1 /*
2 * Copyright (c) 2021-2025 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef HKS_CONFIG_FILE
17 #include HKS_CONFIG_FILE
18 #else
19 #include "hks_config.h"
20 #endif
21
22 #include "hks_client_ipc.h"
23
24 #include <stdbool.h>
25 #include <stddef.h>
26 #include <stdint.h>
27
28 #include "hks_common_check.h"
29 #include "hks_ipc_check.h"
30 #include "hks_client_ipc_serialization.h"
31 #include "hks_ipc_slice.h"
32 #include "hks_log.h"
33 #include "hks_mem.h"
34 #include "hks_param.h"
35 #include "hks_request.h"
36 #include "hks_template.h"
37 #include "hks_type.h"
38 #include "hks_type_inner.h"
39 #include "huks_service_ipc_interface_code.h"
40 #include "securec.h"
41
42 #ifdef HKS_L1_SMALL
43 #include "hks_samgr_client.h"
44 #include <unistd.h>
45 #endif
46
HksClientInitialize(void)47 int32_t HksClientInitialize(void)
48 {
49 #ifdef HKS_L1_SMALL
50 for (uint32_t i = 0; i < HKS_MAX_RETRY_TIME; ++i) {
51 IUnknown *iUnknown = SAMGR_GetInstance()->GetFeatureApi(HKS_SAMGR_SERVICE, HKS_SAMGR_FEATRURE);
52 if (iUnknown != NULL) {
53 return HKS_SUCCESS;
54 }
55 usleep(HKS_SLEEP_TIME_FOR_RETRY);
56 }
57 HKS_LOG_E("HUKS service is not ready!");
58 return HKS_ERROR_BAD_STATE;
59 #else
60 return HKS_SUCCESS;
61 #endif
62 }
63
HksClientRefreshKeyInfo(void)64 int32_t HksClientRefreshKeyInfo(void)
65 {
66 return HKS_SUCCESS;
67 }
68
BuildParamSetNotNull(const struct HksParamSet * paramSetIn,struct HksParamSet ** paramSetOut)69 static int32_t BuildParamSetNotNull(const struct HksParamSet *paramSetIn, struct HksParamSet **paramSetOut)
70 {
71 int32_t ret;
72 struct HksParamSet *tmpParamSet = NULL;
73 do {
74 if (paramSetIn != NULL) {
75 ret = HksCheckParamSet(paramSetIn, paramSetIn->paramSetSize);
76 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check paramSet failed")
77 }
78
79 ret = HksInitParamSet(&tmpParamSet);
80 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksInitParamSet failed")
81
82 if (paramSetIn != NULL) {
83 ret = HksAddParams(tmpParamSet, paramSetIn->params, paramSetIn->paramsCnt);
84 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksAddParams failed")
85 }
86 ret = HksBuildParamSet(&tmpParamSet);
87 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksBuildParamSet failed")
88 } while (0);
89 if (ret != HKS_SUCCESS) {
90 HksFreeParamSet(&tmpParamSet);
91 return ret;
92 }
93 *paramSetOut = tmpParamSet;
94 return ret;
95 }
96
HksClientGenerateKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSetIn,struct HksParamSet * paramSetOut)97 int32_t HksClientGenerateKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSetIn,
98 struct HksParamSet *paramSetOut)
99 {
100 int32_t ret = HksCheckIpcGenerateKey(keyAlias, paramSetIn);
101 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcGenerateKey fail")
102
103 struct HksBlob inBlob = { 0, NULL };
104 struct HksBlob outBlob = { 0, NULL };
105 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(paramSetIn->paramSetSize) +
106 sizeof(outBlob.size);
107 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
108 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
109 if (paramSetOut != NULL) {
110 outBlob.size = paramSetOut->paramSetSize;
111 outBlob.data = (uint8_t *)paramSetOut;
112 }
113
114 do {
115 ret = HksGenerateKeyPack(&inBlob, keyAlias, paramSetIn, &outBlob);
116 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksGenerateKeyPack fail")
117
118 ret = HksSendRequest(HKS_MSG_GEN_KEY, &inBlob, &outBlob, paramSetIn);
119 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest fail, ret = %" LOG_PUBLIC "d", ret)
120
121 if (paramSetOut != NULL) {
122 ret = HksFreshParamSet(paramSetOut, false);
123 HKS_IF_NOT_SUCC_LOGE(ret, "FreshParamSet fail, ret = %" LOG_PUBLIC "d", ret)
124 }
125 } while (0);
126
127 HKS_FREE_BLOB(inBlob);
128 return ret;
129 }
130
HksClientImportKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,const struct HksBlob * key)131 int32_t HksClientImportKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
132 const struct HksBlob *key)
133 {
134 int32_t ret = HksCheckIpcImportKey(keyAlias, paramSet, key);
135 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcImportKey fail")
136
137 struct HksBlob inBlob = { 0, NULL };
138 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(paramSet->paramSetSize) +
139 sizeof(key->size) + ALIGN_SIZE(key->size);
140 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
141 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
142
143 do {
144 ret = HksImportKeyPack(&inBlob, keyAlias, paramSet, key);
145 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksImportKeyPack fail")
146
147 ret = HksSendRequest(HKS_MSG_IMPORT_KEY, &inBlob, NULL, paramSet);
148 } while (0);
149
150 HKS_FREE_BLOB(inBlob);
151 return ret;
152 }
153
HksClientExportPublicKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksBlob * key)154 int32_t HksClientExportPublicKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
155 struct HksBlob *key)
156 {
157 int32_t ret;
158 struct HksParamSet *newParamSet = NULL;
159 struct HksBlob inBlob = { 0, NULL };
160
161 do {
162 ret = BuildParamSetNotNull(paramSet, &newParamSet);
163 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSet not null fail, ret = %" LOG_PUBLIC "d", ret)
164
165 ret = HksCheckIpcExportPublicKey(keyAlias, newParamSet, key);
166 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcExportPublicKey fail")
167
168 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + sizeof(key->size) +
169 ALIGN_SIZE(newParamSet->paramSetSize);
170 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
171 if (inBlob.data == NULL) {
172 ret = HKS_ERROR_MALLOC_FAIL;
173 break;
174 }
175
176 ret = HksExportPublicKeyPack(keyAlias, newParamSet, key, &inBlob);
177 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksExportPublicKeyPack fail")
178
179 ret = HksSendRequest(HKS_MSG_EXPORT_PUBLIC_KEY, &inBlob, key, newParamSet);
180 } while (0);
181
182 HksFreeParamSet(&newParamSet);
183 HKS_FREE_BLOB(inBlob);
184 return ret;
185 }
186
HksClientImportWrappedKey(const struct HksBlob * keyAlias,const struct HksBlob * wrappingKeyAlias,const struct HksParamSet * paramSet,const struct HksBlob * wrappedKeyData)187 int32_t HksClientImportWrappedKey(const struct HksBlob *keyAlias, const struct HksBlob *wrappingKeyAlias,
188 const struct HksParamSet *paramSet, const struct HksBlob *wrappedKeyData)
189 {
190 int32_t ret = HksCheckIpcImportWrappedKey(keyAlias, wrappingKeyAlias, paramSet, wrappedKeyData);
191 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksClientImportWrappedKey fail")
192
193 struct HksBlob inBlob = { 0, NULL };
194 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) +
195 sizeof(wrappingKeyAlias->size) + ALIGN_SIZE(wrappingKeyAlias->size) +
196 ALIGN_SIZE(paramSet->paramSetSize) +
197 sizeof(wrappedKeyData->size) + ALIGN_SIZE(wrappedKeyData->size);
198 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
199 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
200
201 do {
202 ret = HksImportWrappedKeyPack(&inBlob, keyAlias, wrappingKeyAlias, paramSet, wrappedKeyData);
203 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksImportWrappedKeyPack fail")
204
205 ret = HksSendRequest(HKS_MSG_IMPORT_WRAPPED_KEY, &inBlob, NULL, paramSet);
206 } while (0);
207
208 HKS_FREE_BLOB(inBlob);
209 return ret;
210 }
211
HksClientDeleteKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet)212 int32_t HksClientDeleteKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet)
213 {
214 int32_t ret;
215 struct HksParamSet *newParamSet = NULL;
216 struct HksBlob inBlob = { 0, NULL };
217
218 do {
219 ret = BuildParamSetNotNull(paramSet, &newParamSet);
220 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSet not null fail, ret = %" LOG_PUBLIC "d", ret)
221
222 ret = HksCheckIpcDeleteKey(keyAlias, newParamSet);
223 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcDeleteKey fail")
224
225 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(newParamSet->paramSetSize);
226 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
227 if (inBlob.data == NULL) {
228 ret = HKS_ERROR_MALLOC_FAIL;
229 break;
230 }
231
232 ret = HksDeleteKeyPack(keyAlias, newParamSet, &inBlob);
233 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksDeleteKeyPack fail")
234
235 ret = HksSendRequest(HKS_MSG_DELETE_KEY, &inBlob, NULL, newParamSet);
236 } while (0);
237
238 HksFreeParamSet(&newParamSet);
239 HKS_FREE_BLOB(inBlob);
240 return ret;
241 }
242
HksClientGetKeyParamSet(const struct HksBlob * keyAlias,const struct HksParamSet * paramSetIn,struct HksParamSet * paramSetOut)243 int32_t HksClientGetKeyParamSet(const struct HksBlob *keyAlias, const struct HksParamSet *paramSetIn,
244 struct HksParamSet *paramSetOut)
245 {
246 int32_t ret;
247 struct HksParamSet *newParamSet = NULL;
248 struct HksBlob inBlob = { 0, NULL };
249
250 do {
251 ret = BuildParamSetNotNull(paramSetIn, &newParamSet);
252 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSetIn not null fail, ret = %" LOG_PUBLIC "d", ret)
253
254 ret = HksCheckIpcGetKeyParamSet(keyAlias, newParamSet, paramSetOut);
255 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcGetKeyParamSet fail")
256
257 struct HksBlob outBlob = { paramSetOut->paramSetSize, (uint8_t *)paramSetOut };
258 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + sizeof(paramSetOut->paramSetSize) +
259 ALIGN_SIZE(newParamSet->paramSetSize);
260 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
261 if (inBlob.data == NULL) {
262 ret = HKS_ERROR_MALLOC_FAIL;
263 break;
264 }
265
266 ret = HksGetKeyParamSetPack(keyAlias, newParamSet, &outBlob, &inBlob);
267 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksGetKeyParamSetPack fail")
268
269 ret = HksSendRequest(HKS_MSG_GET_KEY_PARAMSET, &inBlob, &outBlob, newParamSet);
270 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest fail, ret = %" LOG_PUBLIC "d", ret)
271
272 ret = HksFreshParamSet(paramSetOut, false);
273 HKS_IF_NOT_SUCC_LOGE(ret, "FreshParamSet fail, ret = %" LOG_PUBLIC "d", ret)
274 } while (0);
275
276 HksFreeParamSet(&newParamSet);
277 HKS_FREE_BLOB(inBlob);
278 return ret;
279 }
280
HksClientKeyExist(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet)281 int32_t HksClientKeyExist(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet)
282 {
283 int32_t ret;
284 struct HksParamSet *newParamSet = NULL;
285 struct HksBlob inBlob = { 0, NULL };
286
287 do {
288 ret = BuildParamSetNotNull(paramSet, &newParamSet);
289 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSet not null fail, ret = %" LOG_PUBLIC "d", ret)
290
291 ret = HksCheckIpcKeyExist(keyAlias, newParamSet);
292 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcKeyExist fail")
293
294 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(newParamSet->paramSetSize);
295 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
296 if (inBlob.data == NULL) {
297 ret = HKS_ERROR_MALLOC_FAIL;
298 break;
299 }
300
301 ret = HksKeyExistPack(keyAlias, newParamSet, &inBlob);
302 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksKeyExistPack fail")
303
304 ret = HksSendRequest(HKS_MSG_KEY_EXIST, &inBlob, NULL, newParamSet);
305 } while (0);
306
307 HksFreeParamSet(&newParamSet);
308 HKS_FREE_BLOB(inBlob);
309 return ret;
310 }
311
HksClientGenerateRandom(struct HksBlob * random,const struct HksParamSet * paramSet)312 int32_t HksClientGenerateRandom(struct HksBlob *random, const struct HksParamSet *paramSet)
313 {
314 HKS_IF_NOT_SUCC_RETURN(CheckBlob(random), HKS_ERROR_INVALID_ARGUMENT)
315 struct HksBlob inBlob = { sizeof(random->size), (uint8_t *)&(random->size) };
316 return HksSendRequest(HKS_MSG_GENERATE_RANDOM, &inBlob, random, paramSet);
317 }
318
HksClientSign(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * srcData,struct HksBlob * signature)319 int32_t HksClientSign(const struct HksBlob *key, const struct HksParamSet *paramSet,
320 const struct HksBlob *srcData, struct HksBlob *signature)
321 {
322 int32_t ret = HksCheckBlob3AndParamSet(key, srcData, signature, paramSet);
323 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check in and out data failed")
324
325 struct HksBlob tmpInData = *srcData;
326 struct HksBlob tmpOutData = *signature;
327 ret = HksSliceDataEntry(HKS_MSG_SIGN, key, paramSet, &tmpInData, &tmpOutData);
328 if (ret != HKS_SUCCESS) {
329 HKS_LOG_E("HksClientSign fail");
330 } else {
331 signature->size = tmpOutData.size;
332 }
333 return ret;
334 }
335
HksClientVerify(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * srcData,const struct HksBlob * signature)336 int32_t HksClientVerify(const struct HksBlob *key, const struct HksParamSet *paramSet,
337 const struct HksBlob *srcData, const struct HksBlob *signature)
338 {
339 int32_t ret = HksCheckBlob3AndParamSet(key, srcData, signature, paramSet);
340 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check in and out data failed")
341
342 struct HksBlob tmpInData = *srcData;
343 struct HksBlob tmpOutData = *signature;
344 ret = HksSliceDataEntry(HKS_MSG_VERIFY, key, paramSet, &tmpInData, &tmpOutData);
345 HKS_IF_NOT_SUCC_LOGE(ret, "HksClientVerify fail")
346 return ret;
347 }
348
AddAeTag(struct HksParamSet * paramSet,const struct HksBlob * inText,bool isEncrypt)349 static int32_t AddAeTag(struct HksParamSet *paramSet, const struct HksBlob *inText, bool isEncrypt)
350 {
351 int32_t ret;
352 if (!isEncrypt) {
353 HKS_IF_TRUE_LOGE_RETURN(inText->size <= HKS_AE_TAG_LEN, HKS_ERROR_INVALID_ARGUMENT, "too small inText size")
354
355 struct HksParam aeParam;
356 aeParam.tag = HKS_TAG_AE_TAG;
357 aeParam.blob.data = inText->data + inText->size - HKS_AE_TAG_LEN;
358 aeParam.blob.size = HKS_AE_TAG_LEN;
359 ret = HksAddParams(paramSet, &aeParam, 1);
360 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "decrypt add ae params failed")
361 }
362
363 struct HksParam payloadParam;
364 payloadParam.tag = HKS_TAG_PAYLOAD_LEN;
365 payloadParam.uint32Param = inText->size;
366 ret = HksAddParams(paramSet, &payloadParam, 1);
367 HKS_IF_NOT_SUCC_LOGE(ret, "add payload param failed")
368 return ret;
369 }
370
AddAesTag(const struct HksParamSet * paramSet,struct HksParamSet * newParamSet,struct HksBlob * inText,bool isEncrypt)371 static int32_t AddAesTag(const struct HksParamSet *paramSet, struct HksParamSet *newParamSet,
372 struct HksBlob *inText, bool isEncrypt)
373 {
374 bool isAeMode = false;
375 bool isAes = false;
376 int32_t ret = HksCheckAesAeMode(paramSet, &isAes, &isAeMode);
377 HKS_IF_NOT_SUCC_RETURN(ret, ret)
378
379 /* Except for AES GCM and CCM mode, no need add tag, return success */
380 if ((!isAes) || (!isAeMode)) {
381 HKS_LOG_I("Not AES CCM or GCM mode!");
382 return HKS_SUCCESS;
383 }
384 return AddAeTag(newParamSet, inText, isEncrypt);
385 }
386
AppendToNewParamSet(const struct HksParamSet * paramSet,struct HksParamSet ** outParamSet)387 static int32_t AppendToNewParamSet(const struct HksParamSet *paramSet, struct HksParamSet **outParamSet)
388 {
389 struct HksParamSet *newParamSet = NULL;
390 int32_t ret = HksInitParamSet(&newParamSet);
391 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "append init operation param set fail")
392
393 ret = HksAddParams(newParamSet, paramSet->params, paramSet->paramsCnt);
394 if (ret != HKS_SUCCESS) {
395 HKS_LOG_E("append add in params fail");
396 HksFreeParamSet(&newParamSet);
397 return ret;
398 }
399
400 *outParamSet = newParamSet;
401 return HKS_SUCCESS;
402 }
403
AppendCipherTag(const struct HksParamSet * paramSet,const struct HksBlob * inText,bool isEncrypt,struct HksParamSet ** outParamSet)404 static int32_t AppendCipherTag(const struct HksParamSet *paramSet, const struct HksBlob *inText, bool isEncrypt,
405 struct HksParamSet **outParamSet)
406 {
407 struct HksParamSet *newParamSet = NULL;
408 int32_t ret = AppendToNewParamSet(paramSet, &newParamSet);
409 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "append cipher client service tag fail")
410
411 do {
412 ret = AddAesTag(paramSet, newParamSet, (struct HksBlob *)inText, isEncrypt);
413 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "append add Aes Tag fail")
414
415 ret = HksBuildParamSet(&newParamSet);
416 HKS_IF_NOT_SUCC_LOGE(ret, "append build paramset fail")
417 } while (0);
418 if (ret != HKS_SUCCESS) {
419 HksFreeParamSet(&newParamSet);
420 return ret;
421 }
422
423 *outParamSet = newParamSet;
424 return HKS_SUCCESS;
425 }
426
HksClientEncrypt(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * plainText,struct HksBlob * cipherText)427 int32_t HksClientEncrypt(const struct HksBlob *key, const struct HksParamSet *paramSet,
428 const struct HksBlob *plainText, struct HksBlob *cipherText)
429 {
430 int32_t ret = HksCheckBlob3AndParamSet(key, plainText, cipherText, paramSet);
431 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check in and out data failed")
432
433 struct HksParamSet *newParamSet = NULL;
434 ret = AppendCipherTag(paramSet, plainText, true, &newParamSet);
435 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "AppendCipherTag fail, ret = %" LOG_PUBLIC "d", ret)
436
437 struct HksBlob tmpInData = *plainText;
438 struct HksBlob tmpOutData = *cipherText;
439 ret = HksSliceDataEntry(HKS_MSG_ENCRYPT, key, newParamSet, &tmpInData, &tmpOutData);
440 if (ret != HKS_SUCCESS) {
441 HKS_LOG_E("HksClientEncrypt fail");
442 } else {
443 cipherText->size = tmpOutData.size;
444 }
445
446 HksFreeParamSet(&newParamSet);
447 return ret;
448 }
449
HksClientDecrypt(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * cipherText,struct HksBlob * plainText)450 int32_t HksClientDecrypt(const struct HksBlob *key, const struct HksParamSet *paramSet,
451 const struct HksBlob *cipherText, struct HksBlob *plainText)
452 {
453 int32_t ret = HksCheckBlob3AndParamSet(key, plainText, cipherText, paramSet);
454 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check in and out data failed")
455
456 struct HksParamSet *newParamSet = NULL;
457 struct HksBlob tmpCipherText = *cipherText;
458 ret = AppendCipherTag(paramSet, &tmpCipherText, false, &newParamSet);
459 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "AppendCipherTag fail, ret = %" LOG_PUBLIC "d", ret)
460
461 struct HksBlob tmpOutData = *plainText;
462 ret = HksSliceDataEntry(HKS_MSG_DECRYPT, key, newParamSet, &tmpCipherText, &tmpOutData);
463 if (ret != HKS_SUCCESS) {
464 HKS_LOG_E("HksClientDecrypt fail");
465 } else {
466 plainText->size = tmpOutData.size;
467 }
468
469 HksFreeParamSet(&newParamSet);
470 return ret;
471 }
472
HksClientAgreeKey(const struct HksParamSet * paramSet,const struct HksBlob * privateKey,const struct HksBlob * peerPublicKey,struct HksBlob * agreedKey)473 int32_t HksClientAgreeKey(const struct HksParamSet *paramSet, const struct HksBlob *privateKey,
474 const struct HksBlob *peerPublicKey, struct HksBlob *agreedKey)
475 {
476 int32_t ret = HksCheckIpcAgreeKey(paramSet, privateKey, peerPublicKey, agreedKey);
477 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcAgreeKey fail")
478
479 struct HksBlob inBlob = { 0, NULL };
480 inBlob.size = ALIGN_SIZE(paramSet->paramSetSize) + sizeof(privateKey->size) + ALIGN_SIZE(privateKey->size) +
481 sizeof(peerPublicKey->size) + ALIGN_SIZE(peerPublicKey->size) + sizeof(agreedKey->size);
482 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
483 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
484
485 do {
486 ret = HksAgreeKeyPack(&inBlob, paramSet, privateKey, peerPublicKey, agreedKey);
487 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksAgreeKeyPack fail")
488
489 ret = HksSendRequest(HKS_MSG_AGREE_KEY, &inBlob, agreedKey, paramSet);
490 } while (0);
491
492 HKS_FREE_BLOB(inBlob);
493 return ret;
494 }
495
HksClientDeriveKey(const struct HksParamSet * paramSet,const struct HksBlob * mainKey,struct HksBlob * derivedKey)496 int32_t HksClientDeriveKey(const struct HksParamSet *paramSet, const struct HksBlob *mainKey,
497 struct HksBlob *derivedKey)
498 {
499 int32_t ret = HksCheckIpcDeriveKey(paramSet, mainKey, derivedKey);
500 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcDeriveKey fail")
501
502 struct HksBlob inBlob = { 0, NULL };
503 inBlob.size = ALIGN_SIZE(paramSet->paramSetSize) + sizeof(mainKey->size) + ALIGN_SIZE(mainKey->size) +
504 sizeof(derivedKey->size);
505 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
506 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
507
508 do {
509 ret = HksDeriveKeyPack(&inBlob, paramSet, mainKey, derivedKey);
510 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksDeriveKeyPack fail")
511
512 ret = HksSendRequest(HKS_MSG_DERIVE_KEY, &inBlob, derivedKey, paramSet);
513 } while (0);
514
515 HKS_FREE_BLOB(inBlob);
516 return ret;
517 }
518
HksClientMac(const struct HksBlob * key,const struct HksParamSet * paramSet,const struct HksBlob * srcData,struct HksBlob * mac)519 int32_t HksClientMac(const struct HksBlob *key, const struct HksParamSet *paramSet, const struct HksBlob *srcData,
520 struct HksBlob *mac)
521 {
522 int32_t ret = HksCheckBlob3AndParamSet(key, srcData, mac, paramSet);
523 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "check in and out data failed")
524
525 struct HksBlob tmpInData = *srcData;
526 struct HksBlob tmpOutData = *mac;
527 ret = HksSliceDataEntry(HKS_MSG_MAC, key, paramSet, &tmpInData, &tmpOutData);
528 if (ret != HKS_SUCCESS) {
529 HKS_LOG_E("HksClientMac fail");
530 } else {
531 mac->size = tmpOutData.size;
532 }
533 return ret;
534 }
535
HksClientGetKeyInfoList(const struct HksParamSet * paramSet,struct HksKeyInfo * keyInfoList,uint32_t * listCount)536 int32_t HksClientGetKeyInfoList(const struct HksParamSet *paramSet, struct HksKeyInfo *keyInfoList, uint32_t *listCount)
537 {
538 int32_t ret;
539 struct HksParamSet *newParamSet = NULL;
540 struct HksBlob inBlob = { 0, NULL };
541 struct HksBlob outBlob = { 0, NULL };
542 do {
543 ret = BuildParamSetNotNull(paramSet, &newParamSet);
544 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSet not null fail, ret = %" LOG_PUBLIC "d", ret)
545
546 ret = HksCheckIpcGetKeyInfoList(keyInfoList, newParamSet, *listCount);
547 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcGetKeyInfoList fail")
548
549 inBlob.size = sizeof(*listCount) + (sizeof(keyInfoList->alias.size) +
550 sizeof(keyInfoList->paramSet->paramSetSize)) * (*listCount) + ALIGN_SIZE(newParamSet->paramSetSize);
551 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
552 if (inBlob.data == NULL) {
553 ret = HKS_ERROR_MALLOC_FAIL;
554 break;
555 }
556
557 outBlob.size += sizeof(*listCount);
558 for (uint32_t i = 0; i < *listCount; ++i) {
559 outBlob.size += sizeof(keyInfoList[i].alias.size) + ALIGN_SIZE(keyInfoList[i].alias.size) +
560 ALIGN_SIZE(keyInfoList[i].paramSet->paramSetSize);
561 }
562
563 outBlob.data = (uint8_t *)HksMalloc(outBlob.size);
564 if (outBlob.data == NULL) {
565 ret = HKS_ERROR_MALLOC_FAIL;
566 break;
567 }
568
569 ret = HksGetKeyInfoListPack(newParamSet, keyInfoList, &inBlob, *listCount);
570 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksGetKeyInfoListPack fail")
571
572 ret = HksSendRequest(HKS_MSG_GET_KEY_INFO_LIST, &inBlob, &outBlob, newParamSet);
573 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest result is fail, ret = %" LOG_PUBLIC "d", ret)
574
575 ret = HksGetKeyInfoListUnpackFromService(&outBlob, listCount, keyInfoList);
576 } while (0);
577
578 HksFreeParamSet(&newParamSet);
579 HKS_FREE_BLOB(inBlob);
580 HKS_FREE_BLOB(outBlob);
581 return ret;
582 }
583
CertificateChainInitBlob(struct HksBlob * inBlob,struct HksBlob * outBlob,const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,const struct HksCertChain * certChain)584 static int32_t CertificateChainInitBlob(struct HksBlob *inBlob, struct HksBlob *outBlob, const struct HksBlob *keyAlias,
585 const struct HksParamSet *paramSet, const struct HksCertChain *certChain)
586 {
587 int32_t ret = HksCheckIpcCertificateChain(keyAlias, paramSet, certChain);
588 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcCertificateChain fail")
589
590 uint32_t certBufSize = sizeof(certChain->certsCount);
591 for (uint32_t i = 0; i < certChain->certsCount; ++i) {
592 certBufSize += sizeof(certChain->certs[i].size) + ALIGN_SIZE(certChain->certs[i].size);
593 }
594
595 inBlob->size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(paramSet->paramSetSize) +
596 sizeof(certBufSize);
597 inBlob->data = (uint8_t *)HksMalloc(inBlob->size);
598 HKS_IF_NULL_RETURN(inBlob->data, HKS_ERROR_MALLOC_FAIL)
599
600 outBlob->size = certBufSize;
601 outBlob->data = (uint8_t *)HksMalloc(certBufSize);
602 if (outBlob->data == NULL) {
603 HKS_FREE_BLOB(*inBlob);
604 return HKS_ERROR_MALLOC_FAIL;
605 }
606
607 return HKS_SUCCESS;
608 }
609
HksClientAttestKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksCertChain * certChain,bool needAnonCertChain)610 int32_t HksClientAttestKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
611 struct HksCertChain *certChain, bool needAnonCertChain)
612 {
613 struct HksBlob inBlob = { 0, NULL };
614 struct HksBlob outBlob = { 0, NULL };
615
616 int32_t ret = 0;
617 do {
618 ret = CertificateChainInitBlob(&inBlob, &outBlob, keyAlias, paramSet, certChain);
619 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "CertificateChainInitBlob fail")
620 struct HksParam *isBase64Param = NULL;
621 bool isBase64 = false;
622 ret = HksGetParam(paramSet, HKS_TAG_ATTESTATION_BASE64, &isBase64Param);
623 if (ret == HKS_SUCCESS) {
624 isBase64 = isBase64Param->boolParam;
625 }
626 ret = HksCertificateChainPack(&inBlob, keyAlias, paramSet, &outBlob);
627 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCertificateChainPack fail")
628
629 if (needAnonCertChain) {
630 ret = HksSendRequest(HKS_MSG_ATTEST_KEY_ASYNC_REPLY, &inBlob, &outBlob, paramSet);
631 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "CertificateChainGetOrAnonAttest request fail")
632 } else {
633 ret = HksSendRequest(HKS_MSG_ATTEST_KEY, &inBlob, &outBlob, paramSet);
634 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "CertificateChainGetOrAttest request fail")
635 }
636
637 ret = HksCertificateChainUnpackFromService(&outBlob, isBase64, certChain);
638 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "CertificateChainUnpackFromService fail")
639 } while (0);
640
641 HKS_FREE_BLOB(inBlob);
642 HKS_FREE_BLOB(outBlob);
643 return ret;
644 }
645
CopyData(const uint8_t * data,const uint32_t size,struct HksBlob * out)646 static int32_t CopyData(const uint8_t *data, const uint32_t size, struct HksBlob *out)
647 {
648 if (size == 0) {
649 out->size = 0;
650 return HKS_SUCCESS;
651 }
652
653 HKS_IF_TRUE_LOGE_RETURN(out->size < size, HKS_ERROR_BUFFER_TOO_SMALL,
654 "out size[%" LOG_PUBLIC "u] smaller than [%" LOG_PUBLIC "u]", out->size, size)
655 (void)memcpy_s(out->data, out->size, data, size);
656 out->size = size;
657 return HKS_SUCCESS;
658 }
659
ClientInit(const struct HksBlob * inData,const struct HksParamSet * paramSet,struct HksBlob * handle,struct HksBlob * token)660 static int32_t ClientInit(const struct HksBlob *inData, const struct HksParamSet *paramSet,
661 struct HksBlob *handle, struct HksBlob *token)
662 {
663 uint8_t *tmpOut = (uint8_t *)HksMalloc(HANDLE_SIZE + TOKEN_SIZE);
664 HKS_IF_NULL_LOGE_RETURN(tmpOut, HKS_ERROR_MALLOC_FAIL, "malloc ipc tmp out failed")
665 struct HksBlob outBlob = { HANDLE_SIZE + TOKEN_SIZE, tmpOut };
666
667 int32_t ret;
668 do {
669 ret = HksSendRequest(HKS_MSG_INIT, inData, &outBlob, paramSet);
670 if (ret == HKS_ERROR_IPC_MSG_FAIL) {
671 ret = HksSendRequest(HKS_MSG_INIT, inData, &outBlob, paramSet);
672 }
673 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "client init send fail")
674
675 if (outBlob.size < HANDLE_SIZE) {
676 HKS_LOG_E("invalid out size[%" LOG_PUBLIC "u]", outBlob.size);
677 ret = HKS_ERROR_INSUFFICIENT_MEMORY;
678 break;
679 }
680 ret = CopyData(outBlob.data, HANDLE_SIZE, handle);
681 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "copy handle failed")
682
683 if (token != NULL) {
684 if (outBlob.size < (HANDLE_SIZE + TOKEN_SIZE)) {
685 HKS_LOG_D("client init success without out token");
686 token->size = 0;
687 break;
688 }
689 if (token->size < TOKEN_SIZE) {
690 HKS_LOG_E("copy token failed");
691 ret = HKS_ERROR_BUFFER_TOO_SMALL;
692 break;
693 }
694
695 ret = CopyData(outBlob.data + HANDLE_SIZE, TOKEN_SIZE, token);
696 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "copy token failed")
697 }
698 } while (0);
699
700 HKS_FREE(tmpOut);
701 return ret;
702 }
703
HksClientInit(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksBlob * handle,struct HksBlob * token)704 int32_t HksClientInit(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
705 struct HksBlob *handle, struct HksBlob *token)
706 {
707 struct HksParamSet *sendParamSet = NULL;
708
709 struct HksParam params[] = {
710 { .tag = HKS_TAG_PARAM0_BUFFER,
711 .blob = *keyAlias },
712 { .tag = HKS_TAG_PARAM1_BUFFER,
713 .blob = { paramSet->paramSetSize,
714 (uint8_t *)paramSet } },
715 };
716
717 int32_t ret = HksParamsToParamSet(params, HKS_ARRAY_SIZE(params), &sendParamSet);
718 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksParamsToParamSet fail")
719
720 struct HksBlob parcelBlob = {
721 .size = sendParamSet->paramSetSize,
722 .data = (uint8_t *)sendParamSet
723 };
724
725 ret = ClientInit(&parcelBlob, paramSet, handle, token);
726 HksFreeParamSet(&sendParamSet);
727 return ret;
728 }
729
HksClientUpdate(const struct HksBlob * handle,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData)730 int32_t HksClientUpdate(const struct HksBlob *handle, const struct HksParamSet *paramSet,
731 const struct HksBlob *inData, struct HksBlob *outData)
732 {
733 struct HksParamSet *sendParamSet = NULL;
734 struct HksParam updateParams[] = {
735 { .tag = HKS_TAG_PARAM0_BUFFER,
736 .blob = { paramSet->paramSetSize,
737 (uint8_t *)paramSet } },
738 { .tag = HKS_TAG_PARAM1_BUFFER,
739 .blob = *handle },
740 { .tag = HKS_TAG_PARAM2_BUFFER,
741 .blob = *inData },
742 };
743
744 int32_t ret = HksParamsToParamSet(updateParams, HKS_ARRAY_SIZE(updateParams), &sendParamSet);
745 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksParamSetPack fail")
746
747 struct HksBlob parcelBlob = {
748 .size = sendParamSet->paramSetSize,
749 .data = (uint8_t *)sendParamSet
750 };
751 ret = HksSendRequest(HKS_MSG_UPDATE, &parcelBlob, outData, paramSet);
752 if (ret != HKS_SUCCESS) {
753 HKS_LOG_E("HksParamSet send fail, ret = %" LOG_PUBLIC "d", ret);
754 HksFreeParamSet(&sendParamSet);
755 return ret;
756 }
757
758 HksFreeParamSet(&sendParamSet);
759 return ret;
760 }
761
HksClientFinish(const struct HksBlob * handle,const struct HksParamSet * paramSet,const struct HksBlob * inData,struct HksBlob * outData)762 int32_t HksClientFinish(const struct HksBlob *handle, const struct HksParamSet *paramSet,
763 const struct HksBlob *inData, struct HksBlob *outData)
764 {
765 struct HksParamSet *sendParamSet = NULL;
766 struct HksParam finishParams[] = {
767 { .tag = HKS_TAG_PARAM0_BUFFER,
768 .blob = { paramSet->paramSetSize,
769 (uint8_t *)paramSet } },
770 { .tag = HKS_TAG_PARAM1_BUFFER,
771 .blob = *handle },
772 { .tag = HKS_TAG_PARAM2_BUFFER,
773 .blob = *inData },
774 };
775
776 int32_t ret = HksParamsToParamSet(finishParams, HKS_ARRAY_SIZE(finishParams), &sendParamSet);
777 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksParamSetPack fail")
778
779 struct HksBlob parcelBlob = {
780 .size = sendParamSet->paramSetSize,
781 .data = (uint8_t *)sendParamSet
782 };
783 ret = HksSendRequest(HKS_MSG_FINISH, &parcelBlob, outData, paramSet);
784 if (ret != HKS_SUCCESS) {
785 HKS_LOG_E("HksParamSet send fail, ret = %" LOG_PUBLIC "d", ret);
786 HksFreeParamSet(&sendParamSet);
787 return ret;
788 }
789
790 HksFreeParamSet(&sendParamSet);
791 return ret;
792 }
793
HksClientAbort(const struct HksBlob * handle,const struct HksParamSet * paramSet)794 int32_t HksClientAbort(const struct HksBlob *handle, const struct HksParamSet *paramSet)
795 {
796 struct HksParamSet *sendParamSet = NULL;
797 struct HksParam params[] = {
798 { .tag = HKS_TAG_PARAM0_BUFFER,
799 .blob = { paramSet->paramSetSize,
800 (uint8_t *)paramSet } },
801 { .tag = HKS_TAG_PARAM1_BUFFER,
802 .blob = *handle },
803 };
804
805 int32_t ret = HksParamsToParamSet(params, HKS_ARRAY_SIZE(params), &sendParamSet);
806 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksParamSetPack fail")
807
808 struct HksBlob parcelBlob = {
809 .size = sendParamSet->paramSetSize,
810 .data = (uint8_t *)sendParamSet
811 };
812 ret = HksSendRequest(HKS_MSG_ABORT, &parcelBlob, NULL, paramSet);
813 if (ret != HKS_SUCCESS) {
814 HKS_LOG_E("HksParamSet send fail, ret = %" LOG_PUBLIC "d", ret);
815 HksFreeParamSet(&sendParamSet);
816 return ret;
817 }
818
819 HksFreeParamSet(&sendParamSet);
820 return ret;
821 }
822
ListAliasesInitBlob(const struct HksParamSet * paramSet,struct HksBlob * inBlob,struct HksBlob * outBlob)823 static int32_t ListAliasesInitBlob(const struct HksParamSet *paramSet,
824 struct HksBlob *inBlob, struct HksBlob *outBlob)
825 {
826 inBlob->size = ALIGN_SIZE(paramSet->paramSetSize);
827 inBlob->data = (uint8_t *)HksMalloc(inBlob->size);
828 HKS_IF_NULL_RETURN(inBlob->data, HKS_ERROR_MALLOC_FAIL)
829
830 outBlob->size = sizeof(HKS_MAX_KEY_ALIAS_COUNT) + (HKS_MAX_KEY_ALIAS_COUNT * HKS_MAX_KEY_ALIAS_LEN);
831 outBlob->data = (uint8_t *)HksMalloc(outBlob->size);
832 if (outBlob->data == NULL) {
833 HKS_LOG_E("HksMalloc outBlob fail");
834 HKS_FREE_BLOB(*inBlob);
835 return HKS_ERROR_MALLOC_FAIL;
836 }
837 return HKS_SUCCESS;
838 }
839
HksClientListAliases(const struct HksParamSet * paramSet,struct HksKeyAliasSet ** outData)840 int32_t HksClientListAliases(const struct HksParamSet *paramSet, struct HksKeyAliasSet **outData)
841 {
842 int32_t ret;
843 struct HksBlob inBlob = { 0, NULL };
844 struct HksBlob outBlob = { 0, NULL };
845 do {
846 ret = HksCheckIpcListAliases(paramSet);
847 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcListAliases fail")
848
849 ret = ListAliasesInitBlob(paramSet, &inBlob, &outBlob);
850 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ListAliasesInitBlob fail")
851
852 ret = HksListAliasesPack(paramSet, &inBlob);
853 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksListAliasesPack fail")
854
855 ret = HksSendRequest(HKS_MSG_LIST_ALIASES, &inBlob, &outBlob, paramSet);
856 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest fail, ret = %" LOG_PUBLIC "d", ret);
857
858 ret = HksListAliasesUnpackFromService(&outBlob, outData);
859 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksListAliasesUnpackFromService fail")
860 } while (0);
861
862 HKS_IF_NOT_SUCC_LOGE(ret, "HksClientListAliases fail, ret = %" LOG_PUBLIC "d", ret)
863
864 HKS_FREE_BLOB(inBlob);
865 HKS_FREE_BLOB(outBlob);
866 return ret;
867 }
868
HksClientRenameKeyAlias(const struct HksBlob * oldKeyAlias,const struct HksParamSet * paramSet,const struct HksBlob * newKeyAlias)869 int32_t HksClientRenameKeyAlias(const struct HksBlob *oldKeyAlias, const struct HksParamSet *paramSet,
870 const struct HksBlob *newKeyAlias)
871 {
872 int32_t ret;
873 struct HksParamSet *newParamSet = NULL;
874 struct HksBlob inBlob = { 0, NULL };
875
876 do {
877 ret = BuildParamSetNotNull(paramSet, &newParamSet);
878 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "ensure paramSet not null failed, ret = %" LOG_PUBLIC "d", ret)
879
880 ret = HksCheckIpcRenameKeyAlias(oldKeyAlias, newParamSet, newKeyAlias);
881 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksCheckIpcRenameKeyAlias failed!")
882
883 inBlob.size = sizeof(oldKeyAlias->size) + ALIGN_SIZE(oldKeyAlias->size) +
884 sizeof(newKeyAlias->size) + ALIGN_SIZE(newKeyAlias->size) +
885 ALIGN_SIZE(newParamSet->paramSetSize);
886 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
887 if (inBlob.data == NULL) {
888 ret = HKS_ERROR_MALLOC_FAIL;
889 break;
890 }
891 ret = HksRenameKeyAliasPack(oldKeyAlias, newKeyAlias, newParamSet, &inBlob);
892 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksRenameKeyAliasPack failed!")
893 ret = HksSendRequest(HKS_MSG_RENAME_KEY_ALIAS, &inBlob, NULL, newParamSet);
894 } while (0);
895
896 HksFreeParamSet(&newParamSet);
897 HKS_FREE_BLOB(inBlob);
898 return ret;
899 }
900
HksClientChangeStorageLevel(const struct HksBlob * keyAlias,const struct HksParamSet * srcParamSet,const struct HksParamSet * destParamSet)901 int32_t HksClientChangeStorageLevel(const struct HksBlob *keyAlias, const struct HksParamSet *srcParamSet,
902 const struct HksParamSet *destParamSet)
903 {
904 int32_t ret = HksCheckIpcChangeStorageLevel(keyAlias, srcParamSet, destParamSet);
905 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcChangeStorageLevel fail")
906
907 struct HksBlob inBlob = { 0, NULL };
908 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) + ALIGN_SIZE(srcParamSet->paramSetSize) +
909 ALIGN_SIZE(destParamSet->paramSetSize);
910 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
911 HKS_IF_NULL_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL)
912
913 do {
914 ret = HksChangeStorageLevelPack(&inBlob, keyAlias, srcParamSet, destParamSet);
915 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksChangeStorageLevelPack fail")
916
917 ret = HksSendRequest(HKS_MSG_CHANGE_STORAGE_LEVEL, &inBlob, NULL, srcParamSet);
918 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest fail, ret = %" LOG_PUBLIC "d", ret)
919 } while (0);
920
921 HKS_FREE_BLOB(inBlob);
922 return ret;
923 }
924
HksClientWrapKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,struct HksBlob * wrappedKey)925 int32_t HksClientWrapKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
926 struct HksBlob *wrappedKey)
927 {
928 int32_t ret = HksCheckIpcWrapKey(keyAlias, paramSet, wrappedKey);
929 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcWrapKey fail.")
930
931 struct HksBlob inBlob = { 0, NULL };
932 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) +
933 ALIGN_SIZE(paramSet->paramSetSize) + sizeof(wrappedKey->size);
934
935 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
936 HKS_IF_NULL_LOGE_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL, "malloc inblob data fail")
937
938 do {
939 ret = HksWrapKeyPack(&inBlob, keyAlias, paramSet, wrappedKey);
940 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksWrapKeyPack fail.")
941
942 ret = HksSendRequest(HKS_MSG_WRAP_KEY, &inBlob, wrappedKey, paramSet);
943 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest fail, ret = %" LOG_PUBLIC "d", ret)
944 } while (0);
945
946 HKS_FREE_BLOB(inBlob);
947 return ret;
948 }
949
HksClientUnwrapKey(const struct HksBlob * keyAlias,const struct HksParamSet * paramSet,const struct HksBlob * wrappedKey)950 int32_t HksClientUnwrapKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
951 const struct HksBlob *wrappedKey)
952 {
953 int32_t ret = HksCheckIpcUnwrapKey(keyAlias, paramSet, wrappedKey);
954 HKS_IF_NOT_SUCC_LOGE_RETURN(ret, ret, "HksCheckIpcUnwrapKey fail.")
955
956 struct HksBlob inBlob = { 0, NULL };
957 inBlob.size = sizeof(keyAlias->size) + ALIGN_SIZE(keyAlias->size) +
958 ALIGN_SIZE(paramSet->paramSetSize) + sizeof(wrappedKey->size) + ALIGN_SIZE(wrappedKey->size);
959
960 inBlob.data = (uint8_t *)HksMalloc(inBlob.size);
961 HKS_IF_NULL_LOGE_RETURN(inBlob.data, HKS_ERROR_MALLOC_FAIL, "malloc inblob data fail")
962
963 do {
964 ret = HksUnwrapKeyPack(&inBlob, keyAlias, paramSet, wrappedKey);
965 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksUnwrapKeyPack fail.")
966
967 ret = HksSendRequest(HKS_MSG_UNWRAP_KEY, &inBlob, NULL, paramSet);
968 HKS_IF_NOT_SUCC_LOGE_BREAK(ret, "HksSendRequest fail, ret = %" LOG_PUBLIC "d", ret)
969 } while (0);
970
971 HKS_FREE_BLOB(inBlob);
972 return ret;
973 }
974