8 #include <openssl/x509_vfy.h>
9 #include <openssl/evp.h>
10 #include <openssl/obj_mac.h>
11 #include <openssl/ec.h>
12 #include <openssl/dsa.h>
13 #include <openssl/dh.h>
14 #include <openssl/rsa.h>
15 #include <openssl/bio.h>
16 #include <openssl/rand.h>
17 #include <openssl/crypto.h>
18 #include <openssl/err.h>
19 #include <openssl/x509v3.h>
20 #include <openssl/obj_mac.h>
21 #include <ckm/ckm-error.h>
22 #include <ckm/ckm-type.h>
24 #include <sw-backend/crypto-service.h>
26 #include <dpl/log/log.h>
28 #define OPENSSL_SUCCESS 1 // DO NOTCHANGE THIS VALUE
29 #define OPENSSL_FAIL 0 // DO NOTCHANGE THIS VALUE
35 CryptoService::CryptoService(){
38 CryptoService::~CryptoService(){
41 int CryptoService::createKeyPairRSA(const int size, // size in bits [1024, 2048, 4096]
42 KeyImpl &createdPrivateKey, // returned value
43 KeyImpl &createdPublicKey) // returned value
45 EVP_PKEY_CTX *ctx = NULL;
46 EVP_PKEY *pkey = NULL;
47 EVP_PKEY *pparam = NULL;
49 // check the parameters of functions
50 if(size != 1024 && size !=2048 && size != 4096) {
51 LogError("Error in RSA input size");
52 ThrowMsg(CryptoService::Exception::Crypto_internal, "Error in RSA input size");
55 // check the parameters of functions
56 if(&createdPrivateKey == NULL) {
57 LogError("Error in createdPrivateKey value");
58 ThrowMsg(CryptoService::Exception::Crypto_internal, "Error in createdPrivateKey value");
61 // check the parameters of functions
62 if(&createdPublicKey == NULL) {
63 LogError("Error in createdPrivateKey value");
64 ThrowMsg(CryptoService::Exception::Crypto_internal, "Error in createdPublicKey value");
68 if(!(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL))) {
69 LogError("Error in EVP_PKEY_CTX_new_id function !!");
70 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_CTX_new_id function !!");
73 if(EVP_PKEY_keygen_init(ctx) <= 0) {
74 LogError("Error in EVP_PKEY_keygen_init function !!");
75 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_keygen_init function !!");
78 if(EVP_PKEY_CTX_set_rsa_keygen_bits(ctx,size) <= 0) {
79 LogError("Error in EVP_PKEY_CTX_set_rsa_keygen_bits function !!");
80 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_CTX_set_rsa_keygen_bits function !!");
83 if(!EVP_PKEY_keygen(ctx, &pkey)) {
84 LogError("Error in EVP_PKEY_keygen function !!");
85 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_keygen function !!");
87 } Catch(CryptoService::Exception::opensslError) {
93 EVP_PKEY_free(pparam);
97 EVP_PKEY_CTX_free(ctx);
100 ReThrowMsg(CryptoService::Exception::opensslError,"Error in opensslError function !!");
103 KeyImpl::EvpShPtr ptr(pkey, EVP_PKEY_free); // shared ptr will free pkey
105 createdPrivateKey = KeyImpl(ptr, KeyType::KEY_RSA_PRIVATE);
106 createdPublicKey = KeyImpl(ptr, KeyType::KEY_RSA_PUBLIC);
109 EVP_PKEY_free(pparam);
113 EVP_PKEY_CTX_free(ctx);
116 return CKM_CRYPTO_CREATEKEY_SUCCESS;
120 int CryptoService::createKeyPairDSA(const int size, // size in bits [1024, 2048, 3072, 4096]
121 KeyImpl &createdPrivateKey, // returned value
122 KeyImpl &createdPublicKey) // returned value
124 EVP_PKEY_CTX *pctx = NULL;
125 EVP_PKEY_CTX *kctx = NULL;
126 EVP_PKEY *pkey = NULL;
127 EVP_PKEY *pparam = NULL;
129 // check the parameters of functions
130 if(size != 1024 && size !=2048 && size !=3072 && size != 4096) {
131 LogError("Error in DSA input size");
132 ThrowMsg(CryptoService::Exception::Crypto_internal, "Error in DSA input size");
135 // check the parameters of functions
136 if(&createdPrivateKey == NULL) {
137 LogError("Error in createdPrivateKey value");
138 ThrowMsg(CryptoService::Exception::Crypto_internal, "Error in createdPrivateKey value");
141 // check the parameters of functions
142 if(&createdPublicKey == NULL) {
143 LogError("Error in createdPrivateKey value");
144 ThrowMsg(CryptoService::Exception::Crypto_internal, "Error in createdPublicKey value");
148 /* Create the context for generating the parameters */
149 if(!(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DSA, NULL))) {
150 LogError("Error in EVP_PKEY_CTX_new_id function");
151 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_CTX_new_id function");
154 if(EVP_SUCCESS != EVP_PKEY_paramgen_init(pctx)) {
155 LogError("Error in EVP_PKEY_paramgen_init function");
156 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_paramgen_init function");
159 if(EVP_SUCCESS != EVP_PKEY_CTX_set_dsa_paramgen_bits(pctx, size)) {
160 LogError("Error in EVP_PKEY_CTX_set_dsa_paramgen_bits(" << size << ") function");
161 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_CTX_set_dsa_paramgen_bits(" << size << ") function");
164 /* Generate parameters */
165 if(EVP_SUCCESS != EVP_PKEY_paramgen(pctx, &pparam)) {
166 LogError("Error in EVP_PKEY_paramgen function");
167 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_paramgen function");
170 // Start to generate key
171 if(!(kctx = EVP_PKEY_CTX_new(pparam, NULL))) {
172 LogError("Error in EVP_PKEY_CTX_new function");
173 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_CTX_new function");
176 if(EVP_SUCCESS != EVP_PKEY_keygen_init(kctx)) {
177 LogError("Error in EVP_PKEY_keygen_init function");
178 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_keygen_init function");
181 /* Generate the key */
182 if(EVP_SUCCESS != EVP_PKEY_keygen(kctx, &pkey)) {
183 LogError("Error in EVP_PKEY_keygen function");
184 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_keygen function");
187 Catch(CryptoService::Exception::opensslError)
194 EVP_PKEY_free(pparam);
198 EVP_PKEY_CTX_free(pctx);
202 EVP_PKEY_CTX_free(kctx);
205 ReThrowMsg(CryptoService::Exception::opensslError,"Error in openssl function !!");
208 KeyImpl::EvpShPtr ptr(pkey, EVP_PKEY_free); // shared ptr will free pkey
210 createdPrivateKey = KeyImpl(ptr, KeyType::KEY_DSA_PRIVATE);
211 createdPublicKey = KeyImpl(ptr, KeyType::KEY_DSA_PUBLIC);
214 EVP_PKEY_free(pparam);
218 EVP_PKEY_CTX_free(pctx);
222 EVP_PKEY_CTX_free(kctx);
225 return CKM_CRYPTO_CREATEKEY_SUCCESS;
229 int CryptoService::createKeyPairECDSA(ElipticCurve type,
230 KeyImpl &createdPrivateKey, // returned value
231 KeyImpl &createdPublicKey) // returned value
233 int ecCurve = NOT_DEFINED;
234 EVP_PKEY_CTX *pctx = NULL;
235 EVP_PKEY_CTX *kctx = NULL;
236 EVP_PKEY *pkey = NULL;
237 EVP_PKEY *pparam = NULL;
240 case ElipticCurve::prime192v1:
241 ecCurve = NID_X9_62_prime192v1;
243 case ElipticCurve::prime256v1:
244 ecCurve = NID_X9_62_prime256v1;
246 case ElipticCurve::secp384r1:
247 ecCurve = NID_secp384r1;
250 LogError("Error in EC type");
251 ThrowMsg(CryptoService::Exception::Crypto_internal, "Error in EC type");
254 // check the parameters of functions
255 if(&createdPrivateKey == NULL) {
256 LogError("Error in createdPrivateKey value");
257 ThrowMsg(CryptoService::Exception::Crypto_internal, "Error in createdPrivateKey value");
260 // check the parameters of functions
261 if(&createdPublicKey == NULL) {
262 LogError("Error in createdPrivateKey value");
263 ThrowMsg(CryptoService::Exception::Crypto_internal, "Error in createdPublicKey value");
267 /* Create the context for generating the parameters */
268 if(!(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))) {
269 LogError("Error in EVP_PKEY_CTX_new_id function");
270 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_CTX_new_id function");
273 if(EVP_SUCCESS != EVP_PKEY_paramgen_init(pctx)) {
274 LogError("Error in EVP_PKEY_paramgen_init function");
275 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_paramgen_init function");
278 if(EVP_SUCCESS != EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, ecCurve)) {
279 LogError("Error in EVP_PKEY_CTX_set_ec_paramgen_curve_nid function");
280 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_CTX_set_ec_paramgen_curve_nid function");
283 /* Generate parameters */
284 if(EVP_SUCCESS != EVP_PKEY_paramgen(pctx, &pparam)) {
285 LogError("Error in EVP_PKEY_paramgen function");
286 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_paramgen function");
289 // Start to generate key
290 if(!(kctx = EVP_PKEY_CTX_new(pparam, NULL))) {
291 LogError("Error in EVP_PKEY_CTX_new function");
292 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_CTX_new function");
295 if(EVP_SUCCESS != EVP_PKEY_keygen_init(kctx)) {
296 LogError("Error in EVP_PKEY_keygen_init function");
297 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_keygen_init function");
300 /* Generate the key */
301 if(EVP_SUCCESS != EVP_PKEY_keygen(kctx, &pkey)) {
302 LogError("Error in EVP_PKEY_keygen function");
303 ThrowMsg(CryptoService::Exception::opensslError, "Error in EVP_PKEY_keygen function");
305 } Catch(CryptoService::Exception::opensslError) {
311 EVP_PKEY_free(pparam);
315 EVP_PKEY_CTX_free(pctx);
319 EVP_PKEY_CTX_free(kctx);
322 ReThrowMsg(CryptoService::Exception::opensslError,"Error in openssl function !!");
325 KeyImpl::EvpShPtr ptr(pkey, EVP_PKEY_free); // shared ptr will free pkey
327 createdPrivateKey = KeyImpl(ptr, KeyType::KEY_ECDSA_PRIVATE);
328 createdPublicKey = KeyImpl(ptr, KeyType::KEY_ECDSA_PUBLIC);
331 EVP_PKEY_free(pparam);
335 EVP_PKEY_CTX_free(pctx);
339 EVP_PKEY_CTX_free(kctx);
342 return CKM_CRYPTO_CREATEKEY_SUCCESS;
346 } // namespace Crypto