1 /* 2 * Copyright (c) 2020-2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef HKS_RKC_RW_H 17 #define HKS_RKC_RW_H 18 19 #include "hks_type_inner.h" 20 21 #define HKS_RKC_VER 2 /* the version of root key component */ 22 #define HKS_MK_VER 2 /* the version of main key */ 23 #define HKS_RKC_RMK_ITER 1 /* the iterator number of times which derive Root Main Key */ 24 #define HKS_RKC_RMK_HMAC_SHA256 1 /* the hash algorithm which derive Root Main Key */ 25 #define HKS_RKC_MK_CRYPT_ALG_AES256_GCM 1 /* the encrypt algorithm of main key */ 26 #define HKS_RKC_CFG_RSV_LEN 32 /* the reserve length of the system configuration */ 27 #define HKS_RKC_KSF_FLAG_LEN 8 /* the length of keystore file flag */ 28 #define HKS_RKC_MATERIAL_LEN 32 /* the material length of root key component */ 29 #define HKS_RKC_SALT_LEN 32 /* the salt length of root key component */ 30 #define HKS_RKC_KSF_DATA_RSV_LEN 8 /* the reserve length of the keystore file data */ 31 #define HKS_RKC_MK_IV_LEN 16 /* the tag length of main key */ 32 #define HKS_RKC_MK_CIPHER_TEXT_LEN 48 /* the cipher length of main key */ 33 #define HKS_RKC_MK_LEN 32 /* the length of main key */ 34 #define HKS_KSF_NUM 2 /* the keystore file number of rkc or mk */ 35 36 /* the storage type of root key component */ 37 enum HksRkcStorageType { 38 HKS_RKC_STORAGE_FILE_SYS = 0, /* file system */ 39 HKS_RKC_STORAGE_FLASH = 1, /* flash */ 40 }; 41 42 /* the state of root key component */ 43 enum HksRkcState { 44 HKS_RKC_STATE_INVALID = 0, 45 HKS_RKC_STATE_VALID = 1, 46 }; 47 48 /* the type of keystore file */ 49 enum HksKsfType { 50 HKS_KSF_TYPE_RKC = 0, 51 HKS_KSF_TYPE_MK = 1, 52 }; 53 54 /* time */ 55 struct HksTime { 56 uint16_t hksYear; 57 uint8_t hksMon; 58 uint8_t hksDay; 59 uint8_t hksHour; 60 uint8_t hksMin; 61 uint8_t hksSec; 62 }; 63 64 struct HksKsfAttr { 65 char *name[HKS_KSF_NUM]; 66 }; 67 68 /* the fields of root key component */ 69 struct HksKsfDataRkc { 70 struct HksTime rkCreatedTime; /* the created time of root key */ 71 struct HksTime rkExpiredTime; /* the expired time of root key */ 72 uint8_t rkMaterial1[HKS_RKC_MATERIAL_LEN]; /* the first material of root key */ 73 uint8_t rkMaterial2[HKS_RKC_MATERIAL_LEN]; /* the second material of root key */ 74 uint32_t rmkIter; /* the iterator number of times which derive root main key */ 75 uint8_t rmkSalt[HKS_RKC_SALT_LEN]; /* the salt which derive root main key */ 76 uint32_t rmkHashAlg; /* the hash algorithm which derive root main key */ 77 uint8_t rkRsv[HKS_RKC_KSF_DATA_RSV_LEN]; /* mk_rsv data for root key, 32 byte */ 78 }; 79 80 /* the fields of main key */ 81 struct HksKsfDataMk { 82 struct HksTime mkCreatedTime; /* the created time of main key */ 83 struct HksTime mkExpiredTime; /* the expired time of main key */ 84 uint32_t mkEncryptAlg; /* the encrption algorithm of main key */ 85 uint8_t mkIv[HKS_RKC_MK_IV_LEN]; /* the IV of main key */ 86 uint8_t mkCiphertext[HKS_RKC_MK_CIPHER_TEXT_LEN]; /* the ciphertext of main key */ 87 uint8_t mkRsv[HKS_RKC_KSF_DATA_RSV_LEN]; /* mk_rsv data for main key, 32 byte */ 88 }; 89 90 /* the keystore file data of root key (since version 2) */ 91 struct HksKsfDataRkcWithVer { 92 uint16_t rkVersion; /* the version of root key */ 93 struct HksKsfDataRkc ksfDataRkc; /* fields of root key */ 94 }; 95 96 /* the keystore file data of main key (since version 2) */ 97 struct HksKsfDataMkWithVer { 98 uint16_t mkVersion; /* the version of main key */ 99 struct HksKsfDataMk ksfDataMk; /* fields of main key */ 100 }; 101 102 #ifdef __cplusplus 103 extern "C" { 104 #endif 105 106 int32_t GetProcessInfo(struct HksProcessInfo *processInfo); 107 108 int32_t GetKeyBlobKsf(const char *ksfName, struct HksBlob *tmpKsf); 109 110 int32_t ExtractFieldFromBuffer(const struct HksBlob *srcBlob, uint32_t *srcOffset, void *dest, uint32_t destSize); 111 112 int32_t FillFieldToBuffer(const void *src, uint32_t srcSize, struct HksBlob *destBlob, uint32_t *destOffset); 113 114 int32_t ExtractKsfDataRkc(const struct HksBlob *ksfFromFile, uint32_t *ksfBufOffset, struct HksKsfDataRkc *ksfDataRkc); 115 116 int32_t ExtractKsfDataMk(const struct HksBlob *ksfFromFile, uint32_t *ksfBufOffset, struct HksKsfDataMk *ksfDataMk); 117 118 int32_t RkcExtractKsfFileFlag(const struct HksBlob *ksfFromFile, uint32_t *ksfBufOffset); 119 120 int32_t RkcExtractKsfHash(const struct HksBlob *ksfFromFile, uint32_t *ksfBufOffset); 121 122 int32_t HksReadKsfRkc(const char *ksfName, struct HksKsfDataRkcWithVer *ksfDataRkc); 123 124 int32_t HksReadKsfMk(const char *ksfName, struct HksKsfDataMkWithVer *ksfDataMk); 125 126 int32_t HksWriteKsfRkc(const char *ksfName, const struct HksKsfDataRkcWithVer *ksfDataRkc); 127 128 int32_t HksWriteKsfMk(const char *ksfName, const struct HksKsfDataMkWithVer *ksfDataMk); 129 130 bool KsfExist(uint8_t ksfType); 131 132 #ifdef __cplusplus 133 } 134 #endif 135 136 #endif /* HKS_RKC_RW_H */ 137