Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2009 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | #include <stdio.h> |
| 18 | #include <stdint.h> |
| 19 | #include <string.h> |
| 20 | #include <sys/types.h> |
Dmitry Dementyev | a447b3c | 2017-10-27 23:09:53 -0700 | [diff] [blame] | 21 | #include <vector> |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 22 | |
Rob Barnes | bb6cabd | 2018-10-04 17:10:37 -0600 | [diff] [blame] | 23 | #include <android/security/keystore/IKeystoreService.h> |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 24 | #include <binder/IPCThreadState.h> |
| 25 | #include <binder/IServiceManager.h> |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 26 | |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 27 | #include <keystore/keystore.h> |
| 28 | |
| 29 | using namespace android; |
Janis Danisevskis | c7a9fa2 | 2016-10-13 18:43:45 +0100 | [diff] [blame] | 30 | using namespace keystore; |
Rob Barnes | bb6cabd | 2018-10-04 17:10:37 -0600 | [diff] [blame] | 31 | using android::security::keystore::IKeystoreService; |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 32 | |
| 33 | static const char* responses[] = { |
Yi Kong | e353f25 | 2018-07-30 01:38:39 -0700 | [diff] [blame] | 34 | nullptr, |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 35 | /* [NO_ERROR] = */ "No error", |
| 36 | /* [LOCKED] = */ "Locked", |
| 37 | /* [UNINITIALIZED] = */ "Uninitialized", |
| 38 | /* [SYSTEM_ERROR] = */ "System error", |
| 39 | /* [PROTOCOL_ERROR] = */ "Protocol error", |
| 40 | /* [PERMISSION_DENIED] = */ "Permission denied", |
| 41 | /* [KEY_NOT_FOUND] = */ "Key not found", |
| 42 | /* [VALUE_CORRUPTED] = */ "Value corrupted", |
| 43 | /* [UNDEFINED_ACTION] = */ "Undefined action", |
| 44 | /* [WRONG_PASSWORD] = */ "Wrong password (last chance)", |
| 45 | /* [WRONG_PASSWORD + 1] = */ "Wrong password (2 tries left)", |
| 46 | /* [WRONG_PASSWORD + 2] = */ "Wrong password (3 tries left)", |
| 47 | /* [WRONG_PASSWORD + 3] = */ "Wrong password (4 tries left)", |
| 48 | }; |
| 49 | |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 50 | #define SINGLE_ARG_INT_RETURN(cmd) \ |
| 51 | do { \ |
| 52 | if (strcmp(argv[1], #cmd) == 0) { \ |
| 53 | if (argc < 3) { \ |
| 54 | fprintf(stderr, "Usage: %s " #cmd " <name>\n", argv[0]); \ |
| 55 | return 1; \ |
| 56 | } \ |
Dmitry Dementyev | a447b3c | 2017-10-27 23:09:53 -0700 | [diff] [blame] | 57 | int32_t ret = -1; \ |
| 58 | service->cmd(String16(argv[2]), &ret); \ |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 59 | if (ret < 0) { \ |
| 60 | fprintf(stderr, "%s: could not connect: %d\n", argv[0], ret); \ |
| 61 | return 1; \ |
| 62 | } else { \ |
| 63 | printf(#cmd ": %s (%d)\n", responses[ret], ret); \ |
| 64 | return 0; \ |
| 65 | } \ |
| 66 | } \ |
| 67 | } while (0) |
| 68 | |
Chad Brubaker | 9443616 | 2015-05-12 15:18:26 -0700 | [diff] [blame] | 69 | #define SINGLE_INT_ARG_INT_RETURN(cmd) \ |
| 70 | do { \ |
| 71 | if (strcmp(argv[1], #cmd) == 0) { \ |
| 72 | if (argc < 3) { \ |
| 73 | fprintf(stderr, "Usage: %s " #cmd " <name>\n", argv[0]); \ |
| 74 | return 1; \ |
| 75 | } \ |
Dmitry Dementyev | a447b3c | 2017-10-27 23:09:53 -0700 | [diff] [blame] | 76 | int32_t ret = -1; \ |
| 77 | service->cmd(atoi(argv[2]), &ret); \ |
Chad Brubaker | 9443616 | 2015-05-12 15:18:26 -0700 | [diff] [blame] | 78 | if (ret < 0) { \ |
| 79 | fprintf(stderr, "%s: could not connect: %d\n", argv[0], ret); \ |
| 80 | return 1; \ |
| 81 | } else { \ |
| 82 | printf(#cmd ": %s (%d)\n", responses[ret], ret); \ |
| 83 | return 0; \ |
| 84 | } \ |
| 85 | } \ |
| 86 | } while (0) |
| 87 | |
Kenny Root | b88c3eb | 2013-02-13 14:43:43 -0800 | [diff] [blame] | 88 | #define SINGLE_ARG_PLUS_UID_INT_RETURN(cmd) \ |
| 89 | do { \ |
| 90 | if (strcmp(argv[1], #cmd) == 0) { \ |
| 91 | if (argc < 3) { \ |
| 92 | fprintf(stderr, "Usage: %s " #cmd " <name> <uid>\n", argv[0]); \ |
| 93 | return 1; \ |
| 94 | } \ |
| 95 | int uid = -1; \ |
| 96 | if (argc > 3) { \ |
| 97 | uid = atoi(argv[3]); \ |
| 98 | fprintf(stderr, "Running as uid %d\n", uid); \ |
| 99 | } \ |
Dmitry Dementyev | a447b3c | 2017-10-27 23:09:53 -0700 | [diff] [blame] | 100 | int32_t ret = -1; \ |
| 101 | service->cmd(String16(argv[2]), uid, &ret); \ |
Kenny Root | b88c3eb | 2013-02-13 14:43:43 -0800 | [diff] [blame] | 102 | if (ret < 0) { \ |
| 103 | fprintf(stderr, "%s: could not connect: %d\n", argv[0], ret); \ |
| 104 | return 1; \ |
| 105 | } else { \ |
| 106 | printf(#cmd ": %s (%d)\n", responses[ret], ret); \ |
| 107 | return 0; \ |
| 108 | } \ |
| 109 | } \ |
| 110 | } while (0) |
| 111 | |
Chad Brubaker | ad6a7f5 | 2015-09-09 14:55:22 -0700 | [diff] [blame] | 112 | #define SINGLE_ARG_PLUS_UID_DATA_RETURN(cmd) \ |
| 113 | do { \ |
| 114 | if (strcmp(argv[1], #cmd) == 0) { \ |
| 115 | if (argc < 3) { \ |
| 116 | fprintf(stderr, "Usage: %s " #cmd " <name> <uid>\n", argv[0]); \ |
| 117 | return 1; \ |
| 118 | } \ |
Dmitry Dementyev | a447b3c | 2017-10-27 23:09:53 -0700 | [diff] [blame] | 119 | std::vector<uint8_t> data; \ |
Chad Brubaker | ad6a7f5 | 2015-09-09 14:55:22 -0700 | [diff] [blame] | 120 | int uid = -1; \ |
| 121 | if (argc > 3) { \ |
| 122 | uid = atoi(argv[3]); \ |
| 123 | fprintf(stderr, "Running as uid %d\n", uid); \ |
| 124 | } \ |
Dmitry Dementyev | a447b3c | 2017-10-27 23:09:53 -0700 | [diff] [blame] | 125 | ::android::binder::Status ret = service->cmd(String16(argv[2]), uid, &data); \ |
| 126 | if (!ret.isOk()) { \ |
| 127 | fprintf(stderr, "Exception code: %d\n", ret.exceptionCode()); \ |
Chad Brubaker | ad6a7f5 | 2015-09-09 14:55:22 -0700 | [diff] [blame] | 128 | return 1; \ |
| 129 | } else { \ |
Janis Danisevskis | c7a9fa2 | 2016-10-13 18:43:45 +0100 | [diff] [blame] | 130 | fwrite(&data[0], data.size(), 1, stdout); \ |
Chad Brubaker | ad6a7f5 | 2015-09-09 14:55:22 -0700 | [diff] [blame] | 131 | fflush(stdout); \ |
Chad Brubaker | ad6a7f5 | 2015-09-09 14:55:22 -0700 | [diff] [blame] | 132 | return 0; \ |
| 133 | } \ |
| 134 | } \ |
| 135 | } while (0) |
| 136 | |
Dmitry Dementyev | a447b3c | 2017-10-27 23:09:53 -0700 | [diff] [blame] | 137 | #define STRING_ARG_DATA_STDIN_INT_RETURN(cmd) \ |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 138 | do { \ |
| 139 | if (strcmp(argv[1], #cmd) == 0) { \ |
| 140 | if (argc < 3) { \ |
| 141 | fprintf(stderr, "Usage: %s " #cmd " <name>\n", argv[0]); \ |
| 142 | return 1; \ |
| 143 | } \ |
| 144 | uint8_t* data; \ |
| 145 | size_t dataSize; \ |
| 146 | read_input(&data, &dataSize); \ |
Dmitry Dementyev | a447b3c | 2017-10-27 23:09:53 -0700 | [diff] [blame] | 147 | int32_t ret = -1; \ |
| 148 | service->cmd(String16(argv[2]), data, dataSize, &ret); \ |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 149 | if (ret < 0) { \ |
| 150 | fprintf(stderr, "%s: could not connect: %d\n", argv[0], ret); \ |
| 151 | return 1; \ |
| 152 | } else { \ |
| 153 | printf(#cmd ": %s (%d)\n", responses[ret], ret); \ |
| 154 | return 0; \ |
| 155 | } \ |
| 156 | } \ |
| 157 | } while (0) |
| 158 | |
| 159 | #define SINGLE_ARG_DATA_RETURN(cmd) \ |
| 160 | do { \ |
| 161 | if (strcmp(argv[1], #cmd) == 0) { \ |
| 162 | if (argc < 3) { \ |
| 163 | fprintf(stderr, "Usage: %s " #cmd " <name>\n", argv[0]); \ |
| 164 | return 1; \ |
| 165 | } \ |
Dmitry Dementyev | a447b3c | 2017-10-27 23:09:53 -0700 | [diff] [blame] | 166 | std::vector<uint8_t> data; \ |
| 167 | ::android::binder::Status ret = service->cmd(String16(argv[2]), &data); \ |
| 168 | if (!ret.isOk()) { \ |
| 169 | fprintf(stderr, "Exception code: %d\n", ret.exceptionCode()); \ |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 170 | return 1; \ |
| 171 | } else { \ |
Janis Danisevskis | c7a9fa2 | 2016-10-13 18:43:45 +0100 | [diff] [blame] | 172 | fwrite(&data[0], data.size(), 1, stdout); \ |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 173 | fflush(stdout); \ |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 174 | return 0; \ |
| 175 | } \ |
| 176 | } \ |
| 177 | } while (0) |
| 178 | |
Chih-Hung Hsieh | 24b2a39 | 2016-07-28 10:35:24 -0700 | [diff] [blame] | 179 | static int list(const sp<IKeystoreService>& service, const String16& name, int uid) { |
Dmitry Dementyev | a447b3c | 2017-10-27 23:09:53 -0700 | [diff] [blame] | 180 | std::vector<String16> matches; |
| 181 | ::android::binder::Status ret = service->list(name, uid, &matches); |
| 182 | |
| 183 | if (!ret.isOk()) { |
| 184 | fprintf(stderr, "list: exception (%d)\n", ret.exceptionCode()); |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 185 | return 1; |
| 186 | } else { |
Dmitry Dementyev | a447b3c | 2017-10-27 23:09:53 -0700 | [diff] [blame] | 187 | std::vector<String16>::const_iterator it = matches.begin(); |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 188 | for (; it != matches.end(); ++it) { |
| 189 | printf("%s\n", String8(*it).string()); |
| 190 | } |
| 191 | return 0; |
| 192 | } |
| 193 | } |
| 194 | |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 195 | int main(int argc, char* argv[]) |
| 196 | { |
| 197 | if (argc < 2) { |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 198 | fprintf(stderr, "Usage: %s action [parameter ...]\n", argv[0]); |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 199 | return 1; |
| 200 | } |
| 201 | |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 202 | sp<IServiceManager> sm = defaultServiceManager(); |
| 203 | sp<IBinder> binder = sm->getService(String16("android.security.keystore")); |
| 204 | sp<IKeystoreService> service = interface_cast<IKeystoreService>(binder); |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 205 | |
Yi Kong | e353f25 | 2018-07-30 01:38:39 -0700 | [diff] [blame] | 206 | if (service == nullptr) { |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 207 | fprintf(stderr, "%s: error: could not connect to keystore service\n", argv[0]); |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 208 | return 1; |
| 209 | } |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 210 | |
| 211 | /* |
| 212 | * All the commands should return a value |
| 213 | */ |
| 214 | |
Chad Brubaker | 9443616 | 2015-05-12 15:18:26 -0700 | [diff] [blame] | 215 | SINGLE_INT_ARG_INT_RETURN(getState); |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 216 | |
Chad Brubaker | ad6a7f5 | 2015-09-09 14:55:22 -0700 | [diff] [blame] | 217 | SINGLE_ARG_PLUS_UID_DATA_RETURN(get); |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 218 | |
| 219 | // TODO: insert |
| 220 | |
Kenny Root | b88c3eb | 2013-02-13 14:43:43 -0800 | [diff] [blame] | 221 | SINGLE_ARG_PLUS_UID_INT_RETURN(del); |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 222 | |
Kenny Root | b88c3eb | 2013-02-13 14:43:43 -0800 | [diff] [blame] | 223 | SINGLE_ARG_PLUS_UID_INT_RETURN(exist); |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 224 | |
Chad Brubaker | 9443616 | 2015-05-12 15:18:26 -0700 | [diff] [blame] | 225 | if (strcmp(argv[1], "list") == 0) { |
| 226 | return list(service, argc < 3 ? String16("") : String16(argv[2]), |
Kenny Root | b88c3eb | 2013-02-13 14:43:43 -0800 | [diff] [blame] | 227 | argc < 4 ? -1 : atoi(argv[3])); |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 228 | } |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 229 | |
Chad Brubaker | eecdd12 | 2015-05-07 10:19:40 -0700 | [diff] [blame] | 230 | // TODO: notifyUserPasswordChanged |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 231 | |
Chad Brubaker | 9443616 | 2015-05-12 15:18:26 -0700 | [diff] [blame] | 232 | SINGLE_INT_ARG_INT_RETURN(lock); |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 233 | |
Chad Brubaker | eecdd12 | 2015-05-07 10:19:40 -0700 | [diff] [blame] | 234 | // TODO: unlock |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 235 | |
Chad Brubaker | 9443616 | 2015-05-12 15:18:26 -0700 | [diff] [blame] | 236 | SINGLE_INT_ARG_INT_RETURN(isEmpty); |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 237 | |
Kenny Root | 0c540aa | 2013-04-03 09:22:15 -0700 | [diff] [blame] | 238 | // TODO: generate |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 239 | |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 240 | // TODO: grant |
| 241 | |
| 242 | // TODO: ungrant |
| 243 | |
| 244 | // TODO: getmtime |
| 245 | |
| 246 | fprintf(stderr, "%s: unknown command: %s\n", argv[0], argv[1]); |
| 247 | return 1; |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 248 | } |