1 /*
2 * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #include "hks_config.h"
20 #endif
21
22 #include "hks_client_ipc.h"
23
24 #include <stdbool.h>
25 #include <stddef.h>
26 #include <stdint.h>
27
28 #include "hks_common_check.h"
29 #include "hks_ipc_check.h"
30 #include "hks_client_ipc_serialization.h"
31 #include "hks_ipc_slice.h"
32 #include "hks_log.h"
33 #include "hks_mem.h"
34 #include "hks_param.h"
35 #include "hks_request.h"
36 #include "hks_template.h"
37 #include "hks_type.h"
38 #include "hks_type_inner.h"
39 #include "securec.h"
40
41 #ifdef HKS_L1_SMALL
42 #include "hks_samgr_client.h"
43 #include <unistd.h>
44 #endif
45
HksClientInitialize(void)46 int32_t HksClientInitialize(void)
47 {
48 #ifdef HKS_L1_SMALL
49 for (uint32_t i = 0; i < HKS_MAX_RETRY_TIME; ++i) {
50 IUnknown *iUnknown = SAMGR_GetInstance()->GetFeatureApi(HKS_SAMGR_SERVICE, HKS_SAMGR_FEATRURE);
51 if (iUnknown != NULL) {
52 return HKS_SUCCESS;
53 }
54 usleep(HKS_SLEEP_TIME_FOR_RETRY);
55 }
56 HKS_LOG_E("HUKS service is not ready!");
57 return HKS_ERROR_BAD_STATE;
58 #else
59 return HKS_SUCCESS;
60 #endif
61 }
62
HksClientRefreshKeyInfo(void)63 int32_t HksClientRefreshKeyInfo(void)
64 {
65 return HKS_SUCCESS;
66 }
67
BuildParamSetNotNull(const struct HksParamSet * paramSetIn,struct HksParamSet ** paramSetOut)68 static int32_t BuildParamSetNotNull(const struct HksParamSet *paramSetIn, struct HksParamSet **paramSetOut)
69 {
70 int32_t ret;
71 struct HksParamSet *tmpParamSet = NULL;
72 do {
73 if (paramSetIn != NULL) {
74 ret = HksCheckParamSet(paramSetIn, paramSetIn->paramSetSize);
75 if (ret != HKS_SUCCESS) {
76 HKS_LOG_E("check paramSet failed");
77 return ret;
78 }
79 }
80
81 ret = HksInitParamSet(&tmpParamSet);
82 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksInitParamSet failed")
83
84 if (paramSetIn != NULL) {
85 ret = HksAddParams(tmpParamSet, paramSetIn->params, paramSetIn->paramsCnt);
86 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksAddParams failed")
87 }
88 ret = HksBuildParamSet(&tmpParamSet);
89 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksBuildParamSet failed")
90 } while (0);
91 if (ret != HKS_SUCCESS) {
92 HksFreeParamSet(&tmpParamSet);
93 return ret;
94 }
95 *paramSetOut = tmpParamSet;
96 return ret;
97 }
98
HksClientGenerateKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSetIn,struct HksParamSet * paramSetOut)99 int32_t HksClientGenerateKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSetIn,
100 struct HksParamSet *paramSetOut)
101 {
102 int32_t ret = HksCheckIpcGenerateKey(keyAlias, paramSetIn);
103 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcGenerateKey fail")
104
105 struct HksBlob inBlob = { 0, NULL };
106 struct HksBlob outBlob = { 0, NULL };
107 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(paramSetIn->paramSetSize) +
108 sizeof(outBlob.size);
109 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
110 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
111 if (paramSetOut != NULL) {
112 outBlob.size = paramSetOut->paramSetSize;
113 outBlob.data = (uint8_t *)paramSetOut;
114 }
115
116 do {
117 ret = HksGenerateKeyPack(&inBlob, keyAlias, paramSetIn, &outBlob);
118 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksGenerateKeyPack fail")
119
120 ret = HksSendRequest(HKS_MSG_GEN_KEY, &inBlob, &outBlob, paramSetIn);
121 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest fail, ret = %" LOG_PUBLIC "d", ret)
122
123 if (paramSetOut != NULL) {
124 ret = HksFreshParamSet(paramSetOut, false);
125 HKS_IF_NOT_SUCC_LOGE(ret, "FreshParamSet fail, ret = %" LOG_PUBLIC "d", ret)
126 }
127 } while (0);
128
129 HKS_FREE_BLOB(inBlob);
130 return ret;
131 }
132
HksClientImportKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,const struct HksBlob * key)133 int32_t HksClientImportKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
134 const struct HksBlob *key)
135 {
136 int32_t ret = HksCheckIpcImportKey(keyAlias, paramSet, key);
137 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcImportKey fail")
138
139 struct HksBlob inBlob = { 0, NULL };
140 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(paramSet->paramSetSize) +
141 sizeof(key->size) + ALIGN_SIZE(key->size);
142 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
143 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
144
145 do {
146 ret = HksImportKeyPack(&inBlob, keyAlias, paramSet, key);
147 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksImportKeyPack fail")
148
149 ret = HksSendRequest(HKS_MSG_IMPORT_KEY, &inBlob, NULL, paramSet);
150 } while (0);
151
152 HKS_FREE_BLOB(inBlob);
153 return ret;
154 }
155
HksClientExportPublicKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksBlob * key)156 int32_t HksClientExportPublicKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
157 struct HksBlob *key)
158 {
159 int32_t ret;
160 struct HksParamSet *newParamSet = NULL;
161 struct HksBlob inBlob = { 0, NULL };
162
163 do {
164 ret = BuildParamSetNotNull(paramSet, &newParamSet);
165 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSet not null fail, ret = %" LOG_PUBLIC "d", ret)
166
167 ret = HksCheckIpcExportPublicKey(keyAlias, newParamSet, key);
168 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcExportPublicKey fail")
169
170 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + sizeof(key->size) +
171 ALIGN_SIZE(newParamSet->paramSetSize);
172 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
173 if (inBlob.data == NULL) {
174 ret = HKS_ERROR_MALLOC_FAIL;
175 break;
176 }
177
178 ret = HksExportPublicKeyPack(keyAlias, newParamSet, key, &inBlob);
179 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksExportPublicKeyPack fail")
180
181 ret = HksSendRequest(HKS_MSG_EXPORT_PUBLIC_KEY, &inBlob, key, newParamSet);
182 } while (0);
183
184 HksFreeParamSet(&newParamSet);
185 HKS_FREE_BLOB(inBlob);
186 return ret;
187 }
188
HksClientImportWrappedKey(const struct HksBlob * keyAlias,const struct HksBlob * wrappingKeyAlias,const struct HksParamSet * paramSet,const struct HksBlob * wrappedKeyData)189 int32_t HksClientImportWrappedKey(const struct HksBlob *keyAlias, const struct HksBlob *wrappingKeyAlias,
190 const struct HksParamSet *paramSet, const struct HksBlob *wrappedKeyData)
191 {
192 int32_t ret = HksCheckIpcImportWrappedKey(keyAlias, wrappingKeyAlias, paramSet, wrappedKeyData);
193 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksClientImportWrappedKey fail")
194
195 struct HksBlob inBlob = { 0, NULL };
196 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) +
197 sizeof(wrappingKeyAlias->size) + ALIGN_SIZE(wrappingKeyAlias->size) +
198 ALIGN_SIZE(paramSet->paramSetSize) +
199 sizeof(wrappedKeyData->size) + ALIGN_SIZE(wrappedKeyData->size);
200 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
201 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
202
203 do {
204 ret = HksImportWrappedKeyPack(&inBlob, keyAlias, wrappingKeyAlias, paramSet, wrappedKeyData);
205 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksImportWrappedKeyPack fail")
206
207 ret = HksSendRequest(HKS_MSG_IMPORT_WRAPPED_KEY, &inBlob, NULL, paramSet);
208 } while (0);
209
210 HKS_FREE_BLOB(inBlob);
211 return ret;
212 }
213
HksClientDeleteKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet)214 int32_t HksClientDeleteKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet)
215 {
216 int32_t ret;
217 struct HksParamSet *newParamSet = NULL;
218 struct HksBlob inBlob = { 0, NULL };
219
220 do {
221 ret = BuildParamSetNotNull(paramSet, &newParamSet);
222 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSet not null fail, ret = %" LOG_PUBLIC "d", ret)
223
224 ret = HksCheckIpcDeleteKey(keyAlias, newParamSet);
225 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcDeleteKey fail")
226
227 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(newParamSet->paramSetSize);
228 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
229 if (inBlob.data == NULL) {
230 ret = HKS_ERROR_MALLOC_FAIL;
231 break;
232 }
233
234 ret = HksDeleteKeyPack(keyAlias, newParamSet, &inBlob);
235 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksDeleteKeyPack fail")
236
237 ret = HksSendRequest(HKS_MSG_DELETE_KEY, &inBlob, NULL, newParamSet);
238 } while (0);
239
240 HksFreeParamSet(&newParamSet);
241 HKS_FREE_BLOB(inBlob);
242 return ret;
243 }
244
HksClientGetKeyParamSet(const struct HksBlob * keyAlias,const struct HksParamSet * paramSetIn,struct HksParamSet * paramSetOut)245 int32_t HksClientGetKeyParamSet(const struct HksBlob *keyAlias, const struct HksParamSet *paramSetIn,
246 struct HksParamSet *paramSetOut)
247 {
248 int32_t ret;
249 struct HksParamSet *newParamSet = NULL;
250 struct HksBlob inBlob = { 0, NULL };
251
252 do {
253 ret = BuildParamSetNotNull(paramSetIn, &newParamSet);
254 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSetIn not null fail, ret = %" LOG_PUBLIC "d", ret)
255
256 ret = HksCheckIpcGetKeyParamSet(keyAlias, newParamSet, paramSetOut);
257 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcGetKeyParamSet fail")
258
259 struct HksBlob outBlob = { paramSetOut->paramSetSize, (uint8_t *)paramSetOut };
260 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + sizeof(paramSetOut->paramSetSize) +
261 ALIGN_SIZE(newParamSet->paramSetSize);
262 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
263 if (inBlob.data == NULL) {
264 ret = HKS_ERROR_MALLOC_FAIL;
265 break;
266 }
267
268 ret = HksGetKeyParamSetPack(keyAlias, newParamSet, &outBlob, &inBlob);
269 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksGetKeyParamSetPack fail")
270
271 ret = HksSendRequest(HKS_MSG_GET_KEY_PARAMSET, &inBlob, &outBlob, newParamSet);
272 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest fail, ret = %" LOG_PUBLIC "d", ret)
273
274 ret = HksFreshParamSet(paramSetOut, false);
275 HKS_IF_NOT_SUCC_LOGE(ret, "FreshParamSet fail, ret = %" LOG_PUBLIC "d", ret)
276 } while (0);
277
278 HksFreeParamSet(&newParamSet);
279 HKS_FREE_BLOB(inBlob);
280 return ret;
281 }
282
HksClientKeyExist(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet)283 int32_t HksClientKeyExist(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet)
284 {
285 int32_t ret;
286 struct HksParamSet *newParamSet = NULL;
287 struct HksBlob inBlob = { 0, NULL };
288
289 do {
290 ret = BuildParamSetNotNull(paramSet, &newParamSet);
291 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSet not null fail, ret = %" LOG_PUBLIC "d", ret)
292
293 ret = HksCheckIpcKeyExist(keyAlias, newParamSet);
294 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcKeyExist fail")
295
296 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(newParamSet->paramSetSize);
297 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
298 if (inBlob.data == NULL) {
299 ret = HKS_ERROR_MALLOC_FAIL;
300 break;
301 }
302
303 ret = HksKeyExistPack(keyAlias, newParamSet, &inBlob);
304 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksKeyExistPack fail")
305
306 ret = HksSendRequest(HKS_MSG_KEY_EXIST, &inBlob, NULL, newParamSet);
307 } while (0);
308
309 HksFreeParamSet(&newParamSet);
310 HKS_FREE_BLOB(inBlob);
311 return ret;
312 }
313
HksClientGenerateRandom(struct HksBlob * random,const struct HksParamSet * paramSet)314 int32_t HksClientGenerateRandom(struct HksBlob *random, const struct HksParamSet *paramSet)
315 {
316 HKS_IF_NOT_SUCC_RETURN(CheckBlob(random), HKS_ERROR_INVALID_ARGUMENT)
317 struct HksBlob inBlob = { sizeof(random->size), (uint8_t *)&(random->size) };
318 return HksSendRequest(HKS_MSG_GENERATE_RANDOM, &inBlob, random, paramSet);
319 }
320
HksClientSign(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * srcData,struct HksBlob * signature)321 int32_t HksClientSign(const struct HksBlob *key, const struct HksParamSet *paramSet,
322 const struct HksBlob *srcData, struct HksBlob *signature)
323 {
324 int32_t ret = HksCheckBlob3AndParamSet(key, srcData, signature, paramSet);
325 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check in and out data failed")
326
327 struct HksBlob tmpInData = *srcData;
328 struct HksBlob tmpOutData = *signature;
329 ret = HksSliceDataEntry(HKS_MSG_SIGN, key, paramSet, &tmpInData, &tmpOutData);
330 if (ret != HKS_SUCCESS) {
331 HKS_LOG_E("HksClientSign fail");
332 } else {
333 signature->size = tmpOutData.size;
334 }
335 return ret;
336 }
337
HksClientVerify(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * srcData,const struct HksBlob * signature)338 int32_t HksClientVerify(const struct HksBlob *key, const struct HksParamSet *paramSet,
339 const struct HksBlob *srcData, const struct HksBlob *signature)
340 {
341 int32_t ret = HksCheckBlob3AndParamSet(key, srcData, signature, paramSet);
342 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check in and out data failed")
343
344 struct HksBlob tmpInData = *srcData;
345 struct HksBlob tmpOutData = *signature;
346 ret = HksSliceDataEntry(HKS_MSG_VERIFY, key, paramSet, &tmpInData, &tmpOutData);
347 HKS_IF_NOT_SUCC_LOGE(ret, "HksClientVerify fail")
348 return ret;
349 }
350
AddAeTag(struct HksParamSet * paramSet,const struct HksBlob * inText,bool isEncrypt)351 static int32_t AddAeTag(struct HksParamSet *paramSet, const struct HksBlob *inText, bool isEncrypt)
352 {
353 int32_t ret;
354 if (!isEncrypt) {
355 if (inText->size <= HKS_AE_TAG_LEN) {
356 HKS_LOG_E("too small inText size");
357 return HKS_ERROR_INVALID_ARGUMENT;
358 }
359
360 struct HksParam aeParam;
361 aeParam.tag = HKS_TAG_AE_TAG;
362 aeParam.blob.data = inText->data + inText->size - HKS_AE_TAG_LEN;
363 aeParam.blob.size = HKS_AE_TAG_LEN;
364 ret = HksAddParams(paramSet, &aeParam, 1);
365 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "decrypt add ae params failed")
366 }
367
368 struct HksParam payloadParam;
369 payloadParam.tag = HKS_TAG_PAYLOAD_LEN;
370 payloadParam.uint32Param = inText->size;
371 ret = HksAddParams(paramSet, &payloadParam, 1);
372 HKS_IF_NOT_SUCC_LOGE(ret, "add payload param failed")
373 return ret;
374 }
375
AddAesTag(const struct HksParamSet * paramSet,struct HksParamSet * newParamSet,struct HksBlob * inText,bool isEncrypt)376 static int32_t AddAesTag(const struct HksParamSet *paramSet, struct HksParamSet *newParamSet,
377 struct HksBlob *inText, bool isEncrypt)
378 {
379 bool isAeMode = false;
380 bool isAes = false;
381 int32_t ret = HksCheckAesAeMode(paramSet, &isAes, &isAeMode);
382 HKS_IF_NOT_SUCC_RETURN(ret, ret)
383
384 /* Except for AES GCM and CCM mode, no need add tag, return success */
385 if ((!isAes) || (!isAeMode)) {
386 HKS_LOG_I("Not AES CCM or GCM mode!");
387 return HKS_SUCCESS;
388 }
389 return AddAeTag(newParamSet, inText, isEncrypt);
390 }
391
AppendToNewParamSet(const struct HksParamSet * paramSet,struct HksParamSet ** outParamSet)392 static int32_t AppendToNewParamSet(const struct HksParamSet *paramSet, struct HksParamSet **outParamSet)
393 {
394 struct HksParamSet *newParamSet = NULL;
395 int32_t ret = HksInitParamSet(&newParamSet);
396 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "append init operation param set fail")
397
398 ret = HksAddParams(newParamSet, paramSet->params, paramSet->paramsCnt);
399 if (ret != HKS_SUCCESS) {
400 HKS_LOG_E("append add in params fail");
401 HksFreeParamSet(&newParamSet);
402 return ret;
403 }
404
405 *outParamSet = newParamSet;
406 return HKS_SUCCESS;
407 }
408
AppendCipherTag(const struct HksParamSet * paramSet,const struct HksBlob * inText,bool isEncrypt,struct HksParamSet ** outParamSet)409 static int32_t AppendCipherTag(const struct HksParamSet *paramSet, const struct HksBlob *inText, bool isEncrypt,
410 struct HksParamSet **outParamSet)
411 {
412 struct HksParamSet *newParamSet = NULL;
413 int32_t ret = AppendToNewParamSet(paramSet, &newParamSet);
414 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "append cipher client service tag fail")
415
416 do {
417 ret = AddAesTag(paramSet, newParamSet, (struct HksBlob *)inText, isEncrypt);
418 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "append add Aes Tag fail")
419
420 ret = HksBuildParamSet(&newParamSet);
421 HKS_IF_NOT_SUCC_LOGE(ret, "append build paramset fail")
422 } while (0);
423 if (ret != HKS_SUCCESS) {
424 HksFreeParamSet(&newParamSet);
425 return ret;
426 }
427
428 *outParamSet = newParamSet;
429 return HKS_SUCCESS;
430 }
431
HksClientEncrypt(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * plainText,struct HksBlob * cipherText)432 int32_t HksClientEncrypt(const struct HksBlob *key, const struct HksParamSet *paramSet,
433 const struct HksBlob *plainText, struct HksBlob *cipherText)
434 {
435 int32_t ret = HksCheckBlob3AndParamSet(key, plainText, cipherText, paramSet);
436 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check in and out data failed")
437
438 struct HksParamSet *newParamSet = NULL;
439 ret = AppendCipherTag(paramSet, plainText, true, &newParamSet);
440 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "AppendCipherTag fail, ret = %" LOG_PUBLIC "d", ret)
441
442 struct HksBlob tmpInData = *plainText;
443 struct HksBlob tmpOutData = *cipherText;
444 ret = HksSliceDataEntry(HKS_MSG_ENCRYPT, key, newParamSet, &tmpInData, &tmpOutData);
445 if (ret != HKS_SUCCESS) {
446 HKS_LOG_E("HksClientEncrypt fail");
447 } else {
448 cipherText->size = tmpOutData.size;
449 }
450
451 HksFreeParamSet(&newParamSet);
452 return ret;
453 }
454
HksClientDecrypt(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * cipherText,struct HksBlob * plainText)455 int32_t HksClientDecrypt(const struct HksBlob *key, const struct HksParamSet *paramSet,
456 const struct HksBlob *cipherText, struct HksBlob *plainText)
457 {
458 int32_t ret = HksCheckBlob3AndParamSet(key, plainText, cipherText, paramSet);
459 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check in and out data failed")
460
461 struct HksParamSet *newParamSet = NULL;
462 struct HksBlob tmpCipherText = *cipherText;
463 ret = AppendCipherTag(paramSet, &tmpCipherText, false, &newParamSet);
464 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "AppendCipherTag fail, ret = %" LOG_PUBLIC "d", ret)
465
466 struct HksBlob tmpOutData = *plainText;
467 ret = HksSliceDataEntry(HKS_MSG_DECRYPT, key, newParamSet, &tmpCipherText, &tmpOutData);
468 if (ret != HKS_SUCCESS) {
469 HKS_LOG_E("HksClientDecrypt fail");
470 } else {
471 plainText->size = tmpOutData.size;
472 }
473
474 HksFreeParamSet(&newParamSet);
475 return ret;
476 }
477
HksClientAgreeKey(const struct HksParamSet * paramSet,const struct HksBlob * privateKey,const struct HksBlob * peerPublicKey,struct HksBlob * agreedKey)478 int32_t HksClientAgreeKey(const struct HksParamSet *paramSet, const struct HksBlob *privateKey,
479 const struct HksBlob *peerPublicKey, struct HksBlob *agreedKey)
480 {
481 int32_t ret = HksCheckIpcAgreeKey(paramSet, privateKey, peerPublicKey, agreedKey);
482 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcAgreeKey fail")
483
484 struct HksBlob inBlob = { 0, NULL };
485 inBlob.size = ALIGN_SIZE(paramSet->paramSetSize) + sizeof(privateKey->size) + ALIGN_SIZE(privateKey->size) +
486 sizeof(peerPublicKey->size) + ALIGN_SIZE(peerPublicKey->size) + sizeof(agreedKey->size);
487 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
488 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
489
490 do {
491 ret = HksAgreeKeyPack(&inBlob, paramSet, privateKey, peerPublicKey, agreedKey);
492 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksAgreeKeyPack fail")
493
494 ret = HksSendRequest(HKS_MSG_AGREE_KEY, &inBlob, agreedKey, paramSet);
495 } while (0);
496
497 HKS_FREE_BLOB(inBlob);
498 return ret;
499 }
500
HksClientDeriveKey(const struct HksParamSet * paramSet,const struct HksBlob * mainKey,struct HksBlob * derivedKey)501 int32_t HksClientDeriveKey(const struct HksParamSet *paramSet, const struct HksBlob *mainKey,
502 struct HksBlob *derivedKey)
503 {
504 int32_t ret = HksCheckIpcDeriveKey(paramSet, mainKey, derivedKey);
505 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcDeriveKey fail")
506
507 struct HksBlob inBlob = { 0, NULL };
508 inBlob.size = ALIGN_SIZE(paramSet->paramSetSize) + sizeof(mainKey->size) + ALIGN_SIZE(mainKey->size) +
509 sizeof(derivedKey->size);
510 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
511 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
512
513 do {
514 ret = HksDeriveKeyPack(&inBlob, paramSet, mainKey, derivedKey);
515 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksDeriveKeyPack fail")
516
517 ret = HksSendRequest(HKS_MSG_DERIVE_KEY, &inBlob, derivedKey, paramSet);
518 } while (0);
519
520 HKS_FREE_BLOB(inBlob);
521 return ret;
522 }
523
HksClientMac(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * srcData,struct HksBlob * mac)524 int32_t HksClientMac(const struct HksBlob *key, const struct HksParamSet *paramSet, const struct HksBlob *srcData,
525 struct HksBlob *mac)
526 {
527 int32_t ret = HksCheckBlob3AndParamSet(key, srcData, mac, paramSet);
528 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check in and out data failed")
529
530 struct HksBlob tmpInData = *srcData;
531 struct HksBlob tmpOutData = *mac;
532 ret = HksSliceDataEntry(HKS_MSG_MAC, key, paramSet, &tmpInData, &tmpOutData);
533 if (ret != HKS_SUCCESS) {
534 HKS_LOG_E("HksClientMac fail");
535 } else {
536 mac->size = tmpOutData.size;
537 }
538 return ret;
539 }
540
HksClientGetKeyInfoList(const struct HksParamSet * paramSet,struct HksKeyInfo * keyInfoList,uint32_t * listCount)541 int32_t HksClientGetKeyInfoList(const struct HksParamSet *paramSet, struct HksKeyInfo *keyInfoList, uint32_t *listCount)
542 {
543 int32_t ret;
544 struct HksParamSet *newParamSet = NULL;
545 struct HksBlob inBlob = { 0, NULL };
546 struct HksBlob outBlob = { 0, NULL };
547 do {
548 ret = BuildParamSetNotNull(paramSet, &newParamSet);
549 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSet not null fail, ret = %" LOG_PUBLIC "d", ret)
550
551 ret = HksCheckIpcGetKeyInfoList(keyInfoList, newParamSet, *listCount);
552 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcGetKeyInfoList fail")
553
554 inBlob.size = sizeof(*listCount) + (sizeof(keyInfoList->alias.size) +
555 sizeof(keyInfoList->paramSet->paramSetSize)) * (*listCount) + ALIGN_SIZE(newParamSet->paramSetSize);
556 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
557 if (inBlob.data == NULL) {
558 ret = HKS_ERROR_MALLOC_FAIL;
559 break;
560 }
561
562 outBlob.size += sizeof(*listCount);
563 for (uint32_t i = 0; i < *listCount; ++i) {
564 outBlob.size += sizeof(keyInfoList[i].alias.size) + ALIGN_SIZE(keyInfoList[i].alias.size) +
565 ALIGN_SIZE(keyInfoList[i].paramSet->paramSetSize);
566 }
567
568 outBlob.data = (uint8_t *)HksMalloc(outBlob.size);
569 if (outBlob.data == NULL) {
570 ret = HKS_ERROR_MALLOC_FAIL;
571 break;
572 }
573
574 ret = HksGetKeyInfoListPack(newParamSet, keyInfoList, &inBlob, *listCount);
575 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksGetKeyInfoListPack fail")
576
577 ret = HksSendRequest(HKS_MSG_GET_KEY_INFO_LIST, &inBlob, &outBlob, newParamSet);
578 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest result is fail")
579
580 ret = HksGetKeyInfoListUnpackFromService(&outBlob, listCount, keyInfoList);
581 } while (0);
582
583 HksFreeParamSet(&newParamSet);
584 HKS_FREE_BLOB(inBlob);
585 HKS_FREE_BLOB(outBlob);
586 return ret;
587 }
588
CertificateChainInitBlob(struct HksBlob * inBlob,struct HksBlob * outBlob,const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,const struct HksCertChain * certChain)589 static int32_t CertificateChainInitBlob(struct HksBlob *inBlob, struct HksBlob *outBlob, const struct HksBlob *keyAlias,
590 const struct HksParamSet *paramSet, const struct HksCertChain *certChain)
591 {
592 int32_t ret = HksCheckIpcCertificateChain(keyAlias, paramSet, certChain);
593 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcCertificateChain fail")
594
595 uint32_t certBufSize = sizeof(certChain->certsCount);
596 for (uint32_t i = 0; i < certChain->certsCount; ++i) {
597 certBufSize += sizeof(certChain->certs[i].size) + ALIGN_SIZE(certChain->certs[i].size);
598 }
599
600 inBlob->size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(paramSet->paramSetSize) +
601 sizeof(certBufSize);
602 inBlob->data = (uint8_t *)HksMalloc(inBlob->size);
603 HKS_IF_NULL_RETURN(inBlob->data, HKS_ERROR_MALLOC_FAIL)
604
605 outBlob->size = certBufSize;
606 outBlob->data = (uint8_t *)HksMalloc(certBufSize);
607 if (outBlob->data == NULL) {
608 HKS_FREE_BLOB(*inBlob);
609 return HKS_ERROR_MALLOC_FAIL;
610 }
611
612 return HKS_SUCCESS;
613 }
614
HksClientAttestKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksCertChain * certChain,bool needAnonCertChain)615 int32_t HksClientAttestKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
616 struct HksCertChain *certChain, bool needAnonCertChain)
617 {
618 struct HksBlob inBlob = { 0, NULL };
619 struct HksBlob outBlob = { 0, NULL };
620
621 int32_t ret = 0;
622 do {
623 ret = CertificateChainInitBlob(&inBlob, &outBlob, keyAlias, paramSet, certChain);
624 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "CertificateChainInitBlob fail")
625 struct HksParam *isBase64Param = NULL;
626 bool isBase64 = false;
627 ret = HksGetParam(paramSet, HKS_TAG_ATTESTATION_BASE64, &isBase64Param);
628 if (ret == HKS_SUCCESS) {
629 isBase64 = isBase64Param->boolParam;
630 }
631 ret = HksCertificateChainPack(&inBlob, keyAlias, paramSet, &outBlob);
632 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCertificateChainPack fail")
633
634 if (needAnonCertChain) {
635 ret = HksSendRequest(HKS_MSG_ATTEST_KEY_ASYNC_REPLY, &inBlob, &outBlob, paramSet);
636 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "CertificateChainGetOrAnonAttest request fail")
637 } else {
638 ret = HksSendRequest(HKS_MSG_ATTEST_KEY, &inBlob, &outBlob, paramSet);
639 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "CertificateChainGetOrAttest request fail")
640 }
641
642 ret = HksCertificateChainUnpackFromService(&outBlob, isBase64, certChain);
643 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "CertificateChainUnpackFromService fail")
644 } while (0);
645
646 HKS_FREE_BLOB(inBlob);
647 HKS_FREE_BLOB(outBlob);
648 return ret;
649 }
650
CopyData(const uint8_t * data,const uint32_t size,struct HksBlob * out)651 static int32_t CopyData(const uint8_t *data, const uint32_t size, struct HksBlob *out)
652 {
653 if (size == 0) {
654 out->size = 0;
655 return HKS_SUCCESS;
656 }
657
658 if (out->size < size) {
659 HKS_LOG_E("out size[%" LOG_PUBLIC "u] smaller than [%" LOG_PUBLIC "u]", out->size, size);
660 return HKS_ERROR_BUFFER_TOO_SMALL;
661 }
662 (void)memcpy_s(out->data, out->size, data, size);
663 out->size = size;
664 return HKS_SUCCESS;
665 }
666
ClientInit(const struct HksBlob * inData,const struct HksParamSet * paramSet,struct HksBlob * handle,struct HksBlob * token)667 static int32_t ClientInit(const struct HksBlob *inData, const struct HksParamSet *paramSet,
668 struct HksBlob *handle, struct HksBlob *token)
669 {
670 uint8_t *tmpOut = (uint8_t *)HksMalloc(HANDLE_SIZE + TOKEN_SIZE);
671 HKS_IF_NULL_LOGE_RETURN(tmpOut, HKS_ERROR_MALLOC_FAIL, "malloc ipc tmp out failed")
672 struct HksBlob outBlob = { HANDLE_SIZE + TOKEN_SIZE, tmpOut };
673
674 int32_t ret;
675 do {
676 ret = HksSendRequest(HKS_MSG_INIT, inData, &outBlob, paramSet);
677 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "client init send fail")
678
679 if (outBlob.size < HANDLE_SIZE) {
680 HKS_LOG_E("invalid out size[%" LOG_PUBLIC "u]", outBlob.size);
681 ret = HKS_ERROR_INSUFFICIENT_MEMORY;
682 break;
683 }
684 ret = CopyData(outBlob.data, HANDLE_SIZE, handle);
685 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "copy handle failed")
686
687 if (token != NULL) {
688 if (outBlob.size < (HANDLE_SIZE + TOKEN_SIZE)) {
689 HKS_LOG_D("client init success without out token");
690 token->size = 0;
691 break;
692 }
693 if (token->size < TOKEN_SIZE) {
694 HKS_LOG_E("copy token failed");
695 ret = HKS_ERROR_BUFFER_TOO_SMALL;
696 break;
697 }
698
699 ret = CopyData(outBlob.data + HANDLE_SIZE, TOKEN_SIZE, token);
700 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "copy token failed")
701 }
702 } while (0);
703
704 HKS_FREE(tmpOut);
705 return ret;
706 }
707
HksClientInit(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksBlob * handle,struct HksBlob * token)708 int32_t HksClientInit(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
709 struct HksBlob *handle, struct HksBlob *token)
710 {
711 struct HksParamSet *sendParamSet = NULL;
712
713 struct HksParam params[] = {
714 { .tag = HKS_TAG_PARAM0_BUFFER,
715 .blob = *keyAlias },
716 { .tag = HKS_TAG_PARAM1_BUFFER,
717 .blob = { paramSet->paramSetSize,
718 (uint8_t *)paramSet } },
719 };
720
721 int32_t ret = HksParamsToParamSet(params, HKS_ARRAY_SIZE(params), &sendParamSet);
722 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksParamsToParamSet fail")
723
724 struct HksBlob parcelBlob = {
725 .size = sendParamSet->paramSetSize,
726 .data = (uint8_t *)sendParamSet
727 };
728
729 ret = ClientInit(&parcelBlob, paramSet, handle, token);
730 HksFreeParamSet(&sendParamSet);
731 return ret;
732 }
733
HksClientUpdate(const struct HksBlob * handle,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData)734 int32_t HksClientUpdate(const struct HksBlob *handle, const struct HksParamSet *paramSet,
735 const struct HksBlob *inData, struct HksBlob *outData)
736 {
737 struct HksParamSet *sendParamSet = NULL;
738 struct HksParam updateParams[] = {
739 { .tag = HKS_TAG_PARAM0_BUFFER,
740 .blob = { paramSet->paramSetSize,
741 (uint8_t *)paramSet } },
742 { .tag = HKS_TAG_PARAM1_BUFFER,
743 .blob = *handle },
744 { .tag = HKS_TAG_PARAM2_BUFFER,
745 .blob = *inData },
746 };
747
748 int32_t ret = HksParamsToParamSet(updateParams, HKS_ARRAY_SIZE(updateParams), &sendParamSet);
749 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksParamSetPack fail")
750
751 struct HksBlob parcelBlob = {
752 .size = sendParamSet->paramSetSize,
753 .data = (uint8_t *)sendParamSet
754 };
755 ret = HksSendRequest(HKS_MSG_UPDATE, &parcelBlob, outData, paramSet);
756 if (ret != HKS_SUCCESS) {
757 HKS_LOG_E("HksParamSet send fail");
758 HksFreeParamSet(&sendParamSet);
759 return ret;
760 }
761
762 HksFreeParamSet(&sendParamSet);
763 return ret;
764 }
765
HksClientFinish(const struct HksBlob * handle,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData)766 int32_t HksClientFinish(const struct HksBlob *handle, const struct HksParamSet *paramSet,
767 const struct HksBlob *inData, struct HksBlob *outData)
768 {
769 struct HksParamSet *sendParamSet = NULL;
770 struct HksParam finishParams[] = {
771 { .tag = HKS_TAG_PARAM0_BUFFER,
772 .blob = { paramSet->paramSetSize,
773 (uint8_t *)paramSet } },
774 { .tag = HKS_TAG_PARAM1_BUFFER,
775 .blob = *handle },
776 { .tag = HKS_TAG_PARAM2_BUFFER,
777 .blob = *inData },
778 };
779
780 int32_t ret = HksParamsToParamSet(finishParams, HKS_ARRAY_SIZE(finishParams), &sendParamSet);
781 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksParamSetPack fail")
782
783 struct HksBlob parcelBlob = {
784 .size = sendParamSet->paramSetSize,
785 .data = (uint8_t *)sendParamSet
786 };
787 ret = HksSendRequest(HKS_MSG_FINISH, &parcelBlob, outData, paramSet);
788 if (ret != HKS_SUCCESS) {
789 HKS_LOG_E("HksParamSet send fail");
790 HksFreeParamSet(&sendParamSet);
791 return ret;
792 }
793
794 HksFreeParamSet(&sendParamSet);
795 return ret;
796 }
797
HksClientAbort(const struct HksBlob * handle,const struct HksParamSet * paramSet)798 int32_t HksClientAbort(const struct HksBlob *handle, const struct HksParamSet *paramSet)
799 {
800 struct HksParamSet *sendParamSet = NULL;
801 struct HksParam params[] = {
802 { .tag = HKS_TAG_PARAM0_BUFFER,
803 .blob = { paramSet->paramSetSize,
804 (uint8_t *)paramSet } },
805 { .tag = HKS_TAG_PARAM1_BUFFER,
806 .blob = *handle },
807 };
808
809 int32_t ret = HksParamsToParamSet(params, HKS_ARRAY_SIZE(params), &sendParamSet);
810 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksParamSetPack fail")
811
812 struct HksBlob parcelBlob = {
813 .size = sendParamSet->paramSetSize,
814 .data = (uint8_t *)sendParamSet
815 };
816 ret = HksSendRequest(HKS_MSG_ABORT, &parcelBlob, NULL, paramSet);
817 if (ret != HKS_SUCCESS) {
818 HKS_LOG_E("HksParamSet send fail");
819 HksFreeParamSet(&sendParamSet);
820 return ret;
821 }
822
823 HksFreeParamSet(&sendParamSet);
824 return ret;
825 }
826
827 #ifdef HKS_SUPPORT_CHIPSET_PLATFORM_DECRYPT
HksClientExportChipsetPlatformPublicKey(const struct HksBlob * salt,enum HksChipsetPlatformDecryptScene scene,struct HksBlob * publicKey)828 int32_t HksClientExportChipsetPlatformPublicKey(const struct HksBlob *salt,
829 enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey)
830 {
831 struct HksParamSet *sendParamSet = NULL;
832 struct HksParam params[] = {
833 { .tag = HKS_TAG_PARAM0_BUFFER,
834 .blob = *salt, },
835 { .tag = HKS_TAG_PARAM1_UINT32,
836 .uint32Param = scene, },
837 };
838
839 int32_t ret = HksParamsToParamSet(params, HKS_ARRAY_SIZE(params), &sendParamSet);
840 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksParamSetPack fail")
841
842 struct HksBlob parcelBlob = {
843 .size = sendParamSet->paramSetSize,
844 .data = (uint8_t *)sendParamSet
845 };
846 ret = HksSendRequest(HKS_MSG_CHIPSET_PLATFORM_DECRYPT, &parcelBlob, publicKey, NULL);
847 if (ret != HKS_SUCCESS) {
848 HKS_LOG_E("HksParamSet send fail");
849 HksFreeParamSet(&sendParamSet);
850 return ret;
851 }
852
853 HksFreeParamSet(&sendParamSet);
854 return ret;
855 }
856 #endif
857
ListAliasesInitBlob(const struct HksParamSet * paramSet,struct HksBlob * inBlob,struct HksBlob * outBlob)858 static int32_t ListAliasesInitBlob(const struct HksParamSet *paramSet,
859 struct HksBlob *inBlob, struct HksBlob *outBlob)
860 {
861 inBlob->size = ALIGN_SIZE(paramSet->paramSetSize);
862 inBlob->data = (uint8_t *)HksMalloc(inBlob->size);
863 HKS_IF_NULL_RETURN(inBlob->data, HKS_ERROR_MALLOC_FAIL)
864
865 outBlob->size = sizeof(HKS_MAX_KEY_ALIAS_COUNT) + (HKS_MAX_KEY_ALIAS_COUNT * HKS_MAX_KEY_ALIAS_LEN);
866 outBlob->data = (uint8_t *)HksMalloc(outBlob->size);
867 if (outBlob->data == NULL) {
868 HKS_LOG_E("HksMalloc outBlob fail");
869 HKS_FREE_BLOB(*inBlob);
870 return HKS_ERROR_MALLOC_FAIL;
871 }
872 return HKS_SUCCESS;
873 }
874
HksClientListAliases(const struct HksParamSet * paramSet,struct HksKeyAliasSet ** outData)875 int32_t HksClientListAliases(const struct HksParamSet *paramSet, struct HksKeyAliasSet **outData)
876 {
877 int32_t ret;
878 struct HksBlob inBlob = { 0, NULL };
879 struct HksBlob outBlob = { 0, NULL };
880 do {
881 ret = HksCheckIpcListAliases(paramSet);
882 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcListAliases fail")
883
884 ret = ListAliasesInitBlob(paramSet, &inBlob, &outBlob);
885 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ListAliasesInitBlob fail")
886
887 ret = HksListAliasesPack(paramSet, &inBlob);
888 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksListAliasesPack fail")
889
890 ret = HksSendRequest(HKS_MSG_LIST_ALIASES, &inBlob, &outBlob, paramSet);
891 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest fail")
892
893 ret = HksListAliasesUnpackFromService(&outBlob, outData);
894 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksListAliasesUnpackFromService fail")
895 } while (0);
896
897 if (ret != HKS_SUCCESS) {
898 HKS_LOG_E("HksClientListAliases fail, ret = %" LOG_PUBLIC "d", ret);
899 }
900
901 HKS_FREE_BLOB(inBlob);
902 HKS_FREE_BLOB(outBlob);
903 return ret;
904 }
905
HksClientRenameKeyAlias(const struct HksBlob * oldKeyAlias,const struct HksParamSet * paramSet,const struct HksBlob * newKeyAlias)906 int32_t HksClientRenameKeyAlias(const struct HksBlob *oldKeyAlias, const struct HksParamSet *paramSet,
907 const struct HksBlob *newKeyAlias)
908 {
909 int32_t ret;
910 struct HksParamSet *newParamSet = NULL;
911 struct HksBlob inBlob = { 0, NULL };
912 do {
913 ret = BuildParamSetNotNull(paramSet, &newParamSet);
914 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSet not null failed, ret = %" LOG_PUBLIC "d", ret)
915
916 ret = HksCheckIpcRenameKeyAlias(oldKeyAlias, newParamSet, newKeyAlias);
917 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcRenameKeyAlias failed!")
918
919 inBlob.size = sizeof(oldKeyAlias->size) + ALIGN_SIZE(oldKeyAlias->size) +
920 sizeof(newKeyAlias->size) + ALIGN_SIZE(newKeyAlias->size) +
921 ALIGN_SIZE(newParamSet->paramSetSize);
922 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
923 if (inBlob.data == NULL) {
924 ret = HKS_ERROR_MALLOC_FAIL;
925 break;
926 }
927 ret = HksRenameKeyAliasPack(oldKeyAlias, newKeyAlias, newParamSet, &inBlob);
928 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksRenameKeyAliasPack failed!")
929 ret = HksSendRequest(HKS_MSG_RENAME_KEY_ALIAS, &inBlob, NULL, newParamSet);
930 } while (0);
931 HksFreeParamSet(&newParamSet);
932 HKS_FREE_BLOB(inBlob);
933 return ret;
934 }
HksClientChangeStorageLevel(const struct HksBlob * keyAlias,const struct HksParamSet * srcParamSet,const struct HksParamSet * destParamSet)935 int32_t HksClientChangeStorageLevel(const struct HksBlob *keyAlias, const struct HksParamSet *srcParamSet,
936 const struct HksParamSet *destParamSet)
937 {
938 int32_t ret = HksCheckIpcChangeStorageLevel(keyAlias, srcParamSet, destParamSet);
939 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcChangeStorageLevel fail")
940
941 struct HksBlob inBlob = { 0, NULL };
942 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(srcParamSet->paramSetSize) +
943 ALIGN_SIZE(destParamSet->paramSetSize);
944 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
945 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
946
947 do {
948 ret = HksChangeStorageLevelPack(&inBlob, keyAlias, srcParamSet, destParamSet);
949 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksChangeStorageLevelPack fail")
950
951 ret = HksSendRequest(HKS_MSG_CHANGE_STORAGE_LEVEL, &inBlob, NULL, srcParamSet);
952 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest fail, ret = %" LOG_PUBLIC "d", ret)
953 } while (0);
954
955 HKS_FREE_BLOB(inBlob);
956 return ret;
957 }