1 /* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef STORAGE_DAEMON_CRYPTO_FBEX_X 17 #define STORAGE_DAEMON_CRYPTO_FBEX_X 18 19 #include <string> 20 21 namespace OHOS { 22 namespace StorageDaemon { 23 constexpr uint32_t USERID_GLOBAL_EL1 = 0; 24 constexpr uint32_t TYPE_EL1 = 0; 25 constexpr uint32_t TYPE_EL2 = 1; 26 constexpr uint32_t TYPE_EL3 = 3; 27 constexpr uint32_t TYPE_EL4 = 2; 28 constexpr uint32_t TYPE_EL5 = 6; 29 constexpr uint32_t TYPE_GLOBAL_EL1 = 4; 30 31 constexpr uint32_t FBEX_IV_SIZE = 64; 32 constexpr uint32_t FBEX_KEYID_SIZE = 64; 33 constexpr int STORAGE_UNSUPPORT_CODE = 0; 34 constexpr int SINGLE_ID_INDEX = 0; 35 constexpr int DOUBLE_ID_INDEX = 1; 36 constexpr int USER_ID_SIZE = 2; 37 38 struct UserIdToFbeStr { 39 uint32_t userIds[USER_ID_SIZE]; 40 int size = USER_ID_SIZE; 41 }; 42 43 class FBEX { 44 public: 45 static bool IsFBEXSupported(); 46 static int InstallKeyToKernel(uint32_t userId, uint32_t type, uint8_t *iv, uint32_t size, uint8_t flag); 47 static int InstallDoubleDeKeyToKernel(UserIdToFbeStr &userIdToFbe, uint8_t *iv, uint32_t size, uint8_t flag); 48 static int UninstallOrLockUserKeyToKernel(uint32_t userId, uint32_t type, uint8_t *iv, uint32_t size, bool destroy); 49 static int LockScreenToKernel(uint32_t userId); 50 static int UnlockScreenToKernel(uint32_t userId, uint32_t type, uint8_t *iv, uint32_t size); 51 static int ReadESecretToKernel(UserIdToFbeStr &userIdToFbe, uint32_t status, 52 std::unique_ptr<uint8_t[]> &eBuffer, uint32_t length, bool &isFbeSupport); 53 static int WriteESecretToKernel(UserIdToFbeStr &userIdToFbe, uint32_t status, uint8_t *eBuffer, uint32_t length); 54 static bool IsMspReady(); 55 static int GetStatus(); 56 static int UnlockSendSecret(uint32_t status, uint32_t bufferSize, uint32_t length, uint8_t *eBuffer, 57 uint8_t *opseBuffer); 58 static int InstallEL5KeyToKernel(uint32_t userIdSingle, uint32_t userIdDouble, uint8_t flag, 59 bool &isSupport, bool &isNeedEncryptClassE); 60 static int DeleteClassEPinCode(uint32_t userIdSingle, uint32_t userIdDouble); 61 static int ChangePinCodeClassE(uint32_t userIdSingle, uint32_t userIdDouble, bool &isFbeSupport); 62 static int GenerateAppkey(UserIdToFbeStr &userIdToFbe, uint32_t hashId, std::unique_ptr<uint8_t[]> &keyId, 63 uint32_t size); 64 static int LockUece(uint32_t userIdSingle, uint32_t userIdDouble, bool &isFbeSupport); 65 static bool CheckPreconditions(UserIdToFbeStr &userIdToFbe, uint32_t status, std::unique_ptr<uint8_t[]> &eBuffer, 66 uint32_t length, bool &isFbeSupport); 67 static void HandleIoctlError(int ret, int errnoVal, const std::string &cmd, uint32_t userIdSingle, 68 uint32_t userIdDouble); 69 }; 70 } // namespace StorageDaemon 71 } // namespace OHOS 72 73 #endif // STORAGE_DAEMON_CRYPTO_FBEX_X 74