1 /*
2 * Copyright (C) 2023-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "securec.h"
17 #include "string.h"
18
19 #include "openssl_adapter.h"
20 #include "openssl_class.h"
21 #include "openssl_common.h"
22 #include "openssl/pem.h"
23 #include "openssl/x509.h"
24
25 #include "algorithm_parameter.h"
26 #include "asy_key_generator_spi.h"
27 #include "detailed_rsa_key_params.h"
28 #include "log.h"
29 #include "memory.h"
30 #include "rsa_openssl_common.h"
31 #include "utils.h"
32
33 #include "rsa_asy_key_generator_openssl.h"
34
35 #define OPENSSL_BITS_PER_BYTE 8
36 #define OPENSSL_RSA_KEYPAIR_CNT 3
37 #define OPENSSL_RSA_KEYGEN_DEFAULT_PRIMES 2
38 #define MAX_KEY_SIZE 8192
39 #define MIN_KEY_SIZE 512
40 #define PRIMES_2 2
41 #define PRIMES_3 3
42 #define PRIMES_4 4
43 #define PRIMES_5 5
44
45 enum OpensslRsaKeySize {
46 OPENSSL_RSA_KEY_SIZE_BY_SPEC = 0,
47 OPENSSL_RSA_KEY_SIZE_512 = 512,
48 OPENSSL_RSA_KEY_SIZE_768 = 768,
49 OPENSSL_RSA_KEY_SIZE_1024 = 1024,
50 OPENSSL_RSA_KEY_SIZE_2048 = 2048,
51 OPENSSL_RSA_KEY_SIZE_3072 = 3072,
52 OPENSSL_RSA_KEY_SIZE_4096 = 4096,
53 OPENSSL_RSA_KEY_SIZE_8192 = 8192,
54 };
55
56 enum OpensslRsaPrimesSize {
57 OPENSSL_RSA_PRIMES_SIZE_2 = 2,
58 OPENSSL_RSA_PRIMES_SIZE_3 = 3,
59 OPENSSL_RSA_PRIMES_SIZE_4 = 4,
60 OPENSSL_RSA_PRIMES_SIZE_5 = 5,
61 };
62
63 typedef struct {
64 int32_t bits;
65 int32_t primes;
66 BIGNUM *pubExp;
67 } HcfAsyKeyGenSpiRsaParams;
68
69 typedef struct {
70 HcfAsyKeyGeneratorSpi base;
71
72 HcfAsyKeyGenSpiRsaParams *params;
73 } HcfAsyKeyGeneratorSpiRsaOpensslImpl;
74
CheckRsaKeyGenParams(HcfAsyKeyGenSpiRsaParams * params)75 static HcfResult CheckRsaKeyGenParams(HcfAsyKeyGenSpiRsaParams *params)
76 {
77 switch (params->bits) {
78 case OPENSSL_RSA_KEY_SIZE_BY_SPEC:
79 break;
80 case OPENSSL_RSA_KEY_SIZE_512:
81 case OPENSSL_RSA_KEY_SIZE_768:
82 if (params->primes != OPENSSL_RSA_PRIMES_SIZE_2) {
83 LOGE("Set invalid primes %d to Keygen bits %d.", params->primes, params->bits);
84 return HCF_INVALID_PARAMS;
85 }
86 break;
87 case OPENSSL_RSA_KEY_SIZE_1024:
88 case OPENSSL_RSA_KEY_SIZE_2048:
89 case OPENSSL_RSA_KEY_SIZE_3072:
90 if (params->primes > OPENSSL_RSA_PRIMES_SIZE_3 || params->primes < OPENSSL_RSA_PRIMES_SIZE_2) {
91 LOGE("Set invalid primes %d to Keygen bits %d.", params->primes, params->bits);
92 return HCF_INVALID_PARAMS;
93 }
94 break;
95 case OPENSSL_RSA_KEY_SIZE_4096:
96 if (params->primes > OPENSSL_RSA_PRIMES_SIZE_4 || params->primes < OPENSSL_RSA_PRIMES_SIZE_2) {
97 LOGE("Set invalid primes %d to Keygen bits %d.", params->primes, params->bits);
98 return HCF_INVALID_PARAMS;
99 }
100 break;
101 case OPENSSL_RSA_KEY_SIZE_8192: // This keySize can use primes from 2 to 5.
102 break;
103 default:
104 LOGE("The current bits %d is invalid.", params->bits);
105 return HCF_INVALID_PARAMS;
106 }
107 return HCF_SUCCESS;
108 }
109
GetOpensslPubkeyClass(void)110 static const char *GetOpensslPubkeyClass(void)
111 {
112 return OPENSSL_RSA_PUBKEY_CLASS;
113 }
114
GetOpensslPrikeyClass(void)115 static const char *GetOpensslPrikeyClass(void)
116 {
117 return OPENSSL_RSA_PRIKEY_CLASS;
118 }
119
GetOpensslKeyPairClass(void)120 static const char *GetOpensslKeyPairClass(void)
121 {
122 return OPENSSL_RSA_KEYPAIR_CLASS;
123 }
124
GetRsaPubKeySpecString(const HcfPubKey * self,const AsyKeySpecItem item,char ** returnString)125 static HcfResult GetRsaPubKeySpecString(const HcfPubKey *self, const AsyKeySpecItem item,
126 char **returnString)
127 {
128 (void)self;
129 (void)returnString;
130 LOGE("Rsa has no string attribute");
131 return HCF_NOT_SUPPORT;
132 }
133
GetRsaPubKeySpecInt(const HcfPubKey * self,const AsyKeySpecItem item,int * returnInt)134 static HcfResult GetRsaPubKeySpecInt(const HcfPubKey *self, const AsyKeySpecItem item,
135 int *returnInt)
136 {
137 (void)self;
138 (void)returnInt;
139 LOGE("Rsa has no integer attribute");
140 return HCF_NOT_SUPPORT;
141 }
142
GetRsaPriKeySpecString(const HcfPriKey * self,const AsyKeySpecItem item,char ** returnString)143 static HcfResult GetRsaPriKeySpecString(const HcfPriKey *self, const AsyKeySpecItem item,
144 char **returnString)
145 {
146 (void)self;
147 (void)returnString;
148 LOGE("Rsa has no string attribute");
149 return HCF_NOT_SUPPORT;
150 }
151
GetRsaPriKeySpecInt(const HcfPriKey * self,const AsyKeySpecItem item,int * returnInt)152 static HcfResult GetRsaPriKeySpecInt(const HcfPriKey *self, const AsyKeySpecItem item,
153 int *returnInt)
154 {
155 (void)self;
156 (void)returnInt;
157 LOGE("Rsa has no integer attribute");
158 return HCF_NOT_SUPPORT;
159 }
GetRsaPriKeyEncodedDer(const HcfPriKey * self,const char * format,HcfBlob * returnBlob)160 static HcfResult GetRsaPriKeyEncodedDer(const HcfPriKey *self, const char *format, HcfBlob *returnBlob)
161 {
162 (void)self;
163 (void)format;
164 (void)returnBlob;
165 return HCF_INVALID_PARAMS;
166 }
167
GetRsaPriKeySpecBigInteger(const HcfPriKey * self,const AsyKeySpecItem item,HcfBigInteger * returnBigInteger)168 static HcfResult GetRsaPriKeySpecBigInteger(const HcfPriKey *self, const AsyKeySpecItem item,
169 HcfBigInteger *returnBigInteger)
170 {
171 if (self == NULL || returnBigInteger == NULL) {
172 LOGE("Input params is invalid.");
173 return HCF_INVALID_PARAMS;
174 }
175 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_PRIKEY_CLASS)) {
176 LOGE("Class not match");
177 return HCF_INVALID_PARAMS;
178 }
179 HcfOpensslRsaPriKey *impl = (HcfOpensslRsaPriKey *)self;
180 if (impl->sk == NULL) {
181 LOGE("Cannot use priKey after free");
182 return HCF_INVALID_PARAMS;
183 }
184 HcfResult ret = HCF_INVALID_PARAMS;
185 if (item == RSA_N_BN) {
186 const BIGNUM *n = OpensslRsaGet0N(impl->sk);
187 if (n == NULL) {
188 LOGD("[error] fail to get n");
189 return HCF_ERR_CRYPTO_OPERATION;
190 }
191 ret = BigNumToBigInteger(n, returnBigInteger);
192 if (ret != HCF_SUCCESS) {
193 LOGD("[error] fail get RSA Big Integer n");
194 return ret;
195 }
196 } else if (item == RSA_SK_BN) {
197 const BIGNUM *d = OpensslRsaGet0D(impl->sk);
198 if (d == NULL) {
199 LOGD("[error] fail to get sk");
200 return HCF_ERR_CRYPTO_OPERATION;
201 }
202 ret = BigNumToBigInteger(d, returnBigInteger);
203 if (ret != HCF_SUCCESS) {
204 LOGE("fail get RSA Big Integer d");
205 return ret;
206 }
207 } else {
208 LOGE("Invalid RSA pri key spec");
209 return HCF_INVALID_PARAMS;
210 }
211 return ret;
212 }
213
GetRsaPubKeySpecBigInteger(const HcfPubKey * self,const AsyKeySpecItem item,HcfBigInteger * returnBigInteger)214 static HcfResult GetRsaPubKeySpecBigInteger(const HcfPubKey *self, const AsyKeySpecItem item,
215 HcfBigInteger *returnBigInteger)
216 {
217 if (self == NULL || returnBigInteger == NULL) {
218 LOGE("Input params is invalid.");
219 return HCF_INVALID_PARAMS;
220 }
221 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_PUBKEY_CLASS)) {
222 LOGE("Class not match");
223 return HCF_INVALID_PARAMS;
224 }
225 HcfOpensslRsaPubKey *impl = (HcfOpensslRsaPubKey *)self;
226 HcfResult ret = HCF_INVALID_PARAMS;
227 if (item == RSA_N_BN) {
228 const BIGNUM *n = OpensslRsaGet0N(impl->pk);
229 if (n == NULL) {
230 LOGD("[error] fail to get n");
231 return HCF_ERR_CRYPTO_OPERATION;
232 }
233 ret = BigNumToBigInteger(n, returnBigInteger);
234 if (ret != HCF_SUCCESS) {
235 LOGE("fail get RSA Big Integer n");
236 return ret;
237 }
238 } else if (item == RSA_PK_BN) {
239 const BIGNUM *e = OpensslRsaGet0E(impl->pk);
240 if (e == NULL) {
241 LOGD("[error] fail to get pk");
242 return HCF_ERR_CRYPTO_OPERATION;
243 }
244 ret = BigNumToBigInteger(e, returnBigInteger);
245 if (ret != HCF_SUCCESS) {
246 LOGE("fail get RSA Big Integer e");
247 return ret;
248 }
249 } else {
250 LOGE("Invalid RSA pub key spec");
251 return HCF_INVALID_PARAMS;
252 }
253 return ret;
254 }
255
DestroyPubKey(HcfObjectBase * self)256 static void DestroyPubKey(HcfObjectBase *self)
257 {
258 if (self == NULL) {
259 LOGE("PubKey is NULL.");
260 return;
261 }
262 if (!HcfIsClassMatch(self, OPENSSL_RSA_PUBKEY_CLASS)) {
263 LOGE("Class not match");
264 return;
265 }
266 HcfOpensslRsaPubKey *impl = (HcfOpensslRsaPubKey *)self;
267 OpensslRsaFree(impl->pk);
268 impl->pk = NULL;
269 HcfFree(self);
270 }
271
DestroyPriKey(HcfObjectBase * self)272 static void DestroyPriKey(HcfObjectBase *self)
273 {
274 if (self == NULL) {
275 LOGE("PubKey is NULL.");
276 return;
277 }
278 if (!HcfIsClassMatch(self, OPENSSL_RSA_PRIKEY_CLASS)) {
279 LOGE("Class not match");
280 return;
281 }
282 HcfOpensslRsaPriKey *impl = (HcfOpensslRsaPriKey*)self;
283 // RSA_free func will clear private information
284 OpensslRsaFree(impl->sk);
285 impl->sk = NULL;
286 HcfFree(self);
287 }
288
DestroyKeyPair(HcfObjectBase * self)289 static void DestroyKeyPair(HcfObjectBase *self)
290 {
291 if (self == NULL) {
292 LOGE("PubKey is NULL.");
293 return;
294 }
295 if (!HcfIsClassMatch(self, OPENSSL_RSA_KEYPAIR_CLASS)) {
296 LOGE("Class not match");
297 return;
298 }
299 HcfOpensslRsaKeyPair *impl = (HcfOpensslRsaKeyPair*)self;
300 if (impl->base.pubKey != NULL) {
301 DestroyPubKey((HcfObjectBase *)impl->base.pubKey);
302 impl->base.pubKey = NULL;
303 }
304 if (impl->base.priKey != NULL) {
305 DestroyPriKey((HcfObjectBase *)impl->base.priKey);
306 impl->base.priKey = NULL;
307 }
308 HcfFree(self);
309 }
310
CopyMemFromBIO(BIO * bio,HcfBlob * outBlob)311 static HcfResult CopyMemFromBIO(BIO *bio, HcfBlob *outBlob)
312 {
313 if (bio == NULL || outBlob == NULL) {
314 LOGE("Invalid input.");
315 return HCF_INVALID_PARAMS;
316 }
317 int len = BIO_pending(bio);
318 if (len < 0) {
319 LOGE("Bio len less than 0.");
320 return HCF_INVALID_PARAMS;
321 }
322 HcfBlob blob;
323 blob.len = len;
324 blob.data = (uint8_t *)HcfMalloc(sizeof(uint8_t) * len, 0);
325 if (blob.data == NULL) {
326 LOGE("Malloc mem for blob fail.");
327 return HCF_ERR_MALLOC;
328 }
329 if (OpensslBioRead(bio, blob.data, blob.len) <= 0) {
330 LOGD("[error] Bio read fail");
331 HcfPrintOpensslError();
332 HcfFree(blob.data);
333 return HCF_ERR_CRYPTO_OPERATION;
334 }
335 outBlob->len = blob.len;
336 outBlob->data = blob.data;
337 return HCF_SUCCESS;
338 }
339
CopyStrFromBIO(BIO * bio,char ** returnString)340 static HcfResult CopyStrFromBIO(BIO *bio, char **returnString)
341 {
342 if (bio == NULL || returnString == NULL) {
343 LOGE("Invalid input.");
344 return HCF_INVALID_PARAMS;
345 }
346 int len = BIO_pending(bio);
347 if (len < 0) {
348 LOGE("Bio len less than 0.");
349 return HCF_INVALID_PARAMS;
350 }
351 *returnString = (char *)HcfMalloc(len + 1, 0);
352 if (*returnString == NULL) {
353 LOGE("Malloc mem for blob fail.");
354 return HCF_ERR_MALLOC;
355 }
356 if (OpensslBioRead(bio, *returnString, len) <= 0) {
357 LOGE("Bio read fail");
358 HcfPrintOpensslError();
359 HcfFree(*returnString);
360 *returnString = NULL;
361 return HCF_ERR_CRYPTO_OPERATION;
362 }
363 return HCF_SUCCESS;
364 }
365
ConvertPubKeyFromX509(HcfBlob * x509Blob,RSA ** rsa)366 static HcfResult ConvertPubKeyFromX509(HcfBlob *x509Blob, RSA **rsa)
367 {
368 uint8_t *temp = x509Blob->data;
369 RSA *tempRsa = OpensslD2iRsaPubKey(NULL, (const unsigned char **)&temp, x509Blob->len);
370 if (tempRsa == NULL) {
371 LOGD("[error] d2i_RSA_PUBKEY fail.");
372 return HCF_ERR_CRYPTO_OPERATION;
373 }
374 *rsa = tempRsa;
375 return HCF_SUCCESS;
376 }
377
ConvertPriKeyFromPKCS8(HcfBlob * pkcs8Blob,RSA ** rsa)378 static HcfResult ConvertPriKeyFromPKCS8(HcfBlob *pkcs8Blob, RSA **rsa)
379 {
380 const unsigned char *temp = (const unsigned char *)pkcs8Blob->data;
381 EVP_PKEY *pKey = OpensslD2iAutoPrivateKey(NULL, &temp, pkcs8Blob->len);
382 if (pKey == NULL) {
383 LOGD("[error] d2i_AutoPrivateKey fail.");
384 HcfPrintOpensslError();
385 return HCF_ERR_CRYPTO_OPERATION;
386 }
387 RSA *tmpRsa = OpensslEvpPkeyGet1Rsa(pKey);
388 if (tmpRsa == NULL) {
389 LOGD("[error] EVP_PKEY_get1_RSA fail");
390 HcfPrintOpensslError();
391 OpensslEvpPkeyFree(pKey);
392 return HCF_ERR_CRYPTO_OPERATION;
393 }
394 *rsa = tmpRsa;
395 OpensslEvpPkeyFree(pKey);
396 return HCF_SUCCESS;
397 }
398
EncodePubKeyToX509(RSA * rsa,HcfBlob * returnBlob)399 static HcfResult EncodePubKeyToX509(RSA *rsa, HcfBlob *returnBlob)
400 {
401 unsigned char *tempData = NULL;
402 int len = OpensslI2dRsaPubKey(rsa, &tempData);
403 if (len <= 0) {
404 LOGD("[error] i2d_RSA_PUBKEY fail");
405 HcfPrintOpensslError();
406 return HCF_ERR_CRYPTO_OPERATION;
407 }
408 returnBlob->data = tempData;
409 returnBlob->len = len;
410 return HCF_SUCCESS;
411 }
412
EncodePriKeyToPKCS8(RSA * rsa,HcfBlob * returnBlob)413 static HcfResult EncodePriKeyToPKCS8(RSA *rsa, HcfBlob *returnBlob)
414 {
415 EVP_PKEY *pKey = NewEvpPkeyByRsa(rsa, true);
416 if (pKey == NULL) {
417 LOGD("[error] NewEvpPkeyByRsa fail.");
418 return HCF_ERR_CRYPTO_OPERATION;
419 }
420 HcfResult ret = HCF_SUCCESS;
421 BIO *bio = OpensslBioNew(OpensslBioSMem());
422 if (bio == NULL) {
423 LOGD("[error] BIO new fail.");
424 HcfPrintOpensslError();
425 ret = HCF_ERR_CRYPTO_OPERATION;
426 goto ERR2;
427 }
428 if (i2d_PKCS8PrivateKey_bio(bio, pKey, NULL, NULL, 0, NULL, NULL) != HCF_OPENSSL_SUCCESS) {
429 LOGD("[error] i2b_PrivateKey_bio fail.");
430 HcfPrintOpensslError();
431 ret = HCF_ERR_CRYPTO_OPERATION;
432 goto ERR1;
433 }
434 if (CopyMemFromBIO(bio, returnBlob) != HCF_SUCCESS) {
435 LOGD("[error] CopyMemFromBIO fail.");
436 ret = HCF_ERR_CRYPTO_OPERATION;
437 goto ERR1;
438 }
439 ERR1:
440 OpensslBioFreeAll(bio);
441 ERR2:
442 OpensslEvpPkeyFree(pKey);
443 return ret;
444 }
445
GetPubKeyEncoded(HcfKey * self,HcfBlob * returnBlob)446 static HcfResult GetPubKeyEncoded(HcfKey *self, HcfBlob *returnBlob)
447 {
448 if (self == NULL || returnBlob == NULL) {
449 LOGE("Input params is invalid.");
450 return HCF_INVALID_PARAMS;
451 }
452 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_PUBKEY_CLASS)) {
453 LOGE("Class not match.");
454 return HCF_INVALID_PARAMS;
455 }
456 HcfOpensslRsaPubKey *impl = (HcfOpensslRsaPubKey *)self;
457 return EncodePubKeyToX509(impl->pk, returnBlob);
458 }
459
GetPubKeyPkcs1Pem(RSA * pk,char ** returnString)460 static HcfResult GetPubKeyPkcs1Pem(RSA *pk, char **returnString)
461 {
462 BIO *bio = OpensslBioNew(OpensslBioSMem());
463 if (bio == NULL) {
464 LOGE("BIO new fail.");
465 HcfPrintOpensslError();
466 return HCF_ERR_CRYPTO_OPERATION;
467 }
468 int ret = OpensslPemWriteBioRsaPublicKey(bio, pk);
469 if (ret != HCF_OPENSSL_SUCCESS) {
470 LOGE("OpensslPemWriteBioRsaPublicKey fail.");
471 HcfPrintOpensslError();
472 OpensslBioFreeAll(bio);
473 return HCF_ERR_CRYPTO_OPERATION;
474 }
475 if (CopyStrFromBIO(bio, returnString) != HCF_SUCCESS) {
476 LOGE("CopyMemFromBIO fail.");
477 OpensslBioFreeAll(bio);
478 return HCF_ERR_CRYPTO_OPERATION;
479 }
480 OpensslBioFreeAll(bio);
481 return HCF_SUCCESS;
482 }
483
GetPubKeyX509Pem(RSA * pk,char ** returnString)484 static HcfResult GetPubKeyX509Pem(RSA *pk, char **returnString)
485 {
486 BIO *bio = OpensslBioNew(OpensslBioSMem());
487 if (bio == NULL) {
488 LOGE("BIO new fail.");
489 HcfPrintOpensslError();
490 return HCF_ERR_CRYPTO_OPERATION;
491 }
492 int ret = OpensslPemWriteBioRsaPubKey(bio, pk);
493 if (ret != HCF_OPENSSL_SUCCESS) {
494 LOGE("OpensslPemWriteBioRsaPubKey fail.");
495 HcfPrintOpensslError();
496 OpensslBioFreeAll(bio);
497 return HCF_ERR_CRYPTO_OPERATION;
498 }
499 if (CopyStrFromBIO(bio, returnString) != HCF_SUCCESS) {
500 LOGE("CopyMemFromBIO fail.");
501 OpensslBioFreeAll(bio);
502 return HCF_ERR_CRYPTO_OPERATION;
503 }
504 OpensslBioFreeAll(bio);
505 return HCF_SUCCESS;
506 }
507
GetPubKeyPem(const char * format,RSA * pk,char ** returnString)508 static HcfResult GetPubKeyPem(const char *format, RSA *pk, char **returnString)
509 {
510 HcfResult result;
511 if (strcmp(format, "PKCS1") == 0) {
512 result = GetPubKeyPkcs1Pem(pk, returnString);
513 if (result != HCF_SUCCESS) {
514 return result;
515 }
516 }
517 if (strcmp(format, "X509") == 0) {
518 result = GetPubKeyX509Pem(pk, returnString);
519 if (result != HCF_SUCCESS) {
520 return result;
521 }
522 }
523 return HCF_SUCCESS;
524 }
525
526
GetPubKeyEncodedPem(HcfKey * self,const char * format,char ** returnString)527 static HcfResult GetPubKeyEncodedPem(HcfKey *self, const char *format, char **returnString)
528 {
529 if (self == NULL || format == NULL|| returnString == NULL) {
530 LOGE("param is null.");
531 return HCF_INVALID_PARAMS;
532 }
533 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_PUBKEY_CLASS)) {
534 LOGE("Class not match.");
535 return HCF_INVALID_PARAMS;
536 }
537 const char *outPutStruct = NULL;
538 if (strcmp(format, "PKCS1") == 0) {
539 outPutStruct = "pkcs1";
540 } else if (strcmp(format, "X509") == 0) {
541 outPutStruct = "subjectPublicKeyInfo";
542 } else {
543 LOGE("format is invalid.");
544 return HCF_INVALID_PARAMS;
545 }
546 HcfOpensslRsaPubKey *impl = (HcfOpensslRsaPubKey *)self;
547 EVP_PKEY *pkey = NewEvpPkeyByRsa(impl->pk, true);
548 if (pkey == NULL) {
549 LOGE("NewEvpPkeyByRsa failed.");
550 return HCF_ERR_CRYPTO_OPERATION;
551 }
552 HcfResult result = GetKeyEncodedPem(pkey, outPutStruct, EVP_PKEY_PUBLIC_KEY, returnString);
553 OpensslEvpPkeyFree(pkey);
554 if (result != HCF_SUCCESS) {
555 if (GetPubKeyPem(format, impl->pk, returnString) != HCF_SUCCESS) {
556 LOGE("GetPubKeyPem failed.");
557 return HCF_ERR_CRYPTO_OPERATION;
558 }
559 }
560 return HCF_SUCCESS;
561 }
562
GetPriKeyEncoded(HcfKey * self,HcfBlob * returnBlob)563 static HcfResult GetPriKeyEncoded(HcfKey *self, HcfBlob *returnBlob)
564 {
565 if (self == NULL || returnBlob == NULL) {
566 LOGE("Key is null.");
567 return HCF_INVALID_PARAMS;
568 }
569
570 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_PRIKEY_CLASS)) {
571 LOGE("Class not match.");
572 return HCF_INVALID_PARAMS;
573 }
574 HcfOpensslRsaPriKey *impl = (HcfOpensslRsaPriKey *)self;
575 const BIGNUM *p = NULL;
576 const BIGNUM *q = NULL;
577 OpensslRsaGet0Factors(impl->sk, &p, &q);
578 if (p == NULL || q == NULL) {
579 LOGD("[error] RSA private key missing p, q, not support to get encoded PK");
580 return HCF_NOT_SUPPORT;
581 }
582 return EncodePriKeyToPKCS8(impl->sk, returnBlob);
583 }
584
GetPrikeyPkcs8Pem(EVP_PKEY * pkey,char ** returnString)585 static HcfResult GetPrikeyPkcs8Pem(EVP_PKEY *pkey, char **returnString)
586 {
587 BIO *bio = OpensslBioNew(OpensslBioSMem());
588 if (bio == NULL) {
589 LOGE("BIO new fail.");
590 HcfPrintOpensslError();
591 return HCF_ERR_CRYPTO_OPERATION;
592 }
593 int ret = PEM_write_bio_PKCS8PrivateKey(bio, pkey, NULL, NULL, 0, NULL, NULL);
594 if (ret != HCF_OPENSSL_SUCCESS) {
595 LOGE("OpensslPemWriteBioPkcs8PrivateKey fail.");
596 HcfPrintOpensslError();
597 OpensslBioFreeAll(bio);
598 return HCF_ERR_CRYPTO_OPERATION;
599 }
600 if (CopyStrFromBIO(bio, returnString) != HCF_SUCCESS) {
601 LOGE("CopyMemFromBIO fail.");
602 OpensslBioFreeAll(bio);
603 return HCF_ERR_CRYPTO_OPERATION;
604 }
605 OpensslBioFreeAll(bio);
606 return HCF_SUCCESS;
607 }
608
GetPrikeyPkcs1Pem(RSA * sk,char ** returnString)609 static HcfResult GetPrikeyPkcs1Pem(RSA *sk, char **returnString)
610 {
611 BIO *bio = OpensslBioNew(OpensslBioSMem());
612 if (bio == NULL) {
613 LOGE("BIO new fail.");
614 HcfPrintOpensslError();
615 return HCF_ERR_CRYPTO_OPERATION;
616 }
617 int ret = PEM_write_bio_RSAPrivateKey(bio, sk, NULL, NULL, 0, NULL, NULL);
618 if (ret != HCF_OPENSSL_SUCCESS) {
619 LOGE("OpensslPemWriteBioRsaPrivateKey fail.");
620 HcfPrintOpensslError();
621 OpensslBioFreeAll(bio);
622 return HCF_ERR_CRYPTO_OPERATION;
623 }
624 if (CopyStrFromBIO(bio, returnString) != HCF_SUCCESS) {
625 LOGE("CopyStrFromBIO fail.");
626 OpensslBioFreeAll(bio);
627 return HCF_ERR_CRYPTO_OPERATION;
628 }
629 OpensslBioFreeAll(bio);
630 return HCF_SUCCESS;
631 }
632
GetPriKeyPem(const char * format,EVP_PKEY * pkey,RSA * sk,char ** returnString)633 static HcfResult GetPriKeyPem(const char *format, EVP_PKEY *pkey, RSA *sk, char **returnString)
634 {
635 HcfResult result;
636 if (strcmp(format, "PKCS8") == 0) {
637 result = GetPrikeyPkcs8Pem(pkey, returnString);
638 if (result != HCF_SUCCESS) {
639 return result;
640 }
641 }
642 if (strcmp(format, "PKCS1") == 0) {
643 result = GetPrikeyPkcs1Pem(sk, returnString);
644 if (result != HCF_SUCCESS) {
645 return result;
646 }
647 }
648 return HCF_SUCCESS;
649 }
650
GetPriKeyEncodedPem(HcfKey * self,const char * format,char ** returnString)651 static HcfResult GetPriKeyEncodedPem(HcfKey *self, const char *format, char **returnString)
652 {
653 if (self == NULL || format == NULL|| returnString == NULL) {
654 LOGE("param is null.");
655 return HCF_INVALID_PARAMS;
656 }
657
658 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_PRIKEY_CLASS)) {
659 LOGE("Class not match.");
660 return HCF_INVALID_PARAMS;
661 }
662 char *outPutStruct = NULL;
663 if (strcmp(format, "PKCS1") == 0) {
664 outPutStruct = "type-specific";
665 } else if (strcmp(format, "PKCS8") == 0) {
666 outPutStruct = "PrivateKeyInfo";
667 } else {
668 LOGE("format is invalid.");
669 return HCF_INVALID_PARAMS;
670 }
671
672 HcfOpensslRsaPriKey *impl = (HcfOpensslRsaPriKey *)self;
673 EVP_PKEY *pkey = NewEvpPkeyByRsa(impl->sk, true);
674 if (pkey == NULL) {
675 LOGE("NewEvpPkeyByRsa failed.");
676 return HCF_ERR_CRYPTO_OPERATION;
677 }
678
679 HcfResult result = GetKeyEncodedPem(pkey, outPutStruct, EVP_PKEY_KEYPAIR, returnString);
680 if (result != HCF_SUCCESS) {
681 if (GetPriKeyPem(format, pkey, impl->sk, returnString) != HCF_SUCCESS) {
682 LOGE("GetPriKeyPem failed.");
683 OpensslEvpPkeyFree(pkey);
684 return HCF_ERR_CRYPTO_OPERATION;
685 }
686 }
687 OpensslEvpPkeyFree(pkey);
688 return HCF_SUCCESS;
689 }
690
GetPubKeyFormat(HcfKey * self)691 static const char *GetPubKeyFormat(HcfKey *self)
692 {
693 if (self == NULL) {
694 LOGE("Invalid input parameter.");
695 return NULL;
696 }
697 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_PUBKEY_CLASS)) {
698 return NULL;
699 }
700 return OPENSSL_RSA_PUBKEY_FORMAT;
701 }
702
GetPriKeyFormat(HcfKey * self)703 static const char *GetPriKeyFormat(HcfKey *self)
704 {
705 if (self == NULL) {
706 LOGE("Invalid input parameter.");
707 return NULL;
708 }
709 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_PRIKEY_CLASS)) {
710 return NULL;
711 }
712 return OPENSSL_RSA_PRIKEY_FORMAT;
713 }
714
GetPriKeyAlgorithm(HcfKey * self)715 static const char *GetPriKeyAlgorithm(HcfKey *self)
716 {
717 if (self == NULL) {
718 LOGE("Invalid input parameter.");
719 return NULL;
720 }
721 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_PRIKEY_CLASS)) {
722 return NULL;
723 }
724 return OPENSSL_RSA_ALGORITHM;
725 }
726
GetPubKeyAlgorithm(HcfKey * self)727 static const char *GetPubKeyAlgorithm(HcfKey *self)
728 {
729 if (self == NULL) {
730 LOGE("Invalid input parameter.");
731 return NULL;
732 }
733 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_PUBKEY_CLASS)) {
734 return NULL;
735 }
736 return OPENSSL_RSA_ALGORITHM;
737 }
738
ClearPriKeyMem(HcfPriKey * self)739 static void ClearPriKeyMem(HcfPriKey *self)
740 {
741 if (self == NULL) {
742 LOGE("PriKey is NULL.");
743 return;
744 }
745 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_PRIKEY_CLASS)) {
746 LOGE("Class not match");
747 return;
748 }
749 HcfOpensslRsaPriKey *impl = (HcfOpensslRsaPriKey *)self;
750 OpensslRsaFree(impl->sk);
751 impl->sk = NULL;
752 }
753
GetRsaPubKeyEncodedDer(const HcfPubKey * self,const char * format,HcfBlob * returnBlob)754 static HcfResult GetRsaPubKeyEncodedDer(const HcfPubKey *self, const char *format, HcfBlob *returnBlob)
755 {
756 (void)self;
757 (void)format;
758 (void)returnBlob;
759 return HCF_INVALID_PARAMS;
760 }
761
PackPubKey(RSA * rsaPubKey,HcfOpensslRsaPubKey ** retPubKey)762 static HcfResult PackPubKey(RSA *rsaPubKey, HcfOpensslRsaPubKey **retPubKey)
763 {
764 if (retPubKey == NULL || rsaPubKey == NULL) {
765 LOGE("Invalid params");
766 return HCF_INVALID_PARAMS;
767 }
768 *retPubKey = (HcfOpensslRsaPubKey *)HcfMalloc(sizeof(HcfOpensslRsaPubKey), 0);
769 if (*retPubKey == NULL) {
770 LOGE("Malloc retPubKey fail");
771 return HCF_ERR_MALLOC;
772 }
773 (*retPubKey)->pk = rsaPubKey;
774 (*retPubKey)->bits = (uint32_t)OpensslRsaBits(rsaPubKey);
775 (*retPubKey)->base.base.getAlgorithm = GetPubKeyAlgorithm;
776 (*retPubKey)->base.base.getEncoded = GetPubKeyEncoded;
777 (*retPubKey)->base.base.getEncodedPem = GetPubKeyEncodedPem;
778 (*retPubKey)->base.base.getFormat = GetPubKeyFormat;
779 (*retPubKey)->base.base.base.getClass = GetOpensslPubkeyClass;
780 (*retPubKey)->base.base.base.destroy = DestroyPubKey;
781 (*retPubKey)->base.getAsyKeySpecBigInteger = GetRsaPubKeySpecBigInteger;
782 (*retPubKey)->base.getAsyKeySpecString = GetRsaPubKeySpecString;
783 (*retPubKey)->base.getAsyKeySpecInt = GetRsaPubKeySpecInt;
784 (*retPubKey)->base.getEncodedDer = GetRsaPubKeyEncodedDer;
785 return HCF_SUCCESS;
786 }
787
788 // spec中,prikey只有n,e,d,没有p, q
PackPriKey(RSA * rsaPriKey,HcfOpensslRsaPriKey ** retPriKey)789 static HcfResult PackPriKey(RSA *rsaPriKey, HcfOpensslRsaPriKey **retPriKey)
790 {
791 if (retPriKey == NULL || rsaPriKey == NULL) {
792 LOGE("Invalid params");
793 return HCF_INVALID_PARAMS;
794 }
795 *retPriKey = (HcfOpensslRsaPriKey *)HcfMalloc(sizeof(HcfOpensslRsaPriKey), 0);
796 if (*retPriKey == NULL) {
797 LOGE("Malloc retPriKey fail");
798 return HCF_ERR_MALLOC;
799 }
800 (*retPriKey)->sk = rsaPriKey;
801 (*retPriKey)->bits = (uint32_t)OpensslRsaBits(rsaPriKey);
802 (*retPriKey)->base.clearMem = ClearPriKeyMem;
803 (*retPriKey)->base.base.getAlgorithm = GetPriKeyAlgorithm;
804 (*retPriKey)->base.base.getEncoded = GetPriKeyEncoded;
805 (*retPriKey)->base.base.getEncodedPem = GetPriKeyEncodedPem;
806 (*retPriKey)->base.base.getFormat = GetPriKeyFormat;
807 (*retPriKey)->base.base.base.getClass = GetOpensslPrikeyClass;
808 (*retPriKey)->base.base.base.destroy = DestroyPriKey;
809 (*retPriKey)->base.getAsyKeySpecBigInteger = GetRsaPriKeySpecBigInteger;
810 (*retPriKey)->base.getAsyKeySpecString = GetRsaPriKeySpecString;
811 (*retPriKey)->base.getAsyKeySpecInt = GetRsaPriKeySpecInt;
812 (*retPriKey)->base.getEncodedDer = GetRsaPriKeyEncodedDer;
813 return HCF_SUCCESS;
814 }
815
DuplicatePkAndSkFromRSA(RSA * rsa,RSA ** pubKey,RSA ** priKey)816 static HcfResult DuplicatePkAndSkFromRSA(RSA *rsa, RSA **pubKey, RSA **priKey)
817 {
818 if (rsa == NULL) {
819 LOGE("Rsa is NULL.");
820 return HCF_INVALID_PARAMS;
821 }
822 if (DuplicateRsa(rsa, false, pubKey) != HCF_SUCCESS) {
823 LOGD("[error] Duplicate pubkey rsa fail");
824 return HCF_ERR_CRYPTO_OPERATION;
825 }
826 if (DuplicateRsa(rsa, true, priKey) != HCF_SUCCESS) {
827 LOGD("[error] Duplicate prikey rsa fail");
828 OpensslRsaFree(*pubKey);
829 *pubKey = NULL;
830 return HCF_ERR_CRYPTO_OPERATION;
831 }
832 return HCF_SUCCESS;
833 }
834
PackKeyPair(RSA * rsa,uint32_t realBits,HcfOpensslRsaKeyPair ** retKeyPair)835 static HcfResult PackKeyPair(RSA *rsa, uint32_t realBits, HcfOpensslRsaKeyPair **retKeyPair)
836 {
837 if (retKeyPair == NULL || rsa == NULL) {
838 LOGE("Invalid params");
839 return HCF_INVALID_PARAMS;
840 }
841 RSA *pubKey = NULL;
842 RSA *priKey = NULL;
843 if (DuplicatePkAndSkFromRSA(rsa, &pubKey, &priKey) != HCF_SUCCESS) {
844 LOGD("[error] DuplicatePkAndSkFromRSA fail");
845 return HCF_ERR_CRYPTO_OPERATION;
846 }
847 HcfResult ret = HCF_SUCCESS;
848 *retKeyPair = (HcfOpensslRsaKeyPair *)HcfMalloc(sizeof(HcfOpensslRsaKeyPair), 0);
849 if (*retKeyPair == NULL) {
850 LOGE("Malloc keypair fail");
851 OpensslRsaFree(pubKey);
852 OpensslRsaFree(priKey);
853 return HCF_ERR_MALLOC;
854 }
855 HcfOpensslRsaPriKey *priKeyImpl = NULL;
856 HcfOpensslRsaPubKey *pubKeyImpl = NULL;
857 ret = PackPubKey(pubKey, &pubKeyImpl);
858 if (ret != HCF_SUCCESS) {
859 LOGE("Pack pubKey fail.");
860 goto ERR2;
861 }
862 ret = PackPriKey(priKey, &priKeyImpl);
863 if (ret != HCF_SUCCESS) {
864 LOGE("Pack priKey fail.");
865 goto ERR1;
866 }
867 (*retKeyPair)->base.priKey = (HcfPriKey *)priKeyImpl;
868 (*retKeyPair)->base.pubKey = (HcfPubKey *)pubKeyImpl;
869 (*retKeyPair)->base.base.getClass = GetOpensslKeyPairClass;
870 (*retKeyPair)->base.base.destroy = DestroyKeyPair;
871 return HCF_SUCCESS;
872 ERR1:
873 HcfFree(pubKeyImpl);
874 ERR2:
875 OpensslRsaFree(pubKey);
876 OpensslRsaFree(priKey);
877 HcfFree(*retKeyPair);
878 *retKeyPair = NULL;
879 return ret;
880 }
881
GetRealPrimes(int32_t primesFlag)882 static int32_t GetRealPrimes(int32_t primesFlag)
883 {
884 switch (primesFlag) {
885 case OPENSSL_RSA_PRIMES_SIZE_2:
886 return PRIMES_2;
887 case OPENSSL_RSA_PRIMES_SIZE_3:
888 return PRIMES_3;
889 case OPENSSL_RSA_PRIMES_SIZE_4:
890 return PRIMES_4;
891 case OPENSSL_RSA_PRIMES_SIZE_5:
892 return PRIMES_5;
893 default:
894 LOGD("set default primes 2");
895 return PRIMES_2;
896 }
897 }
898
GenerateKeyPair(HcfAsyKeyGenSpiRsaParams * params,HcfKeyPair ** keyPair)899 static HcfResult GenerateKeyPair(HcfAsyKeyGenSpiRsaParams *params, HcfKeyPair **keyPair)
900 {
901 // check input params is valid
902 HcfResult res = CheckRsaKeyGenParams(params);
903 if (res != HCF_SUCCESS) {
904 LOGE("Rsa CheckRsaKeyGenParams fail.");
905 return HCF_INVALID_PARAMS;
906 }
907 // Generate keyPair RSA
908 RSA *rsa = OpensslRsaNew();
909 if (rsa == NULL) {
910 LOGE("new RSA fail.");
911 return HCF_ERR_MALLOC;
912 }
913 LOGD("keygen bits is %d, primes is %d", params->bits, GetRealPrimes(params->primes));
914 if (GetRealPrimes(params->primes) != OPENSSL_RSA_KEYGEN_DEFAULT_PRIMES) {
915 if (RSA_generate_multi_prime_key(rsa, params->bits, GetRealPrimes(params->primes), params->pubExp, NULL)
916 != HCF_OPENSSL_SUCCESS) {
917 LOGD("[error] Generate multi-primes rsa key fail");
918 HcfPrintOpensslError();
919 OpensslRsaFree(rsa);
920 return HCF_ERR_CRYPTO_OPERATION;
921 }
922 } else {
923 if (RSA_generate_key_ex(rsa, params->bits, params->pubExp, NULL) != HCF_OPENSSL_SUCCESS) {
924 LOGD("[error] Generate rsa key fail");
925 HcfPrintOpensslError();
926 OpensslRsaFree(rsa);
927 return HCF_ERR_CRYPTO_OPERATION;
928 }
929 }
930
931 // devided to pk and sk;
932 HcfOpensslRsaKeyPair *keyPairImpl = NULL;
933 res = PackKeyPair(rsa, params->bits, &keyPairImpl);
934 if (res != HCF_SUCCESS) {
935 LOGE("Generate keyPair fail.");
936 OpensslRsaFree(rsa);
937 return res;
938 }
939 *keyPair = (HcfKeyPair *)keyPairImpl;
940 OpensslRsaFree(rsa);
941 LOGD("Generate keypair success.");
942 return res;
943 }
944
EngineGenerateKeyPair(HcfAsyKeyGeneratorSpi * self,HcfKeyPair ** keyPair)945 static HcfResult EngineGenerateKeyPair(HcfAsyKeyGeneratorSpi *self, HcfKeyPair **keyPair)
946 {
947 if (self == NULL || keyPair == NULL) {
948 LOGE("Invalid params.");
949 return HCF_INVALID_PARAMS;
950 }
951 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_GENERATOR_CLASS)) {
952 LOGE("Class not match.");
953 return HCF_INVALID_PARAMS;
954 }
955 HcfAsyKeyGeneratorSpiRsaOpensslImpl *impl = (HcfAsyKeyGeneratorSpiRsaOpensslImpl *)self;
956 return GenerateKeyPair(impl->params, keyPair);
957 }
958
GetKeyGeneratorClass(void)959 static const char *GetKeyGeneratorClass(void)
960 {
961 return OPENSSL_RSA_GENERATOR_CLASS;
962 }
963
DestroyKeyGeneratorSpiImpl(HcfObjectBase * self)964 static void DestroyKeyGeneratorSpiImpl(HcfObjectBase *self)
965 {
966 if (self == NULL) {
967 LOGE("DestroyKeyGeneratorSpiImpl is null");
968 return;
969 }
970 if (!HcfIsClassMatch(self, OPENSSL_RSA_GENERATOR_CLASS)) {
971 LOGE("Class not match.");
972 return;
973 }
974 // destroy pubExp first.
975 HcfAsyKeyGeneratorSpiRsaOpensslImpl *impl = (HcfAsyKeyGeneratorSpiRsaOpensslImpl *)self;
976 if (impl->params != NULL && impl->params->pubExp != NULL) {
977 OpensslBnFree(impl->params->pubExp);
978 }
979 HcfFree(impl->params);
980 impl->params = NULL;
981 HcfFree(self);
982 }
983
ConvertPubKey(HcfBlob * pubKeyBlob,HcfOpensslRsaPubKey ** pubkeyRet)984 static HcfResult ConvertPubKey(HcfBlob *pubKeyBlob, HcfOpensslRsaPubKey **pubkeyRet)
985 {
986 RSA *rsaPk = NULL;
987 if (ConvertPubKeyFromX509(pubKeyBlob, &rsaPk) != HCF_SUCCESS) {
988 LOGD("[error] Convert pubKey from X509 fail.");
989 return HCF_ERR_CRYPTO_OPERATION;
990 }
991 HcfOpensslRsaPubKey *pubKey = NULL;
992 HcfResult ret = PackPubKey(rsaPk, &pubKey);
993 if (ret != HCF_SUCCESS) {
994 LOGD("[error] PackPubKey fail");
995 goto ERR;
996 }
997 *pubkeyRet = pubKey;
998 return ret;
999 ERR:
1000 OpensslRsaFree(rsaPk);
1001 return ret;
1002 }
1003
ConvertPemKeyToKey(const char * keyStr,int selection,RSA ** rsa)1004 static HcfResult ConvertPemKeyToKey(const char *keyStr, int selection, RSA **rsa)
1005 {
1006 EVP_PKEY *pkey = NULL;
1007 const char *inputType = "PEM";
1008 const char *keytype = "RSA";
1009 OSSL_DECODER_CTX *ctx = OpensslOsslDecoderCtxNewForPkey(&pkey, inputType,
1010 NULL, keytype, selection, NULL, NULL);
1011 if (ctx == NULL) {
1012 LOGE("OpensslOsslDecoderCtxNewForPkey fail.");
1013 HcfPrintOpensslError();
1014 return HCF_ERR_CRYPTO_OPERATION;
1015 }
1016 size_t pdataLen = strlen(keyStr);
1017 const unsigned char *pdata = (const unsigned char *)keyStr;
1018 int ret = OpensslOsslDecoderFromData(ctx, &pdata, &pdataLen);
1019 OpensslOsslDecoderCtxFree(ctx);
1020 if (ret != HCF_OPENSSL_SUCCESS) {
1021 LOGE("OpensslOsslDecoderFromData failed.");
1022 HcfPrintOpensslError();
1023 OpensslEvpPkeyFree(pkey);
1024 return HCF_ERR_CRYPTO_OPERATION;
1025 }
1026 *rsa = OpensslEvpPkeyGet1Rsa(pkey);
1027 OpensslEvpPkeyFree(pkey);
1028 if (*rsa == NULL) {
1029 LOGE("OpensslEvpPkeyGet1Rsa fail.");
1030 HcfPrintOpensslError();
1031 return HCF_ERR_CRYPTO_OPERATION;
1032 }
1033 return HCF_SUCCESS;
1034 }
1035
ConvertPemPubKey(const char * pubKeyStr,int selection,HcfOpensslRsaPubKey ** pubKeyRet)1036 static HcfResult ConvertPemPubKey(const char *pubKeyStr, int selection, HcfOpensslRsaPubKey **pubKeyRet)
1037 {
1038 RSA *rsaPk = NULL;
1039 HcfResult ret;
1040 ret = ConvertPemKeyToKey(pubKeyStr, selection, &rsaPk);
1041 if (ret != HCF_SUCCESS) {
1042 LOGE("ConvertPemKeyToKey failed.");
1043 return ret;
1044 }
1045
1046 HcfOpensslRsaPubKey *pubKey = NULL;
1047 HcfResult result = PackPubKey(rsaPk, &pubKey);
1048 if (result != HCF_SUCCESS) {
1049 LOGE("PackPubKey fail.");
1050 OpensslRsaFree(rsaPk);
1051 return result;
1052 }
1053 *pubKeyRet = pubKey;
1054 return HCF_SUCCESS;
1055 }
1056
ConvertPriKey(HcfBlob * priKeyBlob,HcfOpensslRsaPriKey ** priKeyRet)1057 static HcfResult ConvertPriKey(HcfBlob *priKeyBlob, HcfOpensslRsaPriKey **priKeyRet)
1058 {
1059 RSA *rsaSk = NULL;
1060 if (ConvertPriKeyFromPKCS8(priKeyBlob, &rsaSk) != HCF_SUCCESS) {
1061 LOGE("ConvertPriKeyFromPKCS8 fail.");
1062 return HCF_ERR_MALLOC;
1063 }
1064 HcfOpensslRsaPriKey *priKey = NULL;
1065 HcfResult ret = PackPriKey(rsaSk, &priKey);
1066 if (ret != HCF_SUCCESS) {
1067 LOGD("[error] PackPriKey fail");
1068 goto ERR;
1069 }
1070 *priKeyRet = priKey;
1071 return ret;
1072 ERR:
1073 OpensslRsaFree(rsaSk);
1074 return ret;
1075 }
1076
ConvertPemPriKey(const char * priKeyStr,int selection,HcfOpensslRsaPriKey ** priKeyRet)1077 static HcfResult ConvertPemPriKey(const char *priKeyStr, int selection, HcfOpensslRsaPriKey **priKeyRet)
1078 {
1079 RSA *rsaSk = NULL;
1080 HcfResult ret;
1081 ret = ConvertPemKeyToKey(priKeyStr, selection, &rsaSk);
1082 if (ret != HCF_SUCCESS) {
1083 LOGE("ConvertPemKeyToKey failed.");
1084 return ret;
1085 }
1086 HcfOpensslRsaPriKey *priKey = NULL;
1087 HcfResult result = PackPriKey(rsaSk, &priKey);
1088 if (result != HCF_SUCCESS) {
1089 LOGE("PackPriKey fail.");
1090 OpensslRsaFree(rsaSk);
1091 return result;
1092 }
1093 *priKeyRet = priKey;
1094 return HCF_SUCCESS;
1095 }
1096
EngineConvertKey(HcfAsyKeyGeneratorSpi * self,HcfParamsSpec * params,HcfBlob * pubKeyBlob,HcfBlob * priKeyBlob,HcfKeyPair ** returnKeyPair)1097 static HcfResult EngineConvertKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec *params, HcfBlob *pubKeyBlob,
1098 HcfBlob *priKeyBlob, HcfKeyPair **returnKeyPair)
1099 {
1100 (void)params;
1101 if ((self == NULL) || (returnKeyPair == NULL) || ((pubKeyBlob == NULL) && (priKeyBlob == NULL))) {
1102 LOGE("ConvertKeyParams is invalid.");
1103 return HCF_INVALID_PARAMS;
1104 }
1105 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_GENERATOR_CLASS)) {
1106 LOGE("Class not match.");
1107 return HCF_INVALID_PARAMS;
1108 }
1109
1110 HcfOpensslRsaPubKey *pubKey = NULL;
1111 if ((pubKeyBlob != NULL) && (pubKeyBlob->len != 0) && (pubKeyBlob->data != NULL)) {
1112 if (ConvertPubKey(pubKeyBlob, &pubKey) != HCF_SUCCESS) {
1113 LOGE("convert pubkey fail.");
1114 return HCF_INVALID_PARAMS;
1115 }
1116 }
1117
1118 HcfOpensslRsaPriKey *priKey = NULL;
1119 if ((priKeyBlob != NULL) && (priKeyBlob->len != 0) && (priKeyBlob->data != NULL)) {
1120 if (ConvertPriKey(priKeyBlob, &priKey) != HCF_SUCCESS) {
1121 LOGE("convert prikey fail.");
1122 HcfObjDestroy((HcfObjectBase *)pubKey);
1123 return HCF_INVALID_PARAMS;
1124 }
1125 }
1126
1127 if (pubKey == NULL && priKey == NULL) {
1128 LOGE("Convert key failed with invalid blob");
1129 return HCF_INVALID_PARAMS;
1130 }
1131
1132 HcfOpensslRsaKeyPair *keyPair = (HcfOpensslRsaKeyPair *)HcfMalloc(sizeof(HcfOpensslRsaKeyPair), 0);
1133 if (keyPair == NULL) {
1134 LOGE("Malloc keyPair fail.");
1135 HcfObjDestroy((HcfObjectBase *)pubKey);
1136 HcfObjDestroy((HcfObjectBase *)priKey);
1137 return HCF_ERR_MALLOC;
1138 }
1139
1140 keyPair->base.priKey = (HcfPriKey *)priKey;
1141 keyPair->base.pubKey = (HcfPubKey *)pubKey;
1142 keyPair->base.base.getClass = GetOpensslKeyPairClass;
1143 keyPair->base.base.destroy = DestroyKeyPair;
1144 *returnKeyPair = (HcfKeyPair *)keyPair;
1145 return HCF_SUCCESS;
1146 }
1147
EngineConvertPemKey(HcfAsyKeyGeneratorSpi * self,HcfParamsSpec * params,const char * pubKeyStr,const char * priKeyStr,HcfKeyPair ** returnKeyPair)1148 static HcfResult EngineConvertPemKey(HcfAsyKeyGeneratorSpi *self, HcfParamsSpec *params, const char *pubKeyStr,
1149 const char *priKeyStr, HcfKeyPair **returnKeyPair)
1150 {
1151 (void)params;
1152 if ((self == NULL) || (returnKeyPair == NULL) || ((pubKeyStr == NULL) && (priKeyStr == NULL))) {
1153 LOGE("ConvertPemKeyParams is invalid.");
1154 return HCF_INVALID_PARAMS;
1155 }
1156 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_GENERATOR_CLASS)) {
1157 LOGE("Class not match.");
1158 return HCF_INVALID_PARAMS;
1159 }
1160 HcfOpensslRsaPubKey *pubKey = NULL;
1161 if (pubKeyStr != NULL && strlen(pubKeyStr) != 0) {
1162 if (ConvertPemPubKey(pubKeyStr, EVP_PKEY_PUBLIC_KEY, &pubKey) != HCF_SUCCESS) {
1163 LOGE("convert pubkey fail.");
1164 return HCF_ERR_CRYPTO_OPERATION;
1165 }
1166 }
1167 HcfOpensslRsaPriKey *priKey = NULL;
1168 if (priKeyStr != NULL && strlen(priKeyStr) != 0) {
1169 if (ConvertPemPriKey(priKeyStr, EVP_PKEY_KEYPAIR, &priKey) != HCF_SUCCESS) {
1170 LOGE("convert prikey fail.");
1171 HcfObjDestroy((HcfObjectBase *)pubKey);
1172 return HCF_ERR_CRYPTO_OPERATION;
1173 }
1174 }
1175
1176 HcfOpensslRsaKeyPair *keyPair = (HcfOpensslRsaKeyPair *)HcfMalloc(sizeof(HcfOpensslRsaKeyPair), 0);
1177 if (keyPair == NULL) {
1178 LOGE("Malloc keyPair fail.");
1179 HcfObjDestroy((HcfObjectBase *)pubKey);
1180 HcfObjDestroy((HcfObjectBase *)priKey);
1181 return HCF_ERR_MALLOC;
1182 }
1183 keyPair->base.priKey = (HcfPriKey *)priKey;
1184 keyPair->base.pubKey = (HcfPubKey *)pubKey;
1185 keyPair->base.base.getClass = GetOpensslKeyPairClass;
1186 keyPair->base.base.destroy = DestroyKeyPair;
1187 *returnKeyPair = (HcfKeyPair *)keyPair;
1188 return HCF_SUCCESS;
1189 }
1190
ParseRsaBnFromBin(const HcfAsyKeyParamsSpec * paramsSpec,BIGNUM ** n,BIGNUM ** e,BIGNUM ** d)1191 static HcfResult ParseRsaBnFromBin(const HcfAsyKeyParamsSpec *paramsSpec, BIGNUM **n,
1192 BIGNUM **e, BIGNUM **d)
1193 {
1194 // when meeting the fail situation, the BIGNUM will be NULL and other BIGNUM will be freeed in InitRsaStructByBin();
1195 if (BigIntegerToBigNum(&((HcfRsaCommParamsSpec *)paramsSpec)->n, n) != HCF_SUCCESS) {
1196 LOGD("[error] Rsa new BN n fail.");
1197 return HCF_ERR_CRYPTO_OPERATION;
1198 }
1199 if (paramsSpec->specType == HCF_KEY_PAIR_SPEC) {
1200 if (BigIntegerToBigNum(&((HcfRsaKeyPairParamsSpec *)paramsSpec)->pk, e) != HCF_SUCCESS) {
1201 LOGD("[error] Rsa new BN e fail.");
1202 OpensslBnFree(*n);
1203 *n = NULL;
1204 return HCF_ERR_CRYPTO_OPERATION;
1205 }
1206 if (BigIntegerToBigNum(&((HcfRsaKeyPairParamsSpec *)paramsSpec)->sk, d) != HCF_SUCCESS) {
1207 LOGD("[error] Rsa new BN d fail.");
1208 OpensslBnFree(*n);
1209 *n = NULL;
1210 OpensslBnFree(*e);
1211 *e = NULL;
1212 return HCF_ERR_CRYPTO_OPERATION;
1213 }
1214 }
1215 if (paramsSpec->specType == HCF_PUBLIC_KEY_SPEC) {
1216 if (BigIntegerToBigNum(&((HcfRsaPubKeyParamsSpec *)paramsSpec)->pk, e) != HCF_SUCCESS) {
1217 LOGD("[error] Rsa new BN e fail.");
1218 OpensslBnFree(*n);
1219 *n = NULL;
1220 return HCF_ERR_CRYPTO_OPERATION;
1221 }
1222 }
1223 return HCF_SUCCESS;
1224 }
1225
InitRsaStructByBin(const HcfAsyKeyParamsSpec * paramsSpec)1226 static RSA *InitRsaStructByBin(const HcfAsyKeyParamsSpec *paramsSpec)
1227 {
1228 BIGNUM *n = NULL;
1229 BIGNUM *e = NULL;
1230 BIGNUM *d = NULL;
1231 RSA *rsa = NULL;
1232
1233 if (ParseRsaBnFromBin(paramsSpec, &n, &e, &d) != HCF_SUCCESS) {
1234 LOGD("[error] ParseRsaBnFromBin fail");
1235 return rsa;
1236 }
1237 rsa = OpensslRsaNew();
1238 if (rsa == NULL) {
1239 OpensslBnFree(n);
1240 OpensslBnFree(e);
1241 OpensslBnClearFree(d);
1242 LOGD("[error] new RSA fail");
1243 return rsa;
1244 }
1245 // if set0 success, RSA object will take the owner of n, e, d and will free them.
1246 // as a new RSA object, in RSA_set0_key(), n and e cannot be NULL.
1247 if (OpensslRsaSet0Key(rsa, n, e, d) != HCF_OPENSSL_SUCCESS) {
1248 LOGD("[error] set RSA fail");
1249 HcfPrintOpensslError();
1250 OpensslBnFree(n);
1251 OpensslBnFree(e);
1252 OpensslBnClearFree(d);
1253 OpensslRsaFree(rsa);
1254 rsa = NULL;
1255 return rsa;
1256 }
1257 return rsa;
1258 }
1259
GenerateKeyPairBySpec(const HcfAsyKeyParamsSpec * paramsSpec,HcfKeyPair ** keyPair)1260 static HcfResult GenerateKeyPairBySpec(const HcfAsyKeyParamsSpec *paramsSpec, HcfKeyPair **keyPair)
1261 {
1262 // Generate keyPair RSA by spec
1263 RSA *rsa = InitRsaStructByBin(paramsSpec);
1264 if (rsa == NULL) {
1265 LOGD("[error] Generate RSA fail.");
1266 return HCF_ERR_CRYPTO_OPERATION;
1267 }
1268 HcfOpensslRsaKeyPair *keyPairImpl = (HcfOpensslRsaKeyPair *)HcfMalloc(sizeof(HcfOpensslRsaKeyPair), 0);
1269 if (keyPairImpl == NULL) {
1270 LOGE("Malloc keyPair fail.");
1271 OpensslRsaFree(rsa);
1272 return HCF_ERR_MALLOC;
1273 }
1274 // devided to pk and sk;
1275 HcfOpensslRsaPubKey *pubKeyImpl = NULL;
1276 HcfOpensslRsaPriKey *priKeyImpl = NULL;
1277
1278 RSA *pubKeyRsa = NULL;
1279 if (DuplicateRsa(rsa, false, &pubKeyRsa) != HCF_SUCCESS) {
1280 LOGD("[error] Duplicate pubKey rsa fail");
1281 OpensslRsaFree(rsa);
1282 HcfFree(keyPairImpl);
1283 return HCF_ERR_CRYPTO_OPERATION;
1284 }
1285
1286 HcfResult res = PackPubKey(pubKeyRsa, &pubKeyImpl);
1287 if (res != HCF_SUCCESS) {
1288 LOGE("pack pup key fail.");
1289 OpensslRsaFree(rsa);
1290 OpensslRsaFree(pubKeyRsa);
1291 HcfFree(keyPairImpl);
1292 return res;
1293 }
1294
1295 res = PackPriKey(rsa, &priKeyImpl);
1296 if (res != HCF_SUCCESS) {
1297 LOGE("pack pri key fail.");
1298 OpensslRsaFree(rsa);
1299 OpensslRsaFree(pubKeyRsa);
1300 HcfFree(keyPairImpl);
1301 HcfFree(pubKeyImpl);
1302 return res;
1303 }
1304 keyPairImpl->base.priKey = (HcfPriKey *)priKeyImpl;
1305 keyPairImpl->base.pubKey = (HcfPubKey *)pubKeyImpl;
1306 keyPairImpl->base.base.getClass = GetOpensslKeyPairClass;
1307 keyPairImpl->base.base.destroy = DestroyKeyPair;
1308 *keyPair = (HcfKeyPair *)keyPairImpl;
1309 LOGD("Generate keypair success.");
1310 return res;
1311 }
1312
GeneratePubKeyBySpec(const HcfAsyKeyParamsSpec * paramsSpec,HcfPubKey ** pubKey)1313 static HcfResult GeneratePubKeyBySpec(const HcfAsyKeyParamsSpec *paramsSpec, HcfPubKey **pubKey)
1314 {
1315 RSA *rsa = InitRsaStructByBin(paramsSpec);
1316 if (rsa == NULL) {
1317 LOGD("[error] Generate RSA fail.");
1318 return HCF_ERR_CRYPTO_OPERATION;
1319 }
1320 RSA *pubKeyRsa = NULL;
1321 if (DuplicateRsa(rsa, false, &pubKeyRsa) != HCF_SUCCESS) {
1322 LOGD("[error] Duplicate pubKey rsa fail");
1323 OpensslRsaFree(rsa);
1324 return HCF_ERR_CRYPTO_OPERATION;
1325 }
1326 HcfOpensslRsaPubKey *pubKeyImpl = NULL;
1327 HcfResult res = PackPubKey(pubKeyRsa, &pubKeyImpl);
1328 if (res != HCF_SUCCESS) {
1329 LOGD("[error] pack pup key fail.");
1330 OpensslRsaFree(rsa);
1331 OpensslRsaFree(pubKeyRsa);
1332 return res;
1333 }
1334 *pubKey = (HcfPubKey *)pubKeyImpl;
1335 OpensslRsaFree(rsa);
1336 LOGD("Generate pub key success.");
1337 return res;
1338 }
1339
GeneratePriKeyBySpec(const HcfAsyKeyParamsSpec * paramsSpec,HcfPriKey ** priKey)1340 static HcfResult GeneratePriKeyBySpec(const HcfAsyKeyParamsSpec *paramsSpec, HcfPriKey **priKey)
1341 {
1342 RSA *rsa = InitRsaStructByBin(paramsSpec);
1343 if (rsa == NULL) {
1344 LOGD("[error] Generate RSA fail.");
1345 return HCF_ERR_CRYPTO_OPERATION;
1346 }
1347 HcfOpensslRsaPriKey *priKeyImpl = NULL;
1348 HcfResult res = PackPriKey(rsa, &priKeyImpl);
1349 if (res != HCF_SUCCESS) {
1350 LOGD("[error] pack pri key fail.");
1351 OpensslRsaFree(rsa);
1352 return res;
1353 }
1354 *priKey = (HcfPriKey *)priKeyImpl;
1355 LOGD("Generate pri key success.");
1356 return res;
1357 }
1358
EngineGenerateKeyPairBySpec(const HcfAsyKeyGeneratorSpi * self,const HcfAsyKeyParamsSpec * paramsSpec,HcfKeyPair ** returnKeyPair)1359 static HcfResult EngineGenerateKeyPairBySpec(const HcfAsyKeyGeneratorSpi *self,
1360 const HcfAsyKeyParamsSpec *paramsSpec, HcfKeyPair **returnKeyPair)
1361 {
1362 if ((self == NULL) || (returnKeyPair == NULL) || (paramsSpec == NULL) || (paramsSpec->algName == NULL)) {
1363 LOGE("GenerateKeyPairBySpec Params is invalid.");
1364 return HCF_INVALID_PARAMS;
1365 }
1366 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_GENERATOR_CLASS)) {
1367 LOGE("Class not match.");
1368 return HCF_INVALID_PARAMS;
1369 }
1370 if (strcmp(paramsSpec->algName, RSA_ALG_NAME) != 0) {
1371 LOGE("Spec alg not match.");
1372 return HCF_INVALID_PARAMS;
1373 }
1374 if (paramsSpec->specType != HCF_KEY_PAIR_SPEC) {
1375 LOGE("Spec type not match.");
1376 return HCF_INVALID_PARAMS;
1377 }
1378 return GenerateKeyPairBySpec(paramsSpec, returnKeyPair);
1379 }
1380
EngineGeneratePubKeyBySpec(const HcfAsyKeyGeneratorSpi * self,const HcfAsyKeyParamsSpec * paramsSpec,HcfPubKey ** returnPubKey)1381 static HcfResult EngineGeneratePubKeyBySpec(const HcfAsyKeyGeneratorSpi *self,
1382 const HcfAsyKeyParamsSpec *paramsSpec, HcfPubKey **returnPubKey)
1383 {
1384 if ((self == NULL) || (returnPubKey == NULL) || (paramsSpec == NULL) || (paramsSpec->algName == NULL)) {
1385 LOGE("GeneratePubKeyBySpec Params is invalid.");
1386 return HCF_INVALID_PARAMS;
1387 }
1388 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_GENERATOR_CLASS)) {
1389 LOGE("Class not match.");
1390 return HCF_INVALID_PARAMS;
1391 }
1392 if (strcmp(paramsSpec->algName, RSA_ALG_NAME) != 0) {
1393 LOGE("Spec alg not match.");
1394 return HCF_INVALID_PARAMS;
1395 }
1396 if (paramsSpec->specType != HCF_PUBLIC_KEY_SPEC && paramsSpec->specType != HCF_KEY_PAIR_SPEC) {
1397 LOGE("Spec not match.");
1398 return HCF_INVALID_PARAMS;
1399 }
1400 return GeneratePubKeyBySpec(paramsSpec, returnPubKey);
1401 }
1402
EngineGeneratePriKeyBySpec(const HcfAsyKeyGeneratorSpi * self,const HcfAsyKeyParamsSpec * paramsSpec,HcfPriKey ** returnPriKey)1403 static HcfResult EngineGeneratePriKeyBySpec(const HcfAsyKeyGeneratorSpi *self,
1404 const HcfAsyKeyParamsSpec *paramsSpec, HcfPriKey **returnPriKey)
1405 {
1406 if ((self == NULL) || (returnPriKey == NULL) || (paramsSpec == NULL) || (paramsSpec->algName == NULL)) {
1407 LOGE("GeneratePriKeyBySpec Params is invalid.");
1408 return HCF_INVALID_PARAMS;
1409 }
1410 if (!HcfIsClassMatch((HcfObjectBase *)self, OPENSSL_RSA_GENERATOR_CLASS)) {
1411 LOGE("Class not match.");
1412 return HCF_INVALID_PARAMS;
1413 }
1414 if (strcmp(paramsSpec->algName, RSA_ALG_NAME) != 0) {
1415 LOGE("Spec alg not match.");
1416 return HCF_INVALID_PARAMS;
1417 }
1418 if (paramsSpec->specType != HCF_KEY_PAIR_SPEC) {
1419 LOGE("Spec not match.");
1420 return HCF_INVALID_PARAMS;
1421 }
1422 return GeneratePriKeyBySpec(paramsSpec, returnPriKey);
1423 }
1424
SetDefaultValue(HcfAsyKeyGenSpiRsaParams * params)1425 static HcfResult SetDefaultValue(HcfAsyKeyGenSpiRsaParams *params)
1426 {
1427 if (params->primes == 0) {
1428 LOGD("set default primes 2");
1429 params->primes = OPENSSL_RSA_PRIMES_SIZE_2;
1430 }
1431 if (params->pubExp != NULL) {
1432 LOGE("RSA has pubKey default unexpectedly.");
1433 return HCF_SUCCESS;
1434 }
1435 BIGNUM *e = OpensslBnNew();
1436 if (e == NULL) {
1437 LOGD("[error] RSA new BN fail.");
1438 return HCF_ERR_CRYPTO_OPERATION;
1439 }
1440 if (OpensslBnSetWord(e, RSA_F4) != HCF_OPENSSL_SUCCESS) {
1441 LOGD("[error] RSA keygen Bn_set_word fail.");
1442 OpensslBnFree(e);
1443 return HCF_ERR_CRYPTO_OPERATION;
1444 }
1445 params->pubExp = e;
1446 return HCF_SUCCESS;
1447 }
1448
DecodeParams(HcfAsyKeyGenParams * from,HcfAsyKeyGenSpiRsaParams ** to)1449 static HcfResult DecodeParams(HcfAsyKeyGenParams *from, HcfAsyKeyGenSpiRsaParams **to)
1450 {
1451 *to = (HcfAsyKeyGenSpiRsaParams *)HcfMalloc(sizeof(HcfAsyKeyGenSpiRsaParams), 0);
1452 if (*to == NULL) {
1453 LOGE("Malloc HcfAsyKeyGenSpiRsaParams fail");
1454 return HCF_ERR_MALLOC;
1455 }
1456
1457 (*to)->bits = from->bits;
1458 (*to)->primes = from->primes;
1459
1460 // set 2 as default primes, RSA_F4 as default pubExp
1461 if (SetDefaultValue(*to) != HCF_SUCCESS) {
1462 LOGE("Set default value fail.");
1463 HcfFree(*to);
1464 *to = NULL;
1465 return HCF_INVALID_PARAMS;
1466 }
1467 if (CheckRsaKeyGenParams(*to) != HCF_SUCCESS) {
1468 LOGE("Invalid keyGen params");
1469 OpensslBnFree((*to)->pubExp);
1470 HcfFree(*to);
1471 *to = NULL;
1472 return HCF_INVALID_PARAMS;
1473 }
1474 return HCF_SUCCESS;
1475 }
1476
HcfAsyKeyGeneratorSpiRsaCreate(HcfAsyKeyGenParams * params,HcfAsyKeyGeneratorSpi ** generator)1477 HcfResult HcfAsyKeyGeneratorSpiRsaCreate(HcfAsyKeyGenParams *params, HcfAsyKeyGeneratorSpi **generator)
1478 {
1479 if (params == NULL || generator == NULL) {
1480 LOGE("Invalid input, params is invalid or generator is null.");
1481 return HCF_INVALID_PARAMS;
1482 }
1483 HcfAsyKeyGeneratorSpiRsaOpensslImpl *impl = (HcfAsyKeyGeneratorSpiRsaOpensslImpl *)
1484 HcfMalloc(sizeof(HcfAsyKeyGeneratorSpiRsaOpensslImpl), 0);
1485 if (impl == NULL) {
1486 LOGE("Failed to allocate returnImpl memroy!");
1487 return HCF_ERR_MALLOC;
1488 }
1489 if (DecodeParams(params, &impl->params) != HCF_SUCCESS) {
1490 LOGE("Keygen params is invalid.");
1491 HcfFree(impl);
1492 return HCF_INVALID_PARAMS;
1493 }
1494 impl->base.base.getClass = GetKeyGeneratorClass;
1495 impl->base.base.destroy = DestroyKeyGeneratorSpiImpl;
1496 impl->base.engineGenerateKeyPair = EngineGenerateKeyPair;
1497 impl->base.engineConvertKey = EngineConvertKey;
1498 impl->base.engineConvertPemKey = EngineConvertPemKey;
1499 impl->base.engineGenerateKeyPairBySpec = EngineGenerateKeyPairBySpec;
1500 impl->base.engineGeneratePubKeyBySpec = EngineGeneratePubKeyBySpec;
1501 impl->base.engineGeneratePriKeyBySpec = EngineGeneratePriKeyBySpec;
1502 *generator = (HcfAsyKeyGeneratorSpi *)impl;
1503 return HCF_SUCCESS;
1504 }
1505