From da55378ac2658468afd8dabbbadbc05f6a2515ba Mon Sep 17 00:00:00 2001 From: Jakub Wlostowski Date: Fri, 17 Jan 2025 15:22:32 +0100 Subject: [PATCH] Add Security Certs HAL API Change-Id: I078fd2ab4b74a92eac72fe689ea6443edb21df30 --- CMakeLists.txt | 46 +++++ LICENSE.Apache-2.0 | 204 +++++++++++++++++++++++ hal-api-security.pc.in | 13 ++ include/hal-security-certs-interface-1.h | 77 +++++++++ include/hal-security-certs-interface.h | 22 +++ include/hal-security-certs-types.h | 81 +++++++++ include/hal-security-certs.h | 59 +++++++ packaging/hal-api-security-manifest.xml | 8 + packaging/hal-api-security.manifest | 5 + packaging/hal-api-security.spec | 71 ++++++++ src/hal-api-security-certs.c | 131 +++++++++++++++ 11 files changed, 717 insertions(+) create mode 100644 CMakeLists.txt create mode 100644 LICENSE.Apache-2.0 create mode 100644 hal-api-security.pc.in create mode 100644 include/hal-security-certs-interface-1.h create mode 100644 include/hal-security-certs-interface.h create mode 100644 include/hal-security-certs-types.h create mode 100644 include/hal-security-certs.h create mode 100644 packaging/hal-api-security-manifest.xml create mode 100644 packaging/hal-api-security.manifest create mode 100644 packaging/hal-api-security.spec create mode 100644 src/hal-api-security-certs.c diff --git a/CMakeLists.txt b/CMakeLists.txt new file mode 100644 index 0000000..2a74b70 --- /dev/null +++ b/CMakeLists.txt @@ -0,0 +1,46 @@ +CMAKE_MINIMUM_REQUIRED(VERSION 3.0) +PROJECT(hal-api-security C) + +SET(INCLUDEDIR "${CMAKE_INSTALL_PREFIX}/include") +SET(LIBDIR ${CMAKE_LIBDIR_PREFIX}) +SET(VERSION_MAJOR 1) +SET(VERSION "${VERSION_MAJOR}.0.0") + +INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}) +INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/src) +INCLUDE_DIRECTORIES(${CMAKE_CURRENT_SOURCE_DIR}/include) + +INCLUDE(FindPkgConfig) +PKG_CHECK_MODULES(SECURITY_DEPS REQUIRED hal-api-common) + +SET(EXTRA_CFLAGS "-Wall -Wextra -Werror -fvisibility=hidden -fPIC") +SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${SECURITY_DEPS_CFLAGS} ${EXTRA_CFLAGS}") + +SET( + SRCS + src/hal-api-security-certs.c +) + +LINK_DIRECTORIES(${SECURITY_DEPS_LIBRARY_DIRS}) +ADD_LIBRARY(${PROJECT_NAME} SHARED ${SRCS}) +TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${SECURITY_DEPS_LIBRARIES}) +SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES SOVERSION ${VERSION_MAJOR}) +SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES VERSION ${VERSION}) + +CONFIGURE_FILE(${PROJECT_NAME}.pc.in ${PROJECT_NAME}.pc @ONLY) + +INSTALL( + TARGETS ${PROJECT_NAME} + DESTINATION ${LIBDIR}/hal +) + +INSTALL( + DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/include/ + DESTINATION ${INCLUDEDIR}/hal + FILES_MATCHING PATTERN "hal-security*.h" +) + +INSTALL( + FILES ${CMAKE_CURRENT_SOURCE_DIR}/${PROJECT_NAME}.pc + DESTINATION ${LIBDIR}/pkgconfig +) diff --git a/LICENSE.Apache-2.0 b/LICENSE.Apache-2.0 new file mode 100644 index 0000000..a06208b --- /dev/null +++ b/LICENSE.Apache-2.0 @@ -0,0 +1,204 @@ +Copyright (c) 2000 - 2011 Samsung Electronics Co., Ltd. All rights reserved. + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + diff --git a/hal-api-security.pc.in b/hal-api-security.pc.in new file mode 100644 index 0000000..21a92d1 --- /dev/null +++ b/hal-api-security.pc.in @@ -0,0 +1,13 @@ +# Package Information for pkg-config + +package_name=hal-api-security +libdir=@LIBDIR@/hal +includedir=@INCLUDEDIR@/hal + +Name: ${package_name} +Description: ${package_name} interface +Version: @VERSION@ + +Requires: +Libs: -L${libdir} -l${package_name} +Cflags: -I${includedir} diff --git a/include/hal-security-certs-interface-1.h b/include/hal-security-certs-interface-1.h new file mode 100644 index 0000000..bbbaabd --- /dev/null +++ b/include/hal-security-certs-interface-1.h @@ -0,0 +1,77 @@ +/* + * Copyright (c) 2025 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __HAL_SECURITY_CERTS_INTERFACE_1_H__ +#define __HAL_SECURITY_CERTS_INTERFACE_1_H__ + +#include + +#include "hal-security-certs-types.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * @addtogroup HALAPI_HAL_SECURITY_CERTS_MODULE + * @{ + */ + +/** + * @brief Structure for security certs functions. + * @since HAL_MODULE_SECURITY_CERTS 1.0 + */ + +typedef struct _hal_backend_security_certs_funcs { + /** Create new key context */ + int (*create_key_context)(hal_security_certs_context_s* context, + hal_security_certs_data_s key_type); + /** Free key context */ + int (*free_key_context)(hal_security_certs_context_s* context); + + /** Request certificate chain */ + int (*request_certificate_chain)(hal_security_certs_context_s* context, + hal_security_certs_data_s* cert_chain); + /** Sign data */ + int (*sign_crypto_data)(hal_security_certs_context_s* context, + hal_security_certs_digest_type_e digest_type, + hal_security_certs_data_s message, + hal_security_certs_data_s* signature); + + /** Get key type */ + int (*get_key_type)(hal_security_certs_context_s* context, + hal_security_certs_crypto_key_type_e* key_type); + /** Get key length in bits */ + int (*get_key_bit_length)(hal_security_certs_context_s* context, + unsigned int* key_length); + + /** Call extended API */ + int (*ext_call_api)(hal_security_certs_data_s method_name, + hal_security_certs_data_s input_data, + hal_security_certs_data_s* output_data); + /** Get extended API privilege */ + int (*ext_get_api_privilege)(hal_security_certs_data_s method_name, + hal_security_certs_data_s* privilege); +} hal_backend_security_certs_funcs; + +/** + * @} + */ + +#ifdef __cplusplus +} +#endif +#endif /* __HAL_SECURITY_CERTS_INTERFACE_1_H__ */ diff --git a/include/hal-security-certs-interface.h b/include/hal-security-certs-interface.h new file mode 100644 index 0000000..aa44761 --- /dev/null +++ b/include/hal-security-certs-interface.h @@ -0,0 +1,22 @@ +/* + * Copyright (c) 2025 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __HAL_SECURITY_CERTS_INTERFACE_H__ +#define __HAL_SECURITY_CERTS_INTERFACE_H__ + +#include "hal-security-certs-interface-1.h" + +#endif /* __HAL_SECURITY_CERTS_INTERFACE_H__ */ diff --git a/include/hal-security-certs-types.h b/include/hal-security-certs-types.h new file mode 100644 index 0000000..ae86077 --- /dev/null +++ b/include/hal-security-certs-types.h @@ -0,0 +1,81 @@ +/* + * Copyright (c) 2025 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __HAL_SECURITY_CERTS_TYPES_H__ +#define __HAL_SECURITY_CERTS_TYPES_H__ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * @addtogroup HALAPI_HAL_SECURITY_CERTS_MODULE + * @{ + */ + +/** + * @brief Structure for security certs context. + * @since HAL_MODULE_SECURITY_CERTS 1.0 + */ +typedef struct { + void* ctx; /**< Backend context */ +} hal_security_certs_context_s; + +/** + * @brief Structure for binary data exchange. + * @since HAL_MODULE_SECURITY_CERTS 1.0 + */ +typedef struct { + char* buffer; /**< Binary data buffer */ + size_t length; /**< Binary data length */ +} hal_security_certs_data_s; + +/** + * @brief Enumeration for message digest algorithm type. + * @since HAL_MODULE_SECURITY_CERTS 1.0 + */ +typedef enum { + HAL_SECURITY_CERTS_DIGEST_TYPE_NONE = 0, /**< None */ + HAL_SECURITY_CERTS_DIGEST_TYPE_MD2 = 1, /**< MD2 */ + HAL_SECURITY_CERTS_DIGEST_TYPE_MD4 = 2, /**< MD4 */ + HAL_SECURITY_CERTS_DIGEST_TYPE_MD5 = 3, /**< MD5 */ + HAL_SECURITY_CERTS_DIGEST_TYPE_SHA1 = 4, /**< SHA1 */ + HAL_SECURITY_CERTS_DIGEST_TYPE_SHA224 = 5, /**< SHA224 */ + HAL_SECURITY_CERTS_DIGEST_TYPE_SHA256 = 6, /**< SHA256 */ + HAL_SECURITY_CERTS_DIGEST_TYPE_SHA384 = 7, /**< SHA384 */ + HAL_SECURITY_CERTS_DIGEST_TYPE_SHA512 = 8, /**< SHA512 */ + HAL_SECURITY_CERTS_DIGEST_TYPE_RIPEMD160 = 9, /**< RIPEMD160 */ +} hal_security_certs_digest_type_e; + +/** + * @brief Enumeration for cryptographic key type. + * @since HAL_MODULE_SECURITY_CERTS 1.0 + */ +typedef enum { + HAL_SECURITY_CERTS_KEY_TYPE_INVALID = 0, /**< Invalid type */ + HAL_SECURITY_CERTS_KEY_TYPE_ECDSA = 1, /**< ECDSA key */ + HAL_SECURITY_CERTS_KEY_TYPE_RSA = 2, /**< RSA key */ +} hal_security_certs_crypto_key_type_e; + +/** + * @} + */ + +#ifdef __cplusplus +} +#endif +#endif /* __HAL_SECURITY_CERTS_TYPES_H__ */ + diff --git a/include/hal-security-certs.h b/include/hal-security-certs.h new file mode 100644 index 0000000..ac79917 --- /dev/null +++ b/include/hal-security-certs.h @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2025 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __HAL_SECURITY_CERTS_H__ +#define __HAL_SECURITY_CERTS_H__ + +#include "hal-security-certs-types.h" + +#ifdef __cplusplus +extern "C" { +#endif + +int hal_security_certs_get_backend(void); +int hal_security_certs_put_backend(void); + +int hal_security_certs_create_key_context(hal_security_certs_context_s* context, + hal_security_certs_data_s key_type); + +int hal_security_certs_free_key_context(hal_security_certs_context_s* context); + +int hal_security_certs_request_certificate_chain(hal_security_certs_context_s* context, + hal_security_certs_data_s* cert_chain); + +int hal_security_certs_sign_crypto_data(hal_security_certs_context_s* context, + hal_security_certs_digest_type_e digest_type, + hal_security_certs_data_s message, + hal_security_certs_data_s* signature); + +int hal_security_certs_get_key_type(hal_security_certs_context_s* context, + hal_security_certs_crypto_key_type_e* key_type); + +int hal_security_certs_get_key_bit_length(hal_security_certs_context_s* context, + unsigned int* key_length); + +int hal_security_certs_ext_call_api(hal_security_certs_data_s method_name, + hal_security_certs_data_s input_data, + hal_security_certs_data_s* output_data); + +int hal_security_certs_ext_get_api_privilege(hal_security_certs_data_s method_name, + hal_security_certs_data_s* privilege); + +#ifdef __cplusplus +} +#endif + +#endif /* __HAL_SECURITY_CERTS_H__ */ diff --git a/packaging/hal-api-security-manifest.xml b/packaging/hal-api-security-manifest.xml new file mode 100644 index 0000000..320597d --- /dev/null +++ b/packaging/hal-api-security-manifest.xml @@ -0,0 +1,8 @@ + + + + HAL_MODULE_SECURITY_CERTS + 1.0 + + + diff --git a/packaging/hal-api-security.manifest b/packaging/hal-api-security.manifest new file mode 100644 index 0000000..96a1325 --- /dev/null +++ b/packaging/hal-api-security.manifest @@ -0,0 +1,5 @@ + + + + + \ No newline at end of file diff --git a/packaging/hal-api-security.spec b/packaging/hal-api-security.spec new file mode 100644 index 0000000..92dcb09 --- /dev/null +++ b/packaging/hal-api-security.spec @@ -0,0 +1,71 @@ +### main package ######### +Name: hal-api-security +Summary: hal-api-security interface +Version: 1.0.0 +Release: 0 +Group: Development/Libraries +License: Apache-2.0 +Source0: %{name}-%{version}.tar.gz +Source1: %{name}.manifest +Source2: %{name}-manifest.xml + +Requires(post): /sbin/ldconfig +Requires(postun): /sbin/ldconfig +BuildRequires: cmake +BuildRequires: pkgconfig(hal-api-common) + +%description +%{name} interface + +### devel package ######### +%package -n %{name}-devel +Summary: %{name} interface +Group: Development/Libraries +Requires: %{name} = %{version}-%{release} + +%description -n %{name}-devel +%{name} Interface for product vendor developer + +### build and install ######### +%prep +%setup -q + +cmake . -DCMAKE_INSTALL_PREFIX=%{_prefix} \ + -DCMAKE_LIBDIR_PREFIX=%{_libdir}/ + +%build +cp %{SOURCE1} . +make %{?jobs:-j%jobs} + +%install +rm -rf %{buildroot} +mkdir -p %{buildroot}%{_sysconfdir}/hal +cp %{SOURCE2} %{buildroot}%{_sysconfdir}/hal/ +%make_install + +%clean +rm -rf %{buildroot} + +%post +/sbin/ldconfig +/usr/bin/hal-compatibility-checker --reset + +%postun +/sbin/ldconfig +/usr/bin/hal-compatibility-checker --reset + +### contain files to package ######### +%files -n %{name} +%manifest %{name}.manifest +%license LICENSE.Apache-2.0 +%defattr(-,root,root,-) +%{_libdir}/hal/lib%{name}.so* +%{_sysconfdir}/hal/%{name}-manifest.xml + +%files -n %{name}-devel +%defattr(-,root,root,-) +%manifest %{name}.manifest +%license LICENSE.Apache-2.0 +%{_includedir}/hal/hal-security-certs*.h +%{_libdir}/pkgconfig/hal-api-security.pc +%{_libdir}/hal/lib%{name}.so diff --git a/src/hal-api-security-certs.c b/src/hal-api-security-certs.c new file mode 100644 index 0000000..98a2a09 --- /dev/null +++ b/src/hal-api-security-certs.c @@ -0,0 +1,131 @@ +/* + * Copyright (c) 2025 Samsung Electronics Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include + +#include + +#include "hal-security-certs-interface.h" +#include "hal-security-certs.h" + +#ifndef EXPORT +#define EXPORT __attribute__ ((visibility("default"))) +#endif + +static hal_backend_security_certs_funcs *g_security_certs_funcs = NULL; + +EXPORT int hal_security_certs_get_backend(void) +{ + int ret; + + if (g_security_certs_funcs) + return 0; + + g_security_certs_funcs = calloc(1, sizeof(hal_backend_security_certs_funcs)); + if (!g_security_certs_funcs) + return -ENOMEM; + + ret = hal_common_get_backend(HAL_MODULE_SECURITY_CERTS, (void **)&g_security_certs_funcs); + if (ret < 0) { + free(g_security_certs_funcs); + g_security_certs_funcs = NULL; + return -ENOTSUP; + } + + return 0; +} + +EXPORT int hal_security_certs_put_backend(void) +{ + if (!g_security_certs_funcs) + return -EINVAL; + + hal_common_put_backend(HAL_MODULE_SECURITY_CERTS, (void *)g_security_certs_funcs); + + free(g_security_certs_funcs); + g_security_certs_funcs = NULL; + + return 0; +} + +EXPORT int hal_security_certs_create_key_context(hal_security_certs_context_s* context, + hal_security_certs_data_s key_type) +{ + if (!g_security_certs_funcs) + return -ENOTSUP; + return g_security_certs_funcs->create_key_context(context, key_type); +} + +EXPORT int hal_security_certs_free_key_context(hal_security_certs_context_s* context) +{ + if (!g_security_certs_funcs) + return -ENOTSUP; + return g_security_certs_funcs->free_key_context(context); +} + +EXPORT int hal_security_certs_request_certificate_chain(hal_security_certs_context_s* context, + hal_security_certs_data_s* cert_chain) +{ + if (!g_security_certs_funcs) + return -ENOTSUP; + return g_security_certs_funcs->request_certificate_chain(context, cert_chain); +} + +EXPORT int hal_security_certs_sign_crypto_data(hal_security_certs_context_s* context, + hal_security_certs_digest_type_e digest_type, + hal_security_certs_data_s message, + hal_security_certs_data_s* signature) +{ + if (!g_security_certs_funcs) + return -ENOTSUP; + return g_security_certs_funcs->sign_crypto_data(context, digest_type, message, signature); +} + +EXPORT int hal_security_certs_get_key_type(hal_security_certs_context_s* context, + hal_security_certs_crypto_key_type_e* key_type) +{ + if (!g_security_certs_funcs) + return -ENOTSUP; + return g_security_certs_funcs->get_key_type(context, key_type); +} + +EXPORT int hal_security_certs_get_key_bit_length(hal_security_certs_context_s* context, + unsigned int* key_length) +{ + if (!g_security_certs_funcs) + return -ENOTSUP; + return g_security_certs_funcs->get_key_bit_length(context, key_length); +} + +EXPORT int hal_security_certs_ext_call_api(hal_security_certs_data_s method_name, + hal_security_certs_data_s input_data, + hal_security_certs_data_s* output_data) +{ + if (!g_security_certs_funcs) + return -ENOTSUP; + return g_security_certs_funcs->ext_call_api(method_name, input_data, output_data); +} + +EXPORT int hal_security_certs_ext_get_api_privilege(hal_security_certs_data_s method_name, + hal_security_certs_data_s* privilege) +{ + if (!g_security_certs_funcs) + return -ENOTSUP; + return g_security_certs_funcs->ext_get_api_privilege(method_name, privilege); +} -- 2.34.1