1 /* 2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 /** 17 * @file hks_hdi.h 18 * 19 * @brief Declares hdi interface 20 * 21 * @since 8 22 */ 23 24 #ifndef HUKS_HDI_H 25 #define HUKS_HDI_H 26 27 #include "hks_param.h" 28 #include "hks_type.h" 29 30 #define HDI_ADAPTER_PARAM(oldParamPtr, newParamPtr) ((oldParamPtr) == NULL ? NULL : (newParamPtr)) 31 32 #define HDI_CONVERTER_PARAM_IN_BLOB(fromHksBlobPtr, toHuksBlob) \ 33 if ((fromHksBlobPtr) != NULL) { \ 34 (toHuksBlob).data = (fromHksBlobPtr)->data; \ 35 (toHuksBlob).dataLen = (fromHksBlobPtr)->size; \ 36 } 37 38 #define HDI_CONVERTER_PARAM_IN_PARAMSET(fromHksParamSetPtr, toHuksParamSet) \ 39 if ((fromHksParamSetPtr) != NULL && (fromHksParamSetPtr)->paramSetSize >= sizeof(struct HksParamSet)) { \ 40 (toHuksParamSet).data = (uint8_t *)(fromHksParamSetPtr); \ 41 (toHuksParamSet).dataLen = (fromHksParamSetPtr)->paramSetSize; \ 42 } 43 44 #define HDI_CONVERTER_PARAM_OUT_BLOB(fromHuksBlob, toHksBlobPtr) \ 45 if ((toHksBlobPtr) != NULL) { \ 46 (toHksBlobPtr)->data = (fromHuksBlob).data; \ 47 (toHksBlobPtr)->size = (fromHuksBlob).dataLen; \ 48 } 49 50 51 #define HDI_CONVERTER_FUNC_GENERATEKEY(keyAlias, paramSet, keyIn, keyOut, ret, func) \ 52 struct HuksBlob keyAliasCore = {0}; \ 53 struct HuksParamSet paramSetCore = {0}; \ 54 struct HuksBlob keyInCore = {0}; \ 55 struct HuksBlob keyOutCore = {0}; \ 56 HDI_CONVERTER_PARAM_IN_BLOB(keyAlias, keyAliasCore) \ 57 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 58 HDI_CONVERTER_PARAM_IN_BLOB(keyIn, keyInCore) \ 59 HDI_CONVERTER_PARAM_IN_BLOB(keyOut, keyOutCore) \ 60 ret = (func)(HDI_ADAPTER_PARAM(keyAlias, &keyAliasCore), \ 61 HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 62 HDI_ADAPTER_PARAM(keyIn, &keyInCore), \ 63 HDI_ADAPTER_PARAM(keyOut, &keyOutCore)); \ 64 HDI_CONVERTER_PARAM_OUT_BLOB(keyOutCore, keyOut) 65 66 #define HDI_CONVERTER_FUNC_IMPORTKEY(keyAlias, key, paramSet, keyOut, ret, func) \ 67 struct HuksBlob keyAliasCore = {0}; \ 68 struct HuksParamSet paramSetCore = {0}; \ 69 struct HuksBlob keyCore = {0}; \ 70 struct HuksBlob keyOutCore = {0}; \ 71 HDI_CONVERTER_PARAM_IN_BLOB(keyAlias, keyAliasCore) \ 72 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 73 HDI_CONVERTER_PARAM_IN_BLOB(key, keyCore) \ 74 HDI_CONVERTER_PARAM_IN_BLOB(keyOut, keyOutCore) \ 75 ret = (func)(HDI_ADAPTER_PARAM(keyAlias, &keyAliasCore), \ 76 HDI_ADAPTER_PARAM(key, &keyCore), \ 77 HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 78 HDI_ADAPTER_PARAM(keyOut, &keyOutCore)); \ 79 HDI_CONVERTER_PARAM_OUT_BLOB(keyOutCore, keyOut) 80 81 #define HDI_CONVERTER_FUNC_IMPORTWRAPPEDKEY(wrappedKeyAlias, key, wrappedKeyData, paramSet, keyOut, ret, func) \ 82 struct HuksBlob wrappingKeyAliasCore = {0}; \ 83 struct HuksBlob keyCore = {0}; \ 84 struct HuksBlob wrappedKeyDataCore = {0}; \ 85 struct HuksParamSet paramSetCore = {0}; \ 86 struct HuksBlob keyOutCore = {0}; \ 87 HDI_CONVERTER_PARAM_IN_BLOB(wrappingKeyAlias, wrappingKeyAliasCore) \ 88 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 89 HDI_CONVERTER_PARAM_IN_BLOB(key, keyCore) \ 90 HDI_CONVERTER_PARAM_IN_BLOB(wrappedKeyData, wrappedKeyDataCore) \ 91 HDI_CONVERTER_PARAM_IN_BLOB(keyOut, keyOutCore) \ 92 ret = (func)(HDI_ADAPTER_PARAM(wrappingKeyAlias, &wrappedKeyDataCore), \ 93 HDI_ADAPTER_PARAM(key, &keyCore), \ 94 HDI_ADAPTER_PARAM(wrappedKeyData, &wrappedKeyDataCore), \ 95 HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 96 HDI_ADAPTER_PARAM(keyOut, &keyOutCore)); \ 97 HDI_CONVERTER_PARAM_OUT_BLOB(keyOutCore, keyOut) 98 99 #define HDI_CONVERTER_FUNC_EXPORTPUBLICKEY(key, paramSet, keyOut, ret, func) \ 100 struct HuksBlob keyCore = {0}; \ 101 struct HuksParamSet paramSetCore = {0}; \ 102 struct HuksBlob keyOutCore = {0}; \ 103 HDI_CONVERTER_PARAM_IN_BLOB(key, keyCore) \ 104 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 105 HDI_CONVERTER_PARAM_IN_BLOB(keyOut, keyOutCore) \ 106 ret = (func)(HDI_ADAPTER_PARAM(key, &keyCore), \ 107 HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 108 HDI_ADAPTER_PARAM(keyOut, &keyOutCore)); \ 109 HDI_CONVERTER_PARAM_OUT_BLOB(keyOutCore, keyOut) 110 111 #define HDI_CONVERTER_FUNC_INIT(key, paramSet, handle, token, ret, func) \ 112 struct HuksBlob keyCore = {0}; \ 113 struct HuksParamSet paramSetCore = {0}; \ 114 struct HuksBlob handleCore = {0}; \ 115 struct HuksBlob tokenCore = {0}; \ 116 HDI_CONVERTER_PARAM_IN_BLOB(key, keyCore) \ 117 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 118 HDI_CONVERTER_PARAM_IN_BLOB(handle, handleCore) \ 119 HDI_CONVERTER_PARAM_IN_BLOB(token, tokenCore) \ 120 ret = (func)(HDI_ADAPTER_PARAM(key, &keyCore), \ 121 HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 122 HDI_ADAPTER_PARAM(handle, &handleCore), \ 123 HDI_ADAPTER_PARAM(token, &tokenCore)); \ 124 HDI_CONVERTER_PARAM_OUT_BLOB(handleCore, handle) \ 125 HDI_CONVERTER_PARAM_OUT_BLOB(tokenCore, token) 126 127 #define HDI_CONVERTER_FUNC_UPDATE(handle, paramSet, inData, outData, ret, func) \ 128 struct HuksBlob handleCore = {0}; \ 129 struct HuksParamSet paramSetCore = {0}; \ 130 struct HuksBlob inDataCore = {0}; \ 131 struct HuksBlob outDataCore = {0}; \ 132 HDI_CONVERTER_PARAM_IN_BLOB(handle, handleCore) \ 133 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 134 HDI_CONVERTER_PARAM_IN_BLOB(inData, inDataCore) \ 135 HDI_CONVERTER_PARAM_IN_BLOB(outData, outDataCore) \ 136 ret = (func)(HDI_ADAPTER_PARAM(handle, &handleCore), \ 137 HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 138 HDI_ADAPTER_PARAM(inData, &inDataCore), \ 139 HDI_ADAPTER_PARAM(outData, &outDataCore)); \ 140 HDI_CONVERTER_PARAM_OUT_BLOB(outDataCore, outData) 141 142 #define HDI_CONVERTER_FUNC_FINISH(handle, paramSet, inData, outData, ret, func) \ 143 struct HuksBlob handleCore = {0}; \ 144 struct HuksParamSet paramSetCore = {0}; \ 145 struct HuksBlob inDataCore = {0}; \ 146 struct HuksBlob outDataCore = {0}; \ 147 HDI_CONVERTER_PARAM_IN_BLOB(handle, handleCore) \ 148 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 149 HDI_CONVERTER_PARAM_IN_BLOB(inData, inDataCore) \ 150 HDI_CONVERTER_PARAM_IN_BLOB(outData, outDataCore) \ 151 ret = (func)(HDI_ADAPTER_PARAM(handle, &handleCore), \ 152 HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 153 HDI_ADAPTER_PARAM(inData, &inDataCore), \ 154 HDI_ADAPTER_PARAM(outData, &outDataCore)); \ 155 HDI_CONVERTER_PARAM_OUT_BLOB(outDataCore, outData) 156 157 #define HDI_CONVERTER_FUNC_ABORT(handle, paramSet, ret, func) \ 158 struct HuksBlob handleCore = {0}; \ 159 struct HuksParamSet paramSetCore = {0}; \ 160 HDI_CONVERTER_PARAM_IN_BLOB(handle, handleCore) \ 161 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 162 ret = (func)(HDI_ADAPTER_PARAM(handle, &handleCore), \ 163 HDI_ADAPTER_PARAM(paramSet, ¶mSetCore)); 164 165 #define HDI_CONVERTER_FUNC_CHECKKEYVALIDITY(paramSet, key, ret, func) \ 166 struct HuksBlob keyCore = {0}; \ 167 struct HuksParamSet paramSetCore = {0}; \ 168 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 169 HDI_CONVERTER_PARAM_IN_BLOB(key, keyCore) \ 170 ret = (func)(HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 171 HDI_ADAPTER_PARAM(key, &keyCore)); 172 173 #define HDI_CONVERTER_FUNC_ATTESTKEY(key, paramSet, certChain, ret, func) \ 174 struct HuksBlob keyCore = {0}; \ 175 struct HuksParamSet paramSetCore = {0}; \ 176 struct HuksBlob certChainCore = {0}; \ 177 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 178 HDI_CONVERTER_PARAM_IN_BLOB(key, keyCore) \ 179 HDI_CONVERTER_PARAM_IN_BLOB(certChain, certChainCore) \ 180 ret = (func)(HDI_ADAPTER_PARAM(key, &keyCore), \ 181 HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 182 HDI_ADAPTER_PARAM(certChain, &certChainCore)); \ 183 HDI_CONVERTER_PARAM_OUT_BLOB(certChainCore, certChain) 184 185 #define HDI_CONVERTER_FUNC_GENERATERANDOM(paramSet, random, ret, func) \ 186 struct HuksParamSet paramSetCore = {0}; \ 187 struct HuksBlob randomCore = {0}; \ 188 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 189 HDI_CONVERTER_PARAM_IN_BLOB(random, randomCore) \ 190 ret = (func)(HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 191 HDI_ADAPTER_PARAM(random, &randomCore)); \ 192 HDI_CONVERTER_PARAM_OUT_BLOB(randomCore, random) 193 194 #define HDI_CONVERTER_FUNC_GETERRORINFO(errorInfo, ret, func) \ 195 struct HuksBlob errorInfoCore = {0}; \ 196 HDI_CONVERTER_PARAM_IN_BLOB((errorInfo), errorInfoCore) \ 197 (ret) = (func)(HDI_ADAPTER_PARAM((errorInfo), &errorInfoCore)); \ 198 HDI_CONVERTER_PARAM_OUT_BLOB(errorInfoCore, errorInfo) 199 200 #define HDI_CONVERTER_FUNC_GETSTATINFO(statInfo, ret, func) \ 201 struct HuksBlob statInfoCore = {0}; \ 202 HDI_CONVERTER_PARAM_IN_BLOB((statInfo), statInfoCore) \ 203 (ret) = (func)(HDI_ADAPTER_PARAM((statInfo), &statInfoCore)); \ 204 HDI_CONVERTER_PARAM_OUT_BLOB(statInfoCore, statInfo) 205 206 #define HDI_CONVERTER_FUNC_SIGN(key, paramSet, srcData, signature, ret, func) \ 207 struct HuksBlob keyCore = {0}; \ 208 struct HuksParamSet paramSetCore = {0}; \ 209 struct HuksBlob srcDataCore = {0}; \ 210 struct HuksBlob signatureCore = {0}; \ 211 HDI_CONVERTER_PARAM_IN_BLOB(key, keyCore) \ 212 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 213 HDI_CONVERTER_PARAM_IN_BLOB(srcData, srcDataCore) \ 214 HDI_CONVERTER_PARAM_IN_BLOB(signature, signatureCore) \ 215 ret = (func)(HDI_ADAPTER_PARAM(key, &keyCore), \ 216 HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 217 HDI_ADAPTER_PARAM(srcData, &srcDataCore), \ 218 HDI_ADAPTER_PARAM(signature, &signatureCore)); \ 219 HDI_CONVERTER_PARAM_OUT_BLOB(signatureCore, signature) 220 221 #define HDI_CONVERTER_FUNC_VERIFY(key, paramSet, srcData, signature, ret, func) \ 222 struct HuksBlob keyCore = {0}; \ 223 struct HuksParamSet paramSetCore = {0}; \ 224 struct HuksBlob srcDataCore = {0}; \ 225 struct HuksBlob signatureCore = {0}; \ 226 HDI_CONVERTER_PARAM_IN_BLOB(key, keyCore) \ 227 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 228 HDI_CONVERTER_PARAM_IN_BLOB(srcData, srcDataCore) \ 229 HDI_CONVERTER_PARAM_IN_BLOB(signature, signatureCore) \ 230 ret = (func)(HDI_ADAPTER_PARAM(key, &keyCore), \ 231 HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 232 HDI_ADAPTER_PARAM(srcData, &srcDataCore), \ 233 HDI_ADAPTER_PARAM(signature, &signatureCore)); 234 235 #define HDI_CONVERTER_FUNC_ENCRYPT(key, paramSet, plainText, cipherText, ret, func) \ 236 struct HuksBlob keyCore = {0}; \ 237 struct HuksParamSet paramSetCore = {0}; \ 238 struct HuksBlob plainTextCore = {0}; \ 239 struct HuksBlob cipherTextCore = {0}; \ 240 HDI_CONVERTER_PARAM_IN_BLOB(key, keyCore) \ 241 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 242 HDI_CONVERTER_PARAM_IN_BLOB(plainText, plainTextCore) \ 243 HDI_CONVERTER_PARAM_IN_BLOB(cipherText, cipherTextCore) \ 244 ret = (func)(HDI_ADAPTER_PARAM(key, &keyCore), \ 245 HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 246 HDI_ADAPTER_PARAM(plainText, &plainTextCore), \ 247 HDI_ADAPTER_PARAM(cipherText, &cipherTextCore)); \ 248 HDI_CONVERTER_PARAM_OUT_BLOB(cipherTextCore, cipherText) 249 250 #define HDI_CONVERTER_FUNC_DECRYPT(key, paramSet, cipherText, plainText, ret, func) \ 251 struct HuksBlob keyCore = {0}; \ 252 struct HuksParamSet paramSetCore = {0}; \ 253 struct HuksBlob cipherTextCore = {0}; \ 254 struct HuksBlob plainTextCore = {0}; \ 255 HDI_CONVERTER_PARAM_IN_BLOB(key, keyCore) \ 256 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 257 HDI_CONVERTER_PARAM_IN_BLOB(cipherText, cipherTextCore) \ 258 HDI_CONVERTER_PARAM_IN_BLOB(plainText, plainTextCore) \ 259 ret = (func)(HDI_ADAPTER_PARAM(key, &keyCore), \ 260 HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 261 HDI_ADAPTER_PARAM(cipherText, &cipherTextCore), \ 262 HDI_ADAPTER_PARAM(plainText, &plainTextCore)); \ 263 HDI_CONVERTER_PARAM_OUT_BLOB(plainTextCore, plainText) 264 265 #define HDI_CONVERTER_FUNC_AGREEKEY(paramSet, privateKey, peerPublicKey, agreedKey, ret, func) \ 266 struct HuksParamSet paramSetCore = {0}; \ 267 struct HuksBlob privateKeyCore = {0}; \ 268 struct HuksBlob peerPublicKeyCore = {0}; \ 269 struct HuksBlob agreedKeyCore = {0}; \ 270 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 271 HDI_CONVERTER_PARAM_IN_BLOB(privateKey, privateKeyCore) \ 272 HDI_CONVERTER_PARAM_IN_BLOB(peerPublicKey, peerPublicKeyCore) \ 273 HDI_CONVERTER_PARAM_IN_BLOB(agreedKey, agreedKeyCore) \ 274 ret = (func)(HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 275 HDI_ADAPTER_PARAM(privateKey, &privateKeyCore), \ 276 HDI_ADAPTER_PARAM(peerPublicKey, &peerPublicKeyCore), \ 277 HDI_ADAPTER_PARAM(agreedKey, &agreedKeyCore)); \ 278 HDI_CONVERTER_PARAM_OUT_BLOB(agreedKeyCore, agreedKey) 279 280 281 #define HDI_CONVERTER_FUNC_DERIVEKEY(paramSet, kdfKey, derivedKey, ret, func) \ 282 struct HuksParamSet paramSetCore = {0}; \ 283 struct HuksBlob kdfKeyCore = {0}; \ 284 struct HuksBlob derivedKeyCore = {0}; \ 285 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 286 HDI_CONVERTER_PARAM_IN_BLOB(kdfKey, kdfKeyCore) \ 287 HDI_CONVERTER_PARAM_IN_BLOB(derivedKey, derivedKeyCore) \ 288 ret = (func)(HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 289 HDI_ADAPTER_PARAM(kdfKey, &kdfKeyCore), \ 290 HDI_ADAPTER_PARAM(derivedKey, &derivedKeyCore)); \ 291 HDI_CONVERTER_PARAM_OUT_BLOB(derivedKeyCore, derivedKey) 292 293 #define HDI_CONVERTER_FUNC_MAC(key, paramSet, srcData, mac, ret, func) \ 294 struct HuksParamSet paramSetCore = {0}; \ 295 struct HuksBlob keyCore = {0}; \ 296 struct HuksBlob srcDataCore = {0}; \ 297 struct HuksBlob macCore = {0}; \ 298 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 299 HDI_CONVERTER_PARAM_IN_BLOB(key, keyCore) \ 300 HDI_CONVERTER_PARAM_IN_BLOB(srcData, srcDataCore) \ 301 HDI_CONVERTER_PARAM_IN_BLOB(mac, macCore) \ 302 ret = (func)(HDI_ADAPTER_PARAM(key, &keyCore), \ 303 HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 304 HDI_ADAPTER_PARAM(srcData, &srcDataCore), \ 305 HDI_ADAPTER_PARAM(mac, &macCore)); \ 306 HDI_CONVERTER_PARAM_OUT_BLOB(macCore, mac) 307 308 #define HDI_CONVERTER_FUNC_UPGRADEKEY(oldKey, paramSet, newKey, ret, func) \ 309 struct HuksParamSet paramSetCore = {0}; \ 310 struct HuksBlob oldKeyCore = {0}; \ 311 struct HuksBlob newKeyCore = {0}; \ 312 HDI_CONVERTER_PARAM_IN_PARAMSET(paramSet, paramSetCore) \ 313 HDI_CONVERTER_PARAM_IN_BLOB(oldKey, oldKeyCore) \ 314 HDI_CONVERTER_PARAM_IN_BLOB(newKey, newKeyCore) \ 315 ret = (func)(HDI_ADAPTER_PARAM(oldKey, &oldKeyCore), \ 316 HDI_ADAPTER_PARAM(paramSet, ¶mSetCore), \ 317 HDI_ADAPTER_PARAM(newKey, &newKeyCore)); \ 318 HDI_CONVERTER_PARAM_OUT_BLOB(newKeyCore, newKey) 319 320 struct HuksHdi { 321 /** 322 * @brief HUKS initialize 323 * @return error code, see hks_type.h 324 */ 325 int32_t (*HuksHdiModuleInit)(void); 326 327 /** 328 * @brief HUKS destroy 329 * @return error code, see hks_type.h 330 */ 331 int32_t (*HuksHdiModuleDestroy)(void); 332 333 /** 334 * @brief HUKS fresh key info 335 * @return error code, see hks_type.h 336 */ 337 int32_t (*HuksHdiRefresh)(void); 338 339 /** 340 * @brief Generate key 341 * @param keyAlias key alias 342 * @param paramSet required parameter set 343 * @param keyIn key to generate key 344 * @param keyOut output key 345 * @return error code, see hks_type.h 346 */ 347 int32_t (*HuksHdiGenerateKey)(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet, 348 const struct HksBlob *keyIn, struct HksBlob *keyOut); 349 350 /** 351 * @brief Import key 352 * @param keyAlias key alias 353 * @param key the key needs to be imported 354 * @param paramSet required parameter set 355 * @param keyOut output key 356 * @return error code, see hks_type.h 357 */ 358 int32_t (*HuksHdiImportKey)(const struct HksBlob *keyAlias, const struct HksBlob *key, 359 const struct HksParamSet *paramSet, struct HksBlob *keyOut); 360 361 /** 362 * @brief Import wrapped key 363 * @param wrappingKeyAlias alias used to decrypt the key data after the wrap 364 * @param key the key to wrap key 365 * @param wrappedKeyData wrapped key data out 366 * @param paramSet required parameter set 367 * @param keyOut output key 368 * @return error code, see hks_type.h 369 */ 370 int32_t (*HuksHdiImportWrappedKey)(const struct HksBlob *wrappingKeyAlias, const struct HksBlob *key, 371 const struct HksBlob *wrappedKeyData, const struct HksParamSet *paramSet, struct HksBlob *keyOut); 372 373 /** 374 * @brief Export public key 375 * @param key key need to export 376 * @param paramSet required parameter set 377 * @param keyOut exported key 378 * @return error code, see hks_type.h 379 */ 380 int32_t (*HuksHdiExportPublicKey)(const struct HksBlob *key, const struct HksParamSet *paramSet, 381 struct HksBlob *keyOut); 382 383 /** 384 * @brief Init operation 385 * @param key the key 386 * @param paramSet required parameter set 387 * @param handle operation handle 388 * @param token token 389 * @return error code, see hks_type.h 390 */ 391 int32_t (*HuksHdiInit)(const struct HksBlob *key, const struct HksParamSet *paramSet, struct HksBlob *handle, 392 struct HksBlob *token); 393 394 /** 395 * @brief Update operation 396 * @param handle operation handle 397 * @param paramSet required parameter set 398 * @param inData the data to update 399 * @param outData output data 400 * @return error code, see hks_type.h 401 */ 402 int32_t (*HuksHdiUpdate)(const struct HksBlob *handle, const struct HksParamSet *paramSet, 403 const struct HksBlob *inData, struct HksBlob *outData); 404 405 /** 406 * @brief Finish operation 407 * @param handle operation handle 408 * @param paramSet required parameter set 409 * @param inData the data to update 410 * @param outData output data 411 * @return error code, see hks_type.h 412 */ 413 int32_t (*HuksHdiFinish)(const struct HksBlob *handle, const struct HksParamSet *paramSet, 414 const struct HksBlob *inData, struct HksBlob *outData); 415 416 /** 417 * @brief Finish operation 418 * @param handle operation handle 419 * @param paramSet required parameter set 420 * @return error code, see hks_type.h 421 */ 422 int32_t (*HuksHdiAbort)(const struct HksBlob *handle, const struct HksParamSet *paramSet); 423 424 /** 425 * @brief Get key properties 426 * @param paramSet required parameter set 427 * @param key the key 428 * @return error code, see hks_type.h 429 */ 430 int32_t (*HuksHdiGetKeyProperties)(const struct HksParamSet *paramSet, const struct HksBlob *key); 431 432 /** 433 * @brief Attest key 434 * @param key the key 435 * @param paramSet required parameter set 436 * @param certChain cert chain 437 * @return error code, see hks_type.h 438 */ 439 int32_t (*HuksHdiAttestKey)(const struct HksBlob *key, const struct HksParamSet *paramSet, 440 struct HksBlob *certChain); 441 442 /** 443 * @brief Get ability 444 * @param funcType the function type 445 * @return error code, see hks_type.h 446 */ 447 int32_t (*HuksHdiGetAbility)(int32_t funcType); 448 449 /** 450 * @brief Get hardware info 451 * @return error code, see hks_type.h 452 */ 453 int32_t (*HuksHdiGetHardwareInfo)(void); 454 455 /** 456 * @brief Calculate mac header 457 * @param paramSet required parameter set 458 * @param salt the salt value 459 * @param srcData the data to calculte 460 * @param mac output mac value 461 * @return error code, see hks_type.h 462 */ 463 int32_t (*HuksHdiCalcMacHeader)(const struct HksParamSet *paramSet, const struct HksBlob *salt, 464 const struct HksBlob *srcData, struct HksBlob *mac); 465 466 /** 467 * @brief Upgrade key info 468 * @param keyAlias key alias 469 * @param keyInfo key info 470 * @param keyOut output key value 471 * @return error code, see hks_type.h 472 */ 473 int32_t (*HuksHdiUpgradeKeyInfo)(const struct HksBlob *keyAlias, const struct HksBlob *keyInfo, 474 struct HksBlob *keyOut); 475 476 /** 477 * @brief Generate random 478 * @param paramSet required parameter set 479 * @param random output random 480 * @return error code, see hks_type.h 481 */ 482 int32_t (*HuksHdiGenerateRandom)(const struct HksParamSet *paramSet, struct HksBlob *random); 483 484 /** 485 * @brief Sign operation 486 * @param key required key to sign data 487 * @param paramSet required parameter set 488 * @param srcData the data needs to sign 489 * @param signature signatured data 490 * @return error code, see hks_type.h 491 */ 492 int32_t (*HuksHdiSign)(const struct HksBlob *key, const struct HksParamSet *paramSet, 493 const struct HksBlob *srcData, struct HksBlob *signature); 494 495 /** 496 * @brief Verify operation 497 * @param key required key to verify data 498 * @param paramSet required parameter set 499 * @param srcData the data needs to verify 500 * @param signature verified data 501 * @return error code, see hks_type.h 502 */ 503 int32_t (*HuksHdiVerify)(const struct HksBlob *key, const struct HksParamSet *paramSet, 504 const struct HksBlob *srcData, const struct HksBlob *signature); 505 506 /** 507 * @brief Encrypt operation 508 * @param key required key to encrypt data 509 * @param paramSet required parameter set 510 * @param plainText the data needs to encrypt 511 * @param cipherText encrypted data 512 * @return error code, see hks_type.h 513 */ 514 int32_t (*HuksHdiEncrypt)(const struct HksBlob *key, const struct HksParamSet *paramSet, 515 const struct HksBlob *plainText, struct HksBlob *cipherText); 516 517 /** 518 * @brief Decrypt operation 519 * @param key required key to decrypt data 520 * @param paramSet required parameter set 521 * @param cipherText the data needs to decrypt 522 * @param plainText decrypted data 523 * @return error code, see hks_type.h 524 */ 525 int32_t (*HuksHdiDecrypt)(const struct HksBlob *key, const struct HksParamSet *paramSet, 526 const struct HksBlob *cipherText, struct HksBlob *plainText); 527 528 /** 529 * @brief Agree key 530 * @param paramSet required parameter set 531 * @param privateKey self private key 532 * @param peerPublicKey peer public key 533 * @param agreedKey agreed key 534 * @return error code, see hks_type.h 535 */ 536 int32_t (*HuksHdiAgreeKey)(const struct HksParamSet *paramSet, const struct HksBlob *privateKey, 537 const struct HksBlob *peerPublicKey, struct HksBlob *agreedKey); 538 539 /** 540 * @brief Derive key 541 * @param paramSet required parameter set 542 * @param kdfKey main key to derive key 543 * @param derivedKey derived key 544 * @return error code, see hks_type.h 545 */ 546 int32_t (*HuksHdiDeriveKey)(const struct HksParamSet *paramSet, const struct HksBlob *kdfKey, 547 struct HksBlob *derivedKey); 548 549 /** 550 * @brief Mac operation 551 * @param key main key to derive key 552 * @param paramSet required parameter set 553 * @param srcData data needs to mac 554 * @param mac mac value 555 * @return error code, see hks_type.h 556 */ 557 int32_t (*HuksHdiMac)(const struct HksBlob *key, const struct HksParamSet *paramSet, 558 const struct HksBlob *srcData, struct HksBlob *mac); 559 560 /** 561 * @brief Upgrade key 562 * @param oldKey old key to be upgraded 563 * @param paramSet required parameter set 564 * @param newKey new key 565 * @return error code, see hks_type.h 566 */ 567 int32_t (*HuksHdiUpgradeKey)(const struct HksBlob *oldKey, const struct HksParamSet *paramSet, 568 struct HksBlob *newKey); 569 570 /** 571 * @brief Export chipset platform publicKey 572 * @param salt salt value 573 * @param scene scene 574 * @param publicKey public key 575 * @return error code, see hks_type.h 576 */ 577 int32_t (*HuksHdiExportChipsetPlatformPublicKey)(const struct HksBlob *salt, 578 enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey); 579 580 /** 581 * @brief Get the detailed error information. 582 * @param errorInfo indicates the detailed error information 583 * @return error code, see hks_type.h 584 */ 585 int32_t (*HuksHdiGetErrorInfo)(struct HksBlob *errorInfo); 586 587 /** 588 * @brief Get the detailed statistic information. 589 * @param errorInfo indicates the detailed statistic information 590 * @return error code, see hks_type.h 591 */ 592 int32_t (*HuksHdiGetStatInfo)(struct HksBlob *statInfo); 593 }; 594 595 #endif /* HUKS_HDI_H */ 596