1 /*
2 * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #include "hks_config.h"
20 #endif
21
22 #include "hks_client_ipc.h"
23
24 #include <stdbool.h>
25 #include <stddef.h>
26 #include <stdint.h>
27
28 #include "hks_common_check.h"
29 #include "hks_ipc_check.h"
30 #include "hks_client_ipc_serialization.h"
31 #include "hks_ipc_slice.h"
32 #include "hks_log.h"
33 #include "hks_mem.h"
34 #include "hks_param.h"
35 #include "hks_request.h"
36 #include "hks_template.h"
37 #include "hks_type.h"
38 #include "hks_type_inner.h"
39 #include "securec.h"
40
41 #ifdef HKS_L1_SMALL
42 #include "hks_samgr_client.h"
43 #include <unistd.h>
44 #endif
45
HksClientInitialize(void)46 int32_t HksClientInitialize(void)
47 {
48 #ifdef HKS_L1_SMALL
49 for (uint32_t i = 0; i < HKS_MAX_RETRY_TIME; ++i) {
50 IUnknown *iUnknown = SAMGR_GetInstance()->GetFeatureApi(HKS_SAMGR_SERVICE, HKS_SAMGR_FEATRURE);
51 if (iUnknown != NULL) {
52 return HKS_SUCCESS;
53 }
54 usleep(HKS_SLEEP_TIME_FOR_RETRY);
55 }
56 HKS_LOG_E("HUKS service is not ready!");
57 return HKS_ERROR_BAD_STATE;
58 #else
59 return HKS_SUCCESS;
60 #endif
61 }
62
HksClientRefreshKeyInfo(void)63 int32_t HksClientRefreshKeyInfo(void)
64 {
65 return HKS_SUCCESS;
66 }
67
BuildParamSetNotNull(const struct HksParamSet * paramSetIn,struct HksParamSet ** paramSetOut)68 static int32_t BuildParamSetNotNull(const struct HksParamSet *paramSetIn, struct HksParamSet **paramSetOut)
69 {
70 int32_t ret;
71 struct HksParamSet *tmpParamSet = NULL;
72 do {
73 if (paramSetIn != NULL) {
74 ret = HksCheckParamSet(paramSetIn, paramSetIn->paramSetSize);
75 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check paramSet failed")
76 }
77
78 ret = HksInitParamSet(&tmpParamSet);
79 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksInitParamSet failed")
80
81 if (paramSetIn != NULL) {
82 ret = HksAddParams(tmpParamSet, paramSetIn->params, paramSetIn->paramsCnt);
83 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksAddParams failed")
84 }
85 ret = HksBuildParamSet(&tmpParamSet);
86 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksBuildParamSet failed")
87 } while (0);
88 if (ret != HKS_SUCCESS) {
89 HksFreeParamSet(&tmpParamSet);
90 return ret;
91 }
92 *paramSetOut = tmpParamSet;
93 return ret;
94 }
95
HksClientGenerateKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSetIn,struct HksParamSet * paramSetOut)96 int32_t HksClientGenerateKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSetIn,
97 struct HksParamSet *paramSetOut)
98 {
99 int32_t ret = HksCheckIpcGenerateKey(keyAlias, paramSetIn);
100 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcGenerateKey fail")
101
102 struct HksBlob inBlob = { 0, NULL };
103 struct HksBlob outBlob = { 0, NULL };
104 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(paramSetIn->paramSetSize) +
105 sizeof(outBlob.size);
106 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
107 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
108 if (paramSetOut != NULL) {
109 outBlob.size = paramSetOut->paramSetSize;
110 outBlob.data = (uint8_t *)paramSetOut;
111 }
112
113 do {
114 ret = HksGenerateKeyPack(&inBlob, keyAlias, paramSetIn, &outBlob);
115 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksGenerateKeyPack fail")
116
117 ret = HksSendRequest(HKS_MSG_GEN_KEY, &inBlob, &outBlob, paramSetIn);
118 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest fail, ret = %" LOG_PUBLIC "d", ret)
119
120 if (paramSetOut != NULL) {
121 ret = HksFreshParamSet(paramSetOut, false);
122 HKS_IF_NOT_SUCC_LOGE(ret, "FreshParamSet fail, ret = %" LOG_PUBLIC "d", ret)
123 }
124 } while (0);
125
126 HKS_FREE_BLOB(inBlob);
127 return ret;
128 }
129
HksClientImportKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,const struct HksBlob * key)130 int32_t HksClientImportKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
131 const struct HksBlob *key)
132 {
133 int32_t ret = HksCheckIpcImportKey(keyAlias, paramSet, key);
134 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcImportKey fail")
135
136 struct HksBlob inBlob = { 0, NULL };
137 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(paramSet->paramSetSize) +
138 sizeof(key->size) + ALIGN_SIZE(key->size);
139 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
140 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
141
142 do {
143 ret = HksImportKeyPack(&inBlob, keyAlias, paramSet, key);
144 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksImportKeyPack fail")
145
146 ret = HksSendRequest(HKS_MSG_IMPORT_KEY, &inBlob, NULL, paramSet);
147 } while (0);
148
149 HKS_FREE_BLOB(inBlob);
150 return ret;
151 }
152
HksClientExportPublicKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksBlob * key)153 int32_t HksClientExportPublicKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
154 struct HksBlob *key)
155 {
156 int32_t ret;
157 struct HksParamSet *newParamSet = NULL;
158 struct HksBlob inBlob = { 0, NULL };
159
160 do {
161 ret = BuildParamSetNotNull(paramSet, &newParamSet);
162 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSet not null fail, ret = %" LOG_PUBLIC "d", ret)
163
164 ret = HksCheckIpcExportPublicKey(keyAlias, newParamSet, key);
165 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcExportPublicKey fail")
166
167 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + sizeof(key->size) +
168 ALIGN_SIZE(newParamSet->paramSetSize);
169 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
170 if (inBlob.data == NULL) {
171 ret = HKS_ERROR_MALLOC_FAIL;
172 break;
173 }
174
175 ret = HksExportPublicKeyPack(keyAlias, newParamSet, key, &inBlob);
176 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksExportPublicKeyPack fail")
177
178 ret = HksSendRequest(HKS_MSG_EXPORT_PUBLIC_KEY, &inBlob, key, newParamSet);
179 } while (0);
180
181 HksFreeParamSet(&newParamSet);
182 HKS_FREE_BLOB(inBlob);
183 return ret;
184 }
185
HksClientImportWrappedKey(const struct HksBlob * keyAlias,const struct HksBlob * wrappingKeyAlias,const struct HksParamSet * paramSet,const struct HksBlob * wrappedKeyData)186 int32_t HksClientImportWrappedKey(const struct HksBlob *keyAlias, const struct HksBlob *wrappingKeyAlias,
187 const struct HksParamSet *paramSet, const struct HksBlob *wrappedKeyData)
188 {
189 int32_t ret = HksCheckIpcImportWrappedKey(keyAlias, wrappingKeyAlias, paramSet, wrappedKeyData);
190 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksClientImportWrappedKey fail")
191
192 struct HksBlob inBlob = { 0, NULL };
193 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) +
194 sizeof(wrappingKeyAlias->size) + ALIGN_SIZE(wrappingKeyAlias->size) +
195 ALIGN_SIZE(paramSet->paramSetSize) +
196 sizeof(wrappedKeyData->size) + ALIGN_SIZE(wrappedKeyData->size);
197 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
198 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
199
200 do {
201 ret = HksImportWrappedKeyPack(&inBlob, keyAlias, wrappingKeyAlias, paramSet, wrappedKeyData);
202 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksImportWrappedKeyPack fail")
203
204 ret = HksSendRequest(HKS_MSG_IMPORT_WRAPPED_KEY, &inBlob, NULL, paramSet);
205 } while (0);
206
207 HKS_FREE_BLOB(inBlob);
208 return ret;
209 }
210
HksClientDeleteKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet)211 int32_t HksClientDeleteKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet)
212 {
213 int32_t ret;
214 struct HksParamSet *newParamSet = NULL;
215 struct HksBlob inBlob = { 0, NULL };
216
217 do {
218 ret = BuildParamSetNotNull(paramSet, &newParamSet);
219 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSet not null fail, ret = %" LOG_PUBLIC "d", ret)
220
221 ret = HksCheckIpcDeleteKey(keyAlias, newParamSet);
222 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcDeleteKey fail")
223
224 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(newParamSet->paramSetSize);
225 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
226 if (inBlob.data == NULL) {
227 ret = HKS_ERROR_MALLOC_FAIL;
228 break;
229 }
230
231 ret = HksDeleteKeyPack(keyAlias, newParamSet, &inBlob);
232 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksDeleteKeyPack fail")
233
234 ret = HksSendRequest(HKS_MSG_DELETE_KEY, &inBlob, NULL, newParamSet);
235 } while (0);
236
237 HksFreeParamSet(&newParamSet);
238 HKS_FREE_BLOB(inBlob);
239 return ret;
240 }
241
HksClientGetKeyParamSet(const struct HksBlob * keyAlias,const struct HksParamSet * paramSetIn,struct HksParamSet * paramSetOut)242 int32_t HksClientGetKeyParamSet(const struct HksBlob *keyAlias, const struct HksParamSet *paramSetIn,
243 struct HksParamSet *paramSetOut)
244 {
245 int32_t ret;
246 struct HksParamSet *newParamSet = NULL;
247 struct HksBlob inBlob = { 0, NULL };
248
249 do {
250 ret = BuildParamSetNotNull(paramSetIn, &newParamSet);
251 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSetIn not null fail, ret = %" LOG_PUBLIC "d", ret)
252
253 ret = HksCheckIpcGetKeyParamSet(keyAlias, newParamSet, paramSetOut);
254 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcGetKeyParamSet fail")
255
256 struct HksBlob outBlob = { paramSetOut->paramSetSize, (uint8_t *)paramSetOut };
257 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + sizeof(paramSetOut->paramSetSize) +
258 ALIGN_SIZE(newParamSet->paramSetSize);
259 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
260 if (inBlob.data == NULL) {
261 ret = HKS_ERROR_MALLOC_FAIL;
262 break;
263 }
264
265 ret = HksGetKeyParamSetPack(keyAlias, newParamSet, &outBlob, &inBlob);
266 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksGetKeyParamSetPack fail")
267
268 ret = HksSendRequest(HKS_MSG_GET_KEY_PARAMSET, &inBlob, &outBlob, newParamSet);
269 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest fail, ret = %" LOG_PUBLIC "d", ret)
270
271 ret = HksFreshParamSet(paramSetOut, false);
272 HKS_IF_NOT_SUCC_LOGE(ret, "FreshParamSet fail, ret = %" LOG_PUBLIC "d", ret)
273 } while (0);
274
275 HksFreeParamSet(&newParamSet);
276 HKS_FREE_BLOB(inBlob);
277 return ret;
278 }
279
HksClientKeyExist(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet)280 int32_t HksClientKeyExist(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet)
281 {
282 int32_t ret;
283 struct HksParamSet *newParamSet = NULL;
284 struct HksBlob inBlob = { 0, NULL };
285
286 do {
287 ret = BuildParamSetNotNull(paramSet, &newParamSet);
288 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSet not null fail, ret = %" LOG_PUBLIC "d", ret)
289
290 ret = HksCheckIpcKeyExist(keyAlias, newParamSet);
291 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcKeyExist fail")
292
293 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(newParamSet->paramSetSize);
294 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
295 if (inBlob.data == NULL) {
296 ret = HKS_ERROR_MALLOC_FAIL;
297 break;
298 }
299
300 ret = HksKeyExistPack(keyAlias, newParamSet, &inBlob);
301 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksKeyExistPack fail")
302
303 ret = HksSendRequest(HKS_MSG_KEY_EXIST, &inBlob, NULL, newParamSet);
304 } while (0);
305
306 HksFreeParamSet(&newParamSet);
307 HKS_FREE_BLOB(inBlob);
308 return ret;
309 }
310
HksClientGenerateRandom(struct HksBlob * random,const struct HksParamSet * paramSet)311 int32_t HksClientGenerateRandom(struct HksBlob *random, const struct HksParamSet *paramSet)
312 {
313 HKS_IF_NOT_SUCC_RETURN(CheckBlob(random), HKS_ERROR_INVALID_ARGUMENT)
314 struct HksBlob inBlob = { sizeof(random->size), (uint8_t *)&(random->size) };
315 return HksSendRequest(HKS_MSG_GENERATE_RANDOM, &inBlob, random, paramSet);
316 }
317
HksClientSign(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * srcData,struct HksBlob * signature)318 int32_t HksClientSign(const struct HksBlob *key, const struct HksParamSet *paramSet,
319 const struct HksBlob *srcData, struct HksBlob *signature)
320 {
321 int32_t ret = HksCheckBlob3AndParamSet(key, srcData, signature, paramSet);
322 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check in and out data failed")
323
324 struct HksBlob tmpInData = *srcData;
325 struct HksBlob tmpOutData = *signature;
326 ret = HksSliceDataEntry(HKS_MSG_SIGN, key, paramSet, &tmpInData, &tmpOutData);
327 if (ret != HKS_SUCCESS) {
328 HKS_LOG_E("HksClientSign fail");
329 } else {
330 signature->size = tmpOutData.size;
331 }
332 return ret;
333 }
334
HksClientVerify(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * srcData,const struct HksBlob * signature)335 int32_t HksClientVerify(const struct HksBlob *key, const struct HksParamSet *paramSet,
336 const struct HksBlob *srcData, const struct HksBlob *signature)
337 {
338 int32_t ret = HksCheckBlob3AndParamSet(key, srcData, signature, paramSet);
339 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check in and out data failed")
340
341 struct HksBlob tmpInData = *srcData;
342 struct HksBlob tmpOutData = *signature;
343 ret = HksSliceDataEntry(HKS_MSG_VERIFY, key, paramSet, &tmpInData, &tmpOutData);
344 HKS_IF_NOT_SUCC_LOGE(ret, "HksClientVerify fail")
345 return ret;
346 }
347
AddAeTag(struct HksParamSet * paramSet,const struct HksBlob * inText,bool isEncrypt)348 static int32_t AddAeTag(struct HksParamSet *paramSet, const struct HksBlob *inText, bool isEncrypt)
349 {
350 int32_t ret;
351 if (!isEncrypt) {
352 HKS_IF_TRUE_LOGE_RETURN(inText->size <= HKS_AE_TAG_LEN, HKS_ERROR_INVALID_ARGUMENT, "too small inText size")
353
354 struct HksParam aeParam;
355 aeParam.tag = HKS_TAG_AE_TAG;
356 aeParam.blob.data = inText->data + inText->size - HKS_AE_TAG_LEN;
357 aeParam.blob.size = HKS_AE_TAG_LEN;
358 ret = HksAddParams(paramSet, &aeParam, 1);
359 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "decrypt add ae params failed")
360 }
361
362 struct HksParam payloadParam;
363 payloadParam.tag = HKS_TAG_PAYLOAD_LEN;
364 payloadParam.uint32Param = inText->size;
365 ret = HksAddParams(paramSet, &payloadParam, 1);
366 HKS_IF_NOT_SUCC_LOGE(ret, "add payload param failed")
367 return ret;
368 }
369
AddAesTag(const struct HksParamSet * paramSet,struct HksParamSet * newParamSet,struct HksBlob * inText,bool isEncrypt)370 static int32_t AddAesTag(const struct HksParamSet *paramSet, struct HksParamSet *newParamSet,
371 struct HksBlob *inText, bool isEncrypt)
372 {
373 bool isAeMode = false;
374 bool isAes = false;
375 int32_t ret = HksCheckAesAeMode(paramSet, &isAes, &isAeMode);
376 HKS_IF_NOT_SUCC_RETURN(ret, ret)
377
378 /* Except for AES GCM and CCM mode, no need add tag, return success */
379 if ((!isAes) || (!isAeMode)) {
380 HKS_LOG_I("Not AES CCM or GCM mode!");
381 return HKS_SUCCESS;
382 }
383 return AddAeTag(newParamSet, inText, isEncrypt);
384 }
385
AppendToNewParamSet(const struct HksParamSet * paramSet,struct HksParamSet ** outParamSet)386 static int32_t AppendToNewParamSet(const struct HksParamSet *paramSet, struct HksParamSet **outParamSet)
387 {
388 struct HksParamSet *newParamSet = NULL;
389 int32_t ret = HksInitParamSet(&newParamSet);
390 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "append init operation param set fail")
391
392 ret = HksAddParams(newParamSet, paramSet->params, paramSet->paramsCnt);
393 if (ret != HKS_SUCCESS) {
394 HKS_LOG_E("append add in params fail");
395 HksFreeParamSet(&newParamSet);
396 return ret;
397 }
398
399 *outParamSet = newParamSet;
400 return HKS_SUCCESS;
401 }
402
AppendCipherTag(const struct HksParamSet * paramSet,const struct HksBlob * inText,bool isEncrypt,struct HksParamSet ** outParamSet)403 static int32_t AppendCipherTag(const struct HksParamSet *paramSet, const struct HksBlob *inText, bool isEncrypt,
404 struct HksParamSet **outParamSet)
405 {
406 struct HksParamSet *newParamSet = NULL;
407 int32_t ret = AppendToNewParamSet(paramSet, &newParamSet);
408 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "append cipher client service tag fail")
409
410 do {
411 ret = AddAesTag(paramSet, newParamSet, (struct HksBlob *)inText, isEncrypt);
412 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "append add Aes Tag fail")
413
414 ret = HksBuildParamSet(&newParamSet);
415 HKS_IF_NOT_SUCC_LOGE(ret, "append build paramset fail")
416 } while (0);
417 if (ret != HKS_SUCCESS) {
418 HksFreeParamSet(&newParamSet);
419 return ret;
420 }
421
422 *outParamSet = newParamSet;
423 return HKS_SUCCESS;
424 }
425
HksClientEncrypt(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * plainText,struct HksBlob * cipherText)426 int32_t HksClientEncrypt(const struct HksBlob *key, const struct HksParamSet *paramSet,
427 const struct HksBlob *plainText, struct HksBlob *cipherText)
428 {
429 int32_t ret = HksCheckBlob3AndParamSet(key, plainText, cipherText, paramSet);
430 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check in and out data failed")
431
432 struct HksParamSet *newParamSet = NULL;
433 ret = AppendCipherTag(paramSet, plainText, true, &newParamSet);
434 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "AppendCipherTag fail, ret = %" LOG_PUBLIC "d", ret)
435
436 struct HksBlob tmpInData = *plainText;
437 struct HksBlob tmpOutData = *cipherText;
438 ret = HksSliceDataEntry(HKS_MSG_ENCRYPT, key, newParamSet, &tmpInData, &tmpOutData);
439 if (ret != HKS_SUCCESS) {
440 HKS_LOG_E("HksClientEncrypt fail");
441 } else {
442 cipherText->size = tmpOutData.size;
443 }
444
445 HksFreeParamSet(&newParamSet);
446 return ret;
447 }
448
HksClientDecrypt(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * cipherText,struct HksBlob * plainText)449 int32_t HksClientDecrypt(const struct HksBlob *key, const struct HksParamSet *paramSet,
450 const struct HksBlob *cipherText, struct HksBlob *plainText)
451 {
452 int32_t ret = HksCheckBlob3AndParamSet(key, plainText, cipherText, paramSet);
453 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check in and out data failed")
454
455 struct HksParamSet *newParamSet = NULL;
456 struct HksBlob tmpCipherText = *cipherText;
457 ret = AppendCipherTag(paramSet, &tmpCipherText, false, &newParamSet);
458 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "AppendCipherTag fail, ret = %" LOG_PUBLIC "d", ret)
459
460 struct HksBlob tmpOutData = *plainText;
461 ret = HksSliceDataEntry(HKS_MSG_DECRYPT, key, newParamSet, &tmpCipherText, &tmpOutData);
462 if (ret != HKS_SUCCESS) {
463 HKS_LOG_E("HksClientDecrypt fail");
464 } else {
465 plainText->size = tmpOutData.size;
466 }
467
468 HksFreeParamSet(&newParamSet);
469 return ret;
470 }
471
HksClientAgreeKey(const struct HksParamSet * paramSet,const struct HksBlob * privateKey,const struct HksBlob * peerPublicKey,struct HksBlob * agreedKey)472 int32_t HksClientAgreeKey(const struct HksParamSet *paramSet, const struct HksBlob *privateKey,
473 const struct HksBlob *peerPublicKey, struct HksBlob *agreedKey)
474 {
475 int32_t ret = HksCheckIpcAgreeKey(paramSet, privateKey, peerPublicKey, agreedKey);
476 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcAgreeKey fail")
477
478 struct HksBlob inBlob = { 0, NULL };
479 inBlob.size = ALIGN_SIZE(paramSet->paramSetSize) + sizeof(privateKey->size) + ALIGN_SIZE(privateKey->size) +
480 sizeof(peerPublicKey->size) + ALIGN_SIZE(peerPublicKey->size) + sizeof(agreedKey->size);
481 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
482 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
483
484 do {
485 ret = HksAgreeKeyPack(&inBlob, paramSet, privateKey, peerPublicKey, agreedKey);
486 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksAgreeKeyPack fail")
487
488 ret = HksSendRequest(HKS_MSG_AGREE_KEY, &inBlob, agreedKey, paramSet);
489 } while (0);
490
491 HKS_FREE_BLOB(inBlob);
492 return ret;
493 }
494
HksClientDeriveKey(const struct HksParamSet * paramSet,const struct HksBlob * mainKey,struct HksBlob * derivedKey)495 int32_t HksClientDeriveKey(const struct HksParamSet *paramSet, const struct HksBlob *mainKey,
496 struct HksBlob *derivedKey)
497 {
498 int32_t ret = HksCheckIpcDeriveKey(paramSet, mainKey, derivedKey);
499 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcDeriveKey fail")
500
501 struct HksBlob inBlob = { 0, NULL };
502 inBlob.size = ALIGN_SIZE(paramSet->paramSetSize) + sizeof(mainKey->size) + ALIGN_SIZE(mainKey->size) +
503 sizeof(derivedKey->size);
504 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
505 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
506
507 do {
508 ret = HksDeriveKeyPack(&inBlob, paramSet, mainKey, derivedKey);
509 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksDeriveKeyPack fail")
510
511 ret = HksSendRequest(HKS_MSG_DERIVE_KEY, &inBlob, derivedKey, paramSet);
512 } while (0);
513
514 HKS_FREE_BLOB(inBlob);
515 return ret;
516 }
517
HksClientMac(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * srcData,struct HksBlob * mac)518 int32_t HksClientMac(const struct HksBlob *key, const struct HksParamSet *paramSet, const struct HksBlob *srcData,
519 struct HksBlob *mac)
520 {
521 int32_t ret = HksCheckBlob3AndParamSet(key, srcData, mac, paramSet);
522 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check in and out data failed")
523
524 struct HksBlob tmpInData = *srcData;
525 struct HksBlob tmpOutData = *mac;
526 ret = HksSliceDataEntry(HKS_MSG_MAC, key, paramSet, &tmpInData, &tmpOutData);
527 if (ret != HKS_SUCCESS) {
528 HKS_LOG_E("HksClientMac fail");
529 } else {
530 mac->size = tmpOutData.size;
531 }
532 return ret;
533 }
534
HksClientGetKeyInfoList(const struct HksParamSet * paramSet,struct HksKeyInfo * keyInfoList,uint32_t * listCount)535 int32_t HksClientGetKeyInfoList(const struct HksParamSet *paramSet, struct HksKeyInfo *keyInfoList, uint32_t *listCount)
536 {
537 int32_t ret;
538 struct HksParamSet *newParamSet = NULL;
539 struct HksBlob inBlob = { 0, NULL };
540 struct HksBlob outBlob = { 0, NULL };
541 do {
542 ret = BuildParamSetNotNull(paramSet, &newParamSet);
543 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSet not null fail, ret = %" LOG_PUBLIC "d", ret)
544
545 ret = HksCheckIpcGetKeyInfoList(keyInfoList, newParamSet, *listCount);
546 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcGetKeyInfoList fail")
547
548 inBlob.size = sizeof(*listCount) + (sizeof(keyInfoList->alias.size) +
549 sizeof(keyInfoList->paramSet->paramSetSize)) * (*listCount) + ALIGN_SIZE(newParamSet->paramSetSize);
550 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
551 if (inBlob.data == NULL) {
552 ret = HKS_ERROR_MALLOC_FAIL;
553 break;
554 }
555
556 outBlob.size += sizeof(*listCount);
557 for (uint32_t i = 0; i < *listCount; ++i) {
558 outBlob.size += sizeof(keyInfoList[i].alias.size) + ALIGN_SIZE(keyInfoList[i].alias.size) +
559 ALIGN_SIZE(keyInfoList[i].paramSet->paramSetSize);
560 }
561
562 outBlob.data = (uint8_t *)HksMalloc(outBlob.size);
563 if (outBlob.data == NULL) {
564 ret = HKS_ERROR_MALLOC_FAIL;
565 break;
566 }
567
568 ret = HksGetKeyInfoListPack(newParamSet, keyInfoList, &inBlob, *listCount);
569 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksGetKeyInfoListPack fail")
570
571 ret = HksSendRequest(HKS_MSG_GET_KEY_INFO_LIST, &inBlob, &outBlob, newParamSet);
572 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest result is fail, ret = %" LOG_PUBLIC "d", ret)
573
574 ret = HksGetKeyInfoListUnpackFromService(&outBlob, listCount, keyInfoList);
575 } while (0);
576
577 HksFreeParamSet(&newParamSet);
578 HKS_FREE_BLOB(inBlob);
579 HKS_FREE_BLOB(outBlob);
580 return ret;
581 }
582
CertificateChainInitBlob(struct HksBlob * inBlob,struct HksBlob * outBlob,const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,const struct HksCertChain * certChain)583 static int32_t CertificateChainInitBlob(struct HksBlob *inBlob, struct HksBlob *outBlob, const struct HksBlob *keyAlias,
584 const struct HksParamSet *paramSet, const struct HksCertChain *certChain)
585 {
586 int32_t ret = HksCheckIpcCertificateChain(keyAlias, paramSet, certChain);
587 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcCertificateChain fail")
588
589 uint32_t certBufSize = sizeof(certChain->certsCount);
590 for (uint32_t i = 0; i < certChain->certsCount; ++i) {
591 certBufSize += sizeof(certChain->certs[i].size) + ALIGN_SIZE(certChain->certs[i].size);
592 }
593
594 inBlob->size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(paramSet->paramSetSize) +
595 sizeof(certBufSize);
596 inBlob->data = (uint8_t *)HksMalloc(inBlob->size);
597 HKS_IF_NULL_RETURN(inBlob->data, HKS_ERROR_MALLOC_FAIL)
598
599 outBlob->size = certBufSize;
600 outBlob->data = (uint8_t *)HksMalloc(certBufSize);
601 if (outBlob->data == NULL) {
602 HKS_FREE_BLOB(*inBlob);
603 return HKS_ERROR_MALLOC_FAIL;
604 }
605
606 return HKS_SUCCESS;
607 }
608
HksClientAttestKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksCertChain * certChain,bool needAnonCertChain)609 int32_t HksClientAttestKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
610 struct HksCertChain *certChain, bool needAnonCertChain)
611 {
612 struct HksBlob inBlob = { 0, NULL };
613 struct HksBlob outBlob = { 0, NULL };
614
615 int32_t ret = 0;
616 do {
617 ret = CertificateChainInitBlob(&inBlob, &outBlob, keyAlias, paramSet, certChain);
618 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "CertificateChainInitBlob fail")
619 struct HksParam *isBase64Param = NULL;
620 bool isBase64 = false;
621 ret = HksGetParam(paramSet, HKS_TAG_ATTESTATION_BASE64, &isBase64Param);
622 if (ret == HKS_SUCCESS) {
623 isBase64 = isBase64Param->boolParam;
624 }
625 ret = HksCertificateChainPack(&inBlob, keyAlias, paramSet, &outBlob);
626 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCertificateChainPack fail")
627
628 if (needAnonCertChain) {
629 ret = HksSendRequest(HKS_MSG_ATTEST_KEY_ASYNC_REPLY, &inBlob, &outBlob, paramSet);
630 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "CertificateChainGetOrAnonAttest request fail")
631 } else {
632 ret = HksSendRequest(HKS_MSG_ATTEST_KEY, &inBlob, &outBlob, paramSet);
633 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "CertificateChainGetOrAttest request fail")
634 }
635
636 ret = HksCertificateChainUnpackFromService(&outBlob, isBase64, certChain);
637 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "CertificateChainUnpackFromService fail")
638 } while (0);
639
640 HKS_FREE_BLOB(inBlob);
641 HKS_FREE_BLOB(outBlob);
642 return ret;
643 }
644
CopyData(const uint8_t * data,const uint32_t size,struct HksBlob * out)645 static int32_t CopyData(const uint8_t *data, const uint32_t size, struct HksBlob *out)
646 {
647 if (size == 0) {
648 out->size = 0;
649 return HKS_SUCCESS;
650 }
651
652 HKS_IF_TRUE_LOGE_RETURN(out->size < size, HKS_ERROR_BUFFER_TOO_SMALL,
653 "out size[%" LOG_PUBLIC "u] smaller than [%" LOG_PUBLIC "u]", out->size, size)
654 (void)memcpy_s(out->data, out->size, data, size);
655 out->size = size;
656 return HKS_SUCCESS;
657 }
658
ClientInit(const struct HksBlob * inData,const struct HksParamSet * paramSet,struct HksBlob * handle,struct HksBlob * token)659 static int32_t ClientInit(const struct HksBlob *inData, const struct HksParamSet *paramSet,
660 struct HksBlob *handle, struct HksBlob *token)
661 {
662 uint8_t *tmpOut = (uint8_t *)HksMalloc(HANDLE_SIZE + TOKEN_SIZE);
663 HKS_IF_NULL_LOGE_RETURN(tmpOut, HKS_ERROR_MALLOC_FAIL, "malloc ipc tmp out failed")
664 struct HksBlob outBlob = { HANDLE_SIZE + TOKEN_SIZE, tmpOut };
665
666 int32_t ret;
667 do {
668 ret = HksSendRequest(HKS_MSG_INIT, inData, &outBlob, paramSet);
669 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "client init send fail")
670
671 if (outBlob.size < HANDLE_SIZE) {
672 HKS_LOG_E("invalid out size[%" LOG_PUBLIC "u]", outBlob.size);
673 ret = HKS_ERROR_INSUFFICIENT_MEMORY;
674 break;
675 }
676 ret = CopyData(outBlob.data, HANDLE_SIZE, handle);
677 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "copy handle failed")
678
679 if (token != NULL) {
680 if (outBlob.size < (HANDLE_SIZE + TOKEN_SIZE)) {
681 HKS_LOG_D("client init success without out token");
682 token->size = 0;
683 break;
684 }
685 if (token->size < TOKEN_SIZE) {
686 HKS_LOG_E("copy token failed");
687 ret = HKS_ERROR_BUFFER_TOO_SMALL;
688 break;
689 }
690
691 ret = CopyData(outBlob.data + HANDLE_SIZE, TOKEN_SIZE, token);
692 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "copy token failed")
693 }
694 } while (0);
695
696 HKS_FREE(tmpOut);
697 return ret;
698 }
699
HksClientInit(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksBlob * handle,struct HksBlob * token)700 int32_t HksClientInit(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
701 struct HksBlob *handle, struct HksBlob *token)
702 {
703 struct HksParamSet *sendParamSet = NULL;
704
705 struct HksParam params[] = {
706 { .tag = HKS_TAG_PARAM0_BUFFER,
707 .blob = *keyAlias },
708 { .tag = HKS_TAG_PARAM1_BUFFER,
709 .blob = { paramSet->paramSetSize,
710 (uint8_t *)paramSet } },
711 };
712
713 int32_t ret = HksParamsToParamSet(params, HKS_ARRAY_SIZE(params), &sendParamSet);
714 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksParamsToParamSet fail")
715
716 struct HksBlob parcelBlob = {
717 .size = sendParamSet->paramSetSize,
718 .data = (uint8_t *)sendParamSet
719 };
720
721 ret = ClientInit(&parcelBlob, paramSet, handle, token);
722 HksFreeParamSet(&sendParamSet);
723 return ret;
724 }
725
HksClientUpdate(const struct HksBlob * handle,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData)726 int32_t HksClientUpdate(const struct HksBlob *handle, const struct HksParamSet *paramSet,
727 const struct HksBlob *inData, struct HksBlob *outData)
728 {
729 struct HksParamSet *sendParamSet = NULL;
730 struct HksParam updateParams[] = {
731 { .tag = HKS_TAG_PARAM0_BUFFER,
732 .blob = { paramSet->paramSetSize,
733 (uint8_t *)paramSet } },
734 { .tag = HKS_TAG_PARAM1_BUFFER,
735 .blob = *handle },
736 { .tag = HKS_TAG_PARAM2_BUFFER,
737 .blob = *inData },
738 };
739
740 int32_t ret = HksParamsToParamSet(updateParams, HKS_ARRAY_SIZE(updateParams), &sendParamSet);
741 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksParamSetPack fail")
742
743 struct HksBlob parcelBlob = {
744 .size = sendParamSet->paramSetSize,
745 .data = (uint8_t *)sendParamSet
746 };
747 ret = HksSendRequest(HKS_MSG_UPDATE, &parcelBlob, outData, paramSet);
748 if (ret != HKS_SUCCESS) {
749 HKS_LOG_E("HksParamSet send fail, ret = %" LOG_PUBLIC "d", ret);
750 HksFreeParamSet(&sendParamSet);
751 return ret;
752 }
753
754 HksFreeParamSet(&sendParamSet);
755 return ret;
756 }
757
HksClientFinish(const struct HksBlob * handle,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData)758 int32_t HksClientFinish(const struct HksBlob *handle, const struct HksParamSet *paramSet,
759 const struct HksBlob *inData, struct HksBlob *outData)
760 {
761 struct HksParamSet *sendParamSet = NULL;
762 struct HksParam finishParams[] = {
763 { .tag = HKS_TAG_PARAM0_BUFFER,
764 .blob = { paramSet->paramSetSize,
765 (uint8_t *)paramSet } },
766 { .tag = HKS_TAG_PARAM1_BUFFER,
767 .blob = *handle },
768 { .tag = HKS_TAG_PARAM2_BUFFER,
769 .blob = *inData },
770 };
771
772 int32_t ret = HksParamsToParamSet(finishParams, HKS_ARRAY_SIZE(finishParams), &sendParamSet);
773 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksParamSetPack fail")
774
775 struct HksBlob parcelBlob = {
776 .size = sendParamSet->paramSetSize,
777 .data = (uint8_t *)sendParamSet
778 };
779 ret = HksSendRequest(HKS_MSG_FINISH, &parcelBlob, outData, paramSet);
780 if (ret != HKS_SUCCESS) {
781 HKS_LOG_E("HksParamSet send fail, ret = %" LOG_PUBLIC "d", ret);
782 HksFreeParamSet(&sendParamSet);
783 return ret;
784 }
785
786 HksFreeParamSet(&sendParamSet);
787 return ret;
788 }
789
HksClientAbort(const struct HksBlob * handle,const struct HksParamSet * paramSet)790 int32_t HksClientAbort(const struct HksBlob *handle, const struct HksParamSet *paramSet)
791 {
792 struct HksParamSet *sendParamSet = NULL;
793 struct HksParam params[] = {
794 { .tag = HKS_TAG_PARAM0_BUFFER,
795 .blob = { paramSet->paramSetSize,
796 (uint8_t *)paramSet } },
797 { .tag = HKS_TAG_PARAM1_BUFFER,
798 .blob = *handle },
799 };
800
801 int32_t ret = HksParamsToParamSet(params, HKS_ARRAY_SIZE(params), &sendParamSet);
802 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksParamSetPack fail")
803
804 struct HksBlob parcelBlob = {
805 .size = sendParamSet->paramSetSize,
806 .data = (uint8_t *)sendParamSet
807 };
808 ret = HksSendRequest(HKS_MSG_ABORT, &parcelBlob, NULL, paramSet);
809 if (ret != HKS_SUCCESS) {
810 HKS_LOG_E("HksParamSet send fail, ret = %" LOG_PUBLIC "d", ret);
811 HksFreeParamSet(&sendParamSet);
812 return ret;
813 }
814
815 HksFreeParamSet(&sendParamSet);
816 return ret;
817 }
818
ListAliasesInitBlob(const struct HksParamSet * paramSet,struct HksBlob * inBlob,struct HksBlob * outBlob)819 static int32_t ListAliasesInitBlob(const struct HksParamSet *paramSet,
820 struct HksBlob *inBlob, struct HksBlob *outBlob)
821 {
822 inBlob->size = ALIGN_SIZE(paramSet->paramSetSize);
823 inBlob->data = (uint8_t *)HksMalloc(inBlob->size);
824 HKS_IF_NULL_RETURN(inBlob->data, HKS_ERROR_MALLOC_FAIL)
825
826 outBlob->size = sizeof(HKS_MAX_KEY_ALIAS_COUNT) + (HKS_MAX_KEY_ALIAS_COUNT * HKS_MAX_KEY_ALIAS_LEN);
827 outBlob->data = (uint8_t *)HksMalloc(outBlob->size);
828 if (outBlob->data == NULL) {
829 HKS_LOG_E("HksMalloc outBlob fail");
830 HKS_FREE_BLOB(*inBlob);
831 return HKS_ERROR_MALLOC_FAIL;
832 }
833 return HKS_SUCCESS;
834 }
835
HksClientListAliases(const struct HksParamSet * paramSet,struct HksKeyAliasSet ** outData)836 int32_t HksClientListAliases(const struct HksParamSet *paramSet, struct HksKeyAliasSet **outData)
837 {
838 int32_t ret;
839 struct HksBlob inBlob = { 0, NULL };
840 struct HksBlob outBlob = { 0, NULL };
841 do {
842 ret = HksCheckIpcListAliases(paramSet);
843 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcListAliases fail")
844
845 ret = ListAliasesInitBlob(paramSet, &inBlob, &outBlob);
846 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ListAliasesInitBlob fail")
847
848 ret = HksListAliasesPack(paramSet, &inBlob);
849 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksListAliasesPack fail")
850
851 ret = HksSendRequest(HKS_MSG_LIST_ALIASES, &inBlob, &outBlob, paramSet);
852 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest fail, ret = %" LOG_PUBLIC "d", ret);
853
854 ret = HksListAliasesUnpackFromService(&outBlob, outData);
855 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksListAliasesUnpackFromService fail")
856 } while (0);
857
858 HKS_IF_NOT_SUCC_LOGE(ret, "HksClientListAliases fail, ret = %" LOG_PUBLIC "d", ret)
859
860 HKS_FREE_BLOB(inBlob);
861 HKS_FREE_BLOB(outBlob);
862 return ret;
863 }
864
HksClientRenameKeyAlias(const struct HksBlob * oldKeyAlias,const struct HksParamSet * paramSet,const struct HksBlob * newKeyAlias)865 int32_t HksClientRenameKeyAlias(const struct HksBlob *oldKeyAlias, const struct HksParamSet *paramSet,
866 const struct HksBlob *newKeyAlias)
867 {
868 int32_t ret;
869 struct HksParamSet *newParamSet = NULL;
870 struct HksBlob inBlob = { 0, NULL };
871
872 do {
873 ret = BuildParamSetNotNull(paramSet, &newParamSet);
874 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSet not null failed, ret = %" LOG_PUBLIC "d", ret)
875
876 ret = HksCheckIpcRenameKeyAlias(oldKeyAlias, newParamSet, newKeyAlias);
877 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcRenameKeyAlias failed!")
878
879 inBlob.size = sizeof(oldKeyAlias->size) + ALIGN_SIZE(oldKeyAlias->size) +
880 sizeof(newKeyAlias->size) + ALIGN_SIZE(newKeyAlias->size) +
881 ALIGN_SIZE(newParamSet->paramSetSize);
882 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
883 if (inBlob.data == NULL) {
884 ret = HKS_ERROR_MALLOC_FAIL;
885 break;
886 }
887 ret = HksRenameKeyAliasPack(oldKeyAlias, newKeyAlias, newParamSet, &inBlob);
888 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksRenameKeyAliasPack failed!")
889 ret = HksSendRequest(HKS_MSG_RENAME_KEY_ALIAS, &inBlob, NULL, newParamSet);
890 } while (0);
891
892 HksFreeParamSet(&newParamSet);
893 HKS_FREE_BLOB(inBlob);
894 return ret;
895 }
896
HksClientChangeStorageLevel(const struct HksBlob * keyAlias,const struct HksParamSet * srcParamSet,const struct HksParamSet * destParamSet)897 int32_t HksClientChangeStorageLevel(const struct HksBlob *keyAlias, const struct HksParamSet *srcParamSet,
898 const struct HksParamSet *destParamSet)
899 {
900 int32_t ret = HksCheckIpcChangeStorageLevel(keyAlias, srcParamSet, destParamSet);
901 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcChangeStorageLevel fail")
902
903 struct HksBlob inBlob = { 0, NULL };
904 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(srcParamSet->paramSetSize) +
905 ALIGN_SIZE(destParamSet->paramSetSize);
906 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
907 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
908
909 do {
910 ret = HksChangeStorageLevelPack(&inBlob, keyAlias, srcParamSet, destParamSet);
911 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksChangeStorageLevelPack fail")
912
913 ret = HksSendRequest(HKS_MSG_CHANGE_STORAGE_LEVEL, &inBlob, NULL, srcParamSet);
914 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest fail, ret = %" LOG_PUBLIC "d", ret)
915 } while (0);
916
917 HKS_FREE_BLOB(inBlob);
918 return ret;
919 }