blob: b6656895c77e129afb22b74d400d56e80cd54ca4 [file] [log] [blame]
Shawn Willden7d339812018-01-18 15:36:46 -07001/*
2 **
3 ** Copyright 2017, The Android Open Source Project
4 **
5 ** Licensed under the Apache License, Version 2.0 (the "License");
6 ** you may not use this file except in compliance with the License.
7 ** You may obtain a copy of the License at
8 **
9 ** http://www.apache.org/licenses/LICENSE-2.0
10 **
11 ** Unless required by applicable law or agreed to in writing, software
12 ** distributed under the License is distributed on an "AS IS" BASIS,
13 ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 ** See the License for the specific language governing permissions and
15 ** limitations under the License.
16 */
17
Shawn Willden3d035b92020-01-16 13:07:36 -070018#include <keymasterV4_1/Keymaster3.h>
Shawn Willden7d339812018-01-18 15:36:46 -070019
20#include <android-base/logging.h>
Shawn Willden98b998b2018-01-20 11:48:53 -070021#include <keymasterV4_0/keymaster_utils.h>
Shawn Willden7d339812018-01-18 15:36:46 -070022
Shawn Willden3d035b92020-01-16 13:07:36 -070023namespace android::hardware::keymaster::V4_1::support {
Shawn Willden7d339812018-01-18 15:36:46 -070024
25using android::hardware::details::StatusOf;
26
27namespace {
28
Shawn Willden3d035b92020-01-16 13:07:36 -070029V4_0::ErrorCode convert(V3_0::ErrorCode error) {
30 return static_cast<V4_0::ErrorCode>(error);
Shawn Willden7d339812018-01-18 15:36:46 -070031}
32
33V3_0::KeyPurpose convert(KeyPurpose purpose) {
34 return static_cast<V3_0::KeyPurpose>(purpose);
35}
36
37V3_0::KeyFormat convert(KeyFormat purpose) {
38 return static_cast<V3_0::KeyFormat>(purpose);
39}
40
41V3_0::KeyParameter convert(const KeyParameter& param) {
42 V3_0::KeyParameter converted;
43 converted.tag = static_cast<V3_0::Tag>(param.tag);
44 static_assert(sizeof(converted.f) == sizeof(param.f), "This function assumes sizes match");
45 memcpy(&converted.f, &param.f, sizeof(param.f));
46 converted.blob = param.blob;
47 return converted;
48}
49
50KeyParameter convert(const V3_0::KeyParameter& param) {
51 KeyParameter converted;
Shawn Willden3d035b92020-01-16 13:07:36 -070052 converted.tag = static_cast<V4_0::Tag>(param.tag);
Shawn Willden7d339812018-01-18 15:36:46 -070053 static_assert(sizeof(converted.f) == sizeof(param.f), "This function assumes sizes match");
54 memcpy(&converted.f, &param.f, sizeof(param.f));
55 converted.blob = param.blob;
56 return converted;
57}
58
59hidl_vec<V3_0::KeyParameter> convert(const hidl_vec<KeyParameter>& params) {
Brian Young1ae66d82018-03-29 16:36:22 +000060 hidl_vec<V3_0::KeyParameter> converted(params.size());
61 for (size_t i = 0; i < params.size(); ++i) {
62 converted[i] = convert(params[i]);
Shawn Willden7d339812018-01-18 15:36:46 -070063 }
64 return converted;
65}
66
67hidl_vec<KeyParameter> convert(const hidl_vec<V3_0::KeyParameter>& params) {
68 hidl_vec<KeyParameter> converted(params.size());
69 for (size_t i = 0; i < params.size(); ++i) {
70 converted[i] = convert(params[i]);
71 }
72 return converted;
73}
74
75template <typename T, typename OutIter>
76inline static OutIter copy_bytes_to_iterator(const T& value, OutIter dest) {
77 const uint8_t* value_ptr = reinterpret_cast<const uint8_t*>(&value);
78 return std::copy(value_ptr, value_ptr + sizeof(value), dest);
79}
80
Shawn Willden7d339812018-01-18 15:36:46 -070081hidl_vec<V3_0::KeyParameter> convertAndAddAuthToken(const hidl_vec<KeyParameter>& params,
82 const HardwareAuthToken& authToken) {
83 hidl_vec<V3_0::KeyParameter> converted(params.size() + 1);
84 for (size_t i = 0; i < params.size(); ++i) {
85 converted[i] = convert(params[i]);
86 }
87 converted[params.size()].tag = V3_0::Tag::AUTH_TOKEN;
Shawn Willden3d035b92020-01-16 13:07:36 -070088 converted[params.size()].blob = V4_0::support::authToken2HidlVec(authToken);
Shawn Willden7d339812018-01-18 15:36:46 -070089
90 return converted;
91}
92
93KeyCharacteristics convert(const V3_0::KeyCharacteristics& chars) {
94 KeyCharacteristics converted;
95 converted.hardwareEnforced = convert(chars.teeEnforced);
96 converted.softwareEnforced = convert(chars.softwareEnforced);
97 return converted;
98}
99
100} // namespace
101
102void Keymaster3::getVersionIfNeeded() {
103 if (haveVersion_) return;
104
105 auto rc = km3_dev_->getHardwareFeatures(
Shawn Willden3d035b92020-01-16 13:07:36 -0700106 [&](bool isSecure, bool supportsEllipticCurve, bool supportsSymmetricCryptography,
107 bool supportsAttestation, bool supportsAllDigests, const hidl_string& keymasterName,
108 const hidl_string& keymasterAuthorName) {
109 version_ = {keymasterName,
110 keymasterAuthorName,
111 0 /* major version, filled below */,
112 0 /* minor version */,
113 isSecure ? SecurityLevel::TRUSTED_ENVIRONMENT : SecurityLevel::SOFTWARE,
114 supportsEllipticCurve};
115 supportsSymmetricCryptography_ = supportsSymmetricCryptography;
116 supportsAttestation_ = supportsAttestation;
117 supportsAllDigests_ = supportsAllDigests;
118 });
Shawn Willden7d339812018-01-18 15:36:46 -0700119
120 CHECK(rc.isOk()) << "Got error " << rc.description() << " trying to get hardware features";
121
Shawn Willden98b998b2018-01-20 11:48:53 -0700122 if (version_.securityLevel == SecurityLevel::SOFTWARE) {
123 version_.majorVersion = 3;
Shawn Willden7d339812018-01-18 15:36:46 -0700124 } else if (supportsAttestation_) {
Shawn Willden98b998b2018-01-20 11:48:53 -0700125 version_.majorVersion = 3; // Could be 2, doesn't matter.
Shawn Willden7d339812018-01-18 15:36:46 -0700126 } else if (supportsSymmetricCryptography_) {
Shawn Willden98b998b2018-01-20 11:48:53 -0700127 version_.majorVersion = 1;
Shawn Willden7d339812018-01-18 15:36:46 -0700128 } else {
Shawn Willden98b998b2018-01-20 11:48:53 -0700129 version_.majorVersion = 0;
Shawn Willden7d339812018-01-18 15:36:46 -0700130 }
131}
132
Shawn Willden7d339812018-01-18 15:36:46 -0700133Return<void> Keymaster3::getHardwareInfo(Keymaster3::getHardwareInfo_cb _hidl_cb) {
134 getVersionIfNeeded();
Shawn Willden98b998b2018-01-20 11:48:53 -0700135 _hidl_cb(version_.securityLevel,
136 std::string(version_.keymasterName) + " (wrapped by keystore::Keymaster3)",
137 version_.authorName);
Shawn Willden7d339812018-01-18 15:36:46 -0700138 return Void();
139}
140
Shawn Willden3d035b92020-01-16 13:07:36 -0700141Return<V4_0::ErrorCode> Keymaster3::addRngEntropy(const hidl_vec<uint8_t>& data) {
Shawn Willden7d339812018-01-18 15:36:46 -0700142 auto rc = km3_dev_->addRngEntropy(data);
143 if (!rc.isOk()) {
Shawn Willden3d035b92020-01-16 13:07:36 -0700144 return StatusOf<V3_0::ErrorCode, V4_0::ErrorCode>(rc);
Shawn Willden7d339812018-01-18 15:36:46 -0700145 }
146 return convert(rc);
147}
148
149Return<void> Keymaster3::generateKey(const hidl_vec<KeyParameter>& keyParams,
150 generateKey_cb _hidl_cb) {
151 auto cb = [&](V3_0::ErrorCode error, const hidl_vec<uint8_t>& keyBlob,
152 const V3_0::KeyCharacteristics& characteristics) {
153 _hidl_cb(convert(error), keyBlob, convert(characteristics));
154 };
155 auto rc = km3_dev_->generateKey(convert(keyParams), cb);
156 rc.isOk(); // move ctor prereq
157 return rc;
158}
159
160Return<void> Keymaster3::getKeyCharacteristics(const hidl_vec<uint8_t>& keyBlob,
161 const hidl_vec<uint8_t>& clientId,
162 const hidl_vec<uint8_t>& appData,
163 getKeyCharacteristics_cb _hidl_cb) {
164 auto cb = [&](V3_0::ErrorCode error, const V3_0::KeyCharacteristics& chars) {
165 _hidl_cb(convert(error), convert(chars));
166 };
167
168 auto rc = km3_dev_->getKeyCharacteristics(keyBlob, clientId, appData, cb);
169 rc.isOk(); // move ctor prereq
170 return rc;
171}
172
173Return<void> Keymaster3::importKey(const hidl_vec<KeyParameter>& params, KeyFormat keyFormat,
174 const hidl_vec<uint8_t>& keyData, importKey_cb _hidl_cb) {
175 auto cb = [&](V3_0::ErrorCode error, const hidl_vec<uint8_t>& keyBlob,
176 const V3_0::KeyCharacteristics& chars) {
177 _hidl_cb(convert(error), keyBlob, convert(chars));
178 };
179 auto rc = km3_dev_->importKey(convert(params), convert(keyFormat), keyData, cb);
180 rc.isOk(); // move ctor prereq
181 return rc;
182}
183
184Return<void> Keymaster3::exportKey(KeyFormat exportFormat, const hidl_vec<uint8_t>& keyBlob,
185 const hidl_vec<uint8_t>& clientId,
186 const hidl_vec<uint8_t>& appData, exportKey_cb _hidl_cb) {
187 auto cb = [&](V3_0::ErrorCode error, const hidl_vec<uint8_t>& keyMaterial) {
188 _hidl_cb(convert(error), keyMaterial);
189 };
190 auto rc = km3_dev_->exportKey(convert(exportFormat), keyBlob, clientId, appData, cb);
191 rc.isOk(); // move ctor prereq
192 return rc;
193}
194
195Return<void> Keymaster3::attestKey(const hidl_vec<uint8_t>& keyToAttest,
196 const hidl_vec<KeyParameter>& attestParams,
197 attestKey_cb _hidl_cb) {
198 auto cb = [&](V3_0::ErrorCode error, const hidl_vec<hidl_vec<uint8_t>>& certChain) {
199 _hidl_cb(convert(error), certChain);
200 };
201 auto rc = km3_dev_->attestKey(keyToAttest, convert(attestParams), cb);
202 rc.isOk(); // move ctor prereq
203 return rc;
204}
205
206Return<void> Keymaster3::upgradeKey(const hidl_vec<uint8_t>& keyBlobToUpgrade,
207 const hidl_vec<KeyParameter>& upgradeParams,
208 upgradeKey_cb _hidl_cb) {
209 auto cb = [&](V3_0::ErrorCode error, const hidl_vec<uint8_t>& upgradedKeyBlob) {
210 _hidl_cb(convert(error), upgradedKeyBlob);
211 };
212 auto rc = km3_dev_->upgradeKey(keyBlobToUpgrade, convert(upgradeParams), cb);
213 rc.isOk(); // move ctor prereq
214 return rc;
215}
216
Shawn Willden3d035b92020-01-16 13:07:36 -0700217Return<V4_0::ErrorCode> Keymaster3::deleteKey(const hidl_vec<uint8_t>& keyBlob) {
Shawn Willden7d339812018-01-18 15:36:46 -0700218 auto rc = km3_dev_->deleteKey(keyBlob);
Shawn Willden3d035b92020-01-16 13:07:36 -0700219 if (!rc.isOk()) return StatusOf<V3_0::ErrorCode, V4_0::ErrorCode>(rc);
Shawn Willden7d339812018-01-18 15:36:46 -0700220 return convert(rc);
221}
222
Shawn Willden3d035b92020-01-16 13:07:36 -0700223Return<V4_0::ErrorCode> Keymaster3::deleteAllKeys() {
Shawn Willden7d339812018-01-18 15:36:46 -0700224 auto rc = km3_dev_->deleteAllKeys();
Shawn Willden3d035b92020-01-16 13:07:36 -0700225 if (!rc.isOk()) return StatusOf<V3_0::ErrorCode, V4_0::ErrorCode>(rc);
Shawn Willden7d339812018-01-18 15:36:46 -0700226 return convert(rc);
227}
228
Shawn Willden3d035b92020-01-16 13:07:36 -0700229Return<V4_0::ErrorCode> Keymaster3::destroyAttestationIds() {
Shawn Willden7d339812018-01-18 15:36:46 -0700230 auto rc = km3_dev_->destroyAttestationIds();
Shawn Willden3d035b92020-01-16 13:07:36 -0700231 if (!rc.isOk()) return StatusOf<V3_0::ErrorCode, V4_0::ErrorCode>(rc);
Shawn Willden7d339812018-01-18 15:36:46 -0700232 return convert(rc);
233}
234
235Return<void> Keymaster3::begin(KeyPurpose purpose, const hidl_vec<uint8_t>& key,
236 const hidl_vec<KeyParameter>& inParams,
237 const HardwareAuthToken& authToken, begin_cb _hidl_cb) {
238 auto cb = [&](V3_0::ErrorCode error, const hidl_vec<V3_0::KeyParameter>& outParams,
239 OperationHandle operationHandle) {
240 _hidl_cb(convert(error), convert(outParams), operationHandle);
241 };
242
243 auto rc =
Shawn Willden3d035b92020-01-16 13:07:36 -0700244 km3_dev_->begin(convert(purpose), key, convertAndAddAuthToken(inParams, authToken), cb);
Shawn Willden7d339812018-01-18 15:36:46 -0700245 rc.isOk(); // move ctor prereq
246 return rc;
247}
248
249Return<void> Keymaster3::update(uint64_t operationHandle, const hidl_vec<KeyParameter>& inParams,
250 const hidl_vec<uint8_t>& input, const HardwareAuthToken& authToken,
251 const VerificationToken& /* verificationToken */,
252 update_cb _hidl_cb) {
253 auto cb = [&](V3_0::ErrorCode error, uint32_t inputConsumed,
254 const hidl_vec<V3_0::KeyParameter>& outParams, const hidl_vec<uint8_t>& output) {
255 _hidl_cb(convert(error), inputConsumed, convert(outParams), output);
256 };
257
Shawn Willden3d035b92020-01-16 13:07:36 -0700258 auto rc = km3_dev_->update(operationHandle, convertAndAddAuthToken(inParams, authToken), input,
259 cb);
Shawn Willden7d339812018-01-18 15:36:46 -0700260 rc.isOk(); // move ctor prereq
261 return rc;
262}
263
264Return<void> Keymaster3::finish(uint64_t operationHandle, const hidl_vec<KeyParameter>& inParams,
265 const hidl_vec<uint8_t>& input, const hidl_vec<uint8_t>& signature,
266 const HardwareAuthToken& authToken,
267 const VerificationToken& /* verificationToken */,
268 finish_cb _hidl_cb) {
269 auto cb = [&](V3_0::ErrorCode error, const hidl_vec<V3_0::KeyParameter>& outParams,
270 const hidl_vec<uint8_t>& output) {
271 _hidl_cb(convert(error), convert(outParams), output);
272 };
273
274 auto rc = km3_dev_->finish(operationHandle, convertAndAddAuthToken(inParams, authToken), input,
275 signature, cb);
276 rc.isOk(); // move ctor prereq
277 return rc;
278}
279
Shawn Willden3d035b92020-01-16 13:07:36 -0700280Return<V4_0::ErrorCode> Keymaster3::abort(uint64_t operationHandle) {
Shawn Willden7d339812018-01-18 15:36:46 -0700281 auto rc = km3_dev_->abort(operationHandle);
Shawn Willden3d035b92020-01-16 13:07:36 -0700282 if (!rc.isOk()) return StatusOf<V3_0::ErrorCode, V4_0::ErrorCode>(rc);
Shawn Willden7d339812018-01-18 15:36:46 -0700283 return convert(rc);
284}
285
Shawn Willden3d035b92020-01-16 13:07:36 -0700286} // namespace android::hardware::keymaster::V4_1::support