| /* |
| * Copyright (c) 2019, The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| #define LOG_TAG "credstore" |
| |
| #include <fcntl.h> |
| #include <stdlib.h> |
| #include <sys/stat.h> |
| #include <sys/types.h> |
| #include <unistd.h> |
| |
| #include <android-base/logging.h> |
| #include <android-base/stringprintf.h> |
| |
| #include <android/security/identity/ICredentialStore.h> |
| |
| #include "Util.h" |
| |
| namespace android { |
| namespace security { |
| namespace identity { |
| |
| using ::android::base::StringPrintf; |
| |
| Status halStatusToError(const Status& halStatus, int credStoreError) { |
| string message = StringPrintf( |
| "HAL failed with exception code %d (%s), service-specific error code %d, message '%s'", |
| halStatus.exceptionCode(), Status::exceptionToString(halStatus.exceptionCode()).c_str(), |
| halStatus.serviceSpecificErrorCode(), halStatus.exceptionMessage().c_str()); |
| return Status::fromServiceSpecificError(credStoreError, message.c_str()); |
| } |
| |
| Status halStatusToGenericError(const Status& halStatus) { |
| return halStatusToError(halStatus, ICredentialStore::ERROR_GENERIC); |
| } |
| |
| optional<vector<uint8_t>> fileGetContents(const string& path) { |
| int fd = open(path.c_str(), O_RDONLY); |
| if (fd == -1) { |
| PLOG(ERROR) << "Error opening " << path; |
| return {}; |
| } |
| |
| struct stat statbuf; |
| if (fstat(fd, &statbuf) != 0) { |
| PLOG(ERROR) << "Error statting " << path; |
| close(fd); |
| return {}; |
| } |
| vector<uint8_t> data; |
| data.resize(statbuf.st_size); |
| |
| uint8_t* p = data.data(); |
| size_t remaining = data.size(); |
| while (remaining > 0) { |
| ssize_t numRead = TEMP_FAILURE_RETRY(read(fd, p, remaining)); |
| if (numRead <= 0) { |
| PLOG(ERROR) << "Failed reading from '" << path << "'"; |
| close(fd); |
| return {}; |
| } |
| p += numRead; |
| remaining -= numRead; |
| } |
| close(fd); |
| |
| return data; |
| } |
| |
| bool fileSetContents(const string& path, const vector<uint8_t>& data) { |
| char tempName[4096]; |
| int fd; |
| |
| string tempNameStr = path + ".XXXXXX"; |
| if (tempNameStr.size() >= sizeof tempName - 1) { |
| LOG(ERROR) << "Path name too long"; |
| return false; |
| } |
| strncpy(tempName, tempNameStr.c_str(), sizeof tempName); |
| |
| fd = mkstemp(tempName); |
| if (fd == -1) { |
| PLOG(ERROR) << "Error creating temp file for '" << path << "'"; |
| return false; |
| } |
| |
| const uint8_t* p = data.data(); |
| size_t remaining = data.size(); |
| while (remaining > 0) { |
| ssize_t numWritten = TEMP_FAILURE_RETRY(write(fd, p, remaining)); |
| if (numWritten <= 0) { |
| PLOG(ERROR) << "Failed writing into temp file for '" << path << "'"; |
| close(fd); |
| return false; |
| } |
| p += numWritten; |
| remaining -= numWritten; |
| } |
| |
| if (TEMP_FAILURE_RETRY(fsync(fd))) { |
| PLOG(ERROR) << "Failed fsyncing temp file for '" << path << "'"; |
| close(fd); |
| return false; |
| } |
| close(fd); |
| |
| if (rename(tempName, path.c_str()) != 0) { |
| PLOG(ERROR) << "Error renaming temp file for '" << path << "'"; |
| close(fd); |
| return false; |
| } |
| |
| return true; |
| } |
| |
| } // namespace identity |
| } // namespace security |
| } // namespace android |