1 /* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef CERT_MANAGER_STORAGE_H 17 #define CERT_MANAGER_STORAGE_H 18 19 #include "cm_type.h" 20 #include "openssl/ossl_typ.h" 21 #ifdef __cplusplus 22 extern "C" { 23 #endif 24 25 #define CERT_DIR "/data/service/el1/public/cert_manager_service/certificates" 26 #define CREDNTIAL_STORE "/data/service/el1/public/cert_manager_service/certificates/credential/" 27 #define SYSTEM_CA_STORE "/system/etc/security/certificates/" 28 #define USER_CA_STORE "/data/service/el1/public/cert_manager_service/certificates/user/" 29 #define PRI_CREDNTIAL_STORE "/data/service/el1/public/cert_manager_service/certificates/priv_credential/" 30 #define SYS_CREDNTIAL_STORE "/data/service/el1/public/cert_manager_service/certificates/sys_credential/" 31 32 #define CERT_BACKUP_ROOT_DIR "/data/service/el1/public/cert_manager_service/certificates/user_open" 33 #define CERT_BACKUP_CONFIG_ROOT_DIR "/data/service/el1/public/cert_manager_service/certificates/user_config" 34 #define CERT_BACKUP_DIR_NAME "cacerts" 35 #define CERT_CONFIG_FILE_SUFFIX ".config" 36 #define CERT_BACKUP_FILENAME_FORMAT "%08lx.%d" 37 38 int32_t GetRootPath(uint32_t store, char *rootPath, uint32_t pathLen); 39 40 int32_t ConstructUserIdPath(const struct CmContext *context, uint32_t store, 41 char *userIdPath, uint32_t pathLen); 42 43 int32_t ConstructUidPath(const struct CmContext *context, uint32_t store, 44 char *uidPath, uint32_t pathLen); 45 46 int32_t ConstructAuthListPath(const struct CmContext *context, uint32_t store, 47 char *authListPath, uint32_t pathLen); 48 49 int32_t CmStorageGetBuf(const char *path, const char *fileName, struct CmBlob *storageBuf); 50 51 int32_t CmStorageGetAppCert(const struct CmContext *context, uint32_t store, 52 const struct CmBlob *keyUri, struct CmBlob *certBlob); 53 54 int32_t CmGetCertFilePath(const struct CmContext *context, uint32_t store, struct CmMutableBlob *pathBlob); 55 56 /** 57 * @brief Construct the absolute path to the {confRootDir}/{userId} directory 58 * 59 * @param[in] userId User ID 60 * @param[out] confUserIdDir The buffer that holds the absolute path of the {confRootDir}/{userId} directory 61 * @param[in] dirLen Maximum length of the confUserIdDir buffer 62 * @return int32_t result 63 * @retval 0 success 64 * @retval <0 failure 65 */ 66 int32_t CmGetCertConfUserIdDir(uint32_t userId, char *confUserIdDir, uint32_t dirLen); 67 68 /** 69 * @brief Construct the absolute path to the {confRootDir}/{userId}/{uid} directory 70 * 71 * @param[in] userId User ID 72 * @param[in] uid User identifier 73 * @param[out] certConfUidDir The buffer that holds the absolute path of the {confRootDir}/{userId}/{uid} directory 74 * @param[in] dirLen Maximum length of the certConfUidDir buffer 75 * @return int32_t result 76 * @retval 0 success 77 * @retval <0 failure 78 */ 79 int32_t CmGetCertConfUidDir(uint32_t userId, uint32_t uid, char *certConfUidDir, uint32_t dirLen); 80 81 /** 82 * @brief Construct the absolute path of the configuration file corresponding to the CA certificate 83 * 84 * @param[in] userId User ID 85 * @param[in] uid User identifier 86 * @param[in] certUri User certificate URI 87 * @param[out] confFilePath The buffer that holds the absolute path of the certificate configuration file 88 * @param[in] confFilePathLen Maximum length of the confFilePath buffer 89 * @return int32_t result 90 * @retval 0 success 91 * @retval <0 failure 92 */ 93 int32_t CmGetCertConfPath(uint32_t userId, uint32_t uid, const struct CmBlob *certUri, char *confFilePath, 94 uint32_t confFilePathLen); 95 96 /** 97 * @brief Construct the absolute path of the directory where the CA certificate backup file is stored 98 * 99 * @param[in] userId User ID 100 * @param[out] certBackupDir The buffer that holds the absolute path of the {backupRootDir}/{userId} directory 101 * @param[in] certBackupDirLen Maximum length of the certBackupDir buffer 102 * @return int32_t result 103 * @retval 0 success 104 * @retval <0 failure 105 */ 106 int32_t CmGetCertBackupDir(uint32_t userId, char *certBackupDir, uint32_t certBackupDirLen); 107 108 /** 109 * @brief Get the CA certificate backup file name 110 * 111 * @param[in] userCertX509 Certificate data 112 * @param[in] userId User ID 113 * @param[out] certBackupFileName Buffer that stores the backup file name of the user CA certificate 114 * @param[in] certBackupFileNameLen Maximum length of the certBackupFileName buffer 115 * @return int32_t result 116 * @retval 0 success 117 * @retval <0 failure 118 */ 119 int32_t CmGetCertBackupFileName(const X509 *userCertX509, uint32_t userId, char *certBackupFileName, 120 uint32_t certBackupFileNameLen); 121 122 /** 123 * @brief Construct the absolute path of the CA certificate backup file 124 * 125 * @param[in] userCertX509 Certificate data 126 * @param[in] userId User ID 127 * @param[out] backupFilePath Buffer that stores the absolute path of the certificate backup file 128 * @param[in] backupFilePathLen Maximum length of the backupFilePath buffer 129 * @return int32_t result 130 * @retval 0 success 131 * @retval <0 failure 132 */ 133 int32_t CmGetCertBackupFilePath(const X509 *userCertX509, uint32_t userId, char *backupFilePath, 134 uint32_t backupFilePathLen); 135 136 #ifdef __cplusplus 137 } 138 #endif 139 140 #endif /* CERT_MANAGER_STORAGE_H */ 141 142