• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1  /*
2  * Copyright (C) 2022-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef USERIAM_USER_SIGN_CENTRE_H
17 #define USERIAM_USER_SIGN_CENTRE_H
18 
19 #include <stdint.h>
20 
21 #include "adaptor_algorithm.h"
22 #include "buffer.h"
23 #include "defines.h"
24 
25 #ifdef __cplusplus
26 extern "C" {
27 #endif
28 
29 #define AUTH_TOKEN_LEN sizeof(UserAuthTokenHal)
30 #define AUTH_TOKEN_DATA_LEN (AUTH_TOKEN_LEN - SHA256_DIGEST_SIZE)
31 #define AUTH_TOKEN_CIPHER_LEN sizeof(TokenDataToEncrypt)
32 #define TOKEN_VALIDITY_PERIOD (10 * 60 * 1000)
33 #define TOKEN_VERSION 0
34 #define UDID_LEN 64
35 
36 typedef struct {
37     uint8_t challenge[CHALLENGE_LEN];
38     uint64_t time;
39     uint32_t authTrustLevel;
40     uint32_t authType;
41     uint32_t authMode;
42     uint32_t securityLevel;
43     uint32_t tokenType;
44 } __attribute__((__packed__)) TokenDataPlain;
45 
46 typedef struct {
47     int32_t userId;
48     uint64_t secureUid;
49     uint64_t enrolledId;
50     uint64_t credentialId;
51     uint8_t collectorUdid[UDID_LEN];
52     uint8_t verifierUdid[UDID_LEN];
53 } __attribute__((__packed__)) TokenDataToEncrypt;
54 
55 typedef struct {
56     uint32_t version;
57     TokenDataPlain tokenDataPlain;
58     uint8_t tokenDataCipher[AUTH_TOKEN_CIPHER_LEN];
59     uint8_t tag[AES_GCM_TAG_SIZE];
60     uint8_t iv[AES_GCM_IV_SIZE];
61     uint8_t sign[SHA256_DIGEST_SIZE];
62 } __attribute__((__packed__)) UserAuthTokenHal;
63 
64 typedef struct {
65     TokenDataPlain tokenDataPlain;
66     TokenDataToEncrypt tokenDataToEncrypt;
67 } __attribute__((__packed__)) UserAuthTokenPlainHal;
68 
69 ResultCode UserAuthTokenSign(UserAuthTokenPlainHal *tokenPlain, UserAuthTokenHal *authToken);
70 ResultCode UserAuthTokenVerify(const UserAuthTokenHal *userAuthToken, uint64_t allowableDuration,
71     UserAuthTokenPlainHal *tokenPlain);
72 ResultCode ReuseUnlockTokenSign(UserAuthTokenHal *reuseToken);
73 
74 #ifdef __cplusplus
75 }
76 #endif
77 
78 #endif // USERIAM_USER_SIGN_CENTRE_H