Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2017, The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | #include "KeymasterDevice.h" |
nagendra modadugu | 9747140 | 2017-09-27 14:01:00 -0700 | [diff] [blame] | 18 | #include "import_key.h" |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 19 | #include "proto_utils.h" |
| 20 | |
nagendra modadugu | 9e8c856 | 2017-09-18 18:58:54 -0700 | [diff] [blame] | 21 | #include <Keymaster.client.h> |
Andrew Scull | 8e96ff0 | 2017-10-09 11:09:09 +0100 | [diff] [blame^] | 22 | #include <nos/debug.h> |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 23 | #include <nos/NuggetClient.h> |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 24 | |
| 25 | #include <android-base/logging.h> |
| 26 | |
| 27 | namespace android { |
| 28 | namespace hardware { |
| 29 | namespace keymaster { |
| 30 | |
nagendra modadugu | 8a88337 | 2017-09-18 22:29:00 -0700 | [diff] [blame] | 31 | // std |
| 32 | using std::string; |
| 33 | |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 34 | // libhidl |
| 35 | using ::android::hardware::Void; |
| 36 | |
| 37 | // HAL |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 38 | using ::android::hardware::keymaster::V3_0::Algorithm; |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 39 | using ::android::hardware::keymaster::V3_0::KeyCharacteristics; |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 40 | using ::android::hardware::keymaster::V3_0::KeyFormat; |
| 41 | using ::android::hardware::keymaster::V3_0::Tag; |
| 42 | |
| 43 | // nos |
| 44 | using nos::NuggetClient; |
| 45 | |
| 46 | // Keymaster app |
| 47 | using ::nugget::app::keymaster::AddRngEntropyRequest; |
| 48 | using ::nugget::app::keymaster::AddRngEntropyResponse; |
| 49 | using ::nugget::app::keymaster::GenerateKeyRequest; |
| 50 | using ::nugget::app::keymaster::GenerateKeyResponse; |
| 51 | using ::nugget::app::keymaster::GetKeyCharacteristicsRequest; |
| 52 | using ::nugget::app::keymaster::GetKeyCharacteristicsResponse; |
| 53 | using ::nugget::app::keymaster::ImportKeyRequest; |
| 54 | using ::nugget::app::keymaster::ImportKeyResponse; |
| 55 | using ::nugget::app::keymaster::ExportKeyRequest; |
| 56 | using ::nugget::app::keymaster::ExportKeyResponse; |
| 57 | using ::nugget::app::keymaster::AttestKeyRequest; |
| 58 | using ::nugget::app::keymaster::AttestKeyResponse; |
| 59 | using ::nugget::app::keymaster::UpgradeKeyRequest; |
| 60 | using ::nugget::app::keymaster::UpgradeKeyResponse; |
| 61 | using ::nugget::app::keymaster::DeleteKeyRequest; |
| 62 | using ::nugget::app::keymaster::DeleteKeyResponse; |
| 63 | using ::nugget::app::keymaster::DeleteAllKeysRequest; |
| 64 | using ::nugget::app::keymaster::DeleteAllKeysResponse; |
| 65 | using ::nugget::app::keymaster::DestroyAttestationIdsRequest; |
| 66 | using ::nugget::app::keymaster::DestroyAttestationIdsResponse; |
| 67 | using ::nugget::app::keymaster::BeginOperationRequest; |
| 68 | using ::nugget::app::keymaster::BeginOperationResponse; |
| 69 | using ::nugget::app::keymaster::UpdateOperationRequest; |
| 70 | using ::nugget::app::keymaster::UpdateOperationResponse; |
| 71 | using ::nugget::app::keymaster::FinishOperationRequest; |
| 72 | using ::nugget::app::keymaster::FinishOperationResponse; |
| 73 | using ::nugget::app::keymaster::AbortOperationRequest; |
| 74 | using ::nugget::app::keymaster::AbortOperationResponse; |
| 75 | |
| 76 | static ErrorCode status_to_error_code(uint32_t status) |
| 77 | { |
| 78 | switch (status) { |
| 79 | case APP_SUCCESS: |
| 80 | return ErrorCode::OK; |
| 81 | break; |
| 82 | case APP_ERROR_BOGUS_ARGS: |
| 83 | return ErrorCode::INVALID_ARGUMENT; |
| 84 | break; |
| 85 | case APP_ERROR_INTERNAL: |
| 86 | return ErrorCode::UNKNOWN_ERROR; |
| 87 | break; |
| 88 | case APP_ERROR_TOO_MUCH: |
| 89 | return ErrorCode::INSUFFICIENT_BUFFER_SPACE; |
| 90 | break; |
| 91 | case APP_ERROR_RPC: |
| 92 | return ErrorCode::SECURE_HW_COMMUNICATION_FAILED; |
| 93 | break; |
| 94 | // TODO: app specific error codes go here. |
| 95 | default: |
| 96 | return ErrorCode::UNKNOWN_ERROR; |
| 97 | break; |
| 98 | } |
| 99 | } |
| 100 | |
Andrew Scull | dc620df | 2017-09-29 14:07:56 +0100 | [diff] [blame] | 101 | #define KM_CALL(meth) { \ |
| 102 | const uint32_t status = _keymaster. meth (request, &response); \ |
| 103 | if (status != APP_SUCCESS) { \ |
| 104 | LOG(ERROR) << #meth << " : request failed with status: " \ |
Andrew Scull | 8e96ff0 | 2017-10-09 11:09:09 +0100 | [diff] [blame^] | 105 | << nos::StatusCodeString(status); \ |
Andrew Scull | dc620df | 2017-09-29 14:07:56 +0100 | [diff] [blame] | 106 | return status_to_error_code(status); \ |
| 107 | } \ |
| 108 | if ((ErrorCode)response.error_code() != ErrorCode::OK) { \ |
| 109 | LOG(ERROR) << #meth << " : device response error code: " \ |
| 110 | << response.error_code(); \ |
| 111 | return (ErrorCode)response.error_code(); \ |
| 112 | } \ |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 113 | } |
| 114 | |
Andrew Scull | dc620df | 2017-09-29 14:07:56 +0100 | [diff] [blame] | 115 | #define KM_CALLV(meth, ...) { \ |
| 116 | const uint32_t status = _keymaster. meth (request, &response); \ |
| 117 | if (status != APP_SUCCESS) { \ |
| 118 | LOG(ERROR) << #meth << " : request failed with status: " \ |
Andrew Scull | 8e96ff0 | 2017-10-09 11:09:09 +0100 | [diff] [blame^] | 119 | << nos::StatusCodeString(status); \ |
Andrew Scull | dc620df | 2017-09-29 14:07:56 +0100 | [diff] [blame] | 120 | _hidl_cb(status_to_error_code(status), __VA_ARGS__); \ |
| 121 | return Void(); \ |
| 122 | } \ |
| 123 | if ((ErrorCode)response.error_code() != ErrorCode::OK) { \ |
| 124 | LOG(ERROR) << #meth << " : device response error code: " \ |
| 125 | << response.error_code(); \ |
| 126 | _hidl_cb((ErrorCode)response.error_code(), __VA_ARGS__); \ |
| 127 | return Void(); \ |
| 128 | } \ |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 129 | } |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 130 | |
| 131 | // Methods from ::android::hardware::keymaster::V3_0::IKeymasterDevice follow. |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 132 | |
nagendra modadugu | 8a88337 | 2017-09-18 22:29:00 -0700 | [diff] [blame] | 133 | Return<void> KeymasterDevice::getHardwareFeatures( |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 134 | getHardwareFeatures_cb _hidl_cb) |
| 135 | { |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 136 | LOG(VERBOSE) << "Running KeymasterDevice::getHardwareFeatures"; |
| 137 | |
nagendra modadugu | 8a88337 | 2017-09-18 22:29:00 -0700 | [diff] [blame] | 138 | (void)_keymaster; |
| 139 | _hidl_cb(true, true, true, true, |
| 140 | true, string("CitadelKeymaster"), string("Google")); |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 141 | return Void(); |
| 142 | } |
| 143 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 144 | Return<ErrorCode> KeymasterDevice::addRngEntropy(const hidl_vec<uint8_t>& data) |
| 145 | { |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 146 | LOG(VERBOSE) << "Running KeymasterDevice::addRngEntropy"; |
| 147 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 148 | if (!data.size()) return ErrorCode::OK; |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 149 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 150 | AddRngEntropyRequest request; |
| 151 | AddRngEntropyResponse response; |
| 152 | request.set_data(&data[0], data.size()); |
| 153 | |
| 154 | // Call device. |
| 155 | KM_CALL(AddRngEntropy); |
| 156 | |
| 157 | return (ErrorCode)response.error_code(); |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 158 | } |
| 159 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 160 | Return<void> KeymasterDevice::generateKey( |
| 161 | const hidl_vec<KeyParameter>& keyParams, |
| 162 | generateKey_cb _hidl_cb) |
| 163 | { |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 164 | LOG(VERBOSE) << "Running KeymasterDevice::generateKey"; |
| 165 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 166 | GenerateKeyRequest request; |
| 167 | GenerateKeyResponse response; |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 168 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 169 | hidl_params_to_pb(keyParams, request.mutable_params()); |
| 170 | |
| 171 | // Call device. |
| 172 | KM_CALLV(GenerateKey, hidl_vec<uint8_t>{}, KeyCharacteristics()); |
| 173 | |
| 174 | hidl_vec<uint8_t> blob; |
| 175 | KeyCharacteristics characteristics; |
| 176 | blob.setToExternal( |
| 177 | reinterpret_cast<uint8_t*>( |
| 178 | const_cast<char*>(response.blob().blob().data())), |
| 179 | response.blob().blob().size(), false); |
| 180 | pb_to_hidl_params(response.characteristics().tee_enforced(), |
| 181 | &characteristics.teeEnforced); |
| 182 | |
| 183 | _hidl_cb((ErrorCode)response.error_code(), blob, characteristics); |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 184 | return Void(); |
| 185 | } |
| 186 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 187 | Return<void> KeymasterDevice::getKeyCharacteristics( |
| 188 | const hidl_vec<uint8_t>& keyBlob, |
| 189 | const hidl_vec<uint8_t>& clientId, |
| 190 | const hidl_vec<uint8_t>& appData, |
| 191 | getKeyCharacteristics_cb _hidl_cb) |
| 192 | { |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 193 | LOG(VERBOSE) << "Running KeymasterDevice::getKeyCharacteristics"; |
| 194 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 195 | GetKeyCharacteristicsRequest request; |
| 196 | GetKeyCharacteristicsResponse response; |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 197 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 198 | request.mutable_blob()->set_blob(&keyBlob[0], keyBlob.size()); |
| 199 | request.set_client_id(&clientId[0], clientId.size()); |
| 200 | request.set_app_data(&appData[0], appData.size()); |
| 201 | |
| 202 | // Call device. |
| 203 | KM_CALLV(GetKeyCharacteristics, KeyCharacteristics()); |
| 204 | |
| 205 | KeyCharacteristics characteristics; |
| 206 | pb_to_hidl_params(response.characteristics().tee_enforced(), |
| 207 | &characteristics.teeEnforced); |
| 208 | |
| 209 | _hidl_cb((ErrorCode)response.error_code(), characteristics); |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 210 | return Void(); |
| 211 | } |
| 212 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 213 | Return<void> KeymasterDevice::importKey( |
| 214 | const hidl_vec<KeyParameter>& params, KeyFormat keyFormat, |
| 215 | const hidl_vec<uint8_t>& keyData, importKey_cb _hidl_cb) |
| 216 | { |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 217 | LOG(VERBOSE) << "Running KeymasterDevice::importKey"; |
| 218 | |
nagendra modadugu | 9747140 | 2017-09-27 14:01:00 -0700 | [diff] [blame] | 219 | ErrorCode error; |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 220 | ImportKeyRequest request; |
| 221 | ImportKeyResponse response; |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 222 | |
nagendra modadugu | 9747140 | 2017-09-27 14:01:00 -0700 | [diff] [blame] | 223 | error = import_key_request(params, keyFormat, keyData, &request); |
| 224 | if (error != ErrorCode::OK) { |
| 225 | LOG(ERROR) << "ImportKey request parsing failed with error " |
| 226 | << (uint32_t)error; |
| 227 | _hidl_cb(error, hidl_vec<uint8_t>{}, KeyCharacteristics{}); |
| 228 | return Void(); |
| 229 | } |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 230 | |
| 231 | KM_CALLV(ImportKey, hidl_vec<uint8_t>{}, KeyCharacteristics{}); |
| 232 | |
| 233 | hidl_vec<uint8_t> blob; |
| 234 | blob.setToExternal( |
| 235 | reinterpret_cast<uint8_t*>( |
| 236 | const_cast<char*>(response.blob().blob().data())), |
| 237 | response.blob().blob().size(), false); |
| 238 | |
| 239 | KeyCharacteristics characteristics; |
nagendra modadugu | 9747140 | 2017-09-27 14:01:00 -0700 | [diff] [blame] | 240 | error = pb_to_hidl_params(response.characteristics().tee_enforced(), |
| 241 | &characteristics.teeEnforced); |
| 242 | if (error != ErrorCode::OK) { |
| 243 | LOG(ERROR) << "KeymasterDevice::importKey: response tee_enforced :" |
| 244 | << (uint32_t)error; |
| 245 | } |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 246 | |
| 247 | _hidl_cb(ErrorCode::OK, blob, characteristics); |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 248 | return Void(); |
| 249 | } |
| 250 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 251 | Return<void> KeymasterDevice::exportKey( |
| 252 | KeyFormat exportFormat, const hidl_vec<uint8_t>& keyBlob, |
| 253 | const hidl_vec<uint8_t>& clientId, |
| 254 | const hidl_vec<uint8_t>& appData, exportKey_cb _hidl_cb) |
| 255 | { |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 256 | LOG(VERBOSE) << "Running KeymasterDevice::exportKey"; |
| 257 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 258 | ExportKeyRequest request; |
| 259 | ExportKeyResponse response; |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 260 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 261 | request.set_format((::nugget::app::keymaster::KeyFormat)exportFormat); |
| 262 | request.mutable_blob()->set_blob(&keyBlob[0], keyBlob.size()); |
| 263 | request.set_client_id(&clientId[0], clientId.size()); |
| 264 | request.set_app_data(&appData[0], appData.size()); |
| 265 | |
| 266 | KM_CALLV(ExportKey, hidl_vec<uint8_t>{}); |
| 267 | |
| 268 | hidl_vec<uint8_t> blob; |
| 269 | blob.setToExternal( |
| 270 | reinterpret_cast<uint8_t*>( |
| 271 | const_cast<char*>(response.key_material().data())), |
| 272 | response.key_material().size(), false); |
| 273 | |
| 274 | _hidl_cb((ErrorCode)response.error_code(), blob); |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 275 | return Void(); |
| 276 | } |
| 277 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 278 | Return<void> KeymasterDevice::attestKey( |
| 279 | const hidl_vec<uint8_t>& keyToAttest, |
| 280 | const hidl_vec<KeyParameter>& attestParams, |
| 281 | attestKey_cb _hidl_cb) |
| 282 | { |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 283 | LOG(VERBOSE) << "Running KeymasterDevice::attestKey"; |
| 284 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 285 | AttestKeyRequest request; |
| 286 | AttestKeyResponse response; |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 287 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 288 | request.mutable_blob()->set_blob(&keyToAttest[0], keyToAttest.size()); |
| 289 | hidl_params_to_pb(attestParams, request.mutable_params()); |
| 290 | |
| 291 | KM_CALLV(AttestKey, hidl_vec<hidl_vec<uint8_t> >{}); |
| 292 | |
| 293 | vector<hidl_vec<uint8_t> > chain; |
| 294 | for (int i = 0; i < response.chain().certificates_size(); i++) { |
| 295 | hidl_vec<uint8_t> blob; |
| 296 | blob.setToExternal( |
| 297 | reinterpret_cast<uint8_t*>( |
| 298 | const_cast<char*>( |
| 299 | response.chain().certificates(i).data().data())), |
| 300 | response.chain().certificates(i).data().size(), false); |
| 301 | chain.push_back(blob); |
| 302 | } |
| 303 | |
| 304 | _hidl_cb((ErrorCode)response.error_code(), |
| 305 | hidl_vec<hidl_vec<uint8_t> >(chain)); |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 306 | return Void(); |
| 307 | } |
| 308 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 309 | Return<void> KeymasterDevice::upgradeKey( |
| 310 | const hidl_vec<uint8_t>& keyBlobToUpgrade, |
| 311 | const hidl_vec<KeyParameter>& upgradeParams, |
| 312 | upgradeKey_cb _hidl_cb) |
| 313 | { |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 314 | LOG(VERBOSE) << "Running KeymasterDevice::upgradeKey"; |
| 315 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 316 | UpgradeKeyRequest request; |
| 317 | UpgradeKeyResponse response; |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 318 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 319 | request.mutable_blob()->set_blob(&keyBlobToUpgrade[0], |
| 320 | keyBlobToUpgrade.size()); |
| 321 | hidl_params_to_pb(upgradeParams, request.mutable_params()); |
| 322 | |
| 323 | KM_CALLV(UpgradeKey, hidl_vec<uint8_t>{}); |
| 324 | |
| 325 | hidl_vec<uint8_t> blob; |
| 326 | blob.setToExternal( |
| 327 | reinterpret_cast<uint8_t*>( |
| 328 | const_cast<char*>(response.blob().blob().data())), |
| 329 | response.blob().blob().size(), false); |
| 330 | |
| 331 | _hidl_cb((ErrorCode)response.error_code(), blob); |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 332 | return Void(); |
| 333 | } |
| 334 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 335 | Return<ErrorCode> KeymasterDevice::deleteKey(const hidl_vec<uint8_t>& keyBlob) |
| 336 | { |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 337 | LOG(VERBOSE) << "Running KeymasterDevice::deleteKey"; |
| 338 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 339 | DeleteKeyRequest request; |
| 340 | DeleteKeyResponse response; |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 341 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 342 | request.mutable_blob()->set_blob(&keyBlob[0], keyBlob.size()); |
| 343 | |
| 344 | KM_CALL(DeleteKey); |
| 345 | |
| 346 | return (ErrorCode)response.error_code(); |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 347 | } |
| 348 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 349 | Return<ErrorCode> KeymasterDevice::deleteAllKeys() |
| 350 | { |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 351 | LOG(VERBOSE) << "Running KeymasterDevice::deleteAllKeys"; |
| 352 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 353 | DeleteAllKeysRequest request; |
| 354 | DeleteAllKeysResponse response; |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 355 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 356 | KM_CALL(DeleteAllKeys); |
| 357 | |
| 358 | return (ErrorCode)response.error_code(); |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 359 | } |
| 360 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 361 | Return<ErrorCode> KeymasterDevice::destroyAttestationIds() |
| 362 | { |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 363 | LOG(VERBOSE) << "Running KeymasterDevice::destroyAttestationIds"; |
| 364 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 365 | DestroyAttestationIdsRequest request; |
| 366 | DestroyAttestationIdsResponse response; |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 367 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 368 | KM_CALL(DestroyAttestationIds); |
| 369 | |
| 370 | return (ErrorCode)response.error_code(); |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 371 | } |
| 372 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 373 | Return<void> KeymasterDevice::begin( |
| 374 | KeyPurpose purpose, const hidl_vec<uint8_t>& key, |
| 375 | const hidl_vec<KeyParameter>& inParams, begin_cb _hidl_cb) |
| 376 | { |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 377 | LOG(VERBOSE) << "Running KeymasterDevice::begin"; |
| 378 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 379 | BeginOperationRequest request; |
| 380 | BeginOperationResponse response; |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 381 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 382 | request.set_purpose((::nugget::app::keymaster::KeyPurpose)purpose); |
| 383 | request.mutable_blob()->set_blob(&key[0], key.size()); |
| 384 | hidl_params_to_pb(inParams, request.mutable_params()); |
| 385 | |
| 386 | KM_CALLV(BeginOperation, hidl_vec<KeyParameter>{}, 0); |
| 387 | |
| 388 | hidl_vec<KeyParameter> params; |
| 389 | pb_to_hidl_params(response.params(), ¶ms); |
| 390 | |
| 391 | _hidl_cb((ErrorCode)response.error_code(), params, |
| 392 | response.handle().handle()); |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 393 | return Void(); |
| 394 | } |
| 395 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 396 | Return<void> KeymasterDevice::update( |
| 397 | uint64_t operationHandle, |
| 398 | const hidl_vec<KeyParameter>& inParams, |
| 399 | const hidl_vec<uint8_t>& input, update_cb _hidl_cb) |
| 400 | { |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 401 | LOG(VERBOSE) << "Running KeymasterDevice::update"; |
| 402 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 403 | UpdateOperationRequest request; |
| 404 | UpdateOperationResponse response; |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 405 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 406 | request.mutable_handle()->set_handle(operationHandle); |
| 407 | hidl_params_to_pb(inParams, request.mutable_params()); |
| 408 | request.set_input(&input[0], input.size()); |
| 409 | |
| 410 | KM_CALLV(UpdateOperation, 0, hidl_vec<KeyParameter>{}, hidl_vec<uint8_t>{}); |
| 411 | |
| 412 | hidl_vec<KeyParameter> params; |
| 413 | hidl_vec<uint8_t> output; |
| 414 | pb_to_hidl_params(response.params(), ¶ms); |
| 415 | output.setToExternal( |
| 416 | reinterpret_cast<uint8_t*>(const_cast<char*>(response.output().data())), |
| 417 | response.output().size(), false); |
| 418 | |
| 419 | _hidl_cb(ErrorCode::OK, response.consumed(), params, output); |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 420 | return Void(); |
| 421 | } |
| 422 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 423 | Return<void> KeymasterDevice::finish( |
| 424 | uint64_t operationHandle, |
| 425 | const hidl_vec<KeyParameter>& inParams, |
| 426 | const hidl_vec<uint8_t>& input, |
| 427 | const hidl_vec<uint8_t>& signature, finish_cb _hidl_cb) |
| 428 | { |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 429 | LOG(VERBOSE) << "Running KeymasterDevice::finish"; |
| 430 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 431 | FinishOperationRequest request; |
| 432 | FinishOperationResponse response; |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 433 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 434 | request.mutable_handle()->set_handle(operationHandle); |
| 435 | hidl_params_to_pb(inParams, request.mutable_params()); |
| 436 | request.set_input(&input[0], input.size()); |
| 437 | request.set_signature(&signature[0], signature.size()); |
| 438 | |
| 439 | KM_CALLV(FinishOperation, hidl_vec<KeyParameter>{}, hidl_vec<uint8_t>{}); |
| 440 | |
| 441 | hidl_vec<KeyParameter> params; |
| 442 | pb_to_hidl_params(response.params(), ¶ms); |
| 443 | hidl_vec<uint8_t> output; |
| 444 | output.setToExternal( |
| 445 | reinterpret_cast<uint8_t*>(const_cast<char*>(response.output().data())), |
| 446 | response.output().size(), false); |
| 447 | |
| 448 | _hidl_cb(ErrorCode::OK, params, output); |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 449 | return Void(); |
| 450 | } |
| 451 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 452 | Return<ErrorCode> KeymasterDevice::abort(uint64_t operationHandle) |
| 453 | { |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 454 | LOG(VERBOSE) << "Running KeymasterDevice::abort"; |
| 455 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 456 | AbortOperationRequest request; |
| 457 | AbortOperationResponse response; |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 458 | |
nagendra modadugu | 284b939 | 2017-09-27 13:51:23 -0700 | [diff] [blame] | 459 | request.mutable_handle()->set_handle(operationHandle); |
| 460 | |
| 461 | KM_CALL(AbortOperation); |
| 462 | |
| 463 | return ErrorCode::OK; |
Andrew Scull | e4e2ffc | 2017-08-10 10:03:20 +0100 | [diff] [blame] | 464 | } |
| 465 | |
| 466 | } // namespace keymaster |
| 467 | } // namespace hardware |
| 468 | } // namespace android |