1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifndef CM_TYPE_H
17 #define CM_TYPE_H
18
19 #include <stdbool.h>
20 #include <stdint.h>
21 #include <stdlib.h>
22
23 #ifdef __cplusplus
24 extern "C" {
25 #endif
26 #ifndef CM_API_PUBLIC
27 #if defined(WIN32) || defined(_WIN32) || defined(__CYGWIN__) || defined(__ICCARM__) /* __ICCARM__ for iar */
28 #define CM_API_EXPORT
29 #else
30 #define CM_API_EXPORT __attribute__ ((visibility("default")))
31 #endif
32 #else
33 #define CM_API_EXPORT __attribute__ ((visibility("default")))
34 #endif
35
36 #define MAX_LEN_CERTIFICATE 8196
37
38 #define MAX_LEN_CERTIFICATE_CHAIN (3 * MAX_LEN_CERTIFICATE)
39
40 #define MAX_SUFFIX_LEN 16
41 #define MAX_COUNT_CERTIFICATE 256
42 #define MAX_LEN_URI 256
43 #define MAX_AUTH_LEN_URI 256
44 #define MAX_LEN_CERT_ALIAS 129 /* include 1 byte: the terminator('\0') */
45 #define MAX_LEN_SUBJECT_NAME 1025 /* include 1 byte: the terminator('\0') */
46 #define MAX_LEN_PACKGE_NAME 64
47 #define MAX_LEN_MAC_KEY 64
48 #define MAX_UINT32_LEN 16
49 #define MAX_LEN_CERT_TYPE 8
50 #define MAX_LEN_PRI_CRED_ALIAS 33 /* include 1 byte: the terminator('\0') */
51
52 #define MAX_LEN_ISSUER_NAME 256
53 #define MAX_LEN_SERIAL 64
54 #define MAX_LEN_NOT_BEFORE 32
55 #define MAX_LEN_NOT_AFTER 32
56 #define MAX_LEN_FINGER_PRINT_SHA256 128
57 #define MAX_LEN_APP_CERT 20480
58 #define MAX_LEN_APP_CERT_PASSWD 33 /* 32位密码 + 1位结束符 */
59
60 #define CERT_MAX_PATH_LEN 256
61 #define CM_ARRAY_SIZE(arr) ((sizeof(arr)) / (sizeof((arr)[0])))
62 #define INIT_INVALID_VALUE 0xFFFFFFFF
63
64 #define CERT_STATUS_ENABLED ((uint32_t) 0)
65 #define CERT_STATUS_DISABLED ((uint32_t) 1)
66
67 /*
68 * Align to 4-tuple
69 * Before calling this function, ensure that the size does not overflow after 3 is added.
70 */
71 #define ALIGN_SIZE(size) ((((uint32_t)(size) + 3) >> 2) << 2)
72
73 #define CM_BITS_PER_BYTE 8
74 #define CM_KEY_BYTES(keySize) (((keySize) + CM_BITS_PER_BYTE - 1) / CM_BITS_PER_BYTE)
75 #define MAX_OUT_BLOB_SIZE (5 * 1024 * 1024)
76
77 #define CM_CREDENTIAL_STORE 0
78 #define CM_SYSTEM_TRUSTED_STORE 1
79 #define CM_USER_TRUSTED_STORE 2
80 #define CM_PRI_CREDENTIAL_STORE 3
81 #define CM_SYS_CREDENTIAL_STORE 4
82 #define CM_STORE_CHECK(a) \
83 (((a) != CM_CREDENTIAL_STORE) && ((a) != CM_PRI_CREDENTIAL_STORE) && ((a) != CM_SYS_CREDENTIAL_STORE))
84
85 enum CmKeyDigest {
86 CM_DIGEST_NONE = 0,
87 CM_DIGEST_MD5 = 1,
88 CM_DIGEST_SHA1 = 10,
89 CM_DIGEST_SHA224 = 11,
90 CM_DIGEST_SHA256 = 12,
91 CM_DIGEST_SHA384 = 13,
92 CM_DIGEST_SHA512 = 14,
93 };
94
95 enum CmKeyPurpose {
96 CM_KEY_PURPOSE_ENCRYPT = 1, /* Usable with RSA, EC, AES, and SM4 keys. */
97 CM_KEY_PURPOSE_DECRYPT = 2, /* Usable with RSA, EC, AES, and SM4 keys. */
98 CM_KEY_PURPOSE_SIGN = 4, /* Usable with RSA, EC keys. */
99 CM_KEY_PURPOSE_VERIFY = 8, /* Usable with RSA, EC keys. */
100 CM_KEY_PURPOSE_DERIVE = 16, /* Usable with EC keys. */
101 CM_KEY_PURPOSE_WRAP = 32, /* Usable with wrap key. */
102 CM_KEY_PURPOSE_UNWRAP = 64, /* Usable with unwrap key. */
103 CM_KEY_PURPOSE_MAC = 128, /* Usable with mac. */
104 CM_KEY_PURPOSE_AGREE = 256, /* Usable with agree. */
105 };
106
107 enum CmKeyPadding {
108 CM_PADDING_NONE = 0,
109 CM_PADDING_OAEP = 1,
110 CM_PADDING_PSS = 2,
111 CM_PADDING_PKCS1_V1_5 = 3,
112 CM_PADDING_PKCS5 = 4,
113 CM_PADDING_PKCS7 = 5,
114 };
115
116 enum CmErrorCode {
117 CM_SUCCESS = 0,
118 CM_FAILURE = -1,
119
120 CMR_ERROR_NOT_PERMITTED = -2,
121 CMR_ERROR_NOT_SUPPORTED = -3,
122 CMR_ERROR_STORAGE = -4,
123 CMR_ERROR_NOT_FOUND = -5,
124 CMR_ERROR_NULL_POINTER = -6,
125 CMR_ERROR_INVALID_ARGUMENT = -7,
126 CMR_ERROR_MAKE_DIR_FAIL = -8,
127 CMR_ERROR_INVALID_OPERATION = -9,
128 CMR_ERROR_OPEN_FILE_FAIL = -10,
129 CMR_ERROR_READ_FILE_ERROR = -11,
130 CMR_ERROR_WRITE_FILE_FAIL = -12,
131 CMR_ERROR_REMOVE_FILE_FAIL = -13,
132 CMR_ERROR_CLOSE_FILE_FAIL = -14,
133 CMR_ERROR_MALLOC_FAIL = -15,
134 CMR_ERROR_NOT_EXIST = -16,
135 CMR_ERROR_ALREADY_EXISTS = -17,
136 CMR_ERROR_INSUFFICIENT_DATA = -18,
137 CMR_ERROR_BUFFER_TOO_SMALL = -19,
138 CMR_ERROR_INVALID_CERT_FORMAT = -20,
139 CMR_ERROR_PARAM_NOT_EXIST = -21,
140 CMR_ERROR_SESSION_REACHED_LIMIT = -22,
141 CMR_ERROR_PERMISSION_DENIED = -23,
142 CMR_ERROR_AUTH_CHECK_FAILED = -24,
143 CMR_ERROR_KEY_OPERATION_FAILED = -25,
144 CMR_ERROR_NOT_SYSTEMP_APP = -26,
145 CMR_ERROR_MAX_CERT_COUNT_REACHED = -27,
146 CMR_ERROR_ALIAS_LENGTH_REACHED_LIMIT = -28,
147 CMR_ERROR_GET_ADVSECMODE_PARAM_FAIL = -29,
148 CMR_ERROR_DEVICE_ENTER_ADVSECMODE = -30,
149 CMR_ERROR_CREATE_RDB_TABLE_FAIL = -31,
150 CMR_ERROR_INSERT_RDB_DATA_FAIL = -32,
151 CMR_ERROR_UPDATE_RDB_DATA_FAIL = -33,
152 CMR_ERROR_DELETE_RDB_DATA_FAIL = -34,
153 CMR_ERROR_QUERY_RDB_DATA_FAIL = -35,
154 CMR_ERROR_PASSWORD_IS_ERR = -36,
155 };
156
157 enum CMDialogErrorCode {
158 CMR_DIALOG_OK = 0,
159 CMR_DIALOG_ERROR = -1,
160 CMR_DIALOG_ERROR_INVALID_ARGUMENT = -2,
161 CMR_DIALOG_ERROR_INTERNAL = -3,
162 CMR_DIALOG_ERROR_PERMISSION_DENIED = 1011,
163 };
164
165 enum CMErrorCode { /* temp use */
166 CMR_OK = 0,
167 CMR_ERROR = -1,
168 };
169
170 enum CmTagType {
171 CM_TAG_TYPE_INVALID = 0 << 28,
172 CM_TAG_TYPE_INT = 1 << 28,
173 CM_TAG_TYPE_UINT = 2 << 28,
174 CM_TAG_TYPE_ULONG = 3 << 28,
175 CM_TAG_TYPE_BOOL = 4 << 28,
176 CM_TAG_TYPE_BYTES = 5 << 28,
177 };
178
179 enum CmTag {
180 /* Inner-use TAGS used for ipc serialization */
181 CM_TAG_PARAM0_BUFFER = CM_TAG_TYPE_BYTES | 30001,
182 CM_TAG_PARAM1_BUFFER = CM_TAG_TYPE_BYTES | 30002,
183 CM_TAG_PARAM2_BUFFER = CM_TAG_TYPE_BYTES | 30003,
184 CM_TAG_PARAM3_BUFFER = CM_TAG_TYPE_BYTES | 30004,
185 CM_TAG_PARAM4_BUFFER = CM_TAG_TYPE_BYTES | 30005,
186 CM_TAG_PARAM0_UINT32 = CM_TAG_TYPE_UINT | 30006,
187 CM_TAG_PARAM1_UINT32 = CM_TAG_TYPE_UINT | 30007,
188 CM_TAG_PARAM2_UINT32 = CM_TAG_TYPE_UINT | 30008,
189 CM_TAG_PARAM3_UINT32 = CM_TAG_TYPE_UINT | 30009,
190 CM_TAG_PARAM4_UINT32 = CM_TAG_TYPE_UINT | 30010,
191 CM_TAG_PARAM0_BOOL = CM_TAG_TYPE_BOOL | 30011,
192 CM_TAG_PARAM1_BOOL = CM_TAG_TYPE_BOOL | 30012,
193 CM_TAG_PARAM2_BOOL = CM_TAG_TYPE_BOOL | 30013,
194 CM_TAG_PARAM3_BOOL = CM_TAG_TYPE_BOOL | 30014,
195 CM_TAG_PARAM4_BOOL = CM_TAG_TYPE_BOOL | 30015,
196 CM_TAG_PARAM0_NULL = CM_TAG_TYPE_BYTES | 30016,
197 CM_TAG_PARAM1_NULL = CM_TAG_TYPE_BYTES | 30017,
198 CM_TAG_PARAM2_NULL = CM_TAG_TYPE_BYTES | 30018,
199 CM_TAG_PARAM3_NULL = CM_TAG_TYPE_BYTES | 30019,
200 CM_TAG_PARAM4_NULL = CM_TAG_TYPE_BYTES | 30020,
201 };
202
203 #define CM_PARAM_BUFFER_NULL_INTERVAL ((CM_TAG_PARAM0_NULL) - (CM_TAG_PARAM0_BUFFER))
204
205 enum CmSendType {
206 CM_SEND_TYPE_ASYNC = 0,
207 CM_SEND_TYPE_SYNC,
208 };
209
210 struct CmMutableBlob {
211 uint32_t size;
212 uint8_t *data;
213 };
214
215 struct CmContext {
216 uint32_t userId;
217 uint32_t uid;
218 char packageName[MAX_LEN_PACKGE_NAME];
219 };
220
221 struct CmBlob {
222 uint32_t size;
223 uint8_t *data;
224 };
225
226 struct CertBlob {
227 struct CmBlob uri[MAX_COUNT_CERTIFICATE];
228 struct CmBlob certAlias[MAX_COUNT_CERTIFICATE];
229 struct CmBlob subjectName[MAX_COUNT_CERTIFICATE];
230 };
231
232 struct CmAppCertInfo {
233 struct CmBlob appCert;
234 struct CmBlob appCertPwd;
235 };
236
237 struct CertListAbtInfo {
238 uint32_t uriSize;
239 char uri[MAX_LEN_URI];
240 uint32_t aliasSize;
241 char certAlias[MAX_LEN_CERT_ALIAS];
242 uint32_t status;
243 uint32_t subjectNameSize;
244 char subjectName[MAX_LEN_SUBJECT_NAME];
245 };
246
247 struct CertAbstract {
248 char uri[MAX_LEN_URI];
249 char certAlias[MAX_LEN_CERT_ALIAS];
250 bool status;
251 char subjectName[MAX_LEN_SUBJECT_NAME];
252 };
253
254 struct CertList {
255 uint32_t certsCount;
256 struct CertAbstract *certAbstract;
257 };
258
259 struct CertAbtInfo {
260 uint32_t aliasSize;
261 char certAlias[MAX_LEN_CERT_ALIAS];
262 uint32_t status;
263 uint32_t certsize;
264 uint8_t certData[MAX_LEN_CERTIFICATE];
265 };
266
267 struct CertInfo {
268 char uri[MAX_LEN_URI];
269 char certAlias[MAX_LEN_CERT_ALIAS];
270 bool status;
271 char issuerName[MAX_LEN_ISSUER_NAME];
272 char subjectName[MAX_LEN_SUBJECT_NAME];
273 char serial[MAX_LEN_SERIAL];
274 char notBefore[MAX_LEN_NOT_BEFORE];
275 char notAfter[MAX_LEN_NOT_AFTER];
276 char fingerprintSha256[MAX_LEN_FINGER_PRINT_SHA256];
277 struct CmBlob certInfo;
278 };
279
280 struct CertFile {
281 const struct CmBlob *fileName;
282 const struct CmBlob *path;
283 };
284
285 struct CertFileInfo {
286 struct CmBlob fileName;
287 struct CmBlob path;
288 };
289
290 struct CMApp {
291 uint32_t userId;
292 uint32_t uid;
293 const char *packageName;
294 struct CmBlob *appId; // for attestation
295 };
296
297 struct Credential {
298 uint32_t isExist;
299 char type[MAX_LEN_SUBJECT_NAME];
300 char alias[MAX_LEN_CERT_ALIAS];
301 char keyUri[MAX_LEN_URI];
302 uint32_t certNum;
303 uint32_t keyNum;
304 struct CmBlob credData;
305 };
306
307 struct CredentialAbstract {
308 char type[MAX_LEN_SUBJECT_NAME];
309 char alias[MAX_LEN_CERT_ALIAS];
310 char keyUri[MAX_LEN_URI];
311 };
312
313 struct CredentialList {
314 uint32_t credentialCount;
315 struct CredentialAbstract *credentialAbstract;
316 };
317
318 struct AppCert {
319 uint32_t certCount;
320 uint32_t keyCount;
321 uint32_t certSize;
322 uint8_t appCertdata[MAX_LEN_CERTIFICATE_CHAIN];
323 };
324
325 struct CmParam {
326 uint32_t tag;
327 union {
328 bool boolParam;
329 int32_t int32Param;
330 uint32_t uint32Param;
331 uint64_t uint64Param;
332 struct CmBlob blob;
333 };
334 };
335
336 struct CmParamOut {
337 uint32_t tag;
338 union {
339 bool *boolParam;
340 int32_t *int32Param;
341 uint32_t *uint32Param;
342 uint64_t *uint64Param;
343 struct CmBlob *blob;
344 };
345 };
346
347 struct CmParamSet {
348 uint32_t paramSetSize;
349 uint32_t paramsCnt;
350 struct CmParam params[];
351 };
352
353 struct CmAppUidList {
354 uint32_t appUidCount;
355 uint32_t *appUid;
356 };
357
358 struct CmSignatureSpec {
359 uint32_t purpose;
360 uint32_t padding;
361 uint32_t digest;
362 };
363
364 struct CmAppCertParam {
365 struct CmBlob *appCert;
366 struct CmBlob *appCertPwd;
367 struct CmBlob *certAlias;
368 uint32_t store;
369 uint32_t userId;
370 };
371
372 struct CertName {
373 struct CmBlob *displayName;
374 struct CmBlob *objectName;
375 struct CmBlob *subjectName;
376 };
377
CmIsAdditionOverflow(uint32_t a,uint32_t b)378 static inline bool CmIsAdditionOverflow(uint32_t a, uint32_t b)
379 {
380 return (UINT32_MAX - a) < b;
381 }
382
CmIsInvalidLength(uint32_t length)383 static inline bool CmIsInvalidLength(uint32_t length)
384 {
385 return (length == 0) || (length > MAX_OUT_BLOB_SIZE);
386 }
387
CmCheckBlob(const struct CmBlob * blob)388 static inline int32_t CmCheckBlob(const struct CmBlob *blob)
389 {
390 if ((blob == NULL) || (blob->data == NULL) || (blob->size == 0)) {
391 return CMR_ERROR_INVALID_ARGUMENT;
392 }
393 return CM_SUCCESS;
394 }
395
396 #ifdef __cplusplus
397 }
398 #endif
399
400 #endif /* CM_TYPE_H */
401