1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifndef CM_TYPE_H
17 #define CM_TYPE_H
18
19 #include <stdbool.h>
20 #include <stdint.h>
21 #include <stdlib.h>
22
23 #ifdef __cplusplus
24 extern "C" {
25 #endif
26 #ifndef CM_API_PUBLIC
27 #if defined(WIN32) || defined(_WIN32) || defined(__CYGWIN__) || defined(__ICCARM__) /* __ICCARM__ for iar */
28 #define CM_API_EXPORT
29 #else
30 #define CM_API_EXPORT __attribute__ ((visibility("default")))
31 #endif
32 #else
33 #define CM_API_EXPORT __attribute__ ((visibility("default")))
34 #endif
35
36 #define MAX_LEN_CERTIFICATE 8196
37
38 #define MAX_LEN_CERTIFICATE_CHAIN (3 * MAX_LEN_CERTIFICATE)
39
40 #define MAX_SUFFIX_LEN 16
41 #define MAX_COUNT_CERTIFICATE 256
42 #define MAX_LEN_URI 64
43 #define MAX_AUTH_LEN_URI 256
44 #define MAX_LEN_CERT_ALIAS 64
45 #define MAX_LEN_SUBJECT_NAME 256
46 #define MAX_LEN_PACKGE_NAME 64
47 #define MAX_UINT32_LEN 16
48
49 #define MAX_LEN_ISSUER_NAME 256
50 #define MAX_LEN_SERIAL 64
51 #define MAX_LEN_NOT_BEFORE 32
52 #define MAX_LEN_NOT_AFTER 32
53 #define MAX_LEN_FINGER_PRINT_SHA256 128
54 #define MAX_LEN_APP_CERT 20480
55 #define MAX_LEN_APP_CERT_PASSWD 16
56
57 #define CERT_MAX_PATH_LEN 256
58 #define CM_ARRAY_SIZE(arr) ((sizeof(arr)) / (sizeof((arr)[0])))
59
60 /*
61 * Align to 4-tuple
62 * Before calling this function, ensure that the size does not overflow after 3 is added.
63 */
64 #define ALIGN_SIZE(size) ((((uint32_t)(size) + 3) >> 2) << 2)
65
66 #define CM_BITS_PER_BYTE 8
67 #define CM_KEY_BYTES(keySize) (((keySize) + CM_BITS_PER_BYTE - 1) / CM_BITS_PER_BYTE)
68 #define CM_ARRAY_SIZE(arr) ((sizeof(arr)) / (sizeof((arr)[0])))
69 #define MAX_OUT_BLOB_SIZE (5 * 1024 * 1024)
70
71 #define CM_CREDENTIAL_STORE 0
72 #define CM_SYSTEM_TRUSTED_STORE 1
73 #define CM_USER_TRUSTED_STORE 2
74 #define CM_PRI_CREDENTIAL_STORE 3
75
76 enum CmKeyDigest {
77 CM_DIGEST_NONE = 0,
78 CM_DIGEST_MD5 = 1,
79 CM_DIGEST_SHA1 = 10,
80 CM_DIGEST_SHA224 = 11,
81 CM_DIGEST_SHA256 = 12,
82 CM_DIGEST_SHA384 = 13,
83 CM_DIGEST_SHA512 = 14,
84 };
85
86 enum CmKeyPurpose {
87 CM_KEY_PURPOSE_ENCRYPT = 1, /* Usable with RSA, EC, AES, and SM4 keys. */
88 CM_KEY_PURPOSE_DECRYPT = 2, /* Usable with RSA, EC, AES, and SM4 keys. */
89 CM_KEY_PURPOSE_SIGN = 4, /* Usable with RSA, EC keys. */
90 CM_KEY_PURPOSE_VERIFY = 8, /* Usable with RSA, EC keys. */
91 CM_KEY_PURPOSE_DERIVE = 16, /* Usable with EC keys. */
92 CM_KEY_PURPOSE_WRAP = 32, /* Usable with wrap key. */
93 CM_KEY_PURPOSE_UNWRAP = 64, /* Usable with unwrap key. */
94 CM_KEY_PURPOSE_MAC = 128, /* Usable with mac. */
95 CM_KEY_PURPOSE_AGREE = 256, /* Usable with agree. */
96 };
97
98 enum CmKeyPadding {
99 CM_PADDING_NONE = 0,
100 CM_PADDING_OAEP = 1,
101 CM_PADDING_PSS = 2,
102 CM_PADDING_PKCS1_V1_5 = 3,
103 CM_PADDING_PKCS5 = 4,
104 CM_PADDING_PKCS7 = 5,
105 };
106
107 enum CmErrorCode {
108 CM_SUCCESS = 0,
109 CM_FAILURE = -1,
110
111 CMR_ERROR_NOT_PERMITTED = -2,
112 CMR_ERROR_NOT_SUPPORTED = -3,
113 CMR_ERROR_STORAGE = -4,
114 CMR_ERROR_NOT_FOUND = -5,
115 CMR_ERROR_NULL_POINTER = -6,
116 CMR_ERROR_INVALID_ARGUMENT = -7,
117 CMR_ERROR_MAKE_DIR_FAIL = -8,
118 CMR_ERROR_INVALID_OPERATION = -9,
119 CMR_ERROR_OPEN_FILE_FAIL = -10,
120 CMR_ERROR_READ_FILE_ERROR = -11,
121 CMR_ERROR_WRITE_FILE_FAIL = -12,
122 CMR_ERROR_REMOVE_FILE_FAIL = -13,
123 CMR_ERROR_CLOSE_FILE_FAIL = -14,
124 CMR_ERROR_MALLOC_FAIL = -15,
125 CMR_ERROR_NOT_EXIST = -16,
126 CMR_ERROR_ALREADY_EXISTS = -17,
127 CMR_ERROR_INSUFFICIENT_DATA = -18,
128 CMR_ERROR_BUFFER_TOO_SMALL = -19,
129 CMR_ERROR_INVALID_CERT_FORMAT = -20,
130 CMR_ERROR_PARAM_NOT_EXIST = -21,
131 CMR_ERROR_SESSION_REACHED_LIMIT = -22,
132 CMR_ERROR_PERMISSION_DENIED = -23,
133 CMR_ERROR_AUTH_CHECK_FAILED = -24,
134 CMR_ERROR_KEY_OPERATION_FAILED = -25,
135 CMR_ERROR_NOT_SYSTEMP_APP = -26,
136 };
137
138 enum CMErrorCode { /* temp use */
139 CMR_OK = 0,
140 CMR_ERROR = -1,
141 };
142
143 enum CmTagType {
144 CM_TAG_TYPE_INVALID = 0 << 28,
145 CM_TAG_TYPE_INT = 1 << 28,
146 CM_TAG_TYPE_UINT = 2 << 28,
147 CM_TAG_TYPE_ULONG = 3 << 28,
148 CM_TAG_TYPE_BOOL = 4 << 28,
149 CM_TAG_TYPE_BYTES = 5 << 28,
150 };
151
152 enum CmTag {
153 /* Inner-use TAGS used for ipc serialization */
154 CM_TAG_PARAM0_BUFFER = CM_TAG_TYPE_BYTES | 30001,
155 CM_TAG_PARAM1_BUFFER = CM_TAG_TYPE_BYTES | 30002,
156 CM_TAG_PARAM2_BUFFER = CM_TAG_TYPE_BYTES | 30003,
157 CM_TAG_PARAM3_BUFFER = CM_TAG_TYPE_BYTES | 30004,
158 CM_TAG_PARAM4_BUFFER = CM_TAG_TYPE_BYTES | 30005,
159 CM_TAG_PARAM0_UINT32 = CM_TAG_TYPE_UINT | 30006,
160 CM_TAG_PARAM1_UINT32 = CM_TAG_TYPE_UINT | 30007,
161 CM_TAG_PARAM2_UINT32 = CM_TAG_TYPE_UINT | 30008,
162 CM_TAG_PARAM3_UINT32 = CM_TAG_TYPE_UINT | 30009,
163 CM_TAG_PARAM4_UINT32 = CM_TAG_TYPE_UINT | 30010,
164 CM_TAG_PARAM0_BOOL = CM_TAG_TYPE_BOOL | 30011,
165 CM_TAG_PARAM1_BOOL = CM_TAG_TYPE_BOOL | 30012,
166 CM_TAG_PARAM2_BOOL = CM_TAG_TYPE_BOOL | 30013,
167 CM_TAG_PARAM3_BOOL = CM_TAG_TYPE_BOOL | 30014,
168 CM_TAG_PARAM4_BOOL = CM_TAG_TYPE_BOOL | 30015,
169 CM_TAG_PARAM0_NULL = CM_TAG_TYPE_BYTES | 30016,
170 CM_TAG_PARAM1_NULL = CM_TAG_TYPE_BYTES | 30017,
171 CM_TAG_PARAM2_NULL = CM_TAG_TYPE_BYTES | 30018,
172 CM_TAG_PARAM3_NULL = CM_TAG_TYPE_BYTES | 30019,
173 CM_TAG_PARAM4_NULL = CM_TAG_TYPE_BYTES | 30020,
174 };
175
176 #define CM_PARAM_BUFFER_NULL_INTERVAL ((CM_TAG_PARAM0_NULL) - (CM_TAG_PARAM0_BUFFER))
177
178 enum CmSendType {
179 CM_SEND_TYPE_ASYNC = 0,
180 CM_SEND_TYPE_SYNC,
181 };
182
183 struct CmMutableBlob {
184 uint32_t size;
185 uint8_t *data;
186 };
187
188 struct CmContext {
189 uint32_t userId;
190 uint32_t uid;
191 char packageName[MAX_LEN_PACKGE_NAME];
192 };
193
194 struct CmBlob {
195 uint32_t size;
196 uint8_t *data;
197 };
198
199 struct CertBlob {
200 struct CmBlob uri[MAX_COUNT_CERTIFICATE];
201 struct CmBlob certAlias[MAX_COUNT_CERTIFICATE];
202 struct CmBlob subjectName[MAX_COUNT_CERTIFICATE];
203 };
204
205 struct CmAppCertInfo {
206 struct CmBlob appCert;
207 struct CmBlob appCertPwd;
208 };
209
210 struct CertListAbtInfo {
211 uint32_t uriSize;
212 char uri[MAX_LEN_URI];
213 uint32_t aliasSize;
214 char certAlias[MAX_LEN_CERT_ALIAS];
215 uint32_t status;
216 uint32_t subjectNameSize;
217 char subjectName[MAX_LEN_SUBJECT_NAME];
218 };
219
220 struct CertAbstract {
221 char uri[MAX_LEN_URI];
222 char certAlias[MAX_LEN_CERT_ALIAS];
223 bool status;
224 char subjectName[MAX_LEN_SUBJECT_NAME];
225 };
226
227 struct CertList {
228 uint32_t certsCount;
229 struct CertAbstract *certAbstract;
230 };
231
232 struct CertAbtInfo {
233 uint32_t aliasSize;
234 char certAlias[MAX_LEN_CERT_ALIAS];
235 uint32_t status;
236 uint32_t certsize;
237 uint8_t certData[MAX_LEN_CERTIFICATE];
238 };
239
240 struct CertInfo {
241 char uri[MAX_LEN_URI];
242 char certAlias[MAX_LEN_CERT_ALIAS];
243 bool status;
244 char issuerName[MAX_LEN_ISSUER_NAME];
245 char subjectName[MAX_LEN_SUBJECT_NAME];
246 char serial[MAX_LEN_SERIAL];
247 char notBefore[MAX_LEN_NOT_BEFORE];
248 char notAfter[MAX_LEN_NOT_AFTER];
249 char fingerprintSha256[MAX_LEN_FINGER_PRINT_SHA256];
250 struct CmBlob certInfo;
251 };
252
253 struct CertFile {
254 const struct CmBlob *fileName;
255 const struct CmBlob *path;
256 };
257
258 struct CertFileInfo {
259 struct CmBlob fileName;
260 struct CmBlob path;
261 };
262
263 struct CMApp {
264 uint32_t userId;
265 uint32_t uid;
266 const char *packageName;
267 struct CmBlob *appId; // for attestation
268 };
269
270 struct Credential {
271 uint32_t isExist;
272 char type[MAX_LEN_SUBJECT_NAME];
273 char alias[MAX_LEN_CERT_ALIAS];
274 char keyUri[MAX_LEN_URI];
275 uint32_t certNum;
276 uint32_t keyNum;
277 struct CmBlob credData;
278 };
279
280 struct CredentialAbstract {
281 char type[MAX_LEN_SUBJECT_NAME];
282 char alias[MAX_LEN_CERT_ALIAS];
283 char keyUri[MAX_LEN_URI];
284 };
285
286 struct CredentialList {
287 uint32_t credentialCount;
288 struct CredentialAbstract *credentialAbstract;
289 };
290
291 struct AppCert {
292 uint32_t certCount;
293 uint32_t keyCount;
294 uint32_t certSize;
295 uint8_t appCertdata[MAX_LEN_CERTIFICATE_CHAIN];
296 };
297
298 struct CmParam {
299 uint32_t tag;
300 union {
301 bool boolParam;
302 int32_t int32Param;
303 uint32_t uint32Param;
304 uint64_t uint64Param;
305 struct CmBlob blob;
306 };
307 };
308
309 struct CmParamOut {
310 uint32_t tag;
311 union {
312 bool *boolParam;
313 int32_t *int32Param;
314 uint32_t *uint32Param;
315 uint64_t *uint64Param;
316 struct CmBlob *blob;
317 };
318 };
319
320 struct CmParamSet {
321 uint32_t paramSetSize;
322 uint32_t paramsCnt;
323 struct CmParam params[];
324 };
325
326 struct CmAppUidList {
327 uint32_t appUidCount;
328 uint32_t *appUid;
329 };
330
331 struct CmSignatureSpec {
332 uint32_t purpose;
333 uint32_t padding;
334 uint32_t digest;
335 };
336
CmIsAdditionOverflow(uint32_t a,uint32_t b)337 static inline bool CmIsAdditionOverflow(uint32_t a, uint32_t b)
338 {
339 return (UINT32_MAX - a) < b;
340 }
341
CmIsInvalidLength(uint32_t length)342 static inline bool CmIsInvalidLength(uint32_t length)
343 {
344 return (length == 0) || (length > MAX_OUT_BLOB_SIZE);
345 }
346
CmCheckBlob(const struct CmBlob * blob)347 static inline int32_t CmCheckBlob(const struct CmBlob *blob)
348 {
349 if ((blob == NULL) || (blob->data == NULL) || (blob->size == 0)) {
350 return CMR_ERROR_INVALID_ARGUMENT;
351 }
352 return CM_SUCCESS;
353 }
354
355 #ifdef __cplusplus
356 }
357 #endif
358
359 #endif /* CM_TYPE_H */
360