1 /*
2 * Copyright (C) 2021 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "pake_v1_protocol_task_common.h"
17 #include "das_standard_token_manager.h"
18 #include "das_task_common.h"
19 #include "hc_log.h"
20 #include "hc_types.h"
21 #include "protocol_common.h"
22 #include "pake_v1_protocol_common.h"
23 #include "pake_task_common.h"
24
25 #define ASCII_CASE_DIFFERENCE_VALUE 32
26
DestroyDasPakeV1Params(PakeParams * params)27 void DestroyDasPakeV1Params(PakeParams *params)
28 {
29 if (params == NULL) {
30 return;
31 }
32
33 DestroyPakeV1BaseParams(&(params->baseParams));
34
35 if (params->returnKey.val != NULL) {
36 (void)memset_s(params->returnKey.val, params->returnKey.length, 0, params->returnKey.length);
37 HcFree(params->returnKey.val);
38 params->returnKey.val = NULL;
39 }
40
41 HcFree(params->packageName);
42 params->packageName = NULL;
43
44 HcFree(params->serviceType);
45 params->serviceType = NULL;
46
47 HcFree(params->nonce.val);
48 params->nonce.val = NULL;
49 }
50
AllocReturnKey(PakeParams * params,const CJson * in)51 static int32_t AllocReturnKey(PakeParams *params, const CJson *in)
52 {
53 if (params->opCode == OP_UNBIND) {
54 params->returnKey.val = NULL;
55 params->returnKey.length = 0;
56 return HC_SUCCESS;
57 }
58 int32_t res = GetIntFromJson(in, FIELD_KEY_LENGTH, (int *)&(params->returnKey.length));
59 if (res != HC_SUCCESS) {
60 LOGD("Get key length failed, use default, res: %d", res);
61 params->returnKey.length = DEFAULT_RETURN_KEY_LENGTH;
62 }
63 if (params->returnKey.length < MIN_OUTPUT_KEY_LEN || params->returnKey.length > MAX_OUTPUT_KEY_LEN) {
64 LOGE("Output key length is invalid.");
65 return HC_ERR_INVALID_LEN;
66 }
67 res = InitSingleParam(¶ms->returnKey, params->returnKey.length);
68 if (res != HC_SUCCESS) {
69 LOGE("InitSingleParam for returnKey failed, res: %d.", res);
70 }
71 return res;
72 }
73
InitDasPakeV1Params(PakeParams * params,const CJson * in)74 int32_t InitDasPakeV1Params(PakeParams *params, const CJson *in)
75 {
76 int32_t res = InitPakeV1BaseParams(&(params->baseParams));
77 if (res != HC_SUCCESS) {
78 LOGE("InitPakeV1BaseParams failed, res: %d.", res);
79 goto ERR;
80 }
81
82 res = FillDasPakeParams(params, in);
83 if (res != HC_SUCCESS) {
84 LOGE("FillDasPakeParams failed, res: %d.", res);
85 goto ERR;
86 }
87
88 res = AllocReturnKey(params, in);
89 if (res != HC_SUCCESS) {
90 LOGE("AllocReturnKey failed, res: %d.", res);
91 goto ERR;
92 }
93
94 return HC_SUCCESS;
95 ERR:
96 DestroyDasPakeV1Params(params);
97 return res;
98 }
99
UpperToLowercase(Uint8Buff * hex)100 static void UpperToLowercase(Uint8Buff *hex)
101 {
102 for (uint32_t i = 0; i < hex->length; i++) {
103 if (hex->val[i] >= 'A' && hex->val[i] <= 'F') {
104 hex->val[i] += ASCII_CASE_DIFFERENCE_VALUE;
105 }
106 }
107 }
108
ConvertPsk(const Uint8Buff * srcPsk,PakeParams * params)109 static int32_t ConvertPsk(const Uint8Buff *srcPsk, PakeParams *params)
110 {
111 int res = InitSingleParam(&(params->baseParams.psk), PAKE_PSK_LEN * BYTE_TO_HEX_OPER_LENGTH + 1);
112 if (res != HC_SUCCESS) {
113 LOGE("InitSingleParam for psk failed, res: %d.", res);
114 return res;
115 }
116
117 if (ByteToHexString(srcPsk->val, srcPsk->length, (char *)params->baseParams.psk.val,
118 params->baseParams.psk.length) != HC_SUCCESS) {
119 LOGE("Convert psk from byte to hex string failed.");
120 return HC_ERR_CONVERT_FAILED;
121 }
122 params->baseParams.psk.length = params->baseParams.psk.length - 1; // do not need include '\0' when using psk
123 (void)UpperToLowercase(&(params->baseParams.psk));
124 return res;
125 }
126
FillPskWithDerivedKeyHex(PakeParams * params)127 int32_t FillPskWithDerivedKeyHex(PakeParams *params)
128 {
129 int32_t res;
130 if (!(params->baseParams.isClient)) {
131 res = params->baseParams.loader->generateRandom(&(params->nonce));
132 if (res != HC_SUCCESS) {
133 LOGE("Generate nonce failed, res: %d.", res);
134 return res;
135 }
136 }
137 uint8_t pskKeyAliasVal[PAKE_KEY_ALIAS_LEN] = { 0 };
138 Uint8Buff pskKeyAlias = { pskKeyAliasVal, PAKE_KEY_ALIAS_LEN };
139 Uint8Buff packageName = { (uint8_t *)params->packageName, strlen(params->packageName) };
140 Uint8Buff serviceType = { (uint8_t *)params->serviceType, strlen(params->serviceType) };
141 res = GenerateKeyAlias(&packageName, &serviceType, KEY_ALIAS_PSK, &(params->baseParams.idPeer), &pskKeyAlias);
142 if (res != HC_SUCCESS) {
143 LOGE("GenerateKeyAlias for psk failed, res: %d.", res);
144 return res;
145 }
146
147 LOGI("Psk alias(HEX): %x%x%x%x****.", pskKeyAliasVal[0], pskKeyAliasVal[1], pskKeyAliasVal[2], pskKeyAliasVal[3]);
148 if (params->baseParams.loader->checkKeyExist(&pskKeyAlias) != HC_SUCCESS) {
149 res = GetStandardTokenManagerInstance()->computeAndSavePsk(params);
150 if (res != HC_SUCCESS) {
151 LOGE("ComputeAndSavePsk failed, res: %d.", res);
152 return res;
153 }
154 }
155
156 Uint8Buff pskByte = { NULL, PAKE_PSK_LEN };
157 pskByte.val = (uint8_t *)HcMalloc(PAKE_PSK_LEN, 0);
158 if (pskByte.val == NULL) {
159 LOGE("Malloc for pskByte failed.");
160 return HC_ERR_ALLOC_MEMORY;
161 }
162 Uint8Buff keyInfo = { (uint8_t *)TMP_AUTH_KEY_FACTOR, strlen(TMP_AUTH_KEY_FACTOR) };
163 res = params->baseParams.loader->computeHkdf(&pskKeyAlias, &(params->nonce), &keyInfo, &pskByte, true);
164 if (res != HC_SUCCESS) {
165 LOGE("ComputeHkdf for psk failed, res: %d.", res);
166 goto ERR;
167 }
168
169 res = ConvertPsk(&pskByte, params);
170 if (res != HC_SUCCESS) {
171 LOGE("ConvertPsk failed, res: %d.", res);
172 goto ERR;
173 }
174 goto OUT;
175 ERR:
176 FreeAndCleanKey(&(params->baseParams.psk));
177 OUT:
178 FreeAndCleanKey(&pskByte);
179 return res;
180 }