未验证 提交 e9d843eb 编写于 作者: scrawman's avatar scrawman 提交者: Gitee

update zh-cn/device-dev/subsystems/subsys-security-huks-guide.md.

Signed-off-by: scrawman's avatarzqr2001 <1805768383@qq.com>
上级 c17484ae
...@@ -720,68 +720,68 @@ return ret; ...@@ -720,68 +720,68 @@ return ret;
3. 结束密钥操作并取回结果,销毁句柄。 3. 结束密钥操作并取回结果,销毁句柄。
```c ```c
//三段式Finish接口 //三段式Finish接口
int32_t HksCoreFinish(const struct HksBlob *handle, const struct HksParamSet *paramSet, const struct HksBlob *inData, int32_t HksCoreFinish(const struct HksBlob *handle, const struct HksParamSet *paramSet, const struct HksBlob *inData,
struct HksBlob *outData) struct HksBlob *outData)
{ {
HKS_LOG_D("HksCoreFinish in Core start"); HKS_LOG_D("HksCoreFinish in Core start");
uint32_t pur = 0; uint32_t pur = 0;
uint32_t alg = 0; uint32_t alg = 0;
//检查参数 //检查参数
if (handle == NULL || paramSet == NULL || inData == NULL) { if (handle == NULL || paramSet == NULL || inData == NULL) {
HKS_LOG_E("the pointer param entered is invalid"); HKS_LOG_E("the pointer param entered is invalid");
return HKS_FAILURE; return HKS_FAILURE;
} }
uint64_t sessionId; uint64_t sessionId;
struct HuksKeyNode *keyNode = NULL; struct HuksKeyNode *keyNode = NULL;
//根据handle获取本次三段式操作需要的上下文 //根据handle获取本次三段式操作需要的上下文
int32_t ret = GetParamsForUpdateAndFinish(handle, &sessionId, &keyNode, &pur, &alg); int32_t ret = GetParamsForUpdateAndFinish(handle, &sessionId, &keyNode, &pur, &alg);
if (ret != HKS_SUCCESS) { if (ret != HKS_SUCCESS) {
HKS_LOG_E("GetParamsForCoreUpdate failed"); HKS_LOG_E("GetParamsForCoreUpdate failed");
return ret; return ret;
} }
//校验密钥参数 //校验密钥参数
ret = HksCoreSecureAccessVerifyParams(keyNode, paramSet); ret = HksCoreSecureAccessVerifyParams(keyNode, paramSet);
if (ret != HKS_SUCCESS) { if (ret != HKS_SUCCESS) {
HksDeleteKeyNode(sessionId); HksDeleteKeyNode(sessionId);
HKS_LOG_E("HksCoreFinish secure access verify failed"); HKS_LOG_E("HksCoreFinish secure access verify failed");
return ret; return ret;
} }
//调用对应的算法库密钥处理函数 //调用对应的算法库密钥处理函数
uint32_t i; uint32_t i;
uint32_t size = HKS_ARRAY_SIZE(g_hksCoreFinishHandler); uint32_t size = HKS_ARRAY_SIZE(g_hksCoreFinishHandler);
for (i = 0; i < size; i++) { for (i = 0; i < size; i++) {
if (g_hksCoreFinishHandler[i].pur == pur) { if (g_hksCoreFinishHandler[i].pur == pur) {
uint32_t outDataBufferSize = (outData == NULL) ? 0 : outData->size; uint32_t outDataBufferSize = (outData == NULL) ? 0 : outData->size;
struct HksBlob appendInData = { 0, NULL }; struct HksBlob appendInData = { 0, NULL };
ret = HksCoreAppendAuthInfoBeforeFinish(keyNode, pur, paramSet, inData, &appendInData); ret = HksCoreAppendAuthInfoBeforeFinish(keyNode, pur, paramSet, inData, &appendInData);
if (ret != HKS_SUCCESS) { if (ret != HKS_SUCCESS) {
HKS_LOG_E("before finish: append auth info failed"); HKS_LOG_E("before finish: append auth info failed");
break; break;
} }
ret = g_hksCoreFinishHandler[i].handler(keyNode, paramSet, ret = g_hksCoreFinishHandler[i].handler(keyNode, paramSet,
appendInData.data == NULL ? inData : &appendInData, outData, alg); appendInData.data == NULL ? inData : &appendInData, outData, alg);
if (appendInData.data != NULL) { if (appendInData.data != NULL) {
HKS_FREE_BLOB(appendInData); HKS_FREE_BLOB(appendInData);
} }
if (ret != HKS_SUCCESS) { if (ret != HKS_SUCCESS) {
break; break;
}
//添加密钥操作结束标签
ret = HksCoreAppendAuthInfoAfterFinish(keyNode, pur, paramSet, outDataBufferSize, outData);
break;
} }
//添加密钥操作结束标签 }
ret = HksCoreAppendAuthInfoAfterFinish(keyNode, pur, paramSet, outDataBufferSize, outData); if (i == size) {
break; HKS_LOG_E("don't found purpose, pur : %d", pur);
} ret = HKS_FAILURE;
} }
if (i == size) { //删除对应的session
HKS_LOG_E("don't found purpose, pur : %d", pur); HksDeleteKeyNode(sessionId);
ret = HKS_FAILURE; HKS_LOG_D("HksCoreFinish in Core end");
} return ret;
//删除对应的session }
HksDeleteKeyNode(sessionId);
HKS_LOG_D("HksCoreFinish in Core end");
return ret;
}
``` ```
### 调测验证 ### 调测验证
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册