1 /* 2 * Copyright (C) 2022-2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef USERIAM_USER_SIGN_CENTRE_H 17 #define USERIAM_USER_SIGN_CENTRE_H 18 19 #include <stdint.h> 20 21 #include "adaptor_algorithm.h" 22 #include "buffer.h" 23 #include "context_manager.h" 24 #include "defines.h" 25 26 #ifdef __cplusplus 27 extern "C" { 28 #endif 29 30 #define AUTH_TOKEN_LEN sizeof(UserAuthTokenHal) 31 #define AUTH_TOKEN_DATA_LEN (AUTH_TOKEN_LEN - SHA256_DIGEST_SIZE) 32 #define AUTH_TOKEN_CIPHER_LEN sizeof(TokenDataToEncrypt) 33 #define TOKEN_VERSION 0 34 35 typedef struct { 36 uint8_t challenge[CHALLENGE_LEN]; 37 uint64_t time; 38 uint32_t authTrustLevel; 39 uint32_t authType; 40 uint32_t authMode; 41 uint32_t securityLevel; 42 } __attribute__((__packed__)) TokenDataPlain; 43 44 typedef struct { 45 int32_t userId; 46 uint64_t secureUid; 47 uint64_t enrolledId; 48 uint64_t credentialId; 49 } __attribute__((__packed__)) TokenDataToEncrypt; 50 51 typedef struct { 52 uint32_t version; 53 TokenDataPlain tokenDataPlain; 54 uint8_t tokenDataCipher[AUTH_TOKEN_CIPHER_LEN]; 55 uint8_t tag[AES_GCM_TAG_SIZE]; 56 uint8_t iv[AES_GCM_IV_SIZE]; 57 uint8_t sign[SHA256_DIGEST_SIZE]; 58 } __attribute__((__packed__)) UserAuthTokenHal; 59 60 typedef struct { 61 TokenDataPlain tokenDataPlain; 62 TokenDataToEncrypt tokenDataToEncrypt; 63 } __attribute__((__packed__)) UserAuthTokenPlain; 64 65 ResultCode GetTokenDataAndSign(UserAuthContext *context, 66 uint64_t credentialId, uint32_t authMode, UserAuthTokenHal *authToken); 67 ResultCode UserAuthTokenVerify(UserAuthTokenHal *userAuthToken, UserAuthTokenPlain *tokenPlain); 68 69 #ifdef __cplusplus 70 } 71 #endif 72 73 #endif // USERIAM_USER_SIGN_CENTRE_H