1/* 2 * Copyright (C) 2021 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15import * as param from '../publicParam'; 16import huks from '@ohos.security.huks'; 17 18let salt = new Uint8Array([ 19 0x14, 0x10, 0x11, 0x3a, 0x27, 0x9e, 0xc8, 0x5f, 0xe0, 0xf3, 0x36, 0x17, 0x57, 0x42, 0x8e, 0xff 20]); 21 22let HuksDeriveHKDF = { 23 HuksKeySIZE: { 24 tag: param.HksTag.HKS_TAG_KEY_SIZE, 25 value: param.HksKeySize.HKS_AES_KEY_SIZE_512, 26 }, 27 HuksKeyAlgHKDF: { 28 tag: param.HksTag.HKS_TAG_ALGORITHM, 29 value: param.HksKeyAlg.HKS_ALG_HKDF, 30 }, 31 HuksKeyAlgAES: { 32 tag: param.HksTag.HKS_TAG_ALGORITHM, 33 value: param.HksKeyAlg.HKS_ALG_AES, 34 }, 35 HuksKeyPurposeHKDF: { 36 tag: param.HksTag.HKS_TAG_PURPOSE, 37 value: param.HksKeyPurpose.HKS_KEY_PURPOSE_DERIVE, 38 }, 39 HuksTagHKDFDigestSHA256: { 40 tag: param.HksTag.HKS_TAG_DIGEST, 41 value: param.HksKeyDigest.HKS_DIGEST_SHA256, 42 }, 43 HuksTagHKDFDigestSHA384: { 44 tag: param.HksTag.HKS_TAG_DIGEST, 45 value: param.HksKeyDigest.HKS_DIGEST_SHA384, 46 }, 47 HuksTagHKDFDigestSHA512: { 48 tag: param.HksTag.HKS_TAG_DIGEST, 49 value: param.HksKeyDigest.HKS_DIGEST_SHA512, 50 }, 51 HuksKeyHKDFSize128: { 52 tag: param.HksTag.HKS_TAG_KEY_SIZE, 53 value: param.HksKeySize.HKS_AES_KEY_SIZE_128, 54 }, 55 HuksKeyHKDFSize192: { 56 tag: param.HksTag.HKS_TAG_KEY_SIZE, 57 value: param.HksKeySize.HKS_AES_KEY_SIZE_192, 58 }, 59 HuksKeyHKDFSize256: { 60 tag: param.HksTag.HKS_TAG_KEY_SIZE, 61 value: param.HksKeySize.HKS_AES_KEY_SIZE_256, 62 }, 63 HuksKeyDERIVEKEYSIZE: { 64 tag: param.HksTag.HKS_TAG_DERIVE_KEY_SIZE, 65 value: param.HksKeySize.DERIVE_KEY_SIZE_32, 66 }, 67 68 HuksKeyISKEYALIAS: { tag: param.HksTag.HKS_TAG_IS_KEY_ALIAS, value: true }, 69 HuksKeySTORAGE: { 70 tag: param.HksTag.HKS_TAG_KEY_STORAGE_FLAG, 71 value: param.HksKeyStorageType.HKS_STORAGE_PERSISTENT, 72 }, 73 HuksKeyALGORITHMAES: { 74 tag: param.HksTag.HKS_TAG_ALGORITHM, 75 value: param.HksKeyAlg.HKS_ALG_AES, 76 }, 77 HuksKeyALGORITHMHMAC: { 78 tag: param.HksTag.HKS_TAG_ALGORITHM, 79 value: param.HksKeyAlg.HKS_ALG_HMAC, 80 }, 81 HuksKeySIZE256: { 82 tag: param.HksTag.HKS_TAG_KEY_SIZE, 83 value: param.HksKeySize.HKS_AES_KEY_SIZE_256, 84 }, 85 HuksKeySIZE128: { 86 tag: param.HksTag.HKS_TAG_KEY_SIZE, 87 value: param.HksKeySize.HKS_AES_KEY_SIZE_128, 88 }, 89 HuksKeySIZE192: { 90 tag: param.HksTag.HKS_TAG_KEY_SIZE, 91 value: param.HksKeySize.HKS_AES_KEY_SIZE_192, 92 }, 93 HuksKeyPurposeDERIVE: { 94 tag: param.HksTag.HKS_TAG_PURPOSE, 95 value: param.HksKeyPurpose.HKS_KEY_PURPOSE_DERIVE, 96 }, 97 HuksKeyPurposeMAC: { 98 tag: param.HksTag.HKS_TAG_PURPOSE, 99 value: param.HksKeyPurpose.HKS_KEY_PURPOSE_MAC, 100 }, 101 HuksKeyPurposeENCRYPTDECRYPT: { 102 tag: param.HksTag.HKS_TAG_PURPOSE, 103 value: param.HksKeyPurpose.HKS_KEY_PURPOSE_ENCRYPT | param.HksKeyPurpose.HKS_KEY_PURPOSE_DECRYPT, 104 }, 105 HuksKeyPADDINGNONE: { 106 tag: param.HksTag.HKS_TAG_PADDING, 107 value: param.HksKeyPadding.HKS_PADDING_NONE, 108 }, 109 HuksKeyPADDINGPKCS7: { 110 tag: param.HksTag.HKS_TAG_PADDING, 111 value: param.HksKeyPadding.HKS_PADDING_PKCS7, 112 }, 113 HuksKeyDIGESTNONE: { 114 tag: param.HksTag.HKS_TAG_DIGEST, 115 value: param.HksKeyDigest.HKS_DIGEST_NONE, 116 }, 117 HuksKeyDIGESTSHA1: { 118 tag: param.HksTag.HKS_TAG_DIGEST, 119 value: param.HksKeyDigest.HKS_DIGEST_SHA1, 120 }, 121 HuksKeyDIGESTSHA224: { 122 tag: param.HksTag.HKS_TAG_DIGEST, 123 value: param.HksKeyDigest.HKS_DIGEST_SHA224, 124 }, 125 HuksKeyDIGESTSHA256: { 126 tag: param.HksTag.HKS_TAG_DIGEST, 127 value: param.HksKeyDigest.HKS_DIGEST_SHA256, 128 }, 129 HuksKeyDIGESTSHA384: { 130 tag: param.HksTag.HKS_TAG_DIGEST, 131 value: param.HksKeyDigest.HKS_DIGEST_SHA384, 132 }, 133 HuksKeyDIGESTSHA512: { 134 tag: param.HksTag.HKS_TAG_DIGEST, 135 value: param.HksKeyDigest.HKS_DIGEST_SHA512, 136 }, 137 HuksKeyBLOCKMODECBC: { 138 tag: param.HksTag.HKS_TAG_BLOCK_MODE, 139 value: param.HksCipherMode.HKS_MODE_CBC, 140 }, 141 HuksKeyBLOCKMODECCM: { 142 tag: param.HksTag.HKS_TAG_BLOCK_MODE, 143 value: param.HksCipherMode.HKS_MODE_CCM, 144 }, 145 HuksKeyBLOCKMODEECB: { 146 tag: param.HksTag.HKS_TAG_BLOCK_MODE, 147 value: param.HksCipherMode.HKS_MODE_ECB, 148 }, 149 HuksKeyBLOCKMODECTR: { 150 tag: param.HksTag.HKS_TAG_BLOCK_MODE, 151 value: param.HksCipherMode.HKS_MODE_CTR, 152 }, 153 HuksKeyBLOCKMODEGCM: { 154 tag: param.HksTag.HKS_TAG_BLOCK_MODE, 155 value: param.HksCipherMode.HKS_MODE_GCM, 156 }, 157}; 158 159let HuksDerivePBKDF2 = { 160 HuksKeySIZE: { 161 tag: param.HksTag.HKS_TAG_KEY_SIZE, 162 value: param.HksKeySize.HKS_AES_KEY_SIZE_512, 163 }, 164 HuksKeyAlgPBKDF2: { 165 tag: param.HksTag.HKS_TAG_ALGORITHM, 166 value: param.HksKeyAlg.HKS_ALG_PBKDF2, 167 }, 168 HuksKeyAlgAES: { 169 tag: param.HksTag.HKS_TAG_ALGORITHM, 170 value: param.HksKeyAlg.HKS_ALG_AES, 171 }, 172 HuksKeyPurposePBKDF2: { 173 tag: param.HksTag.HKS_TAG_PURPOSE, 174 value: param.HksKeyPurpose.HKS_KEY_PURPOSE_DERIVE, 175 }, 176 HuksTagPBKDF2DigestSHA256: { 177 tag: param.HksTag.HKS_TAG_DIGEST, 178 value: param.HksKeyDigest.HKS_DIGEST_SHA256, 179 }, 180 HuksTagPBKDF2DigestSHA384: { 181 tag: param.HksTag.HKS_TAG_DIGEST, 182 value: param.HksKeyDigest.HKS_DIGEST_SHA384, 183 }, 184 HuksTagPBKDF2DigestSHA512: { 185 tag: param.HksTag.HKS_TAG_DIGEST, 186 value: param.HksKeyDigest.HKS_DIGEST_SHA512, 187 }, 188 HuksKeyPBKDF2Size128: { 189 tag: param.HksTag.HKS_TAG_KEY_SIZE, 190 value: param.HksKeySize.HKS_AES_KEY_SIZE_128, 191 }, 192 HuksKeyPBKDF2Size192: { 193 tag: param.HksTag.HKS_TAG_KEY_SIZE, 194 value: param.HksKeySize.HKS_AES_KEY_SIZE_192, 195 }, 196 HuksKeyPBKDF2Size256: { 197 tag: param.HksTag.HKS_TAG_KEY_SIZE, 198 value: param.HksKeySize.HKS_AES_KEY_SIZE_256, 199 }, 200 HuksKeyDERIVEKEYSIZE: { 201 tag: param.HksTag.HKS_TAG_DERIVE_KEY_SIZE, 202 value: param.HksKeySize.DERIVE_KEY_SIZE_32, 203 }, 204 205 HuksKeyISKEYALIAS: { tag: param.HksTag.HKS_TAG_IS_KEY_ALIAS, value: true }, 206 HuksKeySTORAGE: { 207 tag: param.HksTag.HKS_TAG_KEY_STORAGE_FLAG, 208 value: param.HksKeyStorageType.HKS_STORAGE_PERSISTENT, 209 }, 210 HuksKeyALGORITHMAES: { 211 tag: param.HksTag.HKS_TAG_ALGORITHM, 212 value: param.HksKeyAlg.HKS_ALG_AES, 213 }, 214 HuksKeyALGORITHMHMAC: { 215 tag: param.HksTag.HKS_TAG_ALGORITHM, 216 value: param.HksKeyAlg.HKS_ALG_HMAC, 217 }, 218 HuksKeySIZE256: { 219 tag: param.HksTag.HKS_TAG_KEY_SIZE, 220 value: param.HksKeySize.HKS_AES_KEY_SIZE_256, 221 }, 222 HuksKeySIZE128: { 223 tag: param.HksTag.HKS_TAG_KEY_SIZE, 224 value: param.HksKeySize.HKS_AES_KEY_SIZE_128, 225 }, 226 HuksKeySIZE192: { 227 tag: param.HksTag.HKS_TAG_KEY_SIZE, 228 value: param.HksKeySize.HKS_AES_KEY_SIZE_192, 229 }, 230 HuksKeyPurposeDERIVE: { 231 tag: param.HksTag.HKS_TAG_PURPOSE, 232 value: param.HksKeyPurpose.HKS_KEY_PURPOSE_DERIVE, 233 }, 234 HuksKeyPurposeMAC: { 235 tag: param.HksTag.HKS_TAG_PURPOSE, 236 value: param.HksKeyPurpose.HKS_KEY_PURPOSE_MAC, 237 }, 238 HuksKeyPurposeENCRYPTDECRYPT: { 239 tag: param.HksTag.HKS_TAG_PURPOSE, 240 value: param.HksKeyPurpose.HKS_KEY_PURPOSE_ENCRYPT | param.HksKeyPurpose.HKS_KEY_PURPOSE_DECRYPT, 241 }, 242 HuksKeyPADDINGNONE: { 243 tag: param.HksTag.HKS_TAG_PADDING, 244 value: param.HksKeyPadding.HKS_PADDING_NONE, 245 }, 246 HuksKeyPADDINGPKCS7: { 247 tag: param.HksTag.HKS_TAG_PADDING, 248 value: param.HksKeyPadding.HKS_PADDING_PKCS7, 249 }, 250 HuksKeyDIGESTNONE: { 251 tag: param.HksTag.HKS_TAG_DIGEST, 252 value: param.HksKeyDigest.HKS_DIGEST_NONE, 253 }, 254 HuksKeyDIGESTSHA1: { 255 tag: param.HksTag.HKS_TAG_DIGEST, 256 value: param.HksKeyDigest.HKS_DIGEST_SHA1, 257 }, 258 HuksKeyDIGESTSHA224: { 259 tag: param.HksTag.HKS_TAG_DIGEST, 260 value: param.HksKeyDigest.HKS_DIGEST_SHA224, 261 }, 262 HuksKeyDIGESTSHA256: { 263 tag: param.HksTag.HKS_TAG_DIGEST, 264 value: param.HksKeyDigest.HKS_DIGEST_SHA256, 265 }, 266 HuksKeyDIGESTSHA384: { 267 tag: param.HksTag.HKS_TAG_DIGEST, 268 value: param.HksKeyDigest.HKS_DIGEST_SHA384, 269 }, 270 HuksKeyDIGESTSHA512: { 271 tag: param.HksTag.HKS_TAG_DIGEST, 272 value: param.HksKeyDigest.HKS_DIGEST_SHA512, 273 }, 274 HuksKeyBLOCKMODECBC: { 275 tag: param.HksTag.HKS_TAG_BLOCK_MODE, 276 value: param.HksCipherMode.HKS_MODE_CBC, 277 }, 278 HuksKeyBLOCKMODECCM: { 279 tag: param.HksTag.HKS_TAG_BLOCK_MODE, 280 value: param.HksCipherMode.HKS_MODE_CCM, 281 }, 282 HuksKeyBLOCKMODEECB: { 283 tag: param.HksTag.HKS_TAG_BLOCK_MODE, 284 value: param.HksCipherMode.HKS_MODE_ECB, 285 }, 286 HuksKeyBLOCKMODECTR: { 287 tag: param.HksTag.HKS_TAG_BLOCK_MODE, 288 value: param.HksCipherMode.HKS_MODE_CTR, 289 }, 290 HuksKeyBLOCKMODEGCM: { 291 tag: param.HksTag.HKS_TAG_BLOCK_MODE, 292 value: param.HksCipherMode.HKS_MODE_GCM, 293 }, 294 HuksKeyPBKDF2Iteration: { 295 tag: huks.HuksTag.HUKS_TAG_ITERATION, 296 value: 1000 297 }, 298 HuksKeyPBKDF2Salt: { 299 tag: huks.HuksTag.HUKS_TAG_SALT, 300 value: salt 301 }, 302}; 303 304export { HuksDeriveHKDF, HuksDerivePBKDF2 }; 305