Keystore 2.0: Remove Keystore 1.0 and remaining references
* Remove superseded keystore engine backends.
* Remove keystore_cli.
* Update keystoer_cli_v2 to use Keystore 2.0.
* Update confirmationui invocation test.
* Remove reference to enable keystore2 property from keystore2.rc.
Test: N/A
Bug: 171305684
Change-Id: I855dead9d95c2c8cfa451944087bc8290871c0e5
diff --git a/keystore-engine/Android.bp b/keystore-engine/Android.bp
index 9980765..0cecfd8 100644
--- a/keystore-engine/Android.bp
+++ b/keystore-engine/Android.bp
@@ -26,7 +26,6 @@
srcs: [
"android_engine.cpp",
- "keystore_backend_binder.cpp",
"keystore2_engine.cpp",
],
@@ -38,14 +37,9 @@
shared_libs: [
"android.system.keystore2-V1-ndk_platform",
- "libbinder",
"libbinder_ndk",
"libcrypto",
"libcutils",
- "libhidlbase",
- "libkeystore_aidl",
- "libkeystore_binder",
- "libkeystore_parcelables",
"liblog",
"libbase",
"libutils",
@@ -53,14 +47,15 @@
}
-// This builds a variant of libkeystore-engine that uses a HIDL HAL
-// owned by the WiFi user to perform signing operations.
+// This builds a variant of libkeystore-engine that is available vendor.
+// It used to use a HIDL interface to connect to keystore through wificond.
+// Now That Keystore 2.0 has a vintf stable interface this library is
+// actually identical to libkeystore-engine.
cc_library_shared {
name: "libkeystore-engine-wifi-hidl",
srcs: [
"android_engine.cpp",
- "keystore_backend_hidl.cpp",
"keystore2_engine.cpp",
],
@@ -68,17 +63,14 @@
"-fvisibility=hidden",
"-Wall",
"-Werror",
- "-DBACKEND_WIFI_HIDL",
],
shared_libs: [
"android.system.keystore2-V1-ndk_platform",
- "android.system.wifi.keystore@1.0",
"libbase",
"libbinder_ndk",
"libcrypto",
"liblog",
- "libhidlbase",
"libcutils",
"libutils",
],
diff --git a/keystore-engine/android_engine.cpp b/keystore-engine/android_engine.cpp
index 5881523..e46204e 100644
--- a/keystore-engine/android_engine.cpp
+++ b/keystore-engine/android_engine.cpp
@@ -22,307 +22,10 @@
#define LOG_TAG "keystore-engine"
-#include <pthread.h>
-#include <string.h>
-
#include <log/log.h>
-#include <openssl/bn.h>
-#include <openssl/ec.h>
-#include <openssl/ec_key.h>
-#include <openssl/ecdsa.h>
-#include <openssl/engine.h>
-#include <openssl/evp.h>
-#include <openssl/rsa.h>
-#include <openssl/x509.h>
-
-#include <memory>
-
#include "keystore2_engine.h"
-#ifndef BACKEND_WIFI_HIDL
-#include "keystore_backend_binder.h"
-#else
-#include "keystore_backend_hidl.h"
-#endif
-
-namespace {
-KeystoreBackend *g_keystore_backend;
-void ensure_keystore_engine();
-
-/* key_id_dup is called when one of the RSA or EC_KEY objects is duplicated. */
-int key_id_dup(CRYPTO_EX_DATA* /* to */,
- const CRYPTO_EX_DATA* /* from */,
- void** from_d,
- int /* index */,
- long /* argl */,
- void* /* argp */) {
- char *key_id = reinterpret_cast<char *>(*from_d);
- if (key_id != nullptr) {
- *from_d = strdup(key_id);
- }
- return 1;
-}
-
-/* key_id_free is called when one of the RSA, DSA or EC_KEY object is freed. */
-void key_id_free(void* /* parent */,
- void* ptr,
- CRYPTO_EX_DATA* /* ad */,
- int /* index */,
- long /* argl */,
- void* /* argp */) {
- char *key_id = reinterpret_cast<char *>(ptr);
- free(key_id);
-}
-
-/* Many OpenSSL APIs take ownership of an argument on success but don't free
- * the argument on failure. This means we need to tell our scoped pointers when
- * we've transferred ownership, without triggering a warning by not using the
- * result of release(). */
-#define OWNERSHIP_TRANSFERRED(obj) auto _dummy __attribute__((unused)) = (obj).release()
-
-const char* rsa_get_key_id(const RSA* rsa);
-
-/* rsa_private_transform takes a big-endian integer from |in|, calculates the
- * d'th power of it, modulo the RSA modulus, and writes the result as a
- * big-endian integer to |out|. Both |in| and |out| are |len| bytes long. It
- * returns one on success and zero otherwise. */
-int rsa_private_transform(RSA *rsa, uint8_t *out, const uint8_t *in, size_t len) {
- ALOGV("rsa_private_transform(%p, %p, %p, %u)", rsa, out, in, (unsigned) len);
-
- ensure_keystore_engine();
-
- const char *key_id = rsa_get_key_id(rsa);
- if (key_id == nullptr) {
- ALOGE("key had no key_id!");
- return 0;
- }
-
- uint8_t* reply = nullptr;
- size_t reply_len;
- int32_t ret = g_keystore_backend->sign(key_id, in, len, &reply, &reply_len);
- if (ret < 0) {
- ALOGW("There was an error during rsa_decrypt: could not connect");
- return 0;
- } else if (ret != 0) {
- ALOGW("Error during sign from keystore: %d", ret);
- return 0;
- } else if (reply_len == 0 || reply == nullptr) {
- ALOGW("No valid signature returned");
- return 0;
- }
-
- if (reply_len > len) {
- /* The result of the RSA operation can never be larger than the size of
- * the modulus so we assume that the result has extra zeros on the
- * left. This provides attackers with an oracle, but there's nothing
- * that we can do about it here. */
- ALOGW("Reply len %zu greater than expected %zu", reply_len, len);
- memcpy(out, &reply[reply_len - len], len);
- } else if (reply_len < len) {
- /* If the Keystore implementation returns a short value we assume that
- * it's because it removed leading zeros from the left side. This is
- * bad because it provides attackers with an oracle but we cannot do
- * anything about a broken Keystore implementation here. */
- ALOGW("Reply len %zu lesser than expected %zu", reply_len, len);
- memset(out, 0, len);
- memcpy(out + len - reply_len, &reply[0], reply_len);
- } else {
- memcpy(out, &reply[0], len);
- }
-
- ALOGV("rsa=%p keystore_rsa_priv_dec successful", rsa);
- return 1;
-}
-
-const char* ecdsa_get_key_id(const EC_KEY* ec_key);
-
-/* ecdsa_sign signs |digest_len| bytes from |digest| with |ec_key| and writes
- * the resulting signature (an ASN.1 encoded blob) to |sig|. It returns one on
- * success and zero otherwise. */
-static int ecdsa_sign(const uint8_t* digest, size_t digest_len, uint8_t* sig,
- unsigned int* sig_len, EC_KEY* ec_key) {
- ALOGV("ecdsa_sign(%p, %u, %p)", digest, (unsigned) digest_len, ec_key);
-
- ensure_keystore_engine();
-
- const char *key_id = ecdsa_get_key_id(ec_key);
- if (key_id == nullptr) {
- ALOGE("key had no key_id!");
- return 0;
- }
-
- size_t ecdsa_size = ECDSA_size(ec_key);
-
- uint8_t* reply = nullptr;
- size_t reply_len;
- int32_t ret = g_keystore_backend->sign(
- key_id, digest, digest_len, &reply, &reply_len);
- if (ret < 0) {
- ALOGW("There was an error during ecdsa_sign: could not connect");
- return 0;
- } else if (reply_len == 0 || reply == nullptr) {
- ALOGW("No valid signature returned");
- return 0;
- } else if (reply_len > ecdsa_size) {
- ALOGW("Signature is too large");
- return 0;
- }
-
- // Reviewer: should't sig_len be checked here? Or is it just assumed that it is at least ecdsa_size?
- memcpy(sig, &reply[0], reply_len);
- *sig_len = reply_len;
-
- ALOGV("ecdsa_sign(%p, %u, %p) => success", digest, (unsigned)digest_len,
- ec_key);
- return 1;
-}
-
-/* KeystoreEngine is a BoringSSL ENGINE that implements RSA and ECDSA by
- * forwarding the requested operations to Keystore. */
-class KeystoreEngine {
- public:
- KeystoreEngine()
- : rsa_index_(RSA_get_ex_new_index(0 /* argl */,
- nullptr /* argp */,
- nullptr /* new_func */,
- key_id_dup,
- key_id_free)),
- ec_key_index_(EC_KEY_get_ex_new_index(0 /* argl */,
- nullptr /* argp */,
- nullptr /* new_func */,
- key_id_dup,
- key_id_free)),
- engine_(ENGINE_new()) {
- memset(&rsa_method_, 0, sizeof(rsa_method_));
- rsa_method_.common.is_static = 1;
- rsa_method_.private_transform = rsa_private_transform;
- rsa_method_.flags = RSA_FLAG_OPAQUE;
- ENGINE_set_RSA_method(engine_, &rsa_method_, sizeof(rsa_method_));
-
- memset(&ecdsa_method_, 0, sizeof(ecdsa_method_));
- ecdsa_method_.common.is_static = 1;
- ecdsa_method_.sign = ecdsa_sign;
- ecdsa_method_.flags = ECDSA_FLAG_OPAQUE;
- ENGINE_set_ECDSA_method(engine_, &ecdsa_method_, sizeof(ecdsa_method_));
- }
-
- int rsa_ex_index() const { return rsa_index_; }
- int ec_key_ex_index() const { return ec_key_index_; }
-
- const ENGINE* engine() const { return engine_; }
-
- private:
- const int rsa_index_;
- const int ec_key_index_;
- RSA_METHOD rsa_method_;
- ECDSA_METHOD ecdsa_method_;
- ENGINE* const engine_;
-};
-
-pthread_once_t g_keystore_engine_once = PTHREAD_ONCE_INIT;
-KeystoreEngine *g_keystore_engine;
-
-/* init_keystore_engine is called to initialize |g_keystore_engine|. This
- * should only be called by |pthread_once|. */
-void init_keystore_engine() {
- g_keystore_engine = new KeystoreEngine;
-#ifndef BACKEND_WIFI_HIDL
- g_keystore_backend = new KeystoreBackendBinder;
-#else
- g_keystore_backend = new KeystoreBackendHidl;
-#endif
-}
-
-/* ensure_keystore_engine ensures that |g_keystore_engine| is pointing to a
- * valid |KeystoreEngine| object and creates one if not. */
-void ensure_keystore_engine() {
- pthread_once(&g_keystore_engine_once, init_keystore_engine);
-}
-
-const char* rsa_get_key_id(const RSA* rsa) {
- return reinterpret_cast<char*>(
- RSA_get_ex_data(rsa, g_keystore_engine->rsa_ex_index()));
-}
-
-const char* ecdsa_get_key_id(const EC_KEY* ec_key) {
- return reinterpret_cast<char*>(
- EC_KEY_get_ex_data(ec_key, g_keystore_engine->ec_key_ex_index()));
-}
-
-/* wrap_rsa returns an |EVP_PKEY| that contains an RSA key where the public
- * part is taken from |public_rsa| and the private operations are forwarded to
- * KeyStore and operate on the key named |key_id|. */
-static EVP_PKEY *wrap_rsa(const char *key_id, const RSA *public_rsa) {
- bssl::UniquePtr<RSA> rsa(RSA_new_method(g_keystore_engine->engine()));
- if (rsa.get() == nullptr) {
- return nullptr;
- }
-
- char *key_id_copy = strdup(key_id);
- if (key_id_copy == nullptr) {
- return nullptr;
- }
-
- if (!RSA_set_ex_data(rsa.get(), g_keystore_engine->rsa_ex_index(),
- key_id_copy)) {
- free(key_id_copy);
- return nullptr;
- }
-
- rsa->n = BN_dup(public_rsa->n);
- rsa->e = BN_dup(public_rsa->e);
- if (rsa->n == nullptr || rsa->e == nullptr) {
- return nullptr;
- }
-
- bssl::UniquePtr<EVP_PKEY> result(EVP_PKEY_new());
- if (result.get() == nullptr ||
- !EVP_PKEY_assign_RSA(result.get(), rsa.get())) {
- return nullptr;
- }
- OWNERSHIP_TRANSFERRED(rsa);
-
- return result.release();
-}
-
-/* wrap_ecdsa returns an |EVP_PKEY| that contains an ECDSA key where the public
- * part is taken from |public_rsa| and the private operations are forwarded to
- * KeyStore and operate on the key named |key_id|. */
-static EVP_PKEY *wrap_ecdsa(const char *key_id, const EC_KEY *public_ecdsa) {
- bssl::UniquePtr<EC_KEY> ec(EC_KEY_new_method(g_keystore_engine->engine()));
- if (ec.get() == nullptr) {
- return nullptr;
- }
-
- if (!EC_KEY_set_group(ec.get(), EC_KEY_get0_group(public_ecdsa)) ||
- !EC_KEY_set_public_key(ec.get(), EC_KEY_get0_public_key(public_ecdsa))) {
- return nullptr;
- }
-
- char *key_id_copy = strdup(key_id);
- if (key_id_copy == nullptr) {
- return nullptr;
- }
-
- if (!EC_KEY_set_ex_data(ec.get(), g_keystore_engine->ec_key_ex_index(),
- key_id_copy)) {
- free(key_id_copy);
- return nullptr;
- }
-
- bssl::UniquePtr<EVP_PKEY> result(EVP_PKEY_new());
- if (result.get() == nullptr ||
- !EVP_PKEY_assign_EC_KEY(result.get(), ec.get())) {
- return nullptr;
- }
- OWNERSHIP_TRANSFERRED(ec);
-
- return result.release();
-}
-
-} /* anonymous namespace */
-
extern "C" {
EVP_PKEY* EVP_PKEY_from_keystore(const char* key_id) __attribute__((visibility("default")));
@@ -334,48 +37,7 @@
EVP_PKEY* EVP_PKEY_from_keystore(const char* key_id) {
ALOGV("EVP_PKEY_from_keystore(\"%s\")", key_id);
- if (auto ks2_key = EVP_PKEY_from_keystore2(key_id)) {
- return ks2_key;
- }
-
- ensure_keystore_engine();
-
- uint8_t *pubkey = nullptr;
- size_t pubkey_len;
- int32_t ret = g_keystore_backend->get_pubkey(key_id, &pubkey, &pubkey_len);
- if (ret < 0) {
- ALOGW("could not contact keystore");
- return nullptr;
- } else if (ret != 0 || pubkey == nullptr) {
- ALOGW("keystore reports error: %d", ret);
- return nullptr;
- }
-
- const uint8_t *inp = pubkey;
- bssl::UniquePtr<EVP_PKEY> pkey(d2i_PUBKEY(nullptr, &inp, pubkey_len));
- if (pkey.get() == nullptr) {
- ALOGW("Cannot convert pubkey");
- return nullptr;
- }
-
- EVP_PKEY *result;
- switch (EVP_PKEY_type(pkey->type)) {
- case EVP_PKEY_RSA: {
- bssl::UniquePtr<RSA> public_rsa(EVP_PKEY_get1_RSA(pkey.get()));
- result = wrap_rsa(key_id, public_rsa.get());
- break;
- }
- case EVP_PKEY_EC: {
- bssl::UniquePtr<EC_KEY> public_ecdsa(EVP_PKEY_get1_EC_KEY(pkey.get()));
- result = wrap_ecdsa(key_id, public_ecdsa.get());
- break;
- }
- default:
- ALOGE("Unsupported key type %d", EVP_PKEY_type(pkey->type));
- result = nullptr;
- }
-
- return result;
+ return EVP_PKEY_from_keystore2(key_id);
}
} // extern "C"
diff --git a/keystore-engine/keystore_backend.h b/keystore-engine/keystore_backend.h
deleted file mode 100644
index 88c94b3..0000000
--- a/keystore-engine/keystore_backend.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/* Copyright 2017 The Android Open Source Project
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
-
-#ifndef ANDROID_KEYSTORE_BACKEND_H
-#define ANDROID_KEYSTORE_BACKEND_H
-
-#include <stdint.h>
-
-class KeystoreBackend {
- public:
- virtual ~KeystoreBackend() {}
- virtual int32_t sign(const char *key_id, const uint8_t* in, size_t len,
- uint8_t** reply, size_t* reply_len) = 0;
- virtual int32_t get_pubkey(const char *key_id, uint8_t** pubkey,
- size_t* reply_len) = 0;
-};
-
-#endif // ANDROID_KEYSTORE_BACKEND_H
diff --git a/keystore-engine/keystore_backend_binder.cpp b/keystore-engine/keystore_backend_binder.cpp
deleted file mode 100644
index 8b5a584..0000000
--- a/keystore-engine/keystore_backend_binder.cpp
+++ /dev/null
@@ -1,286 +0,0 @@
-/* Copyright 2017 The Android Open Source Project
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
-
-#include "keystore_backend_binder.h"
-
-#include <android-base/logging.h>
-#include <android/security/keystore/IKeystoreService.h>
-#include <binder/IServiceManager.h>
-#include <binder/ProcessState.h>
-#include <keystore/KeyCharacteristics.h>
-#include <keystore/KeymasterArguments.h>
-#include <keystore/KeymasterBlob.h>
-#include <keystore/KeystoreResponse.h>
-#include <keystore/OperationResult.h>
-#include <keystore/keymaster_types.h>
-#include <keystore/keystore.h>
-#include <keystore/keystore_hidl_support.h>
-#include <keystore/keystore_promises.h>
-#include <keystore/keystore_return_types.h>
-
-#include <future>
-#include <thread>
-
-using android::security::keystore::IKeystoreService;
-using namespace android;
-using keystore::hidl_vec;
-
-using android::hardware::keymaster::V4_0::Algorithm;
-using android::hardware::keymaster::V4_0::authorizationValue;
-using android::hardware::keymaster::V4_0::Digest;
-using android::hardware::keymaster::V4_0::KeyFormat;
-using android::hardware::keymaster::V4_0::KeyParameter;
-using android::hardware::keymaster::V4_0::KeyPurpose;
-using android::hardware::keymaster::V4_0::NullOr;
-using android::hardware::keymaster::V4_0::PaddingMode;
-using android::hardware::keymaster::V4_0::TAG_ALGORITHM;
-using android::hardware::keymaster::V4_0::TAG_DIGEST;
-using android::hardware::keymaster::V4_0::TAG_PADDING;
-using android::security::keymaster::ExportResult;
-using android::security::keymaster::KeyCharacteristics;
-using android::security::keymaster::KeymasterArguments;
-using android::security::keymaster::KeymasterBlob;
-using android::security::keymaster::OperationResult;
-
-using KSReturn = keystore::KeyStoreNativeReturnCode;
-
-namespace {
-const char keystore_service_name[] = "android.security.keystore";
-constexpr int32_t UID_SELF = -1;
-
-using keystore::KeyCharacteristicsPromise;
-using keystore::KeystoreExportPromise;
-using keystore::KeystoreResponsePromise;
-using keystore::OperationResultPromise;
-
-} // namespace
-
-#define AT __func__ << ":" << __LINE__ << " "
-
-static NullOr<const Algorithm&> getKeyAlgoritmFromKeyCharacteristics(
- const ::android::security::keymaster::KeyCharacteristics& characteristics) {
- for (const auto& param : characteristics.hardwareEnforced.getParameters()) {
- auto algo = authorizationValue(TAG_ALGORITHM, param);
- if (algo.isOk()) return algo;
- }
- for (const auto& param : characteristics.softwareEnforced.getParameters()) {
- auto algo = authorizationValue(TAG_ALGORITHM, param);
- if (algo.isOk()) return algo;
- }
- return {};
-}
-
-KeystoreBackendBinder::KeystoreBackendBinder() {
- android::ProcessState::self()->startThreadPool();
-}
-
-int32_t KeystoreBackendBinder::sign(const char* key_id, const uint8_t* in, size_t len,
- uint8_t** reply, size_t* reply_len) {
- sp<IServiceManager> sm = defaultServiceManager();
- sp<IBinder> binder = sm->getService(String16(keystore_service_name));
- sp<IKeystoreService> service = interface_cast<IKeystoreService>(binder);
-
- if (service == nullptr) {
- LOG(ERROR) << AT << "could not contact keystore";
- return -1;
- }
-
- String16 key_name16(key_id);
- int32_t error_code;
- android::sp<KeyCharacteristicsPromise> kc_promise(new KeyCharacteristicsPromise);
- auto kc_future = kc_promise->get_future();
- auto binder_result = service->getKeyCharacteristics(kc_promise, key_name16, KeymasterBlob(),
- KeymasterBlob(), UID_SELF, &error_code);
- if (!binder_result.isOk()) {
- LOG(ERROR) << AT << "communication error while calling keystore";
- return -1;
- }
- if (!KSReturn(error_code).isOk()) {
- LOG(ERROR) << AT << "getKeyCharacteristics failed: " << error_code;
- return -1;
- }
-
- auto [km_response, characteristics] = kc_future.get();
-
- if (!KSReturn(km_response.response_code()).isOk()) {
- LOG(ERROR) << AT << "getKeyCharacteristics failed: " << km_response.response_code();
- return -1;
- }
-
- auto algorithm = getKeyAlgoritmFromKeyCharacteristics(characteristics);
- if (!algorithm.isOk()) {
- LOG(ERROR) << AT << "could not get algorithm from key characteristics";
- return -1;
- }
-
- hidl_vec<KeyParameter> params(3);
- params[0] = Authorization(TAG_DIGEST, Digest::NONE);
- params[1] = Authorization(TAG_PADDING, PaddingMode::NONE);
- params[2] = Authorization(TAG_ALGORITHM, algorithm.value());
-
- android::sp<android::IBinder> token(new android::BBinder);
- sp<OperationResultPromise> promise(new OperationResultPromise());
- auto future = promise->get_future();
- binder_result = service->begin(promise, token, key_name16, (int)KeyPurpose::SIGN,
- true /*pruneable*/, KeymasterArguments(params),
- std::vector<uint8_t>() /* entropy */, UID_SELF, &error_code);
- if (!binder_result.isOk()) {
- LOG(ERROR) << AT << "communication error while calling keystore";
- return -1;
- }
-
- keystore::KeyStoreNativeReturnCode rc(error_code);
- if (!rc.isOk()) {
- LOG(ERROR) << AT << "Keystore begin returned: " << error_code;
- return -1;
- }
- OperationResult result = future.get();
-
- if (!result.resultCode.isOk()) {
- LOG(ERROR) << AT << "begin failed: " << result.resultCode;
- return -1;
- }
- auto handle = std::move(result.token);
-
- do {
- future = {};
- promise = new OperationResultPromise();
- future = promise->get_future();
- binder_result = service->update(promise, handle, KeymasterArguments(params),
- std::vector<uint8_t>(in, in + len), &error_code);
- if (!binder_result.isOk()) {
- LOG(ERROR) << AT << "communication error while calling keystore";
- return -1;
- }
-
- rc = keystore::KeyStoreNativeReturnCode(error_code);
- if (!rc.isOk()) {
- LOG(ERROR) << AT << "Keystore update returned: " << error_code;
- return -1;
- }
- result = future.get();
-
- if (!result.resultCode.isOk()) {
- LOG(ERROR) << AT << "update failed: " << result.resultCode;
- return -1;
- }
-
- if (result.inputConsumed > len) {
- LOG(ERROR) << AT << "update consumed more data than provided";
- sp<KeystoreResponsePromise> abortPromise(new KeystoreResponsePromise);
- auto abortFuture = abortPromise->get_future();
- binder_result = service->abort(abortPromise, handle, &error_code);
- if (!binder_result.isOk()) {
- LOG(ERROR) << AT << "communication error while calling keystore";
- return -1;
- }
- // This is mainly for logging since we already failed.
- // But if abort returned OK we have to wait untill abort calls the callback
- // hence the call to abortFuture.get().
- if (!KSReturn(error_code).isOk()) {
- LOG(ERROR) << AT << "abort failed: " << error_code;
- } else if (!(rc = KSReturn(abortFuture.get().response_code())).isOk()) {
- LOG(ERROR) << AT << "abort failed: " << rc;
- }
- return -1;
- }
- len -= result.inputConsumed;
- in += result.inputConsumed;
- } while (len > 0);
-
- future = {};
- promise = new OperationResultPromise();
- future = promise->get_future();
-
- binder_result = service->finish(
- promise, handle, KeymasterArguments(params), std::vector<uint8_t>() /* input */,
- std::vector<uint8_t>() /* signature */, std::vector<uint8_t>() /* entropy */, &error_code);
-
- if (!binder_result.isOk()) {
- LOG(ERROR) << AT << "communication error while calling keystore";
- return -1;
- }
-
- rc = keystore::KeyStoreNativeReturnCode(error_code);
- if (!rc.isOk()) {
- LOG(ERROR) << AT << "Keystore finish returned: " << error_code;
- return -1;
- }
- result = future.get();
-
- if (!result.resultCode.isOk()) {
- LOG(ERROR) << AT << "finish failed: " << result.resultCode;
- return -1;
- }
-
- hidl_vec<uint8_t> reply_hidl(result.data);
- if (reply_len) {
- *reply_len = reply_hidl.size();
- }
- if (reply) {
- *reply = reply_hidl.releaseData();
- }
- return 0;
-}
-
-int32_t KeystoreBackendBinder::get_pubkey(const char* key_id, uint8_t** pubkey,
- size_t* pubkey_len) {
- sp<IServiceManager> sm = defaultServiceManager();
- sp<IBinder> binder = sm->getService(String16(keystore_service_name));
- sp<IKeystoreService> service = interface_cast<IKeystoreService>(binder);
-
- if (service == nullptr) {
- LOG(ERROR) << AT << "could not contact keystore";
- return -1;
- }
-
- int32_t error_code;
- android::sp<KeystoreExportPromise> promise(new KeystoreExportPromise);
- auto future = promise->get_future();
- auto binder_result = service->exportKey(
- promise, String16(key_id), static_cast<int32_t>(KeyFormat::X509),
- KeymasterBlob() /* clientId */, KeymasterBlob() /* appData */, UID_SELF, &error_code);
- if (!binder_result.isOk()) {
- LOG(ERROR) << AT << "communication error while calling keystore";
- return -1;
- }
-
- KSReturn rc(error_code);
- if (!rc.isOk()) {
- LOG(ERROR) << AT << "exportKey failed: " << error_code;
- return -1;
- }
-
- auto export_result = future.get();
- if (!export_result.resultCode.isOk()) {
- LOG(ERROR) << AT << "exportKey failed: " << export_result.resultCode;
- return -1;
- }
-
- if (pubkey_len) {
- *pubkey_len = export_result.exportData.size();
- }
- if (pubkey) {
- *pubkey = export_result.exportData.releaseData();
- }
- return 0;
-}
diff --git a/keystore-engine/keystore_backend_binder.h b/keystore-engine/keystore_backend_binder.h
deleted file mode 100644
index 4c828c5..0000000
--- a/keystore-engine/keystore_backend_binder.h
+++ /dev/null
@@ -1,38 +0,0 @@
-/* Copyright 2017 The Android Open Source Project
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
-
-#ifndef ANDROID_KEYSTORE_BACKEND_BINDER_H
-#define ANDROID_KEYSTORE_BACKEND_BINDER_H
-
-#include "keystore_backend.h"
-
-class KeystoreBackendBinder : public KeystoreBackend {
- public:
- KeystoreBackendBinder();
- virtual ~KeystoreBackendBinder() {}
- int32_t sign(const char *key_id, const uint8_t* in, size_t len,
- uint8_t** reply, size_t* reply_len) override;
- int32_t get_pubkey(const char *key_id, uint8_t** pubkey,
- size_t* reply_len) override;
-};
-
-#endif // ANDROID_KEYSTORE_BACKEND_BINDER_H
diff --git a/keystore-engine/keystore_backend_hidl.cpp b/keystore-engine/keystore_backend_hidl.cpp
deleted file mode 100644
index 30cf890..0000000
--- a/keystore-engine/keystore_backend_hidl.cpp
+++ /dev/null
@@ -1,91 +0,0 @@
-/* Copyright 2017 The Android Open Source Project
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
-
-#include "keystore_backend_hidl.h"
-
-#include <android/system/wifi/keystore/1.0/IKeystore.h>
-#include <log/log.h>
-
-using android::hardware::hidl_vec;
-using android::hardware::Return;
-using android::sp;
-using android::system::wifi::keystore::V1_0::IKeystore;
-
-int32_t KeystoreBackendHidl::sign(
- const char *key_id, const uint8_t* in, size_t len, uint8_t** reply,
- size_t* reply_len) {
- if (key_id == nullptr || in == nullptr || reply == nullptr || reply_len == nullptr) {
- ALOGE("Null pointer argument passed");
- return -1;
- }
-
- sp<IKeystore> service = IKeystore::tryGetService();
- if (service == nullptr) {
- ALOGE("could not contact keystore HAL");
- return -1;
- }
-
- bool success = false;
- auto cb = [&](IKeystore::KeystoreStatusCode status,
- hidl_vec<uint8_t> signedData) {
- if (status == IKeystore::KeystoreStatusCode::SUCCESS) {
- *reply_len = signedData.size();
- *reply = signedData.releaseData();
- success = true;
- }
- };
- Return<void> ret = service->sign(
- key_id, std::vector<uint8_t>(in, in + len), cb);
- if (!ret.isOk() || !success) {
- return 1;
- }
- return 0;
-}
-
-int32_t KeystoreBackendHidl::get_pubkey(
- const char *key_id, uint8_t** pubkey, size_t* pubkey_len) {
- if (key_id == nullptr || pubkey == nullptr || pubkey_len == nullptr) {
- ALOGE("Null pointer argument passed");
- return -1;
- }
-
- sp<IKeystore> service = IKeystore::tryGetService();
- if (service == nullptr) {
- ALOGE("could not contact keystore HAL");
- return -1;
- }
-
- bool success = false;
- auto cb = [&](IKeystore::KeystoreStatusCode status,
- hidl_vec<uint8_t> publicKey) {
- if (status == IKeystore::KeystoreStatusCode::SUCCESS) {
- *pubkey_len = publicKey.size();
- *pubkey = publicKey.releaseData();
- success = true;
- }
- };
- Return<void> ret = service->getPublicKey(key_id, cb);
- if (!ret.isOk() || !success) {
- return 1;
- }
- return 0;
-}
diff --git a/keystore-engine/keystore_backend_hidl.h b/keystore-engine/keystore_backend_hidl.h
deleted file mode 100644
index fd38f69..0000000
--- a/keystore-engine/keystore_backend_hidl.h
+++ /dev/null
@@ -1,38 +0,0 @@
-/* Copyright 2017 The Android Open Source Project
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
-
-#ifndef ANDROID_KEYSTORE_BACKEND_HIDL_H
-#define ANDROID_KEYSTORE_BACKEND_HIDL_H
-
-#include "keystore_backend.h"
-
-class KeystoreBackendHidl : public KeystoreBackend {
- public:
- KeystoreBackendHidl() {}
- virtual ~KeystoreBackendHidl() {}
- int32_t sign(const char *key_id, const uint8_t* in, size_t len,
- uint8_t** reply, size_t* reply_len) override;
- int32_t get_pubkey(const char *key_id, uint8_t** pubkey,
- size_t* reply_len) override;
-};
-
-#endif // ANDROID_KEYSTORE_BACKEND_HIDL_H