Update SoftKeymasterDevice to track keymaster1 API changes.
Change-Id: I8472a75ea60c73794ce31cacab9bcaad8482358f
diff --git a/android_keymaster_test_utils.cpp b/android_keymaster_test_utils.cpp
index c40c889..80f6822 100644
--- a/android_keymaster_test_utils.cpp
+++ b/android_keymaster_test_utils.cpp
@@ -175,8 +175,7 @@
FreeKeyBlob();
FreeCharacteristics();
- return device()->generate_key(device(), params.data(), params.size(), &blob_,
- &characteristics_);
+ return device()->generate_key(device(), ¶ms, &blob_, &characteristics_);
}
keymaster_error_t Keymaster1Test::ImportKey(const AuthorizationSetBuilder& builder,
@@ -188,9 +187,9 @@
FreeKeyBlob();
FreeCharacteristics();
- return device()->import_key(device(), params.data(), params.size(), format,
- reinterpret_cast<const uint8_t*>(key_material.c_str()),
- key_material.length(), &blob_, &characteristics_);
+ keymaster_blob_t key = {reinterpret_cast<const uint8_t*>(key_material.c_str()),
+ key_material.length()};
+ return device()->import_key(device(), ¶ms, format, &key, &blob_, &characteristics_);
}
AuthorizationSet Keymaster1Test::UserAuthParams() {
@@ -208,65 +207,59 @@
}
keymaster_error_t Keymaster1Test::BeginOperation(keymaster_purpose_t purpose) {
- keymaster_key_param_t* out_params = NULL;
- size_t out_params_count = 0;
+ AuthorizationSet in_params(client_params());
+ keymaster_key_param_set_t out_params;
keymaster_error_t error =
- device()->begin(device(), purpose, &blob_, client_params_, array_length(client_params_),
- &out_params, &out_params_count, &op_handle_);
- EXPECT_EQ(0U, out_params_count);
- EXPECT_TRUE(out_params == NULL);
+ device()->begin(device(), purpose, &blob_, &in_params, &out_params, &op_handle_);
+ EXPECT_EQ(0U, out_params.length);
+ EXPECT_TRUE(out_params.params == nullptr);
return error;
}
keymaster_error_t Keymaster1Test::BeginOperation(keymaster_purpose_t purpose,
const AuthorizationSet& input_set,
AuthorizationSet* output_set) {
- keymaster_key_param_t* out_params;
- size_t out_params_count;
+ keymaster_key_param_set_t out_params;
keymaster_error_t error =
- device()->begin(device(), purpose, &blob_, input_set.data(), input_set.size(), &out_params,
- &out_params_count, &op_handle_);
+ device()->begin(device(), purpose, &blob_, &input_set, &out_params, &op_handle_);
if (error == KM_ERROR_OK) {
if (output_set) {
- output_set->Reinitialize(out_params, out_params_count);
+ output_set->Reinitialize(out_params);
} else {
- EXPECT_EQ(0U, out_params_count);
- EXPECT_TRUE(out_params == NULL);
+ EXPECT_EQ(0U, out_params.length);
+ EXPECT_TRUE(out_params.params == nullptr);
}
- keymaster_free_param_values(out_params, out_params_count);
- free(out_params);
+ keymaster_free_param_set(&out_params);
}
return error;
}
keymaster_error_t Keymaster1Test::UpdateOperation(const string& message, string* output,
size_t* input_consumed) {
- uint8_t* out_tmp = NULL;
- size_t out_length;
EXPECT_NE(op_handle_, OP_HANDLE_SENTINEL);
- keymaster_error_t error =
- device()->update(device(), op_handle_, NULL /* params */, 0 /* params_count */,
- reinterpret_cast<const uint8_t*>(message.c_str()), message.length(),
- input_consumed, &out_tmp, &out_length);
- if (error == KM_ERROR_OK && out_tmp)
- output->append(reinterpret_cast<char*>(out_tmp), out_length);
- free(out_tmp);
+ keymaster_blob_t input = {reinterpret_cast<const uint8_t*>(message.c_str()), message.length()};
+ keymaster_blob_t out_tmp;
+ keymaster_key_param_set_t out_params;
+ keymaster_error_t error = device()->update(device(), op_handle_, nullptr /* params */, &input,
+ input_consumed, &out_params, &out_tmp);
+ if (error == KM_ERROR_OK && out_tmp.data)
+ output->append(reinterpret_cast<const char*>(out_tmp.data), out_tmp.data_length);
+ free(const_cast<uint8_t*>(out_tmp.data));
return error;
}
keymaster_error_t Keymaster1Test::UpdateOperation(const AuthorizationSet& additional_params,
const string& message, string* output,
size_t* input_consumed) {
- uint8_t* out_tmp = NULL;
- size_t out_length;
EXPECT_NE(op_handle_, OP_HANDLE_SENTINEL);
- keymaster_error_t error =
- device()->update(device(), op_handle_, additional_params.data(), additional_params.size(),
- reinterpret_cast<const uint8_t*>(message.c_str()), message.length(),
- input_consumed, &out_tmp, &out_length);
- if (error == KM_ERROR_OK && out_tmp)
- output->append(reinterpret_cast<char*>(out_tmp), out_length);
- free(out_tmp);
+ keymaster_blob_t input = {reinterpret_cast<const uint8_t*>(message.c_str()), message.length()};
+ keymaster_blob_t out_tmp;
+ keymaster_key_param_set_t out_params;
+ keymaster_error_t error = device()->update(device(), op_handle_, &additional_params, &input,
+ input_consumed, &out_params, &out_tmp);
+ if (error == KM_ERROR_OK && out_tmp.data)
+ output->append(reinterpret_cast<const char*>(out_tmp.data), out_tmp.data_length);
+ free((void*)out_tmp.data);
return error;
}
@@ -281,15 +274,21 @@
keymaster_error_t Keymaster1Test::FinishOperation(const AuthorizationSet& additional_params,
const string& signature, string* output) {
- uint8_t* out_tmp = NULL;
- size_t out_length;
+ keymaster_blob_t sig = {reinterpret_cast<const uint8_t*>(signature.c_str()),
+ signature.length()};
+ keymaster_blob_t out_tmp;
+ keymaster_key_param_set_t out_params;
keymaster_error_t error =
- device()->finish(device(), op_handle_, additional_params.data(), additional_params.size(),
- reinterpret_cast<const uint8_t*>(signature.c_str()), signature.length(),
- &out_tmp, &out_length);
- if (out_tmp)
- output->append(reinterpret_cast<char*>(out_tmp), out_length);
- free(out_tmp);
+ device()->finish(device(), op_handle_, &additional_params, &sig, &out_params, &out_tmp);
+ if (error != KM_ERROR_OK) {
+ EXPECT_TRUE(out_tmp.data == nullptr);
+ EXPECT_TRUE(out_params.params == nullptr);
+ return error;
+ }
+
+ if (out_tmp.data)
+ output->append(reinterpret_cast<const char*>(out_tmp.data), out_tmp.data_length);
+ free((void*)out_tmp.data);
return error;
}
@@ -521,18 +520,15 @@
}
keymaster_error_t Keymaster1Test::ExportKey(keymaster_key_format_t format, string* export_data) {
- uint8_t* export_data_tmp;
- size_t export_data_length;
-
- keymaster_error_t error =
- device()->export_key(device(), format, &blob_, &client_id_, NULL /* app_data */,
- &export_data_tmp, &export_data_length);
+ keymaster_blob_t export_tmp;
+ keymaster_error_t error = device()->export_key(device(), format, &blob_, &client_id_,
+ NULL /* app_data */, &export_tmp);
if (error != KM_ERROR_OK)
return error;
- *export_data = string(reinterpret_cast<char*>(export_data_tmp), export_data_length);
- free(export_data_tmp);
+ *export_data = string(reinterpret_cast<const char*>(export_tmp.data), export_tmp.data_length);
+ free((void*)export_tmp.data);
return error;
}
diff --git a/include/keymaster/soft_keymaster_device.h b/include/keymaster/soft_keymaster_device.h
index ce1d5ad..a4f85c4 100644
--- a/include/keymaster/soft_keymaster_device.h
+++ b/include/keymaster/soft_keymaster_device.h
@@ -117,7 +117,7 @@
static keymaster_error_t add_rng_entropy(const keymaster1_device_t* dev, const uint8_t* data,
size_t data_length);
static keymaster_error_t generate_key(const keymaster1_device_t* dev,
- const keymaster_key_param_t* params, size_t params_count,
+ const keymaster_key_param_set_t* params,
keymaster_key_blob_t* key_blob,
keymaster_key_characteristics_t** characteristics);
static keymaster_error_t get_key_characteristics(const keymaster1_device_t* dev,
@@ -125,32 +125,36 @@
const keymaster_blob_t* client_id,
const keymaster_blob_t* app_data,
keymaster_key_characteristics_t** character);
- static keymaster_error_t import_key(const keymaster1_device_t* dev,
- const keymaster_key_param_t* params, size_t params_count,
- keymaster_key_format_t key_format, const uint8_t* key_data,
- size_t key_data_length, keymaster_key_blob_t* key_blob,
+ static keymaster_error_t import_key(const keymaster1_device_t* dev, //
+ const keymaster_key_param_set_t* params,
+ keymaster_key_format_t key_format,
+ const keymaster_blob_t* key_data,
+ keymaster_key_blob_t* key_blob,
keymaster_key_characteristics_t** characteristics);
- static keymaster_error_t
- export_key(const keymaster1_device_t* dev, keymaster_key_format_t export_format,
- const keymaster_key_blob_t* key_to_export, const keymaster_blob_t* client_id,
- const keymaster_blob_t* app_data, uint8_t** export_data, size_t* export_data_length);
+ static keymaster_error_t export_key(const keymaster1_device_t* dev, //
+ keymaster_key_format_t export_format,
+ const keymaster_key_blob_t* key_to_export,
+ const keymaster_blob_t* client_id,
+ const keymaster_blob_t* app_data,
+ keymaster_blob_t* export_data);
static keymaster_error_t delete_key(const struct keymaster1_device* dev,
const keymaster_key_blob_t* key);
static keymaster_error_t delete_all_keys(const struct keymaster1_device* dev);
static keymaster_error_t begin(const keymaster1_device_t* dev, keymaster_purpose_t purpose,
const keymaster_key_blob_t* key,
- const keymaster_key_param_t* params, size_t params_count,
- keymaster_key_param_t** out_params, size_t* out_params_count,
+ const keymaster_key_param_set_t* in_params,
+ keymaster_key_param_set_t* out_params,
keymaster_operation_handle_t* operation_handle);
- static keymaster_error_t
- update(const keymaster1_device_t* dev, keymaster_operation_handle_t operation_handle,
- const keymaster_key_param_t* params, size_t params_count, const uint8_t* input,
- size_t input_length, size_t* input_consumed, uint8_t** output, size_t* output_length);
- static keymaster_error_t finish(const keymaster1_device_t* dev,
+ static keymaster_error_t update(const keymaster1_device_t* dev,
keymaster_operation_handle_t operation_handle,
- const keymaster_key_param_t* params, size_t params_count,
- const uint8_t* signature, size_t signature_length,
- uint8_t** output, size_t* output_length);
+ const keymaster_key_param_set_t* in_params,
+ const keymaster_blob_t* input, size_t* input_consumed,
+ keymaster_key_param_set_t* out_params,
+ keymaster_blob_t* output);
+ static keymaster_error_t
+ finish(const keymaster1_device_t* dev, keymaster_operation_handle_t operation_handle,
+ const keymaster_key_param_set_t* in_params, const keymaster_blob_t* signature,
+ keymaster_key_param_set_t* out_params, keymaster_blob_t* output);
static keymaster_error_t abort(const keymaster1_device_t* dev,
keymaster_operation_handle_t operation_handle);
diff --git a/soft_keymaster_device.cpp b/soft_keymaster_device.cpp
index baaae6b..d755789 100644
--- a/soft_keymaster_device.cpp
+++ b/soft_keymaster_device.cpp
@@ -614,7 +614,7 @@
/* static */
keymaster_error_t SoftKeymasterDevice::generate_key(
- const keymaster1_device_t* dev, const keymaster_key_param_t* params, size_t params_count,
+ const keymaster1_device_t* dev, const keymaster_key_param_set_t* params,
keymaster_key_blob_t* key_blob, keymaster_key_characteristics_t** characteristics) {
if (!dev || !params)
return KM_ERROR_UNEXPECTED_NULL_POINTER;
@@ -623,7 +623,7 @@
return KM_ERROR_OUTPUT_PARAMETER_NULL;
GenerateKeyRequest request;
- request.key_description.Reinitialize(params, params_count);
+ request.key_description.Reinitialize(*params);
GenerateKeyResponse response;
convert_device(dev)->impl_->GenerateKey(request, &response);
@@ -674,8 +674,8 @@
/* static */
keymaster_error_t SoftKeymasterDevice::import_key(
- const keymaster1_device_t* dev, const keymaster_key_param_t* params, size_t params_count,
- keymaster_key_format_t key_format, const uint8_t* key_data, size_t key_data_length,
+ const keymaster1_device_t* dev, const keymaster_key_param_set_t* params,
+ keymaster_key_format_t key_format, const keymaster_blob_t* key_data,
keymaster_key_blob_t* key_blob, keymaster_key_characteristics_t** characteristics) {
if (!params || !key_data)
return KM_ERROR_UNEXPECTED_NULL_POINTER;
@@ -683,12 +683,12 @@
if (!key_blob)
return KM_ERROR_OUTPUT_PARAMETER_NULL;
- *characteristics = NULL;
+ *characteristics = nullptr;
ImportKeyRequest request;
- request.key_description.Reinitialize(params, params_count);
+ request.key_description.Reinitialize(*params);
request.key_format = key_format;
- request.SetKeyMaterial(key_data, key_data_length);
+ request.SetKeyMaterial(key_data->data, key_data->data_length);
ImportKeyResponse response;
convert_device(dev)->impl_->ImportKey(request, &response);
@@ -711,18 +711,20 @@
}
/* static */
-keymaster_error_t SoftKeymasterDevice::export_key(
- const keymaster1_device_t* dev, keymaster_key_format_t export_format,
- const keymaster_key_blob_t* key_to_export, const keymaster_blob_t* client_id,
- const keymaster_blob_t* app_data, uint8_t** export_data, size_t* export_data_length) {
+keymaster_error_t SoftKeymasterDevice::export_key(const keymaster1_device_t* dev,
+ keymaster_key_format_t export_format,
+ const keymaster_key_blob_t* key_to_export,
+ const keymaster_blob_t* client_id,
+ const keymaster_blob_t* app_data,
+ keymaster_blob_t* export_data) {
if (!key_to_export || !key_to_export->key_material)
return KM_ERROR_UNEXPECTED_NULL_POINTER;
- if (!export_data || !export_data_length)
+ if (!export_data)
return KM_ERROR_OUTPUT_PARAMETER_NULL;
- *export_data = NULL;
- *export_data_length = 0;
+ export_data->data = nullptr;
+ export_data->data_length = 0;
ExportKeyRequest request;
request.key_format = export_format;
@@ -734,11 +736,12 @@
if (response.error != KM_ERROR_OK)
return response.error;
- *export_data_length = response.key_data_length;
- *export_data = reinterpret_cast<uint8_t*>(malloc(*export_data_length));
- if (!export_data)
+ export_data->data_length = response.key_data_length;
+ uint8_t* tmp = reinterpret_cast<uint8_t*>(malloc(export_data->data_length));
+ if (!tmp)
return KM_ERROR_MEMORY_ALLOCATION_FAILED;
- memcpy(*export_data, response.key_data, *export_data_length);
+ memcpy(tmp, response.key_data, export_data->data_length);
+ export_data->data = tmp;
return KM_ERROR_OK;
}
@@ -754,35 +757,33 @@
}
/* static */
-keymaster_error_t SoftKeymasterDevice::begin(
- const keymaster1_device_t* dev, keymaster_purpose_t purpose, const keymaster_key_blob_t* key,
- const keymaster_key_param_t* params, size_t params_count, keymaster_key_param_t** out_params,
- size_t* out_params_count, keymaster_operation_handle_t* operation_handle) {
+keymaster_error_t SoftKeymasterDevice::begin(const keymaster1_device_t* dev,
+ keymaster_purpose_t purpose,
+ const keymaster_key_blob_t* key,
+ const keymaster_key_param_set_t* in_params,
+ keymaster_key_param_set_t* out_params,
+ keymaster_operation_handle_t* operation_handle) {
if (!key || !key->key_material)
return KM_ERROR_UNEXPECTED_NULL_POINTER;
- if (!operation_handle || !out_params || !out_params_count)
+ if (!operation_handle || !out_params)
return KM_ERROR_OUTPUT_PARAMETER_NULL;
- *out_params = NULL;
- *out_params_count = 0;
+ out_params->params = nullptr;
+ out_params->length = 0;
BeginOperationRequest request;
request.purpose = purpose;
request.SetKeyMaterial(*key);
- request.additional_params.Reinitialize(params, params_count);
+ request.additional_params.Reinitialize(*in_params);
BeginOperationResponse response;
convert_device(dev)->impl_->BeginOperation(request, &response);
if (response.error != KM_ERROR_OK)
return response.error;
- if (response.output_params.size() > 0) {
- keymaster_key_param_set_t out_params_set;
- response.output_params.CopyToParamSet(&out_params_set);
- *out_params = out_params_set.params;
- *out_params_count = out_params_set.length;
- }
+ if (response.output_params.size() > 0)
+ response.output_params.CopyToParamSet(out_params);
*operation_handle = response.op_handle;
return KM_ERROR_OK;
@@ -791,61 +792,82 @@
/* static */
keymaster_error_t SoftKeymasterDevice::update(const keymaster1_device_t* dev,
keymaster_operation_handle_t operation_handle,
- const keymaster_key_param_t* params,
- size_t params_count, const uint8_t* input,
- size_t input_length, size_t* input_consumed,
- uint8_t** output, size_t* output_length) {
+ const keymaster_key_param_set_t* in_params,
+ const keymaster_blob_t* input, size_t* input_consumed,
+ keymaster_key_param_set_t* out_params,
+ keymaster_blob_t* output) {
if (!input)
return KM_ERROR_UNEXPECTED_NULL_POINTER;
- if (!input_consumed || !output || !output_length)
+ if (!input_consumed || !output || !out_params)
return KM_ERROR_OUTPUT_PARAMETER_NULL;
+ out_params->params = nullptr;
+ out_params->length = 0;
+ output->data = nullptr;
+ output->data_length = 0;
+
UpdateOperationRequest request;
request.op_handle = operation_handle;
- request.input.Reinitialize(input, input_length);
- request.additional_params.Reinitialize(params, params_count);
+ if (input)
+ request.input.Reinitialize(input->data, input->data_length);
+ if (in_params)
+ request.additional_params.Reinitialize(*in_params);
UpdateOperationResponse response;
convert_device(dev)->impl_->UpdateOperation(request, &response);
if (response.error != KM_ERROR_OK)
return response.error;
+ if (response.output_params.size() > 0)
+ response.output_params.CopyToParamSet(out_params);
+
*input_consumed = response.input_consumed;
- *output_length = response.output.available_read();
- *output = reinterpret_cast<uint8_t*>(malloc(*output_length));
- if (!*output)
+ output->data_length = response.output.available_read();
+ uint8_t* tmp = reinterpret_cast<uint8_t*>(malloc(output->data_length));
+ if (!tmp)
return KM_ERROR_MEMORY_ALLOCATION_FAILED;
- memcpy(*output, response.output.peek_read(), *output_length);
+ memcpy(tmp, response.output.peek_read(), output->data_length);
+ output->data = tmp;
return KM_ERROR_OK;
}
/* static */
keymaster_error_t SoftKeymasterDevice::finish(const keymaster1_device_t* dev,
keymaster_operation_handle_t operation_handle,
- const keymaster_key_param_t* params,
- size_t params_count, const uint8_t* signature,
- size_t signature_length, uint8_t** output,
- size_t* output_length) {
- if (!output || !output_length)
+ const keymaster_key_param_set_t* params,
+ const keymaster_blob_t* signature,
+ keymaster_key_param_set_t* out_params,
+ keymaster_blob_t* output) {
+ if (!output || !out_params)
return KM_ERROR_OUTPUT_PARAMETER_NULL;
+ out_params->params = nullptr;
+ out_params->length = 0;
+ output->data = nullptr;
+ output->data_length = 0;
+
FinishOperationRequest request;
request.op_handle = operation_handle;
if (signature)
- request.signature.Reinitialize(signature, signature_length);
- request.additional_params.Reinitialize(params, params_count);
+ request.signature.Reinitialize(signature->data, signature->data_length);
+ request.additional_params.Reinitialize(*params);
FinishOperationResponse response;
convert_device(dev)->impl_->FinishOperation(request, &response);
if (response.error != KM_ERROR_OK)
return response.error;
- *output_length = response.output.available_read();
- *output = reinterpret_cast<uint8_t*>(malloc(*output_length));
- if (!*output)
+ if (response.output_params.size() > 0)
+ response.output_params.CopyToParamSet(out_params);
+ else
+
+ output->data_length = response.output.available_read();
+ uint8_t* tmp = reinterpret_cast<uint8_t*>(malloc(output->data_length));
+ if (!tmp)
return KM_ERROR_MEMORY_ALLOCATION_FAILED;
- memcpy(*output, response.output.peek_read(), *output_length);
+ memcpy(tmp, response.output.peek_read(), output->data_length);
+ output->data = tmp;
return KM_ERROR_OK;
}