1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifndef _CUT_AUTHENTICATE_
17
18 #ifdef HKS_CONFIG_FILE
19 #include HKS_CONFIG_FILE
20 #else
21 #include "hks_config.h"
22 #endif
23
24 #include <stdbool.h>
25 #include <stddef.h>
26 #include <stdint.h>
27 #include <string.h>
28
29 #include "hks_log.h"
30 #include "hks_mem.h"
31 #include "hks_param.h"
32 #include "hks_common_check.h"
33 #include "hks_storage.h"
34 #include "hks_storage_manager.h"
35 #include "hks_template.h"
36 #include "hks_type_inner.h"
37
38 #ifdef L2_STANDARD
39 #ifdef HUKS_ENABLE_UPGRADE_KEY_STORAGE_SECURE_LEVEL
40 #ifndef HKS_USE_RKC_IN_STANDARD
41 #include "hks_osaccount_check.h"
42 #endif
43 #endif
44
GetStorageLevelAndStoreUserIdParam(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,uint32_t * storageLevel,int32_t * storeUserId)45 static int32_t GetStorageLevelAndStoreUserIdParam(const struct HksProcessInfo* processInfo,
46 const struct HksParamSet *paramSet, uint32_t *storageLevel, int32_t *storeUserId)
47 {
48 struct HksParam *specificUserIdParam = NULL;
49 int32_t ret = HksGetParam(paramSet, HKS_TAG_SPECIFIC_USER_ID, &specificUserIdParam);
50 if (ret == HKS_SUCCESS) {
51 *storeUserId = specificUserIdParam->int32Param;
52 } else if (ret == HKS_ERROR_PARAM_NOT_EXIST) {
53 *storeUserId = processInfo->userIdInt;
54 ret = HKS_SUCCESS;
55 }
56 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get store user id failed, ret = %" LOG_PUBLIC "d.", ret)
57
58 struct HksParam *storageLevelParam = NULL;
59 ret = HksGetParam(paramSet, HKS_TAG_AUTH_STORAGE_LEVEL, &storageLevelParam);
60 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get storage level tag failed, ret = %" LOG_PUBLIC "d.", ret)
61
62 *storageLevel = storageLevelParam->uint32Param;
63
64 #ifdef HUKS_ENABLE_UPGRADE_KEY_STORAGE_SECURE_LEVEL
65 #ifndef HKS_USE_RKC_IN_STANDARD
66 HksTransferFileIfNeed(*storageLevel, *storeUserId);
67 #endif
68 #endif
69 return ret;
70 }
71 #endif
72
73 #ifdef HKS_ENABLE_LITE_HAP
74 #define HKS_LITE_NATIVE_PROCESS_NAME "hks_client"
CheckIsLiteHap(const struct HksBlob * processName)75 static bool CheckIsLiteHap(const struct HksBlob *processName)
76 {
77 if (processName->size == strlen(HKS_LITE_NATIVE_PROCESS_NAME)
78 && HksMemCmp(processName->data, HKS_LITE_NATIVE_PROCESS_NAME,
79 strlen(HKS_LITE_NATIVE_PROCESS_NAME)) == HKS_SUCCESS) {
80 return false;
81 }
82 return true;
83 }
84 #endif
85
GetKeyAliasPath(const struct HksBlob * keyAlias,struct HksStoreMaterial * outMaterial)86 static int32_t GetKeyAliasPath(const struct HksBlob *keyAlias, struct HksStoreMaterial *outMaterial)
87 {
88 if (keyAlias == NULL) {
89 return HKS_SUCCESS;
90 }
91 outMaterial->keyAliasPath = (char *)HksMalloc(HKS_MAX_FILE_NAME_LEN);
92 HKS_IF_NULL_LOGE_RETURN(outMaterial->keyAliasPath, HKS_ERROR_MALLOC_FAIL, "malloc keyAliasPath failed.")
93 return ConstructName(keyAlias, outMaterial->keyAliasPath, HKS_MAX_FILE_NAME_LEN);
94 }
95
GetUserIdPath(int32_t userId,bool isPlain,struct HksStoreMaterial * outMaterial)96 static int32_t GetUserIdPath(int32_t userId, bool isPlain, struct HksStoreMaterial *outMaterial)
97 {
98 outMaterial->userIdPath = (char *)HksMalloc(HKS_MAX_DIRENT_FILE_LEN);
99 HKS_IF_NULL_LOGE_RETURN(outMaterial->userIdPath, HKS_ERROR_MALLOC_FAIL, "malloc userIdPath failed.")
100 struct HksBlob userIdBlob = { .data = (uint8_t *)&userId, .size = sizeof(userId) };
101
102 int32_t ret;
103 if (isPlain) {
104 ret = ConstructPlainName(&userIdBlob, outMaterial->userIdPath, HKS_MAX_FILE_NAME_LEN);
105 } else {
106 if (userId == 0) {
107 HKS_LOG_D("skip user id path.");
108 return HKS_SUCCESS;
109 }
110 ret = ConstructName(&userIdBlob, outMaterial->userIdPath, HKS_MAX_FILE_NAME_LEN);
111 }
112
113 return ret;
114 }
115
GetUidPath(bool isPlain,const struct HksBlob * processName,struct HksStoreMaterial * outMaterial)116 static int32_t GetUidPath(bool isPlain, const struct HksBlob *processName,
117 struct HksStoreMaterial *outMaterial)
118 {
119 outMaterial->uidPath = (char *)HksMalloc(HKS_MAX_DIRENT_FILE_LEN);
120 HKS_IF_NULL_LOGE_RETURN(outMaterial->uidPath, HKS_ERROR_MALLOC_FAIL, "malloc uidPath failed.")
121 #ifdef HKS_ENABLE_LITE_HAP
122 if (CheckIsLiteHap(processName)) {
123 if (memcpy_s(outMaterial->uidPath, HKS_MAX_DIRENT_FILE_LEN, processName->data, processName->size) != EOK) {
124 HKS_LOG_E("construct uidPath fail, uidPath buffer is too small.");
125 return HKS_ERROR_BUFFER_TOO_SMALL;
126 }
127 return HKS_SUCCESS;
128 }
129 #endif
130 int32_t ret;
131 if (isPlain) {
132 ret = ConstructPlainName(processName, outMaterial->uidPath, HKS_MAX_DIRENT_FILE_LEN);
133 } else {
134 ret = ConstructName(processName, outMaterial->uidPath, HKS_MAX_DIRENT_FILE_LEN);
135 }
136
137 return ret;
138 }
139
GetStorageTypePath(uint32_t storageType,struct HksStoreMaterial * outMaterial)140 static int32_t GetStorageTypePath(uint32_t storageType, struct HksStoreMaterial *outMaterial)
141 {
142 switch (storageType) {
143 case HKS_STORAGE_TYPE_KEY:
144 case HKS_STORAGE_TYPE_BAK_KEY:
145 outMaterial->storageTypePath = (char *)HksMalloc(sizeof(HKS_KEY_STORE_KEY_PATH) + 1);
146 if (outMaterial->storageTypePath == NULL) {
147 return HKS_ERROR_MALLOC_FAIL;
148 }
149 (void)memcpy_s(outMaterial->storageTypePath, sizeof(HKS_KEY_STORE_KEY_PATH),
150 HKS_KEY_STORE_KEY_PATH, sizeof(HKS_KEY_STORE_KEY_PATH));
151 return HKS_SUCCESS;
152 case HKS_STORAGE_TYPE_ROOT_KEY:
153 outMaterial->storageTypePath = (char *)HksMalloc(sizeof(HKS_KEY_STORE_ROOT_KEY_PATH) + 1);
154 if (outMaterial->storageTypePath == NULL) {
155 return HKS_ERROR_MALLOC_FAIL;
156 }
157 (void)memcpy_s(outMaterial->storageTypePath, sizeof(HKS_KEY_STORE_ROOT_KEY_PATH),
158 HKS_KEY_STORE_ROOT_KEY_PATH, sizeof(HKS_KEY_STORE_ROOT_KEY_PATH));
159 return HKS_SUCCESS;
160 default:
161 return HKS_ERROR_BAD_STATE;
162 }
163 }
164
GetIsPlainPath(uint32_t storageLevel)165 static bool GetIsPlainPath(uint32_t storageLevel)
166 {
167 (void)storageLevel;
168 #ifdef L2_STANDARD
169 switch (storageLevel) {
170 case HKS_AUTH_STORAGE_LEVEL_DE:
171 return true;
172 case HKS_AUTH_STORAGE_LEVEL_CE:
173 return true;
174 case HKS_AUTH_STORAGE_LEVEL_ECE:
175 return true;
176 #ifdef HUKS_ENABLE_SKIP_UPGRADE_KEY_STORAGE_SECURE_LEVEL
177 case HKS_AUTH_STORAGE_LEVEL_OLD_DE_TMP:
178 return false;
179 #endif
180 }
181 #endif
182 return false;
183 }
184
GetPathType(const struct HksProcessInfo * processInfo,uint32_t storageType,int32_t storageLevel,struct HksStoreMaterial * outMaterial)185 static int32_t GetPathType(const struct HksProcessInfo *processInfo, uint32_t storageType,
186 int32_t storageLevel, struct HksStoreMaterial *outMaterial)
187 {
188 (void)processInfo;
189 (void)storageType;
190 #ifdef HKS_ENABLE_LITE_HAP
191 if (CheckIsLiteHap(&processInfo->processName)) {
192 outMaterial->pathType = LITE_HAP_PATH;
193 return HKS_SUCCESS;
194 }
195 #endif
196 #ifdef HKS_USE_RKC_IN_STANDARD
197 if (storageType == HKS_STORAGE_TYPE_ROOT_KEY) {
198 outMaterial->pathType = RKC_IN_STANDARD_PATH;
199 return HKS_SUCCESS;
200 }
201 #endif
202 switch (storageLevel) {
203 case HKS_AUTH_STORAGE_LEVEL_DE:
204 outMaterial->pathType = DE_PATH;
205 break;
206 #ifdef L2_STANDARD
207 case HKS_AUTH_STORAGE_LEVEL_CE:
208 outMaterial->pathType = CE_PATH;
209 break;
210 case HKS_AUTH_STORAGE_LEVEL_ECE:
211 outMaterial->pathType = ECE_PATH;
212 break;
213 #ifdef HUKS_ENABLE_SKIP_UPGRADE_KEY_STORAGE_SECURE_LEVEL
214 case HKS_AUTH_STORAGE_LEVEL_OLD_DE_TMP:
215 outMaterial->pathType = TMP_PATH;
216 break;
217 #endif
218 #endif
219 default:
220 HKS_LOG_E("invalid storage level %" LOG_PUBLIC "d.", storageLevel);
221 }
222 return HKS_SUCCESS;
223 }
224
FreeStorageMaterial(struct HksStoreMaterial * material)225 static void FreeStorageMaterial(struct HksStoreMaterial *material)
226 {
227 HKS_FREE(material->userIdPath);
228 HKS_FREE(material->uidPath);
229 HKS_FREE(material->storageTypePath);
230 HKS_FREE(material->keyAliasPath);
231 }
232
InitStorageMaterial(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,uint32_t storageType,struct HksStoreMaterial * outMaterial)233 static int32_t InitStorageMaterial(const struct HksProcessInfo *processInfo,
234 const struct HksParamSet *paramSet, const struct HksBlob *keyAlias, uint32_t storageType,
235 struct HksStoreMaterial *outMaterial)
236 {
237 (void)paramSet;
238 uint32_t storageLevel = HKS_AUTH_STORAGE_LEVEL_DE;
239 int32_t storeUserId = processInfo->userIdInt;
240 int32_t ret;
241 #ifdef L2_STANDARD
242 ret = GetStorageLevelAndStoreUserIdParam(processInfo, paramSet, &storageLevel, &storeUserId);
243 if (ret != HKS_SUCCESS) {
244 HKS_LOG_E("get storage level and user id from param set failed.");
245 return ret;
246 }
247 #endif
248 bool isPlainPath = GetIsPlainPath(storageLevel);
249
250 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
251 do {
252 ret = GetPathType(processInfo, storageType, storageLevel, &material);
253 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get path type failed.")
254
255 ret = GetUserIdPath(storeUserId, isPlainPath, &material);
256 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get user id path failed.")
257
258 ret = GetUidPath(isPlainPath, &processInfo->processName, &material);
259 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get uid path failed.")
260
261 ret = GetStorageTypePath(storageType, &material);
262 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get storage type path failed.")
263
264 ret = GetKeyAliasPath(keyAlias, &material);
265 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get key alias path failed.")
266
267 *outMaterial = material;
268 return HKS_SUCCESS;
269 } while (false);
270 FreeStorageMaterial(&material);
271 return ret;
272 }
273
HksConstructStoreFileInfo(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksStoreMaterial * material,struct HksStoreFileInfo * fileInfo)274 static int32_t HksConstructStoreFileInfo(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
275 const struct HksStoreMaterial *material, struct HksStoreFileInfo *fileInfo)
276 {
277 int32_t ret;
278 do {
279 ret = CheckSpecificUserIdAndStorageLevel(processInfo, paramSet);
280 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "check storagelevel or specificuserid tag failed, ret = %" LOG_PUBLIC "d.", ret)
281
282 ret = HksGetFileInfo(material, fileInfo);
283 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get plain file info failed, ret = %" LOG_PUBLIC "d.", ret)
284 } while (0);
285 return ret;
286 }
287
HksManageStoreKeyBlob(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,const struct HksBlob * keyBlob,uint32_t storageType)288 int32_t HksManageStoreKeyBlob(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
289 const struct HksBlob *keyAlias, const struct HksBlob *keyBlob, uint32_t storageType)
290 {
291 (void)processInfo;
292 (void)paramSet;
293 #ifdef SUPPORT_STORAGE_BACKUP
294 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
295 #else
296 struct HksStoreFileInfo fileInfo = { { 0 } };
297 #endif
298 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
299 int32_t ret;
300 do {
301 #ifdef _STORAGE_LITE_
302 ret = HksStoreKeyBlob(NULL, keyAlias, storageType, keyBlob);
303 #else
304 ret = InitStorageMaterial(processInfo, paramSet, keyAlias, storageType, &material);
305 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
306
307 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
308 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
309
310 ret = HksStoreKeyBlob(&fileInfo, keyBlob);
311 #endif
312 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks store key blob failed, ret = %" LOG_PUBLIC "d.", ret)
313 } while (0);
314
315 FileInfoFree(&fileInfo);
316 FreeStorageMaterial(&material);
317 return ret;
318 }
319
HksManageStoreDeleteKeyBlob(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,uint32_t storageType)320 int32_t HksManageStoreDeleteKeyBlob(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
321 const struct HksBlob *keyAlias, uint32_t storageType)
322 {
323 (void)processInfo;
324 (void)paramSet;
325 #ifdef SUPPORT_STORAGE_BACKUP
326 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
327 #else
328 struct HksStoreFileInfo fileInfo = { { 0 } };
329 #endif
330 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
331 int32_t ret;
332 do {
333 #ifdef _STORAGE_LITE_
334 ret = HksStoreDeleteKeyBlob(NULL, keyAlias, storageType);
335 #else
336 ret = InitStorageMaterial(processInfo, paramSet, keyAlias, storageType, &material);
337 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
338
339 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
340 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
341
342 ret = HksStoreDeleteKeyBlob(&fileInfo);
343 #endif
344 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks delete key blob failed, ret = %" LOG_PUBLIC "d.", ret)
345 } while (0);
346
347 FileInfoFree(&fileInfo);
348 FreeStorageMaterial(&material);
349 return ret;
350 }
351
HksManageStoreIsKeyBlobExist(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,uint32_t storageType)352 int32_t HksManageStoreIsKeyBlobExist(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
353 const struct HksBlob *keyAlias, uint32_t storageType)
354 {
355 (void)processInfo;
356 (void)paramSet;
357 #ifdef SUPPORT_STORAGE_BACKUP
358 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
359 #else
360 struct HksStoreFileInfo fileInfo = { { 0 } };
361 #endif
362 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
363 int32_t ret;
364 do {
365 #ifdef _STORAGE_LITE_
366 ret = HksStoreIsKeyBlobExist(NULL, keyAlias, storageType);
367 #else
368 ret = InitStorageMaterial(processInfo, paramSet, keyAlias, storageType, &material);
369 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
370
371 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
372 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
373
374 ret = HksStoreIsKeyBlobExist(&fileInfo);
375 #endif
376 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks key blob in old de not exist, ret = %" LOG_PUBLIC "d.", ret)
377 } while (0);
378
379 FileInfoFree(&fileInfo);
380 FreeStorageMaterial(&material);
381 return ret;
382 }
383
HksManageStoreGetKeyBlob(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,struct HksBlob * keyBlob,uint32_t storageType)384 int32_t HksManageStoreGetKeyBlob(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
385 const struct HksBlob *keyAlias, struct HksBlob *keyBlob, uint32_t storageType)
386 {
387 (void)processInfo;
388 (void)paramSet;
389 #ifdef SUPPORT_STORAGE_BACKUP
390 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
391 #else
392 struct HksStoreFileInfo fileInfo = { { 0 } };
393 #endif
394 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
395 int32_t ret;
396 do {
397 #ifdef _STORAGE_LITE_
398 ret = HksStoreGetKeyBlob(NULL, keyAlias, storageType, keyBlob);
399 #else
400 ret = InitStorageMaterial(processInfo, paramSet, keyAlias, storageType, &material);
401 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
402
403 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
404 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
405
406 if (storageType != HKS_STORAGE_TYPE_BAK_KEY) {
407 ret = HksStoreGetKeyBlob(&fileInfo.mainPath, keyBlob);
408 }
409 #ifdef SUPPORT_STORAGE_BACKUP
410 else {
411 ret = HksStoreGetKeyBlob(&fileInfo.bakPath, keyBlob);
412 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get key blob failed, ret = %" LOG_PUBLIC "d.", ret)
413
414 if (HksStorageWriteFile(fileInfo.mainPath.path, fileInfo.mainPath.fileName, 0,
415 keyBlob->data, keyBlob->size) != HKS_SUCCESS) {
416 HKS_LOG_E("hks copy bak key to main key failed");
417 }
418 }
419 #endif
420 #endif
421 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get key blob failed, ret = %" LOG_PUBLIC "d.", ret)
422 } while (0);
423
424 FileInfoFree(&fileInfo);
425 FreeStorageMaterial(&material);
426 return ret;
427 }
428
HksManageStoreGetKeyBlobSize(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,uint32_t * keyBlobSize,uint32_t storageType)429 int32_t HksManageStoreGetKeyBlobSize(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
430 const struct HksBlob *keyAlias, uint32_t *keyBlobSize, uint32_t storageType)
431 {
432 (void)processInfo;
433 (void)paramSet;
434 #ifdef SUPPORT_STORAGE_BACKUP
435 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
436 #else
437 struct HksStoreFileInfo fileInfo = { { 0 } };
438 #endif
439 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
440 int32_t ret;
441 do {
442 #ifdef _STORAGE_LITE_
443 ret = HksStoreGetKeyBlobSize(NULL, keyAlias, storageType, keyBlobSize);
444 #else
445 ret = InitStorageMaterial(processInfo, paramSet, keyAlias, storageType, &material);
446 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
447
448 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
449 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
450
451 if (storageType != HKS_STORAGE_TYPE_BAK_KEY) {
452 ret = HksStoreGetKeyBlobSize(&fileInfo.mainPath, keyBlobSize);
453 }
454 #ifdef SUPPORT_STORAGE_BACKUP
455 else {
456 ret = HksStoreGetKeyBlobSize(&fileInfo.bakPath, keyBlobSize);
457 }
458 #endif
459 #endif
460 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get key blob failed, ret = %" LOG_PUBLIC "d.", ret)
461 } while (0);
462
463 FileInfoFree(&fileInfo);
464 FreeStorageMaterial(&material);
465 return ret;
466 }
467
HksManageGetKeyAliasByProcessName(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,struct HksKeyInfo * keyInfoList,uint32_t * listCount)468 int32_t HksManageGetKeyAliasByProcessName(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
469 struct HksKeyInfo *keyInfoList, uint32_t *listCount)
470 {
471 #ifdef SUPPORT_STORAGE_BACKUP
472 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
473 #else
474 struct HksStoreFileInfo fileInfo = { { 0 } };
475 #endif
476 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
477 int32_t ret;
478 do {
479 ret = InitStorageMaterial(processInfo, paramSet, NULL, HKS_STORAGE_TYPE_KEY, &material);
480 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
481
482 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
483 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
484
485 ret = HksGetKeyAliasByProcessName(&fileInfo, keyInfoList, listCount);
486 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get key alias by processname failed, ret = %" LOG_PUBLIC "d.", ret)
487 } while (0);
488
489 FileInfoFree(&fileInfo);
490 FreeStorageMaterial(&material);
491 return ret;
492 }
493
HksManageGetKeyCountByProcessName(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,uint32_t * fileCount)494 int32_t HksManageGetKeyCountByProcessName(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
495 uint32_t *fileCount)
496 {
497 (void)processInfo;
498 (void)paramSet;
499 #ifdef SUPPORT_STORAGE_BACKUP
500 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
501 #else
502 struct HksStoreFileInfo fileInfo = { { 0 } };
503 #endif
504 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
505 int32_t ret;
506 do {
507 #ifdef _STORAGE_LITE_
508 ret = HksGetKeyCountByProcessName(NULL, fileCount);
509 #else
510 ret = InitStorageMaterial(processInfo, paramSet, NULL, HKS_STORAGE_TYPE_KEY, &material);
511 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
512
513 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
514 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
515
516 ret = HksGetKeyCountByProcessName(&fileInfo, fileCount);
517 #endif
518 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get key count by processname failed, ret = %" LOG_PUBLIC "d.", ret)
519 } while (0);
520
521 FileInfoFree(&fileInfo);
522 FreeStorageMaterial(&material);
523 return ret;
524 }
525
HksManageListAliasesByProcessName(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,struct HksKeyAliasSet ** outData)526 int32_t HksManageListAliasesByProcessName(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
527 struct HksKeyAliasSet **outData)
528 {
529 #ifdef L2_STANDARD
530 #ifdef SUPPORT_STORAGE_BACKUP
531 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
532 #else
533 struct HksStoreFileInfo fileInfo = { { 0 } };
534 #endif
535 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
536 int32_t ret;
537 do {
538 ret = InitStorageMaterial(processInfo, paramSet, NULL, HKS_STORAGE_TYPE_KEY, &material);
539 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
540
541 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
542 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
543
544 ret = HksListAliasesByProcessName(&fileInfo, outData);
545 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks list aliases by processname failed, ret = %" LOG_PUBLIC "d.", ret)
546 } while (0);
547
548 FileInfoFree(&fileInfo);
549 FreeStorageMaterial(&material);
550 return ret;
551 #else
552 (void)processInfo;
553 (void)paramSet;
554 (void)outData;
555 return HKS_SUCCESS;
556 #endif
557 }
558
HksManageStoreRenameKeyAlias(const struct HksProcessInfo * processInfo,const struct HksBlob * oldKeyAlias,const struct HksParamSet * paramSet,const struct HksBlob * newKeyAlias,uint32_t storageType)559 int32_t HksManageStoreRenameKeyAlias(const struct HksProcessInfo *processInfo,
560 const struct HksBlob *oldKeyAlias, const struct HksParamSet *paramSet,
561 const struct HksBlob *newKeyAlias, uint32_t storageType)
562 {
563 (void)processInfo;
564 (void)paramSet;
565 struct HksStoreFileInfo oldKeyFileInfo = { { 0 } };
566 struct HksStoreFileInfo newKeyFileInfo = { { 0 } };
567 struct HksStoreMaterial oldKeyMaterial = { DE_PATH, 0, 0, 0, 0 };
568 struct HksStoreMaterial newKeyMaterial = { DE_PATH, 0, 0, 0, 0 };
569 int32_t ret;
570 do {
571 ret = InitStorageMaterial(processInfo, paramSet, oldKeyAlias, storageType, &oldKeyMaterial);
572 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init old key storage material failed, ret = %" LOG_PUBLIC "d.", ret);
573 ret = InitStorageMaterial(processInfo, paramSet, newKeyAlias, storageType, &newKeyMaterial);
574 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init new key storage material failed, ret = %" LOG_PUBLIC "d.", ret);
575
576 ret = HksConstructStoreFileInfo(processInfo, paramSet, &oldKeyMaterial, &oldKeyFileInfo);
577 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct old store file info failed, ret = %" LOG_PUBLIC "d.", ret);
578 ret = HksConstructStoreFileInfo(processInfo, paramSet, &newKeyMaterial, &newKeyFileInfo);
579 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct new store file info failed, ret = %" LOG_PUBLIC "d.", ret);
580
581 ret = HksCheckParamSetValidity(paramSet);
582 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "check paramset invalid failed!");
583
584 struct HksParam *isNeedCopy = NULL;
585 ret = HksGetParam(paramSet, HKS_TAG_IS_COPY_NEW_KEY, &isNeedCopy);
586 if (ret == HKS_SUCCESS && isNeedCopy->boolParam == true) {
587 ret = HksStoreRenameKeyAlias(&oldKeyFileInfo, &newKeyFileInfo, true);
588 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks rename key blod failed, ret = %" LOG_PUBLIC "d.", ret);
589 } else {
590 ret = HksStoreRenameKeyAlias(&oldKeyFileInfo, &newKeyFileInfo, false);
591 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks rename key blod failed, ret = %" LOG_PUBLIC "d.", ret);
592 }
593 } while (0);
594 FileInfoFree(&oldKeyFileInfo);
595 FileInfoFree(&newKeyFileInfo);
596 FreeStorageMaterial(&oldKeyMaterial);
597 FreeStorageMaterial(&newKeyMaterial);
598 return ret;
599 }
600
601 #endif