本篇主要分析hks_mbedtls_ecdsa.c代码
主要是基于ECDSA算法的签名过程和验证过程。密钥的生成在调用时使用其他位置函数即可。 文件路径(security_huks\frameworks\huks_standard\main\crypto_engine\mbedtls\src\hks_mbedtls_ecdsa.c)
一、背景知识ecdsa签名算法介绍
二、代码分析签名函数 实现ecdsa算法的签名过程,函数传入的参数不能有null值。 该函数主要基于mbedtls_ecdsa_write_signature实现签名的生成,根据传入的参数计算消息的签名
//签名函数
int32_t HksMbedtlsEcdsaSign(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
const struct HksBlob *message, struct HksBlob *signature)
{
int32_t ret = EccKeyCheck(key);
//检查key的size和key->data的三个维度的size
if (ret != HKS_SUCCESS) {
return ret;
}
mbedtls_ecp_group_id curveNist = MBEDTLS_ECP_DP_NONE;
ret = HksMbedtlsEccGetKeyCurveNist((struct KeyMaterialEcc *)(key->data), &curveNist);
if (ret != HKS_SUCCESS) {
return ret;
}
mbedtls_ctr_drbg_context ctrDrbg;
mbedtls_entropy_context entropy;
ret = HksCtrDrbgSeed(&ctrDrbg, &entropy);
//在ctrDrbg中生成一个伪随机数
if (ret != HKS_SUCCESS) {
return ret;
}
mbedtls_ecdsa_context ctx;
mbedtls_ecdsa_init(&ctx);
do {
ret = mbedtls_ecp_group_load(&(ctx.grp), curveNist);
//加载曲线群的参数
if (ret != HKS_MBEDTLS_SUCCESS) {
HKS_LOG_E("Mbedtls ecp group load fail! mbedtls ret = 0x%X", ret);
break;
}
ret = HksEccKeyMaterialToPri(key, &(ctx.d));
//将key中内容转换为私钥存进ctx.d
if (ret != HKS_SUCCESS) {
break;
}
uint32_t mbedtlsAlg;
ret = HksToMbedtlsDigestAlg(usageSpec->digest, &mbedtlsAlg);
//将不同usageSpec->digest对应算法名称写进mbedtlsAlg
if (ret != HKS_SUCCESS) {
break;
}
ret = mbedtls_ecdsa_write_signature(&ctx, mbedtlsAlg, message->data, (size_t)message->size,
signature->data, (size_t *)&(signature->size), mbedtls_ctr_drbg_random, &ctrDrbg);
//生成签名在ctx中
if (ret != HKS_MBEDTLS_SUCCESS) {
HKS_LOG_E("Ecc mbedtls sign fail! mbedtls ret = 0x%X", ret);
//生成失败就初始化签名域
(void)memset_s(signature->data, signature->size, 0, signature->size);
}
} while (0);
mbedtls_ctr_drbg_free(&ctrDrbg);
mbedtls_entropy_free(&entropy);
mbedtls_ecdsa_free(&ctx);
//释放相关空间
return ret;
}
验证函数 该函数主要基于mbedtls_ecdsa_read_signature读取签名信息进行验证。根据函数传入的公钥和传来的消息进性验证过程,得到一个是否通过的结果,不进行密钥的交换
/* users must ensure the input params not null */
//验证过程
int32_t HksMbedtlsEcdsaVerify(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
const struct HksBlob *message, const struct HksBlob *signature)
{
(void)usageSpec;
int32_t ret = EccKeyCheck(key);
if (ret != HKS_SUCCESS) {
return ret;
}
mbedtls_ecp_group_id curveNist = MBEDTLS_ECP_DP_NONE;
ret = HksMbedtlsEccGetKeyCurveNist((struct KeyMaterialEcc *)(key->data), &curveNist);
//获取密钥的曲线dist,将所用曲线加密算法写进curvedist
if (ret != HKS_SUCCESS) {
HKS_LOG_E("Get ecc KeyCureNist fail! ret = 0x%X", ret);
return ret;
}
mbedtls_ecdsa_context ctx;
mbedtls_ecdsa_init(&ctx);
do {
ret = mbedtls_ecp_group_load(&(ctx.grp), curveNist);
//加载曲线群参数
if (ret != HKS_MBEDTLS_SUCCESS) {
HKS_LOG_E("Mbedtls ecp group load fail! mbedtls ret = 0x%X", ret);
break;
}
ret = HksEccKeyMaterialToPub(key, &(ctx.Q));
if (ret != HKS_SUCCESS) {
break;
}
ret = mbedtls_ecdsa_read_signature(&ctx,
message->data, message->size, signature->data, signature->size);
//调用mbedtls_ecdsa_read_signature是实现验证,从ctx和signature->data和message->data比对验证关系是否成立
if (ret != HKS_MBEDTLS_SUCCESS) {
HKS_LOG_E("Ecc mbedtls verify fail! mbedtls ret = 0x%X", ret);
}
}while (0);
mbedtls_ecdsa_free(&ctx);
//释放相关空间
return ret;
}
