ng/include/KeyMintUtils.h - platform/system/keymaster - Gitiles

 /*
  * Copyright 2020, The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 #pragma once

 #include <aidl/android/hardware/security/keymint/Certificate.h>
 #include <aidl/android/hardware/security/keymint/HardwareAuthToken.h>
 #include <aidl/android/hardware/security/keymint/HardwareAuthenticatorType.h>
 #include <aidl/android/hardware/security/keymint/KeyFormat.h>
 #include <aidl/android/hardware/security/keymint/KeyParameter.h>
 #include <aidl/android/hardware/security/keymint/KeyPurpose.h>
 #include <aidl/android/hardware/security/keymint/SecurityLevel.h>
 #include <aidl/android/hardware/security/keymint/Tag.h>

 #include <keymaster/keymaster_enforcement.h>

 namespace aidl::android::hardware::security::keymint::km_utils {

 using ::ndk::ScopedAStatus;
 using std::vector;

 inline keymaster_tag_t legacy_enum_conversion(const Tag value) {
     return static_cast<keymaster_tag_t>(value);
 }

 inline Tag legacy_enum_conversion(const keymaster_tag_t value) {
     return static_cast<Tag>(value);
 }

 inline keymaster_purpose_t legacy_enum_conversion(const KeyPurpose value) {
     return static_cast<keymaster_purpose_t>(value);
 }

 inline keymaster_key_format_t legacy_enum_conversion(const KeyFormat value) {
     return static_cast<keymaster_key_format_t>(value);
 }

 inline SecurityLevel legacy_enum_conversion(const keymaster_security_level_t value) {
     return static_cast<SecurityLevel>(value);
 }

 inline hw_authenticator_type_t legacy_enum_conversion(const HardwareAuthenticatorType value) {
     return static_cast<hw_authenticator_type_t>(value);
 }

 inline ScopedAStatus kmError2ScopedAStatus(const keymaster_error_t value) {
     return (value == KM_ERROR_OK
                 ? ScopedAStatus::ok()
                 : ScopedAStatus(AStatus_fromServiceSpecificError(static_cast<int32_t>(value))));
 }

 inline keymaster_tag_type_t typeFromTag(const keymaster_tag_t tag) {
     return keymaster_tag_get_type(tag);
 }

 KeyParameter kmParam2Aidl(const keymaster_key_param_t& param);
 vector<KeyParameter> kmParamSet2Aidl(const keymaster_key_param_set_t& set);
 keymaster_key_param_set_t aidlKeyParams2Km(const vector<KeyParameter>& keyParams);

 class KmParamSet : public keymaster_key_param_set_t {
   public:
     explicit KmParamSet(const vector<KeyParameter>& keyParams)
         : keymaster_key_param_set_t(aidlKeyParams2Km(keyParams)) {}

     KmParamSet(KmParamSet&& other) : keymaster_key_param_set_t{other.params, other.length} {
         other.length = 0;
         other.params = nullptr;
     }

     KmParamSet(const KmParamSet&) = delete;
     ~KmParamSet() { keymaster_free_param_set(this); }
 };

 inline vector<uint8_t> kmBlob2vector(const keymaster_key_blob_t& blob) {
     vector<uint8_t> result(blob.key_material, blob.key_material + blob.key_material_size);
     return result;
 }

 inline vector<uint8_t> kmBlob2vector(const keymaster_blob_t& blob) {
     vector<uint8_t> result(blob.data, blob.data + blob.data_length);
     return result;
 }

 inline vector<uint8_t> kmBuffer2vector(const ::keymaster::Buffer& buf) {
     vector<uint8_t> result(buf.peek_read(), buf.peek_read() + buf.available_read());
     return result;
 }

 inline vector<Certificate> kmCertChain2Aidl(const keymaster_cert_chain_t& cert_chain) {
     vector<Certificate> result;
     if (!cert_chain.entry_count || !cert_chain.entries) return result;

     result.resize(cert_chain.entry_count);
     for (size_t i = 0; i < cert_chain.entry_count; ++i) {
         result[i].encodedCertificate = kmBlob2vector(cert_chain.entries[i]);
     }

     return result;
 }

 template <typename T, typename OutIter>
 inline OutIter copy_bytes_to_iterator(const T& value, OutIter dest) {
     const uint8_t* value_ptr = reinterpret_cast<const uint8_t*>(&value);
     return std::copy(value_ptr, value_ptr + sizeof(value), dest);
 }

 vector<uint8_t> authToken2AidlVec(const std::optional<HardwareAuthToken>& token);

 inline void addClientAndAppData(const vector<uint8_t>& clientId, const vector<uint8_t>& appData,
                                 ::keymaster::AuthorizationSet* params) {
     params->Clear();
     if (clientId.size()) {
         params->push_back(::keymaster::TAG_APPLICATION_ID, clientId.data(), clientId.size());
     }
     if (appData.size()) {
         params->push_back(::keymaster::TAG_APPLICATION_DATA, appData.data(), appData.size());
     }
 }

 }  // namespace aidl::android::hardware::security::keymint::km_utils
	/*
	* Copyright 2020, The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	#pragma once

	#include <aidl/android/hardware/security/keymint/Certificate.h>
	#include <aidl/android/hardware/security/keymint/HardwareAuthToken.h>
	#include <aidl/android/hardware/security/keymint/HardwareAuthenticatorType.h>
	#include <aidl/android/hardware/security/keymint/KeyFormat.h>
	#include <aidl/android/hardware/security/keymint/KeyParameter.h>
	#include <aidl/android/hardware/security/keymint/KeyPurpose.h>
	#include <aidl/android/hardware/security/keymint/SecurityLevel.h>
	#include <aidl/android/hardware/security/keymint/Tag.h>

	#include <keymaster/keymaster_enforcement.h>

	namespace aidl::android::hardware::security::keymint::km_utils {

	using ::ndk::ScopedAStatus;
	using std::vector;

	inline keymaster_tag_t legacy_enum_conversion(const Tag value) {
	return static_cast<keymaster_tag_t>(value);
	}

	inline Tag legacy_enum_conversion(const keymaster_tag_t value) {
	return static_cast<Tag>(value);
	}

	inline keymaster_purpose_t legacy_enum_conversion(const KeyPurpose value) {
	return static_cast<keymaster_purpose_t>(value);
	}

	inline keymaster_key_format_t legacy_enum_conversion(const KeyFormat value) {
	return static_cast<keymaster_key_format_t>(value);
	}

	inline SecurityLevel legacy_enum_conversion(const keymaster_security_level_t value) {
	return static_cast<SecurityLevel>(value);
	}

	inline hw_authenticator_type_t legacy_enum_conversion(const HardwareAuthenticatorType value) {
	return static_cast<hw_authenticator_type_t>(value);
	}

	inline ScopedAStatus kmError2ScopedAStatus(const keymaster_error_t value) {
	return (value == KM_ERROR_OK
	? ScopedAStatus::ok()
	: ScopedAStatus(AStatus_fromServiceSpecificError(static_cast<int32_t>(value))));
	}

	inline keymaster_tag_type_t typeFromTag(const keymaster_tag_t tag) {
	return keymaster_tag_get_type(tag);
	}

	KeyParameter kmParam2Aidl(const keymaster_key_param_t& param);
	vector<KeyParameter> kmParamSet2Aidl(const keymaster_key_param_set_t& set);
	keymaster_key_param_set_t aidlKeyParams2Km(const vector<KeyParameter>& keyParams);

	class KmParamSet : public keymaster_key_param_set_t {
	public:
	explicit KmParamSet(const vector<KeyParameter>& keyParams)
	: keymaster_key_param_set_t(aidlKeyParams2Km(keyParams)) {}

	KmParamSet(KmParamSet&& other) : keymaster_key_param_set_t{other.params, other.length} {
	other.length = 0;
	other.params = nullptr;
	}

	KmParamSet(const KmParamSet&) = delete;
	~KmParamSet() { keymaster_free_param_set(this); }
	};

	inline vector<uint8_t> kmBlob2vector(const keymaster_key_blob_t& blob) {
	vector<uint8_t> result(blob.key_material, blob.key_material + blob.key_material_size);
	return result;
	}

	inline vector<uint8_t> kmBlob2vector(const keymaster_blob_t& blob) {
	vector<uint8_t> result(blob.data, blob.data + blob.data_length);
	return result;
	}

	inline vector<uint8_t> kmBuffer2vector(const ::keymaster::Buffer& buf) {
	vector<uint8_t> result(buf.peek_read(), buf.peek_read() + buf.available_read());
	return result;
	}

	inline vector<Certificate> kmCertChain2Aidl(const keymaster_cert_chain_t& cert_chain) {
	vector<Certificate> result;
	if (!cert_chain.entry_count \|\| !cert_chain.entries) return result;

	result.resize(cert_chain.entry_count);
	for (size_t i = 0; i < cert_chain.entry_count; ++i) {
	result[i].encodedCertificate = kmBlob2vector(cert_chain.entries[i]);
	}

	return result;
	}

	template <typename T, typename OutIter>
	inline OutIter copy_bytes_to_iterator(const T& value, OutIter dest) {
	const uint8_t* value_ptr = reinterpret_cast<const uint8_t*>(&value);
	return std::copy(value_ptr, value_ptr + sizeof(value), dest);
	}

	vector<uint8_t> authToken2AidlVec(const std::optional<HardwareAuthToken>& token);

	inline void addClientAndAppData(const vector<uint8_t>& clientId, const vector<uint8_t>& appData,
	::keymaster::AuthorizationSet* params) {
	params->Clear();
	if (clientId.size()) {
	params->push_back(::keymaster::TAG_APPLICATION_ID, clientId.data(), clientId.size());
	}
	if (appData.size()) {
	params->push_back(::keymaster::TAG_APPLICATION_DATA, appData.data(), appData.size());
	}
	}

	} // namespace aidl::android::hardware::security::keymint::km_utils