1 /* 2 * Copyright (c) 2021-2025 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 /** 17 * @file hks_type_enum.h 18 * 19 * @brief Declares huks type enum. 20 * 21 * @since 8 22 */ 23 24 #ifndef HKS_TYPE_ENUM_H 25 #define HKS_TYPE_ENUM_H 26 27 #include <stdbool.h> 28 #include <stdint.h> 29 #include <stdlib.h> 30 31 #include "hks_error_code.h" 32 #include "hks_tag.h" 33 34 #ifdef __cplusplus 35 extern "C" { 36 #endif 37 38 /** 39 * @brief hks key type 40 */ 41 enum HksKeyType { 42 HKS_KEY_TYPE_RSA_PUBLIC_KEY = 0x01001000, 43 HKS_KEY_TYPE_RSA_KEYPAIR = 0x01002000, 44 45 HKS_KEY_TYPE_ECC_P256_PUBLIC_KEY = 0x02021000, 46 HKS_KEY_TYPE_ECC_P256_KEYPAIR = 0x02022000, 47 HKS_KEY_TYPE_ECC_P384_PUBLIC_KEY = 0x02031000, 48 HKS_KEY_TYPE_ECC_P384_KEYPAIR = 0x02032000, 49 HKS_KEY_TYPE_ECC_P521_PUBLIC_KEY = 0x02051000, 50 HKS_KEY_TYPE_ECC_P521_KEYPAIR = 0x02052000, 51 52 HKS_KEY_TYPE_ED25519_PUBLIC_KEY = 0x02101000, 53 HKS_KEY_TYPE_ED25519_KEYPAIR = 0x02102000, 54 HKS_KEY_TYPE_X25519_PUBLIC_KEY = 0x02111000, 55 HKS_KEY_TYPE_X25519_KEYPAIR = 0x02112000, 56 57 HKS_KEY_TYPE_AES = 0x03000000, 58 HKS_KEY_TYPE_CHACHA20 = 0x04010000, 59 HKS_KEY_TYPE_CHACHA20_POLY1305 = 0x04020000, 60 61 HKS_KEY_TYPE_HMAC = 0x05000000, 62 HKS_KEY_TYPE_HKDF = 0x06000000, 63 HKS_KEY_TYPE_PBKDF2 = 0x07000000, 64 }; 65 66 /** 67 * @brief hks key purpose 68 */ 69 enum HksKeyPurpose { 70 HKS_KEY_PURPOSE_ENCRYPT = 1, /* Usable with RSA, EC, AES, SM2, and SM4 keys. */ 71 HKS_KEY_PURPOSE_DECRYPT = 2, /* Usable with RSA, EC, AES, SM2, and SM4 keys. */ 72 HKS_KEY_PURPOSE_SIGN = 4, /* Usable with RSA, EC keys. */ 73 HKS_KEY_PURPOSE_VERIFY = 8, /* Usable with RSA, EC keys. */ 74 HKS_KEY_PURPOSE_DERIVE = 16, /* Usable with EC keys. */ 75 HKS_KEY_PURPOSE_WRAP = 32, /* Usable with wrap key. */ 76 HKS_KEY_PURPOSE_UNWRAP = 64, /* Usable with unwrap key. */ 77 HKS_KEY_PURPOSE_MAC = 128, /* Usable with mac. */ 78 HKS_KEY_PURPOSE_AGREE = 256, /* Usable with agree. */ 79 }; 80 81 /** 82 * @brief hks key digest 83 */ 84 enum HksKeyDigest { 85 HKS_DIGEST_NONE = 0, 86 HKS_DIGEST_MD5 = 1, 87 HKS_DIGEST_SM3 = 2, 88 HKS_DIGEST_SHA1 = 10, 89 HKS_DIGEST_SHA224 = 11, 90 HKS_DIGEST_SHA256 = 12, 91 HKS_DIGEST_SHA384 = 13, 92 HKS_DIGEST_SHA512 = 14, 93 }; 94 95 /** 96 * @brief hks key padding 97 */ 98 enum HksKeyPadding { 99 HKS_PADDING_NONE = 0, 100 HKS_PADDING_OAEP = 1, 101 HKS_PADDING_PSS = 2, 102 HKS_PADDING_PKCS1_V1_5 = 3, 103 HKS_PADDING_PKCS5 = 4, 104 HKS_PADDING_PKCS7 = 5, 105 HKS_PADDING_ISO_IEC_9796_2 = 6, 106 HKS_PADDING_ISO_IEC_9797_1 = 7, 107 }; 108 109 /** 110 * @brief hks cipher mode 111 */ 112 enum HksCipherMode { 113 HKS_MODE_ECB = 1, 114 HKS_MODE_CBC = 2, 115 HKS_MODE_CTR = 3, 116 HKS_MODE_OFB = 4, 117 HKS_MODE_CFB = 5, 118 HKS_MODE_CCM = 31, 119 HKS_MODE_GCM = 32, 120 }; 121 122 /** 123 * @brief hks key size 124 */ 125 enum HksKeySize { 126 HKS_RSA_KEY_SIZE_512 = 512, 127 HKS_RSA_KEY_SIZE_768 = 768, 128 HKS_RSA_KEY_SIZE_1024 = 1024, 129 HKS_RSA_KEY_SIZE_2048 = 2048, 130 HKS_RSA_KEY_SIZE_3072 = 3072, 131 HKS_RSA_KEY_SIZE_4096 = 4096, 132 133 HKS_ECC_KEY_SIZE_224 = 224, 134 HKS_ECC_KEY_SIZE_256 = 256, 135 HKS_ECC_KEY_SIZE_384 = 384, 136 HKS_ECC_KEY_SIZE_521 = 521, 137 138 HKS_AES_KEY_SIZE_128 = 128, 139 HKS_AES_KEY_SIZE_192 = 192, 140 HKS_AES_KEY_SIZE_256 = 256, 141 HKS_AES_KEY_SIZE_512 = 512, 142 143 HKS_CURVE25519_KEY_SIZE_256 = 256, 144 145 HKS_DH_KEY_SIZE_2048 = 2048, 146 HKS_DH_KEY_SIZE_3072 = 3072, 147 HKS_DH_KEY_SIZE_4096 = 4096, 148 149 HKS_SM2_KEY_SIZE_256 = 256, 150 HKS_SM4_KEY_SIZE_128 = 128, 151 152 HKS_DES_KEY_SIZE_64 = 64, 153 HKS_3DES_KEY_SIZE_128 = 128, 154 HKS_3DES_KEY_SIZE_192 = 192, 155 }; 156 157 /** 158 * @brief hks key algorithm 159 */ 160 enum HksKeyAlg { 161 HKS_ALG_RSA = 1, 162 HKS_ALG_ECC = 2, 163 HKS_ALG_DSA = 3, 164 165 HKS_ALG_AES = 20, 166 HKS_ALG_HMAC = 50, 167 HKS_ALG_HKDF = 51, 168 HKS_ALG_PBKDF2 = 52, 169 HKS_ALG_GMKDF = 53, 170 171 HKS_ALG_ECDH = 100, 172 HKS_ALG_X25519 = 101, 173 HKS_ALG_ED25519 = 102, 174 HKS_ALG_DH = 103, 175 176 HKS_ALG_SM2 = 150, 177 HKS_ALG_SM3 = 151, 178 HKS_ALG_SM4 = 152, 179 180 HKS_ALG_DES = 160, 181 HKS_ALG_3DES = 161, 182 HKS_ALG_CMAC = 162, 183 }; 184 185 /** 186 * @brief hks algorithm suite 187 */ 188 enum HuksAlgSuite { 189 /* Algorithm suites of unwrapping wrapped-key by huks */ 190 /* Unwrap suite of key agreement type */ 191 /* WrappedData format(Bytes Array): 192 * | x25519_plain_pubkey_length (4 Byte) | x25519_plain_pubkey | agreekey_aad_length (4 Byte) | agreekey_aad 193 * | agreekey_nonce_length (4 Byte) | agreekey_nonce | agreekey_aead_tag_len(4 Byte) | agreekey_aead_tag 194 * | kek_enc_data_length (4 Byte) | kek_enc_data | kek_aad_length (4 Byte) | kek_aad 195 * | kek_nonce_length (4 Byte) | kek_nonce | kek_aead_tag_len (4 Byte) | kek_aead_tag 196 * | key_material_size_len (4 Byte) | key_material_size | key_mat_enc_length (4 Byte) | key_mat_enc_data 197 */ 198 HKS_UNWRAP_SUITE_X25519_AES_256_GCM_NOPADDING = 1, 199 200 /* WrappedData format(Bytes Array): 201 * | ECC_plain_pubkey_length (4 Byte) | ECC_plain_pubkey | agreekey_aad_length (4 Byte) | agreekey_aad 202 * | agreekey_nonce_length (4 Byte) | agreekey_nonce | agreekey_aead_tag_len(4 Byte) | agreekey_aead_tag 203 * | kek_enc_data_length (4 Byte) | kek_enc_data | kek_aad_length (4 Byte) | kek_aad 204 * | kek_nonce_length (4 Byte) | kek_nonce | kek_aead_tag_len (4 Byte) | kek_aead_tag 205 * | key_material_size_len (4 Byte) | key_material_size | key_mat_enc_length (4 Byte) | key_mat_enc_data 206 */ 207 HKS_UNWRAP_SUITE_ECDH_AES_256_GCM_NOPADDING = 2, 208 209 /* WrappedData format(Bytes Array): 210 * | SM2_plain_pubkey_length (4 Byte) | SM2_plain_pubkey | signData_size_length (4 Byte) | signData_size 211 * | kek_enc_data_length (4 Byte) | kek_enc_data | kek_material_size_len(4 Byte) | kek_material_size 212 * | factor1_data_len (4 Byte) | factor1_data | factor2_data_len (4 Byte) | factor2_data 213 * | mac_data_length (4 Byte) | mac_data | key_mat_enc_length (4 Byte) | key_mat_enc_data 214 * | iv_data_length (4 Byte) | iv_data |key_material_size_len (4 Byte) | key_material_size 215 */ 216 HKS_UNWRAP_SUITE_SM2_SM4_128_CBC_PKCS7_WITH_VERIFY_DIG_SM3 = 3, 217 218 /* WrappedData format(Bytes Array): 219 * | kek_enc_data_length (4 Byte) | kek_enc_data | kek_material_size_len(4 Byte) | kek_material_size 220 * | factor1_data_len (4 Byte) | factor1_data | factor2_data_len (4 Byte) | factor2_data 221 * | mac_data_length (4 Byte) | mac_data | key_mat_enc_length (4 Byte) | key_mat_enc_data 222 * | iv_data_length (4 Byte) | iv_data |key_material_size_len (4 Byte) | key_material_size 223 */ 224 HKS_UNWRAP_SUITE_SM2_SM4_128_CBC_PKCS7 = 4, 225 }; 226 227 /** 228 * @brief hks key generate type 229 */ 230 enum HksKeyGenerateType { 231 HKS_KEY_GENERATE_TYPE_DEFAULT = 0, 232 HKS_KEY_GENERATE_TYPE_DERIVE = 1, 233 HKS_KEY_GENERATE_TYPE_AGREE = 2, 234 }; 235 236 /** 237 * @brief hks key flag 238 */ 239 enum HksKeyFlag { 240 HKS_KEY_FLAG_IMPORT_KEY = 1, 241 HKS_KEY_FLAG_GENERATE_KEY = 2, 242 HKS_KEY_FLAG_AGREE_KEY = 3, 243 HKS_KEY_FLAG_DERIVE_KEY = 4, 244 }; 245 246 /** 247 * @brief hks key storage type 248 */ 249 enum HksKeyStorageType { 250 HKS_STORAGE_TEMP = 0, 251 HKS_STORAGE_PERSISTENT = 1, 252 HKS_STORAGE_ONLY_USED_IN_HUKS = 2, 253 HKS_STORAGE_ALLOW_KEY_EXPORTED = 3, 254 }; 255 256 /** 257 * @brief hks import key type 258 */ 259 enum HksImportKeyType { 260 HKS_KEY_TYPE_PUBLIC_KEY = 0, 261 HKS_KEY_TYPE_PRIVATE_KEY = 1, 262 HKS_KEY_TYPE_KEY_PAIR = 2, 263 }; 264 265 /** 266 * @brief hks rsa pss salt len type 267 */ 268 enum HksRsaPssSaltLenType { 269 HKS_RSA_PSS_SALTLEN_DIGEST = 0, /* Salt length matches digest */ 270 HKS_RSA_PSS_SALTLEN_MAX = 1, /* Set salt length to maximum possible, default type */ 271 }; 272 273 /** 274 * @brief hks send type 275 */ 276 enum HksSendType { 277 HKS_SEND_TYPE_ASYNC = 0, 278 HKS_SEND_TYPE_SYNC, 279 }; 280 281 /** 282 * @brief hks user auth type 283 * @see `enum AuthType` in `drivers/interface/user_auth/v4_0/UserAuthTypes.idl` 284 */ 285 enum HksUserAuthType { 286 HKS_USER_AUTH_TYPE_FINGERPRINT = 1 << 0, 287 HKS_USER_AUTH_TYPE_FACE = 1 << 1, 288 HKS_USER_AUTH_TYPE_PIN = 1 << 2, 289 HKS_USER_AUTH_TYPE_TUI_PIN = 1 << 5, 290 }; 291 292 /** 293 * @brief hks user auth type 294 * @see `enum AuthType` in `base/useriam/user_auth_framework/interfaces/inner_api/iam_common_defines.h` 295 */ 296 enum HksIamUserAuthType { 297 HKS_IAM_USER_AUTH_TYPE_ALL = 0, 298 HKS_IAM_USER_AUTH_TYPE_PIN = 1, 299 HKS_IAM_USER_AUTH_TYPE_FACE = 2, 300 HKS_IAM_USER_AUTH_TYPE_FINGERPRINT = 4, 301 HKS_IAM_USER_AUTH_TYPE_RECOVERY_KEY = 8, 302 HKS_IAM_USER_AUTH_TYPE_PRIVATE_PIN = 16, 303 HKS_IAM_USER_AUTH_TYPE_TUI_PIN = 32, 304 }; 305 306 /** 307 * @brief hks auth access type 308 */ 309 enum HksAuthAccessType { 310 HKS_AUTH_ACCESS_INVALID_CLEAR_PASSWORD = 1 << 0, 311 HKS_AUTH_ACCESS_INVALID_NEW_BIO_ENROLL = 1 << 1, 312 HKS_AUTH_ACCESS_ALWAYS_VALID = 1 << 2, 313 }; 314 315 /** 316 * @brief hks challenge type 317 */ 318 enum HksChallengeType { 319 HKS_CHALLENGE_TYPE_NORMAL = 0, 320 HKS_CHALLENGE_TYPE_CUSTOM = 1, 321 HKS_CHALLENGE_TYPE_NONE = 2, 322 }; 323 324 /** 325 * @brief hks auth mode 326 */ 327 enum HksUserAuthMode { 328 HKS_USER_AUTH_MODE_LOCAL = 0, 329 HKS_USER_AUTH_MODE_COAUTH = 1, 330 }; 331 332 /** 333 * @brief hks challenge position 334 */ 335 enum HksChallengePosition { 336 HKS_CHALLENGE_POS_0 = 0, 337 HKS_CHALLENGE_POS_1, 338 HKS_CHALLENGE_POS_2, 339 HKS_CHALLENGE_POS_3, 340 }; 341 342 /** 343 * @brief hks secure sign type 344 */ 345 enum HksSecureSignType { 346 HKS_SECURE_SIGN_WITH_AUTHINFO = 1, 347 }; 348 349 /** 350 * @brief hks attestation type 351 */ 352 enum HksAttestationMode { 353 HKS_ATTESTATION_MODE_DEFAULT = 0, 354 HKS_ATTESTATION_MODE_ANONYMOUS 355 }; 356 357 /** 358 * @brief hks attestation cert type 359 */ 360 enum HksAttestationCertType { 361 HKS_ATTESTATION_CERT_TYPE_PROVISION = 0, 362 HKS_ATTESTATION_CERT_TYPE_HARDWARE_BOUND = 1, 363 HKS_ATTESTATION_CERT_TYPE_RSA = 2, 364 }; 365 366 /** 367 * @brief hks attestation Caller Type 368 */ 369 enum HksCallerType { 370 HKS_HAP_TYPE = 0x1, 371 HKS_SA_TYPE, 372 HKS_UNIFIED_TYPE, 373 }; 374 375 /** 376 * @brief hks Tag 377 */ 378 enum HksTag { 379 /** 380 * HUKS tags for alg enum 381 */ 382 HKS_ASSIGN_PARAM_ALG_ENUM 383 384 /** 385 * HUKS tags for key file enum 386 */ 387 HKS_ASSIGN_PARAM_FILE_ENUM 388 }; 389 390 enum HksUserIamType { 391 HKS_AUTH_TYPE = 0, 392 }; 393 394 /** 395 * @brief hks chipset platform decrypt scene 396 */ 397 enum HksChipsetPlatformDecryptScene { 398 HKS_CHIPSET_PLATFORM_DECRYPT_SCENE_TA_TO_TA = 1, 399 }; 400 401 /** 402 * @brief hks auth storage level 403 */ 404 enum HksAuthStorageLevel { 405 HKS_AUTH_STORAGE_LEVEL_DE = 0, 406 HKS_AUTH_STORAGE_LEVEL_CE = 1, 407 HKS_AUTH_STORAGE_LEVEL_ECE = 2, 408 }; 409 410 enum HksAgreePubKeyType { 411 HKS_PUBKEY_DEFAULT = 0 412 }; 413 414 enum HksKeyWrapType { 415 HKS_KEY_WRAP_TYPE_HUK = 2, 416 }; 417 418 #ifdef __cplusplus 419 } 420 #endif 421 422 #endif /* HKS_TYPE_ENUM_H */ 423