From d43cd53238c51398d2feacd1706bd5ddd208b1fe Mon Sep 17 00:00:00 2001 From: heppen Date: Mon, 28 Aug 2023 16:18:09 +0800 Subject: [PATCH] add huks component --- 0002-add-huks-component.patch | 2517 +++++++++++++++++++++++++++++++++ 1 file changed, 2517 insertions(+) create mode 100644 0002-add-huks-component.patch diff --git a/0002-add-huks-component.patch b/0002-add-huks-component.patch new file mode 100644 index 0000000..4301afd --- /dev/null +++ b/0002-add-huks-component.patch @@ -0,0 +1,2517 @@ +From 9a6bac08ef537d7c07a09ed083b92677e37af193 Mon Sep 17 00:00:00 2001 +From: wang--ge +Date: Tue, 18 Jul 2023 17:19:47 +0800 +Subject: [PATCH] add huks component + +--- + huks/BUILD.gn | 0 + huks/bundle.json | 77 ++++++ + .../huks_standard/main/common/BUILD.gn | 13 + + .../main/common/include/hks_ability.h | 123 +++++++++ + .../main/common/include/hks_base_check.h | 118 ++++++++ + .../main/common/include/hks_cfi.h | 30 +++ + .../main/common/include/hks_check_paramset.h | 62 +++++ + .../main/common/include/hks_cmd_id.h | 78 ++++++ + .../main/common/include/hks_common_check.h | 69 +++++ + .../main/common/include/hks_config.h | 228 ++++++++++++++++ + .../main/common/include/hks_config_base.h | 177 ++++++++++++ + .../main/common/include/hks_config_lite.h | 111 ++++++++ + .../main/common/include/hks_config_small.h | 136 ++++++++++ + .../main/common/include/hks_crypto_adapter.h | 58 ++++ + .../main/common/include/hks_crypto_hal.h | 255 ++++++++++++++++++ + .../main/common/include/hks_errcode_adapter.h | 51 ++++ + .../main/common/include/hks_log.h | 64 +++++ + .../main/common/include/hks_mem.h | 62 +++++ + .../main/common/include/hks_template.h | 75 ++++++ + .../main/common/include/hks_type_inner.h | 94 +++++++ + .../huks_standard/main/os_dependency/BUILD.gn | 10 + + .../ipc/include/hks_client_ipc.h | 90 +++++++ + .../os_dependency/ipc/include/hks_ipc_check.h | 55 ++++ + .../ipc/include/hks_ipc_serialization.h | 76 ++++++ + .../os_dependency/ipc/include/hks_ipc_slice.h | 34 +++ + .../os_dependency/ipc/include/hks_request.h | 69 +++++ + .../ipc/include/hks_samgr_client.h | 32 +++ + .../innerkits/huks_standard/main/BUILD.gn | 23 ++ + .../innerkits/huks_standard/main/include | 1 + + 29 files changed, 2271 insertions(+) + create mode 100644 huks/BUILD.gn + create mode 100644 huks/bundle.json + create mode 100644 huks/frameworks/huks_standard/main/common/BUILD.gn + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_ability.h + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_base_check.h + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_cfi.h + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_check_paramset.h + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_cmd_id.h + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_common_check.h + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_config.h + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_config_base.h + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_config_lite.h + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_config_small.h + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_crypto_adapter.h + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_crypto_hal.h + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_errcode_adapter.h + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_log.h + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_mem.h + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_template.h + create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_type_inner.h + create mode 100644 huks/frameworks/huks_standard/main/os_dependency/BUILD.gn + create mode 100644 huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_client_ipc.h + create mode 100644 huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_check.h + create mode 100644 huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_serialization.h + create mode 100644 huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_slice.h + create mode 100644 huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_request.h + create mode 100644 huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_samgr_client.h + create mode 100644 huks/interfaces/innerkits/huks_standard/main/BUILD.gn + create mode 120000 huks/interfaces/innerkits/huks_standard/main/include + +diff --git a/huks/BUILD.gn b/huks/BUILD.gn +new file mode 100644 +index 0000000..e69de29 +diff --git a/huks/bundle.json b/huks/bundle.json +new file mode 100644 +index 0000000..be04db1 +--- /dev/null ++++ b/huks/bundle.json +@@ -0,0 +1,77 @@ ++{ ++ "name": "@ohos/huks", ++ "description": "The provider of key and certificate manangement capbility, which belongs to security subsystem", ++ "version": "3.1", ++ "license": "Apache License 2.0", ++ "publishAs": "code-segment", ++ "segment": { ++ "destPath": "base/security/huks" ++ }, ++ "dirs":{}, ++ "scripts": { ++ "install": "DEST_PATH=${DEP_BUNDLE_BASE}/base/security/huks && mkdir -p $DEST_PATH && cp -r ./* $DEST_PATH" ++ }, ++ "author": {}, ++ "repository": "", ++ "component": { ++ "name": "huks", ++ "subsystem": "security", ++ "syscap": [ ++ "SystemCapability.Security.Huks", ++ "SystemCapability.Security.Cipher" ++ ], ++ "features": [], ++ "adapted_system_type": [ ++ "standard", ++ "small", ++ "mini" ++ ], ++ "rom": "5000KB", ++ "ram": "500kB", ++ "deps": { ++ "components": [ ++ "ability_base", ++ "access_token", ++ "bundle_framework", ++ "common", ++ "common_event_service", ++ "hisysevent_native", ++ "hitrace_native", ++ "hiviewdfx_hilog_native", ++ "ipc", ++ "napi", ++ "os_account", ++ "safwk", ++ "samgr", ++ "thirdparty_bounds_checking_function", ++ "c_utils" ++ ], ++ "third_party": [ ++ "openssl", ++ "bounds_checking_function" ++ ] ++ }, ++ "build": { ++ "group_type": { ++ "base_group": [], ++ "fwk_group": [ ++ ++ ], ++ "service_group": [ ++ ++ ] ++ }, ++ "inner_kits": [ ++ { ++ "name": "//base/security/huks/interfaces/innerkits/huks_standard/main:libhukssdk", ++ "header": { ++ "header_files": [ ++ "hks_api.h" ++ ], ++ "header_base": "//base/security/huks/interfaces/innerkits/huks_standard/main/include" ++ } ++ } ++ ] ++ } ++ } ++ } +diff --git a/huks/frameworks/huks_standard/main/common/BUILD.gn b/huks/frameworks/huks_standard/main/common/BUILD.gn +new file mode 100644 +index 0000000..4927ee3 +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/BUILD.gn +@@ -0,0 +1,13 @@ ++import("//build/ohos.gni") ++ ++config("huks_config") { ++ include_dirs = [ ++ "include", ++ "//base/security/huks/interfaces/innerkits/huks_standard/main/include", ++ ] ++ libs = ("huks_common_standard_static") ++} ++ ++group("libhuks_common_standard_static") { ++ public_configs = [ ":huks_config" ] ++} +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_ability.h b/huks/frameworks/huks_standard/main/common/include/hks_ability.h +new file mode 100644 +index 0000000..56525e9 +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_ability.h +@@ -0,0 +1,123 @@ ++/* ++ * Copyright (c) 2022 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_ABILITY_H ++#define HKS_ABILITY_H ++ ++#include ++ ++enum HksAbilityType { ++ HKS_ABILITY_CRYPTO = 1, ++ HKS_ABILITY_AUTH, ++}; ++ ++enum HksOperationType { ++ HKS_OPERATION_GENERATE_KEY = 0x1, /* generate key */ ++ HKS_OPERATION_GET_PUBLIC_KEY = 0x2, /* get public key */ ++ HKS_OPERATION_DERIVE_KEY = 0x3, /* derive key */ ++ HKS_OPERATION_AGREE_KEY = 0x4, /* agree key */ ++ HKS_OPERATION_SIGN = 0x5, /* sign */ ++ HKS_OPERATION_VERIFY = 0x6, /* verify */ ++ HKS_OPERATION_HMAC_INIT = 0x7, /* hmac init */ ++ HKS_OPERATION_HMAC_UPDATE = 0x8, /* hmac update */ ++ HKS_OPERATION_HMAC_FINAL = 0x9, /* hmac final */ ++ HKS_OPERATION_HASH_INIT = 0xa, /* hash init */ ++ HKS_OPERATION_HASH_UPDATE = 0xb, /* hash update */ ++ HKS_OPERATION_HASH_FINAL = 0xc, /* hash final */ ++ HKS_OPERATION_ENCRYPT_INIT = 0xd, /* encrypt init */ ++ HKS_OPERATION_ENCRYPT_UPDATE = 0xe, /* encrypt update */ ++ HKS_OPERATION_ENCRYPT_FINAL = 0xf, /* encrypt final */ ++ HKS_OPERATION_DECRYPT_INIT = 0x10, /* decrypt init */ ++ HKS_OPERATION_DECRYPT_UPDATE = 0x11, /* decrypt update */ ++ HKS_OPERATION_DECRYPT_FINAL = 0x12, /* decrypt final */ ++ HKS_OPERATION_GET_MAIN_KEY = 0x13, /* get root main key */ ++ HKS_OPERATION_FILL_RANDOM = 0x14, /* fill random */ ++ HKS_OPERATION_HMAC = 0x15, ++ HKS_OPERATION_HASH = 0x16, ++ HKS_OPERATION_ENCRYPT = 0x17, ++ HKS_OPERATION_DECRYPT = 0x18, ++ HKS_OPERATION_BN_EXP_MOD = 0x19, ++ HKS_OPERATION_HASH_FREE_CTX = 0x1a, /* hash free ctx */ ++ HKS_OPERATION_HMAC_FREE_CTX = 0x1b, /* hmac free ctx */ ++ HKS_OPERATION_ENCRYPT_FREE_CTX = 0x1c, /* encrypt free ctx */ ++ HKS_OPERATION_DECRYPT_FREE_CTX = 0x1d, /* decrypt free ctx */ ++ HKS_OPERATION_FILL_PRI_RANDOM = 0x1e, /* fill private random */ ++}; ++ ++struct HksAbility { ++ uint32_t id; ++ void *func; ++}; ++ ++#define HKS_ABILITY_MAX_SIZE 128 ++ ++#define HKS_ABILITY_SHIFT 24 ++#define HKS_CRYPTO_OPERATION_SHIFT 16 ++ ++#define HKS_CRYPTO_ABILITY(type, alg) \ ++ ((HKS_ABILITY_CRYPTO << HKS_ABILITY_SHIFT) | ((type) << HKS_CRYPTO_OPERATION_SHIFT) | (alg)) ++ ++#define HKS_CRYPTO_ABILITY_GENERATE_KEY(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_GENERATE_KEY, alg) ++#define HKS_CRYPTO_ABILITY_GET_PUBLIC_KEY(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_GET_PUBLIC_KEY, alg) ++#define HKS_CRYPTO_ABILITY_DERIVE_KEY(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_DERIVE_KEY, alg) ++#define HKS_CRYPTO_ABILITY_AGREE_KEY(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_AGREE_KEY, alg) ++#define HKS_CRYPTO_ABILITY_SIGN(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_SIGN, alg) ++#define HKS_CRYPTO_ABILITY_VERIFY(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_VERIFY, alg) ++ ++#define HKS_CRYPTO_ABILITY_HMAC HKS_CRYPTO_ABILITY(HKS_OPERATION_HMAC, 0) ++#define HKS_CRYPTO_ABILITY_HMAC_INIT HKS_CRYPTO_ABILITY(HKS_OPERATION_HMAC_INIT, 0) ++#define HKS_CRYPTO_ABILITY_HMAC_UPDATE HKS_CRYPTO_ABILITY(HKS_OPERATION_HMAC_UPDATE, 0) ++#define HKS_CRYPTO_ABILITY_HMAC_FINAL HKS_CRYPTO_ABILITY(HKS_OPERATION_HMAC_FINAL, 0) ++#define HKS_CRYPTO_ABILITY_HMAC_FREE_CTX HKS_CRYPTO_ABILITY(HKS_OPERATION_HMAC_FREE_CTX, 0) ++ ++#define HKS_CRYPTO_ABILITY_HASH HKS_CRYPTO_ABILITY(HKS_OPERATION_HASH, 0) ++#define HKS_CRYPTO_ABILITY_HASH_INIT HKS_CRYPTO_ABILITY(HKS_OPERATION_HASH_INIT, 0) ++#define HKS_CRYPTO_ABILITY_HASH_UPDATE HKS_CRYPTO_ABILITY(HKS_OPERATION_HASH_UPDATE, 0) ++#define HKS_CRYPTO_ABILITY_HASH_FINAL HKS_CRYPTO_ABILITY(HKS_OPERATION_HASH_FINAL, 0) ++#define HKS_CRYPTO_ABILITY_HASH_FREE_CTX HKS_CRYPTO_ABILITY(HKS_OPERATION_HASH_FREE_CTX, 0) ++ ++#define HKS_CRYPTO_ABILITY_ENCRYPT(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_ENCRYPT, alg) ++#define HKS_CRYPTO_ABILITY_ENCRYPT_INIT(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_ENCRYPT_INIT, alg) ++#define HKS_CRYPTO_ABILITY_ENCRYPT_UPDATE(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_ENCRYPT_UPDATE, alg) ++#define HKS_CRYPTO_ABILITY_ENCRYPT_FINAL(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_ENCRYPT_FINAL, alg) ++#define HKS_CRYPTO_ABILITY_ENCRYPT_FREE_CTX(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_ENCRYPT_FREE_CTX, alg) ++ ++#define HKS_CRYPTO_ABILITY_DECRYPT(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_DECRYPT, alg) ++#define HKS_CRYPTO_ABILITY_DECRYPT_INIT(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_DECRYPT_INIT, alg) ++#define HKS_CRYPTO_ABILITY_DECRYPT_UPDATE(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_DECRYPT_UPDATE, alg) ++#define HKS_CRYPTO_ABILITY_DECRYPT_FINAL(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_DECRYPT_FINAL, alg) ++#define HKS_CRYPTO_ABILITY_DECRYPT_FREE_CTX(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_DECRYPT_FREE_CTX, alg) ++ ++#define HKS_CRYPTO_ABILITY_GET_MAIN_KEY HKS_CRYPTO_ABILITY(HKS_OPERATION_GET_MAIN_KEY, 0) ++ ++#define HKS_CRYPTO_ABILITY_FILL_RANDOM HKS_CRYPTO_ABILITY(HKS_OPERATION_FILL_RANDOM, 0) ++#define HKS_CRYPTO_ABILITY_BN_EXP_MOD HKS_CRYPTO_ABILITY(HKS_OPERATION_BN_EXP_MOD, 0) ++#define HKS_CRYPTO_ABILITY_FILL_PRI_RANDOM HKS_CRYPTO_ABILITY(HKS_OPERATION_FILL_PRI_RANDOM, 0) ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++int32_t RegisterAbility(uint32_t id, void *func); ++ ++void *GetAbility(uint32_t id); ++ ++int32_t HksCryptoAbilityInit(void); ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* HKS_ABILITY_H */ +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_base_check.h b/huks/frameworks/huks_standard/main/common/include/hks_base_check.h +new file mode 100644 +index 0000000..3640dcb +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_base_check.h +@@ -0,0 +1,118 @@ ++/* ++ * Copyright (c) 2021 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_BASE_CHECK_H ++#define HKS_BASE_CHECK_H ++ ++#include "hks_param.h" ++#include "hks_type_inner.h" ++ ++enum CheckKeyType { ++ HKS_CHECK_TYPE_GEN_KEY, ++ HKS_CHECK_TYPE_USE_KEY, ++ HKS_CHECK_TYPE_GEN_MAC_KEY, ++ HKS_CHECK_TYPE_GEN_DERIVE_KEY, ++}; ++ ++struct Params { ++ bool needCheck; ++ uint32_t value; ++ bool isAbsent; ++}; ++ ++struct ParamsValues { ++ struct Params keyLen; ++ struct Params padding; ++ struct Params purpose; ++ struct Params digest; ++ struct Params mode; ++}; ++ ++struct ParamsValuesChecker { ++ enum CheckKeyType checkType; ++ struct ParamsValues paramValues; ++}; ++ ++struct ExpectParams { ++ bool needCheck; ++ const uint32_t *values; ++ uint32_t valueCnt; ++}; ++ ++struct ExpectParamsValues { ++ const struct ExpectParams keyLen; ++ const struct ExpectParams padding; ++ const struct ExpectParams purpose; ++ const struct ExpectParams digest; ++ const struct ExpectParams mode; ++}; ++#define EXPECT_PARAMS_VALUES_INIT {{0}, {0}, {0}, {0}, {0}} ++ ++struct ExpectParamsValuesChecker { ++ enum CheckKeyType checkType; ++ const struct ExpectParamsValues paramValues; ++}; ++ ++struct AuthAccessTypeChecker { ++ enum HksUserAuthType userAuthType; ++ const struct ExpectParams allowAuthAccessTypes; ++}; ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++int32_t HksCheckValue(uint32_t inputValue, const uint32_t *expectValues, uint32_t valuesCount); ++ ++int32_t HksGetKeySize(uint32_t alg, const struct HksBlob *key, uint32_t *keySize); ++ ++int32_t HksCheckGenKeyPurpose(uint32_t alg, uint32_t inputPurpose); ++ ++int32_t HksGetInputParmasByAlg(uint32_t alg, enum CheckKeyType checkType, const struct HksParamSet *paramSet, ++ struct ParamsValues *inputParams); ++ ++int32_t HksCheckFixedParams(uint32_t alg, enum CheckKeyType checkType, const struct ParamsValues *inputParams); ++ ++int32_t HksCheckGenKeyMutableParams(uint32_t alg, const struct ParamsValues *inputParams); ++ ++int32_t CheckImportMutableParams(uint32_t alg, const struct ParamsValues *params); ++ ++int32_t HksCheckSignature(uint32_t cmdId, uint32_t alg, uint32_t keySize, const struct HksBlob *signature); ++ ++int32_t HksCheckSignVerifyMutableParams(uint32_t cmdId, uint32_t alg, const struct ParamsValues *inputParams); ++ ++int32_t HksCheckCipherMutableParams(uint32_t cmdId, uint32_t alg, const struct ParamsValues *inputParams); ++ ++int32_t HksCheckCihperData(uint32_t cmdId, uint32_t alg, const struct ParamsValues *inputParams, ++ const struct HksBlob *inData, const struct HksBlob *outData); ++ ++int32_t HksCheckCipherMaterialParams(uint32_t alg, const struct ParamsValues *inputParams, ++ const struct HksParamSet *paramSet); ++ ++int32_t HksCheckUserAuthParams(uint32_t userAuthType, uint32_t authAccessType, uint32_t challengeType); ++ ++int32_t HksCheckSecureSignParams(uint32_t secureSignType); ++ ++int32_t GetInputParams(const struct HksParamSet *paramSet, struct ParamsValues *inputParams); ++ ++int32_t HksCheckOptionalParam(uint32_t tag, uint32_t alg, uint32_t purpose, bool isAbsent, struct HksParam *param); ++ ++int32_t HksCheckNeedCache(uint32_t alg, uint32_t digest); ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* HKS_BASE_CHECK_H */ ++ +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_cfi.h b/huks/frameworks/huks_standard/main/common/include/hks_cfi.h +new file mode 100644 +index 0000000..855b66f +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_cfi.h +@@ -0,0 +1,30 @@ ++/* ++ * Copyright (c) 2022 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_CFI_H ++#define HKS_CFI_H ++ ++#ifdef HKS_CONFIG_FILE ++#include HKS_CONFIG_FILE ++#else ++#include "hks_config.h" ++#endif ++ ++#ifdef HKS_SUPPORT_CFI ++#define ENABLE_CFI(function) __attribute__((no_sanitize("cfi"))) function ++#else ++#define ENABLE_CFI(function) function ++#endif ++#endif // HKS_CFI_H +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_check_paramset.h b/huks/frameworks/huks_standard/main/common/include/hks_check_paramset.h +new file mode 100644 +index 0000000..4aa31e5 +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_check_paramset.h +@@ -0,0 +1,62 @@ ++/* ++ * Copyright (c) 2021 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_CHECK_PARAMSET_H ++#define HKS_CHECK_PARAMSET_H ++ ++#include ++#include ++ ++#include "hks_type_inner.h" ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++int32_t HksCoreCheckGenKeyParams(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet, ++ const struct HksBlob *keyIn, const struct HksBlob *keyOut); ++ ++int32_t HksCoreCheckImportKeyParams(const struct HksBlob *keyAlias, const struct HksBlob *key, ++ const struct HksParamSet *paramSet, const struct HksBlob *keyOut); ++ ++int32_t HksCoreCheckImportWrappedKeyParams(const struct HksBlob *key, const struct HksBlob *wrappedKeyData, ++ const struct HksParamSet *paramSet, struct HksBlob *keyOut, uint32_t *outUnwrapSuite); ++ ++int32_t HksCoreCheckSignVerifyParams(uint32_t cmdId, const struct HksBlob *key, const struct HksParamSet *paramSet, ++ const struct HksBlob *srcData, const struct HksBlob *signature); ++ ++int32_t HksCoreCheckCipherParams(uint32_t cmdId, const struct HksBlob *key, const struct HksParamSet *paramSet, ++ const struct HksBlob *inData, const struct HksBlob *outData); ++ ++int32_t HksCoreCheckAgreeKeyParams(const struct HksParamSet *paramSet, const struct HksBlob *privateKey, ++ const struct HksBlob *peerPublicKey, const struct HksBlob *agreedKey, bool isLocalCheck); ++ ++int32_t HksLocalCheckSignVerifyParams(uint32_t cmdId, uint32_t keySize, const struct HksParamSet *paramSet, ++ const struct HksBlob *srcData, const struct HksBlob *signature); ++ ++int32_t HksLocalCheckCipherParams(uint32_t cmdId, uint32_t keySize, const struct HksParamSet *paramSet, ++ const struct HksBlob *inData, const struct HksBlob *outData); ++ ++int32_t HksCoreCheckDeriveKeyParams(const struct HksParamSet *paramSet, const struct HksBlob *mainKey, ++ const struct HksBlob *derivedKey, bool isLocalCheck); ++ ++int32_t HksCoreCheckMacParams(const struct HksBlob *key, const struct HksParamSet *paramSet, ++ const struct HksBlob *srcData, const struct HksBlob *mac, bool isLocalCheck); ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* HKS_CHECK_PARAMSET_H */ +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_cmd_id.h b/huks/frameworks/huks_standard/main/common/include/hks_cmd_id.h +new file mode 100644 +index 0000000..89606c1 +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_cmd_id.h +@@ -0,0 +1,78 @@ ++/* ++ * Copyright (c) 2021 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_CMD_ID_H ++#define HKS_CMD_ID_H ++ ++#include "hks_type_inner.h" ++ ++enum HksCmdId { ++ HKS_CMD_ID_INVALID = 0x0, ++ HKS_CMD_ID_GENERATE_KEY, ++ HKS_CMD_ID_GET_KEY_CHARACTER, ++ HKS_CMD_ID_BEGIN, ++ HKS_CMD_ID_UPDATE, ++ HKS_CMD_ID_FINISH, ++ HKS_CMD_ID_ABORT, ++ HKS_CMD_ID_SET, ++ HKS_CMD_ID_GET, ++ HKS_CMD_ID_ATTEST_KEY, ++ HKS_CMD_ID_EXPORT_KEY, ++ HKS_CMD_ID_DELETE, ++ HKS_CMD_ID_EXPORT_TRUST_CERT, ++ HKS_CMD_ID_ECDH, ++ HKS_CMD_ID_ATTEST_TA_KEY, ++ HKS_CMD_ID_SET_KEY_PROTECTION, ++ HKS_CMD_ID_CONFIGURE, ++ ++ HKS_CMD_ID_IMPORT_KEY = 0x100, ++ HKS_CMD_ID_GET_CERTCHAIN = 0x101, ++ HKS_CMD_ID_SIGN = 0x102, ++ HKS_CMD_ID_SIGN_INIT = 0x103, ++ HKS_CMD_ID_SIGN_UPDATE = 0x104, ++ HKS_CMD_ID_SIGN_FINAL = 0x105, ++ HKS_CMD_ID_VERIFY = 0x106, ++ HKS_CMD_ID_VERIFY_INIT = 0x107, ++ HKS_CMD_ID_VERIFY_UPDATE = 0x108, ++ HKS_CMD_ID_VERIFY_FINAL = 0x109, ++ HKS_CMD_ID_MAC = 0x10A, ++ HKS_CMD_ID_MAC_INIT = 0x10B, ++ HKS_CMD_ID_MAC_UPDATE = 0x10C, ++ HKS_CMD_ID_MAC_FINAL = 0x10D, ++ HKS_CMD_ID_ENCRYPT = 0x10E, ++ HKS_CMD_ID_ENCRYPT_INIT = 0x10F, ++ HKS_CMD_ID_ENCRYPT_UPDATE = 0x110, ++ HKS_CMD_ID_ENCRYPT_FINAL = 0x111, ++ HKS_CMD_ID_DECRYPT = 0x112, ++ HKS_CMD_ID_DECRYPT_INIT = 0x113, ++ HKS_CMD_ID_DECRYPT_UPDATE = 0x114, ++ HKS_CMD_ID_DECRYPT_FINAL = 0x115, ++ HKS_CMD_ID_CHECK_KEY_LEGALITY = 0x116, ++ HKS_CMD_ID_GENERATE_RANDOM = 0x117, ++ HKS_CMD_ID_AGREE_KEY = 0x118, ++ HKS_CMD_ID_DERIVE_KEY = 0x119, ++ ++ HKS_CMD_ID_WRAP = 0x1000, ++ HKS_CMD_ID_UNWRAP = 0x1001, ++ ++ HKS_CMD_ID_SIGN_WITH_DEV_KEY = 0x00010103, ++ ++ HKS_CMD_ID_GET_FP_AUTH_RESULT_QCOM = 0x00020500, ++ ++ HKS_CMD_ID_INJECT_KEY = 0x00010015, ++ HKS_CMD_ID_INJECT_KEY_VERIFY = 0x00010016, ++}; ++ ++#endif +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_common_check.h b/huks/frameworks/huks_standard/main/common/include/hks_common_check.h +new file mode 100644 +index 0000000..db6a986 +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_common_check.h +@@ -0,0 +1,69 @@ ++/* ++ * Copyright (c) 2021-2022 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_COMMON_CHECK_H ++#define HKS_COMMON_CHECK_H ++ ++#include ++#include ++ ++#include "hks_type.h" ++ ++#define HKS_DIGEST_MD5_LEN 16 ++#define HKS_DIGEST_SHA1_LEN 20 ++#define HKS_DIGEST_SHA224_LEN 28 ++#define HKS_DIGEST_SHA256_LEN 32 ++#define HKS_DIGEST_SHA384_LEN 48 ++#define HKS_DIGEST_SHA512_LEN 64 ++#define HKS_DIGEST_SM3_LEN 32 ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++int32_t HksCheckBlob4(const struct HksBlob *data1, const struct HksBlob *data2, ++ const struct HksBlob *data3, const struct HksBlob *data4); ++ ++int32_t HksCheckBlob3(const struct HksBlob *data1, const struct HksBlob *data2, const struct HksBlob *data3); ++ ++int32_t HksCheckBlob2(const struct HksBlob *data1, const struct HksBlob *data2); ++ ++int32_t HksCheckParamSetValidity(const struct HksParamSet *paramSet); ++ ++int32_t HksCheckBlob4AndParamSet(const struct HksBlob *data1, const struct HksBlob *data2, ++ const struct HksBlob *data3, const struct HksBlob *data4, const struct HksParamSet *paramSet); ++ ++int32_t HksCheckBlob3AndParamSet(const struct HksBlob *data1, const struct HksBlob *data2, ++ const struct HksBlob *data3, const struct HksParamSet *paramSet); ++ ++int32_t HksCheckBlob2AndParamSet(const struct HksBlob *data1, const struct HksBlob *data2, ++ const struct HksParamSet *paramSet); ++ ++int32_t HksCheckBlobAndParamSet(const struct HksBlob *data, const struct HksParamSet *paramSet); ++ ++int32_t HksGetDigestLen(uint32_t digest, uint32_t *digestLen); ++ ++int32_t HksCheckAesAeMode(const struct HksParamSet *paramSet, bool *isAes, bool *isAeMode); ++ ++int32_t HksCheckWrappedDataFormatValidity(const struct HksBlob *wrappedData, uint32_t validTotalBlobs, ++ const uint32_t *validBlobLengths); ++ ++int32_t HksGetBlobFromWrappedData(const struct HksBlob *wrappedData, uint32_t blobIndex, uint32_t totalBlobs, ++ struct HksBlob *blob); ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* HKS_COMMON_CHECK_H */ +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_config.h b/huks/frameworks/huks_standard/main/common/include/hks_config.h +new file mode 100644 +index 0000000..188b48f +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_config.h +@@ -0,0 +1,228 @@ ++/* ++ * Copyright (c) 2021-2022 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_CONFIG_H ++#define HKS_CONFIG_H ++ ++#define HKS_SUPPORT_POSIX ++ ++#define HKS_SUPPORT_THREAD ++ ++#define HKS_LOG_ENGINE_LOG_CORE ++#define HKS_ENABLE_LOG_PUBLIC ++ ++#define HKS_SUPPORT_API_ATTEST_KEY ++ ++// #define HKS_SUPPORT_ACCESS_TOKEN ++ ++/* AES */ ++#define HKS_SUPPORT_AES_C ++#define HKS_SUPPORT_AES_GENERATE_KEY ++#define HKS_SUPPORT_AES_CBC_NOPADDING ++#define HKS_SUPPORT_AES_CBC_PKCS7 ++#define HKS_SUPPORT_AES_GCM ++#define HKS_SUPPORT_AES_CTR_NOPADDING ++#define HKS_SUPPORT_AES_ECB_NOPADDING ++#define HKS_SUPPORT_AES_ECB_PKCS7PADDING ++ ++/* BN */ ++#define HKS_SUPPORT_BN_C ++ ++/* ECC */ ++#define HKS_SUPPORT_ECC_C ++#define HKS_SUPPORT_ECC_GENERATE_KEY ++#define HKS_SUPPORT_ECC_GET_PUBLIC_KEY ++ ++#define HKS_SUPPORT_ECDH_C ++#define HKS_SUPPORT_ECDH_AGREE_KEY ++ ++#define HKS_SUPPORT_ECDSA_C ++#define HKS_SUPPORT_ECDSA_SIGN_VERIFY ++ ++/* ED25519 */ ++#define HKS_SUPPORT_ED25519_C ++#define HKS_SUPPORT_ED25519_GENERATE_KEY ++#define HKS_SUPPORT_ED25519_SIGN_VERIFY ++#define HKS_SUPPORT_ED2519_GET_PUBLIC_KEY ++ ++/* HASH */ ++#define HKS_SUPPORT_HASH_C ++#define HKS_SUPPORT_HASH_SHA1 ++#define HKS_SUPPORT_HASH_SHA224 ++#define HKS_SUPPORT_HASH_SHA256 ++#define HKS_SUPPORT_HASH_SHA384 ++#define HKS_SUPPORT_HASH_SHA512 ++#define HKS_SUPPORT_HASH_MD5 ++ ++/* HMAC */ ++#define HKS_SUPPORT_HMAC_C ++#define HKS_SUPPORT_HMAC_GENERATE_KEY ++#define HKS_SUPPORT_HMAC_SHA1 ++#define HKS_SUPPORT_HMAC_SHA224 ++#define HKS_SUPPORT_HMAC_SHA256 ++#define HKS_SUPPORT_HMAC_SHA384 ++#define HKS_SUPPORT_HMAC_SHA512 ++ ++/* KDF */ ++#define HKS_SUPPORT_KDF_C ++#define HKS_SUPPORT_KDF_PBKDF2 ++#define HKS_SUPPORT_KDF_HKDF ++ ++/* RSA */ ++#define HKS_SUPPORT_RSA_C ++#define HKS_SUPPORT_RSA_GENERATE_KEY ++#define HKS_SUPPORT_RSA_CRYPT ++#define HKS_SUPPORT_RSA_SIGN_VERIFY ++#define HKS_SUPPORT_RSA_GET_PUBLIC_KEY ++#define HKS_SUPPORT_RSA_ECB_NOPADDING ++#define HKS_SUPPORT_RSA_ECB_PKCS1PADDING ++#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA1MGF1 ++#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA224MGF1 ++#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA256MGF1 ++#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA384MGF1 ++#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA512MGF1 ++#define HKS_SUPPORT_RSA_ECB_OEAPPADDING ++#define HKS_SUPPORT_RSA_PSS ++ ++/* DH */ ++#define HKS_SUPPORT_DH_C ++#define HKS_SUPPORT_DH_GENERATE_KEY ++#define HKS_SUPPORT_DH_AGREE_KEY ++#define HKS_SUPPORT_DH_GET_PUBLIC_KEY ++ ++/* DSA */ ++#define HKS_SUPPORT_DSA_C ++#define HKS_SUPPORT_DSA_GENERATE_KEY ++#define HKS_SUPPORT_DSA_SIGN_VERIFY ++#define HKS_SUPPORT_DSA_GET_PUBLIC_KEY ++ ++/* X25519 */ ++#define HKS_SUPPORT_X25519_C ++#define HKS_SUPPORT_X25519_GENERATE_KEY ++#define HKS_SUPPORT_X25519_AGREE_KEY ++#define HKS_SUPPORT_X25519_GET_PUBLIC_KEY ++ ++#define HKS_SUPPORT_ED25519_TO_X25519 ++ ++/* SM2 */ ++#ifdef HKS_SUPPORT_ECC_C ++#define HKS_SUPPORT_SM2_C ++#define HKS_SUPPORT_SM2_SIGN_VERIFY ++#ifdef HKS_SUPPORT_ECC_GENERATE_KEY ++#define HKS_SUPPORT_SM2_GENERATE_KEY ++#endif ++#ifdef HKS_SUPPORT_ECC_GET_PUBLIC_KEY ++#define HKS_SUPPORT_SM2_GET_PUBLIC_KEY ++#endif ++#endif ++ ++/* SM3 */ ++#define HKS_SUPPORT_SM3_C ++#define HKS_SUPPORT_SM3_GENERATE_KEY ++#if defined(HKS_SUPPORT_SM3_C) && defined(HKS_SUPPORT_HMAC_C) ++#define HKS_SUPPORT_HMAC_SM3 ++#endif ++#if defined(HKS_SUPPORT_SM3_C) && defined(HKS_SUPPORT_HASH_C) ++#define HKS_SUPPORT_HASH_SM3 ++#endif ++ ++/* SM4 */ ++#define HKS_SUPPORT_SM4_C ++#define HKS_SUPPORT_SM4_GENERATE_KEY ++#define HKS_SUPPORT_SM4_CBC_NOPADDING ++#define HKS_SUPPORT_SM4_CBC_PKCS7 ++#define HKS_SUPPORT_SM4_CTR_NOPADDING ++#define HKS_SUPPORT_SM4_ECB_NOPADDING ++#define HKS_SUPPORT_SM4_ECB_PKCS7 ++ ++/* enable cfi */ ++#define HKS_SUPPORT_CFI ++ ++#if defined(_SUPPORT_HKS_TEE_) && defined(HKS_SUPPORT_HMAC_GENERATE_KEY) ++#define HKS_SUPPORT_GET_AT_KEY ++#endif ++ ++#if defined(HKS_SUPPORT_AES_GENERATE_KEY) || defined(HKS_SUPPORT_DH_GENERATE_KEY) || \ ++ defined(HKS_SUPPORT_DSA_GENERATE_KEY) || defined(HKS_SUPPORT_ECC_GENERATE_KEY) || \ ++ defined(HKS_SUPPORT_ED25519_GENERATE_KEY) || defined(HKS_SUPPORT_HMAC_GENERATE_KEY) || \ ++ defined(HKS_SUPPORT_RSA_GENERATE_KEY) || defined(HKS_SUPPORT_X25519_GENERATE_KEY) || \ ++ defined(HKS_SUPPORT_SM2_GENERATE_KEY) || defined(HKS_SUPPORT_SM3_GENERATE_KEY) || \ ++ defined(HKS_SUPPORT_SM4_GENERATE_KEY) ++#define HKS_SUPPORT_API_GENERATE_KEY ++#define HKS_SUPPORT_API_DELETE_KEY ++#define HKS_SUPPORT_API_GET_KEY_PARAM_SET ++#define HKS_SUPPORT_API_KEY_EXIST ++#endif ++ ++#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || defined(HKS_SUPPORT_ED25519_C) || \ ++ defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_DSA_C) || \ ++ defined(HKS_SUPPORT_DH_C) || defined(HKS_SUPPORT_SM2_C) ++#define HKS_SUPPORT_API_IMPORT ++#endif ++ ++#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || defined(HKS_SUPPORT_ED25519_C) || \ ++ defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_DSA_C) || \ ++ defined(HKS_SUPPORT_DH_C) || defined(HKS_SUPPORT_SM2_C) ++#define HKS_SUPPORT_API_EXPORT ++#endif ++ ++#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || defined(HKS_SUPPORT_ED25519_C) || \ ++ defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_DSA_C) || \ ++ defined(HKS_SUPPORT_DH_C) || defined(HKS_SUPPORT_SM2_C) ++#define HKS_SUPPORT_API_IMPORT_WRAPPED_KEY ++#endif ++ ++#define HKS_SUPPORT_API_GENERATE_RANDOM ++ ++#if defined(HKS_SUPPORT_ECDSA_SIGN_VERIFY) || defined(HKS_SUPPORT_ED25519_SIGN_VERIFY) || \ ++ defined(HKS_SUPPORT_RSA_SIGN_VERIFY) || defined(HKS_SUPPORT_DSA_SIGN_VERIFY) ++#define HKS_SUPPORT_API_SIGN_VERIFY ++#endif ++ ++#if defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_RSA_CRYPT) ++#define HKS_SUPPORT_API_CIPHER ++#endif ++ ++#if defined(HKS_SUPPORT_X25519_AGREE_KEY) || defined(HKS_SUPPORT_ECDH_AGREE_KEY) || defined(HKS_SUPPORT_DH_AGREE_KEY) ++#define HKS_SUPPORT_API_AGREE_KEY ++#endif ++ ++#ifdef HKS_SUPPORT_KDF_C ++#define HKS_SUPPORT_API_DERIVE_KEY ++#endif ++ ++#ifdef HKS_SUPPORT_HMAC_C ++#define HKS_SUPPORT_API_MAC ++#endif ++ ++#ifdef HKS_SUPPORT_HASH_C ++#define HKS_SUPPORT_API_HASH ++#endif ++ ++#ifdef HKS_SUPPORT_BN_C ++#define HKS_SUPPORT_API_BN_EXP_MOD ++#endif ++ ++#ifndef HKS_SUPPORT_LITE_HEAP ++#define HKS_SUPPORT_API_GET_KEY_INFO_LIST ++#endif ++ ++/* Key user auth access control */ ++// #if defined(HKS_SUPPORT_HMAC_C) && defined(HKS_SUPPORT_API_GENERATE_KEY) && (defined(HKS_SUPPORT_API_IMPORT) || \ ++// defined(HKS_SUPPORT_API_GENERATE_KEY) || defined(HKS_SUPPORT_API_IMPORT_WRAPPED_KEY)) ++// #define HKS_SUPPORT_USER_AUTH_ACCESS_CONTROL ++// #endif ++ ++#endif /* HKS_CONFIG_H */ +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_config_base.h b/huks/frameworks/huks_standard/main/common/include/hks_config_base.h +new file mode 100644 +index 0000000..f1c9fb1 +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_config_base.h +@@ -0,0 +1,177 @@ ++/* ++ * Copyright (c) 2021-2022 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_CONFIG_H ++#define HKS_CONFIG_H ++ ++#define HKS_SUPPORT_LITE_HEAP ++#define HKS_SUPPORT_UPGRADE_STORAGE_DATA ++#define HKS_SUPPORT_POSIX ++ ++#define HKS_SUPPORT_SEC_LEVEL ++ ++/* AES */ ++#define HKS_SUPPORT_AES_C ++#define HKS_SUPPORT_AES_GENERATE_KEY ++#define HKS_SUPPORT_AES_CBC_NOPADDING ++#define HKS_SUPPORT_AES_CBC_PKCS7 ++#define HKS_SUPPORT_AES_GCM ++#define HKS_SUPPORT_AES_CCM ++#define HKS_SUPPORT_AES_CTR_NOPADDING ++#define HKS_SUPPORT_AES_ECB_NOPADDING ++#define HKS_SUPPORT_AES_ECB_PKCS7PADDING ++ ++/* BN */ ++#define HKS_SUPPORT_BN_C ++ ++/* ECC */ ++#define HKS_SUPPORT_ECC_C ++#define HKS_SUPPORT_ECC_GENERATE_KEY ++#define HKS_SUPPORT_ECC_GET_PUBLIC_KEY ++ ++#define HKS_SUPPORT_ECDH_C ++#define HKS_SUPPORT_ECDH_AGREE_KEY ++ ++#define HKS_SUPPORT_ECDSA_C ++#define HKS_SUPPORT_ECDSA_SIGN_VERIFY ++ ++/* ED25519 */ ++#define HKS_SUPPORT_ED25519_C ++#define HKS_SUPPORT_ED25519_GENERATE_KEY ++#define HKS_SUPPORT_ED25519_SIGN_VERIFY ++#define HKS_SUPPORT_ED2519_GET_PUBLIC_KEY ++ ++/* HASH */ ++#define HKS_SUPPORT_HASH_C ++#define HKS_SUPPORT_HASH_SHA1 ++#define HKS_SUPPORT_HASH_SHA224 ++#define HKS_SUPPORT_HASH_SHA256 ++#define HKS_SUPPORT_HASH_SHA384 ++#define HKS_SUPPORT_HASH_SHA512 ++#define HKS_SUPPORT_HASH_MD5 ++ ++/* HMAC */ ++#define HKS_SUPPORT_HMAC_C ++#define HKS_SUPPORT_HMAC_GENERATE_KEY ++#define HKS_SUPPORT_HMAC_SHA1 ++#define HKS_SUPPORT_HMAC_SHA224 ++#define HKS_SUPPORT_HMAC_SHA256 ++#define HKS_SUPPORT_HMAC_SHA384 ++#define HKS_SUPPORT_HMAC_SHA512 ++ ++/* KDF */ ++#define HKS_SUPPORT_KDF_C ++#define HKS_SUPPORT_KDF_PBKDF2 ++#define HKS_SUPPORT_KDF_HKDF ++ ++/* RSA */ ++#define HKS_SUPPORT_RSA_C ++#define HKS_SUPPORT_RSA_GENERATE_KEY ++#define HKS_SUPPORT_RSA_CRYPT ++#define HKS_SUPPORT_RSA_SIGN_VERIFY ++#define HKS_SUPPORT_RSA_GET_PUBLIC_KEY ++#define HKS_SUPPORT_RSA_ECB_NOPADDING ++#define HKS_SUPPORT_RSA_ECB_PKCS1PADDING ++#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA1MGF1 ++#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA224MGF1 ++#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA256MGF1 ++#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA384MGF1 ++#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA512MGF1 ++#define HKS_SUPPORT_RSA_ECB_OEAPPADDING ++#define HKS_SUPPORT_RSA_PSS ++ ++/* DH */ ++#define HKS_SUPPORT_DH_C ++#define HKS_SUPPORT_DH_GENERATE_KEY ++#define HKS_SUPPORT_DH_AGREE_KEY ++#define HKS_SUPPORT_DH_GET_PUBLIC_KEY ++ ++/* DSA */ ++#define HKS_SUPPORT_DSA_C ++#define HKS_SUPPORT_DSA_GENERATE_KEY ++#define HKS_SUPPORT_DSA_SIGN_VERIFY ++#define HKS_SUPPORT_DSA_GET_PUBLIC_KEY ++ ++/* X25519 */ ++#define HKS_SUPPORT_X25519_C ++#define HKS_SUPPORT_X25519_GENERATE_KEY ++#define HKS_SUPPORT_X25519_AGREE_KEY ++#define HKS_SUPPORT_X25519_GET_PUBLIC_KEY ++ ++#define HKS_SUPPORT_ED25519_TO_X25519 ++ ++#if defined(HKS_SUPPORT_AES_GENERATE_KEY) || defined(HKS_SUPPORT_DH_GENERATE_KEY) || \ ++ defined(HKS_SUPPORT_DSA_GENERATE_KEY) || defined(HKS_SUPPORT_ECC_GENERATE_KEY) || \ ++ defined(HKS_SUPPORT_ED25519_GENERATE_KEY) || defined(HKS_SUPPORT_HMAC_GENERATE_KEY) || \ ++ defined(HKS_SUPPORT_RSA_GENERATE_KEY) || defined(HKS_SUPPORT_X25519_GENERATE_KEY) ++#define HKS_SUPPORT_API_GENERATE_KEY ++#define HKS_SUPPORT_API_DELETE_KEY ++#define HKS_SUPPORT_API_GET_KEY_PARAM_SET ++#define HKS_SUPPORT_API_KEY_EXIST ++#endif ++ ++#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || defined(HKS_SUPPORT_ED25519_C) || \ ++ defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_DSA_C) || \ ++ defined(HKS_SUPPORT_DH_C) ++#define HKS_SUPPORT_API_IMPORT ++#endif ++ ++#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || defined(HKS_SUPPORT_ED25519_C) || \ ++ defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_DSA_C) || \ ++ defined(HKS_SUPPORT_DH_C) ++#define HKS_SUPPORT_API_EXPORT ++#endif ++ ++#define HKS_SUPPORT_API_GENERATE_RANDOM ++ ++#if defined(HKS_SUPPORT_ECDSA_SIGN_VERIFY) || defined(HKS_SUPPORT_ED25519_SIGN_VERIFY) || \ ++ defined(HKS_SUPPORT_RSA_SIGN_VERIFY) || defined(HKS_SUPPORT_DSA_SIGN_VERIFY) ++#define HKS_SUPPORT_API_SIGN_VERIFY ++#endif ++ ++#if defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_RSA_CRYPT) ++#define HKS_SUPPORT_API_CIPHER ++#endif ++ ++#if defined(HKS_SUPPORT_X25519_AGREE_KEY) || defined(HKS_SUPPORT_ECDH_AGREE_KEY) || defined(HKS_SUPPORT_DH_AGREE_KEY) ++#define HKS_SUPPORT_API_AGREE_KEY ++#endif ++ ++#ifdef HKS_SUPPORT_KDF_C ++#define HKS_SUPPORT_API_DERIVE_KEY ++#endif ++ ++#ifdef HKS_SUPPORT_HMAC_C ++#define HKS_SUPPORT_API_MAC ++#endif ++ ++#ifdef HKS_SUPPORT_HASH_C ++#define HKS_SUPPORT_API_HASH ++#endif ++ ++#ifdef HKS_SUPPORT_BN_C ++#define HKS_SUPPORT_API_BN_EXP_MOD ++#endif ++ ++#ifndef HKS_SUPPORT_LITE_HEAP ++#define HKS_SUPPORT_API_GET_KEY_INFO_LIST ++#endif ++ ++#define HKS_SUPPORT_API_ATTEST_KEY ++#define HKS_SUPPORT_API_GET_CERTIFICATE_CHAIN ++#define HKS_SUPPORT_API_WRAP_KEY ++#define HKS_SUPPORT_API_UNWRAP_KEY ++ ++#endif /* HKS_CONFIG_H */ +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_config_lite.h b/huks/frameworks/huks_standard/main/common/include/hks_config_lite.h +new file mode 100644 +index 0000000..61ff132 +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_config_lite.h +@@ -0,0 +1,111 @@ ++/* ++ * Copyright (c) 2021-2021 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_CONFIG_H ++#define HKS_CONFIG_H ++ ++#define HKS_SUPPORT_POSIX ++ ++#define HKS_LOG_ENGINE_HILOG_MODULE_SCY ++ ++/* AES */ ++#define HKS_SUPPORT_AES_C ++#define HKS_SUPPORT_AES_GENERATE_KEY ++#define HKS_SUPPORT_AES_CBC_NOPADDING ++#define HKS_SUPPORT_AES_CBC_PKCS7 ++#define HKS_SUPPORT_AES_GCM ++ ++/* BN */ ++#define HKS_SUPPORT_BN_C ++ ++/* HASH */ ++#define HKS_SUPPORT_HASH_C ++#define HKS_SUPPORT_HASH_SHA256 ++#define HKS_SUPPORT_HASH_SHA384 ++#define HKS_SUPPORT_HASH_SHA512 ++ ++/* HMAC */ ++#define HKS_SUPPORT_HMAC_C ++#define HKS_SUPPORT_HMAC_SHA256 ++#define HKS_SUPPORT_HMAC_SHA384 ++#define HKS_SUPPORT_HMAC_SHA512 ++ ++/* KDF */ ++#define HKS_SUPPORT_KDF_C ++#define HKS_SUPPORT_KDF_PBKDF2 ++#define HKS_SUPPORT_KDF_HKDF ++ ++/* X25519 */ ++#define HKS_SUPPORT_X25519_C ++#define HKS_SUPPORT_X25519_GENERATE_KEY ++#define HKS_SUPPORT_X25519_AGREE_KEY ++#define HKS_SUPPORT_X25519_GET_PUBLIC_KEY ++ ++#if defined(HKS_SUPPORT_AES_GENERATE_KEY) || defined(HKS_SUPPORT_ECC_GENERATE_KEY) || \ ++ defined(HKS_SUPPORT_ED25519_GENERATE_KEY) || defined(HKS_SUPPORT_RSA_GENERATE_KEY) || \ ++ defined(HKS_SUPPORT_X25519_GENERATE_KEY) ++#define HKS_SUPPORT_API_GENERATE_KEY ++#define HKS_SUPPORT_API_DELETE_KEY ++#define HKS_SUPPORT_API_GET_KEY_PARAM_SET ++#define HKS_SUPPORT_API_KEY_EXIST ++#endif ++ ++#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || \ ++ defined(HKS_SUPPORT_ED25519_C) || defined(HKS_SUPPORT_X25519_C) || \ ++ defined(HKS_SUPPORT_AES_C) ++#define HKS_SUPPORT_API_IMPORT ++#endif ++ ++#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || \ ++ defined(HKS_SUPPORT_ED25519_C) || defined(HKS_SUPPORT_X25519_C) ++#define HKS_SUPPORT_API_EXPORT ++#endif ++ ++#define HKS_SUPPORT_API_GENERATE_RANDOM ++ ++#if defined(HKS_SUPPORT_ECDSA_C) || defined(HKS_SUPPORT_ED25519_SIGN_VERIFY) || \ ++ defined(HKS_SUPPORT_RSA_SIGN_VERIFY) ++#define HKS_SUPPORT_API_SIGN_VERIFY ++#endif ++ ++#if defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_RSA_CRYPT) ++#define HKS_SUPPORT_API_CIPHER ++#endif ++ ++#if defined(HKS_SUPPORT_X25519_AGREE_KEY) || defined(HKS_SUPPORT_ECDH_C) ++#define HKS_SUPPORT_API_AGREE_KEY ++#endif ++ ++#ifdef HKS_SUPPORT_KDF_C ++#define HKS_SUPPORT_API_DERIVE_KEY ++#endif ++ ++#ifdef HKS_SUPPORT_HMAC_C ++#define HKS_SUPPORT_API_MAC ++#endif ++ ++#ifdef HKS_SUPPORT_HASH_C ++#define HKS_SUPPORT_API_HASH ++#endif ++ ++#ifdef HKS_SUPPORT_BN_C ++#define HKS_SUPPORT_API_BN_EXP_MOD ++#endif ++ ++#ifndef HKS_SUPPORT_LITE_HEAP ++#define HKS_SUPPORT_API_GET_KEY_INFO_LIST ++#endif ++ ++#endif /* HKS_CONFIG_H */ +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_config_small.h b/huks/frameworks/huks_standard/main/common/include/hks_config_small.h +new file mode 100644 +index 0000000..d8692e7 +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_config_small.h +@@ -0,0 +1,136 @@ ++/* ++ * Copyright (c) 2021-2022 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_CONFIG_H ++#define HKS_CONFIG_H ++ ++#define HKS_SUPPORT_POSIX ++ ++#ifndef __LINUX__ ++#define HKS_ENABLE_LOG_PUBLIC ++#endif ++#define HKS_LOG_ENGINE_HILOG_MODULE_SCY ++ ++/* AES */ ++#define HKS_SUPPORT_AES_C ++#define HKS_SUPPORT_AES_GENERATE_KEY ++#define HKS_SUPPORT_AES_CBC_NOPADDING ++#define HKS_SUPPORT_AES_CBC_PKCS7 ++#define HKS_SUPPORT_AES_GCM ++ ++/* BN */ ++#define HKS_SUPPORT_BN_C ++ ++/* ECC */ ++#define HKS_SUPPORT_ECC_C ++#define HKS_SUPPORT_ECC_GENERATE_KEY ++#define HKS_SUPPORT_ECC_GET_PUBLIC_KEY ++#define HKS_SUPPORT_ECDH_C ++#define HKS_SUPPORT_ECDSA_C ++ ++/* ED25519 */ ++#define HKS_SUPPORT_ED25519_C ++#define HKS_SUPPORT_ED25519_GENERATE_KEY ++#define HKS_SUPPORT_ED25519_SIGN_VERIFY ++#define HKS_SUPPORT_ED2519_GET_PUBLIC_KEY ++ ++/* HASH */ ++#define HKS_SUPPORT_HASH_C ++#define HKS_SUPPORT_HASH_SHA256 ++#define HKS_SUPPORT_HASH_SHA384 ++#define HKS_SUPPORT_HASH_SHA512 ++ ++/* HMAC */ ++#define HKS_SUPPORT_HMAC_C ++#define HKS_SUPPORT_HMAC_SHA256 ++#define HKS_SUPPORT_HMAC_SHA384 ++#define HKS_SUPPORT_HMAC_SHA512 ++ ++/* KDF */ ++#define HKS_SUPPORT_KDF_C ++#define HKS_SUPPORT_KDF_PBKDF2 ++#define HKS_SUPPORT_KDF_HKDF ++ ++/* RSA */ ++#define HKS_SUPPORT_RSA_C ++#define HKS_SUPPORT_RSA_GENERATE_KEY ++#define HKS_SUPPORT_RSA_CRYPT ++#define HKS_SUPPORT_RSA_SIGN_VERIFY ++#define HKS_SUPPORT_RSA_GET_PUBLIC_KEY ++ ++/* X25519 */ ++#define HKS_SUPPORT_X25519_C ++#define HKS_SUPPORT_X25519_GENERATE_KEY ++#define HKS_SUPPORT_X25519_AGREE_KEY ++#define HKS_SUPPORT_X25519_GET_PUBLIC_KEY ++ ++#define HKS_SUPPORT_ED25519_TO_X25519 ++ ++#if defined(HKS_SUPPORT_AES_GENERATE_KEY) || defined(HKS_SUPPORT_ECC_GENERATE_KEY) || \ ++ defined(HKS_SUPPORT_ED25519_GENERATE_KEY) || defined(HKS_SUPPORT_RSA_GENERATE_KEY) || \ ++ defined(HKS_SUPPORT_X25519_GENERATE_KEY) ++#define HKS_SUPPORT_API_GENERATE_KEY ++#define HKS_SUPPORT_API_DELETE_KEY ++#define HKS_SUPPORT_API_GET_KEY_PARAM_SET ++#define HKS_SUPPORT_API_KEY_EXIST ++#endif ++ ++#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || \ ++ defined(HKS_SUPPORT_ED25519_C) || defined(HKS_SUPPORT_X25519_C) || \ ++ defined(HKS_SUPPORT_AES_C) ++#define HKS_SUPPORT_API_IMPORT ++#endif ++ ++#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || \ ++ defined(HKS_SUPPORT_ED25519_C) || defined(HKS_SUPPORT_X25519_C) ++#define HKS_SUPPORT_API_EXPORT ++#endif ++ ++#define HKS_SUPPORT_API_GENERATE_RANDOM ++ ++#if defined(HKS_SUPPORT_ECDSA_C) || defined(HKS_SUPPORT_ED25519_SIGN_VERIFY) || \ ++ defined(HKS_SUPPORT_RSA_SIGN_VERIFY) ++#define HKS_SUPPORT_API_SIGN_VERIFY ++#endif ++ ++#if defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_RSA_CRYPT) ++#define HKS_SUPPORT_API_CIPHER ++#endif ++ ++#if defined(HKS_SUPPORT_X25519_AGREE_KEY) || defined(HKS_SUPPORT_ECDH_C) ++#define HKS_SUPPORT_API_AGREE_KEY ++#endif ++ ++#ifdef HKS_SUPPORT_KDF_C ++#define HKS_SUPPORT_API_DERIVE_KEY ++#endif ++ ++#ifdef HKS_SUPPORT_HMAC_C ++#define HKS_SUPPORT_API_MAC ++#endif ++ ++#ifdef HKS_SUPPORT_HASH_C ++#define HKS_SUPPORT_API_HASH ++#endif ++ ++#ifdef HKS_SUPPORT_BN_C ++#define HKS_SUPPORT_API_BN_EXP_MOD ++#endif ++ ++#ifndef HKS_SUPPORT_LITE_HEAP ++#define HKS_SUPPORT_API_GET_KEY_INFO_LIST ++#endif ++ ++#endif /* HKS_CONFIG_H */ +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_crypto_adapter.h b/huks/frameworks/huks_standard/main/common/include/hks_crypto_adapter.h +new file mode 100644 +index 0000000..a4d6a9c +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_crypto_adapter.h +@@ -0,0 +1,58 @@ ++/* ++ * Copyright (c) 2021 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_CRYPTO_ADAPTER_H ++#define HKS_CRYPTO_ADAPTER_H ++ ++#include ++#include ++ ++#include "hks_crypto_hal.h" ++#include "hks_type.h" ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++void HksFillKeySpec(const struct HksParamSet *paramSet, struct HksKeySpec *spec); ++ ++void HksFillUsageSpec(const struct HksParamSet *paramSet, struct HksUsageSpec *usageSpec); ++ ++void HksFreeUsageSpec(struct HksUsageSpec **usageSpec); ++ ++void HksFillKeyDerivationParam(const struct HksParamSet *paramSet, struct HksKeyDerivationParam *param); ++ ++int32_t HksFillAeadParam(const struct HksParamSet *paramSet, struct HksBlob *inputText, struct HksUsageSpec *usageSpec, ++ bool isEncrypt); ++ ++int32_t HksFillIvParam(const struct HksParamSet *paramSet, struct HksUsageSpec *usageSpec); ++ ++int32_t HksBuildCipherUsageSpec(const struct HksParamSet *paramSet, bool isEncrypt, struct HksBlob *inputText, ++ struct HksUsageSpec **outUsageSpec); ++ ++int32_t HksGetEncryptAeTag(const struct HksParamSet *paramSet, const struct HksBlob *inData, struct HksBlob *outData, ++ struct HksBlob *tagAead); ++ ++int32_t HksSetKeyToMaterial(uint32_t alg, bool isPubKey, const struct HksBlob *key, struct HksBlob *keyMaterial); ++ ++int32_t HksGetKeyFromMaterial(uint32_t alg, bool isPubKey, const struct HksBlob *keyMaterial, struct HksBlob *key); ++ ++int32_t HksFormatKeyFromMaterial(uint32_t alg, const struct HksBlob *keyMaterial, struct HksParamSet *paramSetOut); ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif +\ No newline at end of file +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_crypto_hal.h b/huks/frameworks/huks_standard/main/common/include/hks_crypto_hal.h +new file mode 100644 +index 0000000..1543691 +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_crypto_hal.h +@@ -0,0 +1,255 @@ ++/* ++ * Copyright (c) 2021-2022 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_CRYPTO_HAL_H ++#define HKS_CRYPTO_HAL_H ++ ++#include "hks_type.h" ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++enum HksKeyAlgMode { ++ HKS_ALGORITHM_RSA_MODE_CRT = 1, ++ HKS_ALGORITHM_RSA_MODE_NO_CRT = 2, ++ HKS_ALGORITHM_EC_MODE_ECDH = 3, ++ HKS_ALGORITHM_ED_MODE_SIG_VERIFY = 4, ++ HKS_ALGORITHM_ED_MODE_VERIFY = 5, ++ HKS_ALGORITHM_X25519_MODE = 6, ++}; ++ ++struct HksKeySpec { ++ uint32_t algType; ++ uint32_t keyLen; ++ void *algParam; /* for example : struct HksKeyDerivationParam */ ++}; ++ ++struct HksKeyDerivationParam { ++ struct HksBlob salt; ++ struct HksBlob info; ++ uint32_t iterations; ++ uint32_t digestAlg; ++}; ++ ++struct HksAeadParam { ++ struct HksBlob nonce; ++ struct HksBlob aad; ++ union { ++ struct HksBlob tagDec; ++ uint32_t tagLenEnc; ++ }; ++ uint32_t payloadLen; ++}; ++ ++struct HksCipherParam { ++ struct HksBlob iv; ++}; ++ ++struct HksUsageSpec { ++ uint32_t algType; ++ uint32_t mode; ++ uint32_t padding; ++ uint32_t digest; ++ uint32_t purpose; ++ /* ++ * Different algorithms correspond to different structures,for example: ++ * struct HksAeadParam for aead; ++ * struct HksCipherParam for cipher; ++ */ ++ void *algParam; ++}; ++ ++struct KeyMaterialRsa { ++ enum HksKeyAlg keyAlg; ++ uint32_t keySize; ++ uint32_t nSize; ++ uint32_t eSize; ++ uint32_t dSize; ++}; ++ ++struct KeyMaterialEcc { ++ enum HksKeyAlg keyAlg; ++ uint32_t keySize; ++ uint32_t xSize; ++ uint32_t ySize; ++ uint32_t zSize; ++}; ++ ++struct KeyMaterialDsa { ++ enum HksKeyAlg keyAlg; ++ uint32_t keySize; ++ uint32_t xSize; ++ uint32_t ySize; ++ uint32_t pSize; ++ uint32_t qSize; ++ uint32_t gSize; ++}; ++ ++struct KeyMaterialDh { ++ enum HksKeyAlg keyAlg; ++ uint32_t keySize; ++ uint32_t pubKeySize; ++ uint32_t priKeySize; ++ uint32_t reserved; ++}; ++ ++struct KeyMaterial25519 { ++ enum HksKeyAlg keyAlg; ++ uint32_t keySize; ++ uint32_t pubKeySize; ++ uint32_t priKeySize; ++ uint32_t reserved; ++}; ++ ++typedef int32_t (*GetMainKey)(const struct HksBlob *, struct HksBlob *); ++ ++typedef int32_t (*GenerateKey)(const struct HksKeySpec *, struct HksBlob *); ++ ++typedef int32_t (*PubKey)(const struct HksBlob *, struct HksBlob *); ++ ++typedef int32_t (*DeriveKey)(const struct HksBlob *, const struct HksKeySpec *, struct HksBlob *); ++ ++typedef int32_t (*FillRandom)(struct HksBlob *); ++ ++typedef int32_t (*AgreeKey)(const struct HksBlob *, const struct HksBlob *, const struct HksKeySpec *, ++ struct HksBlob *); ++ ++typedef int32_t (*Sign)(const struct HksBlob *, const struct HksUsageSpec *, const struct HksBlob *, ++ struct HksBlob *); ++ ++typedef int32_t (*Verify)(const struct HksBlob *, const struct HksUsageSpec *, const struct HksBlob *, ++ const struct HksBlob *); ++ ++typedef int32_t (*Hmac)(const struct HksBlob *, uint32_t, const struct HksBlob *, struct HksBlob *); ++ ++typedef int32_t (*HmacInit)(void **, const struct HksBlob *, uint32_t); ++ ++typedef int32_t (*HmacUpdate)(void *, const struct HksBlob *); ++ ++typedef int32_t (*HmacFinal)(void **, const struct HksBlob *, struct HksBlob *); ++ ++typedef int32_t (*Hash)(uint32_t, const struct HksBlob *, struct HksBlob *); ++ ++typedef int32_t (*HashInit)(void **, uint32_t); ++ ++typedef int32_t (*HashUpdate)(void *, const struct HksBlob *); ++ ++typedef int32_t (*HashFinal)(void **, const struct HksBlob *, struct HksBlob *); ++ ++typedef int32_t (*Encrypt)(const struct HksBlob *, const struct HksUsageSpec *, ++ const struct HksBlob *, struct HksBlob *, struct HksBlob *); ++ ++typedef int32_t (*EncryptInit)(void **, const struct HksBlob *, const struct HksUsageSpec *, const bool); ++ ++typedef int32_t (*EncryptUpdate)(void *, const struct HksBlob *, struct HksBlob *, const bool); ++ ++typedef int32_t (*EncryptFinal)(void **, const struct HksBlob *, struct HksBlob *, struct HksBlob *, const bool); ++ ++typedef int32_t (*Decrypt)(const struct HksBlob *, const struct HksUsageSpec *, ++ const struct HksBlob *, struct HksBlob *); ++ ++typedef int32_t (*DecryptInit)(void **, const struct HksBlob *, const struct HksUsageSpec *, const bool); ++ ++typedef int32_t (*DecryptUpdate)(void *, const struct HksBlob *, struct HksBlob *, const bool); ++ ++typedef int32_t (*DecryptFinal)(void **, const struct HksBlob *, struct HksBlob *, struct HksBlob *, const bool); ++ ++typedef int32_t (*BnExpMod)(struct HksBlob *, const struct HksBlob *, ++ const struct HksBlob *, const struct HksBlob *); ++ ++typedef void (*FreeCtx)(void **); ++ ++int32_t HksCryptoHalGetMainKey(const struct HksBlob *message, struct HksBlob *mainKey); ++ ++int32_t HksCryptoHalGenerateKey(const struct HksKeySpec *spec, struct HksBlob *key); ++ ++int32_t HksCryptoHalGetPubKey(const struct HksBlob *keyIn, struct HksBlob *keyOut); ++ ++int32_t HksCryptoHalDeriveKey(const struct HksBlob *mainKey, const struct HksKeySpec *derivationSpec, ++ struct HksBlob *derivedKey); ++ ++int32_t HksCryptoHalFillRandom(struct HksBlob *randomData); ++ ++int32_t HksCryptoHalFillPrivRandom(struct HksBlob *randomData); ++ ++int32_t HksCryptoHalAddEntropy(const struct HksBlob *entropy); ++ ++int32_t HksCryptoHalAgreeKey(const struct HksBlob *nativeKey, const struct HksBlob *pubKey, ++ const struct HksKeySpec *spec, struct HksBlob *sharedKey); ++ ++int32_t HksCryptoHalSign(const struct HksBlob *key, const struct HksUsageSpec *usageSpec, ++ const struct HksBlob *message, struct HksBlob *signature); ++ ++int32_t HksCryptoHalVerify(const struct HksBlob *key, const struct HksUsageSpec *usageSpec, ++ const struct HksBlob *message, const struct HksBlob *signature); ++ ++int32_t HksCryptoHalHmacInit(const struct HksBlob *key, uint32_t digestAlg, void **ctx); ++ ++int32_t HksCryptoHalHmacUpdate(const struct HksBlob *chunk, void *ctx); ++ ++int32_t HksCryptoHalHmacFinal(const struct HksBlob *msg, void **ctx, struct HksBlob *mac); ++ ++void HksCryptoHalHmacFreeCtx(void **ctx); ++ ++int32_t HksCryptoHalHmac(const struct HksBlob *key, uint32_t digestAlg, const struct HksBlob *msg, ++ struct HksBlob *mac); ++ ++int32_t HksCryptoHalHashInit(uint32_t alg, void **ctx); ++ ++int32_t HksCryptoHalHashUpdate(const struct HksBlob *msg, void *ctx); ++ ++int32_t HksCryptoHalHashFinal(const struct HksBlob *msg, void **ctx, struct HksBlob *hash); ++ ++void HksCryptoHalHashFreeCtx(void **ctx); ++ ++int32_t HksCryptoHalHash(uint32_t alg, const struct HksBlob *msg, struct HksBlob *hash); ++ ++int32_t HksCryptoHalEncryptInit(const struct HksBlob *key, const struct HksUsageSpec *usageSpec, void **ctx); ++ ++int32_t HksCryptoHalEncryptUpdate(const struct HksBlob *message, void *ctx, struct HksBlob *out, ++ const uint32_t algtype); ++ ++int32_t HksCryptoHalEncryptFinal(const struct HksBlob *message, void **ctx, struct HksBlob *cipherText, ++ struct HksBlob *tagAead, const uint32_t algtype); ++ ++void HksCryptoHalEncryptFreeCtx(void **ctx, const uint32_t algtype); ++ ++int32_t HksCryptoHalEncrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec, ++ const struct HksBlob *message, struct HksBlob *cipherText, struct HksBlob *tagAead); ++ ++int32_t HksCryptoHalDecryptInit(const struct HksBlob *key, const struct HksUsageSpec *usageSpec, void **ctx); ++ ++int32_t HksCryptoHalDecryptUpdate(const struct HksBlob *message, void *ctx, struct HksBlob *out, ++ const uint32_t algtype); ++ ++int32_t HksCryptoHalDecryptFinal(const struct HksBlob *message, void **ctx, struct HksBlob *cipherText, ++ struct HksBlob *tagAead, const uint32_t algtype); ++ ++void HksCryptoHalDecryptFreeCtx(void **ctx, const uint32_t algtype); ++ ++int32_t HksCryptoHalDecrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec, ++ const struct HksBlob *message, struct HksBlob *cipherText); ++ ++int32_t HksCryptoHalBnExpMod(struct HksBlob *x, const struct HksBlob *a, ++ const struct HksBlob *e, const struct HksBlob *n); ++ ++int32_t HksCryptoHalInit(void); ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* HKS_CRYPTO_HAL_H */ +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_errcode_adapter.h b/huks/frameworks/huks_standard/main/common/include/hks_errcode_adapter.h +new file mode 100644 +index 0000000..c3f025f +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_errcode_adapter.h +@@ -0,0 +1,51 @@ ++/* ++ * Copyright (c) 2022 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++#ifndef HKS_ERRCODE_ADAPTER_H ++#define HKS_ERRCODE_ADAPTER_H ++ ++#ifdef __cplusplus ++#include ++#include ++#include ++#else ++#include ++#include ++#include ++#endif ++ ++#include "hks_type.h" ++ ++struct HksResult { ++ int32_t errorCode; ++ const char *errorMsg; ++ uint8_t *data; ++}; ++ ++struct HksError { ++ int32_t innerErrCode; ++ struct HksResult hksResult; ++}; ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++struct HksResult HksConvertErrCode(int32_t result); ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* HKS_ERRCODE_ADAPTER_H */ +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_log.h b/huks/frameworks/huks_standard/main/common/include/hks_log.h +new file mode 100644 +index 0000000..5815e0c +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_log.h +@@ -0,0 +1,64 @@ ++/* ++ * Copyright (c) 2021 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_LOG_H ++#define HKS_LOG_H ++ ++#include "hks_type.h" ++ ++#ifdef HKS_CONFIG_FILE ++#include HKS_CONFIG_FILE ++#else ++#include "hks_config.h" ++#endif ++ ++#ifdef _HUKS_LOG_ENABLE_ ++#ifdef HKS_ENABLE_LOG_PUBLIC ++#define LOG_PUBLIC "{public}" ++#else ++#define LOG_PUBLIC ++#endif ++ ++#undef LOG_TAG ++#define LOG_TAG "HUKS" ++#undef LOG_DOMAIN ++#define LOG_DOMAIN 0xD002F00 /* Security subsystem's domain id */ ++ ++#ifdef HKS_LOG_ENGINE_LOG_CORE ++#include "hilog/log.h" ++#define LOG_ENGINE LOG_CORE ++#else ++#ifdef HKS_LOG_ENGINE_HILOG_MODULE_SCY ++#include "log.h" ++#define LOG_ENGINE HILOG_MODULE_SCY ++#endif ++#endif ++ ++#define HKS_LOG_I(fmt, arg...) HILOG_INFO(LOG_ENGINE, "%" LOG_PUBLIC "s[%" LOG_PUBLIC "u]: " fmt "\n", \ ++ __func__, __LINE__, ##arg) ++#define HKS_LOG_W(fmt, arg...) HILOG_WARN(LOG_ENGINE, "%" LOG_PUBLIC "s[%" LOG_PUBLIC "u]: " fmt "\n", \ ++ __func__, __LINE__, ##arg) ++#define HKS_LOG_E(fmt, arg...) HILOG_ERROR(LOG_ENGINE, "%" LOG_PUBLIC "s[%" LOG_PUBLIC "u]: " fmt "\n", \ ++ __func__, __LINE__, ##arg) ++#define HKS_LOG_D(fmt, arg...) HILOG_DEBUG(LOG_ENGINE, "%" LOG_PUBLIC "s[%" LOG_PUBLIC "u]: " fmt "\n", \ ++ __func__, __LINE__, ##arg) ++#else ++#define HKS_LOG_I(...) ++#define HKS_LOG_W(...) ++#define HKS_LOG_E(...) ++#define HKS_LOG_D(...) ++#endif ++ ++#endif /* HKS_LOG_H */ +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_mem.h b/huks/frameworks/huks_standard/main/common/include/hks_mem.h +new file mode 100644 +index 0000000..af6a0ef +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_mem.h +@@ -0,0 +1,62 @@ ++/* ++ * Copyright (c) 2021-2023 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_MEM_H ++#define HKS_MEM_H ++ ++#ifdef __cplusplus ++#include ++#include ++ ++#define HKS_NULL_POINTER nullptr ++#else ++#include ++#include ++ ++#define HKS_NULL_POINTER NULL ++#endif ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++void *HksMalloc(size_t size); ++int32_t HksMemCmp(const void *ptr1, const void *ptr2, uint32_t size); ++ ++#define SELF_FREE_PTR(PTR, FREE_FUNC) \ ++{ \ ++ if ((PTR) != HKS_NULL_POINTER) { \ ++ FREE_FUNC(PTR); \ ++ (PTR) = HKS_NULL_POINTER; \ ++ } \ ++} ++ ++#define HKS_FREE_PTR(p) SELF_FREE_PTR(p, free) ++ ++#define HksFree(p) SELF_FREE_PTR(p, free) ++ ++#define HKS_FREE_BLOB(blob) do { \ ++ if ((blob).data != HKS_NULL_POINTER) { \ ++ free((blob).data); \ ++ (blob).data = HKS_NULL_POINTER; \ ++ } \ ++ (blob).size = 0; \ ++} while (0) ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* HKS_MEM_H */ +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_template.h b/huks/frameworks/huks_standard/main/common/include/hks_template.h +new file mode 100644 +index 0000000..f9c9dcb +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_template.h +@@ -0,0 +1,75 @@ ++/* ++ * Copyright (c) 2022 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_TEMPLATE_H ++#define HKS_TEMPLATE_H ++ ++#undef HKS_NULL_POINTER ++ ++#ifdef __cplusplus ++#define HKS_NULL_POINTER nullptr ++#else ++#define HKS_NULL_POINTER NULL ++#endif ++ ++#define HKS_IF_NOT_SUCC_LOGE_RETURN(RESULT, ERROR_CODE, LOG_MESSAGE, ...) \ ++if ((RESULT) != HKS_SUCCESS) { \ ++ HKS_LOG_E(LOG_MESSAGE, ##__VA_ARGS__); \ ++ return (ERROR_CODE); \ ++} ++ ++#define HKS_IF_NOT_SUCC_LOGE_BREAK(RESULT, LOG_MESSAGE, ...) \ ++if ((RESULT) != HKS_SUCCESS) { \ ++ HKS_LOG_E(LOG_MESSAGE, ##__VA_ARGS__); \ ++ break; \ ++} ++ ++#define HKS_IF_NOT_SUCC_BREAK(RESULT, ...) \ ++if ((RESULT) != HKS_SUCCESS) { \ ++ break; \ ++} ++ ++#define HKS_IF_NOT_SUCC_LOGE(RESULT, LOG_MESSAGE, ...) \ ++if ((RESULT) != HKS_SUCCESS) { \ ++ HKS_LOG_E(LOG_MESSAGE, ##__VA_ARGS__); \ ++} ++ ++#define HKS_IF_NOT_SUCC_RETURN(RESULT, ERROR_CODE) \ ++if ((RESULT) != HKS_SUCCESS) { \ ++ return (ERROR_CODE); \ ++} ++ ++#define HKS_IF_NULL_LOGE_RETURN(OBJECT, ERROR_CODE, LOG_MESSAGE, ...) \ ++if ((OBJECT) == HKS_NULL_POINTER) { \ ++ HKS_LOG_E(LOG_MESSAGE, ##__VA_ARGS__); \ ++ return (ERROR_CODE); \ ++} ++ ++#define HKS_IF_NULL_LOGE_BREAK(OBJECT, LOG_MESSAGE, ...) \ ++if ((OBJECT) == HKS_NULL_POINTER) { \ ++ HKS_LOG_E(LOG_MESSAGE, ##__VA_ARGS__); \ ++ break; \ ++} ++ ++#define HKS_IF_NULL_RETURN(OBJECT, ERROR_CODE) \ ++if ((OBJECT) == HKS_NULL_POINTER) { \ ++ return (ERROR_CODE); \ ++} ++ ++#define HKS_IF_NULL_BREAK(OBJECT) \ ++if ((OBJECT) == HKS_NULL_POINTER) { \ ++ break; \ ++} ++#endif /* HKS_TEMPLATE_H */ +diff --git a/huks/frameworks/huks_standard/main/common/include/hks_type_inner.h b/huks/frameworks/huks_standard/main/common/include/hks_type_inner.h +new file mode 100644 +index 0000000..d32663d +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/common/include/hks_type_inner.h +@@ -0,0 +1,94 @@ ++/* ++ * Copyright (c) 2021 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_TYPE_INNER_H ++#define HKS_TYPE_INNER_H ++ ++#include "hks_type.h" ++#include "securec.h" ++ ++#define HANDLE_SIZE 8 ++#define DEFAULT_AUTH_TIMEOUT 5 ++ ++/* EnrolledIdInfo stored format: |-enrolledId len-|-enrolledId1 type-|-enrolledId1 value-|...| */ ++#define ENROLLED_ID_INFO_MIN_LEN (sizeof(uint32_t) + (sizeof(uint32_t) + sizeof(uint64_t))) ++ ++enum HksUserAuthResult { ++ HKS_AUTH_RESULT_NONE = -2, // not support user auth ++ HKS_AUTH_RESULT_INIT = -1, ++ HKS_AUTH_RESULT_SUCCESS = 0, ++ HKS_AUTH_RESULT_FAILED = 1, ++}; ++ ++enum HksStageType { ++ HKS_STAGE_THREE = 0, ++ HKS_STAGE_ONE = 1, ++}; ++ ++enum HksInnerTag { ++ HKS_TAG_APPENDED_DATA_PREFIX = HKS_TAG_TYPE_BYTES | 10020, ++ HKS_TAG_APPENDED_DATA_SUFFIX = HKS_TAG_TYPE_BYTES | 10021, ++ ++ /* Inner-use TAGS used for ipc serialization */ ++ HKS_TAG_PARAM0_BUFFER = HKS_TAG_TYPE_BYTES | 30001, ++ HKS_TAG_PARAM1_BUFFER = HKS_TAG_TYPE_BYTES | 30002, ++ HKS_TAG_PARAM2_BUFFER = HKS_TAG_TYPE_BYTES | 30003, ++ HKS_TAG_PARAM3_BUFFER = HKS_TAG_TYPE_BYTES | 30004, ++ HKS_TAG_PARAM4_BUFFER = HKS_TAG_TYPE_BYTES | 30005, ++ HKS_TAG_PARAM0_UINT32 = HKS_TAG_TYPE_UINT | 30006, ++ HKS_TAG_PARAM1_UINT32 = HKS_TAG_TYPE_UINT | 30007, ++ HKS_TAG_PARAM2_UINT32 = HKS_TAG_TYPE_UINT | 30008, ++ HKS_TAG_PARAM3_UINT32 = HKS_TAG_TYPE_UINT | 30009, ++ HKS_TAG_PARAM4_UINT32 = HKS_TAG_TYPE_UINT | 30010, ++ HKS_TAG_PARAM0_BOOL = HKS_TAG_TYPE_BOOL | 30011, ++ HKS_TAG_PARAM1_BOOL = HKS_TAG_TYPE_BOOL | 30012, ++ HKS_TAG_PARAM2_BOOL = HKS_TAG_TYPE_BOOL | 30013, ++ HKS_TAG_PARAM3_BOOL = HKS_TAG_TYPE_BOOL | 30014, ++ HKS_TAG_PARAM4_BOOL = HKS_TAG_TYPE_BOOL | 30015, ++ HKS_TAG_PARAM0_NULL = HKS_TAG_TYPE_BYTES | 30016, ++ HKS_TAG_PARAM1_NULL = HKS_TAG_TYPE_BYTES | 30017, ++ HKS_TAG_PARAM2_NULL = HKS_TAG_TYPE_BYTES | 30018, ++ HKS_TAG_PARAM3_NULL = HKS_TAG_TYPE_BYTES | 30019, ++ HKS_TAG_PARAM4_NULL = HKS_TAG_TYPE_BYTES | 30020, ++ ++ HKS_TAG_ACCESS_TOKEN_ID = HKS_TAG_TYPE_UINT | 30021, ++}; ++ ++#define HKS_PARAM_BUFFER_NULL_INTERVAL ((HKS_TAG_PARAM0_NULL) - (HKS_TAG_PARAM0_BUFFER)) ++ ++struct HksProcessInfo { ++ struct HksBlob userId; ++ struct HksBlob processName; ++ int32_t userIdInt; ++ uint64_t accessTokenId; ++}; ++ ++struct HksParamOut { ++ uint32_t tag; ++ union { ++ bool *boolParam; ++ int32_t *int32Param; ++ uint32_t *uint32Param; ++ uint64_t *uint64Param; ++ struct HksBlob *blob; ++ }; ++}; ++ ++struct HksKeyMaterialHeader { ++ enum HksKeyAlg keyAlg; ++ uint32_t keySize; ++}; ++ ++#endif /* HKS_TYPE_INNER_H */ +diff --git a/huks/frameworks/huks_standard/main/os_dependency/BUILD.gn b/huks/frameworks/huks_standard/main/os_dependency/BUILD.gn +new file mode 100644 +index 0000000..3cc5c64 +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/os_dependency/BUILD.gn +@@ -0,0 +1,10 @@ ++import("//build/ohos.gni") ++ ++config("huks_config") { ++ include_dirs = ["//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/include"] ++ libs = ["huks_os_dependency_standard_static"] ++} ++ ++group("libhuks_os_dependency_standard_static") { ++ public_configs = [":huks_config"] ++} +diff --git a/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_client_ipc.h b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_client_ipc.h +new file mode 100644 +index 0000000..206dfd4 +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_client_ipc.h +@@ -0,0 +1,90 @@ ++/* ++ * Copyright (c) 2021-2022 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_CLIENT_IPC_H ++#define HKS_CLIENT_IPC_H ++ ++#include "hks_type_inner.h" ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++int32_t HksClientInitialize(void); ++ ++int32_t HksClientRefreshKeyInfo(void); ++ ++int32_t HksClientGenerateKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSetIn, ++ struct HksParamSet *paramSetOut); ++ ++int32_t HksClientImportKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet, ++ const struct HksBlob *key); ++ ++int32_t HksClientExportPublicKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet, ++ struct HksBlob *key); ++ ++int32_t HksClientImportWrappedKey(const struct HksBlob *keyAlias, const struct HksBlob *wrappingKeyAlias, ++ const struct HksParamSet *paramSet, const struct HksBlob *wrappedKeyData); ++ ++int32_t HksClientDeleteKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet); ++ ++int32_t HksClientGetKeyParamSet(const struct HksBlob *keyAlias, struct HksParamSet *paramSet); ++ ++int32_t HksClientKeyExist(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet); ++ ++int32_t HksClientGenerateRandom(struct HksBlob *random, const struct HksParamSet *paramSet); ++ ++int32_t HksClientSign(const struct HksBlob *key, const struct HksParamSet *paramSet, ++ const struct HksBlob *srcData, struct HksBlob *signature); ++ ++int32_t HksClientVerify(const struct HksBlob *key, const struct HksParamSet *paramSet, ++ const struct HksBlob *srcData, const struct HksBlob *signature); ++ ++int32_t HksClientEncrypt(const struct HksBlob *key, const struct HksParamSet *paramSet, ++ const struct HksBlob *plainText, struct HksBlob *cipherText); ++ ++int32_t HksClientDecrypt(const struct HksBlob *key, const struct HksParamSet *paramSet, ++ const struct HksBlob *cipherText, struct HksBlob *plainText); ++ ++int32_t HksClientAgreeKey(const struct HksParamSet *paramSet, const struct HksBlob *privateKey, ++ const struct HksBlob *peerPublicKey, struct HksBlob *agreedKey); ++ ++int32_t HksClientDeriveKey(const struct HksParamSet *paramSet, const struct HksBlob *mainKey, ++ struct HksBlob *derivedKey); ++ ++int32_t HksClientMac(const struct HksBlob *key, const struct HksParamSet *paramSet, const struct HksBlob *srcData, ++ struct HksBlob *mac); ++ ++int32_t HksClientGetKeyInfoList(struct HksKeyInfo *keyInfoList, uint32_t *listCount); ++ ++int32_t HksClientAttestKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet, ++ struct HksCertChain *certChain); ++ ++int32_t HksClientInit(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet, struct HksBlob *handle, ++ struct HksBlob *token); ++ ++int32_t HksClientUpdate(const struct HksBlob *handle, const struct HksParamSet *paramSet, const struct HksBlob *inData, ++ struct HksBlob *outData); ++ ++int32_t HksClientFinish(const struct HksBlob *handle, const struct HksParamSet *paramSet, const struct HksBlob *inData, ++ struct HksBlob *outData); ++ ++int32_t HksClientAbort(const struct HksBlob *handle, const struct HksParamSet *paramSet); ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* HKS_CLIENT_IPC_H */ +diff --git a/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_check.h b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_check.h +new file mode 100644 +index 0000000..761247c +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_check.h +@@ -0,0 +1,55 @@ ++/* ++ * Copyright (c) 2021 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_CRYPTO_CHECK_H ++#define HKS_CRYPTO_CHECK_H ++ ++#include ++#include ++ ++#include "hks_type.h" ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++int32_t HksCheckIpcGenerateKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSetIn); ++ ++int32_t HksCheckIpcImportKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet, ++ const struct HksBlob *key); ++ ++int32_t HksCheckIpcImportWrappedKey(const struct HksBlob *keyAlias, const struct HksBlob *wrappingKeyAlias, ++ const struct HksParamSet *paramSet, const struct HksBlob *wrappedKeyData); ++ ++int32_t HksCheckIpcExportPublicKey(const struct HksBlob *keyAlias, const struct HksBlob *key); ++ ++int32_t HksCheckIpcGetKeyParamSet(const struct HksBlob *keyAlias, struct HksParamSet *paramSet); ++ ++int32_t HksCheckIpcAgreeKey(const struct HksParamSet *paramSet, const struct HksBlob *privateKey, ++ const struct HksBlob *peerPublicKey, const struct HksBlob *agreedKey); ++ ++int32_t HksCheckIpcDeriveKey(const struct HksParamSet *paramSet, const struct HksBlob *mainKey, ++ const struct HksBlob *derivedKey); ++ ++int32_t HksCheckIpcGetKeyInfoList(const struct HksKeyInfo *keyInfoList, uint32_t listCount); ++ ++int32_t HksCheckIpcCertificateChain(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet, ++ const struct HksCertChain *certChain); ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif +\ No newline at end of file +diff --git a/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_serialization.h b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_serialization.h +new file mode 100644 +index 0000000..59cf16e +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_serialization.h +@@ -0,0 +1,76 @@ ++/* ++ * Copyright (c) 2021-2022 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_IPC_SERIALIZATION_H ++#define HKS_IPC_SERIALIZATION_H ++ ++#include ++#include ++ ++#include "hks_type_inner.h" ++ ++#define MAX_IPC_BUF_SIZE 0x10000 /* Maximun IPC message buffer size. */ ++#define MAX_IPC_RSV_SIZE 0x400 /* Reserve IPC message buffer size */ ++#define MAX_PROCESS_SIZE (MAX_IPC_BUF_SIZE - MAX_IPC_RSV_SIZE) ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++int32_t CopyUint32ToBuffer(uint32_t value, const struct HksBlob *destBlob, uint32_t *destOffset); ++ ++int32_t HksGenerateKeyPack(struct HksBlob *destData, const struct HksBlob *keyAlias, ++ const struct HksParamSet *paramSetIn, const struct HksBlob *keyOut); ++ ++int32_t HksImportKeyPack(struct HksBlob *destData, const struct HksBlob *keyAlias, const struct HksParamSet *paramSet, ++ const struct HksBlob *key); ++ ++int32_t HksImportWrappedKeyPack(struct HksBlob *destData, const struct HksBlob *keyAlias, ++ const struct HksBlob *wrappingKeyAlias, const struct HksParamSet *paramSet, const struct HksBlob *wrappedKeyData); ++ ++int32_t HksExportPublicKeyPack(struct HksBlob *destData, const struct HksBlob *keyAlias, const struct HksBlob *key); ++ ++int32_t HksGetKeyParamSetPack(struct HksBlob *destData, const struct HksBlob *keyAlias, const struct HksBlob *keyOut); ++ ++int32_t HksOnceParamPack(struct HksBlob *destData, const struct HksBlob *key, const struct HksParamSet *paramSet, ++ uint32_t *offset); ++ ++int32_t HksOnceDataPack(struct HksBlob *destData, const struct HksBlob *inputData, const struct HksBlob *rsvData, ++ const struct HksBlob *outputData, uint32_t *offset); ++ ++int32_t HksAgreeKeyPack(struct HksBlob *destData, const struct HksParamSet *paramSet, const struct HksBlob *privateKey, ++ const struct HksBlob *peerPublicKey, const struct HksBlob *agreedKey); ++ ++int32_t HksDeriveKeyPack(struct HksBlob *destData, const struct HksParamSet *paramSet, const struct HksBlob *kdfKey, ++ const struct HksBlob *derivedKey); ++ ++int32_t HksGetKeyInfoListPack(struct HksBlob *destData, uint32_t listCount, const struct HksKeyInfo *keyInfoList); ++ ++int32_t HksGetKeyInfoListUnpackFromService(const struct HksBlob *srcData, uint32_t *listCount, ++ struct HksKeyInfo *keyInfoList); ++ ++int32_t HksCertificateChainPack(struct HksBlob *destData, const struct HksBlob *keyAlias, ++ const struct HksParamSet *paramSet, const struct HksBlob *certChainBlob); ++ ++int32_t HksCertificateChainUnpackFromService(const struct HksBlob *srcData, bool needEncode, ++ struct HksCertChain *certChain); ++ ++int32_t HksParamsToParamSet(struct HksParam *params, uint32_t cnt, struct HksParamSet **outParamSet); ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* HKS_IPC_SERIALIZATION_H */ +\ No newline at end of file +diff --git a/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_slice.h b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_slice.h +new file mode 100644 +index 0000000..a712cc1 +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_slice.h +@@ -0,0 +1,34 @@ ++/* ++ * Copyright (c) 2021 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_IPC_SLICE_H ++#define HKS_IPC_SLICE_H ++ ++#include ++ ++#include "hks_type.h" ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++int32_t HksSliceDataEntry(uint32_t cmdId, const struct HksBlob *key, const struct HksParamSet *paramSet, ++ struct HksBlob *inData, struct HksBlob *outData); ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* HKS_SLICE_H */ +\ No newline at end of file +diff --git a/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_request.h b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_request.h +new file mode 100644 +index 0000000..332fb99 +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_request.h +@@ -0,0 +1,69 @@ ++/* ++ * Copyright (c) 2021-2022 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_REQUEST_H ++#define HKS_REQUEST_H ++ ++#include "hks_type_inner.h" ++ ++enum HksMessage { ++#ifndef _HKS_L1_TEE_ ++ HKS_MSG_BASE = 0x3a400, /* range of message value defined by router. globally unique */ ++#else ++ HKS_MSG_BASE = 1000, /* range of message value defined by SmartLock. Max 65535 */ ++#endif ++ HKS_MSG_GEN_KEY = HKS_MSG_BASE, ++ HKS_MSG_IMPORT_KEY, ++ HKS_MSG_EXPORT_PUBLIC_KEY, ++ HKS_MSG_IMPORT_WRAPPED_KEY, ++ HKS_MSG_DELETE_KEY, ++ HKS_MSG_GET_KEY_PARAMSET, ++ HKS_MSG_KEY_EXIST, ++ HKS_MSG_GENERATE_RANDOM, ++ HKS_MSG_SIGN, ++ HKS_MSG_VERIFY, ++ HKS_MSG_ENCRYPT, ++ HKS_MSG_DECRYPT, ++ HKS_MSG_AGREE_KEY, ++ HKS_MSG_DERIVE_KEY, ++ HKS_MSG_MAC, ++ HKS_MSG_GET_KEY_INFO_LIST, ++ HKS_MSG_ATTEST_KEY, ++ HKS_MSG_GET_CERTIFICATE_CHAIN, ++ HKS_MSG_INIT, ++ HKS_MSG_UPDATE, ++ HKS_MSG_FINISH, ++ HKS_MSG_ABORT, ++ HKS_MSG_MAX, /* new cmd type must be added before HKS_MSG_MAX */ ++}; ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++/* ++ * SendRequest - Send the request message to target module by function call or ipc or other ways. ++ * @type: the request message type. ++ * @inBlob: the input serialized data blob. ++ * @outBlob: the output serialized data blob, can be null. ++ */ ++int32_t HksSendRequest(enum HksMessage type, const struct HksBlob *inBlob, struct HksBlob *outBlob, ++ const struct HksParamSet *paramSet); ++ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* HKS_REQUEST_H */ +diff --git a/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_samgr_client.h b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_samgr_client.h +new file mode 100644 +index 0000000..b20f73b +--- /dev/null ++++ b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_samgr_client.h +@@ -0,0 +1,32 @@ ++/* ++ * Copyright (c) 2021 Huawei Device Co., Ltd. ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef HKS_SAMGR_CLIENT_H ++#define HKS_SAMGR_CLIENT_H ++ ++#include "hks_samgr_server.h" ++#include "iproxy_client.h" ++ ++typedef struct { ++ INHERIT_CLIENT_IPROXY; ++ int32_t (*IpcAsyncCallBack)(IUnknown *iUnknown, enum HksMessageType type, const struct HksBlob *inBlob, ++ struct HksBlob *outBlob); ++} HksMgrClientApi; ++ ++typedef struct { ++ INHERIT_IUNKNOWNENTRY(HksMgrClientApi); ++} HksMgrClientEntry; ++ ++#endif +\ No newline at end of file +diff --git a/huks/interfaces/innerkits/huks_standard/main/BUILD.gn b/huks/interfaces/innerkits/huks_standard/main/BUILD.gn +new file mode 100644 +index 0000000..a539688 +--- /dev/null ++++ b/huks/interfaces/innerkits/huks_standard/main/BUILD.gn +@@ -0,0 +1,23 @@ ++# Copyright (C) 2021-2022 Huawei Device Co., Ltd. ++# Licensed under the Apache License, Version 2.0 (the "License"); ++# you may not use this file except in compliance with the License. ++# You may obtain a copy of the License at ++# ++# http://www.apache.org/licenses/LICENSE-2.0 ++# ++# Unless required by applicable law or agreed to in writing, software ++# distributed under the License is distributed on an "AS IS" BASIS, ++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++# See the License for the specific language governing permissions and ++# limitations under the License. ++ ++import("//build/ohos.gni") ++ ++config("huks_config") { ++ include_dirs = [ "//base/security/huks/interfaces/innerkits/huks_standard/main/include" ] ++ libs = [ "hukssdk.z" ] ++} ++ ++group("libhukssdk") { ++ public_configs = [ ":huks_config" ] ++} +diff --git a/huks/interfaces/innerkits/huks_standard/main/include b/huks/interfaces/innerkits/huks_standard/main/include +new file mode 120000 +index 0000000..98a2378 +--- /dev/null ++++ b/huks/interfaces/innerkits/huks_standard/main/include +@@ -0,0 +1 @@ ++/usr/include/huks +\ No newline at end of file +-- +2.27.0 + -- Gitee