1 /*
2  * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #ifndef STORAGE_DAEMON_CRYPTO_HUKS_MASTER_H
16 #define STORAGE_DAEMON_CRYPTO_HUKS_MASTER_H
17 
18 #include "key_blob.h"
19 
20 #include "huks_hdi.h"
21 
22 namespace OHOS {
23 namespace StorageDaemon {
24 using HkmHdiHandle_t = void *;
25 using HkmHalDevice_t = HuksHdi *;
26 using HkmHalCreateHandle = HuksHdi *(*)(void);
27 using HkmHalDestroyHandle = void (*)(HuksHdi *);
28 
29 class HuksMaster {
30 public:
GetInstance()31     static HuksMaster &GetInstance()
32     {
33         static HuksMaster instance;
34         return instance;
35     }
36 
37     /* key operations */
38     static KeyBlob GenerateRandomKey(uint32_t keyLen);
39     bool GenerateKey(const UserAuth &auth, KeyBlob &keyOut);
40     bool EncryptKey(KeyContext &ctx, const UserAuth &auth, const KeyInfo &key, bool isNeedNewNonce);
41     bool EncryptKeyEx(const UserAuth &auth, const KeyBlob &rnd, KeyContext &ctx);
42     bool DecryptKey(KeyContext &ctx, const UserAuth &auth, KeyInfo &key, bool isNeedNewNonce);
43     bool DecryptKeyEx(KeyContext &ctx, const UserAuth &auth, KeyBlob &rnd);
44     bool UpgradeKey(KeyContext &ctx);
45 private:
46     HuksMaster();
47     ~HuksMaster();
48     HuksMaster(const HuksMaster &) = delete;
49     HuksMaster &operator=(const HuksMaster &) = delete;
50 
51     /* huks hal interface */
52     bool HdiCreate();
53     void HdiDestroy();
54     int HdiModuleInit();
55     int HdiModuleDestroy();
56     int HdiGenerateKey(const HksBlob &keyAlias, const HksParamSet *paramSetIn,
57                        HksBlob &keyOut);
58     int HdiAccessInit(const HksBlob &key, const HksParamSet *paramSet, HksBlob &handle, HksBlob &token);
59     int HdiAccessUpdate(const HksBlob &handle, const HksParamSet *paramSet,
60                         const HksBlob &inData, struct HksBlob &outData);
61     int HdiAccessFinish(const HksBlob &handle, const HksParamSet *paramSet,
62                         const HksBlob &inData, HksBlob &outData);
63     bool HuksHalTripleStage(HksParamSet *paramSet1, const HksParamSet *paramSet2,
64                             const KeyBlob &keyIn, KeyBlob &keyOut);
65     int HdiAccessUpgradeKey(const HksBlob &oldKey, const HksParamSet *paramSet, struct HksBlob &newKey);
66 
67     HkmHdiHandle_t hdiHandle_ = nullptr;
68     HkmHalDevice_t halDevice_ = nullptr;
69 };
70 } // namespace StorageDaemon
71 } // namespace OHOS
72 
73 #endif // STORAGE_DAEMON_CRYPTO_HUKS_MASTER_H
74