117fd14ceSopenharmony_ci/* 217fd14ceSopenharmony_ci * Copyright (C) 2023 Huawei Device Co., Ltd. 317fd14ceSopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 417fd14ceSopenharmony_ci * you may not use this file except in compliance with the License. 517fd14ceSopenharmony_ci * You may obtain a copy of the License at 617fd14ceSopenharmony_ci * 717fd14ceSopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 817fd14ceSopenharmony_ci * 917fd14ceSopenharmony_ci * Unless required by applicable law or agreed to in writing, software 1017fd14ceSopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 1117fd14ceSopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1217fd14ceSopenharmony_ci * See the License for the specific language governing permissions and 1317fd14ceSopenharmony_ci * limitations under the License. 1417fd14ceSopenharmony_ci */ 1517fd14ceSopenharmony_ci 1617fd14ceSopenharmony_ci#include "alg_defs.h" 1717fd14ceSopenharmony_ci#include "alg_loader.h" 1817fd14ceSopenharmony_ci#include "hc_log.h" 1917fd14ceSopenharmony_ci#include "identity_manager.h" 2017fd14ceSopenharmony_ci 2117fd14ceSopenharmony_cistatic int32_t SetProtocolsToIdentityInfo(IdentityInfo *info) 2217fd14ceSopenharmony_ci{ 2317fd14ceSopenharmony_ci ProtocolEntity *ecSpekeEntity = (ProtocolEntity *)HcMalloc(sizeof(ProtocolEntity), 0); 2417fd14ceSopenharmony_ci if (ecSpekeEntity == NULL) { 2517fd14ceSopenharmony_ci LOGE("Failed to alloc memory for ec speke entity!"); 2617fd14ceSopenharmony_ci return HC_ERR_ALLOC_MEMORY; 2717fd14ceSopenharmony_ci } 2817fd14ceSopenharmony_ci ecSpekeEntity->protocolType = ALG_EC_SPEKE; 2917fd14ceSopenharmony_ci ecSpekeEntity->expandProcessCmds = 0; 3017fd14ceSopenharmony_ci info->protocolVec.pushBack(&info->protocolVec, (const ProtocolEntity **)&ecSpekeEntity); 3117fd14ceSopenharmony_ci 3217fd14ceSopenharmony_ci return HC_SUCCESS; 3317fd14ceSopenharmony_ci} 3417fd14ceSopenharmony_ci 3517fd14ceSopenharmony_cistatic int32_t CombineQueryCredentialParams(const CJson *in, CJson *out) 3617fd14ceSopenharmony_ci{ 3717fd14ceSopenharmony_ci int32_t osAccountId = INVALID_OS_ACCOUNT; 3817fd14ceSopenharmony_ci if (GetIntFromJson(in, FIELD_OS_ACCOUNT_ID, &osAccountId) != HC_SUCCESS) { 3917fd14ceSopenharmony_ci LOGE("Failed to get osAccountId from context!"); 4017fd14ceSopenharmony_ci return HC_ERR_JSON_GET; 4117fd14ceSopenharmony_ci } 4217fd14ceSopenharmony_ci const char *peerConnDeviceId = GetStringFromJson(in, FIELD_PEER_CONN_DEVICE_ID); 4317fd14ceSopenharmony_ci if (peerConnDeviceId == NULL) { 4417fd14ceSopenharmony_ci LOGE("Failed to get peerConnDeviceId from context, need peerConnDeviceId!"); 4517fd14ceSopenharmony_ci return HC_ERR_JSON_GET; 4617fd14ceSopenharmony_ci } 4717fd14ceSopenharmony_ci int32_t acquireType = ACQUIRE_TYPE_INVALID; 4817fd14ceSopenharmony_ci if (GetIntFromJson(in, FIELD_ACQURIED_TYPE, &acquireType) != HC_SUCCESS) { 4917fd14ceSopenharmony_ci LOGE("Failed to get acquireType from context!"); 5017fd14ceSopenharmony_ci return HC_ERR_JSON_GET; 5117fd14ceSopenharmony_ci } 5217fd14ceSopenharmony_ci if (acquireType != P2P_BIND) { 5317fd14ceSopenharmony_ci LOGE("acquireType invalid! only P2P_BIND is allowed now!"); 5417fd14ceSopenharmony_ci return HC_ERR_INVALID_PARAMS; 5517fd14ceSopenharmony_ci } 5617fd14ceSopenharmony_ci if (AddIntToJson(out, FIELD_OS_ACCOUNT_ID, osAccountId) != HC_SUCCESS) { 5717fd14ceSopenharmony_ci LOGE("add osAccountId to json error!"); 5817fd14ceSopenharmony_ci return HC_ERR_JSON_ADD; 5917fd14ceSopenharmony_ci } 6017fd14ceSopenharmony_ci if (AddIntToJson(out, FIELD_ACQURIED_TYPE, acquireType) != HC_SUCCESS) { 6117fd14ceSopenharmony_ci LOGE("add acquireType to json error!"); 6217fd14ceSopenharmony_ci return HC_ERR_JSON_ADD; 6317fd14ceSopenharmony_ci } 6417fd14ceSopenharmony_ci if (AddIntToJson(out, FIELD_CRED_OP_FLAG, RETURN_FLAG_DEFAULT) != HC_SUCCESS) { 6517fd14ceSopenharmony_ci LOGE("add flag to json error!"); 6617fd14ceSopenharmony_ci return HC_ERR_JSON_ADD; 6717fd14ceSopenharmony_ci } 6817fd14ceSopenharmony_ci if (AddStringToJson(out, FIELD_DEVICE_ID, peerConnDeviceId) != HC_SUCCESS) { 6917fd14ceSopenharmony_ci LOGE("add device id to json error!"); 7017fd14ceSopenharmony_ci return HC_ERR_JSON_ADD; 7117fd14ceSopenharmony_ci } 7217fd14ceSopenharmony_ci return HC_SUCCESS; 7317fd14ceSopenharmony_ci} 7417fd14ceSopenharmony_ci 7517fd14ceSopenharmony_cistatic int32_t IsPeerDevicePublicKeyExist(const CJson *in) 7617fd14ceSopenharmony_ci{ 7717fd14ceSopenharmony_ci CJson *paramsJson = CreateJson(); 7817fd14ceSopenharmony_ci if (paramsJson == NULL) { 7917fd14ceSopenharmony_ci LOGE("alloc memory error!"); 8017fd14ceSopenharmony_ci return HC_ERR_ALLOC_MEMORY; 8117fd14ceSopenharmony_ci } 8217fd14ceSopenharmony_ci int32_t ret = CombineQueryCredentialParams(in, paramsJson); 8317fd14ceSopenharmony_ci if (ret != HC_SUCCESS) { 8417fd14ceSopenharmony_ci LOGE("Prepare query credential parmaters return error!"); 8517fd14ceSopenharmony_ci FreeJson(paramsJson); 8617fd14ceSopenharmony_ci return ret; 8717fd14ceSopenharmony_ci } 8817fd14ceSopenharmony_ci const CredentialOperator *credOperator = GetCredentialOperator(); 8917fd14ceSopenharmony_ci if (credOperator == NULL) { 9017fd14ceSopenharmony_ci LOGE("credOperator is null!"); 9117fd14ceSopenharmony_ci FreeJson(paramsJson); 9217fd14ceSopenharmony_ci return HC_ERR_NOT_SUPPORT; 9317fd14ceSopenharmony_ci } 9417fd14ceSopenharmony_ci char *requestParams = PackJsonToString(paramsJson); 9517fd14ceSopenharmony_ci FreeJson(paramsJson); 9617fd14ceSopenharmony_ci if (requestParams == NULL) { 9717fd14ceSopenharmony_ci LOGE("Failed to pack query credentail params json to string!"); 9817fd14ceSopenharmony_ci return HC_ERR_PACKAGE_JSON_TO_STRING_FAIL; 9917fd14ceSopenharmony_ci } 10017fd14ceSopenharmony_ci ret = credOperator->queryCredential(requestParams, NULL); 10117fd14ceSopenharmony_ci FreeJsonString(requestParams); 10217fd14ceSopenharmony_ci return ret; 10317fd14ceSopenharmony_ci} 10417fd14ceSopenharmony_ci 10517fd14ceSopenharmony_cistatic int32_t GetCredInfosByPeerIdentity(const CJson *in, IdentityInfoVec *vec) 10617fd14ceSopenharmony_ci{ 10717fd14ceSopenharmony_ci int32_t keyType = KEY_TYPE_ASYM; 10817fd14ceSopenharmony_ci (void)GetIntFromJson(in, FIELD_KEY_TYPE, &keyType); 10917fd14ceSopenharmony_ci 11017fd14ceSopenharmony_ci int32_t ret = IsPeerDevicePublicKeyExist(in); 11117fd14ceSopenharmony_ci if (ret != HC_SUCCESS) { 11217fd14ceSopenharmony_ci LOGE("Failed to get peer device public key!"); 11317fd14ceSopenharmony_ci return ret; 11417fd14ceSopenharmony_ci } 11517fd14ceSopenharmony_ci CJson *urlJson = CreateCredUrlJson(PRE_SHARED, keyType, TRUST_TYPE_P2P); 11617fd14ceSopenharmony_ci if (!urlJson) { 11717fd14ceSopenharmony_ci LOGE("Failed to create CredUrlJson info!"); 11817fd14ceSopenharmony_ci return HC_ERR_ALLOC_MEMORY; 11917fd14ceSopenharmony_ci } 12017fd14ceSopenharmony_ci if (AddBoolToJson(urlJson, FIELD_IS_DIRECT_AUTH, true) != HC_SUCCESS) { 12117fd14ceSopenharmony_ci LOGE("Failed to add isDirectAuth to preshared url!"); 12217fd14ceSopenharmony_ci FreeJson(urlJson); 12317fd14ceSopenharmony_ci return HC_ERR_JSON_ADD; 12417fd14ceSopenharmony_ci } else { 12517fd14ceSopenharmony_ci LOGI("add isDirectAuth:true into urlJson!"); 12617fd14ceSopenharmony_ci } 12717fd14ceSopenharmony_ci char *urlStr = PackJsonToString(urlJson); 12817fd14ceSopenharmony_ci FreeJson(urlJson); 12917fd14ceSopenharmony_ci if (urlStr == NULL) { 13017fd14ceSopenharmony_ci LOGE("Failed to pack url json to string!"); 13117fd14ceSopenharmony_ci return HC_ERR_PACKAGE_JSON_TO_STRING_FAIL; 13217fd14ceSopenharmony_ci } 13317fd14ceSopenharmony_ci IdentityInfo *info = CreateIdentityInfo(); 13417fd14ceSopenharmony_ci if (info == NULL) { 13517fd14ceSopenharmony_ci LOGE("Failed to create identity info!"); 13617fd14ceSopenharmony_ci FreeJsonString(urlStr); 13717fd14ceSopenharmony_ci return HC_ERR_ALLOC_MEMORY; 13817fd14ceSopenharmony_ci } 13917fd14ceSopenharmony_ci ret = SetPreSharedUrlForProof(urlStr, &info->proof.preSharedUrl); 14017fd14ceSopenharmony_ci FreeJsonString(urlStr); 14117fd14ceSopenharmony_ci if (ret != HC_SUCCESS) { 14217fd14ceSopenharmony_ci LOGE("Failed to set preSharedUrl of proof!"); 14317fd14ceSopenharmony_ci DestroyIdentityInfo(info); 14417fd14ceSopenharmony_ci return ret; 14517fd14ceSopenharmony_ci } 14617fd14ceSopenharmony_ci ret = SetProtocolsToIdentityInfo(info); 14717fd14ceSopenharmony_ci if (ret != HC_SUCCESS) { 14817fd14ceSopenharmony_ci LOGE("Failed to set protocols!"); 14917fd14ceSopenharmony_ci DestroyIdentityInfo(info); 15017fd14ceSopenharmony_ci return ret; 15117fd14ceSopenharmony_ci } 15217fd14ceSopenharmony_ci info->proofType = PRE_SHARED; 15317fd14ceSopenharmony_ci info->IdInfoType = P2P_DIRECT_AUTH; 15417fd14ceSopenharmony_ci vec->pushBack(vec, (const IdentityInfo **)&info); 15517fd14ceSopenharmony_ci return HC_SUCCESS; 15617fd14ceSopenharmony_ci} 15717fd14ceSopenharmony_ci 15817fd14ceSopenharmony_cistatic int32_t GetCredInfoByPeerUrl(const CJson *in, const Uint8Buff *presharedUrl, IdentityInfo **returnInfo) 15917fd14ceSopenharmony_ci{ 16017fd14ceSopenharmony_ci if (in == NULL || presharedUrl == NULL || returnInfo == NULL) { 16117fd14ceSopenharmony_ci LOGE("Invalid input params!"); 16217fd14ceSopenharmony_ci return HC_ERR_INVALID_PARAMS; 16317fd14ceSopenharmony_ci } 16417fd14ceSopenharmony_ci IdentityInfo *info = CreateIdentityInfo(); 16517fd14ceSopenharmony_ci if (info == NULL) { 16617fd14ceSopenharmony_ci LOGE("Failed to create identity info!"); 16717fd14ceSopenharmony_ci return HC_ERR_ALLOC_MEMORY; 16817fd14ceSopenharmony_ci } 16917fd14ceSopenharmony_ci int32_t ret = SetPreSharedUrlForProof((const char *)presharedUrl->val, &info->proof.preSharedUrl); 17017fd14ceSopenharmony_ci if (ret != HC_SUCCESS) { 17117fd14ceSopenharmony_ci LOGE("Failed to set preSharedUrl of proof!"); 17217fd14ceSopenharmony_ci DestroyIdentityInfo(info); 17317fd14ceSopenharmony_ci return ret; 17417fd14ceSopenharmony_ci } 17517fd14ceSopenharmony_ci ret = SetProtocolsToIdentityInfo(info); 17617fd14ceSopenharmony_ci if (ret != HC_SUCCESS) { 17717fd14ceSopenharmony_ci LOGE("Failed to set protocols!"); 17817fd14ceSopenharmony_ci DestroyIdentityInfo(info); 17917fd14ceSopenharmony_ci return ret; 18017fd14ceSopenharmony_ci } 18117fd14ceSopenharmony_ci info->proofType = PRE_SHARED; 18217fd14ceSopenharmony_ci info->IdInfoType = P2P_DIRECT_AUTH; 18317fd14ceSopenharmony_ci *returnInfo = info; 18417fd14ceSopenharmony_ci return HC_SUCCESS; 18517fd14ceSopenharmony_ci} 18617fd14ceSopenharmony_ci 18717fd14ceSopenharmony_ci/** 18817fd14ceSopenharmony_ci * @brief compute shared key alias 18917fd14ceSopenharmony_ci * 19017fd14ceSopenharmony_ci * @param osAccountId 19117fd14ceSopenharmony_ci * @param selfAuthId self device udid 19217fd14ceSopenharmony_ci * @param peerAuthId peer device udid 19317fd14ceSopenharmony_ci * @param sharedKeyAlias 19417fd14ceSopenharmony_ci * @return int32_t 19517fd14ceSopenharmony_ci */ 19617fd14ceSopenharmony_cistatic int32_t ComputeAndSaveDirectAuthPsk(int32_t osAccountId, const char *selfAuthId, const char *peerAuthId, 19717fd14ceSopenharmony_ci const char *peerServiceType, const Uint8Buff *sharedKeyAlias) 19817fd14ceSopenharmony_ci{ 19917fd14ceSopenharmony_ci Uint8Buff selfAuthIdBuff = { (uint8_t *)selfAuthId, HcStrlen(selfAuthId) }; 20017fd14ceSopenharmony_ci Uint8Buff pkgNameBuff = { (uint8_t *)DEFAULT_PACKAGE_NAME, HcStrlen(DEFAULT_PACKAGE_NAME) }; 20117fd14ceSopenharmony_ci Uint8Buff serviceTypeBuff = { (uint8_t *)DEFAULT_SERVICE_TYPE, HcStrlen(DEFAULT_SERVICE_TYPE) }; 20217fd14ceSopenharmony_ci KeyAliasType keyType = KEY_ALIAS_P2P_AUTH; 20317fd14ceSopenharmony_ci uint8_t selfKeyAliasVal[PAKE_KEY_ALIAS_LEN] = { 0 }; 20417fd14ceSopenharmony_ci Uint8Buff selfKeyAlias = { selfKeyAliasVal, PAKE_KEY_ALIAS_LEN }; 20517fd14ceSopenharmony_ci int32_t ret = GenerateKeyAlias(&pkgNameBuff, &serviceTypeBuff, keyType, &selfAuthIdBuff, &selfKeyAlias); 20617fd14ceSopenharmony_ci if (ret != HC_SUCCESS) { 20717fd14ceSopenharmony_ci LOGE("Failed to generate self key alias!"); 20817fd14ceSopenharmony_ci return ret; 20917fd14ceSopenharmony_ci } 21017fd14ceSopenharmony_ci LOGI("selfKeyAlias: %x %x %x %x****.", selfKeyAlias.val[DEV_AUTH_ZERO], selfKeyAlias.val[DEV_AUTH_ONE], 21117fd14ceSopenharmony_ci selfKeyAlias.val[DEV_AUTH_TWO], selfKeyAlias.val[DEV_AUTH_THREE]); 21217fd14ceSopenharmony_ci 21317fd14ceSopenharmony_ci Uint8Buff peerServiceTypeBuff = { (uint8_t *)peerServiceType, HcStrlen(peerServiceType) }; 21417fd14ceSopenharmony_ci KeyAliasType keyTypePeer = KEY_ALIAS_P2P_AUTH; 21517fd14ceSopenharmony_ci Uint8Buff peerAuthIdBuff = { (uint8_t *)peerAuthId, HcStrlen(peerAuthId) }; 21617fd14ceSopenharmony_ci uint8_t peerKeyAliasVal[PAKE_KEY_ALIAS_LEN] = { 0 }; 21717fd14ceSopenharmony_ci Uint8Buff peerKeyAlias = { peerKeyAliasVal, PAKE_KEY_ALIAS_LEN }; 21817fd14ceSopenharmony_ci ret = GenerateKeyAlias(&pkgNameBuff, &peerServiceTypeBuff, keyTypePeer, &peerAuthIdBuff, &peerKeyAlias); 21917fd14ceSopenharmony_ci if (ret != HC_SUCCESS) { 22017fd14ceSopenharmony_ci LOGE("Failed to generate peer key alias!"); 22117fd14ceSopenharmony_ci return ret; 22217fd14ceSopenharmony_ci } 22317fd14ceSopenharmony_ci LOGI("peerKeyAlias: %x %x %x %x****.", peerKeyAlias.val[DEV_AUTH_ZERO], peerKeyAlias.val[DEV_AUTH_ONE], 22417fd14ceSopenharmony_ci peerKeyAlias.val[DEV_AUTH_TWO], peerKeyAlias.val[DEV_AUTH_THREE]); 22517fd14ceSopenharmony_ci 22617fd14ceSopenharmony_ci ret = GetLoaderInstance()->checkKeyExist(&selfKeyAlias, false, osAccountId); 22717fd14ceSopenharmony_ci if (ret != HC_SUCCESS) { 22817fd14ceSopenharmony_ci LOGE("self auth keyPair not exist!"); 22917fd14ceSopenharmony_ci return ret; 23017fd14ceSopenharmony_ci } 23117fd14ceSopenharmony_ci ret = GetLoaderInstance()->checkKeyExist(&peerKeyAlias, false, osAccountId); 23217fd14ceSopenharmony_ci if (ret != HC_SUCCESS) { 23317fd14ceSopenharmony_ci LOGE("peer auth pubKey not exist!"); 23417fd14ceSopenharmony_ci return ret; 23517fd14ceSopenharmony_ci } 23617fd14ceSopenharmony_ci 23717fd14ceSopenharmony_ci KeyParams selfKeyParams = { { selfKeyAlias.val, selfKeyAlias.length, true }, false, osAccountId }; 23817fd14ceSopenharmony_ci KeyBuff peerKeyBuff = { peerKeyAlias.val, peerKeyAlias.length, true }; 23917fd14ceSopenharmony_ci return GetLoaderInstance()->agreeSharedSecretWithStorage( 24017fd14ceSopenharmony_ci &selfKeyParams, &peerKeyBuff, ED25519, PAKE_PSK_LEN, sharedKeyAlias); 24117fd14ceSopenharmony_ci} 24217fd14ceSopenharmony_ci 24317fd14ceSopenharmony_cistatic int32_t GetDirectAuthPskAliasCreateIfNeeded(const CJson *in, Uint8Buff *pskKeyAlias) 24417fd14ceSopenharmony_ci{ 24517fd14ceSopenharmony_ci int32_t osAccountId = INVALID_OS_ACCOUNT; 24617fd14ceSopenharmony_ci if (GetIntFromJson(in, FIELD_OS_ACCOUNT_ID, &osAccountId) != HC_SUCCESS) { 24717fd14ceSopenharmony_ci LOGE("Failed to get osAccountId!"); 24817fd14ceSopenharmony_ci return HC_ERR_JSON_GET; 24917fd14ceSopenharmony_ci } 25017fd14ceSopenharmony_ci const char *selfAuthId = GetStringFromJson(in, FIELD_AUTH_ID); 25117fd14ceSopenharmony_ci if (selfAuthId == NULL) { 25217fd14ceSopenharmony_ci LOGE("get authId from context fail."); 25317fd14ceSopenharmony_ci return HC_ERR_JSON_GET; 25417fd14ceSopenharmony_ci } 25517fd14ceSopenharmony_ci const char *peerAuthId = GetStringFromJson(in, FIELD_PEER_CONN_DEVICE_ID); 25617fd14ceSopenharmony_ci if (peerAuthId == NULL) { 25717fd14ceSopenharmony_ci LOGE("get peerConnDeviceId from json fail."); 25817fd14ceSopenharmony_ci return HC_ERR_JSON_GET; 25917fd14ceSopenharmony_ci } 26017fd14ceSopenharmony_ci const char *peerServieType = GetStringFromJson(in, FIELD_SERVICE_TYPE); 26117fd14ceSopenharmony_ci if (peerServieType == NULL) { 26217fd14ceSopenharmony_ci LOGI("get serviceType from json fail, replace by default"); 26317fd14ceSopenharmony_ci peerServieType = DEFAULT_SERVICE_TYPE; 26417fd14ceSopenharmony_ci } 26517fd14ceSopenharmony_ci Uint8Buff pkgNameBuff = { (uint8_t *)DEFAULT_PACKAGE_NAME, HcStrlen(DEFAULT_PACKAGE_NAME) }; 26617fd14ceSopenharmony_ci Uint8Buff serviceTypeBuff = { (uint8_t *)peerServieType, HcStrlen(peerServieType) }; 26717fd14ceSopenharmony_ci Uint8Buff peerAuthIdBuff = { (uint8_t *)peerAuthId, HcStrlen(peerAuthId) }; 26817fd14ceSopenharmony_ci int32_t ret = GenerateKeyAlias(&pkgNameBuff, &serviceTypeBuff, KEY_ALIAS_PSK, &peerAuthIdBuff, pskKeyAlias); 26917fd14ceSopenharmony_ci if (ret != HC_SUCCESS) { 27017fd14ceSopenharmony_ci LOGE("Failed to generate psk key alias!"); 27117fd14ceSopenharmony_ci return ret; 27217fd14ceSopenharmony_ci } 27317fd14ceSopenharmony_ci LOGI("psk alias: %x %x %x %x****.", pskKeyAlias->val[DEV_AUTH_ZERO], pskKeyAlias->val[DEV_AUTH_ONE], 27417fd14ceSopenharmony_ci pskKeyAlias->val[DEV_AUTH_TWO], pskKeyAlias->val[DEV_AUTH_THREE]); 27517fd14ceSopenharmony_ci ret = GetLoaderInstance()->checkKeyExist(pskKeyAlias, false, osAccountId); 27617fd14ceSopenharmony_ci if (ret != HC_SUCCESS) { 27717fd14ceSopenharmony_ci ret = ComputeAndSaveDirectAuthPsk(osAccountId, selfAuthId, peerAuthId, peerServieType, pskKeyAlias); 27817fd14ceSopenharmony_ci } 27917fd14ceSopenharmony_ci return ret; 28017fd14ceSopenharmony_ci} 28117fd14ceSopenharmony_ci 28217fd14ceSopenharmony_cistatic int32_t GetSharedSecretByUrl( 28317fd14ceSopenharmony_ci const CJson *in, const Uint8Buff *presharedUrl, ProtocolAlgType protocolType, Uint8Buff *sharedSecret) 28417fd14ceSopenharmony_ci{ 28517fd14ceSopenharmony_ci (void)protocolType; 28617fd14ceSopenharmony_ci if (in == NULL || presharedUrl == NULL || sharedSecret == NULL) { 28717fd14ceSopenharmony_ci LOGE("Invalid input params!"); 28817fd14ceSopenharmony_ci return HC_ERR_INVALID_PARAMS; 28917fd14ceSopenharmony_ci } 29017fd14ceSopenharmony_ci int32_t osAccountId; 29117fd14ceSopenharmony_ci if (GetIntFromJson(in, FIELD_OS_ACCOUNT_ID, &osAccountId) != HC_SUCCESS) { 29217fd14ceSopenharmony_ci LOGE("Failed to get osAccountId!"); 29317fd14ceSopenharmony_ci return HC_ERR_JSON_GET; 29417fd14ceSopenharmony_ci } 29517fd14ceSopenharmony_ci uint8_t pskKeyAliasVal[PAKE_KEY_ALIAS_LEN] = { 0 }; 29617fd14ceSopenharmony_ci Uint8Buff pskKeyAlias = { pskKeyAliasVal, PAKE_KEY_ALIAS_LEN }; 29717fd14ceSopenharmony_ci int32_t ret = GetDirectAuthPskAliasCreateIfNeeded(in, &pskKeyAlias); 29817fd14ceSopenharmony_ci if (ret != HC_SUCCESS) { 29917fd14ceSopenharmony_ci LOGE("Failed to generate key alias for psk!"); 30017fd14ceSopenharmony_ci return ret; 30117fd14ceSopenharmony_ci } 30217fd14ceSopenharmony_ci uint8_t nonceVal[PAKE_NONCE_LEN] = { 0 }; 30317fd14ceSopenharmony_ci Uint8Buff nonceBuff = { nonceVal, PAKE_NONCE_LEN }; 30417fd14ceSopenharmony_ci if (GetByteFromJson(in, FIELD_NONCE, nonceBuff.val, nonceBuff.length) != HC_SUCCESS) { 30517fd14ceSopenharmony_ci LOGE("Failed to get nonce!"); 30617fd14ceSopenharmony_ci return HC_ERR_JSON_GET; 30717fd14ceSopenharmony_ci } 30817fd14ceSopenharmony_ci uint8_t pskVal[PAKE_PSK_LEN] = { 0 }; 30917fd14ceSopenharmony_ci Uint8Buff pskBuff = { pskVal, PAKE_PSK_LEN }; 31017fd14ceSopenharmony_ci Uint8Buff keyInfo = { (uint8_t *)TMP_AUTH_KEY_FACTOR, HcStrlen(TMP_AUTH_KEY_FACTOR) }; 31117fd14ceSopenharmony_ci KeyParams keyAliasParams = { { pskKeyAlias.val, pskKeyAlias.length, true }, false, osAccountId }; 31217fd14ceSopenharmony_ci ret = GetLoaderInstance()->computeHkdf(&keyAliasParams, &nonceBuff, &keyInfo, &pskBuff); 31317fd14ceSopenharmony_ci if (ret != HC_SUCCESS) { 31417fd14ceSopenharmony_ci LOGE("Failed to compute hkdf for psk!"); 31517fd14ceSopenharmony_ci return ret; 31617fd14ceSopenharmony_ci } 31717fd14ceSopenharmony_ci ret = ConvertPsk(&pskBuff, sharedSecret); 31817fd14ceSopenharmony_ci if (ret != HC_SUCCESS) { 31917fd14ceSopenharmony_ci LOGE("Failed to convert psk!"); 32017fd14ceSopenharmony_ci } 32117fd14ceSopenharmony_ci return ret; 32217fd14ceSopenharmony_ci} 32317fd14ceSopenharmony_ci 32417fd14ceSopenharmony_cistatic int32_t GetCredInfoByPeerCert(const CJson *in, const CertInfo *certInfo, IdentityInfo **returnInfo) 32517fd14ceSopenharmony_ci{ 32617fd14ceSopenharmony_ci // NOT SUPPORT FOR P2P AUTH 32717fd14ceSopenharmony_ci (void)in; 32817fd14ceSopenharmony_ci (void)certInfo; 32917fd14ceSopenharmony_ci (void)returnInfo; 33017fd14ceSopenharmony_ci return HC_ERR_ALG_FAIL; 33117fd14ceSopenharmony_ci} 33217fd14ceSopenharmony_ci 33317fd14ceSopenharmony_cistatic int32_t GetSharedSecretByPeerCert( 33417fd14ceSopenharmony_ci const CJson *in, const CertInfo *peerCertInfo, ProtocolAlgType protocolType, Uint8Buff *sharedSecret) 33517fd14ceSopenharmony_ci{ 33617fd14ceSopenharmony_ci // NOT SUPPORT P2P AUTH 33717fd14ceSopenharmony_ci (void)in; 33817fd14ceSopenharmony_ci (void)peerCertInfo; 33917fd14ceSopenharmony_ci (void)protocolType; 34017fd14ceSopenharmony_ci (void)sharedSecret; 34117fd14ceSopenharmony_ci return HC_ERR_ALG_FAIL; 34217fd14ceSopenharmony_ci} 34317fd14ceSopenharmony_ci 34417fd14ceSopenharmony_cistatic const AuthIdentity g_authIdentity = { 34517fd14ceSopenharmony_ci .getCredInfosByPeerIdentity = GetCredInfosByPeerIdentity, 34617fd14ceSopenharmony_ci .getCredInfoByPeerUrl = GetCredInfoByPeerUrl, 34717fd14ceSopenharmony_ci .getSharedSecretByUrl = GetSharedSecretByUrl, 34817fd14ceSopenharmony_ci .getCredInfoByPeerCert = GetCredInfoByPeerCert, 34917fd14ceSopenharmony_ci .getSharedSecretByPeerCert = GetSharedSecretByPeerCert, 35017fd14ceSopenharmony_ci}; 35117fd14ceSopenharmony_ci 35217fd14ceSopenharmony_ciconst AuthIdentity *GetP2pAuthIdentity(void) 35317fd14ceSopenharmony_ci{ 35417fd14ceSopenharmony_ci return &g_authIdentity; 35517fd14ceSopenharmony_ci}