• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2021 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *    http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "common_standard_bind_exchange.h"
17 #include "alg_defs.h"
18 #include "das_standard_token_manager.h"
19 #include "das_task_common.h"
20 #include "hc_log.h"
21 #include "hc_types.h"
22 #include "protocol_common.h"
23 #include "string_util.h"
24 
InitStandardBindExchangeParams(StandardBindExchangeParams * params)25 int32_t InitStandardBindExchangeParams(StandardBindExchangeParams *params)
26 {
27     int32_t res;
28     if (params == NULL) {
29         return HC_ERR_INVALID_PARAMS;
30     }
31 
32     params->pubKeyPeer.length = PAKE_ED25519_KEY_PAIR_LEN;
33     params->pubKeyPeer.val = (uint8_t *)HcMalloc(params->pubKeyPeer.length, 0);
34     if (params->pubKeyPeer.val == NULL) {
35         res = HC_ERR_ALLOC_MEMORY;
36         goto ERR;
37     }
38 
39     params->pubKeySelf.length = PAKE_ED25519_KEY_PAIR_LEN;
40     params->pubKeySelf.val = (uint8_t *)HcMalloc(params->pubKeySelf.length, 0);
41     if (params->pubKeySelf.val == NULL) {
42         res = HC_ERR_ALLOC_MEMORY;
43         goto ERR;
44     }
45 
46     params->nonce.length = STANDARD_BIND_EXCHANGE_NONCE_LEN;
47     params->nonce.val = (uint8_t *)HcMalloc(params->nonce.length, 0);
48     if (params->nonce.val == NULL) {
49         res = HC_ERR_ALLOC_MEMORY;
50         goto ERR;
51     }
52 
53     params->authInfo.length = 0;
54     params->authInfo.val = NULL;
55     params->exInfoCipher.length = 0;
56     params->exInfoCipher.val = NULL;
57 
58     return HC_SUCCESS;
59 ERR:
60     DestroyStandardBindExchangeParams(params);
61     return res;
62 }
63 
DestroyStandardBindExchangeParams(StandardBindExchangeParams * params)64 void DestroyStandardBindExchangeParams(StandardBindExchangeParams *params)
65 {
66     if (params == NULL) {
67         return;
68     }
69     if (params->pubKeySelf.val != NULL) {
70         HcFree(params->pubKeySelf.val);
71         params->pubKeySelf.val = NULL;
72     }
73     if (params->pubKeyPeer.val != NULL) {
74         HcFree(params->pubKeyPeer.val);
75         params->pubKeyPeer.val = NULL;
76     }
77     if (params->authInfo.val != NULL) {
78         HcFree(params->authInfo.val);
79         params->authInfo.val = NULL;
80     }
81     if (params->exInfoCipher.val != NULL) {
82         HcFree(params->exInfoCipher.val);
83         params->exInfoCipher.val = NULL;
84     }
85     if (params->nonce.val != NULL) {
86         HcFree(params->nonce.val);
87         params->nonce.val = NULL;
88     }
89 }
90 
PackageAuthInfo(const PakeParams * pakeParams,StandardBindExchangeParams * exchangeParams,const Uint8Buff * keyAlias)91 static int32_t PackageAuthInfo(const PakeParams *pakeParams, StandardBindExchangeParams *exchangeParams,
92     const Uint8Buff *keyAlias)
93 {
94     int32_t res = pakeParams->baseParams.loader->checkKeyExist(keyAlias);
95     if (res != HC_SUCCESS) {
96         LOGI("The local identity key pair does not exist, generate it.");
97         Algorithm alg = (pakeParams->baseParams.curveType == CURVE_256) ? P256 : ED25519;
98         /* UserType and pairType are not required when generating key. */
99         ExtraInfo exInfo = { pakeParams->baseParams.idSelf, -1, -1 };
100         res = pakeParams->baseParams.loader->generateKeyPairWithStorage(keyAlias, PAKE_ED25519_KEY_PAIR_LEN, alg,
101             KEY_PURPOSE_SIGN_VERIFY, &exInfo);
102         if (res != HC_SUCCESS) {
103             LOGE("generate self auth keyPair failed.");
104             return res;
105         }
106     }
107 
108     res = pakeParams->baseParams.loader->exportPublicKey(keyAlias, &(exchangeParams->pubKeySelf));
109     if (res != HC_SUCCESS) {
110         LOGE("exportPublicKey failed");
111         return res;
112     }
113 
114     CJson *authInfoJson = CreateJson();
115     char *authInfoStr = NULL;
116     GOTO_ERR_AND_SET_RET(AddByteToJson(authInfoJson, FIELD_AUTH_ID, pakeParams->baseParams.idSelf.val,
117         pakeParams->baseParams.idSelf.length), res);
118     GOTO_ERR_AND_SET_RET(AddByteToJson(authInfoJson, FIELD_AUTH_PK, exchangeParams->pubKeySelf.val,
119         exchangeParams->pubKeySelf.length), res);
120     authInfoStr = PackJsonToString(authInfoJson);
121     if (authInfoStr == NULL) {
122         LOGE("authInfoStr PackJsonToString failed");
123         res = HC_ERR_PACKAGE_JSON_TO_STRING_FAIL;
124         goto ERR;
125     }
126 
127     res = InitSingleParam(&(exchangeParams->authInfo), strlen(authInfoStr));
128     if (res != HC_SUCCESS) {
129         LOGE("InitSingleParam for authInfo failed.");
130         goto ERR;
131     }
132 
133     if (memcpy_s(exchangeParams->authInfo.val, exchangeParams->authInfo.length,
134         authInfoStr, strlen(authInfoStr)) != EOK) {
135         LOGE("Memcpy authInfo failed.");
136         res = HC_ERR_MEMORY_COPY;
137         goto ERR;
138     }
139 ERR:
140     FreeJson(authInfoJson);
141     FreeJsonString(authInfoStr);
142     return res;
143 }
144 
GenerateSignInfo(const PakeParams * pakeParams,const StandardBindExchangeParams * exchangeParams,const Uint8Buff * keyAlias,Uint8Buff * signInfo)145 static int32_t GenerateSignInfo(const PakeParams *pakeParams, const StandardBindExchangeParams *exchangeParams,
146     const Uint8Buff *keyAlias, Uint8Buff *signInfo)
147 {
148     // add challenge
149     int32_t res = HC_SUCCESS;
150     uint32_t msgInfoLen = pakeParams->baseParams.challengeSelf.length + pakeParams->baseParams.challengePeer.length +
151         exchangeParams->authInfo.length;
152     uint8_t *msgInfoVal = (uint8_t *)HcMalloc(msgInfoLen, 0);
153     if (msgInfoVal == NULL) {
154         LOGE("Malloc msgInfoVal failed.");
155         return HC_ERR_ALLOC_MEMORY;
156     }
157     Uint8Buff msgInfo = { msgInfoVal, msgInfoLen };
158     if (memcpy_s(msgInfo.val, msgInfo.length, pakeParams->baseParams.challengeSelf.val,
159         pakeParams->baseParams.challengeSelf.length) != EOK) {
160         LOGE("Memcpy for challengeSelf failed.");
161         res = HC_ERR_MEMORY_COPY;
162         goto ERR;
163     }
164     uint32_t usedLen = pakeParams->baseParams.challengeSelf.length;
165 
166     if (memcpy_s(msgInfo.val + usedLen, msgInfo.length - usedLen, pakeParams->baseParams.challengePeer.val,
167         pakeParams->baseParams.challengePeer.length) != EOK) {
168         LOGE("Memcpy for challengePeer failed.");
169         res = HC_ERR_MEMORY_COPY;
170         goto ERR;
171     }
172     usedLen += pakeParams->baseParams.challengePeer.length;
173 
174     if (memcpy_s(msgInfo.val + usedLen, msgInfo.length - usedLen, exchangeParams->authInfo.val,
175         exchangeParams->authInfo.length) != EOK) {
176         LOGE("Memcpy for authInfo failed.");
177         res = HC_ERR_MEMORY_COPY;
178         goto ERR;
179     }
180 
181     Algorithm alg = (pakeParams->baseParams.curveType == CURVE_256) ? P256 : ED25519;
182     res = pakeParams->baseParams.loader->sign(keyAlias, &msgInfo, alg, signInfo, true);
183     if (res != HC_SUCCESS) {
184         LOGE("sign failed");
185         goto ERR;
186     }
187 ERR:
188     HcFree(msgInfo.val);
189     return res;
190 }
191 
EncryptAuthAndSignInfo(const PakeParams * pakeParams,StandardBindExchangeParams * exchangeParams,const Uint8Buff * signInfo,const char * aad)192 static int32_t EncryptAuthAndSignInfo(const PakeParams *pakeParams, StandardBindExchangeParams *exchangeParams,
193     const Uint8Buff *signInfo, const char *aad)
194 {
195     // contact auth and sign info
196     int32_t res = HC_SUCCESS;
197     uint32_t exchangeInfoLen = exchangeParams->authInfo.length + signInfo->length;
198     uint8_t *exchangeInfoVal = (uint8_t *)HcMalloc(exchangeInfoLen, 0);
199     if (exchangeInfoVal  == NULL) {
200         LOGE("Malloc exchangeInfoVal failed.");
201         return HC_ERR_ALLOC_MEMORY;
202     }
203     Uint8Buff exchangeInfo = { exchangeInfoVal, exchangeInfoLen };
204     if (memcpy_s(exchangeInfo.val, exchangeInfo.length, exchangeParams->authInfo.val,
205         exchangeParams->authInfo.length) != EOK) {
206         res = HC_ERR_MEMORY_COPY;
207         goto ERR;
208     }
209     if (memcpy_s(exchangeInfo.val + exchangeParams->authInfo.length,
210         exchangeInfo.length - exchangeParams->authInfo.length, signInfo->val, signInfo->length) != EOK) {
211         res = HC_ERR_MEMORY_COPY;
212         goto ERR;
213     }
214 
215     res = InitSingleParam(&(exchangeParams->exInfoCipher), exchangeInfo.length + AE_TAG_LEN);
216     if (res != HC_SUCCESS) {
217         LOGE("InitSingleParam for failed.");
218         goto ERR;
219     }
220 
221     // encrypt
222     res = pakeParams->baseParams.loader->generateRandom(&(exchangeParams->nonce));
223     if (res != HC_SUCCESS) {
224         LOGE("generateRandom failed");
225         goto ERR;
226     }
227 
228     GcmParam encryptInfo = {
229         .aad = (uint8_t *)aad,
230         .aadLen = strlen(aad),
231         .nonce = exchangeParams->nonce.val,
232         .nonceLen = exchangeParams->nonce.length
233     };
234     res = pakeParams->baseParams.loader->aesGcmEncrypt(&(pakeParams->baseParams.sessionKey), &exchangeInfo,
235         &encryptInfo, false, &(exchangeParams->exInfoCipher));
236     if (res != HC_SUCCESS) {
237         LOGE("aesGcmEncrypt failed");
238         goto ERR;
239     }
240 
241 ERR:
242     HcFree(exchangeInfo.val);
243     return res;
244 }
245 
DecryptAuthAndSignInfo(const PakeParams * pakeParams,StandardBindExchangeParams * exchangeParams,Uint8Buff * signInfo,const char * aad)246 static int32_t DecryptAuthAndSignInfo(const PakeParams *pakeParams, StandardBindExchangeParams *exchangeParams,
247     Uint8Buff *signInfo, const char *aad)
248 {
249     uint32_t exchangeInfoLen = exchangeParams->exInfoCipher.length - AE_TAG_LEN;
250     uint8_t *exchangeInfoVal = (uint8_t *)HcMalloc(exchangeInfoLen, 0);
251     if (exchangeInfoVal  == NULL) {
252         LOGE("Malloc exchangeInfoVal failed.");
253         return HC_ERR_ALLOC_MEMORY;
254     }
255     Uint8Buff exchangeInfo = { exchangeInfoVal, exchangeInfoLen };
256 
257     GcmParam decryptInfo = {
258         .aad = (uint8_t *)aad,
259         .aadLen = strlen(aad),
260         .nonce = exchangeParams->nonce.val,
261         .nonceLen = exchangeParams->nonce.length
262     };
263 
264     int32_t res = pakeParams->baseParams.loader->aesGcmDecrypt(&(pakeParams->baseParams.sessionKey),
265         &(exchangeParams->exInfoCipher), &decryptInfo, false, &exchangeInfo);
266     if (res != HC_SUCCESS) {
267         LOGE("aesGcmDecrypt failed");
268         goto ERR;
269     }
270 
271     // get authInfo
272     res = InitSingleParam(&(exchangeParams->authInfo), exchangeInfo.length - SIGNATURE_LEN);
273     if (res != HC_SUCCESS) {
274         LOGE("InitSingleParam for authInfo failed.");
275         goto ERR;
276     }
277 
278     if (memcpy_s(exchangeParams->authInfo.val, exchangeParams->authInfo.length, exchangeInfo.val,
279         exchangeParams->authInfo.length) != EOK) {
280         LOGE("memcpy authInfo failed.");
281         res = HC_ERR_MEMORY_COPY;
282         goto ERR;
283     }
284     if (memcpy_s(signInfo->val, signInfo->length, exchangeInfo.val + exchangeParams->authInfo.length,
285         SIGNATURE_LEN) != EOK) {
286         LOGE("memcpy signInfo failed.");
287         res = HC_ERR_MEMORY_COPY;
288         goto ERR;
289     }
290 ERR:
291     HcFree(exchangeInfo.val);
292     return res;
293 }
294 
ParseAuthInfo(PakeParams * pakeParams,const StandardBindExchangeParams * exchangeParams)295 static int32_t ParseAuthInfo(PakeParams *pakeParams, const StandardBindExchangeParams *exchangeParams)
296 {
297     int32_t res;
298     CJson *authInfoJson = CreateJsonFromString((char *)exchangeParams->authInfo.val);
299     if (authInfoJson == NULL) {
300         LOGE("Create authInfoJson failed.");
301         return HC_ERR_JSON_CREATE;
302     }
303 
304     GOTO_ERR_AND_SET_RET(GetByteFromJson(authInfoJson, FIELD_AUTH_PK, exchangeParams->pubKeyPeer.val,
305         exchangeParams->pubKeyPeer.length), res);
306     res = GetIdPeer(authInfoJson, FIELD_AUTH_ID,
307         &pakeParams->baseParams.idSelf, &pakeParams->baseParams.idPeer);
308     if (res != HC_SUCCESS) {
309         LOGE("GetIdPeer failed, res: %d.", res);
310         goto ERR;
311     }
312 ERR:
313     FreeJson(authInfoJson);
314     return res;
315 }
316 
VerifySignInfo(const PakeParams * pakeParams,StandardBindExchangeParams * exchangeParams,Uint8Buff * signInfo)317 static int32_t VerifySignInfo(const PakeParams *pakeParams, StandardBindExchangeParams *exchangeParams,
318     Uint8Buff *signInfo)
319 {
320     int32_t res = HC_SUCCESS;
321     uint32_t verifyMsgLen = exchangeParams->authInfo.length + pakeParams->baseParams.challengePeer.length +
322         pakeParams->baseParams.challengeSelf.length;
323     uint8_t *verifyMsgVal = (uint8_t *)HcMalloc(verifyMsgLen, 0);
324     if (verifyMsgVal == NULL) {
325         LOGE("Malloc verifyMsgVal failed.");
326         return HC_ERR_ALLOC_MEMORY;
327     }
328     Uint8Buff verifyMsg = { verifyMsgVal, verifyMsgLen };
329     if (memcpy_s(verifyMsg.val, verifyMsg.length, pakeParams->baseParams.challengePeer.val,
330         pakeParams->baseParams.challengePeer.length) != EOK) {
331         res = HC_ERR_MEMORY_COPY;
332         goto ERR;
333     }
334     uint32_t usedLen = pakeParams->baseParams.challengePeer.length;
335     if (memcpy_s(verifyMsg.val + usedLen, verifyMsg.length - usedLen, pakeParams->baseParams.challengeSelf.val,
336         pakeParams->baseParams.challengeSelf.length) != EOK) {
337         res = HC_ERR_MEMORY_COPY;
338         goto ERR;
339     }
340     usedLen += pakeParams->baseParams.challengeSelf.length;
341     if (memcpy_s(verifyMsg.val + usedLen, verifyMsg.length - usedLen, exchangeParams->authInfo.val,
342         exchangeParams->authInfo.length) != EOK) {
343         res = HC_ERR_MEMORY_COPY;
344         goto ERR;
345     }
346 
347     Algorithm alg = (pakeParams->baseParams.curveType == CURVE_256) ? P256 : ED25519;
348     res = pakeParams->baseParams.loader->verify(&(exchangeParams->pubKeyPeer), &verifyMsg, alg, signInfo, false);
349     if (res != HC_SUCCESS) {
350         LOGE("verify failed");
351         goto ERR;
352     }
353 ERR:
354     HcFree(verifyMsg.val);
355     return res;
356 }
357 
SaveAuthInfo(const PakeParams * pakeParams,const StandardBindExchangeParams * exchangeParams)358 static int32_t SaveAuthInfo(const PakeParams *pakeParams, const StandardBindExchangeParams *exchangeParams)
359 {
360     uint8_t keyAliasPeerVal[PAKE_KEY_ALIAS_LEN] = { 0 };
361     Uint8Buff keyAliasPeer = { keyAliasPeerVal, PAKE_KEY_ALIAS_LEN };
362     KeyAliasType keyType = pakeParams->userTypePeer;
363     Uint8Buff packageName = { (uint8_t *)pakeParams->packageName, strlen(pakeParams->packageName) };
364     Uint8Buff serviceType = { (uint8_t *)pakeParams->serviceType, strlen(pakeParams->serviceType) };
365     int32_t res = GenerateKeyAlias(&packageName, &serviceType, keyType, &(pakeParams->baseParams.idPeer),
366         &keyAliasPeer);
367     if (res != HC_SUCCESS) {
368         LOGE("generateKeyAlias failed");
369         return res;
370     }
371     LOGI("PubKey alias: %x%x%x%x****.", keyAliasPeerVal[0], keyAliasPeerVal[1], keyAliasPeerVal[2], keyAliasPeerVal[3]);
372     Algorithm alg = (pakeParams->baseParams.curveType == CURVE_256) ? P256 : ED25519;
373     ExtraInfo exInfo = { pakeParams->baseParams.idPeer, pakeParams->userType, PAIR_TYPE_BIND };
374     res = pakeParams->baseParams.loader->importPublicKey(&keyAliasPeer, &(exchangeParams->pubKeyPeer), alg, &exInfo);
375     if (res != HC_SUCCESS) {
376         LOGE("importPublicKey failed");
377         return res;
378     }
379     res = GetStandardTokenManagerInstance()->computeAndSavePsk(pakeParams);
380     if (res != HC_SUCCESS) {
381         LOGE("ComputeAndSavePsk failed, res: %x.", res);
382         return res;
383     }
384     LOGI("Save pubKey and psk success.");
385     return HC_SUCCESS;
386 }
387 
ClientRequestStandardBindExchange(const PakeParams * pakeParams,StandardBindExchangeParams * exchangeParams)388 int32_t ClientRequestStandardBindExchange(const PakeParams *pakeParams, StandardBindExchangeParams *exchangeParams)
389 {
390     uint8_t keyAliasVal[PAKE_KEY_ALIAS_LEN] = { 0 };
391     Uint8Buff keyAlias = { keyAliasVal, PAKE_KEY_ALIAS_LEN };
392     KeyAliasType keyType = pakeParams->userType;
393     Uint8Buff packageName = { (uint8_t *)pakeParams->packageName, strlen(pakeParams->packageName) };
394     Uint8Buff serviceType = { (uint8_t *)pakeParams->serviceType, strlen(pakeParams->serviceType) };
395     int32_t res = GenerateKeyAlias(&packageName, &serviceType, keyType, &(pakeParams->baseParams.idSelf), &keyAlias);
396     if (res != HC_SUCCESS) {
397         LOGE("generateKeyAlias failed");
398         return res;
399     }
400 
401     res = PackageAuthInfo(pakeParams, exchangeParams, &keyAlias);
402     if (res != HC_SUCCESS) {
403         LOGE("PackageAuthInfo failed");
404         return res;
405     }
406 
407     uint8_t signInfoVal[SIGNATURE_LEN] = { 0 };
408     Uint8Buff signInfo = { signInfoVal, SIGNATURE_LEN };
409     res = GenerateSignInfo(pakeParams, exchangeParams, &keyAlias, &signInfo);
410     if (res != HC_SUCCESS) {
411         LOGE("GenerateSignInfo failed");
412         return res;
413     }
414 
415     res = EncryptAuthAndSignInfo(pakeParams, exchangeParams, &signInfo, HICHAIN_EXCHANGE_REQUEST);
416     if (res != HC_SUCCESS) {
417         LOGE("EncryptAuthAndSignInfo failed");
418         return res;
419     }
420 
421     return res;
422 }
423 
ServerResponseStandardBindExchange(PakeParams * pakeParams,StandardBindExchangeParams * exchangeParams)424 int32_t ServerResponseStandardBindExchange(PakeParams *pakeParams, StandardBindExchangeParams *exchangeParams)
425 {
426     uint8_t keyAliasVal[PAKE_KEY_ALIAS_LEN] = { 0 };
427     Uint8Buff keyAlias = { keyAliasVal, PAKE_KEY_ALIAS_LEN };
428     KeyAliasType keyType = pakeParams->userType;
429     Uint8Buff packageName = { (uint8_t *)pakeParams->packageName, strlen(pakeParams->packageName) };
430     Uint8Buff serviceType = { (uint8_t *)pakeParams->serviceType, strlen(pakeParams->serviceType) };
431     int32_t res = GenerateKeyAlias(&packageName, &serviceType, keyType, &(pakeParams->baseParams.idSelf), &keyAlias);
432     if (res != HC_SUCCESS) {
433         LOGE("generateKeyAlias failed");
434         return res;
435     }
436 
437     uint8_t signInfoVal[SIGNATURE_LEN] = { 0 };
438     Uint8Buff signInfo = { signInfoVal, SIGNATURE_LEN };
439     res = DecryptAuthAndSignInfo(pakeParams, exchangeParams, &signInfo, HICHAIN_EXCHANGE_REQUEST);
440     if (res != HC_SUCCESS) {
441         LOGE("DecryptAuthAndSignInfo failed");
442         return res;
443     }
444 
445     res = ParseAuthInfo(pakeParams, exchangeParams);
446     if (res != HC_SUCCESS) {
447         LOGE("ParseAuthInfo failed");
448         return res;
449     }
450 
451     res = VerifySignInfo(pakeParams, exchangeParams, &signInfo);
452     if (res != HC_SUCCESS) {
453         LOGE("VerifySignInfo failed");
454         return res;
455     }
456 
457     res = SaveAuthInfo(pakeParams, exchangeParams);
458     if (res != HC_SUCCESS) {
459         LOGE("SaveAuthInfo failed");
460         return res;
461     }
462 
463     res = PackageAuthInfo(pakeParams, exchangeParams, &keyAlias);
464     if (res != HC_SUCCESS) {
465         LOGE("PackageAuthInfo failed");
466         return res;
467     }
468 
469     res = GenerateSignInfo(pakeParams, exchangeParams, &keyAlias, &signInfo);
470     if (res != HC_SUCCESS) {
471         LOGE("GenerateSignInfo failed");
472         return res;
473     }
474 
475     res = EncryptAuthAndSignInfo(pakeParams, exchangeParams, &signInfo, HICHAIN_EXCHANGE_RESPONSE);
476     if (res != HC_SUCCESS) {
477         LOGE("EncryptAuthAndSignInfo failed");
478         return res;
479     }
480 
481     return HC_SUCCESS;
482 }
483 
ClientConfirmStandardBindExchange(PakeParams * pakeParams,StandardBindExchangeParams * exchangeParams)484 int32_t ClientConfirmStandardBindExchange(PakeParams *pakeParams, StandardBindExchangeParams *exchangeParams)
485 {
486     uint8_t keyAliasVal[PAKE_KEY_ALIAS_LEN] = { 0 };
487     Uint8Buff keyAlias = { keyAliasVal, PAKE_KEY_ALIAS_LEN };
488     KeyAliasType keyType = pakeParams->userType;
489     Uint8Buff packageName = { (uint8_t *)pakeParams->packageName, strlen(pakeParams->packageName) };
490     Uint8Buff serviceType = { (uint8_t *)pakeParams->serviceType, strlen(pakeParams->serviceType) };
491     int32_t res = GenerateKeyAlias(&packageName, &serviceType, keyType, &(pakeParams->baseParams.idSelf), &keyAlias);
492     if (res != HC_SUCCESS) {
493         LOGE("generateKeyAlias failed");
494         return res;
495     }
496 
497     uint8_t signInfoVal[SIGNATURE_LEN] = { 0 };
498     Uint8Buff signInfo = { signInfoVal, SIGNATURE_LEN };
499     res = DecryptAuthAndSignInfo(pakeParams, exchangeParams, &signInfo, HICHAIN_EXCHANGE_RESPONSE);
500     if (res != HC_SUCCESS) {
501         LOGE("DecryptAuthAndSignInfo failed");
502         return res;
503     }
504 
505     res = ParseAuthInfo(pakeParams, exchangeParams);
506     if (res != HC_SUCCESS) {
507         LOGE("ParseAuthInfo failed");
508         return res;
509     }
510 
511     res = VerifySignInfo(pakeParams, exchangeParams, &signInfo);
512     if (res != HC_SUCCESS) {
513         LOGE("VerifySignInfo failed");
514         return res;
515     }
516 
517     res = SaveAuthInfo(pakeParams, exchangeParams);
518     if (res != HC_SUCCESS) {
519         LOGE("SaveAuthInfo failed");
520         return res;
521     }
522 
523     return HC_SUCCESS;
524 }
525