1 /*
2 * Copyright (C) 2021 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "das_task_common.h"
17 #include "alg_defs.h"
18 #include "alg_loader.h"
19 #include "hc_log.h"
20 #include "protocol_common.h"
21
22 #define MESSAGE_RETURN 0x8000
23 #define MESSAGE_PREFIX 0x0010
24
25 /* in order to expand to uint16_t */
26 static const uint8_t KEY_TYPE_PAIRS[KEY_ALIAS_TYPE_END][KEY_TYPE_PAIR_LEN] = {
27 { 0x00, 0x00 }, /* ACCESSOR_PK */
28 { 0x00, 0x01 }, /* CONTROLLER_PK */
29 { 0x00, 0x02 }, /* ed25519 KEYPAIR */
30 { 0x00, 0x03 }, /* KEK, key encryption key, used only by DeviceAuthService */
31 { 0x00, 0x04 }, /* DEK, data encryption key, used only by upper apps */
32 { 0x00, 0x05 }, /* key tmp */
33 { 0x00, 0x06 }, /* PSK, preshared key index */
34 { 0x00, 0x07 }, /* AUTHTOKEN */
35 { 0x00, 0x08 } /* P2P_AUTH */
36 };
37
GetKeyTypePair(KeyAliasType keyAliasType)38 static uint8_t *GetKeyTypePair(KeyAliasType keyAliasType)
39 {
40 return (uint8_t *)KEY_TYPE_PAIRS[keyAliasType];
41 }
42
DasSendErrorToOut(CJson * out,int errCode)43 void DasSendErrorToOut(CJson *out, int errCode)
44 {
45 CJson *sendToSelf = CreateJson();
46 if (sendToSelf == NULL) {
47 LOGE("Create sendToSelf json failed.");
48 return;
49 }
50 CJson *sendToPeer = CreateJson();
51 if (sendToPeer == NULL) {
52 LOGE("Create sendToPeer json failed.");
53 FreeJson(sendToSelf);
54 return;
55 }
56 CJson *payload = CreateJson();
57 if (payload == NULL) {
58 LOGE("Create payload json failed.");
59 goto ERR;
60 }
61 int res;
62 GOTO_ERR_AND_SET_RET(AddIntToJson(sendToSelf, FIELD_AUTH_FORM, AUTH_FORM_ACCOUNT_UNRELATED), res);
63 GOTO_ERR_AND_SET_RET(AddIntToJson(sendToSelf, FIELD_ERROR_CODE, errCode), res);
64
65 GOTO_ERR_AND_SET_RET(AddIntToJson(payload, FIELD_ERROR_CODE, errCode), res);
66 GOTO_ERR_AND_SET_RET(AddObjToJson(sendToPeer, FIELD_PAYLOAD, payload), res);
67 GOTO_ERR_AND_SET_RET(AddIntToJson(sendToPeer, FIELD_MESSAGE, ERR_MESSAGE), res);
68
69 GOTO_ERR_AND_SET_RET(AddObjToJson(out, FIELD_SEND_TO_PEER, sendToPeer), res);
70 GOTO_ERR_AND_SET_RET(AddObjToJson(out, FIELD_SEND_TO_SELF, sendToSelf), res);
71 ERR:
72 FreeJson(sendToPeer);
73 FreeJson(sendToSelf);
74 FreeJson(payload);
75 }
76
DasSendErrMsgToSelf(CJson * out,int errCode)77 void DasSendErrMsgToSelf(CJson *out, int errCode)
78 {
79 CJson *sendToSelf = CreateJson();
80 if (sendToSelf == NULL) {
81 LOGE("Create sendToSelf json failed.");
82 return;
83 }
84
85 if (AddIntToJson(sendToSelf, FIELD_AUTH_FORM, AUTH_FORM_ACCOUNT_UNRELATED) != 0) {
86 FreeJson(sendToSelf);
87 LOGE("Add authForm failed.");
88 return;
89 }
90 if (AddIntToJson(sendToSelf, FIELD_ERROR_CODE, errCode) != 0) {
91 FreeJson(sendToSelf);
92 LOGE("Add errCode failed.");
93 return;
94 }
95 if (AddObjToJson(out, FIELD_SEND_TO_SELF, sendToSelf) != 0) {
96 FreeJson(sendToSelf);
97 LOGE("Add sendToSelf failed.");
98 return;
99 }
100 FreeJson(sendToSelf);
101 }
102
ProtocolMessageIn(const CJson * in)103 uint32_t ProtocolMessageIn(const CJson *in)
104 {
105 int32_t message = 0;
106 if (GetIntFromJson(in, FIELD_MESSAGE, &message) != 0) {
107 return INVALID_MESSAGE;
108 }
109 if (message == ERR_MESSAGE) {
110 return ERR_MESSAGE;
111 }
112 return (uint32_t)message & 0x000F; /* get lower 8 bit */
113 }
114
ClientProtocolMessageOut(CJson * out,int opCode,uint32_t step)115 int ClientProtocolMessageOut(CJson *out, int opCode, uint32_t step)
116 {
117 CJson *sendToPeer = GetObjFromJson(out, FIELD_SEND_TO_PEER);
118 if (sendToPeer == NULL) {
119 LOGD("No need to send to peer");
120 return HC_SUCCESS;
121 }
122 int res;
123 switch (opCode) {
124 case OP_BIND:
125 case AUTH_KEY_AGREEMENT:
126 res = AddIntToJson(sendToPeer, FIELD_MESSAGE, step);
127 break;
128 case AUTHENTICATE:
129 case OP_UNBIND:
130 step = step | MESSAGE_PREFIX;
131 res = AddIntToJson(sendToPeer, FIELD_MESSAGE, step);
132 break;
133 default:
134 LOGE("Unsupported opCode: %d.", opCode);
135 return HC_ERR_NOT_SUPPORT;
136 }
137 return (res == 0) ? HC_SUCCESS : HC_ERR_JSON_ADD;
138 }
139
ServerProtocolMessageOut(CJson * out,int opCode,uint32_t step)140 int ServerProtocolMessageOut(CJson *out, int opCode, uint32_t step)
141 {
142 int res;
143 CJson *sendToPeer = GetObjFromJson(out, FIELD_SEND_TO_PEER);
144 if (sendToPeer == NULL) {
145 LOGD("No need to send to peer");
146 return HC_SUCCESS;
147 }
148 switch (opCode) {
149 case OP_BIND:
150 case AUTH_KEY_AGREEMENT:
151 step = step | MESSAGE_RETURN;
152 res = AddIntToJson(sendToPeer, FIELD_MESSAGE, step);
153 break;
154 case AUTHENTICATE:
155 case OP_UNBIND:
156 step = step | MESSAGE_RETURN;
157 step = step | MESSAGE_PREFIX;
158 res = AddIntToJson(sendToPeer, FIELD_MESSAGE, step);
159 break;
160 default:
161 LOGE("Unsupported opCode: %d.", opCode);
162 return HC_ERR_NOT_SUPPORT;
163 }
164 return (res == 0) ? HC_SUCCESS : HC_ERR_JSON_ADD;
165 }
166
CombineServiceId(const Uint8Buff * pkgName,const Uint8Buff * serviceType,Uint8Buff * serviceId)167 static int32_t CombineServiceId(const Uint8Buff *pkgName, const Uint8Buff *serviceType, Uint8Buff *serviceId)
168 {
169 int32_t res = HC_SUCCESS;
170 Uint8Buff serviceIdPlain = { NULL, 0 };
171 serviceIdPlain.length = pkgName->length + serviceType->length;
172 serviceIdPlain.val = (uint8_t *)HcMalloc(serviceIdPlain.length, 0);
173 if (serviceIdPlain.val == NULL) {
174 LOGE("malloc serviceIdPlain.val failed.");
175 res = HC_ERR_ALLOC_MEMORY;
176 goto ERR;
177 }
178
179 if (memcpy_s(serviceIdPlain.val, serviceIdPlain.length, pkgName->val, pkgName->length) != EOK) {
180 LOGE("Copy service id: pkgName failed.");
181 res = HC_ERR_MEMORY_COPY;
182 goto ERR;
183 }
184 if (memcpy_s(serviceIdPlain.val + pkgName->length, serviceIdPlain.length - pkgName->length,
185 serviceType->val, serviceType->length) != EOK) {
186 LOGE("Copy service id: serviceType failed.");
187 res = HC_ERR_MEMORY_COPY;
188 goto ERR;
189 }
190
191 res = GetLoaderInstance()->sha256(&serviceIdPlain, serviceId);
192 if (res != HC_SUCCESS) {
193 LOGE("Service id Sha256 failed.");
194 goto ERR;
195 }
196 ERR:
197 HcFree(serviceIdPlain.val);
198 return res;
199 }
200
CombineKeyAlias(const Uint8Buff * serviceId,const Uint8Buff * keyType,const Uint8Buff * authId,Uint8Buff * keyAliasHash)201 static int32_t CombineKeyAlias(const Uint8Buff *serviceId, const Uint8Buff *keyType,
202 const Uint8Buff *authId, Uint8Buff *keyAliasHash)
203 {
204 int32_t res = HC_SUCCESS;
205 Uint8Buff keyAliasBuff = { NULL, 0 };
206 keyAliasBuff.length = serviceId->length + authId->length + keyType->length;
207 keyAliasBuff.val = (uint8_t *)HcMalloc(keyAliasBuff.length, 0);
208 if (keyAliasBuff.val == NULL) {
209 LOGE("Malloc mem failed.");
210 return HC_ERR_ALLOC_MEMORY;
211 }
212
213 uint32_t totalLen = keyAliasBuff.length;
214 uint32_t usedLen = 0;
215 if (memcpy_s(keyAliasBuff.val, totalLen, serviceId->val, serviceId->length) != EOK) {
216 LOGE("Copy serviceId failed.");
217 res = HC_ERR_MEMORY_COPY;
218 goto ERR;
219 }
220 usedLen = usedLen + serviceId->length;
221
222 if (memcpy_s(keyAliasBuff.val + usedLen, totalLen - usedLen, keyType->val, keyType->length) != EOK) {
223 LOGE("Copy keyType failed.");
224 res = HC_ERR_MEMORY_COPY;
225 goto ERR;
226 }
227 usedLen = usedLen + keyType->length;
228
229 if (memcpy_s(keyAliasBuff.val + usedLen, totalLen - usedLen, authId->val, authId->length) != EOK) {
230 LOGE("Copy authId failed.");
231 res = HC_ERR_MEMORY_COPY;
232 goto ERR;
233 }
234
235 res = GetLoaderInstance()->sha256(&keyAliasBuff, keyAliasHash);
236 if (res != HC_SUCCESS) {
237 LOGE("Sha256 failed.");
238 goto ERR;
239 }
240 ERR:
241 HcFree(keyAliasBuff.val);
242 return res;
243 }
244
CombineKeyAliasForPseudonymPsk(const Uint8Buff * serviceType,const Uint8Buff * peerAuthId,const Uint8Buff * keyType,Uint8Buff * keyAliasHash)245 static int32_t CombineKeyAliasForPseudonymPsk(const Uint8Buff *serviceType, const Uint8Buff *peerAuthId,
246 const Uint8Buff *keyType, Uint8Buff *keyAliasHash)
247 {
248 Uint8Buff keyAliasBuff = { NULL, 0 };
249 keyAliasBuff.length = serviceType->length + peerAuthId->length + keyType->length;
250 keyAliasBuff.val = (uint8_t *)HcMalloc(keyAliasBuff.length, 0);
251 if (keyAliasBuff.val == NULL) {
252 LOGE("Malloc mem failed.");
253 return HC_ERR_ALLOC_MEMORY;
254 }
255
256 uint32_t totalLen = keyAliasBuff.length;
257 uint32_t usedLen = 0;
258 int32_t res = HC_SUCCESS;
259 do {
260 if (memcpy_s(keyAliasBuff.val, totalLen, serviceType->val, serviceType->length) != EOK) {
261 LOGE("Copy serviceType failed.");
262 res = HC_ERR_MEMORY_COPY;
263 break;
264 }
265 usedLen = usedLen + serviceType->length;
266
267 if (memcpy_s(keyAliasBuff.val + usedLen, totalLen - usedLen, peerAuthId->val, peerAuthId->length) != EOK) {
268 LOGE("Copy peerAuthId failed.");
269 res = HC_ERR_MEMORY_COPY;
270 break;
271 }
272 usedLen = usedLen + peerAuthId->length;
273
274 if (memcpy_s(keyAliasBuff.val + usedLen, totalLen - usedLen, keyType->val, keyType->length) != EOK) {
275 LOGE("Copy keyType failed.");
276 res = HC_ERR_MEMORY_COPY;
277 break;
278 }
279
280 res = GetLoaderInstance()->sha256(&keyAliasBuff, keyAliasHash);
281 if (res != HC_SUCCESS) {
282 LOGE("Sha256 failed.");
283 }
284 } while (0);
285 HcFree(keyAliasBuff.val);
286 return res;
287 }
288
CombineKeyAliasForIso(const Uint8Buff * serviceId,const Uint8Buff * keyType,const Uint8Buff * authId,Uint8Buff * outKeyAlias)289 static int32_t CombineKeyAliasForIso(const Uint8Buff *serviceId, const Uint8Buff *keyType,
290 const Uint8Buff *authId, Uint8Buff *outKeyAlias)
291 {
292 if (outKeyAlias->length != SHA256_LEN) {
293 return HC_ERR_INVALID_LEN;
294 }
295 int32_t res = CombineKeyAlias(serviceId, keyType, authId, outKeyAlias);
296 if (res != HC_SUCCESS) {
297 LOGE("CombineKeyAlias failed.");
298 return res;
299 }
300 return res;
301 }
302
CombineKeyAliasForPake(const Uint8Buff * serviceId,const Uint8Buff * keyType,const Uint8Buff * authId,Uint8Buff * outKeyAlias)303 static int32_t CombineKeyAliasForPake(const Uint8Buff *serviceId, const Uint8Buff *keyType,
304 const Uint8Buff *authId, Uint8Buff *outKeyAlias)
305 {
306 int32_t res;
307 Uint8Buff keyAliasHash = { NULL, SHA256_LEN };
308 char *outKeyAliasHex = NULL;
309 if (outKeyAlias->length != SHA256_LEN * BYTE_TO_HEX_OPER_LENGTH) {
310 res = HC_ERR_INVALID_LEN;
311 goto ERR;
312 }
313 keyAliasHash.val = (uint8_t *)HcMalloc(keyAliasHash.length, 0);
314 if (keyAliasHash.val == NULL) {
315 LOGE("Malloc keyAliasHash failed");
316 res = HC_ERR_ALLOC_MEMORY;
317 goto ERR;
318 }
319 res = CombineKeyAlias(serviceId, keyType, authId, &keyAliasHash);
320 if (res != HC_SUCCESS) {
321 LOGE("CombineKeyAlias failed.");
322 goto ERR;
323 }
324 uint32_t outKeyAliasHexLen = keyAliasHash.length * BYTE_TO_HEX_OPER_LENGTH + 1;
325 outKeyAliasHex = (char *)HcMalloc(outKeyAliasHexLen, 0);
326 if (outKeyAliasHex == NULL) {
327 LOGE("Malloc outKeyAliasHex failed");
328 res = HC_ERR_ALLOC_MEMORY;
329 goto ERR;
330 }
331 res = ByteToHexString(keyAliasHash.val, keyAliasHash.length, outKeyAliasHex, outKeyAliasHexLen);
332 if (res != HC_SUCCESS) {
333 LOGE("ByteToHexString failed");
334 goto ERR;
335 }
336 if (memcpy_s(outKeyAlias->val, outKeyAlias->length, outKeyAliasHex, HcStrlen(outKeyAliasHex)) != EOK) {
337 LOGE("memcpy outkeyalias failed.");
338 res = HC_ERR_MEMORY_COPY;
339 goto ERR;
340 }
341 ERR:
342 HcFree(keyAliasHash.val);
343 HcFree(outKeyAliasHex);
344 return res;
345 }
346
GenerateKeyAlias(const Uint8Buff * pkgName,const Uint8Buff * serviceType,const KeyAliasType keyType,const Uint8Buff * authId,Uint8Buff * outKeyAlias)347 int32_t GenerateKeyAlias(const Uint8Buff *pkgName, const Uint8Buff *serviceType,
348 const KeyAliasType keyType, const Uint8Buff *authId, Uint8Buff *outKeyAlias)
349 {
350 CHECK_PTR_RETURN_ERROR_CODE(pkgName, "pkgName");
351 CHECK_PTR_RETURN_ERROR_CODE(pkgName->val, "pkgName->val");
352 CHECK_PTR_RETURN_ERROR_CODE(serviceType, "serviceType");
353 CHECK_PTR_RETURN_ERROR_CODE(serviceType->val, "serviceType->val");
354 CHECK_PTR_RETURN_ERROR_CODE(authId, "authId");
355 CHECK_PTR_RETURN_ERROR_CODE(authId->val, "authId->val");
356 CHECK_PTR_RETURN_ERROR_CODE(outKeyAlias, "outKeyAlias");
357 CHECK_PTR_RETURN_ERROR_CODE(outKeyAlias->val, "outKeyAlias->val");
358 if (pkgName->length == 0 || serviceType->length == 0 || authId->length == 0 || outKeyAlias->length == 0) {
359 LOGE("Invalid zero length params exist.");
360 return HC_ERR_INVALID_LEN;
361 }
362 if (pkgName->length > PACKAGE_NAME_MAX_LEN || serviceType->length > SERVICE_TYPE_MAX_LEN ||
363 authId->length > AUTH_ID_MAX_LEN || keyType >= KEY_ALIAS_TYPE_END) {
364 LOGE("Out of length params exist.");
365 return HC_ERR_INVALID_LEN;
366 }
367
368 int32_t res;
369 Uint8Buff serviceId = { NULL, SHA256_LEN };
370 serviceId.val = (uint8_t *)HcMalloc(serviceId.length, 0);
371 if (serviceId.val == NULL) {
372 LOGE("Malloc for serviceId failed.");
373 res = HC_ERR_ALLOC_MEMORY;
374 goto ERR;
375 }
376 res = CombineServiceId(pkgName, serviceType, &serviceId);
377 if (res != HC_SUCCESS) {
378 LOGE("CombineServiceId failed, res: %x.", res);
379 goto ERR;
380 }
381 Uint8Buff keyTypeBuff = { GetKeyTypePair(keyType), KEY_TYPE_PAIR_LEN };
382 if (keyType == KEY_ALIAS_AUTH_TOKEN) {
383 res = CombineKeyAliasForIso(&serviceId, &keyTypeBuff, authId, outKeyAlias);
384 } else {
385 res = CombineKeyAliasForPake(&serviceId, &keyTypeBuff, authId, outKeyAlias);
386 }
387 if (res != HC_SUCCESS) {
388 LOGE("CombineKeyAlias failed, keyType: %d, res: %d", keyType, res);
389 }
390 ERR:
391 HcFree(serviceId.val);
392 return res;
393 }
394
CheckGeneratePskParams(const Uint8Buff * serviceType,const Uint8Buff * peerAuthId,const Uint8Buff * outKeyAlias)395 static int32_t CheckGeneratePskParams(const Uint8Buff *serviceType, const Uint8Buff *peerAuthId,
396 const Uint8Buff *outKeyAlias)
397 {
398 CHECK_PTR_RETURN_ERROR_CODE(serviceType, "serviceType");
399 CHECK_PTR_RETURN_ERROR_CODE(serviceType->val, "serviceType->val");
400 CHECK_PTR_RETURN_ERROR_CODE(peerAuthId, "peerAuthId");
401 CHECK_PTR_RETURN_ERROR_CODE(peerAuthId->val, "peerAuthId->val");
402 CHECK_PTR_RETURN_ERROR_CODE(outKeyAlias, "outKeyAlias");
403 CHECK_PTR_RETURN_ERROR_CODE(outKeyAlias->val, "outKeyAlias->val");
404 if (serviceType->length == 0 || peerAuthId->length == 0 || outKeyAlias->length == 0) {
405 LOGE("Invalid param len!");
406 return HC_ERR_INVALID_LEN;
407 }
408 if (serviceType->length > SERVICE_TYPE_MAX_LEN || peerAuthId->length > AUTH_ID_MAX_LEN) {
409 LOGE("Param len exceed the limit!");
410 return HC_ERR_INVALID_LEN;
411 }
412 if (outKeyAlias->length != SHA256_LEN * BYTE_TO_HEX_OPER_LENGTH) {
413 LOGE("Invalid out key len!");
414 return HC_ERR_INVALID_LEN;
415 }
416 return HC_SUCCESS;
417 }
418
GeneratePseudonymPskAlias(const Uint8Buff * serviceType,const Uint8Buff * peerAuthId,Uint8Buff * outKeyAlias)419 int32_t GeneratePseudonymPskAlias(const Uint8Buff *serviceType, const Uint8Buff *peerAuthId, Uint8Buff *outKeyAlias)
420 {
421 int32_t res = CheckGeneratePskParams(serviceType, peerAuthId, outKeyAlias);
422 if (res != HC_SUCCESS) {
423 return res;
424 }
425
426 Uint8Buff keyAliasHash = { NULL, SHA256_LEN };
427 keyAliasHash.val = (uint8_t *)HcMalloc(keyAliasHash.length, 0);
428 if (keyAliasHash.val == NULL) {
429 LOGE("Malloc keyAliasHash failed");
430 return HC_ERR_ALLOC_MEMORY;
431 }
432 Uint8Buff keyTypeBuff = { GetKeyTypePair(KEY_ALIAS_AUTH_TOKEN), KEY_TYPE_PAIR_LEN };
433 res = CombineKeyAliasForPseudonymPsk(serviceType, peerAuthId, &keyTypeBuff, &keyAliasHash);
434 if (res != HC_SUCCESS) {
435 LOGE("CombineKeyAlias for pseudonym psk failed!");
436 HcFree(keyAliasHash.val);
437 return res;
438 }
439 uint32_t outKeyAliasHexLen = keyAliasHash.length * BYTE_TO_HEX_OPER_LENGTH + 1;
440 char *outKeyAliasHex = (char *)HcMalloc(outKeyAliasHexLen, 0);
441 if (outKeyAliasHex == NULL) {
442 LOGE("Failed to alloc memory for outKeyAliasHex!");
443 HcFree(keyAliasHash.val);
444 return HC_ERR_ALLOC_MEMORY;
445 }
446 res = ByteToHexString(keyAliasHash.val, keyAliasHash.length, outKeyAliasHex, outKeyAliasHexLen);
447 if (res != HC_SUCCESS) {
448 LOGE("Failed to convert key alias hash to byte string!");
449 HcFree(keyAliasHash.val);
450 HcFree(outKeyAliasHex);
451 return res;
452 }
453 HcFree(keyAliasHash.val);
454 if (memcpy_s(outKeyAlias->val, outKeyAlias->length, outKeyAliasHex, HcStrlen(outKeyAliasHex)) != EOK) {
455 LOGE("Failed to copy out key alias!");
456 HcFree(outKeyAliasHex);
457 return HC_ERR_MEMORY_COPY;
458 }
459 HcFree(outKeyAliasHex);
460 return HC_SUCCESS;
461 }
462
GetIdPeer(const CJson * in,const char * peerIdKey,const Uint8Buff * authIdSelf,Uint8Buff * authIdPeer)463 int32_t GetIdPeer(const CJson *in, const char *peerIdKey, const Uint8Buff *authIdSelf, Uint8Buff *authIdPeer)
464 {
465 const char *authIdStr = GetStringFromJson(in, peerIdKey);
466 if (authIdStr == NULL) {
467 LOGE("Get peer id from json failed.");
468 return HC_ERR_JSON_GET;
469 }
470 uint32_t authIdLen = HcStrlen(authIdStr) / BYTE_TO_HEX_OPER_LENGTH;
471 if (authIdLen == 0 || authIdLen > MAX_AUTH_ID_LEN) {
472 LOGE("Invalid authIdPeerLen: %u.", authIdLen);
473 return HC_ERR_INVALID_LEN;
474 }
475 int32_t res = InitSingleParam(authIdPeer, authIdLen);
476 if (res != HC_SUCCESS) {
477 LOGE("InitSingleParam for peer authId failed, res: %d.", res);
478 return res;
479 }
480 if (HexStringToByte(authIdStr, authIdPeer->val, authIdPeer->length) != HC_SUCCESS) {
481 LOGE("HexStringToByte for authIdPeer failed.");
482 return HC_ERR_CONVERT_FAILED;
483 }
484 if ((authIdSelf->length == authIdPeer->length) &&
485 memcmp(authIdSelf->val, authIdPeer->val, authIdSelf->length) == 0) {
486 LOGE("Peer id can not be equal to self id.");
487 return HC_ERR_INVALID_PARAMS;
488 }
489 return HC_SUCCESS;
490 }
491
GetAndCheckAuthIdPeer(const CJson * in,const Uint8Buff * authIdSelf,const Uint8Buff * authIdPeer)492 int32_t GetAndCheckAuthIdPeer(const CJson *in, const Uint8Buff *authIdSelf, const Uint8Buff *authIdPeer)
493 {
494 const CJson *payload = GetObjFromJson(in, FIELD_PAYLOAD);
495 if (payload == NULL) {
496 LOGE("Get payload failed.");
497 return HC_ERR_JSON_GET;
498 }
499 const char *authIdStr = GetStringFromJson(payload, FIELD_PEER_AUTH_ID);
500 if (authIdStr == NULL) {
501 LOGE("Get peer authId from payload failed.");
502 return HC_ERR_JSON_GET;
503 }
504 uint32_t authIdPeerLen = HcStrlen(authIdStr) / BYTE_TO_HEX_OPER_LENGTH;
505 if (authIdPeerLen == 0 || authIdPeerLen > MAX_AUTH_ID_LEN) {
506 LOGE("Invalid peer authId length.");
507 return HC_ERR_INVALID_LEN;
508 }
509 uint8_t *authIdPeerTmp = (uint8_t *)HcMalloc(authIdPeerLen, 0);
510 if (authIdPeerTmp == NULL) {
511 LOGE("Malloc for authIdPeerTmp failed.");
512 return HC_ERR_ALLOC_MEMORY;
513 }
514 if (HexStringToByte(authIdStr, authIdPeerTmp, authIdPeerLen) != HC_SUCCESS) {
515 LOGE("Convert peer authId from hex string to byte failed.");
516 HcFree(authIdPeerTmp);
517 return HC_ERR_CONVERT_FAILED;
518 }
519 if ((authIdSelf->length == authIdPeer->length) &&
520 memcmp(authIdSelf->val, authIdPeer->val, authIdSelf->length) == EOK) {
521 LOGE("Peer id can not be equal to self id.");
522 HcFree(authIdPeerTmp);
523 return HC_ERR_INVALID_PARAMS;
524 }
525 if (memcmp(authIdPeer->val, authIdPeerTmp, authIdPeer->length) != EOK) {
526 LOGE("Peer authId does not match.");
527 HcFree(authIdPeerTmp);
528 return HC_ERR_INVALID_PARAMS;
529 }
530 HcFree(authIdPeerTmp);
531 return HC_SUCCESS;
532 }
533
GetAuthIdPeerFromPayload(const CJson * in,const Uint8Buff * authIdSelf,Uint8Buff * authIdPeer)534 int32_t GetAuthIdPeerFromPayload(const CJson *in, const Uint8Buff *authIdSelf, Uint8Buff *authIdPeer)
535 {
536 const CJson *payload = GetObjFromJson(in, FIELD_PAYLOAD);
537 if (payload == NULL) {
538 LOGE("Not have payload.");
539 return HC_ERR_JSON_GET;
540 }
541 int res = GetIdPeer(payload, FIELD_PEER_AUTH_ID, authIdSelf, authIdPeer);
542 if (res != HC_SUCCESS) {
543 LOGE("GetIdPeer failed, res: %d.", res);
544 }
545 return res;
546 }
547
GetAndCheckKeyLenOnServer(const CJson * in,uint32_t keyLen)548 int32_t GetAndCheckKeyLenOnServer(const CJson *in, uint32_t keyLen)
549 {
550 const CJson *payload = GetObjFromJson(in, FIELD_PAYLOAD);
551 if (payload == NULL) {
552 LOGE("Get payload failed.");
553 return HC_ERR_JSON_GET;
554 }
555 uint32_t tmpKeyLen = 0;
556 if (GetIntFromJson(payload, FIELD_KEY_LENGTH, (int32_t *)&tmpKeyLen) != HC_SUCCESS) {
557 LOGE("Get tmpKeyLen from payload failed.");
558 return HC_ERR_JSON_GET;
559 }
560
561 if (keyLen != tmpKeyLen) {
562 LOGE("Key length is not equal.");
563 return HC_ERR_INVALID_PARAMS;
564 }
565 return HC_SUCCESS;
566 }
567