Merge "Update OpenSSL error codes for BoringSSL."
diff --git a/google_keymaster_test.cpp b/google_keymaster_test.cpp
index 9306143..04b50e8 100644
--- a/google_keymaster_test.cpp
+++ b/google_keymaster_test.cpp
@@ -179,7 +179,9 @@
FreeKeyBlob();
}
- keymaster_device* device() { return reinterpret_cast<keymaster_device*>(device_.hw_device()); }
+ keymaster1_device_t* device() {
+ return reinterpret_cast<keymaster1_device_t*>(device_.hw_device());
+ }
keymaster_error_t GenerateKey(const ParamBuilder& builder) {
AuthorizationSet params(builder.build());
@@ -528,45 +530,6 @@
free(formats);
}
-TEST_F(KeymasterTest, TestFlags) {
- EXPECT_TRUE(device()->flags & KEYMASTER_SOFTWARE_ONLY);
- EXPECT_TRUE(device()->flags & KEYMASTER_BLOBS_ARE_STANDALONE);
- EXPECT_FALSE(device()->flags & KEYMASTER_SUPPORTS_DSA);
- EXPECT_TRUE(device()->flags & KEYMASTER_SUPPORTS_EC);
-}
-
-typedef KeymasterTest OldKeyGeneration;
-
-TEST_F(OldKeyGeneration, Rsa) {
- keymaster_rsa_keygen_params_t params = {.modulus_size = 256, .public_exponent = 3};
- uint8_t* key_blob;
- size_t key_blob_length;
- EXPECT_EQ(0,
- device()->generate_keypair(device(), TYPE_RSA, ¶ms, &key_blob, &key_blob_length));
- EXPECT_GT(key_blob_length, 0);
-
- free(key_blob);
-}
-
-TEST_F(OldKeyGeneration, Ecdsa256) {
- keymaster_ec_keygen_params_t params = {.field_size = 256};
- uint8_t* key_blob;
- size_t key_blob_length;
- EXPECT_EQ(0,
- device()->generate_keypair(device(), TYPE_EC, ¶ms, &key_blob, &key_blob_length));
- EXPECT_GT(key_blob_length, 0);
-
- free(key_blob);
-}
-
-TEST_F(OldKeyGeneration, Ecdsa192Fails) {
- keymaster_ec_keygen_params_t params = {.field_size = 192};
- uint8_t* key_blob;
- size_t key_blob_length;
- EXPECT_EQ(KM_ERROR_UNSUPPORTED_KEY_SIZE,
- device()->generate_keypair(device(), TYPE_EC, ¶ms, &key_blob, &key_blob_length));
-}
-
class NewKeyGeneration : public KeymasterTest {
protected:
void CheckBaseParams() {
diff --git a/include/keymaster/soft_keymaster_device.h b/include/keymaster/soft_keymaster_device.h
index 645ce0b..c749e5d 100644
--- a/include/keymaster/soft_keymaster_device.h
+++ b/include/keymaster/soft_keymaster_device.h
@@ -19,7 +19,7 @@
#include <stdlib.h>
-#include <hardware/keymaster.h>
+#include <hardware/keymaster1.h>
#include <keymaster/google_keymaster.h>
#include <keymaster/logger.h>
@@ -59,98 +59,98 @@
/*
* These static methods are the functions referenced through the function pointers in
- * keymaster_device. They're all trivial wrappers.
+ * keymaster_device.
*/
// Version 0.3 and below APIs
- static int generate_keypair(const keymaster_device_t* dev, const keymaster_keypair_t key_type,
+ static int generate_keypair(const keymaster1_device_t* dev, const keymaster_keypair_t key_type,
const void* key_params, uint8_t** keyBlob, size_t* keyBlobLength);
- static int import_keypair(const struct keymaster_device* dev, const uint8_t* key,
+ static int import_keypair(const struct keymaster1_device* dev, const uint8_t* key,
const size_t key_length, uint8_t** key_blob, size_t* key_blob_length);
- static int get_keypair_public(const struct keymaster_device* dev, const uint8_t* key_blob,
+ static int get_keypair_public(const keymaster1_device_t* dev, const uint8_t* key_blob,
const size_t key_blob_length, uint8_t** x509_data,
size_t* x509_data_length);
- static int sign_data(const struct keymaster_device* dev, const void* signing_params,
+ static int sign_data(const keymaster1_device_t* dev, const void* signing_params,
const uint8_t* key_blob, const size_t key_blob_length, const uint8_t* data,
const size_t data_length, uint8_t** signed_data,
size_t* signed_data_length);
- static int verify_data(const struct keymaster_device* dev, const void* signing_params,
+ static int verify_data(const keymaster1_device_t* dev, const void* signing_params,
const uint8_t* key_blob, const size_t key_blob_length,
const uint8_t* signed_data, const size_t signed_data_length,
const uint8_t* signature, const size_t signature_length);
// Version 0.4 APIs.
- static keymaster_error_t get_supported_algorithms(const struct keymaster_device* dev,
+ static keymaster_error_t get_supported_algorithms(const keymaster1_device_t* dev,
keymaster_algorithm_t** algorithms,
size_t* algorithms_length);
- static keymaster_error_t get_supported_block_modes(const struct keymaster_device* dev,
+ static keymaster_error_t get_supported_block_modes(const keymaster1_device_t* dev,
keymaster_algorithm_t algorithm,
keymaster_purpose_t purpose,
keymaster_block_mode_t** modes,
size_t* modes_length);
- static keymaster_error_t get_supported_padding_modes(const struct keymaster_device* dev,
+ static keymaster_error_t get_supported_padding_modes(const keymaster1_device_t* dev,
keymaster_algorithm_t algorithm,
keymaster_purpose_t purpose,
keymaster_padding_t** modes,
size_t* modes_length);
- static keymaster_error_t get_supported_digests(const struct keymaster_device* dev,
+ static keymaster_error_t get_supported_digests(const keymaster1_device_t* dev,
keymaster_algorithm_t algorithm,
keymaster_purpose_t purpose,
keymaster_digest_t** digests,
size_t* digests_length);
- static keymaster_error_t get_supported_import_formats(const struct keymaster_device* dev,
+ static keymaster_error_t get_supported_import_formats(const keymaster1_device_t* dev,
keymaster_algorithm_t algorithm,
keymaster_key_format_t** formats,
size_t* formats_length);
- static keymaster_error_t get_supported_export_formats(const struct keymaster_device* dev,
+ static keymaster_error_t get_supported_export_formats(const keymaster1_device_t* dev,
keymaster_algorithm_t algorithm,
keymaster_key_format_t** formats,
size_t* formats_length);
- static keymaster_error_t add_rng_entropy(const struct keymaster_device* dev,
- const uint8_t* data, size_t data_length);
- static keymaster_error_t generate_key(const struct keymaster_device* dev,
+ static keymaster_error_t add_rng_entropy(const keymaster1_device_t* dev, const uint8_t* data,
+ size_t data_length);
+ static keymaster_error_t generate_key(const keymaster1_device_t* dev,
const keymaster_key_param_t* params, size_t params_count,
keymaster_key_blob_t* key_blob,
keymaster_key_characteristics_t** characteristics);
- static keymaster_error_t get_key_characteristics(const struct keymaster_device* dev,
+ static keymaster_error_t get_key_characteristics(const keymaster1_device_t* dev,
const keymaster_key_blob_t* key_blob,
const keymaster_blob_t* client_id,
const keymaster_blob_t* app_data,
keymaster_key_characteristics_t** character);
- static keymaster_error_t rescope(const struct keymaster_device* dev,
+ static keymaster_error_t rescope(const keymaster1_device_t* dev,
const keymaster_key_param_t* new_params,
size_t new_params_count, const keymaster_key_blob_t* key_blob,
const keymaster_blob_t* client_id,
const keymaster_blob_t* app_data,
keymaster_key_blob_t* rescoped_key_blob,
keymaster_key_characteristics_t** characteristics);
- static keymaster_error_t import_key(const struct keymaster_device* dev,
+ static keymaster_error_t import_key(const keymaster1_device_t* dev,
const keymaster_key_param_t* params, size_t params_count,
keymaster_key_format_t key_format, const uint8_t* key_data,
size_t key_data_length, keymaster_key_blob_t* key_blob,
keymaster_key_characteristics_t** characteristics);
static keymaster_error_t
- export_key(const struct keymaster_device* dev, keymaster_key_format_t export_format,
+ export_key(const keymaster1_device_t* dev, keymaster_key_format_t export_format,
const keymaster_key_blob_t* key_to_export, const keymaster_blob_t* client_id,
const keymaster_blob_t* app_data, uint8_t** export_data, size_t* export_data_length);
- static keymaster_error_t begin(const struct keymaster_device* dev, keymaster_purpose_t purpose,
+ static keymaster_error_t begin(const keymaster1_device_t* dev, keymaster_purpose_t purpose,
const keymaster_key_blob_t* key,
const keymaster_key_param_t* params, size_t params_count,
keymaster_key_param_t** out_params, size_t* out_params_count,
keymaster_operation_handle_t* operation_handle);
static keymaster_error_t
- update(const struct keymaster_device* dev, keymaster_operation_handle_t operation_handle,
+ update(const keymaster1_device_t* dev, keymaster_operation_handle_t operation_handle,
const keymaster_key_param_t* params, size_t params_count, const uint8_t* input,
size_t input_length, size_t* input_consumed, uint8_t** output, size_t* output_length);
- static keymaster_error_t finish(const struct keymaster_device* dev,
+ static keymaster_error_t finish(const keymaster1_device_t* dev,
keymaster_operation_handle_t operation_handle,
const keymaster_key_param_t* params, size_t params_count,
const uint8_t* signature, size_t signature_length,
uint8_t** output, size_t* output_length);
- static keymaster_error_t abort(const struct keymaster_device* dev,
+ static keymaster_error_t abort(const keymaster1_device_t* dev,
keymaster_operation_handle_t operation_handle);
- keymaster_device device_;
+ keymaster1_device_t device_;
UniquePtr<GoogleKeymaster> impl_;
};
diff --git a/soft_keymaster_device.cpp b/soft_keymaster_device.cpp
index b24f540..0f4eda4 100644
--- a/soft_keymaster_device.cpp
+++ b/soft_keymaster_device.cpp
@@ -27,7 +27,7 @@
#include <type_traits>
-#include <hardware/keymaster.h>
+#include <hardware/keymaster1.h>
#define LOG_TAG "SoftKeymasterDevice"
#include <cutils/log.h>
@@ -45,7 +45,7 @@
.common =
{
.tag = HARDWARE_MODULE_TAG,
- .module_api_version = KEYMASTER_MODULE_API_VERSION_0_4,
+ .module_api_version = KEYMASTER_MODULE_API_VERSION_1_0,
.hal_api_version = HARDWARE_HAL_API_VERSION,
.id = KEYSTORE_HARDWARE_MODULE_ID,
.name = "Keymaster OpenSSL HAL",
@@ -144,8 +144,8 @@
request->additional_params.push_back(TAG_APPLICATION_DATA, *app_data);
}
-static inline SoftKeymasterDevice* convert_device(const keymaster_device* dev) {
- return reinterpret_cast<SoftKeymasterDevice*>(const_cast<keymaster_device*>(dev));
+static inline SoftKeymasterDevice* convert_device(const keymaster1_device_t* dev) {
+ return reinterpret_cast<SoftKeymasterDevice*>(const_cast<keymaster1_device_t*>(dev));
}
/* static */
@@ -155,7 +155,7 @@
}
/* static */
-int SoftKeymasterDevice::generate_keypair(const keymaster_device_t* dev,
+int SoftKeymasterDevice::generate_keypair(const keymaster1_device_t* dev,
const keymaster_keypair_t key_type,
const void* key_params, uint8_t** key_blob,
size_t* key_blob_length) {
@@ -215,7 +215,7 @@
}
/* static */
-int SoftKeymasterDevice::import_keypair(const keymaster_device_t* dev, const uint8_t* key,
+int SoftKeymasterDevice::import_keypair(const keymaster1_device_t* dev, const uint8_t* key,
const size_t key_length, uint8_t** key_blob,
size_t* key_blob_length) {
convert_device(dev)->impl_->logger().debug("Device received import_keypair");
@@ -247,7 +247,7 @@
}
/* static */
-int SoftKeymasterDevice::get_keypair_public(const struct keymaster_device* dev,
+int SoftKeymasterDevice::get_keypair_public(const struct keymaster1_device* dev,
const uint8_t* key_blob, const size_t key_blob_length,
uint8_t** x509_data, size_t* x509_data_length) {
convert_device(dev)->impl_->logger().debug("Device received get_keypair_public");
@@ -276,7 +276,7 @@
}
/* static */
-int SoftKeymasterDevice::sign_data(const keymaster_device_t* dev, const void* params,
+int SoftKeymasterDevice::sign_data(const keymaster1_device_t* dev, const void* params,
const uint8_t* key_blob, const size_t key_blob_length,
const uint8_t* data, const size_t data_length,
uint8_t** signed_data, size_t* signed_data_length) {
@@ -331,7 +331,7 @@
}
/* static */
-int SoftKeymasterDevice::verify_data(const keymaster_device_t* dev, const void* params,
+int SoftKeymasterDevice::verify_data(const keymaster1_device_t* dev, const void* params,
const uint8_t* key_blob, const size_t key_blob_length,
const uint8_t* signed_data, const size_t signed_data_length,
const uint8_t* signature, const size_t signature_length) {
@@ -380,7 +380,7 @@
}
/* static */
-keymaster_error_t SoftKeymasterDevice::get_supported_algorithms(const struct keymaster_device* dev,
+keymaster_error_t SoftKeymasterDevice::get_supported_algorithms(const keymaster1_device_t* dev,
keymaster_algorithm_t** algorithms,
size_t* algorithms_length) {
if (!algorithms || !algorithms_length)
@@ -405,7 +405,7 @@
}
/* static */
-keymaster_error_t SoftKeymasterDevice::get_supported_block_modes(const struct keymaster_device* dev,
+keymaster_error_t SoftKeymasterDevice::get_supported_block_modes(const keymaster1_device_t* dev,
keymaster_algorithm_t algorithm,
keymaster_purpose_t purpose,
keymaster_block_mode_t** modes,
@@ -432,9 +432,11 @@
}
/* static */
-keymaster_error_t SoftKeymasterDevice::get_supported_padding_modes(
- const struct keymaster_device* dev, keymaster_algorithm_t algorithm,
- keymaster_purpose_t purpose, keymaster_padding_t** modes, size_t* modes_length) {
+keymaster_error_t SoftKeymasterDevice::get_supported_padding_modes(const keymaster1_device_t* dev,
+ keymaster_algorithm_t algorithm,
+ keymaster_purpose_t purpose,
+ keymaster_padding_t** modes,
+ size_t* modes_length) {
if (!modes || !modes_length)
return KM_ERROR_OUTPUT_PARAMETER_NULL;
@@ -456,7 +458,7 @@
}
/* static */
-keymaster_error_t SoftKeymasterDevice::get_supported_digests(const struct keymaster_device* dev,
+keymaster_error_t SoftKeymasterDevice::get_supported_digests(const keymaster1_device_t* dev,
keymaster_algorithm_t algorithm,
keymaster_purpose_t purpose,
keymaster_digest_t** digests,
@@ -483,7 +485,7 @@
/* static */
keymaster_error_t SoftKeymasterDevice::get_supported_import_formats(
- const struct keymaster_device* dev, keymaster_algorithm_t algorithm,
+ const keymaster1_device_t* dev, keymaster_algorithm_t algorithm,
keymaster_key_format_t** formats, size_t* formats_length) {
if (!formats || !formats_length)
return KM_ERROR_OUTPUT_PARAMETER_NULL;
@@ -508,7 +510,7 @@
/* static */
keymaster_error_t SoftKeymasterDevice::get_supported_export_formats(
- const struct keymaster_device* dev, keymaster_algorithm_t algorithm,
+ const keymaster1_device_t* dev, keymaster_algorithm_t algorithm,
keymaster_key_format_t** formats, size_t* formats_length) {
if (!formats || !formats_length)
return KM_ERROR_OUTPUT_PARAMETER_NULL;
@@ -532,7 +534,7 @@
}
/* static */
-keymaster_error_t SoftKeymasterDevice::add_rng_entropy(const struct keymaster_device* /* dev */,
+keymaster_error_t SoftKeymasterDevice::add_rng_entropy(const keymaster1_device_t* /* dev */,
const uint8_t* /* data */,
size_t /* data_length */) {
return KM_ERROR_UNIMPLEMENTED;
@@ -540,7 +542,7 @@
/* static */
keymaster_error_t SoftKeymasterDevice::generate_key(
- const struct keymaster_device* dev, const keymaster_key_param_t* params, size_t params_count,
+ const keymaster1_device_t* dev, const keymaster_key_param_t* params, size_t params_count,
keymaster_key_blob_t* key_blob, keymaster_key_characteristics_t** characteristics) {
if (!key_blob)
@@ -572,7 +574,7 @@
/* static */
keymaster_error_t SoftKeymasterDevice::get_key_characteristics(
- const struct keymaster_device* dev, const keymaster_key_blob_t* key_blob,
+ const keymaster1_device_t* dev, const keymaster_key_blob_t* key_blob,
const keymaster_blob_t* client_id, const keymaster_blob_t* app_data,
keymaster_key_characteristics_t** characteristics) {
if (!key_blob)
@@ -598,7 +600,7 @@
/* static */
keymaster_error_t SoftKeymasterDevice::rescope(
- const struct keymaster_device* /* dev */, const keymaster_key_param_t* /* new_params */,
+ const keymaster1_device_t* /* dev */, const keymaster_key_param_t* /* new_params */,
size_t /* new_params_count */, const keymaster_key_blob_t* /* key_blob */,
const keymaster_blob_t* /* client_id */, const keymaster_blob_t* /* app_data */,
keymaster_key_blob_t* /* rescoped_key_blob */,
@@ -608,7 +610,7 @@
/* static */
keymaster_error_t SoftKeymasterDevice::import_key(
- const struct keymaster_device* dev, const keymaster_key_param_t* params, size_t params_count,
+ const keymaster1_device_t* dev, const keymaster_key_param_t* params, size_t params_count,
keymaster_key_format_t key_format, const uint8_t* key_data, size_t key_data_length,
keymaster_key_blob_t* key_blob, keymaster_key_characteristics_t** characteristics) {
if (!params || !key_data)
@@ -646,7 +648,7 @@
/* static */
keymaster_error_t SoftKeymasterDevice::export_key(
- const struct keymaster_device* dev, keymaster_key_format_t export_format,
+ const keymaster1_device_t* dev, keymaster_key_format_t export_format,
const keymaster_key_blob_t* key_to_export, const keymaster_blob_t* client_id,
const keymaster_blob_t* app_data, uint8_t** export_data, size_t* export_data_length) {
if (!key_to_export || !key_to_export->key_material)
@@ -677,12 +679,10 @@
}
/* static */
-keymaster_error_t
-SoftKeymasterDevice::begin(const struct keymaster_device* dev, keymaster_purpose_t purpose,
- const keymaster_key_blob_t* key, const keymaster_key_param_t* params,
- size_t params_count, keymaster_key_param_t** out_params,
- size_t* out_params_count,
- keymaster_operation_handle_t* operation_handle) {
+keymaster_error_t SoftKeymasterDevice::begin(
+ const keymaster1_device_t* dev, keymaster_purpose_t purpose, const keymaster_key_blob_t* key,
+ const keymaster_key_param_t* params, size_t params_count, keymaster_key_param_t** out_params,
+ size_t* out_params_count, keymaster_operation_handle_t* operation_handle) {
if (!key || !key->key_material)
return KM_ERROR_INVALID_KEY_BLOB;
@@ -707,7 +707,7 @@
}
/* static */
-keymaster_error_t SoftKeymasterDevice::update(const struct keymaster_device* dev,
+keymaster_error_t SoftKeymasterDevice::update(const keymaster1_device_t* dev,
keymaster_operation_handle_t operation_handle,
const keymaster_key_param_t* params,
size_t params_count, const uint8_t* input,
@@ -739,7 +739,7 @@
}
/* static */
-keymaster_error_t SoftKeymasterDevice::finish(const struct keymaster_device* dev,
+keymaster_error_t SoftKeymasterDevice::finish(const keymaster1_device_t* dev,
keymaster_operation_handle_t operation_handle,
const keymaster_key_param_t* params,
size_t params_count, const uint8_t* signature,
@@ -768,7 +768,7 @@
}
/* static */
-keymaster_error_t SoftKeymasterDevice::abort(const struct keymaster_device* dev,
+keymaster_error_t SoftKeymasterDevice::abort(const keymaster1_device_t* dev,
keymaster_operation_handle_t operation_handle) {
return convert_device(dev)->impl_->AbortOperation(operation_handle);
}
@@ -790,7 +790,7 @@
return KM_ERROR_UNSUPPORTED_DIGEST;
if (rsa_params->padding_type != PADDING_NONE)
return KM_ERROR_UNSUPPORTED_PADDING_MODE;
- if (!auth_set->push_back(TAG_DIGEST, DIGEST_NONE) ||
+ if (!auth_set->push_back(TAG_DIGEST, KM_DIGEST_NONE) ||
!auth_set->push_back(TAG_PADDING, KM_PAD_NONE))
return KM_ERROR_MEMORY_ALLOCATION_FAILED;
} break;
@@ -799,7 +799,7 @@
reinterpret_cast<const keymaster_dsa_sign_params_t*>(signing_params);
if (dsa_params->digest_type != DIGEST_NONE)
return KM_ERROR_UNSUPPORTED_DIGEST;
- if (!auth_set->push_back(TAG_DIGEST, DIGEST_NONE))
+ if (!auth_set->push_back(TAG_DIGEST, KM_DIGEST_NONE))
return KM_ERROR_MEMORY_ALLOCATION_FAILED;
} break;
case KM_ALGORITHM_ECDSA: {
@@ -807,7 +807,7 @@
reinterpret_cast<const keymaster_ec_sign_params_t*>(signing_params);
if (ecdsa_params->digest_type != DIGEST_NONE)
return KM_ERROR_UNSUPPORTED_DIGEST;
- if (!auth_set->push_back(TAG_DIGEST, DIGEST_NONE))
+ if (!auth_set->push_back(TAG_DIGEST, KM_DIGEST_NONE))
return KM_ERROR_MEMORY_ALLOCATION_FAILED;
} break;
default:
@@ -825,7 +825,7 @@
uint64_t now = java_time(time(NULL));
auth_set->push_back(TAG_CREATION_DATETIME, now);
auth_set->push_back(TAG_ORIGINATION_EXPIRE_DATETIME, now + HUNDRED_YEARS);
- auth_set->push_back(TAG_DIGEST, DIGEST_NONE);
+ auth_set->push_back(TAG_DIGEST, KM_DIGEST_NONE);
auth_set->push_back(TAG_PADDING, KM_PAD_NONE);
}