1 /* 2 * Copyright (c) 2021-2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 /** 17 * @file hks_type_enum.h 18 * 19 * @brief Declares huks type enum. 20 * 21 * @since 8 22 */ 23 24 #ifndef HKS_TYPE_ENUM_H 25 #define HKS_TYPE_ENUM_H 26 27 #include <stdbool.h> 28 #include <stdint.h> 29 #include <stdlib.h> 30 31 #ifdef __cplusplus 32 extern "C" { 33 #endif 34 35 /** 36 * @brief hks key type 37 */ 38 enum HksKeyType { 39 HKS_KEY_TYPE_RSA_PUBLIC_KEY = 0x01001000, 40 HKS_KEY_TYPE_RSA_KEYPAIR = 0x01002000, 41 42 HKS_KEY_TYPE_ECC_P256_PUBLIC_KEY = 0x02021000, 43 HKS_KEY_TYPE_ECC_P256_KEYPAIR = 0x02022000, 44 HKS_KEY_TYPE_ECC_P384_PUBLIC_KEY = 0x02031000, 45 HKS_KEY_TYPE_ECC_P384_KEYPAIR = 0x02032000, 46 HKS_KEY_TYPE_ECC_P521_PUBLIC_KEY = 0x02051000, 47 HKS_KEY_TYPE_ECC_P521_KEYPAIR = 0x02052000, 48 49 HKS_KEY_TYPE_ED25519_PUBLIC_KEY = 0x02101000, 50 HKS_KEY_TYPE_ED25519_KEYPAIR = 0x02102000, 51 HKS_KEY_TYPE_X25519_PUBLIC_KEY = 0x02111000, 52 HKS_KEY_TYPE_X25519_KEYPAIR = 0x02112000, 53 54 HKS_KEY_TYPE_AES = 0x03000000, 55 HKS_KEY_TYPE_CHACHA20 = 0x04010000, 56 HKS_KEY_TYPE_CHACHA20_POLY1305 = 0x04020000, 57 58 HKS_KEY_TYPE_HMAC = 0x05000000, 59 HKS_KEY_TYPE_HKDF = 0x06000000, 60 HKS_KEY_TYPE_PBKDF2 = 0x07000000, 61 }; 62 63 /** 64 * @brief hks key purpose 65 */ 66 enum HksKeyPurpose { 67 HKS_KEY_PURPOSE_ENCRYPT = 1, /* Usable with RSA, EC, AES, SM2, and SM4 keys. */ 68 HKS_KEY_PURPOSE_DECRYPT = 2, /* Usable with RSA, EC, AES, SM2, and SM4 keys. */ 69 HKS_KEY_PURPOSE_SIGN = 4, /* Usable with RSA, EC keys. */ 70 HKS_KEY_PURPOSE_VERIFY = 8, /* Usable with RSA, EC keys. */ 71 HKS_KEY_PURPOSE_DERIVE = 16, /* Usable with EC keys. */ 72 HKS_KEY_PURPOSE_WRAP = 32, /* Usable with wrap key. */ 73 HKS_KEY_PURPOSE_UNWRAP = 64, /* Usable with unwrap key. */ 74 HKS_KEY_PURPOSE_MAC = 128, /* Usable with mac. */ 75 HKS_KEY_PURPOSE_AGREE = 256, /* Usable with agree. */ 76 }; 77 78 /** 79 * @brief hks key digest 80 */ 81 enum HksKeyDigest { 82 HKS_DIGEST_NONE = 0, 83 HKS_DIGEST_MD5 = 1, 84 HKS_DIGEST_SM3 = 2, 85 HKS_DIGEST_SHA1 = 10, 86 HKS_DIGEST_SHA224 = 11, 87 HKS_DIGEST_SHA256 = 12, 88 HKS_DIGEST_SHA384 = 13, 89 HKS_DIGEST_SHA512 = 14, 90 }; 91 92 /** 93 * @brief hks key padding 94 */ 95 enum HksKeyPadding { 96 HKS_PADDING_NONE = 0, 97 HKS_PADDING_OAEP = 1, 98 HKS_PADDING_PSS = 2, 99 HKS_PADDING_PKCS1_V1_5 = 3, 100 HKS_PADDING_PKCS5 = 4, 101 HKS_PADDING_PKCS7 = 5, 102 HKS_PADDING_ISO_IEC_9796_2 = 6, 103 HKS_PADDING_ISO_IEC_9797_1 = 7, 104 }; 105 106 /** 107 * @brief hks cipher mode 108 */ 109 enum HksCipherMode { 110 HKS_MODE_ECB = 1, 111 HKS_MODE_CBC = 2, 112 HKS_MODE_CTR = 3, 113 HKS_MODE_OFB = 4, 114 HKS_MODE_CFB = 5, 115 HKS_MODE_CCM = 31, 116 HKS_MODE_GCM = 32, 117 }; 118 119 /** 120 * @brief hks key size 121 */ 122 enum HksKeySize { 123 HKS_RSA_KEY_SIZE_512 = 512, 124 HKS_RSA_KEY_SIZE_768 = 768, 125 HKS_RSA_KEY_SIZE_1024 = 1024, 126 HKS_RSA_KEY_SIZE_2048 = 2048, 127 HKS_RSA_KEY_SIZE_3072 = 3072, 128 HKS_RSA_KEY_SIZE_4096 = 4096, 129 130 HKS_ECC_KEY_SIZE_224 = 224, 131 HKS_ECC_KEY_SIZE_256 = 256, 132 HKS_ECC_KEY_SIZE_384 = 384, 133 HKS_ECC_KEY_SIZE_521 = 521, 134 135 HKS_AES_KEY_SIZE_128 = 128, 136 HKS_AES_KEY_SIZE_192 = 192, 137 HKS_AES_KEY_SIZE_256 = 256, 138 HKS_AES_KEY_SIZE_512 = 512, 139 140 HKS_CURVE25519_KEY_SIZE_256 = 256, 141 142 HKS_DH_KEY_SIZE_2048 = 2048, 143 HKS_DH_KEY_SIZE_3072 = 3072, 144 HKS_DH_KEY_SIZE_4096 = 4096, 145 146 HKS_SM2_KEY_SIZE_256 = 256, 147 HKS_SM4_KEY_SIZE_128 = 128, 148 149 HKS_DES_KEY_SIZE_64 = 64, 150 HKS_3DES_KEY_SIZE_128 = 128, 151 HKS_3DES_KEY_SIZE_192 = 192, 152 }; 153 154 /** 155 * @brief hks key algorithm 156 */ 157 enum HksKeyAlg { 158 HKS_ALG_RSA = 1, 159 HKS_ALG_ECC = 2, 160 HKS_ALG_DSA = 3, 161 162 HKS_ALG_AES = 20, 163 HKS_ALG_HMAC = 50, 164 HKS_ALG_HKDF = 51, 165 HKS_ALG_PBKDF2 = 52, 166 HKS_ALG_GMKDF = 53, 167 168 HKS_ALG_ECDH = 100, 169 HKS_ALG_X25519 = 101, 170 HKS_ALG_ED25519 = 102, 171 HKS_ALG_DH = 103, 172 173 HKS_ALG_SM2 = 150, 174 HKS_ALG_SM3 = 151, 175 HKS_ALG_SM4 = 152, 176 177 HKS_ALG_DES = 160, 178 HKS_ALG_3DES = 161, 179 HKS_ALG_CMAC = 162, 180 }; 181 182 /** 183 * @brief hks algorithm suite 184 */ 185 enum HuksAlgSuite { 186 /* Algorithm suites of unwrapping wrapped-key by huks */ 187 /* Unwrap suite of key agreement type */ 188 /* WrappedData format(Bytes Array): 189 * | x25519_plain_pubkey_length (4 Byte) | x25519_plain_pubkey | agreekey_aad_length (4 Byte) | agreekey_aad 190 * | agreekey_nonce_length (4 Byte) | agreekey_nonce | agreekey_aead_tag_len(4 Byte) | agreekey_aead_tag 191 * | kek_enc_data_length (4 Byte) | kek_enc_data | kek_aad_length (4 Byte) | kek_aad 192 * | kek_nonce_length (4 Byte) | kek_nonce | kek_aead_tag_len (4 Byte) | kek_aead_tag 193 * | key_material_size_len (4 Byte) | key_material_size | key_mat_enc_length (4 Byte) | key_mat_enc_data 194 */ 195 HKS_UNWRAP_SUITE_X25519_AES_256_GCM_NOPADDING = 1, 196 197 /* WrappedData format(Bytes Array): 198 * | ECC_plain_pubkey_length (4 Byte) | ECC_plain_pubkey | agreekey_aad_length (4 Byte) | agreekey_aad 199 * | agreekey_nonce_length (4 Byte) | agreekey_nonce | agreekey_aead_tag_len(4 Byte) | agreekey_aead_tag 200 * | kek_enc_data_length (4 Byte) | kek_enc_data | kek_aad_length (4 Byte) | kek_aad 201 * | kek_nonce_length (4 Byte) | kek_nonce | kek_aead_tag_len (4 Byte) | kek_aead_tag 202 * | key_material_size_len (4 Byte) | key_material_size | key_mat_enc_length (4 Byte) | key_mat_enc_data 203 */ 204 HKS_UNWRAP_SUITE_ECDH_AES_256_GCM_NOPADDING = 2, 205 206 /* WrappedData format(Bytes Array): 207 * | SM2_plain_pubkey_length (4 Byte) | SM2_plain_pubkey | signData_size_length (4 Byte) | signData_size 208 * | kek_enc_data_length (4 Byte) | kek_enc_data | kek_material_size_len(4 Byte) | kek_material_size 209 * | factor1_data_len (4 Byte) | factor1_data | factor2_data_len (4 Byte) | factor2_data 210 * | mac_data_length (4 Byte) | mac_data | key_mat_enc_length (4 Byte) | key_mat_enc_data 211 * | iv_data_length (4 Byte) | iv_data |key_material_size_len (4 Byte) | key_material_size 212 */ 213 HKS_UNWRAP_SUITE_SM2_SM4_128_CBC_PKCS7_WITH_VERIFY_DIG_SM3 = 3, 214 215 /* WrappedData format(Bytes Array): 216 * | kek_enc_data_length (4 Byte) | kek_enc_data | kek_material_size_len(4 Byte) | kek_material_size 217 * | factor1_data_len (4 Byte) | factor1_data | factor2_data_len (4 Byte) | factor2_data 218 * | mac_data_length (4 Byte) | mac_data | key_mat_enc_length (4 Byte) | key_mat_enc_data 219 * | iv_data_length (4 Byte) | iv_data |key_material_size_len (4 Byte) | key_material_size 220 */ 221 HKS_UNWRAP_SUITE_SM2_SM4_128_CBC_PKCS7 = 4, 222 }; 223 224 /** 225 * @brief hks key generate type 226 */ 227 enum HksKeyGenerateType { 228 HKS_KEY_GENERATE_TYPE_DEFAULT = 0, 229 HKS_KEY_GENERATE_TYPE_DERIVE = 1, 230 HKS_KEY_GENERATE_TYPE_AGREE = 2, 231 }; 232 233 /** 234 * @brief hks key flag 235 */ 236 enum HksKeyFlag { 237 HKS_KEY_FLAG_IMPORT_KEY = 1, 238 HKS_KEY_FLAG_GENERATE_KEY = 2, 239 HKS_KEY_FLAG_AGREE_KEY = 3, 240 HKS_KEY_FLAG_DERIVE_KEY = 4, 241 }; 242 243 /** 244 * @brief hks key storage type 245 */ 246 enum HksKeyStorageType { 247 HKS_STORAGE_TEMP = 0, 248 HKS_STORAGE_PERSISTENT = 1, 249 HKS_STORAGE_ONLY_USED_IN_HUKS = 2, 250 HKS_STORAGE_ALLOW_KEY_EXPORTED = 3, 251 }; 252 253 /** 254 * @brief hks import key type 255 */ 256 enum HksImportKeyType { 257 HKS_KEY_TYPE_PUBLIC_KEY = 0, 258 HKS_KEY_TYPE_PRIVATE_KEY = 1, 259 HKS_KEY_TYPE_KEY_PAIR = 2, 260 }; 261 262 /** 263 * @brief hks rsa pss salt len type 264 */ 265 enum HksRsaPssSaltLenType { 266 HKS_RSA_PSS_SALTLEN_DIGEST = 0, /* Salt length matches digest */ 267 HKS_RSA_PSS_SALTLEN_MAX = 1, /* Set salt length to maximum possible, default type */ 268 }; 269 270 /** 271 * @brief hks error code 272 */ 273 enum HksErrorCode { 274 HKS_SUCCESS = 0, 275 HKS_FAILURE = -1, 276 HKS_ERROR_BAD_STATE = -2, 277 HKS_ERROR_INVALID_ARGUMENT = -3, 278 HKS_ERROR_NOT_SUPPORTED = -4, 279 HKS_ERROR_NO_PERMISSION = -5, 280 HKS_ERROR_INSUFFICIENT_DATA = -6, 281 HKS_ERROR_BUFFER_TOO_SMALL = -7, 282 HKS_ERROR_INSUFFICIENT_MEMORY = -8, 283 HKS_ERROR_COMMUNICATION_FAILURE = -9, 284 HKS_ERROR_STORAGE_FAILURE = -10, 285 HKS_ERROR_HARDWARE_FAILURE = -11, 286 HKS_ERROR_ALREADY_EXISTS = -12, 287 HKS_ERROR_NOT_EXIST = -13, 288 HKS_ERROR_NULL_POINTER = -14, 289 HKS_ERROR_FILE_SIZE_FAIL = -15, 290 HKS_ERROR_READ_FILE_FAIL = -16, 291 HKS_ERROR_INVALID_PUBLIC_KEY = -17, 292 HKS_ERROR_INVALID_PRIVATE_KEY = -18, 293 HKS_ERROR_INVALID_KEY_INFO = -19, 294 HKS_ERROR_HASH_NOT_EQUAL = -20, 295 HKS_ERROR_MALLOC_FAIL = -21, 296 HKS_ERROR_WRITE_FILE_FAIL = -22, 297 HKS_ERROR_REMOVE_FILE_FAIL = -23, 298 HKS_ERROR_OPEN_FILE_FAIL = -24, 299 HKS_ERROR_CLOSE_FILE_FAIL = -25, 300 HKS_ERROR_MAKE_DIR_FAIL = -26, 301 HKS_ERROR_INVALID_KEY_FILE = -27, 302 HKS_ERROR_IPC_MSG_FAIL = -28, 303 HKS_ERROR_REQUEST_OVERFLOWS = -29, 304 HKS_ERROR_PARAM_NOT_EXIST = -30, 305 HKS_ERROR_CRYPTO_ENGINE_ERROR = -31, 306 HKS_ERROR_COMMUNICATION_TIMEOUT = -32, 307 HKS_ERROR_IPC_INIT_FAIL = -33, 308 HKS_ERROR_IPC_DLOPEN_FAIL = -34, 309 HKS_ERROR_EFUSE_READ_FAIL = -35, 310 HKS_ERROR_NEW_ROOT_KEY_MATERIAL_EXIST = -36, 311 HKS_ERROR_UPDATE_ROOT_KEY_MATERIAL_FAIL = -37, 312 HKS_ERROR_VERIFICATION_FAILED = -38, 313 HKS_ERROR_SESSION_REACHED_LIMIT = -39, 314 315 HKS_ERROR_GET_USERIAM_SECINFO_FAILED = -40, 316 HKS_ERROR_GET_USERIAM_AUTHINFO_FAILED = -41, 317 HKS_ERROR_USER_AUTH_TYPE_NOT_SUPPORT = -42, 318 HKS_ERROR_KEY_AUTH_FAILED = -43, 319 HKS_ERROR_DEVICE_NO_CREDENTIAL = -44, 320 HKS_ERROR_API_NOT_SUPPORTED = -45, 321 HKS_ERROR_KEY_AUTH_PERMANENTLY_INVALIDATED = -46, 322 HKS_ERROR_KEY_AUTH_VERIFY_FAILED = -47, 323 HKS_ERROR_KEY_AUTH_TIME_OUT = -48, 324 325 HKS_ERROR_CREDENTIAL_NOT_EXIST = -49, 326 327 HKS_ERROR_CHECK_GET_ALG_FAIL = -100, 328 HKS_ERROR_CHECK_GET_KEY_SIZE_FAIL = -101, 329 HKS_ERROR_CHECK_GET_PADDING_FAIL = -102, 330 HKS_ERROR_CHECK_GET_PURPOSE_FAIL = -103, 331 HKS_ERROR_CHECK_GET_DIGEST_FAIL = -104, 332 HKS_ERROR_CHECK_GET_MODE_FAIL = -105, 333 HKS_ERROR_CHECK_GET_NONCE_FAIL = -106, 334 HKS_ERROR_CHECK_GET_AAD_FAIL = -107, 335 HKS_ERROR_CHECK_GET_IV_FAIL = -108, 336 HKS_ERROR_CHECK_GET_AE_TAG_FAIL = -109, 337 HKS_ERROR_CHECK_GET_SALT_FAIL = -110, 338 HKS_ERROR_CHECK_GET_ITERATION_FAIL = -111, 339 HKS_ERROR_INVALID_ALGORITHM = -112, 340 HKS_ERROR_INVALID_KEY_SIZE = -113, 341 HKS_ERROR_INVALID_PADDING = -114, 342 HKS_ERROR_INVALID_PURPOSE = -115, 343 HKS_ERROR_INVALID_MODE = -116, 344 HKS_ERROR_INVALID_DIGEST = -117, 345 HKS_ERROR_INVALID_SIGNATURE_SIZE = -118, 346 HKS_ERROR_INVALID_IV = -119, 347 HKS_ERROR_INVALID_AAD = -120, 348 HKS_ERROR_INVALID_NONCE = -121, 349 HKS_ERROR_INVALID_AE_TAG = -122, 350 HKS_ERROR_INVALID_SALT = -123, 351 HKS_ERROR_INVALID_ITERATION = -124, 352 HKS_ERROR_INVALID_OPERATION = -125, 353 HKS_ERROR_INVALID_WRAPPED_FORMAT = -126, 354 HKS_ERROR_INVALID_USAGE_OF_KEY = -127, 355 HKS_ERROR_CHECK_GET_AUTH_TYP_FAILED = -128, 356 HKS_ERROR_CHECK_GET_CHALLENGE_TYPE_FAILED = -129, 357 HKS_ERROR_CHECK_GET_ACCESS_TYPE_FAILED = -130, 358 HKS_ERROR_CHECK_GET_AUTH_TOKEN_FAILED = -131, 359 HKS_ERROR_INVALID_TIME_OUT = -132, 360 HKS_ERROR_INVALID_AUTH_TYPE = -133, 361 HKS_ERROR_INVALID_CHALLENGE_TYPE = -134, 362 HKS_ERROR_INVALID_ACCESS_TYPE = -135, 363 HKS_ERROR_INVALID_AUTH_TOKEN = -136, 364 HKS_ERROR_INVALID_SECURE_SIGN_TYPE = -137, 365 HKS_ERROR_NEED_SKIP_ACCESS_CONTROL = -138, 366 HKS_ERROR_DEVICE_PASSWORD_UNSET = -139, 367 HKS_ERROR_NOT_SYSTEM_APP = -140, 368 HKS_ERROR_EXCEED_LIMIT = -141, 369 HKS_ERROR_UPGRADE_FAIL = -142, 370 HKS_ERROR_INVALID_ACCOUNT_INFO = -143, 371 HKS_ERROR_CORRUPT_FILE = -144, 372 HKS_ERROR_KEY_NODE_NOT_FOUND = -145, 373 HKS_ERROR_KEY_NODE_IN_USE = -146, 374 HKS_ERROR_RETRYABLE_ERROR = -147, 375 HKS_ERROR_KEY_CONFLICT = -148, 376 HKS_ERROR_KEY_CLEAR_FAILED = -149, 377 HKS_ERROR_EMPTY_BASE64_STRING = -151, 378 379 HKS_ERROR_LOAD_PLUGIN_FAIL = -998, 380 HKS_ERROR_INTERNAL_ERROR = -999, 381 HKS_ERROR_UNKNOWN_ERROR = -1000, 382 }; 383 384 /** 385 * @brief hks err code 386 */ 387 enum HksErrCode { 388 HUKS_ERR_CODE_PERMISSION_FAIL = 201, 389 HUKS_ERR_CODE_NOT_SYSTEM_APP = 202, 390 HUKS_ERR_CODE_ILLEGAL_ARGUMENT = 401, 391 HUKS_ERR_CODE_NOT_SUPPORTED_API = 801, 392 393 HUKS_ERR_CODE_FEATURE_NOT_SUPPORTED = 12000001, 394 HUKS_ERR_CODE_MISSING_CRYPTO_ALG_ARGUMENT = 12000002, 395 HUKS_ERR_CODE_INVALID_CRYPTO_ALG_ARGUMENT = 12000003, 396 HUKS_ERR_CODE_FILE_OPERATION_FAIL = 12000004, 397 HUKS_ERR_CODE_COMMUNICATION_FAIL = 12000005, 398 HUKS_ERR_CODE_CRYPTO_FAIL = 12000006, 399 HUKS_ERR_CODE_KEY_AUTH_PERMANENTLY_INVALIDATED = 12000007, 400 HUKS_ERR_CODE_KEY_AUTH_VERIFY_FAILED = 12000008, 401 HUKS_ERR_CODE_KEY_AUTH_TIME_OUT = 12000009, 402 HUKS_ERR_CODE_SESSION_LIMIT = 12000010, 403 HUKS_ERR_CODE_ITEM_NOT_EXIST = 12000011, 404 HUKS_ERR_CODE_EXTERNAL_ERROR = 12000012, 405 HUKS_ERR_CODE_CREDENTIAL_NOT_EXIST = 12000013, 406 HUKS_ERR_CODE_INSUFFICIENT_MEMORY = 12000014, 407 HUKS_ERR_CODE_CALL_SERVICE_FAILED = 12000015, 408 HUKS_ERR_CODE_DEVICE_PASSWORD_UNSET = 12000016, 409 }; 410 411 /** 412 * @brief hks tag type 413 */ 414 enum HksTagType { 415 HKS_TAG_TYPE_INVALID = 0 << 28, 416 HKS_TAG_TYPE_INT = 1 << 28, 417 HKS_TAG_TYPE_UINT = 2 << 28, 418 HKS_TAG_TYPE_ULONG = 3 << 28, 419 HKS_TAG_TYPE_BOOL = 4 << 28, 420 HKS_TAG_TYPE_BYTES = 5 << 28, 421 }; 422 423 /** 424 * @brief hks send type 425 */ 426 enum HksSendType { 427 HKS_SEND_TYPE_ASYNC = 0, 428 HKS_SEND_TYPE_SYNC, 429 }; 430 431 /** 432 * @brief hks user auth type 433 * @see `enum AuthType` in `drivers/interface/user_auth/v3_0/UserAuthTypes.idl` 434 */ 435 enum HksUserAuthType { 436 HKS_USER_AUTH_TYPE_FINGERPRINT = 1 << 0, 437 HKS_USER_AUTH_TYPE_FACE = 1 << 1, 438 HKS_USER_AUTH_TYPE_PIN = 1 << 2, 439 }; 440 441 /** 442 * @brief hks auth access type 443 */ 444 enum HksAuthAccessType { 445 HKS_AUTH_ACCESS_INVALID_CLEAR_PASSWORD = 1 << 0, 446 HKS_AUTH_ACCESS_INVALID_NEW_BIO_ENROLL = 1 << 1, 447 HKS_AUTH_ACCESS_ALWAYS_VALID = 1 << 2, 448 }; 449 450 /** 451 * @brief hks challenge type 452 */ 453 enum HksChallengeType { 454 HKS_CHALLENGE_TYPE_NORMAL = 0, 455 HKS_CHALLENGE_TYPE_CUSTOM = 1, 456 HKS_CHALLENGE_TYPE_NONE = 2, 457 }; 458 459 /** 460 * @brief hks auth mode 461 */ 462 enum HksUserAuthMode { 463 HKS_USER_AUTH_MODE_LOCAL = 0, 464 HKS_USER_AUTH_MODE_COAUTH = 1, 465 }; 466 467 /** 468 * @brief hks challenge position 469 */ 470 enum HksChallengePosition { 471 HKS_CHALLENGE_POS_0 = 0, 472 HKS_CHALLENGE_POS_1, 473 HKS_CHALLENGE_POS_2, 474 HKS_CHALLENGE_POS_3, 475 }; 476 477 /** 478 * @brief hks secure sign type 479 */ 480 enum HksSecureSignType { 481 HKS_SECURE_SIGN_WITH_AUTHINFO = 1, 482 }; 483 484 /** 485 * @brief hks attestation type 486 */ 487 enum HksAttestationMode { 488 HKS_ATTESTATION_MODE_DEFAULT = 0, 489 HKS_ATTESTATION_MODE_ANONYMOUS 490 }; 491 492 /** 493 * @brief hks attestation cert type 494 */ 495 enum HksAttestationCertType { 496 HKS_ATTESTATION_CERT_TYPE_PROVISION = 0, 497 HKS_ATTESTATION_CERT_TYPE_HARDWARE_BOUND = 1, 498 HKS_ATTESTATION_CERT_TYPE_RSA = 2, 499 }; 500 501 /** 502 * @brief hks attestation Caller Type 503 */ 504 enum HksCallerType { 505 HKS_HAP_TYPE = 0x1, 506 HKS_SA_TYPE, 507 HKS_UNIFIED_TYPE, 508 }; 509 510 #define HKS_ASSIGN_ENUM_VALUE(x, y) x = y, 511 512 #define HKS_ASSIGN_PARAM_ALG_ENUM \ 513 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_INVALID, HKS_TAG_TYPE_INVALID | 0) \ 514 /* Base algrithom TAG: 1 - 200 */\ 515 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ALGORITHM, HKS_TAG_TYPE_UINT | 1) \ 516 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_PURPOSE, HKS_TAG_TYPE_UINT | 2) \ 517 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_SIZE, HKS_TAG_TYPE_UINT | 3) \ 518 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_DIGEST, HKS_TAG_TYPE_UINT | 4) \ 519 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_PADDING, HKS_TAG_TYPE_UINT | 5) \ 520 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_BLOCK_MODE, HKS_TAG_TYPE_UINT | 6) \ 521 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_TYPE, HKS_TAG_TYPE_UINT | 7) \ 522 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ASSOCIATED_DATA, HKS_TAG_TYPE_BYTES | 8) \ 523 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_NONCE, HKS_TAG_TYPE_BYTES | 9) \ 524 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_IV, HKS_TAG_TYPE_BYTES | 10) \ 525 /* Key derivation TAG */\ 526 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_INFO, HKS_TAG_TYPE_BYTES | 11) \ 527 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_SALT, HKS_TAG_TYPE_BYTES | 12) \ 528 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_PWD, HKS_TAG_TYPE_BYTES | 13) \ 529 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ITERATION, HKS_TAG_TYPE_UINT | 14) \ 530 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_GENERATE_TYPE, HKS_TAG_TYPE_UINT | 15) /* choose from enum HksKeyGenerateType */\ 531 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_DERIVE_MAIN_KEY, HKS_TAG_TYPE_BYTES | 16) \ 532 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_DERIVE_FACTOR, HKS_TAG_TYPE_BYTES | 17) \ 533 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_DERIVE_ALG, HKS_TAG_TYPE_UINT | 18) \ 534 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_AGREE_ALG, HKS_TAG_TYPE_UINT | 19) \ 535 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_AGREE_PUBLIC_KEY_IS_KEY_ALIAS, HKS_TAG_TYPE_BOOL | 20) \ 536 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_AGREE_PRIVATE_KEY_ALIAS, HKS_TAG_TYPE_BYTES | 21) \ 537 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_AGREE_PUBLIC_KEY, HKS_TAG_TYPE_BYTES | 22) \ 538 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_ALIAS, HKS_TAG_TYPE_BYTES | 23) \ 539 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_DERIVE_KEY_SIZE, HKS_TAG_TYPE_UINT | 24) \ 540 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_IMPORT_KEY_TYPE, HKS_TAG_TYPE_UINT | 25) /* choose from enum HksImportKeyType */\ 541 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_UNWRAP_ALGORITHM_SUITE, HKS_TAG_TYPE_UINT | 26) \ 542 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_CIPHER_TEXT, HKS_TAG_TYPE_BYTES | 27) \ 543 /* parameters required by HuksCoreChipsetPlatformDecrypt */\ 544 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_PEER_PUBLIC_KEY, HKS_TAG_TYPE_BYTES | 28) \ 545 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_DERIVE_AGREE_KEY_STORAGE_FLAG, HKS_TAG_TYPE_UINT | 29) \ 546 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_RSA_PSS_SALT_LEN_TYPE, HKS_TAG_TYPE_UINT | 30) /* only supported for PSS padding */\ 547 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_MGF_DIGEST, HKS_TAG_TYPE_UINT | 31) \ 548 /* Key authentication related TAG: 201 - 300 */\ 549 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ACTIVE_DATETIME, HKS_TAG_TYPE_ULONG | 201) \ 550 /* Date when new "messages" should not be created. */\ 551 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ORIGINATION_EXPIRE_DATETIME, HKS_TAG_TYPE_ULONG | 202) \ 552 /* Date when existing "messages" should not be used. */\ 553 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_USAGE_EXPIRE_DATETIME, HKS_TAG_TYPE_ULONG | 203) \ 554 /* Key creation time */\ 555 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_CREATION_DATETIME, HKS_TAG_TYPE_ULONG | 204) \ 556 /* Other authentication related TAG: 301 - 500 */\ 557 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ALL_USERS, HKS_TAG_TYPE_BOOL | 301) \ 558 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_USER_ID, HKS_TAG_TYPE_UINT | 302) \ 559 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_NO_AUTH_REQUIRED, HKS_TAG_TYPE_BOOL | 303) \ 560 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_USER_AUTH_TYPE, HKS_TAG_TYPE_UINT | 304) \ 561 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_AUTH_TIMEOUT, HKS_TAG_TYPE_UINT | 305) \ 562 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_AUTH_TOKEN, HKS_TAG_TYPE_BYTES | 306) \ 563 /* Key secure access control and user auth TAG */\ 564 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_AUTH_ACCESS_TYPE, HKS_TAG_TYPE_UINT | 307) \ 565 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_SECURE_SIGN_TYPE, HKS_TAG_TYPE_UINT | 308) \ 566 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_CHALLENGE_TYPE, HKS_TAG_TYPE_UINT | 309) \ 567 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_CHALLENGE_POS, HKS_TAG_TYPE_UINT | 310) \ 568 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_AUTH_PURPOSE, HKS_TAG_TYPE_UINT | 311) \ 569 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_FRONT_USER_ID, HKS_TAG_TYPE_INT | 312) \ 570 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_BATCH_PURPOSE, HKS_TAG_TYPE_UINT | 313) \ 571 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_IS_BATCH_OPERATION, HKS_TAG_TYPE_BOOL | 314) \ 572 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_BATCH_OPERATION_TIMEOUT, HKS_TAG_TYPE_UINT | 315) \ 573 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_AUTH_STORAGE_LEVEL, HKS_TAG_TYPE_UINT | 316) \ 574 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_SPECIFIC_USER_ID, HKS_TAG_TYPE_INT | 317) \ 575 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_USER_AUTH_MODE, HKS_TAG_TYPE_UINT | 319) \ 576 /* Attestation related TAG: 501 - 600 */\ 577 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_CHALLENGE, HKS_TAG_TYPE_BYTES | 501) \ 578 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_APPLICATION_ID, HKS_TAG_TYPE_BYTES | 502) \ 579 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_ID_BRAND, HKS_TAG_TYPE_BYTES | 503) \ 580 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_ID_DEVICE, HKS_TAG_TYPE_BYTES | 504) \ 581 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_ID_PRODUCT, HKS_TAG_TYPE_BYTES | 505) \ 582 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_ID_SERIAL, HKS_TAG_TYPE_BYTES | 506) \ 583 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_ID_IMEI, HKS_TAG_TYPE_BYTES | 507) \ 584 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_ID_MEID, HKS_TAG_TYPE_BYTES | 508) \ 585 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_ID_MANUFACTURER, HKS_TAG_TYPE_BYTES | 509) \ 586 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_ID_MODEL, HKS_TAG_TYPE_BYTES | 510) \ 587 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_ID_ALIAS, HKS_TAG_TYPE_BYTES | 511) \ 588 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_ID_SOCID, HKS_TAG_TYPE_BYTES | 512) \ 589 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_ID_UDID, HKS_TAG_TYPE_BYTES | 513) \ 590 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO, HKS_TAG_TYPE_BYTES | 514) \ 591 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_ID_VERSION_INFO, HKS_TAG_TYPE_BYTES | 515) \ 592 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_BASE64, HKS_TAG_TYPE_BOOL | 516) \ 593 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_MODE, HKS_TAG_TYPE_UINT | 517) \ 594 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_APPLICATION_ID_TYPE, HKS_TAG_TYPE_UINT | 518) \ 595 /* Extention TAG: 1001 - 9999 */\ 596 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_IS_KEY_ALIAS, HKS_TAG_TYPE_BOOL | 1001) \ 597 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_STORAGE_FLAG, HKS_TAG_TYPE_UINT | 1002) /* choose from enum HksKeyStorageType */\ 598 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_IS_ALLOWED_WRAP, HKS_TAG_TYPE_BOOL | 1003) \ 599 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_WRAP_TYPE, HKS_TAG_TYPE_UINT | 1004) \ 600 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_AUTH_ID, HKS_TAG_TYPE_BYTES | 1005) \ 601 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_ROLE, HKS_TAG_TYPE_UINT | 1006) \ 602 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_FLAG, HKS_TAG_TYPE_UINT | 1007) /* choose from enum HksKeyFlag */\ 603 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_IS_ASYNCHRONIZED, HKS_TAG_TYPE_UINT | 1008) \ 604 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_SECURE_KEY_ALIAS, HKS_TAG_TYPE_BOOL | 1009) \ 605 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_SECURE_KEY_UUID, HKS_TAG_TYPE_BYTES | 1010) \ 606 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_DOMAIN, HKS_TAG_TYPE_UINT | 1011) \ 607 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_IS_DEVICE_PASSWORD_SET, HKS_TAG_TYPE_BOOL | 1012) \ 608 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_EXT_INFO, HKS_TAG_TYPE_BYTES | 1013) \ 609 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_DATA_WRAP_TYPE, HKS_TAG_TYPE_UINT | 1014) \ 610 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_IS_ALLOWED_DATA_WRAP, HKS_TAG_TYPE_BOOL | 1015) \ 611 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_WRAP_KEY_VERSION, HKS_TAG_TYPE_UINT | 1016) \ 612 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_AGREE_PUBKEY_TYPE, HKS_TAG_TYPE_UINT | 1017) \ 613 /* Inner-use TAG: 10001 - 10999 */\ 614 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_PACKAGE_NAME, HKS_TAG_TYPE_BYTES | 10002) \ 615 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ACCESS_TIME, HKS_TAG_TYPE_UINT | 10003) \ 616 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_USES_TIME, HKS_TAG_TYPE_UINT | 10004) \ 617 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_CRYPTO_CTX, HKS_TAG_TYPE_ULONG | 10005) \ 618 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_PAYLOAD_LEN, HKS_TAG_TYPE_UINT | 10008) \ 619 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_AE_TAG, HKS_TAG_TYPE_BYTES | 10009) \ 620 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_IS_KEY_HANDLE, HKS_TAG_TYPE_ULONG | 10010) \ 621 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_INIT_CHALLENGE, HKS_TAG_TYPE_BYTES | 10011) \ 622 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_IS_USER_AUTH_ACCESS, HKS_TAG_TYPE_BOOL | 10012) \ 623 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_USER_AUTH_CHALLENGE, HKS_TAG_TYPE_BYTES | 10013) \ 624 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_USER_AUTH_ENROLL_ID_INFO, HKS_TAG_TYPE_BYTES | 10014) \ 625 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_USER_AUTH_SECURE_UID, HKS_TAG_TYPE_BYTES | 10015) \ 626 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_AUTH_RESULT, HKS_TAG_TYPE_INT | 10016) \ 627 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_IF_NEED_APPEND_AUTH_INFO, HKS_TAG_TYPE_BOOL | 10017) \ 628 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_VERIFIED_AUTH_TOKEN, HKS_TAG_TYPE_BYTES | 10018) \ 629 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_IS_APPEND_UPDATE_DATA, HKS_TAG_TYPE_BOOL | 10019) \ 630 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_ACCESS_TIME, HKS_TAG_TYPE_ULONG | 10020) \ 631 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_OWNER_ID, HKS_TAG_TYPE_BYTES | 10021) \ 632 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_OWNER_TYPE, HKS_TAG_TYPE_UINT | 10022) \ 633 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ACCOUNT_ID, HKS_TAG_TYPE_BYTES | 10023) \ 634 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_IS_CHANGE_STORAGE_LEVEL, HKS_TAG_TYPE_BOOL | 10024) \ 635 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_IS_COPY_NEW_KEY, HKS_TAG_TYPE_BOOL | 10025) \ 636 /* TAGs used for paramSetOut */\ 637 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_SYMMETRIC_KEY_DATA, HKS_TAG_TYPE_BYTES | 20001) \ 638 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ASYMMETRIC_PUBLIC_KEY_DATA, HKS_TAG_TYPE_BYTES | 20002) \ 639 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ASYMMETRIC_PRIVATE_KEY_DATA, HKS_TAG_TYPE_BYTES | 20003) \ 640 /* TAGs used for huksExt */\ 641 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_ATTESTATION_CERT_TYPE, HKS_TAG_TYPE_UINT | 100001) \ 642 643 #define HKS_ASSIGN_PARAM_FILE_ENUM \ 644 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_PROCESS_NAME, HKS_TAG_TYPE_BYTES | 10001) \ 645 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY, HKS_TAG_TYPE_BYTES | 10006) \ 646 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_KEY_VERSION, HKS_TAG_TYPE_UINT | 10007) \ 647 /* Os version related TAG */\ 648 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_OS_VERSION, HKS_TAG_TYPE_UINT | 10101) \ 649 HKS_ASSIGN_ENUM_VALUE(HKS_TAG_OS_PATCHLEVEL, HKS_TAG_TYPE_UINT | 10102) \ 650 651 /** 652 * @brief hks Tag 653 */ 654 enum HksTag { 655 /** 656 * HUKS tags for alg enum 657 */ 658 HKS_ASSIGN_PARAM_ALG_ENUM 659 660 /** 661 * HUKS tags for key file enum 662 */ 663 HKS_ASSIGN_PARAM_FILE_ENUM 664 }; 665 666 enum HksUserIamType { 667 HKS_AUTH_TYPE = 0, 668 }; 669 670 /** 671 * @brief hks chipset platform decrypt scene 672 */ 673 enum HksChipsetPlatformDecryptScene { 674 HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA = 1, 675 }; 676 677 /** 678 * @brief hks auth storage level 679 */ 680 enum HksAuthStorageLevel { 681 HKS_AUTH_STORAGE_LEVEL_DE = 0, 682 HKS_AUTH_STORAGE_LEVEL_CE = 1, 683 HKS_AUTH_STORAGE_LEVEL_ECE = 2, 684 }; 685 686 enum HksAgreePubKeyType { 687 HKS_PUBKEY_DEFAULT = 0, 688 HKS_PUBKEY_CERT_CHAIN = 1, 689 }; 690 691 #ifdef __cplusplus 692 } 693 #endif 694 695 #endif /* HKS_TYPE_ENUM_H */ 696