mirror of
https://github.com/Ai-Thinker-Open/Ai-Thinker-Open_RTL8710BX_ALIOS_SDK.git
synced 2026-07-13 21:45:38 +00:00
rel_1.6.0 init
This commit is contained in:
commit
27b3e2883d
19359 changed files with 8093121 additions and 0 deletions
1099
Living_SDK/security/alicrypto/libalicrypto/mbed/asym/rsa.c
Normal file
1099
Living_SDK/security/alicrypto/libalicrypto/mbed/asym/rsa.c
Normal file
File diff suppressed because it is too large
Load diff
874
Living_SDK/security/alicrypto/libalicrypto/mbed/cipher/aes.c
Normal file
874
Living_SDK/security/alicrypto/libalicrypto/mbed/cipher/aes.c
Normal file
|
|
@ -0,0 +1,874 @@
|
|||
/**
|
||||
* Copyright (C) 2017 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#include "mbed_crypto.h"
|
||||
#include "ali_crypto.h"
|
||||
|
||||
/* pkcs5 only support 8 bytes block size
|
||||
* pcks7 support 8,16 bytes block size, so in aes pkcs5 equal pkcs7 */
|
||||
/*
|
||||
* output: buf
|
||||
* output_len: block size
|
||||
* data_len: cur_data_len */
|
||||
static void _add_pkcs_padding(unsigned char *output, size_t output_len,
|
||||
size_t data_len)
|
||||
{
|
||||
size_t padding_len = output_len - data_len;
|
||||
unsigned char i;
|
||||
|
||||
for (i = 0; i < padding_len; i++) {
|
||||
output[data_len + i] = (unsigned char)padding_len;
|
||||
}
|
||||
}
|
||||
|
||||
static int _get_pkcs_padding(unsigned char *input, size_t input_len,
|
||||
size_t *data_len)
|
||||
{
|
||||
size_t i, pad_idx;
|
||||
unsigned char padding_len, bad = 0;
|
||||
|
||||
if (NULL == input || NULL == data_len) {
|
||||
return ALI_CRYPTO_INVALID_ARG;
|
||||
}
|
||||
|
||||
padding_len = input[input_len - 1];
|
||||
*data_len = input_len - padding_len;
|
||||
|
||||
/* Avoid logical || since it results in a branch */
|
||||
bad |= padding_len > input_len;
|
||||
bad |= padding_len == 0;
|
||||
|
||||
/* The number of bytes checked must be independent of padding_len,
|
||||
* so pick input_len, which is usually 8 or 16 (one block) */
|
||||
pad_idx = input_len - padding_len;
|
||||
for (i = 0; i < input_len; i++) {
|
||||
bad |= (input[i] ^ padding_len) * (i >= pad_idx);
|
||||
}
|
||||
|
||||
return (ALI_CRYPTO_INVALID_PADDING * (bad != 0));
|
||||
}
|
||||
|
||||
static ali_crypto_result _ali_aes_ecb_final(const uint8_t *src, size_t src_size,
|
||||
uint8_t *dst, size_t *dst_size,
|
||||
sym_padding_t padding,
|
||||
aes_ctx_t * ctx)
|
||||
{
|
||||
int ret;
|
||||
uint8_t block[AES_BLOCK_SIZE];
|
||||
int mode;
|
||||
size_t round = 0;
|
||||
size_t data_len;
|
||||
|
||||
if (ctx == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ecb_final: invalid context!\n");
|
||||
}
|
||||
|
||||
if (!(padding == SYM_NOPAD || padding == SYM_PKCS5_PAD)) {
|
||||
/* not support zero padding */
|
||||
PRINT_RET(ALI_CRYPTO_NOSUPPORT,
|
||||
"ecb_final: only support no-padding and pkcs5/7!\n");
|
||||
}
|
||||
|
||||
if (padding == SYM_NOPAD) {
|
||||
if (src == NULL || src_size == 0) {
|
||||
if (dst_size != NULL) {
|
||||
*dst_size = 0;
|
||||
}
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
} else if (padding == SYM_PKCS5_PAD) {
|
||||
/* pkcs5 finish must have input data */
|
||||
if (NULL == src || 0 == src_size) {
|
||||
if (dst_size != NULL) {
|
||||
*dst_size = 0;
|
||||
}
|
||||
return ALI_CRYPTO_INVALID_ARG;
|
||||
}
|
||||
}
|
||||
|
||||
if (dst_size == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ecb_final: invalid arg!\n");
|
||||
}
|
||||
|
||||
if ((0 != *dst_size) && (dst == NULL)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ecb_final: invalid arg!\n");
|
||||
}
|
||||
|
||||
if (ctx->is_enc) {
|
||||
mode = MBEDTLS_AES_ENCRYPT;
|
||||
} else {
|
||||
mode = MBEDTLS_AES_DECRYPT;
|
||||
}
|
||||
|
||||
if (padding == SYM_NOPAD) {
|
||||
if (src_size % AES_BLOCK_SIZE != 0) {
|
||||
PRINT_RET(ALI_CRYPTO_LENGTH_ERR,
|
||||
"ecb_final: no pad invalid size(%d vs %d)\n",
|
||||
(int)src_size, (int)*dst_size);
|
||||
}
|
||||
if (src_size > *dst_size) {
|
||||
*dst_size = src_size;
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"ecb_final: no pad short buffer\n");
|
||||
}
|
||||
} else if (padding == SYM_PKCS5_PAD) {
|
||||
if (ctx->is_enc) {
|
||||
if ((src_size + (AES_BLOCK_SIZE - src_size % AES_BLOCK_SIZE)) >
|
||||
*dst_size) {
|
||||
*dst_size =
|
||||
src_size + (AES_BLOCK_SIZE - src_size % AES_BLOCK_SIZE);
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"ecb_final: enc pkcs short buffer(%d vs %d)\n",
|
||||
(int)src_size, (int)*dst_size);
|
||||
}
|
||||
} else {
|
||||
if (src_size % AES_BLOCK_SIZE != 0) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_PADDING,
|
||||
"ecb_final: cipher size is not block align(%d)\n",
|
||||
(int)src_size);
|
||||
}
|
||||
if ((src_size - AES_BLOCK_SIZE) > *dst_size) {
|
||||
ret = mbedtls_aes_crypt_ecb(
|
||||
&(ctx->ctx), mode, src + (src_size - AES_BLOCK_SIZE), block);
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"ecb_final: mbedtls_aes_crypt_ecb fail(%d)\n",
|
||||
ret);
|
||||
}
|
||||
|
||||
ret = _get_pkcs_padding(block, AES_BLOCK_SIZE, &data_len);
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"get pkcs padding fail(0x%08x)\n", ret);
|
||||
}
|
||||
*dst_size = src_size - (AES_BLOCK_SIZE - data_len);
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"ecb_final: dec pkcs short buffer(%d vs %d)\n",
|
||||
(int)src_size, (int)*dst_size);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (MBEDTLS_AES_ENCRYPT == mode) {
|
||||
/* encrypt */
|
||||
size_t cur_len;
|
||||
round = 0;
|
||||
while (round < (src_size / AES_BLOCK_SIZE)) {
|
||||
ret = mbedtls_aes_crypt_ecb(&(ctx->ctx), mode,
|
||||
src + round * AES_BLOCK_SIZE,
|
||||
dst + round * AES_BLOCK_SIZE);
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"ecb_final: mbedtls_aes_crypt_ecb fail(%d)\n", ret);
|
||||
}
|
||||
round++;
|
||||
}
|
||||
|
||||
cur_len = round * AES_BLOCK_SIZE;
|
||||
if (padding == SYM_NOPAD) {
|
||||
if (src_size != cur_len) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"ecb_final: src size not block align(%d)\n", cur_len);
|
||||
}
|
||||
|
||||
*dst_size = cur_len;
|
||||
} else if (padding == SYM_PKCS5_PAD) {
|
||||
OSA_memcpy(block, src + cur_len, src_size - cur_len);
|
||||
_add_pkcs_padding(block, AES_BLOCK_SIZE, src_size - cur_len);
|
||||
|
||||
ret =
|
||||
mbedtls_aes_crypt_ecb(&(ctx->ctx), mode, block, dst + cur_len);
|
||||
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"ecb_final: mbedtls_aes_crypt_ecb fail(%d)\n", ret);
|
||||
}
|
||||
|
||||
*dst_size = cur_len + AES_BLOCK_SIZE;
|
||||
}
|
||||
} else {
|
||||
/* dencrypt */
|
||||
uint8_t *tmp_dst = OSA_malloc(src_size);
|
||||
|
||||
if (NULL == tmp_dst) {
|
||||
PRINT_RET(ALI_CRYPTO_OUTOFMEM, "ecb_final: out of memory\n");
|
||||
}
|
||||
round = 0;
|
||||
while (round < (src_size / AES_BLOCK_SIZE)) {
|
||||
ret = mbedtls_aes_crypt_ecb(&(ctx->ctx), mode,
|
||||
src + round * AES_BLOCK_SIZE,
|
||||
tmp_dst + round * AES_BLOCK_SIZE);
|
||||
if (0 != ret) {
|
||||
OSA_free(tmp_dst);
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"ecb_final: mbedtls_aes_crypt_ecb fail(%d)\n", ret);
|
||||
}
|
||||
round++;
|
||||
}
|
||||
|
||||
if (padding == SYM_NOPAD) {
|
||||
if (src_size > *dst_size) {
|
||||
*dst_size = src_size;
|
||||
OSA_free(tmp_dst);
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"ecb_final: dec no pad short buffer(src size %d vs "
|
||||
"dst size %d)\n",
|
||||
src_size, *dst_size);
|
||||
}
|
||||
|
||||
OSA_memcpy(dst, tmp_dst, src_size);
|
||||
*dst_size = src_size;
|
||||
} else if (padding == SYM_PKCS5_PAD) {
|
||||
ret = _get_pkcs_padding(tmp_dst + (round - 1) * AES_BLOCK_SIZE,
|
||||
AES_BLOCK_SIZE, &data_len);
|
||||
if (0 != ret) {
|
||||
OSA_free(tmp_dst);
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"ecb_final: get pkcs padding fail(0x%08x)\n", ret);
|
||||
}
|
||||
if (*dst_size < src_size - (AES_BLOCK_SIZE - data_len)) {
|
||||
OSA_free(tmp_dst);
|
||||
*dst_size = src_size - (AES_BLOCK_SIZE - data_len);
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"ecb_final: dec pkcs short buffer\n");
|
||||
}
|
||||
|
||||
OSA_memcpy(dst, tmp_dst, src_size - (AES_BLOCK_SIZE - data_len));
|
||||
*dst_size = src_size - (AES_BLOCK_SIZE - data_len);
|
||||
}
|
||||
|
||||
OSA_free(tmp_dst);
|
||||
tmp_dst = NULL;
|
||||
}
|
||||
|
||||
return (ali_crypto_result)ret;
|
||||
}
|
||||
|
||||
static ali_crypto_result _ali_aes_cbc_final(const uint8_t *src, size_t src_size,
|
||||
uint8_t *dst, size_t *dst_size,
|
||||
sym_padding_t padding,
|
||||
aes_ctx_t * ctx)
|
||||
{
|
||||
int ret;
|
||||
int mode;
|
||||
size_t data_len;
|
||||
uint8_t *tmp_dst = NULL;
|
||||
|
||||
if (ctx == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "cbc_final: invalid context!\n");
|
||||
}
|
||||
|
||||
if (!(padding == SYM_NOPAD || padding == SYM_PKCS5_PAD)) {
|
||||
PRINT_RET(ALI_CRYPTO_NOSUPPORT,
|
||||
"ecb_final: only support no-padding and pkcs5/7!\n");
|
||||
}
|
||||
|
||||
if (padding == SYM_NOPAD) {
|
||||
if (src == NULL || src_size == 0) {
|
||||
if (dst_size != NULL) {
|
||||
*dst_size = 0;
|
||||
}
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
} else if (padding == SYM_PKCS5_PAD) {
|
||||
/* pkcs5 finish must have input data */
|
||||
if (NULL == src || 0 == src_size) {
|
||||
if (dst_size != NULL) {
|
||||
*dst_size = 0;
|
||||
}
|
||||
return ALI_CRYPTO_INVALID_ARG;
|
||||
}
|
||||
}
|
||||
|
||||
if (dst_size == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "cbc_final: invalid arg!\n");
|
||||
}
|
||||
|
||||
if ((0 != *dst_size) && (dst == NULL)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "cbc_final: invalid arg!\n");
|
||||
}
|
||||
if (ctx->is_enc) {
|
||||
mode = MBEDTLS_AES_ENCRYPT;
|
||||
} else {
|
||||
mode = MBEDTLS_AES_DECRYPT;
|
||||
}
|
||||
|
||||
if (padding == SYM_NOPAD) {
|
||||
if (src_size % AES_BLOCK_SIZE != 0) {
|
||||
PRINT_RET(ALI_CRYPTO_LENGTH_ERR,
|
||||
"cbc_final: no pad invalid size(%d vs %d)\n",
|
||||
(int)src_size, (int)*dst_size);
|
||||
}
|
||||
if (src_size > *dst_size) {
|
||||
*dst_size = src_size;
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER, "cbc_final: short buffer\n");
|
||||
} else {
|
||||
*dst_size = src_size;
|
||||
}
|
||||
} else if (padding == SYM_PKCS5_PAD) {
|
||||
if (ctx->is_enc) {
|
||||
if ((src_size + (AES_BLOCK_SIZE - src_size % AES_BLOCK_SIZE)) >
|
||||
*dst_size) {
|
||||
*dst_size =
|
||||
src_size + (AES_BLOCK_SIZE - src_size % AES_BLOCK_SIZE);
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"ecb_final: enc pkcs5 short buffer(%d vs %d)\n",
|
||||
(int)src_size, (int)*dst_size);
|
||||
}
|
||||
} else {
|
||||
if (src_size % AES_BLOCK_SIZE != 0) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_PADDING,
|
||||
"cbc_final: cipher size is not block align(%d)\n",
|
||||
(int)src_size);
|
||||
}
|
||||
if ((src_size - AES_BLOCK_SIZE) > *dst_size) {
|
||||
tmp_dst = OSA_malloc(src_size);
|
||||
if (NULL == tmp_dst) {
|
||||
PRINT_RET(ALI_CRYPTO_OUTOFMEM,
|
||||
"cbc_final: out of memory\n");
|
||||
}
|
||||
ret =
|
||||
mbedtls_aes_crypt_cbc(&(ctx->ctx), mode, src_size,
|
||||
(unsigned char *)ctx->iv, src, tmp_dst);
|
||||
if (0 != ret) {
|
||||
OSA_free(tmp_dst);
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"cbc_final: mbedtls_aes_crypt_cbc fail(%d)\n",
|
||||
ret);
|
||||
}
|
||||
|
||||
ret = _get_pkcs_padding(tmp_dst + src_size - AES_BLOCK_SIZE,
|
||||
AES_BLOCK_SIZE, &data_len);
|
||||
if (0 != ret) {
|
||||
OSA_free(tmp_dst);
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"cbc_final: get pkcs padding fail(0x%08x)\n",
|
||||
ret);
|
||||
}
|
||||
*dst_size = src_size - (AES_BLOCK_SIZE - data_len);
|
||||
|
||||
OSA_free(tmp_dst);
|
||||
tmp_dst = NULL;
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"cbc_final: dec pkcs short buffer(%d vs %d)\n",
|
||||
(int)src_size, (int)*dst_size);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (MBEDTLS_AES_ENCRYPT == mode) {
|
||||
/* encrypt, short buffer will be blocked above */
|
||||
size_t cur_len;
|
||||
uint8_t block[AES_BLOCK_SIZE];
|
||||
|
||||
cur_len = src_size & (~(AES_BLOCK_SIZE - 1));
|
||||
ret = mbedtls_aes_crypt_cbc(
|
||||
&(ctx->ctx), mode, cur_len, (unsigned char *)ctx->iv,
|
||||
(const unsigned char *)src, (unsigned char *)dst);
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"cbc_final: mbedtls_aes_crypt_cbc fail(%d)\n", ret);
|
||||
}
|
||||
|
||||
if (padding == SYM_PKCS5_PAD) {
|
||||
OSA_memcpy(block, src + cur_len, src_size - cur_len);
|
||||
_add_pkcs_padding(block, AES_BLOCK_SIZE, src_size - cur_len);
|
||||
ret = mbedtls_aes_crypt_cbc(
|
||||
&(ctx->ctx), mode, AES_BLOCK_SIZE, (unsigned char *)ctx->iv,
|
||||
(const unsigned char *)block, (unsigned char *)(dst + cur_len));
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"cbc_final: mbedtls_aes_crypt_cbc fail(%d)\n", ret);
|
||||
}
|
||||
*dst_size = cur_len + AES_BLOCK_SIZE;
|
||||
}
|
||||
} else {
|
||||
/* dencrypt */
|
||||
if (padding == SYM_NOPAD) {
|
||||
ret = mbedtls_aes_crypt_cbc(
|
||||
&(ctx->ctx), mode, src_size, (unsigned char *)ctx->iv,
|
||||
(const unsigned char *)src, (unsigned char *)dst);
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"cbc_final: mbedtls_aes_crypt_cbc fail(%d)\n", ret);
|
||||
}
|
||||
|
||||
*dst_size = src_size;
|
||||
} else if (padding == SYM_PKCS5_PAD) {
|
||||
/* avoid dst size is not enougth */
|
||||
tmp_dst = OSA_malloc(src_size);
|
||||
if (NULL == tmp_dst) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR, "cbc_final: out of memory\n");
|
||||
}
|
||||
ret = mbedtls_aes_crypt_cbc(
|
||||
&(ctx->ctx), mode, src_size, (unsigned char *)ctx->iv,
|
||||
(const unsigned char *)src, (unsigned char *)tmp_dst);
|
||||
if (0 != ret) {
|
||||
OSA_free(tmp_dst);
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"cbc_final: mbedtls_aes_crypt_cbc fail(%d)\n", ret);
|
||||
}
|
||||
|
||||
ret = _get_pkcs_padding(tmp_dst + src_size - AES_BLOCK_SIZE,
|
||||
AES_BLOCK_SIZE, &data_len);
|
||||
if (0 != ret) {
|
||||
OSA_free(tmp_dst);
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"cbc_final: get pkcs padding fail(0x%08x)\n", ret);
|
||||
}
|
||||
if (*dst_size < src_size - (AES_BLOCK_SIZE - data_len)) {
|
||||
OSA_free(tmp_dst);
|
||||
*dst_size = src_size - (AES_BLOCK_SIZE - data_len);
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"cbc_final: dec pkcs short buffer\n");
|
||||
}
|
||||
OSA_memcpy(dst, tmp_dst, src_size - (AES_BLOCK_SIZE - data_len));
|
||||
*dst_size = src_size - (AES_BLOCK_SIZE - data_len);
|
||||
OSA_free(tmp_dst);
|
||||
}
|
||||
}
|
||||
|
||||
return (ali_crypto_result)ret;
|
||||
}
|
||||
|
||||
static ali_crypto_result _ali_aes_ctr_final(const uint8_t *src, size_t src_size,
|
||||
uint8_t *dst, size_t *dst_size,
|
||||
aes_ctx_t *ctx)
|
||||
{
|
||||
int ret;
|
||||
if (ctx == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ctr_final: invalid context!\n");
|
||||
}
|
||||
|
||||
if (src == NULL || src_size == 0) {
|
||||
if (dst_size != NULL) {
|
||||
*dst_size = 0;
|
||||
}
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
if (dst_size == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ctr_final: invalid arg!\n");
|
||||
}
|
||||
|
||||
if (src_size > *dst_size) {
|
||||
*dst_size = src_size;
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"ctr_final: short buffer(%d vs %d)\n", (int)src_size,
|
||||
(int)*dst_size);
|
||||
}
|
||||
|
||||
ret = mbedtls_aes_crypt_ctr(
|
||||
&(ctx->ctx), src_size, &(ctx->offset), (unsigned char *)ctx->iv,
|
||||
(unsigned char *)ctx->stream_block, (const unsigned char *)src,
|
||||
(unsigned char *)dst);
|
||||
|
||||
*dst_size = src_size;
|
||||
|
||||
return (ali_crypto_result)ret;
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
static ali_crypto_result _ali_aes_cfb_final(const uint8_t *src, size_t src_size,
|
||||
uint8_t *dst, size_t *dst_size,
|
||||
aes_ctx_t *ctx)
|
||||
{
|
||||
int ret;
|
||||
int mode;
|
||||
|
||||
if (ctx == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "cfb_final: invalid context!\n");
|
||||
}
|
||||
|
||||
if (src == NULL || src_size == 0) {
|
||||
if (dst_size != NULL) {
|
||||
*dst_size = 0;
|
||||
}
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
if (dst == NULL || dst_size == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "cfb_final: invalid arg!\n");
|
||||
}
|
||||
|
||||
if (src_size > *dst_size) {
|
||||
*dst_size = src_size;
|
||||
PRINT_RET(ALI_CRYPTO_SHORT_BUFFER,
|
||||
"cfb_final: short buffer(%d vs %d)\n", (int)src_size,
|
||||
(int)*dst_size);
|
||||
}
|
||||
|
||||
if (ctx->is_enc) {
|
||||
mode = MBEDTLS_AES_ENCRYPT;
|
||||
} else {
|
||||
mode = MBEDTLS_AES_DECRYPT;
|
||||
}
|
||||
|
||||
if (ctx->type == AES_CFB8) {
|
||||
ret = mbedtls_aes_crypt_cfb8(
|
||||
&(ctx->ctx), mode, src_size, (unsigned char *)ctx->iv,
|
||||
(const unsigned char *)src, (unsigned char *)dst);
|
||||
} else if (ctx->type == AES_CFB128) {
|
||||
ret = mbedtls_aes_crypt_cfb128(
|
||||
&(ctx->ctx), mode, src_size, &(ctx->offset), (unsigned char *)ctx->iv,
|
||||
(const unsigned char *)src, (unsigned char *)dst);
|
||||
} else {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "cfb_final: invalid cfb type!\n");
|
||||
}
|
||||
|
||||
*dst_size = src_size;
|
||||
|
||||
return (ali_crypto_result)ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
ali_crypto_result ali_aes_get_ctx_size(aes_type_t type, size_t *size)
|
||||
{
|
||||
if (size == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "aes_get_ctx_size: bad input!\n");
|
||||
}
|
||||
switch (type) {
|
||||
case AES_ECB:
|
||||
case AES_CBC:
|
||||
case AES_CTR:
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
case AES_CFB8:
|
||||
case AES_CFB128:
|
||||
#endif
|
||||
break;
|
||||
case AES_CTS:
|
||||
case AES_XTS:
|
||||
PRINT_RET(ALI_CRYPTO_NOSUPPORT,
|
||||
"ali_aes_init: invalid aes type(%d)\n", type);
|
||||
default:
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_TYPE,
|
||||
"ali_aes_init: invalid aes type(%d)\n", type);
|
||||
}
|
||||
*size = sizeof(aes_ctx_t);
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_aes_init(aes_type_t type, bool is_enc,
|
||||
const uint8_t *key1, const uint8_t *key2,
|
||||
size_t keybytes, const uint8_t *iv,
|
||||
void *context)
|
||||
{
|
||||
int ret = ALI_CRYPTO_SUCCESS;
|
||||
aes_ctx_t *aes_ctx;
|
||||
|
||||
(void)key2;
|
||||
if (key1 == NULL || context == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_aes_init: bad input args!\n");
|
||||
}
|
||||
|
||||
if (keybytes != 16 && keybytes != 24 && keybytes != 32) {
|
||||
PRINT_RET(ALI_CRYPTO_LENGTH_ERR, "ali_aes_init: bad key lenth(%d)\n",
|
||||
(int)keybytes);
|
||||
}
|
||||
|
||||
aes_ctx = (aes_ctx_t *)context;
|
||||
if ((IS_VALID_CTX_MAGIC(aes_ctx->magic) &&
|
||||
aes_ctx->status != CRYPTO_STATUS_FINISHED) &&
|
||||
aes_ctx->status != CRYPTO_STATUS_CLEAN) {
|
||||
PRINT_RET(ALI_CRYPTO_ERR_STATE, "ali_aes_init: bad status(%d)\n",
|
||||
(int)aes_ctx->status);
|
||||
}
|
||||
|
||||
switch (type) {
|
||||
case AES_ECB:
|
||||
break;
|
||||
case AES_CBC: {
|
||||
if (iv == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG,
|
||||
"ali_aes_init: cbc iv is null\n");
|
||||
}
|
||||
|
||||
OSA_memcpy(aes_ctx->iv, iv, 16);
|
||||
break;
|
||||
}
|
||||
case AES_CTR: {
|
||||
if (iv == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG,
|
||||
"ali_aes_init: ctr iv is null\n");
|
||||
}
|
||||
OSA_memcpy(aes_ctx->iv, iv, 16);
|
||||
break;
|
||||
}
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
case AES_CFB8:
|
||||
case AES_CFB128: {
|
||||
if (iv == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG,
|
||||
"ali_aes_init: cfb iv is null\n");
|
||||
}
|
||||
OSA_memcpy(aes_ctx->iv, iv, 16);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
case AES_CTS:
|
||||
case AES_XTS:
|
||||
PRINT_RET(ALI_CRYPTO_NOSUPPORT,
|
||||
"ali_aes_init: not support aes type(%d)\n", type);
|
||||
break;
|
||||
default:
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_TYPE,
|
||||
"ali_aes_init: invalid aes type(%d)\n", type);
|
||||
}
|
||||
|
||||
mbedtls_aes_init(&(aes_ctx->ctx));
|
||||
aes_ctx->is_enc = is_enc;
|
||||
|
||||
if (aes_ctx->is_enc) {
|
||||
ret = mbedtls_aes_setkey_enc(&(aes_ctx->ctx), key1, keybytes * 8);
|
||||
} else {
|
||||
if (AES_CTR == type || AES_CFB8 == type || AES_CFB128 == type) {
|
||||
ret = mbedtls_aes_setkey_enc(&(aes_ctx->ctx), key1, keybytes * 8);
|
||||
} else {
|
||||
ret = mbedtls_aes_setkey_dec(&(aes_ctx->ctx), key1, keybytes * 8);
|
||||
}
|
||||
}
|
||||
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR, "ALI_aes_init: start mode(%d) fail(%d)\n",
|
||||
type, ret);
|
||||
}
|
||||
|
||||
aes_ctx->offset = 0;
|
||||
aes_ctx->type = type;
|
||||
aes_ctx->status = CRYPTO_STATUS_INITIALIZED;
|
||||
INIT_CTX_MAGIC(aes_ctx->magic);
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_aes_process(const uint8_t *src, uint8_t *dst, size_t size,
|
||||
void *context)
|
||||
{
|
||||
int ret;
|
||||
aes_ctx_t *aes_ctx;
|
||||
int mode;
|
||||
|
||||
if (context == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_aes_process: bad ctx!\n");
|
||||
}
|
||||
|
||||
if (src == NULL || dst == NULL || size == 0) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_aes_process: bad args!\n");
|
||||
}
|
||||
|
||||
aes_ctx = (aes_ctx_t *)context;
|
||||
if (!IS_VALID_CTX_MAGIC(aes_ctx->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_aes_process: bad magic!\n");
|
||||
}
|
||||
|
||||
if ((aes_ctx->status != CRYPTO_STATUS_INITIALIZED) &&
|
||||
(aes_ctx->status != CRYPTO_STATUS_PROCESSING)) {
|
||||
PRINT_RET(ALI_CRYPTO_ERR_STATE, "ali_aes_update: bad status(%d)\n",
|
||||
(int)aes_ctx->status);
|
||||
}
|
||||
|
||||
if (aes_ctx->is_enc) {
|
||||
mode = MBEDTLS_AES_ENCRYPT;
|
||||
} else {
|
||||
mode = MBEDTLS_AES_DECRYPT;
|
||||
}
|
||||
switch (aes_ctx->type) {
|
||||
/* FIXME, limitation, size must be block size aigned */
|
||||
case AES_ECB: {
|
||||
size_t cur_len = 0;
|
||||
if (size % AES_BLOCK_SIZE != 0) {
|
||||
PRINT_RET(ALI_CRYPTO_LENGTH_ERR,
|
||||
"ali_aes_process: invalid size(%d)\n", (int)size);
|
||||
}
|
||||
|
||||
while (cur_len < size) {
|
||||
ret = mbedtls_aes_crypt_ecb(&(aes_ctx->ctx), mode,
|
||||
src + cur_len, dst + cur_len);
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"mbedtls_aes_crypt_ecb fail(%d)\n", ret);
|
||||
}
|
||||
cur_len += AES_BLOCK_SIZE;
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
case AES_CBC: {
|
||||
if (size % AES_BLOCK_SIZE != 0) {
|
||||
PRINT_RET(ALI_CRYPTO_LENGTH_ERR,
|
||||
"ali_aes_process: invalid size(%d)\n", (int)size);
|
||||
}
|
||||
|
||||
ret = mbedtls_aes_crypt_cbc(
|
||||
&(aes_ctx->ctx), mode, size, (unsigned char *)aes_ctx->iv,
|
||||
(const unsigned char *)src, (unsigned char *)dst);
|
||||
|
||||
#if 0 /* mbedtls have copy it */
|
||||
if (ret == ALI_CRYPTO_SUCCESS) {
|
||||
OSA_memcpy(aes_ctx->iv, src - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
|
||||
}
|
||||
#endif
|
||||
|
||||
break;
|
||||
}
|
||||
case AES_CTR: {
|
||||
ret = mbedtls_aes_crypt_ctr(
|
||||
&(aes_ctx->ctx), size, &(aes_ctx->offset),
|
||||
(unsigned char *)aes_ctx->iv,
|
||||
(unsigned char *)aes_ctx->stream_block,
|
||||
(const unsigned char *)src, (unsigned char *)dst);
|
||||
break;
|
||||
}
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
case AES_CFB8: {
|
||||
ret = mbedtls_aes_crypt_cfb8(
|
||||
&(aes_ctx->ctx), mode, size, (unsigned char *)aes_ctx->iv,
|
||||
(const unsigned char *)src, (unsigned char *)dst);
|
||||
break;
|
||||
}
|
||||
case AES_CFB128: {
|
||||
ret = mbedtls_aes_crypt_cfb128(
|
||||
&(aes_ctx->ctx), mode, size, &(aes_ctx->offset),
|
||||
(unsigned char *)aes_ctx->iv, (const unsigned char *)src,
|
||||
(unsigned char *)dst);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
case AES_CTS:
|
||||
case AES_XTS:
|
||||
default:
|
||||
PRINT_RET(ALI_CRYPTO_NOSUPPORT,
|
||||
"ali_aes_process: invalid hash type(%d)\n",
|
||||
aes_ctx->type);
|
||||
}
|
||||
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
if (aes_ctx->is_enc) {
|
||||
MBED_DBG_E("ali_aes_process: encrypt(%d) fail!\n", aes_ctx->type);
|
||||
} else {
|
||||
MBED_DBG_E("ali_aes_process: decrypt(%d) fail!\n", aes_ctx->type);
|
||||
}
|
||||
return ALI_CRYPTO_ERROR;
|
||||
}
|
||||
|
||||
aes_ctx->status = CRYPTO_STATUS_PROCESSING;
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_aes_finish(const uint8_t *src, size_t src_size,
|
||||
uint8_t *dst, size_t *dst_size,
|
||||
sym_padding_t padding, void *context)
|
||||
{
|
||||
ali_crypto_result ret;
|
||||
aes_ctx_t * aes_ctx;
|
||||
|
||||
if ((src == NULL && src_size != 0) ||
|
||||
((dst_size != NULL) && (dst == NULL && *dst_size != 0)) ||
|
||||
context == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_aes_finish: bad input args!\n");
|
||||
}
|
||||
|
||||
aes_ctx = (aes_ctx_t *)context;
|
||||
if (!IS_VALID_CTX_MAGIC(aes_ctx->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_aes_finish: bad magic!\n");
|
||||
}
|
||||
|
||||
if ((aes_ctx->status != CRYPTO_STATUS_INITIALIZED) &&
|
||||
(aes_ctx->status != CRYPTO_STATUS_PROCESSING)) {
|
||||
PRINT_RET(ALI_CRYPTO_ERR_STATE, "ali_aes_finish: bad status(%d)\n",
|
||||
(int)aes_ctx->status);
|
||||
}
|
||||
|
||||
switch (aes_ctx->type) {
|
||||
case AES_ECB: {
|
||||
ret = _ali_aes_ecb_final(src, src_size, dst, dst_size, padding,
|
||||
aes_ctx);
|
||||
break;
|
||||
}
|
||||
case AES_CBC: {
|
||||
ret = _ali_aes_cbc_final(src, src_size, dst, dst_size, padding,
|
||||
aes_ctx);
|
||||
break;
|
||||
}
|
||||
case AES_CTR: {
|
||||
ret = _ali_aes_ctr_final(src, src_size, dst, dst_size, aes_ctx);
|
||||
break;
|
||||
}
|
||||
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
||||
case AES_CFB8:
|
||||
case AES_CFB128: {
|
||||
ret = _ali_aes_cfb_final(src, src_size, dst, dst_size, aes_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
case AES_CTS:
|
||||
case AES_XTS:
|
||||
default:
|
||||
PRINT_RET(ALI_CRYPTO_NOSUPPORT,
|
||||
"ali_aes_finish: invalid aes type(%d)\n", aes_ctx->type);
|
||||
}
|
||||
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
mbedtls_aes_free(&(aes_ctx->ctx));
|
||||
PRINT_RET(ret, "ali_aes_process: aes type(%d) final fail(%08x)\n",
|
||||
aes_ctx->type, ret);
|
||||
}
|
||||
|
||||
CLEAN_CTX_MAGIC(aes_ctx->magic);
|
||||
aes_ctx->status = CRYPTO_STATUS_FINISHED;
|
||||
aes_ctx->offset = 0;
|
||||
|
||||
mbedtls_aes_free(&(aes_ctx->ctx));
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_aes_reset(void *context)
|
||||
{
|
||||
aes_ctx_t *aes_ctx;
|
||||
|
||||
if (context == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_aes_reset: bad input args!\n");
|
||||
}
|
||||
|
||||
aes_ctx = (aes_ctx_t *)context;
|
||||
#if 0
|
||||
if (!IS_VALID_CTX_MAGIC(aes_ctx->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_aes_reset: bad magic!\n");
|
||||
}
|
||||
#endif
|
||||
|
||||
OSA_memset(aes_ctx, 0, sizeof(aes_ctx_t));
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_aes_copy_context(void *dst_ctx, void *src_ctx)
|
||||
{
|
||||
aes_ctx_t *aes_ctx_src, *aes_ctx_dst;
|
||||
|
||||
if ((dst_ctx == NULL) || (src_ctx == NULL)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG,
|
||||
"ali_aes_copy_context: bad input args!\n");
|
||||
}
|
||||
|
||||
aes_ctx_src = (aes_ctx_t *)src_ctx;
|
||||
if (!IS_VALID_CTX_MAGIC(aes_ctx_src->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT,
|
||||
"ali_aes_copy_context: bad magic!\n");
|
||||
}
|
||||
|
||||
/* only can copy to one un-initialized context */
|
||||
aes_ctx_dst = (aes_ctx_t *)dst_ctx;
|
||||
if ((IS_VALID_CTX_MAGIC(aes_ctx_dst->magic)) &&
|
||||
((aes_ctx_dst->status == CRYPTO_STATUS_INITIALIZED) ||
|
||||
(aes_ctx_dst->status == CRYPTO_STATUS_PROCESSING) ||
|
||||
(aes_ctx_dst->status == CRYPTO_STATUS_FINISHED))) {
|
||||
PRINT_RET(ALI_CRYPTO_ERR_STATE, "ali_aes_init: bad dst status(%d)\n",
|
||||
(int)aes_ctx_dst->status);
|
||||
}
|
||||
|
||||
OSA_memcpy(aes_ctx_dst, aes_ctx_src, sizeof(aes_ctx_t));
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
|
@ -0,0 +1,56 @@
|
|||
/**
|
||||
* Copyright (C) 2016 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#include "ali_crypto.h"
|
||||
|
||||
ali_crypto_result ali_ecc_get_keypair_size(size_t curve, size_t *size)
|
||||
{
|
||||
return ALI_CRYPTO_NOSUPPORT;
|
||||
}
|
||||
ali_crypto_result ali_ecc_get_pubkey_size(size_t curve, size_t *size)
|
||||
{
|
||||
return ALI_CRYPTO_NOSUPPORT;
|
||||
}
|
||||
ali_crypto_result ali_ecc_init_keypair(
|
||||
const uint8_t *x, size_t x_size,
|
||||
const uint8_t *y, size_t y_size,
|
||||
const uint8_t *d, size_t d_size,
|
||||
size_t curve, ecc_keypair_t *keypair)
|
||||
{
|
||||
return ALI_CRYPTO_NOSUPPORT;
|
||||
}
|
||||
ali_crypto_result ali_ecc_init_pubkey(
|
||||
const uint8_t *x, size_t x_size,
|
||||
const uint8_t *y, size_t y_size,
|
||||
size_t curve, ecc_pubkey_t *pubkey)
|
||||
{
|
||||
return ALI_CRYPTO_NOSUPPORT;
|
||||
}
|
||||
ali_crypto_result ali_ecc_gen_keypair(
|
||||
size_t curve, ecc_keypair_t *keypair)
|
||||
{
|
||||
return ALI_CRYPTO_NOSUPPORT;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_ecdsa_sign(const ecc_keypair_t *priv_key,
|
||||
const uint8_t *src, size_t src_size,
|
||||
uint8_t *signature, size_t *sig_size)
|
||||
{
|
||||
return ALI_CRYPTO_NOSUPPORT;
|
||||
}
|
||||
ali_crypto_result ali_ecdsa_verify(const ecc_pubkey_t *pub_key,
|
||||
const uint8_t *src, size_t src_size,
|
||||
const uint8_t *signature, size_t sig_size,
|
||||
bool *result)
|
||||
{
|
||||
return ALI_CRYPTO_NOSUPPORT;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_ecdh_derive_secret(
|
||||
const ecc_keypair_t *priv_key,
|
||||
const ecc_pubkey_t *peer_pubkey_key,
|
||||
uint8_t *shared_secret, size_t *secret_size)
|
||||
{
|
||||
return ALI_CRYPTO_NOSUPPORT;
|
||||
}
|
||||
401
Living_SDK/security/alicrypto/libalicrypto/mbed/hash/hash.c
Normal file
401
Living_SDK/security/alicrypto/libalicrypto/mbed/hash/hash.c
Normal file
|
|
@ -0,0 +1,401 @@
|
|||
/**
|
||||
* Copyright (C) 2017 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#include "mbed_crypto.h"
|
||||
#include "ali_crypto.h"
|
||||
|
||||
ali_crypto_result ali_hash_get_ctx_size(hash_type_t type, size_t *size)
|
||||
{
|
||||
if (NULL == size) {
|
||||
MBED_DBG_E("get_ctx_size: bad input!\n");
|
||||
return ALI_CRYPTO_INVALID_ARG;
|
||||
}
|
||||
|
||||
switch(type) {
|
||||
case SHA1:
|
||||
case SHA224:
|
||||
case SHA256:
|
||||
case SHA384:
|
||||
case SHA512:
|
||||
case MD5:
|
||||
break;
|
||||
|
||||
default:
|
||||
MBED_DBG_E("get_ctx_size: invalid hash type(%d)\n", type);
|
||||
return ALI_CRYPTO_INVALID_TYPE;
|
||||
}
|
||||
|
||||
*size = sizeof(hash_ctx_t);
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hash_init(hash_type_t type, void *context)
|
||||
{
|
||||
hash_ctx_t *hash_ctx;
|
||||
|
||||
if (NULL == context) {
|
||||
MBED_DBG_E("ali_hash_init: bad ctx!\n");
|
||||
return ALI_CRYPTO_INVALID_CONTEXT;
|
||||
}
|
||||
|
||||
hash_ctx = (hash_ctx_t *)context;
|
||||
if ((IS_VALID_CTX_MAGIC(hash_ctx->magic) &&
|
||||
hash_ctx->status != CRYPTO_STATUS_FINISHED) &&
|
||||
hash_ctx->status != CRYPTO_STATUS_CLEAN) {
|
||||
MBED_DBG_E("ali_hash_init: bad status(%d)\n", (int)hash_ctx->status);
|
||||
return ALI_CRYPTO_ERR_STATE;
|
||||
}
|
||||
|
||||
switch(type) {
|
||||
#ifdef MBEDTLS_SHA1_C
|
||||
case SHA1: {
|
||||
mbedtls_sha1_init(&hash_ctx->sha1_ctx);
|
||||
mbedtls_sha1_starts(&hash_ctx->sha1_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA256_C
|
||||
case SHA224: {
|
||||
mbedtls_sha256_init(&hash_ctx->sha256_ctx);
|
||||
mbedtls_sha256_starts(&hash_ctx->sha256_ctx, 1);
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA256: {
|
||||
mbedtls_sha256_init(&hash_ctx->sha256_ctx);
|
||||
mbedtls_sha256_starts(&hash_ctx->sha256_ctx, 0);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA512_C
|
||||
case SHA384: {
|
||||
mbedtls_sha512_init(&hash_ctx->sha512_ctx);
|
||||
mbedtls_sha512_starts(&hash_ctx->sha512_ctx, 1);
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA512: {
|
||||
mbedtls_sha512_init(&hash_ctx->sha512_ctx);
|
||||
mbedtls_sha512_starts(&hash_ctx->sha512_ctx, 0);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_MD5_C
|
||||
case MD5: {
|
||||
mbedtls_md5_init(&hash_ctx->md5_ctx);
|
||||
mbedtls_md5_starts(&hash_ctx->md5_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
default:
|
||||
MBED_DBG_E("ali_hash_init: invalid hash type(%d)\n", type);
|
||||
return ALI_CRYPTO_INVALID_TYPE;
|
||||
}
|
||||
|
||||
hash_ctx->type = type;
|
||||
hash_ctx->status = CRYPTO_STATUS_INITIALIZED;
|
||||
INIT_CTX_MAGIC(hash_ctx->magic);
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hash_update(const uint8_t *src, size_t size, void *context)
|
||||
{
|
||||
hash_ctx_t *hash_ctx;
|
||||
|
||||
if (context == NULL) {
|
||||
MBED_DBG_E("ali_hash_update: bad ctx!\n");
|
||||
return ALI_CRYPTO_INVALID_CONTEXT;
|
||||
}
|
||||
|
||||
if (src == NULL && size != 0) {
|
||||
MBED_DBG_E("ali_hash_update: bad args!\n");
|
||||
return ALI_CRYPTO_INVALID_ARG;
|
||||
}
|
||||
|
||||
hash_ctx = (hash_ctx_t *)context;
|
||||
if (!IS_VALID_CTX_MAGIC(hash_ctx->magic)) {
|
||||
MBED_DBG_E("ali_hash_update: bad magic!\n");
|
||||
return ALI_CRYPTO_INVALID_CONTEXT;
|
||||
}
|
||||
|
||||
if ((hash_ctx->status != CRYPTO_STATUS_INITIALIZED) &&
|
||||
(hash_ctx->status != CRYPTO_STATUS_PROCESSING)) {
|
||||
MBED_DBG_E("ali_hash_update: bad status(%d)\n", (int)hash_ctx->status);
|
||||
return ALI_CRYPTO_ERR_STATE;
|
||||
}
|
||||
|
||||
switch(hash_ctx->type) {
|
||||
#ifdef MBEDTLS_SHA1_C
|
||||
case SHA1: {
|
||||
mbedtls_sha1_update(&hash_ctx->sha1_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA256_C
|
||||
case SHA224: {
|
||||
mbedtls_sha256_update(&hash_ctx->sha256_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA256: {
|
||||
mbedtls_sha256_update(&hash_ctx->sha256_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA512_C
|
||||
case SHA384: {
|
||||
mbedtls_sha512_update(&hash_ctx->sha512_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA512: {
|
||||
mbedtls_sha512_update(&hash_ctx->sha512_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_MD5_C
|
||||
case MD5: {
|
||||
mbedtls_md5_update(&hash_ctx->md5_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
default:
|
||||
MBED_DBG_E("ali_hash_update: invalid hash type(%d)\n", hash_ctx->type);
|
||||
return ALI_CRYPTO_INVALID_TYPE;
|
||||
}
|
||||
|
||||
hash_ctx->status = CRYPTO_STATUS_PROCESSING;
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hash_final(uint8_t *dgst, void *context)
|
||||
{
|
||||
hash_ctx_t *hash_ctx;
|
||||
|
||||
if (context == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_hash_final: invalid context!\n");
|
||||
}
|
||||
if (dgst == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_hash_final: bad input args!\n");
|
||||
}
|
||||
|
||||
hash_ctx = (hash_ctx_t *)context;
|
||||
if (!IS_VALID_CTX_MAGIC(hash_ctx->magic)) {
|
||||
MBED_DBG_E("ali_hash_final: bad magic!\n");
|
||||
return ALI_CRYPTO_INVALID_CONTEXT;
|
||||
}
|
||||
|
||||
if ((hash_ctx->status != CRYPTO_STATUS_INITIALIZED) &&
|
||||
(hash_ctx->status != CRYPTO_STATUS_PROCESSING)) {
|
||||
MBED_DBG_E("ali_hash_final: bad status(%d)\n", (int)hash_ctx->status);
|
||||
return ALI_CRYPTO_ERR_STATE;
|
||||
}
|
||||
|
||||
switch(hash_ctx->type) {
|
||||
#ifdef MBEDTLS_SHA1_C
|
||||
case SHA1: {
|
||||
mbedtls_sha1_finish(&hash_ctx->sha1_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha1_free(&hash_ctx->sha1_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA256_C
|
||||
case SHA224: {
|
||||
mbedtls_sha256_finish(&hash_ctx->sha256_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha256_free(&hash_ctx->sha256_ctx);
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA256: {
|
||||
mbedtls_sha256_finish(&hash_ctx->sha256_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha256_free(&hash_ctx->sha256_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA512_C
|
||||
case SHA384: {
|
||||
mbedtls_sha512_finish(&hash_ctx->sha512_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha512_free(&hash_ctx->sha512_ctx);
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA512: {
|
||||
mbedtls_sha512_finish(&hash_ctx->sha512_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha512_free(&hash_ctx->sha512_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_MD5_C
|
||||
case MD5: {
|
||||
mbedtls_md5_finish(&hash_ctx->md5_ctx, (unsigned char *)dgst);
|
||||
mbedtls_md5_free(&hash_ctx->md5_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
default:
|
||||
MBED_DBG_E("ali_hash_final: invalid hash type(%d)\n", hash_ctx->type);
|
||||
return ALI_CRYPTO_INVALID_TYPE;
|
||||
}
|
||||
|
||||
CLEAN_CTX_MAGIC(hash_ctx->magic);
|
||||
hash_ctx->status = CRYPTO_STATUS_FINISHED;
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hash_digest(hash_type_t type,
|
||||
const uint8_t *src, size_t size, uint8_t *dgst)
|
||||
{
|
||||
hash_ctx_t hash_ctx;
|
||||
|
||||
if ((src == NULL && size != 0) || dgst == NULL) {
|
||||
MBED_DBG_E("ali_hash_digest: bad input args!\n");
|
||||
return ALI_CRYPTO_INVALID_ARG;
|
||||
}
|
||||
|
||||
switch(type) {
|
||||
#ifdef MBEDTLS_SHA1_C
|
||||
case SHA1: {
|
||||
mbedtls_sha1_init(&hash_ctx.sha1_ctx);
|
||||
mbedtls_sha1_starts(&hash_ctx.sha1_ctx);
|
||||
mbedtls_sha1_update(&hash_ctx.sha1_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
mbedtls_sha1_finish(&hash_ctx.sha1_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha1_free(&hash_ctx.sha1_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA256_C
|
||||
case SHA224: {
|
||||
mbedtls_sha256_init(&hash_ctx.sha256_ctx);
|
||||
mbedtls_sha256_starts(&hash_ctx.sha256_ctx, 1);
|
||||
mbedtls_sha256_update(&hash_ctx.sha256_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
mbedtls_sha256_finish(&hash_ctx.sha256_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha256_free(&hash_ctx.sha256_ctx);
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA256: {
|
||||
mbedtls_sha256_init(&hash_ctx.sha256_ctx);
|
||||
mbedtls_sha256_starts(&hash_ctx.sha256_ctx, 0);
|
||||
mbedtls_sha256_update(&hash_ctx.sha256_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
mbedtls_sha256_finish(&hash_ctx.sha256_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha256_free(&hash_ctx.sha256_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_SHA512_C
|
||||
case SHA384: {
|
||||
mbedtls_sha512_init(&hash_ctx.sha512_ctx);
|
||||
mbedtls_sha512_starts(&hash_ctx.sha512_ctx, 1);
|
||||
mbedtls_sha512_update(&hash_ctx.sha512_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
mbedtls_sha512_finish(&hash_ctx.sha512_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha512_free(&hash_ctx.sha512_ctx);
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA512: {
|
||||
mbedtls_sha512_init(&hash_ctx.sha512_ctx);
|
||||
mbedtls_sha512_starts(&hash_ctx.sha512_ctx, 0);
|
||||
mbedtls_sha512_update(&hash_ctx.sha512_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
mbedtls_sha512_finish(&hash_ctx.sha512_ctx, (unsigned char *)dgst);
|
||||
mbedtls_sha512_free(&hash_ctx.sha512_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef MBEDTLS_MD5_C
|
||||
case MD5: {
|
||||
mbedtls_md5_init(&hash_ctx.md5_ctx);
|
||||
mbedtls_md5_starts(&hash_ctx.md5_ctx);
|
||||
mbedtls_md5_update(&hash_ctx.md5_ctx,
|
||||
(const unsigned char *)src, size);
|
||||
mbedtls_md5_finish(&hash_ctx.md5_ctx, (unsigned char *)dgst);
|
||||
mbedtls_md5_free(&hash_ctx.md5_ctx);
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
default:
|
||||
MBED_DBG_E("ali_hash_digest: invalid hash type(%d)\n", type);
|
||||
return ALI_CRYPTO_INVALID_TYPE;
|
||||
}
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hash_reset(void *context)
|
||||
{
|
||||
hash_ctx_t *hash_ctx;
|
||||
|
||||
if (context == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_hash_reset: invalid context!\n");
|
||||
}
|
||||
|
||||
hash_ctx = (hash_ctx_t *)context;
|
||||
#if 0
|
||||
if (!IS_VALID_CTX_MAGIC(hash_ctx->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_hash_reset: bad magic!");
|
||||
}
|
||||
#endif
|
||||
|
||||
OSA_memset(hash_ctx, 0, sizeof(hash_ctx_t));
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hash_copy_context(void *dst_ctx, void *src_ctx)
|
||||
{
|
||||
hash_ctx_t *hash_ctx_src, *hash_ctx_dst;
|
||||
|
||||
if ((src_ctx == NULL) || (dst_ctx == NULL)) {
|
||||
MBED_DBG_E("ali_hash_copy_context: bad input args!\n");
|
||||
return ALI_CRYPTO_INVALID_ARG;
|
||||
}
|
||||
|
||||
hash_ctx_src = (hash_ctx_t *)src_ctx;
|
||||
if (!IS_VALID_CTX_MAGIC(hash_ctx_src->magic)) {
|
||||
MBED_DBG_E("ali_hash_copy_context: bad magic!\n");
|
||||
return ALI_CRYPTO_INVALID_CONTEXT;
|
||||
}
|
||||
/* only can copy to one un-initialized context */
|
||||
hash_ctx_dst = (hash_ctx_t *)dst_ctx;
|
||||
if ((IS_VALID_CTX_MAGIC(hash_ctx_dst->magic)) &&
|
||||
((hash_ctx_dst->status == CRYPTO_STATUS_INITIALIZED) ||
|
||||
(hash_ctx_dst->status == CRYPTO_STATUS_PROCESSING) ||
|
||||
(hash_ctx_dst->status == CRYPTO_STATUS_FINISHED))) {
|
||||
MBED_DBG_E("ali_hash_copy_context: bad status(%d)\n",
|
||||
(int)hash_ctx_dst->status);
|
||||
return ALI_CRYPTO_ERR_STATE;
|
||||
}
|
||||
|
||||
OSA_memcpy(hash_ctx_dst, hash_ctx_src, sizeof(hash_ctx_t));
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
|
@ -0,0 +1,155 @@
|
|||
/*
|
||||
* Copyright (C) 2017 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#ifndef _MBED_CRYPTO_H_
|
||||
#define _MBED_CRYPTO_H_
|
||||
|
||||
#include "ali_crypto.h"
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include "aes.h"
|
||||
#include "sha1.h"
|
||||
#include "sha256.h"
|
||||
#include "sha512.h"
|
||||
#include "md.h"
|
||||
#include "hash.h"
|
||||
#include "md5.h"
|
||||
#include "rsa.h"
|
||||
#include "hmac.h"
|
||||
|
||||
#if CONFIG_DBG_CRYPT
|
||||
#define MBED_DBG_E(_f, _a ...) \
|
||||
printf("E %s %d: "_f, __FUNCTION__, __LINE__, ##_a)
|
||||
#define MBED_DBG_I(_f, ...) \
|
||||
printf("I %s %d: "_f, __FUNCTION__, __LINE__, ##_a)
|
||||
#else
|
||||
#define MBED_DBG_E(_f, _a...)
|
||||
#define MBED_DBG_I(_f, _a...)
|
||||
#endif
|
||||
|
||||
#define PRINT_RET(_ret, _f, ...) \
|
||||
do { \
|
||||
MBED_DBG_E(_f, ##__VA_ARGS__); \
|
||||
return (ali_crypto_result)_ret; \
|
||||
} while (0);
|
||||
|
||||
#define GO_RET(_ret, _f, ...) \
|
||||
do { \
|
||||
MBED_DBG_E(_f, ##__VA_ARGS__); \
|
||||
result = (ali_crypto_result)_ret; \
|
||||
goto _OUT; \
|
||||
} while (0);
|
||||
|
||||
#define INIT_CTX_MAGIC(m) (m = 0x12345678)
|
||||
#define IS_VALID_CTX_MAGIC(m) (0x12345678 == m)
|
||||
#define CLEAN_CTX_MAGIC(m) (m = 0x0)
|
||||
|
||||
#ifdef MBEDTLS_IOT_PLAT_AOS
|
||||
#include <aos/kernel.h>
|
||||
#define OSA_malloc(_size) aos_malloc(_size)
|
||||
#define OSA_free(_ptr) aos_free(_ptr)
|
||||
#else
|
||||
#define OSA_malloc(_size) malloc(_size)
|
||||
#define OSA_free(_ptr) free(_ptr)
|
||||
#endif
|
||||
|
||||
#define OSA_memcpy(_dst, _src, _size) memcpy(_dst, _src, _size)
|
||||
#define OSA_memset(_src, _val, _size) memset(_src, _val, _size)
|
||||
#define OSA_memcmp(_dst, _src, _size) memcmp(_dst, _src, _size)
|
||||
#define OSA_strlen(_str) strlen(_str)
|
||||
|
||||
enum
|
||||
{
|
||||
PK_PUBLIC = 0,
|
||||
PK_PRIVATE = 1
|
||||
};
|
||||
|
||||
typedef struct _hash_ctx_t
|
||||
{
|
||||
uint32_t magic;
|
||||
uint32_t status;
|
||||
hash_type_t type;
|
||||
|
||||
union
|
||||
{
|
||||
uint8_t sym_ctx[1];
|
||||
mbedtls_md5_context md5_ctx;
|
||||
mbedtls_sha1_context sha1_ctx;
|
||||
mbedtls_sha256_context sha256_ctx;
|
||||
mbedtls_sha512_context sha512_ctx;
|
||||
};
|
||||
} hash_ctx_t;
|
||||
|
||||
typedef struct _hmac_ctx_t
|
||||
{
|
||||
uint32_t magic;
|
||||
uint32_t status;
|
||||
hash_type_t type;
|
||||
|
||||
union
|
||||
{
|
||||
uint8_t sym_ctx[1];
|
||||
mbedtls_hash_context_t ctx;
|
||||
};
|
||||
} hmac_ctx_t;
|
||||
|
||||
typedef struct _cts_ctx_t
|
||||
{
|
||||
uint32_t is_ecb;
|
||||
} cts_ctx_t;
|
||||
|
||||
typedef struct _xts_ctx_t
|
||||
{
|
||||
uint8_t tweak[16];
|
||||
} xts_ctx_t;
|
||||
|
||||
typedef struct _aes_ctx_t
|
||||
{
|
||||
uint32_t magic;
|
||||
uint32_t status;
|
||||
aes_type_t type;
|
||||
uint32_t is_enc;
|
||||
uint8_t iv[AES_IV_SIZE];
|
||||
size_t offset;
|
||||
uint8_t stream_block[AES_BLOCK_SIZE];
|
||||
union
|
||||
{
|
||||
uint8_t sym_ctx[1];
|
||||
mbedtls_aes_context ctx;
|
||||
};
|
||||
} aes_ctx_t;
|
||||
|
||||
|
||||
typedef struct _des_ctx_t
|
||||
{
|
||||
uint32_t magic;
|
||||
uint32_t status;
|
||||
des_type_t type;
|
||||
uint32_t is_enc;
|
||||
union
|
||||
{
|
||||
uint8_t sym_ctx[1];
|
||||
};
|
||||
} des_ctx_t;
|
||||
|
||||
typedef struct _ae_ctx_t
|
||||
{
|
||||
uint32_t magic;
|
||||
uint32_t status;
|
||||
authenc_type_t type;
|
||||
uint32_t is_enc;
|
||||
uint32_t tag_len;
|
||||
} ae_ctx_t;
|
||||
|
||||
ali_crypto_result mbed_crypto_init(void);
|
||||
void mbed_crypto_cleanup(void);
|
||||
|
||||
#endif /* _MBED_CRYPTO_H_ */
|
||||
309
Living_SDK/security/alicrypto/libalicrypto/mbed/mac/hmac.c
Normal file
309
Living_SDK/security/alicrypto/libalicrypto/mbed/mac/hmac.c
Normal file
|
|
@ -0,0 +1,309 @@
|
|||
/**
|
||||
* Copyright (C) 2017 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#include "mbed_crypto.h"
|
||||
#include "ali_crypto.h"
|
||||
|
||||
ali_crypto_result ali_hmac_get_ctx_size(hash_type_t type, size_t *size)
|
||||
{
|
||||
if (size == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "get_ctx_size: bad input!\n");
|
||||
}
|
||||
|
||||
switch(type) {
|
||||
case SHA1:
|
||||
case SHA224:
|
||||
case SHA256:
|
||||
case SHA384:
|
||||
case SHA512:
|
||||
case MD5:
|
||||
break;
|
||||
|
||||
default:
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_TYPE,
|
||||
"get_ctx_size: invalid hmac type(%d)\n", type);
|
||||
}
|
||||
|
||||
*size = sizeof(hmac_ctx_t);
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hmac_init(hash_type_t type,
|
||||
const uint8_t *key, size_t keybytes, void *context)
|
||||
{
|
||||
int ret;
|
||||
hmac_ctx_t *hmac_ctx;
|
||||
const mbedtls_hash_info_t *md_info;
|
||||
mbedtls_md_type_t md_type;
|
||||
int zero_tmp_key;
|
||||
|
||||
if (context == NULL ||
|
||||
((key == NULL) && (keybytes != 0))) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_hmac_init: bad input args!\n");
|
||||
}
|
||||
|
||||
hmac_ctx = (hmac_ctx_t *)context;
|
||||
if ((IS_VALID_CTX_MAGIC(hmac_ctx->magic) &&
|
||||
hmac_ctx->status != CRYPTO_STATUS_FINISHED) &&
|
||||
hmac_ctx->status != CRYPTO_STATUS_CLEAN) {
|
||||
PRINT_RET(ALI_CRYPTO_ERR_STATE,
|
||||
"ali_hmac_init: bad status(%d)\n", (int)hmac_ctx->status);
|
||||
}
|
||||
|
||||
mbedtls_hash_init(&hmac_ctx->ctx);
|
||||
|
||||
switch(type) {
|
||||
case SHA1: {
|
||||
md_type = MBEDTLS_MD_SHA1;
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA224: {
|
||||
md_type = MBEDTLS_MD_SHA224;
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA256: {
|
||||
md_type = MBEDTLS_MD_SHA256;
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA384: {
|
||||
md_type = MBEDTLS_MD_SHA384;
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA512: {
|
||||
md_type = MBEDTLS_MD_SHA512;
|
||||
break;
|
||||
}
|
||||
|
||||
case MD5: {
|
||||
md_type = MBEDTLS_MD_MD5;
|
||||
break;
|
||||
}
|
||||
|
||||
default:
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_TYPE,
|
||||
"ali_hmac_init: invalid hash type(%d)\n", type);
|
||||
}
|
||||
|
||||
md_info = mbedtls_hash_info_from_type(md_type);
|
||||
if(NULL == md_info) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_TYPE,
|
||||
"ali_hmac_init: invalid hash type(%d)\n", md_type);
|
||||
}
|
||||
|
||||
ret = mbedtls_hash_setup(&hmac_ctx->ctx, md_info, 1);
|
||||
if(0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_TYPE,
|
||||
"ali_hmac_init: invalid hash type(%d)\n", md_type);
|
||||
}
|
||||
|
||||
if (keybytes) {
|
||||
ret = mbedtls_hmac_starts(&hmac_ctx->ctx, key, keybytes);
|
||||
} else {
|
||||
/* feed 4 bytes zero key */
|
||||
zero_tmp_key = 0;
|
||||
ret = mbedtls_hmac_starts(&hmac_ctx->ctx,
|
||||
(const unsigned char *)&zero_tmp_key,
|
||||
(size_t)(sizeof(zero_tmp_key)));
|
||||
}
|
||||
|
||||
if (ALI_CRYPTO_SUCCESS != ret) {
|
||||
mbedtls_hash_free(&hmac_ctx->ctx);
|
||||
PRINT_RET(ALI_CRYPTO_ERROR, "ali_hmac_init: fail to init hmac!\n");
|
||||
}
|
||||
|
||||
hmac_ctx->type = type;
|
||||
hmac_ctx->status = CRYPTO_STATUS_INITIALIZED;
|
||||
INIT_CTX_MAGIC(hmac_ctx->magic);
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hmac_update(const uint8_t *src, size_t size, void *context)
|
||||
{
|
||||
int ret;
|
||||
hmac_ctx_t *hmac_ctx;
|
||||
|
||||
if (context == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_hmac_update: bad ctx!\n");
|
||||
}
|
||||
|
||||
if (src == NULL && size != 0) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_hmac_update: bad args!\n");
|
||||
}
|
||||
|
||||
hmac_ctx = (hmac_ctx_t *)context;
|
||||
if (!IS_VALID_CTX_MAGIC(hmac_ctx->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_hmac_update: bad magic!\n");
|
||||
}
|
||||
|
||||
if ((hmac_ctx->status != CRYPTO_STATUS_INITIALIZED) &&
|
||||
(hmac_ctx->status != CRYPTO_STATUS_PROCESSING)) {
|
||||
PRINT_RET(ALI_CRYPTO_ERR_STATE,
|
||||
"ali_hmac_update: bad status(%d)\n", (int)hmac_ctx->status);
|
||||
}
|
||||
|
||||
ret = mbedtls_hmac_update(&hmac_ctx->ctx,
|
||||
(const unsigned char *)src, size);
|
||||
if (ALI_CRYPTO_SUCCESS != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR, "ali_hmac_update: hmac_process fail!\n");
|
||||
}
|
||||
|
||||
hmac_ctx->status = CRYPTO_STATUS_PROCESSING;
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hmac_final(uint8_t *dgst, void *context)
|
||||
{
|
||||
int ret;
|
||||
hmac_ctx_t *hmac_ctx;
|
||||
|
||||
if (context == NULL || dgst == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_hmac_final: bad input args!\n");
|
||||
}
|
||||
|
||||
hmac_ctx = (hmac_ctx_t *)context;
|
||||
if (!IS_VALID_CTX_MAGIC(hmac_ctx->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_hmac_final: bad magic!\n");
|
||||
}
|
||||
|
||||
if ((hmac_ctx->status != CRYPTO_STATUS_INITIALIZED) &&
|
||||
(hmac_ctx->status != CRYPTO_STATUS_PROCESSING)) {
|
||||
PRINT_RET(ALI_CRYPTO_ERR_STATE,
|
||||
"ali_hmac_final: bad status(%d)\n", (int)hmac_ctx->status);
|
||||
}
|
||||
|
||||
ret = mbedtls_hmac_finish(&hmac_ctx->ctx, dgst);
|
||||
if (ALI_CRYPTO_SUCCESS != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR, "ali_hmac_final: hmac_done fail!\n");
|
||||
}
|
||||
|
||||
CLEAN_CTX_MAGIC(hmac_ctx->magic);
|
||||
hmac_ctx->status = CRYPTO_STATUS_FINISHED;
|
||||
|
||||
mbedtls_hash_free(&hmac_ctx->ctx);
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hmac_digest(hash_type_t type,
|
||||
const uint8_t *key, size_t keybytes,
|
||||
const uint8_t *src, size_t size, uint8_t *dgst)
|
||||
{
|
||||
int ret;
|
||||
const mbedtls_hash_info_t *md_info;
|
||||
mbedtls_md_type_t md_type;
|
||||
|
||||
if ((src == NULL && size != 0) ||
|
||||
key == NULL || keybytes == 0|| dgst == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_hmac_digest: bad input args!\n");
|
||||
}
|
||||
|
||||
switch(type) {
|
||||
case SHA1: {
|
||||
md_type = MBEDTLS_MD_SHA1;
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA224: {
|
||||
md_type = MBEDTLS_MD_SHA224;
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA256: {
|
||||
md_type = MBEDTLS_MD_SHA256;
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA384: {
|
||||
md_type = MBEDTLS_MD_SHA384;
|
||||
break;
|
||||
}
|
||||
|
||||
case SHA512: {
|
||||
md_type = MBEDTLS_MD_SHA512;
|
||||
break;
|
||||
}
|
||||
|
||||
case MD5: {
|
||||
md_type = MBEDTLS_MD_MD5;
|
||||
break;
|
||||
}
|
||||
|
||||
default:
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_TYPE,
|
||||
"ali_hmac_digest: invalid hash type(%d)\n", type);
|
||||
}
|
||||
|
||||
md_info = mbedtls_hash_info_from_type(md_type);
|
||||
if(NULL == md_info) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_TYPE,
|
||||
"ali_hmac_init: invalid hash type(%d)\n", md_type);
|
||||
}
|
||||
|
||||
ret = mbedtls_hash_hmac(md_info, key, keybytes, src, size, dgst);
|
||||
if (ret != ALI_CRYPTO_SUCCESS) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR, "ali_hmac_digest: hmac_memory fail!\n");
|
||||
}
|
||||
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hmac_reset(void *context)
|
||||
{
|
||||
hmac_ctx_t *hmac_ctx;
|
||||
int32_t ret;
|
||||
|
||||
if (context == NULL) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG, "ali_hmac_reset: bad input args!\n");
|
||||
}
|
||||
|
||||
hmac_ctx = (hmac_ctx_t *)context;
|
||||
if (!IS_VALID_CTX_MAGIC(hmac_ctx->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT, "ali_hmac_reset: bad magic!\n");
|
||||
}
|
||||
|
||||
ret = mbedtls_hmac_reset(&hmac_ctx->ctx);
|
||||
if (0 != ret) {
|
||||
PRINT_RET(ALI_CRYPTO_ERROR,
|
||||
"ali_hmac_reset: mbedtls_md_hmac_reset fial %d!\n", (int)ret);
|
||||
}
|
||||
|
||||
OSA_memset(hmac_ctx, 0, sizeof(hmac_ctx_t));
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
ali_crypto_result ali_hmac_copy_context(void *dst_ctx, void *src_ctx)
|
||||
{
|
||||
hmac_ctx_t *hmac_ctx_src, *hmac_ctx_dst;
|
||||
|
||||
if ((src_ctx == NULL) || (dst_ctx == NULL)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_ARG,
|
||||
"ali_hmac_copy_context: bad input args!\n");
|
||||
}
|
||||
|
||||
hmac_ctx_src = (hmac_ctx_t *)src_ctx;
|
||||
if (!IS_VALID_CTX_MAGIC(hmac_ctx_src->magic)) {
|
||||
PRINT_RET(ALI_CRYPTO_INVALID_CONTEXT,
|
||||
"ali_hmac_copy_context: bad magic!\n");
|
||||
}
|
||||
|
||||
/* only can copy to one un-initialized context */
|
||||
hmac_ctx_dst = (hmac_ctx_t *)dst_ctx;
|
||||
if ((IS_VALID_CTX_MAGIC(hmac_ctx_dst->magic)) &&
|
||||
((hmac_ctx_dst->status == CRYPTO_STATUS_INITIALIZED) ||
|
||||
(hmac_ctx_dst->status == CRYPTO_STATUS_PROCESSING) ||
|
||||
(hmac_ctx_dst->status == CRYPTO_STATUS_FINISHED))) {
|
||||
PRINT_RET(ALI_CRYPTO_ERR_STATE,
|
||||
"ali_hmac_copy_context: bad status(%d)\n", (int)hmac_ctx_dst->status);
|
||||
}
|
||||
OSA_memcpy(hmac_ctx_dst, hmac_ctx_src, sizeof(hmac_ctx_t));
|
||||
return ALI_CRYPTO_SUCCESS;
|
||||
}
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
|
||||
/**
|
||||
* Copyright (C) 2017 The YunOS Project. All rights reserved.
|
||||
**/
|
||||
|
||||
|
|
@ -0,0 +1,444 @@
|
|||
/**
|
||||
* Copyright (C) 2016 The YunOS Project. All rights reserved.
|
||||
*/
|
||||
|
||||
#include "tee_osa.h"
|
||||
#include "tomcrypt.h"
|
||||
|
||||
static int _g_prng_idx = 0;
|
||||
static prng_state _g_prng_state;
|
||||
|
||||
static uint8_t RSA_1024_N[128] = {
|
||||
0xa5, 0x6e, 0x4a, 0x0e, 0x70, 0x10, 0x17, 0x58,
|
||||
0x9a, 0x51, 0x87, 0xdc, 0x7e, 0xa8, 0x41, 0xd1,
|
||||
0x56, 0xf2, 0xec, 0x0e, 0x36, 0xad, 0x52, 0xa4,
|
||||
0x4d, 0xfe, 0xb1, 0xe6, 0x1f, 0x7a, 0xd9, 0x91,
|
||||
0xd8, 0xc5, 0x10, 0x56, 0xff, 0xed, 0xb1, 0x62,
|
||||
0xb4, 0xc0, 0xf2, 0x83, 0xa1, 0x2a, 0x88, 0xa3,
|
||||
0x94, 0xdf, 0xf5, 0x26, 0xab, 0x72, 0x91, 0xcb,
|
||||
0xb3, 0x07, 0xce, 0xab, 0xfc, 0xe0, 0xb1, 0xdf,
|
||||
0xd5, 0xcd, 0x95, 0x08, 0x09, 0x6d, 0x5b, 0x2b,
|
||||
0x8b, 0x6d, 0xf5, 0xd6, 0x71, 0xef, 0x63, 0x77,
|
||||
0xc0, 0x92, 0x1c, 0xb2, 0x3c, 0x27, 0x0a, 0x70,
|
||||
0xe2, 0x59, 0x8e, 0x6f, 0xf8, 0x9d, 0x19, 0xf1,
|
||||
0x05, 0xac, 0xc2, 0xd3, 0xf0, 0xcb, 0x35, 0xf2,
|
||||
0x92, 0x80, 0xe1, 0x38, 0x6b, 0x6f, 0x64, 0xc4,
|
||||
0xef, 0x22, 0xe1, 0xe1, 0xf2, 0x0d, 0x0c, 0xe8,
|
||||
0xcf, 0xfb, 0x22, 0x49, 0xbd, 0x9a, 0x21, 0x37
|
||||
};
|
||||
static uint8_t RSA_1024_E[3] = {0x01, 0x00, 0x01};
|
||||
static uint8_t RSA_1024_D[128] = {
|
||||
0x33, 0xa5, 0x04, 0x2a, 0x90, 0xb2, 0x7d, 0x4f,
|
||||
0x54, 0x51, 0xca, 0x9b, 0xbb, 0xd0, 0xb4, 0x47,
|
||||
0x71, 0xa1, 0x01, 0xaf, 0x88, 0x43, 0x40, 0xae,
|
||||
0xf9, 0x88, 0x5f, 0x2a, 0x4b, 0xbe, 0x92, 0xe8,
|
||||
0x94, 0xa7, 0x24, 0xac, 0x3c, 0x56, 0x8c, 0x8f,
|
||||
0x97, 0x85, 0x3a, 0xd0, 0x7c, 0x02, 0x66, 0xc8,
|
||||
0xc6, 0xa3, 0xca, 0x09, 0x29, 0xf1, 0xe8, 0xf1,
|
||||
0x12, 0x31, 0x88, 0x44, 0x29, 0xfc, 0x4d, 0x9a,
|
||||
0xe5, 0x5f, 0xee, 0x89, 0x6a, 0x10, 0xce, 0x70,
|
||||
0x7c, 0x3e, 0xd7, 0xe7, 0x34, 0xe4, 0x47, 0x27,
|
||||
0xa3, 0x95, 0x74, 0x50, 0x1a, 0x53, 0x26, 0x83,
|
||||
0x10, 0x9c, 0x2a, 0xba, 0xca, 0xba, 0x28, 0x3c,
|
||||
0x31, 0xb4, 0xbd, 0x2f, 0x53, 0xc3, 0xee, 0x37,
|
||||
0xe3, 0x52, 0xce, 0xe3, 0x4f, 0x9e, 0x50, 0x3b,
|
||||
0xd8, 0x0c, 0x06, 0x22, 0xad, 0x79, 0xc6, 0xdc,
|
||||
0xee, 0x88, 0x35, 0x47, 0xc6, 0xa3, 0xb3, 0x25
|
||||
};
|
||||
|
||||
static void _print_data(const char *name, uint8_t *data, size_t size)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
if (data == NULL || size == 0) {
|
||||
printf("print_data: no data\n");
|
||||
return;
|
||||
}
|
||||
|
||||
printf("%s size: %d\n", name, size);
|
||||
for (i = 0; i < size - size % 8; i += 8) {
|
||||
printf("%s data: %02x%02x %02x%02x %02x%02x %02x%02x\n",
|
||||
name,
|
||||
data[i+0], data[i+1], data[i+2], data[i+3],
|
||||
data[i+4], data[i+5], data[i+6], data[i+7]);
|
||||
}
|
||||
while(i < size) {
|
||||
printf("%s data: %02x\n", name, data[i]);
|
||||
i++;
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
static void _print_rsa_key(rsa_key *key)
|
||||
{
|
||||
uint32_t len;
|
||||
uint8_t tmp[256];
|
||||
|
||||
printf("RSA %s key:\n", (key->type == PK_PUBLIC)? "public" : "private");
|
||||
if (key->type == PK_PUBLIC) {
|
||||
len = mp_unsigned_bin_size(key->N);
|
||||
mp_to_unsigned_bin(key->N, tmp);
|
||||
_print_data("RSA N", tmp, len);
|
||||
|
||||
len = mp_unsigned_bin_size(key->e);
|
||||
mp_to_unsigned_bin(key->e, tmp);
|
||||
_print_data("RSA e", tmp, len);
|
||||
} else {
|
||||
len = mp_unsigned_bin_size(key->N);
|
||||
mp_to_unsigned_bin(key->N, tmp);
|
||||
_print_data("RSA N", tmp, len);
|
||||
|
||||
len = mp_unsigned_bin_size(key->e);
|
||||
mp_to_unsigned_bin(key->e, tmp);
|
||||
_print_data("RSA e", tmp, len);
|
||||
|
||||
len = mp_unsigned_bin_size(key->d);
|
||||
mp_to_unsigned_bin(key->d, tmp);
|
||||
_print_data("RSA d", tmp, len);
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
static int _rsa_test_gen_key(rsa_key *key)
|
||||
{
|
||||
int ret;
|
||||
|
||||
ret = rsa_make_key(&_g_prng_state, _g_prng_idx, 1024/8, 65537, key);
|
||||
if (ret != CRYPT_OK) {
|
||||
printf("rsa make key fail(%d)\n", ret);
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int _rsa_test_init_key(rsa_key *key)
|
||||
{
|
||||
int ret;
|
||||
int type;
|
||||
|
||||
type = key->type;
|
||||
memset(key, 0, sizeof(rsa_key));
|
||||
key->type = type;
|
||||
|
||||
ret = mp_init_multi(&key->N, &key->e, &key->d, NULL);
|
||||
if (ret < 0) {
|
||||
printf("init_key: mp init multi fail(%d)\n", ret);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (key->type == PK_PUBLIC) {
|
||||
mp_read_unsigned_bin(key->N, RSA_1024_N, 1024/8);
|
||||
mp_read_unsigned_bin(key->e, RSA_1024_E, 3);
|
||||
} else {
|
||||
mp_read_unsigned_bin(key->N, RSA_1024_N, 1024/8);
|
||||
mp_read_unsigned_bin(key->e, RSA_1024_E, 3);
|
||||
mp_read_unsigned_bin(key->d, RSA_1024_D, 1024/8);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int _rsa_test_encrypt_decrypt_nopad(void)
|
||||
{
|
||||
int ret = 0;
|
||||
rsa_key key;
|
||||
uint8_t src_data[128];
|
||||
uint8_t plaintext[128];
|
||||
uint8_t ciphertext[128];
|
||||
ulong_t src_size = 128;
|
||||
ulong_t dst_size = 128;
|
||||
|
||||
ret = _rsa_test_gen_key(&key);
|
||||
if (ret < 0) {
|
||||
printf("rsa gen key fail\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* public encrypt */
|
||||
memset(src_data, 0xa, src_size);
|
||||
ret = rsa_exptmod(src_data, src_size,
|
||||
ciphertext, &dst_size, PK_PUBLIC, &key);
|
||||
if (ret != CRYPT_OK) {
|
||||
printf("public encrypt fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
/* private decrypt */
|
||||
dst_size = 128;
|
||||
ret = rsa_exptmod(ciphertext, src_size,
|
||||
plaintext, &dst_size, PK_PRIVATE, &key);
|
||||
if (ret != CRYPT_OK) {
|
||||
printf("private decrypt fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
if (memcmp(src_data, plaintext, src_size)) {
|
||||
printf("RSA encrypt and decrypt with no-padding fail!\n");
|
||||
_print_data("plaintext", plaintext, dst_size);
|
||||
_print_data("ciphertext", ciphertext, dst_size);
|
||||
} else {
|
||||
printf("RSA encrypt and decrypt with no-padding success!\n");
|
||||
}
|
||||
|
||||
_out:
|
||||
rsa_free(&key);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int _rsa_test_encrypt_decrypt_v1_5(void)
|
||||
{
|
||||
int ret, stat;
|
||||
rsa_key key;
|
||||
uint8_t src_data[128];
|
||||
uint8_t plaintext[128];
|
||||
uint8_t ciphertext[128];
|
||||
ulong_t src_size = 117;
|
||||
ulong_t dst_size = 128;
|
||||
|
||||
ret = _rsa_test_gen_key(&key);
|
||||
if (ret < 0) {
|
||||
printf("rsa gen key fail\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* public encrypt */
|
||||
memset(src_data, 0xa, src_size);
|
||||
ret = rsa_encrypt_key_ex(src_data, src_size, ciphertext, &dst_size,
|
||||
NULL, 0, &_g_prng_state, _g_prng_idx, 0, LTC_PKCS_1_V1_5, &key);
|
||||
if (ret != CRYPT_OK) {
|
||||
printf("public encrypt with pkcs1_v1_5 fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
/* private decrypt */
|
||||
dst_size = 128;
|
||||
ret = rsa_decrypt_key_ex(ciphertext, 128, plaintext, &dst_size,
|
||||
NULL, 0, 0, LTC_PKCS_1_V1_5, &stat, &key);
|
||||
if (ret != CRYPT_OK || stat != 1) {
|
||||
printf("private decrypt with pkcs1_v1_5 fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
if (memcmp(src_data, plaintext, src_size)) {
|
||||
printf("RSA encrypt and decrypt with pkcs1_v1_5 fail!\n");
|
||||
_print_data("plaintext", plaintext, src_size);
|
||||
_print_data("ciphertext", ciphertext, dst_size);
|
||||
} else {
|
||||
printf("RSA encrypt and decrypt with pkcs1_v_5 success!\n");
|
||||
}
|
||||
|
||||
_out:
|
||||
rsa_free(&key);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int _rsa_test_encrypt_decrypt_oaep(void)
|
||||
{
|
||||
int ret, stat;
|
||||
rsa_key key;
|
||||
int hash_idx;
|
||||
uint8_t src_data[128];
|
||||
uint8_t plaintext[128];
|
||||
uint8_t ciphertext[128];
|
||||
ulong_t src_size = 86;
|
||||
ulong_t dst_size = 128;
|
||||
uint8_t lparam[] = {0x01, 0x02, 0x03, 0x04};
|
||||
|
||||
key.type = PK_PRIVATE;
|
||||
ret = _rsa_test_init_key(&key);
|
||||
if (ret < 0) {
|
||||
printf("rsa init key fail\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
hash_idx = find_hash("sha1");
|
||||
if (hash_idx < 0) {
|
||||
printf("not find sha1\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* public encrypt without lparam */
|
||||
memset(src_data, 0xa, src_size);
|
||||
ret = rsa_encrypt_key_ex(src_data, src_size, ciphertext, &dst_size,
|
||||
NULL, 0, &_g_prng_state, _g_prng_idx, hash_idx, LTC_PKCS_1_OAEP, &key);
|
||||
if (ret != CRYPT_OK) {
|
||||
printf("public encrypt with oaep(without lparam) fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
/* private decrypt without lparam*/
|
||||
ret = rsa_decrypt_key_ex(ciphertext, 128, plaintext, &dst_size,
|
||||
NULL, 0, hash_idx, LTC_PKCS_1_OAEP, &stat, &key);
|
||||
if (ret != CRYPT_OK || stat != 1) {
|
||||
printf("private decrypt with oaep(without lparam) fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
if (memcmp(src_data, plaintext, src_size)) {
|
||||
printf("RSA encrypt and decrypt with pkcs1_oaep(without lparam) fail!\n");
|
||||
_print_data("plaintext", plaintext, src_size);
|
||||
_print_data("ciphertext", ciphertext, dst_size);
|
||||
} else {
|
||||
printf("RSA encrypt and decrypt with pkcs1_oaep(without lparam) success!\n");
|
||||
}
|
||||
|
||||
/* public encrypt with lparam */
|
||||
dst_size = 128;
|
||||
ret = rsa_encrypt_key_ex(src_data, src_size, ciphertext, &dst_size,
|
||||
lparam, sizeof(lparam), &_g_prng_state, _g_prng_idx, hash_idx, LTC_PKCS_1_OAEP, &key);
|
||||
if (ret != CRYPT_OK) {
|
||||
printf("public encrypt with oaep(with lparam) fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
/* private decrypt with lparam*/
|
||||
ret = rsa_decrypt_key_ex(ciphertext, 128, plaintext, &dst_size,
|
||||
lparam, sizeof(lparam), hash_idx, LTC_PKCS_1_OAEP, &stat, &key);
|
||||
if (ret != CRYPT_OK || stat != 1) {
|
||||
printf("private decrypt with oaep(with lparam) fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
if (memcmp(src_data, plaintext, src_size)) {
|
||||
printf("RSA encrypt and decrypt with pkcs1_oaep(with lparam) fail!\n");
|
||||
_print_data("plaintext", plaintext, src_size);
|
||||
_print_data("ciphertext", ciphertext, dst_size);
|
||||
} else {
|
||||
printf("RSA encrypt and decrypt with pkcs1_oaep(with lparam) success!\n");
|
||||
}
|
||||
|
||||
_out:
|
||||
rsa_free(&key);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int _rsa_test_sign_verify(void)
|
||||
{
|
||||
int ret;
|
||||
int stat;
|
||||
rsa_key key;
|
||||
int hash_idx;
|
||||
ulong_t src_size;
|
||||
ulong_t sig_size = 128;
|
||||
uint8_t src_data[64];
|
||||
uint8_t signature[128];
|
||||
|
||||
ret = _rsa_test_gen_key(&key);
|
||||
if (ret < 0) {
|
||||
printf("rsa gen key fail\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
hash_idx = find_hash("sha1");
|
||||
if (hash_idx < 0) {
|
||||
printf("not find hash\n");
|
||||
return -1;
|
||||
}
|
||||
src_size = 20;
|
||||
|
||||
/* private sign with v1_5 padding */
|
||||
memset(src_data, 0xa, 64);
|
||||
ret = rsa_sign_hash_ex(src_data, src_size, signature, &sig_size,
|
||||
LTC_PKCS_1_V1_5, &_g_prng_state, _g_prng_idx,
|
||||
hash_idx, 0, &key);
|
||||
if (ret != CRYPT_OK) {
|
||||
printf("rsa private sign(v1_5) fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
/* public verify with v1_5 padding */
|
||||
key.type = PK_PUBLIC;
|
||||
ret = rsa_verify_hash_ex(signature, sig_size, src_data, src_size,
|
||||
LTC_PKCS_1_V1_5, hash_idx, 0, &stat, &key);
|
||||
if (ret != CRYPT_OK || stat != 1) {
|
||||
printf("RSA public verify(v1_5) fail(ret; %d stat: %d)\n", ret , stat);
|
||||
_print_data("v1_5_sig", signature, sig_size);
|
||||
ret = -1;
|
||||
goto _out;
|
||||
} else {
|
||||
printf("rsa public verify(v1_5) success!\n");
|
||||
}
|
||||
|
||||
/* private sign with pss padding */
|
||||
key.type = PK_PRIVATE;
|
||||
ret = rsa_sign_hash_ex(src_data, src_size, signature, &sig_size,
|
||||
LTC_PKCS_1_PSS, &_g_prng_state, _g_prng_idx,
|
||||
hash_idx, 8, &key);
|
||||
if (ret != CRYPT_OK) {
|
||||
printf("RSA private sign(pss) fail(%d)\n", ret);
|
||||
goto _out;
|
||||
}
|
||||
|
||||
/* public verify with pss padding */
|
||||
key.type = PK_PUBLIC;
|
||||
ret = rsa_verify_hash_ex(signature, sig_size, src_data, src_size,
|
||||
LTC_PKCS_1_PSS, hash_idx, 8, &stat, &key);
|
||||
if (ret != CRYPT_OK || stat != 1) {
|
||||
printf("RSA public verify(pss) fail(ret; %d stat: %d)\n", ret , stat);
|
||||
_print_data("pss_sig", signature, sig_size);
|
||||
ret = -1;
|
||||
goto _out;
|
||||
} else {
|
||||
printf("RSA public verify(pss) success!\n");
|
||||
}
|
||||
|
||||
_out:
|
||||
rsa_free(&key);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static void _mbed_crypto_rsa_test(uint32_t level)
|
||||
{
|
||||
int ret;
|
||||
rsa_key key;
|
||||
|
||||
#if 0
|
||||
ret = _rsa_test_gen_key(&key);
|
||||
if (ret < 0) {
|
||||
printf("rsa gen key fail\n");
|
||||
return;
|
||||
}
|
||||
rsa_free(&key);
|
||||
#endif
|
||||
|
||||
key.type = PK_PRIVATE;
|
||||
ret = _rsa_test_init_key(&key);
|
||||
if (ret < 0) {
|
||||
printf("rsa gen key fail\n");
|
||||
return;
|
||||
}
|
||||
rsa_free(&key);
|
||||
|
||||
ret = _rsa_test_encrypt_decrypt_nopad();
|
||||
if (ret < 0) {
|
||||
printf("rsa encrypt decrypt with nopad test fail\n");
|
||||
return;
|
||||
}
|
||||
|
||||
ret = _rsa_test_encrypt_decrypt_v1_5();
|
||||
if (ret < 0) {
|
||||
printf("rsa encrypt decrypt with pkcs1_v_5 test fail\n");
|
||||
return;
|
||||
}
|
||||
|
||||
ret = _rsa_test_encrypt_decrypt_oaep();
|
||||
if (ret < 0) {
|
||||
printf("rsa encrypt decrypt with pkcs1_oaep test fail\n");
|
||||
return;
|
||||
}
|
||||
|
||||
ret = _rsa_test_sign_verify();
|
||||
if (ret < 0) {
|
||||
printf("rsa sign verify test fail\n");
|
||||
return;
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue