1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #define HUKS_DISABLE_LOG_AT_FILE_TO_REDUCE_ROM_SIZE
16
17 #ifndef _CUT_AUTHENTICATE_
18
19 #ifdef HKS_CONFIG_FILE
20 #include HKS_CONFIG_FILE
21 #else
22 #include "hks_config.h"
23 #endif
24
25 #include <stdbool.h>
26 #include <stddef.h>
27 #include <stdint.h>
28 #include <string.h>
29
30 #include "hks_log.h"
31 #include "hks_mem.h"
32 #include "hks_param.h"
33 #include "hks_common_check.h"
34 #include "hks_storage.h"
35 #include "hks_storage_manager.h"
36 #include "hks_template.h"
37 #include "hks_type_inner.h"
38
39 #include "securec.h"
40
41 #ifdef L2_STANDARD
42 #ifdef HUKS_ENABLE_UPGRADE_KEY_STORAGE_SECURE_LEVEL
43 #ifndef HKS_USE_RKC_IN_STANDARD
44 #include "hks_osaccount_check.h"
45 #include "hks_upgrade_lock.h"
46 #endif
47
IsDe(const struct HksParamSet * paramSet)48 static bool IsDe(const struct HksParamSet *paramSet)
49 {
50 struct HksParam *storageLevelParam = NULL;
51 return HksGetParam(paramSet, HKS_TAG_AUTH_STORAGE_LEVEL, &storageLevelParam) == HKS_SUCCESS &&
52 storageLevelParam->uint32Param == HKS_AUTH_STORAGE_LEVEL_DE;
53 }
54 #endif
55
GetStorageLevelAndStoreUserIdParam(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,uint32_t * storageLevel,int32_t * storeUserId)56 static int32_t GetStorageLevelAndStoreUserIdParam(const struct HksProcessInfo* processInfo,
57 const struct HksParamSet *paramSet, uint32_t *storageLevel, int32_t *storeUserId)
58 {
59 struct HksParam *specificUserIdParam = NULL;
60 int32_t ret = HksGetParam(paramSet, HKS_TAG_SPECIFIC_USER_ID, &specificUserIdParam);
61 if (ret == HKS_SUCCESS) {
62 *storeUserId = specificUserIdParam->int32Param;
63 } else if (ret == HKS_ERROR_PARAM_NOT_EXIST) {
64 *storeUserId = processInfo->userIdInt;
65 ret = HKS_SUCCESS;
66 }
67 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get store user id failed, ret = %" LOG_PUBLIC "d.", ret)
68
69 struct HksParam *storageLevelParam = NULL;
70 ret = HksGetParam(paramSet, HKS_TAG_AUTH_STORAGE_LEVEL, &storageLevelParam);
71 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get storage level tag failed, ret = %" LOG_PUBLIC "d.", ret)
72
73 *storageLevel = storageLevelParam->uint32Param;
74
75 #ifdef HUKS_ENABLE_UPGRADE_KEY_STORAGE_SECURE_LEVEL
76 #ifndef HKS_USE_RKC_IN_STANDARD
77 HksTransferFileIfNeed(*storageLevel, *storeUserId);
78 #endif
79 #endif
80 return ret;
81 }
82 #endif
83
UnlockIfDe(const struct HksParamSet * paramSet)84 static void UnlockIfDe(__attribute__((unused)) const struct HksParamSet *paramSet)
85 {
86 #ifdef L2_STANDARD
87 #ifdef HUKS_ENABLE_UPGRADE_KEY_STORAGE_SECURE_LEVEL
88 if (!IsDe(paramSet)) {
89 return;
90 }
91 #ifndef HKS_USE_RKC_IN_STANDARD
92 HksUpgradeOrRequestUnlockRead();
93 #endif
94 #endif
95 #endif
96 }
97
98 #ifdef HKS_ENABLE_LITE_HAP
99 #define HKS_LITE_NATIVE_PROCESS_NAME "hks_client"
CheckIsLiteHap(const struct HksBlob * processName)100 static bool CheckIsLiteHap(const struct HksBlob *processName)
101 {
102 if (processName->size == strlen(HKS_LITE_NATIVE_PROCESS_NAME)
103 && HksMemCmp(processName->data, HKS_LITE_NATIVE_PROCESS_NAME,
104 strlen(HKS_LITE_NATIVE_PROCESS_NAME)) == HKS_SUCCESS) {
105 return false;
106 }
107 return true;
108 }
109 #endif
110
GetKeyAliasPath(const struct HksBlob * keyAlias,struct HksStoreMaterial * outMaterial)111 static int32_t GetKeyAliasPath(const struct HksBlob *keyAlias, struct HksStoreMaterial *outMaterial)
112 {
113 if (keyAlias == NULL) {
114 return HKS_SUCCESS;
115 }
116 outMaterial->keyAliasPath = (char *)HksMalloc(HKS_MAX_FILE_NAME_LEN);
117 HKS_IF_NULL_LOGE_RETURN(outMaterial->keyAliasPath, HKS_ERROR_MALLOC_FAIL, "malloc keyAliasPath failed.")
118 return ConstructName(keyAlias, outMaterial->keyAliasPath, HKS_MAX_FILE_NAME_LEN);
119 }
120
GetUserIdPath(int32_t userId,bool isPlain,struct HksStoreMaterial * outMaterial)121 static int32_t GetUserIdPath(int32_t userId, bool isPlain, struct HksStoreMaterial *outMaterial)
122 {
123 outMaterial->userIdPath = (char *)HksMalloc(HKS_MAX_DIRENT_FILE_LEN);
124 HKS_IF_NULL_LOGE_RETURN(outMaterial->userIdPath, HKS_ERROR_MALLOC_FAIL, "malloc userIdPath failed.")
125 struct HksBlob userIdBlob = { .data = (uint8_t *)&userId, .size = sizeof(userId) };
126
127 int32_t ret;
128 if (isPlain) {
129 ret = ConstructPlainName(&userIdBlob, outMaterial->userIdPath, HKS_MAX_FILE_NAME_LEN);
130 } else {
131 if (userId == 0) {
132 HKS_LOG_D("skip user id path.");
133 return HKS_SUCCESS;
134 }
135 ret = ConstructName(&userIdBlob, outMaterial->userIdPath, HKS_MAX_FILE_NAME_LEN);
136 }
137
138 return ret;
139 }
140
GetUidPath(bool isPlain,const struct HksBlob * processName,struct HksStoreMaterial * outMaterial)141 static int32_t GetUidPath(bool isPlain, const struct HksBlob *processName,
142 struct HksStoreMaterial *outMaterial)
143 {
144 outMaterial->uidPath = (char *)HksMalloc(HKS_MAX_DIRENT_FILE_LEN);
145 HKS_IF_NULL_LOGE_RETURN(outMaterial->uidPath, HKS_ERROR_MALLOC_FAIL, "malloc uidPath failed.")
146 #ifdef HKS_ENABLE_LITE_HAP
147 if (CheckIsLiteHap(processName)) {
148 if (memcpy_s(outMaterial->uidPath, HKS_MAX_DIRENT_FILE_LEN, processName->data, processName->size) != EOK) {
149 HKS_LOG_E("construct uidPath fail, uidPath buffer is too small.");
150 return HKS_ERROR_BUFFER_TOO_SMALL;
151 }
152 return HKS_SUCCESS;
153 }
154 #endif
155 int32_t ret;
156 if (isPlain) {
157 ret = ConstructPlainName(processName, outMaterial->uidPath, HKS_MAX_DIRENT_FILE_LEN);
158 } else {
159 ret = ConstructName(processName, outMaterial->uidPath, HKS_MAX_DIRENT_FILE_LEN);
160 }
161
162 return ret;
163 }
164
GetStorageTypePath(uint32_t storageType,struct HksStoreMaterial * outMaterial)165 static int32_t GetStorageTypePath(uint32_t storageType, struct HksStoreMaterial *outMaterial)
166 {
167 switch (storageType) {
168 case HKS_STORAGE_TYPE_KEY:
169 case HKS_STORAGE_TYPE_BAK_KEY:
170 outMaterial->storageTypePath = (char *)HksMalloc(sizeof(HKS_KEY_STORE_KEY_PATH) + 1);
171 HKS_IF_NULL_RETURN(outMaterial->storageTypePath, HKS_ERROR_MALLOC_FAIL)
172 (void)memcpy_s(outMaterial->storageTypePath, sizeof(HKS_KEY_STORE_KEY_PATH),
173 HKS_KEY_STORE_KEY_PATH, sizeof(HKS_KEY_STORE_KEY_PATH));
174 return HKS_SUCCESS;
175 case HKS_STORAGE_TYPE_ROOT_KEY:
176 outMaterial->storageTypePath = (char *)HksMalloc(sizeof(HKS_KEY_STORE_ROOT_KEY_PATH) + 1);
177 HKS_IF_NULL_RETURN(outMaterial->storageTypePath, HKS_ERROR_MALLOC_FAIL)
178 (void)memcpy_s(outMaterial->storageTypePath, sizeof(HKS_KEY_STORE_ROOT_KEY_PATH),
179 HKS_KEY_STORE_ROOT_KEY_PATH, sizeof(HKS_KEY_STORE_ROOT_KEY_PATH));
180 return HKS_SUCCESS;
181 default:
182 return HKS_ERROR_BAD_STATE;
183 }
184 }
185
GetIsPlainPath(uint32_t storageLevel)186 static bool GetIsPlainPath(uint32_t storageLevel)
187 {
188 (void)storageLevel;
189 #ifdef L2_STANDARD
190 switch (storageLevel) {
191 case HKS_AUTH_STORAGE_LEVEL_DE:
192 return true;
193 case HKS_AUTH_STORAGE_LEVEL_CE:
194 return true;
195 case HKS_AUTH_STORAGE_LEVEL_ECE:
196 return true;
197 #ifdef HUKS_ENABLE_SKIP_UPGRADE_KEY_STORAGE_SECURE_LEVEL
198 case HKS_AUTH_STORAGE_LEVEL_OLD_DE_TMP:
199 return false;
200 #endif
201 }
202 #endif
203 return false;
204 }
205
GetPathType(const struct HksProcessInfo * processInfo,uint32_t storageType,int32_t storageLevel,struct HksStoreMaterial * outMaterial)206 static int32_t GetPathType(const struct HksProcessInfo *processInfo, uint32_t storageType,
207 int32_t storageLevel, struct HksStoreMaterial *outMaterial)
208 {
209 (void)processInfo;
210 (void)storageType;
211 #ifdef HKS_ENABLE_LITE_HAP
212 if (CheckIsLiteHap(&processInfo->processName)) {
213 outMaterial->pathType = LITE_HAP_PATH;
214 return HKS_SUCCESS;
215 }
216 #endif
217 #ifdef HKS_USE_RKC_IN_STANDARD
218 if (storageType == HKS_STORAGE_TYPE_ROOT_KEY) {
219 outMaterial->pathType = RKC_IN_STANDARD_PATH;
220 return HKS_SUCCESS;
221 }
222 #endif
223 switch (storageLevel) {
224 case HKS_AUTH_STORAGE_LEVEL_DE:
225 outMaterial->pathType = DE_PATH;
226 break;
227 #ifdef L2_STANDARD
228 case HKS_AUTH_STORAGE_LEVEL_CE:
229 outMaterial->pathType = CE_PATH;
230 break;
231 case HKS_AUTH_STORAGE_LEVEL_ECE:
232 outMaterial->pathType = ECE_PATH;
233 break;
234 #ifdef HUKS_ENABLE_SKIP_UPGRADE_KEY_STORAGE_SECURE_LEVEL
235 case HKS_AUTH_STORAGE_LEVEL_OLD_DE_TMP:
236 outMaterial->pathType = TMP_PATH;
237 break;
238 #endif
239 #endif
240 default:
241 HKS_LOG_E("invalid storage level %" LOG_PUBLIC "d.", storageLevel);
242 }
243 return HKS_SUCCESS;
244 }
245
FreeStorageMaterial(struct HksStoreMaterial * material)246 static void FreeStorageMaterial(struct HksStoreMaterial *material)
247 {
248 HKS_FREE(material->userIdPath);
249 HKS_FREE(material->uidPath);
250 HKS_FREE(material->storageTypePath);
251 HKS_FREE(material->keyAliasPath);
252 }
253
InitStorageMaterial(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,uint32_t storageType,struct HksStoreMaterial * outMaterial)254 static int32_t InitStorageMaterial(const struct HksProcessInfo *processInfo,
255 const struct HksParamSet *paramSet, const struct HksBlob *keyAlias, uint32_t storageType,
256 struct HksStoreMaterial *outMaterial)
257 {
258 (void)paramSet;
259 uint32_t storageLevel = HKS_AUTH_STORAGE_LEVEL_DE;
260 int32_t storeUserId = processInfo->userIdInt;
261 int32_t ret;
262 #ifdef L2_STANDARD
263 ret = GetStorageLevelAndStoreUserIdParam(processInfo, paramSet, &storageLevel, &storeUserId);
264 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get storage level and user id from param set failed.")
265 #endif
266 bool isPlainPath = GetIsPlainPath(storageLevel);
267
268 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
269 do {
270 ret = GetPathType(processInfo, storageType, storageLevel, &material);
271 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get path type failed.")
272
273 ret = GetUserIdPath(storeUserId, isPlainPath, &material);
274 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get user id path failed.")
275
276 ret = GetUidPath(isPlainPath, &processInfo->processName, &material);
277 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get uid path failed.")
278
279 ret = GetStorageTypePath(storageType, &material);
280 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get storage type path failed.")
281
282 ret = GetKeyAliasPath(keyAlias, &material);
283 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get key alias path failed.")
284
285 *outMaterial = material;
286 return HKS_SUCCESS;
287 } while (false);
288 FreeStorageMaterial(&material);
289 return ret;
290 }
291
HksConstructStoreFileInfo(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksStoreMaterial * material,struct HksStoreFileInfo * fileInfo)292 static int32_t HksConstructStoreFileInfo(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
293 const struct HksStoreMaterial *material, struct HksStoreFileInfo *fileInfo)
294 {
295 int32_t ret;
296 do {
297 ret = CheckSpecificUserIdAndStorageLevel(processInfo, paramSet);
298 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "check storagelevel or specificuserid tag failed, ret = %" LOG_PUBLIC "d.", ret)
299
300 ret = HksGetFileInfo(material, fileInfo);
301 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get plain file info failed, ret = %" LOG_PUBLIC "d.", ret)
302 } while (0);
303 return ret;
304 }
305
HksManageStoreKeyBlob(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,const struct HksBlob * keyBlob,uint32_t storageType)306 int32_t HksManageStoreKeyBlob(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
307 const struct HksBlob *keyAlias, const struct HksBlob *keyBlob, uint32_t storageType)
308 {
309 (void)processInfo;
310 UnlockIfDe(paramSet);
311 #ifdef SUPPORT_STORAGE_BACKUP
312 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
313 #else
314 struct HksStoreFileInfo fileInfo = { { 0 } };
315 #endif
316 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
317 int32_t ret;
318 do {
319 #ifdef _STORAGE_LITE_
320 ret = HksStoreKeyBlob(NULL, keyAlias, storageType, keyBlob);
321 #else
322 ret = InitStorageMaterial(processInfo, paramSet, keyAlias, storageType, &material);
323 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
324
325 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
326 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
327
328 struct HksParam *isKeyOverride = NULL;
329 ret = HksGetParam(paramSet, HKS_TAG_KEY_OVERRIDE, &isKeyOverride);
330 if (ret == HKS_SUCCESS) {
331 ret = HksStoreKeyBlob(&fileInfo, &material, keyBlob, isKeyOverride->boolParam);
332 } else {
333 ret = HksStoreKeyBlob(&fileInfo, &material, keyBlob, true);
334 }
335
336 #endif
337 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks store key blob failed, ret = %" LOG_PUBLIC "d.", ret)
338 } while (0);
339
340 FileInfoFree(&fileInfo);
341 FreeStorageMaterial(&material);
342 return ret;
343 }
344
HksManageStoreDeleteKeyBlob(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,uint32_t storageType)345 int32_t HksManageStoreDeleteKeyBlob(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
346 const struct HksBlob *keyAlias, uint32_t storageType)
347 {
348 (void)processInfo;
349 UnlockIfDe(paramSet);
350 #ifdef SUPPORT_STORAGE_BACKUP
351 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
352 #else
353 struct HksStoreFileInfo fileInfo = { { 0 } };
354 #endif
355 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
356 int32_t ret;
357 do {
358 #ifdef _STORAGE_LITE_
359 ret = HksStoreDeleteKeyBlob(NULL, keyAlias, storageType);
360 #else
361 ret = InitStorageMaterial(processInfo, paramSet, keyAlias, storageType, &material);
362 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
363
364 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
365 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
366
367 ret = HksStoreDeleteKeyBlob(&fileInfo, &material);
368 #endif
369 HKS_IF_NOT_SUCC_LOGI_BREAK(ret, "hks delete key blob failed, ret = %" LOG_PUBLIC "d.", ret)
370 } while (0);
371
372 FileInfoFree(&fileInfo);
373 FreeStorageMaterial(&material);
374 return ret;
375 }
376
HksManageStoreIsKeyBlobExist(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,uint32_t storageType)377 int32_t HksManageStoreIsKeyBlobExist(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
378 const struct HksBlob *keyAlias, uint32_t storageType)
379 {
380 (void)processInfo;
381 UnlockIfDe(paramSet);
382 #ifdef SUPPORT_STORAGE_BACKUP
383 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
384 #else
385 struct HksStoreFileInfo fileInfo = { { 0 } };
386 #endif
387 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
388 int32_t ret;
389 do {
390 #ifdef _STORAGE_LITE_
391 ret = HksStoreIsKeyBlobExist(NULL, keyAlias, storageType);
392 #else
393 ret = InitStorageMaterial(processInfo, paramSet, keyAlias, storageType, &material);
394 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
395
396 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
397 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
398
399 ret = HksStoreIsKeyBlobExist(&fileInfo);
400 #endif
401 HKS_IF_NOT_SUCC_LOGI_BREAK(ret, "hks key blob in old de not exist, ret = %" LOG_PUBLIC "d.", ret)
402 } while (0);
403
404 FileInfoFree(&fileInfo);
405 FreeStorageMaterial(&material);
406 return ret;
407 }
408
HksManageStoreGetKeyBlob(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,struct HksBlob * keyBlob,uint32_t storageType)409 int32_t HksManageStoreGetKeyBlob(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
410 const struct HksBlob *keyAlias, struct HksBlob *keyBlob, uint32_t storageType)
411 {
412 (void)processInfo;
413 UnlockIfDe(paramSet);
414 #ifdef SUPPORT_STORAGE_BACKUP
415 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
416 #else
417 struct HksStoreFileInfo fileInfo = { { 0 } };
418 #endif
419 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
420 int32_t ret;
421 do {
422 #ifdef _STORAGE_LITE_
423 ret = HksStoreGetKeyBlob(NULL, keyAlias, storageType, keyBlob);
424 #else
425 ret = InitStorageMaterial(processInfo, paramSet, keyAlias, storageType, &material);
426 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
427
428 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
429 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
430
431 if (storageType != HKS_STORAGE_TYPE_BAK_KEY) {
432 ret = HksStoreGetKeyBlob(&fileInfo.mainPath, &material, keyBlob);
433 }
434 #ifdef SUPPORT_STORAGE_BACKUP
435 else {
436 ret = HksStoreGetKeyBlob(&fileInfo.bakPath, &material, keyBlob);
437 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get key blob failed, ret = %" LOG_PUBLIC "d.", ret)
438
439 HKS_IF_NOT_SUCC_LOGE(HksStorageWriteFile(fileInfo.mainPath.path, fileInfo.mainPath.fileName,
440 keyBlob->data, keyBlob->size, true), "hks copy bak key to main key failed")
441 }
442 #endif
443 #endif
444 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get key blob failed, ret = %" LOG_PUBLIC "d.", ret)
445 } while (0);
446
447 FileInfoFree(&fileInfo);
448 FreeStorageMaterial(&material);
449 return ret;
450 }
451
HksManageStoreGetKeyBlobSize(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,const struct HksBlob * keyAlias,uint32_t * keyBlobSize,uint32_t storageType)452 int32_t HksManageStoreGetKeyBlobSize(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
453 const struct HksBlob *keyAlias, uint32_t *keyBlobSize, uint32_t storageType)
454 {
455 (void)processInfo;
456 UnlockIfDe(paramSet);
457 #ifdef SUPPORT_STORAGE_BACKUP
458 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
459 #else
460 struct HksStoreFileInfo fileInfo = { { 0 } };
461 #endif
462 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
463 int32_t ret;
464 do {
465 #ifdef _STORAGE_LITE_
466 ret = HksStoreGetKeyBlobSize(NULL, keyAlias, storageType, keyBlobSize);
467 #else
468 ret = InitStorageMaterial(processInfo, paramSet, keyAlias, storageType, &material);
469 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
470
471 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
472 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
473
474 if (storageType != HKS_STORAGE_TYPE_BAK_KEY) {
475 ret = HksStoreGetKeyBlobSize(&fileInfo.mainPath, &material, keyBlobSize);
476 }
477 #ifdef SUPPORT_STORAGE_BACKUP
478 else {
479 ret = HksStoreGetKeyBlobSize(&fileInfo.bakPath, &material, keyBlobSize);
480 }
481 #endif
482 #endif
483 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get key blob failed, ret = %" LOG_PUBLIC "d.", ret)
484 } while (0);
485
486 FileInfoFree(&fileInfo);
487 FreeStorageMaterial(&material);
488 return ret;
489 }
490
HksManageGetKeyAliasByProcessName(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,struct HksKeyInfo * keyInfoList,uint32_t * listCount)491 int32_t HksManageGetKeyAliasByProcessName(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
492 struct HksKeyInfo *keyInfoList, uint32_t *listCount)
493 {
494 UnlockIfDe(paramSet);
495 #ifdef SUPPORT_STORAGE_BACKUP
496 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
497 #else
498 struct HksStoreFileInfo fileInfo = { { 0 } };
499 #endif
500 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
501 int32_t ret;
502 do {
503 ret = InitStorageMaterial(processInfo, paramSet, NULL, HKS_STORAGE_TYPE_KEY, &material);
504 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
505
506 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
507 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
508
509 ret = HksGetKeyAliasByProcessName(&fileInfo, keyInfoList, listCount);
510 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get key alias by processname failed, ret = %" LOG_PUBLIC "d.", ret)
511 } while (0);
512
513 FileInfoFree(&fileInfo);
514 FreeStorageMaterial(&material);
515 return ret;
516 }
517
HksManageGetKeyCountByProcessName(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,uint32_t * fileCount)518 int32_t HksManageGetKeyCountByProcessName(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
519 uint32_t *fileCount)
520 {
521 (void)processInfo;
522 UnlockIfDe(paramSet);
523 #ifdef SUPPORT_STORAGE_BACKUP
524 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
525 #else
526 struct HksStoreFileInfo fileInfo = { { 0 } };
527 #endif
528 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
529 int32_t ret;
530 do {
531 #ifdef _STORAGE_LITE_
532 ret = HksGetKeyCountByProcessName(NULL, fileCount);
533 #else
534 ret = InitStorageMaterial(processInfo, paramSet, NULL, HKS_STORAGE_TYPE_KEY, &material);
535 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
536
537 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
538 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
539
540 ret = HksGetKeyCountByProcessName(&fileInfo, fileCount);
541 #endif
542 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks get key count by processname failed, ret = %" LOG_PUBLIC "d.", ret)
543 } while (0);
544
545 FileInfoFree(&fileInfo);
546 FreeStorageMaterial(&material);
547 return ret;
548 }
549
HksManageListAliasesByProcessName(const struct HksProcessInfo * processInfo,const struct HksParamSet * paramSet,struct HksKeyAliasSet ** outData)550 int32_t HksManageListAliasesByProcessName(const struct HksProcessInfo *processInfo, const struct HksParamSet *paramSet,
551 struct HksKeyAliasSet **outData)
552 {
553 UnlockIfDe(paramSet);
554 #ifdef L2_STANDARD
555 #ifdef SUPPORT_STORAGE_BACKUP
556 struct HksStoreFileInfo fileInfo = { { 0 }, { 0 } };
557 #else
558 struct HksStoreFileInfo fileInfo = { { 0 } };
559 #endif
560 struct HksStoreMaterial material = { DE_PATH, 0, 0, 0, 0 };
561 int32_t ret;
562 do {
563 ret = InitStorageMaterial(processInfo, paramSet, NULL, HKS_STORAGE_TYPE_KEY, &material);
564 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init storage material failed, ret = %" LOG_PUBLIC "d.", ret)
565
566 ret = HksConstructStoreFileInfo(processInfo, paramSet, &material, &fileInfo);
567 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct store file info failed, ret = %" LOG_PUBLIC "d.", ret)
568
569 ret = HksListAliasesByProcessName(&fileInfo, outData);
570 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks list aliases by processname failed, ret = %" LOG_PUBLIC "d.", ret)
571 } while (0);
572
573 FileInfoFree(&fileInfo);
574 FreeStorageMaterial(&material);
575 return ret;
576 #else
577 (void)processInfo;
578 (void)paramSet;
579 (void)outData;
580 return HKS_SUCCESS;
581 #endif
582 }
583
HksManageStoreRenameKeyAlias(const struct HksProcessInfo * processInfo,const struct HksBlob * oldKeyAlias,const struct HksParamSet * paramSet,const struct HksBlob * newKeyAlias,uint32_t storageType)584 int32_t HksManageStoreRenameKeyAlias(const struct HksProcessInfo *processInfo,
585 const struct HksBlob *oldKeyAlias, const struct HksParamSet *paramSet,
586 const struct HksBlob *newKeyAlias, uint32_t storageType)
587 {
588 (void)processInfo;
589 UnlockIfDe(paramSet);
590 struct HksStoreFileInfo oldKeyFileInfo = { { 0 } };
591 struct HksStoreFileInfo newKeyFileInfo = { { 0 } };
592 struct HksStoreMaterial oldKeyMaterial = { DE_PATH, 0, 0, 0, 0 };
593 struct HksStoreMaterial newKeyMaterial = { DE_PATH, 0, 0, 0, 0 };
594 int32_t ret;
595 do {
596 ret = InitStorageMaterial(processInfo, paramSet, oldKeyAlias, storageType, &oldKeyMaterial);
597 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init old key storage material failed, ret = %" LOG_PUBLIC "d.", ret);
598 ret = InitStorageMaterial(processInfo, paramSet, newKeyAlias, storageType, &newKeyMaterial);
599 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init new key storage material failed, ret = %" LOG_PUBLIC "d.", ret);
600
601 ret = HksConstructStoreFileInfo(processInfo, paramSet, &oldKeyMaterial, &oldKeyFileInfo);
602 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct old store file info failed, ret = %" LOG_PUBLIC "d.", ret);
603 ret = HksConstructStoreFileInfo(processInfo, paramSet, &newKeyMaterial, &newKeyFileInfo);
604 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks construct new store file info failed, ret = %" LOG_PUBLIC "d.", ret);
605
606 ret = HksCheckParamSetValidity(paramSet);
607 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "check paramset invalid failed!");
608
609 struct HksParam *isNeedCopy = NULL;
610 ret = HksGetParam(paramSet, HKS_TAG_IS_COPY_NEW_KEY, &isNeedCopy);
611 ret = HksStoreRenameKeyAlias(&oldKeyFileInfo, &newKeyFileInfo, &oldKeyMaterial, &newKeyMaterial,
612 (ret == HKS_SUCCESS && isNeedCopy->boolParam == true) ? true : false);
613 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks rename key blod failed, ret = %" LOG_PUBLIC "d.", ret);
614 } while (0);
615 FileInfoFree(&oldKeyFileInfo);
616 FileInfoFree(&newKeyFileInfo);
617 FreeStorageMaterial(&oldKeyMaterial);
618 FreeStorageMaterial(&newKeyMaterial);
619 return ret;
620 }
621
622 #endif