1 /*
2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #endif
20
21 #include "dcm_attest.h"
22 #include "dcm_attest_utils.h"
23
24 #include <stddef.h>
25 #include <sys/time.h>
26
27 #include "dcm_certs_and_key.h"
28 #include "hks_common_check.h"
29 #include "hks_crypto_adapter.h"
30 #include "hks_crypto_hal.h"
31 #include "hks_keyblob.h"
32 #include "hks_log.h"
33 #include "hks_mem.h"
34 #include "hks_param.h"
35 #include "hks_secure_access.h"
36 #include "hks_template.h"
37 #include "securec.h"
38
39 #define ID_HUKS_BASE 0x2B, 0x06, 0x01, 0x04, 0x01, 0x8F, 0x5B
40 #define ID_HUKS_BASE_SIZE 0x07
41
42 #define ID_HUKS_PRODUCT ID_HUKS_BASE, 0x02
43 #define ID_HUKS_PRODUCT_SIZE (ID_HUKS_BASE_SIZE + 1)
44
45 #define ID_HUKS_PKI ID_HUKS_PRODUCT, 0x82, 0x78
46 #define ID_HUKS_PKI_SIZE (ID_HUKS_PRODUCT_SIZE + 2)
47
48 #define ID_HUKS_PKI_CERT_EXT ID_HUKS_PKI, 0x01
49 #define ID_HUKS_PKI_CERT_EXT_SIZE (ID_HUKS_PKI_SIZE + 1)
50
51 #define ID_HUKS_PKI_DEVICE_SECURITY_LEVEL ID_HUKS_PKI_CERT_EXT, 0x01
52 #define ID_HUKS_PKI_DEVICE_SECURITY_LEVEL_SIZE (ID_HUKS_PKI_CERT_EXT_SIZE + 1)
53
54 #define ID_HUKS_PKI_ATTESTATION ID_HUKS_PKI_CERT_EXT, 0x02
55 #define ID_HUKS_PKI_ATTESTATION_SIZE (ID_HUKS_PKI_CERT_EXT_SIZE + 1)
56
57 #define ID_HUKS_ATTESTATION_BASE ID_HUKS_PKI, 0x02
58 #define ID_HUKS_ATTESTATION_BASE_SIZE (ID_HUKS_PKI_SIZE + 1)
59
60 #define ID_KEY_PROPERTIES ID_HUKS_ATTESTATION_BASE, 0x01
61 #define ID_KEY_PROPERTIES_SIZE (ID_HUKS_ATTESTATION_BASE_SIZE + 1)
62
63 #define ID_SYSTEM_PROPERTIES ID_HUKS_ATTESTATION_BASE, 0x02
64 #define ID_SYSTEM_PROPERTIES_SIZE (ID_HUKS_ATTESTATION_BASE_SIZE + 1)
65
66 #define ID_SYSTEM_PROPERTIY_OS ID_SYSTEM_PROPERTIES, 0x02
67 #define ID_SYSTEM_PROPERTIY_OS_SIZE (ID_SYSTEM_PROPERTIES_SIZE + 1)
68
69 #define ID_SYSTEM_PROPERTIY_OS_VERSION ID_SYSTEM_PROPERTIY_OS, 0x04
70 #define ID_SYSTEM_PROPERTIY_OS_VERSION_SIZE (ID_SYSTEM_PROPERTIY_OS_SIZE + 1)
71 DECLARE_TAG(hksOsVersion, ID_SYSTEM_PROPERTIY_OS_VERSION);
72 DECLARE_OID(hksOsVersion);
73
74 #define ID_SYSTEM_PROPERTIY_OS_SEC_INFO ID_SYSTEM_PROPERTIY_OS, 0x05
75 #define ID_SYSTEM_PROPERTIY_OS_SEC_INFO_SIZE (ID_SYSTEM_PROPERTIY_OS_SIZE + 1)
76 DECLARE_TAG(hksSecInfo, ID_SYSTEM_PROPERTIY_OS_SEC_INFO);
77 DECLARE_OID(hksSecInfo);
78
79 #define ID_PRIVACY_PROPERTIES ID_SYSTEM_PROPERTIES, 0x04
80 #define ID_PRIVACY_PROPERTIES_SIZE (ID_SYSTEM_PROPERTIES_SIZE + 1)
81
82 #define ID_PRIVACY_PROPERTIY_IMEI ID_PRIVACY_PROPERTIES, 0x01
83 #define ID_PRIVACY_PROPERTIY_IMEI_SIZE (ID_PRIVACY_PROPERTIES_SIZE + 1)
84 DECLARE_TAG(hksImei, ID_PRIVACY_PROPERTIY_IMEI);
85 DECLARE_OID(hksImei);
86
87 #define ID_PRIVACY_PROPERTIY_MEID ID_PRIVACY_PROPERTIES, 0x02
88 #define ID_PRIVACY_PROPERTIY_MEID_SIZE (ID_PRIVACY_PROPERTIES_SIZE + 1)
89 DECLARE_TAG(hksMeid, ID_PRIVACY_PROPERTIY_MEID);
90 DECLARE_OID(hksMeid);
91
92 #define ID_PRIVACY_PROPERTIY_SN ID_PRIVACY_PROPERTIES, 0x03
93 #define ID_PRIVACY_PROPERTIY_SN_SIZE (ID_PRIVACY_PROPERTIES_SIZE + 1)
94 DECLARE_TAG(hksSn, ID_PRIVACY_PROPERTIY_SN);
95 DECLARE_OID(hksSn);
96
97 #define ID_PRIVACY_PROPERTIY_BRAND ID_PRIVACY_PROPERTIES, 0x04
98 #define ID_PRIVACY_PROPERTIY_BRAND_SIZE (ID_PRIVACY_PROPERTIES_SIZE + 1)
99 DECLARE_TAG(hksBrand, ID_PRIVACY_PROPERTIY_BRAND);
100 DECLARE_OID(hksBrand);
101
102 #define ID_PRIVACY_PROPERTIY_DEVICE ID_PRIVACY_PROPERTIES, 0x05
103 #define ID_PRIVACY_PROPERTIY_DEVICE_SIZE (ID_PRIVACY_PROPERTIES_SIZE + 1)
104 DECLARE_TAG(hksDevice, ID_PRIVACY_PROPERTIY_DEVICE);
105 DECLARE_OID(hksDevice);
106
107 #define ID_PRIVACY_PROPERTIY_PRODUCT ID_PRIVACY_PROPERTIES, 0x06
108 #define ID_PRIVACY_PROPERTIY_PRODUCT_SIZE (ID_PRIVACY_PROPERTIES_SIZE + 1)
109 DECLARE_TAG(hksProduct, ID_PRIVACY_PROPERTIY_PRODUCT);
110 DECLARE_OID(hksProduct);
111
112 #define ID_PRIVACY_PROPERTIY_MANUFACTURER ID_PRIVACY_PROPERTIES, 0x07
113 #define ID_PRIVACY_PROPERTIY_MANUFACTURER_SIZE (ID_PRIVACY_PROPERTIES_SIZE + 1)
114 DECLARE_TAG(hksManufacturer, ID_PRIVACY_PROPERTIY_MANUFACTURER);
115 DECLARE_OID(hksManufacturer);
116
117 #define ID_PRIVACY_PROPERTIY_MODEL ID_PRIVACY_PROPERTIES, 0x08
118 #define ID_PRIVACY_PROPERTIY_MODEL_SIZE (ID_PRIVACY_PROPERTIES_SIZE + 1)
119 DECLARE_TAG(hksModel, ID_PRIVACY_PROPERTIY_MODEL);
120 DECLARE_OID(hksModel);
121
122 #define ID_PRIVACY_PROPERTIY_SOCID ID_PRIVACY_PROPERTIES, 0x09
123 #define ID_PRIVACY_PROPERTIY_SOCID_SIZE (ID_PRIVACY_PROPERTIES_SIZE + 1)
124 DECLARE_TAG(hksSocId, ID_PRIVACY_PROPERTIY_SOCID);
125 DECLARE_OID(hksSocId);
126
127 #define ID_PRIVACY_PROPERTIY_UDID ID_PRIVACY_PROPERTIES, 0x0A
128 #define ID_PRIVACY_PROPERTIY_UDID_SIZE (ID_PRIVACY_PROPERTIES_SIZE + 1)
129 DECLARE_TAG(hksUdid, ID_PRIVACY_PROPERTIY_UDID);
130 DECLARE_OID(hksUdid);
131
132 #define ID_KEY_PROPERTY_USAGE ID_KEY_PROPERTIES, 0x01
133 #define ID_KEY_PROPERTY_USAGE_SIZE (ID_KEY_PROPERTIES_SIZE + 1)
134 DECLARE_TAG(hksKeyUsage, ID_KEY_PROPERTY_USAGE);
135 DECLARE_OID(hksKeyUsage);
136
137 #if !defined(WS7200_ROUTER) && !defined(ADAPT_OID_TO_PHONE)
138 #define ID_KEY_PROPERTY_KEY_ID ID_KEY_PROPERTIES, 0x02
139 #define ID_KEY_PROPERTY_KEY_ID_SIZE (ID_KEY_PROPERTIES_SIZE + 1)
140 DECLARE_TAG(hksKeyId, ID_KEY_PROPERTY_KEY_ID);
141 DECLARE_OID(hksKeyId);
142
143 #define ID_KEY_PROPERTY_APP_ID ID_KEY_PROPERTIES, 0x03
144 #define ID_KEY_PROPERTY_APP_ID_SIZE (ID_KEY_PROPERTIES_SIZE + 1)
145 DECLARE_TAG(hksApplicationId, ID_KEY_PROPERTY_APP_ID);
146 DECLARE_OID(hksApplicationId);
147
148 #define ID_KEY_PROPERTY_APP_ID_RAW ID_KEY_PROPERTY_APP_ID, 0x01
149 #define ID_KEY_PROPERTY_APP_ID_RAW_SIZE (ID_KEY_PROPERTY_APP_ID_SIZE + 1)
150 DECLARE_TAG(hksApplicationIdRaw, ID_KEY_PROPERTY_APP_ID_RAW);
151 DECLARE_OID(hksApplicationIdRaw);
152
153 #define ID_KEY_PROPERTY_APP_ID_SA ID_KEY_PROPERTY_APP_ID, 0x02
154 #define ID_KEY_PROPERTY_APP_ID_SA_SIZE (ID_KEY_PROPERTY_APP_ID_SIZE + 1)
155 DECLARE_TAG(hksSaId, ID_KEY_PROPERTY_APP_ID_SA);
156 DECLARE_OID(hksSaId);
157
158 #define ID_KEY_PROPERTY_APP_ID_UNIFIED ID_KEY_PROPERTY_APP_ID, 0x03
159 #define ID_KEY_PROPERTY_APP_ID_UNIFIED_SIZE (ID_KEY_PROPERTY_APP_ID_SIZE + 1)
160 DECLARE_TAG(hksUnifiedAppId, ID_KEY_PROPERTY_APP_ID_UNIFIED);
161 DECLARE_OID(hksUnifiedAppId);
162
163 #define ID_KEY_PROPERTY_CHALLENGE ID_KEY_PROPERTIES, 0x04
164 #define ID_KEY_PROPERTY_CHALLENGE_SIZE (ID_KEY_PROPERTIES_SIZE + 1)
165 DECLARE_TAG(hksAttestationChallenge, ID_KEY_PROPERTY_CHALLENGE);
166 DECLARE_OID(hksAttestationChallenge);
167 #endif
168
169 #define ID_KEY_PROPERTY_DIGEST ID_KEY_PROPERTIES, 0x08
170 #define ID_KEY_PROPERTY_DIGEST_SIZE (ID_KEY_PROPERTIES_SIZE + 1)
171 DECLARE_TAG(hksDigest, ID_KEY_PROPERTY_DIGEST);
172 DECLARE_OID(hksDigest);
173
174 #define ID_KEY_PROPERTY_PADDING ID_KEY_PROPERTIES, 0x09
175 #define ID_KEY_PROPERTY_PADDING_SIZE (ID_KEY_PROPERTIES_SIZE + 1)
176 DECLARE_TAG(hksPadding, ID_KEY_PROPERTY_PADDING);
177 DECLARE_OID(hksPadding);
178
179 #define ID_KEY_PROPERTY_SIGN_TYPE ID_KEY_PROPERTIES, 0x0b
180 #define ID_KEY_PROPERTY_SIGN_TYPE_SIZE (ID_KEY_PROPERTIES_SIZE + 1)
181 DECLARE_TAG(hksSignType, ID_KEY_PROPERTY_SIGN_TYPE);
182 DECLARE_OID(hksSignType);
183
184 #define ID_KEY_PROPERTY_KEY_FLAG ID_KEY_PROPERTIES, 0x05
185 #define ID_KEY_PROPERTY_KEY_FLAG_SIZE (ID_KEY_PROPERTIES_SIZE + 1)
186 DECLARE_TAG(hkskeyFlag, ID_KEY_PROPERTY_KEY_FLAG);
187 DECLARE_OID(hkskeyFlag);
188
189 #define ID_HUKS_PKI_OID ID_HUKS_PKI, 0x01
190 #define ID_HUKS_PKI_OID_SIZE (ID_HUKS_PKI_SIZE + 1)
191
192 #define ID_HUKS_ATTESTATION_EXTENSION ID_HUKS_PKI_OID, 0x03
193 #define ID_HUKS_ATTESTATION_EXTENSION_SIZE (ID_HUKS_PKI_OID_SIZE + 1)
194 DECLARE_TAG(hksAttestationExtension, ID_HUKS_ATTESTATION_EXTENSION);
195 DECLARE_OID(hksAttestationExtension);
196
197 #define ID_KEY_PROPERTY_GROUPS ID_HUKS_ATTESTATION_BASE, 0x04
198 #define ID_KEY_PROPERTY_GROUPS_SIZE (ID_HUKS_ATTESTATION_BASE_SIZE + 1)
199
200 #define ID_KEY_PROPERTY_GROUP_SIG ID_KEY_PROPERTY_GROUPS, 0x01
201 #define ID_KEY_PROPERTY_GROUP_SIG_SIZE (ID_KEY_PROPERTY_GROUPS_SIZE + 1)
202
203 #define ID_KEY_PROPERTY_GROUP_SIG_RSA ID_KEY_PROPERTY_GROUP_SIG, 0x01
204 #define ID_KEY_PROPERTY_GROUP_SIG_RSA_SIZE (ID_KEY_PROPERTY_GROUP_SIG_SIZE + 1)
205
206 #define ID_KEY_PROPERTY_GROUP_SIG_RSA_PKCS1_SHA256 ID_KEY_PROPERTY_GROUP_SIG, 0x02
207 #define ID_KEY_PROPERTY_GROUP_SIG_RSA_PKCS1_SHA256_SIZE (ID_KEY_PROPERTY_GROUP_SIG_SIZE + 1)
208
209 #define ID_KEY_PROPERTY_GROUP_SIG_RSA_PSS_MGF1_SHA256 ID_KEY_PROPERTY_GROUP_SIG, 0x03
210 #define ID_KEY_PROPERTY_GROUP_SIG_RSA_PSS_MGF1_SHA256_SIZE (ID_KEY_PROPERTY_GROUP_SIG_SIZE + 1)
211 DECLARE_TAG(hksGroupSigRsaPssMgf1Sha256, ID_KEY_PROPERTY_GROUP_SIG_RSA_PSS_MGF1_SHA256);
212 DECLARE_OID(hksGroupSigRsaPssMgf1Sha256);
213
214 #define ID_KEY_PROPERTY_GROUP_SIG_EDDSA ID_KEY_PROPERTY_GROUP_SIG, 0x04
215 #define ID_KEY_PROPERTY_GROUP_SIG_EDDSA_SIZE (ID_KEY_PROPERTY_GROUP_SIG_SIZE + 1)
216
217 #define ID_KEY_PROPERTY_GROUP_SIG_ECDSA_SHA256 ID_KEY_PROPERTY_GROUP_SIG, 0x05
218 #define ID_KEY_PROPERTY_GROUP_SIG_ECDSA_SHA256_SIZE (ID_KEY_PROPERTY_GROUP_SIG_SIZE + 1)
219 DECLARE_TAG(hksGroupSigEcdsaSha256, ID_KEY_PROPERTY_GROUP_SIG_ECDSA_SHA256);
220 DECLARE_OID(hksGroupSigEcdsaSha256);
221
222 #define ID_KEY_PROPERTY_GROUP_SIG_SM2 ID_KEY_PROPERTY_GROUP_SIG, 0x06
223 #define ID_KEY_PROPERTY_GROUP_SIG_SM2_SIZE (ID_KEY_PROPERTY_GROUP_SIG_SIZE + 1)
224
225 #define ID_KEY_PROPERTY_GROUP_SIG_SM2_SM3 ID_KEY_PROPERTY_GROUP_SIG, 0x05
226 #define ID_KEY_PROPERTY_GROUP_SIG_SM2_SM3_SIZE (ID_KEY_PROPERTY_GROUP_SIG_SIZE + 1)
227 DECLARE_TAG(hksGroupSigSm2Sm3, ID_KEY_PROPERTY_GROUP_SIG_SM2_SM3);
228 DECLARE_OID(hksGroupSigSm2Sm3);
229
230 #define ID_KEY_PROPERTY_GROUP_ENC ID_KEY_PROPERTY_GROUPS, 0x02
231 #define ID_KEY_PROPERTY_GROUP_ENC_SIZE (ID_KEY_PROPERTY_GROUPS_SIZE + 1)
232
233 #define ID_KEY_PROPERTY_GROUP_ENC_RSA_PKCS1 ID_KEY_PROPERTY_GROUP_ENC, 0x01
234 #define ID_KEY_PROPERTY_GROUP_ENC_RSA_PKCS1_SIZE (ID_KEY_PROPERTY_GROUP_ENC_SIZE + 1)
235
236 #define ID_KEY_PROPERTY_GROUP_ENC_RSA_OAEP ID_KEY_PROPERTY_GROUP_ENC, 0x02
237 #define ID_KEY_PROPERTY_GROUP_ENC_RSA_OAEP_SIZE (ID_KEY_PROPERTY_GROUP_ENC_SIZE + 1)
238 DECLARE_TAG(hksGroupEncRsaOaep, ID_KEY_PROPERTY_GROUP_ENC_RSA_OAEP);
239 DECLARE_OID(hksGroupEncRsaOaep);
240
241 #define ID_KEY_PROPERTY_GROUP_ENC_RSA_OAEP_MGF1_SHA256 ID_KEY_PROPERTY_GROUP_ENC, 0x03
242 #define ID_KEY_PROPERTY_GROUP_ENC_RSA_OAEP_MGF1_SHA256_SIZE (ID_KEY_PROPERTY_GROUP_ENC_SIZE + 1)
243 DECLARE_TAG(hksGroupEncRsaOaepMgf1Sha256, ID_KEY_PROPERTY_GROUP_ENC_RSA_OAEP_MGF1_SHA256);
244 DECLARE_OID(hksGroupEncRsaOaepMgf1Sha256);
245
246 #define ID_KEY_PROPERTY_GROUP_KEY_AGREEMENT ID_KEY_PROPERTY_GROUPS, 0x03
247 #define ID_KEY_PROPERTY_GROUP_KEY_AGREEMENT_SIZE (ID_KEY_PROPERTY_GROUPS_SIZE + 1)
248
249 #define ID_KEY_PROPERTY_GROUP_KEY_AGREEMENT_HKDF_SHA256 ID_KEY_PROPERTY_GROUP_KEY_AGREEMENT, 0x01
250 #define ID_KEY_PROPERTY_GROUP_KEY_AGREEMENT_HKDF_SHA256_SIZE (ID_KEY_PROPERTY_GROUP_KEY_AGREEMENT_SIZE + 1)
251
252 static uint8_t g_rsaSha256Tag[] = { 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B };
253 DECLARE_OID(g_rsaSha256);
254
255 static uint8_t g_ecdsaSha256Tag[] = { 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02 };
256 DECLARE_OID(g_ecdsaSha256);
257
258 static uint8_t g_sm2Tag[] = {0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82, 0x2D};
259 DECLARE_OID(g_sm2);
260
261 static const uint8_t g_attestTbsRsa[] = {
262 0x30, 0x82, 0x01, 0xc7, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0b, 0x06, 0x09,
263 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x30, 0x1d, 0x31, 0x1b, 0x30, 0x19, 0x06,
264 0x03, 0x55, 0x04, 0x03, 0x13, 0x12, 0x48, 0x75, 0x61, 0x77, 0x65, 0x69, 0x20, 0x4b, 0x65, 0x79,
265 0x53, 0x74, 0x6f, 0x72, 0x65, 0x20, 0x20, 0x20, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x36,
266 0x30, 0x34, 0x31, 0x38, 0x32, 0x38, 0x34, 0x34, 0x5a, 0x17, 0x0d, 0x32, 0x36, 0x30, 0x36, 0x30,
267 0x34, 0x31, 0x38, 0x32, 0x38, 0x34, 0x34, 0x5a, 0x30, 0x1a, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03,
268 0x55, 0x04, 0x03, 0x13, 0x0f, 0x41, 0x20, 0x4b, 0x65, 0x79, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72,
269 0x20, 0x4b, 0x65, 0x79, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
270 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a,
271 0x02, 0x82, 0x01, 0x01, 0x00, 0xe8, 0xd8, 0xf9, 0x14, 0x5f, 0x88, 0xf7, 0x36, 0x63, 0xcb, 0x28,
272 0x0c, 0x18, 0xf7, 0xc7, 0x3f, 0x0d, 0xa0, 0x73, 0x9a, 0x9c, 0xe0, 0x3c, 0xc6, 0x79, 0x5a, 0xd4,
273 0xa3, 0xd7, 0x72, 0x2f, 0x46, 0x42, 0xe1, 0x3b, 0xc1, 0xc8, 0xf3, 0xbc, 0x51, 0xd3, 0x5d, 0x8d,
274 0xc4, 0x18, 0x03, 0x92, 0x26, 0x5a, 0xd7, 0x92, 0xbb, 0x1e, 0x4f, 0xc0, 0x71, 0x51, 0x75, 0xc2,
275 0x41, 0x31, 0xb9, 0xd2, 0xc7, 0xf2, 0x9c, 0x03, 0x6c, 0xff, 0x77, 0x75, 0x17, 0x82, 0x5b, 0x3c,
276 0x05, 0x0d, 0x1c, 0x82, 0x1c, 0xa3, 0xd5, 0x25, 0xd9, 0x31, 0x0f, 0x2d, 0x2b, 0xf1, 0x82, 0xd2,
277 0x2a, 0x0a, 0xdc, 0xe1, 0x0c, 0xcc, 0x8b, 0xc1, 0xd1, 0x9e, 0x20, 0xaf, 0x00, 0x2a, 0xcb, 0x7a,
278 0x3c, 0xcb, 0x8f, 0x6d, 0xb0, 0x52, 0xc3, 0x3b, 0x17, 0x85, 0x56, 0xe7, 0x45, 0xb6, 0x1e, 0x3a,
279 0x42, 0xb9, 0x38, 0xdb, 0xf7, 0x7b, 0x0f, 0x73, 0x37, 0x1b, 0xf4, 0x20, 0xcb, 0x85, 0xbf, 0xdc,
280 0xb4, 0x2f, 0x3d, 0x77, 0x27, 0x31, 0x53, 0x31, 0xb4, 0x71, 0x72, 0x3a, 0x47, 0xcd, 0x98, 0xcf,
281 0xf0, 0x34, 0x5d, 0x90, 0x1d, 0x71, 0xba, 0x19, 0x7d, 0xf6, 0xe9, 0xdc, 0xe6, 0xf9, 0x67, 0xf4,
282 0x1c, 0x93, 0x7d, 0x10, 0xfd, 0x3a, 0x58, 0x71, 0xc2, 0xf5, 0x3d, 0x45, 0xca, 0xcf, 0xf9, 0x1b,
283 0x6c, 0x27, 0x79, 0x5f, 0xcd, 0xf2, 0x4f, 0xa7, 0xa2, 0x91, 0x9f, 0xd1, 0x8b, 0xbb, 0x3b, 0x4c,
284 0x36, 0x40, 0x2e, 0x73, 0xf6, 0xd9, 0xb8, 0xdf, 0x21, 0x6e, 0xcd, 0xae, 0x6b, 0x43, 0xb2, 0x99,
285 0xea, 0x9e, 0xdd, 0x3d, 0x4c, 0xc8, 0x0a, 0xf4, 0x5a, 0xaa, 0x66, 0x24, 0x98, 0xce, 0xfd, 0xb1,
286 0xfb, 0x16, 0x94, 0xd8, 0x87, 0xa2, 0x08, 0xc4, 0x55, 0x95, 0xf5, 0x95, 0xcd, 0x75, 0x03, 0xc9,
287 0x99, 0x8a, 0x84, 0xe4, 0x57, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x2f, 0x30, 0x2d, 0x30, 0x0b,
288 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x07, 0x80, 0x30, 0x08, 0x06, 0x03, 0x55,
289 0x1d, 0x1f, 0x04, 0x01, 0x00, 0x30, 0x14, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79,
290 0x02, 0x01, 0x11, 0x04, 0x06, 0x30, 0x04, 0x04, 0x02, 0x0b, 0x0c
291 };
292
293 static const uint8_t g_attestTbs[] = {
294 0x30, 0x81, 0xf6, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0a, 0x06, 0x08, 0x2a,
295 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x1d, 0x31, 0x1b, 0x30, 0x19, 0x06, 0x03, 0x55,
296 0x04, 0x03, 0x13, 0x12, 0x41, 0x6e, 0x64, 0x72, 0x6f, 0x69, 0x64, 0x20, 0x4b, 0x65, 0x79, 0x6d,
297 0x61, 0x73, 0x74, 0x65, 0x72, 0x32, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x36, 0x30, 0x36, 0x30, 0x31,
298 0x31, 0x32, 0x31, 0x37, 0x32, 0x31, 0x5a, 0x17, 0x0d, 0x32, 0x36, 0x30, 0x36, 0x30, 0x31, 0x31,
299 0x32, 0x31, 0x37, 0x32, 0x31, 0x5a, 0x30, 0x1a, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04,
300 0x03, 0x13, 0x0f, 0x41, 0x20, 0x4b, 0x65, 0x79, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x20, 0x4b,
301 0x65, 0x79, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06,
302 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xb0, 0x51, 0x4c,
303 0x4c, 0x13, 0x54, 0x0f, 0x23, 0x97, 0xf5, 0x47, 0x19, 0xf3, 0x33, 0x2e, 0x7e, 0xf3, 0x8e, 0x42,
304 0xad, 0x9d, 0xc0, 0x8b, 0x71, 0xe6, 0x60, 0xce, 0x16, 0xb9, 0xe8, 0x8d, 0x09, 0x4e, 0x7f, 0x3a,
305 0xdc, 0x88, 0x8e, 0x94, 0x4d, 0x45, 0xd5, 0xe4, 0x59, 0x4e, 0x3f, 0xbe, 0x28, 0x91, 0x80, 0xbb,
306 0x1c, 0xd7, 0xfc, 0x55, 0xd1, 0xb5, 0xc7, 0xcb, 0x50, 0x1c, 0x09, 0xca, 0x50, 0xa3, 0x2a, 0x30,
307 0x28, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x07, 0x80, 0x30, 0x07,
308 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04, 0x00, 0x30, 0x10, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01,
309 0xd6, 0x79, 0x02, 0x01, 0x11, 0x04, 0x02, 0x30, 0x00
310 };
311
312 static const uint8_t g_attestExtTmpl[] = {
313 0x30, 0x2c, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x07,
314 0x80, 0x30, 0x08, 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04, 0x01, 0x00, 0x30, 0x13, 0x06, 0x0a, 0x2b,
315 0x06, 0x01, 0x04, 0x01, 0xd6, 0x79, 0x02, 0x01, 0x11, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff
316 };
317
318 static const uint32_t g_monthLengths[2][MONS_PER_YEAR] = {
319 { 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 },
320 { 31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 }
321 };
322
323 static const uint32_t g_yearLengths[2] = {
324 HKS_YEAR_DAYS, HKS_LEAP_YEAR_DAYS
325 };
326
327 static enum HksTag g_idAttestList[] = {
328 HKS_TAG_ATTESTATION_ID_BRAND,
329 HKS_TAG_ATTESTATION_ID_DEVICE,
330 HKS_TAG_ATTESTATION_ID_PRODUCT,
331 HKS_TAG_ATTESTATION_ID_SERIAL,
332 HKS_TAG_ATTESTATION_ID_IMEI,
333 HKS_TAG_ATTESTATION_ID_MEID,
334 HKS_TAG_ATTESTATION_ID_MANUFACTURER,
335 HKS_TAG_ATTESTATION_ID_MODEL,
336 HKS_TAG_ATTESTATION_ID_SOCID,
337 HKS_TAG_ATTESTATION_ID_UDID,
338 HKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO,
339 HKS_TAG_ATTESTATION_ID_VERSION_INFO,
340 };
341
GetYearIndex(uint32_t year)342 static inline uint32_t GetYearIndex(uint32_t year)
343 {
344 if ((year % 4 == 0) && ((year % 100 != 0) || (year % 400 == 0))) { /* 4/100/400 check whether it is a leap year */
345 return 1;
346 } else {
347 return 0;
348 }
349 }
350
GetLeapDays(uint32_t year)351 static inline uint32_t GetLeapDays(uint32_t year)
352 {
353 return ((year / 4) - (year / 100) + (year / 400)); /* 4/100/400 check whether it is a leap year */
354 }
355
IsSignPurpose(enum HksKeyPurpose purpose)356 static inline bool IsSignPurpose(enum HksKeyPurpose purpose)
357 {
358 return ((((uint32_t)purpose & HKS_KEY_PURPOSE_SIGN) == HKS_KEY_PURPOSE_SIGN) ||
359 (((uint32_t)purpose & HKS_KEY_PURPOSE_VERIFY) == HKS_KEY_PURPOSE_VERIFY));
360 }
361
IsCipherPurpose(enum HksKeyPurpose purpose)362 static inline bool IsCipherPurpose(enum HksKeyPurpose purpose)
363 {
364 return ((((uint32_t)purpose & HKS_KEY_PURPOSE_ENCRYPT) == HKS_KEY_PURPOSE_ENCRYPT) ||
365 (((uint32_t)purpose & HKS_KEY_PURPOSE_DECRYPT) == HKS_KEY_PURPOSE_DECRYPT) ||
366 (((uint32_t)purpose & HKS_KEY_PURPOSE_WRAP) == HKS_KEY_PURPOSE_WRAP) ||
367 (((uint32_t)purpose & HKS_KEY_PURPOSE_UNWRAP) == HKS_KEY_PURPOSE_UNWRAP));
368 }
369
IsAgreementPurpose(enum HksKeyPurpose purpose)370 static inline bool IsAgreementPurpose(enum HksKeyPurpose purpose)
371 {
372 return ((((uint32_t)purpose & HKS_KEY_PURPOSE_DERIVE) == HKS_KEY_PURPOSE_DERIVE) ||
373 (((uint32_t)purpose & HKS_KEY_PURPOSE_AGREE) == HKS_KEY_PURPOSE_AGREE));
374 }
375
GetTimeStampTee(uint8_t * timeStamp,const struct DataTime * time)376 static void GetTimeStampTee(uint8_t *timeStamp, const struct DataTime *time)
377 {
378 int i = 0;
379 uint32_t year = time->year - ((time->year / HKS_DECIMAL_HUNDRED) * HKS_DECIMAL_HUNDRED);
380 timeStamp[i++] = (year / HKS_DECIMAL_TEN) + '0';
381 timeStamp[i++] = (year % HKS_DECIMAL_TEN) + '0';
382 timeStamp[i++] = (time->month / HKS_DECIMAL_TEN) + '0';
383 timeStamp[i++] = (time->month % HKS_DECIMAL_TEN) + '0';
384 timeStamp[i++] = (time->day / HKS_DECIMAL_TEN) + '0';
385 timeStamp[i++] = (time->day % HKS_DECIMAL_TEN) + '0';
386 timeStamp[i++] = (time->hour / HKS_DECIMAL_TEN) + '0';
387 timeStamp[i++] = (time->hour % HKS_DECIMAL_TEN) + '0';
388 timeStamp[i++] = (time->min / HKS_DECIMAL_TEN) + '0';
389 timeStamp[i++] = (time->min % HKS_DECIMAL_TEN) + '0';
390 timeStamp[i++] = (time->seconds / HKS_DECIMAL_TEN) + '0';
391 timeStamp[i++] = (time->seconds % HKS_DECIMAL_TEN) + '0';
392 timeStamp[i++] = 'Z';
393 }
394
GenerateSysDateTime(const uint32_t rtcTime,struct DataTime * time)395 static void GenerateSysDateTime(const uint32_t rtcTime, struct DataTime *time)
396 {
397 uint32_t seconds = rtcTime;
398 uint32_t tDays = seconds / HKS_SECOND_TO_DAY;
399 uint32_t remainSec = seconds - tDays * HKS_SECOND_TO_DAY;
400 uint32_t year = EPOCH_YEAR;
401 const uint32_t *ip = NULL;
402
403 while (tDays >= g_yearLengths[GetYearIndex(year)]) {
404 uint32_t carryOver = tDays / HKS_LEAP_YEAR_DAYS;
405 if (carryOver == 0) {
406 carryOver = 1;
407 }
408 uint32_t newYear = year + carryOver;
409 uint32_t leapDays = GetLeapDays(newYear - 1) - GetLeapDays(year - 1);
410 tDays -= (newYear - year) * HKS_YEAR_DAYS;
411 tDays -= leapDays;
412 year = newYear;
413 }
414
415 uint32_t iDays = tDays;
416 time->year = year;
417 time->hour = remainSec / HKS_SECOND_TO_HOUR;
418 remainSec %= HKS_SECOND_TO_HOUR;
419 time->min = remainSec / HKS_SECOND_TO_MINUTE;
420 time->seconds = remainSec % HKS_SECOND_TO_MINUTE;
421 ip = g_monthLengths[GetYearIndex(year)];
422 for (time->month = 0; iDays >= ip[time->month]; ++(time->month)) {
423 iDays -= ip[time->month];
424 }
425 ++time->month;
426 time->day = iDays + 1;
427 }
428
AddYears(uint8_t * end,const uint8_t * start,uint32_t years)429 static void AddYears(uint8_t *end, const uint8_t *start, uint32_t years)
430 {
431 if (memmove_s(end, UTCTIME_LEN, start, UTCTIME_LEN) != EOK) {
432 HKS_LOG_E("memmove_s failed.");
433 return;
434 }
435 uint32_t tens = start[0] - '0';
436 uint32_t units = start[1] - '0';
437 units += years;
438 tens += units / 10; /* 10 is base */
439 units %= 10; /* 10 is base */
440 end[0] = tens + '0';
441 end[1] = units + '0';
442 }
443
SetAttestCertValid(struct ValidPeriod * valid)444 static void SetAttestCertValid(struct ValidPeriod *valid)
445 {
446 uint64_t activeDateTime;
447 struct timeval curTime = {0};
448
449 int ret = gettimeofday(&curTime, NULL);
450 if (ret < 0) {
451 HKS_LOG_E("Unable to get system UTC time stamp\n");
452 return;
453 }
454
455 uint64_t curTimeValue = (uint64_t)curTime.tv_sec;
456 curTimeValue = curTimeValue * SECOND_TO_MILLI + ((uint64_t)curTime.tv_usec) / SECOND_TO_MILLI;
457 activeDateTime = curTimeValue;
458
459 struct DataTime notBefore = {0};
460 uint64_t tmpSec = (activeDateTime >> 10); /* 10 is uesed for uint64 dividing 1000 in 32 bit system. */
461 tmpSec = tmpSec + ((3 * tmpSec) >> 7) + ((9 * tmpSec) >> 14); /* 3/7/9/14 are same with 10 */
462 tmpSec = tmpSec + (uint32_t)(activeDateTime - tmpSec * SECOND_TO_MILLI) / SECOND_TO_MILLI;
463 GenerateSysDateTime((uint32_t)tmpSec, ¬Before);
464 HKS_LOG_I("notBefore:"
465 "%" LOG_PUBLIC "u%" LOG_PUBLIC "u%" LOG_PUBLIC "u %" LOG_PUBLIC "u:%" LOG_PUBLIC "u:%" LOG_PUBLIC "uZ\n",
466 notBefore.year, notBefore.month, notBefore.day, notBefore.hour, notBefore.min, notBefore.seconds);
467 GetTimeStampTee(valid->start, ¬Before);
468
469 HKS_LOG_I("set expired date to default.\n");
470 AddYears(valid->end, valid->start, 10); /* default set to 10 years after current time */
471 }
472
IsValidTlv(const struct HksAsn1Obj obj)473 static int32_t IsValidTlv(const struct HksAsn1Obj obj)
474 {
475 uint32_t length = 0;
476 if ((obj.value.data != NULL) && (obj.header.data != NULL)) {
477 length = obj.value.size + obj.header.size;
478 } else {
479 HKS_LOG_E("value or header is NULL");
480 return HKS_ERROR_INVALID_ARGUMENT;
481 }
482 if (length < ASN_1_MIN_HEADER_LEN) {
483 HKS_LOG_E("len %" LOG_PUBLIC "u < %" LOG_PUBLIC "u.", length, ASN_1_MIN_HEADER_LEN);
484 return HKS_ERROR_INVALID_ARGUMENT;
485 }
486 return HKS_SUCCESS;
487 }
488
IsValidAttestTbs(struct HksAttestTbsSpec * tbsSpec)489 static int32_t IsValidAttestTbs(struct HksAttestTbsSpec *tbsSpec)
490 {
491 if (IsValidTlv(tbsSpec->version)) {
492 HKS_LOG_E("invalid version.\n");
493 return HKS_ERROR_INVALID_ARGUMENT;
494 }
495 if (IsValidTlv(tbsSpec->serial)) {
496 HKS_LOG_E("invalid serial.\n");
497 return HKS_ERROR_INVALID_ARGUMENT;
498 }
499 if (IsValidTlv(tbsSpec->signature)) {
500 HKS_LOG_E("invalid signature.\n");
501 return HKS_ERROR_INVALID_ARGUMENT;
502 }
503 if (IsValidTlv(tbsSpec->issuer)) {
504 HKS_LOG_E("invalid issuer.\n");
505 return HKS_ERROR_INVALID_ARGUMENT;
506 }
507 if (IsValidTlv(tbsSpec->validity)) {
508 HKS_LOG_E("invalid validity.\n");
509 return HKS_ERROR_INVALID_ARGUMENT;
510 }
511 if (IsValidTlv(tbsSpec->subject)) {
512 HKS_LOG_E("invalid subject.\n");
513 return HKS_ERROR_INVALID_ARGUMENT;
514 }
515 if (IsValidTlv(tbsSpec->spki)) {
516 HKS_LOG_E("invalid spki.\n");
517 return HKS_ERROR_INVALID_ARGUMENT;
518 }
519 if (IsValidTlv(tbsSpec->extensions)) {
520 HKS_LOG_E("invalid extensions.\n");
521 return HKS_ERROR_INVALID_ARGUMENT;
522 }
523 return HKS_SUCCESS;
524 }
525
IsValidAttestCert(struct HksAttestCert * cert)526 static int32_t IsValidAttestCert(struct HksAttestCert *cert)
527 {
528 if (IsValidAttestTbs(&cert->tbs)) {
529 HKS_LOG_E("invalid AttestTbs.\n");
530 return HKS_ERROR_INVALID_ARGUMENT;
531 }
532 if (IsValidTlv(cert->signAlg)) {
533 HKS_LOG_E("invalid signAlg.\n");
534 return HKS_ERROR_INVALID_ARGUMENT;
535 }
536 if (IsValidTlv(cert->signature)) {
537 HKS_LOG_E("invalid signature.\n");
538 return HKS_ERROR_INVALID_ARGUMENT;
539 }
540 if ((cert->signAlg.value.size != cert->tbs.signature.value.size) ||
541 (HksMemCmp(cert->signAlg.value.data, cert->tbs.signature.value.data, cert->signAlg.value.size) != 0)) {
542 HKS_LOG_E("algorithm identifiers not match.\n");
543 return HKS_ERROR_INVALID_ARGUMENT;
544 }
545 return HKS_SUCCESS;
546 }
547
ParseAttestTbs(const struct HksBlob * template,struct HksAttestTbsSpec * tbsSpec)548 static void ParseAttestTbs(const struct HksBlob *template, struct HksAttestTbsSpec *tbsSpec)
549 {
550 struct HksAsn1Obj obj = {{0}};
551 struct HksBlob skip = { 0, NULL };
552 int32_t ret = DcmAsn1ExtractTag(&skip, &obj, template, ASN_1_TAG_TYPE_SEQ);
553 struct HksBlob val = { obj.value.size, obj.value.data };
554
555 ret += DcmAsn1ExtractTag(&val, &tbsSpec->version, &val, ASN_1_TAG_TYPE_CTX_SPEC0);
556 ret += DcmAsn1ExtractTag(&val, &tbsSpec->serial, &val, ASN_1_TAG_TYPE_INT);
557 ret += DcmAsn1ExtractTag(&val, &tbsSpec->signature, &val, ASN_1_TAG_TYPE_SEQ);
558 ret += DcmAsn1ExtractTag(&val, &tbsSpec->issuer, &val, ASN_1_TAG_TYPE_SEQ);
559 ret += DcmAsn1ExtractTag(&val, &tbsSpec->validity, &val, ASN_1_TAG_TYPE_SEQ);
560 ret += DcmAsn1ExtractTag(&val, &tbsSpec->subject, &val, ASN_1_TAG_TYPE_SEQ);
561 ret += DcmAsn1ExtractTag(&val, &tbsSpec->spki, &val, ASN_1_TAG_TYPE_SEQ);
562 ret += DcmAsn1ExtractTag(&val, &tbsSpec->extensions, &val, ASN_1_TAG_TYPE_CTX_SPEC3);
563 ret += IsValidAttestTbs(tbsSpec);
564 HKS_IF_NOT_SUCC_LOGE(ret, "invalid tbs.\n")
565 }
566
ParseAttestCert(const struct HksBlob * devCert,struct HksAttestCert * cert)567 static void ParseAttestCert(const struct HksBlob *devCert, struct HksAttestCert *cert)
568 {
569 struct HksAsn1Obj obj = {{0}};
570 struct HksBlob next = { 0, NULL };
571
572 int32_t ret = DcmAsn1ExtractTag(&next, &obj, devCert, ASN_1_TAG_TYPE_SEQ);
573 struct HksBlob val = { obj.value.size, obj.value.data };
574 ParseAttestTbs(&val, &cert->tbs);
575 struct HksAsn1Obj skip = {{0}};
576 ret += DcmAsn1ExtractTag(&val, &skip, &val, ASN_1_TAG_TYPE_SEQ);
577 ret += DcmAsn1ExtractTag(&val, &cert->signAlg, &val, ASN_1_TAG_TYPE_SEQ);
578 ret += DcmAsn1ExtractTag(&val, &cert->signature, &val, ASN_1_TAG_TYPE_BIT_STR);
579
580 ret += IsValidAttestCert(cert);
581 HKS_IF_NOT_SUCC_LOGE(ret, "invalid dev cert.\n")
582 }
583
ParseAttestExtension(const struct HksBlob * data,struct HksAttestExt * ext)584 static void ParseAttestExtension(const struct HksBlob *data, struct HksAttestExt *ext)
585 {
586 struct HksBlob val = *data;
587 int32_t ret = DcmAsn1ExtractTag(&val, &ext->seq, &val, ASN_1_TAG_TYPE_SEQ);
588 val.data = ext->seq.value.data;
589 val.size = ext->seq.value.size;
590
591 ret += DcmAsn1ExtractTag(&val, &ext->keyUsage, &val, ASN_1_TAG_TYPE_SEQ);
592 ret += DcmAsn1ExtractTag(&val, &ext->crl, &val, ASN_1_TAG_TYPE_SEQ);
593 ret += DcmAsn1ExtractTag(&val, &ext->claims, &val, ASN_1_TAG_TYPE_SEQ);
594 HKS_IF_NOT_SUCC_LOGE(ret, "invalid extension.\n")
595 }
596
EncodeUtcTime(const uint8_t * time,uint8_t * buf)597 static uint32_t EncodeUtcTime(const uint8_t *time, uint8_t *buf)
598 {
599 uint8_t *tmp = buf;
600 tmp[0] = (uint8_t)ASN_1_TAG_TYPE_UTC_TIME;
601 tmp++;
602 tmp[0] = (uint8_t)UTCTIME_LEN;
603 tmp++;
604 (void)memcpy_s(tmp, UTCTIME_LEN, time, UTCTIME_LEN);
605 tmp += UTCTIME_LEN;
606 return tmp - buf;
607 }
608
EncodeValidity(const struct ValidPeriod * validity,struct HksBlob * out)609 static void EncodeValidity(const struct ValidPeriod *validity, struct HksBlob *out)
610 {
611 uint8_t *start = out->data + ASN_1_MAX_HEADER_LEN;
612 uint8_t *p = start;
613 p += EncodeUtcTime(validity->start, p);
614 p += EncodeUtcTime(validity->end, p);
615
616 struct HksAsn1Blob insertValid = { ASN_1_TAG_TYPE_SEQ, (p - start), start };
617 int32_t ret = DcmAsn1WriteFinal(out, &insertValid);
618 HKS_IF_NOT_SUCC_LOGE(ret, "encode validity fail.\n")
619 }
620
EncodeKeyUsageBits(const uint32_t usage,uint8_t * bits)621 static uint8_t EncodeKeyUsageBits(const uint32_t usage, uint8_t *bits)
622 {
623 uint8_t v = 0;
624 uint8_t unused = 8; /* one byte haa 8 bits, so init to 8 */
625 if (IsSignPurpose((enum HksKeyPurpose)usage)) {
626 v |= 0x80;
627 unused = 7; /* 7 bits are unused */
628 }
629 if (IsCipherPurpose((enum HksKeyPurpose)usage)) {
630 v |= 0x20;
631 unused = 5; /* 5 bits are unused */
632 }
633 if (IsAgreementPurpose((enum HksKeyPurpose)usage)) {
634 v |= 0x08;
635 unused = 3; /* 3 bits are unused */
636 }
637 *bits = v;
638 return unused;
639 }
640
EncodeClaims(const struct HksBlob * oid,const struct HksBlob * claim,struct HksBlob * seq)641 static int32_t EncodeClaims(const struct HksBlob *oid, const struct HksBlob *claim, struct HksBlob *seq)
642 {
643 if (memcpy_s(seq->data, seq->size, oid->data, oid->size) != EOK) {
644 HKS_LOG_E("copy claim oid failed!");
645 return HKS_ERROR_INSUFFICIENT_MEMORY;
646 }
647 uint32_t size = oid->size;
648 struct HksBlob tmp = *seq;
649 tmp.data += size;
650 tmp.size -= size;
651
652 struct HksAsn1Blob value = { ASN_1_TAG_TYPE_OCT_STR, claim->size, claim->data };
653 int32_t ret = DcmAsn1WriteFinal(&tmp, &value);
654 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "write claim oct str failed!")
655
656 size += tmp.size;
657
658 value.type = ASN_1_TAG_TYPE_SEQ;
659 value.data = seq->data;
660 value.size = size;
661 return DcmAsn1WriteFinal(seq, &value);
662 }
663
CreateAttestExtension(const struct HksAttestSpec * attestSpec,struct HksBlob * extension)664 static int32_t CreateAttestExtension(const struct HksAttestSpec *attestSpec, struct HksBlob *extension)
665 {
666 struct HksAttestExt tmplExt;
667 (void)memset_s(&tmplExt, sizeof(struct HksAttestExt), 0, sizeof(struct HksAttestExt));
668 struct HksBlob extensionTmpl = { sizeof(g_attestExtTmpl), (uint8_t *)g_attestExtTmpl };
669 ParseAttestExtension(&extensionTmpl, &tmplExt);
670 if (memcpy_s(extension->data, extension->size, extensionTmpl.data, extensionTmpl.size) != EOK) {
671 HKS_LOG_E("copy extension failed!");
672 return HKS_ERROR_INSUFFICIENT_MEMORY;
673 }
674
675 uint8_t usage = 0;
676 uint8_t unusedBits = EncodeKeyUsageBits(attestSpec->usageSpec.purpose, &usage);
677 extension->data[ATTESTATION_KEY_USAGE_OFFSET] = usage;
678 extension->data[ATTESTATION_KEY_USAGE_OFFSET - 1] = unusedBits;
679
680 uint32_t claimsOffset = tmplExt.claims.header.data - extensionTmpl.data;
681 struct HksBlob tmp = *extension;
682 tmp.data += claimsOffset;
683 tmp.size -= claimsOffset;
684
685 int32_t ret = EncodeClaims(&attestSpec->claimsOid, &attestSpec->claims, &tmp);
686 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "EncodeClaims failed!")
687
688 uint32_t usageOffset = tmplExt.keyUsage.header.data - extensionTmpl.data;
689 struct HksAsn1Blob seqValue = {
690 .type = ASN_1_TAG_TYPE_SEQ,
691 .size = claimsOffset + tmp.size - usageOffset,
692 .data = extension->data + usageOffset
693 };
694 return DcmAsn1WriteFinal(extension, &seqValue);
695 }
696
EncodeTbs(const struct HksAttestTbsSpec * tbs,struct HksBlob * out)697 static int32_t EncodeTbs(const struct HksAttestTbsSpec *tbs, struct HksBlob *out)
698 {
699 struct HksBlob tmp = *out;
700 tmp.data += ATT_CERT_HEADER_SIZE;
701 tmp.size -= ATT_CERT_HEADER_SIZE;
702
703 int32_t ret = DcmAsn1InsertValue(&tmp, NULL, &tbs->version.value);
704 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "insert version failed!")
705
706 ret = DcmAsn1InsertValue(&tmp, NULL, &tbs->serial.value);
707 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "insert serial failed!")
708
709 ret = DcmAsn1InsertValue(&tmp, NULL, &tbs->signature.value);
710 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "insert signature failed!")
711
712 ret = DcmAsn1InsertValue(&tmp, NULL, &tbs->issuer.value);
713 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "insert issuer failed!")
714
715 ret = DcmAsn1InsertValue(&tmp, NULL, &tbs->validity.value);
716 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "insert validity failed!")
717
718 ret = DcmAsn1InsertValue(&tmp, NULL, &tbs->subject.value);
719 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "insert subject failed!")
720
721 ret = DcmAsn1InsertValue(&tmp, NULL, &tbs->spki.value);
722 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "insert spki failed!")
723
724 ret = DcmAsn1InsertValue(&tmp, NULL, &tbs->extensions.value);
725 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "insert extensions failed!")
726
727 uint8_t *data = out->data + ATT_CERT_HEADER_SIZE;
728 uint32_t size = tmp.data - data;
729 struct HksAsn1Blob seq = { ASN_1_TAG_TYPE_SEQ, size, data };
730 return DcmAsn1WriteFinal(out, &seq);
731 }
732
GetSignatureByAlg(uint32_t signAlg,struct HksAsn1Blob * sigature)733 static void GetSignatureByAlg(uint32_t signAlg, struct HksAsn1Blob *sigature)
734 {
735 if (signAlg == HKS_ALG_RSA) {
736 sigature->size = g_rsaSha256Oid.size;
737 sigature->data = g_rsaSha256Oid.data;
738 } else if (signAlg == HKS_ALG_SM2) {
739 sigature->size = g_sm2Oid.size;
740 sigature->data = g_sm2Oid.data;
741 } else {
742 sigature->size = g_ecdsaSha256Oid.size;
743 sigature->data = g_ecdsaSha256Oid.data;
744 }
745 }
CreateTbs(const struct HksBlob * template,const struct HksAttestSpec * attestSpec,struct HksBlob * tbs,uint32_t signAlg)746 static int32_t CreateTbs(const struct HksBlob *template, const struct HksAttestSpec *attestSpec,
747 struct HksBlob *tbs, uint32_t signAlg)
748 {
749 struct HksAttestTbsSpec draftTbs;
750 (void)memset_s(&draftTbs, sizeof(struct HksAttestTbsSpec), 0, sizeof(struct HksAttestTbsSpec));
751 ParseAttestTbs(template, &draftTbs);
752 struct HksAsn1Blob sigature = { ASN_1_TAG_TYPE_SEQ, 0, NULL };
753 GetSignatureByAlg(signAlg, &sigature);
754 draftTbs.signature.value = sigature;
755
756 uint8_t validityBuf[VALIDITY_BUF_SIZE] = {0};
757 struct HksBlob validity = { sizeof(validityBuf), validityBuf };
758 EncodeValidity(&attestSpec->validity, &validity);
759 struct HksAsn1Blob validBlob = { ASN_1_TAG_TYPE_RAW, validity.size, validity.data };
760 draftTbs.validity.value = validBlob;
761
762 struct HksAttestCert devCert;
763 (void)memset_s(&devCert, sizeof(struct HksAttestCert), 0, sizeof(struct HksAttestCert));
764 ParseAttestCert(&attestSpec->devCert, &devCert);
765 draftTbs.issuer = devCert.tbs.subject;
766
767 uint8_t pubKey[PUBKEY_DER_LEN] = {0};
768 struct HksBlob pubKeyBlob = { PUBKEY_DER_LEN, pubKey };
769 int32_t ret = HksCryptoHalGetPubKey(&attestSpec->attestKey, &pubKeyBlob);
770 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get attest public key failed!")
771
772 uint8_t pubKeyDer[PUBKEY_DER_LEN] = {0};
773 struct HksBlob spkiBlob = { PUBKEY_DER_LEN, pubKeyDer };
774 ret = DcmGetPublicKey(&spkiBlob, (struct HksPubKeyInfo *)pubKeyBlob.data, &attestSpec->usageSpec);
775 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "der public key failed!")
776
777 struct HksAsn1Blob insertSpki = { ASN_1_TAG_TYPE_RAW, spkiBlob.size, spkiBlob.data };
778 draftTbs.spki.value = insertSpki;
779
780 uint8_t *extBuf = HksMalloc(EXT_MAX_SIZE + attestSpec->claims.size);
781 HKS_IF_NULL_RETURN(extBuf, HKS_ERROR_MALLOC_FAIL)
782
783 struct HksBlob extension = { EXT_MAX_SIZE + attestSpec->claims.size, extBuf };
784 ret = CreateAttestExtension(attestSpec, &extension);
785 if (ret != HKS_SUCCESS) {
786 HKS_LOG_E("create extensions failed!");
787 HKS_FREE(extBuf);
788 return ret;
789 }
790
791 struct HksAsn1Blob extBlob = { ASN_1_TAG_TYPE_CTX_SPEC3, extension.size, extension.data };
792 draftTbs.extensions.value = extBlob;
793 ret = EncodeTbs(&draftTbs, tbs);
794 HKS_FREE(extBuf);
795 return ret;
796 }
797
798 /*
799 * pkcs1(rfc8017) defines rsa privateKey struct
800 * RSAPrivateKey ::= SEQUENCE {
801 * version Version,
802 * modulus INTEGER, -- n
803 * publicExponent INTEGER, -- e
804 * privateExponent INTEGER, -- d
805 * prime1 INTEGER, -- p
806 * prime2 INTEGER, -- q
807 * exponent1 INTEGER, -- d mod (p-1)
808 * exponent2 INTEGER, -- d mod (q-1)
809 * coefficient INTEGER, -- (inverse of q) mod p
810 * otherPrimeInfos OtherPrimeInfos OPTIONAL
811 * }
812 */
GetRsaPrivateKeyMaterial(struct HksBlob * val,struct HksBlob * material)813 static int32_t GetRsaPrivateKeyMaterial(struct HksBlob *val, struct HksBlob *material)
814 {
815 struct HksAsn1Obj obj = {{0}};
816 struct KeyMaterialRsa *keyMaterial = (struct KeyMaterialRsa *)material->data;
817
818 keyMaterial->keyAlg = HKS_ALG_RSA;
819 keyMaterial->keySize = HKS_RSA_KEY_SIZE_2048;
820
821 uint32_t offset = sizeof(struct KeyMaterialRsa);
822 int32_t ret = DcmAsn1ExtractTag(val, &obj, val, ASN_1_TAG_TYPE_INT);
823 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "extract n fail!")
824
825 if (memcpy_s(material->data + offset, material->size - offset, obj.value.data, obj.value.size) != EOK) {
826 HKS_LOG_E("copy n fail!");
827 return HKS_ERROR_INSUFFICIENT_MEMORY;
828 }
829 keyMaterial->nSize = obj.value.size;
830
831 offset += keyMaterial->nSize;
832 ret = DcmAsn1ExtractTag(val, &obj, val, ASN_1_TAG_TYPE_INT);
833 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "extract e fail!")
834
835 if (memcpy_s(material->data + offset, material->size - offset, obj.value.data, obj.value.size) != EOK) {
836 HKS_LOG_E("copy e fail!");
837 return HKS_ERROR_INSUFFICIENT_MEMORY;
838 }
839 keyMaterial->eSize = obj.value.size;
840
841 offset += keyMaterial->eSize;
842 ret = DcmAsn1ExtractTag(val, &obj, val, ASN_1_TAG_TYPE_INT);
843 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "extract d fail!")
844
845 if (memcpy_s(material->data + offset, material->size - offset, obj.value.data, obj.value.size) != EOK) {
846 HKS_LOG_E("copy d fail!");
847 return HKS_ERROR_INSUFFICIENT_MEMORY;
848 }
849 keyMaterial->dSize = obj.value.size;
850 material->size = offset + keyMaterial->dSize;
851 return HKS_SUCCESS;
852 }
853
StepIntoPrivateKey(const struct HksBlob * key,struct HksBlob * val)854 static int32_t StepIntoPrivateKey(const struct HksBlob *key, struct HksBlob *val)
855 {
856 struct HksAsn1Obj obj = {{0}};
857 struct HksBlob skip = { 0, NULL };
858 int32_t ret;
859
860 ret = DcmAsn1ExtractTag(&skip, &obj, key, ASN_1_TAG_TYPE_SEQ);
861 HKS_IF_NOT_SUCC_RETURN(ret, ret)
862
863 val->data = obj.value.data;
864 val->size = obj.value.size;
865
866 ret = DcmAsn1ExtractTag(val, &obj, val, ASN_1_TAG_TYPE_INT);
867 HKS_IF_NOT_SUCC_RETURN(ret, ret)
868
869 return HKS_SUCCESS;
870 }
871
HksGetRsaPrivateKey(const struct HksBlob * key,struct HksBlob * out)872 static int32_t HksGetRsaPrivateKey(const struct HksBlob *key, struct HksBlob *out)
873 {
874 struct HksBlob val = { 0, NULL };
875 int32_t ret = StepIntoPrivateKey(key, &val);
876 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "step into rsa private key fail!")
877
878 uint32_t keySize = HKS_RSA_KEY_SIZE_2048;
879 uint32_t materialLen = sizeof(struct KeyMaterialRsa) + keySize / HKS_BITS_PER_BYTE * RSA_KEY_MATERIAL_CNT;
880 uint8_t *material = (uint8_t *)HksMalloc(materialLen);
881 HKS_IF_NULL_LOGE_RETURN(material, HKS_ERROR_MALLOC_FAIL, "malloc rsa key materail fail!")
882
883 struct HksBlob materialBlob = { materialLen, material };
884 ret = GetRsaPrivateKeyMaterial(&val, &materialBlob);
885 if (ret != HKS_SUCCESS) {
886 (void)memset_s(material, materialLen, 0, materialLen);
887 HKS_FREE(material);
888 HKS_LOG_E("get rsa key materail fail!");
889 return ret;
890 }
891
892 out->data = materialBlob.data;
893 out->size = materialBlob.size;
894 HKS_LOG_I("prikey size %" LOG_PUBLIC "x", out->size);
895
896 return HKS_SUCCESS;
897 }
898
899 /*
900 * SEC1 defines ecc privateKey struct
901 * ECPrivateKey ::= SEQUENCE {
902 * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
903 * privateKey OCTET STRING,
904 * parameters [0] ECDomainParameters {{ SECGCurveNames }} OPTIONAL,
905 * publicKey [1] BIT STRING OPTIONAL
906 * }
907 */
GetEccPrivateKeyMaterial(const uint32_t keySize,struct HksBlob * val,struct HksBlob * material)908 static int32_t GetEccPrivateKeyMaterial(const uint32_t keySize, struct HksBlob *val, struct HksBlob *material)
909 {
910 struct HksAsn1Obj obj = {0};
911 struct KeyMaterialEcc *keyMaterial = (struct KeyMaterialEcc *)material->data;
912
913 keyMaterial->keyAlg = HKS_ALG_ECC;
914
915 uint32_t offset = sizeof(struct KeyMaterialEcc);
916 int32_t ret = DcmAsn1ExtractTag(val, &obj, val, ASN_1_TAG_TYPE_OCT_STR);
917 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "extract z key fail!")
918
919 if (keySize != obj.value.size) {
920 HKS_LOG_E("ecc pri key size(%u) invalid", obj.value.size);
921 return HKS_ERROR_INTERNAL_ERROR;
922 }
923 keyMaterial->keySize = keySize * HKS_BITS_PER_BYTE;
924
925 if (memcpy_s(material->data + offset, material->size - offset, obj.value.data, obj.value.size) != EOK) {
926 HKS_LOG_E("copy x fail!");
927 return HKS_ERROR_INSUFFICIENT_MEMORY;
928 }
929 keyMaterial->xSize = obj.value.size;
930
931 offset += keyMaterial->xSize;
932 if (memcpy_s(material->data + offset, material->size - offset, obj.value.data, obj.value.size) != EOK) {
933 HKS_LOG_E("copy y fail!");
934 return HKS_ERROR_INSUFFICIENT_MEMORY;
935 }
936 keyMaterial->ySize = obj.value.size;
937
938 offset += keyMaterial->ySize;
939 if (memcpy_s(material->data + offset, material->size - offset, obj.value.data, obj.value.size) != EOK) {
940 HKS_LOG_E("copy z fail!");
941 return HKS_ERROR_INSUFFICIENT_MEMORY;
942 }
943 keyMaterial->zSize = obj.value.size;
944
945 offset += keyMaterial->zSize;
946 material->size = offset;
947 return HKS_SUCCESS;
948 }
949
HksGetEccPrivateKey(const struct HksBlob * key,struct HksBlob * out)950 static int32_t HksGetEccPrivateKey(const struct HksBlob *key, struct HksBlob *out)
951 {
952 struct HksBlob keySeq = { 0, NULL };
953 int32_t ret = StepIntoPrivateKey(key, &keySeq);
954 if (ret != HKS_SUCCESS) {
955 HKS_LOG_E("step into ecc private key fail!");
956 return ret;
957 }
958
959 enum HksKeySize keyBitSize = HKS_ECC_KEY_SIZE_256; /* only 256 ecc-key size */
960 uint32_t materialLen = sizeof(struct KeyMaterialEcc) + keyBitSize / HKS_BITS_PER_BYTE * ECC_KEY_MATERIAL_CNT;
961 uint8_t *material = (uint8_t *)HksMalloc(materialLen);
962 HKS_IF_NULL_LOGE_RETURN(material, HKS_ERROR_MALLOC_FAIL, "malloc ecc key materail fail!")
963
964 struct HksBlob materialBlob = { materialLen, material };
965 ret = GetEccPrivateKeyMaterial(keyBitSize / HKS_BITS_PER_BYTE, &keySeq, &materialBlob);
966 if (ret != HKS_SUCCESS) {
967 (void)memset_s(material, materialLen, 0, materialLen);
968 HKS_FREE(material);
969 HKS_LOG_E("get ecc key materail fail!");
970 return ret;
971 }
972
973 out->data = materialBlob.data;
974 out->size = materialBlob.size;
975 return HKS_SUCCESS;
976 }
977
SignTbs(struct HksBlob * sig,const struct HksBlob * tbs,const struct HksBlob * key,uint32_t signAlg)978 static int32_t SignTbs(struct HksBlob *sig, const struct HksBlob *tbs, const struct HksBlob *key, uint32_t signAlg)
979 {
980 (void)key;
981 uint8_t buffer[HKS_DIGEST_SHA256_LEN] = {0};
982 struct HksBlob message = { HKS_DIGEST_SHA256_LEN, buffer };
983 int32_t ret = HksCryptoHalHash(HKS_DIGEST_SHA256, tbs, &message);
984 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "calc hash of tbs failed!")
985
986 struct HksUsageSpec usageSpec = {0};
987 usageSpec.digest = HKS_DIGEST_SHA256;
988 if (signAlg == HKS_ALG_RSA) {
989 usageSpec.padding = HKS_PADDING_PKCS1_V1_5;
990 usageSpec.algType = HKS_ALG_RSA;
991 } else if (signAlg == HKS_ALG_SM2) {
992 usageSpec.algType = HKS_ALG_SM2;
993 usageSpec.digest = HKS_DIGEST_SM3;
994 } else {
995 usageSpec.padding = HKS_PADDING_NONE;
996 usageSpec.algType = HKS_ALG_ECC;
997 }
998
999 struct HksBlob priKey = { 0, NULL };
1000 ret = signAlg == HKS_ALG_RSA ? HksGetRsaPrivateKey(key, &priKey) : HksGetEccPrivateKey(key, &priKey);
1001 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get private key failed!")
1002
1003 ret = HksCryptoHalSign(&priKey, &usageSpec, &message, sig);
1004 (void)memset_s(priKey.data, priKey.size, 0, priKey.size);
1005 HKS_FREE(priKey.data);
1006 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "sign tbs failed!")
1007
1008 return HKS_SUCCESS;
1009 }
1010
CreateAttestCert(struct HksBlob * attestCert,struct HksBlob * template,const struct HksAttestSpec * attestSpec,uint32_t signAlg)1011 static int32_t CreateAttestCert(struct HksBlob *attestCert, struct HksBlob *template,
1012 const struct HksAttestSpec *attestSpec, uint32_t signAlg)
1013 {
1014 struct HksBlob tbs = *attestCert;
1015 tbs.data += ATT_CERT_HEADER_SIZE;
1016 tbs.size -= ATT_CERT_HEADER_SIZE;
1017 int32_t ret = CreateTbs(template, attestSpec, &tbs, signAlg);
1018 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "CreateTbs failed!")
1019
1020 uint8_t sigBuf[SIG_MAX_SIZE] = {0};
1021 struct HksBlob signature = { sizeof(sigBuf), sigBuf };
1022 ret = SignTbs(&signature, &tbs, &attestSpec->devKey, signAlg);
1023 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "SignTbs failed!")
1024
1025 uint32_t certSize = tbs.size;
1026 struct HksAsn1Obj obj = {{0}};
1027 struct HksBlob tmp = *attestCert;
1028 tmp.data += ATT_CERT_HEADER_SIZE + tbs.size;
1029 tmp.size -= ATT_CERT_HEADER_SIZE + tbs.size;
1030 struct HksAsn1Blob signOidBlob = { ASN_1_TAG_TYPE_SEQ, g_rsaSha256Oid.size, g_rsaSha256Oid.data };
1031 if (signAlg == HKS_ALG_ECC) {
1032 signOidBlob.size = g_ecdsaSha256Oid.size;
1033 signOidBlob.data = g_ecdsaSha256Oid.data;
1034 }
1035 if (signAlg == HKS_ALG_SM2) {
1036 signOidBlob.size = g_sm2Oid.size;
1037 signOidBlob.data = g_sm2Oid.data;
1038 }
1039 ret = DcmAsn1InsertValue(&tmp, &obj, &signOidBlob);
1040 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "insert sign oid failed!")
1041
1042 certSize += obj.header.size + obj.value.size;
1043
1044 struct HksAsn1Blob sigBlob = { ASN_1_TAG_TYPE_BIT_STR, signature.size, signature.data };
1045 ret = DcmAsn1InsertValue(&tmp, &obj, &sigBlob);
1046 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "insert sign failed!")
1047
1048 certSize += obj.header.size + obj.value.size;
1049
1050 struct HksAsn1Blob certBlob = { ASN_1_TAG_TYPE_SEQ, certSize, attestCert->data + ATT_CERT_HEADER_SIZE };
1051 return DcmAsn1WriteFinal(attestCert, &certBlob);
1052 }
1053
InsertSignatureGroupClaim(struct HksBlob * out,const struct HksUsageSpec * attetUsageSpec,uint32_t secLevel)1054 static int32_t InsertSignatureGroupClaim(struct HksBlob *out, const struct HksUsageSpec *attetUsageSpec,
1055 uint32_t secLevel)
1056 {
1057 if (!(attetUsageSpec->purpose & (HKS_KEY_PURPOSE_SIGN | HKS_KEY_PURPOSE_VERIFY))) {
1058 return HKS_ERROR_NOT_SUPPORTED;
1059 }
1060 if ((attetUsageSpec->digest != HKS_DIGEST_SHA256) && (attetUsageSpec->digest != HKS_DIGEST_SM3)) {
1061 return HKS_ERROR_NOT_SUPPORTED;
1062 }
1063
1064 uint8_t asn1True = ASN_1_TRUE_VALUE;
1065 struct HksAsn1Blob booleanTrue = { ASN_1_TAG_TYPE_BOOL, 1, &asn1True };
1066 if (attetUsageSpec->algType == HKS_ALG_RSA) {
1067 if (attetUsageSpec->padding == HKS_PADDING_PSS) {
1068 HKS_LOG_I("inserting SigRsaPssMgf1Sha256 group\n");
1069 return DcmInsertClaim(out, &hksGroupSigRsaPssMgf1Sha256Oid, &booleanTrue, secLevel);
1070 }
1071 } else if (attetUsageSpec->algType == HKS_ALG_ECC) {
1072 if (attetUsageSpec->padding == HKS_PADDING_NONE) {
1073 HKS_LOG_I("inserting SigEcdsaSha256 group\n");
1074 return DcmInsertClaim(out, &hksGroupSigEcdsaSha256Oid, &booleanTrue, secLevel);
1075 }
1076 } else if (attetUsageSpec->algType == HKS_ALG_SM2) {
1077 HKS_LOG_I("inserting SigSm2Sm3 group\n");
1078 return DcmInsertClaim(out, &hksGroupSigSm2Sm3Oid, &booleanTrue, secLevel);
1079 }
1080 return HKS_ERROR_NOT_SUPPORTED;
1081 }
1082
InsertEncryptionGroupClaim(struct HksBlob * out,const struct HksUsageSpec * attetUsageSpec,uint32_t secLevel)1083 static int32_t InsertEncryptionGroupClaim(struct HksBlob *out, const struct HksUsageSpec *attetUsageSpec,
1084 uint32_t secLevel)
1085 {
1086 if (!(attetUsageSpec->purpose & (HKS_KEY_PURPOSE_ENCRYPT | HKS_KEY_PURPOSE_DECRYPT))) {
1087 return HKS_ERROR_NOT_SUPPORTED;
1088 }
1089
1090 uint8_t asn1True = ASN_1_TRUE_VALUE;
1091 struct HksAsn1Blob booleanTrue = { ASN_1_TAG_TYPE_BOOL, 1, &asn1True };
1092 if (attetUsageSpec->algType == HKS_ALG_RSA) {
1093 if (attetUsageSpec->digest == HKS_DIGEST_SHA256) {
1094 if (attetUsageSpec->padding == HKS_PADDING_OAEP) {
1095 HKS_LOG_I("inserting EncRsaOaepMgf1Sha256 group\n");
1096 return DcmInsertClaim(out, &hksGroupEncRsaOaepMgf1Sha256Oid, &booleanTrue, secLevel);
1097 }
1098 } else {
1099 if (attetUsageSpec->padding == HKS_PADDING_OAEP) {
1100 HKS_LOG_I("inserting EncRsaOaep group\n");
1101 return DcmInsertClaim(out, &hksGroupEncRsaOaepOid, &booleanTrue, secLevel);
1102 }
1103 }
1104 }
1105 return HKS_ERROR_NOT_SUPPORTED;
1106 }
1107
InsertGroupClaim(bool * isInsert,struct HksBlob * out,const struct HksUsageSpec * attetUsageSpec,uint32_t secLevel)1108 static int32_t InsertGroupClaim(bool *isInsert, struct HksBlob *out, const struct HksUsageSpec *attetUsageSpec,
1109 uint32_t secLevel)
1110 {
1111 if (isInsert == NULL || CheckBlob(out) != HKS_SUCCESS || attetUsageSpec == NULL) {
1112 HKS_LOG_E("invalid input");
1113 return HKS_ERROR_INVALID_ARGUMENT;
1114 }
1115
1116 uint8_t *p = out->data;
1117 int32_t ret = InsertSignatureGroupClaim(out, attetUsageSpec, secLevel);
1118 if (ret != HKS_SUCCESS && ret != HKS_ERROR_NOT_SUPPORTED) {
1119 HKS_LOG_E("fail to insert signature group claim");
1120 return ret;
1121 }
1122 ret = InsertEncryptionGroupClaim(out, attetUsageSpec, secLevel);
1123 if (ret != HKS_SUCCESS && ret != HKS_ERROR_NOT_SUPPORTED) {
1124 HKS_LOG_E("fail to insert encryption group claim");
1125 return ret;
1126 }
1127 if (p != out->data) {
1128 *isInsert = true;
1129 } else {
1130 *isInsert = false;
1131 }
1132 return HKS_SUCCESS;
1133 }
1134
VerifyIdsInfo(enum HksTag tag,struct HksParam * param)1135 static int32_t VerifyIdsInfo(enum HksTag tag, struct HksParam *param)
1136 {
1137 (void)tag;
1138 (void)param;
1139 return HKS_SUCCESS;
1140 }
1141
1142 static const struct AppIdTypeToOid APP_ID_TO_OID_MAP[] = {
1143 { HKS_HAP_TYPE, &hksApplicationIdRawOid },
1144 { HKS_SA_TYPE, &hksSaIdOid },
1145 { HKS_UNIFIED_TYPE, &hksUnifiedAppIdOid },
1146 };
1147
GetAppIdOid(enum HksCallerType type)1148 static const struct HksBlob* GetAppIdOid(enum HksCallerType type)
1149 {
1150 for (uint32_t i = 0; i < HKS_ARRAY_SIZE(APP_ID_TO_OID_MAP); ++i) {
1151 if (type == APP_ID_TO_OID_MAP[i].type) {
1152 return APP_ID_TO_OID_MAP[i].oid;
1153 }
1154 }
1155 return NULL;
1156 }
1157
InsertAppIdClaim(struct HksBlob * out,const struct HksParamSet * paramSet,uint32_t secLevel)1158 static int32_t InsertAppIdClaim(struct HksBlob *out, const struct HksParamSet *paramSet, uint32_t secLevel)
1159 {
1160 struct HksParam *appId = NULL;
1161 int32_t ret = HksGetParam(paramSet, HKS_TAG_ATTESTATION_APPLICATION_ID, &appId);
1162 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_SUCCESS, "not contain appId param!") // appId is optional
1163
1164 const struct HksBlob *appIdOid = NULL;
1165 struct HksParam *appIdType = NULL;
1166 ret = HksGetParam(paramSet, HKS_TAG_ATTESTATION_APPLICATION_ID_TYPE, &appIdType);
1167 if (ret != HKS_SUCCESS) {
1168 appIdOid = &hksApplicationIdRawOid;
1169 } else {
1170 appIdOid = GetAppIdOid(appIdType->uint32Param);
1171 }
1172 if (appIdOid == NULL) {
1173 HKS_LOG_E("invalid appid type");
1174 return HKS_ERROR_INVALID_ARGUMENT;
1175 }
1176
1177 uint8_t buf[ASN_1_MAX_HEADER_LEN + MAX_OID_LEN + HKS_APP_ID_SIZE] = {0};
1178 uint8_t *tmp = buf;
1179 if (memcpy_s(tmp, MAX_OID_LEN, appIdOid->data, appIdOid->size) != EOK) {
1180 HKS_LOG_I("invalid oid of app id!");
1181 return HKS_ERROR_INVALID_ARGUMENT;
1182 }
1183 tmp += appIdOid->size;
1184
1185 struct HksBlob tmpBlob = { sizeof(buf) - appIdOid->size, tmp };
1186 struct HksAsn1Blob value = { ASN_1_TAG_TYPE_OCT_STR, appId->blob.size, appId->blob.data };
1187 ret = DcmAsn1WriteFinal(&tmpBlob, &value);
1188 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "write final value fail\n")
1189 tmp += tmpBlob.size;
1190
1191 uint32_t seqSize = tmp - buf;
1192 struct HksAsn1Blob seq = { ASN_1_TAG_TYPE_SEQ, seqSize, buf };
1193 ret = DcmInsertClaim(out, &hksApplicationIdOid, &seq, secLevel);
1194 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "add appId to cert fail, ret = %" LOG_PUBLIC "d", ret)
1195
1196 HKS_LOG_I("add appId to cert success!");
1197 return HKS_SUCCESS;
1198 }
1199
BuildAttestMsgClaims(struct HksBlob * out,const struct HksParamSet * paramSet)1200 static int32_t BuildAttestMsgClaims(struct HksBlob *out, const struct HksParamSet *paramSet)
1201 {
1202 uint32_t secLevel = HKS_SECURITY_LEVEL_HIGH;
1203 uint8_t version = HKS_HW_ATTESTATION_VERSION;
1204 struct HksAsn1Blob versionBlob = { ASN_1_TAG_TYPE_INT, 1, &version };
1205 int32_t ret = DcmAsn1InsertValue(out, NULL, &versionBlob);
1206 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "insert version fail\n")
1207
1208 struct HksParam *challenge = NULL;
1209 ret = HksGetParam(paramSet, HKS_TAG_ATTESTATION_CHALLENGE, &challenge);
1210 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get challenge param failed!")
1211
1212 struct HksAsn1Blob challengeBlob = { ASN_1_TAG_TYPE_OCT_STR, challenge->blob.size, challenge->blob.data };
1213 ret = DcmInsertClaim(out, &hksAttestationChallengeOid, &challengeBlob, HKS_SECURITY_LEVEL_LOW);
1214 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "insert challenge fail\n")
1215
1216 struct HksParam *keyId = NULL;
1217 ret = HksGetParam(paramSet, HKS_TAG_ATTESTATION_ID_ALIAS, &keyId);
1218 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get keyId param failed!")
1219
1220 struct HksAsn1Blob keyIdBlob = { ASN_1_TAG_TYPE_OCT_STR, keyId->blob.size, keyId->blob.data };
1221 ret = DcmInsertClaim(out, &hksKeyIdOid, &keyIdBlob, secLevel);
1222 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "insert keyId fail\n")
1223
1224 ret = InsertAppIdClaim(out, paramSet, secLevel);
1225 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "insert appId fail\n")
1226
1227 return HKS_SUCCESS;
1228 }
1229
BuildAttestKeyClaims(struct HksBlob * out,const struct HksParamSet * keyParamSet,const struct HksUsageSpec * attetUsageSpec)1230 static int32_t BuildAttestKeyClaims(struct HksBlob *out, const struct HksParamSet *keyParamSet,
1231 const struct HksUsageSpec *attetUsageSpec)
1232 {
1233 uint32_t secLevel = HKS_SECURITY_LEVEL_HIGH;
1234
1235 struct HksParam *signTypeParam = NULL;
1236 uint32_t signType = 0;
1237 int32_t ret = HksGetParam(keyParamSet, HKS_TAG_KEY_SECURE_SIGN_TYPE, &signTypeParam);
1238 if (ret == HKS_SUCCESS) {
1239 signType = signTypeParam->uint32Param;
1240 }
1241 struct HksAsn1Blob signTypeBlob = { ASN_1_TAG_TYPE_OCT_STR, sizeof(uint32_t), (uint8_t *)&signType };
1242 ret = DcmInsertClaim(out, &hksSignTypeOid, &signTypeBlob, secLevel);
1243 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "insert signType failed")
1244
1245 // insert key flag
1246 struct HksParam *keyFlagParam = NULL;
1247 ret = HksGetParam(keyParamSet, HKS_TAG_KEY_FLAG, &keyFlagParam);
1248 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get key flag failed")
1249
1250 struct HksAsn1Blob keyFlagBlob = { ASN_1_TAG_TYPE_OCT_STR, sizeof(uint32_t),
1251 (uint8_t *)&keyFlagParam->uint32Param };
1252
1253 ret = DcmInsertClaim(out, &hkskeyFlagOid, &keyFlagBlob, secLevel);
1254 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "insert keyFlag failed")
1255 HKS_LOG_I("attest key claims keyFlag[%" LOG_PUBLIC "u] success", keyFlagParam->uint32Param);
1256
1257 bool isGroupInsert = false;
1258 ret = InsertGroupClaim(&isGroupInsert, out, attetUsageSpec, secLevel);
1259 if (ret != HKS_SUCCESS && ret != HKS_ERROR_NOT_SUPPORTED) {
1260 HKS_LOG_E("insert group fail, ret %" LOG_PUBLIC "d\n", ret);
1261 return ret;
1262 }
1263
1264 if (isGroupInsert) {
1265 return HKS_SUCCESS;
1266 }
1267
1268 struct HksAsn1Blob usage = { ASN_1_TAG_TYPE_OCT_STR, sizeof(uint32_t), (uint8_t *)&attetUsageSpec->purpose };
1269 ret = DcmInsertClaim(out, &hksKeyUsageOid, &usage, secLevel);
1270 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "insert usage fail\n")
1271
1272 struct HksAsn1Blob digest = { ASN_1_TAG_TYPE_OCT_STR, sizeof(uint32_t), (uint8_t *)&attetUsageSpec->digest };
1273 ret = DcmInsertClaim(out, &hksDigestOid, &digest, secLevel);
1274 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "insert digest fail\n")
1275
1276 if ((attetUsageSpec->algType != HKS_ALG_RSA) && (attetUsageSpec->algType != HKS_ALG_SM2)) {
1277 struct HksAsn1Blob padding = { ASN_1_TAG_TYPE_OCT_STR, sizeof(uint32_t), (uint8_t *)&attetUsageSpec->padding };
1278 ret = DcmInsertClaim(out, &hksPaddingOid, &padding, secLevel);
1279 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "insert padding fail\n")
1280 }
1281 return HKS_SUCCESS;
1282 }
1283
InsertIdOrSecInfoData(enum HksTag tag,uint32_t type,const struct HksBlob * oid,struct HksBlob * out,const struct HksParamSet * paramSet)1284 static int32_t InsertIdOrSecInfoData(enum HksTag tag, uint32_t type, const struct HksBlob *oid,
1285 struct HksBlob *out, const struct HksParamSet *paramSet)
1286 {
1287 struct HksParam *param = NULL;
1288 int32_t ret = HksGetParam(paramSet, tag, ¶m);
1289 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get id param failed! tag is %" LOG_PUBLIC "x", tag)
1290
1291 ret = VerifyIdsInfo(tag, param);
1292 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "VerifyIdsInfo failed! tag is %" LOG_PUBLIC "x", tag)
1293
1294 struct HksAsn1Blob paramBlob = { type, param->blob.size, param->blob.data };
1295 ret = DcmInsertClaim(out, oid, ¶mBlob, HKS_SECURITY_LEVEL_SUPER);
1296 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "insert id cliam failed! tag is %" LOG_PUBLIC "x", tag)
1297
1298 return ret;
1299 }
1300
InsertIdOrSecInfoByOid(enum HksTag tagOne,enum HksTag tagTwo,struct HksBlob * out,const struct HksParamSet * paramSet)1301 static int32_t InsertIdOrSecInfoByOid(enum HksTag tagOne, enum HksTag tagTwo,
1302 struct HksBlob *out, const struct HksParamSet *paramSet)
1303 {
1304 if (tagOne != tagTwo) {
1305 return HKS_SUCCESS;
1306 }
1307 switch (tagOne) {
1308 case HKS_TAG_ATTESTATION_ID_BRAND:
1309 return InsertIdOrSecInfoData(tagOne, ASN_1_TAG_TYPE_UTF8_STR, &hksBrandOid, out, paramSet);
1310 case HKS_TAG_ATTESTATION_ID_DEVICE:
1311 return InsertIdOrSecInfoData(tagOne, ASN_1_TAG_TYPE_UTF8_STR, &hksDeviceOid, out, paramSet);
1312 case HKS_TAG_ATTESTATION_ID_PRODUCT:
1313 return InsertIdOrSecInfoData(tagOne, ASN_1_TAG_TYPE_UTF8_STR, &hksProductOid, out, paramSet);
1314 case HKS_TAG_ATTESTATION_ID_SERIAL:
1315 return InsertIdOrSecInfoData(tagOne, ASN_1_TAG_TYPE_UTF8_STR, &hksSnOid, out, paramSet);
1316 case HKS_TAG_ATTESTATION_ID_IMEI:
1317 return InsertIdOrSecInfoData(tagOne, ASN_1_TAG_TYPE_UTF8_STR, &hksImeiOid, out, paramSet);
1318 case HKS_TAG_ATTESTATION_ID_MEID:
1319 return InsertIdOrSecInfoData(tagOne, ASN_1_TAG_TYPE_UTF8_STR, &hksMeidOid, out, paramSet);
1320 case HKS_TAG_ATTESTATION_ID_MANUFACTURER:
1321 return InsertIdOrSecInfoData(tagOne, ASN_1_TAG_TYPE_UTF8_STR, &hksManufacturerOid, out, paramSet);
1322 case HKS_TAG_ATTESTATION_ID_MODEL:
1323 return InsertIdOrSecInfoData(tagOne, ASN_1_TAG_TYPE_UTF8_STR, &hksModelOid, out, paramSet);
1324 case HKS_TAG_ATTESTATION_ID_SOCID:
1325 return InsertIdOrSecInfoData(tagOne, ASN_1_TAG_TYPE_UTF8_STR, &hksSocIdOid, out, paramSet);
1326 case HKS_TAG_ATTESTATION_ID_UDID:
1327 return InsertIdOrSecInfoData(tagOne, ASN_1_TAG_TYPE_UTF8_STR, &hksUdidOid, out, paramSet);
1328 case HKS_TAG_ATTESTATION_ID_SEC_LEVEL_INFO:
1329 return InsertIdOrSecInfoData(tagOne, ASN_1_TAG_TYPE_OCT_STR, &hksSecInfoOid, out, paramSet);
1330 case HKS_TAG_ATTESTATION_ID_VERSION_INFO:
1331 return InsertIdOrSecInfoData(tagOne, ASN_1_TAG_TYPE_OCT_STR, &hksOsVersionOid, out, paramSet);
1332 default:
1333 break;
1334 }
1335 return HKS_ERROR_NOT_SUPPORTED;
1336 }
1337
BuildAttestDeviceClaims(struct HksBlob * out,const struct HksParamSet * paramSet)1338 static int32_t BuildAttestDeviceClaims(struct HksBlob *out, const struct HksParamSet *paramSet)
1339 {
1340 int32_t ret = HKS_SUCCESS;
1341 for (uint32_t i = 0; i < sizeof(g_idAttestList) / sizeof(g_idAttestList[0]); i++) {
1342 for (uint32_t j = 0; j < paramSet->paramsCnt; j++) {
1343 ret = InsertIdOrSecInfoByOid(paramSet->params[j].tag, g_idAttestList[i], out, paramSet);
1344 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "insert ids %" LOG_PUBLIC "x fail\n", paramSet->params[i].tag)
1345 }
1346 }
1347 return ret;
1348 }
1349
BuildAttestClaims(const struct HksParamSet * paramSet,const struct HksParamSet * keyParamSet,struct HksAttestSpec * attestSpec)1350 static int32_t BuildAttestClaims(const struct HksParamSet *paramSet, const struct HksParamSet *keyParamSet,
1351 struct HksAttestSpec *attestSpec)
1352 {
1353 uint8_t *claims = HksMalloc(ATTEST_CLAIM_BUF_LEN + ASN_1_MAX_HEADER_LEN);
1354 HKS_IF_NULL_LOGE_RETURN(claims, HKS_ERROR_MALLOC_FAIL, "malloc claims fail\n")
1355
1356 attestSpec->claims.data = claims;
1357 attestSpec->claims.size = ATTEST_CLAIM_BUF_LEN + ASN_1_MAX_HEADER_LEN;
1358
1359 struct HksBlob tmp = { ATTEST_CLAIM_BUF_LEN + ASN_1_MAX_HEADER_LEN, claims };
1360 tmp.data += ASN_1_MAX_HEADER_LEN;
1361 tmp.size -= ASN_1_MAX_HEADER_LEN;
1362
1363 int32_t ret = BuildAttestMsgClaims(&tmp, paramSet);
1364 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "build attest message claims fail\n")
1365
1366 ret = BuildAttestDeviceClaims(&tmp, paramSet);
1367 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "build attest device claims fail\n")
1368
1369 ret = BuildAttestKeyClaims(&tmp, keyParamSet, &attestSpec->usageSpec);
1370 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "build attest key claims fail\n")
1371
1372 uint8_t *seqData = claims + ASN_1_MAX_HEADER_LEN;
1373 uint32_t seqSize = tmp.data - seqData;
1374 struct HksAsn1Blob seqDataBlob = { ASN_1_TAG_TYPE_SEQ, seqSize, seqData };
1375 ret = DcmAsn1WriteFinal(&attestSpec->claims, &seqDataBlob);
1376 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "build attest claims fail\n")
1377
1378 return HKS_SUCCESS;
1379 }
1380
ReadCertOrKey(const uint8_t * inData,uint32_t size,struct HksBlob * out)1381 static int32_t ReadCertOrKey(const uint8_t *inData, uint32_t size, struct HksBlob *out)
1382 {
1383 uint8_t *data = HksMalloc(size);
1384 HKS_IF_NULL_LOGE_RETURN(data, HKS_ERROR_MALLOC_FAIL, "malloc data fail\n")
1385
1386 if (memcpy_s(data, size, inData, size) != EOK) {
1387 HKS_LOG_E("copy data failed!");
1388 free(data);
1389 return HKS_ERROR_INSUFFICIENT_MEMORY;
1390 }
1391 out->size = size;
1392 out->data = data;
1393 return HKS_SUCCESS;
1394 }
1395
GetCertOrKey(enum HksCertType type,struct HksBlob * out)1396 static int32_t GetCertOrKey(enum HksCertType type, struct HksBlob *out)
1397 {
1398 switch (type) {
1399 case HKS_DEVICE_KEY:
1400 return ReadCertOrKey(g_deviceKey, sizeof(g_deviceKey), out);
1401 case HKS_DEVICE_CERT:
1402 return ReadCertOrKey(g_deviceCert, sizeof(g_deviceCert), out);
1403 case HKS_CA_CERT:
1404 return ReadCertOrKey(g_caCert, sizeof(g_caCert), out);
1405 case HKS_ROOT_CERT:
1406 return ReadCertOrKey(g_rootCert, sizeof(g_rootCert), out);
1407 case HKS_ANON_CA_KEY:
1408 return ReadCertOrKey(g_anonCaKey, sizeof(g_anonCaKey), out);
1409 case HKS_ANON_CA_CERT:
1410 return ReadCertOrKey(g_anonCaCert, sizeof(g_anonCaCert), out);
1411 case HKS_ANON_ROOT_CERT:
1412 return ReadCertOrKey(g_anonRootCert, sizeof(g_anonRootCert), out);
1413 default:
1414 break;
1415 }
1416 return HKS_ERROR_NOT_SUPPORTED;
1417 }
1418
GetCertAndKey(struct HksAttestSpec * attestSpec)1419 static int32_t GetCertAndKey(struct HksAttestSpec *attestSpec)
1420 {
1421 int32_t ret;
1422 if (!attestSpec->isAnonAttest) {
1423 ret = GetCertOrKey(HKS_DEVICE_CERT, &attestSpec->devCert);
1424 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get devCert fail")
1425
1426 ret = GetCertOrKey(HKS_DEVICE_KEY, &attestSpec->devKey);
1427 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get devKey fail")
1428 } else {
1429 ret = GetCertOrKey(HKS_ANON_CA_CERT, &attestSpec->devCert);
1430 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get anon ca cert fail")
1431
1432 ret = GetCertOrKey(HKS_ANON_CA_KEY, &attestSpec->devKey);
1433 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get anon ca key fail")
1434 }
1435
1436 return ret;
1437 }
1438
FreeAttestSpec(struct HksAttestSpec ** attestSpec)1439 static void FreeAttestSpec(struct HksAttestSpec **attestSpec)
1440 {
1441 struct HksAttestSpec *spec = *attestSpec;
1442
1443 if (spec == NULL) {
1444 return;
1445 }
1446 if (spec->claims.data != NULL) {
1447 HKS_FREE(spec->claims.data);
1448 }
1449 if (spec->devCert.data != NULL) {
1450 HKS_FREE(spec->devCert.data);
1451 }
1452 if (spec->devKey.data != NULL) {
1453 (void)memset_s(spec->devKey.data, spec->devKey.size, 0, spec->devKey.size);
1454 HKS_FREE(spec->devKey.data);
1455 }
1456 if (spec->attestKey.data != NULL) {
1457 (void)memset_s(spec->attestKey.data, spec->attestKey.size, 0, spec->attestKey.size);
1458 HKS_FREE(spec->attestKey.data);
1459 }
1460 HKS_FREE(spec);
1461 *attestSpec = NULL;
1462 }
1463
CheckAttestUsageSpec(const struct HksUsageSpec * usageSpec)1464 static int32_t CheckAttestUsageSpec(const struct HksUsageSpec *usageSpec)
1465 {
1466 if ((usageSpec->algType != HKS_ALG_RSA) && (usageSpec->algType != HKS_ALG_ECC) &&
1467 (usageSpec->algType != HKS_ALG_X25519) && (usageSpec->algType != HKS_ALG_SM2) &&
1468 (usageSpec->algType != HKS_ALG_ED25519)) {
1469 HKS_LOG_E("invalid alg %" LOG_PUBLIC "u\n", usageSpec->algType);
1470 return HKS_ERROR_INVALID_ARGUMENT;
1471 }
1472 if ((usageSpec->algType == HKS_ALG_RSA) && (usageSpec->padding != HKS_PADDING_PSS) &&
1473 (usageSpec->padding != HKS_PADDING_PKCS1_V1_5)) {
1474 HKS_LOG_E("invalid padding\n");
1475 return HKS_ERROR_INVALID_ARGUMENT;
1476 }
1477 return HKS_SUCCESS;
1478 }
1479
BuildAttestSpec(bool isAnonAttest,const struct HksParamSet * keyNodeParamSet,const struct HksParamSet * paramSet,struct HksBlob * rawKey,struct HksAttestSpec ** outAttestSpec)1480 static int32_t BuildAttestSpec(bool isAnonAttest, const struct HksParamSet *keyNodeParamSet,
1481 const struct HksParamSet *paramSet, struct HksBlob *rawKey, struct HksAttestSpec **outAttestSpec)
1482 {
1483 struct HksAttestSpec *attestSpec = HksMalloc(sizeof(struct HksAttestSpec));
1484 HKS_IF_NULL_LOGE_RETURN(attestSpec, HKS_ERROR_MALLOC_FAIL, "malloc attestSpec fail\n")
1485
1486 (void)memset_s(attestSpec, sizeof(struct HksAttestSpec), 0, sizeof(struct HksAttestSpec));
1487
1488 attestSpec->isAnonAttest = isAnonAttest;
1489
1490 SetAttestCertValid(&attestSpec->validity);
1491
1492 HksFillUsageSpec(keyNodeParamSet, &attestSpec->usageSpec);
1493 int32_t ret = CheckAttestUsageSpec(&attestSpec->usageSpec);
1494 if (ret != HKS_SUCCESS) {
1495 FreeAttestSpec(&attestSpec);
1496 return ret;
1497 }
1498
1499 ret = BuildAttestClaims(paramSet, keyNodeParamSet, attestSpec);
1500 if (ret != HKS_SUCCESS) {
1501 FreeAttestSpec(&attestSpec);
1502 return ret;
1503 }
1504
1505 attestSpec->claimsOid = hksAttestationExtensionOid;
1506 attestSpec->attestKey.size = rawKey->size;
1507 attestSpec->attestKey.data = HksMalloc(rawKey->size);
1508 HKS_IF_NULL_LOGE_RETURN(attestSpec->attestKey.data, HKS_ERROR_MALLOC_FAIL, "fail to malloc raw key")
1509 (void)memcpy_s(attestSpec->attestKey.data, rawKey->size, rawKey->data, rawKey->size);
1510
1511 ret = GetCertAndKey(attestSpec);
1512 if (ret != HKS_SUCCESS) {
1513 HKS_LOG_E("get cert and key fail\n");
1514 FreeAttestSpec(&attestSpec);
1515 return ret;
1516 }
1517 *outAttestSpec = attestSpec;
1518 return HKS_SUCCESS;
1519 }
1520
CreateHwAttestCert(const struct HksAttestSpec * attestSpec,struct HksBlob * outAttestCert,uint32_t signAlg)1521 static int32_t CreateHwAttestCert(const struct HksAttestSpec *attestSpec, struct HksBlob *outAttestCert,
1522 uint32_t signAlg)
1523 {
1524 struct HksBlob template = { 0, NULL };
1525 if (signAlg == HKS_ALG_RSA) {
1526 template.data = (uint8_t *)g_attestTbsRsa;
1527 template.size = sizeof(g_attestTbsRsa);
1528 } else {
1529 template.data = (uint8_t *)g_attestTbs;
1530 template.size = sizeof(g_attestTbs);
1531 }
1532
1533 uint8_t *attest = HksMalloc(HKS_ATTEST_CERT_SIZE + attestSpec->claims.size);
1534 HKS_LOG_E("mattestSpec->claims.size is %" LOG_PUBLIC "d!", attestSpec->claims.size);
1535 HKS_IF_NULL_LOGE_RETURN(attest, HKS_ERROR_MALLOC_FAIL, "malloc attest cert failed!")
1536
1537 struct HksBlob attestCert = { HKS_ATTEST_CERT_SIZE + attestSpec->claims.size, attest };
1538 int32_t ret = CreateAttestCert(&attestCert, &template, attestSpec, signAlg);
1539 if (ret != HKS_SUCCESS) {
1540 HKS_FREE(attest);
1541 HKS_LOG_E("CreateAttestCert failed!");
1542 return ret;
1543 }
1544 *outAttestCert = attestCert;
1545 return HKS_SUCCESS;
1546 }
1547
CopyBlobToBuffer(const struct HksBlob * blob,struct HksBlob * buf)1548 static int32_t CopyBlobToBuffer(const struct HksBlob *blob, struct HksBlob *buf)
1549 {
1550 if (buf->size < sizeof(blob->size) + ALIGN_SIZE(blob->size)) {
1551 return HKS_ERROR_BUFFER_TOO_SMALL;
1552 }
1553 if (memcpy_s(buf->data, buf->size, &blob->size, sizeof(blob->size)) != EOK) {
1554 HKS_LOG_E("copy buf data failed!");
1555 return HKS_ERROR_INSUFFICIENT_MEMORY;
1556 }
1557 buf->data += sizeof(blob->size);
1558 buf->size -= sizeof(blob->size);
1559 if (memcpy_s(buf->data, buf->size, blob->data, blob->size) != EOK) {
1560 HKS_LOG_E("copy buf data failed!");
1561 return HKS_ERROR_INSUFFICIENT_MEMORY;
1562 }
1563 buf->data += ALIGN_SIZE(blob->size);
1564 buf->size -= ALIGN_SIZE(blob->size);
1565 return HKS_SUCCESS;
1566 }
1567
FormatCertToBuf(enum HksCertType type,struct HksBlob * buf)1568 static int32_t FormatCertToBuf(enum HksCertType type, struct HksBlob *buf)
1569 {
1570 struct HksBlob cert = { 0, NULL };
1571 int32_t ret = GetCertOrKey(type, &cert);
1572 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "get cert failed!")
1573
1574 ret = CopyBlobToBuffer(&cert, buf);
1575 HKS_FREE(cert.data);
1576 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "copy cert fail")
1577
1578 return ret;
1579 }
1580
FormatAttestChain(const struct HksBlob * attestCert,const struct HksAttestSpec * attestSpec,struct HksBlob * certChain)1581 static int32_t FormatAttestChain(const struct HksBlob *attestCert, const struct HksAttestSpec *attestSpec,
1582 struct HksBlob *certChain)
1583 {
1584 struct HksBlob tmp = *certChain;
1585 *((uint32_t *)tmp.data) = (!attestSpec->isAnonAttest) ? HKS_ATTEST_CERT_COUNT : HKS_ATTEST_CERT_COUNT - 1;
1586 tmp.data += sizeof(uint32_t);
1587 tmp.size -= sizeof(uint32_t);
1588
1589 int32_t ret = CopyBlobToBuffer(attestCert, &tmp);
1590 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "copy attest cert fail")
1591
1592 ret = CopyBlobToBuffer(&attestSpec->devCert, &tmp);
1593 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "copy dev cert fail")
1594
1595 if (!attestSpec->isAnonAttest) {
1596 ret = FormatCertToBuf(HKS_CA_CERT, &tmp);
1597 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "format ca cert failed!")
1598
1599 ret = FormatCertToBuf(HKS_ROOT_CERT, &tmp);
1600 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "format root cert failed!")
1601 } else {
1602 ret = FormatCertToBuf(HKS_ANON_ROOT_CERT, &tmp);
1603 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_BAD_STATE, "format anon root cert failed!")
1604 }
1605
1606 certChain->size = tmp.data - certChain->data;
1607 HKS_LOG_I("certChain size after format is %" LOG_PUBLIC "u", certChain->size);
1608 return HKS_SUCCESS;
1609 }
1610
CreateAttestCertChain(bool isAnonAttest,const struct HksParamSet * keyNodeParamSet,const struct HksParamSet * paramSet,struct HksBlob * certChain,struct HksBlob * rawKey)1611 int32_t CreateAttestCertChain(bool isAnonAttest, const struct HksParamSet *keyNodeParamSet,
1612 const struct HksParamSet *paramSet, struct HksBlob *certChain, struct HksBlob *rawKey)
1613 {
1614 struct HksAttestSpec *attestSpec = NULL;
1615 int32_t ret = BuildAttestSpec(isAnonAttest, keyNodeParamSet, paramSet, rawKey, &attestSpec);
1616 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "build attest spec failed")
1617
1618 struct HksBlob attestCert;
1619 ret = CreateHwAttestCert(attestSpec, &attestCert, isAnonAttest ? HKS_ALG_ECC : HKS_ALG_RSA);
1620 if (ret != HKS_SUCCESS) {
1621 FreeAttestSpec(&attestSpec);
1622 HKS_LOG_E("build attest spec failed");
1623 return ret;
1624 }
1625
1626 ret = FormatAttestChain(&attestCert, attestSpec, certChain);
1627 HKS_FREE_BLOB(attestCert);
1628 FreeAttestSpec(&attestSpec);
1629 return ret;
1630 }
1631