i+1], data[i+2], data[i+3],
|
||||
data[i+4], data[i+5], data[i+6], data[i+7]);
|
||||
}
|
||||
while(i < size) {
|
||||
CRYPT_INF("%s data: %02x\n", name, data[i]);
|
||||
i++;
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
|
@ -0,0 +1,245 @@
|
|||
/**
|
||||
* Copyright (C) 2017 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#include "ali_crypto.h"
|
||||
#include "ali_crypto_test.h"
|
||||
|
||||
#define TEST_DATA_SIZE (141)
|
||||
|
||||
static uint8_t _g_test_data[TEST_DATA_SIZE] = {
|
||||
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04,
|
||||
0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
|
||||
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04,
|
||||
0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
|
||||
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04,
|
||||
0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
|
||||
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04,
|
||||
0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
|
||||
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04,
|
||||
0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
|
||||
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x0a, 0x0b, 0x0c, 0x0d,
|
||||
0x0e, 0x0f, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x13
|
||||
};
|
||||
|
||||
/* openssl calculated result */
|
||||
static uint8_t hash_md5[MD5_HASH_SIZE] = { 0x95, 0x79, 0xa2, 0x46, 0x8e, 0xbc,
|
||||
0x5b, 0xd6, 0x45, 0x57, 0xbb, 0x4f,
|
||||
0xaf, 0xae, 0x5a, 0x05 };
|
||||
static int8_t hash_sha1[SHA1_HASH_SIZE] = { 0x54, 0x1d, 0x6f, 0x6e, 0x46,
|
||||
0x7e, 0xfe, 0x1d, 0xa8, 0x66,
|
||||
0x06, 0x34, 0xb0, 0x21, 0x3d,
|
||||
0x65, 0xb8, 0xa4, 0x02, 0xca };
|
||||
static uint8_t hash_sha224[SHA224_HASH_SIZE] = {
|
||||
0x36, 0x94, 0x36, 0xf9, 0xd4, 0xe9, 0xbe, 0x59, 0xbb, 0x59,
|
||||
0x5c, 0x73, 0x4a, 0xf0, 0xe8, 0x52, 0x48, 0x09, 0x84, 0x42,
|
||||
0xec, 0x80, 0xdb, 0x86, 0x5a, 0x51, 0x44, 0x3a
|
||||
};
|
||||
static uint8_t hash_sha256[SHA256_HASH_SIZE] = {
|
||||
0x3b, 0x7f, 0x52, 0xae, 0x5b, 0xe8, 0x09, 0x19, 0x02, 0x1a, 0x83,
|
||||
0x8d, 0xcc, 0xc6, 0x01, 0xc3, 0x76, 0x41, 0x22, 0x64, 0x4b, 0x1c,
|
||||
0x35, 0xa2, 0x9d, 0xd3, 0xc5, 0x76, 0x36, 0xd7, 0xda, 0x5f
|
||||
};
|
||||
static uint8_t hash_sha384[SHA384_HASH_SIZE] = {
|
||||
0x21, 0xc7, 0x05, 0xb3, 0x37, 0x66, 0xf3, 0xb5, 0x0d, 0x51, 0xf5, 0x0f,
|
||||
0x91, 0xfc, 0xa1, 0xcf, 0x78, 0x35, 0x82, 0x77, 0xfd, 0x2c, 0x31, 0xbb,
|
||||
0x8a, 0x26, 0x6f, 0x2a, 0x82, 0x52, 0x1a, 0x70, 0xfd, 0xfc, 0xa2, 0xb7,
|
||||
0xee, 0x7f, 0xb5, 0xfd, 0x9e, 0x20, 0x36, 0x91, 0xc6, 0xd6, 0x54, 0xa0
|
||||
};
|
||||
static uint8_t hash_sha512[SHA512_HASH_SIZE] = {
|
||||
0x9e, 0xca, 0x2a, 0x96, 0x01, 0x48, 0x0f, 0xa2, 0x6b, 0x99, 0x27,
|
||||
0x1a, 0x7f, 0x72, 0xe3, 0xa4, 0xee, 0x2f, 0x08, 0x92, 0x2e, 0xdb,
|
||||
0xf7, 0x19, 0xd8, 0xcd, 0xcb, 0xfc, 0x8b, 0x56, 0x8c, 0x04, 0xfb,
|
||||
0xb3, 0x69, 0xdf, 0x26, 0xfb, 0x0b, 0x9f, 0xbe, 0x1d, 0x42, 0xbd,
|
||||
0x39, 0x87, 0x52, 0x16, 0x42, 0xac, 0x62, 0x57, 0x94, 0x59, 0xa4,
|
||||
0xce, 0x8d, 0x69, 0x78, 0xb7, 0xf8, 0x95, 0xb8, 0x78
|
||||
};
|
||||
|
||||
int ali_crypto_hash_test(void)
|
||||
{
|
||||
ali_crypto_result result;
|
||||
hash_type_t type;
|
||||
void * hash_ctx = NULL;
|
||||
size_t hash_ctx_size;
|
||||
uint8_t hash[MAX_HASH_SIZE];
|
||||
uint8_t hash_all[MAX_HASH_SIZE];
|
||||
|
||||
/* for gcov coverage */
|
||||
result = ali_hash_get_ctx_size(HASH_NONE, &hash_ctx_size);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
result = ali_hash_get_ctx_size(HASH_NONE, NULL);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
result = ali_hash_init(HASH_NONE, NULL);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
result = ali_hash_init(HASH_NONE, hash_ctx);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
result = ali_hash_update(_g_test_data, 13, NULL);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
result = ali_hash_update(NULL, 13, (void *)-1);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
result = ali_hash_final(hash, NULL);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
result = ali_hash_final(hash, NULL);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
result = ali_hash_reset(NULL);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
result = ali_hash_copy_context(NULL, NULL);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
for (type = SHA1; type <= MD5; type++) {
|
||||
if (type == SHA512 || type == SHA384) {
|
||||
CRYPT_INF("hash not support hash 384 512\n");
|
||||
continue;
|
||||
}
|
||||
result = ali_hash_get_ctx_size(type, &hash_ctx_size);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(result, "get ctx size fail(%08x)\n", result);
|
||||
}
|
||||
|
||||
hash_ctx = CRYPT_MALLOC(hash_ctx_size);
|
||||
if (hash_ctx == NULL) {
|
||||
GO_RET(result, "malloc(%d) fail\n", (int)hash_ctx_size);
|
||||
}
|
||||
CRYPT_MEMSET(hash_ctx, 0, hash_ctx_size);
|
||||
|
||||
result = ali_hash_init(type, hash_ctx);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(result, "init fail(%08x)", result);
|
||||
}
|
||||
|
||||
result = ali_hash_update(_g_test_data, 13, hash_ctx);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(result, "update 1th fail(%08x)", result);
|
||||
}
|
||||
result = ali_hash_update(_g_test_data + 13, 63, hash_ctx);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(result, "update 2th fail(%08x)", result);
|
||||
}
|
||||
result = ali_hash_update(_g_test_data + 13 + 63, 65, hash_ctx);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(result, "update 3th fail(%08x)", result);
|
||||
}
|
||||
|
||||
result = ali_hash_final(hash, hash_ctx);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(result, "final fail(%08x)", result);
|
||||
}
|
||||
|
||||
result = ali_hash_digest(type, _g_test_data, TEST_DATA_SIZE, hash_all);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(result, "digest fail(%08x)", result);
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
result = ali_hash_copy_context(hash_ctx, hash_ctx);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
result = ALI_CRYPTO_ERROR;
|
||||
goto _OUT;
|
||||
}
|
||||
|
||||
result = ali_hash_reset(hash_ctx);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
result = ALI_CRYPTO_ERROR;
|
||||
goto _OUT;
|
||||
}
|
||||
CRYPT_FREE(hash_ctx);
|
||||
hash_ctx = NULL;
|
||||
|
||||
if (type == SHA1) {
|
||||
if (CRYPT_MEMCMP(hash, hash_sha1, SHA1_HASH_SIZE) ||
|
||||
CRYPT_MEMCMP(hash_all, hash_sha1, SHA1_HASH_SIZE)) {
|
||||
ali_crypto_print_data("sha1", hash, SHA1_HASH_SIZE);
|
||||
GO_RET(-1, "SHA1 test fail!");
|
||||
} else {
|
||||
CRYPT_INF("SHA1 test success!\n");
|
||||
}
|
||||
} else if (type == SHA224) {
|
||||
if (CRYPT_MEMCMP(hash, hash_sha224, SHA224_HASH_SIZE) ||
|
||||
CRYPT_MEMCMP(hash_all, hash_sha224, SHA224_HASH_SIZE)) {
|
||||
ali_crypto_print_data("sha224", hash, SHA224_HASH_SIZE);
|
||||
GO_RET(-1, "SHA224 test fail!\n");
|
||||
} else {
|
||||
CRYPT_INF("SHA224 test success!\n");
|
||||
}
|
||||
} else if (type == SHA256) {
|
||||
if (CRYPT_MEMCMP(hash, hash_sha256, SHA256_HASH_SIZE) ||
|
||||
CRYPT_MEMCMP(hash_all, hash_sha256, SHA256_HASH_SIZE)) {
|
||||
ali_crypto_print_data("sha256", hash, SHA256_HASH_SIZE);
|
||||
GO_RET(-1, "SHA256 test fail!\n");
|
||||
} else {
|
||||
CRYPT_INF("SHA256 test success!\n");
|
||||
}
|
||||
/* } else if (type == SHA384) {
|
||||
if(CRYPT_MEMCMP(hash, hash_sha384, SHA384_HASH_SIZE) ||
|
||||
CRYPT_MEMCMP(hash_all, hash_sha384,
|
||||
SHA384_HASH_SIZE)) { ali_crypto_print_data("sha384", hash,
|
||||
SHA384_HASH_SIZE); GO_RET(-1, "SHA384 test fail!\n"); } else {
|
||||
CRYPT_INF("SHA384 test success!\n");
|
||||
}
|
||||
} else if (type == SHA512) {
|
||||
if(CRYPT_MEMCMP(hash, hash_sha512, SHA512_HASH_SIZE) ||
|
||||
CRYPT_MEMCMP(hash_all, hash_sha512,
|
||||
SHA512_HASH_SIZE)) { ali_crypto_print_data("sha512", hash,
|
||||
SHA512_HASH_SIZE); ali_crypto_print_data("sha512", hash_all,
|
||||
SHA512_HASH_SIZE); GO_RET(-1, "SHA512 test fail!\n"); } else {
|
||||
CRYPT_INF("SHA512 test success!\n");
|
||||
}
|
||||
*/
|
||||
} else if (type == MD5) {
|
||||
if (CRYPT_MEMCMP(hash, hash_md5, MD5_HASH_SIZE) ||
|
||||
CRYPT_MEMCMP(hash_all, hash_md5, MD5_HASH_SIZE)) {
|
||||
ali_crypto_print_data("md5", hash, MD5_HASH_SIZE);
|
||||
GO_RET(-1, "md5 test fail!\n");
|
||||
} else {
|
||||
CRYPT_INF("md5 test success!\n");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
|
||||
_OUT:
|
||||
if (hash_ctx) {
|
||||
CRYPT_FREE(hash_ctx);
|
||||
}
|
||||
|
||||
return -1;
|
||||
}
|
||||
|
|
@ -0,0 +1,228 @@
|
|||
/**
|
||||
* Copyright (C) 2016 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#include "ali_crypto.h"
|
||||
#include "ali_crypto_test.h"
|
||||
|
||||
#define TEST_KEY_SIZE (16)
|
||||
#define TEST_DATA_SIZE (141)
|
||||
|
||||
static uint8_t test_key[TEST_KEY_SIZE] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
|
||||
0x07, 0x08, 0x08, 0x07, 0x06, 0x05,
|
||||
0x04, 0x03, 0x02, 0x01 };
|
||||
|
||||
static uint8_t _g_test_data[TEST_DATA_SIZE] = {
|
||||
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04,
|
||||
0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
|
||||
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04,
|
||||
0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
|
||||
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04,
|
||||
0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
|
||||
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04,
|
||||
0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
|
||||
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04,
|
||||
0x05, 0x06, 0x07, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
|
||||
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x0a, 0x0b, 0x0c, 0x0d,
|
||||
0x0e, 0x0f, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x13
|
||||
};
|
||||
|
||||
/* openssl calculated result */
|
||||
static uint8_t hmac_md5[MD5_HASH_SIZE] = { 0x20, 0xc5, 0xc6, 0xa7, 0x17, 0x6f,
|
||||
0x27, 0xfe, 0x7a, 0x1d, 0x7e, 0x85,
|
||||
0x5b, 0x5c, 0xa8, 0xc4 };
|
||||
static uint8_t hmac_sha1[SHA1_HASH_SIZE] = { 0xe5, 0xdf, 0x48, 0xfe, 0x08,
|
||||
0x91, 0x37, 0xa2, 0x55, 0x95,
|
||||
0xbc, 0xf3, 0x76, 0x06, 0x92,
|
||||
0x1e, 0x54, 0x98, 0xe0, 0x4b };
|
||||
static uint8_t hmac_sha224[SHA224_HASH_SIZE] = {
|
||||
0x1c, 0x47, 0x04, 0x45, 0xcd, 0xee, 0x00, 0x9a, 0x46, 0x66,
|
||||
0x2e, 0x1e, 0xb7, 0x04, 0xc9, 0x8f, 0xd5, 0xbb, 0x90, 0x38,
|
||||
0xbb, 0x93, 0x9a, 0x08, 0x47, 0xe7, 0x17, 0xca
|
||||
};
|
||||
static uint8_t hmac_sha256[SHA256_HASH_SIZE] = {
|
||||
0xd5, 0xce, 0x2b, 0x95, 0xa3, 0xea, 0x70, 0x69, 0x6a, 0x29, 0xbf,
|
||||
0xe7, 0x9b, 0xa2, 0xc9, 0x18, 0x27, 0x4d, 0x3f, 0xd7, 0xae, 0xe7,
|
||||
0x81, 0x88, 0x2a, 0xe7, 0x19, 0x68, 0x47, 0x07, 0xa3, 0xb3
|
||||
};
|
||||
static uint8_t hmac_sha384[SHA384_HASH_SIZE] = {
|
||||
0x26, 0x10, 0x72, 0x0d, 0xf1, 0x70, 0x03, 0x40, 0x65, 0x4c, 0x94, 0xf5,
|
||||
0x45, 0xbc, 0xbc, 0xcc, 0xd4, 0x17, 0xf5, 0x70, 0x81, 0xda, 0x91, 0x99,
|
||||
0xe0, 0xca, 0x7a, 0x8c, 0x9c, 0x15, 0x5b, 0x22, 0xe8, 0xaa, 0x1c, 0xcf,
|
||||
0xef, 0xe4, 0x6e, 0xf2, 0xfb, 0xdb, 0x6a, 0xf2, 0x22, 0xae, 0x70, 0x78
|
||||
};
|
||||
static uint8_t hmac_sha512[SHA512_HASH_SIZE] = {
|
||||
0x66, 0x43, 0xba, 0xfc, 0x6f, 0x9e, 0xa3, 0xf8, 0xbf, 0x3d, 0x46,
|
||||
0x46, 0x26, 0xfb, 0x8f, 0xa4, 0x04, 0x4c, 0x8a, 0x07, 0xfa, 0xac,
|
||||
0x1d, 0x16, 0x33, 0xe6, 0xbd, 0x65, 0x01, 0xe2, 0x44, 0x83, 0x45,
|
||||
0x78, 0x25, 0xbc, 0x42, 0x4b, 0x25, 0x85, 0xe0, 0x2a, 0xb4, 0xff,
|
||||
0x6b, 0x92, 0x0c, 0x50, 0xdb, 0x0c, 0x00, 0x6e, 0x4d, 0xd5, 0x5c,
|
||||
0xcc, 0x4e, 0x9f, 0xba, 0x3f, 0xfd, 0x81, 0x3f, 0x0b
|
||||
};
|
||||
|
||||
int ali_crypto_hmac_test(void)
|
||||
{
|
||||
ali_crypto_result result;
|
||||
hash_type_t type;
|
||||
void * hmac_ctx = NULL;
|
||||
uint32_t hmac_ctx_size;
|
||||
uint8_t md[MAX_HASH_SIZE];
|
||||
|
||||
/* for gcov coverage */
|
||||
result = ali_hmac_get_ctx_size(MD5, NULL);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
result = ali_hmac_get_ctx_size(HASH_NONE, (size_t *)(&hmac_ctx_size));
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
result = ali_hmac_init(MD5, test_key, TEST_KEY_SIZE, NULL);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
result = ali_hmac_init(HASH_NONE, test_key, TEST_KEY_SIZE, NULL);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
result = ali_hmac_update(_g_test_data, 13, NULL);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
result = ali_hmac_final(md, NULL);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
result = ali_hmac_digest(MD5, NULL, TEST_KEY_SIZE, _g_test_data,
|
||||
TEST_DATA_SIZE, md);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
result = ali_hmac_reset(NULL);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
result = ali_hmac_copy_context(NULL, NULL);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
for (type = SHA1; type <= MD5; type++) {
|
||||
if (type == SHA512 || type == SHA384) {
|
||||
CRYPT_INF("hmac not support hash 384 512\n");
|
||||
continue;
|
||||
}
|
||||
result = ali_hmac_get_ctx_size(type, (size_t *)(&hmac_ctx_size));
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(result, "get ctx size fail(%08x)\n", result);
|
||||
}
|
||||
|
||||
hmac_ctx = CRYPT_MALLOC(hmac_ctx_size);
|
||||
if (hmac_ctx == NULL) {
|
||||
GO_RET(ALI_CRYPTO_OUTOFMEM, "kmalloc(%08x) fail\n",
|
||||
(int)hmac_ctx_size);
|
||||
}
|
||||
CRYPT_MEMSET(hmac_ctx, 0, hmac_ctx_size);
|
||||
|
||||
{
|
||||
result = ali_hmac_init(type, test_key, TEST_KEY_SIZE, hmac_ctx);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(result, "init fail(%08x)", result);
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
result = ali_hmac_update(NULL, 13, hmac_ctx);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
goto _OUT;
|
||||
}
|
||||
|
||||
result = ali_hmac_update(_g_test_data, 13, hmac_ctx);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(result, "update 1th fail(%08x)", result);
|
||||
}
|
||||
result = ali_hmac_update(_g_test_data + 13, 63, hmac_ctx);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(result, "update 2th fail(%08x)", result);
|
||||
}
|
||||
result = ali_hmac_update(_g_test_data + 13 + 63, 65, hmac_ctx);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(result, "update 3th fail(%08x)", result);
|
||||
}
|
||||
|
||||
result = ali_hmac_final(md, hmac_ctx);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(result, "final fail(%08x)", result);
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
result = ali_hmac_digest(HASH_NONE, test_key, TEST_KEY_SIZE,
|
||||
_g_test_data, TEST_DATA_SIZE, md);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
goto _OUT;
|
||||
}
|
||||
|
||||
result = ali_hmac_digest(type, test_key, TEST_KEY_SIZE,
|
||||
_g_test_data, TEST_DATA_SIZE, md);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(result, "digest fail(%08x)", result);
|
||||
}
|
||||
}
|
||||
|
||||
ali_hmac_copy_context(hmac_ctx, hmac_ctx);
|
||||
ali_hmac_reset(hmac_ctx);
|
||||
CRYPT_FREE(hmac_ctx);
|
||||
hmac_ctx = NULL;
|
||||
|
||||
if (type == SHA1) {
|
||||
if (CRYPT_MEMCMP(md, hmac_sha1, SHA1_HASH_SIZE)) {
|
||||
ali_crypto_print_data("hmac-sha1", md, SHA1_HASH_SIZE);
|
||||
GO_RET(-1, "HMAC-SHA1 test fail!\n");
|
||||
} else {
|
||||
CRYPT_INF("HMAC-SHA1 test success!\n");
|
||||
}
|
||||
} else if (type == SHA224) {
|
||||
if (CRYPT_MEMCMP(md, hmac_sha224, SHA224_HASH_SIZE)) {
|
||||
ali_crypto_print_data("hmac-sha224", md, SHA224_HASH_SIZE);
|
||||
GO_RET(-1, "HMAC-SHA224 test fail!\n");
|
||||
} else {
|
||||
CRYPT_INF("HMAC-SHA224 test success!\n");
|
||||
}
|
||||
} else if (type == SHA256) {
|
||||
if (CRYPT_MEMCMP(md, hmac_sha256, SHA256_HASH_SIZE)) {
|
||||
ali_crypto_print_data("hmac-sha256", md, SHA256_HASH_SIZE);
|
||||
GO_RET(-1, "HMAC-SHA256 test fail!\n");
|
||||
} else {
|
||||
CRYPT_INF("HMAC-SHA256 test success!\n");
|
||||
}
|
||||
/* } else if (type == SHA384) {
|
||||
if(CRYPT_MEMCMP(md, hmac_sha384, SHA384_HASH_SIZE)) {
|
||||
ali_crypto_print_data("hmac-sha384", md,
|
||||
SHA384_HASH_SIZE); GO_RET(-1, "HMAC-SHA384 test fail!\n"); } else
|
||||
{ CRYPT_INF("HMAC-SHA384 test success!\n");
|
||||
}
|
||||
} else if (type == SHA512) {
|
||||
if(CRYPT_MEMCMP(md, hmac_sha512, SHA512_HASH_SIZE)) {
|
||||
ali_crypto_print_data("hmac-sha512", md,
|
||||
SHA512_HASH_SIZE); GO_RET(-1, "HMAC-SHA512 test fail!\n"); } else
|
||||
{ CRYPT_INF("HMAC-SHA512 test success!\n");
|
||||
}
|
||||
*/
|
||||
} else if (type == MD5) {
|
||||
if (CRYPT_MEMCMP(md, hmac_md5, MD5_HASH_SIZE)) {
|
||||
ali_crypto_print_data("hmac-md5", md, MD5_HASH_SIZE);
|
||||
GO_RET(-1, "HMAC-MD5 test fail!\n");
|
||||
} else {
|
||||
CRYPT_INF("HMAC-MD5 test success!\n");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
|
||||
_OUT:
|
||||
if (hmac_ctx) {
|
||||
CRYPT_FREE(hmac_ctx);
|
||||
}
|
||||
|
||||
return -1;
|
||||
}
|
||||
|
|
@ -0,0 +1,51 @@
|
|||
/**
|
||||
* Copyright (C) 2017 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#include "ali_crypto_test.h"
|
||||
|
||||
int ali_crypto_rand_test(void)
|
||||
{
|
||||
uint32_t i = 0;
|
||||
uint8_t seed[16] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
|
||||
size_t seed_len = 16;
|
||||
uint8_t tmp_buf[32];
|
||||
uint8_t rand_buf[32];
|
||||
size_t rand_len = 32;
|
||||
ali_crypto_result result;
|
||||
|
||||
result = ali_seed(seed, seed_len);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(-1, "ali_seed fail(%08x)\n", result);
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
result = ali_rand_gen(NULL, rand_len);
|
||||
if (result == ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(-1, "gen rand fail(%08x)\n", result);
|
||||
}
|
||||
|
||||
result = ali_rand_gen(rand_buf, rand_len);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(-1, "gen rand fail(%08x)\n", result);
|
||||
}
|
||||
|
||||
while (i++ < 10) {
|
||||
CRYPT_MEMCPY(tmp_buf, rand_buf, rand_len);
|
||||
|
||||
result = ali_rand_gen(rand_buf, rand_len);
|
||||
if (result != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(-1, "gen rand fail(%08x)\n", result);
|
||||
}
|
||||
|
||||
if (!CRYPT_MEMCMP(tmp_buf, rand_buf, rand_len)) {
|
||||
ali_crypto_print_data("tmp_buf", tmp_buf, rand_len);
|
||||
ali_crypto_print_data("rand_buf", rand_buf, rand_len);
|
||||
PRINT_RET(-1, "RAND test fail!\n");
|
||||
}
|
||||
}
|
||||
|
||||
CRYPT_INF("RAND test success!\n");
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -0,0 +1,779 @@
|
|||
/**
|
||||
* Copyright (C) 2016 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#include "ali_crypto.h"
|
||||
#include "ali_crypto_test.h"
|
||||
|
||||
#define RSA_KEY_LEN (128)
|
||||
|
||||
static uint8_t RSA_1024_N[128] = {
|
||||
0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58, 0x9a, 0x51, 0x87, 0xdc,
|
||||
0x7e, 0xa8, 0x41, 0xd1, 0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4,
|
||||
0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91, 0xd8, 0xc5, 0x10, 0x56,
|
||||
0xff, 0xed, 0xb1, 0x62, 0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3,
|
||||
0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb, 0xb3, 0x07, 0xce, 0xab,
|
||||
0xfc, 0xe0, 0xb1, 0xdf, 0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b,
|
||||
0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77, 0xc0, 0x92, 0x1c, 0xb2,
|
||||
0x3c, 0x27, 0x0a, 0x70, 0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1,
|
||||
0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2, 0x92, 0x80, 0xe1, 0x38,
|
||||
0x6b, 0x6f, 0x64, 0xc4, 0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8,
|
||||
0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37
|
||||
};
|
||||
static uint8_t RSA_1024_E[3] = { 0x01, 0x00, 0x01 };
|
||||
static uint8_t RSA_1024_D[128] = {
|
||||
0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f, 0x54, 0x51, 0xca, 0x9b,
|
||||
0xbb, 0xd0, 0xb4, 0x47, 0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae,
|
||||
0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8, 0x94, 0xa7, 0x24, 0xac,
|
||||
0x3c, 0x56, 0x8c, 0x8f, 0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8,
|
||||
0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1, 0x12, 0x31, 0x88, 0x44,
|
||||
0x29, 0xfc, 0x4d, 0x9a, 0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70,
|
||||
0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27, 0xa3, 0x95, 0x74, 0x50,
|
||||
0x1a, 0x53, 0x26, 0x83, 0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c,
|
||||
0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37, 0xe3, 0x52, 0xce, 0xe3,
|
||||
0x4f, 0x9e, 0x50, 0x3b, 0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc,
|
||||
0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25
|
||||
};
|
||||
|
||||
static int _rsa_test_gen_key(void)
|
||||
{
|
||||
int ret, result;
|
||||
uint8_t rsa_n[RSA_KEY_LEN];
|
||||
uint8_t rsa_e[RSA_KEY_LEN];
|
||||
uint8_t rsa_d[RSA_KEY_LEN];
|
||||
uint8_t rsa_p[RSA_KEY_LEN];
|
||||
uint8_t rsa_q[RSA_KEY_LEN];
|
||||
uint8_t rsa_dp[RSA_KEY_LEN];
|
||||
uint8_t rsa_dq[RSA_KEY_LEN];
|
||||
uint8_t rsa_qp[RSA_KEY_LEN];
|
||||
uint32_t n_size = RSA_KEY_LEN;
|
||||
uint32_t e_size = RSA_KEY_LEN;
|
||||
uint32_t d_size = RSA_KEY_LEN;
|
||||
uint32_t p_size = RSA_KEY_LEN;
|
||||
uint32_t q_size = RSA_KEY_LEN;
|
||||
uint32_t dp_size = RSA_KEY_LEN;
|
||||
uint32_t dq_size = RSA_KEY_LEN;
|
||||
uint32_t qp_size = RSA_KEY_LEN;
|
||||
uint8_t * pub_key = NULL;
|
||||
uint8_t * key_pair = NULL;
|
||||
size_t pub_key_len, key_pair_len;
|
||||
uint8_t src_data[RSA_KEY_LEN];
|
||||
uint8_t ciphertext[RSA_KEY_LEN];
|
||||
uint8_t plaintext[RSA_KEY_LEN];
|
||||
size_t src_size, dst_size;
|
||||
rsa_padding_t rsa_padding;
|
||||
|
||||
(void)result;
|
||||
|
||||
CRYPT_INF("rsa gen key test!\n");
|
||||
/* for gcov coverage */
|
||||
ret = ali_rsa_get_pubkey_size(RSA_KEY_LEN << 3, NULL);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
ret = ali_rsa_get_pubkey_size(255, &pub_key_len);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
ret = ali_rsa_get_keypair_size(RSA_KEY_LEN << 3, NULL);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
ret = ali_rsa_get_keypair_size(255, &key_pair_len);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
ret = ali_rsa_init_keypair(RSA_KEY_LEN << 3, rsa_n, n_size, rsa_e, e_size,
|
||||
rsa_d, d_size, NULL, 0, NULL, 0, NULL, 0, NULL,
|
||||
0, NULL, 0, NULL);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
ret =
|
||||
ali_rsa_init_pubkey(RSA_KEY_LEN << 3, rsa_n, n_size, rsa_e, e_size, NULL);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
ret =
|
||||
ali_rsa_init_pubkey(RSA_KEY_LEN << 3, rsa_n, n_size, rsa_e, e_size, NULL);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
ret = ali_rsa_get_pubkey_size(RSA_KEY_LEN << 3, &pub_key_len);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(-1, "init_key: get pubkey size fail(%08x)\n", ret)
|
||||
}
|
||||
ret = ali_rsa_get_keypair_size(RSA_KEY_LEN << 3, &key_pair_len);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(-1, "init_key: get keypair size fail(%08x)\n", ret)
|
||||
}
|
||||
|
||||
pub_key = CRYPT_MALLOC(pub_key_len);
|
||||
if (pub_key == NULL) {
|
||||
GO_RET(-1, "init_key: malloc(%d) fail\n", (int)pub_key_len);
|
||||
}
|
||||
key_pair = CRYPT_MALLOC(key_pair_len);
|
||||
if (pub_key == NULL) {
|
||||
GO_RET(-1, "init_key: malloc(%d) fail\n", (int)pub_key_len);
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
ret = ali_rsa_gen_keypair(RSA_KEY_LEN << 3, NULL, 0, NULL);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(ALI_CRYPTO_ERROR, "ali_rsa_gen_keypair: not expect\n");
|
||||
}
|
||||
|
||||
ret =
|
||||
ali_rsa_gen_keypair(RSA_KEY_LEN << 3, NULL, 0, (rsa_keypair_t *)key_pair);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(-1, "init_key: gen keypair fail(%08x)\n", ret);
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
ret = ali_rsa_get_key_attr(RSA_MODULUS, NULL, rsa_n, (size_t *)&n_size);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(ALI_CRYPTO_ERROR, "ali_rsa_get_key_attr: not expect\n");
|
||||
}
|
||||
/* for gcov coverage */
|
||||
ret = ali_rsa_get_key_attr((rsa_key_attr_t)-1, (rsa_keypair_t *)key_pair,
|
||||
rsa_n, (size_t *)&n_size);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(ALI_CRYPTO_ERROR, "ali_rsa_get_key_attr: not expect\n");
|
||||
}
|
||||
|
||||
/* get key attrs */
|
||||
ret = ali_rsa_get_key_attr(RSA_MODULUS, (rsa_keypair_t *)key_pair, rsa_n,
|
||||
(size_t *)&n_size);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
goto _OUT;
|
||||
}
|
||||
ret = ali_rsa_get_key_attr(RSA_PUBLIC_EXPONENT, (rsa_keypair_t *)key_pair,
|
||||
rsa_e, (size_t *)&e_size);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
goto _OUT;
|
||||
}
|
||||
ret = ali_rsa_get_key_attr(RSA_PRIVATE_EXPONENT, (rsa_keypair_t *)key_pair,
|
||||
rsa_d, (size_t *)&d_size);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
goto _OUT;
|
||||
}
|
||||
ret = ali_rsa_get_key_attr(RSA_PRIME1, (rsa_keypair_t *)key_pair, rsa_p,
|
||||
(size_t *)&p_size);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
goto _OUT;
|
||||
}
|
||||
ret = ali_rsa_get_key_attr(RSA_PRIME2, (rsa_keypair_t *)key_pair, rsa_q,
|
||||
(size_t *)&q_size);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
goto _OUT;
|
||||
}
|
||||
ret = ali_rsa_get_key_attr(RSA_EXPONENT1, (rsa_keypair_t *)key_pair, rsa_dp,
|
||||
(size_t *)&dp_size);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
goto _OUT;
|
||||
}
|
||||
ret = ali_rsa_get_key_attr(RSA_EXPONENT2, (rsa_keypair_t *)key_pair, rsa_dq,
|
||||
(size_t *)&dq_size);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
goto _OUT;
|
||||
}
|
||||
ret = ali_rsa_get_key_attr(RSA_COEFFICIENT, (rsa_keypair_t *)key_pair,
|
||||
rsa_qp, (size_t *)&qp_size);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
goto _OUT;
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
ret = ali_rsa_init_keypair(RSA_KEY_LEN << 3, rsa_n, 129, rsa_e, e_size,
|
||||
rsa_d, d_size, NULL, 0, NULL, 0, NULL, 0, NULL,
|
||||
0, NULL, 0, (rsa_keypair_t *)key_pair);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(ALI_CRYPTO_ERROR, "ali_rsa_init_keypair: not expect\n");
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
ret = ali_rsa_init_keypair(RSA_KEY_LEN << 3, rsa_n, n_size, rsa_e, e_size,
|
||||
rsa_d, d_size, rsa_p, p_size, rsa_q, q_size,
|
||||
rsa_dp, dp_size, rsa_dq, dq_size, rsa_qp,
|
||||
qp_size, (rsa_keypair_t *)key_pair);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
goto _OUT;
|
||||
}
|
||||
|
||||
CRYPT_MEMSET(key_pair, 0, key_pair_len);
|
||||
ret = ali_rsa_init_keypair(RSA_KEY_LEN << 3, rsa_n, n_size, rsa_e, e_size,
|
||||
rsa_d, d_size, NULL, 0, NULL, 0, NULL, 0, NULL,
|
||||
0, NULL, 0, (rsa_keypair_t *)key_pair);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(ret, "init_key: init keypair fail(%08x)\n", ret);
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
ret = ali_rsa_init_pubkey(RSA_KEY_LEN << 3, rsa_n, 129, rsa_e, e_size,
|
||||
(rsa_pubkey_t *)pub_key);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(ALI_CRYPTO_ERROR, "ali_rsa_init_pubkey: not expect\n");
|
||||
}
|
||||
|
||||
CRYPT_MEMSET(pub_key, 0, pub_key_len);
|
||||
ret = ali_rsa_init_pubkey(RSA_KEY_LEN << 3, rsa_n, n_size, rsa_e, e_size,
|
||||
(rsa_pubkey_t *)pub_key);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(ALI_CRYPTO_ERROR, "init_key: init pub_key fail(%08x)\n", ret);
|
||||
}
|
||||
|
||||
rsa_padding.type = RSAES_PKCS1_V1_5;
|
||||
/* for gcov coverage */
|
||||
src_size = RSA_KEY_LEN;
|
||||
dst_size = RSA_KEY_LEN;
|
||||
ret = ali_rsa_public_encrypt((const rsa_pubkey_t *)NULL, src_data, src_size,
|
||||
ciphertext, &dst_size, rsa_padding);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(ALI_CRYPTO_ERROR, "ali_rsa_public_encrypt: not expect\n");
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
ret = ali_rsa_private_decrypt(NULL, ciphertext, RSA_KEY_LEN, plaintext,
|
||||
&dst_size, rsa_padding);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(ALI_CRYPTO_ERROR, "ali_rsa_private_decrypt: not expect\n");
|
||||
}
|
||||
|
||||
CRYPT_MEMSET(&rsa_padding, 0, sizeof(rsa_padding_t));
|
||||
rsa_padding.type = RSAES_PKCS1_V1_5;
|
||||
src_size = RSA_KEY_LEN - 11;
|
||||
CRYPT_MEMSET(src_data, 0xa, src_size);
|
||||
|
||||
dst_size = RSA_KEY_LEN;
|
||||
ret = ali_rsa_public_encrypt((const rsa_pubkey_t *)pub_key, src_data,
|
||||
src_size, ciphertext, &dst_size, rsa_padding);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(ALI_CRYPTO_ERROR, "ali_rsa_public_encrypt: rsa_v1_5 fail %d\n",
|
||||
ret);
|
||||
}
|
||||
|
||||
ret =
|
||||
ali_rsa_private_decrypt((const rsa_keypair_t *)key_pair, ciphertext,
|
||||
RSA_KEY_LEN, plaintext, &dst_size, rsa_padding);
|
||||
if (ret != ALI_CRYPTO_SUCCESS || dst_size != src_size) {
|
||||
GO_RET(ALI_CRYPTO_ERROR, "ali_rsa_private_decrypt: rsa_v1_5 fail %d\n",
|
||||
ret);
|
||||
}
|
||||
if (CRYPT_MEMCMP(src_data, plaintext, src_size)) {
|
||||
ali_crypto_print_data("pliantext", plaintext, src_size);
|
||||
ali_crypto_print_data("ciphertext", ciphertext, dst_size);
|
||||
PRINT_RET(-1, "RSA encrypt/decrypt with PKCS1_V1_5 test fail!\n");
|
||||
} else {
|
||||
CRYPT_INF("RSA encrypt/decrypt with PKCS1_V1_5 test success!\n");
|
||||
}
|
||||
|
||||
CRYPT_FREE(pub_key);
|
||||
CRYPT_FREE(key_pair);
|
||||
return 0;
|
||||
_OUT:
|
||||
if (pub_key) {
|
||||
CRYPT_FREE(pub_key);
|
||||
}
|
||||
if (key_pair) {
|
||||
CRYPT_FREE(key_pair);
|
||||
}
|
||||
|
||||
return -1;
|
||||
}
|
||||
|
||||
static int _ali_crypto_init_key(rsa_keypair_t **keypair, rsa_pubkey_t **pubkey)
|
||||
{
|
||||
ali_crypto_result ret, result;
|
||||
uint8_t rsa_n[RSA_KEY_LEN];
|
||||
uint8_t rsa_e[RSA_KEY_LEN];
|
||||
uint8_t rsa_d[RSA_KEY_LEN];
|
||||
uint32_t n_size = RSA_KEY_LEN;
|
||||
uint32_t e_size = RSA_KEY_LEN;
|
||||
uint32_t d_size = RSA_KEY_LEN;
|
||||
uint8_t * pub_key = NULL;
|
||||
uint8_t * key_pair = NULL;
|
||||
size_t pub_key_len, key_pair_len;
|
||||
|
||||
(void)e_size;
|
||||
(void)rsa_d;
|
||||
(void)rsa_e;
|
||||
(void)rsa_n;
|
||||
(void)result;
|
||||
if (keypair == NULL || pubkey == NULL) {
|
||||
PRINT_RET(-1, "init_key: invalid input args!\n");
|
||||
}
|
||||
|
||||
ret = ali_rsa_get_pubkey_size(RSA_KEY_LEN << 3, &pub_key_len);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(-1, "init_key: get pubkey size fail(%08x)\n", ret);
|
||||
}
|
||||
ret = ali_rsa_get_keypair_size(RSA_KEY_LEN << 3, &key_pair_len);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(-1, "init_key: get keypair size fail(%08x)\n", ret);
|
||||
}
|
||||
|
||||
pub_key = CRYPT_MALLOC(pub_key_len);
|
||||
if (pub_key == NULL) {
|
||||
GO_RET(-1, "init_key: malloc(%d) fail\n", (int)pub_key_len);
|
||||
}
|
||||
key_pair = CRYPT_MALLOC(key_pair_len);
|
||||
if (pub_key == NULL) {
|
||||
GO_RET(-1, "init_key: malloc(%d) fail\n", (int)pub_key_len);
|
||||
}
|
||||
|
||||
#if 0
|
||||
ret = ali_rsa_gen_keypair(RSA_KEY_LEN << 3, NULL, 0, (rsa_keypair_t *)key_pair);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
CRYPT_ERR("init_key: gen keypair fail(%08x)\n", ret);
|
||||
goto _OUT;
|
||||
}
|
||||
|
||||
/* get key attrs */
|
||||
ret = ali_rsa_get_key_attr(RSA_MODULUS,
|
||||
(rsa_keypair_t *)key_pair, rsa_n, (size_t *)&n_size);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
goto _OUT;
|
||||
}
|
||||
ret = ali_rsa_get_key_attr(RSA_PUBLIC_EXPONENT,
|
||||
(rsa_keypair_t *)key_pair, rsa_e, (size_t *)&e_size);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
goto _OUT;
|
||||
}
|
||||
ret = ali_rsa_get_key_attr(RSA_PRIVATE_EXPONENT,
|
||||
(rsa_keypair_t *)key_pair, rsa_d, (size_t *)&d_size);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
goto _OUT;
|
||||
}
|
||||
|
||||
CRYPT_MEMSET(key_pair, 0, key_pair_len);
|
||||
ret = ali_rsa_init_keypair(RSA_KEY_LEN << 3,
|
||||
rsa_n, n_size, rsa_e, e_size, rsa_d, d_size,
|
||||
NULL , 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, (rsa_keypair_t *)key_pair);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
CRYPT_ERR("init_key: init keypair fail(%08x)\n", ret);
|
||||
goto _OUT;
|
||||
}
|
||||
|
||||
CRYPT_MEMSET(pub_key, 0, pub_key_len);
|
||||
ret = ali_rsa_init_pubkey(RSA_KEY_LEN << 3,
|
||||
rsa_n, n_size, rsa_e, e_size, (rsa_pubkey_t *)pub_key);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
CRYPT_ERR("init_key: init pub_key fail(%08x)\n", ret);
|
||||
goto _OUT;
|
||||
}
|
||||
#else
|
||||
CRYPT_MEMSET(key_pair, 0, key_pair_len);
|
||||
ret = ali_rsa_init_keypair(RSA_KEY_LEN << 3, RSA_1024_N, n_size, RSA_1024_E,
|
||||
3, RSA_1024_D, d_size, NULL, 0, NULL, 0, NULL, 0,
|
||||
NULL, 0, NULL, 0, (rsa_keypair_t *)key_pair);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(-1, "init_key: init keypair fail(%08x)\n", ret);
|
||||
}
|
||||
|
||||
CRYPT_MEMSET(pub_key, 0, pub_key_len);
|
||||
ret = ali_rsa_init_pubkey(RSA_KEY_LEN << 3, RSA_1024_N, n_size, RSA_1024_E,
|
||||
3, (rsa_pubkey_t *)pub_key);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
GO_RET(-1, "init_key: init pub_key fail(%08x)\n", ret);
|
||||
}
|
||||
#endif
|
||||
|
||||
*pubkey = (rsa_pubkey_t *)pub_key;
|
||||
*keypair = (rsa_keypair_t *)key_pair;
|
||||
|
||||
return 0;
|
||||
|
||||
_OUT:
|
||||
if (pub_key) {
|
||||
CRYPT_FREE(pub_key);
|
||||
}
|
||||
if (key_pair) {
|
||||
CRYPT_FREE(key_pair);
|
||||
}
|
||||
|
||||
return -1;
|
||||
}
|
||||
|
||||
#if 0
|
||||
static int _ali_crypto_encrypt_decrypt_nopad(
|
||||
rsa_pubkey_t *pubkey, rsa_keypair_t *keypair)
|
||||
{
|
||||
ali_crypto_result ret;
|
||||
uint8_t src_data[RSA_KEY_LEN];
|
||||
uint8_t plaintext[RSA_KEY_LEN];
|
||||
uint8_t ciphertext[RSA_KEY_LEN];
|
||||
size_t src_size, dst_size;
|
||||
rsa_padding_t rsa_padding;
|
||||
|
||||
if (pubkey == NULL || keypair == NULL) {
|
||||
CRYPT_ERR("rsa_nopad: invalid input args!\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
rsa_padding.type = RSA_NOPAD;
|
||||
src_size = RSA_KEY_LEN;
|
||||
CRYPT_MEMSET(src_data, 0xa, src_size);
|
||||
|
||||
dst_size = RSA_KEY_LEN;
|
||||
ret = ali_rsa_public_encrypt(pubkey, src_data, src_size,
|
||||
ciphertext, &dst_size, rsa_padding);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
CRYPT_ERR("rsa_nopad: public encrypt fail(%08x)\n", ret);
|
||||
return -1;
|
||||
}
|
||||
|
||||
ret = ali_rsa_private_decrypt(keypair, ciphertext, RSA_KEY_LEN,
|
||||
plaintext, &dst_size, rsa_padding);
|
||||
if (ret != ALI_CRYPTO_SUCCESS || dst_size != src_size) {
|
||||
CRYPT_ERR("rsa_nopad: private decrypt fail(%08x)\n", ret);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (CRYPT_MEMCMP(src_data, plaintext, src_size)) {
|
||||
CRYPT_ERR("RSA encrypt/decrypt with no-padding test fail!\n");
|
||||
ali_crypto_print_data("pliantext", plaintext, src_size);
|
||||
ali_crypto_print_data("ciphertext", ciphertext, dst_size);
|
||||
} else {
|
||||
CRYPT_INF("RSA encrypt/decrypt with no-padding test success!\n");
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
static int _ali_crypto_encrypt_decrypt_v1_5(rsa_pubkey_t * pubkey,
|
||||
rsa_keypair_t *keypair)
|
||||
{
|
||||
ali_crypto_result ret;
|
||||
uint8_t src_data[RSA_KEY_LEN];
|
||||
uint8_t plaintext[RSA_KEY_LEN];
|
||||
uint8_t ciphertext[RSA_KEY_LEN];
|
||||
size_t src_size, dst_size;
|
||||
rsa_padding_t rsa_padding;
|
||||
|
||||
if (pubkey == NULL || keypair == NULL) {
|
||||
PRINT_RET(-1, "rsa_v1_5: invalid input args!\n");
|
||||
}
|
||||
|
||||
CRYPT_MEMSET(&rsa_padding, 0, sizeof(rsa_padding_t));
|
||||
rsa_padding.type = RSAES_PKCS1_V1_5;
|
||||
src_size = RSA_KEY_LEN - 11;
|
||||
CRYPT_MEMSET(src_data, 0xa, src_size);
|
||||
|
||||
dst_size = RSA_KEY_LEN;
|
||||
ret = ali_rsa_public_encrypt(pubkey, src_data, src_size, ciphertext,
|
||||
&dst_size, rsa_padding);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(-1, "rsa_v1_5: public encrypt fail(%08x)\n", ret);
|
||||
}
|
||||
|
||||
/* for gcov coverage */
|
||||
ret = ali_rsa_public_encrypt(pubkey, src_data, RSA_KEY_LEN, ciphertext,
|
||||
&dst_size, rsa_padding);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
ret = ali_rsa_private_decrypt(keypair, ciphertext, RSA_KEY_LEN, plaintext,
|
||||
&dst_size, rsa_padding);
|
||||
if (ret != ALI_CRYPTO_SUCCESS || dst_size != src_size) {
|
||||
PRINT_RET(-1, "rsa_v1_5: public decrypt fail(%08x)\n", ret);
|
||||
}
|
||||
|
||||
if (CRYPT_MEMCMP(src_data, plaintext, src_size)) {
|
||||
ali_crypto_print_data("pliantext", plaintext, src_size);
|
||||
ali_crypto_print_data("ciphertext", ciphertext, dst_size);
|
||||
PRINT_RET(-1, "RSA encrypt/decrypt with PKCS1_V1_5 test fail!\n");
|
||||
} else {
|
||||
CRYPT_INF("RSA encrypt/decrypt with PKCS1_V1_5 test success!\n");
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int _ali_crypto_encrypt_decrypt_oaep(rsa_pubkey_t * pubkey,
|
||||
rsa_keypair_t *keypair)
|
||||
{
|
||||
ali_crypto_result ret;
|
||||
hash_type_t hash_type;
|
||||
rsa_padding_t rsa_padding;
|
||||
uint8_t src_data[RSA_KEY_LEN];
|
||||
uint8_t plaintext[RSA_KEY_LEN];
|
||||
uint8_t ciphertext[RSA_KEY_LEN];
|
||||
size_t src_size, dst_size;
|
||||
// uint8_t lparam[] = {0xe1, 0xe2, 0xe2, 0xe4, 0xe5};
|
||||
|
||||
if (pubkey == NULL || keypair == NULL) {
|
||||
CRYPT_ERR("rsa_v1_5: invalid input args!\n");
|
||||
PRINT_RET(-1, "rsa_v1_5: invalid input args!\n");
|
||||
}
|
||||
|
||||
rsa_padding.type = RSAES_PKCS1_OAEP_MGF1;
|
||||
|
||||
for (hash_type = SHA1; hash_type <= MD5; hash_type++) {
|
||||
if (hash_type == SHA512 || hash_type == SHA384) {
|
||||
CRYPT_INF("rsa oeap not support hash 384 512\n");
|
||||
continue;
|
||||
}
|
||||
/*
|
||||
if (2*HASH_SIZE(hash_type) >= RSA_KEY_LEN - 2) {
|
||||
continue;
|
||||
}
|
||||
*/
|
||||
src_size = RSA_KEY_LEN - 2 * HASH_SIZE(hash_type) - 2;
|
||||
CRYPT_MEMSET(src_data, 0xa, src_size);
|
||||
|
||||
/* without lparam */
|
||||
rsa_padding.pad.rsaes_oaep.type = hash_type;
|
||||
dst_size = RSA_KEY_LEN;
|
||||
ret = ali_rsa_public_encrypt(pubkey, src_data, src_size, ciphertext,
|
||||
&dst_size, rsa_padding);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(
|
||||
-1, "rsa_oaep: public encrypt(without lparam) fail(%08x)\n", ret);
|
||||
}
|
||||
ret = ali_rsa_private_decrypt(keypair, ciphertext, RSA_KEY_LEN,
|
||||
plaintext, &dst_size, rsa_padding);
|
||||
if (ret != ALI_CRYPTO_SUCCESS || dst_size != src_size) {
|
||||
PRINT_RET(-1,
|
||||
"rsa_oaep: private decrypt(without lparam) fail(%08x)\n",
|
||||
ret);
|
||||
}
|
||||
if (CRYPT_MEMCMP(src_data, plaintext, src_size)) {
|
||||
ali_crypto_print_data("pliantext", plaintext, src_size);
|
||||
ali_crypto_print_data("ciphertext", ciphertext, dst_size);
|
||||
PRINT_RET(-1, "RSA encrypt/decrypt with PKCS1_OAEP(without lparam) "
|
||||
"test fail!\n");
|
||||
} else {
|
||||
CRYPT_INF("RSA encrypt/decrypt with PKCS1_OAEP(without lparam) "
|
||||
"test success!\n");
|
||||
}
|
||||
|
||||
/* with lparam */
|
||||
rsa_padding.pad.rsaes_oaep.type = hash_type;
|
||||
dst_size = RSA_KEY_LEN;
|
||||
ret = ali_rsa_public_encrypt(pubkey, src_data, src_size, ciphertext,
|
||||
&dst_size, rsa_padding);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(-1, "rsa_oaep: public encrypt(with lparam) fail(%08x)\n",
|
||||
ret);
|
||||
}
|
||||
ret = ali_rsa_private_decrypt(keypair, ciphertext, RSA_KEY_LEN,
|
||||
plaintext, &dst_size, rsa_padding);
|
||||
if (ret != ALI_CRYPTO_SUCCESS || dst_size != src_size) {
|
||||
PRINT_RET(-1, "rsa_oaep: private decrypt(with lparam) fail(%08x)\n",
|
||||
ret);
|
||||
}
|
||||
if (CRYPT_MEMCMP(src_data, plaintext, src_size)) {
|
||||
ali_crypto_print_data("pliantext", plaintext, src_size);
|
||||
ali_crypto_print_data("ciphertext", ciphertext, dst_size);
|
||||
PRINT_RET(
|
||||
-1,
|
||||
"RSA encrypt/decrypt with PKCS1_OAEP(with lparam) test fail!\n");
|
||||
} else {
|
||||
CRYPT_INF("RSA encrypt/decrypt with PKCS1_OAEP(with lparam) test "
|
||||
"success!\n");
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int _ali_crypto_sign_verify_v1_5(rsa_pubkey_t * pubkey,
|
||||
rsa_keypair_t *keypair)
|
||||
{
|
||||
bool result1, result2;
|
||||
ali_crypto_result ret;
|
||||
hash_type_t hash_type;
|
||||
uint8_t src_data[RSA_KEY_LEN];
|
||||
uint8_t signature[RSA_KEY_LEN];
|
||||
size_t src_size, dst_size;
|
||||
rsa_padding_t rsa_padding;
|
||||
|
||||
if (pubkey == NULL || keypair == NULL) {
|
||||
PRINT_RET(-1, "rsa_v1_5: invalid input args!\n");
|
||||
}
|
||||
|
||||
rsa_padding.type = RSASSA_PKCS1_V1_5;
|
||||
for (hash_type = SHA1; hash_type <= MD5; hash_type++) {
|
||||
rsa_padding.pad.rsassa_v1_5.type = hash_type;
|
||||
|
||||
if (hash_type == SHA512 || hash_type == SHA384) {
|
||||
CRYPT_INF("mbedtls rsa V1.5 not support hash 384 512\n");
|
||||
continue;
|
||||
}
|
||||
#if 0
|
||||
if (HASH_SIZE(hash_type) + 11 > RSA_KEY_LEN) {
|
||||
continue;
|
||||
}
|
||||
#endif
|
||||
|
||||
src_size = HASH_SIZE(hash_type);
|
||||
CRYPT_MEMSET(src_data, 0xa, src_size);
|
||||
|
||||
dst_size = RSA_KEY_LEN;
|
||||
ret = ali_rsa_sign(keypair, src_data, src_size, signature, &dst_size,
|
||||
rsa_padding);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(-1, "rsa_v1_5: sign fail(%08x)\n", ret);
|
||||
}
|
||||
|
||||
ret = ali_rsa_verify(pubkey, src_data, src_size, signature, dst_size,
|
||||
rsa_padding, &result1);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(-1, "rsa_v1_5: verify fail(%08x)\n", ret);
|
||||
}
|
||||
|
||||
src_data[0] = src_data[0] ^ 0x1;
|
||||
ret = ali_rsa_verify(pubkey, src_data, src_size, signature, dst_size,
|
||||
rsa_padding, &result2);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(-1, "rsa_v1_5: verify fail(%08x)\n", ret);
|
||||
}
|
||||
|
||||
if (result1 == true && result2 == false) {
|
||||
CRYPT_INF("RSA sign/verify with PKCS1_V1_5 success!\n");
|
||||
} else {
|
||||
PRINT_RET(-1, "RSA sign/verify with PKCS1_V1_5 fail!\n");
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int _ali_crypto_sign_verify_pss(rsa_pubkey_t * pubkey,
|
||||
rsa_keypair_t *keypair)
|
||||
{
|
||||
bool result1, result2;
|
||||
ali_crypto_result ret;
|
||||
hash_type_t hash_type;
|
||||
uint8_t src_data[RSA_KEY_LEN];
|
||||
uint8_t signature[RSA_KEY_LEN];
|
||||
size_t src_size, dst_size;
|
||||
rsa_padding_t rsa_padding;
|
||||
|
||||
if (pubkey == NULL || keypair == NULL) {
|
||||
PRINT_RET(-1, "rsa_pss: invalid input args!\n");
|
||||
}
|
||||
|
||||
rsa_padding.type = RSASSA_PKCS1_PSS_MGF1;
|
||||
for (hash_type = SHA1; hash_type <= MD5; hash_type++) {
|
||||
rsa_padding.pad.rsassa_pss.type = hash_type;
|
||||
rsa_padding.pad.rsassa_pss.salt_len = 28;
|
||||
|
||||
if (hash_type == SHA512 || hash_type == SHA384) {
|
||||
CRYPT_INF("mbedtls rsa pss not support hash 512\n");
|
||||
continue;
|
||||
}
|
||||
#if 0
|
||||
if (HASH_SIZE(hash_type) + 28 + 2 > RSA_KEY_LEN) {
|
||||
continue;
|
||||
}
|
||||
#endif
|
||||
|
||||
src_size = HASH_SIZE(hash_type);
|
||||
|
||||
CRYPT_MEMSET(src_data, 0xa, src_size);
|
||||
|
||||
dst_size = RSA_KEY_LEN;
|
||||
ret = ali_rsa_sign(keypair, src_data, src_size, signature, &dst_size,
|
||||
rsa_padding);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(-1, "rsa_pss: sign fail(%08x)\n", ret);
|
||||
}
|
||||
|
||||
ret = ali_rsa_verify(pubkey, src_data, src_size, signature, dst_size,
|
||||
rsa_padding, &result1);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(-1, "rsa_pss: verify fail(%08x)\n", ret);
|
||||
}
|
||||
|
||||
src_data[0] = src_data[0] ^ 0x1;
|
||||
ret = ali_rsa_verify(pubkey, src_data, src_size, signature, dst_size,
|
||||
rsa_padding, &result2);
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(-1, "rsa_pss: verify fail(%08x)\n", ret);
|
||||
}
|
||||
|
||||
if (result1 == true && result2 == false) {
|
||||
CRYPT_INF("RSA sign/verify with PKCS1_PSS_MGF1 success!\n");
|
||||
} else {
|
||||
PRINT_RET(-1, "RSA sign/verify with PKCS1_PSS_MGF1 fail!\n");
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int ali_crypto_rsa_test(void)
|
||||
{
|
||||
int ret;
|
||||
rsa_pubkey_t * pubkey = NULL;
|
||||
rsa_keypair_t *keypair = NULL;
|
||||
|
||||
ret = _rsa_test_gen_key();
|
||||
if (ret < 0) {
|
||||
goto _out;
|
||||
}
|
||||
|
||||
ret = _ali_crypto_init_key(&keypair, &pubkey);
|
||||
if (ret < 0) {
|
||||
goto _out;
|
||||
}
|
||||
|
||||
/* TODO */
|
||||
#if 0
|
||||
ret = _ali_crypto_encrypt_decrypt_nopad(pubkey, keypair);
|
||||
if (ret < 0) {
|
||||
goto _out;
|
||||
}
|
||||
#endif
|
||||
|
||||
ret = _ali_crypto_encrypt_decrypt_v1_5(pubkey, keypair);
|
||||
if (ret < 0) {
|
||||
goto _out;
|
||||
}
|
||||
|
||||
ret = _ali_crypto_encrypt_decrypt_oaep(pubkey, keypair);
|
||||
if (ret < 0) {
|
||||
goto _out;
|
||||
}
|
||||
|
||||
ret = _ali_crypto_sign_verify_v1_5(pubkey, keypair);
|
||||
if (ret < 0) {
|
||||
goto _out;
|
||||
}
|
||||
|
||||
ret = _ali_crypto_sign_verify_pss(pubkey, keypair);
|
||||
if (ret < 0) {
|
||||
goto _out;
|
||||
}
|
||||
|
||||
_out:
|
||||
if (pubkey) {
|
||||
CRYPT_FREE(pubkey);
|
||||
}
|
||||
if (keypair) {
|
||||
CRYPT_FREE(keypair);
|
||||
}
|
||||
if (0 == ret) {
|
||||
CRYPT_INF("================ALI crypto test SUCCESS!\n");
|
||||
} else {
|
||||
CRYPT_INF("================ALI crypto test FAIL!\n");
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
|
@ -0,0 +1,51 @@
|
|||
/**
|
||||
* Copyright (C) 2017 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#ifndef _ALI_CRYPTO_TEST_H_
|
||||
#define _ALI_CRYPTO_TEST_H_
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include "ali_crypto.h"
|
||||
|
||||
#define CRYPT_ERR(_f, ...) \
|
||||
printf("E %s %d: "_f, __FUNCTION__, __LINE__, ##__VA_ARGS__)
|
||||
#define CRYPT_INF(_f, ...) \
|
||||
printf("I %s %d: "_f, __FUNCTION__, __LINE__, ##__VA_ARGS__)
|
||||
|
||||
#ifdef MBEDTLS_IOT_PLAT_AOS
|
||||
#include <aos/kernel.h>
|
||||
#define CRYPT_MALLOC aos_malloc
|
||||
#define CRYPT_FREE aos_free
|
||||
#else
|
||||
#define CRYPT_MALLOC malloc
|
||||
#define CRYPT_FREE free
|
||||
#endif
|
||||
|
||||
#define CRYPT_MEMSET memset
|
||||
#define CRYPT_MEMCPY memcpy
|
||||
#define CRYPT_MEMCMP memcmp
|
||||
|
||||
#define PRINT_RET(_ret, _f, ...) \
|
||||
do { \
|
||||
CRYPT_ERR(_f, ##__VA_ARGS__); \
|
||||
return _ret; \
|
||||
} while (0);
|
||||
|
||||
#define GO_RET(_ret, _f, ...) \
|
||||
do { \
|
||||
CRYPT_ERR(_f, ##__VA_ARGS__); \
|
||||
result = _ret; \
|
||||
goto _OUT; \
|
||||
} while (0);
|
||||
|
||||
void ali_crypto_print_data(const char *name, uint8_t *data, size_t size);
|
||||
|
||||
int ali_crypto_hash_test(void);
|
||||
int ali_crypto_hmac_test(void);
|
||||
int ali_crypto_rand_test(void);
|
||||
int ali_crypto_aes_test(void);
|
||||
int ali_crypto_rsa_test(void);
|
||||
#endif
|
||||
Loading…
Add table
Add a link
Reference in a new issue