1060ff233Sopenharmony_ci/* 2060ff233Sopenharmony_ci * Copyright (c) 2021 Huawei Device Co., Ltd. 3060ff233Sopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 4060ff233Sopenharmony_ci * you may not use this file except in compliance with the License. 5060ff233Sopenharmony_ci * You may obtain a copy of the License at 6060ff233Sopenharmony_ci * 7060ff233Sopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 8060ff233Sopenharmony_ci * 9060ff233Sopenharmony_ci * Unless required by applicable law or agreed to in writing, software 10060ff233Sopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 11060ff233Sopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12060ff233Sopenharmony_ci * See the License for the specific language governing permissions and 13060ff233Sopenharmony_ci * limitations under the License. 14060ff233Sopenharmony_ci */ 15060ff233Sopenharmony_ci 16060ff233Sopenharmony_ci#include "softbus_adapter_crypto.h" 17060ff233Sopenharmony_ci 18060ff233Sopenharmony_ci#include <securec.h> 19060ff233Sopenharmony_ci 20060ff233Sopenharmony_ci#include "comm_log.h" 21060ff233Sopenharmony_ci#include "mbedtls/base64.h" 22060ff233Sopenharmony_ci#include "mbedtls/cipher.h" 23060ff233Sopenharmony_ci#include "mbedtls/ctr_drbg.h" 24060ff233Sopenharmony_ci#include "mbedtls/entropy.h" 25060ff233Sopenharmony_ci#include "mbedtls/gcm.h" 26060ff233Sopenharmony_ci#include "mbedtls/md.h" 27060ff233Sopenharmony_ci#include "mbedtls/platform.h" 28060ff233Sopenharmony_ci#include "softbus_adapter_file.h" 29060ff233Sopenharmony_ci#include "softbus_errcode.h" 30060ff233Sopenharmony_ci 31060ff233Sopenharmony_ci#ifndef MBEDTLS_CTR_DRBG_C 32060ff233Sopenharmony_ci#define MBEDTLS_CTR_DRBG_C 33060ff233Sopenharmony_ci#endif 34060ff233Sopenharmony_ci 35060ff233Sopenharmony_ci#ifndef MBEDTLS_MD_C 36060ff233Sopenharmony_ci#define MBEDTLS_MD_C 37060ff233Sopenharmony_ci#endif 38060ff233Sopenharmony_ci 39060ff233Sopenharmony_ci#ifndef MBEDTLS_SHA256_C 40060ff233Sopenharmony_ci#define MBEDTLS_SHA256_C 41060ff233Sopenharmony_ci#endif 42060ff233Sopenharmony_ci 43060ff233Sopenharmony_ci#ifndef MBEDTLS_ENTROPY_C 44060ff233Sopenharmony_ci#define MBEDTLS_ENTROPY_C 45060ff233Sopenharmony_ci#endif 46060ff233Sopenharmony_ci 47060ff233Sopenharmony_ci#ifndef MBEDTLS_CIPHER_MODE_CTR 48060ff233Sopenharmony_ci#define MBEDTLS_CIPHER_MODE_CTR 49060ff233Sopenharmony_ci#endif 50060ff233Sopenharmony_ci 51060ff233Sopenharmony_ci#ifndef MBEDTLS_AES_C 52060ff233Sopenharmony_ci#define MBEDTLS_AES_C 53060ff233Sopenharmony_ci#endif 54060ff233Sopenharmony_ci 55060ff233Sopenharmony_ci#ifndef MBEDTLS_CIPHER_C 56060ff233Sopenharmony_ci#define MBEDTLS_CIPHER_C 57060ff233Sopenharmony_ci#endif 58060ff233Sopenharmony_ci 59060ff233Sopenharmony_ci#define EVP_AES_128_KEYLEN 16 60060ff233Sopenharmony_ci#define EVP_AES_256_KEYLEN 32 61060ff233Sopenharmony_ci#define BYTES_BIT_NUM 8 62060ff233Sopenharmony_ci 63060ff233Sopenharmony_cistatic SoftBusMutex g_randomLock; 64060ff233Sopenharmony_ci 65060ff233Sopenharmony_cistatic mbedtls_cipher_type_t GetCtrAlgorithmByKeyLen(uint32_t keyLen) 66060ff233Sopenharmony_ci{ 67060ff233Sopenharmony_ci switch (keyLen) { 68060ff233Sopenharmony_ci case EVP_AES_128_KEYLEN: 69060ff233Sopenharmony_ci return MBEDTLS_CIPHER_ARIA_128_CTR; 70060ff233Sopenharmony_ci case EVP_AES_256_KEYLEN: 71060ff233Sopenharmony_ci return MBEDTLS_CIPHER_ARIA_256_CTR; 72060ff233Sopenharmony_ci default: 73060ff233Sopenharmony_ci return MBEDTLS_CIPHER_NONE; 74060ff233Sopenharmony_ci } 75060ff233Sopenharmony_ci return MBEDTLS_CIPHER_NONE; 76060ff233Sopenharmony_ci} 77060ff233Sopenharmony_ci 78060ff233Sopenharmony_cistatic int32_t MbedAesGcmEncrypt(const AesGcmCipherKey *cipherKey, const unsigned char *plainText, 79060ff233Sopenharmony_ci uint32_t plainTextSize, unsigned char *cipherText, uint32_t cipherTextLen) 80060ff233Sopenharmony_ci{ 81060ff233Sopenharmony_ci if ((cipherKey == NULL) || (plainText == NULL) || (plainTextSize == 0) || cipherText == NULL || 82060ff233Sopenharmony_ci (cipherTextLen < plainTextSize + OVERHEAD_LEN)) { 83060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "Encrypt invalid para"); 84060ff233Sopenharmony_ci return SOFTBUS_INVALID_PARAM; 85060ff233Sopenharmony_ci } 86060ff233Sopenharmony_ci 87060ff233Sopenharmony_ci int32_t ret; 88060ff233Sopenharmony_ci unsigned char tagBuf[TAG_LEN] = { 0 }; 89060ff233Sopenharmony_ci mbedtls_gcm_context aesContext; 90060ff233Sopenharmony_ci mbedtls_gcm_init(&aesContext); 91060ff233Sopenharmony_ci 92060ff233Sopenharmony_ci ret = mbedtls_gcm_setkey(&aesContext, MBEDTLS_CIPHER_ID_AES, cipherKey->key, cipherKey->keyLen * KEY_BITS_UNIT); 93060ff233Sopenharmony_ci if (ret != 0) { 94060ff233Sopenharmony_ci mbedtls_gcm_free(&aesContext); 95060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 96060ff233Sopenharmony_ci } 97060ff233Sopenharmony_ci 98060ff233Sopenharmony_ci ret = mbedtls_gcm_crypt_and_tag(&aesContext, MBEDTLS_GCM_ENCRYPT, plainTextSize, cipherKey->iv, GCM_IV_LEN, NULL, 0, 99060ff233Sopenharmony_ci plainText, cipherText + GCM_IV_LEN, TAG_LEN, tagBuf); 100060ff233Sopenharmony_ci if (ret != 0) { 101060ff233Sopenharmony_ci mbedtls_gcm_free(&aesContext); 102060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 103060ff233Sopenharmony_ci } 104060ff233Sopenharmony_ci 105060ff233Sopenharmony_ci if (memcpy_s(cipherText, cipherTextLen, cipherKey->iv, GCM_IV_LEN) != EOK) { 106060ff233Sopenharmony_ci mbedtls_gcm_free(&aesContext); 107060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 108060ff233Sopenharmony_ci } 109060ff233Sopenharmony_ci 110060ff233Sopenharmony_ci if (memcpy_s(cipherText + GCM_IV_LEN + plainTextSize, cipherTextLen - GCM_IV_LEN - plainTextSize, tagBuf, 111060ff233Sopenharmony_ci TAG_LEN) != 0) { 112060ff233Sopenharmony_ci mbedtls_gcm_free(&aesContext); 113060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 114060ff233Sopenharmony_ci } 115060ff233Sopenharmony_ci 116060ff233Sopenharmony_ci mbedtls_gcm_free(&aesContext); 117060ff233Sopenharmony_ci return (plainTextSize + OVERHEAD_LEN); 118060ff233Sopenharmony_ci} 119060ff233Sopenharmony_ci 120060ff233Sopenharmony_cistatic int32_t MbedAesGcmDecrypt(const AesGcmCipherKey *cipherKey, const unsigned char *cipherText, 121060ff233Sopenharmony_ci uint32_t cipherTextSize, unsigned char *plain, uint32_t plainLen) 122060ff233Sopenharmony_ci{ 123060ff233Sopenharmony_ci if ((cipherKey == NULL) || (cipherText == NULL) || (cipherTextSize <= OVERHEAD_LEN) || plain == NULL || 124060ff233Sopenharmony_ci (plainLen < cipherTextSize - OVERHEAD_LEN)) { 125060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "Decrypt invalid para"); 126060ff233Sopenharmony_ci return SOFTBUS_INVALID_PARAM; 127060ff233Sopenharmony_ci } 128060ff233Sopenharmony_ci 129060ff233Sopenharmony_ci mbedtls_gcm_context aesContext; 130060ff233Sopenharmony_ci mbedtls_gcm_init(&aesContext); 131060ff233Sopenharmony_ci int32_t ret = 132060ff233Sopenharmony_ci mbedtls_gcm_setkey(&aesContext, MBEDTLS_CIPHER_ID_AES, cipherKey->key, cipherKey->keyLen * KEY_BITS_UNIT); 133060ff233Sopenharmony_ci if (ret != 0) { 134060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "Decrypt mbedtls_gcm_setkey fail."); 135060ff233Sopenharmony_ci mbedtls_gcm_free(&aesContext); 136060ff233Sopenharmony_ci return SOFTBUS_DECRYPT_ERR; 137060ff233Sopenharmony_ci } 138060ff233Sopenharmony_ci 139060ff233Sopenharmony_ci int32_t actualPlainLen = (int32_t)(cipherTextSize - OVERHEAD_LEN); 140060ff233Sopenharmony_ci ret = mbedtls_gcm_auth_decrypt(&aesContext, cipherTextSize - OVERHEAD_LEN, cipherKey->iv, GCM_IV_LEN, NULL, 0, 141060ff233Sopenharmony_ci cipherText + actualPlainLen + GCM_IV_LEN, TAG_LEN, cipherText + GCM_IV_LEN, plain); 142060ff233Sopenharmony_ci if (ret != 0) { 143060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "[TRANS] Decrypt mbedtls_gcm_auth_decrypt fail. ret=%{public}d", ret); 144060ff233Sopenharmony_ci mbedtls_gcm_free(&aesContext); 145060ff233Sopenharmony_ci return SOFTBUS_DECRYPT_ERR; 146060ff233Sopenharmony_ci } 147060ff233Sopenharmony_ci 148060ff233Sopenharmony_ci mbedtls_gcm_free(&aesContext); 149060ff233Sopenharmony_ci return actualPlainLen; 150060ff233Sopenharmony_ci} 151060ff233Sopenharmony_ci 152060ff233Sopenharmony_cistatic int32_t HandleError(mbedtls_cipher_context_t *ctx, const char *buf) 153060ff233Sopenharmony_ci{ 154060ff233Sopenharmony_ci if (buf != NULL) { 155060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "buf=%{public}s", buf); 156060ff233Sopenharmony_ci } 157060ff233Sopenharmony_ci if (ctx != NULL) { 158060ff233Sopenharmony_ci mbedtls_cipher_free(ctx); 159060ff233Sopenharmony_ci } 160060ff233Sopenharmony_ci return SOFTBUS_DECRYPT_ERR; 161060ff233Sopenharmony_ci} 162060ff233Sopenharmony_ci 163060ff233Sopenharmony_ciint32_t SoftBusBase64Encode(unsigned char *dst, size_t dlen, 164060ff233Sopenharmony_ci size_t *olen, const unsigned char *src, size_t slen) 165060ff233Sopenharmony_ci{ 166060ff233Sopenharmony_ci if (dst == NULL || dlen == 0 || olen == NULL || src == NULL || slen == 0) { 167060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "base64 encode invalid para"); 168060ff233Sopenharmony_ci return SOFTBUS_INVALID_PARAM; 169060ff233Sopenharmony_ci } 170060ff233Sopenharmony_ci return mbedtls_base64_encode(dst, dlen, olen, src, slen); 171060ff233Sopenharmony_ci} 172060ff233Sopenharmony_ci 173060ff233Sopenharmony_ciint32_t SoftBusBase64Decode(unsigned char *dst, size_t dlen, 174060ff233Sopenharmony_ci size_t *olen, const unsigned char *src, size_t slen) 175060ff233Sopenharmony_ci{ 176060ff233Sopenharmony_ci if (dst == NULL || dlen == 0 || olen == NULL || src == NULL || slen == 0) { 177060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "base64 decode invalid para"); 178060ff233Sopenharmony_ci return SOFTBUS_INVALID_PARAM; 179060ff233Sopenharmony_ci } 180060ff233Sopenharmony_ci return mbedtls_base64_decode(dst, dlen, olen, src, slen); 181060ff233Sopenharmony_ci} 182060ff233Sopenharmony_ci 183060ff233Sopenharmony_ciint32_t SoftBusGenerateStrHash(const unsigned char *str, uint32_t len, unsigned char *hash) 184060ff233Sopenharmony_ci{ 185060ff233Sopenharmony_ci if (str == NULL || hash == NULL || len == 0) { 186060ff233Sopenharmony_ci return SOFTBUS_INVALID_PARAM; 187060ff233Sopenharmony_ci } 188060ff233Sopenharmony_ci 189060ff233Sopenharmony_ci mbedtls_md_context_t ctx; 190060ff233Sopenharmony_ci const mbedtls_md_info_t *info = NULL; 191060ff233Sopenharmony_ci mbedtls_md_init(&ctx); 192060ff233Sopenharmony_ci 193060ff233Sopenharmony_ci info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); 194060ff233Sopenharmony_ci if (info == NULL) { 195060ff233Sopenharmony_ci mbedtls_md_free(&ctx); 196060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 197060ff233Sopenharmony_ci } 198060ff233Sopenharmony_ci if (mbedtls_md_setup(&ctx, info, 0) != 0) { 199060ff233Sopenharmony_ci mbedtls_md_free(&ctx); 200060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 201060ff233Sopenharmony_ci } 202060ff233Sopenharmony_ci if (mbedtls_md_starts(&ctx) != 0) { 203060ff233Sopenharmony_ci mbedtls_md_free(&ctx); 204060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 205060ff233Sopenharmony_ci } 206060ff233Sopenharmony_ci if (mbedtls_md_update(&ctx, str, len) != 0) { 207060ff233Sopenharmony_ci mbedtls_md_free(&ctx); 208060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 209060ff233Sopenharmony_ci } 210060ff233Sopenharmony_ci if (mbedtls_md_finish(&ctx, hash) != 0) { 211060ff233Sopenharmony_ci mbedtls_md_free(&ctx); 212060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 213060ff233Sopenharmony_ci } 214060ff233Sopenharmony_ci 215060ff233Sopenharmony_ci mbedtls_md_free(&ctx); 216060ff233Sopenharmony_ci return SOFTBUS_OK; 217060ff233Sopenharmony_ci} 218060ff233Sopenharmony_ci 219060ff233Sopenharmony_ciint32_t SoftBusGenerateRandomArray(unsigned char *randStr, uint32_t len) 220060ff233Sopenharmony_ci{ 221060ff233Sopenharmony_ci if (randStr == NULL || len == 0) { 222060ff233Sopenharmony_ci return SOFTBUS_INVALID_PARAM; 223060ff233Sopenharmony_ci } 224060ff233Sopenharmony_ci 225060ff233Sopenharmony_ci static mbedtls_entropy_context entropy; 226060ff233Sopenharmony_ci static mbedtls_ctr_drbg_context ctrDrbg; 227060ff233Sopenharmony_ci static bool initFlag = false; 228060ff233Sopenharmony_ci int32_t ret; 229060ff233Sopenharmony_ci 230060ff233Sopenharmony_ci if (!initFlag) { 231060ff233Sopenharmony_ci if (SoftBusMutexInit(&g_randomLock, NULL) != SOFTBUS_OK) { 232060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "SoftBusGenerateRandomArray init lock fail"); 233060ff233Sopenharmony_ci return SOFTBUS_LOCK_ERR; 234060ff233Sopenharmony_ci } 235060ff233Sopenharmony_ci mbedtls_ctr_drbg_init(&ctrDrbg); 236060ff233Sopenharmony_ci mbedtls_entropy_init(&entropy); 237060ff233Sopenharmony_ci ret = mbedtls_ctr_drbg_seed(&ctrDrbg, mbedtls_entropy_func, &entropy, NULL, 0); 238060ff233Sopenharmony_ci if (ret != 0) { 239060ff233Sopenharmony_ci SoftBusMutexUnlock(&g_randomLock); 240060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "gen random seed error, ret=%{public}d", ret); 241060ff233Sopenharmony_ci return SOFTBUS_ERR; 242060ff233Sopenharmony_ci } 243060ff233Sopenharmony_ci initFlag = true; 244060ff233Sopenharmony_ci } 245060ff233Sopenharmony_ci 246060ff233Sopenharmony_ci if (SoftBusMutexLock(&g_randomLock) != SOFTBUS_OK) { 247060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "SoftBusGenerateRandomArray lock fail"); 248060ff233Sopenharmony_ci return SOFTBUS_LOCK_ERR; 249060ff233Sopenharmony_ci } 250060ff233Sopenharmony_ci 251060ff233Sopenharmony_ci ret = mbedtls_ctr_drbg_random(&ctrDrbg, randStr, len); 252060ff233Sopenharmony_ci SoftBusMutexUnlock(&g_randomLock); 253060ff233Sopenharmony_ci if (ret != 0) { 254060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "gen random error, ret=%{public}d", ret); 255060ff233Sopenharmony_ci return SOFTBUS_ERR; 256060ff233Sopenharmony_ci } 257060ff233Sopenharmony_ci return SOFTBUS_OK; 258060ff233Sopenharmony_ci} 259060ff233Sopenharmony_ci 260060ff233Sopenharmony_ciint32_t SoftBusGenerateSessionKey(char *key, uint32_t len) 261060ff233Sopenharmony_ci{ 262060ff233Sopenharmony_ci if (SoftBusGenerateRandomArray((unsigned char *)key, len) != SOFTBUS_OK) { 263060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "generate sessionKey error."); 264060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 265060ff233Sopenharmony_ci } 266060ff233Sopenharmony_ci return SOFTBUS_OK; 267060ff233Sopenharmony_ci} 268060ff233Sopenharmony_ci 269060ff233Sopenharmony_ciint32_t SoftBusEncryptData(AesGcmCipherKey *cipherKey, const unsigned char *input, uint32_t inLen, 270060ff233Sopenharmony_ci unsigned char *encryptData, uint32_t *encryptLen) 271060ff233Sopenharmony_ci{ 272060ff233Sopenharmony_ci if (cipherKey == NULL || input == NULL || inLen == 0 || encryptData == NULL || encryptLen == NULL) { 273060ff233Sopenharmony_ci return SOFTBUS_INVALID_PARAM; 274060ff233Sopenharmony_ci } 275060ff233Sopenharmony_ci 276060ff233Sopenharmony_ci if (SoftBusGenerateRandomArray(cipherKey->iv, sizeof(cipherKey->iv)) != SOFTBUS_OK) { 277060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "generate random iv error."); 278060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 279060ff233Sopenharmony_ci } 280060ff233Sopenharmony_ci uint32_t outLen = inLen + OVERHEAD_LEN; 281060ff233Sopenharmony_ci int32_t result = MbedAesGcmEncrypt(cipherKey, input, inLen, encryptData, outLen); 282060ff233Sopenharmony_ci if (result <= 0) { 283060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 284060ff233Sopenharmony_ci } 285060ff233Sopenharmony_ci *encryptLen = result; 286060ff233Sopenharmony_ci return SOFTBUS_OK; 287060ff233Sopenharmony_ci} 288060ff233Sopenharmony_ci 289060ff233Sopenharmony_ciint32_t SoftBusEncryptDataWithSeq(AesGcmCipherKey *cipherKey, const unsigned char *input, uint32_t inLen, 290060ff233Sopenharmony_ci unsigned char *encryptData, uint32_t *encryptLen, int32_t seqNum) 291060ff233Sopenharmony_ci{ 292060ff233Sopenharmony_ci if (cipherKey == NULL || input == NULL || inLen == 0 || encryptData == NULL || encryptLen == NULL) { 293060ff233Sopenharmony_ci return SOFTBUS_INVALID_PARAM; 294060ff233Sopenharmony_ci } 295060ff233Sopenharmony_ci if (SoftBusGenerateRandomArray(cipherKey->iv, sizeof(cipherKey->iv)) != SOFTBUS_OK) { 296060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "generate random iv error."); 297060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 298060ff233Sopenharmony_ci } 299060ff233Sopenharmony_ci if (memcpy_s(cipherKey->iv, sizeof(int32_t), &seqNum, sizeof(int32_t)) != EOK) { 300060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 301060ff233Sopenharmony_ci } 302060ff233Sopenharmony_ci uint32_t outLen = inLen + OVERHEAD_LEN; 303060ff233Sopenharmony_ci int32_t result = MbedAesGcmEncrypt(cipherKey, input, inLen, encryptData, outLen); 304060ff233Sopenharmony_ci if (result <= 0) { 305060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 306060ff233Sopenharmony_ci } 307060ff233Sopenharmony_ci *encryptLen = result; 308060ff233Sopenharmony_ci return SOFTBUS_OK; 309060ff233Sopenharmony_ci} 310060ff233Sopenharmony_ci 311060ff233Sopenharmony_ciint32_t SoftBusDecryptData(AesGcmCipherKey *cipherKey, const unsigned char *input, uint32_t inLen, 312060ff233Sopenharmony_ci unsigned char *decryptData, uint32_t *decryptLen) 313060ff233Sopenharmony_ci{ 314060ff233Sopenharmony_ci if (cipherKey == NULL || input == NULL || inLen < GCM_IV_LEN || decryptData == NULL || decryptLen == NULL) { 315060ff233Sopenharmony_ci return SOFTBUS_INVALID_PARAM; 316060ff233Sopenharmony_ci } 317060ff233Sopenharmony_ci 318060ff233Sopenharmony_ci if (memcpy_s(cipherKey->iv, sizeof(cipherKey->iv), input, GCM_IV_LEN) != EOK) { 319060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "copy iv failed."); 320060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 321060ff233Sopenharmony_ci } 322060ff233Sopenharmony_ci uint32_t outLen = inLen - OVERHEAD_LEN; 323060ff233Sopenharmony_ci int32_t result = MbedAesGcmDecrypt(cipherKey, input, inLen, decryptData, outLen); 324060ff233Sopenharmony_ci if (result <= 0) { 325060ff233Sopenharmony_ci return SOFTBUS_ENCRYPT_ERR; 326060ff233Sopenharmony_ci } 327060ff233Sopenharmony_ci *decryptLen = (uint32_t)result; 328060ff233Sopenharmony_ci return SOFTBUS_OK; 329060ff233Sopenharmony_ci} 330060ff233Sopenharmony_ci 331060ff233Sopenharmony_ciint32_t SoftBusDecryptDataWithSeq(AesGcmCipherKey *cipherKey, const unsigned char *input, uint32_t inLen, 332060ff233Sopenharmony_ci unsigned char *decryptData, uint32_t *decryptLen, int32_t seqNum) 333060ff233Sopenharmony_ci{ 334060ff233Sopenharmony_ci (void)seqNum; 335060ff233Sopenharmony_ci return SoftBusDecryptData(cipherKey, input, inLen, decryptData, decryptLen); 336060ff233Sopenharmony_ci} 337060ff233Sopenharmony_ci 338060ff233Sopenharmony_ciuint32_t SoftBusCryptoRand(void) 339060ff233Sopenharmony_ci{ 340060ff233Sopenharmony_ci int32_t fd = SoftBusOpenFile("/dev/urandom", SOFTBUS_O_RDONLY); 341060ff233Sopenharmony_ci if (fd < 0) { 342060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "CryptoRand open file fail"); 343060ff233Sopenharmony_ci return 0; 344060ff233Sopenharmony_ci } 345060ff233Sopenharmony_ci uint32_t value = 0; 346060ff233Sopenharmony_ci int32_t len = SoftBusReadFile(fd, &value, sizeof(uint32_t)); 347060ff233Sopenharmony_ci if (len < 0) { 348060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "CryptoRand read file fail"); 349060ff233Sopenharmony_ci SoftBusCloseFile(fd); 350060ff233Sopenharmony_ci return 0; 351060ff233Sopenharmony_ci } 352060ff233Sopenharmony_ci SoftBusCloseFile(fd); 353060ff233Sopenharmony_ci return value; 354060ff233Sopenharmony_ci} 355060ff233Sopenharmony_ci 356060ff233Sopenharmony_ciint32_t SoftBusEncryptDataByCtr(AesCtrCipherKey *key, const unsigned char *input, uint32_t inLen, 357060ff233Sopenharmony_ci unsigned char *encryptData, uint32_t *encryptLen) 358060ff233Sopenharmony_ci{ 359060ff233Sopenharmony_ci if (key == NULL || input == NULL || inLen == 0 || encryptData == NULL || encryptLen == NULL) { 360060ff233Sopenharmony_ci COMM_LOGE(COMM_ADAPTER, "softbus encrypt data by ctr invalid para"); 361060ff233Sopenharmony_ci return SOFTBUS_INVALID_PARAM; 362060ff233Sopenharmony_ci } 363060ff233Sopenharmony_ci mbedtls_cipher_type_t type = GetCtrAlgorithmByKeyLen(key->keyLen); 364060ff233Sopenharmony_ci if (type == MBEDTLS_CIPHER_NONE) { 365060ff233Sopenharmony_ci return HandleError(NULL, "get cipher failed"); 366060ff233Sopenharmony_ci } 367060ff233Sopenharmony_ci size_t len = 0; 368060ff233Sopenharmony_ci *encryptLen = 0; 369060ff233Sopenharmony_ci mbedtls_cipher_context_t ctx; 370060ff233Sopenharmony_ci const mbedtls_cipher_info_t *info = NULL; 371060ff233Sopenharmony_ci mbedtls_cipher_init(&ctx); 372060ff233Sopenharmony_ci if (!(info = mbedtls_cipher_info_from_type(type))) { 373060ff233Sopenharmony_ci return HandleError(&ctx, "mbedtls_cipher_info_from_type ctr failed"); 374060ff233Sopenharmony_ci } 375060ff233Sopenharmony_ci if (mbedtls_cipher_setup(&ctx, info) != 0) { 376060ff233Sopenharmony_ci return HandleError(&ctx, "mbedtls_cipher_setup ctr failed"); 377060ff233Sopenharmony_ci } 378060ff233Sopenharmony_ci if (mbedtls_cipher_setkey(&ctx, key->key, key->keyLen * BYTES_BIT_NUM, MBEDTLS_ENCRYPT) != 0) { 379060ff233Sopenharmony_ci return HandleError(&ctx, "mbedtls_cipher_setkey ctr failed"); 380060ff233Sopenharmony_ci } 381060ff233Sopenharmony_ci if (mbedtls_cipher_set_iv(&ctx, key->iv, BLE_BROADCAST_IV_LEN) != 0) { 382060ff233Sopenharmony_ci return HandleError(&ctx, "mbedtls_cipher_set_iv ctr failed"); 383060ff233Sopenharmony_ci } 384060ff233Sopenharmony_ci if (mbedtls_cipher_update(&ctx, input, inLen, encryptData, &len) != 0) { 385060ff233Sopenharmony_ci return HandleError(&ctx, "mbedtls_cipher_update ctr failed"); 386060ff233Sopenharmony_ci } 387060ff233Sopenharmony_ci *encryptLen += len; 388060ff233Sopenharmony_ci if (mbedtls_cipher_finish(&ctx, encryptData, &len) != 0) { 389060ff233Sopenharmony_ci return HandleError(&ctx, "mbedtls_cipher_finish ctr failed"); 390060ff233Sopenharmony_ci } 391060ff233Sopenharmony_ci *encryptLen += len; 392060ff233Sopenharmony_ci mbedtls_cipher_free(&ctx); 393060ff233Sopenharmony_ci return SOFTBUS_OK; 394060ff233Sopenharmony_ci} 395060ff233Sopenharmony_ci 396060ff233Sopenharmony_ciint32_t SoftBusDecryptDataByCtr(AesCtrCipherKey *key, const unsigned char *input, uint32_t inLen, 397060ff233Sopenharmony_ci unsigned char *decryptData, uint32_t *decryptLen) 398060ff233Sopenharmony_ci{ 399060ff233Sopenharmony_ci return SoftBusEncryptDataByCtr(key, input, inLen, decryptData, decryptLen); 400060ff233Sopenharmony_ci} 401