Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 154d7699cc30ef5156d6497258c4dd350fcb1286 / . / keystore / IKeystoreService.cpp
blob: 7be3a97fa8db3ee6a8347cfdc37abf63e8704f04 [file] [log] [blame]
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1/*
2**
3** Copyright 2008, The Android Open Source Project
4**
5** Licensed under the Apache License, Version 2.0 (the "License");
6** you may not use this file except in compliance with the License.
7** You may obtain a copy of the License at
8**
9** http://www.apache.org/licenses/LICENSE-2.0
10**
11** Unless required by applicable law or agreed to in writing, software
12** distributed under the License is distributed on an "AS IS" BASIS,
13** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14** See the License for the specific language governing permissions and
15** limitations under the License.
16*/
17
18#include <stdint.h>
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]19#include <sys/limits.h>
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]20#include <sys/types.h>
21
22#define LOG_TAG "KeystoreService"
23#include <utils/Log.h>
24
25#include <binder/Parcel.h>
26#include <binder/IPCThreadState.h>
27#include <binder/IServiceManager.h>
28
29#include <keystore/IKeystoreService.h>
30
31namespace android {
32
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]33static keymaster_key_param_t* readParamList(const Parcel& in, size_t* length);
34
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]35KeystoreArg::KeystoreArg(const void* data, size_t len)
36 : mData(data), mSize(len) {
37}
38
39KeystoreArg::~KeystoreArg() {
40}
41
42const void *KeystoreArg::data() const {
43 return mData;
44}
45
46size_t KeystoreArg::size() const {
47 return mSize;
48}
49
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]50OperationResult::OperationResult() : resultCode(0), token(), inputConsumed(0),
51 data(NULL), dataLength(0) {
52}
53
54OperationResult::~OperationResult() {
55}
56
57void OperationResult::readFromParcel(const Parcel& in) {
58 resultCode = in.readInt32();
59 token = in.readStrongBinder();
60 inputConsumed = in.readInt32();
61 ssize_t length = in.readInt32();
62 dataLength = 0;
63 if (length > 0) {
64 const void* buf = in.readInplace(length);
65 if (buf) {
66 data.reset(reinterpret_cast<uint8_t*>(malloc(length)));
67 if (data.get()) {
68 memcpy(data.get(), buf, length);
69 dataLength = (size_t) length;
70 } else {
71 ALOGE("Failed to allocate OperationResult buffer");
72 }
73 } else {
74 ALOGE("Failed to readInplace OperationResult data");
75 }
76 }
77}
78
79void OperationResult::writeToParcel(Parcel* out) const {
80 out->writeInt32(resultCode);
81 out->writeStrongBinder(token);
82 out->writeInt32(inputConsumed);
83 out->writeInt32(dataLength);
84 if (dataLength && data) {
85 void* buf = out->writeInplace(dataLength);
86 if (buf) {
87 memcpy(buf, data.get(), dataLength);
88 } else {
89 ALOGE("Failed to writeInplace OperationResult data.");
90 }
91 }
92}
93
94ExportResult::ExportResult() : resultCode(0), exportData(NULL), dataLength(0) {
95}
96
97ExportResult::~ExportResult() {
98}
99
100void ExportResult::readFromParcel(const Parcel& in) {
101 resultCode = in.readInt32();
102 ssize_t length = in.readInt32();
103 dataLength = 0;
104 if (length > 0) {
105 const void* buf = in.readInplace(length);
106 if (buf) {
107 exportData.reset(reinterpret_cast<uint8_t*>(malloc(length)));
108 if (exportData.get()) {
109 memcpy(exportData.get(), buf, length);
110 dataLength = (size_t) length;
111 } else {
112 ALOGE("Failed to allocate ExportData buffer");
113 }
114 } else {
115 ALOGE("Failed to readInplace ExportData data");
116 }
117 }
118}
119
120void ExportResult::writeToParcel(Parcel* out) const {
121 out->writeInt32(resultCode);
122 out->writeInt32(dataLength);
123 if (exportData && dataLength) {
124 void* buf = out->writeInplace(dataLength);
125 if (buf) {
126 memcpy(buf, exportData.get(), dataLength);
127 } else {
128 ALOGE("Failed to writeInplace ExportResult data.");
129 }
130 }
131}
132
133KeymasterArguments::KeymasterArguments() {
134}
135
136KeymasterArguments::~KeymasterArguments() {
137 keymaster_free_param_values(params.data(), params.size());
138}
139
140void KeymasterArguments::readFromParcel(const Parcel& in) {
141 ssize_t length = in.readInt32();
142 size_t ulength = (size_t) length;
143 if (length < 0) {
144 ulength = 0;
145 }
146 keymaster_free_param_values(params.data(), params.size());
147 params.clear();
148 for(size_t i = 0; i < ulength; i++) {
149 keymaster_key_param_t param;
150 if (!readKeymasterArgumentFromParcel(in, &param)) {
151 ALOGE("Error reading keymaster argument from parcel");
152 break;
153 }
154 params.push_back(param);
155 }
156}
157
158void KeymasterArguments::writeToParcel(Parcel* out) const {
159 out->writeInt32(params.size());
160 for (auto param : params) {
161 out->writeInt32(1);
162 writeKeymasterArgumentToParcel(param, out);
163 }
164}
165
166KeyCharacteristics::KeyCharacteristics() {
167 memset((void*) &characteristics, 0, sizeof(characteristics));
168}
169
170KeyCharacteristics::~KeyCharacteristics() {
171 keymaster_free_characteristics(&characteristics);
172}
173
174void KeyCharacteristics::readFromParcel(const Parcel& in) {
175 size_t length = 0;
176 keymaster_key_param_t* params = readParamList(in, &length);
177 characteristics.sw_enforced.params = params;
178 characteristics.sw_enforced.length = length;
179
180 params = readParamList(in, &length);
181 characteristics.hw_enforced.params = params;
182 characteristics.hw_enforced.length = length;
183}
184
185void KeyCharacteristics::writeToParcel(Parcel* out) const {
186 if (characteristics.sw_enforced.params) {
187 out->writeInt32(characteristics.sw_enforced.length);
188 for (size_t i = 0; i < characteristics.sw_enforced.length; i++) {
189 out->writeInt32(1);
190 writeKeymasterArgumentToParcel(characteristics.sw_enforced.params[i], out);
191 }
192 } else {
193 out->writeInt32(0);
194 }
195 if (characteristics.hw_enforced.params) {
196 out->writeInt32(characteristics.hw_enforced.length);
197 for (size_t i = 0; i < characteristics.hw_enforced.length; i++) {
198 out->writeInt32(1);
199 writeKeymasterArgumentToParcel(characteristics.hw_enforced.params[i], out);
200 }
201 } else {
202 out->writeInt32(0);
203 }
204}
205
206void writeKeymasterArgumentToParcel(const keymaster_key_param_t& param, Parcel* out) {
207 switch (keymaster_tag_get_type(param.tag)) {
208 case KM_ENUM:
209 case KM_ENUM_REP: {
210 out->writeInt32(param.tag);
211 out->writeInt32(param.enumerated);
212 break;
213 }
214 case KM_INT:
215 case KM_INT_REP: {
216 out->writeInt32(param.tag);
217 out->writeInt32(param.integer);
218 break;
219 }
220 case KM_LONG: {
221 out->writeInt32(param.tag);
222 out->writeInt64(param.long_integer);
223 break;
224 }
225 case KM_DATE: {
226 out->writeInt32(param.tag);
227 out->writeInt64(param.date_time);
228 break;
229 }
230 case KM_BOOL: {
231 out->writeInt32(param.tag);
232 break;
233 }
234 case KM_BIGNUM:
235 case KM_BYTES: {
236 out->writeInt32(param.tag);
237 out->writeInt32(param.blob.data_length);
238 void* buf = out->writeInplace(param.blob.data_length);
239 if (buf) {
240 memcpy(buf, param.blob.data, param.blob.data_length);
241 } else {
242 ALOGE("Failed to writeInplace keymaster blob param");
243 }
244 break;
245 }
246 default: {
247 ALOGE("Failed to write argument: Unsupported keymaster_tag_t %d", param.tag);
248 }
249 }
250}
251
252
253bool readKeymasterArgumentFromParcel(const Parcel& in, keymaster_key_param_t* out) {
254 if (in.readInt32() == 0) {
255 return false;
256 }
257 keymaster_tag_t tag = static_cast<keymaster_tag_t>(in.readInt32());
258 switch (keymaster_tag_get_type(tag)) {
259 case KM_ENUM:
260 case KM_ENUM_REP: {
261 uint32_t value = in.readInt32();
262 *out = keymaster_param_enum(tag, value);
263 break;
264 }
265 case KM_INT:
266 case KM_INT_REP: {
267 uint32_t value = in.readInt32();
268 *out = keymaster_param_int(tag, value);
269 break;
270 }
271 case KM_LONG: {
272 uint64_t value = in.readInt64();
273 *out = keymaster_param_long(tag, value);
274 break;
275 }
276 case KM_DATE: {
277 uint64_t value = in.readInt64();
278 *out = keymaster_param_date(tag, value);
279 break;
280 }
281 case KM_BOOL: {
282 *out = keymaster_param_bool(tag);
283 break;
284 }
285 case KM_BIGNUM:
286 case KM_BYTES: {
287 ssize_t length = in.readInt32();
288 uint8_t* data = NULL;
289 size_t ulength = 0;
290 if (length >= 0) {
291 ulength = (size_t) length;
292 // use malloc here so we can use keymaster_free_param_values
293 // consistently.
294 data = reinterpret_cast<uint8_t*>(malloc(ulength));
295 const void* buf = in.readInplace(ulength);
296 if (!buf || !data) {
297 ALOGE("Failed to allocate buffer for keymaster blob param");
298 return false;
299 }
300 memcpy(data, buf, ulength);
301 }
302 *out = keymaster_param_blob(tag, data, ulength);
303 break;
304 }
305 default: {
306 ALOGE("Unsupported keymaster_tag_t %d", tag);
307 return false;
308 }
309 }
310 return true;
311}
312
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]313/**
314 * Read a byte array from in. The data at *data is still owned by the parcel
315 */
316static void readByteArray(const Parcel& in, const uint8_t** data, size_t* length) {
317 ssize_t slength = in.readInt32();
318 if (slength > 0) {
319 *data = reinterpret_cast<const uint8_t*>(in.readInplace(slength));
320 if (*data) {
321 *length = static_cast<size_t>(slength);
322 } else {
323 *length = 0;
324 }
325 } else {
326 *data = NULL;
327 *length = 0;
328 }
329}
330
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]331// Read a keymaster_key_param_t* from a Parcel for use in a
332// keymaster_key_characteristics_t. This will be free'd by calling
333// keymaster_free_key_characteristics.
334static keymaster_key_param_t* readParamList(const Parcel& in, size_t* length) {
335 ssize_t slength = in.readInt32();
336 *length = 0;
337 if (slength < 0) {
338 return NULL;
339 }
340 *length = (size_t) slength;
341 if (*length >= UINT_MAX / sizeof(keymaster_key_param_t)) {
342 return NULL;
343 }
344 keymaster_key_param_t* list =
345 reinterpret_cast<keymaster_key_param_t*>(malloc(*length *
346 sizeof(keymaster_key_param_t)));
347 if (!list) {
348 ALOGD("Failed to allocate buffer for generateKey outCharacteristics");
349 goto err;
350 }
351 for (size_t i = 0; i < *length ; i++) {
352 if (!readKeymasterArgumentFromParcel(in, &list[i])) {
353 ALOGE("Failed to read keymaster argument");
354 keymaster_free_param_values(list, i);
355 goto err;
356 }
357 }
358 return list;
359err:
360 free(list);
361 return NULL;
362}
363
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]364static std::unique_ptr<keymaster_blob_t> readKeymasterBlob(const Parcel& in) {
365 std::unique_ptr<keymaster_blob_t> blob;
366 if (in.readInt32() != 1) {
367 blob.reset(NULL);
368 return blob;
369 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]370 ssize_t length = in.readInt32();
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]371 blob.reset(new keymaster_blob_t);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]372 if (length > 0) {
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]373 blob->data = reinterpret_cast<const uint8_t*>(in.readInplace(length));
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]374 if (blob->data) {
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]375 blob->data_length = static_cast<size_t>(length);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]376 } else {
377 blob->data_length = 0;
378 }
379 } else {
380 blob->data = NULL;
381 blob->data_length = 0;
382 }
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]383 return blob;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]384}
385
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]386class BpKeystoreService: public BpInterface<IKeystoreService>
387{
388public:
389 BpKeystoreService(const sp<IBinder>& impl)
390 : BpInterface<IKeystoreService>(impl)
391 {
392 }
393
394 // test ping
395 virtual int32_t test()
396 {
397 Parcel data, reply;
398 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
399 status_t status = remote()->transact(BnKeystoreService::TEST, data, &reply);
400 if (status != NO_ERROR) {
401 ALOGD("test() could not contact remote: %d\n", status);
402 return -1;
403 }
404 int32_t err = reply.readExceptionCode();
405 int32_t ret = reply.readInt32();
406 if (err < 0) {
407 ALOGD("test() caught exception %d\n", err);
408 return -1;
409 }
410 return ret;
411 }
412
413 virtual int32_t get(const String16& name, uint8_t** item, size_t* itemLength)
414 {
415 Parcel data, reply;
416 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
417 data.writeString16(name);
418 status_t status = remote()->transact(BnKeystoreService::GET, data, &reply);
419 if (status != NO_ERROR) {
420 ALOGD("get() could not contact remote: %d\n", status);
421 return -1;
422 }
423 int32_t err = reply.readExceptionCode();
424 ssize_t len = reply.readInt32();
425 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
426 size_t ulen = (size_t) len;
427 const void* buf = reply.readInplace(ulen);
428 *item = (uint8_t*) malloc(ulen);
429 if (*item != NULL) {
430 memcpy(*item, buf, ulen);
431 *itemLength = ulen;
432 } else {
433 ALOGE("out of memory allocating output array in get");
434 *itemLength = 0;
435 }
436 } else {
437 *itemLength = 0;
438 }
439 if (err < 0) {
440 ALOGD("get() caught exception %d\n", err);
441 return -1;
442 }
443 return 0;
444 }
445
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]446 virtual int32_t insert(const String16& name, const uint8_t* item, size_t itemLength, int uid,
447 int32_t flags)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]448 {
449 Parcel data, reply;
450 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
451 data.writeString16(name);
452 data.writeInt32(itemLength);
453 void* buf = data.writeInplace(itemLength);
454 memcpy(buf, item, itemLength);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]455 data.writeInt32(uid);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]456 data.writeInt32(flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]457 status_t status = remote()->transact(BnKeystoreService::INSERT, data, &reply);
458 if (status != NO_ERROR) {
459 ALOGD("import() could not contact remote: %d\n", status);
460 return -1;
461 }
462 int32_t err = reply.readExceptionCode();
463 int32_t ret = reply.readInt32();
464 if (err < 0) {
465 ALOGD("import() caught exception %d\n", err);
466 return -1;
467 }
468 return ret;
469 }
470
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]471 virtual int32_t del(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]472 {
473 Parcel data, reply;
474 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
475 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]476 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]477 status_t status = remote()->transact(BnKeystoreService::DEL, data, &reply);
478 if (status != NO_ERROR) {
479 ALOGD("del() could not contact remote: %d\n", status);
480 return -1;
481 }
482 int32_t err = reply.readExceptionCode();
483 int32_t ret = reply.readInt32();
484 if (err < 0) {
485 ALOGD("del() caught exception %d\n", err);
486 return -1;
487 }
488 return ret;
489 }
490
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]491 virtual int32_t exist(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]492 {
493 Parcel data, reply;
494 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
495 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]496 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]497 status_t status = remote()->transact(BnKeystoreService::EXIST, data, &reply);
498 if (status != NO_ERROR) {
499 ALOGD("exist() could not contact remote: %d\n", status);
500 return -1;
501 }
502 int32_t err = reply.readExceptionCode();
503 int32_t ret = reply.readInt32();
504 if (err < 0) {
505 ALOGD("exist() caught exception %d\n", err);
506 return -1;
507 }
508 return ret;
509 }
510
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]511 virtual int32_t saw(const String16& name, int uid, Vector<String16>* matches)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]512 {
513 Parcel data, reply;
514 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
515 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]516 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]517 status_t status = remote()->transact(BnKeystoreService::SAW, data, &reply);
518 if (status != NO_ERROR) {
519 ALOGD("saw() could not contact remote: %d\n", status);
520 return -1;
521 }
522 int32_t err = reply.readExceptionCode();
523 int32_t numMatches = reply.readInt32();
524 for (int32_t i = 0; i < numMatches; i++) {
525 matches->push(reply.readString16());
526 }
527 int32_t ret = reply.readInt32();
528 if (err < 0) {
529 ALOGD("saw() caught exception %d\n", err);
530 return -1;
531 }
532 return ret;
533 }
534
535 virtual int32_t reset()
536 {
537 Parcel data, reply;
538 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
539 status_t status = remote()->transact(BnKeystoreService::RESET, data, &reply);
540 if (status != NO_ERROR) {
541 ALOGD("reset() could not contact remote: %d\n", status);
542 return -1;
543 }
544 int32_t err = reply.readExceptionCode();
545 int32_t ret = reply.readInt32();
546 if (err < 0) {
547 ALOGD("reset() caught exception %d\n", err);
548 return -1;
549 }
550 return ret;
551 }
552
553 virtual int32_t password(const String16& password)
554 {
555 Parcel data, reply;
556 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
557 data.writeString16(password);
558 status_t status = remote()->transact(BnKeystoreService::PASSWORD, data, &reply);
559 if (status != NO_ERROR) {
560 ALOGD("password() could not contact remote: %d\n", status);
561 return -1;
562 }
563 int32_t err = reply.readExceptionCode();
564 int32_t ret = reply.readInt32();
565 if (err < 0) {
566 ALOGD("password() caught exception %d\n", err);
567 return -1;
568 }
569 return ret;
570 }
571
572 virtual int32_t lock()
573 {
574 Parcel data, reply;
575 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
576 status_t status = remote()->transact(BnKeystoreService::LOCK, data, &reply);
577 if (status != NO_ERROR) {
578 ALOGD("lock() could not contact remote: %d\n", status);
579 return -1;
580 }
581 int32_t err = reply.readExceptionCode();
582 int32_t ret = reply.readInt32();
583 if (err < 0) {
584 ALOGD("lock() caught exception %d\n", err);
585 return -1;
586 }
587 return ret;
588 }
589
590 virtual int32_t unlock(const String16& password)
591 {
592 Parcel data, reply;
593 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
594 data.writeString16(password);
595 status_t status = remote()->transact(BnKeystoreService::UNLOCK, data, &reply);
596 if (status != NO_ERROR) {
597 ALOGD("unlock() could not contact remote: %d\n", status);
598 return -1;
599 }
600 int32_t err = reply.readExceptionCode();
601 int32_t ret = reply.readInt32();
602 if (err < 0) {
603 ALOGD("unlock() caught exception %d\n", err);
604 return -1;
605 }
606 return ret;
607 }
608
609 virtual int32_t zero()
610 {
611 Parcel data, reply;
612 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
613 status_t status = remote()->transact(BnKeystoreService::ZERO, data, &reply);
614 if (status != NO_ERROR) {
615 ALOGD("zero() could not contact remote: %d\n", status);
616 return -1;
617 }
618 int32_t err = reply.readExceptionCode();
619 int32_t ret = reply.readInt32();
620 if (err < 0) {
621 ALOGD("zero() caught exception %d\n", err);
622 return -1;
623 }
624 return ret;
625 }
626
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]627 virtual int32_t generate(const String16& name, int32_t uid, int32_t keyType, int32_t keySize,
628 int32_t flags, Vector<sp<KeystoreArg> >* args)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]629 {
630 Parcel data, reply;
631 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
632 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]633 data.writeInt32(uid);
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]634 data.writeInt32(keyType);
635 data.writeInt32(keySize);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]636 data.writeInt32(flags);
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]637 data.writeInt32(1);
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]638 data.writeInt32(args->size());
639 for (Vector<sp<KeystoreArg> >::iterator it = args->begin(); it != args->end(); ++it) {
640 sp<KeystoreArg> item = *it;
641 size_t keyLength = item->size();
642 data.writeInt32(keyLength);
643 void* buf = data.writeInplace(keyLength);
644 memcpy(buf, item->data(), keyLength);
645 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]646 status_t status = remote()->transact(BnKeystoreService::GENERATE, data, &reply);
647 if (status != NO_ERROR) {
648 ALOGD("generate() could not contact remote: %d\n", status);
649 return -1;
650 }
651 int32_t err = reply.readExceptionCode();
652 int32_t ret = reply.readInt32();
653 if (err < 0) {
654 ALOGD("generate() caught exception %d\n", err);
655 return -1;
656 }
657 return ret;
658 }
659
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]660 virtual int32_t import(const String16& name, const uint8_t* key, size_t keyLength, int uid,
661 int flags)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]662 {
663 Parcel data, reply;
664 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
665 data.writeString16(name);
666 data.writeInt32(keyLength);
667 void* buf = data.writeInplace(keyLength);
668 memcpy(buf, key, keyLength);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]669 data.writeInt32(uid);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]670 data.writeInt32(flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]671 status_t status = remote()->transact(BnKeystoreService::IMPORT, data, &reply);
672 if (status != NO_ERROR) {
673 ALOGD("import() could not contact remote: %d\n", status);
674 return -1;
675 }
676 int32_t err = reply.readExceptionCode();
677 int32_t ret = reply.readInt32();
678 if (err < 0) {
679 ALOGD("import() caught exception %d\n", err);
680 return -1;
681 }
682 return ret;
683 }
684
685 virtual int32_t sign(const String16& name, const uint8_t* in, size_t inLength, uint8_t** out,
686 size_t* outLength)
687 {
688 Parcel data, reply;
689 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
690 data.writeString16(name);
691 data.writeInt32(inLength);
692 void* buf = data.writeInplace(inLength);
693 memcpy(buf, in, inLength);
694 status_t status = remote()->transact(BnKeystoreService::SIGN, data, &reply);
695 if (status != NO_ERROR) {
696 ALOGD("import() could not contact remote: %d\n", status);
697 return -1;
698 }
699 int32_t err = reply.readExceptionCode();
700 ssize_t len = reply.readInt32();
701 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
702 size_t ulen = (size_t) len;
703 const void* outBuf = reply.readInplace(ulen);
704 *out = (uint8_t*) malloc(ulen);
705 if (*out != NULL) {
706 memcpy((void*) *out, outBuf, ulen);
707 *outLength = ulen;
708 } else {
709 ALOGE("out of memory allocating output array in sign");
710 *outLength = 0;
711 }
712 } else {
713 *outLength = 0;
714 }
715 if (err < 0) {
716 ALOGD("import() caught exception %d\n", err);
717 return -1;
718 }
719 return 0;
720 }
721
722 virtual int32_t verify(const String16& name, const uint8_t* in, size_t inLength,
723 const uint8_t* signature, size_t signatureLength)
724 {
725 Parcel data, reply;
726 void* buf;
727
728 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
729 data.writeString16(name);
730 data.writeInt32(inLength);
731 buf = data.writeInplace(inLength);
732 memcpy(buf, in, inLength);
733 data.writeInt32(signatureLength);
734 buf = data.writeInplace(signatureLength);
735 memcpy(buf, signature, signatureLength);
736 status_t status = remote()->transact(BnKeystoreService::VERIFY, data, &reply);
737 if (status != NO_ERROR) {
738 ALOGD("verify() could not contact remote: %d\n", status);
739 return -1;
740 }
741 int32_t err = reply.readExceptionCode();
742 int32_t ret = reply.readInt32();
743 if (err < 0) {
744 ALOGD("verify() caught exception %d\n", err);
745 return -1;
746 }
747 return ret;
748 }
749
750 virtual int32_t get_pubkey(const String16& name, uint8_t** pubkey, size_t* pubkeyLength)
751 {
752 Parcel data, reply;
753 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
754 data.writeString16(name);
755 status_t status = remote()->transact(BnKeystoreService::GET_PUBKEY, data, &reply);
756 if (status != NO_ERROR) {
757 ALOGD("get_pubkey() could not contact remote: %d\n", status);
758 return -1;
759 }
760 int32_t err = reply.readExceptionCode();
761 ssize_t len = reply.readInt32();
762 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
763 size_t ulen = (size_t) len;
764 const void* buf = reply.readInplace(ulen);
765 *pubkey = (uint8_t*) malloc(ulen);
766 if (*pubkey != NULL) {
767 memcpy(*pubkey, buf, ulen);
768 *pubkeyLength = ulen;
769 } else {
770 ALOGE("out of memory allocating output array in get_pubkey");
771 *pubkeyLength = 0;
772 }
773 } else {
774 *pubkeyLength = 0;
775 }
776 if (err < 0) {
777 ALOGD("get_pubkey() caught exception %d\n", err);
778 return -1;
779 }
780 return 0;
781 }
782
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]783 virtual int32_t del_key(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]784 {
785 Parcel data, reply;
786 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
787 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]788 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]789 status_t status = remote()->transact(BnKeystoreService::DEL_KEY, data, &reply);
790 if (status != NO_ERROR) {
791 ALOGD("del_key() could not contact remote: %d\n", status);
792 return -1;
793 }
794 int32_t err = reply.readExceptionCode();
795 int32_t ret = reply.readInt32();
796 if (err < 0) {
797 ALOGD("del_key() caught exception %d\n", err);
798 return -1;
799 }
800 return ret;
801 }
802
803 virtual int32_t grant(const String16& name, int32_t granteeUid)
804 {
805 Parcel data, reply;
806 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
807 data.writeString16(name);
808 data.writeInt32(granteeUid);
809 status_t status = remote()->transact(BnKeystoreService::GRANT, data, &reply);
810 if (status != NO_ERROR) {
811 ALOGD("grant() could not contact remote: %d\n", status);
812 return -1;
813 }
814 int32_t err = reply.readExceptionCode();
815 int32_t ret = reply.readInt32();
816 if (err < 0) {
817 ALOGD("grant() caught exception %d\n", err);
818 return -1;
819 }
820 return ret;
821 }
822
823 virtual int32_t ungrant(const String16& name, int32_t granteeUid)
824 {
825 Parcel data, reply;
826 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
827 data.writeString16(name);
828 data.writeInt32(granteeUid);
829 status_t status = remote()->transact(BnKeystoreService::UNGRANT, data, &reply);
830 if (status != NO_ERROR) {
831 ALOGD("ungrant() could not contact remote: %d\n", status);
832 return -1;
833 }
834 int32_t err = reply.readExceptionCode();
835 int32_t ret = reply.readInt32();
836 if (err < 0) {
837 ALOGD("ungrant() caught exception %d\n", err);
838 return -1;
839 }
840 return ret;
841 }
842
843 int64_t getmtime(const String16& name)
844 {
845 Parcel data, reply;
846 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
847 data.writeString16(name);
848 status_t status = remote()->transact(BnKeystoreService::GETMTIME, data, &reply);
849 if (status != NO_ERROR) {
850 ALOGD("getmtime() could not contact remote: %d\n", status);
851 return -1;
852 }
853 int32_t err = reply.readExceptionCode();
854 int64_t ret = reply.readInt64();
855 if (err < 0) {
856 ALOGD("getmtime() caught exception %d\n", err);
857 return -1;
858 }
859 return ret;
860 }
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]861
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]862 virtual int32_t duplicate(const String16& srcKey, int32_t srcUid, const String16& destKey,
863 int32_t destUid)
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]864 {
865 Parcel data, reply;
866 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]867 data.writeString16(srcKey);
868 data.writeInt32(srcUid);
869 data.writeString16(destKey);
870 data.writeInt32(destUid);
871 status_t status = remote()->transact(BnKeystoreService::DUPLICATE, data, &reply);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]872 if (status != NO_ERROR) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]873 ALOGD("duplicate() could not contact remote: %d\n", status);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]874 return -1;
875 }
876 int32_t err = reply.readExceptionCode();
877 int32_t ret = reply.readInt32();
878 if (err < 0) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]879 ALOGD("duplicate() caught exception %d\n", err);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]880 return -1;
881 }
882 return ret;
883 }
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]884
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]885 virtual int32_t is_hardware_backed(const String16& keyType)
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]886 {
887 Parcel data, reply;
888 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]889 data.writeString16(keyType);
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]890 status_t status = remote()->transact(BnKeystoreService::IS_HARDWARE_BACKED, data, &reply);
891 if (status != NO_ERROR) {
892 ALOGD("is_hardware_backed() could not contact remote: %d\n", status);
893 return -1;
894 }
895 int32_t err = reply.readExceptionCode();
896 int32_t ret = reply.readInt32();
897 if (err < 0) {
898 ALOGD("is_hardware_backed() caught exception %d\n", err);
899 return -1;
900 }
901 return ret;
902 }
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]903
904 virtual int32_t clear_uid(int64_t uid)
905 {
906 Parcel data, reply;
907 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
908 data.writeInt64(uid);
909 status_t status = remote()->transact(BnKeystoreService::CLEAR_UID, data, &reply);
910 if (status != NO_ERROR) {
911 ALOGD("clear_uid() could not contact remote: %d\n", status);
912 return -1;
913 }
914 int32_t err = reply.readExceptionCode();
915 int32_t ret = reply.readInt32();
916 if (err < 0) {
917 ALOGD("clear_uid() caught exception %d\n", err);
918 return -1;
919 }
920 return ret;
921 }
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]922
923 virtual int32_t reset_uid(int32_t uid) {
924 Parcel data, reply;
925 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
926 data.writeInt32(uid);
927 status_t status = remote()->transact(BnKeystoreService::RESET_UID, data, &reply);
928 if (status != NO_ERROR) {
929 ALOGD("reset_uid() could not contact remote: %d\n", status);
930 return -1;
931 }
932 int32_t err = reply.readExceptionCode();
933 int32_t ret = reply.readInt32();
934 if (err < 0) {
935 ALOGD("reset_uid() caught exception %d\n", err);
936 return -1;
937 }
938 return ret;
939
940 }
941
942 virtual int32_t sync_uid(int32_t sourceUid, int32_t targetUid)
943 {
944 Parcel data, reply;
945 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
946 data.writeInt32(sourceUid);
947 data.writeInt32(targetUid);
948 status_t status = remote()->transact(BnKeystoreService::SYNC_UID, data, &reply);
949 if (status != NO_ERROR) {
950 ALOGD("sync_uid() could not contact remote: %d\n", status);
951 return -1;
952 }
953 int32_t err = reply.readExceptionCode();
954 int32_t ret = reply.readInt32();
955 if (err < 0) {
956 ALOGD("sync_uid() caught exception %d\n", err);
957 return -1;
958 }
959 return ret;
960 }
961
962 virtual int32_t password_uid(const String16& password, int32_t uid)
963 {
964 Parcel data, reply;
965 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
966 data.writeString16(password);
967 data.writeInt32(uid);
968 status_t status = remote()->transact(BnKeystoreService::PASSWORD_UID, data, &reply);
969 if (status != NO_ERROR) {
970 ALOGD("password_uid() could not contact remote: %d\n", status);
971 return -1;
972 }
973 int32_t err = reply.readExceptionCode();
974 int32_t ret = reply.readInt32();
975 if (err < 0) {
976 ALOGD("password_uid() caught exception %d\n", err);
977 return -1;
978 }
979 return ret;
980 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]981 virtual int32_t addRngEntropy(const uint8_t* buf, size_t bufLength)
982 {
983 Parcel data, reply;
984 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
985 data.writeInt32(bufLength);
986 data.writeByteArray(bufLength, buf);
987 status_t status = remote()->transact(BnKeystoreService::ADD_RNG_ENTROPY, data, &reply);
988 if (status != NO_ERROR) {
989 ALOGD("addRngEntropy() could not contact remote: %d\n", status);
990 return -1;
991 }
992 int32_t err = reply.readExceptionCode();
993 int32_t ret = reply.readInt32();
994 if (err < 0) {
995 ALOGD("addRngEntropy() caught exception %d\n", err);
996 return -1;
997 }
998 return ret;
999 };
1000
1001 virtual int32_t generateKey(const String16& name, const KeymasterArguments& params,
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame^]1002 const uint8_t* entropy, size_t entropyLength, int uid, int flags,
1003 KeyCharacteristics* outCharacteristics)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1004 {
1005 Parcel data, reply;
1006 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1007 data.writeString16(name);
1008 data.writeInt32(1);
1009 params.writeToParcel(&data);
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame^]1010 data.writeByteArray(entropyLength, entropy);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1011 data.writeInt32(uid);
1012 data.writeInt32(flags);
1013 status_t status = remote()->transact(BnKeystoreService::GENERATE_KEY, data, &reply);
1014 if (status != NO_ERROR) {
1015 ALOGD("generateKey() could not contact remote: %d\n", status);
1016 return KM_ERROR_UNKNOWN_ERROR;
1017 }
1018 int32_t err = reply.readExceptionCode();
1019 int32_t ret = reply.readInt32();
1020 if (err < 0) {
1021 ALOGD("generateKey() caught exception %d\n", err);
1022 return KM_ERROR_UNKNOWN_ERROR;
1023 }
1024 if (reply.readInt32() != 0 && outCharacteristics) {
1025 outCharacteristics->readFromParcel(reply);
1026 }
1027 return ret;
1028 }
1029 virtual int32_t getKeyCharacteristics(const String16& name,
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1030 const keymaster_blob_t* clientId,
1031 const keymaster_blob_t* appData,
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1032 KeyCharacteristics* outCharacteristics)
1033 {
1034 Parcel data, reply;
1035 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1036 data.writeString16(name);
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1037 if (clientId) {
1038 data.writeByteArray(clientId->data_length, clientId->data);
1039 } else {
1040 data.writeInt32(-1);
1041 }
1042 if (appData) {
1043 data.writeByteArray(appData->data_length, appData->data);
1044 } else {
1045 data.writeInt32(-1);
1046 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1047 status_t status = remote()->transact(BnKeystoreService::GET_KEY_CHARACTERISTICS,
1048 data, &reply);
1049 if (status != NO_ERROR) {
1050 ALOGD("getKeyCharacteristics() could not contact remote: %d\n", status);
1051 return KM_ERROR_UNKNOWN_ERROR;
1052 }
1053 int32_t err = reply.readExceptionCode();
1054 int32_t ret = reply.readInt32();
1055 if (err < 0) {
1056 ALOGD("getKeyCharacteristics() caught exception %d\n", err);
1057 return KM_ERROR_UNKNOWN_ERROR;
1058 }
1059 if (reply.readInt32() != 0 && outCharacteristics) {
1060 outCharacteristics->readFromParcel(reply);
1061 }
1062 return ret;
1063 }
1064 virtual int32_t importKey(const String16& name, const KeymasterArguments& params,
1065 keymaster_key_format_t format, const uint8_t *keyData,
1066 size_t keyLength, int uid, int flags,
1067 KeyCharacteristics* outCharacteristics)
1068 {
1069 Parcel data, reply;
1070 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1071 data.writeString16(name);
1072 data.writeInt32(1);
1073 params.writeToParcel(&data);
1074 data.writeInt32(format);
1075 data.writeByteArray(keyLength, keyData);
1076 data.writeInt32(uid);
1077 data.writeInt32(flags);
1078 status_t status = remote()->transact(BnKeystoreService::IMPORT_KEY, data, &reply);
1079 if (status != NO_ERROR) {
1080 ALOGD("importKey() could not contact remote: %d\n", status);
1081 return KM_ERROR_UNKNOWN_ERROR;
1082 }
1083 int32_t err = reply.readExceptionCode();
1084 int32_t ret = reply.readInt32();
1085 if (err < 0) {
1086 ALOGD("importKey() caught exception %d\n", err);
1087 return KM_ERROR_UNKNOWN_ERROR;
1088 }
1089 if (reply.readInt32() != 0 && outCharacteristics) {
1090 outCharacteristics->readFromParcel(reply);
1091 }
1092 return ret;
1093 }
1094
1095 virtual void exportKey(const String16& name, keymaster_key_format_t format,
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1096 const keymaster_blob_t* clientId,
1097 const keymaster_blob_t* appData, ExportResult* result)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1098 {
1099 if (!result) {
1100 return;
1101 }
1102
1103 Parcel data, reply;
1104 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1105 data.writeString16(name);
1106 data.writeInt32(format);
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1107 if (clientId) {
1108 data.writeByteArray(clientId->data_length, clientId->data);
1109 } else {
1110 data.writeInt32(-1);
1111 }
1112 if (appData) {
1113 data.writeByteArray(appData->data_length, appData->data);
1114 } else {
1115 data.writeInt32(-1);
1116 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1117 status_t status = remote()->transact(BnKeystoreService::EXPORT_KEY, data, &reply);
1118 if (status != NO_ERROR) {
1119 ALOGD("exportKey() could not contact remote: %d\n", status);
1120 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1121 return;
1122 }
1123 int32_t err = reply.readExceptionCode();
1124 if (err < 0) {
1125 ALOGD("exportKey() caught exception %d\n", err);
1126 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1127 return;
1128 }
1129 if (reply.readInt32() != 0) {
1130 result->readFromParcel(reply);
1131 }
1132 }
1133
1134 virtual void begin(const sp<IBinder>& appToken, const String16& name,
1135 keymaster_purpose_t purpose, bool pruneable,
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame^]1136 const KeymasterArguments& params, const uint8_t* entropy,
1137 size_t entropyLength, KeymasterArguments* outParams,
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1138 OperationResult* result)
1139 {
1140 if (!result || !outParams) {
1141 return;
1142 }
1143 Parcel data, reply;
1144 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1145 data.writeStrongBinder(appToken);
1146 data.writeString16(name);
1147 data.writeInt32(purpose);
1148 data.writeInt32(pruneable ? 1 : 0);
1149 data.writeInt32(1);
1150 params.writeToParcel(&data);
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame^]1151 data.writeByteArray(entropyLength, entropy);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1152 status_t status = remote()->transact(BnKeystoreService::BEGIN, data, &reply);
1153 if (status != NO_ERROR) {
1154 ALOGD("begin() could not contact remote: %d\n", status);
1155 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1156 return;
1157 }
1158 int32_t err = reply.readExceptionCode();
1159 if (err < 0) {
1160 ALOGD("begin() caught exception %d\n", err);
1161 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1162 return;
1163 }
1164 if (reply.readInt32() != 0) {
1165 result->readFromParcel(reply);
1166 }
1167 if (reply.readInt32() != 0) {
1168 outParams->readFromParcel(reply);
1169 }
1170 }
1171
1172 virtual void update(const sp<IBinder>& token, const KeymasterArguments& params,
Chad Brubaker40a1a9b2015-02-20 14:08:13 -0800[diff] [blame]1173 const uint8_t* opData, size_t dataLength, OperationResult* result)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1174 {
1175 if (!result) {
1176 return;
1177 }
1178 Parcel data, reply;
1179 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1180 data.writeStrongBinder(token);
1181 data.writeInt32(1);
1182 params.writeToParcel(&data);
1183 data.writeByteArray(dataLength, opData);
1184 status_t status = remote()->transact(BnKeystoreService::UPDATE, data, &reply);
1185 if (status != NO_ERROR) {
1186 ALOGD("update() could not contact remote: %d\n", status);
1187 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1188 return;
1189 }
1190 int32_t err = reply.readExceptionCode();
1191 if (err < 0) {
1192 ALOGD("update() caught exception %d\n", err);
1193 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1194 return;
1195 }
1196 if (reply.readInt32() != 0) {
1197 result->readFromParcel(reply);
1198 }
1199 }
1200
1201 virtual void finish(const sp<IBinder>& token, const KeymasterArguments& params,
Chad Brubaker40a1a9b2015-02-20 14:08:13 -0800[diff] [blame]1202 const uint8_t* signature, size_t signatureLength, OperationResult* result)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1203 {
1204 if (!result) {
1205 return;
1206 }
1207 Parcel data, reply;
1208 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1209 data.writeStrongBinder(token);
1210 data.writeInt32(1);
1211 params.writeToParcel(&data);
1212 data.writeByteArray(signatureLength, signature);
1213 status_t status = remote()->transact(BnKeystoreService::FINISH, data, &reply);
1214 if (status != NO_ERROR) {
1215 ALOGD("finish() could not contact remote: %d\n", status);
1216 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1217 return;
1218 }
1219 int32_t err = reply.readExceptionCode();
1220 if (err < 0) {
1221 ALOGD("finish() caught exception %d\n", err);
1222 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1223 return;
1224 }
1225 if (reply.readInt32() != 0) {
1226 result->readFromParcel(reply);
1227 }
1228 }
1229
1230 virtual int32_t abort(const sp<IBinder>& token)
1231 {
1232 Parcel data, reply;
1233 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1234 data.writeStrongBinder(token);
1235 status_t status = remote()->transact(BnKeystoreService::FINISH, data, &reply);
1236 if (status != NO_ERROR) {
1237 ALOGD("abort() could not contact remote: %d\n", status);
1238 return KM_ERROR_UNKNOWN_ERROR;
1239 }
1240 int32_t err = reply.readExceptionCode();
1241 int32_t ret = reply.readInt32();
1242 if (err < 0) {
1243 ALOGD("abort() caught exception %d\n", err);
1244 return KM_ERROR_UNKNOWN_ERROR;
1245 }
1246 return ret;
1247 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1248};
1249
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]1250IMPLEMENT_META_INTERFACE(KeystoreService, "android.security.IKeystoreService");
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1251
1252// ----------------------------------------------------------------------
1253
1254status_t BnKeystoreService::onTransact(
1255 uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags)
1256{
1257 switch(code) {
1258 case TEST: {
1259 CHECK_INTERFACE(IKeystoreService, data, reply);
1260 int32_t ret = test();
1261 reply->writeNoException();
1262 reply->writeInt32(ret);
1263 return NO_ERROR;
1264 } break;
1265 case GET: {
1266 CHECK_INTERFACE(IKeystoreService, data, reply);
1267 String16 name = data.readString16();
1268 void* out = NULL;
1269 size_t outSize = 0;
1270 int32_t ret = get(name, (uint8_t**) &out, &outSize);
1271 reply->writeNoException();
1272 if (ret == 1) {
1273 reply->writeInt32(outSize);
1274 void* buf = reply->writeInplace(outSize);
1275 memcpy(buf, out, outSize);
1276 free(out);
1277 } else {
1278 reply->writeInt32(-1);
1279 }
1280 return NO_ERROR;
1281 } break;
1282 case INSERT: {
1283 CHECK_INTERFACE(IKeystoreService, data, reply);
1284 String16 name = data.readString16();
1285 ssize_t inSize = data.readInt32();
1286 const void* in;
1287 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1288 in = data.readInplace(inSize);
1289 } else {
1290 in = NULL;
1291 inSize = 0;
1292 }
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1293 int uid = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]1294 int32_t flags = data.readInt32();
1295 int32_t ret = insert(name, (const uint8_t*) in, (size_t) inSize, uid, flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1296 reply->writeNoException();
1297 reply->writeInt32(ret);
1298 return NO_ERROR;
1299 } break;
1300 case DEL: {
1301 CHECK_INTERFACE(IKeystoreService, data, reply);
1302 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1303 int uid = data.readInt32();
1304 int32_t ret = del(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1305 reply->writeNoException();
1306 reply->writeInt32(ret);
1307 return NO_ERROR;
1308 } break;
1309 case EXIST: {
1310 CHECK_INTERFACE(IKeystoreService, data, reply);
1311 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1312 int uid = data.readInt32();
1313 int32_t ret = exist(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1314 reply->writeNoException();
1315 reply->writeInt32(ret);
1316 return NO_ERROR;
1317 } break;
1318 case SAW: {
1319 CHECK_INTERFACE(IKeystoreService, data, reply);
1320 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1321 int uid = data.readInt32();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1322 Vector<String16> matches;
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1323 int32_t ret = saw(name, uid, &matches);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1324 reply->writeNoException();
1325 reply->writeInt32(matches.size());
1326 Vector<String16>::const_iterator it = matches.begin();
1327 for (; it != matches.end(); ++it) {
1328 reply->writeString16(*it);
1329 }
1330 reply->writeInt32(ret);
1331 return NO_ERROR;
1332 } break;
1333 case RESET: {
1334 CHECK_INTERFACE(IKeystoreService, data, reply);
1335 int32_t ret = reset();
1336 reply->writeNoException();
1337 reply->writeInt32(ret);
1338 return NO_ERROR;
1339 } break;
1340 case PASSWORD: {
1341 CHECK_INTERFACE(IKeystoreService, data, reply);
1342 String16 pass = data.readString16();
1343 int32_t ret = password(pass);
1344 reply->writeNoException();
1345 reply->writeInt32(ret);
1346 return NO_ERROR;
1347 } break;
1348 case LOCK: {
1349 CHECK_INTERFACE(IKeystoreService, data, reply);
1350 int32_t ret = lock();
1351 reply->writeNoException();
1352 reply->writeInt32(ret);
1353 return NO_ERROR;
1354 } break;
1355 case UNLOCK: {
1356 CHECK_INTERFACE(IKeystoreService, data, reply);
1357 String16 pass = data.readString16();
1358 int32_t ret = unlock(pass);
1359 reply->writeNoException();
1360 reply->writeInt32(ret);
1361 return NO_ERROR;
1362 } break;
1363 case ZERO: {
1364 CHECK_INTERFACE(IKeystoreService, data, reply);
1365 int32_t ret = zero();
1366 reply->writeNoException();
1367 reply->writeInt32(ret);
1368 return NO_ERROR;
1369 } break;
1370 case GENERATE: {
1371 CHECK_INTERFACE(IKeystoreService, data, reply);
1372 String16 name = data.readString16();
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1373 int32_t uid = data.readInt32();
1374 int32_t keyType = data.readInt32();
1375 int32_t keySize = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]1376 int32_t flags = data.readInt32();
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1377 Vector<sp<KeystoreArg> > args;
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]1378 int32_t argsPresent = data.readInt32();
1379 if (argsPresent == 1) {
1380 ssize_t numArgs = data.readInt32();
1381 if (numArgs > 0) {
1382 for (size_t i = 0; i < (size_t) numArgs; i++) {
1383 ssize_t inSize = data.readInt32();
1384 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1385 sp<KeystoreArg> arg = new KeystoreArg(data.readInplace(inSize),
1386 inSize);
1387 args.push_back(arg);
1388 } else {
1389 args.push_back(NULL);
1390 }
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1391 }
1392 }
1393 }
1394 int32_t ret = generate(name, uid, keyType, keySize, flags, &args);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1395 reply->writeNoException();
1396 reply->writeInt32(ret);
1397 return NO_ERROR;
1398 } break;
1399 case IMPORT: {
1400 CHECK_INTERFACE(IKeystoreService, data, reply);
1401 String16 name = data.readString16();
1402 ssize_t inSize = data.readInt32();
1403 const void* in;
1404 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1405 in = data.readInplace(inSize);
1406 } else {
1407 in = NULL;
1408 inSize = 0;
1409 }
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1410 int uid = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]1411 int32_t flags = data.readInt32();
1412 int32_t ret = import(name, (const uint8_t*) in, (size_t) inSize, uid, flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1413 reply->writeNoException();
1414 reply->writeInt32(ret);
1415 return NO_ERROR;
1416 } break;
1417 case SIGN: {
1418 CHECK_INTERFACE(IKeystoreService, data, reply);
1419 String16 name = data.readString16();
1420 ssize_t inSize = data.readInt32();
1421 const void* in;
1422 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1423 in = data.readInplace(inSize);
1424 } else {
1425 in = NULL;
1426 inSize = 0;
1427 }
1428 void* out = NULL;
1429 size_t outSize = 0;
1430 int32_t ret = sign(name, (const uint8_t*) in, (size_t) inSize, (uint8_t**) &out, &outSize);
1431 reply->writeNoException();
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1432 if (outSize > 0 && out != NULL) {
1433 reply->writeInt32(outSize);
1434 void* buf = reply->writeInplace(outSize);
1435 memcpy(buf, out, outSize);
1436 free(out);
1437 } else {
Kenny Roote289c402013-02-14 11:31:53 -0800[diff] [blame]1438 reply->writeInt32(-1);
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1439 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1440 reply->writeInt32(ret);
1441 return NO_ERROR;
1442 } break;
1443 case VERIFY: {
1444 CHECK_INTERFACE(IKeystoreService, data, reply);
1445 String16 name = data.readString16();
1446 ssize_t inSize = data.readInt32();
1447 const void* in;
1448 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1449 in = data.readInplace(inSize);
1450 } else {
1451 in = NULL;
1452 inSize = 0;
1453 }
1454 ssize_t sigSize = data.readInt32();
1455 const void* sig;
1456 if (sigSize >= 0 && (size_t) sigSize <= data.dataAvail()) {
1457 sig = data.readInplace(sigSize);
1458 } else {
1459 sig = NULL;
1460 sigSize = 0;
1461 }
1462 bool ret = verify(name, (const uint8_t*) in, (size_t) inSize, (const uint8_t*) sig,
1463 (size_t) sigSize);
1464 reply->writeNoException();
1465 reply->writeInt32(ret ? 1 : 0);
1466 return NO_ERROR;
1467 } break;
1468 case GET_PUBKEY: {
1469 CHECK_INTERFACE(IKeystoreService, data, reply);
1470 String16 name = data.readString16();
1471 void* out = NULL;
1472 size_t outSize = 0;
1473 int32_t ret = get_pubkey(name, (unsigned char**) &out, &outSize);
1474 reply->writeNoException();
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1475 if (outSize > 0 && out != NULL) {
1476 reply->writeInt32(outSize);
1477 void* buf = reply->writeInplace(outSize);
1478 memcpy(buf, out, outSize);
1479 free(out);
1480 } else {
Kenny Roote289c402013-02-14 11:31:53 -0800[diff] [blame]1481 reply->writeInt32(-1);
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1482 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1483 reply->writeInt32(ret);
1484 return NO_ERROR;
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1485 } break;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1486 case DEL_KEY: {
1487 CHECK_INTERFACE(IKeystoreService, data, reply);
1488 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1489 int uid = data.readInt32();
1490 int32_t ret = del_key(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1491 reply->writeNoException();
1492 reply->writeInt32(ret);
1493 return NO_ERROR;
1494 } break;
1495 case GRANT: {
1496 CHECK_INTERFACE(IKeystoreService, data, reply);
1497 String16 name = data.readString16();
1498 int32_t granteeUid = data.readInt32();
1499 int32_t ret = grant(name, granteeUid);
1500 reply->writeNoException();
1501 reply->writeInt32(ret);
1502 return NO_ERROR;
1503 } break;
1504 case UNGRANT: {
1505 CHECK_INTERFACE(IKeystoreService, data, reply);
1506 String16 name = data.readString16();
1507 int32_t granteeUid = data.readInt32();
1508 int32_t ret = ungrant(name, granteeUid);
1509 reply->writeNoException();
1510 reply->writeInt32(ret);
1511 return NO_ERROR;
1512 } break;
1513 case GETMTIME: {
1514 CHECK_INTERFACE(IKeystoreService, data, reply);
1515 String16 name = data.readString16();
1516 int64_t ret = getmtime(name);
1517 reply->writeNoException();
1518 reply->writeInt64(ret);
1519 return NO_ERROR;
1520 } break;
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]1521 case DUPLICATE: {
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]1522 CHECK_INTERFACE(IKeystoreService, data, reply);
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]1523 String16 srcKey = data.readString16();
1524 int32_t srcUid = data.readInt32();
1525 String16 destKey = data.readString16();
1526 int32_t destUid = data.readInt32();
1527 int32_t ret = duplicate(srcKey, srcUid, destKey, destUid);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]1528 reply->writeNoException();
1529 reply->writeInt32(ret);
1530 return NO_ERROR;
1531 } break;
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]1532 case IS_HARDWARE_BACKED: {
1533 CHECK_INTERFACE(IKeystoreService, data, reply);
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]1534 String16 keyType = data.readString16();
1535 int32_t ret = is_hardware_backed(keyType);
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]1536 reply->writeNoException();
1537 reply->writeInt32(ret);
1538 return NO_ERROR;
1539 }
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]1540 case CLEAR_UID: {
1541 CHECK_INTERFACE(IKeystoreService, data, reply);
1542 int64_t uid = data.readInt64();
1543 int32_t ret = clear_uid(uid);
1544 reply->writeNoException();
1545 reply->writeInt32(ret);
1546 return NO_ERROR;
1547 }
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]1548 case RESET_UID: {
1549 CHECK_INTERFACE(IKeystoreService, data, reply);
1550 int32_t uid = data.readInt32();
1551 int32_t ret = reset_uid(uid);
1552 reply->writeNoException();
1553 reply->writeInt32(ret);
1554 return NO_ERROR;
1555 }
1556 case SYNC_UID: {
1557 CHECK_INTERFACE(IKeystoreService, data, reply);
1558 int32_t sourceUid = data.readInt32();
1559 int32_t targetUid = data.readInt32();
1560 int32_t ret = sync_uid(sourceUid, targetUid);
1561 reply->writeNoException();
1562 reply->writeInt32(ret);
1563 return NO_ERROR;
1564 }
1565 case PASSWORD_UID: {
1566 CHECK_INTERFACE(IKeystoreService, data, reply);
1567 String16 password = data.readString16();
1568 int32_t uid = data.readInt32();
1569 int32_t ret = password_uid(password, uid);
1570 reply->writeNoException();
1571 reply->writeInt32(ret);
1572 return NO_ERROR;
1573 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1574 case ADD_RNG_ENTROPY: {
1575 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1576 const uint8_t* bytes = NULL;
1577 size_t size = 0;
1578 readByteArray(data, &bytes, &size);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1579 int32_t ret = addRngEntropy(bytes, size);
1580 reply->writeNoException();
1581 reply->writeInt32(ret);
1582 return NO_ERROR;
1583 }
1584 case GENERATE_KEY: {
1585 CHECK_INTERFACE(IKeystoreService, data, reply);
1586 String16 name = data.readString16();
1587 KeymasterArguments args;
1588 if (data.readInt32() != 0) {
1589 args.readFromParcel(data);
1590 }
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame^]1591 const uint8_t* entropy = NULL;
1592 size_t entropyLength = 0;
1593 readByteArray(data, &entropy, &entropyLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1594 int32_t uid = data.readInt32();
1595 int32_t flags = data.readInt32();
1596 KeyCharacteristics outCharacteristics;
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame^]1597 int32_t ret = generateKey(name, args, entropy, entropyLength, uid, flags,
1598 &outCharacteristics);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1599 reply->writeNoException();
1600 reply->writeInt32(ret);
1601 reply->writeInt32(1);
1602 outCharacteristics.writeToParcel(reply);
1603 return NO_ERROR;
1604 }
1605 case GET_KEY_CHARACTERISTICS: {
1606 CHECK_INTERFACE(IKeystoreService, data, reply);
1607 String16 name = data.readString16();
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1608 std::unique_ptr<keymaster_blob_t> clientId = readKeymasterBlob(data);
1609 std::unique_ptr<keymaster_blob_t> appData = readKeymasterBlob(data);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1610 KeyCharacteristics outCharacteristics;
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1611 int ret = getKeyCharacteristics(name, clientId.get(), appData.get(),
1612 &outCharacteristics);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1613 reply->writeNoException();
1614 reply->writeInt32(ret);
1615 reply->writeInt32(1);
1616 outCharacteristics.writeToParcel(reply);
1617 return NO_ERROR;
1618 }
1619 case IMPORT_KEY: {
1620 CHECK_INTERFACE(IKeystoreService, data, reply);
1621 String16 name = data.readString16();
1622 KeymasterArguments args;
1623 if (data.readInt32() != 0) {
1624 args.readFromParcel(data);
1625 }
1626 keymaster_key_format_t format = static_cast<keymaster_key_format_t>(data.readInt32());
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1627 const uint8_t* keyData = NULL;
1628 size_t keyLength = 0;
1629 readByteArray(data, &keyData, &keyLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1630 int32_t uid = data.readInt32();
1631 int32_t flags = data.readInt32();
1632 KeyCharacteristics outCharacteristics;
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1633 int32_t ret = importKey(name, args, format, keyData, keyLength, uid, flags,
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1634 &outCharacteristics);
1635 reply->writeNoException();
1636 reply->writeInt32(ret);
1637 reply->writeInt32(1);
1638 outCharacteristics.writeToParcel(reply);
1639
1640 return NO_ERROR;
1641 }
1642 case EXPORT_KEY: {
1643 CHECK_INTERFACE(IKeystoreService, data, reply);
1644 String16 name = data.readString16();
1645 keymaster_key_format_t format = static_cast<keymaster_key_format_t>(data.readInt32());
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1646 std::unique_ptr<keymaster_blob_t> clientId = readKeymasterBlob(data);
1647 std::unique_ptr<keymaster_blob_t> appData = readKeymasterBlob(data);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1648 ExportResult result;
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1649 exportKey(name, format, clientId.get(), appData.get(), &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1650 reply->writeNoException();
1651 reply->writeInt32(1);
1652 result.writeToParcel(reply);
1653
1654 return NO_ERROR;
1655 }
1656 case BEGIN: {
1657 CHECK_INTERFACE(IKeystoreService, data, reply);
1658 sp<IBinder> token = data.readStrongBinder();
1659 String16 name = data.readString16();
1660 keymaster_purpose_t purpose = static_cast<keymaster_purpose_t>(data.readInt32());
1661 bool pruneable = data.readInt32() != 0;
1662 KeymasterArguments args;
1663 if (data.readInt32() != 0) {
1664 args.readFromParcel(data);
1665 }
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame^]1666 const uint8_t* entropy = NULL;
1667 size_t entropyLength = 0;
1668 readByteArray(data, &entropy, &entropyLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1669 KeymasterArguments outArgs;
1670 OperationResult result;
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame^]1671 begin(token, name, purpose, pruneable, args, entropy, entropyLength, &outArgs,
1672 &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1673 reply->writeNoException();
1674 reply->writeInt32(1);
1675 result.writeToParcel(reply);
1676 reply->writeInt32(1);
1677 outArgs.writeToParcel(reply);
1678
1679 return NO_ERROR;
1680 }
1681 case UPDATE: {
1682 CHECK_INTERFACE(IKeystoreService, data, reply);
1683 sp<IBinder> token = data.readStrongBinder();
1684 KeymasterArguments args;
1685 if (data.readInt32() != 0) {
1686 args.readFromParcel(data);
1687 }
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1688 const uint8_t* buf = NULL;
1689 size_t bufLength = 0;
1690 readByteArray(data, &buf, &bufLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1691 OperationResult result;
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1692 update(token, args, buf, bufLength, &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1693 reply->writeNoException();
1694 reply->writeInt32(1);
1695 result.writeToParcel(reply);
1696
1697 return NO_ERROR;
1698 }
1699 case FINISH: {
1700 CHECK_INTERFACE(IKeystoreService, data, reply);
1701 sp<IBinder> token = data.readStrongBinder();
1702 KeymasterArguments args;
1703 if (data.readInt32() != 0) {
1704 args.readFromParcel(data);
1705 }
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1706 const uint8_t* buf = NULL;
1707 size_t bufLength = 0;
1708 readByteArray(data, &buf, &bufLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1709 OperationResult result;
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1710 finish(token, args, buf, bufLength, &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1711 reply->writeNoException();
1712 reply->writeInt32(1);
1713 result.writeToParcel(reply);
1714
1715 return NO_ERROR;
1716 }
1717 case ABORT: {
1718 CHECK_INTERFACE(IKeystoreService, data, reply);
1719 sp<IBinder> token = data.readStrongBinder();
1720 int32_t result = abort(token);
1721 reply->writeNoException();
1722 reply->writeInt32(result);
1723
1724 return NO_ERROR;
1725 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1726 default:
1727 return BBinder::onTransact(code, data, reply, flags);
1728 }
1729}
1730
1731// ----------------------------------------------------------------------------
1732
1733}; // namespace android