2 * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
25 #include <openssl/evp.h>
26 #include <openssl/obj_mac.h>
27 #include <openssl/ec.h>
28 #include <openssl/dsa.h>
29 #include <openssl/rsa.h>
30 #include <openssl/bio.h>
31 #include <openssl/rand.h>
32 #include <openssl/crypto.h>
33 #include <openssl/err.h>
34 #include <openssl/x509v3.h>
35 #include <openssl/obj_mac.h>
37 #include <ckm/ckm-error.h>
39 #include <dpl/log/log.h>
41 #include <generic-backend/exception.h>
42 #include <generic-backend/algo-validation.h>
43 #include <sw-backend/internals.h>
44 #include <sw-backend/crypto.h>
46 #define OPENSSL_SUCCESS 1 // DO NOTCHANGE THIS VALUE
47 #define OPENSSL_FAIL 0 // DO NOTCHANGE THIS VALUE
55 typedef std::unique_ptr<EVP_MD_CTX, std::function<void(EVP_MD_CTX*)>> EvpMdCtxUPtr;
56 typedef std::unique_ptr<EVP_PKEY_CTX, std::function<void(EVP_PKEY_CTX*)>> EvpPkeyCtxUPtr;
57 typedef std::unique_ptr<EVP_PKEY, std::function<void(EVP_PKEY*)>> EvpPkeyUPtr;
59 typedef std::unique_ptr<BIO, std::function<void(BIO*)>> BioUniquePtr;
60 typedef int(*I2D_CONV)(BIO*, EVP_PKEY*);
62 const size_t DEFAULT_AES_GCM_TAG_LEN = 128; // tag length in bits according to W3C Crypto API
63 const size_t DEFAULT_AES_IV_LEN = 16; // default iv size in bytes for AES
65 RawBuffer i2d(I2D_CONV fun, EVP_PKEY* pkey) {
66 BioUniquePtr bio(BIO_new(BIO_s_mem()), BIO_free_all);
69 ThrowErr(Exc::Crypto::InternalError, "attempt to parse an empty key!");
72 if (NULL == bio.get()) {
73 ThrowErr(Exc::Crypto::InternalError, "Error in memory allocation! Function: BIO_new.");
76 if (1 != fun(bio.get(), pkey)) {
77 ThrowErr(Exc::Crypto::InternalError, "Error in conversion EVP_PKEY to DER");
80 RawBuffer output(8196);
82 int size = BIO_read(bio.get(), output.data(), output.size());
85 ThrowErr(Exc::Crypto::InternalError, "Error in BIO_read: ", size);
92 // encryption / decryption
93 typedef ParamCheck<ParamName::ALGO_TYPE,
96 Type<AlgoType>::Equals<AlgoType::AES_CTR,
99 AlgoType::AES_CFB>> IsSymEncryption;
101 typedef ParamCheck<ParamName::ALGO_TYPE,
104 Type<AlgoType>::Equals<AlgoType::RSA_OAEP>> IsAsymEncryption;
106 typedef ParamCheck<ParamName::ED_IV,
109 Type<size_t>::Equals<DEFAULT_AES_IV_LEN>,
110 BufferSizeGetter> IvSizeCheck;
112 typedef ParamCheck<ParamName::ED_CTR_LEN,
115 Type<int>::Equals<128>> CtrLenCheck;
117 typedef ParamCheck<ParamName::ED_IV,
120 DefaultValidator<RawBuffer>> GcmIvCheck;
122 typedef ParamCheck<ParamName::ED_TAG_LEN,
125 Type<int>::Equals<32, 64, 96, 104, 112, 120, 128>> GcmTagCheck;
127 typedef ParamCheck<ParamName::ED_LABEL,
130 Unsupported<RawBuffer>> RsaLabelCheck;
133 typedef ParamCheck<ParamName::ALGO_TYPE,
136 Type<AlgoType>::Equals<AlgoType::RSA_SV,
138 AlgoType::ECDSA_SV>> IsSignVerify;
140 typedef ParamCheck<ParamName::SV_HASH_ALGO,
143 Type<HashAlgorithm>::Equals<HashAlgorithm::NONE,
145 HashAlgorithm::SHA256,
146 HashAlgorithm::SHA384,
147 HashAlgorithm::SHA512>> HashAlgoCheck;
149 typedef ParamCheck<ParamName::SV_RSA_PADDING,
152 Type<RSAPaddingAlgorithm>::Equals<RSAPaddingAlgorithm::NONE,
153 RSAPaddingAlgorithm::PKCS1,
154 RSAPaddingAlgorithm::X931>> RsaPaddingCheck;
157 typedef ParamCheck<ParamName::ALGO_TYPE,
160 Type<AlgoType>::Equals<AlgoType::RSA_GEN,
162 AlgoType::ECDSA_GEN>> IsAsymGeneration;
164 typedef ParamCheck<ParamName::ALGO_TYPE,
167 Type<AlgoType>::Equals<AlgoType::AES_GEN>> IsSymGeneration;
169 typedef ParamCheck<ParamName::GEN_KEY_LEN,
172 Type<int>::Equals<1024, 2048, 4096>> RsaKeyLenCheck;
174 typedef ParamCheck<ParamName::GEN_KEY_LEN,
177 Type<int>::Equals<1024, 2048, 3072, 4096>> DsaKeyLenCheck;
179 typedef ParamCheck<ParamName::GEN_KEY_LEN,
182 Type<int>::Equals<128, 192, 256>> AesKeyLenCheck;
184 typedef ParamCheck<ParamName::GEN_EC,
187 Type<ElipticCurve>::Equals<ElipticCurve::prime192v1,
188 ElipticCurve::prime256v1,
189 ElipticCurve::secp384r1>> EcdsaEcCheck;
191 typedef std::map<AlgoType, ValidatorVector> ValidatorMap;
192 ValidatorMap initValidators() {
193 ValidatorMap validators;
194 validators.emplace(AlgoType::RSA_SV, VBuilder<HashAlgoCheck, RsaPaddingCheck>::Build());
195 validators.emplace(AlgoType::RSA_SV, VBuilder<HashAlgoCheck, RsaPaddingCheck>::Build());
196 validators.emplace(AlgoType::DSA_SV, VBuilder<HashAlgoCheck>::Build());
197 validators.emplace(AlgoType::ECDSA_SV, VBuilder<HashAlgoCheck>::Build());
198 validators.emplace(AlgoType::RSA_GEN, VBuilder<RsaKeyLenCheck>::Build());
199 validators.emplace(AlgoType::DSA_GEN, VBuilder<DsaKeyLenCheck>::Build());
200 validators.emplace(AlgoType::ECDSA_GEN, VBuilder<EcdsaEcCheck>::Build());
201 validators.emplace(AlgoType::AES_GEN, VBuilder<AesKeyLenCheck>::Build());
202 validators.emplace(AlgoType::AES_CTR, VBuilder<IvSizeCheck, CtrLenCheck>::Build());
203 validators.emplace(AlgoType::AES_CBC, VBuilder<IvSizeCheck>::Build());
204 validators.emplace(AlgoType::AES_CFB, VBuilder<IvSizeCheck>::Build());
205 validators.emplace(AlgoType::AES_GCM, VBuilder<GcmIvCheck, GcmTagCheck>::Build());
206 validators.emplace(AlgoType::RSA_OAEP, VBuilder<RsaLabelCheck>::Build());
209 ValidatorMap g_validators = initValidators();
211 template <typename TypeCheck>
212 void validateParams(const CryptoAlgorithm& ca)
214 // check algorithm type (Encryption/Decryption, Sign/Verify, Key generation)
218 AlgoType at = unpack<AlgoType>(ca, ParamName::ALGO_TYPE);
220 for(const auto& validator : g_validators.at(at))
221 validator->Check(ca);
222 } catch(const std::out_of_range&) {
223 ThrowErr(Exc::Crypto::InputParam, "Unsupported algorithm ", static_cast<int>(at));
227 typedef std::unique_ptr<Cipher::EvpCipherWrapper<RawBuffer>> EvpCipherPtr;
229 typedef std::function<void(EvpCipherPtr&, const RawBuffer& key, const RawBuffer& iv)> InitCipherFn;
231 // aes mode, key length in bits, encryption
232 typedef std::map<AlgoType, std::map<size_t, std::map<bool, InitCipherFn>>> CipherTree;
234 template <typename T>
235 void initCipher(EvpCipherPtr& ptr, const RawBuffer& key, const RawBuffer& iv)
237 ptr.reset(new T(key, iv));
240 CipherTree initializeCipherTree()
243 tree[AlgoType::AES_CBC][128][true] = initCipher<Cipher::AesCbcEncryption128>;
244 tree[AlgoType::AES_CBC][192][true] = initCipher<Cipher::AesCbcEncryption192>;
245 tree[AlgoType::AES_CBC][256][true] = initCipher<Cipher::AesCbcEncryption256>;
247 tree[AlgoType::AES_CBC][128][false] = initCipher<Cipher::AesCbcDecryption128>;
248 tree[AlgoType::AES_CBC][192][false] = initCipher<Cipher::AesCbcDecryption192>;
249 tree[AlgoType::AES_CBC][256][false] = initCipher<Cipher::AesCbcDecryption256>;
251 tree[AlgoType::AES_GCM][128][true] = initCipher<Cipher::AesGcmEncryption128>;
252 tree[AlgoType::AES_GCM][192][true] = initCipher<Cipher::AesGcmEncryption192>;
253 tree[AlgoType::AES_GCM][256][true] = initCipher<Cipher::AesGcmEncryption256>;
255 tree[AlgoType::AES_GCM][128][false] = initCipher<Cipher::AesGcmDecryption128>;
256 tree[AlgoType::AES_GCM][192][false] = initCipher<Cipher::AesGcmDecryption192>;
257 tree[AlgoType::AES_GCM][256][false] = initCipher<Cipher::AesGcmDecryption256>;
259 tree[AlgoType::AES_CTR][128][true] = initCipher<Cipher::AesCtrEncryption128>;
260 tree[AlgoType::AES_CTR][192][true] = initCipher<Cipher::AesCtrEncryption192>;
261 tree[AlgoType::AES_CTR][256][true] = initCipher<Cipher::AesCtrEncryption256>;
263 tree[AlgoType::AES_CTR][128][false] = initCipher<Cipher::AesCtrDecryption128>;
264 tree[AlgoType::AES_CTR][192][false] = initCipher<Cipher::AesCtrDecryption192>;
265 tree[AlgoType::AES_CTR][256][false] = initCipher<Cipher::AesCtrDecryption256>;
267 tree[AlgoType::AES_CFB][128][true] = initCipher<Cipher::AesCfbEncryption128>;
268 tree[AlgoType::AES_CFB][192][true] = initCipher<Cipher::AesCfbEncryption192>;
269 tree[AlgoType::AES_CFB][256][true] = initCipher<Cipher::AesCfbEncryption256>;
271 tree[AlgoType::AES_CFB][128][false] = initCipher<Cipher::AesCfbDecryption128>;
272 tree[AlgoType::AES_CFB][192][false] = initCipher<Cipher::AesCfbDecryption192>;
273 tree[AlgoType::AES_CFB][256][false] = initCipher<Cipher::AesCfbDecryption256>;
278 CipherTree g_cipherTree = initializeCipherTree();
280 // key length in bytes
281 InitCipherFn selectCipher(AlgoType type, size_t key_len = 32, bool encryption = true)
284 return g_cipherTree.at(type).at(key_len*8).at(encryption);
285 } catch (const std::out_of_range&) {
286 ThrowErr(Exc::Crypto::InternalError,
287 "Unsupported cipher: ",
288 static_cast<int>(type), ", ",
295 RawBuffer asymmetricHelper(int (*cryptoFn)(int, const unsigned char*, unsigned char*, RSA*, int),
296 const std::string &logPrefix,
297 const EvpShPtr &pkey,
298 const CryptoAlgorithm &alg,
299 const RawBuffer &data)
301 validateParams<IsAsymEncryption>(alg);
303 RSA* rsa = EVP_PKEY_get1_RSA(pkey.get());
305 ThrowErr(Exc::Crypto::InputParam, logPrefix, "invalid key");
308 * RSA_padding_add_PKCS1_OAEP supports custom label but RSA_public_encrypt calls it with NULL
309 * value so for now label is not supported. Alternative is to rewrite the openssl implementation
310 * to support it: openssl-fips/crypto/rsa/rsa_eay.c
313 output.resize(RSA_size(rsa));
314 int ret = cryptoFn(data.size(),
318 RSA_PKCS1_OAEP_PADDING);
321 ThrowErr(Exc::Crypto::InternalError, logPrefix, "failed");
327 } // anonymous namespace
329 const EVP_MD *getMdAlgo(const HashAlgorithm hashAlgo) {
330 const EVP_MD *md_algo=NULL;
332 case HashAlgorithm::NONE:
335 case HashAlgorithm::SHA1:
336 md_algo = EVP_sha1();
338 case HashAlgorithm::SHA256:
339 md_algo = EVP_sha256();
341 case HashAlgorithm::SHA384:
342 md_algo = EVP_sha384();
344 case HashAlgorithm::SHA512:
345 md_algo = EVP_sha512();
348 ThrowErr(Exc::Crypto::InternalError, "Error in hashAlgorithm value");
353 int getRsaPadding(const RSAPaddingAlgorithm padAlgo) {
354 int rsa_padding = -1;
356 case RSAPaddingAlgorithm::NONE:
357 rsa_padding = RSA_NO_PADDING;
359 case RSAPaddingAlgorithm::PKCS1:
360 rsa_padding = RSA_PKCS1_PADDING;
362 case RSAPaddingAlgorithm::X931:
363 rsa_padding = RSA_X931_PADDING;
366 ThrowErr(Exc::Crypto::InternalError, "Error in RSAPaddingAlgorithm value");
371 DataPair createKeyPairRSA(const int size)
375 // check the parameters of functions
376 if(size!=1024 && size!=2048 && size!=4096) {
377 ThrowErr(Exc::Crypto::InputParam, "Error in RSA input size");
380 EvpPkeyCtxUPtr ctx(EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL), EVP_PKEY_CTX_free);
382 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_CTX_new_id function !!");
385 if(EVP_PKEY_keygen_init(ctx.get()) <= 0) {
386 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_keygen_init function !!");
389 if(EVP_PKEY_CTX_set_rsa_keygen_bits(ctx.get(), size) <= 0) {
390 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_CTX_set_rsa_keygen_bits function !!");
393 EVP_PKEY *pkeyTmp = NULL;
394 if(!EVP_PKEY_keygen(ctx.get(), &pkeyTmp)) {
395 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_keygen function !!");
397 pkey = EvpPkeyUPtr(pkeyTmp, EVP_PKEY_free);
399 return std::make_pair<Data, Data>(
400 {DataType(KeyType::KEY_RSA_PRIVATE), i2d(i2d_PrivateKey_bio, pkey.get())},
401 {DataType(KeyType::KEY_RSA_PUBLIC), i2d(i2d_PUBKEY_bio, pkey.get())});
405 DataPair createKeyPairDSA(const int size)
410 // check the parameters of functions
411 if(size!=1024 && size!=2048 && size!=3072 && size!=4096) {
412 ThrowErr(Exc::Crypto::InputParam, "Error in DSA input size");
415 /* Create the context for generating the parameters */
416 EvpPkeyCtxUPtr pctx(EVP_PKEY_CTX_new_id(EVP_PKEY_DSA, NULL), EVP_PKEY_CTX_free);
418 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_CTX_new_id function");
421 if(EVP_SUCCESS != EVP_PKEY_paramgen_init(pctx.get())) {
422 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_paramgen_init function");
425 if(EVP_SUCCESS != EVP_PKEY_CTX_set_dsa_paramgen_bits(pctx.get(), size)) {
426 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_CTX_set_dsa_paramgen_bits(", size, ") function");
429 /* Generate parameters */
430 EVP_PKEY *pparamTmp = NULL;
431 if(EVP_SUCCESS != EVP_PKEY_paramgen(pctx.get(), &pparamTmp)) {
432 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_paramgen function");
434 pparam = EvpPkeyUPtr(pparamTmp, EVP_PKEY_free);
436 // Start to generate key
437 EvpPkeyCtxUPtr kctx(EVP_PKEY_CTX_new(pparam.get(), NULL), EVP_PKEY_CTX_free);
439 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_CTX_new function");
442 if(EVP_SUCCESS != EVP_PKEY_keygen_init(kctx.get())) {
443 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_keygen_init function");
446 /* Generate the key */
447 EVP_PKEY *pkeyTmp = NULL;
448 if(!EVP_PKEY_keygen(kctx.get(), &pkeyTmp)) {
449 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_keygen function !!");
451 pkey = EvpPkeyUPtr(pkeyTmp, EVP_PKEY_free);
453 return std::make_pair<Data, Data>(
454 {DataType(KeyType::KEY_DSA_PRIVATE), i2d(i2d_PrivateKey_bio, pkey.get())},
455 {DataType(KeyType::KEY_DSA_PUBLIC), i2d(i2d_PUBKEY_bio, pkey.get())});
458 DataPair createKeyPairECDSA(ElipticCurve type)
460 int ecCurve = NOT_DEFINED;
465 case ElipticCurve::prime192v1:
466 ecCurve = NID_X9_62_prime192v1;
468 case ElipticCurve::prime256v1:
469 ecCurve = NID_X9_62_prime256v1;
471 case ElipticCurve::secp384r1:
472 ecCurve = NID_secp384r1;
475 ThrowErr(Exc::Crypto::InputParam, "Error in EC type");
478 /* Create the context for generating the parameters */
479 EvpPkeyCtxUPtr pctx(EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL), EVP_PKEY_CTX_free);
481 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_CTX_new_id function");
484 if(EVP_SUCCESS != EVP_PKEY_paramgen_init(pctx.get())) {
485 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_paramgen_init function");
488 if(EVP_SUCCESS != EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx.get(), ecCurve)) {
489 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_CTX_set_ec_paramgen_curve_nid function");
492 /* Generate parameters */
493 EVP_PKEY *pparamTmp = NULL;
494 if(EVP_SUCCESS != EVP_PKEY_paramgen(pctx.get(), &pparamTmp)) {
495 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_paramgen function");
497 pparam = EvpPkeyUPtr(pparamTmp, EVP_PKEY_free);
499 // Start to generate key
500 EvpPkeyCtxUPtr kctx(EVP_PKEY_CTX_new(pparam.get(), NULL), EVP_PKEY_CTX_free);
502 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_CTX_new function");
505 if(EVP_SUCCESS != EVP_PKEY_keygen_init(kctx.get())) {
506 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_keygen_init function");
509 /* Generate the key */
510 EVP_PKEY *pkeyTmp = NULL;
511 if(!EVP_PKEY_keygen(kctx.get(), &pkeyTmp)) {
512 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_keygen function !!");
514 pkey = EvpPkeyUPtr(pkeyTmp, EVP_PKEY_free);
516 return std::make_pair<Data, Data>(
517 {DataType(KeyType::KEY_ECDSA_PRIVATE), i2d(i2d_PrivateKey_bio, pkey.get())},
518 {DataType(KeyType::KEY_ECDSA_PUBLIC), i2d(i2d_PUBKEY_bio, pkey.get())});
521 Data createKeyAES(const int sizeBits)
523 // check the parameters of functions
524 if(sizeBits!=128 && sizeBits!=192 && sizeBits!=256) {
525 LogError("Error in AES input size");
526 ThrowMsg(Exc::Crypto::InputParam, "Error in AES input size");
530 int sizeBytes = sizeBits/8;
531 if (!RAND_bytes(key, sizeBytes)) {
532 LogError("Error in AES key generation");
533 ThrowMsg(Exc::Crypto::InternalError, "Error in AES key generation");
536 return { DataType(KeyType::KEY_AES), CKM::RawBuffer(key, key+sizeBytes)};
539 DataPair generateAKey(const CryptoAlgorithm &algorithm)
541 validateParams<IsAsymGeneration>(algorithm);
543 AlgoType keyType = unpack<AlgoType>(algorithm, ParamName::ALGO_TYPE);
544 if(keyType == AlgoType::RSA_GEN || keyType == AlgoType::DSA_GEN)
546 int keyLength = unpack<int>(algorithm, ParamName::GEN_KEY_LEN);
547 if(keyType == AlgoType::RSA_GEN)
548 return createKeyPairRSA(keyLength);
550 return createKeyPairDSA(keyLength);
552 else // AlgoType::ECDSA_GEN
554 ElipticCurve ecType = unpack<ElipticCurve>(algorithm, ParamName::GEN_EC);
555 return createKeyPairECDSA(ecType);
559 Data generateSKey(const CryptoAlgorithm &algorithm)
561 validateParams<IsSymGeneration>(algorithm);
563 int keySizeBits = unpack<int>(algorithm, ParamName::GEN_KEY_LEN);
564 return createKeyAES(keySizeBits);
567 RawBuffer encryptDataAes(
569 const RawBuffer &key,
570 const RawBuffer &data,
574 selectCipher(type, key.size())(enc, key, iv);
575 RawBuffer result = enc->Append(data);
576 RawBuffer tmp = enc->Finalize();
577 std::copy(tmp.begin(), tmp.end(), std::back_inserter(result));
581 std::pair<RawBuffer, RawBuffer> encryptDataAesGcm(
582 const RawBuffer &key,
583 const RawBuffer &data,
586 const RawBuffer &aad)
588 RawBuffer tag(tagSize);
590 selectCipher(AlgoType::AES_GCM, key.size())(enc, key, iv);
595 RawBuffer result = enc->Append(data);
596 RawBuffer tmp = enc->Finalize();
597 std::copy(tmp.begin(), tmp.end(), std::back_inserter(result));
598 if (0 == enc->Control(EVP_CTRL_GCM_GET_TAG, tagSize, tag.data())) {
599 ThrowErr(Exc::Crypto::InternalError, "Error in AES control function. Get tag failed.");
601 return std::make_pair(result, tag);
604 RawBuffer encryptDataAesGcmPacked(
605 const RawBuffer &key,
606 const RawBuffer &data,
609 const RawBuffer &aad)
611 auto pair = encryptDataAesGcm(key, data, iv, tagSize, aad);
612 std::copy(pair.second.begin(), pair.second.end(), std::back_inserter(pair.first));
616 RawBuffer decryptDataAes(
618 const RawBuffer &key,
619 const RawBuffer &data,
623 selectCipher(type, key.size(), false)(dec, key, iv);
624 RawBuffer result = dec->Append(data);
625 RawBuffer tmp = dec->Finalize();
626 std::copy(tmp.begin(), tmp.end(), std::back_inserter(result));
630 RawBuffer decryptDataAesGcm(
631 const RawBuffer &key,
632 const RawBuffer &data,
634 const RawBuffer &tag,
635 const RawBuffer &aad)
638 selectCipher(AlgoType::AES_GCM, key.size(), false)(dec, key, iv);
639 void *ptr = (void*)tag.data();
640 if (0 == dec->Control(EVP_CTRL_GCM_SET_TAG, tag.size(), ptr)) {
641 ThrowErr(Exc::Crypto::InternalError,
642 "Error in AES control function. Set tag failed.");
647 RawBuffer result = dec->Append(data);
648 RawBuffer tmp = dec->Finalize();
649 std::copy(tmp.begin(), tmp.end(), std::back_inserter(result));
653 RawBuffer decryptDataAesGcmPacked(
654 const RawBuffer &key,
655 const RawBuffer &data,
658 const RawBuffer &aad)
660 if (tagSize > static_cast<int>(data.size()))
661 ThrowErr(Exc::Crypto::InputParam, "Wrong size of tag");
663 auto tagPos = data.data() + data.size() - tagSize;
664 return decryptDataAesGcm(
666 RawBuffer(data.data(), tagPos),
668 RawBuffer(tagPos, data.data() + data.size()),
672 RawBuffer symmetricEncrypt(const RawBuffer &key,
673 const CryptoAlgorithm &alg,
674 const RawBuffer &data)
676 validateParams<IsSymEncryption>(alg);
677 AlgoType keyType = unpack<AlgoType>(alg, ParamName::ALGO_TYPE);
681 case AlgoType::AES_CBC:
682 case AlgoType::AES_CTR:
683 case AlgoType::AES_CFB:
684 return encryptDataAes(keyType, key, data, unpack<RawBuffer>(alg, ParamName::ED_IV));
685 case AlgoType::AES_GCM:
687 int tagLenBits = DEFAULT_AES_GCM_TAG_LEN;
688 alg.getParam(ParamName::ED_TAG_LEN, tagLenBits);
690 alg.getParam(ParamName::ED_AAD, aad);
691 return encryptDataAesGcmPacked(key,
693 unpack<RawBuffer>(alg, ParamName::ED_IV),
700 ThrowErr(Exc::Crypto::OperationNotSupported, "symmetric enc: algorithm not recognized");
703 RawBuffer symmetricDecrypt(const RawBuffer &key,
704 const CryptoAlgorithm &alg,
705 const RawBuffer &data)
707 validateParams<IsSymEncryption>(alg);
708 AlgoType keyType = unpack<AlgoType>(alg, ParamName::ALGO_TYPE);
712 case AlgoType::AES_CBC:
713 case AlgoType::AES_CTR:
714 case AlgoType::AES_CFB:
715 return decryptDataAes(keyType, key, data, unpack<RawBuffer>(alg, ParamName::ED_IV));
716 case AlgoType::AES_GCM:
718 int tagLenBits = DEFAULT_AES_GCM_TAG_LEN;
719 alg.getParam(ParamName::ED_TAG_LEN, tagLenBits);
721 alg.getParam(ParamName::ED_AAD, aad);
722 return decryptDataAesGcmPacked(key,
724 unpack<RawBuffer>(alg, ParamName::ED_IV),
731 ThrowErr(Exc::Crypto::InputParam, "symmetric dec: algorithm not recognized");
734 RawBuffer asymmetricEncrypt(const EvpShPtr &pkey,
735 const CryptoAlgorithm &alg,
736 const RawBuffer &data)
738 return asymmetricHelper(RSA_public_encrypt, "Asymmetric encryption: ", pkey, alg, data);
741 RawBuffer asymmetricDecrypt(const EvpShPtr &pkey,
742 const CryptoAlgorithm &alg,
743 const RawBuffer &data)
745 return asymmetricHelper(RSA_private_decrypt, "Asymmetric decryption: ", pkey, alg, data);
748 RawBuffer sign(EVP_PKEY *pkey,
749 const CryptoAlgorithm &alg,
750 const RawBuffer &message)
752 validateParams<IsSignVerify>(alg);
754 HashAlgorithm hashTmp = HashAlgorithm::NONE;
755 alg.getParam(ParamName::SV_HASH_ALGO, hashTmp);
756 const EVP_MD *md_algo = getMdAlgo(hashTmp);
758 RSAPaddingAlgorithm rsaPad = RSAPaddingAlgorithm::NONE;
759 alg.getParam(ParamName::SV_RSA_PADDING, rsaPad);
760 int rsa_padding = getRsaPadding(rsaPad);
763 // if((privateKey.getType() != KeyType::KEY_RSA_PRIVATE) &&
764 // (privateKey.getType() != KeyType::KEY_DSA_PRIVATE) &&
765 // (privateKey.getType() != KeyType::KEY_ECDSA_PRIVATE))
767 // LogError("Error in private key type");
768 // ThrowErr(CryptoService::Exception::Crypto_internal, "Error in private key type");
771 // if(privateKey.getType()==KeyType::KEY_RSA_PRIVATE) {
772 // rsa_padding = getRsaPadding(padAlgo);
776 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_keygen function");
779 if(md_algo == NULL) {
780 return signMessage(pkey, message, rsa_padding);
783 return digestSignMessage(pkey,message, md_algo, rsa_padding);
786 RawBuffer signMessage(EVP_PKEY *privKey,
787 const RawBuffer &message,
788 const int rsa_padding)
790 EvpPkeyCtxUPtr pctx(EVP_PKEY_CTX_new(privKey, NULL), EVP_PKEY_CTX_free);
793 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_CTX_new function");
796 if(EVP_PKEY_sign_init(pctx.get()) != EVP_SUCCESS) {
797 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_sign_init function");
800 /* Set padding algorithm */
801 if(EVP_PKEY_type(privKey->type) == EVP_PKEY_RSA) {
802 if(EVP_SUCCESS != EVP_PKEY_CTX_set_rsa_padding(pctx.get(), rsa_padding)) {
803 ThrowErr(Exc::Crypto::InternalError,
804 "Error in EVP_PKEY_CTX_set_rsa_padding function");
808 /* Finalize the Sign operation */
809 /* First call EVP_PKEY_sign with a NULL sig parameter to obtain the length of the
810 * signature. Length is returned in slen */
812 if(EVP_SUCCESS != EVP_PKEY_sign(pctx.get(), NULL, &slen, message.data(), message.size())) {
813 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_sign function");
816 /* Allocate memory for the signature based on size in slen */
819 if(EVP_SUCCESS == EVP_PKEY_sign(pctx.get(),
825 // Set value to return RawData
830 ThrowErr(Exc::Crypto::InputParam, "Error in EVP_PKEY_sign function. Input param error.");
833 RawBuffer digestSignMessage(EVP_PKEY *privKey,
834 const RawBuffer &message,
835 const EVP_MD *md_algo,
836 const int rsa_padding)
838 EvpMdCtxUPtr mdctx(EVP_MD_CTX_create(), EVP_MD_CTX_destroy);
840 EVP_PKEY_CTX *pctx = NULL;
842 // Create the Message Digest Context
844 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_MD_CTX_create function");
847 if(EVP_SUCCESS != EVP_DigestSignInit(mdctx.get(), &pctx, md_algo, NULL, privKey)) {
848 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_DigestSignInit function");
851 /* Set padding algorithm */
852 if(EVP_PKEY_type(privKey->type) == EVP_PKEY_RSA) {
853 if(EVP_SUCCESS != EVP_PKEY_CTX_set_rsa_padding(pctx, rsa_padding)) {
854 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_CTX_set_rsa_padding function");
858 /* Call update with the message */
859 if(EVP_SUCCESS != EVP_DigestSignUpdate(mdctx.get(), message.data(), message.size())) {
860 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_DigestSignUpdate function");
863 /* Finalize the DigestSign operation */
864 /* First call EVP_DigestSignFinal with a NULL sig parameter to obtain the length of the
865 * signature. Length is returned in slen */
867 if(EVP_SUCCESS != EVP_DigestSignFinal(mdctx.get(), NULL, &slen)) {
868 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_DigestSignFinal function");
871 /* Allocate memory for the signature based on size in slen */
874 /* Obtain the signature */
875 if(EVP_SUCCESS != EVP_DigestSignFinal(mdctx.get(), sig.data(), &slen)) {
876 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_DigestSignFinal function");
879 // Set value to return RawData
884 int verify(EVP_PKEY *pkey,
885 const CryptoAlgorithm &alg,
886 const RawBuffer &message,
887 const RawBuffer &signature)
889 validateParams<IsSignVerify>(alg);
891 int rsa_padding = NOT_DEFINED;
892 const EVP_MD *md_algo = NULL;
894 HashAlgorithm hashTmp = HashAlgorithm::NONE;
895 alg.getParam(ParamName::SV_HASH_ALGO, hashTmp);
896 md_algo = getMdAlgo(hashTmp);
898 RSAPaddingAlgorithm rsaPad = RSAPaddingAlgorithm::NONE;
899 alg.getParam(ParamName::SV_RSA_PADDING, rsaPad);
900 rsa_padding = getRsaPadding(rsaPad);
903 // if((publicKey.getType() != KeyType::KEY_RSA_PUBLIC) &&
904 // (publicKey.getType() != KeyType::KEY_DSA_PUBLIC) &&
905 // (publicKey.getType() != KeyType::KEY_ECDSA_PUBLIC))
907 // LogError("Error in private key type");
908 // ThrowErr(CryptoService::Exception::Crypto_internal, "Error in private key type");
911 // if(publicKey.getType()==KeyType::KEY_RSA_PUBLIC) {
912 // rsa_padding = getRsaPadding(padAlgo);
915 // auto shrPKey = publicKey.getEvpShPtr();
917 ThrowErr(Exc::Crypto::InternalError, "Error in getEvpShPtr function");
920 if (md_algo == NULL) {
921 return verifyMessage(pkey, message, signature, rsa_padding);
924 return digestVerifyMessage(pkey, message, signature, md_algo, rsa_padding);
927 int verifyMessage(EVP_PKEY *pubKey,
928 const RawBuffer &message,
929 const RawBuffer &signature,
930 const int rsa_padding)
932 EvpPkeyCtxUPtr pctx(EVP_PKEY_CTX_new(pubKey, NULL), EVP_PKEY_CTX_free);
935 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_CTX_new function");
938 if(EVP_PKEY_verify_init(pctx.get()) != EVP_SUCCESS) {
939 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_verify_init function");
942 /* Set padding algorithm */
943 if(EVP_PKEY_type(pubKey->type) == EVP_PKEY_RSA) {
944 if(EVP_SUCCESS != EVP_PKEY_CTX_set_rsa_padding(pctx.get(), rsa_padding)) {
945 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_CTX_set_rsa_padding function");
949 if(EVP_SUCCESS == EVP_PKEY_verify(pctx.get(), signature.data(), signature.size(), message.data(), message.size())) {
950 return CKM_API_SUCCESS;
953 LogError("EVP_PKEY_verify Failed");
954 return CKM_API_ERROR_VERIFICATION_FAILED;
957 int digestVerifyMessage(EVP_PKEY *pubKey,
958 const RawBuffer &message,
959 const RawBuffer &signature,
960 const EVP_MD *md_algo,
961 const int rsa_padding)
963 EvpMdCtxUPtr mdctx(EVP_MD_CTX_create(), EVP_MD_CTX_destroy);
964 EVP_PKEY_CTX *pctx = NULL;
966 /* Create the Message Digest Context */
968 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_MD_CTX_create function");
971 if(EVP_SUCCESS != EVP_DigestVerifyInit(mdctx.get(), &pctx, md_algo, NULL, pubKey)) {
972 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_DigestVerifyInit function");
975 if(EVP_PKEY_type(pubKey->type) == EVP_PKEY_RSA) {
976 if(EVP_SUCCESS != EVP_PKEY_CTX_set_rsa_padding(pctx, rsa_padding)) {
977 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_PKEY_CTX_set_rsa_padding function");
981 if(EVP_SUCCESS != EVP_DigestVerifyUpdate(mdctx.get(), message.data(), message.size()) ) {
982 ThrowErr(Exc::Crypto::InternalError, "Error in EVP_DigestVerifyUpdate function");
985 if(EVP_SUCCESS == EVP_DigestVerifyFinal(mdctx.get(), const_cast<unsigned char*>(signature.data()), signature.size()) ) {
986 return CKM_API_SUCCESS;
989 LogError("EVP_PKEY_verify Failed");
990 return CKM_API_ERROR_VERIFICATION_FAILED;
993 } // namespace Internals
995 } // namespace Crypto
projects / platform / core / security / key-manager.git / blob