1094332d3Sopenharmony_ci/* 2094332d3Sopenharmony_ci * Copyright (c) 2023 Huawei Device Co., Ltd. 3094332d3Sopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 4094332d3Sopenharmony_ci * you may not use this file except in compliance with the License. 5094332d3Sopenharmony_ci * You may obtain a copy of the License at 6094332d3Sopenharmony_ci * 7094332d3Sopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 8094332d3Sopenharmony_ci * 9094332d3Sopenharmony_ci * Unless required by applicable law or agreed to in writing, software 10094332d3Sopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 11094332d3Sopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12094332d3Sopenharmony_ci * See the License for the specific language governing permissions and 13094332d3Sopenharmony_ci * limitations under the License. 14094332d3Sopenharmony_ci */ 15094332d3Sopenharmony_ci 16094332d3Sopenharmony_ci#ifndef HUKS_SA_HDI_H 17094332d3Sopenharmony_ci#define HUKS_SA_HDI_H 18094332d3Sopenharmony_ci 19094332d3Sopenharmony_ci#include "huks_sa_type.h" 20094332d3Sopenharmony_ci 21094332d3Sopenharmony_cistruct HuksHdi { 22094332d3Sopenharmony_ci /** 23094332d3Sopenharmony_ci * @brief HUKS initialize 24094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 25094332d3Sopenharmony_ci */ 26094332d3Sopenharmony_ci int32_t (*HuksHdiModuleInit)(void); 27094332d3Sopenharmony_ci 28094332d3Sopenharmony_ci /** 29094332d3Sopenharmony_ci * @brief HUKS destroy 30094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 31094332d3Sopenharmony_ci */ 32094332d3Sopenharmony_ci int32_t (*HuksHdiModuleDestroy)(void); 33094332d3Sopenharmony_ci 34094332d3Sopenharmony_ci /** 35094332d3Sopenharmony_ci * @brief HUKS fresh key info 36094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 37094332d3Sopenharmony_ci */ 38094332d3Sopenharmony_ci int32_t (*HuksHdiRefresh)(void); 39094332d3Sopenharmony_ci 40094332d3Sopenharmony_ci /** 41094332d3Sopenharmony_ci * @brief Generate key 42094332d3Sopenharmony_ci * @param keyAlias key alias 43094332d3Sopenharmony_ci * @param paramSet required parameter set 44094332d3Sopenharmony_ci * @param keyIn key to generate key 45094332d3Sopenharmony_ci * @param keyOut output key 46094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 47094332d3Sopenharmony_ci */ 48094332d3Sopenharmony_ci int32_t (*HuksHdiGenerateKey)(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet, 49094332d3Sopenharmony_ci const struct HksBlob *keyIn, struct HksBlob *keyOut); 50094332d3Sopenharmony_ci 51094332d3Sopenharmony_ci /** 52094332d3Sopenharmony_ci * @brief Import key 53094332d3Sopenharmony_ci * @param keyAlias key alias 54094332d3Sopenharmony_ci * @param key the key needs to be imported 55094332d3Sopenharmony_ci * @param paramSet required parameter set 56094332d3Sopenharmony_ci * @param keyOut output key 57094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 58094332d3Sopenharmony_ci */ 59094332d3Sopenharmony_ci int32_t (*HuksHdiImportKey)(const struct HksBlob *keyAlias, const struct HksBlob *key, 60094332d3Sopenharmony_ci const struct HksParamSet *paramSet, struct HksBlob *keyOut); 61094332d3Sopenharmony_ci 62094332d3Sopenharmony_ci /** 63094332d3Sopenharmony_ci * @brief Import wrapped key 64094332d3Sopenharmony_ci * @param wrappingKeyAlias alias used to decrypt the key data after the wrap 65094332d3Sopenharmony_ci * @param key the key to wrap key 66094332d3Sopenharmony_ci * @param wrappedKeyData wrapped key data out 67094332d3Sopenharmony_ci * @param paramSet required parameter set 68094332d3Sopenharmony_ci * @param keyOut output key 69094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 70094332d3Sopenharmony_ci */ 71094332d3Sopenharmony_ci int32_t (*HuksHdiImportWrappedKey)(const struct HksBlob *wrappingKeyAlias, const struct HksBlob *key, 72094332d3Sopenharmony_ci const struct HksBlob *wrappedKeyData, const struct HksParamSet *paramSet, struct HksBlob *keyOut); 73094332d3Sopenharmony_ci 74094332d3Sopenharmony_ci /** 75094332d3Sopenharmony_ci * @brief Export public key 76094332d3Sopenharmony_ci * @param key key need to export 77094332d3Sopenharmony_ci * @param paramSet required parameter set 78094332d3Sopenharmony_ci * @param keyOut exported key 79094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 80094332d3Sopenharmony_ci */ 81094332d3Sopenharmony_ci int32_t (*HuksHdiExportPublicKey)(const struct HksBlob *key, const struct HksParamSet *paramSet, 82094332d3Sopenharmony_ci struct HksBlob *keyOut); 83094332d3Sopenharmony_ci 84094332d3Sopenharmony_ci /** 85094332d3Sopenharmony_ci * @brief Init operation 86094332d3Sopenharmony_ci * @param key the key 87094332d3Sopenharmony_ci * @param paramSet required parameter set 88094332d3Sopenharmony_ci * @param handle operation handle 89094332d3Sopenharmony_ci * @param token token 90094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 91094332d3Sopenharmony_ci */ 92094332d3Sopenharmony_ci int32_t (*HuksHdiInit)(const struct HksBlob *key, const struct HksParamSet *paramSet, struct HksBlob *handle, 93094332d3Sopenharmony_ci struct HksBlob *token); 94094332d3Sopenharmony_ci 95094332d3Sopenharmony_ci /** 96094332d3Sopenharmony_ci * @brief Update operation 97094332d3Sopenharmony_ci * @param handle operation handle 98094332d3Sopenharmony_ci * @param paramSet required parameter set 99094332d3Sopenharmony_ci * @param inData the data to update 100094332d3Sopenharmony_ci * @param outData output data 101094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 102094332d3Sopenharmony_ci */ 103094332d3Sopenharmony_ci int32_t (*HuksHdiUpdate)(const struct HksBlob *handle, const struct HksParamSet *paramSet, 104094332d3Sopenharmony_ci const struct HksBlob *inData, struct HksBlob *outData); 105094332d3Sopenharmony_ci 106094332d3Sopenharmony_ci /** 107094332d3Sopenharmony_ci * @brief Finish operation 108094332d3Sopenharmony_ci * @param handle operation handle 109094332d3Sopenharmony_ci * @param paramSet required parameter set 110094332d3Sopenharmony_ci * @param inData the data to update 111094332d3Sopenharmony_ci * @param outData output data 112094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 113094332d3Sopenharmony_ci */ 114094332d3Sopenharmony_ci int32_t (*HuksHdiFinish)(const struct HksBlob *handle, const struct HksParamSet *paramSet, 115094332d3Sopenharmony_ci const struct HksBlob *inData, struct HksBlob *outData); 116094332d3Sopenharmony_ci 117094332d3Sopenharmony_ci /** 118094332d3Sopenharmony_ci * @brief Finish operation 119094332d3Sopenharmony_ci * @param handle operation handle 120094332d3Sopenharmony_ci * @param paramSet required parameter set 121094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 122094332d3Sopenharmony_ci */ 123094332d3Sopenharmony_ci int32_t (*HuksHdiAbort)(const struct HksBlob *handle, const struct HksParamSet *paramSet); 124094332d3Sopenharmony_ci 125094332d3Sopenharmony_ci /** 126094332d3Sopenharmony_ci * @brief Get key properties 127094332d3Sopenharmony_ci * @param paramSet required parameter set 128094332d3Sopenharmony_ci * @param key the key 129094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 130094332d3Sopenharmony_ci */ 131094332d3Sopenharmony_ci int32_t (*HuksHdiGetKeyProperties)(const struct HksParamSet *paramSet, const struct HksBlob *key); 132094332d3Sopenharmony_ci 133094332d3Sopenharmony_ci /** 134094332d3Sopenharmony_ci * @brief Attest key 135094332d3Sopenharmony_ci * @param key the key 136094332d3Sopenharmony_ci * @param paramSet required parameter set 137094332d3Sopenharmony_ci * @param certChain cert chain 138094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 139094332d3Sopenharmony_ci */ 140094332d3Sopenharmony_ci int32_t (*HuksHdiAttestKey)(const struct HksBlob *key, const struct HksParamSet *paramSet, 141094332d3Sopenharmony_ci struct HksBlob *certChain); 142094332d3Sopenharmony_ci 143094332d3Sopenharmony_ci /** 144094332d3Sopenharmony_ci * @brief Get ability 145094332d3Sopenharmony_ci * @param funcType the function type 146094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 147094332d3Sopenharmony_ci */ 148094332d3Sopenharmony_ci int32_t (*HuksHdiGetAbility)(int32_t funcType); 149094332d3Sopenharmony_ci 150094332d3Sopenharmony_ci /** 151094332d3Sopenharmony_ci * @brief Get hardware info 152094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 153094332d3Sopenharmony_ci */ 154094332d3Sopenharmony_ci int32_t (*HuksHdiGetHardwareInfo)(void); 155094332d3Sopenharmony_ci 156094332d3Sopenharmony_ci /** 157094332d3Sopenharmony_ci * @brief Calculate mac header 158094332d3Sopenharmony_ci * @param paramSet required parameter set 159094332d3Sopenharmony_ci * @param salt the salt value 160094332d3Sopenharmony_ci * @param srcData the data to calculte 161094332d3Sopenharmony_ci * @param mac output mac value 162094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 163094332d3Sopenharmony_ci */ 164094332d3Sopenharmony_ci int32_t (*HuksHdiCalcMacHeader)(const struct HksParamSet *paramSet, const struct HksBlob *salt, 165094332d3Sopenharmony_ci const struct HksBlob *srcData, struct HksBlob *mac); 166094332d3Sopenharmony_ci 167094332d3Sopenharmony_ci /** 168094332d3Sopenharmony_ci * @brief Upgrade key info 169094332d3Sopenharmony_ci * @param keyAlias key alias 170094332d3Sopenharmony_ci * @param keyInfo key info 171094332d3Sopenharmony_ci * @param keyOut output key value 172094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 173094332d3Sopenharmony_ci */ 174094332d3Sopenharmony_ci int32_t (*HuksHdiUpgradeKeyInfo)(const struct HksBlob *keyAlias, const struct HksBlob *keyInfo, 175094332d3Sopenharmony_ci struct HksBlob *keyOut); 176094332d3Sopenharmony_ci 177094332d3Sopenharmony_ci /** 178094332d3Sopenharmony_ci * @brief Generate random 179094332d3Sopenharmony_ci * @param paramSet required parameter set 180094332d3Sopenharmony_ci * @param random output random 181094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 182094332d3Sopenharmony_ci */ 183094332d3Sopenharmony_ci int32_t (*HuksHdiGenerateRandom)(const struct HksParamSet *paramSet, struct HksBlob *random); 184094332d3Sopenharmony_ci 185094332d3Sopenharmony_ci /** 186094332d3Sopenharmony_ci * @brief Sign operation 187094332d3Sopenharmony_ci * @param key required key to sign data 188094332d3Sopenharmony_ci * @param paramSet required parameter set 189094332d3Sopenharmony_ci * @param srcData the data needs to sign 190094332d3Sopenharmony_ci * @param signature signatured data 191094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 192094332d3Sopenharmony_ci */ 193094332d3Sopenharmony_ci int32_t (*HuksHdiSign)(const struct HksBlob *key, const struct HksParamSet *paramSet, 194094332d3Sopenharmony_ci const struct HksBlob *srcData, struct HksBlob *signature); 195094332d3Sopenharmony_ci 196094332d3Sopenharmony_ci /** 197094332d3Sopenharmony_ci * @brief Verify operation 198094332d3Sopenharmony_ci * @param key required key to verify data 199094332d3Sopenharmony_ci * @param paramSet required parameter set 200094332d3Sopenharmony_ci * @param srcData the data needs to verify 201094332d3Sopenharmony_ci * @param signature verified data 202094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 203094332d3Sopenharmony_ci */ 204094332d3Sopenharmony_ci int32_t (*HuksHdiVerify)(const struct HksBlob *key, const struct HksParamSet *paramSet, 205094332d3Sopenharmony_ci const struct HksBlob *srcData, const struct HksBlob *signature); 206094332d3Sopenharmony_ci 207094332d3Sopenharmony_ci /** 208094332d3Sopenharmony_ci * @brief Encrypt operation 209094332d3Sopenharmony_ci * @param key required key to encrypt data 210094332d3Sopenharmony_ci * @param paramSet required parameter set 211094332d3Sopenharmony_ci * @param plainText the data needs to encrypt 212094332d3Sopenharmony_ci * @param cipherText encrypted data 213094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 214094332d3Sopenharmony_ci */ 215094332d3Sopenharmony_ci int32_t (*HuksHdiEncrypt)(const struct HksBlob *key, const struct HksParamSet *paramSet, 216094332d3Sopenharmony_ci const struct HksBlob *plainText, struct HksBlob *cipherText); 217094332d3Sopenharmony_ci 218094332d3Sopenharmony_ci /** 219094332d3Sopenharmony_ci * @brief Decrypt operation 220094332d3Sopenharmony_ci * @param key required key to decrypt data 221094332d3Sopenharmony_ci * @param paramSet required parameter set 222094332d3Sopenharmony_ci * @param cipherText the data needs to decrypt 223094332d3Sopenharmony_ci * @param plainText decrypted data 224094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 225094332d3Sopenharmony_ci */ 226094332d3Sopenharmony_ci int32_t (*HuksHdiDecrypt)(const struct HksBlob *key, const struct HksParamSet *paramSet, 227094332d3Sopenharmony_ci const struct HksBlob *cipherText, struct HksBlob *plainText); 228094332d3Sopenharmony_ci 229094332d3Sopenharmony_ci /** 230094332d3Sopenharmony_ci * @brief Agree key 231094332d3Sopenharmony_ci * @param paramSet required parameter set 232094332d3Sopenharmony_ci * @param privateKey self private key 233094332d3Sopenharmony_ci * @param peerPublicKey peer public key 234094332d3Sopenharmony_ci * @param agreedKey agreed key 235094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 236094332d3Sopenharmony_ci */ 237094332d3Sopenharmony_ci int32_t (*HuksHdiAgreeKey)(const struct HksParamSet *paramSet, const struct HksBlob *privateKey, 238094332d3Sopenharmony_ci const struct HksBlob *peerPublicKey, struct HksBlob *agreedKey); 239094332d3Sopenharmony_ci 240094332d3Sopenharmony_ci /** 241094332d3Sopenharmony_ci * @brief Derive key 242094332d3Sopenharmony_ci * @param paramSet required parameter set 243094332d3Sopenharmony_ci * @param kdfKey main key to derive key 244094332d3Sopenharmony_ci * @param derivedKey derived key 245094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 246094332d3Sopenharmony_ci */ 247094332d3Sopenharmony_ci int32_t (*HuksHdiDeriveKey)(const struct HksParamSet *paramSet, const struct HksBlob *kdfKey, 248094332d3Sopenharmony_ci struct HksBlob *derivedKey); 249094332d3Sopenharmony_ci 250094332d3Sopenharmony_ci /** 251094332d3Sopenharmony_ci * @brief Mac operation 252094332d3Sopenharmony_ci * @param key main key to derive key 253094332d3Sopenharmony_ci * @param paramSet required parameter set 254094332d3Sopenharmony_ci * @param srcData data needs to mac 255094332d3Sopenharmony_ci * @param mac mac value 256094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 257094332d3Sopenharmony_ci */ 258094332d3Sopenharmony_ci int32_t (*HuksHdiMac)(const struct HksBlob *key, const struct HksParamSet *paramSet, 259094332d3Sopenharmony_ci const struct HksBlob *srcData, struct HksBlob *mac); 260094332d3Sopenharmony_ci 261094332d3Sopenharmony_ci /** 262094332d3Sopenharmony_ci * @brief Upgrade key 263094332d3Sopenharmony_ci * @param oldKey old key to be upgraded 264094332d3Sopenharmony_ci * @param paramSet required parameter set 265094332d3Sopenharmony_ci * @param newKey new key 266094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 267094332d3Sopenharmony_ci */ 268094332d3Sopenharmony_ci int32_t (*HuksHdiUpgradeKey)(const struct HksBlob *oldKey, const struct HksParamSet *paramSet, 269094332d3Sopenharmony_ci struct HksBlob *newKey); 270094332d3Sopenharmony_ci 271094332d3Sopenharmony_ci /** 272094332d3Sopenharmony_ci * @brief Export chipset platform publicKey 273094332d3Sopenharmony_ci * @param salt salt value 274094332d3Sopenharmony_ci * @param scene scene 275094332d3Sopenharmony_ci * @param publicKey public key 276094332d3Sopenharmony_ci * @return error code, see huks_sa_type.h 277094332d3Sopenharmony_ci */ 278094332d3Sopenharmony_ci int32_t (*HuksHdiExportChipsetPlatformPublicKey)(const struct HksBlob *salt, 279094332d3Sopenharmony_ci enum HksChipsetPlatformDecryptScene scene, struct HksBlob *publicKey); 280094332d3Sopenharmony_ci}; 281094332d3Sopenharmony_ci 282094332d3Sopenharmony_ci#endif