1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifndef _CUT_AUTHENTICATE_
17
18 #ifdef HKS_CONFIG_FILE
19 #include HKS_CONFIG_FILE
20 #else
21 #include "hks_config.h"
22 #endif
23
24 #include <stdbool.h>
25 #include <stddef.h>
26 #include <stdint.h>
27 #include <string.h>
28
29 #include "hks_log.h"
30 #include "hks_mem.h"
31 #include "hks_param.h"
32 #include "hks_common_check.h"
33 #include "hks_storage.h"
34 #include "hks_storage_manager.h"
35 #include "hks_template.h"
36 #include "hks_type_inner.h"
37
38 #include "securec.h"
39
40 #ifdef L2_STANDARD
41 #ifdef HUKS_ENABLE_UPGRADE_KEY_STORAGE_SECURE_LEVEL
42 #ifndef HKS_USE_RKC_IN_STANDARD
43 #include "hks_osaccount_check.h"
44 #include "hks_upgrade_lock.h"
45 #endif
46
IsDe(const struct HksParamSet * paramSet)47 static bool IsDe(const struct HksParamSet *paramSet)
48 {
49 struct HksParam *storageLevelParam = NULL;
50 return HksGetParam(paramSet, HKS_TAG_AUTH_STORAGE_LEVEL, &storageLevelParam) == HKS_SUCCESS &&
51 storageLevelParam->uint32Param == HKS_AUTH_STORAGE_LEVEL_DE;
52 }
53 #endif
54
GetStorageLevelAndStoreUserIdParam(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,uint32_t * storageLevel,int32_t * storeUserId)55 static int32_t GetStorageLevelAndStoreUserIdParam(const struct HksProcessInfo* processInfo,
56 const struct HksParamSet *paramSet, uint32_t *storageLevel, int32_t *storeUserId)
57 {
58 struct HksParam *specificUserIdParam = NULL;
59 int32_t ret = HksGetParam(paramSet, HKS_TAG_SPECIFIC_USER_ID, &specificUserIdParam);
60 if (ret == HKS_SUCCESS) {
61 *storeUserId = specificUserIdParam->int32Param;
62 } else if (ret == HKS_ERROR_PARAM_NOT_EXIST) {
63 *storeUserId = processInfo->userIdInt;
64 ret = HKS_SUCCESS;
65 }
66 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get store user id failed, ret = %" LOG_PUBLIC "d.", ret)
67
68 struct HksParam *storageLevelParam = NULL;
69 ret = HksGetParam(paramSet, HKS_TAG_AUTH_STORAGE_LEVEL, &storageLevelParam);
70 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get storage level tag failed, ret = %" LOG_PUBLIC "d.", ret)
71
72 *storageLevel = storageLevelParam->uint32Param;
73
74 #ifdef HUKS_ENABLE_UPGRADE_KEY_STORAGE_SECURE_LEVEL
75 #ifndef HKS_USE_RKC_IN_STANDARD
76 HksTransferFileIfNeed(*storageLevel, *storeUserId);
77 #endif
78 #endif
79 return ret;
80 }
81 #endif
82
UnlockIfDe(const struct HksParamSet * paramSet)83 static void UnlockIfDe(__attribute__((unused)) const struct HksParamSet *paramSet)
84 {
85 #ifdef L2_STANDARD
86 #ifdef HUKS_ENABLE_UPGRADE_KEY_STORAGE_SECURE_LEVEL
87 if (!IsDe(paramSet)) {
88 return;
89 }
90 #ifndef HKS_USE_RKC_IN_STANDARD
91 HksUpgradeOrRequestUnlockRead();
92 #endif
93 #endif
94 #endif
95 }
96
97 #ifdef HKS_ENABLE_LITE_HAP
98 #define HKS_LITE_NATIVE_PROCESS_NAME "hks_client"
CheckIsLiteHap(const struct HksBlob * processName)99 static bool CheckIsLiteHap(const struct HksBlob *processName)
100 {
101 if (processName->size == strlen(HKS_LITE_NATIVE_PROCESS_NAME)
102 && HksMemCmp(processName->data, HKS_LITE_NATIVE_PROCESS_NAME,
103 strlen(HKS_LITE_NATIVE_PROCESS_NAME)) == HKS_SUCCESS) {
104 return false;
105 }
106 return true;
107 }
108 #endif
109
GetKeyAliasPath(const struct HksBlob * keyAlias,struct HksStoreMaterial * outMaterial)110 static int32_t GetKeyAliasPath(const struct HksBlob *keyAlias, struct HksStoreMaterial *outMaterial)
111 {
112 if (keyAlias == NULL) {
113 return HKS_SUCCESS;
114 }
115 outMaterial->keyAliasPath = (char *)HksMalloc(HKS_MAX_FILE_NAME_LEN);
116 HKS_IF_NULL_LOGE_RETURN(outMaterial->keyAliasPath, HKS_ERROR_MALLOC_FAIL, "malloc keyAliasPath failed.")
117 return ConstructName(keyAlias, outMaterial->keyAliasPath, HKS_MAX_FILE_NAME_LEN);
118 }
119
GetUserIdPath(int32_t userId,bool isPlain,struct HksStoreMaterial * outMaterial)120 static int32_t GetUserIdPath(int32_t userId, bool isPlain, struct HksStoreMaterial *outMaterial)
121 {
122 outMaterial->userIdPath = (char *)HksMalloc(HKS_MAX_DIRENT_FILE_LEN);
123 HKS_IF_NULL_LOGE_RETURN(outMaterial->userIdPath, HKS_ERROR_MALLOC_FAIL, "malloc userIdPath failed.")
124 struct HksBlob userIdBlob = { .data = (uint8_t *)&userId, .size = sizeof(userId) };
125
126 int32_t ret;
127 if (isPlain) {
128 ret = ConstructPlainName(&userIdBlob, outMaterial->userIdPath, HKS_MAX_FILE_NAME_LEN);
129 } else {
130 if (userId == 0) {
131 HKS_LOG_D("skip user id path.");
132 return HKS_SUCCESS;
133 }
134 ret = ConstructName(&userIdBlob, outMaterial->userIdPath, HKS_MAX_FILE_NAME_LEN);
135 }
136
137 return ret;
138 }
139
GetUidPath(bool isPlain,const struct HksBlob * processName,struct HksStoreMaterial * outMaterial)140 static int32_t GetUidPath(bool isPlain, const struct HksBlob *processName,
141 struct HksStoreMaterial *outMaterial)
142 {
143 outMaterial->uidPath = (char *)HksMalloc(HKS_MAX_DIRENT_FILE_LEN);
144 HKS_IF_NULL_LOGE_RETURN(outMaterial->uidPath, HKS_ERROR_MALLOC_FAIL, "malloc uidPath failed.")
145 #ifdef HKS_ENABLE_LITE_HAP
146 if (CheckIsLiteHap(processName)) {
147 if (memcpy_s(outMaterial->uidPath, HKS_MAX_DIRENT_FILE_LEN, processName->data, processName->size) != EOK) {
148 HKS_LOG_E("construct uidPath fail, uidPath buffer is too small.");
149 return HKS_ERROR_BUFFER_TOO_SMALL;
150 }
151 return HKS_SUCCESS;
152 }
153 #endif
154 int32_t ret;
155 if (isPlain) {
156 ret = ConstructPlainName(processName, outMaterial->uidPath, HKS_MAX_DIRENT_FILE_LEN);
157 } else {
158 ret = ConstructName(processName, outMaterial->uidPath, HKS_MAX_DIRENT_FILE_LEN);
159 }
160
161 return ret;
162 }
163
GetStorageTypePath(uint32_t storageType,struct HksStoreMaterial * outMaterial)164 static int32_t GetStorageTypePath(uint32_t storageType, struct HksStoreMaterial *outMaterial)
165 {
166 switch (storageType) {
167 case HKS_STORAGE_TYPE_KEY:
168 case HKS_STORAGE_TYPE_BAK_KEY:
169 outMaterial->storageTypePath = (char *)HksMalloc(sizeof(HKS_KEY_STORE_KEY_PATH) + 1);
170 if (outMaterial->storageTypePath == NULL) {
171 return HKS_ERROR_MALLOC_FAIL;
172 }
173 (void)memcpy_s(outMaterial->storageTypePath, sizeof(HKS_KEY_STORE_KEY_PATH),
174 HKS_KEY_STORE_KEY_PATH, sizeof(HKS_KEY_STORE_KEY_PATH));
175 return HKS_SUCCESS;
176 case HKS_STORAGE_TYPE_ROOT_KEY:
177 outMaterial->storageTypePath = (char *)HksMalloc(sizeof(HKS_KEY_STORE_ROOT_KEY_PATH) + 1);
178 if (outMaterial->storageTypePath == NULL) {
179 return HKS_ERROR_MALLOC_FAIL;
180 }
181 (void)memcpy_s(outMaterial->storageTypePath, sizeof(HKS_KEY_STORE_ROOT_KEY_PATH),
182 HKS_KEY_STORE_ROOT_KEY_PATH, sizeof(HKS_KEY_STORE_ROOT_KEY_PATH));
183 return HKS_SUCCESS;
184 default:
185 return HKS_ERROR_BAD_STATE;
186 }
187 }
188
GetIsPlainPath(uint32_t storageLevel)189 static bool GetIsPlainPath(uint32_t storageLevel)
190 {
191 (void)storageLevel;
192 #ifdef L2_STANDARD
193 switch (storageLevel) {
194 case HKS_AUTH_STORAGE_LEVEL_DE:
195 return true;
196 case HKS_AUTH_STORAGE_LEVEL_CE:
197 return true;
198 case HKS_AUTH_STORAGE_LEVEL_ECE:
199 return true;
200 #ifdef HUKS_ENABLE_SKIP_UPGRADE_KEY_STORAGE_SECURE_LEVEL
201 case HKS_AUTH_STORAGE_LEVEL_OLD_DE_TMP:
202 return false;
203 #endif
204 }
205 #endif
206 return false;
207 }
208
GetPathType(const struct HksProcessInfo * processInfo,uint32_t storageType,int32_t storageLevel,struct HksStoreMaterial * outMaterial)209 static int32_t GetPathType(const struct HksProcessInfo *processInfo, uint32_t storageType,
210 int32_t storageLevel, struct HksStoreMaterial *outMaterial)
211 {
212 (void)processInfo;
213 (void)storageType;
214 #ifdef HKS_ENABLE_LITE_HAP
215 if (CheckIsLiteHap(&processInfo->processName)) {
216 outMaterial->pathType = LITE_HAP_PATH;
217 return HKS_SUCCESS;
218 }
219 #endif
220 #ifdef HKS_USE_RKC_IN_STANDARD
221 if (storageType == HKS_STORAGE_TYPE_ROOT_KEY) {
222 outMaterial->pathType = RKC_IN_STANDARD_PATH;
223 return HKS_SUCCESS;
224 }
225 #endif
226 switch (storageLevel) {
227 case HKS_AUTH_STORAGE_LEVEL_DE:
228 outMaterial->pathType = DE_PATH;
229 break;
230 #ifdef L2_STANDARD
231 case HKS_AUTH_STORAGE_LEVEL_CE:
232 outMaterial->pathType = CE_PATH;
233 break;
234 case HKS_AUTH_STORAGE_LEVEL_ECE:
235 outMaterial->pathType = ECE_PATH;
236 break;
237 #ifdef HUKS_ENABLE_SKIP_UPGRADE_KEY_STORAGE_SECURE_LEVEL
238 case HKS_AUTH_STORAGE_LEVEL_OLD_DE_TMP:
239 outMaterial->pathType = TMP_PATH;
240 break;
241 #endif
242 #endif
243 default:
244 HKS_LOG_E("invalid storage level %" LOG_PUBLIC "d.", storageLevel);
245 }
246 return HKS_SUCCESS;
247 }
248
FreeStorageMaterial(struct HksStoreMaterial * material)249 static void FreeStorageMaterial(struct HksStoreMaterial *material)
250 {
251 HKS_FREE(material->userIdPath);
252 HKS_FREE(material->uidPath);
253 HKS_FREE(material->storageTypePath);
254 HKS_FREE(material->keyAliasPath);
255 }
256
InitStorageMaterial(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,uint32_t storageType,struct HksStoreMaterial * outMaterial)257 static int32_t InitStorageMaterial(const struct HksProcessInfo *processInfo,
258 const struct HksParamSet *paramSet, const struct HksBlob *keyAlias, uint32_t storageType,
259 struct HksStoreMaterial *outMaterial)
260 {
261 (void)paramSet;
262 uint32_t storageLevel = HKS_AUTH_STORAGE_LEVEL_DE;
263 int32_t storeUserId = processInfo->userIdInt;
264 int32_t ret;
265 #ifdef L2_STANDARD
266 ret = GetStorageLevelAndStoreUserIdParam(processInfo, paramSet, &storageLevel, &storeUserId);
267 if (ret != HKS_SUCCESS) {
268 HKS_LOG_E("get storage level and user id from param set failed.");
269 return ret;
270 }
271 #endif
272 bool isPlainPath = GetIsPlainPath(storageLevel);
273
274 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
275 do {
276 ret = GetPathType(processInfo, storageType, storageLevel, &material);
277 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get path type failed.")
278
279 ret = GetUserIdPath(storeUserId, isPlainPath, &material);
280 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get user id path failed.")
281
282 ret = GetUidPath(isPlainPath, &processInfo->processName, &material);
283 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get uid path failed.")
284
285 ret = GetStorageTypePath(storageType, &material);
286 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get storage type path failed.")
287
288 ret = GetKeyAliasPath(keyAlias, &material);
289 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get key alias path failed.")
290
291 *outMaterial = material;
292 return HKS_SUCCESS;
293 } while (false);
294 FreeStorageMaterial(&material);
295 return ret;
296 }
297
HksConstructStoreFileInfo(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksStoreMaterial * material,struct HksStoreFileInfo * fileInfo)298 static int32_t HksConstructStoreFileInfo(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
299 const struct HksStoreMaterial *material, struct HksStoreFileInfo *fileInfo)
300 {
301 int32_t ret;
302 do {
303 ret = CheckSpecificUserIdAndStorageLevel(processInfo, paramSet);
304 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "check storagelevel or specificuserid tag failed, ret = %" LOG_PUBLIC "d.", ret)
305
306 ret = HksGetFileInfo(material, fileInfo);
307 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get plain file info failed, ret = %" LOG_PUBLIC "d.", ret)
308 } while (0);
309 return ret;
310 }
311
HksManageStoreKeyBlob(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,const struct HksBlob * keyBlob,uint32_t storageType)312 int32_t HksManageStoreKeyBlob(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
313 const struct HksBlob *keyAlias, const struct HksBlob *keyBlob, uint32_t storageType)
314 {
315 (void)processInfo;
316 UnlockIfDe(paramSet);
317 #ifdef SUPPORT_STORAGE_BACKUP
318 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
319 #else
320 struct HksStoreFileInfo fileInfo = { { 0 } };
321 #endif
322 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
323 int32_t ret;
324 do {
325 #ifdef _STORAGE_LITE_
326 ret = HksStoreKeyBlob(NULL, keyAlias, storageType, keyBlob);
327 #else
328 ret = InitStorageMaterial(processInfo, paramSet, keyAlias, storageType, &material);
329 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
330
331 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
332 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
333
334 ret = HksStoreKeyBlob(&fileInfo, &material, keyBlob);
335 #endif
336 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks store key blob failed, ret = %" LOG_PUBLIC "d.", ret)
337 } while (0);
338
339 FileInfoFree(&fileInfo);
340 FreeStorageMaterial(&material);
341 return ret;
342 }
343
HksManageStoreDeleteKeyBlob(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,uint32_t storageType)344 int32_t HksManageStoreDeleteKeyBlob(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
345 const struct HksBlob *keyAlias, uint32_t storageType)
346 {
347 (void)processInfo;
348 UnlockIfDe(paramSet);
349 #ifdef SUPPORT_STORAGE_BACKUP
350 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
351 #else
352 struct HksStoreFileInfo fileInfo = { { 0 } };
353 #endif
354 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
355 int32_t ret;
356 do {
357 #ifdef _STORAGE_LITE_
358 ret = HksStoreDeleteKeyBlob(NULL, keyAlias, storageType);
359 #else
360 ret = InitStorageMaterial(processInfo, paramSet, keyAlias, storageType, &material);
361 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
362
363 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
364 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
365
366 ret = HksStoreDeleteKeyBlob(&fileInfo, &material);
367 #endif
368 HKS_IF_NOT_SUCC_LOGI_BREAK(ret, "hks delete key blob failed, ret = %" LOG_PUBLIC "d.", ret)
369 } while (0);
370
371 FileInfoFree(&fileInfo);
372 FreeStorageMaterial(&material);
373 return ret;
374 }
375
HksManageStoreIsKeyBlobExist(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,uint32_t storageType)376 int32_t HksManageStoreIsKeyBlobExist(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
377 const struct HksBlob *keyAlias, uint32_t storageType)
378 {
379 (void)processInfo;
380 UnlockIfDe(paramSet);
381 #ifdef SUPPORT_STORAGE_BACKUP
382 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
383 #else
384 struct HksStoreFileInfo fileInfo = { { 0 } };
385 #endif
386 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
387 int32_t ret;
388 do {
389 #ifdef _STORAGE_LITE_
390 ret = HksStoreIsKeyBlobExist(NULL, keyAlias, storageType);
391 #else
392 ret = InitStorageMaterial(processInfo, paramSet, keyAlias, storageType, &material);
393 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
394
395 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
396 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
397
398 ret = HksStoreIsKeyBlobExist(&fileInfo);
399 #endif
400 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks key blob in old de not exist, ret = %" LOG_PUBLIC "d.", ret)
401 } while (0);
402
403 FileInfoFree(&fileInfo);
404 FreeStorageMaterial(&material);
405 return ret;
406 }
407
HksManageStoreGetKeyBlob(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,struct HksBlob * keyBlob,uint32_t storageType)408 int32_t HksManageStoreGetKeyBlob(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
409 const struct HksBlob *keyAlias, struct HksBlob *keyBlob, uint32_t storageType)
410 {
411 (void)processInfo;
412 UnlockIfDe(paramSet);
413 #ifdef SUPPORT_STORAGE_BACKUP
414 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
415 #else
416 struct HksStoreFileInfo fileInfo = { { 0 } };
417 #endif
418 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
419 int32_t ret;
420 do {
421 #ifdef _STORAGE_LITE_
422 ret = HksStoreGetKeyBlob(NULL, keyAlias, storageType, keyBlob);
423 #else
424 ret = InitStorageMaterial(processInfo, paramSet, keyAlias, storageType, &material);
425 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
426
427 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
428 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
429
430 if (storageType != HKS_STORAGE_TYPE_BAK_KEY) {
431 ret = HksStoreGetKeyBlob(&fileInfo.mainPath, &material, keyBlob);
432 }
433 #ifdef SUPPORT_STORAGE_BACKUP
434 else {
435 ret = HksStoreGetKeyBlob(&fileInfo.bakPath, &material, keyBlob);
436 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get key blob failed, ret = %" LOG_PUBLIC "d.", ret)
437
438 if (HksStorageWriteFile(fileInfo.mainPath.path, fileInfo.mainPath.fileName, 0,
439 keyBlob->data, keyBlob->size) != HKS_SUCCESS) {
440 HKS_LOG_E("hks copy bak key to main key failed");
441 }
442 }
443 #endif
444 #endif
445 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get key blob failed, ret = %" LOG_PUBLIC "d.", ret)
446 } while (0);
447
448 FileInfoFree(&fileInfo);
449 FreeStorageMaterial(&material);
450 return ret;
451 }
452
HksManageStoreGetKeyBlobSize(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,uint32_t * keyBlobSize,uint32_t storageType)453 int32_t HksManageStoreGetKeyBlobSize(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
454 const struct HksBlob *keyAlias, uint32_t *keyBlobSize, uint32_t storageType)
455 {
456 (void)processInfo;
457 UnlockIfDe(paramSet);
458 #ifdef SUPPORT_STORAGE_BACKUP
459 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
460 #else
461 struct HksStoreFileInfo fileInfo = { { 0 } };
462 #endif
463 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
464 int32_t ret;
465 do {
466 #ifdef _STORAGE_LITE_
467 ret = HksStoreGetKeyBlobSize(NULL, keyAlias, storageType, keyBlobSize);
468 #else
469 ret = InitStorageMaterial(processInfo, paramSet, keyAlias, storageType, &material);
470 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
471
472 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
473 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
474
475 if (storageType != HKS_STORAGE_TYPE_BAK_KEY) {
476 ret = HksStoreGetKeyBlobSize(&fileInfo.mainPath, &material, keyBlobSize);
477 }
478 #ifdef SUPPORT_STORAGE_BACKUP
479 else {
480 ret = HksStoreGetKeyBlobSize(&fileInfo.bakPath, &material, keyBlobSize);
481 }
482 #endif
483 #endif
484 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get key blob failed, ret = %" LOG_PUBLIC "d.", ret)
485 } while (0);
486
487 FileInfoFree(&fileInfo);
488 FreeStorageMaterial(&material);
489 return ret;
490 }
491
HksManageGetKeyAliasByProcessName(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,struct HksKeyInfo * keyInfoList,uint32_t * listCount)492 int32_t HksManageGetKeyAliasByProcessName(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
493 struct HksKeyInfo *keyInfoList, uint32_t *listCount)
494 {
495 UnlockIfDe(paramSet);
496 #ifdef SUPPORT_STORAGE_BACKUP
497 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
498 #else
499 struct HksStoreFileInfo fileInfo = { { 0 } };
500 #endif
501 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
502 int32_t ret;
503 do {
504 ret = InitStorageMaterial(processInfo, paramSet, NULL, HKS_STORAGE_TYPE_KEY, &material);
505 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
506
507 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
508 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
509
510 ret = HksGetKeyAliasByProcessName(&fileInfo, keyInfoList, listCount);
511 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get key alias by processname failed, ret = %" LOG_PUBLIC "d.", ret)
512 } while (0);
513
514 FileInfoFree(&fileInfo);
515 FreeStorageMaterial(&material);
516 return ret;
517 }
518
HksManageGetKeyCountByProcessName(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,uint32_t * fileCount)519 int32_t HksManageGetKeyCountByProcessName(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
520 uint32_t *fileCount)
521 {
522 (void)processInfo;
523 UnlockIfDe(paramSet);
524 #ifdef SUPPORT_STORAGE_BACKUP
525 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
526 #else
527 struct HksStoreFileInfo fileInfo = { { 0 } };
528 #endif
529 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
530 int32_t ret;
531 do {
532 #ifdef _STORAGE_LITE_
533 ret = HksGetKeyCountByProcessName(NULL, fileCount);
534 #else
535 ret = InitStorageMaterial(processInfo, paramSet, NULL, HKS_STORAGE_TYPE_KEY, &material);
536 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
537
538 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
539 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
540
541 ret = HksGetKeyCountByProcessName(&fileInfo, fileCount);
542 #endif
543 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get key count by processname failed, ret = %" LOG_PUBLIC "d.", ret)
544 } while (0);
545
546 FileInfoFree(&fileInfo);
547 FreeStorageMaterial(&material);
548 return ret;
549 }
550
HksManageListAliasesByProcessName(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,struct HksKeyAliasSet ** outData)551 int32_t HksManageListAliasesByProcessName(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
552 struct HksKeyAliasSet **outData)
553 {
554 UnlockIfDe(paramSet);
555 #ifdef L2_STANDARD
556 #ifdef SUPPORT_STORAGE_BACKUP
557 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
558 #else
559 struct HksStoreFileInfo fileInfo = { { 0 } };
560 #endif
561 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
562 int32_t ret;
563 do {
564 ret = InitStorageMaterial(processInfo, paramSet, NULL, HKS_STORAGE_TYPE_KEY, &material);
565 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
566
567 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
568 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
569
570 ret = HksListAliasesByProcessName(&fileInfo, outData);
571 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks list aliases by processname failed, ret = %" LOG_PUBLIC "d.", ret)
572 } while (0);
573
574 FileInfoFree(&fileInfo);
575 FreeStorageMaterial(&material);
576 return ret;
577 #else
578 (void)processInfo;
579 (void)paramSet;
580 (void)outData;
581 return HKS_SUCCESS;
582 #endif
583 }
584
HksManageStoreRenameKeyAlias(const struct HksProcessInfo * processInfo,const struct HksBlob * oldKeyAlias,const struct HksParamSet * paramSet,const struct HksBlob * newKeyAlias,uint32_t storageType)585 int32_t HksManageStoreRenameKeyAlias(const struct HksProcessInfo *processInfo,
586 const struct HksBlob *oldKeyAlias, const struct HksParamSet *paramSet,
587 const struct HksBlob *newKeyAlias, uint32_t storageType)
588 {
589 (void)processInfo;
590 UnlockIfDe(paramSet);
591 struct HksStoreFileInfo oldKeyFileInfo = { { 0 } };
592 struct HksStoreFileInfo newKeyFileInfo = { { 0 } };
593 struct HksStoreMaterial oldKeyMaterial = { DE_PATH, 0, 0, 0, 0 };
594 struct HksStoreMaterial newKeyMaterial = { DE_PATH, 0, 0, 0, 0 };
595 int32_t ret;
596 do {
597 ret = InitStorageMaterial(processInfo, paramSet, oldKeyAlias, storageType, &oldKeyMaterial);
598 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init old key storage material failed, ret = %" LOG_PUBLIC "d.", ret);
599 ret = InitStorageMaterial(processInfo, paramSet, newKeyAlias, storageType, &newKeyMaterial);
600 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init new key storage material failed, ret = %" LOG_PUBLIC "d.", ret);
601
602 ret = HksConstructStoreFileInfo(processInfo, paramSet, &oldKeyMaterial, &oldKeyFileInfo);
603 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct old store file info failed, ret = %" LOG_PUBLIC "d.", ret);
604 ret = HksConstructStoreFileInfo(processInfo, paramSet, &newKeyMaterial, &newKeyFileInfo);
605 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct new store file info failed, ret = %" LOG_PUBLIC "d.", ret);
606
607 ret = HksCheckParamSetValidity(paramSet);
608 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "check paramset invalid failed!");
609
610 struct HksParam *isNeedCopy = NULL;
611 ret = HksGetParam(paramSet, HKS_TAG_IS_COPY_NEW_KEY, &isNeedCopy);
612 if (ret == HKS_SUCCESS && isNeedCopy->boolParam == true) {
613 ret = HksStoreRenameKeyAlias(&oldKeyFileInfo, &newKeyFileInfo, &oldKeyMaterial, &newKeyMaterial, true);
614 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks rename key blod failed, ret = %" LOG_PUBLIC "d.", ret);
615 } else {
616 ret = HksStoreRenameKeyAlias(&oldKeyFileInfo, &newKeyFileInfo, &oldKeyMaterial, &newKeyMaterial, false);
617 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks rename key blod failed, ret = %" LOG_PUBLIC "d.", ret);
618 }
619 } while (0);
620 FileInfoFree(&oldKeyFileInfo);
621 FileInfoFree(&newKeyFileInfo);
622 FreeStorageMaterial(&oldKeyMaterial);
623 FreeStorageMaterial(&newKeyMaterial);
624 return ret;
625 }
626
627 #endif