1 /* 2 * Copyright (c) 2020-2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef SECURITY_APP_VERIFY_H 17 #define SECURITY_APP_VERIFY_H 18 19 #include "mbedtls/pk.h" 20 #include "app_centraldirectory.h" 21 #include "app_provision.h" 22 #include "app_verify_pub.h" 23 24 #ifdef __cplusplus 25 #if __cplusplus 26 extern "C" { 27 #endif 28 #endif 29 30 #define HW_SH_VERSION_LEN 4 31 #define HW_SH_RESERVE_LEN 4 32 33 #define CONTENT_VERSION_LEN 4 34 35 #define SHA256_SIZE (256 / 8) 36 37 #define SHA384_SIZE (384 / 8) 38 39 #define SHA512_SIZE (512 / 8) 40 41 #define BUF_LEN 1024 42 43 #define BUF_1M (1024 * 1024) 44 45 #define MAX_PROFILE_SIZE (1024 * 1024) 46 47 #define MAX_BLOCK_NUM (1024) 48 49 #define NORMAL_HASH_SIZE 32 50 51 #define MAX_KEY_PAIR_SIZE 4096 52 53 #define MAX_PK_BUF (MBEDTLS_MPI_MAX_SIZE * 2 + 20) 54 55 /* BlockHead->type */ 56 typedef enum { 57 SIGNATURE_BLOCK_TYPE = 0x20000000, 58 KEY_ROTATION_BLOCK_TYPE = 0x20000001, 59 PROFILE_BLOCK_WITHSIGN_TYPE = 0x20000002, 60 PROPERTY_BLOCK_TYPE = 0x20000003, 61 } BockType; 62 63 /* contentinfo tag */ 64 typedef enum { 65 DEFAULT_TAG = 0, 66 HASH_TAG, /* total file */ 67 HASH_ROOT_1M_TAG = 0x80, 68 HASH_ROOT_512K_TAG, 69 HASH_ROOT_256K_TAG, 70 HASH_ROOT_128K_TAG, 71 HASH_ROOT_64K_TAG, 72 HASH_ROOT_32K_TAG, 73 HASH_ROOT_16K_TAG, 74 HASH_ROOT_8K_TAG, 75 HASH_ROOT_4K_TAG, 76 } SignBlockTag; 77 78 /* block head */ 79 typedef struct { 80 unsigned int type; 81 unsigned int length; 82 unsigned int offset; 83 } BlockHead; 84 85 /* sign content */ 86 typedef struct { 87 int version; /* version */ 88 int blockNum; 89 int size; 90 int algId; 91 int length; 92 char hash[NORMAL_HASH_SIZE]; 93 } ContentInfo; 94 95 #define CERT_MAX_NAME_LEN 512 96 #define CERT_TYPE_APPGALLARY 0 97 #define CERT_TYPE_SYETEM 1 98 #define CERT_TYPE_OTHER 2 99 #define CERT_MAX_DEPTH 3 100 101 /* trusted app list */ 102 typedef struct { 103 int maxCertPath; 104 char *name; 105 char *appSignCert; 106 char *profileSignCert; 107 char *profileDebugSignCert; 108 char *issueCA; 109 } TrustAppCert; 110 111 typedef struct { 112 int issuerLen; 113 char *issuer; 114 int subjectLen; 115 char *subject; 116 mbedtls_pk_type_t pkType; 117 int pkLen; 118 char *pkBuf; 119 } CertInfo; 120 121 int GetAppid(ProfileProf *profile); 122 int CalculateHash(const unsigned char *input, int len, int hashAlg, unsigned char *output); 123 int GetHashUnitLen(int hashAlg); 124 char *GetSignBlockByType(const SignatureInfo *signInfo, int fp, int blockType, int *len, BlockHead *blockHead); 125 126 #ifdef __cplusplus 127 #if __cplusplus 128 } 129 #endif 130 #endif 131 132 #endif 133