1 /*
2 * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #define HUKS_DISABLE_LOG_AT_FILE_TO_REDUCE_ROM_SIZE
16
17 #include "hks_type_enum.h"
18 #ifndef _CUT_AUTHENTICATE_
19
20 #ifdef HKS_CONFIG_FILE
21 #include HKS_CONFIG_FILE
22 #else
23 #include "hks_config.h"
24 #endif
25
26 #include "hks_storage.h"
27
28 #include <stdbool.h>
29 #include <stddef.h>
30 #include <stdint.h>
31 #include <string.h>
32
33 #include "hks_file_operator.h"
34 #include "hks_log.h"
35 #include "hks_mem.h"
36 #include "hks_storage_file_lock.h"
37 #include "hks_template.h"
38 #include "huks_access.h"
39 #include "securec.h"
40 #include "hks_storage_utils.h"
41
42 #ifdef HKS_SUPPORT_THREAD
CreateStorageFileLock(const char * path,const char * fileName)43 static HksStorageFileLock *CreateStorageFileLock(const char *path, const char *fileName)
44 {
45 char *fullPath = (char *)HksMalloc(HKS_MAX_FILE_NAME_LEN);
46 HKS_IF_NULL_RETURN(fullPath, NULL)
47
48 int32_t ret = HksGetFileName(path, fileName, fullPath, HKS_MAX_FILE_NAME_LEN);
49 if (ret != HKS_SUCCESS) {
50 HKS_LOG_E("get full path failed, ret = %" LOG_PUBLIC "d.", ret);
51 HKS_FREE(fullPath);
52 return NULL;
53 }
54
55 HksStorageFileLock *lock = HksStorageFileLockCreate(fullPath);
56 HKS_FREE(fullPath);
57 return lock;
58 }
59 #endif
60
HksStorageWriteFile(const char * path,const char * fileName,const uint8_t * buf,uint32_t len,bool isOverride)61 int32_t HksStorageWriteFile(
62 const char *path, const char *fileName, const uint8_t *buf, uint32_t len, bool isOverride)
63 {
64 #ifdef HKS_SUPPORT_THREAD
65 HksStorageFileLock *lock = CreateStorageFileLock(path, fileName);
66 HksStorageFileLockWrite(lock);
67
68 if (!isOverride) {
69 int32_t ret = HksIsFileExist(path, fileName);
70 if (ret == HKS_SUCCESS) {
71 HKS_LOG_I("key is already exist.");
72 HksStorageFileUnlockWrite(lock);
73 HksStorageFileLockRelease(lock);
74 return HKS_ERROR_CODE_KEY_ALREADY_EXIST;
75 } else if (ret != HKS_ERROR_NOT_EXIST) {
76 HksStorageFileUnlockWrite(lock);
77 HksStorageFileLockRelease(lock);
78 return ret;
79 }
80 }
81 int32_t ret = HksFileWrite(path, fileName, 0, buf, len);
82 HksStorageFileUnlockWrite(lock);
83 HksStorageFileLockRelease(lock);
84 return ret;
85 #else
86 (void)isOverride;
87 return HksFileWrite(path, fileName, 0, buf, len);
88 #endif
89 }
90
HksStorageReadFile(const char * path,const char * fileName,uint32_t offset,struct HksBlob * blob,uint32_t * size)91 static int32_t HksStorageReadFile(
92 const char *path, const char *fileName, uint32_t offset, struct HksBlob *blob, uint32_t *size)
93 {
94 #ifdef HKS_SUPPORT_THREAD
95 HksStorageFileLock *lock = CreateStorageFileLock(path, fileName);
96 HksStorageFileLockRead(lock);
97 int32_t ret = HksFileRead(path, fileName, offset, blob, size);
98 HksStorageFileUnlockRead(lock);
99 HksStorageFileLockRelease(lock);
100 #else
101 int32_t ret = HksFileRead(path, fileName, offset, blob, size);
102 #endif
103 return ret;
104 }
105
106 #ifdef HKS_ENABLE_CLEAN_FILE
CleanFile(const char * path,const char * fileName)107 static int32_t CleanFile(const char *path, const char *fileName)
108 {
109 uint32_t size = HksFileSize(path, fileName);
110 HKS_IF_TRUE_LOGE_RETURN(size == 0 || size > HKS_MAX_FILE_SIZE, HKS_ERROR_FILE_SIZE_FAIL,
111 "get file size failed, ret = %" LOG_PUBLIC "u.", size)
112
113 int32_t ret = HKS_SUCCESS;
114 uint8_t *buf;
115 do {
116 buf = (uint8_t *)HksMalloc(size);
117 if (buf == NULL) {
118 HKS_LOG_E("malloc buf failed!");
119 ret = HKS_ERROR_MALLOC_FAIL;
120 break;
121 }
122
123 (void)memset_s(buf, size, 0, size);
124 ret = HksStorageWriteFile(path, fileName, buf, size, true);
125 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "write file 0 failed!")
126
127 (void)memset_s(buf, size, 1, size);
128 ret = HksStorageWriteFile(path, fileName, buf, size, true);
129 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "write file 1 failed!")
130
131 struct HksBlob bufBlob = { .size = size, .data = buf };
132 ret = HuksAccessGenerateRandom(NULL, &bufBlob);
133 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "fill buf random failed!")
134
135 ret = HksStorageWriteFile(path, fileName, buf, size, true);
136 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "write file random failed!")
137 } while (0);
138
139 HKS_FREE(buf);
140
141 return ret;
142 }
143 #endif
144
HksStorageRemoveFile(const char * path,const char * fileName)145 static int32_t HksStorageRemoveFile(const char *path, const char *fileName)
146 {
147 int32_t ret;
148 #ifdef HKS_ENABLE_CLEAN_FILE
149 ret = CleanFile(path, fileName);
150 HKS_IF_NOT_SUCC_LOGE(ret, "clean file failed!")
151 #endif
152 #ifdef HKS_SUPPORT_THREAD
153 HksStorageFileLock *lock = CreateStorageFileLock(path, fileName);
154 HksStorageFileLockWrite(lock);
155 ret = HksFileRemove(path, fileName);
156 HksStorageFileUnlockWrite(lock);
157 HksStorageFileLockRelease(lock);
158 #else
159 ret = HksFileRemove(path, fileName);
160 #endif
161 return ret;
162 }
163
CopyKeyBlobFromSrc(const char * srcPath,const char * srcFileName,const char * destPath,const char * destFileName)164 static int32_t CopyKeyBlobFromSrc(const char *srcPath, const char *srcFileName,
165 const char *destPath, const char *destFileName)
166 {
167 uint32_t size = HksFileSize(srcPath, srcFileName);
168 HKS_IF_TRUE_LOGE_RETURN(size == 0, HKS_ERROR_FILE_SIZE_FAIL, "get file size failed, ret = %" LOG_PUBLIC "u.", size)
169
170 uint8_t *buffer = (uint8_t *)HksMalloc(size);
171 HKS_IF_NULL_RETURN(buffer, HKS_ERROR_MALLOC_FAIL)
172
173 (void)memset_s(buffer, size, 0, size);
174
175 struct HksBlob blob = { .size = size, .data = buffer };
176
177 int32_t ret;
178 do {
179 ret = HksStorageReadFile(srcPath, srcFileName, 0, &blob, &size);
180 if (ret != HKS_SUCCESS) {
181 HKS_IF_TRUE_LOGE_BREAK(ret == HKS_ERROR_NO_PERMISSION,
182 "Check Permission failed, ret = %" LOG_PUBLIC "d.", ret)
183 HKS_LOG_E("read file failed, ret = %" LOG_PUBLIC "d.", ret);
184 ret = HKS_ERROR_READ_FILE_FAIL;
185 break;
186 }
187
188 ret = HksStorageWriteFile(destPath, destFileName, buffer, size, true);
189 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "file write destPath failed, ret = %" LOG_PUBLIC "d.", ret)
190 } while (0);
191
192 HKS_FREE(buffer);
193 return ret;
194 }
195
GetKeyBlobFromFile(const char * path,const char * fileName,struct HksBlob * keyBlob)196 static int32_t GetKeyBlobFromFile(const char *path, const char *fileName, struct HksBlob *keyBlob)
197 {
198 uint32_t size = HksFileSize(path, fileName);
199 HKS_IF_TRUE_RETURN(size == 0, HKS_ERROR_FILE_SIZE_FAIL)
200 HKS_IF_TRUE_RETURN(keyBlob->size < size, HKS_ERROR_INSUFFICIENT_DATA)
201
202 int32_t ret = HksStorageReadFile(path, fileName, 0, keyBlob, &size);
203 HKS_IF_TRUE_LOGE_RETURN(ret == HKS_ERROR_NO_PERMISSION, ret,
204 "Check Permission failed, ret = %" LOG_PUBLIC "d.", ret)
205 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, HKS_ERROR_READ_FILE_FAIL, "read file failed, ret = %" LOG_PUBLIC "d.", ret)
206
207 keyBlob->size = size;
208 return HKS_SUCCESS;
209 }
210
DeleteKeyBlob(const struct HksStoreFileInfo * fileInfo)211 static int32_t DeleteKeyBlob(const struct HksStoreFileInfo *fileInfo)
212 {
213 int32_t isMainFileExist = HksIsFileExist(fileInfo->mainPath.path, fileInfo->mainPath.fileName);
214 int32_t ret = HKS_SUCCESS;
215 #ifdef SUPPORT_STORAGE_BACKUP
216 int32_t isBakFileExist = HksIsFileExist(fileInfo->bakPath.path, fileInfo->bakPath.fileName);
217 if ((isMainFileExist != HKS_SUCCESS) && (isBakFileExist != HKS_SUCCESS)) {
218 return HKS_ERROR_NOT_EXIST;
219 }
220
221 if (isBakFileExist == HKS_SUCCESS) {
222 ret = HksStorageRemoveFile(fileInfo->bakPath.path, fileInfo->bakPath.fileName);
223 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "delete key remove bakfile failed, ret = %" LOG_PUBLIC "d.", ret)
224 }
225 #endif
226 if (isMainFileExist == HKS_SUCCESS) {
227 ret = HksStorageRemoveFile(fileInfo->mainPath.path, fileInfo->mainPath.fileName);
228 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "delete key remove file failed, ret = %" LOG_PUBLIC "d.", ret)
229 } else {
230 return HKS_ERROR_NOT_EXIST;
231 }
232
233 return ret;
234 }
235
GetKeyBlob(const struct HksStoreInfo * fileInfoPath,struct HksBlob * keyBlob)236 static int32_t GetKeyBlob(const struct HksStoreInfo *fileInfoPath, struct HksBlob *keyBlob)
237 {
238 int32_t isFileExist = HksIsFileExist(fileInfoPath->path, fileInfoPath->fileName);
239 HKS_IF_NOT_SUCC_RETURN(isFileExist, HKS_ERROR_NOT_EXIST)
240
241 int32_t ret = GetKeyBlobFromFile(fileInfoPath->path, fileInfoPath->fileName, keyBlob);
242 return ret;
243 }
244
GetKeyBlobSize(const struct HksStoreInfo * fileInfoPath,uint32_t * keyBlobSize)245 static int32_t GetKeyBlobSize(const struct HksStoreInfo *fileInfoPath, uint32_t *keyBlobSize)
246 {
247 int32_t isFileExist = HksIsFileExist(fileInfoPath->path, fileInfoPath->fileName);
248 HKS_IF_NOT_SUCC_RETURN(isFileExist, HKS_ERROR_NOT_EXIST)
249
250 uint32_t size = HksFileSize(fileInfoPath->path, fileInfoPath->fileName);
251 HKS_IF_TRUE_RETURN(size == 0, HKS_ERROR_FILE_SIZE_FAIL)
252
253 *keyBlobSize = size;
254 return HKS_SUCCESS;
255 }
256
IsKeyBlobExist(const struct HksStoreFileInfo * fileInfo)257 static int32_t IsKeyBlobExist(const struct HksStoreFileInfo *fileInfo)
258 {
259 int32_t isMainFileExist = HksIsFileExist(fileInfo->mainPath.path, fileInfo->mainPath.fileName);
260 #ifndef SUPPORT_STORAGE_BACKUP
261 HKS_IF_NOT_SUCC_RETURN(isMainFileExist, HKS_ERROR_NOT_EXIST)
262 #else
263 if (isMainFileExist != HKS_SUCCESS) {
264 int32_t isBakFileExist = HksIsFileExist(fileInfo->bakPath.path, fileInfo->bakPath.fileName);
265 HKS_IF_NOT_SUCC_LOGI_RETURN(isBakFileExist, HKS_ERROR_NOT_EXIST, "hks mainkey and backupkey not exist")
266
267 HKS_IF_NOT_SUCC_LOGE(CopyKeyBlobFromSrc(fileInfo->bakPath.path, fileInfo->bakPath.fileName,
268 fileInfo->mainPath.path, fileInfo->mainPath.fileName), "hks copy bak key to main key failed")
269 }
270 #endif
271 return HKS_SUCCESS;
272 }
273
HksStoreKeyBlob(const struct HksStoreFileInfo * fileInfo,const struct HksStoreMaterial * material,const struct HksBlob * keyBlob,bool isOverride)274 int32_t HksStoreKeyBlob(const struct HksStoreFileInfo *fileInfo, const struct HksStoreMaterial *material,
275 const struct HksBlob *keyBlob, bool isOverride)
276 {
277 int32_t ret;
278 do {
279 ret = RecordKeyOperation(KEY_OPERATION_SAVE, material, fileInfo->mainPath.fileName);
280 HKS_IF_NOT_SUCC_BREAK(ret)
281
282 ret = HksStorageWriteFile(fileInfo->mainPath.path, fileInfo->mainPath.fileName,
283 keyBlob->data, keyBlob->size, isOverride);
284 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks save main key blob failed, ret = %" LOG_PUBLIC "d.", ret)
285
286 #ifdef SUPPORT_STORAGE_BACKUP
287 HKS_IF_NOT_SUCC_LOGE(HksStorageWriteFile(fileInfo->bakPath.path, fileInfo->bakPath.fileName, keyBlob->data,
288 keyBlob->size, isOverride), "hks save backup key blob failed")
289 #endif
290 } while (0);
291
292 return ret;
293 }
294
HksStoreDeleteKeyBlob(const struct HksStoreFileInfo * fileInfo,const struct HksStoreMaterial * material)295 int32_t HksStoreDeleteKeyBlob(const struct HksStoreFileInfo *fileInfo, const struct HksStoreMaterial *material)
296 {
297 int32_t ret;
298 do {
299 ret = RecordKeyOperation(KEY_OPERATION_DELETE, material, fileInfo->mainPath.fileName);
300 HKS_IF_NOT_SUCC_BREAK(ret)
301
302 ret = DeleteKeyBlob(fileInfo);
303 } while (0);
304
305 return ret;
306 }
307
HksStoreIsKeyBlobExist(const struct HksStoreFileInfo * fileInfo)308 int32_t HksStoreIsKeyBlobExist(const struct HksStoreFileInfo *fileInfo)
309 {
310 int32_t ret = HKS_SUCCESS;
311 do {
312 ret = IsKeyBlobExist(fileInfo);
313 HKS_IF_NOT_SUCC_LOGI(ret, "check is key exist, ret = %" LOG_PUBLIC "d.", ret)
314 } while (0);
315
316 return ret;
317 }
318
HksStoreGetKeyBlob(const struct HksStoreInfo * fileInfoPath,const struct HksStoreMaterial * material,struct HksBlob * keyBlob)319 int32_t HksStoreGetKeyBlob(const struct HksStoreInfo *fileInfoPath, const struct HksStoreMaterial *material,
320 struct HksBlob *keyBlob)
321 {
322 int32_t ret;
323 do {
324 ret = RecordKeyOperation(KEY_OPERATION_GET, material, fileInfoPath->fileName);
325 HKS_IF_NOT_SUCC_BREAK(ret)
326
327 ret = GetKeyBlob(fileInfoPath, keyBlob);
328 HKS_IF_NOT_SUCC_LOGE(ret, "hks get keyblob failed, ret = %" LOG_PUBLIC "d.", ret)
329 } while (0);
330
331 return ret;
332 }
333
HksStoreGetKeyBlobSize(const struct HksStoreInfo * fileInfoPath,const struct HksStoreMaterial * material,uint32_t * keyBlobSize)334 int32_t HksStoreGetKeyBlobSize(const struct HksStoreInfo *fileInfoPath, const struct HksStoreMaterial *material,
335 uint32_t *keyBlobSize)
336 {
337 int32_t ret;
338 do {
339 ret = GetKeyBlobSize(fileInfoPath, keyBlobSize);
340 if (ret != HKS_SUCCESS) {
341 RecordKeyOperation(KEY_OPERATION_CHECK, material, fileInfoPath->fileName);
342 HKS_LOG_E("hks get keyblob size failed, ret = %" LOG_PUBLIC "d.", ret);
343 }
344 } while (0);
345
346 return ret;
347 }
348
GetFileCount(const char * path,uint32_t * fileCount)349 static int32_t GetFileCount(const char *path, uint32_t *fileCount)
350 {
351 HKS_IF_TRUE_RETURN(path == NULL || fileCount == NULL, HKS_ERROR_NULL_POINTER)
352
353 void *dir = HksOpenDir(path);
354 if (dir == NULL) {
355 HKS_LOG_W("can't open directory");
356 *fileCount = 0;
357 return HKS_SUCCESS;
358 }
359
360 uint32_t count = 0;
361 struct HksFileDirentInfo dire = {{0}};
362 int32_t ret = HksGetDirFile(dir, &dire);
363 while (ret == HKS_SUCCESS) {
364 count++;
365 ret = HksGetDirFile(dir, &dire);
366 }
367 (void)HksCloseDir(dir);
368 *fileCount = count;
369
370 return HKS_SUCCESS;
371 }
372
GetFileNameList(const char * path,struct HksFileEntry * fileNameList,uint32_t * fileCount)373 static int32_t GetFileNameList(const char *path, struct HksFileEntry *fileNameList, uint32_t *fileCount)
374 {
375 HKS_IF_TRUE_RETURN(path == NULL || fileCount == NULL || fileNameList == NULL, HKS_ERROR_NULL_POINTER)
376
377 void *dir = HksOpenDir(path);
378 if (dir == NULL) {
379 HKS_LOG_W("can't open directory");
380 *fileCount = 0;
381 return HKS_SUCCESS;
382 }
383
384 struct HksFileDirentInfo dire = {{0}};
385 int32_t ret = HksGetDirFile(dir, &dire);
386 uint32_t count = 0;
387 while (ret == HKS_SUCCESS) {
388 count++;
389 uint32_t nameLen = strlen(dire.fileName);
390 HKS_IF_TRUE_LOGE_BREAK(*fileCount < count || fileNameList[count - 1].fileNameLen < nameLen + 1,
391 "the input params are wrong and too small")
392
393 HKS_IF_NOT_EOK_LOGE_BREAK(strncpy_s(fileNameList[count - 1].fileName, fileNameList[count - 1].fileNameLen,
394 dire.fileName, nameLen), "failed to copy the string")
395 fileNameList[count - 1].fileName[nameLen] = '\0';
396 ret = HksGetDirFile(dir, &dire);
397 }
398 (void)HksCloseDir(dir);
399 *fileCount = count;
400
401 return HKS_SUCCESS;
402 }
403
GetAndCheckFileCount(const char * path,uint32_t * fileCount,const uint32_t * inputCount)404 static int32_t GetAndCheckFileCount(const char *path, uint32_t *fileCount, const uint32_t *inputCount)
405 {
406 int32_t ret = GetFileCount(path, fileCount);
407 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get storage file count, ret = %" LOG_PUBLIC "d.", ret)
408
409 HKS_IF_TRUE_LOGE_RETURN(*inputCount < *fileCount, HKS_ERROR_BUFFER_TOO_SMALL, "listCount space not enough")
410 return HKS_SUCCESS;
411 }
412
GetKeyAliasByProcessName(const struct HksStoreFileInfo * fileInfo,struct HksKeyInfo * keyInfoList,uint32_t * listCount)413 static int32_t GetKeyAliasByProcessName(const struct HksStoreFileInfo *fileInfo, struct HksKeyInfo *keyInfoList,
414 uint32_t *listCount)
415 {
416 uint32_t fileCount;
417 int32_t ret = GetAndCheckFileCount(fileInfo->mainPath.path, &fileCount, listCount);
418 HKS_IF_NOT_SUCC_RETURN(ret, ret)
419
420 if (fileCount == 0) {
421 *listCount = 0;
422 return HKS_SUCCESS;
423 }
424
425 struct HksFileEntry *fileNameList = NULL;
426 ret = FileNameListInit(&fileNameList, fileCount);
427 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "init file name list failed.")
428
429 uint32_t realFileCount = fileCount;
430 do {
431 ret = GetFileNameList(fileInfo->mainPath.path, fileNameList, &realFileCount);
432 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get file name list failed, ret = %" LOG_PUBLIC "d", ret)
433
434 for (uint32_t i = 0; i < realFileCount; ++i) {
435 ret = ConstructBlob(fileNameList[i].fileName, &(keyInfoList[i].alias));
436 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "construct blob failed, ret = %" LOG_PUBLIC "d", ret)
437 }
438 } while (0);
439
440 FileNameListFree(&fileNameList, fileCount);
441 HKS_IF_NOT_SUCC_RETURN(ret, ret)
442
443 *listCount = realFileCount;
444 return ret;
445 }
446
HksGetKeyAliasByProcessName(const struct HksStoreFileInfo * fileInfo,struct HksKeyInfo * keyInfoList,uint32_t * listCount)447 int32_t HksGetKeyAliasByProcessName(const struct HksStoreFileInfo *fileInfo, struct HksKeyInfo *keyInfoList,
448 uint32_t *listCount)
449 {
450 int32_t ret;
451 do {
452 ret = GetKeyAliasByProcessName(fileInfo, keyInfoList, listCount);
453 HKS_IF_NOT_SUCC_LOGE(ret, "get key alias by processName failed, ret = %" LOG_PUBLIC "d.", ret)
454 } while (0);
455
456 return ret;
457 }
458
HksGetKeyCountByProcessName(const struct HksStoreFileInfo * fileInfo,uint32_t * fileCount)459 int32_t HksGetKeyCountByProcessName(const struct HksStoreFileInfo *fileInfo, uint32_t *fileCount)
460 {
461 int32_t ret;
462 do {
463 ret = GetFileCount(fileInfo->mainPath.path, fileCount);
464 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get storage file count failed, ret = %" LOG_PUBLIC "d.", ret)
465 } while (0);
466
467 return ret;
468 }
469
DestroyType(const char * storePath,const char * typePath,uint32_t bakFlag)470 static int32_t DestroyType(const char *storePath, const char *typePath, uint32_t bakFlag)
471 {
472 char *destroyPath = (char *)HksMalloc(HKS_MAX_FILE_NAME_LEN);
473 HKS_IF_NULL_RETURN(destroyPath, HKS_ERROR_MALLOC_FAIL)
474
475 (void)memset_s(destroyPath, HKS_MAX_FILE_NAME_LEN, 0, HKS_MAX_FILE_NAME_LEN);
476
477 int32_t ret = GetPath(storePath, typePath, destroyPath, HKS_MAX_FILE_NAME_LEN, bakFlag);
478 if (ret != HKS_SUCCESS) {
479 HKS_LOG_E("Get Path failed! ret = 0x%" LOG_PUBLIC "X", ret);
480 HKS_FREE(destroyPath);
481 return ret;
482 }
483
484 ret = HksIsDirExist(destroyPath);
485 if (ret != HKS_SUCCESS) {
486 HKS_FREE(destroyPath);
487 return HKS_SUCCESS;
488 }
489
490 ret = HksRemoveDir(destroyPath);
491 HKS_IF_NOT_SUCC_LOGE(ret, "Destroy dir failed! ret = 0x%" LOG_PUBLIC "X", ret)
492
493 HKS_FREE(destroyPath);
494 return ret;
495 }
496
StoreDestroy(const char * processNameEncoded,uint32_t bakFlag)497 static int32_t StoreDestroy(const char *processNameEncoded, uint32_t bakFlag)
498 {
499 char *rootPath = NULL;
500 if (bakFlag == HKS_STORAGE_BAK_FLAG_TRUE) {
501 rootPath = HKS_KEY_STORE_BAK_PATH;
502 } else {
503 rootPath = HKS_KEY_STORE_PATH;
504 }
505
506 char *storePath = (char *)HksMalloc(HKS_MAX_FILE_NAME_LEN);
507 HKS_IF_NULL_RETURN(storePath, HKS_ERROR_MALLOC_FAIL)
508
509 int32_t ret = GetPath(rootPath, processNameEncoded, storePath, HKS_MAX_FILE_NAME_LEN, bakFlag);
510 if (ret != HKS_SUCCESS) {
511 HKS_LOG_E("Get Path failed! ret = 0x%" LOG_PUBLIC "X", ret);
512 HKS_FREE(storePath);
513 return ret;
514 }
515
516 ret = DestroyType(storePath, HKS_KEY_STORE_ROOT_KEY_PATH, bakFlag);
517 HKS_IF_NOT_SUCC_LOGI(ret, "Destroy info dir failed! ret = 0x%" LOG_PUBLIC "X", ret) /* continue delete */
518
519 ret = DestroyType(storePath, HKS_KEY_STORE_KEY_PATH, bakFlag);
520 HKS_IF_NOT_SUCC_LOGI(ret, "Destroy key dir failed! ret = 0x%" LOG_PUBLIC "X", ret) /* continue delete */
521
522 HKS_FREE(storePath);
523 return HKS_SUCCESS;
524 }
525
HksStoreDestroy(const struct HksBlob * processName)526 int32_t HksStoreDestroy(const struct HksBlob *processName)
527 {
528 char *name = (char *)HksMalloc(HKS_MAX_FILE_NAME_LEN);
529 HKS_IF_NULL_RETURN(name, HKS_ERROR_MALLOC_FAIL)
530
531 int32_t ret;
532 do {
533 ret = ConstructName(processName, name, HKS_MAX_FILE_NAME_LEN);
534 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "Construct process name failed! ret = 0x%" LOG_PUBLIC "X.", ret)
535
536 ret = StoreDestroy(name, HKS_STORAGE_BAK_FLAG_FLASE);
537 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "Hks destroy dir failed! ret = 0x%" LOG_PUBLIC "X.", ret)
538
539 #ifdef SUPPORT_STORAGE_BACKUP
540 ret = StoreDestroy(name, HKS_STORAGE_BAK_FLAG_TRUE);
541 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "Hks destroy back dir failed! ret = 0x%" LOG_PUBLIC "X.", ret)
542 #endif
543 } while (0);
544
545 HKS_FREE(name);
546 return ret;
547 }
548
549 #ifdef HKS_ENABLE_SMALL_TO_SERVICE
HksIsOldKeyPathCleared(uint32_t * keyCount)550 int32_t HksIsOldKeyPathCleared(uint32_t *keyCount)
551 {
552 return GetFileCount(HKS_KEY_STORE_PATH "/hks_client/key", keyCount);
553 }
554 #endif
555
556 #ifdef HKS_ENABLE_EVENT_DELETE
557 #ifdef L2_STANDARD
DeleteUserIdMainPathAndBakPath(const char * userData,const char * deDataPath,const char * ceOrEceDataPath)558 static void DeleteUserIdMainPathAndBakPath(const char *userData, const char *deDataPath, const char *ceOrEceDataPath)
559 {
560 char dePath[HKS_MAX_DIRENT_FILE_LEN] = "";
561 int32_t offset = sprintf_s(dePath, HKS_MAX_DIRENT_FILE_LEN, "%s/%s",
562 deDataPath, userData);
563 if (offset > 0) {
564 HKS_LOG_I("delete de path, userid: %" LOG_PUBLIC "s", userData);
565 (void)HksDeleteDir(dePath);
566 } else {
567 HKS_LOG_E("get de path failed");
568 }
569
570 char cePath[HKS_MAX_DIRENT_FILE_LEN] = "";
571 offset = sprintf_s(cePath, HKS_MAX_DIRENT_FILE_LEN, "%s/%s/%s",
572 HKS_CE_ROOT_PATH, userData, ceOrEceDataPath);
573 if (offset > 0) {
574 HKS_LOG_I("delete ce path, userid: %" LOG_PUBLIC "s", userData);
575 (void)HksDeleteDir(cePath);
576 } else {
577 HKS_LOG_E("get ce path failed");
578 }
579
580 char ecePath[HKS_MAX_DIRENT_FILE_LEN] = "";
581 offset = sprintf_s(ecePath, HKS_MAX_DIRENT_FILE_LEN, "%s/%s/%s",
582 HKS_ECE_ROOT_PATH, userData, ceOrEceDataPath);
583 if (offset > 0) {
584 HKS_LOG_I("delete ece path, userid: %" LOG_PUBLIC "s", userData);
585 (void)HksDeleteDir(ecePath);
586 } else {
587 HKS_LOG_E("get ece path failed");
588 }
589 }
590
DeleteUserIdPath(const struct HksBlob * userId)591 static void DeleteUserIdPath(const struct HksBlob *userId)
592 {
593 int32_t ret;
594 char *userData = NULL;
595 do {
596 userData = (char *)HksMalloc(HKS_MAX_FILE_NAME_LEN);
597 HKS_IF_NULL_LOGE_BREAK(userData, "malloc user data failed")
598
599 ret = ConstructPlainName(userId, userData, HKS_MAX_FILE_NAME_LEN);
600 HKS_IF_NOT_SUCC_BREAK(ret, "construct user id name failed, ret = %" LOG_PUBLIC "d", ret)
601
602 (void)DeleteUserIdMainPathAndBakPath(userData, HKS_KEY_STORE_PATH, HKS_STORE_SERVICE_PATH);
603 #ifdef SUPPORT_STORAGE_BACKUP
604 (void)DeleteUserIdMainPathAndBakPath(userData, HKS_KEY_STORE_BAK_PATH, HKS_STORE_SERVICE_BAK_PATH);
605 #endif
606 } while (0);
607 HKS_FREE(userData);
608 return;
609 }
610
DeleteUidMainPathAndBakPath(const char * userData,const char * uidData,const char * deDataPath,const char * ceOrEceDataPath)611 static void DeleteUidMainPathAndBakPath(const char *userData, const char *uidData,
612 const char *deDataPath, const char *ceOrEceDataPath)
613 {
614 char dePath[HKS_MAX_DIRENT_FILE_LEN] = "";
615 int32_t offset = sprintf_s(dePath, HKS_MAX_DIRENT_FILE_LEN, "%s/%s/%s",
616 deDataPath, userData, uidData);
617 if (offset > 0) {
618 HKS_LOG_I("delete de path, userid: %" LOG_PUBLIC "s, uid: %" LOG_PUBLIC "s", userData, uidData);
619 (void)HksDeleteDir(dePath);
620 } else {
621 HKS_LOG_E("get de path failed");
622 }
623
624 char cePath[HKS_MAX_DIRENT_FILE_LEN] = "";
625 offset = sprintf_s(cePath, HKS_MAX_DIRENT_FILE_LEN, "%s/%s/%s/%s",
626 HKS_CE_ROOT_PATH, userData, ceOrEceDataPath, uidData);
627 if (offset > 0) {
628 HKS_LOG_I("delete ce path, userid: %" LOG_PUBLIC "s, uid: %" LOG_PUBLIC "s", userData, uidData);
629 (void)HksDeleteDir(cePath);
630 } else {
631 HKS_LOG_E("get ce path failed");
632 }
633
634 char ecePath[HKS_MAX_DIRENT_FILE_LEN] = "";
635 offset = sprintf_s(ecePath, HKS_MAX_DIRENT_FILE_LEN, "%s/%s/%s/%s",
636 HKS_ECE_ROOT_PATH, userData, ceOrEceDataPath, uidData);
637 if (offset > 0) {
638 HKS_LOG_I("delete ece path, userid: %" LOG_PUBLIC "s, uid: %" LOG_PUBLIC "s", userData, uidData);
639 (void)HksDeleteDir(ecePath);
640 } else {
641 HKS_LOG_E("get ece path failed");
642 }
643 }
644
DeleteUidPath(const struct HksProcessInfo * processInfo)645 static void DeleteUidPath(const struct HksProcessInfo *processInfo)
646 {
647 int32_t ret;
648 char *userData = NULL;
649 char *uidData = NULL;
650 do {
651 userData = (char *)HksMalloc(HKS_MAX_FILE_NAME_LEN);
652 HKS_IF_NULL_LOGE_BREAK(userData, "malloc user data failed")
653
654 uidData = (char *)HksMalloc(HKS_MAX_FILE_NAME_LEN);
655 HKS_IF_NULL_LOGE_BREAK(uidData, "malloc uid data failed")
656
657 ret = ConstructPlainName(&processInfo->userId, userData, HKS_MAX_FILE_NAME_LEN);
658 HKS_IF_NOT_SUCC_BREAK(ret, "construct user id name failed, ret = %" LOG_PUBLIC "d", ret)
659
660 ret = ConstructPlainName(&processInfo->processName, uidData, HKS_MAX_FILE_NAME_LEN);
661 HKS_IF_NOT_SUCC_BREAK(ret, "construct uid name failed, ret = %" LOG_PUBLIC "d", ret)
662
663 (void)DeleteUidMainPathAndBakPath(userData, uidData, HKS_KEY_STORE_PATH, HKS_STORE_SERVICE_PATH);
664 #ifdef SUPPORT_STORAGE_BACKUP
665 (void)DeleteUidMainPathAndBakPath(userData, uidData, HKS_KEY_STORE_BAK_PATH, HKS_STORE_SERVICE_BAK_PATH);
666 #endif
667 } while (0);
668 HKS_FREE(userData);
669 HKS_FREE(uidData);
670 return;
671 }
672 #endif
673
HksServiceDeleteUserIDKeyAliasFile(const struct HksBlob * userId)674 void HksServiceDeleteUserIDKeyAliasFile(const struct HksBlob *userId)
675 {
676 char *userData = NULL;
677 int32_t ret;
678 do {
679 userData = (char *)HksMalloc(HKS_MAX_FILE_NAME_LEN);
680 HKS_IF_NULL_LOGE_BREAK(userData, "malloc user data failed")
681
682 // construct non-plain name for de path
683 ret = ConstructName(userId, userData, HKS_MAX_FILE_NAME_LEN);
684 HKS_IF_NOT_SUCC_BREAK(ret, "construct user id name failed, ret = %" LOG_PUBLIC "d", ret)
685
686 char userProcess[HKS_MAX_DIRENT_FILE_LEN] = "";
687 int32_t offset = sprintf_s(userProcess, HKS_MAX_DIRENT_FILE_LEN, "%s/%s", HKS_KEY_STORE_PATH, userData);
688 if (offset < 0) {
689 HKS_LOG_E("concatenate UserIdPath failed.");
690 ret = HKS_ERROR_BUFFER_TOO_SMALL;
691 break;
692 }
693
694 // ignore these results for ensure to clear data as most as possible
695 ret = HksDeleteDir(userProcess);
696 HKS_IF_NOT_SUCC_LOGE(ret, "delete de path, userid: %" LOG_PUBLIC "s failed, ret = %" LOG_PUBLIC "d",
697 userData, ret)
698 #ifdef L2_STANDARD
699 (void)DeleteUserIdPath(userId);
700 #endif
701 } while (0);
702 HKS_FREE(userData);
703 }
704
HksServiceDeleteUIDKeyAliasFile(const struct HksProcessInfo * processInfo)705 void HksServiceDeleteUIDKeyAliasFile(const struct HksProcessInfo *processInfo)
706 {
707 char *userData = NULL;
708 char *uidData = NULL;
709 int32_t ret;
710 do {
711 userData = (char *)HksMalloc(HKS_MAX_FILE_NAME_LEN);
712 HKS_IF_NULL_LOGE_BREAK(userData, "malloc user data failed")
713
714 // construct non-plain name for de path, and skip user path for user 0
715 if (processInfo->userIdInt != 0) {
716 ret = ConstructName(&processInfo->userId, userData, HKS_MAX_FILE_NAME_LEN);
717 HKS_IF_NOT_SUCC_BREAK(ret, "construct user id name failed, ret = %" LOG_PUBLIC "d", ret)
718 }
719
720 uidData = (char *)HksMalloc(HKS_MAX_FILE_NAME_LEN);
721 if (uidData == NULL) {
722 HKS_LOG_E("malloc user data failed");
723 ret = HKS_ERROR_MALLOC_FAIL;
724 break;
725 }
726
727 ret = ConstructName(&processInfo->processName, uidData, HKS_MAX_FILE_NAME_LEN);
728 HKS_IF_NOT_SUCC_BREAK(ret, "construct uid name failed, ret = %" LOG_PUBLIC "d", ret)
729
730 char userProcess[HKS_MAX_DIRENT_FILE_LEN] = "";
731 int32_t offset = sprintf_s(userProcess, HKS_MAX_DIRENT_FILE_LEN, "%s/%s/%s",
732 HKS_KEY_STORE_PATH, userData, uidData);
733 if (offset < 0) {
734 HKS_LOG_E("concatenate uidPath failed.");
735 ret = HKS_ERROR_BUFFER_TOO_SMALL;
736 break;
737 }
738
739 HKS_LOG_I("delete de path, userid: %" LOG_PUBLIC "s, uid: %" LOG_PUBLIC "s", userData, uidData);
740
741 // ignore these results for ensure to clear data as most as possible
742 ret = HksDeleteDir(userProcess);
743 HKS_IF_NOT_SUCC_LOGE(ret, "delete de path, userid: %" LOG_PUBLIC "s, uid: %" LOG_PUBLIC "s failed, "
744 "ret = %" LOG_PUBLIC "d", userData, uidData, ret)
745 #ifdef L2_STANDARD
746 (void)DeleteUidPath(processInfo);
747 #endif
748 } while (0);
749 HKS_FREE(userData);
750 HKS_FREE(uidData);
751 }
752
GetHksKeyAliasSet(const struct HksFileEntry * fileNameList,const uint32_t fileCount,struct HksKeyAliasSet ** outData)753 static int32_t GetHksKeyAliasSet(const struct HksFileEntry *fileNameList, const uint32_t fileCount,
754 struct HksKeyAliasSet **outData)
755 {
756 HKS_IF_TRUE_RETURN(fileCount == 0, HKS_SUCCESS)
757
758 int32_t ret;
759 struct HksKeyAliasSet *tempAliasSet = (struct HksKeyAliasSet *)(HksMalloc(sizeof(struct HksKeyAliasSet)));
760 HKS_IF_NULL_LOGE_RETURN(tempAliasSet, HKS_ERROR_MALLOC_FAIL, "malloc key alias set failed")
761 tempAliasSet->aliasesCnt = fileCount;
762
763 do {
764 tempAliasSet->aliases = (struct HksBlob *)HksMalloc(fileCount * sizeof(struct HksBlob));
765 if (tempAliasSet->aliases == NULL) {
766 HKS_LOG_E("malloc aliases fail");
767 ret = HKS_ERROR_MALLOC_FAIL;
768 break;
769 }
770
771 for (uint32_t i = 0; i < fileCount; i++) {
772 uint32_t size = strlen(fileNameList[i].fileName);
773 tempAliasSet->aliases[i].size = size;
774 tempAliasSet->aliases[i].data = (uint8_t *)HksMalloc(size);
775 if (tempAliasSet->aliases[i].data == NULL) {
776 HKS_LOG_E("malloc alias %" LOG_PUBLIC "d fail", i);
777 ret = HKS_ERROR_MALLOC_FAIL;
778 break;
779 }
780
781 ret = ConstructBlob(fileNameList[i].fileName, &(tempAliasSet->aliases[i]));
782 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "construct blob failed, ret = %" LOG_PUBLIC "d", ret)
783 }
784 } while (0);
785
786 if (ret != HKS_SUCCESS) {
787 HksFreeKeyAliasSet(tempAliasSet);
788 return ret;
789 }
790
791 *outData = tempAliasSet;
792 return ret;
793 }
794
GetHksFileEntry(const struct HksStoreFileInfo * fileInfo,struct HksFileEntry ** fileNameList,uint32_t * fileCnt)795 static int32_t GetHksFileEntry(const struct HksStoreFileInfo *fileInfo, struct HksFileEntry **fileNameList,
796 uint32_t *fileCnt)
797 {
798 uint32_t fileCount;
799 int32_t ret = GetFileCount(fileInfo->mainPath.path, &fileCount);
800 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "get storage file count, ret = %" LOG_PUBLIC "d.", ret)
801 HKS_IF_TRUE_RETURN(fileCount == 0, HKS_SUCCESS)
802 HKS_IF_TRUE_LOGE_RETURN(fileCount > HKS_MAX_KEY_ALIAS_COUNT, HKS_ERROR_BUFFER_TOO_SMALL,
803 "file count too long, count = %" LOG_PUBLIC "u.", fileCount)
804
805 struct HksFileEntry *tempFileNameList = NULL;
806 uint32_t realfileCount = fileCount;
807 do {
808 ret = FileNameListInit(&tempFileNameList, fileCount);
809 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "init file name list failed, ret = %" LOG_PUBLIC "d", ret)
810
811 ret = GetFileNameList(fileInfo->mainPath.path, tempFileNameList, &realfileCount);
812 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get file name list failed, ret = %" LOG_PUBLIC "d", ret)
813 } while (0);
814
815 // case: do GetFileNameList, maybe realfileCount < fileCount
816 if (ret != HKS_SUCCESS || realfileCount < fileCount) {
817 FileNameListFree(&tempFileNameList, fileCount);
818 return ret;
819 }
820
821 *fileCnt = fileCount;
822 *fileNameList = tempFileNameList;
823 return ret;
824 }
825
HksListAliasesByProcessName(const struct HksStoreFileInfo * fileInfo,struct HksKeyAliasSet ** outData)826 int32_t HksListAliasesByProcessName(const struct HksStoreFileInfo *fileInfo, struct HksKeyAliasSet **outData)
827 {
828 int32_t ret;
829 struct HksFileEntry *fileNameList = NULL;
830 uint32_t fileCnt;
831 do {
832 ret = GetHksFileEntry(fileInfo, &fileNameList, &fileCnt);
833 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get file entry failed, ret = %" LOG_PUBLIC "d.", ret)
834
835 // case success and has data
836 if (fileNameList != NULL) {
837 ret = GetHksKeyAliasSet(fileNameList, fileCnt, outData);
838 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "get key alias set failed, ret = %" LOG_PUBLIC "d.", ret)
839 }
840 } while (0);
841
842 if (fileNameList != NULL) {
843 FileNameListFree(&fileNameList, fileCnt);
844 }
845 return ret;
846 }
847
848 #endif
849
HksStoreRenameKeyAlias(const struct HksStoreFileInfo * oldFileInfo,const struct HksStoreFileInfo * newFileInfo,const struct HksStoreMaterial * oldMaterial,const struct HksStoreMaterial * newMaterial,bool isCopy)850 int32_t HksStoreRenameKeyAlias(const struct HksStoreFileInfo *oldFileInfo,
851 const struct HksStoreFileInfo *newFileInfo, const struct HksStoreMaterial *oldMaterial,
852 const struct HksStoreMaterial *newMaterial, bool isCopy)
853 {
854 int32_t ret;
855 do {
856 ret = CopyKeyBlobFromSrc(oldFileInfo->mainPath.path, oldFileInfo->mainPath.fileName,
857 newFileInfo->mainPath.path, newFileInfo->mainPath.fileName);
858 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks copy old key blob failed, ret = %" LOG_PUBLIC "d.", ret)
859 #ifdef SUPPORT_STORAGE_BACKUP
860 ret = CopyKeyBlobFromSrc(oldFileInfo->bakPath.path, oldFileInfo->bakPath.fileName,
861 newFileInfo->bakPath.path, newFileInfo->bakPath.fileName);
862 if (ret != HKS_SUCCESS) {
863 HKS_LOG_I("Copy the old backup key failed, try to copy the new main key");
864 ret = CopyKeyBlobFromSrc(newFileInfo->mainPath.path, newFileInfo->mainPath.fileName,
865 newFileInfo->bakPath.path, newFileInfo->bakPath.fileName);
866 if (ret != HKS_SUCCESS) {
867 HKS_LOG_E("rename back key failed, try to delet the new main key. ret = %" LOG_PUBLIC "d.", ret);
868 ret = HksStoreDeleteKeyBlob(newFileInfo, newMaterial);
869 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "delet the new key failed, ret = %" LOG_PUBLIC "d.", ret)
870 ret = HKS_ERROR_CORRUPT_FILE;
871 break;
872 }
873 }
874 #endif
875 HKS_IF_TRUE_BREAK(isCopy)
876 ret = HksStoreDeleteKeyBlob(oldFileInfo, oldMaterial);
877 HKS_IF_TRUE_BREAK(ret == HKS_SUCCESS)
878
879 HKS_LOG_I("Delete the old key failed, need to delete the new key");
880 ret = HksStoreDeleteKeyBlob(newFileInfo, newMaterial);
881 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "hks delete new key blob failed, ret = %" LOG_PUBLIC "d.", ret)
882 ret = HKS_ERROR_REMOVE_FILE_FAIL;
883 } while (0);
884 return ret;
885 }
886
887 #endif /* _CUT_AUTHENTICATE_ */