Revert "Revise KeymasterMessage versioning system"
Revert "Revise KeymasterMessage versioning system"
Revert "Revise KeymasterMessage versioning system"
Revert "Add new message versioning protocol"
Revert submission 1533821-new_km_versioning
Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.googleplex.com/builds/quarterdeck?branch=git_master&target=adt3-userdebug&lkgb=7064747&lkbb=7064769&fkbb=7064769, bug 176867651
Reverted Changes:
I040fe7f62:Revise KeymasterMessage versioning system
Ibea104c39:Revise KeymasterMessage versioning system
Ibea104c39:Revise KeymasterMessage versioning system
I425fb45fc:Add new message versioning protocol
Change-Id: I1569334c59cb62be6aae4a42ce999f40c7a472de
BUG: 176867651
diff --git a/trusty/keymaster/3.0/TrustyKeymaster3Device.cpp b/trusty/keymaster/3.0/TrustyKeymaster3Device.cpp
index 7184e4d..98cbcc3 100644
--- a/trusty/keymaster/3.0/TrustyKeymaster3Device.cpp
+++ b/trusty/keymaster/3.0/TrustyKeymaster3Device.cpp
@@ -221,10 +221,10 @@
Return<ErrorCode> TrustyKeymaster3Device::addRngEntropy(const hidl_vec<uint8_t>& data) {
if (data.size() == 0) return ErrorCode::OK;
- AddEntropyRequest request(impl_->message_version());
+ AddEntropyRequest request;
request.random_data.Reinitialize(data.data(), data.size());
- AddEntropyResponse response(impl_->message_version());
+ AddEntropyResponse response;
impl_->AddRngEntropy(request, &response);
return legacy_enum_conversion(response.error);
@@ -232,10 +232,10 @@
Return<void> TrustyKeymaster3Device::generateKey(const hidl_vec<KeyParameter>& keyParams,
generateKey_cb _hidl_cb) {
- GenerateKeyRequest request(impl_->message_version());
+ GenerateKeyRequest request;
request.key_description.Reinitialize(KmParamSet(keyParams));
- GenerateKeyResponse response(impl_->message_version());
+ GenerateKeyResponse response;
impl_->GenerateKey(request, &response);
KeyCharacteristics resultCharacteristics;
@@ -253,11 +253,11 @@
const hidl_vec<uint8_t>& clientId,
const hidl_vec<uint8_t>& appData,
getKeyCharacteristics_cb _hidl_cb) {
- GetKeyCharacteristicsRequest request(impl_->message_version());
+ GetKeyCharacteristicsRequest request;
request.SetKeyMaterial(keyBlob.data(), keyBlob.size());
addClientAndAppData(clientId, appData, &request.additional_params);
- GetKeyCharacteristicsResponse response(impl_->message_version());
+ GetKeyCharacteristicsResponse response;
impl_->GetKeyCharacteristics(request, &response);
KeyCharacteristics resultCharacteristics;
@@ -273,12 +273,12 @@
KeyFormat keyFormat,
const hidl_vec<uint8_t>& keyData,
importKey_cb _hidl_cb) {
- ImportKeyRequest request(impl_->message_version());
+ ImportKeyRequest request;
request.key_description.Reinitialize(KmParamSet(params));
request.key_format = legacy_enum_conversion(keyFormat);
request.SetKeyMaterial(keyData.data(), keyData.size());
- ImportKeyResponse response(impl_->message_version());
+ ImportKeyResponse response;
impl_->ImportKey(request, &response);
KeyCharacteristics resultCharacteristics;
@@ -297,12 +297,12 @@
const hidl_vec<uint8_t>& clientId,
const hidl_vec<uint8_t>& appData,
exportKey_cb _hidl_cb) {
- ExportKeyRequest request(impl_->message_version());
+ ExportKeyRequest request;
request.key_format = legacy_enum_conversion(exportFormat);
request.SetKeyMaterial(keyBlob.data(), keyBlob.size());
addClientAndAppData(clientId, appData, &request.additional_params);
- ExportKeyResponse response(impl_->message_version());
+ ExportKeyResponse response;
impl_->ExportKey(request, &response);
hidl_vec<uint8_t> resultKeyBlob;
@@ -316,11 +316,11 @@
Return<void> TrustyKeymaster3Device::attestKey(const hidl_vec<uint8_t>& keyToAttest,
const hidl_vec<KeyParameter>& attestParams,
attestKey_cb _hidl_cb) {
- AttestKeyRequest request(impl_->message_version());
+ AttestKeyRequest request;
request.SetKeyMaterial(keyToAttest.data(), keyToAttest.size());
request.attest_params.Reinitialize(KmParamSet(attestParams));
- AttestKeyResponse response(impl_->message_version());
+ AttestKeyResponse response;
impl_->AttestKey(request, &response);
hidl_vec<hidl_vec<uint8_t>> resultCertChain;
@@ -334,11 +334,11 @@
Return<void> TrustyKeymaster3Device::upgradeKey(const hidl_vec<uint8_t>& keyBlobToUpgrade,
const hidl_vec<KeyParameter>& upgradeParams,
upgradeKey_cb _hidl_cb) {
- UpgradeKeyRequest request(impl_->message_version());
+ UpgradeKeyRequest request;
request.SetKeyMaterial(keyBlobToUpgrade.data(), keyBlobToUpgrade.size());
request.upgrade_params.Reinitialize(KmParamSet(upgradeParams));
- UpgradeKeyResponse response(impl_->message_version());
+ UpgradeKeyResponse response;
impl_->UpgradeKey(request, &response);
if (response.error == KM_ERROR_OK) {
@@ -350,18 +350,18 @@
}
Return<ErrorCode> TrustyKeymaster3Device::deleteKey(const hidl_vec<uint8_t>& keyBlob) {
- DeleteKeyRequest request(impl_->message_version());
+ DeleteKeyRequest request;
request.SetKeyMaterial(keyBlob.data(), keyBlob.size());
- DeleteKeyResponse response(impl_->message_version());
+ DeleteKeyResponse response;
impl_->DeleteKey(request, &response);
return legacy_enum_conversion(response.error);
}
Return<ErrorCode> TrustyKeymaster3Device::deleteAllKeys() {
- DeleteAllKeysRequest request(impl_->message_version());
- DeleteAllKeysResponse response(impl_->message_version());
+ DeleteAllKeysRequest request;
+ DeleteAllKeysResponse response;
impl_->DeleteAllKeys(request, &response);
return legacy_enum_conversion(response.error);
@@ -374,15 +374,15 @@
Return<void> TrustyKeymaster3Device::begin(KeyPurpose purpose, const hidl_vec<uint8_t>& key,
const hidl_vec<KeyParameter>& inParams,
begin_cb _hidl_cb) {
- BeginOperationRequest request(impl_->message_version());
+ BeginOperationRequest request;
request.purpose = legacy_enum_conversion(purpose);
request.SetKeyMaterial(key.data(), key.size());
request.additional_params.Reinitialize(KmParamSet(inParams));
- BeginOperationResponse response(impl_->message_version());
+ BeginOperationResponse response;
impl_->BeginOperation(request, &response);
- hidl_vec<KeyParameter> resultParams(impl_->message_version());
+ hidl_vec<KeyParameter> resultParams;
if (response.error == KM_ERROR_OK) {
resultParams = kmParamSet2Hidl(response.output_params);
}
@@ -394,8 +394,8 @@
Return<void> TrustyKeymaster3Device::update(uint64_t operationHandle,
const hidl_vec<KeyParameter>& inParams,
const hidl_vec<uint8_t>& input, update_cb _hidl_cb) {
- UpdateOperationRequest request(impl_->message_version());
- UpdateOperationResponse response(impl_->message_version());
+ UpdateOperationRequest request;
+ UpdateOperationResponse response;
hidl_vec<KeyParameter> resultParams;
hidl_vec<uint8_t> resultBlob;
uint32_t resultConsumed = 0;
@@ -431,13 +431,13 @@
const hidl_vec<uint8_t>& input,
const hidl_vec<uint8_t>& signature,
finish_cb _hidl_cb) {
- FinishOperationRequest request(impl_->message_version());
+ FinishOperationRequest request;
request.op_handle = operationHandle;
request.input.Reinitialize(input.data(), input.size());
request.signature.Reinitialize(signature.data(), signature.size());
request.additional_params.Reinitialize(KmParamSet(inParams));
- FinishOperationResponse response(impl_->message_version());
+ FinishOperationResponse response;
impl_->FinishOperation(request, &response);
hidl_vec<KeyParameter> resultParams;
@@ -451,10 +451,10 @@
}
Return<ErrorCode> TrustyKeymaster3Device::abort(uint64_t operationHandle) {
- AbortOperationRequest request(impl_->message_version());
+ AbortOperationRequest request;
request.op_handle = operationHandle;
- AbortOperationResponse response(impl_->message_version());
+ AbortOperationResponse response;
impl_->AbortOperation(request, &response);
return legacy_enum_conversion(response.error);
diff --git a/trusty/keymaster/4.0/TrustyKeymaster4Device.cpp b/trusty/keymaster/4.0/TrustyKeymaster4Device.cpp
index 73ad6ae..ec2ba12 100644
--- a/trusty/keymaster/4.0/TrustyKeymaster4Device.cpp
+++ b/trusty/keymaster/4.0/TrustyKeymaster4Device.cpp
@@ -284,7 +284,7 @@
Return<void> TrustyKeymaster4Device::computeSharedHmac(
const hidl_vec<HmacSharingParameters>& params, computeSharedHmac_cb _hidl_cb) {
- ComputeSharedHmacRequest request(impl_->message_version());
+ ComputeSharedHmacRequest request;
request.params_array.params_array = new keymaster::HmacSharingParameters[params.size()];
request.params_array.num_params = params.size();
for (size_t i = 0; i < params.size(); ++i) {
@@ -309,7 +309,7 @@
Return<void> TrustyKeymaster4Device::verifyAuthorization(
uint64_t challenge, const hidl_vec<KeyParameter>& parametersToVerify,
const HardwareAuthToken& authToken, verifyAuthorization_cb _hidl_cb) {
- VerifyAuthorizationRequest request(impl_->message_version());
+ VerifyAuthorizationRequest request;
request.challenge = challenge;
request.parameters_to_verify.Reinitialize(KmParamSet(parametersToVerify));
request.auth_token.challenge = authToken.challenge;
@@ -336,10 +336,10 @@
Return<ErrorCode> TrustyKeymaster4Device::addRngEntropy(const hidl_vec<uint8_t>& data) {
if (data.size() == 0) return ErrorCode::OK;
- AddEntropyRequest request(impl_->message_version());
+ AddEntropyRequest request;
request.random_data.Reinitialize(data.data(), data.size());
- AddEntropyResponse response(impl_->message_version());
+ AddEntropyResponse response;
impl_->AddRngEntropy(request, &response);
return legacy_enum_conversion(response.error);
@@ -347,10 +347,10 @@
Return<void> TrustyKeymaster4Device::generateKey(const hidl_vec<KeyParameter>& keyParams,
generateKey_cb _hidl_cb) {
- GenerateKeyRequest request(impl_->message_version());
+ GenerateKeyRequest request;
request.key_description.Reinitialize(KmParamSet(keyParams));
- GenerateKeyResponse response(impl_->message_version());
+ GenerateKeyResponse response;
impl_->GenerateKey(request, &response);
KeyCharacteristics resultCharacteristics;
@@ -368,11 +368,11 @@
const hidl_vec<uint8_t>& clientId,
const hidl_vec<uint8_t>& appData,
getKeyCharacteristics_cb _hidl_cb) {
- GetKeyCharacteristicsRequest request(impl_->message_version());
+ GetKeyCharacteristicsRequest request;
request.SetKeyMaterial(keyBlob.data(), keyBlob.size());
addClientAndAppData(clientId, appData, &request.additional_params);
- GetKeyCharacteristicsResponse response(impl_->message_version());
+ GetKeyCharacteristicsResponse response;
impl_->GetKeyCharacteristics(request, &response);
KeyCharacteristics resultCharacteristics;
@@ -388,12 +388,12 @@
KeyFormat keyFormat,
const hidl_vec<uint8_t>& keyData,
importKey_cb _hidl_cb) {
- ImportKeyRequest request(impl_->message_version());
+ ImportKeyRequest request;
request.key_description.Reinitialize(KmParamSet(params));
request.key_format = legacy_enum_conversion(keyFormat);
request.SetKeyMaterial(keyData.data(), keyData.size());
- ImportKeyResponse response(impl_->message_version());
+ ImportKeyResponse response;
impl_->ImportKey(request, &response);
KeyCharacteristics resultCharacteristics;
@@ -411,7 +411,7 @@
const hidl_vec<uint8_t>& wrappedKeyData, const hidl_vec<uint8_t>& wrappingKeyBlob,
const hidl_vec<uint8_t>& maskingKey, const hidl_vec<KeyParameter>& unwrappingParams,
uint64_t passwordSid, uint64_t biometricSid, importWrappedKey_cb _hidl_cb) {
- ImportWrappedKeyRequest request(impl_->message_version());
+ ImportWrappedKeyRequest request;
request.SetWrappedMaterial(wrappedKeyData.data(), wrappedKeyData.size());
request.SetWrappingMaterial(wrappingKeyBlob.data(), wrappingKeyBlob.size());
request.SetMaskingKeyMaterial(maskingKey.data(), maskingKey.size());
@@ -419,7 +419,7 @@
request.password_sid = passwordSid;
request.biometric_sid = biometricSid;
- ImportWrappedKeyResponse response(impl_->message_version());
+ ImportWrappedKeyResponse response;
impl_->ImportWrappedKey(request, &response);
KeyCharacteristics resultCharacteristics;
@@ -438,12 +438,12 @@
const hidl_vec<uint8_t>& clientId,
const hidl_vec<uint8_t>& appData,
exportKey_cb _hidl_cb) {
- ExportKeyRequest request(impl_->message_version());
+ ExportKeyRequest request;
request.key_format = legacy_enum_conversion(exportFormat);
request.SetKeyMaterial(keyBlob.data(), keyBlob.size());
addClientAndAppData(clientId, appData, &request.additional_params);
- ExportKeyResponse response(impl_->message_version());
+ ExportKeyResponse response;
impl_->ExportKey(request, &response);
hidl_vec<uint8_t> resultKeyBlob;
@@ -457,11 +457,11 @@
Return<void> TrustyKeymaster4Device::attestKey(const hidl_vec<uint8_t>& keyToAttest,
const hidl_vec<KeyParameter>& attestParams,
attestKey_cb _hidl_cb) {
- AttestKeyRequest request(impl_->message_version());
+ AttestKeyRequest request;
request.SetKeyMaterial(keyToAttest.data(), keyToAttest.size());
request.attest_params.Reinitialize(KmParamSet(attestParams));
- AttestKeyResponse response(impl_->message_version());
+ AttestKeyResponse response;
impl_->AttestKey(request, &response);
hidl_vec<hidl_vec<uint8_t>> resultCertChain;
@@ -475,11 +475,11 @@
Return<void> TrustyKeymaster4Device::upgradeKey(const hidl_vec<uint8_t>& keyBlobToUpgrade,
const hidl_vec<KeyParameter>& upgradeParams,
upgradeKey_cb _hidl_cb) {
- UpgradeKeyRequest request(impl_->message_version());
+ UpgradeKeyRequest request;
request.SetKeyMaterial(keyBlobToUpgrade.data(), keyBlobToUpgrade.size());
request.upgrade_params.Reinitialize(KmParamSet(upgradeParams));
- UpgradeKeyResponse response(impl_->message_version());
+ UpgradeKeyResponse response;
impl_->UpgradeKey(request, &response);
if (response.error == KM_ERROR_OK) {
@@ -491,18 +491,18 @@
}
Return<ErrorCode> TrustyKeymaster4Device::deleteKey(const hidl_vec<uint8_t>& keyBlob) {
- DeleteKeyRequest request(impl_->message_version());
+ DeleteKeyRequest request;
request.SetKeyMaterial(keyBlob.data(), keyBlob.size());
- DeleteKeyResponse response(impl_->message_version());
+ DeleteKeyResponse response;
impl_->DeleteKey(request, &response);
return legacy_enum_conversion(response.error);
}
Return<ErrorCode> TrustyKeymaster4Device::deleteAllKeys() {
- DeleteAllKeysRequest request(impl_->message_version());
- DeleteAllKeysResponse response(impl_->message_version());
+ DeleteAllKeysRequest request;
+ DeleteAllKeysResponse response;
impl_->DeleteAllKeys(request, &response);
return legacy_enum_conversion(response.error);
@@ -516,12 +516,12 @@
const hidl_vec<KeyParameter>& inParams,
const HardwareAuthToken& authToken, begin_cb _hidl_cb) {
hidl_vec<KeyParameter> extendedParams = injectAuthToken(inParams, authToken);
- BeginOperationRequest request(impl_->message_version());
+ BeginOperationRequest request;
request.purpose = legacy_enum_conversion(purpose);
request.SetKeyMaterial(key.data(), key.size());
request.additional_params.Reinitialize(KmParamSet(extendedParams));
- BeginOperationResponse response(impl_->message_version());
+ BeginOperationResponse response;
impl_->BeginOperation(request, &response);
hidl_vec<KeyParameter> resultParams;
@@ -540,8 +540,8 @@
const VerificationToken& verificationToken,
update_cb _hidl_cb) {
(void)verificationToken;
- UpdateOperationRequest request(impl_->message_version());
- UpdateOperationResponse response(impl_->message_version());
+ UpdateOperationRequest request;
+ UpdateOperationResponse response;
hidl_vec<KeyParameter> resultParams;
hidl_vec<uint8_t> resultBlob;
hidl_vec<KeyParameter> extendedParams = injectAuthToken(inParams, authToken);
@@ -581,14 +581,14 @@
const VerificationToken& verificationToken,
finish_cb _hidl_cb) {
(void)verificationToken;
- FinishOperationRequest request(impl_->message_version());
+ FinishOperationRequest request;
hidl_vec<KeyParameter> extendedParams = injectAuthToken(inParams, authToken);
request.op_handle = operationHandle;
request.input.Reinitialize(input.data(), input.size());
request.signature.Reinitialize(signature.data(), signature.size());
request.additional_params.Reinitialize(KmParamSet(extendedParams));
- FinishOperationResponse response(impl_->message_version());
+ FinishOperationResponse response;
impl_->FinishOperation(request, &response);
hidl_vec<KeyParameter> resultParams;
@@ -602,10 +602,10 @@
}
Return<ErrorCode> TrustyKeymaster4Device::abort(uint64_t operationHandle) {
- AbortOperationRequest request(impl_->message_version());
+ AbortOperationRequest request;
request.op_handle = operationHandle;
- AbortOperationResponse response(impl_->message_version());
+ AbortOperationResponse response;
impl_->AbortOperation(request, &response);
return legacy_enum_conversion(response.error);
diff --git a/trusty/keymaster/TrustyKeymaster.cpp b/trusty/keymaster/TrustyKeymaster.cpp
index 5690031..750a9d7 100644
--- a/trusty/keymaster/TrustyKeymaster.cpp
+++ b/trusty/keymaster/TrustyKeymaster.cpp
@@ -31,35 +31,11 @@
return err;
}
- // Try GetVersion2 first.
- GetVersion2Request versionReq;
- GetVersion2Response versionRsp = GetVersion2(versionReq);
- if (versionRsp.error != KM_ERROR_OK) {
- ALOGW("TA appears not to support GetVersion2, falling back (err = %d)", versionRsp.error);
-
- GetVersionRequest versionReq;
- GetVersionResponse versionRsp;
- GetVersion(versionReq, &versionRsp);
- if (versionRsp.error != KM_ERROR_OK) {
- ALOGE("Failed to get TA version %d", versionRsp.error);
- return -1;
- } else {
- keymaster_error_t error;
- message_version_ = NegotiateMessageVersion(versionRsp, &error);
- if (error != KM_ERROR_OK) {
- ALOGE("Failed to negotiate message version %d", error);
- return -1;
- }
- }
- } else {
- message_version_ = NegotiateMessageVersion(versionReq, versionRsp);
- }
-
- ConfigureRequest req(message_version());
+ ConfigureRequest req;
req.os_version = GetOsVersion();
req.os_patchlevel = GetOsPatchlevel();
- ConfigureResponse rsp(message_version());
+ ConfigureResponse rsp;
Configure(req, &rsp);
if (rsp.error != KM_ERROR_OK) {
@@ -76,7 +52,7 @@
trusty_keymaster_disconnect();
}
-static void ForwardCommand(enum keymaster_command command, const KeymasterMessage& req,
+static void ForwardCommand(enum keymaster_command command, const Serializable& req,
KeymasterResponse* rsp) {
keymaster_error_t err;
err = trusty_keymaster_send(command, req, rsp);
@@ -197,30 +173,25 @@
}
GetHmacSharingParametersResponse TrustyKeymaster::GetHmacSharingParameters() {
- GetHmacSharingParametersRequest request(message_version());
- GetHmacSharingParametersResponse response(message_version());
+ // Empty buffer to allow ForwardCommand to have something to serialize
+ Buffer request;
+ GetHmacSharingParametersResponse response;
ForwardCommand(KM_GET_HMAC_SHARING_PARAMETERS, request, &response);
return response;
}
ComputeSharedHmacResponse TrustyKeymaster::ComputeSharedHmac(
const ComputeSharedHmacRequest& request) {
- ComputeSharedHmacResponse response(message_version());
+ ComputeSharedHmacResponse response;
ForwardCommand(KM_COMPUTE_SHARED_HMAC, request, &response);
return response;
}
VerifyAuthorizationResponse TrustyKeymaster::VerifyAuthorization(
const VerifyAuthorizationRequest& request) {
- VerifyAuthorizationResponse response(message_version());
+ VerifyAuthorizationResponse response;
ForwardCommand(KM_VERIFY_AUTHORIZATION, request, &response);
return response;
}
-GetVersion2Response TrustyKeymaster::GetVersion2(const GetVersion2Request& request) {
- GetVersion2Response response(message_version());
- ForwardCommand(KM_GET_VERSION_2, request, &response);
- return response;
-}
-
} // namespace keymaster
diff --git a/trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h b/trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h
index bec2a2a..030b645 100644
--- a/trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h
+++ b/trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h
@@ -59,12 +59,6 @@
GetHmacSharingParametersResponse GetHmacSharingParameters();
ComputeSharedHmacResponse ComputeSharedHmac(const ComputeSharedHmacRequest& request);
VerifyAuthorizationResponse VerifyAuthorization(const VerifyAuthorizationRequest& request);
- GetVersion2Response GetVersion2(const GetVersion2Request& request);
-
- uint32_t message_version() const { return message_version_; }
-
- private:
- uint32_t message_version_;
};
} // namespace keymaster
diff --git a/trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h b/trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h
index 419c96f..ce2cc2e 100644
--- a/trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h
+++ b/trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h
@@ -53,7 +53,6 @@
KM_DELETE_ALL_KEYS = (23 << KEYMASTER_REQ_SHIFT),
KM_DESTROY_ATTESTATION_IDS = (24 << KEYMASTER_REQ_SHIFT),
KM_IMPORT_WRAPPED_KEY = (25 << KEYMASTER_REQ_SHIFT),
- KM_GET_VERSION_2 = (28 << KEYMASTER_REQ_SHIFT),
// Bootloader/provisioning calls.
KM_SET_BOOT_PARAMS = (0x1000 << KEYMASTER_REQ_SHIFT),