packages/distributeddatamgr_datamgr_service
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
distributeddatamgr_datamgr_.../0002-add-huks-component.patch
heppen d43cd53238 add huks component
2023-08-28 16:18:09 +08:00

2518 lines
86 KiB
Diff
Raw Blame History

From 9a6bac08ef537d7c07a09ed083b92677e37af193 Mon Sep 17 00:00:00 2001
From: wang--ge <wang__ge@126.com>
Date: Tue, 18 Jul 2023 17:19:47 +0800
Subject: [PATCH] add huks component
---
huks/BUILD.gn | 0
huks/bundle.json | 77 ++++++
.../huks_standard/main/common/BUILD.gn | 13 +
.../main/common/include/hks_ability.h | 123 +++++++++
.../main/common/include/hks_base_check.h | 118 ++++++++
.../main/common/include/hks_cfi.h | 30 +++
.../main/common/include/hks_check_paramset.h | 62 +++++
.../main/common/include/hks_cmd_id.h | 78 ++++++
.../main/common/include/hks_common_check.h | 69 +++++
.../main/common/include/hks_config.h | 228 ++++++++++++++++
.../main/common/include/hks_config_base.h | 177 ++++++++++++
.../main/common/include/hks_config_lite.h | 111 ++++++++
.../main/common/include/hks_config_small.h | 136 ++++++++++
.../main/common/include/hks_crypto_adapter.h | 58 ++++
.../main/common/include/hks_crypto_hal.h | 255 ++++++++++++++++++
.../main/common/include/hks_errcode_adapter.h | 51 ++++
.../main/common/include/hks_log.h | 64 +++++
.../main/common/include/hks_mem.h | 62 +++++
.../main/common/include/hks_template.h | 75 ++++++
.../main/common/include/hks_type_inner.h | 94 +++++++
.../huks_standard/main/os_dependency/BUILD.gn | 10 +
.../ipc/include/hks_client_ipc.h | 90 +++++++
.../os_dependency/ipc/include/hks_ipc_check.h | 55 ++++
.../ipc/include/hks_ipc_serialization.h | 76 ++++++
.../os_dependency/ipc/include/hks_ipc_slice.h | 34 +++
.../os_dependency/ipc/include/hks_request.h | 69 +++++
.../ipc/include/hks_samgr_client.h | 32 +++
.../innerkits/huks_standard/main/BUILD.gn | 23 ++
.../innerkits/huks_standard/main/include | 1 +
29 files changed, 2271 insertions(+)
create mode 100644 huks/BUILD.gn
create mode 100644 huks/bundle.json
create mode 100644 huks/frameworks/huks_standard/main/common/BUILD.gn
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_ability.h
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_base_check.h
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_cfi.h
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_check_paramset.h
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_cmd_id.h
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_common_check.h
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_config.h
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_config_base.h
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_config_lite.h
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_config_small.h
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_crypto_adapter.h
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_crypto_hal.h
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_errcode_adapter.h
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_log.h
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_mem.h
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_template.h
create mode 100644 huks/frameworks/huks_standard/main/common/include/hks_type_inner.h
create mode 100644 huks/frameworks/huks_standard/main/os_dependency/BUILD.gn
create mode 100644 huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_client_ipc.h
create mode 100644 huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_check.h
create mode 100644 huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_serialization.h
create mode 100644 huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_slice.h
create mode 100644 huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_request.h
create mode 100644 huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_samgr_client.h
create mode 100644 huks/interfaces/innerkits/huks_standard/main/BUILD.gn
create mode 120000 huks/interfaces/innerkits/huks_standard/main/include
diff --git a/huks/BUILD.gn b/huks/BUILD.gn
new file mode 100644
index 0000000..e69de29
diff --git a/huks/bundle.json b/huks/bundle.json
new file mode 100644
index 0000000..be04db1
--- /dev/null
+++ b/huks/bundle.json
@@ -0,0 +1,77 @@
+{
+ "name": "@ohos/huks",
+ "description": "The provider of key and certificate manangement capbility, which belongs to security subsystem",
+ "version": "3.1",
+ "license": "Apache License 2.0",
+ "publishAs": "code-segment",
+ "segment": {
+ "destPath": "base/security/huks"
+ },
+ "dirs":{},
+ "scripts": {
+ "install": "DEST_PATH=${DEP_BUNDLE_BASE}/base/security/huks && mkdir -p $DEST_PATH && cp -r ./* $DEST_PATH"
+ },
+ "author": {},
+ "repository": "",
+ "component": {
+ "name": "huks",
+ "subsystem": "security",
+ "syscap": [
+ "SystemCapability.Security.Huks",
+ "SystemCapability.Security.Cipher"
+ ],
+ "features": [],
+ "adapted_system_type": [
+ "standard",
+ "small",
+ "mini"
+ ],
+ "rom": "5000KB",
+ "ram": "500kB",
+ "deps": {
+ "components": [
+ "ability_base",
+ "access_token",
+ "bundle_framework",
+ "common",
+ "common_event_service",
+ "hisysevent_native",
+ "hitrace_native",
+ "hiviewdfx_hilog_native",
+ "ipc",
+ "napi",
+ "os_account",
+ "safwk",
+ "samgr",
+ "thirdparty_bounds_checking_function",
+ "c_utils"
+ ],
+ "third_party": [
+ "openssl",
+ "bounds_checking_function"
+ ]
+ },
+ "build": {
+ "group_type": {
+ "base_group": [],
+ "fwk_group": [
+
+ ],
+ "service_group": [
+
+ ]
+ },
+ "inner_kits": [
+ {
+ "name": "//base/security/huks/interfaces/innerkits/huks_standard/main:libhukssdk",
+ "header": {
+ "header_files": [
+ "hks_api.h"
+ ],
+ "header_base": "//base/security/huks/interfaces/innerkits/huks_standard/main/include"
+ }
+ }
+ ]
+ }
+ }
+ }
diff --git a/huks/frameworks/huks_standard/main/common/BUILD.gn b/huks/frameworks/huks_standard/main/common/BUILD.gn
new file mode 100644
index 0000000..4927ee3
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/BUILD.gn
@@ -0,0 +1,13 @@
+import("//build/ohos.gni")
+
+config("huks_config") {
+ include_dirs = [
+ "include",
+ "//base/security/huks/interfaces/innerkits/huks_standard/main/include",
+ ]
+ libs = ("huks_common_standard_static")
+}
+
+group("libhuks_common_standard_static") {
+ public_configs = [ ":huks_config" ]
+}
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_ability.h b/huks/frameworks/huks_standard/main/common/include/hks_ability.h
new file mode 100644
index 0000000..56525e9
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_ability.h
@@ -0,0 +1,123 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_ABILITY_H
+#define HKS_ABILITY_H
+
+#include <stdint.h>
+
+enum HksAbilityType {
+ HKS_ABILITY_CRYPTO = 1,
+ HKS_ABILITY_AUTH,
+};
+
+enum HksOperationType {
+ HKS_OPERATION_GENERATE_KEY = 0x1, /* generate key */
+ HKS_OPERATION_GET_PUBLIC_KEY = 0x2, /* get public key */
+ HKS_OPERATION_DERIVE_KEY = 0x3, /* derive key */
+ HKS_OPERATION_AGREE_KEY = 0x4, /* agree key */
+ HKS_OPERATION_SIGN = 0x5, /* sign */
+ HKS_OPERATION_VERIFY = 0x6, /* verify */
+ HKS_OPERATION_HMAC_INIT = 0x7, /* hmac init */
+ HKS_OPERATION_HMAC_UPDATE = 0x8, /* hmac update */
+ HKS_OPERATION_HMAC_FINAL = 0x9, /* hmac final */
+ HKS_OPERATION_HASH_INIT = 0xa, /* hash init */
+ HKS_OPERATION_HASH_UPDATE = 0xb, /* hash update */
+ HKS_OPERATION_HASH_FINAL = 0xc, /* hash final */
+ HKS_OPERATION_ENCRYPT_INIT = 0xd, /* encrypt init */
+ HKS_OPERATION_ENCRYPT_UPDATE = 0xe, /* encrypt update */
+ HKS_OPERATION_ENCRYPT_FINAL = 0xf, /* encrypt final */
+ HKS_OPERATION_DECRYPT_INIT = 0x10, /* decrypt init */
+ HKS_OPERATION_DECRYPT_UPDATE = 0x11, /* decrypt update */
+ HKS_OPERATION_DECRYPT_FINAL = 0x12, /* decrypt final */
+ HKS_OPERATION_GET_MAIN_KEY = 0x13, /* get root main key */
+ HKS_OPERATION_FILL_RANDOM = 0x14, /* fill random */
+ HKS_OPERATION_HMAC = 0x15,
+ HKS_OPERATION_HASH = 0x16,
+ HKS_OPERATION_ENCRYPT = 0x17,
+ HKS_OPERATION_DECRYPT = 0x18,
+ HKS_OPERATION_BN_EXP_MOD = 0x19,
+ HKS_OPERATION_HASH_FREE_CTX = 0x1a, /* hash free ctx */
+ HKS_OPERATION_HMAC_FREE_CTX = 0x1b, /* hmac free ctx */
+ HKS_OPERATION_ENCRYPT_FREE_CTX = 0x1c, /* encrypt free ctx */
+ HKS_OPERATION_DECRYPT_FREE_CTX = 0x1d, /* decrypt free ctx */
+ HKS_OPERATION_FILL_PRI_RANDOM = 0x1e, /* fill private random */
+};
+
+struct HksAbility {
+ uint32_t id;
+ void *func;
+};
+
+#define HKS_ABILITY_MAX_SIZE 128
+
+#define HKS_ABILITY_SHIFT 24
+#define HKS_CRYPTO_OPERATION_SHIFT 16
+
+#define HKS_CRYPTO_ABILITY(type, alg) \
+ ((HKS_ABILITY_CRYPTO << HKS_ABILITY_SHIFT) | ((type) << HKS_CRYPTO_OPERATION_SHIFT) | (alg))
+
+#define HKS_CRYPTO_ABILITY_GENERATE_KEY(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_GENERATE_KEY, alg)
+#define HKS_CRYPTO_ABILITY_GET_PUBLIC_KEY(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_GET_PUBLIC_KEY, alg)
+#define HKS_CRYPTO_ABILITY_DERIVE_KEY(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_DERIVE_KEY, alg)
+#define HKS_CRYPTO_ABILITY_AGREE_KEY(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_AGREE_KEY, alg)
+#define HKS_CRYPTO_ABILITY_SIGN(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_SIGN, alg)
+#define HKS_CRYPTO_ABILITY_VERIFY(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_VERIFY, alg)
+
+#define HKS_CRYPTO_ABILITY_HMAC HKS_CRYPTO_ABILITY(HKS_OPERATION_HMAC, 0)
+#define HKS_CRYPTO_ABILITY_HMAC_INIT HKS_CRYPTO_ABILITY(HKS_OPERATION_HMAC_INIT, 0)
+#define HKS_CRYPTO_ABILITY_HMAC_UPDATE HKS_CRYPTO_ABILITY(HKS_OPERATION_HMAC_UPDATE, 0)
+#define HKS_CRYPTO_ABILITY_HMAC_FINAL HKS_CRYPTO_ABILITY(HKS_OPERATION_HMAC_FINAL, 0)
+#define HKS_CRYPTO_ABILITY_HMAC_FREE_CTX HKS_CRYPTO_ABILITY(HKS_OPERATION_HMAC_FREE_CTX, 0)
+
+#define HKS_CRYPTO_ABILITY_HASH HKS_CRYPTO_ABILITY(HKS_OPERATION_HASH, 0)
+#define HKS_CRYPTO_ABILITY_HASH_INIT HKS_CRYPTO_ABILITY(HKS_OPERATION_HASH_INIT, 0)
+#define HKS_CRYPTO_ABILITY_HASH_UPDATE HKS_CRYPTO_ABILITY(HKS_OPERATION_HASH_UPDATE, 0)
+#define HKS_CRYPTO_ABILITY_HASH_FINAL HKS_CRYPTO_ABILITY(HKS_OPERATION_HASH_FINAL, 0)
+#define HKS_CRYPTO_ABILITY_HASH_FREE_CTX HKS_CRYPTO_ABILITY(HKS_OPERATION_HASH_FREE_CTX, 0)
+
+#define HKS_CRYPTO_ABILITY_ENCRYPT(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_ENCRYPT, alg)
+#define HKS_CRYPTO_ABILITY_ENCRYPT_INIT(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_ENCRYPT_INIT, alg)
+#define HKS_CRYPTO_ABILITY_ENCRYPT_UPDATE(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_ENCRYPT_UPDATE, alg)
+#define HKS_CRYPTO_ABILITY_ENCRYPT_FINAL(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_ENCRYPT_FINAL, alg)
+#define HKS_CRYPTO_ABILITY_ENCRYPT_FREE_CTX(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_ENCRYPT_FREE_CTX, alg)
+
+#define HKS_CRYPTO_ABILITY_DECRYPT(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_DECRYPT, alg)
+#define HKS_CRYPTO_ABILITY_DECRYPT_INIT(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_DECRYPT_INIT, alg)
+#define HKS_CRYPTO_ABILITY_DECRYPT_UPDATE(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_DECRYPT_UPDATE, alg)
+#define HKS_CRYPTO_ABILITY_DECRYPT_FINAL(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_DECRYPT_FINAL, alg)
+#define HKS_CRYPTO_ABILITY_DECRYPT_FREE_CTX(alg) HKS_CRYPTO_ABILITY(HKS_OPERATION_DECRYPT_FREE_CTX, alg)
+
+#define HKS_CRYPTO_ABILITY_GET_MAIN_KEY HKS_CRYPTO_ABILITY(HKS_OPERATION_GET_MAIN_KEY, 0)
+
+#define HKS_CRYPTO_ABILITY_FILL_RANDOM HKS_CRYPTO_ABILITY(HKS_OPERATION_FILL_RANDOM, 0)
+#define HKS_CRYPTO_ABILITY_BN_EXP_MOD HKS_CRYPTO_ABILITY(HKS_OPERATION_BN_EXP_MOD, 0)
+#define HKS_CRYPTO_ABILITY_FILL_PRI_RANDOM HKS_CRYPTO_ABILITY(HKS_OPERATION_FILL_PRI_RANDOM, 0)
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int32_t RegisterAbility(uint32_t id, void *func);
+
+void *GetAbility(uint32_t id);
+
+int32_t HksCryptoAbilityInit(void);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HKS_ABILITY_H */
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_base_check.h b/huks/frameworks/huks_standard/main/common/include/hks_base_check.h
new file mode 100644
index 0000000..3640dcb
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_base_check.h
@@ -0,0 +1,118 @@
+/*
+ * Copyright (c) 2021 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_BASE_CHECK_H
+#define HKS_BASE_CHECK_H
+
+#include "hks_param.h"
+#include "hks_type_inner.h"
+
+enum CheckKeyType {
+ HKS_CHECK_TYPE_GEN_KEY,
+ HKS_CHECK_TYPE_USE_KEY,
+ HKS_CHECK_TYPE_GEN_MAC_KEY,
+ HKS_CHECK_TYPE_GEN_DERIVE_KEY,
+};
+
+struct Params {
+ bool needCheck;
+ uint32_t value;
+ bool isAbsent;
+};
+
+struct ParamsValues {
+ struct Params keyLen;
+ struct Params padding;
+ struct Params purpose;
+ struct Params digest;
+ struct Params mode;
+};
+
+struct ParamsValuesChecker {
+ enum CheckKeyType checkType;
+ struct ParamsValues paramValues;
+};
+
+struct ExpectParams {
+ bool needCheck;
+ const uint32_t *values;
+ uint32_t valueCnt;
+};
+
+struct ExpectParamsValues {
+ const struct ExpectParams keyLen;
+ const struct ExpectParams padding;
+ const struct ExpectParams purpose;
+ const struct ExpectParams digest;
+ const struct ExpectParams mode;
+};
+#define EXPECT_PARAMS_VALUES_INIT {{0}, {0}, {0}, {0}, {0}}
+
+struct ExpectParamsValuesChecker {
+ enum CheckKeyType checkType;
+ const struct ExpectParamsValues paramValues;
+};
+
+struct AuthAccessTypeChecker {
+ enum HksUserAuthType userAuthType;
+ const struct ExpectParams allowAuthAccessTypes;
+};
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int32_t HksCheckValue(uint32_t inputValue, const uint32_t *expectValues, uint32_t valuesCount);
+
+int32_t HksGetKeySize(uint32_t alg, const struct HksBlob *key, uint32_t *keySize);
+
+int32_t HksCheckGenKeyPurpose(uint32_t alg, uint32_t inputPurpose);
+
+int32_t HksGetInputParmasByAlg(uint32_t alg, enum CheckKeyType checkType, const struct HksParamSet *paramSet,
+ struct ParamsValues *inputParams);
+
+int32_t HksCheckFixedParams(uint32_t alg, enum CheckKeyType checkType, const struct ParamsValues *inputParams);
+
+int32_t HksCheckGenKeyMutableParams(uint32_t alg, const struct ParamsValues *inputParams);
+
+int32_t CheckImportMutableParams(uint32_t alg, const struct ParamsValues *params);
+
+int32_t HksCheckSignature(uint32_t cmdId, uint32_t alg, uint32_t keySize, const struct HksBlob *signature);
+
+int32_t HksCheckSignVerifyMutableParams(uint32_t cmdId, uint32_t alg, const struct ParamsValues *inputParams);
+
+int32_t HksCheckCipherMutableParams(uint32_t cmdId, uint32_t alg, const struct ParamsValues *inputParams);
+
+int32_t HksCheckCihperData(uint32_t cmdId, uint32_t alg, const struct ParamsValues *inputParams,
+ const struct HksBlob *inData, const struct HksBlob *outData);
+
+int32_t HksCheckCipherMaterialParams(uint32_t alg, const struct ParamsValues *inputParams,
+ const struct HksParamSet *paramSet);
+
+int32_t HksCheckUserAuthParams(uint32_t userAuthType, uint32_t authAccessType, uint32_t challengeType);
+
+int32_t HksCheckSecureSignParams(uint32_t secureSignType);
+
+int32_t GetInputParams(const struct HksParamSet *paramSet, struct ParamsValues *inputParams);
+
+int32_t HksCheckOptionalParam(uint32_t tag, uint32_t alg, uint32_t purpose, bool isAbsent, struct HksParam *param);
+
+int32_t HksCheckNeedCache(uint32_t alg, uint32_t digest);
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HKS_BASE_CHECK_H */
+
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_cfi.h b/huks/frameworks/huks_standard/main/common/include/hks_cfi.h
new file mode 100644
index 0000000..855b66f
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_cfi.h
@@ -0,0 +1,30 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_CFI_H
+#define HKS_CFI_H
+
+#ifdef HKS_CONFIG_FILE
+#include HKS_CONFIG_FILE
+#else
+#include "hks_config.h"
+#endif
+
+#ifdef HKS_SUPPORT_CFI
+#define ENABLE_CFI(function) __attribute__((no_sanitize("cfi"))) function
+#else
+#define ENABLE_CFI(function) function
+#endif
+#endif // HKS_CFI_H
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_check_paramset.h b/huks/frameworks/huks_standard/main/common/include/hks_check_paramset.h
new file mode 100644
index 0000000..4aa31e5
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_check_paramset.h
@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) 2021 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_CHECK_PARAMSET_H
+#define HKS_CHECK_PARAMSET_H
+
+#include <stdbool.h>
+#include <stdint.h>
+
+#include "hks_type_inner.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int32_t HksCoreCheckGenKeyParams(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
+ const struct HksBlob *keyIn, const struct HksBlob *keyOut);
+
+int32_t HksCoreCheckImportKeyParams(const struct HksBlob *keyAlias, const struct HksBlob *key,
+ const struct HksParamSet *paramSet, const struct HksBlob *keyOut);
+
+int32_t HksCoreCheckImportWrappedKeyParams(const struct HksBlob *key, const struct HksBlob *wrappedKeyData,
+ const struct HksParamSet *paramSet, struct HksBlob *keyOut, uint32_t *outUnwrapSuite);
+
+int32_t HksCoreCheckSignVerifyParams(uint32_t cmdId, const struct HksBlob *key, const struct HksParamSet *paramSet,
+ const struct HksBlob *srcData, const struct HksBlob *signature);
+
+int32_t HksCoreCheckCipherParams(uint32_t cmdId, const struct HksBlob *key, const struct HksParamSet *paramSet,
+ const struct HksBlob *inData, const struct HksBlob *outData);
+
+int32_t HksCoreCheckAgreeKeyParams(const struct HksParamSet *paramSet, const struct HksBlob *privateKey,
+ const struct HksBlob *peerPublicKey, const struct HksBlob *agreedKey, bool isLocalCheck);
+
+int32_t HksLocalCheckSignVerifyParams(uint32_t cmdId, uint32_t keySize, const struct HksParamSet *paramSet,
+ const struct HksBlob *srcData, const struct HksBlob *signature);
+
+int32_t HksLocalCheckCipherParams(uint32_t cmdId, uint32_t keySize, const struct HksParamSet *paramSet,
+ const struct HksBlob *inData, const struct HksBlob *outData);
+
+int32_t HksCoreCheckDeriveKeyParams(const struct HksParamSet *paramSet, const struct HksBlob *mainKey,
+ const struct HksBlob *derivedKey, bool isLocalCheck);
+
+int32_t HksCoreCheckMacParams(const struct HksBlob *key, const struct HksParamSet *paramSet,
+ const struct HksBlob *srcData, const struct HksBlob *mac, bool isLocalCheck);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HKS_CHECK_PARAMSET_H */
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_cmd_id.h b/huks/frameworks/huks_standard/main/common/include/hks_cmd_id.h
new file mode 100644
index 0000000..89606c1
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_cmd_id.h
@@ -0,0 +1,78 @@
+/*
+ * Copyright (c) 2021 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_CMD_ID_H
+#define HKS_CMD_ID_H
+
+#include "hks_type_inner.h"
+
+enum HksCmdId {
+ HKS_CMD_ID_INVALID = 0x0,
+ HKS_CMD_ID_GENERATE_KEY,
+ HKS_CMD_ID_GET_KEY_CHARACTER,
+ HKS_CMD_ID_BEGIN,
+ HKS_CMD_ID_UPDATE,
+ HKS_CMD_ID_FINISH,
+ HKS_CMD_ID_ABORT,
+ HKS_CMD_ID_SET,
+ HKS_CMD_ID_GET,
+ HKS_CMD_ID_ATTEST_KEY,
+ HKS_CMD_ID_EXPORT_KEY,
+ HKS_CMD_ID_DELETE,
+ HKS_CMD_ID_EXPORT_TRUST_CERT,
+ HKS_CMD_ID_ECDH,
+ HKS_CMD_ID_ATTEST_TA_KEY,
+ HKS_CMD_ID_SET_KEY_PROTECTION,
+ HKS_CMD_ID_CONFIGURE,
+
+ HKS_CMD_ID_IMPORT_KEY = 0x100,
+ HKS_CMD_ID_GET_CERTCHAIN = 0x101,
+ HKS_CMD_ID_SIGN = 0x102,
+ HKS_CMD_ID_SIGN_INIT = 0x103,
+ HKS_CMD_ID_SIGN_UPDATE = 0x104,
+ HKS_CMD_ID_SIGN_FINAL = 0x105,
+ HKS_CMD_ID_VERIFY = 0x106,
+ HKS_CMD_ID_VERIFY_INIT = 0x107,
+ HKS_CMD_ID_VERIFY_UPDATE = 0x108,
+ HKS_CMD_ID_VERIFY_FINAL = 0x109,
+ HKS_CMD_ID_MAC = 0x10A,
+ HKS_CMD_ID_MAC_INIT = 0x10B,
+ HKS_CMD_ID_MAC_UPDATE = 0x10C,
+ HKS_CMD_ID_MAC_FINAL = 0x10D,
+ HKS_CMD_ID_ENCRYPT = 0x10E,
+ HKS_CMD_ID_ENCRYPT_INIT = 0x10F,
+ HKS_CMD_ID_ENCRYPT_UPDATE = 0x110,
+ HKS_CMD_ID_ENCRYPT_FINAL = 0x111,
+ HKS_CMD_ID_DECRYPT = 0x112,
+ HKS_CMD_ID_DECRYPT_INIT = 0x113,
+ HKS_CMD_ID_DECRYPT_UPDATE = 0x114,
+ HKS_CMD_ID_DECRYPT_FINAL = 0x115,
+ HKS_CMD_ID_CHECK_KEY_LEGALITY = 0x116,
+ HKS_CMD_ID_GENERATE_RANDOM = 0x117,
+ HKS_CMD_ID_AGREE_KEY = 0x118,
+ HKS_CMD_ID_DERIVE_KEY = 0x119,
+
+ HKS_CMD_ID_WRAP = 0x1000,
+ HKS_CMD_ID_UNWRAP = 0x1001,
+
+ HKS_CMD_ID_SIGN_WITH_DEV_KEY = 0x00010103,
+
+ HKS_CMD_ID_GET_FP_AUTH_RESULT_QCOM = 0x00020500,
+
+ HKS_CMD_ID_INJECT_KEY = 0x00010015,
+ HKS_CMD_ID_INJECT_KEY_VERIFY = 0x00010016,
+};
+
+#endif
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_common_check.h b/huks/frameworks/huks_standard/main/common/include/hks_common_check.h
new file mode 100644
index 0000000..db6a986
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_common_check.h
@@ -0,0 +1,69 @@
+/*
+ * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_COMMON_CHECK_H
+#define HKS_COMMON_CHECK_H
+
+#include <stdbool.h>
+#include <stdint.h>
+
+#include "hks_type.h"
+
+#define HKS_DIGEST_MD5_LEN 16
+#define HKS_DIGEST_SHA1_LEN 20
+#define HKS_DIGEST_SHA224_LEN 28
+#define HKS_DIGEST_SHA256_LEN 32
+#define HKS_DIGEST_SHA384_LEN 48
+#define HKS_DIGEST_SHA512_LEN 64
+#define HKS_DIGEST_SM3_LEN 32
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int32_t HksCheckBlob4(const struct HksBlob *data1, const struct HksBlob *data2,
+ const struct HksBlob *data3, const struct HksBlob *data4);
+
+int32_t HksCheckBlob3(const struct HksBlob *data1, const struct HksBlob *data2, const struct HksBlob *data3);
+
+int32_t HksCheckBlob2(const struct HksBlob *data1, const struct HksBlob *data2);
+
+int32_t HksCheckParamSetValidity(const struct HksParamSet *paramSet);
+
+int32_t HksCheckBlob4AndParamSet(const struct HksBlob *data1, const struct HksBlob *data2,
+ const struct HksBlob *data3, const struct HksBlob *data4, const struct HksParamSet *paramSet);
+
+int32_t HksCheckBlob3AndParamSet(const struct HksBlob *data1, const struct HksBlob *data2,
+ const struct HksBlob *data3, const struct HksParamSet *paramSet);
+
+int32_t HksCheckBlob2AndParamSet(const struct HksBlob *data1, const struct HksBlob *data2,
+ const struct HksParamSet *paramSet);
+
+int32_t HksCheckBlobAndParamSet(const struct HksBlob *data, const struct HksParamSet *paramSet);
+
+int32_t HksGetDigestLen(uint32_t digest, uint32_t *digestLen);
+
+int32_t HksCheckAesAeMode(const struct HksParamSet *paramSet, bool *isAes, bool *isAeMode);
+
+int32_t HksCheckWrappedDataFormatValidity(const struct HksBlob *wrappedData, uint32_t validTotalBlobs,
+ const uint32_t *validBlobLengths);
+
+int32_t HksGetBlobFromWrappedData(const struct HksBlob *wrappedData, uint32_t blobIndex, uint32_t totalBlobs,
+ struct HksBlob *blob);
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HKS_COMMON_CHECK_H */
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_config.h b/huks/frameworks/huks_standard/main/common/include/hks_config.h
new file mode 100644
index 0000000..188b48f
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_config.h
@@ -0,0 +1,228 @@
+/*
+ * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_CONFIG_H
+#define HKS_CONFIG_H
+
+#define HKS_SUPPORT_POSIX
+
+#define HKS_SUPPORT_THREAD
+
+#define HKS_LOG_ENGINE_LOG_CORE
+#define HKS_ENABLE_LOG_PUBLIC
+
+#define HKS_SUPPORT_API_ATTEST_KEY
+
+// #define HKS_SUPPORT_ACCESS_TOKEN
+
+/* AES */
+#define HKS_SUPPORT_AES_C
+#define HKS_SUPPORT_AES_GENERATE_KEY
+#define HKS_SUPPORT_AES_CBC_NOPADDING
+#define HKS_SUPPORT_AES_CBC_PKCS7
+#define HKS_SUPPORT_AES_GCM
+#define HKS_SUPPORT_AES_CTR_NOPADDING
+#define HKS_SUPPORT_AES_ECB_NOPADDING
+#define HKS_SUPPORT_AES_ECB_PKCS7PADDING
+
+/* BN */
+#define HKS_SUPPORT_BN_C
+
+/* ECC */
+#define HKS_SUPPORT_ECC_C
+#define HKS_SUPPORT_ECC_GENERATE_KEY
+#define HKS_SUPPORT_ECC_GET_PUBLIC_KEY
+
+#define HKS_SUPPORT_ECDH_C
+#define HKS_SUPPORT_ECDH_AGREE_KEY
+
+#define HKS_SUPPORT_ECDSA_C
+#define HKS_SUPPORT_ECDSA_SIGN_VERIFY
+
+/* ED25519 */
+#define HKS_SUPPORT_ED25519_C
+#define HKS_SUPPORT_ED25519_GENERATE_KEY
+#define HKS_SUPPORT_ED25519_SIGN_VERIFY
+#define HKS_SUPPORT_ED2519_GET_PUBLIC_KEY
+
+/* HASH */
+#define HKS_SUPPORT_HASH_C
+#define HKS_SUPPORT_HASH_SHA1
+#define HKS_SUPPORT_HASH_SHA224
+#define HKS_SUPPORT_HASH_SHA256
+#define HKS_SUPPORT_HASH_SHA384
+#define HKS_SUPPORT_HASH_SHA512
+#define HKS_SUPPORT_HASH_MD5
+
+/* HMAC */
+#define HKS_SUPPORT_HMAC_C
+#define HKS_SUPPORT_HMAC_GENERATE_KEY
+#define HKS_SUPPORT_HMAC_SHA1
+#define HKS_SUPPORT_HMAC_SHA224
+#define HKS_SUPPORT_HMAC_SHA256
+#define HKS_SUPPORT_HMAC_SHA384
+#define HKS_SUPPORT_HMAC_SHA512
+
+/* KDF */
+#define HKS_SUPPORT_KDF_C
+#define HKS_SUPPORT_KDF_PBKDF2
+#define HKS_SUPPORT_KDF_HKDF
+
+/* RSA */
+#define HKS_SUPPORT_RSA_C
+#define HKS_SUPPORT_RSA_GENERATE_KEY
+#define HKS_SUPPORT_RSA_CRYPT
+#define HKS_SUPPORT_RSA_SIGN_VERIFY
+#define HKS_SUPPORT_RSA_GET_PUBLIC_KEY
+#define HKS_SUPPORT_RSA_ECB_NOPADDING
+#define HKS_SUPPORT_RSA_ECB_PKCS1PADDING
+#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA1MGF1
+#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA224MGF1
+#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA256MGF1
+#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA384MGF1
+#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA512MGF1
+#define HKS_SUPPORT_RSA_ECB_OEAPPADDING
+#define HKS_SUPPORT_RSA_PSS
+
+/* DH */
+#define HKS_SUPPORT_DH_C
+#define HKS_SUPPORT_DH_GENERATE_KEY
+#define HKS_SUPPORT_DH_AGREE_KEY
+#define HKS_SUPPORT_DH_GET_PUBLIC_KEY
+
+/* DSA */
+#define HKS_SUPPORT_DSA_C
+#define HKS_SUPPORT_DSA_GENERATE_KEY
+#define HKS_SUPPORT_DSA_SIGN_VERIFY
+#define HKS_SUPPORT_DSA_GET_PUBLIC_KEY
+
+/* X25519 */
+#define HKS_SUPPORT_X25519_C
+#define HKS_SUPPORT_X25519_GENERATE_KEY
+#define HKS_SUPPORT_X25519_AGREE_KEY
+#define HKS_SUPPORT_X25519_GET_PUBLIC_KEY
+
+#define HKS_SUPPORT_ED25519_TO_X25519
+
+/* SM2 */
+#ifdef HKS_SUPPORT_ECC_C
+#define HKS_SUPPORT_SM2_C
+#define HKS_SUPPORT_SM2_SIGN_VERIFY
+#ifdef HKS_SUPPORT_ECC_GENERATE_KEY
+#define HKS_SUPPORT_SM2_GENERATE_KEY
+#endif
+#ifdef HKS_SUPPORT_ECC_GET_PUBLIC_KEY
+#define HKS_SUPPORT_SM2_GET_PUBLIC_KEY
+#endif
+#endif
+
+/* SM3 */
+#define HKS_SUPPORT_SM3_C
+#define HKS_SUPPORT_SM3_GENERATE_KEY
+#if defined(HKS_SUPPORT_SM3_C) && defined(HKS_SUPPORT_HMAC_C)
+#define HKS_SUPPORT_HMAC_SM3
+#endif
+#if defined(HKS_SUPPORT_SM3_C) && defined(HKS_SUPPORT_HASH_C)
+#define HKS_SUPPORT_HASH_SM3
+#endif
+
+/* SM4 */
+#define HKS_SUPPORT_SM4_C
+#define HKS_SUPPORT_SM4_GENERATE_KEY
+#define HKS_SUPPORT_SM4_CBC_NOPADDING
+#define HKS_SUPPORT_SM4_CBC_PKCS7
+#define HKS_SUPPORT_SM4_CTR_NOPADDING
+#define HKS_SUPPORT_SM4_ECB_NOPADDING
+#define HKS_SUPPORT_SM4_ECB_PKCS7
+
+/* enable cfi */
+#define HKS_SUPPORT_CFI
+
+#if defined(_SUPPORT_HKS_TEE_) && defined(HKS_SUPPORT_HMAC_GENERATE_KEY)
+#define HKS_SUPPORT_GET_AT_KEY
+#endif
+
+#if defined(HKS_SUPPORT_AES_GENERATE_KEY) || defined(HKS_SUPPORT_DH_GENERATE_KEY) || \
+ defined(HKS_SUPPORT_DSA_GENERATE_KEY) || defined(HKS_SUPPORT_ECC_GENERATE_KEY) || \
+ defined(HKS_SUPPORT_ED25519_GENERATE_KEY) || defined(HKS_SUPPORT_HMAC_GENERATE_KEY) || \
+ defined(HKS_SUPPORT_RSA_GENERATE_KEY) || defined(HKS_SUPPORT_X25519_GENERATE_KEY) || \
+ defined(HKS_SUPPORT_SM2_GENERATE_KEY) || defined(HKS_SUPPORT_SM3_GENERATE_KEY) || \
+ defined(HKS_SUPPORT_SM4_GENERATE_KEY)
+#define HKS_SUPPORT_API_GENERATE_KEY
+#define HKS_SUPPORT_API_DELETE_KEY
+#define HKS_SUPPORT_API_GET_KEY_PARAM_SET
+#define HKS_SUPPORT_API_KEY_EXIST
+#endif
+
+#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || defined(HKS_SUPPORT_ED25519_C) || \
+ defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_DSA_C) || \
+ defined(HKS_SUPPORT_DH_C) || defined(HKS_SUPPORT_SM2_C)
+#define HKS_SUPPORT_API_IMPORT
+#endif
+
+#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || defined(HKS_SUPPORT_ED25519_C) || \
+ defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_DSA_C) || \
+ defined(HKS_SUPPORT_DH_C) || defined(HKS_SUPPORT_SM2_C)
+#define HKS_SUPPORT_API_EXPORT
+#endif
+
+#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || defined(HKS_SUPPORT_ED25519_C) || \
+ defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_DSA_C) || \
+ defined(HKS_SUPPORT_DH_C) || defined(HKS_SUPPORT_SM2_C)
+#define HKS_SUPPORT_API_IMPORT_WRAPPED_KEY
+#endif
+
+#define HKS_SUPPORT_API_GENERATE_RANDOM
+
+#if defined(HKS_SUPPORT_ECDSA_SIGN_VERIFY) || defined(HKS_SUPPORT_ED25519_SIGN_VERIFY) || \
+ defined(HKS_SUPPORT_RSA_SIGN_VERIFY) || defined(HKS_SUPPORT_DSA_SIGN_VERIFY)
+#define HKS_SUPPORT_API_SIGN_VERIFY
+#endif
+
+#if defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_RSA_CRYPT)
+#define HKS_SUPPORT_API_CIPHER
+#endif
+
+#if defined(HKS_SUPPORT_X25519_AGREE_KEY) || defined(HKS_SUPPORT_ECDH_AGREE_KEY) || defined(HKS_SUPPORT_DH_AGREE_KEY)
+#define HKS_SUPPORT_API_AGREE_KEY
+#endif
+
+#ifdef HKS_SUPPORT_KDF_C
+#define HKS_SUPPORT_API_DERIVE_KEY
+#endif
+
+#ifdef HKS_SUPPORT_HMAC_C
+#define HKS_SUPPORT_API_MAC
+#endif
+
+#ifdef HKS_SUPPORT_HASH_C
+#define HKS_SUPPORT_API_HASH
+#endif
+
+#ifdef HKS_SUPPORT_BN_C
+#define HKS_SUPPORT_API_BN_EXP_MOD
+#endif
+
+#ifndef HKS_SUPPORT_LITE_HEAP
+#define HKS_SUPPORT_API_GET_KEY_INFO_LIST
+#endif
+
+/* Key user auth access control */
+// #if defined(HKS_SUPPORT_HMAC_C) && defined(HKS_SUPPORT_API_GENERATE_KEY) && (defined(HKS_SUPPORT_API_IMPORT) || \
+// defined(HKS_SUPPORT_API_GENERATE_KEY) || defined(HKS_SUPPORT_API_IMPORT_WRAPPED_KEY))
+// #define HKS_SUPPORT_USER_AUTH_ACCESS_CONTROL
+// #endif
+
+#endif /* HKS_CONFIG_H */
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_config_base.h b/huks/frameworks/huks_standard/main/common/include/hks_config_base.h
new file mode 100644
index 0000000..f1c9fb1
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_config_base.h
@@ -0,0 +1,177 @@
+/*
+ * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_CONFIG_H
+#define HKS_CONFIG_H
+
+#define HKS_SUPPORT_LITE_HEAP
+#define HKS_SUPPORT_UPGRADE_STORAGE_DATA
+#define HKS_SUPPORT_POSIX
+
+#define HKS_SUPPORT_SEC_LEVEL
+
+/* AES */
+#define HKS_SUPPORT_AES_C
+#define HKS_SUPPORT_AES_GENERATE_KEY
+#define HKS_SUPPORT_AES_CBC_NOPADDING
+#define HKS_SUPPORT_AES_CBC_PKCS7
+#define HKS_SUPPORT_AES_GCM
+#define HKS_SUPPORT_AES_CCM
+#define HKS_SUPPORT_AES_CTR_NOPADDING
+#define HKS_SUPPORT_AES_ECB_NOPADDING
+#define HKS_SUPPORT_AES_ECB_PKCS7PADDING
+
+/* BN */
+#define HKS_SUPPORT_BN_C
+
+/* ECC */
+#define HKS_SUPPORT_ECC_C
+#define HKS_SUPPORT_ECC_GENERATE_KEY
+#define HKS_SUPPORT_ECC_GET_PUBLIC_KEY
+
+#define HKS_SUPPORT_ECDH_C
+#define HKS_SUPPORT_ECDH_AGREE_KEY
+
+#define HKS_SUPPORT_ECDSA_C
+#define HKS_SUPPORT_ECDSA_SIGN_VERIFY
+
+/* ED25519 */
+#define HKS_SUPPORT_ED25519_C
+#define HKS_SUPPORT_ED25519_GENERATE_KEY
+#define HKS_SUPPORT_ED25519_SIGN_VERIFY
+#define HKS_SUPPORT_ED2519_GET_PUBLIC_KEY
+
+/* HASH */
+#define HKS_SUPPORT_HASH_C
+#define HKS_SUPPORT_HASH_SHA1
+#define HKS_SUPPORT_HASH_SHA224
+#define HKS_SUPPORT_HASH_SHA256
+#define HKS_SUPPORT_HASH_SHA384
+#define HKS_SUPPORT_HASH_SHA512
+#define HKS_SUPPORT_HASH_MD5
+
+/* HMAC */
+#define HKS_SUPPORT_HMAC_C
+#define HKS_SUPPORT_HMAC_GENERATE_KEY
+#define HKS_SUPPORT_HMAC_SHA1
+#define HKS_SUPPORT_HMAC_SHA224
+#define HKS_SUPPORT_HMAC_SHA256
+#define HKS_SUPPORT_HMAC_SHA384
+#define HKS_SUPPORT_HMAC_SHA512
+
+/* KDF */
+#define HKS_SUPPORT_KDF_C
+#define HKS_SUPPORT_KDF_PBKDF2
+#define HKS_SUPPORT_KDF_HKDF
+
+/* RSA */
+#define HKS_SUPPORT_RSA_C
+#define HKS_SUPPORT_RSA_GENERATE_KEY
+#define HKS_SUPPORT_RSA_CRYPT
+#define HKS_SUPPORT_RSA_SIGN_VERIFY
+#define HKS_SUPPORT_RSA_GET_PUBLIC_KEY
+#define HKS_SUPPORT_RSA_ECB_NOPADDING
+#define HKS_SUPPORT_RSA_ECB_PKCS1PADDING
+#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA1MGF1
+#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA224MGF1
+#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA256MGF1
+#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA384MGF1
+#define HKS_SUPPORT_RSA_ECB_OAEPPADDING_SHA512MGF1
+#define HKS_SUPPORT_RSA_ECB_OEAPPADDING
+#define HKS_SUPPORT_RSA_PSS
+
+/* DH */
+#define HKS_SUPPORT_DH_C
+#define HKS_SUPPORT_DH_GENERATE_KEY
+#define HKS_SUPPORT_DH_AGREE_KEY
+#define HKS_SUPPORT_DH_GET_PUBLIC_KEY
+
+/* DSA */
+#define HKS_SUPPORT_DSA_C
+#define HKS_SUPPORT_DSA_GENERATE_KEY
+#define HKS_SUPPORT_DSA_SIGN_VERIFY
+#define HKS_SUPPORT_DSA_GET_PUBLIC_KEY
+
+/* X25519 */
+#define HKS_SUPPORT_X25519_C
+#define HKS_SUPPORT_X25519_GENERATE_KEY
+#define HKS_SUPPORT_X25519_AGREE_KEY
+#define HKS_SUPPORT_X25519_GET_PUBLIC_KEY
+
+#define HKS_SUPPORT_ED25519_TO_X25519
+
+#if defined(HKS_SUPPORT_AES_GENERATE_KEY) || defined(HKS_SUPPORT_DH_GENERATE_KEY) || \
+ defined(HKS_SUPPORT_DSA_GENERATE_KEY) || defined(HKS_SUPPORT_ECC_GENERATE_KEY) || \
+ defined(HKS_SUPPORT_ED25519_GENERATE_KEY) || defined(HKS_SUPPORT_HMAC_GENERATE_KEY) || \
+ defined(HKS_SUPPORT_RSA_GENERATE_KEY) || defined(HKS_SUPPORT_X25519_GENERATE_KEY)
+#define HKS_SUPPORT_API_GENERATE_KEY
+#define HKS_SUPPORT_API_DELETE_KEY
+#define HKS_SUPPORT_API_GET_KEY_PARAM_SET
+#define HKS_SUPPORT_API_KEY_EXIST
+#endif
+
+#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || defined(HKS_SUPPORT_ED25519_C) || \
+ defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_DSA_C) || \
+ defined(HKS_SUPPORT_DH_C)
+#define HKS_SUPPORT_API_IMPORT
+#endif
+
+#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || defined(HKS_SUPPORT_ED25519_C) || \
+ defined(HKS_SUPPORT_X25519_C) || defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_DSA_C) || \
+ defined(HKS_SUPPORT_DH_C)
+#define HKS_SUPPORT_API_EXPORT
+#endif
+
+#define HKS_SUPPORT_API_GENERATE_RANDOM
+
+#if defined(HKS_SUPPORT_ECDSA_SIGN_VERIFY) || defined(HKS_SUPPORT_ED25519_SIGN_VERIFY) || \
+ defined(HKS_SUPPORT_RSA_SIGN_VERIFY) || defined(HKS_SUPPORT_DSA_SIGN_VERIFY)
+#define HKS_SUPPORT_API_SIGN_VERIFY
+#endif
+
+#if defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_RSA_CRYPT)
+#define HKS_SUPPORT_API_CIPHER
+#endif
+
+#if defined(HKS_SUPPORT_X25519_AGREE_KEY) || defined(HKS_SUPPORT_ECDH_AGREE_KEY) || defined(HKS_SUPPORT_DH_AGREE_KEY)
+#define HKS_SUPPORT_API_AGREE_KEY
+#endif
+
+#ifdef HKS_SUPPORT_KDF_C
+#define HKS_SUPPORT_API_DERIVE_KEY
+#endif
+
+#ifdef HKS_SUPPORT_HMAC_C
+#define HKS_SUPPORT_API_MAC
+#endif
+
+#ifdef HKS_SUPPORT_HASH_C
+#define HKS_SUPPORT_API_HASH
+#endif
+
+#ifdef HKS_SUPPORT_BN_C
+#define HKS_SUPPORT_API_BN_EXP_MOD
+#endif
+
+#ifndef HKS_SUPPORT_LITE_HEAP
+#define HKS_SUPPORT_API_GET_KEY_INFO_LIST
+#endif
+
+#define HKS_SUPPORT_API_ATTEST_KEY
+#define HKS_SUPPORT_API_GET_CERTIFICATE_CHAIN
+#define HKS_SUPPORT_API_WRAP_KEY
+#define HKS_SUPPORT_API_UNWRAP_KEY
+
+#endif /* HKS_CONFIG_H */
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_config_lite.h b/huks/frameworks/huks_standard/main/common/include/hks_config_lite.h
new file mode 100644
index 0000000..61ff132
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_config_lite.h
@@ -0,0 +1,111 @@
+/*
+ * Copyright (c) 2021-2021 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_CONFIG_H
+#define HKS_CONFIG_H
+
+#define HKS_SUPPORT_POSIX
+
+#define HKS_LOG_ENGINE_HILOG_MODULE_SCY
+
+/* AES */
+#define HKS_SUPPORT_AES_C
+#define HKS_SUPPORT_AES_GENERATE_KEY
+#define HKS_SUPPORT_AES_CBC_NOPADDING
+#define HKS_SUPPORT_AES_CBC_PKCS7
+#define HKS_SUPPORT_AES_GCM
+
+/* BN */
+#define HKS_SUPPORT_BN_C
+
+/* HASH */
+#define HKS_SUPPORT_HASH_C
+#define HKS_SUPPORT_HASH_SHA256
+#define HKS_SUPPORT_HASH_SHA384
+#define HKS_SUPPORT_HASH_SHA512
+
+/* HMAC */
+#define HKS_SUPPORT_HMAC_C
+#define HKS_SUPPORT_HMAC_SHA256
+#define HKS_SUPPORT_HMAC_SHA384
+#define HKS_SUPPORT_HMAC_SHA512
+
+/* KDF */
+#define HKS_SUPPORT_KDF_C
+#define HKS_SUPPORT_KDF_PBKDF2
+#define HKS_SUPPORT_KDF_HKDF
+
+/* X25519 */
+#define HKS_SUPPORT_X25519_C
+#define HKS_SUPPORT_X25519_GENERATE_KEY
+#define HKS_SUPPORT_X25519_AGREE_KEY
+#define HKS_SUPPORT_X25519_GET_PUBLIC_KEY
+
+#if defined(HKS_SUPPORT_AES_GENERATE_KEY) || defined(HKS_SUPPORT_ECC_GENERATE_KEY) || \
+ defined(HKS_SUPPORT_ED25519_GENERATE_KEY) || defined(HKS_SUPPORT_RSA_GENERATE_KEY) || \
+ defined(HKS_SUPPORT_X25519_GENERATE_KEY)
+#define HKS_SUPPORT_API_GENERATE_KEY
+#define HKS_SUPPORT_API_DELETE_KEY
+#define HKS_SUPPORT_API_GET_KEY_PARAM_SET
+#define HKS_SUPPORT_API_KEY_EXIST
+#endif
+
+#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || \
+ defined(HKS_SUPPORT_ED25519_C) || defined(HKS_SUPPORT_X25519_C) || \
+ defined(HKS_SUPPORT_AES_C)
+#define HKS_SUPPORT_API_IMPORT
+#endif
+
+#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || \
+ defined(HKS_SUPPORT_ED25519_C) || defined(HKS_SUPPORT_X25519_C)
+#define HKS_SUPPORT_API_EXPORT
+#endif
+
+#define HKS_SUPPORT_API_GENERATE_RANDOM
+
+#if defined(HKS_SUPPORT_ECDSA_C) || defined(HKS_SUPPORT_ED25519_SIGN_VERIFY) || \
+ defined(HKS_SUPPORT_RSA_SIGN_VERIFY)
+#define HKS_SUPPORT_API_SIGN_VERIFY
+#endif
+
+#if defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_RSA_CRYPT)
+#define HKS_SUPPORT_API_CIPHER
+#endif
+
+#if defined(HKS_SUPPORT_X25519_AGREE_KEY) || defined(HKS_SUPPORT_ECDH_C)
+#define HKS_SUPPORT_API_AGREE_KEY
+#endif
+
+#ifdef HKS_SUPPORT_KDF_C
+#define HKS_SUPPORT_API_DERIVE_KEY
+#endif
+
+#ifdef HKS_SUPPORT_HMAC_C
+#define HKS_SUPPORT_API_MAC
+#endif
+
+#ifdef HKS_SUPPORT_HASH_C
+#define HKS_SUPPORT_API_HASH
+#endif
+
+#ifdef HKS_SUPPORT_BN_C
+#define HKS_SUPPORT_API_BN_EXP_MOD
+#endif
+
+#ifndef HKS_SUPPORT_LITE_HEAP
+#define HKS_SUPPORT_API_GET_KEY_INFO_LIST
+#endif
+
+#endif /* HKS_CONFIG_H */
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_config_small.h b/huks/frameworks/huks_standard/main/common/include/hks_config_small.h
new file mode 100644
index 0000000..d8692e7
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_config_small.h
@@ -0,0 +1,136 @@
+/*
+ * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_CONFIG_H
+#define HKS_CONFIG_H
+
+#define HKS_SUPPORT_POSIX
+
+#ifndef __LINUX__
+#define HKS_ENABLE_LOG_PUBLIC
+#endif
+#define HKS_LOG_ENGINE_HILOG_MODULE_SCY
+
+/* AES */
+#define HKS_SUPPORT_AES_C
+#define HKS_SUPPORT_AES_GENERATE_KEY
+#define HKS_SUPPORT_AES_CBC_NOPADDING
+#define HKS_SUPPORT_AES_CBC_PKCS7
+#define HKS_SUPPORT_AES_GCM
+
+/* BN */
+#define HKS_SUPPORT_BN_C
+
+/* ECC */
+#define HKS_SUPPORT_ECC_C
+#define HKS_SUPPORT_ECC_GENERATE_KEY
+#define HKS_SUPPORT_ECC_GET_PUBLIC_KEY
+#define HKS_SUPPORT_ECDH_C
+#define HKS_SUPPORT_ECDSA_C
+
+/* ED25519 */
+#define HKS_SUPPORT_ED25519_C
+#define HKS_SUPPORT_ED25519_GENERATE_KEY
+#define HKS_SUPPORT_ED25519_SIGN_VERIFY
+#define HKS_SUPPORT_ED2519_GET_PUBLIC_KEY
+
+/* HASH */
+#define HKS_SUPPORT_HASH_C
+#define HKS_SUPPORT_HASH_SHA256
+#define HKS_SUPPORT_HASH_SHA384
+#define HKS_SUPPORT_HASH_SHA512
+
+/* HMAC */
+#define HKS_SUPPORT_HMAC_C
+#define HKS_SUPPORT_HMAC_SHA256
+#define HKS_SUPPORT_HMAC_SHA384
+#define HKS_SUPPORT_HMAC_SHA512
+
+/* KDF */
+#define HKS_SUPPORT_KDF_C
+#define HKS_SUPPORT_KDF_PBKDF2
+#define HKS_SUPPORT_KDF_HKDF
+
+/* RSA */
+#define HKS_SUPPORT_RSA_C
+#define HKS_SUPPORT_RSA_GENERATE_KEY
+#define HKS_SUPPORT_RSA_CRYPT
+#define HKS_SUPPORT_RSA_SIGN_VERIFY
+#define HKS_SUPPORT_RSA_GET_PUBLIC_KEY
+
+/* X25519 */
+#define HKS_SUPPORT_X25519_C
+#define HKS_SUPPORT_X25519_GENERATE_KEY
+#define HKS_SUPPORT_X25519_AGREE_KEY
+#define HKS_SUPPORT_X25519_GET_PUBLIC_KEY
+
+#define HKS_SUPPORT_ED25519_TO_X25519
+
+#if defined(HKS_SUPPORT_AES_GENERATE_KEY) || defined(HKS_SUPPORT_ECC_GENERATE_KEY) || \
+ defined(HKS_SUPPORT_ED25519_GENERATE_KEY) || defined(HKS_SUPPORT_RSA_GENERATE_KEY) || \
+ defined(HKS_SUPPORT_X25519_GENERATE_KEY)
+#define HKS_SUPPORT_API_GENERATE_KEY
+#define HKS_SUPPORT_API_DELETE_KEY
+#define HKS_SUPPORT_API_GET_KEY_PARAM_SET
+#define HKS_SUPPORT_API_KEY_EXIST
+#endif
+
+#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || \
+ defined(HKS_SUPPORT_ED25519_C) || defined(HKS_SUPPORT_X25519_C) || \
+ defined(HKS_SUPPORT_AES_C)
+#define HKS_SUPPORT_API_IMPORT
+#endif
+
+#if defined(HKS_SUPPORT_ECC_C) || defined(HKS_SUPPORT_RSA_C) || \
+ defined(HKS_SUPPORT_ED25519_C) || defined(HKS_SUPPORT_X25519_C)
+#define HKS_SUPPORT_API_EXPORT
+#endif
+
+#define HKS_SUPPORT_API_GENERATE_RANDOM
+
+#if defined(HKS_SUPPORT_ECDSA_C) || defined(HKS_SUPPORT_ED25519_SIGN_VERIFY) || \
+ defined(HKS_SUPPORT_RSA_SIGN_VERIFY)
+#define HKS_SUPPORT_API_SIGN_VERIFY
+#endif
+
+#if defined(HKS_SUPPORT_AES_C) || defined(HKS_SUPPORT_RSA_CRYPT)
+#define HKS_SUPPORT_API_CIPHER
+#endif
+
+#if defined(HKS_SUPPORT_X25519_AGREE_KEY) || defined(HKS_SUPPORT_ECDH_C)
+#define HKS_SUPPORT_API_AGREE_KEY
+#endif
+
+#ifdef HKS_SUPPORT_KDF_C
+#define HKS_SUPPORT_API_DERIVE_KEY
+#endif
+
+#ifdef HKS_SUPPORT_HMAC_C
+#define HKS_SUPPORT_API_MAC
+#endif
+
+#ifdef HKS_SUPPORT_HASH_C
+#define HKS_SUPPORT_API_HASH
+#endif
+
+#ifdef HKS_SUPPORT_BN_C
+#define HKS_SUPPORT_API_BN_EXP_MOD
+#endif
+
+#ifndef HKS_SUPPORT_LITE_HEAP
+#define HKS_SUPPORT_API_GET_KEY_INFO_LIST
+#endif
+
+#endif /* HKS_CONFIG_H */
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_crypto_adapter.h b/huks/frameworks/huks_standard/main/common/include/hks_crypto_adapter.h
new file mode 100644
index 0000000..a4d6a9c
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_crypto_adapter.h
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2021 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_CRYPTO_ADAPTER_H
+#define HKS_CRYPTO_ADAPTER_H
+
+#include <stdbool.h>
+#include <stdint.h>
+
+#include "hks_crypto_hal.h"
+#include "hks_type.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+void HksFillKeySpec(const struct HksParamSet *paramSet, struct HksKeySpec *spec);
+
+void HksFillUsageSpec(const struct HksParamSet *paramSet, struct HksUsageSpec *usageSpec);
+
+void HksFreeUsageSpec(struct HksUsageSpec **usageSpec);
+
+void HksFillKeyDerivationParam(const struct HksParamSet *paramSet, struct HksKeyDerivationParam *param);
+
+int32_t HksFillAeadParam(const struct HksParamSet *paramSet, struct HksBlob *inputText, struct HksUsageSpec *usageSpec,
+ bool isEncrypt);
+
+int32_t HksFillIvParam(const struct HksParamSet *paramSet, struct HksUsageSpec *usageSpec);
+
+int32_t HksBuildCipherUsageSpec(const struct HksParamSet *paramSet, bool isEncrypt, struct HksBlob *inputText,
+ struct HksUsageSpec **outUsageSpec);
+
+int32_t HksGetEncryptAeTag(const struct HksParamSet *paramSet, const struct HksBlob *inData, struct HksBlob *outData,
+ struct HksBlob *tagAead);
+
+int32_t HksSetKeyToMaterial(uint32_t alg, bool isPubKey, const struct HksBlob *key, struct HksBlob *keyMaterial);
+
+int32_t HksGetKeyFromMaterial(uint32_t alg, bool isPubKey, const struct HksBlob *keyMaterial, struct HksBlob *key);
+
+int32_t HksFormatKeyFromMaterial(uint32_t alg, const struct HksBlob *keyMaterial, struct HksParamSet *paramSetOut);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
\ No newline at end of file
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_crypto_hal.h b/huks/frameworks/huks_standard/main/common/include/hks_crypto_hal.h
new file mode 100644
index 0000000..1543691
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_crypto_hal.h
@@ -0,0 +1,255 @@
+/*
+ * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_CRYPTO_HAL_H
+#define HKS_CRYPTO_HAL_H
+
+#include "hks_type.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+enum HksKeyAlgMode {
+ HKS_ALGORITHM_RSA_MODE_CRT = 1,
+ HKS_ALGORITHM_RSA_MODE_NO_CRT = 2,
+ HKS_ALGORITHM_EC_MODE_ECDH = 3,
+ HKS_ALGORITHM_ED_MODE_SIG_VERIFY = 4,
+ HKS_ALGORITHM_ED_MODE_VERIFY = 5,
+ HKS_ALGORITHM_X25519_MODE = 6,
+};
+
+struct HksKeySpec {
+ uint32_t algType;
+ uint32_t keyLen;
+ void *algParam; /* for example : struct HksKeyDerivationParam */
+};
+
+struct HksKeyDerivationParam {
+ struct HksBlob salt;
+ struct HksBlob info;
+ uint32_t iterations;
+ uint32_t digestAlg;
+};
+
+struct HksAeadParam {
+ struct HksBlob nonce;
+ struct HksBlob aad;
+ union {
+ struct HksBlob tagDec;
+ uint32_t tagLenEnc;
+ };
+ uint32_t payloadLen;
+};
+
+struct HksCipherParam {
+ struct HksBlob iv;
+};
+
+struct HksUsageSpec {
+ uint32_t algType;
+ uint32_t mode;
+ uint32_t padding;
+ uint32_t digest;
+ uint32_t purpose;
+ /*
+ * Different algorithms correspond to different structures,for example:
+ * struct HksAeadParam for aead;
+ * struct HksCipherParam for cipher;
+ */
+ void *algParam;
+};
+
+struct KeyMaterialRsa {
+ enum HksKeyAlg keyAlg;
+ uint32_t keySize;
+ uint32_t nSize;
+ uint32_t eSize;
+ uint32_t dSize;
+};
+
+struct KeyMaterialEcc {
+ enum HksKeyAlg keyAlg;
+ uint32_t keySize;
+ uint32_t xSize;
+ uint32_t ySize;
+ uint32_t zSize;
+};
+
+struct KeyMaterialDsa {
+ enum HksKeyAlg keyAlg;
+ uint32_t keySize;
+ uint32_t xSize;
+ uint32_t ySize;
+ uint32_t pSize;
+ uint32_t qSize;
+ uint32_t gSize;
+};
+
+struct KeyMaterialDh {
+ enum HksKeyAlg keyAlg;
+ uint32_t keySize;
+ uint32_t pubKeySize;
+ uint32_t priKeySize;
+ uint32_t reserved;
+};
+
+struct KeyMaterial25519 {
+ enum HksKeyAlg keyAlg;
+ uint32_t keySize;
+ uint32_t pubKeySize;
+ uint32_t priKeySize;
+ uint32_t reserved;
+};
+
+typedef int32_t (*GetMainKey)(const struct HksBlob *, struct HksBlob *);
+
+typedef int32_t (*GenerateKey)(const struct HksKeySpec *, struct HksBlob *);
+
+typedef int32_t (*PubKey)(const struct HksBlob *, struct HksBlob *);
+
+typedef int32_t (*DeriveKey)(const struct HksBlob *, const struct HksKeySpec *, struct HksBlob *);
+
+typedef int32_t (*FillRandom)(struct HksBlob *);
+
+typedef int32_t (*AgreeKey)(const struct HksBlob *, const struct HksBlob *, const struct HksKeySpec *,
+ struct HksBlob *);
+
+typedef int32_t (*Sign)(const struct HksBlob *, const struct HksUsageSpec *, const struct HksBlob *,
+ struct HksBlob *);
+
+typedef int32_t (*Verify)(const struct HksBlob *, const struct HksUsageSpec *, const struct HksBlob *,
+ const struct HksBlob *);
+
+typedef int32_t (*Hmac)(const struct HksBlob *, uint32_t, const struct HksBlob *, struct HksBlob *);
+
+typedef int32_t (*HmacInit)(void **, const struct HksBlob *, uint32_t);
+
+typedef int32_t (*HmacUpdate)(void *, const struct HksBlob *);
+
+typedef int32_t (*HmacFinal)(void **, const struct HksBlob *, struct HksBlob *);
+
+typedef int32_t (*Hash)(uint32_t, const struct HksBlob *, struct HksBlob *);
+
+typedef int32_t (*HashInit)(void **, uint32_t);
+
+typedef int32_t (*HashUpdate)(void *, const struct HksBlob *);
+
+typedef int32_t (*HashFinal)(void **, const struct HksBlob *, struct HksBlob *);
+
+typedef int32_t (*Encrypt)(const struct HksBlob *, const struct HksUsageSpec *,
+ const struct HksBlob *, struct HksBlob *, struct HksBlob *);
+
+typedef int32_t (*EncryptInit)(void **, const struct HksBlob *, const struct HksUsageSpec *, const bool);
+
+typedef int32_t (*EncryptUpdate)(void *, const struct HksBlob *, struct HksBlob *, const bool);
+
+typedef int32_t (*EncryptFinal)(void **, const struct HksBlob *, struct HksBlob *, struct HksBlob *, const bool);
+
+typedef int32_t (*Decrypt)(const struct HksBlob *, const struct HksUsageSpec *,
+ const struct HksBlob *, struct HksBlob *);
+
+typedef int32_t (*DecryptInit)(void **, const struct HksBlob *, const struct HksUsageSpec *, const bool);
+
+typedef int32_t (*DecryptUpdate)(void *, const struct HksBlob *, struct HksBlob *, const bool);
+
+typedef int32_t (*DecryptFinal)(void **, const struct HksBlob *, struct HksBlob *, struct HksBlob *, const bool);
+
+typedef int32_t (*BnExpMod)(struct HksBlob *, const struct HksBlob *,
+ const struct HksBlob *, const struct HksBlob *);
+
+typedef void (*FreeCtx)(void **);
+
+int32_t HksCryptoHalGetMainKey(const struct HksBlob *message, struct HksBlob *mainKey);
+
+int32_t HksCryptoHalGenerateKey(const struct HksKeySpec *spec, struct HksBlob *key);
+
+int32_t HksCryptoHalGetPubKey(const struct HksBlob *keyIn, struct HksBlob *keyOut);
+
+int32_t HksCryptoHalDeriveKey(const struct HksBlob *mainKey, const struct HksKeySpec *derivationSpec,
+ struct HksBlob *derivedKey);
+
+int32_t HksCryptoHalFillRandom(struct HksBlob *randomData);
+
+int32_t HksCryptoHalFillPrivRandom(struct HksBlob *randomData);
+
+int32_t HksCryptoHalAddEntropy(const struct HksBlob *entropy);
+
+int32_t HksCryptoHalAgreeKey(const struct HksBlob *nativeKey, const struct HksBlob *pubKey,
+ const struct HksKeySpec *spec, struct HksBlob *sharedKey);
+
+int32_t HksCryptoHalSign(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
+ const struct HksBlob *message, struct HksBlob *signature);
+
+int32_t HksCryptoHalVerify(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
+ const struct HksBlob *message, const struct HksBlob *signature);
+
+int32_t HksCryptoHalHmacInit(const struct HksBlob *key, uint32_t digestAlg, void **ctx);
+
+int32_t HksCryptoHalHmacUpdate(const struct HksBlob *chunk, void *ctx);
+
+int32_t HksCryptoHalHmacFinal(const struct HksBlob *msg, void **ctx, struct HksBlob *mac);
+
+void HksCryptoHalHmacFreeCtx(void **ctx);
+
+int32_t HksCryptoHalHmac(const struct HksBlob *key, uint32_t digestAlg, const struct HksBlob *msg,
+ struct HksBlob *mac);
+
+int32_t HksCryptoHalHashInit(uint32_t alg, void **ctx);
+
+int32_t HksCryptoHalHashUpdate(const struct HksBlob *msg, void *ctx);
+
+int32_t HksCryptoHalHashFinal(const struct HksBlob *msg, void **ctx, struct HksBlob *hash);
+
+void HksCryptoHalHashFreeCtx(void **ctx);
+
+int32_t HksCryptoHalHash(uint32_t alg, const struct HksBlob *msg, struct HksBlob *hash);
+
+int32_t HksCryptoHalEncryptInit(const struct HksBlob *key, const struct HksUsageSpec *usageSpec, void **ctx);
+
+int32_t HksCryptoHalEncryptUpdate(const struct HksBlob *message, void *ctx, struct HksBlob *out,
+ const uint32_t algtype);
+
+int32_t HksCryptoHalEncryptFinal(const struct HksBlob *message, void **ctx, struct HksBlob *cipherText,
+ struct HksBlob *tagAead, const uint32_t algtype);
+
+void HksCryptoHalEncryptFreeCtx(void **ctx, const uint32_t algtype);
+
+int32_t HksCryptoHalEncrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
+ const struct HksBlob *message, struct HksBlob *cipherText, struct HksBlob *tagAead);
+
+int32_t HksCryptoHalDecryptInit(const struct HksBlob *key, const struct HksUsageSpec *usageSpec, void **ctx);
+
+int32_t HksCryptoHalDecryptUpdate(const struct HksBlob *message, void *ctx, struct HksBlob *out,
+ const uint32_t algtype);
+
+int32_t HksCryptoHalDecryptFinal(const struct HksBlob *message, void **ctx, struct HksBlob *cipherText,
+ struct HksBlob *tagAead, const uint32_t algtype);
+
+void HksCryptoHalDecryptFreeCtx(void **ctx, const uint32_t algtype);
+
+int32_t HksCryptoHalDecrypt(const struct HksBlob *key, const struct HksUsageSpec *usageSpec,
+ const struct HksBlob *message, struct HksBlob *cipherText);
+
+int32_t HksCryptoHalBnExpMod(struct HksBlob *x, const struct HksBlob *a,
+ const struct HksBlob *e, const struct HksBlob *n);
+
+int32_t HksCryptoHalInit(void);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HKS_CRYPTO_HAL_H */
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_errcode_adapter.h b/huks/frameworks/huks_standard/main/common/include/hks_errcode_adapter.h
new file mode 100644
index 0000000..c3f025f
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_errcode_adapter.h
@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef HKS_ERRCODE_ADAPTER_H
+#define HKS_ERRCODE_ADAPTER_H
+
+#ifdef __cplusplus
+#include <cstdbool>
+#include <cstdlib>
+#include <cstdint>
+#else
+#include <stdbool.h>
+#include <stdlib.h>
+#include <stdint.h>
+#endif
+
+#include "hks_type.h"
+
+struct HksResult {
+ int32_t errorCode;
+ const char *errorMsg;
+ uint8_t *data;
+};
+
+struct HksError {
+ int32_t innerErrCode;
+ struct HksResult hksResult;
+};
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct HksResult HksConvertErrCode(int32_t result);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HKS_ERRCODE_ADAPTER_H */
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_log.h b/huks/frameworks/huks_standard/main/common/include/hks_log.h
new file mode 100644
index 0000000..5815e0c
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_log.h
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2021 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_LOG_H
+#define HKS_LOG_H
+
+#include "hks_type.h"
+
+#ifdef HKS_CONFIG_FILE
+#include HKS_CONFIG_FILE
+#else
+#include "hks_config.h"
+#endif
+
+#ifdef _HUKS_LOG_ENABLE_
+#ifdef HKS_ENABLE_LOG_PUBLIC
+#define LOG_PUBLIC "{public}"
+#else
+#define LOG_PUBLIC
+#endif
+
+#undef LOG_TAG
+#define LOG_TAG "HUKS"
+#undef LOG_DOMAIN
+#define LOG_DOMAIN 0xD002F00 /* Security subsystem's domain id */
+
+#ifdef HKS_LOG_ENGINE_LOG_CORE
+#include "hilog/log.h"
+#define LOG_ENGINE LOG_CORE
+#else
+#ifdef HKS_LOG_ENGINE_HILOG_MODULE_SCY
+#include "log.h"
+#define LOG_ENGINE HILOG_MODULE_SCY
+#endif
+#endif
+
+#define HKS_LOG_I(fmt, arg...) HILOG_INFO(LOG_ENGINE, "%" LOG_PUBLIC "s[%" LOG_PUBLIC "u]: " fmt "\n", \
+ __func__, __LINE__, ##arg)
+#define HKS_LOG_W(fmt, arg...) HILOG_WARN(LOG_ENGINE, "%" LOG_PUBLIC "s[%" LOG_PUBLIC "u]: " fmt "\n", \
+ __func__, __LINE__, ##arg)
+#define HKS_LOG_E(fmt, arg...) HILOG_ERROR(LOG_ENGINE, "%" LOG_PUBLIC "s[%" LOG_PUBLIC "u]: " fmt "\n", \
+ __func__, __LINE__, ##arg)
+#define HKS_LOG_D(fmt, arg...) HILOG_DEBUG(LOG_ENGINE, "%" LOG_PUBLIC "s[%" LOG_PUBLIC "u]: " fmt "\n", \
+ __func__, __LINE__, ##arg)
+#else
+#define HKS_LOG_I(...)
+#define HKS_LOG_W(...)
+#define HKS_LOG_E(...)
+#define HKS_LOG_D(...)
+#endif
+
+#endif /* HKS_LOG_H */
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_mem.h b/huks/frameworks/huks_standard/main/common/include/hks_mem.h
new file mode 100644
index 0000000..af6a0ef
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_mem.h
@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) 2021-2023 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_MEM_H
+#define HKS_MEM_H
+
+#ifdef __cplusplus
+#include <cstdint>
+#include <cstdlib>
+
+#define HKS_NULL_POINTER nullptr
+#else
+#include <stdint.h>
+#include <stdlib.h>
+
+#define HKS_NULL_POINTER NULL
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+void *HksMalloc(size_t size);
+int32_t HksMemCmp(const void *ptr1, const void *ptr2, uint32_t size);
+
+#define SELF_FREE_PTR(PTR, FREE_FUNC) \
+{ \
+ if ((PTR) != HKS_NULL_POINTER) { \
+ FREE_FUNC(PTR); \
+ (PTR) = HKS_NULL_POINTER; \
+ } \
+}
+
+#define HKS_FREE_PTR(p) SELF_FREE_PTR(p, free)
+
+#define HksFree(p) SELF_FREE_PTR(p, free)
+
+#define HKS_FREE_BLOB(blob) do { \
+ if ((blob).data != HKS_NULL_POINTER) { \
+ free((blob).data); \
+ (blob).data = HKS_NULL_POINTER; \
+ } \
+ (blob).size = 0; \
+} while (0)
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HKS_MEM_H */
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_template.h b/huks/frameworks/huks_standard/main/common/include/hks_template.h
new file mode 100644
index 0000000..f9c9dcb
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_template.h
@@ -0,0 +1,75 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_TEMPLATE_H
+#define HKS_TEMPLATE_H
+
+#undef HKS_NULL_POINTER
+
+#ifdef __cplusplus
+#define HKS_NULL_POINTER nullptr
+#else
+#define HKS_NULL_POINTER NULL
+#endif
+
+#define HKS_IF_NOT_SUCC_LOGE_RETURN(RESULT, ERROR_CODE, LOG_MESSAGE, ...) \
+if ((RESULT) != HKS_SUCCESS) { \
+ HKS_LOG_E(LOG_MESSAGE, ##__VA_ARGS__); \
+ return (ERROR_CODE); \
+}
+
+#define HKS_IF_NOT_SUCC_LOGE_BREAK(RESULT, LOG_MESSAGE, ...) \
+if ((RESULT) != HKS_SUCCESS) { \
+ HKS_LOG_E(LOG_MESSAGE, ##__VA_ARGS__); \
+ break; \
+}
+
+#define HKS_IF_NOT_SUCC_BREAK(RESULT, ...) \
+if ((RESULT) != HKS_SUCCESS) { \
+ break; \
+}
+
+#define HKS_IF_NOT_SUCC_LOGE(RESULT, LOG_MESSAGE, ...) \
+if ((RESULT) != HKS_SUCCESS) { \
+ HKS_LOG_E(LOG_MESSAGE, ##__VA_ARGS__); \
+}
+
+#define HKS_IF_NOT_SUCC_RETURN(RESULT, ERROR_CODE) \
+if ((RESULT) != HKS_SUCCESS) { \
+ return (ERROR_CODE); \
+}
+
+#define HKS_IF_NULL_LOGE_RETURN(OBJECT, ERROR_CODE, LOG_MESSAGE, ...) \
+if ((OBJECT) == HKS_NULL_POINTER) { \
+ HKS_LOG_E(LOG_MESSAGE, ##__VA_ARGS__); \
+ return (ERROR_CODE); \
+}
+
+#define HKS_IF_NULL_LOGE_BREAK(OBJECT, LOG_MESSAGE, ...) \
+if ((OBJECT) == HKS_NULL_POINTER) { \
+ HKS_LOG_E(LOG_MESSAGE, ##__VA_ARGS__); \
+ break; \
+}
+
+#define HKS_IF_NULL_RETURN(OBJECT, ERROR_CODE) \
+if ((OBJECT) == HKS_NULL_POINTER) { \
+ return (ERROR_CODE); \
+}
+
+#define HKS_IF_NULL_BREAK(OBJECT) \
+if ((OBJECT) == HKS_NULL_POINTER) { \
+ break; \
+}
+#endif /* HKS_TEMPLATE_H */
diff --git a/huks/frameworks/huks_standard/main/common/include/hks_type_inner.h b/huks/frameworks/huks_standard/main/common/include/hks_type_inner.h
new file mode 100644
index 0000000..d32663d
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/common/include/hks_type_inner.h
@@ -0,0 +1,94 @@
+/*
+ * Copyright (c) 2021 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_TYPE_INNER_H
+#define HKS_TYPE_INNER_H
+
+#include "hks_type.h"
+#include "securec.h"
+
+#define HANDLE_SIZE 8
+#define DEFAULT_AUTH_TIMEOUT 5
+
+/* EnrolledIdInfo stored format: |-enrolledId len-|-enrolledId1 type-|-enrolledId1 value-|...| */
+#define ENROLLED_ID_INFO_MIN_LEN (sizeof(uint32_t) + (sizeof(uint32_t) + sizeof(uint64_t)))
+
+enum HksUserAuthResult {
+ HKS_AUTH_RESULT_NONE = -2, // not support user auth
+ HKS_AUTH_RESULT_INIT = -1,
+ HKS_AUTH_RESULT_SUCCESS = 0,
+ HKS_AUTH_RESULT_FAILED = 1,
+};
+
+enum HksStageType {
+ HKS_STAGE_THREE = 0,
+ HKS_STAGE_ONE = 1,
+};
+
+enum HksInnerTag {
+ HKS_TAG_APPENDED_DATA_PREFIX = HKS_TAG_TYPE_BYTES | 10020,
+ HKS_TAG_APPENDED_DATA_SUFFIX = HKS_TAG_TYPE_BYTES | 10021,
+
+ /* Inner-use TAGS used for ipc serialization */
+ HKS_TAG_PARAM0_BUFFER = HKS_TAG_TYPE_BYTES | 30001,
+ HKS_TAG_PARAM1_BUFFER = HKS_TAG_TYPE_BYTES | 30002,
+ HKS_TAG_PARAM2_BUFFER = HKS_TAG_TYPE_BYTES | 30003,
+ HKS_TAG_PARAM3_BUFFER = HKS_TAG_TYPE_BYTES | 30004,
+ HKS_TAG_PARAM4_BUFFER = HKS_TAG_TYPE_BYTES | 30005,
+ HKS_TAG_PARAM0_UINT32 = HKS_TAG_TYPE_UINT | 30006,
+ HKS_TAG_PARAM1_UINT32 = HKS_TAG_TYPE_UINT | 30007,
+ HKS_TAG_PARAM2_UINT32 = HKS_TAG_TYPE_UINT | 30008,
+ HKS_TAG_PARAM3_UINT32 = HKS_TAG_TYPE_UINT | 30009,
+ HKS_TAG_PARAM4_UINT32 = HKS_TAG_TYPE_UINT | 30010,
+ HKS_TAG_PARAM0_BOOL = HKS_TAG_TYPE_BOOL | 30011,
+ HKS_TAG_PARAM1_BOOL = HKS_TAG_TYPE_BOOL | 30012,
+ HKS_TAG_PARAM2_BOOL = HKS_TAG_TYPE_BOOL | 30013,
+ HKS_TAG_PARAM3_BOOL = HKS_TAG_TYPE_BOOL | 30014,
+ HKS_TAG_PARAM4_BOOL = HKS_TAG_TYPE_BOOL | 30015,
+ HKS_TAG_PARAM0_NULL = HKS_TAG_TYPE_BYTES | 30016,
+ HKS_TAG_PARAM1_NULL = HKS_TAG_TYPE_BYTES | 30017,
+ HKS_TAG_PARAM2_NULL = HKS_TAG_TYPE_BYTES | 30018,
+ HKS_TAG_PARAM3_NULL = HKS_TAG_TYPE_BYTES | 30019,
+ HKS_TAG_PARAM4_NULL = HKS_TAG_TYPE_BYTES | 30020,
+
+ HKS_TAG_ACCESS_TOKEN_ID = HKS_TAG_TYPE_UINT | 30021,
+};
+
+#define HKS_PARAM_BUFFER_NULL_INTERVAL ((HKS_TAG_PARAM0_NULL) - (HKS_TAG_PARAM0_BUFFER))
+
+struct HksProcessInfo {
+ struct HksBlob userId;
+ struct HksBlob processName;
+ int32_t userIdInt;
+ uint64_t accessTokenId;
+};
+
+struct HksParamOut {
+ uint32_t tag;
+ union {
+ bool *boolParam;
+ int32_t *int32Param;
+ uint32_t *uint32Param;
+ uint64_t *uint64Param;
+ struct HksBlob *blob;
+ };
+};
+
+struct HksKeyMaterialHeader {
+ enum HksKeyAlg keyAlg;
+ uint32_t keySize;
+};
+
+#endif /* HKS_TYPE_INNER_H */
diff --git a/huks/frameworks/huks_standard/main/os_dependency/BUILD.gn b/huks/frameworks/huks_standard/main/os_dependency/BUILD.gn
new file mode 100644
index 0000000..3cc5c64
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/os_dependency/BUILD.gn
@@ -0,0 +1,10 @@
+import("//build/ohos.gni")
+
+config("huks_config") {
+ include_dirs = ["//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/include"]
+ libs = ["huks_os_dependency_standard_static"]
+}
+
+group("libhuks_os_dependency_standard_static") {
+ public_configs = [":huks_config"]
+}
diff --git a/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_client_ipc.h b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_client_ipc.h
new file mode 100644
index 0000000..206dfd4
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_client_ipc.h
@@ -0,0 +1,90 @@
+/*
+ * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_CLIENT_IPC_H
+#define HKS_CLIENT_IPC_H
+
+#include "hks_type_inner.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int32_t HksClientInitialize(void);
+
+int32_t HksClientRefreshKeyInfo(void);
+
+int32_t HksClientGenerateKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSetIn,
+ struct HksParamSet *paramSetOut);
+
+int32_t HksClientImportKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
+ const struct HksBlob *key);
+
+int32_t HksClientExportPublicKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
+ struct HksBlob *key);
+
+int32_t HksClientImportWrappedKey(const struct HksBlob *keyAlias, const struct HksBlob *wrappingKeyAlias,
+ const struct HksParamSet *paramSet, const struct HksBlob *wrappedKeyData);
+
+int32_t HksClientDeleteKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet);
+
+int32_t HksClientGetKeyParamSet(const struct HksBlob *keyAlias, struct HksParamSet *paramSet);
+
+int32_t HksClientKeyExist(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet);
+
+int32_t HksClientGenerateRandom(struct HksBlob *random, const struct HksParamSet *paramSet);
+
+int32_t HksClientSign(const struct HksBlob *key, const struct HksParamSet *paramSet,
+ const struct HksBlob *srcData, struct HksBlob *signature);
+
+int32_t HksClientVerify(const struct HksBlob *key, const struct HksParamSet *paramSet,
+ const struct HksBlob *srcData, const struct HksBlob *signature);
+
+int32_t HksClientEncrypt(const struct HksBlob *key, const struct HksParamSet *paramSet,
+ const struct HksBlob *plainText, struct HksBlob *cipherText);
+
+int32_t HksClientDecrypt(const struct HksBlob *key, const struct HksParamSet *paramSet,
+ const struct HksBlob *cipherText, struct HksBlob *plainText);
+
+int32_t HksClientAgreeKey(const struct HksParamSet *paramSet, const struct HksBlob *privateKey,
+ const struct HksBlob *peerPublicKey, struct HksBlob *agreedKey);
+
+int32_t HksClientDeriveKey(const struct HksParamSet *paramSet, const struct HksBlob *mainKey,
+ struct HksBlob *derivedKey);
+
+int32_t HksClientMac(const struct HksBlob *key, const struct HksParamSet *paramSet, const struct HksBlob *srcData,
+ struct HksBlob *mac);
+
+int32_t HksClientGetKeyInfoList(struct HksKeyInfo *keyInfoList, uint32_t *listCount);
+
+int32_t HksClientAttestKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
+ struct HksCertChain *certChain);
+
+int32_t HksClientInit(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet, struct HksBlob *handle,
+ struct HksBlob *token);
+
+int32_t HksClientUpdate(const struct HksBlob *handle, const struct HksParamSet *paramSet, const struct HksBlob *inData,
+ struct HksBlob *outData);
+
+int32_t HksClientFinish(const struct HksBlob *handle, const struct HksParamSet *paramSet, const struct HksBlob *inData,
+ struct HksBlob *outData);
+
+int32_t HksClientAbort(const struct HksBlob *handle, const struct HksParamSet *paramSet);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HKS_CLIENT_IPC_H */
diff --git a/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_check.h b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_check.h
new file mode 100644
index 0000000..761247c
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_check.h
@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 2021 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_CRYPTO_CHECK_H
+#define HKS_CRYPTO_CHECK_H
+
+#include <stdbool.h>
+#include <stdint.h>
+
+#include "hks_type.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int32_t HksCheckIpcGenerateKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSetIn);
+
+int32_t HksCheckIpcImportKey(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
+ const struct HksBlob *key);
+
+int32_t HksCheckIpcImportWrappedKey(const struct HksBlob *keyAlias, const struct HksBlob *wrappingKeyAlias,
+ const struct HksParamSet *paramSet, const struct HksBlob *wrappedKeyData);
+
+int32_t HksCheckIpcExportPublicKey(const struct HksBlob *keyAlias, const struct HksBlob *key);
+
+int32_t HksCheckIpcGetKeyParamSet(const struct HksBlob *keyAlias, struct HksParamSet *paramSet);
+
+int32_t HksCheckIpcAgreeKey(const struct HksParamSet *paramSet, const struct HksBlob *privateKey,
+ const struct HksBlob *peerPublicKey, const struct HksBlob *agreedKey);
+
+int32_t HksCheckIpcDeriveKey(const struct HksParamSet *paramSet, const struct HksBlob *mainKey,
+ const struct HksBlob *derivedKey);
+
+int32_t HksCheckIpcGetKeyInfoList(const struct HksKeyInfo *keyInfoList, uint32_t listCount);
+
+int32_t HksCheckIpcCertificateChain(const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
+ const struct HksCertChain *certChain);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
\ No newline at end of file
diff --git a/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_serialization.h b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_serialization.h
new file mode 100644
index 0000000..59cf16e
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_serialization.h
@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_IPC_SERIALIZATION_H
+#define HKS_IPC_SERIALIZATION_H
+
+#include <stdbool.h>
+#include <stdint.h>
+
+#include "hks_type_inner.h"
+
+#define MAX_IPC_BUF_SIZE 0x10000 /* Maximun IPC message buffer size. */
+#define MAX_IPC_RSV_SIZE 0x400 /* Reserve IPC message buffer size */
+#define MAX_PROCESS_SIZE (MAX_IPC_BUF_SIZE - MAX_IPC_RSV_SIZE)
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int32_t CopyUint32ToBuffer(uint32_t value, const struct HksBlob *destBlob, uint32_t *destOffset);
+
+int32_t HksGenerateKeyPack(struct HksBlob *destData, const struct HksBlob *keyAlias,
+ const struct HksParamSet *paramSetIn, const struct HksBlob *keyOut);
+
+int32_t HksImportKeyPack(struct HksBlob *destData, const struct HksBlob *keyAlias, const struct HksParamSet *paramSet,
+ const struct HksBlob *key);
+
+int32_t HksImportWrappedKeyPack(struct HksBlob *destData, const struct HksBlob *keyAlias,
+ const struct HksBlob *wrappingKeyAlias, const struct HksParamSet *paramSet, const struct HksBlob *wrappedKeyData);
+
+int32_t HksExportPublicKeyPack(struct HksBlob *destData, const struct HksBlob *keyAlias, const struct HksBlob *key);
+
+int32_t HksGetKeyParamSetPack(struct HksBlob *destData, const struct HksBlob *keyAlias, const struct HksBlob *keyOut);
+
+int32_t HksOnceParamPack(struct HksBlob *destData, const struct HksBlob *key, const struct HksParamSet *paramSet,
+ uint32_t *offset);
+
+int32_t HksOnceDataPack(struct HksBlob *destData, const struct HksBlob *inputData, const struct HksBlob *rsvData,
+ const struct HksBlob *outputData, uint32_t *offset);
+
+int32_t HksAgreeKeyPack(struct HksBlob *destData, const struct HksParamSet *paramSet, const struct HksBlob *privateKey,
+ const struct HksBlob *peerPublicKey, const struct HksBlob *agreedKey);
+
+int32_t HksDeriveKeyPack(struct HksBlob *destData, const struct HksParamSet *paramSet, const struct HksBlob *kdfKey,
+ const struct HksBlob *derivedKey);
+
+int32_t HksGetKeyInfoListPack(struct HksBlob *destData, uint32_t listCount, const struct HksKeyInfo *keyInfoList);
+
+int32_t HksGetKeyInfoListUnpackFromService(const struct HksBlob *srcData, uint32_t *listCount,
+ struct HksKeyInfo *keyInfoList);
+
+int32_t HksCertificateChainPack(struct HksBlob *destData, const struct HksBlob *keyAlias,
+ const struct HksParamSet *paramSet, const struct HksBlob *certChainBlob);
+
+int32_t HksCertificateChainUnpackFromService(const struct HksBlob *srcData, bool needEncode,
+ struct HksCertChain *certChain);
+
+int32_t HksParamsToParamSet(struct HksParam *params, uint32_t cnt, struct HksParamSet **outParamSet);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HKS_IPC_SERIALIZATION_H */
\ No newline at end of file
diff --git a/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_slice.h b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_slice.h
new file mode 100644
index 0000000..a712cc1
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_ipc_slice.h
@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2021 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_IPC_SLICE_H
+#define HKS_IPC_SLICE_H
+
+#include <stdint.h>
+
+#include "hks_type.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int32_t HksSliceDataEntry(uint32_t cmdId, const struct HksBlob *key, const struct HksParamSet *paramSet,
+ struct HksBlob *inData, struct HksBlob *outData);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HKS_SLICE_H */
\ No newline at end of file
diff --git a/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_request.h b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_request.h
new file mode 100644
index 0000000..332fb99
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_request.h
@@ -0,0 +1,69 @@
+/*
+ * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_REQUEST_H
+#define HKS_REQUEST_H
+
+#include "hks_type_inner.h"
+
+enum HksMessage {
+#ifndef _HKS_L1_TEE_
+ HKS_MSG_BASE = 0x3a400, /* range of message value defined by router. globally unique */
+#else
+ HKS_MSG_BASE = 1000, /* range of message value defined by SmartLock. Max 65535 */
+#endif
+ HKS_MSG_GEN_KEY = HKS_MSG_BASE,
+ HKS_MSG_IMPORT_KEY,
+ HKS_MSG_EXPORT_PUBLIC_KEY,
+ HKS_MSG_IMPORT_WRAPPED_KEY,
+ HKS_MSG_DELETE_KEY,
+ HKS_MSG_GET_KEY_PARAMSET,
+ HKS_MSG_KEY_EXIST,
+ HKS_MSG_GENERATE_RANDOM,
+ HKS_MSG_SIGN,
+ HKS_MSG_VERIFY,
+ HKS_MSG_ENCRYPT,
+ HKS_MSG_DECRYPT,
+ HKS_MSG_AGREE_KEY,
+ HKS_MSG_DERIVE_KEY,
+ HKS_MSG_MAC,
+ HKS_MSG_GET_KEY_INFO_LIST,
+ HKS_MSG_ATTEST_KEY,
+ HKS_MSG_GET_CERTIFICATE_CHAIN,
+ HKS_MSG_INIT,
+ HKS_MSG_UPDATE,
+ HKS_MSG_FINISH,
+ HKS_MSG_ABORT,
+ HKS_MSG_MAX, /* new cmd type must be added before HKS_MSG_MAX */
+};
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * SendRequest - Send the request message to target module by function call or ipc or other ways.
+ * @type: the request message type.
+ * @inBlob: the input serialized data blob.
+ * @outBlob: the output serialized data blob, can be null.
+ */
+int32_t HksSendRequest(enum HksMessage type, const struct HksBlob *inBlob, struct HksBlob *outBlob,
+ const struct HksParamSet *paramSet);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HKS_REQUEST_H */
diff --git a/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_samgr_client.h b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_samgr_client.h
new file mode 100644
index 0000000..b20f73b
--- /dev/null
+++ b/huks/frameworks/huks_standard/main/os_dependency/ipc/include/hks_samgr_client.h
@@ -0,0 +1,32 @@
+/*
+ * Copyright (c) 2021 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef HKS_SAMGR_CLIENT_H
+#define HKS_SAMGR_CLIENT_H
+
+#include "hks_samgr_server.h"
+#include "iproxy_client.h"
+
+typedef struct {
+ INHERIT_CLIENT_IPROXY;
+ int32_t (*IpcAsyncCallBack)(IUnknown *iUnknown, enum HksMessageType type, const struct HksBlob *inBlob,
+ struct HksBlob *outBlob);
+} HksMgrClientApi;
+
+typedef struct {
+ INHERIT_IUNKNOWNENTRY(HksMgrClientApi);
+} HksMgrClientEntry;
+
+#endif
\ No newline at end of file
diff --git a/huks/interfaces/innerkits/huks_standard/main/BUILD.gn b/huks/interfaces/innerkits/huks_standard/main/BUILD.gn
new file mode 100644
index 0000000..a539688
--- /dev/null
+++ b/huks/interfaces/innerkits/huks_standard/main/BUILD.gn
@@ -0,0 +1,23 @@
+# Copyright (C) 2021-2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/ohos.gni")
+
+config("huks_config") {
+ include_dirs = [ "//base/security/huks/interfaces/innerkits/huks_standard/main/include" ]
+ libs = [ "hukssdk.z" ]
+}
+
+group("libhukssdk") {
+ public_configs = [ ":huks_config" ]
+}
diff --git a/huks/interfaces/innerkits/huks_standard/main/include b/huks/interfaces/innerkits/huks_standard/main/include
new file mode 120000
index 0000000..98a2378
--- /dev/null
+++ b/huks/interfaces/innerkits/huks_standard/main/include
@@ -0,0 +1 @@
+/usr/include/huks
\ No newline at end of file
--
2.27.0
Reference in New Issue View Git Blame Copy Permalink