1 /*
2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #include "hks_config.h"
20 #endif
21
22 #include "hks_api.h"
23
24 #include <stddef.h>
25 #include <string.h>
26
27 #include "hks_api_adapter.h"
28 #include "hks_client_ipc.h"
29 #include "hks_local_engine.h"
30 #include "hks_ability.h"
31 #include "hks_log.h"
32 #include "hks_param.h"
33 #include "hks_template.h"
34 #include "hks_type.h"
35 #include "securec.h"
36
37 #ifdef HKS_SUPPORT_API_ATTEST_KEY
38 #include "hks_verifier.h"
39 #endif
40
41 #ifdef _CUT_AUTHENTICATE_
42 #undef HKS_SUPPORT_API_GENERATE_KEY
43 #undef HKS_SUPPORT_API_IMPORT
44 #undef HKS_SUPPORT_API_EXPORT
45 #undef HKS_SUPPORT_API_DELETE_KEY
46 #undef HKS_SUPPORT_API_GET_KEY_PARAM_SET
47 #undef HKS_SUPPORT_API_KEY_EXIST
48 #undef HKS_SUPPORT_API_SIGN_VERIFY
49 #undef HKS_SUPPORT_API_SIGN_VERIFY
50 #undef HKS_SUPPORT_API_AGREE_KEY
51 #undef HKS_SUPPORT_API_HASH
52 #undef HKS_SUPPORT_API_GET_KEY_INFO_LIST
53 #undef HKS_SUPPORT_API_ATTEST_KEY
54 #undef HKS_SUPPORT_API_GET_CERTIFICATE_CHAIN
55 #endif
56
HksGetSdkVersion(struct HksBlob * sdkVersion)57 HKS_API_EXPORT int32_t HksGetSdkVersion(struct HksBlob *sdkVersion)
58 {
59 if ((sdkVersion == NULL) || (sdkVersion->data == NULL)) {
60 return HKS_ERROR_NULL_POINTER;
61 }
62
63 uint32_t versionLen = strlen(HKS_SDK_VERSION);
64 if (sdkVersion->size < (versionLen + 1)) {
65 return HKS_ERROR_INVALID_ARGUMENT;
66 }
67
68 (void)memcpy_s(sdkVersion->data, sdkVersion->size, HKS_SDK_VERSION, versionLen);
69
70 sdkVersion->data[versionLen] = '\0';
71 sdkVersion->size = versionLen;
72 return HKS_SUCCESS;
73 }
74
HksInitialize(void)75 HKS_API_EXPORT int32_t HksInitialize(void)
76 {
77 #ifndef _CUT_AUTHENTICATE_
78 HKS_LOG_I("enter initialize");
79 int32_t ret = HksClientInitialize();
80 HKS_LOG_I("leave initialize, result = %" LOG_PUBLIC "d", ret);
81 return ret;
82 #else
83 (void)HksCryptoAbilityInit();
84 return HKS_SUCCESS;
85 #endif
86 }
87
HksRefreshKeyInfo(void)88 HKS_API_EXPORT int32_t HksRefreshKeyInfo(void)
89 {
90 #ifndef _CUT_AUTHENTICATE_
91 HKS_LOG_I("enter refresh key info");
92 int32_t ret = HksClientRefreshKeyInfo();
93 HKS_LOG_I("leave refresh key info, result = %" LOG_PUBLIC "d", ret);
94 return ret;
95 #else
96 return HKS_ERROR_API_NOT_SUPPORTED;
97 #endif
98 }
99
HksGenerateKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSetIn,struct HksParamSet * paramSetOut)100 HKS_API_EXPORT int32_t HksGenerateKey(const struct HksBlob *keyAlias,
101 const struct HksParamSet *paramSetIn, struct HksParamSet *paramSetOut)
102 {
103 #ifdef HKS_SUPPORT_API_GENERATE_KEY
104 HKS_LOG_I("enter generate key");
105 struct HksParam *storageFlag = NULL;
106 int32_t ret = HksGetParam(paramSetIn, HKS_TAG_KEY_STORAGE_FLAG, &storageFlag);
107 if ((ret == HKS_SUCCESS) && (storageFlag->uint32Param == HKS_STORAGE_TEMP)) {
108 if ((paramSetIn == NULL) || (paramSetOut == NULL)) {
109 return HKS_ERROR_NULL_POINTER;
110 }
111 ret = HksLocalGenerateKey(paramSetIn, paramSetOut);
112 HKS_LOG_I("leave generate temp key, result = %" LOG_PUBLIC "d", ret);
113 return ret;
114 }
115
116 /* generate persistent keys */
117 if ((paramSetIn == NULL) || (keyAlias == NULL)) {
118 return HKS_ERROR_NULL_POINTER;
119 }
120 ret = HksClientGenerateKey(keyAlias, paramSetIn, paramSetOut);
121 HKS_LOG_I("leave generate persistent key, result = %" LOG_PUBLIC "d", ret);
122 return ret;
123 #else
124 (void)keyAlias;
125 (void)paramSetIn;
126 (void)paramSetOut;
127 return HKS_ERROR_API_NOT_SUPPORTED;
128 #endif
129 }
130
HksImportKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,const struct HksBlob * key)131 HKS_API_EXPORT int32_t HksImportKey(const struct HksBlob *keyAlias,
132 const struct HksParamSet *paramSet, const struct HksBlob *key)
133 {
134 #ifdef HKS_SUPPORT_API_IMPORT
135 HKS_LOG_I("enter import key");
136 if ((keyAlias == NULL) || (paramSet == NULL) || (key == NULL)) {
137 return HKS_ERROR_NULL_POINTER;
138 }
139 int32_t ret = HksImportKeyAdapter(keyAlias, paramSet, key);
140 HKS_LOG_I("leave import key, result = %" LOG_PUBLIC "d", ret);
141 return ret;
142 #else
143 (void)keyAlias;
144 (void)paramSet;
145 (void)key;
146 return HKS_ERROR_API_NOT_SUPPORTED;
147 #endif
148 }
149
HksImportWrappedKey(const struct HksBlob * keyAlias,const struct HksBlob * wrappingKeyAlias,const struct HksParamSet * paramSet,const struct HksBlob * wrappedKeyData)150 HKS_API_EXPORT int32_t HksImportWrappedKey(const struct HksBlob *keyAlias, const struct HksBlob *wrappingKeyAlias,
151 const struct HksParamSet *paramSet, const struct HksBlob *wrappedKeyData)
152 {
153 #ifdef HKS_SUPPORT_API_IMPORT_WRAPPED_KEY
154 HKS_LOG_I("enter import wrapped key");
155 if ((keyAlias == NULL) || (wrappingKeyAlias == NULL)|| (paramSet == NULL) || (wrappedKeyData == NULL)) {
156 return HKS_ERROR_NULL_POINTER;
157 }
158
159 int32_t ret = HksClientImportWrappedKey(keyAlias, wrappingKeyAlias, paramSet, wrappedKeyData);
160
161 HKS_LOG_I("leave import wrapped key, result = %" LOG_PUBLIC "d", ret);
162 return ret;
163 #else
164 (void)keyAlias;
165 (void)wrappingKeyAlias;
166 (void)paramSet;
167 (void)wrappedKeyData;
168 return HKS_ERROR_API_NOT_SUPPORTED;
169 #endif
170 }
171
HksExportPublicKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksBlob * key)172 HKS_API_EXPORT int32_t HksExportPublicKey(const struct HksBlob *keyAlias,
173 const struct HksParamSet *paramSet, struct HksBlob *key)
174 {
175 #ifdef HKS_SUPPORT_API_EXPORT
176 HKS_LOG_I("enter export public key");
177 if ((keyAlias == NULL) || (key == NULL)) {
178 return HKS_ERROR_NULL_POINTER;
179 }
180 int32_t ret = HksExportPublicKeyAdapter(keyAlias, paramSet, key);
181
182 HKS_LOG_I("leave export public key, result = %" LOG_PUBLIC "d", ret);
183 return ret;
184 #else
185 (void)keyAlias;
186 (void)paramSet;
187 (void)key;
188 return HKS_ERROR_API_NOT_SUPPORTED;
189 #endif
190 }
191
HksDeleteKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet)192 HKS_API_EXPORT int32_t HksDeleteKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet)
193 {
194 #ifdef HKS_SUPPORT_API_DELETE_KEY
195 HKS_LOG_I("enter delete key");
196 HKS_IF_NULL_RETURN(keyAlias, HKS_ERROR_NULL_POINTER)
197 int32_t ret = HksClientDeleteKey(keyAlias, paramSet);
198 HKS_LOG_I("leave delete key, result = %" LOG_PUBLIC "d", ret);
199 return ret;
200 #else
201 (void)keyAlias;
202 (void)paramSet;
203 return HKS_ERROR_API_NOT_SUPPORTED;
204 #endif
205 }
206
HksGetKeyParamSet(const struct HksBlob * keyAlias,const struct HksParamSet * paramSetIn,struct HksParamSet * paramSetOut)207 HKS_API_EXPORT int32_t HksGetKeyParamSet(const struct HksBlob *keyAlias,
208 const struct HksParamSet *paramSetIn, struct HksParamSet *paramSetOut)
209 {
210 #ifdef HKS_SUPPORT_API_GET_KEY_PARAM_SET
211 HKS_LOG_I("enter get key paramset");
212 (void)paramSetIn;
213 if ((keyAlias == NULL) || (paramSetOut == NULL)) {
214 return HKS_ERROR_NULL_POINTER;
215 }
216 int32_t ret = HksClientGetKeyParamSet(keyAlias, paramSetOut);
217 HKS_LOG_I("leave get key paramset, result = %" LOG_PUBLIC "d", ret);
218 return ret;
219 #else
220 (void)keyAlias;
221 (void)paramSetIn;
222 (void)paramSetOut;
223 return HKS_ERROR_API_NOT_SUPPORTED;
224 #endif
225 }
226
HksKeyExist(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet)227 HKS_API_EXPORT int32_t HksKeyExist(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet)
228 {
229 #ifdef HKS_SUPPORT_API_KEY_EXIST
230 HKS_LOG_I("enter check key exist");
231 HKS_IF_NULL_RETURN(keyAlias, HKS_ERROR_NULL_POINTER)
232 int32_t ret = HksClientKeyExist(keyAlias, paramSet);
233 HKS_LOG_I("leave check key exist, result = %" LOG_PUBLIC "d", ret);
234 return ret;
235 #else
236 (void)keyAlias;
237 (void)paramSet;
238 return HKS_ERROR_API_NOT_SUPPORTED;
239 #endif
240 }
241
HksGenerateRandom(const struct HksParamSet * paramSet,struct HksBlob * random)242 HKS_API_EXPORT int32_t HksGenerateRandom(const struct HksParamSet *paramSet, struct HksBlob *random)
243 {
244 #ifdef HKS_SUPPORT_API_GENERATE_RANDOM
245 HKS_LOG_I("enter generate random");
246 HKS_IF_NULL_RETURN(random, HKS_ERROR_NULL_POINTER)
247
248 int32_t ret = HksClientGenerateRandom(random, paramSet);
249 HKS_LOG_I("leave generate random, result = %" LOG_PUBLIC "d", ret);
250 return ret;
251 #else
252 (void)paramSet;
253 (void)random;
254 return HKS_ERROR_API_NOT_SUPPORTED;
255 #endif
256 }
257
HksSign(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * srcData,struct HksBlob * signature)258 HKS_API_EXPORT int32_t HksSign(const struct HksBlob *key, const struct HksParamSet *paramSet,
259 const struct HksBlob *srcData, struct HksBlob *signature)
260 {
261 #ifdef HKS_SUPPORT_API_SIGN_VERIFY
262 HKS_LOG_I("enter sign");
263 if ((key == NULL) || (paramSet == NULL) || (srcData == NULL) || (signature == NULL)) {
264 return HKS_ERROR_NULL_POINTER;
265 }
266
267 struct HksParam *isKeyAlias = NULL;
268 int32_t ret = HksGetParam(paramSet, HKS_TAG_IS_KEY_ALIAS, &isKeyAlias);
269 if ((ret == HKS_SUCCESS) && (!isKeyAlias->boolParam)) {
270 return HksLocalSign(key, paramSet, srcData, signature);
271 }
272
273 return HksClientSign(key, paramSet, srcData, signature);
274 #else
275 (void)key;
276 (void)paramSet;
277 (void)srcData;
278 (void)signature;
279 return HKS_ERROR_API_NOT_SUPPORTED;
280 #endif
281 }
282
HksVerify(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * srcData,const struct HksBlob * signature)283 HKS_API_EXPORT int32_t HksVerify(const struct HksBlob *key, const struct HksParamSet *paramSet,
284 const struct HksBlob *srcData, const struct HksBlob *signature)
285 {
286 #ifdef HKS_SUPPORT_API_SIGN_VERIFY
287 HKS_LOG_I("enter verify");
288 if ((key == NULL) || (paramSet == NULL) || (srcData == NULL) || (signature == NULL)) {
289 return HKS_ERROR_NULL_POINTER;
290 }
291
292 struct HksParam *isKeyAlias = NULL;
293 int32_t ret = HksGetParam(paramSet, HKS_TAG_IS_KEY_ALIAS, &isKeyAlias);
294 if ((ret == HKS_SUCCESS) && (!isKeyAlias->boolParam)) {
295 ret = HksLocalVerify(key, paramSet, srcData, signature);
296 HKS_LOG_I("leave verify with plain key, result = %" LOG_PUBLIC "d", ret);
297 return ret;
298 }
299 ret = HksClientVerify(key, paramSet, srcData, signature);
300 HKS_LOG_I("leave verify with persistent key, result = %" LOG_PUBLIC "d", ret);
301 return ret;
302 #else
303 (void)key;
304 (void)paramSet;
305 (void)srcData;
306 (void)signature;
307 return HKS_ERROR_API_NOT_SUPPORTED;
308 #endif
309 }
310
HksEncrypt(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * plainText,struct HksBlob * cipherText)311 HKS_API_EXPORT int32_t HksEncrypt(const struct HksBlob *key, const struct HksParamSet *paramSet,
312 const struct HksBlob *plainText, struct HksBlob *cipherText)
313 {
314 #ifdef HKS_SUPPORT_API_CIPHER
315 HKS_LOG_I("enter encrypt");
316 if ((key == NULL) || (paramSet == NULL) || (plainText == NULL) || (cipherText == NULL)) {
317 return HKS_ERROR_NULL_POINTER;
318 }
319
320 struct HksParam *isKeyAlias = NULL;
321 int32_t ret = HksGetParam(paramSet, HKS_TAG_IS_KEY_ALIAS, &isKeyAlias);
322 if ((ret == HKS_SUCCESS) && (!isKeyAlias->boolParam)) {
323 ret = HksLocalEncrypt(key, paramSet, plainText, cipherText);
324 HKS_LOG_I("leave encrypt with plain key, result = %" LOG_PUBLIC "d", ret);
325 return ret;
326 }
327 #ifndef _CUT_AUTHENTICATE_
328 ret = HksClientEncrypt(key, paramSet, plainText, cipherText);
329 HKS_LOG_I("leave encrypt with persistent key, result = %" LOG_PUBLIC "d", ret);
330 return ret;
331 #else
332 return HKS_ERROR_NOT_SUPPORTED;
333 #endif
334 #else
335 (void)key;
336 (void)paramSet;
337 (void)plainText;
338 (void)cipherText;
339 return HKS_ERROR_API_NOT_SUPPORTED;
340 #endif
341 }
342
HksDecrypt(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * cipherText,struct HksBlob * plainText)343 HKS_API_EXPORT int32_t HksDecrypt(const struct HksBlob *key, const struct HksParamSet *paramSet,
344 const struct HksBlob *cipherText, struct HksBlob *plainText)
345 {
346 #ifdef HKS_SUPPORT_API_CIPHER
347 HKS_LOG_I("enter decrypt");
348 if ((key == NULL) || (paramSet == NULL) || (cipherText == NULL) || (plainText == NULL)) {
349 return HKS_ERROR_NULL_POINTER;
350 }
351
352 struct HksParam *isKeyAlias = NULL;
353 int32_t ret = HksGetParam(paramSet, HKS_TAG_IS_KEY_ALIAS, &isKeyAlias);
354 if ((ret == HKS_SUCCESS) && (!isKeyAlias->boolParam)) {
355 ret = HksLocalDecrypt(key, paramSet, cipherText, plainText);
356 HKS_LOG_I("leave decrypt with plain key, result = %" LOG_PUBLIC "d", ret);
357 return ret;
358 }
359 #ifndef _CUT_AUTHENTICATE_
360 ret = HksClientDecrypt(key, paramSet, cipherText, plainText);
361 HKS_LOG_I("leave decrypt with persistent key, result = %" LOG_PUBLIC "d", ret);
362 return ret;
363 #else
364 return HKS_ERROR_NOT_SUPPORTED;
365 #endif
366 #else
367 (void)key;
368 (void)paramSet;
369 (void)plainText;
370 (void)cipherText;
371 return HKS_ERROR_API_NOT_SUPPORTED;
372 #endif
373 }
374
HksAgreeKey(const struct HksParamSet * paramSet,const struct HksBlob * privateKey,const struct HksBlob * peerPublicKey,struct HksBlob * agreedKey)375 HKS_API_EXPORT int32_t HksAgreeKey(const struct HksParamSet *paramSet, const struct HksBlob *privateKey,
376 const struct HksBlob *peerPublicKey, struct HksBlob *agreedKey)
377 {
378 #ifdef HKS_SUPPORT_API_AGREE_KEY
379 HKS_LOG_I("enter agree key");
380 if ((paramSet == NULL) || (privateKey == NULL) || (peerPublicKey == NULL) || (agreedKey == NULL)) {
381 return HKS_ERROR_NULL_POINTER;
382 }
383
384 struct HksParam *isKeyAlias = NULL;
385 int32_t ret = HksGetParam(paramSet, HKS_TAG_IS_KEY_ALIAS, &isKeyAlias);
386 if ((ret == HKS_SUCCESS) && (!isKeyAlias->boolParam)) {
387 ret = HksLocalAgreeKey(paramSet, privateKey, peerPublicKey, agreedKey);
388 HKS_LOG_I("leave agree key with plain key, result = %" LOG_PUBLIC "d", ret);
389 return ret;
390 }
391
392 ret = HksAgreeKeyAdapter(paramSet, privateKey, peerPublicKey, agreedKey);
393 HKS_LOG_I("leave agree key with persistent key, result = %" LOG_PUBLIC "d", ret);
394 return ret;
395 #else
396 (void)paramSet;
397 (void)privateKey;
398 (void)peerPublicKey;
399 (void)agreedKey;
400 return HKS_ERROR_API_NOT_SUPPORTED;
401 #endif
402 }
403
HksDeriveKey(const struct HksParamSet * paramSet,const struct HksBlob * mainKey,struct HksBlob * derivedKey)404 HKS_API_EXPORT int32_t HksDeriveKey(const struct HksParamSet *paramSet, const struct HksBlob *mainKey,
405 struct HksBlob *derivedKey)
406 {
407 #ifdef HKS_SUPPORT_API_DERIVE_KEY
408 HKS_LOG_I("enter derive key");
409 if ((paramSet == NULL) || (mainKey == NULL) || (derivedKey == NULL)) {
410 return HKS_ERROR_NULL_POINTER;
411 }
412
413 struct HksParam *isKeyAlias = NULL;
414 int32_t ret = HksGetParam(paramSet, HKS_TAG_IS_KEY_ALIAS, &isKeyAlias);
415 if ((ret == HKS_SUCCESS) && (!isKeyAlias->boolParam)) {
416 ret = HksLocalDeriveKey(paramSet, mainKey, derivedKey);
417 HKS_LOG_I("leave derive key with plain key, result = %" LOG_PUBLIC "d", ret);
418 return ret;
419 }
420 #ifndef _CUT_AUTHENTICATE_
421 ret = HksClientDeriveKey(paramSet, mainKey, derivedKey);
422 HKS_LOG_I("leave derive key with persistent key, result = %" LOG_PUBLIC "d", ret);
423 return ret;
424 #else
425 return HKS_ERROR_NOT_SUPPORTED;
426 #endif
427 #else
428 (void)paramSet;
429 (void)mainKey;
430 (void)derivedKey;
431 return HKS_ERROR_API_NOT_SUPPORTED;
432 #endif
433 }
434
HksMac(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * srcData,struct HksBlob * mac)435 HKS_API_EXPORT int32_t HksMac(const struct HksBlob *key, const struct HksParamSet *paramSet,
436 const struct HksBlob *srcData, struct HksBlob *mac)
437 {
438 #ifdef HKS_SUPPORT_API_MAC
439 HKS_LOG_I("enter mac");
440 if ((key == NULL) || (paramSet == NULL) || (srcData == NULL) || (mac == NULL)) {
441 return HKS_ERROR_NULL_POINTER;
442 }
443
444 struct HksParam *isKeyAlias = NULL;
445 int32_t ret = HksGetParam(paramSet, HKS_TAG_IS_KEY_ALIAS, &isKeyAlias);
446 if ((ret == HKS_SUCCESS) && (!isKeyAlias->boolParam)) {
447 ret = HksLocalMac(key, paramSet, srcData, mac);
448 HKS_LOG_I("leave mac with plain key, result = %" LOG_PUBLIC "d", ret);
449 return ret;
450 }
451 #ifndef _CUT_AUTHENTICATE_
452 ret = HksClientMac(key, paramSet, srcData, mac);
453 HKS_LOG_I("leave mac with persistent key, result = %" LOG_PUBLIC "d", ret);
454 return ret;
455 #else
456 return HKS_ERROR_NOT_SUPPORTED;
457 #endif
458 #else
459 (void)key;
460 (void)paramSet;
461 (void)srcData;
462 (void)mac;
463 return HKS_ERROR_API_NOT_SUPPORTED;
464 #endif
465 }
466
HksHash(const struct HksParamSet * paramSet,const struct HksBlob * srcData,struct HksBlob * hash)467 HKS_API_EXPORT int32_t HksHash(const struct HksParamSet *paramSet,
468 const struct HksBlob *srcData, struct HksBlob *hash)
469 {
470 #ifdef HKS_SUPPORT_API_HASH
471 HKS_LOG_I("enter hash");
472 if ((paramSet == NULL) || (srcData == NULL) || (hash == NULL)) {
473 return HKS_ERROR_NULL_POINTER;
474 }
475 int32_t ret = HksLocalHash(paramSet, srcData, hash);
476 HKS_LOG_I("leave hash, result = %" LOG_PUBLIC "d", ret);
477 return ret;
478 #else
479 (void)paramSet;
480 (void)srcData;
481 (void)hash;
482 return HKS_ERROR_API_NOT_SUPPORTED;
483 #endif
484 }
485
HksGetKeyInfoList(const struct HksParamSet * paramSet,struct HksKeyInfo * keyInfoList,uint32_t * listCount)486 HKS_API_EXPORT int32_t HksGetKeyInfoList(const struct HksParamSet *paramSet,
487 struct HksKeyInfo *keyInfoList, uint32_t *listCount)
488 {
489 #ifdef HKS_SUPPORT_API_GET_KEY_INFO_LIST
490 HKS_LOG_I("enter get key info list");
491 (void)paramSet;
492 if ((keyInfoList == NULL) || (listCount == NULL)) {
493 return HKS_ERROR_NULL_POINTER;
494 }
495 int32_t ret = HksClientGetKeyInfoList(keyInfoList, listCount);
496 HKS_LOG_I("leave get key info list, result = %" LOG_PUBLIC "d", ret);
497 return ret;
498 #else
499 (void)paramSet;
500 (void)keyInfoList;
501 (void)listCount;
502 return HKS_ERROR_API_NOT_SUPPORTED;
503 #endif
504 }
505
HksAttestKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksCertChain * certChain)506 HKS_API_EXPORT int32_t HksAttestKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
507 struct HksCertChain *certChain)
508 {
509 #ifdef HKS_SUPPORT_API_ATTEST_KEY
510 HKS_LOG_I("enter attest key");
511 if ((keyAlias == NULL) || (paramSet == NULL) || (certChain == NULL)) {
512 return HKS_ERROR_NULL_POINTER;
513 }
514 int32_t ret = HksClientAttestKey(keyAlias, paramSet, certChain);
515 HKS_LOG_I("leave attest key, result = %" LOG_PUBLIC "d", ret);
516 return ret;
517 #else
518 (void)keyAlias;
519 (void)paramSet;
520 (void)certChain;
521 return HKS_ERROR_API_NOT_SUPPORTED;
522 #endif
523 }
524
HksGetCertificateChain(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksCertChain * certChain)525 HKS_API_EXPORT int32_t HksGetCertificateChain(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
526 struct HksCertChain *certChain)
527 {
528 (void)keyAlias;
529 (void)paramSet;
530 (void)certChain;
531 return HKS_ERROR_API_NOT_SUPPORTED;
532 }
533
HksWrapKey(const struct HksBlob * keyAlias,const struct HksBlob * targetKeyAlias,const struct HksParamSet * paramSet,struct HksBlob * wrappedData)534 HKS_API_EXPORT int32_t HksWrapKey(const struct HksBlob *keyAlias, const struct HksBlob *targetKeyAlias,
535 const struct HksParamSet *paramSet, struct HksBlob *wrappedData)
536 {
537 (void)keyAlias;
538 (void)targetKeyAlias;
539 (void)paramSet;
540 (void)wrappedData;
541 return HKS_ERROR_API_NOT_SUPPORTED;
542 }
543
HksUnwrapKey(const struct HksBlob * keyAlias,const struct HksBlob * targetKeyAlias,const struct HksBlob * wrappedData,const struct HksParamSet * paramSet)544 HKS_API_EXPORT int32_t HksUnwrapKey(const struct HksBlob *keyAlias, const struct HksBlob *targetKeyAlias,
545 const struct HksBlob *wrappedData, const struct HksParamSet *paramSet)
546 {
547 (void)keyAlias;
548 (void)targetKeyAlias;
549 (void)paramSet;
550 (void)wrappedData;
551 return HKS_ERROR_API_NOT_SUPPORTED;
552 }
553
HksBnExpMod(struct HksBlob * x,const struct HksBlob * a,const struct HksBlob * e,const struct HksBlob * n)554 HKS_API_EXPORT int32_t HksBnExpMod(struct HksBlob *x, const struct HksBlob *a,
555 const struct HksBlob *e, const struct HksBlob *n)
556 {
557 #ifdef HKS_SUPPORT_API_BN_EXP_MOD
558 HKS_LOG_I("enter bn exp mod");
559 if ((x == NULL) || (a == NULL) || (e == NULL) || (n == NULL)) {
560 return HKS_ERROR_NULL_POINTER;
561 }
562
563 int32_t ret = HksLocalBnExpMod(x, a, e, n);
564 HKS_LOG_I("leave bn exp mod key, result = %" LOG_PUBLIC "d", ret);
565 return ret;
566 #else
567 (void)x;
568 (void)a;
569 (void)e;
570 (void)n;
571 return HKS_ERROR_API_NOT_SUPPORTED;
572 #endif
573 }
574
575 /*
576 * Currently, the device certificate and device key are implemented using stubs.
577 * By default, the device key exists.
578 */
HcmIsDeviceKeyExist(const struct HksParamSet * paramSet)579 HKS_API_EXPORT int32_t HcmIsDeviceKeyExist(const struct HksParamSet *paramSet)
580 {
581 (void)paramSet;
582 return HKS_SUCCESS;
583 }
584
HksValidateCertChain(const struct HksCertChain * certChain,struct HksParamSet * paramSetOut)585 HKS_API_EXPORT int32_t HksValidateCertChain(const struct HksCertChain *certChain, struct HksParamSet *paramSetOut)
586 {
587 #ifdef HKS_SUPPORT_API_ATTEST_KEY
588 HKS_LOG_I("enter validate cert chain");
589 if ((paramSetOut == NULL) || (certChain == NULL)) {
590 return HKS_ERROR_NULL_POINTER;
591 }
592 int32_t ret = HksClientValidateCertChain(certChain, paramSetOut);
593 HKS_LOG_I("leave validate cert chain, result = %" LOG_PUBLIC "d", ret);
594 return ret;
595 #else
596 (void)certChain;
597 (void)paramSetOut;
598 return HKS_ERROR_API_NOT_SUPPORTED;
599 #endif
600 }
601
HksInit(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksBlob * handle,struct HksBlob * token)602 HKS_API_EXPORT int32_t HksInit(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
603 struct HksBlob *handle, struct HksBlob *token)
604 {
605 HKS_LOG_I("enter init operation");
606 if ((keyAlias == NULL) || (paramSet == NULL) || (handle == NULL)) { /* token can be null */
607 HKS_LOG_E("the pointer param entered is invalid");
608 return HKS_ERROR_NULL_POINTER;
609 }
610
611 int32_t ret = HksClientInit(keyAlias, paramSet, handle, token);
612 HKS_LOG_I("leave init operation, result = %" LOG_PUBLIC "d", ret);
613 return ret;
614 }
615
HksUpdate(const struct HksBlob * handle,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData)616 HKS_API_EXPORT int32_t HksUpdate(const struct HksBlob *handle, const struct HksParamSet *paramSet,
617 const struct HksBlob *inData, struct HksBlob *outData)
618 {
619 HKS_LOG_I("enter update operation");
620 if ((handle == NULL) || (paramSet == NULL) || (inData == NULL) || (outData == NULL)) {
621 HKS_LOG_E("the pointer param entered is invalid");
622 return HKS_ERROR_NULL_POINTER;
623 }
624
625 int32_t ret = HksClientUpdate(handle, paramSet, inData, outData);
626 HKS_LOG_I("leave update operation, result = %" LOG_PUBLIC "d", ret);
627 return ret;
628 }
629
HksFinish(const struct HksBlob * handle,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData)630 HKS_API_EXPORT int32_t HksFinish(const struct HksBlob *handle, const struct HksParamSet *paramSet,
631 const struct HksBlob *inData, struct HksBlob *outData)
632 {
633 HKS_LOG_I("enter finish operation");
634 if ((handle == NULL) || (paramSet == NULL) || (inData == NULL) || (outData == NULL)) {
635 HKS_LOG_E("the pointer param entered is invalid");
636 return HKS_ERROR_NULL_POINTER;
637 }
638
639 int32_t ret = HksClientFinish(handle, paramSet, inData, outData);
640 HKS_LOG_I("leave finish operation, result = %" LOG_PUBLIC "d", ret);
641 return ret;
642 }
643
HksAbort(const struct HksBlob * handle,const struct HksParamSet * paramSet)644 HKS_API_EXPORT int32_t HksAbort(const struct HksBlob *handle, const struct HksParamSet *paramSet)
645 {
646 HKS_LOG_I("enter abort operation");
647 if ((handle == NULL) || (paramSet == NULL)) {
648 HKS_LOG_E("the pointer param entered is invalid");
649 return HKS_ERROR_NULL_POINTER;
650 }
651
652 int32_t ret = HksClientAbort(handle, paramSet);
653 HKS_LOG_I("leave abort operation, result = %" LOG_PUBLIC "d", ret);
654 return ret;
655 }
656
657