1 /*
2  * Copyright (c) 2020-2021 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *    http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef _CUT_AUTHENTICATE_
17 #ifdef _STORAGE_LITE_
18 
19 #include "hks_storage_adapter.h"
20 
21 #include "hks_log.h"
22 #include "hks_param.h"
23 #include "hks_template.h"
24 
HksIsKeyInfoLenInvalid(struct HksStoreKeyInfo * keyInfo)25 bool HksIsKeyInfoLenInvalid(struct HksStoreKeyInfo *keyInfo)
26 {
27     return (keyInfo->aliasSize > HKS_MAX_KEY_ALIAS_LEN) || (keyInfo->aliasSize == 0) ||
28         (keyInfo->keySize > HKS_MAX_KEY_MATERIAL_LEN) || (keyInfo->keySize == 0) ||
29         (keyInfo->authIdSize > HKS_MAX_KEY_AUTH_ID_LEN) ||
30         (keyInfo->keyInfoLen != (sizeof(*keyInfo) + keyInfo->aliasSize + keyInfo->authIdSize + keyInfo->keySize));
31 }
32 
AddStorageFixedParams(const struct HksStoreKeyInfo * keyInfo,struct HksParamSet * paramSet)33 static int32_t AddStorageFixedParams(const struct HksStoreKeyInfo *keyInfo, struct HksParamSet *paramSet)
34 {
35     struct HksParam params[] = {
36         {
37             .tag = HKS_TAG_KEY_FLAG,
38             .uint32Param = keyInfo->flag
39         }, {
40             .tag = HKS_TAG_ALGORITHM,
41             .uint32Param = keyInfo->keyAlg
42         }, {
43             .tag = HKS_TAG_PURPOSE,
44             .uint32Param = keyInfo->purpose
45         }, {
46             .tag = HKS_TAG_KEY_SIZE,
47             .uint32Param = keyInfo->keyLen
48         }, {
49             .tag = HKS_TAG_DIGEST,
50             .uint32Param = keyInfo->digest
51         }, {
52             .tag = HKS_TAG_PADDING,
53             .uint32Param = keyInfo->padding
54         }, {
55             .tag = HKS_TAG_BLOCK_MODE,
56             .uint32Param = keyInfo->keyMode
57         }, {
58             .tag = HKS_TAG_KEY_ROLE,
59             .uint32Param = keyInfo->role
60         }, {
61             .tag = HKS_TAG_KEY_DOMAIN,
62             .uint32Param = keyInfo->domain
63         },
64     };
65 
66     int32_t ret = HksAddParams(paramSet, params, sizeof(params) / sizeof(params[0]));
67     HKS_IF_NOT_SUCC_LOGE(ret, "HksAddParams failed!")
68 
69     return ret;
70 }
71 
AddStorageParams(const struct HksBlob * key,const struct HksBlob * keyInfoBlob,struct HksParamSet * paramSet)72 static int32_t AddStorageParams(const struct HksBlob *key, const struct HksBlob *keyInfoBlob,
73     struct HksParamSet *paramSet)
74 {
75     if (keyInfoBlob->size < sizeof(struct HksStoreKeyInfo)) {
76         HKS_LOG_E("invalid keyInfoBlob, size too small, size = %" LOG_PUBLIC "u", keyInfoBlob->size);
77         return HKS_ERROR_INVALID_KEY_INFO;
78     }
79 
80     struct HksStoreKeyInfo *keyInfo = (struct HksStoreKeyInfo *)keyInfoBlob->data;
81     if (HksIsKeyInfoLenInvalid(keyInfo)) {
82         HKS_LOG_E("invalid keyInfoBlob len");
83         return HKS_ERROR_INVALID_KEY_INFO;
84     }
85 
86     int32_t ret = AddStorageFixedParams(keyInfo, paramSet);
87     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "add storage fixed params failed!")
88 
89     if (keyInfo->authIdSize != 0) {
90         struct HksBlob keyAuthId = { keyInfo->authIdSize, keyInfoBlob->data + sizeof(*keyInfo) + keyInfo->aliasSize };
91         struct HksParam keyAuthIdParam = {
92             .tag = HKS_TAG_KEY_AUTH_ID,
93             .blob = keyAuthId
94         };
95         ret = HksAddParams(paramSet, &keyAuthIdParam, 1);
96         HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksAddParams keyAuthId failed!")
97     }
98 
99     if (key != NULL) {
100         struct HksParam keyParam = {
101             .tag = HKS_TAG_KEY,
102             .blob = *key
103         };
104         ret = HksAddParams(paramSet, &keyParam, 1);
105         HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksAddParams key failed!")
106     }
107     return ret;
108 }
109 
TranslateKeyInfoBlobToParamSet(const struct HksBlob * key,const struct HksBlob * keyInfoBlob,struct HksParamSet ** paramSet)110 int32_t TranslateKeyInfoBlobToParamSet(const struct HksBlob *key, const struct HksBlob *keyInfoBlob,
111     struct HksParamSet **paramSet)
112 {
113     struct HksParamSet *outputParamSet = NULL;
114     int32_t ret = HksInitParamSet(&outputParamSet);
115     HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksInitParamSet failed!")
116 
117     do {
118         ret = AddStorageParams(key, keyInfoBlob, outputParamSet);
119         HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "AddParams failed!")
120 
121         ret = HksBuildParamSet(&outputParamSet);
122         HKS_IF_NOT_SUCC_LOGE(ret, "HksBuildParamSet failed!")
123     } while (0);
124 
125     if (ret != HKS_SUCCESS) {
126         HKS_LOG_E("ConstructParamSet failed.");
127         HksFreeParamSet(&outputParamSet);
128         return ret;
129     }
130 
131     *paramSet = outputParamSet;
132     return ret;
133 }
134 
135 #endif /* _STORAGE_LITE_ */
136 #endif /* _CUT_AUTHENTICATE_ */
137