1 /*
2  * Copyright (c) 2021-2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *    http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef HKS_KEYBLOB_H
17 #define HKS_KEYBLOB_H
18 
19 #include <stdint.h>
20 
21 #include "hks_type.h"
22 
23 #ifdef HKS_CONFIG_FILE
24 #include HKS_CONFIG_FILE
25 #else
26 #include "hks_config.h"
27 #endif
28 
29 #define HKS_KEY_BLOB_DERIVE_SALT_SIZE 16
30 #define HKS_KEY_BLOB_DERIVE_CNT 1000
31 #define HKS_KEY_BLOB_TAG_SIZE 16
32 #define HKS_KEY_BLOB_NONCE_SIZE 12
33 #define HKS_KEY_BLOB_MAIN_KEY_SIZE 32
34 
35 #define HKS_KEY_BLOB_DUMMY_KEY_VERSION 1
36 #define HKS_KEY_BLOB_DUMMY_OS_VERSION 1
37 #define HKS_KEY_BLOB_DUMMY_OS_PATCHLEVEL 1
38 
39 enum HksKeyNodeStatus {
40     HKS_KEYNODE_INACTIVE = 0x0,
41     HKS_KEYNODE_ACTIVE = 0x2f2f,
42 };
43 
44 struct HksKeyNode {
45     struct HksParamSet *paramSet;
46     uint32_t refCnt;
47     uint32_t status;
48     uint64_t handle;
49 };
50 
51 #ifdef __cplusplus
52 extern "C" {
53 #endif
54 
55 struct HksKeyNode *HksGenerateKeyNode(const struct HksBlob *key);
56 
57 void HksFreeKeyNode(struct HksKeyNode **keyNode);
58 
59 int32_t HksBuildKeyBlob(const struct HksBlob *keyAlias, uint8_t keyFlag, const struct HksBlob *key,
60     const struct HksParamSet *paramSet, struct HksBlob *keyOut);
61 
62 #ifdef HKS_ENABLE_UPGRADE_KEY
63 int32_t HksBuildKeyBlobWithOutAddKeyParam(const struct HksParamSet *paramSet, struct HksBlob *keyOut);
64 #endif
65 
66 int32_t HksGetEncryptKey(struct HksBlob *mainKey);
67 
68 int32_t HksGetAuthTokenKey(struct HksAuthTokenKey *authTokenKey);
69 
70 int32_t HksCoreInitAuthTokenKey(void);
71 
72 void HksCoreDestroyAuthTokenKey(void);
73 
74 int32_t HksVerifyAuthTokenSign(const struct HksUserAuthToken *authToken);
75 
76 int32_t HksDecryptAuthToken(struct HksUserAuthToken *authToken);
77 
78 int32_t HksGetRawKey(const struct HksParamSet *paramSet, struct HksBlob *rawKey);
79 
80 int32_t HksGetAadAndParamSet(const struct HksBlob *inData, struct HksBlob *aad, struct HksParamSet **paramSet);
81 
82 int32_t HksDecryptKeyBlob(const struct HksBlob *aad, struct HksParamSet *paramSet);
83 
84 #ifndef _CUT_AUTHENTICATE_
85 #ifdef _STORAGE_LITE_
86 int32_t HksGetRawKeyMaterial(const struct HksBlob *key, struct HksBlob *rawKey);
87 
88 int32_t HksTranslateKeyInfoBlobToParamSet(const struct HksBlob *key, const struct HksBlob *keyInfoBlob,
89     struct HksParamSet **paramSet);
90 #endif /* _STORAGE_LITE_ */
91 #endif /* _CUT_AUTHENTICATE_ */
92 
93 #ifdef __cplusplus
94 }
95 #endif
96 
97 #endif
98