diff --git a/sealing_key/sdk/inc/sealing_key.h b/sealing_key/sdk/inc/sealing_key.h index 0035add88fd1be595e9b84b85d0cea3ff31cfc29..cc4cf89657681ae8f086f2322117fcc356fbd929 100644 --- a/sealing_key/sdk/inc/sealing_key.h +++ b/sealing_key/sdk/inc/sealing_key.h @@ -16,7 +16,7 @@ #include #define SEALING_KEY_LEN 32 -#define SEALING_SALT_LEN 64 +#define SEALING_USER_PARAM_LEN 64 typedef enum { SEALING_HMAC_SHA256 @@ -25,16 +25,18 @@ typedef enum { /** * @brief Get a sealing key from TMM with specified derivation parameters by PBKDF2 HUK derived * - * @param alg [IN] The HMAC algorithm used in derive sealing key - * @param salt [IN] A user param used in huk derivation, length should be 64 byte. - * This param is optional, set it to NULL to derived without user param. - * @param salt_len [IN] Length of the user param in byte, should be 64. or set to 0 when not specifying user param. - * @param sealing_key [OUT] Addr of the derived sealing key - * @param key_len [IN] Length of the sealing_key buff, should not less than 32 + * @param alg [IN] The HMAC algorithm used in derive sealing key + * @param user_param [IN] A user param used in huk derivation, length should be 64 byte. + * This param is optional, set it to NULL to derived without user param. + * @param user_param_len [IN] Length of the user param in byte, should be 64, or set to 0 + * when not specifying user param. + * @param sealing_key [OUT] Addr of the derived sealing key + * @param key_len [IN] Length of the sealing_key buff, should not less than 32 * * @return 0: successfully get the derived key * -1: failed */ -int get_sealing_key(SEALING_KEY_ALG alg, uint8_t* salt, uint32_t salt_len, uint8_t* sealing_key, uint32_t key_len); +int get_sealing_key(SEALING_KEY_ALG alg, uint8_t* user_param, uint32_t user_param_len, uint8_t* sealing_key, + uint32_t key_len); #endif \ No newline at end of file diff --git a/sealing_key/sdk/src/sealing_key.c b/sealing_key/sdk/src/sealing_key.c index fbd1e2c4a0a23dbd33c697c4749d0314a4d07ea5..37486f7a00a74c7f2dcf15f1ced49dde62d51fcd 100644 --- a/sealing_key/sdk/src/sealing_key.c +++ b/sealing_key/sdk/src/sealing_key.c @@ -22,22 +22,23 @@ struct sealing_key_params { uint32_t alg; - uint8_t salt[SEALING_SALT_LEN]; - uint32_t salt_len; + uint8_t user_param[SEALING_USER_PARAM_LEN]; + uint32_t user_param_len; uint8_t sealing_key[SEALING_KEY_LEN]; }; #define SEAL_KEY_IOC_MAGIC 'd' #define IOCTL_SEALING_KEY _IOWR(SEAL_KEY_IOC_MAGIC, 0, struct sealing_key_params) -int get_sealing_key(SEALING_KEY_ALG alg, uint8_t* salt, uint32_t salt_len, uint8_t* sealing_key, uint32_t key_len) +int get_sealing_key(SEALING_KEY_ALG alg, uint8_t* user_param, uint32_t user_param_len, uint8_t* sealing_key, + uint32_t key_len) { int rc = 0; int fd = -1; struct sealing_key_params args = { 0 }; - if (salt && salt_len != SEALING_SALT_LEN) { - printf("invalid salt len %d, should be equal %d\n", salt_len, SEALING_SALT_LEN); + if (user_param && user_param_len != SEALING_USER_PARAM_LEN) { + printf("invalid salt len %d, should be equal %d\n", user_param_len, SEALING_USER_PARAM_LEN); return -1; } @@ -55,9 +56,9 @@ int get_sealing_key(SEALING_KEY_ALG alg, uint8_t* salt, uint32_t salt_len, uint8 } args.alg = alg; - if (salt) { - (void)memcpy(args.salt, salt, salt_len); - args.salt_len = salt_len; + if (user_param) { + (void)memcpy(args.user_param, user_param, user_param_len); + args.user_param_len = user_param_len; } fd = open(SEALING_KEY_DEV_NAME, O_RDWR);