andy/phs_v1.0.1.0
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

提交 #1

Browse Source
This commit is contained in:
andy
2024-09-27 19:16:49 +08:00
commit 49d0cea04d
10000 changed files with 1616312 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

326
base/security/device_auth/interfaces/inner_api/device_auth.h Normal file
View File

@@ -0,0 +1,326 @@
/*
* Copyright (C) 2021-2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef DEVICE_AUTH_H
#define DEVICE_AUTH_H
#include <stdint.h>
#include <stdbool.h>
#if defined(__LINUX__) || defined(_UNIX)
#define DEVICE_AUTH_API_PUBLIC __attribute__ ((visibility("default")))
#else
#define DEVICE_AUTH_API_PUBLIC
#endif
#define FIELD_GROUP_ID "groupId"
#define FIELD_GROUP_TYPE "groupType"
#define FIELD_GROUP_NAME "groupName"
#define FIELD_PEER_DEVICE_ID "peerDeviceId"
#define FIELD_IS_ADMIN "isAdmin"
#define FIELD_CREDENTIAL_TYPE "credentialType"
#define FIELD_IS_FORCE_DELETE "isForceDelete"
#define FIELD_IS_IGNORE_CHANNEL "isIgnoreChannel"
#define FIELD_CONNECT_PARAMS "connectParams"
#define FIELD_ADD_ID "addId"
#define FIELD_DELETE_ID "deleteId"
#define FIELD_APP_ID "appId"
#define FIELD_SERVICE_TYPE "serviceType"
#define FIELD_IS_DEVICE_LEVEL "isDeviceLevel"
#define FIELD_ALTERNATIVE "alternative"
#define FIELD_PEER_UDID "peerUdid"
#define FIELD_PEER_CONN_DEVICE_ID "peerConnDeviceId"
#define FIELD_KEY_LENGTH "keyLength"
#define FIELD_IS_CLIENT "isClient"
#define FIELD_SESSION_KEY "sessionKey"
#define FIELD_AUTH_FORM "authForm"
#define FIELD_CONFIRMATION "confirmation"
#define FIELD_GROUP_OWNER "groupOwner"
#define FIELD_PEER_AUTH_ID "peerAuthId"
#define FIELD_PEER_USER_TYPE "peerUserType"
#define FIELD_PEER_USER_ID "peerUserId"
#define FIELD_SERVICE_PKG_NAME "servicePkgName"
#define FIELD_USER_TYPE "userType"
#define FIELD_USER_ID "userId"
#define FIELD_SHARED_USER_ID "sharedUserId"
#define FIELD_OWNER_USER_ID "ownerUserId"
#define FIELD_DEVICE_ID "deviceId"
#define FIELD_PIN_CODE "pinCode"
#define FIELD_AUTH_ID "authId"
#define FIELD_UDID "udid"
#define FIELD_IS_SELF_PK "isSelfPk"
#define FIELD_GROUP_VISIBILITY "groupVisibility"
#define FIELD_EXPIRE_TIME "expireTime"
#define FIELD_IS_DELETE_ALL "isDeleteAll"
#define FIELD_OS_ACCOUNT_ID "osAccountId"
#define FIELD_AUTH_CODE "authCode"
#define FIELD_DEVICE_LIST "deviceList"
#define FIELD_IS_UDID_HASH "isUdidHash"
/**
* @brief type of local system account
*/
typedef enum {
/** default local system account */
DEFAULT_OS_ACCOUNT = 0,
/** the local system account of foreground user */
ANY_OS_ACCOUNT = -2,
} OsAccountEnum;
/**
* @brief describes all group types
*/
typedef enum {
/** refers to all group types and is used to query group information */
ALL_GROUP = 0,
/** group type of the same clound account */
IDENTICAL_ACCOUNT_GROUP = 1,
/** group type of the p2p binding */
PEER_TO_PEER_GROUP = 256,
/** group type shared to other cloud accounts */
ACROSS_ACCOUNT_AUTHORIZE_GROUP = 1282
} GroupType;
/**
* @brief describes all group visibility types
*/
typedef enum {
/** visibility type of private group */
GROUP_VISIBILITY_PRIVATE = 0,
/** visibility type of public group */
GROUP_VISIBILITY_PUBLIC = -1
} GroupVisibility;
/**
* @brief describes all group operation codes
*/
typedef enum {
/** opeation code for group creation */
GROUP_CREATE = 0,
/** opeation code for group destruction */
GROUP_DISBAND = 1,
/** opeation code for inviting the peer device to join the local trusted group */
MEMBER_INVITE = 2,
/** opeation code for joining the peer trusted group */
MEMBER_JOIN = 3,
/** opeation code for unbinding with peer device */
MEMBER_DELETE = 4,
} GroupOperationCode;
/**
* @brief describes all group authentication types
*/
typedef enum {
/** invalid group authentication type */
AUTH_FORM_INVALID_TYPE = -1,
/** p2p group authentication type */
AUTH_FORM_ACCOUNT_UNRELATED = 0,
/** group authentication type of the same cloud account */
AUTH_FORM_IDENTICAL_ACCOUNT = 1,
/** group authentication type shared to other cloud accounts */
AUTH_FORM_ACROSS_ACCOUNT = 2,
} GroupAuthForm;
/**
* @brief describes all credential types
*/
typedef enum {
/** symmetrical credential type */
SYMMETRIC_CRED = 1,
/** asymmetric credential type */
ASYMMETRIC_CRED = 2,
} CredType;
/**
* @brief describes all device types
*/
typedef enum {
/** device type is accessory */
DEVICE_TYPE_ACCESSORY = 0,
/** device type is controller */
DEVICE_TYPE_CONTROLLER = 1,
/** device type is proxy */
DEVICE_TYPE_PROXY = 2
} UserType;
/**
* @brief describes request response results
*/
typedef enum {
/** reject the request from the peer device */
REQUEST_REJECTED = 0x80000005,
/** accept the request from the peer device */
REQUEST_ACCEPTED = 0x80000006,
} RequestResponse;
/**
* @brief This structure provides the ability to monitor changes in trusted groups and devices.
*/
typedef struct {
/** Call it when a new group is created. */
void (*onGroupCreated)(const char *groupInfo);
/** Call it when a group is destroyed. */
void (*onGroupDeleted)(const char *groupInfo);
/** Call it when a group adds a trusted device. */
void (*onDeviceBound)(const char *peerUdid, const char *groupInfo);
/** Call it when a group deletes a trusted device. */
void (*onDeviceUnBound)(const char *peerUdid, const char *groupInfo);
/** Call it when a device has no trust relationship in all groups. */
void (*onDeviceNotTrusted)(const char *peerUdid);
/** Call it when a device has no trust relationship in all groups of a certain type. */
void (*onLastGroupDeleted)(const char *peerUdid, int groupType);
void (*onTrustedDeviceNumChanged)(int curTrustedDeviceNum);
} DataChangeListener;
/**
* @brief This structure describes the callbacks that need to be provided by the business.
*/
typedef struct {
/** Call it when there is data to be sent. */
bool (*onTransmit)(int64_t requestId, const uint8_t *data, uint32_t dataLen);
/** Call it when the session key is returned. */
void (*onSessionKeyReturned)(int64_t requestId, const uint8_t *sessionKey, uint32_t sessionKeyLen);
/** Call it when the asynchronous operation is successful. */
void (*onFinish)(int64_t requestId, int operationCode, const char *returnData);
/** Call it when the asynchronous operation fails. */
void (*onError)(int64_t requestId, int operationCode, int errorCode, const char *errorReturn);
/** Call it when receiving requests from other devices. */
char *(*onRequest)(int64_t requestId, int operationCode, const char *reqParams);
} DeviceAuthCallback;
/**
* @brief This structure provides all the capabilities of group authentication.
*/
typedef struct {
/** This interface is used to process authentication data. */
int32_t (*processData)(int64_t authReqId, const uint8_t *data, uint32_t dataLen,
const DeviceAuthCallback *gaCallback);
/** This interface is used to initiate authentication between devices. */
int32_t (*authDevice)(int32_t osAccountId, int64_t authReqId, const char *authParams,
const DeviceAuthCallback *gaCallback);
/** This interface is used to cancel an authentication process. */
void (*cancelRequest)(int64_t requestId, const char *appId);
/** This interface is used to get real info by pseudonym id. */
int32_t (*getRealInfo)(int32_t osAccountId, const char *pseudonymId, char **realInfo);
/** This interface is used to get pseudonym id by an index. */
int32_t (*getPseudonymId)(int32_t osAccountId, const char *indexKey, char **pseudonymId);
} GroupAuthManager;
typedef struct {
/** This interface is used to register business callbacks. */
int32_t (*regCallback)(const char *appId, const DeviceAuthCallback *callback);
/** This interface is used to unregister business callbacks. */
int32_t (*unRegCallback)(const char *appId);
/** This interface is used to register callback for data change monitoring. */
int32_t (*regDataChangeListener)(const char *appId, const DataChangeListener *listener);
/** This interface is used to unregister callback for data change monitoring. */
int32_t (*unRegDataChangeListener)(const char *appId);
/** This interface is used to create a trusted group. */
int32_t (*createGroup)(int32_t osAccountId, int64_t requestId, const char *appId, const char *createParams);
/** This interface is used to delete a trusted group. */
int32_t (*deleteGroup)(int32_t osAccountId, int64_t requestId, const char *appId, const char *disbandParams);
/** This interface is used to add a trusted device to a trusted group. */
int32_t (*addMemberToGroup)(int32_t osAccountId, int64_t requestId, const char *appId, const char *addParams);
/** This interface is used to delete a trusted device from a trusted group. */
int32_t (*deleteMemberFromGroup)(int32_t osAccountId, int64_t requestId, const char *appId,
const char *deleteParams);
/** This interface is used to process data of binding or unbinding devices. */
int32_t (*processData)(int64_t requestId, const uint8_t *data, uint32_t dataLen);
/** This interface is used to batch add trusted devices with account relationships. */
int32_t (*addMultiMembersToGroup)(int32_t osAccountId, const char *appId, const char *addParams);
/** This interface is used to batch delete trusted devices with account relationships. */
int32_t (*delMultiMembersFromGroup)(int32_t osAccountId, const char *appId, const char *deleteParams);
/** This interface is used to obtain the registration information of the local device. */
int32_t (*getRegisterInfo)(const char *reqJsonStr, char **returnRegisterInfo);
/** This interface is used to check whether the specified application has access rights to the group. */
int32_t (*checkAccessToGroup)(int32_t osAccountId, const char *appId, const char *groupId);
/** This interface is used to obtain all public key information related to a device. */
int32_t (*getPkInfoList)(int32_t osAccountId, const char *appId, const char *queryParams, char **returnInfoList,
uint32_t *returnInfoNum);
/** This interface is used to obtain group information of a group. */
int32_t (*getGroupInfoById)(int32_t osAccountId, const char *appId, const char *groupId, char **returnGroupInfo);
/** This interface is used to obtain the group information of groups that meet the query parameters. */
int32_t (*getGroupInfo)(int32_t osAccountId, const char *appId, const char *queryParams,
char **returnGroupVec, uint32_t *groupNum);
/** This interface is used to obtain all group information of a specific group type. */
int32_t (*getJoinedGroups)(int32_t osAccountId, const char *appId, int groupType,
char **returnGroupVec, uint32_t *groupNum);
/** This interface is used to obtain all group information related to a certain device. */
int32_t (*getRelatedGroups)(int32_t osAccountId, const char *appId, const char *peerDeviceId,
char **returnGroupVec, uint32_t *groupNum);
/** This interface is used to obtain the information of a trusted device. */
int32_t (*getDeviceInfoById)(int32_t osAccountId, const char *appId, const char *deviceId, const char *groupId,
char **returnDeviceInfo);
/** This interface is used to obtain all trusted device information in a group. */
int32_t (*getTrustedDevices)(int32_t osAccountId, const char *appId, const char *groupId,
char **returnDevInfoVec, uint32_t *deviceNum);
/** This interface is used to query whether a specified device exists in the group. */
bool (*isDeviceInGroup)(int32_t osAccountId, const char *appId, const char *groupId, const char *deviceId);
/** This interface is used to cancel a binding or unbinding process. */
void (*cancelRequest)(int64_t requestId, const char *appId);
/** This interface is used to destroy the information returned by the internal allocated memory. */
void (*destroyInfo)(char **returnInfo);
} DeviceGroupManager;
#ifdef __cplusplus
extern "C" {
#endif
/**
* @brief Initialize device auth service.
*
* This API is used to initialize device auth service.
*
* @return When the service initialization is successful, it returns HC_SUCCESS.
* Otherwise, it returns other values.
* @see DestroyDeviceAuthService
*/
DEVICE_AUTH_API_PUBLIC int InitDeviceAuthService(void);
/**
* @brief Destroy device auth service.
*
* This API is used to destroy device auth service.
*
* @see InitDeviceAuthService
*/
DEVICE_AUTH_API_PUBLIC void DestroyDeviceAuthService(void);
/**
* @brief Get group authentication instance.
*
* This API is used to get group authentication instance.
* The InitDeviceAuthService function must be called before using this method.
*
* @return When the method call result is successful, it returns GroupAuthManager instance.
* Otherwise, it returns NULL.
*/
DEVICE_AUTH_API_PUBLIC const GroupAuthManager *GetGaInstance(void);
/**
* @brief Get group management instance.
*
* This API is used to get group management instance.
* The InitDeviceAuthService function must be called before using this method.
*
* @return When the method call result is successful, it returns DeviceGroupManager instance.
* Otherwise, it returns NULL.
*/
DEVICE_AUTH_API_PUBLIC const DeviceGroupManager *GetGmInstance(void);
#ifdef __cplusplus
}
#endif
#endif

166
base/security/device_auth/interfaces/inner_api/device_auth_defines.h Normal file
View File

@@ -0,0 +1,166 @@
/*
* Copyright (C) 2021-2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef DEVICE_AUTH_DEFINES_H
#define DEVICE_AUTH_DEFINES_H
/**
* @brief describes all error codes
*/
enum {
/* common error code, 0x00000000 ~ 0x00000FFF */
HC_SUCCESS = 0x00000000, // 0
HC_ERROR = 0x00000001, // 1
HC_ERR_INVALID_PARAMS = 0x00000002, // 2
HC_ERR_INVALID_LEN = 0x00000003, // 3
HC_ERR_NULL_PTR = 0x00000004, // 4
HC_ERR_ALLOC_MEMORY = 0x00000005, // 5
HC_ERR_MEMORY_COPY = 0x00000006, // 6
HC_ERR_CONVERT_FAILED = 0x00000007, // 7
HC_ERR_NOT_SUPPORT = 0x00000008, // 8
HC_ERR_TIME_OUT = 0x00000009, // 9
HC_ERR_CASE = 0x0000000A, // 10
HC_ERR_BAD_TIMING = 0x0000000B, // 11
HC_ERR_PEER_ERROR = 0x0000000C, // 12
HC_ERR_FILE = 0x0000000D, // 13
HC_ERR_MEMORY_COMPARE = 0x0000000E, // 14
HC_ERR_OUT_OF_LIMIT = 0x0000000F, // 15
HC_ERR_INIT_FAILED = 0x00000010, // 16
/* error code for algorithm adapter , 0x00001000 ~ 0x00001FFF */
HC_ERR_KEY_NOT_EXIST = 0x00001001, // 4097
HC_ERR_GENERATE_KEY_FAILED = 0x00001002, // 4098
HC_ERR_INVALID_PUBLIC_KEY = 0x00001003, // 4099
HC_ERR_VERIFY_FAILED = 0x00001004, // 4100
HC_ERR_HASH_FAIL = 0x00001005, // 4101
HC_ERR_ALG_FAIL = 0x00001006, // 4102
HC_ERR_HKS_PARAM_SET_FAILED = 0x00001007, // 4103
/* error code for json util , 0x00002000 ~ 0x00002FFF */
HC_ERR_JSON_FAIL = 0x00002001, // 8193
HC_ERR_JSON_CREATE = 0x00002002, // 8194
HC_ERR_JSON_GET = 0x00002003, // 8195
HC_ERR_JSON_ADD = 0x00002004, // 8196
HC_ERR_PACKAGE_JSON_TO_STRING_FAIL = 0x00002005, // 8197
/* error code for ipc, 0x00003000 ~ 0x00003FFF */
HC_ERR_IPC_INTERNAL_FAILED = 0x00003001, // 12289
HC_ERR_IPC_UNKNOW_OPCODE = 0x00003002, // 12290
HC_ERR_IPC_CALL_DATA_LENGTH = 0x00003003, // 12291
HC_ERR_IPC_METHOD_ID_INVALID = 0x00003004, // 12292
HC_ERR_IPC_BAD_MESSAGE_LENGTH = 0x00003005, // 12293
HC_ERR_IPC_BAD_VAL_LENGTH = 0x00003006, // 12294
HC_ERR_IPC_BAD_PARAM_NUM = 0x00003007, // 12295
HC_ERR_IPC_BAD_MSG_TYPE = 0x00003008, // 12296
HC_ERR_IPC_GET_SERVICE = 0x00003009, // 12297
HC_ERR_IPC_GET_PROXY = 0x0000300A, // 12298
HC_ERR_IPC_INIT = 0x0000300B, // 12299
HC_ERR_IPC_BUILD_PARAM = 0x0000300C, // 12300
HC_ERR_IPC_PROC_FAILED = 0x0000300D, // 12301
HC_ERR_IPC_UNKNOW_REPLY = 0x0000300E, // 12302
HC_ERR_IPC_OUT_DATA_NUM = 0x0000300F, // 12303
HC_ERR_IPC_OUT_DATA = 0x00003010, // 12304
HC_ERR_IPC_BAD_PARAM = 0x00003011, // 12305
HC_ERR_IPC_SERVICE_DIED = 0x00003012, // 12306
/* error code for module , 0x00004000 ~ 0x00004FFF */
HC_ERR_MODULE_NOT_FOUNT = 0x00004001, // 16385
HC_ERR_UNSUPPORTED_METHOD = 0x00004002, // 16386
HC_ERR_UNSUPPORTED_VERSION = 0x00004003, // 16387
HC_ERR_UNSUPPORTED_CURVE = 0x00004004, // 16388
HC_ERR_BAD_MESSAGE = 0x00004005, // 16389
HC_ERR_PROOF_NOT_MATCH = 0x00004006, // 16390
HC_ERR_INIT_TASK_FAIL = 0x00004007, // 16391
HC_ERR_TASK_IS_NULL = 0x00004008, // 16392
HC_ERR_TASK_ID_IS_NOT_MATCH = 0x00004009, // 16393
HC_ERR_INVALID_ALG = 0x0000400A, // 16394
HC_ERR_IGNORE_MSG = 0x0000400B, // 16395
HC_ERR_LOCAL_IDENTITY_NOT_EXIST = 0x0000400C, // 16396
HC_ERR_UNSUPPORTED_OPCODE = 0x0000400D, // 16397
HC_ERR_AUTH_TOKEN = 0x0000400E, // 16398
HC_ERR_PSK = 0x0000400F, // 16399
HC_ERR_TOKEN = 0x00004010, // 16400
HC_ERR_GENERATE_RANDOM = 0x00004011, // 16401
HC_ERR_STATUS = 0x00004012, // 16402
HC_ERR_STEP = 0x00004013, // 16403
/* error code for group , 0x00005000 ~ 0x00005FFF */
HC_ERR_ACCESS_DENIED = 0x00005001, // 20481
HC_ERR_CALLBACK_NOT_FOUND = 0x00005002, // 20482
HC_ERR_SERVICE_NEED_RESTART = 0x00005003, // 20483
HC_ERR_NO_CANDIDATE_GROUP = 0x00005004, // 20484
HC_ERR_TRANSMIT_FAIL = 0x00005005, // 20485
HC_ERR_REQUEST_EXIST = 0x00005006, // 20486
HC_ERR_REQUEST_NOT_FOUND = 0x00005007, // 20487
HC_ERR_SESSION_NOT_EXIST = 0x00005008, // 20488
HC_ERR_SESSION_ID_CONFLICT = 0x00005009, // 20489
HC_ERR_REQ_REJECTED = 0x0000500A, // 20490
HC_ERR_SERVER_CONFIRM_FAIL = 0x0000500B, // 20491
HC_ERR_CREATE_SESSION_FAIL = 0x0000500C, // 20492
HC_ERR_SESSION_IS_FULL = 0x0000500D, // 20493
HC_ERR_INVALID_UDID = 0x0000500E, // 20494
HC_ERR_INVALID_TCIS_ID = 0x0000500F, // 20495
HC_ERR_DEL_GROUP = 0x00005010, // 20496
HC_ERR_INFORM_ERR = 0x00005011, // 20497
HC_ERR_ONLY_ACCOUNT_RELATED = 0x00005012, // 20498
/* error code for database , 0x00006000 ~ 0x00006FFF */
HC_ERR_DB = 0x00006001, // 24577
HC_ERR_BEYOND_LIMIT = 0x00006002, // 24578
HC_ERR_SAVE_DB_FAILED = 0x00006003, // 24579
HC_ERR_ROLE_NOT_EXIST = 0x00006004, // 24580
HC_ERR_MANAGER_NOT_EXIST = 0x00006005, // 24581
HC_ERR_GROUP_DUPLICATE = 0x00006006, // 24582
HC_ERR_GROUP_NOT_EXIST = 0x00006007, // 24583
HC_ERR_DEVICE_NOT_EXIST = 0x00006008, // 24584
HC_ERR_DEVICE_DUPLICATE = 0x00006009, // 24585
HC_ERR_LOST_DATA = 0x0000600A, // 24586
/* error code for broadcast , 0x00007000 ~ 0x00007FFF */
HC_ERR_LISTENER_NOT_EXIST = 0x00007001, // 28673
/* error code for channel , 0x00008000 ~ 0x00008FFF */
HC_ERR_CHANNEL_NOT_EXIST = 0x00008001, // 32769
HC_ERR_SOFT_BUS = 0x00008002, // 32770
/* error code used on account-related authenticator */
HC_ERR_GET_PK_INFO = 0x00009001, // 36865
HC_ERR_ACCOUNT_TASK_IS_FULL = 0x00009002, // 36866
HC_ERR_ACCOUNT_ECDH_FAIL = 0x00009003, // 36867
HC_ERR_ACCOUNT_VERIFY_PK_SIGN = 0x00009004, // 36868
HC_ERR_AUTH_STATUS = 0x00009005, // 36869
HC_ERR_AUTH_INTERNAL = 0x00009006, // 36870
HC_ERR_ADD_ACCOUNT_TASK = 0x00009007, // 36871
HC_ERR_CLIENT_CONFIRM_PROTOCOL = 0x00009008, // 36872
HC_ERR_SERVER_CONFIRM_PROTOCOL = 0x00009009, // 36873
/* error code used on DAS service */
INVALID_PARAMETERS = 0xF0000001, // -268435455
EXCEED_AUTHORITY = 0xF0000002, // -268435454
TIMEOUT = 0xF0000003, // -268435453
NOT_REGISTERED = 0xF0000004, // -268435452
NOT_TRUST_PEER = 0xF0000005, // -268435451
NOT_TRUST_CONTROLLER = 0xF0000006, // -268435450
NOT_TRUST_ACCESSORY = 0xF0000007, // -268435449
OVER_MAX_TRUST_NUM = 0xF0000008, // -268435448
CONNECTION_INTERRUPTED = 0xF0000009, // -268435447
UNSUPPORTED_VERSION = 0xF000000A, // -268435446
BAD_PAYLOAD = 0xF000000B, // -268435445
ALGORITHM_UNSUPPORTED = 0xF000000C, // -268435444
PROOF_MISMATCH = 0xF000000D, // -268435443
};
#endif

170
base/security/device_auth/interfaces/inner_api/device_auth_ext.h Normal file
View File

@@ -0,0 +1,170 @@
/*
* Copyright (C) 2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef DEVICE_AUTH_EXT
#define DEVICE_AUTH_EXT
#include "device_auth.h"
#include "cJSON.h"
/** The Type of account auth plugin. */
#define EXT_PLUGIN_ACCT_AUTH 1000
/** The Type of account lifecycle plugin. */
#define EXT_PLUGIN_ACCT_LIFECYCLE 1001
/**
* @brief This structure describes the ext plugin context.
*/
typedef struct ExtPluginCtx {
/** The context of ext, the user can inject the method into the plugin. */
void *instance;
} ExtPluginCtx;
/**
* @brief This structure describes the base ext plugin.
*/
typedef struct ExtPlugin {
/** The tyep of plugin, the caller can convert the plugin to object based on the type. */
int32_t pluginType;
/** The init function. */
int32_t (*init)(struct ExtPlugin *extPlugin, const cJSON *params, const struct ExtPluginCtx *context);
/** The destroy function. */
void (*destroy)(struct ExtPlugin *extPlugin);
} ExtPlugin;
/**
* @brief This structure describes the ext list.
*/
typedef struct ExtPluginNode {
/** The element of list, denote the plugin. */
ExtPlugin *plugin;
/** The next node of list. */
struct ExtPluginNode *next;
} ExtPluginNode, *ExtPluginList;
/**
* @brief This structure describes the ext plugin.
*/
typedef struct ExtPart {
/** The instance of plugin. */
void *instance;
} ExtPart;
/**
* @brief This structure describes task function.
*/
typedef struct ExtWorkerTask {
/** The function of task, this can execute time-consuming function. */
void (*execute)(struct ExtWorkerTask *task);
/** The deinit of task, this can destroy the task. */
void (*destroy)(struct ExtWorkerTask *task);
} ExtWorkerTask;
/**
* @brief This structure describes account auth plugin.
*/
typedef struct {
/** The base object contains init func and destroy func. */
ExtPlugin base;
/** Call it when account cred needs to update, query, delete or add. */
int32_t (*excuteCredMgrCmd)(int32_t osAccount, int32_t cmdId, const cJSON *in, cJSON *out);
/** This function is used to initiate authentication between devices.. */
int32_t (*createSession)(int32_t *sessionId, const cJSON *in, cJSON *out);
/** This function is used to process authentication dat. */
int32_t (*processSession)(int32_t *sessionId, const cJSON *in, cJSON *out, int32_t *status);
} AccountAuthExtPlug;
/**
* @brief This structure describes the account auth plugin context.
*/
typedef struct {
/** The base context. */
ExtPluginCtx base;
/** The function will return storage path. */
const char *(*getStoragePath)(void);
} AccountAuthExtPlugCtx;
/**
* @brief This structure describes the account lifecycle plugin.
*/
typedef struct {
/** The base account lifecycle plugin. */
ExtPlugin base;
} AccountLifecyleExtPlug;
/**
* @brief This structure describes the account lifecycle plugin context.
*/
typedef struct {
/** The base account lifecycle context. */
ExtPluginCtx base;
/** This interface is used to create a trusted group. */
int32_t (*createGroup)(int32_t osAccountId, int64_t requestId, const char *appId, const char *createParams);
/** This interface is used to delete a trusted group. */
int32_t (*deleteGroup)(int32_t osAccountId, int64_t requestId, const char *appId, const char *disbandParams);
/** This interface is used to obtain the group information of groups that meet the query parameters. */
int32_t (*getGroupInfo)(int32_t osAccountId, const char *appId, const char *queryParams,
char **returnGroupVec, uint32_t *groupNum);
/** This interface is used to obtain the registration information of the local device. */
int32_t (*getRegisterInfo)(const char *reqJsonStr, char **returnRegisterInfo);
/** This interface is used to register business callbacks. */
int32_t (*regCallback)(const char *appId, const DeviceAuthCallback *callback);
/** This interface is used to unregister business callbacks. */
int32_t (*unRegCallback)(const char *appId);
/** This interface is used to execute business function. */
int32_t (*executeWorkerTask)(struct ExtWorkerTask *task);
} AccountLifecyleExtPlugCtx;
#ifdef __cplusplus
extern "C" {
#endif
/**
* @brief Initialize ext part.
*
* This API is used to initialize ext part.
*
* @param params The plugin needs params.
* @param extPart The interface of ext part.
* @return When the service initialization is successful, it returns HC_SUCCESS.
* Otherwise, it returns other values.
*/
int32_t InitExtPart(const cJSON *params, ExtPart *extPart);
/**
* @brief Get plugin list.
*
* This API is used to get all plugins.
*
* @param extPart The interface of ext part.
* @return The list of plugin.
*/
ExtPluginList GetExtPlugins(ExtPart *extPart);
/**
* @brief Destroy ext part.
*
* This API is used to destroy ext part.
*
* @param extPart The interface of ext part.
*/
void DestroyExtPart(ExtPart *extPart);
#ifdef __cplusplus
}
#endif
#endif

436
base/security/device_auth/interfaces/inner_api/deviceauth_lite/hichain.h Normal file
View File

@@ -0,0 +1,436 @@
/*
* Copyright (c) 2020-2021 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef __HICHAIN_H__
#define __HICHAIN_H__
#include <stdint.h>
#if defined(_WINDOWS)
#ifdef DLL_EXPORT
#define DLL_API_PUBLIC __declspec(dllexport)
#else
#define DLL_API_PUBLIC __declspec(dllimport)
#endif
#else
#define DLL_API_PUBLIC __attribute__ ((visibility("default")))
#endif
#ifdef HILINK_E2E_SECURITY_CONFIG
#define _SCANTY_MEMORY_
#endif
enum hc_error {
HC_OK = 0,
HC_INPUT_ERROR,
HC_INNER_ERROR,
HC_STATE_ERROR,
HC_SERVICE_CONFIRM_ERROR,
HC_UNKNOW_MESSAGE,
HC_NO_MESSAGE_TO_SEND,
HC_REPEATED_REFERENCE,
HC_NEED_DEPEND,
HC_BUILD_OBJECT_FAILED,
HC_BUILD_SEND_DATA_FAILED,
HC_MALLOC_FAILED,
HC_VERSION_UNSUPPORT,
HC_LARGE_PRIME_NUMBER_LEN_UNSUPPORT,
HC_CAL_BIGNUM_EXP_FAILED,
HC_INTERNAL_ERROR,
HC_IMPORT_AUTH_DATA_FAILED,
HC_VERIFY_PROOF_FAILED,
HC_GENERATE_PROOF_FAILED,
HC_GENERATE_SESSION_KEY_FAILED,
HC_ST_KEY_PAIR_FAILED,
HC_COMPUTE_STS_SHARED_SECRET_FAILED,
HC_COMPUTE_HKDF_FAILED,
HC_PAKE_SESSION_KEY_ERROR,
HC_PAKE_OBJECT_ERROR,
HC_STS_OBJECT_ERROR,
HC_DECRYPT_FAILED,
HC_ENCRYPT_FAILED,
HC_SIGN_TOO_SHORT,
HC_VERIFY_EXCHANGE_FAILED,
HC_SIGN_EXCHANGE_FAILED,
HC_SAVE_LTPK_FAILED,
HC_DELETE_LTPK_FAILED,
HC_GET_LTPK_FAILED,
HC_GEN_ALIAS_FAILED,
HC_GEN_SERVICE_ID_FAILED,
HC_GEN_RANDOM_FAILED,
HC_UNSUPPORT,
HC_MESSAGE_INCONSISTENCY,
HC_OPERATION_CODE_ERROR,
HC_MEMCPY_ERROR,
PROTOCOL_STATE_ERROR,
PROTOCOL_SET_STATE_ERROR,
PROTOCOL_TIMEOUT_ERROR,
PROTOCOL_SAHRED_SECRET_FAIL,
PROTOCOL_HKDF_FAIL,
PROTOCOL_SHA_FAIL,
PROTOCOL_RAND_FAIL,
PROTOCOL_ENCRYPT_FAIL,
PROTOCOL_DECRYPT_FAIL,
PROTOCOL_VERIFY_DATA_FAIL,
PROTOCOL_KEY_ALG_FAIL,
PROTOCOL_RESULT_ERROR,
KEK_NOT_EXIST,
DEK_NOT_EXIST,
TEMP_KEY_GEN_FAILED,
HC_INPUT_PTR_NULL
};
enum hc_type {
HC_CENTRE = 1,
HC_ACCESSORY,
};
enum hc_user_type {
HC_USER_TYPE_ACCESSORY = 0,
HC_USER_TYPE_CONTROLLER = 1
};
enum hc_operation {
INVALID_OPERATION_CODE = -1,
NO_OPERATION_CODE = 0,
BIND = 1,
AUTHENTICATE,
ADD_AUTHINFO,
REMOVE_AUTHINFO,
UNBIND,
AUTH_KEY_AGREEMENT,
REGISTER,
SEC_CLONE_OP,
REMOVE_ALL_AUTHINFO,
GET_PEER_USER_TYPE,
GENERATE_KEY_PAIR = 99
};
enum hc_result {
END_SUCCESS = 0,
END_FAILED,
KEY_AGREEMENT_PROCESSING,
KEY_AGREEMENT_END,
OPERATION_PROCESSING,
OPERATION_END,
};
enum hc_export_type {
EXPORT_DATA_FULL_AUTH_INFO = 0,
EXPORT_DATA_LITE_AUTH_INFO = 1,
EXPORT_DATA_SIGNED_AUTH_INFO = 2
};
#define HC_AUTH_ID_BUFF_LEN 64
#define HC_SALT_BUFF_LEN 16
#define HC_PIN_BUFF_LEN 16
#define HC_SESSION_KEY_LEN 128
#define HC_KEY_TYPE_LEN 2
#define HC_BASE_KEY_NUM 5
#if !defined(_SCANTY_MEMORY_)
#define HC_PACKAGE_NAME_BUFF_LEN 256
#define HC_SERVICE_TYPE_BUFF_LEN 256
#else /* _SCANTY_MEMORY_ */
#define HC_PACKAGE_NAME_BUFF_LEN 16
#define HC_SERVICE_TYPE_BUFF_LEN 16
#endif /* _SCANTY_MEMORY_ */
#define HC_KEY_ALIAS_MAX_LEN 64
/* alia list max size */
#if defined(_SCANTY_MEMORY_)
#define HC_PUB_KEY_ALIAS_MAX_NUM 15
#elif defined(_SUPPORT_SEC_CLONE_SERVER_)
#define HC_PUB_KEY_ALIAS_MAX_NUM 120
#else
#define HC_PUB_KEY_ALIAS_MAX_NUM 20
#endif
enum hc_trust_peer_result {
HC_NOT_TRUST_PEER = 0,
HC_BINDED_TRUST_PEER,
HC_AUTHED_TRUST_PEER,
HC_ACCESSORY_TRUST_PEER
};
typedef void *hc_handle;
struct uint8_buff {
uint8_t *val;
uint32_t size;
uint32_t length;
};
struct hc_pin {
uint32_t length;
uint8_t pin[HC_PIN_BUFF_LEN];
};
struct hc_salt {
uint32_t length;
uint8_t salt[HC_SALT_BUFF_LEN];
};
struct hc_auth_id {
uint32_t length;
uint8_t auth_id[HC_AUTH_ID_BUFF_LEN];
};
struct hc_session_key {
uint32_t length;
uint8_t session_key[HC_SESSION_KEY_LEN];
};
struct hc_package_name {
uint32_t length;
uint8_t name[HC_PACKAGE_NAME_BUFF_LEN];
};
struct hc_service_type {
uint32_t length;
uint8_t type[HC_SERVICE_TYPE_BUFF_LEN];
};
struct hc_user_info {
struct hc_auth_id auth_id;
int32_t user_type;
};
struct operation_parameter {
struct hc_auth_id self_auth_id;
struct hc_auth_id peer_auth_id;
uint32_t key_length;
};
struct hc_key_alias {
uint32_t length;
uint8_t key_alias[HC_KEY_ALIAS_MAX_LEN];
};
struct session_identity {
uint32_t session_id;
struct hc_package_name package_name;
struct hc_service_type service_type;
void *context;
};
typedef void (*transmit_cb)(const struct session_identity *identity, const void *data, uint32_t length);
typedef void (*get_protocol_params_cb)(const struct session_identity *identity, int32_t operation_code,
struct hc_pin *pin, struct operation_parameter *para);
typedef void (*set_session_key_func)(const struct session_identity *identity,
const struct hc_session_key *session_key);
typedef void (*set_service_result_func)(const struct session_identity *identity, int32_t result);
typedef int32_t (*confirm_receive_request_func)(const struct session_identity *identity, int32_t operation_code);
struct hc_call_back {
transmit_cb transmit;
get_protocol_params_cb get_protocol_params;
set_session_key_func set_session_key;
set_service_result_func set_service_result;
confirm_receive_request_func confirm_receive_request;
};
typedef void (*log_func)(const char *tag, const char *func_name, const char *format, ...);
struct log_func_group {
log_func log_d;
log_func log_i;
log_func log_w;
log_func log_e;
};
#ifdef __cplusplus
extern "C" {
#endif
/*
* Register log operation callback
*
* para log: The log callback functions group
* return void
*/
DLL_API_PUBLIC void registe_log(struct log_func_group *log);
/*
* Get hichain instance
*
* para identity: basic information of session
* pare type: hichain device type
* hc_call_back: hichain callback functions
* return hichain instance
*/
DLL_API_PUBLIC hc_handle get_instance(const struct session_identity *identity, enum hc_type type,
const struct hc_call_back *call_back);
/*
* Destroy hichain instance
*
* para handle: hichain instance
* return void
*/
DLL_API_PUBLIC void destroy(hc_handle *handle);
/*
* set context in handle
*
* para handle: hichain instance
* para context: put in an object in instance
* return void
*/
DLL_API_PUBLIC void set_context(hc_handle handle, void *context);
/*
* Hichain receives message data
*
* para handle: hichain instance
* para data: message data
* return 0 ok, others error
*/
DLL_API_PUBLIC int32_t receive_data(hc_handle handle, struct uint8_buff *data);
/*
* Hichain receives message data , data is json object
*
* para handle: hichain instance
* para json_object: message data
* return 0 ok, others error
*/
DLL_API_PUBLIC int32_t receive_data_with_json_object(hc_handle handle, const void *json_object);
#ifndef _CUT_API_
/*
* Initialize the center device
*
* para hc_package_name: the package name of the product
* para hc_service_type: the type of the product
* para hc_auth_id: the auth id of controller
* para dek: the alias of secret key used for encryption and decryption of data
* return 0 ok, others error
*/
DLL_API_PUBLIC int32_t init_center(const struct hc_package_name *package_name,
const struct hc_service_type *service_type, const struct hc_auth_id *auth_id, struct hc_key_alias *dek);
/*
* Start pake module
*
* para handle: hichain instance
* para params: operating parameter
* return 0 ok, others error
*/
DLL_API_PUBLIC int32_t start_pake(hc_handle handle, const struct operation_parameter *params);
/*
* Authenticate peer identity and build session key
*
* para handle: hichain instance
* para params: operating parameter
* return 0 ok, others error
*/
DLL_API_PUBLIC int32_t authenticate_peer(hc_handle handle, struct operation_parameter *params);
/*
* Delete local saved authentication
*
* para handle: hichain instance
* para hc_user_info: user to be deleted
* return 0 ok, others error
*/
DLL_API_PUBLIC int32_t delete_local_auth_info(hc_handle handle, struct hc_user_info *user_info);
/*
* Import auth info of bounded trust accessory
*
* para handle: hichain instance
* para hc_user_info: the information of Authorized user
* para hc_auth_id: the auth id of device
* para auth_info_type: the export auth info type: 0: full authentication data
* 1: lite authentication data
* 2: signed authentication data
* para auth_info: auth info of accessory
* return 0 ok, others error
*/
DLL_API_PUBLIC int32_t import_auth_info(hc_handle handle, struct hc_user_info *user_info, struct hc_auth_id *auth_id,
enum hc_export_type auth_info_type, struct uint8_buff *auth_info);
/*
* Share the bound device to other users
*
* para handle: hichain instance
* para params: operating parameter, self_auth_id: controller auth id, peer_auth_id: peer auth id
* para auth_id: authorized auth id
* para user_type: authorized user type. 0 : ACCESSORY ; 1 : CONTROLLER
* return 0 ok, others error
*/
int32_t add_auth_info(hc_handle handle, const struct operation_parameter *params,
const struct hc_auth_id *auth_id, int32_t user_type);
/*
* Remove user authorization of an accessory
*
* para handle: hichain instance
* para params: operating parameter, self_auth_id: controller auth id, peer_auth_id: peer auth id
* para auth_id: unauthorized auth id
* para user_type: unauthorized user type. 0 : ACCESSORY ; 1 : CONTROLLER
* return 0 ok, others error
*/
int32_t remove_auth_info(hc_handle handle, const struct operation_parameter *params,
const struct hc_auth_id *auth_id, int32_t user_type);
/*
* Delete local saved authentication
*
* para handle: hichain instance
* para user_info: user to be deleted
* return 0 ok, others error
*/
int32_t delete_local_auth_info(hc_handle handle, struct hc_user_info *user_info);
/*
* Judge trusted peer
*
* para handle: hichain instance
* para hc_user_info: user to be judged
* return 0 untrusted, 1 trusted(bind), 2 trusted(auth)
*/
DLL_API_PUBLIC int32_t is_trust_peer(hc_handle handle, struct hc_user_info *user_info);
/*
* List trusted peers
*
* para handle: hichain instance
* para trust_user_type: the type of peer. 0 : ACCESSORY ; 1 : CONTROLLER
* para owner_auth_id: input null, output binding list; input owner, output auth list;others, output null
* para auth_id_list: list to receive auth id
* return number of trusted peers
*/
DLL_API_PUBLIC uint32_t list_trust_peers(hc_handle handle, int32_t trust_user_type,
struct hc_auth_id *owner_auth_id, struct hc_auth_id **auth_id_list);
#endif /* _CUT_XXX_ */
/*
* Set self authId
*
* para handle: hichain instance
* para data: the data of auth id
* return void
*/
DLL_API_PUBLIC void set_self_auth_id(hc_handle handle, struct uint8_buff *data);
#ifdef __cplusplus
}
#endif
#endif /* __HICHAIN_H__ */