• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *    http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "cert_manager_api.h"
17 
18 #include "cm_log.h"
19 #include "cm_mem.h"
20 #include "cm_ipc_client.h"
21 #include "cm_type.h"
22 
CmGetCertList(uint32_t store,struct CertList * certificateList)23 CM_API_EXPORT int32_t CmGetCertList(uint32_t store, struct CertList *certificateList)
24 {
25     CM_LOG_I("enter get certificate list");
26     if (certificateList == NULL) {
27         CM_LOG_E("invalid input arguments");
28         return CMR_ERROR_NULL_POINTER;
29     }
30 
31     if ((certificateList->certAbstract == NULL) || (store != CM_SYSTEM_TRUSTED_STORE)) {
32         CM_LOG_E("invalid input arguments store:%u", store);
33         return CMR_ERROR_INVALID_ARGUMENT;
34     }
35 
36     int32_t ret = CmClientGetCertList(store, certificateList);
37     CM_LOG_I("leave get certificate list, result = %d", ret);
38     return ret;
39 }
40 
CmGetCertInfo(const struct CmBlob * certUri,uint32_t store,struct CertInfo * certificateInfo)41 CM_API_EXPORT int32_t CmGetCertInfo(const struct CmBlob *certUri, uint32_t store,
42     struct CertInfo *certificateInfo)
43 {
44     CM_LOG_I("enter get certificate info");
45     if ((certUri == NULL) || (certificateInfo == NULL)) {
46         CM_LOG_E("invalid input arguments");
47         return CMR_ERROR_NULL_POINTER;
48     }
49 
50     if ((certificateInfo->certInfo.data == NULL) || (certificateInfo->certInfo.size == 0) ||
51         (store != CM_SYSTEM_TRUSTED_STORE)) {
52         CM_LOG_E("invalid input arguments store:%u", store);
53         return CMR_ERROR_INVALID_ARGUMENT;
54     }
55 
56     int32_t ret = CmClientGetCertInfo(certUri, store, certificateInfo);
57     CM_LOG_I("leave get certificate info, result = %d", ret);
58     return ret;
59 }
60 
CmSetCertStatus(const struct CmBlob * certUri,const uint32_t store,const bool status)61 CM_API_EXPORT int32_t CmSetCertStatus(const struct CmBlob *certUri, const uint32_t store,
62     const bool status)
63 {
64     CM_LOG_I("enter set certificate status");
65     if (certUri == NULL) {
66         CM_LOG_E("invalid input arguments");
67         return CMR_ERROR_NULL_POINTER;
68     }
69 
70     if (store != CM_SYSTEM_TRUSTED_STORE) {
71         CM_LOG_E("invalid input arguments store:%u", store);
72         return CMR_ERROR_INVALID_ARGUMENT;
73     }
74 
75     uint32_t uStatus = status ? 0 : 1; // 0 indicates the certificate enabled status
76 
77     int32_t ret = CmClientSetCertStatus(certUri, store, uStatus);
78     CM_LOG_I("leave set certificate status, result = %d", ret);
79     return ret;
80 }
81 
CmInstallAppCert(const struct CmBlob * appCert,const struct CmBlob * appCertPwd,const struct CmBlob * certAlias,const uint32_t store,struct CmBlob * keyUri)82 CM_API_EXPORT int32_t CmInstallAppCert(const struct CmBlob *appCert, const struct CmBlob *appCertPwd,
83     const struct CmBlob *certAlias, const uint32_t store, struct CmBlob *keyUri)
84 {
85     CM_LOG_I("enter install app certificate");
86     if (appCert == NULL || appCertPwd == NULL || certAlias == NULL ||
87         keyUri == NULL || keyUri->data == NULL || (store != CM_CREDENTIAL_STORE &&
88         store != CM_PRI_CREDENTIAL_STORE)) {
89         return CMR_ERROR_INVALID_ARGUMENT;
90     }
91 
92     int32_t ret = CmClientInstallAppCert(appCert, appCertPwd, certAlias, store, keyUri);
93     CM_LOG_I("leave install app certificate, result = %d", ret);
94     return ret;
95 }
96 
CmUninstallAppCert(const struct CmBlob * keyUri,const uint32_t store)97 CM_API_EXPORT int32_t CmUninstallAppCert(const struct CmBlob *keyUri, const uint32_t store)
98 {
99     CM_LOG_I("enter uninstall app certificate");
100     if (keyUri == NULL || (store != CM_CREDENTIAL_STORE &&
101         store != CM_PRI_CREDENTIAL_STORE)) {
102         return CMR_ERROR_INVALID_ARGUMENT;
103     }
104 
105     int32_t ret = CmClientUninstallAppCert(keyUri, store);
106     CM_LOG_I("leave uninstall app certificate, result = %d", ret);
107     return ret;
108 }
109 
CmUninstallAllAppCert(void)110 CM_API_EXPORT int32_t CmUninstallAllAppCert(void)
111 {
112     CM_LOG_I("enter uninstall all app certificate");
113 
114     int32_t ret = CmClientUninstallAllAppCert(CM_MSG_UNINSTALL_ALL_APP_CERTIFICATE);
115 
116     CM_LOG_I("leave uninstall all app certificate, result = %d", ret);
117     return ret;
118 }
119 
CmGetAppCertList(const uint32_t store,struct CredentialList * certificateList)120 CM_API_EXPORT int32_t CmGetAppCertList(const uint32_t store, struct CredentialList *certificateList)
121 {
122     CM_LOG_I("enter get app certificatelist");
123     if (certificateList == NULL || (store != CM_CREDENTIAL_STORE &&
124         store != CM_PRI_CREDENTIAL_STORE)) {
125         return CMR_ERROR_INVALID_ARGUMENT;
126     }
127 
128     int32_t ret = CmClientGetAppCertList(store, certificateList);
129     CM_LOG_I("leave get app certificatelist, result = %d", ret);
130     return ret;
131 }
132 
CmGetAppCert(const struct CmBlob * keyUri,const uint32_t store,struct Credential * certificate)133 CM_API_EXPORT int32_t CmGetAppCert(const struct CmBlob *keyUri, const uint32_t store,
134     struct Credential *certificate)
135 {
136     CM_LOG_I("enter get app certificate");
137     if (keyUri == NULL || certificate == NULL || (store != CM_CREDENTIAL_STORE &&
138         store != CM_PRI_CREDENTIAL_STORE)) {
139         return CMR_ERROR_INVALID_ARGUMENT;
140     }
141 
142     int32_t ret = CmClientGetAppCert(keyUri, store, certificate);
143     CM_LOG_I("leave get app certificate, result = %d", ret);
144     return ret;
145 }
146 
CmGrantAppCertificate(const struct CmBlob * keyUri,uint32_t appUid,struct CmBlob * authUri)147 CM_API_EXPORT int32_t CmGrantAppCertificate(const struct CmBlob *keyUri, uint32_t appUid, struct CmBlob *authUri)
148 {
149     CM_LOG_I("enter grant app certificate");
150     if ((keyUri == NULL) || (authUri == NULL)) {
151         CM_LOG_E("invalid input arguments");
152         return CMR_ERROR_INVALID_ARGUMENT;
153     }
154 
155     int32_t ret = CmClientGrantAppCertificate(keyUri, appUid, authUri);
156     CM_LOG_I("leave grant app certificate, result = %d", ret);
157     return ret;
158 }
159 
CmGetAuthorizedAppList(const struct CmBlob * keyUri,struct CmAppUidList * appUidList)160 CM_API_EXPORT int32_t CmGetAuthorizedAppList(const struct CmBlob *keyUri, struct CmAppUidList *appUidList)
161 {
162     CM_LOG_I("enter get authorized app list");
163     if ((keyUri == NULL) || (appUidList == NULL)) {
164         CM_LOG_E("invalid input arguments");
165         return CMR_ERROR_INVALID_ARGUMENT;
166     }
167 
168     int32_t ret = CmClientGetAuthorizedAppList(keyUri, appUidList);
169     CM_LOG_I("leave get authorized app list, result = %d", ret);
170     return ret;
171 }
172 
CmIsAuthorizedApp(const struct CmBlob * authUri)173 CM_API_EXPORT int32_t CmIsAuthorizedApp(const struct CmBlob *authUri)
174 {
175     CM_LOG_I("enter check is app authed");
176     if (authUri == NULL) {
177         CM_LOG_E("invalid input arguments");
178         return CMR_ERROR_INVALID_ARGUMENT;
179     }
180 
181     int32_t ret = CmClientIsAuthorizedApp(authUri);
182     CM_LOG_I("leave check is app authed, result = %d", ret);
183     return ret;
184 }
185 
CmRemoveGrantedApp(const struct CmBlob * keyUri,uint32_t appUid)186 CM_API_EXPORT int32_t CmRemoveGrantedApp(const struct CmBlob *keyUri, uint32_t appUid)
187 {
188     CM_LOG_I("enter remove granted app");
189     if (keyUri == NULL) {
190         CM_LOG_E("invalid input arguments");
191         return CMR_ERROR_INVALID_ARGUMENT;
192     }
193 
194     int32_t ret = CmClientRemoveGrantedApp(keyUri, appUid);
195     CM_LOG_I("leave remove granted app, result = %d", ret);
196     return ret;
197 }
198 
CmInit(const struct CmBlob * authUri,const struct CmSignatureSpec * spec,struct CmBlob * handle)199 CM_API_EXPORT int32_t CmInit(const struct CmBlob *authUri, const struct CmSignatureSpec *spec, struct CmBlob *handle)
200 {
201     CM_LOG_I("enter cert manager init");
202     if ((authUri == NULL) || (spec == NULL) || (handle == NULL)) {
203         CM_LOG_E("invalid input arguments");
204         return CMR_ERROR_INVALID_ARGUMENT;
205     }
206 
207     int32_t ret = CmClientInit(authUri, spec, handle);
208     CM_LOG_I("leave cert manager init, result = %d", ret);
209     return ret;
210 }
211 
CmUpdate(const struct CmBlob * handle,const struct CmBlob * inData)212 CM_API_EXPORT int32_t CmUpdate(const struct CmBlob *handle, const struct CmBlob *inData)
213 {
214     CM_LOG_I("enter cert manager update");
215     if ((handle == NULL) || (inData == NULL)) {
216         CM_LOG_E("invalid input arguments");
217         return CMR_ERROR_INVALID_ARGUMENT;
218     }
219 
220     int32_t ret = CmClientUpdate(handle, inData);
221     CM_LOG_I("leave cert manager update, result = %d", ret);
222     return ret;
223 }
224 
CmFinish(const struct CmBlob * handle,const struct CmBlob * inData,struct CmBlob * outData)225 CM_API_EXPORT int32_t CmFinish(const struct CmBlob *handle, const struct CmBlob *inData, struct CmBlob *outData)
226 {
227     CM_LOG_I("enter cert manager finish");
228     if ((handle == NULL) || (inData == NULL) || (outData == NULL)) {
229         CM_LOG_E("invalid input arguments");
230         return CMR_ERROR_INVALID_ARGUMENT;
231     }
232 
233     int32_t ret = CmClientFinish(handle, inData, outData);
234     CM_LOG_I("leave cert manager finish, result = %d", ret);
235     return ret;
236 }
237 
CmAbort(const struct CmBlob * handle)238 CM_API_EXPORT int32_t CmAbort(const struct CmBlob *handle)
239 {
240     CM_LOG_I("enter cert manager abort");
241     if (handle == NULL) {
242         CM_LOG_E("invalid input arguments");
243         return CMR_ERROR_INVALID_ARGUMENT;
244     }
245 
246     int32_t ret = CmClientAbort(handle);
247     CM_LOG_I("leave cert manager abort, result = %d", ret);
248     return ret;
249 }
250 
CmGetUserCertList(uint32_t store,struct CertList * certificateList)251 CM_API_EXPORT int32_t CmGetUserCertList(uint32_t store, struct CertList *certificateList)
252 {
253     CM_LOG_I("enter get cert list");
254     if (certificateList == NULL) {
255         return CMR_ERROR_NULL_POINTER;
256     }
257 
258     int32_t ret = CmClientGetUserCertList(store, certificateList);
259     CM_LOG_I("leave get cert list, result = %d", ret);
260     return ret;
261 }
262 
CmGetUserCertInfo(const struct CmBlob * certUri,uint32_t store,struct CertInfo * certificateInfo)263 CM_API_EXPORT int32_t CmGetUserCertInfo(const struct CmBlob *certUri, uint32_t store, struct CertInfo *certificateInfo)
264 {
265     CM_LOG_I("enter get cert info");
266     if ((certUri == NULL) || (certificateInfo == NULL)) {
267         return CMR_ERROR_NULL_POINTER;
268     }
269 
270     int32_t ret = CmClientGetUserCertInfo(certUri, store, certificateInfo);
271     CM_LOG_I("leave get cert info, result = %d", ret);
272     return ret;
273 }
274 
CmSetUserCertStatus(const struct CmBlob * certUri,uint32_t store,const bool status)275 CM_API_EXPORT int32_t CmSetUserCertStatus(const struct CmBlob *certUri, uint32_t store, const bool status)
276 {
277     CM_LOG_I("enter set cert status");
278     if (certUri == NULL) {
279         return CMR_ERROR_NULL_POINTER;
280     }
281 
282     uint32_t uStatus = status ? 0 : 1; // 0 indicates the certificate enabled status
283 
284     int32_t ret = CmClientSetUserCertStatus(certUri, store, uStatus);
285     CM_LOG_I("leave set cert status, result = %d", ret);
286     return ret;
287 }
288 
CmInstallUserTrustedCert(const struct CmBlob * userCert,const struct CmBlob * certAlias,struct CmBlob * certUri)289 CM_API_EXPORT int32_t CmInstallUserTrustedCert(const struct CmBlob *userCert, const struct CmBlob *certAlias,
290     struct CmBlob *certUri)
291 {
292     CM_LOG_I("enter install user trusted cert");
293     if ((userCert == NULL) || (certAlias == NULL) || (certUri == NULL)) {
294         return CMR_ERROR_INVALID_ARGUMENT;
295     }
296 
297     int32_t ret = CmClientInstallUserTrustedCert(userCert, certAlias, certUri);
298     CM_LOG_I("leave install user trusted cert, result = %d", ret);
299     return ret;
300 }
301 
CmUninstallUserTrustedCert(const struct CmBlob * certUri)302 CM_API_EXPORT int32_t CmUninstallUserTrustedCert(const struct CmBlob *certUri)
303 {
304     CM_LOG_I("enter uninstall user trusted cert");
305     if (certUri == NULL) {
306         return CMR_ERROR_INVALID_ARGUMENT;
307     }
308 
309     int32_t ret = CmClientUninstallUserTrustedCert(certUri);
310     CM_LOG_I("leave uninstall user trusted cert, result = %d", ret);
311     return ret;
312 }
313 
CmUninstallAllUserTrustedCert(void)314 CM_API_EXPORT int32_t CmUninstallAllUserTrustedCert(void)
315 {
316     CM_LOG_I("enter uninstall all user trusted cert");
317 
318     int32_t ret = CmClientUninstallAllUserTrustedCert();
319     CM_LOG_I("leave uninstall all user trusted cert, result = %d", ret);
320     return ret;
321 }
322 
323