• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2021-2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *    http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef HKS_BASE_CHECK_H
17 #define HKS_BASE_CHECK_H
18 
19 #include "hks_param.h"
20 #include "hks_type_inner.h"
21 
22 enum CheckKeyType {
23     HKS_CHECK_TYPE_GEN_KEY,
24     HKS_CHECK_TYPE_USE_KEY,
25     HKS_CHECK_TYPE_GEN_MAC_KEY,
26     HKS_CHECK_TYPE_GEN_DERIVE_KEY,
27 };
28 
29 struct Params {
30     bool needCheck;
31     uint32_t value;
32     bool isAbsent;
33 };
34 
35 struct ParamsValues {
36     struct Params keyLen;
37     struct Params padding;
38     struct Params purpose;
39     struct Params digest;
40     struct Params mode;
41 };
42 
43 struct ParamsValuesChecker {
44     enum CheckKeyType checkType;
45     struct ParamsValues paramValues;
46 };
47 
48 struct ExpectParams {
49     bool needCheck;
50     const uint32_t *values;
51     uint32_t valueCnt;
52 };
53 
54 struct ExpectParamsValues {
55     const struct ExpectParams keyLen;
56     const struct ExpectParams padding;
57     const struct ExpectParams purpose;
58     const struct ExpectParams digest;
59     const struct ExpectParams mode;
60 };
61 #define EXPECT_PARAMS_VALUES_INIT {{0}, {0}, {0}, {0}, {0}}
62 
63 struct ExpectParamsValuesChecker {
64     enum CheckKeyType checkType;
65     const struct ExpectParamsValues paramValues;
66 };
67 
68 struct HksAlgParamSetHandler {
69     enum HksKeyAlg alg;
70     const struct ParamsValuesChecker *algParamSet;
71     uint32_t algParamSetCnt;
72     const struct ExpectParamsValuesChecker *expectParams;
73     uint32_t expectParamsCnt;
74 };
75 
76 struct AuthAccessTypeChecker {
77     enum HksUserAuthType userAuthType;
78     const struct ExpectParams allowAuthAccessTypes;
79 };
80 
81 struct KeyInfoParams {
82     bool needCheck;
83     enum HksTag tag;
84     const uint32_t *values;
85     uint32_t valueCnt;
86 };
87 
88 struct AuthAcceessKeyInfoChecker {
89     enum HksKeyAlg keyAlg;
90     const struct KeyInfoParams *params;
91     uint32_t paramsCnt;
92 };
93 
94 #define HKS_ROOT_USER_UPPERBOUND 100
95 
96 #ifdef __cplusplus
97 extern "C" {
98 #endif
99 
100 int32_t HksCheckValue(uint32_t inputValue, const uint32_t *expectValues, uint32_t valuesCount);
101 
102 int32_t HksGetKeySize(uint32_t alg, const struct HksBlob *key, uint32_t *keySize);
103 
104 int32_t HksCheckGenKeyPurpose(uint32_t alg, uint32_t inputPurpose, uint32_t keyFlag);
105 
106 #ifdef HKS_SUPPORT_RSA_C
107 #ifdef HKS_SUPPORT_RSA_C_FLEX_KEYSIZE
108 int32_t CheckRsaKeySize(uint32_t keyLen);
109 #endif
110 #endif
111 
112 int32_t HksCheckGenKeyMutableParams(uint32_t alg, const struct ParamsValues *inputParams);
113 
114 int32_t CheckImportMutableParams(uint32_t alg, const struct ParamsValues *params);
115 
116 int32_t HksCheckSignature(uint32_t cmdId, uint32_t alg, uint32_t keySize, const struct HksBlob *signature);
117 
118 int32_t HksCheckSignVerifyMutableParams(uint32_t cmdId, uint32_t alg, const struct ParamsValues *inputParams);
119 
120 int32_t HksCheckCipherMutableParams(uint32_t cmdId, uint32_t alg, const struct ParamsValues *inputParams);
121 
122 int32_t HksCheckCipherData(uint32_t cmdId, uint32_t alg, const struct ParamsValues *inputParams,
123     const struct HksBlob *inData, const struct HksBlob *outData);
124 
125 int32_t HksCheckCipherMaterialParams(uint32_t alg, const struct ParamsValues *inputParams,
126     const struct HksParamSet *paramSet);
127 
128 int32_t HksCheckUserAuthParams(uint32_t userAuthType, uint32_t authAccessType, uint32_t challengeType);
129 
130 int32_t HksCheckSecureSignParams(uint32_t secureSignType);
131 
132 int32_t GetInputParams(const struct HksParamSet *paramSet, struct ParamsValues *inputParams);
133 
134 int32_t HksCheckNeedCache(uint32_t alg, uint32_t digest);
135 
136 int32_t HksCheckUserAuthKeyInfoValidity(const struct HksParamSet *paramSet);
137 
138 int32_t InitInputParamsByAlg(uint32_t alg, enum CheckKeyType checkType, struct ParamsValues *inputParams);
139 
140 int32_t GetExpectParams(uint32_t alg, enum CheckKeyType checkType, struct ExpectParamsValues *expectValues);
141 
HksAttestIsAnonymous(const struct HksParamSet * paramSet)142 inline bool HksAttestIsAnonymous(const struct HksParamSet *paramSet)
143 {
144     struct HksParam *attestParam = NULL;
145     if (HksGetParam(paramSet, HKS_TAG_ATTESTATION_MODE, &attestParam) == HKS_SUCCESS) {
146         return attestParam->uint32Param == HKS_ATTESTATION_MODE_ANONYMOUS;
147     }
148     return false;
149 }
150 
151 #ifdef __cplusplus
152 }
153 #endif
154 
155 #endif /* HKS_BASE_CHECK_H */
156 
157