1 /*
2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #include "hks_config.h"
20 #endif
21
22 #include "hks_api.h"
23
24 #include <stddef.h>
25 #include <string.h>
26
27 #include "hks_api_adapter.h"
28
29 #include "hks_client_ipc.h"
30 #include "hks_local_engine.h"
31 #include "hks_ability.h"
32 #include "hks_log.h"
33 #include "hks_param.h"
34 #include "hks_template.h"
35 #include "hks_type.h"
36 #include "securec.h"
37
38 #ifdef HKS_SUPPORT_API_ATTEST_KEY
39 #include "hks_verifier.h"
40 #endif
41
42 #ifdef _CUT_AUTHENTICATE_
43 #undef HKS_SUPPORT_API_GENERATE_KEY
44 #undef HKS_SUPPORT_API_IMPORT
45 #undef HKS_SUPPORT_API_EXPORT
46 #undef HKS_SUPPORT_API_DELETE_KEY
47 #undef HKS_SUPPORT_API_GET_KEY_PARAM_SET
48 #undef HKS_SUPPORT_API_KEY_EXIST
49 #undef HKS_SUPPORT_API_SIGN_VERIFY
50 #undef HKS_SUPPORT_API_SIGN_VERIFY
51 #undef HKS_SUPPORT_API_AGREE_KEY
52 #undef HKS_SUPPORT_API_HASH
53 #undef HKS_SUPPORT_API_GET_KEY_INFO_LIST
54 #undef HKS_SUPPORT_API_ATTEST_KEY
55 #undef HKS_SUPPORT_API_GET_CERTIFICATE_CHAIN
56 #endif
57
HksGetSdkVersion(struct HksBlob * sdkVersion)58 HKS_API_EXPORT int32_t HksGetSdkVersion(struct HksBlob *sdkVersion)
59 {
60 if ((sdkVersion == NULL) || (sdkVersion->data == NULL)) {
61 return HKS_ERROR_NULL_POINTER;
62 }
63
64 uint32_t versionLen = strlen(HKS_SDK_VERSION);
65 if (sdkVersion->size < (versionLen + 1)) {
66 return HKS_ERROR_INVALID_ARGUMENT;
67 }
68
69 (void)memcpy_s(sdkVersion->data, sdkVersion->size, HKS_SDK_VERSION, versionLen);
70
71 sdkVersion->data[versionLen] = '\0';
72 sdkVersion->size = versionLen;
73 return HKS_SUCCESS;
74 }
75
HksInitialize(void)76 HKS_API_EXPORT int32_t HksInitialize(void)
77 {
78 #ifndef _CUT_AUTHENTICATE_
79 HKS_LOG_I("enter initialize");
80 int32_t ret = HksClientInitialize();
81 HKS_LOG_I("leave initialize, result = %" LOG_PUBLIC "d", ret);
82 return ret;
83 #else
84 (void)HksCryptoAbilityInit();
85 return HKS_SUCCESS;
86 #endif
87 }
88
HksRefreshKeyInfo(void)89 HKS_API_EXPORT int32_t HksRefreshKeyInfo(void)
90 {
91 #ifndef _CUT_AUTHENTICATE_
92 HKS_LOG_I("enter refresh key info");
93 int32_t ret = HksClientRefreshKeyInfo();
94 HKS_LOG_I("leave refresh key info, result = %" LOG_PUBLIC "d", ret);
95 return ret;
96 #else
97 return HKS_ERROR_API_NOT_SUPPORTED;
98 #endif
99 }
100
HksGenerateKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSetIn,struct HksParamSet * paramSetOut)101 HKS_API_EXPORT int32_t HksGenerateKey(const struct HksBlob *keyAlias,
102 const struct HksParamSet *paramSetIn, struct HksParamSet *paramSetOut)
103 {
104 #ifdef HKS_SUPPORT_API_GENERATE_KEY
105 HKS_LOG_I("enter generate key");
106 struct HksParam *storageFlag = NULL;
107 int32_t ret = HksGetParam(paramSetIn, HKS_TAG_KEY_STORAGE_FLAG, &storageFlag);
108 if ((ret == HKS_SUCCESS) && (storageFlag->uint32Param == HKS_STORAGE_TEMP)) {
109 if ((paramSetIn == NULL) || (paramSetOut == NULL)) {
110 return HKS_ERROR_NULL_POINTER;
111 }
112 ret = HksLocalGenerateKey(paramSetIn, paramSetOut);
113 HKS_LOG_I("leave generate temp key, result = %" LOG_PUBLIC "d", ret);
114 return ret;
115 }
116
117 /* generate persistent keys */
118 if ((paramSetIn == NULL) || (keyAlias == NULL)) {
119 return HKS_ERROR_NULL_POINTER;
120 }
121 ret = HksClientGenerateKey(keyAlias, paramSetIn, paramSetOut);
122 HKS_LOG_I("leave generate persistent key, result = %" LOG_PUBLIC "d", ret);
123 return ret;
124 #else
125 (void)keyAlias;
126 (void)paramSetIn;
127 (void)paramSetOut;
128 return HKS_ERROR_API_NOT_SUPPORTED;
129 #endif
130 }
131
HksImportKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,const struct HksBlob * key)132 HKS_API_EXPORT int32_t HksImportKey(const struct HksBlob *keyAlias,
133 const struct HksParamSet *paramSet, const struct HksBlob *key)
134 {
135 #ifdef HKS_SUPPORT_API_IMPORT
136 HKS_LOG_I("enter import key");
137 if ((keyAlias == NULL) || (paramSet == NULL) || (key == NULL)) {
138 return HKS_ERROR_NULL_POINTER;
139 }
140 int32_t ret = HksImportKeyAdapter(keyAlias, paramSet, key);
141 HKS_LOG_I("leave import key, result = %" LOG_PUBLIC "d", ret);
142 return ret;
143 #else
144 (void)keyAlias;
145 (void)paramSet;
146 (void)key;
147 return HKS_ERROR_API_NOT_SUPPORTED;
148 #endif
149 }
150
HksImportWrappedKey(const struct HksBlob * keyAlias,const struct HksBlob * wrappingKeyAlias,const struct HksParamSet * paramSet,const struct HksBlob * wrappedKeyData)151 HKS_API_EXPORT int32_t HksImportWrappedKey(const struct HksBlob *keyAlias, const struct HksBlob *wrappingKeyAlias,
152 const struct HksParamSet *paramSet, const struct HksBlob *wrappedKeyData)
153 {
154 #ifdef HKS_SUPPORT_API_IMPORT_WRAPPED_KEY
155 HKS_LOG_I("enter import wrapped key");
156 if ((keyAlias == NULL) || (wrappingKeyAlias == NULL)|| (paramSet == NULL) || (wrappedKeyData == NULL)) {
157 return HKS_ERROR_NULL_POINTER;
158 }
159
160 int32_t ret = HksClientImportWrappedKey(keyAlias, wrappingKeyAlias, paramSet, wrappedKeyData);
161
162 HKS_LOG_I("leave import wrapped key, result = %" LOG_PUBLIC "d", ret);
163 return ret;
164 #else
165 (void)keyAlias;
166 (void)wrappingKeyAlias;
167 (void)paramSet;
168 (void)wrappedKeyData;
169 return HKS_ERROR_API_NOT_SUPPORTED;
170 #endif
171 }
172
HksExportPublicKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksBlob * key)173 HKS_API_EXPORT int32_t HksExportPublicKey(const struct HksBlob *keyAlias,
174 const struct HksParamSet *paramSet, struct HksBlob *key)
175 {
176 #ifdef HKS_SUPPORT_API_EXPORT
177 HKS_LOG_I("enter export public key");
178 if ((keyAlias == NULL) || (key == NULL)) {
179 return HKS_ERROR_NULL_POINTER;
180 }
181 int32_t ret = HksExportPublicKeyAdapter(keyAlias, paramSet, key);
182
183 HKS_LOG_I("leave export public key, result = %" LOG_PUBLIC "d", ret);
184 return ret;
185 #else
186 (void)keyAlias;
187 (void)paramSet;
188 (void)key;
189 return HKS_ERROR_API_NOT_SUPPORTED;
190 #endif
191 }
192
HksDeleteKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet)193 HKS_API_EXPORT int32_t HksDeleteKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet)
194 {
195 #ifdef HKS_SUPPORT_API_DELETE_KEY
196 HKS_LOG_I("enter delete key");
197 HKS_IF_NULL_RETURN(keyAlias, HKS_ERROR_NULL_POINTER)
198 int32_t ret = HksClientDeleteKey(keyAlias, paramSet);
199 HKS_LOG_I("leave delete key, result = %" LOG_PUBLIC "d", ret);
200 return ret;
201 #else
202 (void)keyAlias;
203 (void)paramSet;
204 return HKS_ERROR_API_NOT_SUPPORTED;
205 #endif
206 }
207
HksGetKeyParamSet(const struct HksBlob * keyAlias,const struct HksParamSet * paramSetIn,struct HksParamSet * paramSetOut)208 HKS_API_EXPORT int32_t HksGetKeyParamSet(const struct HksBlob *keyAlias,
209 const struct HksParamSet *paramSetIn, struct HksParamSet *paramSetOut)
210 {
211 #ifdef HKS_SUPPORT_API_GET_KEY_PARAM_SET
212 HKS_LOG_I("enter get key paramset");
213 (void)paramSetIn;
214 if ((keyAlias == NULL) || (paramSetOut == NULL)) {
215 return HKS_ERROR_NULL_POINTER;
216 }
217 int32_t ret = HksClientGetKeyParamSet(keyAlias, paramSetOut);
218 HKS_LOG_I("leave get key paramset, result = %" LOG_PUBLIC "d", ret);
219 return ret;
220 #else
221 (void)keyAlias;
222 (void)paramSetIn;
223 (void)paramSetOut;
224 return HKS_ERROR_API_NOT_SUPPORTED;
225 #endif
226 }
227
HksKeyExist(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet)228 HKS_API_EXPORT int32_t HksKeyExist(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet)
229 {
230 #ifdef HKS_SUPPORT_API_KEY_EXIST
231 HKS_LOG_I("enter check key exist");
232 HKS_IF_NULL_RETURN(keyAlias, HKS_ERROR_NULL_POINTER)
233 int32_t ret = HksClientKeyExist(keyAlias, paramSet);
234 HKS_LOG_I("leave check key exist, result = %" LOG_PUBLIC "d", ret);
235 return ret;
236 #else
237 (void)keyAlias;
238 (void)paramSet;
239 return HKS_ERROR_API_NOT_SUPPORTED;
240 #endif
241 }
242
HksGenerateRandom(const struct HksParamSet * paramSet,struct HksBlob * random)243 HKS_API_EXPORT int32_t HksGenerateRandom(const struct HksParamSet *paramSet, struct HksBlob *random)
244 {
245 #ifdef HKS_SUPPORT_API_GENERATE_RANDOM
246 HKS_LOG_I("enter generate random");
247 HKS_IF_NULL_RETURN(random, HKS_ERROR_NULL_POINTER)
248
249 int32_t ret = HksClientGenerateRandom(random, paramSet);
250 HKS_LOG_I("leave generate random, result = %" LOG_PUBLIC "d", ret);
251 return ret;
252 #else
253 (void)paramSet;
254 (void)random;
255 return HKS_ERROR_API_NOT_SUPPORTED;
256 #endif
257 }
258
HksSign(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * srcData,struct HksBlob * signature)259 HKS_API_EXPORT int32_t HksSign(const struct HksBlob *key, const struct HksParamSet *paramSet,
260 const struct HksBlob *srcData, struct HksBlob *signature)
261 {
262 #ifdef HKS_SUPPORT_API_SIGN_VERIFY
263 HKS_LOG_I("enter sign");
264 if ((key == NULL) || (paramSet == NULL) || (srcData == NULL) || (signature == NULL)) {
265 return HKS_ERROR_NULL_POINTER;
266 }
267
268 struct HksParam *isKeyAlias = NULL;
269 int32_t ret = HksGetParam(paramSet, HKS_TAG_IS_KEY_ALIAS, &isKeyAlias);
270 if ((ret == HKS_SUCCESS) && (!isKeyAlias->boolParam)) {
271 return HksLocalSign(key, paramSet, srcData, signature);
272 }
273
274 return HksClientSign(key, paramSet, srcData, signature);
275 #else
276 (void)key;
277 (void)paramSet;
278 (void)srcData;
279 (void)signature;
280 return HKS_ERROR_API_NOT_SUPPORTED;
281 #endif
282 }
283
HksVerify(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * srcData,const struct HksBlob * signature)284 HKS_API_EXPORT int32_t HksVerify(const struct HksBlob *key, const struct HksParamSet *paramSet,
285 const struct HksBlob *srcData, const struct HksBlob *signature)
286 {
287 #ifdef HKS_SUPPORT_API_SIGN_VERIFY
288 HKS_LOG_I("enter verify");
289 if ((key == NULL) || (paramSet == NULL) || (srcData == NULL) || (signature == NULL)) {
290 return HKS_ERROR_NULL_POINTER;
291 }
292
293 struct HksParam *isKeyAlias = NULL;
294 int32_t ret = HksGetParam(paramSet, HKS_TAG_IS_KEY_ALIAS, &isKeyAlias);
295 if ((ret == HKS_SUCCESS) && (!isKeyAlias->boolParam)) {
296 ret = HksLocalVerify(key, paramSet, srcData, signature);
297 HKS_LOG_I("leave verify with plain key, result = %" LOG_PUBLIC "d", ret);
298 return ret;
299 }
300 ret = HksClientVerify(key, paramSet, srcData, signature);
301 HKS_LOG_I("leave verify with persistent key, result = %" LOG_PUBLIC "d", ret);
302 return ret;
303 #else
304 (void)key;
305 (void)paramSet;
306 (void)srcData;
307 (void)signature;
308 return HKS_ERROR_API_NOT_SUPPORTED;
309 #endif
310 }
311
HksEncrypt(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * plainText,struct HksBlob * cipherText)312 HKS_API_EXPORT int32_t HksEncrypt(const struct HksBlob *key, const struct HksParamSet *paramSet,
313 const struct HksBlob *plainText, struct HksBlob *cipherText)
314 {
315 #ifdef HKS_SUPPORT_API_CIPHER
316 HKS_LOG_I("enter encrypt");
317 if ((key == NULL) || (paramSet == NULL) || (plainText == NULL) || (cipherText == NULL)) {
318 return HKS_ERROR_NULL_POINTER;
319 }
320
321 struct HksParam *isKeyAlias = NULL;
322 int32_t ret = HksGetParam(paramSet, HKS_TAG_IS_KEY_ALIAS, &isKeyAlias);
323 if ((ret == HKS_SUCCESS) && (!isKeyAlias->boolParam)) {
324 ret = HksLocalEncrypt(key, paramSet, plainText, cipherText);
325 HKS_LOG_I("leave encrypt with plain key, result = %" LOG_PUBLIC "d", ret);
326 return ret;
327 }
328 #ifndef _CUT_AUTHENTICATE_
329 ret = HksClientEncrypt(key, paramSet, plainText, cipherText);
330 HKS_LOG_I("leave encrypt with persistent key, result = %" LOG_PUBLIC "d", ret);
331 return ret;
332 #else
333 return HKS_ERROR_NOT_SUPPORTED;
334 #endif
335 #else
336 (void)key;
337 (void)paramSet;
338 (void)plainText;
339 (void)cipherText;
340 return HKS_ERROR_API_NOT_SUPPORTED;
341 #endif
342 }
343
HksDecrypt(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * cipherText,struct HksBlob * plainText)344 HKS_API_EXPORT int32_t HksDecrypt(const struct HksBlob *key, const struct HksParamSet *paramSet,
345 const struct HksBlob *cipherText, struct HksBlob *plainText)
346 {
347 #ifdef HKS_SUPPORT_API_CIPHER
348 HKS_LOG_I("enter decrypt");
349 if ((key == NULL) || (paramSet == NULL) || (cipherText == NULL) || (plainText == NULL)) {
350 return HKS_ERROR_NULL_POINTER;
351 }
352
353 struct HksParam *isKeyAlias = NULL;
354 int32_t ret = HksGetParam(paramSet, HKS_TAG_IS_KEY_ALIAS, &isKeyAlias);
355 if ((ret == HKS_SUCCESS) && (!isKeyAlias->boolParam)) {
356 ret = HksLocalDecrypt(key, paramSet, cipherText, plainText);
357 HKS_LOG_I("leave decrypt with plain key, result = %" LOG_PUBLIC "d", ret);
358 return ret;
359 }
360 #ifndef _CUT_AUTHENTICATE_
361 ret = HksClientDecrypt(key, paramSet, cipherText, plainText);
362 HKS_LOG_I("leave decrypt with persistent key, result = %" LOG_PUBLIC "d", ret);
363 return ret;
364 #else
365 return HKS_ERROR_NOT_SUPPORTED;
366 #endif
367 #else
368 (void)key;
369 (void)paramSet;
370 (void)plainText;
371 (void)cipherText;
372 return HKS_ERROR_API_NOT_SUPPORTED;
373 #endif
374 }
375
HksAgreeKey(const struct HksParamSet * paramSet,const struct HksBlob * privateKey,const struct HksBlob * peerPublicKey,struct HksBlob * agreedKey)376 HKS_API_EXPORT int32_t HksAgreeKey(const struct HksParamSet *paramSet, const struct HksBlob *privateKey,
377 const struct HksBlob *peerPublicKey, struct HksBlob *agreedKey)
378 {
379 #ifdef HKS_SUPPORT_API_AGREE_KEY
380 HKS_LOG_I("enter agree key");
381 if ((paramSet == NULL) || (privateKey == NULL) || (peerPublicKey == NULL) || (agreedKey == NULL)) {
382 return HKS_ERROR_NULL_POINTER;
383 }
384
385 struct HksParam *isKeyAlias = NULL;
386 int32_t ret = HksGetParam(paramSet, HKS_TAG_IS_KEY_ALIAS, &isKeyAlias);
387 if ((ret == HKS_SUCCESS) && (!isKeyAlias->boolParam)) {
388 ret = HksLocalAgreeKey(paramSet, privateKey, peerPublicKey, agreedKey);
389 HKS_LOG_I("leave agree key with plain key, result = %" LOG_PUBLIC "d", ret);
390 return ret;
391 }
392
393 ret = HksAgreeKeyAdapter(paramSet, privateKey, peerPublicKey, agreedKey);
394 HKS_LOG_I("leave agree key with persistent key, result = %" LOG_PUBLIC "d", ret);
395 return ret;
396 #else
397 (void)paramSet;
398 (void)privateKey;
399 (void)peerPublicKey;
400 (void)agreedKey;
401 return HKS_ERROR_API_NOT_SUPPORTED;
402 #endif
403 }
404
HksDeriveKey(const struct HksParamSet * paramSet,const struct HksBlob * mainKey,struct HksBlob * derivedKey)405 HKS_API_EXPORT int32_t HksDeriveKey(const struct HksParamSet *paramSet, const struct HksBlob *mainKey,
406 struct HksBlob *derivedKey)
407 {
408 #ifdef HKS_SUPPORT_API_DERIVE_KEY
409 HKS_LOG_I("enter derive key");
410 if ((paramSet == NULL) || (mainKey == NULL) || (derivedKey == NULL)) {
411 return HKS_ERROR_NULL_POINTER;
412 }
413
414 struct HksParam *isKeyAlias = NULL;
415 int32_t ret = HksGetParam(paramSet, HKS_TAG_IS_KEY_ALIAS, &isKeyAlias);
416 if ((ret == HKS_SUCCESS) && (!isKeyAlias->boolParam)) {
417 ret = HksLocalDeriveKey(paramSet, mainKey, derivedKey);
418 HKS_LOG_I("leave derive key with plain key, result = %" LOG_PUBLIC "d", ret);
419 return ret;
420 }
421 #ifndef _CUT_AUTHENTICATE_
422 ret = HksClientDeriveKey(paramSet, mainKey, derivedKey);
423 HKS_LOG_I("leave derive key with persistent key, result = %" LOG_PUBLIC "d", ret);
424 return ret;
425 #else
426 return HKS_ERROR_NOT_SUPPORTED;
427 #endif
428 #else
429 (void)paramSet;
430 (void)mainKey;
431 (void)derivedKey;
432 return HKS_ERROR_API_NOT_SUPPORTED;
433 #endif
434 }
435
HksMac(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * srcData,struct HksBlob * mac)436 HKS_API_EXPORT int32_t HksMac(const struct HksBlob *key, const struct HksParamSet *paramSet,
437 const struct HksBlob *srcData, struct HksBlob *mac)
438 {
439 #ifdef HKS_SUPPORT_API_MAC
440 HKS_LOG_I("enter mac");
441 if ((key == NULL) || (paramSet == NULL) || (srcData == NULL) || (mac == NULL)) {
442 return HKS_ERROR_NULL_POINTER;
443 }
444
445 struct HksParam *isKeyAlias = NULL;
446 int32_t ret = HksGetParam(paramSet, HKS_TAG_IS_KEY_ALIAS, &isKeyAlias);
447 if ((ret == HKS_SUCCESS) && (!isKeyAlias->boolParam)) {
448 ret = HksLocalMac(key, paramSet, srcData, mac);
449 HKS_LOG_I("leave mac with plain key, result = %" LOG_PUBLIC "d", ret);
450 return ret;
451 }
452 #ifndef _CUT_AUTHENTICATE_
453 ret = HksClientMac(key, paramSet, srcData, mac);
454 HKS_LOG_I("leave mac with persistent key, result = %" LOG_PUBLIC "d", ret);
455 return ret;
456 #else
457 return HKS_ERROR_NOT_SUPPORTED;
458 #endif
459 #else
460 (void)key;
461 (void)paramSet;
462 (void)srcData;
463 (void)mac;
464 return HKS_ERROR_API_NOT_SUPPORTED;
465 #endif
466 }
467
HksHash(const struct HksParamSet * paramSet,const struct HksBlob * srcData,struct HksBlob * hash)468 HKS_API_EXPORT int32_t HksHash(const struct HksParamSet *paramSet,
469 const struct HksBlob *srcData, struct HksBlob *hash)
470 {
471 #ifdef HKS_SUPPORT_API_HASH
472 HKS_LOG_I("enter hash");
473 if ((paramSet == NULL) || (srcData == NULL) || (hash == NULL)) {
474 return HKS_ERROR_NULL_POINTER;
475 }
476 int32_t ret = HksLocalHash(paramSet, srcData, hash);
477 HKS_LOG_I("leave hash, result = %" LOG_PUBLIC "d", ret);
478 return ret;
479 #else
480 (void)paramSet;
481 (void)srcData;
482 (void)hash;
483 return HKS_ERROR_API_NOT_SUPPORTED;
484 #endif
485 }
486
HksGetKeyInfoList(const struct HksParamSet * paramSet,struct HksKeyInfo * keyInfoList,uint32_t * listCount)487 HKS_API_EXPORT int32_t HksGetKeyInfoList(const struct HksParamSet *paramSet,
488 struct HksKeyInfo *keyInfoList, uint32_t *listCount)
489 {
490 #ifdef HKS_SUPPORT_API_GET_KEY_INFO_LIST
491 HKS_LOG_I("enter get key info list");
492 (void)paramSet;
493 if ((keyInfoList == NULL) || (listCount == NULL)) {
494 return HKS_ERROR_NULL_POINTER;
495 }
496 int32_t ret = HksClientGetKeyInfoList(keyInfoList, listCount);
497 HKS_LOG_I("leave get key info list, result = %" LOG_PUBLIC "d", ret);
498 return ret;
499 #else
500 (void)paramSet;
501 (void)keyInfoList;
502 (void)listCount;
503 return HKS_ERROR_API_NOT_SUPPORTED;
504 #endif
505 }
506
HksAttestKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksCertChain * certChain)507 HKS_API_EXPORT int32_t HksAttestKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
508 struct HksCertChain *certChain)
509 {
510 #ifdef HKS_SUPPORT_API_ATTEST_KEY
511 HKS_LOG_I("enter attest key");
512 if ((keyAlias == NULL) || (paramSet == NULL) || (certChain == NULL)) {
513 return HKS_ERROR_NULL_POINTER;
514 }
515 int32_t ret = HksClientAttestKey(keyAlias, paramSet, certChain);
516 HKS_LOG_I("leave attest key, result = %" LOG_PUBLIC "d", ret);
517 return ret;
518 #else
519 (void)keyAlias;
520 (void)paramSet;
521 (void)certChain;
522 return HKS_ERROR_API_NOT_SUPPORTED;
523 #endif
524 }
525
HksGetCertificateChain(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksCertChain * certChain)526 HKS_API_EXPORT int32_t HksGetCertificateChain(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
527 struct HksCertChain *certChain)
528 {
529 (void)keyAlias;
530 (void)paramSet;
531 (void)certChain;
532 return HKS_ERROR_API_NOT_SUPPORTED;
533 }
534
HksWrapKey(const struct HksBlob * keyAlias,const struct HksBlob * targetKeyAlias,const struct HksParamSet * paramSet,struct HksBlob * wrappedData)535 HKS_API_EXPORT int32_t HksWrapKey(const struct HksBlob *keyAlias, const struct HksBlob *targetKeyAlias,
536 const struct HksParamSet *paramSet, struct HksBlob *wrappedData)
537 {
538 (void)keyAlias;
539 (void)targetKeyAlias;
540 (void)paramSet;
541 (void)wrappedData;
542 return HKS_ERROR_API_NOT_SUPPORTED;
543 }
544
HksUnwrapKey(const struct HksBlob * keyAlias,const struct HksBlob * targetKeyAlias,const struct HksBlob * wrappedData,const struct HksParamSet * paramSet)545 HKS_API_EXPORT int32_t HksUnwrapKey(const struct HksBlob *keyAlias, const struct HksBlob *targetKeyAlias,
546 const struct HksBlob *wrappedData, const struct HksParamSet *paramSet)
547 {
548 (void)keyAlias;
549 (void)targetKeyAlias;
550 (void)paramSet;
551 (void)wrappedData;
552 return HKS_ERROR_API_NOT_SUPPORTED;
553 }
554
HksBnExpMod(struct HksBlob * x,const struct HksBlob * a,const struct HksBlob * e,const struct HksBlob * n)555 HKS_API_EXPORT int32_t HksBnExpMod(struct HksBlob *x, const struct HksBlob *a,
556 const struct HksBlob *e, const struct HksBlob *n)
557 {
558 #ifdef HKS_SUPPORT_API_BN_EXP_MOD
559 HKS_LOG_I("enter bn exp mod");
560 if ((x == NULL) || (a == NULL) || (e == NULL) || (n == NULL)) {
561 return HKS_ERROR_NULL_POINTER;
562 }
563
564 int32_t ret = HksLocalBnExpMod(x, a, e, n);
565 HKS_LOG_I("leave bn exp mod key, result = %" LOG_PUBLIC "d", ret);
566 return ret;
567 #else
568 (void)x;
569 (void)a;
570 (void)e;
571 (void)n;
572 return HKS_ERROR_API_NOT_SUPPORTED;
573 #endif
574 }
575
576 /*
577 * Currently, the device certificate and device key are implemented using stubs.
578 * By default, the device key exists.
579 */
HcmIsDeviceKeyExist(const struct HksParamSet * paramSet)580 HKS_API_EXPORT int32_t HcmIsDeviceKeyExist(const struct HksParamSet *paramSet)
581 {
582 (void)paramSet;
583 return HKS_SUCCESS;
584 }
585
HksValidateCertChain(const struct HksCertChain * certChain,struct HksParamSet * paramSetOut)586 HKS_API_EXPORT int32_t HksValidateCertChain(const struct HksCertChain *certChain, struct HksParamSet *paramSetOut)
587 {
588 #ifdef HKS_SUPPORT_API_ATTEST_KEY
589 HKS_LOG_I("enter validate cert chain");
590 if ((paramSetOut == NULL) || (certChain == NULL)) {
591 return HKS_ERROR_NULL_POINTER;
592 }
593 int32_t ret = HksClientValidateCertChain(certChain, paramSetOut);
594 HKS_LOG_I("leave validate cert chain, result = %" LOG_PUBLIC "d", ret);
595 return ret;
596 #else
597 (void)certChain;
598 (void)paramSetOut;
599 return HKS_ERROR_API_NOT_SUPPORTED;
600 #endif
601 }
602
HksInit(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksBlob * handle,struct HksBlob * token)603 HKS_API_EXPORT int32_t HksInit(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
604 struct HksBlob *handle, struct HksBlob *token)
605 {
606 HKS_LOG_I("enter init operation");
607 if ((keyAlias == NULL) || (paramSet == NULL) || (handle == NULL)) { /* token can be null */
608 HKS_LOG_E("the pointer param entered is invalid");
609 return HKS_ERROR_NULL_POINTER;
610 }
611
612 int32_t ret = HksClientInit(keyAlias, paramSet, handle, token);
613 HKS_LOG_I("leave init operation, result = %" LOG_PUBLIC "d", ret);
614 return ret;
615 }
616
HksUpdate(const struct HksBlob * handle,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData)617 HKS_API_EXPORT int32_t HksUpdate(const struct HksBlob *handle, const struct HksParamSet *paramSet,
618 const struct HksBlob *inData, struct HksBlob *outData)
619 {
620 HKS_LOG_I("enter update operation");
621 if ((handle == NULL) || (paramSet == NULL) || (inData == NULL) || (outData == NULL)) {
622 HKS_LOG_E("the pointer param entered is invalid");
623 return HKS_ERROR_NULL_POINTER;
624 }
625
626 int32_t ret = HksClientUpdate(handle, paramSet, inData, outData);
627 HKS_LOG_I("leave update operation, result = %" LOG_PUBLIC "d", ret);
628 return ret;
629 }
630
HksFinish(const struct HksBlob * handle,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData)631 HKS_API_EXPORT int32_t HksFinish(const struct HksBlob *handle, const struct HksParamSet *paramSet,
632 const struct HksBlob *inData, struct HksBlob *outData)
633 {
634 HKS_LOG_I("enter finish operation");
635 if ((handle == NULL) || (paramSet == NULL) || (inData == NULL) || (outData == NULL)) {
636 HKS_LOG_E("the pointer param entered is invalid");
637 return HKS_ERROR_NULL_POINTER;
638 }
639
640 int32_t ret = HksClientFinish(handle, paramSet, inData, outData);
641 HKS_LOG_I("leave finish operation, result = %" LOG_PUBLIC "d", ret);
642 return ret;
643 }
644
HksAbort(const struct HksBlob * handle,const struct HksParamSet * paramSet)645 HKS_API_EXPORT int32_t HksAbort(const struct HksBlob *handle, const struct HksParamSet *paramSet)
646 {
647 HKS_LOG_I("enter abort operation");
648 if ((handle == NULL) || (paramSet == NULL)) {
649 HKS_LOG_E("the pointer param entered is invalid");
650 return HKS_ERROR_NULL_POINTER;
651 }
652
653 int32_t ret = HksClientAbort(handle, paramSet);
654 HKS_LOG_I("leave abort operation, result = %" LOG_PUBLIC "d", ret);
655 return ret;
656 }
657
HksExportChipsetPlatformPublicKey(const struct HksBlob * salt,enum HksChipsetPlatformDecryptScene scene,struct HksBlob * publicKey)658 HKS_API_EXPORT int32_t HksExportChipsetPlatformPublicKey(const struct HksBlob *salt,
659 enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey)
660 {
661 #ifdef HKS_SUPPORT_CHIPSET_PLATFORM_DECRYPT
662 HKS_LOG_I("enter export chipset platform public key");
663 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckBlob(salt), HKS_ERROR_INVALID_ARGUMENT, "invalid salt")
664 HKS_IF_NOT_SUCC_LOGE_RETURN(CheckBlob(publicKey), HKS_ERROR_INVALID_ARGUMENT, "invalid publicKey")
665 int32_t ret = HksClientExportChipsetPlatformPublicKey(salt, scene, publicKey);
666 HKS_LOG_I("leave export chipset platform public key, ret = %" LOG_PUBLIC "d", ret);
667 return ret;
668 #else
669 (void)(salt);
670 (void)(scene);
671 (void)(publicKey);
672 return HKS_ERROR_API_NOT_SUPPORTED;
673 #endif
674 }
675