Delegate auth token parsing to HAL.
Auth tokens have an unfortunate dual character. To most of the system
they are opaque blobs that are intended only to be obtained from one
HAL (e.g. gatekeeper or fingerprint) and passed to another
HAL (keymaster), but keystore actually needs to extract some bits of
information from them in order to determine which of the available blobs
should be provided for a given keymaster key operation.
This CL adds a method that resolves this dual nature by moving the
responsibility of parsing blobs to the HAL so that no component of the
framework has to make any assumptions about their content and all can
treat them as fully opaque. This still means that the various HAL
implementers have to agree on content, but they also have to agree on an
HMAC key which much be securely distributed to all at every boot, so
asking them to agree on an auth token format is perfectly
acceptable. But now the Android system doesn't have to care about the
format.
Bug: 32962548
Test: CTS tests pass, plus manual testing.
Change-Id: I2ab4b4fbea1425fc08aa754fc10f8e386899af25
diff --git a/keystore/auth_token_table.h b/keystore/auth_token_table.h
index 6f7aab1..9bc944c 100644
--- a/keystore/auth_token_table.h
+++ b/keystore/auth_token_table.h
@@ -25,7 +25,7 @@
namespace keystore {
-using android::hardware::keymaster::V3_0::HardwareAuthToken;
+using android::hardware::keymaster::V3_0::HardwareAuthTokenInfo;
namespace test {
class AuthTokenTableTest;
@@ -59,9 +59,9 @@
};
/**
- * Add an authorization token to the table. The table takes ownership of the argument.
+ * Add an authorization token to the table.
*/
- void AddAuthenticationToken(const HardwareAuthToken* token);
+ void AddAuthenticationToken(hidl_vec<uint8_t> token, HardwareAuthTokenInfo info);
/**
* Find an authorization token that authorizes the operation specified by \p operation_handle on
@@ -74,7 +74,7 @@
* The table retains ownership of the returned object.
*/
Error FindAuthorization(const AuthorizationSet& key_info, KeyPurpose purpose,
- uint64_t op_handle, const HardwareAuthToken** found);
+ uint64_t op_handle, const hidl_vec<uint8_t>** token_found);
/**
* Mark operation completed. This allows tokens associated with the specified operation to be
@@ -97,11 +97,12 @@
class Entry {
public:
- Entry(const HardwareAuthToken* token, time_t current_time);
+ Entry(hidl_vec<uint8_t>&& token, HardwareAuthTokenInfo&& tokenInfo, time_t current_time);
Entry(Entry&& entry) { *this = std::move(entry); }
void operator=(Entry&& rhs) {
token_ = std::move(rhs.token_);
+ tokenInfo_ = std::move(rhs.tokenInfo_);
time_received_ = rhs.time_received_;
last_use_ = rhs.last_use_;
operation_completed_ = rhs.operation_completed_;
@@ -116,19 +117,19 @@
bool is_newer_than(const Entry* entry) {
if (!entry) return true;
- return timestamp_host_order() > entry->timestamp_host_order();
+ return tokenInfo_.timestamp > entry->tokenInfo_.timestamp;
}
void mark_completed() { operation_completed_ = true; }
- const HardwareAuthToken* token() { return token_.get(); }
+ const hidl_vec<uint8_t>& token() { return token_; }
+ const HardwareAuthTokenInfo& tokenInfo() { return tokenInfo_; }
time_t time_received() const { return time_received_; }
bool completed() const { return operation_completed_; }
- uint32_t timestamp_host_order() const;
- HardwareAuthenticatorType authenticator_type() const;
private:
- std::unique_ptr<const HardwareAuthToken> token_;
+ hidl_vec<uint8_t> token_;
+ HardwareAuthTokenInfo tokenInfo_;
time_t time_received_;
time_t last_use_;
bool operation_completed_;
@@ -136,10 +137,10 @@
Error FindAuthPerOpAuthorization(const std::vector<uint64_t>& sids,
HardwareAuthenticatorType auth_type, uint64_t op_handle,
- const HardwareAuthToken** found);
+ const hidl_vec<uint8_t>** found);
Error FindTimedAuthorization(const std::vector<uint64_t>& sids,
HardwareAuthenticatorType auth_type,
- const AuthorizationSet& key_info, const HardwareAuthToken** found);
+ const AuthorizationSet& key_info, const hidl_vec<uint8_t>** found);
void ExtractSids(const AuthorizationSet& key_info, std::vector<uint64_t>* sids);
void RemoveEntriesSupersededBy(const Entry& entry);
bool IsSupersededBySomeEntry(const Entry& entry);