1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifndef CM_TYPE_H
17 #define CM_TYPE_H
18
19 #include <stdbool.h>
20 #include <stdint.h>
21 #include <stdlib.h>
22
23 #ifdef __cplusplus
24 extern "C" {
25 #endif
26 #ifndef CM_API_PUBLIC
27 #if defined(WIN32) || defined(_WIN32) || defined(__CYGWIN__) || defined(__ICCARM__) /* __ICCARM__ for iar */
28 #define CM_API_EXPORT
29 #else
30 #define CM_API_EXPORT __attribute__ ((visibility("default")))
31 #endif
32 #else
33 #define CM_API_EXPORT __attribute__ ((visibility("default")))
34 #endif
35
36 #define MAX_LEN_CERTIFICATE 8196
37
38 #define MAX_LEN_CERTIFICATE_CHAIN (3 * MAX_LEN_CERTIFICATE)
39
40 #define MAX_SUFFIX_LEN 16
41 #define MAX_COUNT_CERTIFICATE 256
42 #define MAX_LEN_URI 64
43 #define MAX_AUTH_LEN_URI 256
44 #define MAX_LEN_CERT_ALIAS 64
45 #define MAX_LEN_SUBJECT_NAME 256
46 #define MAX_LEN_PACKGE_NAME 64
47 #define MAX_UINT32_LEN 16
48
49 #define MAX_LEN_ISSUER_NAME 256
50 #define MAX_LEN_SERIAL 64
51 #define MAX_LEN_NOT_BEFORE 32
52 #define MAX_LEN_NOT_AFTER 32
53 #define MAX_LEN_FINGER_PRINT_SHA256 128
54 #define MAX_LEN_APP_CERT 20480
55 #define MAX_LEN_APP_CERT_PASSWD 33 /* 32位密码 + 1位结束符 */
56
57 #define CERT_MAX_PATH_LEN 256
58 #define CM_ARRAY_SIZE(arr) ((sizeof(arr)) / (sizeof((arr)[0])))
59
60 /*
61 * Align to 4-tuple
62 * Before calling this function, ensure that the size does not overflow after 3 is added.
63 */
64 #define ALIGN_SIZE(size) ((((uint32_t)(size) + 3) >> 2) << 2)
65
66 #define CM_BITS_PER_BYTE 8
67 #define CM_KEY_BYTES(keySize) (((keySize) + CM_BITS_PER_BYTE - 1) / CM_BITS_PER_BYTE)
68 #define MAX_OUT_BLOB_SIZE (5 * 1024 * 1024)
69
70 #define CM_CREDENTIAL_STORE 0
71 #define CM_SYSTEM_TRUSTED_STORE 1
72 #define CM_USER_TRUSTED_STORE 2
73 #define CM_PRI_CREDENTIAL_STORE 3
74
75 enum CmKeyDigest {
76 CM_DIGEST_NONE = 0,
77 CM_DIGEST_MD5 = 1,
78 CM_DIGEST_SHA1 = 10,
79 CM_DIGEST_SHA224 = 11,
80 CM_DIGEST_SHA256 = 12,
81 CM_DIGEST_SHA384 = 13,
82 CM_DIGEST_SHA512 = 14,
83 };
84
85 enum CmKeyPurpose {
86 CM_KEY_PURPOSE_ENCRYPT = 1, /* Usable with RSA, EC, AES, and SM4 keys. */
87 CM_KEY_PURPOSE_DECRYPT = 2, /* Usable with RSA, EC, AES, and SM4 keys. */
88 CM_KEY_PURPOSE_SIGN = 4, /* Usable with RSA, EC keys. */
89 CM_KEY_PURPOSE_VERIFY = 8, /* Usable with RSA, EC keys. */
90 CM_KEY_PURPOSE_DERIVE = 16, /* Usable with EC keys. */
91 CM_KEY_PURPOSE_WRAP = 32, /* Usable with wrap key. */
92 CM_KEY_PURPOSE_UNWRAP = 64, /* Usable with unwrap key. */
93 CM_KEY_PURPOSE_MAC = 128, /* Usable with mac. */
94 CM_KEY_PURPOSE_AGREE = 256, /* Usable with agree. */
95 };
96
97 enum CmKeyPadding {
98 CM_PADDING_NONE = 0,
99 CM_PADDING_OAEP = 1,
100 CM_PADDING_PSS = 2,
101 CM_PADDING_PKCS1_V1_5 = 3,
102 CM_PADDING_PKCS5 = 4,
103 CM_PADDING_PKCS7 = 5,
104 };
105
106 enum CmErrorCode {
107 CM_SUCCESS = 0,
108 CM_FAILURE = -1,
109
110 CMR_ERROR_NOT_PERMITTED = -2,
111 CMR_ERROR_NOT_SUPPORTED = -3,
112 CMR_ERROR_STORAGE = -4,
113 CMR_ERROR_NOT_FOUND = -5,
114 CMR_ERROR_NULL_POINTER = -6,
115 CMR_ERROR_INVALID_ARGUMENT = -7,
116 CMR_ERROR_MAKE_DIR_FAIL = -8,
117 CMR_ERROR_INVALID_OPERATION = -9,
118 CMR_ERROR_OPEN_FILE_FAIL = -10,
119 CMR_ERROR_READ_FILE_ERROR = -11,
120 CMR_ERROR_WRITE_FILE_FAIL = -12,
121 CMR_ERROR_REMOVE_FILE_FAIL = -13,
122 CMR_ERROR_CLOSE_FILE_FAIL = -14,
123 CMR_ERROR_MALLOC_FAIL = -15,
124 CMR_ERROR_NOT_EXIST = -16,
125 CMR_ERROR_ALREADY_EXISTS = -17,
126 CMR_ERROR_INSUFFICIENT_DATA = -18,
127 CMR_ERROR_BUFFER_TOO_SMALL = -19,
128 CMR_ERROR_INVALID_CERT_FORMAT = -20,
129 CMR_ERROR_PARAM_NOT_EXIST = -21,
130 CMR_ERROR_SESSION_REACHED_LIMIT = -22,
131 CMR_ERROR_PERMISSION_DENIED = -23,
132 CMR_ERROR_AUTH_CHECK_FAILED = -24,
133 CMR_ERROR_KEY_OPERATION_FAILED = -25,
134 CMR_ERROR_NOT_SYSTEMP_APP = -26,
135 };
136
137 enum CMErrorCode { /* temp use */
138 CMR_OK = 0,
139 CMR_ERROR = -1,
140 };
141
142 enum CmTagType {
143 CM_TAG_TYPE_INVALID = 0 << 28,
144 CM_TAG_TYPE_INT = 1 << 28,
145 CM_TAG_TYPE_UINT = 2 << 28,
146 CM_TAG_TYPE_ULONG = 3 << 28,
147 CM_TAG_TYPE_BOOL = 4 << 28,
148 CM_TAG_TYPE_BYTES = 5 << 28,
149 };
150
151 enum CmTag {
152 /* Inner-use TAGS used for ipc serialization */
153 CM_TAG_PARAM0_BUFFER = CM_TAG_TYPE_BYTES | 30001,
154 CM_TAG_PARAM1_BUFFER = CM_TAG_TYPE_BYTES | 30002,
155 CM_TAG_PARAM2_BUFFER = CM_TAG_TYPE_BYTES | 30003,
156 CM_TAG_PARAM3_BUFFER = CM_TAG_TYPE_BYTES | 30004,
157 CM_TAG_PARAM4_BUFFER = CM_TAG_TYPE_BYTES | 30005,
158 CM_TAG_PARAM0_UINT32 = CM_TAG_TYPE_UINT | 30006,
159 CM_TAG_PARAM1_UINT32 = CM_TAG_TYPE_UINT | 30007,
160 CM_TAG_PARAM2_UINT32 = CM_TAG_TYPE_UINT | 30008,
161 CM_TAG_PARAM3_UINT32 = CM_TAG_TYPE_UINT | 30009,
162 CM_TAG_PARAM4_UINT32 = CM_TAG_TYPE_UINT | 30010,
163 CM_TAG_PARAM0_BOOL = CM_TAG_TYPE_BOOL | 30011,
164 CM_TAG_PARAM1_BOOL = CM_TAG_TYPE_BOOL | 30012,
165 CM_TAG_PARAM2_BOOL = CM_TAG_TYPE_BOOL | 30013,
166 CM_TAG_PARAM3_BOOL = CM_TAG_TYPE_BOOL | 30014,
167 CM_TAG_PARAM4_BOOL = CM_TAG_TYPE_BOOL | 30015,
168 CM_TAG_PARAM0_NULL = CM_TAG_TYPE_BYTES | 30016,
169 CM_TAG_PARAM1_NULL = CM_TAG_TYPE_BYTES | 30017,
170 CM_TAG_PARAM2_NULL = CM_TAG_TYPE_BYTES | 30018,
171 CM_TAG_PARAM3_NULL = CM_TAG_TYPE_BYTES | 30019,
172 CM_TAG_PARAM4_NULL = CM_TAG_TYPE_BYTES | 30020,
173 };
174
175 #define CM_PARAM_BUFFER_NULL_INTERVAL ((CM_TAG_PARAM0_NULL) - (CM_TAG_PARAM0_BUFFER))
176
177 enum CmSendType {
178 CM_SEND_TYPE_ASYNC = 0,
179 CM_SEND_TYPE_SYNC,
180 };
181
182 struct CmMutableBlob {
183 uint32_t size;
184 uint8_t *data;
185 };
186
187 struct CmContext {
188 uint32_t userId;
189 uint32_t uid;
190 char packageName[MAX_LEN_PACKGE_NAME];
191 };
192
193 struct CmBlob {
194 uint32_t size;
195 uint8_t *data;
196 };
197
198 struct CertBlob {
199 struct CmBlob uri[MAX_COUNT_CERTIFICATE];
200 struct CmBlob certAlias[MAX_COUNT_CERTIFICATE];
201 struct CmBlob subjectName[MAX_COUNT_CERTIFICATE];
202 };
203
204 struct CmAppCertInfo {
205 struct CmBlob appCert;
206 struct CmBlob appCertPwd;
207 };
208
209 struct CertListAbtInfo {
210 uint32_t uriSize;
211 char uri[MAX_LEN_URI];
212 uint32_t aliasSize;
213 char certAlias[MAX_LEN_CERT_ALIAS];
214 uint32_t status;
215 uint32_t subjectNameSize;
216 char subjectName[MAX_LEN_SUBJECT_NAME];
217 };
218
219 struct CertAbstract {
220 char uri[MAX_LEN_URI];
221 char certAlias[MAX_LEN_CERT_ALIAS];
222 bool status;
223 char subjectName[MAX_LEN_SUBJECT_NAME];
224 };
225
226 struct CertList {
227 uint32_t certsCount;
228 struct CertAbstract *certAbstract;
229 };
230
231 struct CertAbtInfo {
232 uint32_t aliasSize;
233 char certAlias[MAX_LEN_CERT_ALIAS];
234 uint32_t status;
235 uint32_t certsize;
236 uint8_t certData[MAX_LEN_CERTIFICATE];
237 };
238
239 struct CertInfo {
240 char uri[MAX_LEN_URI];
241 char certAlias[MAX_LEN_CERT_ALIAS];
242 bool status;
243 char issuerName[MAX_LEN_ISSUER_NAME];
244 char subjectName[MAX_LEN_SUBJECT_NAME];
245 char serial[MAX_LEN_SERIAL];
246 char notBefore[MAX_LEN_NOT_BEFORE];
247 char notAfter[MAX_LEN_NOT_AFTER];
248 char fingerprintSha256[MAX_LEN_FINGER_PRINT_SHA256];
249 struct CmBlob certInfo;
250 };
251
252 struct CertFile {
253 const struct CmBlob *fileName;
254 const struct CmBlob *path;
255 };
256
257 struct CertFileInfo {
258 struct CmBlob fileName;
259 struct CmBlob path;
260 };
261
262 struct CMApp {
263 uint32_t userId;
264 uint32_t uid;
265 const char *packageName;
266 struct CmBlob *appId; // for attestation
267 };
268
269 struct Credential {
270 uint32_t isExist;
271 char type[MAX_LEN_SUBJECT_NAME];
272 char alias[MAX_LEN_CERT_ALIAS];
273 char keyUri[MAX_LEN_URI];
274 uint32_t certNum;
275 uint32_t keyNum;
276 struct CmBlob credData;
277 };
278
279 struct CredentialAbstract {
280 char type[MAX_LEN_SUBJECT_NAME];
281 char alias[MAX_LEN_CERT_ALIAS];
282 char keyUri[MAX_LEN_URI];
283 };
284
285 struct CredentialList {
286 uint32_t credentialCount;
287 struct CredentialAbstract *credentialAbstract;
288 };
289
290 struct AppCert {
291 uint32_t certCount;
292 uint32_t keyCount;
293 uint32_t certSize;
294 uint8_t appCertdata[MAX_LEN_CERTIFICATE_CHAIN];
295 };
296
297 struct CmParam {
298 uint32_t tag;
299 union {
300 bool boolParam;
301 int32_t int32Param;
302 uint32_t uint32Param;
303 uint64_t uint64Param;
304 struct CmBlob blob;
305 };
306 };
307
308 struct CmParamOut {
309 uint32_t tag;
310 union {
311 bool *boolParam;
312 int32_t *int32Param;
313 uint32_t *uint32Param;
314 uint64_t *uint64Param;
315 struct CmBlob *blob;
316 };
317 };
318
319 struct CmParamSet {
320 uint32_t paramSetSize;
321 uint32_t paramsCnt;
322 struct CmParam params[];
323 };
324
325 struct CmAppUidList {
326 uint32_t appUidCount;
327 uint32_t *appUid;
328 };
329
330 struct CmSignatureSpec {
331 uint32_t purpose;
332 uint32_t padding;
333 uint32_t digest;
334 };
335
CmIsAdditionOverflow(uint32_t a,uint32_t b)336 static inline bool CmIsAdditionOverflow(uint32_t a, uint32_t b)
337 {
338 return (UINT32_MAX - a) < b;
339 }
340
CmIsInvalidLength(uint32_t length)341 static inline bool CmIsInvalidLength(uint32_t length)
342 {
343 return (length == 0) || (length > MAX_OUT_BLOB_SIZE);
344 }
345
CmCheckBlob(const struct CmBlob * blob)346 static inline int32_t CmCheckBlob(const struct CmBlob *blob)
347 {
348 if ((blob == NULL) || (blob->data == NULL) || (blob->size == 0)) {
349 return CMR_ERROR_INVALID_ARGUMENT;
350 }
351 return CM_SUCCESS;
352 }
353
354 #ifdef __cplusplus
355 }
356 #endif
357
358 #endif /* CM_TYPE_H */
359