Chad Brubaker | 40a1a9b | 2015-02-20 14:08:13 -0800 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2015 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | #ifndef KEYSTORE_OPERATION_H_ |
| 18 | #define KEYSTORE_OPERATION_H_ |
| 19 | |
Chad Brubaker | 0cf34a2 | 2015-04-23 11:06:16 -0700 | [diff] [blame] | 20 | #include <hardware/hw_auth_token.h> |
Shawn Willden | 715d023 | 2016-01-21 00:45:13 -0700 | [diff] [blame] | 21 | #include <hardware/keymaster2.h> |
Chad Brubaker | 40a1a9b | 2015-02-20 14:08:13 -0800 | [diff] [blame] | 22 | #include <binder/Binder.h> |
| 23 | #include <binder/IBinder.h> |
| 24 | #include <utils/LruCache.h> |
| 25 | #include <utils/StrongPointer.h> |
| 26 | #include <map> |
| 27 | #include <vector> |
| 28 | |
| 29 | namespace android { |
| 30 | |
Chad Brubaker | ad6514a | 2015-04-09 14:00:26 -0700 | [diff] [blame] | 31 | struct keymaster_key_characteristics_t_Delete { |
| 32 | void operator()(keymaster_key_characteristics_t* characteristics) const { |
| 33 | keymaster_free_characteristics(characteristics); |
| 34 | delete characteristics; |
| 35 | } |
| 36 | }; |
| 37 | typedef std::unique_ptr<keymaster_key_characteristics_t, keymaster_key_characteristics_t_Delete> |
| 38 | Unique_keymaster_key_characteristics; |
| 39 | |
Chad Brubaker | 40a1a9b | 2015-02-20 14:08:13 -0800 | [diff] [blame] | 40 | /** |
| 41 | * OperationMap handles the translation of keymaster_operation_handle_t's and |
Shawn Willden | 715d023 | 2016-01-21 00:45:13 -0700 | [diff] [blame] | 42 | * keymaster2_device_t's to opaque binder tokens that can be used to reference |
Chad Brubaker | 40a1a9b | 2015-02-20 14:08:13 -0800 | [diff] [blame] | 43 | * that operation at a later time by applications. It also does LRU tracking |
| 44 | * for operation pruning and keeps a mapping of clients to operations to allow |
| 45 | * for graceful handling of application death. |
| 46 | */ |
| 47 | class OperationMap { |
| 48 | public: |
| 49 | OperationMap(IBinder::DeathRecipient* deathRecipient); |
Shawn Willden | 9221bff | 2015-06-18 18:23:54 -0600 | [diff] [blame] | 50 | sp<IBinder> addOperation(keymaster_operation_handle_t handle, uint64_t keyid, |
Shawn Willden | 715d023 | 2016-01-21 00:45:13 -0700 | [diff] [blame] | 51 | keymaster_purpose_t purpose, const keymaster2_device_t* dev, |
Shawn Willden | 9221bff | 2015-06-18 18:23:54 -0600 | [diff] [blame] | 52 | sp<IBinder> appToken, keymaster_key_characteristics_t* characteristics, |
| 53 | bool pruneable); |
Chad Brubaker | 40a1a9b | 2015-02-20 14:08:13 -0800 | [diff] [blame] | 54 | bool getOperation(sp<IBinder> token, keymaster_operation_handle_t* outHandle, |
Shawn Willden | 9221bff | 2015-06-18 18:23:54 -0600 | [diff] [blame] | 55 | uint64_t* outKeyid, keymaster_purpose_t* outPurpose, |
Shawn Willden | 715d023 | 2016-01-21 00:45:13 -0700 | [diff] [blame] | 56 | const keymaster2_device_t** outDev, |
Chad Brubaker | ad6514a | 2015-04-09 14:00:26 -0700 | [diff] [blame] | 57 | const keymaster_key_characteristics_t** outCharacteristics); |
Chad Brubaker | 40a1a9b | 2015-02-20 14:08:13 -0800 | [diff] [blame] | 58 | bool removeOperation(sp<IBinder> token); |
Alex Klyubin | 700c1a3 | 2015-06-23 15:21:51 -0700 | [diff] [blame] | 59 | bool hasPruneableOperation() const; |
Shawn Willden | 447095f | 2015-10-30 10:05:43 -0600 | [diff] [blame] | 60 | size_t getOperationCount() const { return mMap.size(); } |
Alex Klyubin | 700c1a3 | 2015-06-23 15:21:51 -0700 | [diff] [blame] | 61 | size_t getPruneableOperationCount() const; |
Chad Brubaker | 0cf34a2 | 2015-04-23 11:06:16 -0700 | [diff] [blame] | 62 | bool getOperationAuthToken(sp<IBinder> token, const hw_auth_token_t** outToken); |
| 63 | bool setOperationAuthToken(sp<IBinder> token, const hw_auth_token_t* authToken); |
Chad Brubaker | 40a1a9b | 2015-02-20 14:08:13 -0800 | [diff] [blame] | 64 | sp<IBinder> getOldestPruneableOperation(); |
| 65 | std::vector<sp<IBinder>> getOperationsForToken(sp<IBinder> appToken); |
| 66 | |
| 67 | private: |
| 68 | void updateLru(sp<IBinder> token); |
| 69 | void removeOperationTracking(sp<IBinder> token, sp<IBinder> appToken); |
| 70 | struct Operation { |
| 71 | Operation(); |
Shawn Willden | 9221bff | 2015-06-18 18:23:54 -0600 | [diff] [blame] | 72 | Operation(keymaster_operation_handle_t handle, uint64_t keyid, keymaster_purpose_t purpose, |
Shawn Willden | 715d023 | 2016-01-21 00:45:13 -0700 | [diff] [blame] | 73 | const keymaster2_device_t* device, |
Chad Brubaker | ad6514a | 2015-04-09 14:00:26 -0700 | [diff] [blame] | 74 | keymaster_key_characteristics_t* characteristics, sp<IBinder> appToken); |
Chad Brubaker | 40a1a9b | 2015-02-20 14:08:13 -0800 | [diff] [blame] | 75 | keymaster_operation_handle_t handle; |
Shawn Willden | 9221bff | 2015-06-18 18:23:54 -0600 | [diff] [blame] | 76 | uint64_t keyid; |
Shawn Willden | b2ffa42 | 2015-06-17 12:18:55 -0600 | [diff] [blame] | 77 | keymaster_purpose_t purpose; |
Shawn Willden | 715d023 | 2016-01-21 00:45:13 -0700 | [diff] [blame] | 78 | const keymaster2_device_t* device; |
Chad Brubaker | ad6514a | 2015-04-09 14:00:26 -0700 | [diff] [blame] | 79 | Unique_keymaster_key_characteristics characteristics; |
Chad Brubaker | 40a1a9b | 2015-02-20 14:08:13 -0800 | [diff] [blame] | 80 | sp<IBinder> appToken; |
Chad Brubaker | 999f1b0 | 2015-06-02 14:32:59 -0700 | [diff] [blame] | 81 | std::unique_ptr<hw_auth_token_t> authToken; |
Chad Brubaker | 40a1a9b | 2015-02-20 14:08:13 -0800 | [diff] [blame] | 82 | }; |
| 83 | std::map<sp<IBinder>, struct Operation> mMap; |
| 84 | std::vector<sp<IBinder>> mLru; |
| 85 | std::map<sp<IBinder>, std::vector<sp<IBinder>>> mAppTokenMap; |
| 86 | IBinder::DeathRecipient* mDeathRecipient; |
| 87 | }; |
| 88 | } // namespace android |
| 89 | #endif |