diff --git a/security/huks/include/native_huks_type.h b/security/huks/include/native_huks_type.h index 6dcaa7a8c43cad1cfbb88ee8bbc2110af1d1fd37..9766b6f13026c6f2164e79373f5fe6221db7c6b0 100644 --- a/security/huks/include/native_huks_type.h +++ b/security/huks/include/native_huks_type.h @@ -175,7 +175,7 @@ enum OH_Huks_KeySize { OH_HUKS_RSA_KEY_SIZE_3072 = 3072, /** RSA key of 4096 bits. */ OH_HUKS_RSA_KEY_SIZE_4096 = 4096, - + /** Elliptic Curve Cryptography (ECC) key of 224 bits. */ OH_HUKS_ECC_KEY_SIZE_224 = 224, /** ECC key of 256 bits. */ @@ -450,6 +450,29 @@ enum OH_Huks_AuthAccessType { OH_HUKS_AUTH_ACCESS_INVALID_NEW_BIO_ENROLL = 1 << 1 }; +/** + * @brief Enumerates key file storage authentication levels. + * + * @since 11 + */ +enum OH_Huks_AuthStorageLevel { + /** + * Key file storage security level for device encryption standard. + * @since 11 + */ + OH_HUKS_AUTH_STORAGE_LEVEL_DE = 0, + /** + * Key file storage security level for credential encryption standard. + * @since 11 + */ + OH_HUKS_AUTH_STORAGE_LEVEL_CE = 1, + /** + * Key file storage security level for enhanced credential encryption standard. + * @since 11 + */ + OH_HUKS_AUTH_STORAGE_LEVEL_ECE = 2, +}; + /** * @brief Enumerates the types of the challenges generated when a key is used. * @see OH_Huks_ChallengePosition @@ -590,6 +613,13 @@ enum OH_Huks_Tag { /** Purpose of key authentication */ OH_HUKS_TAG_KEY_AUTH_PURPOSE = OH_HUKS_TAG_TYPE_UINT | 311, + /** + * Security level of access control for key file storage, whose optional values are from OH_Huks_AuthStorageLevel. + * + * @since 11 + */ + OH_HUKS_TAG_AUTH_STORAGE_LEVEL = OH_HUKS_TAG_TYPE_UINT | 316, + /** Tags for key attestation. The value range is 501 to 600. */ /** Challenge value used in the attestation. */ OH_HUKS_TAG_ATTESTATION_CHALLENGE = OH_HUKS_TAG_TYPE_BYTES | 501, @@ -679,7 +709,7 @@ struct OH_Huks_Blob { struct OH_Huks_Param { /** Tag value. */ uint32_t tag; - + union { /** Parameter of the Boolean type. */ bool boolParam;