Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 2ecc7a1efbb21d86d38b9e0348dfbf0e1213d920 / . / keystore / IKeystoreService.cpp
blob: e899c12dee1481c6a4955cb36e442d439eb96bd5 [file] [log] [blame]
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1/*
2**
3** Copyright 2008, The Android Open Source Project
4**
5** Licensed under the Apache License, Version 2.0 (the "License");
6** you may not use this file except in compliance with the License.
7** You may obtain a copy of the License at
8**
9** http://www.apache.org/licenses/LICENSE-2.0
10**
11** Unless required by applicable law or agreed to in writing, software
12** distributed under the License is distributed on an "AS IS" BASIS,
13** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14** See the License for the specific language governing permissions and
15** limitations under the License.
16*/
17
18#include <stdint.h>
19#include <sys/types.h>
20
21#define LOG_TAG "KeystoreService"
22#include <utils/Log.h>
23
24#include <binder/Parcel.h>
25#include <binder/IPCThreadState.h>
26#include <binder/IServiceManager.h>
27
28#include <keystore/IKeystoreService.h>
29
30namespace android {
31
32class BpKeystoreService: public BpInterface<IKeystoreService>
33{
34public:
35 BpKeystoreService(const sp<IBinder>& impl)
36 : BpInterface<IKeystoreService>(impl)
37 {
38 }
39
40 // test ping
41 virtual int32_t test()
42 {
43 Parcel data, reply;
44 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
45 status_t status = remote()->transact(BnKeystoreService::TEST, data, &reply);
46 if (status != NO_ERROR) {
47 ALOGD("test() could not contact remote: %d\n", status);
48 return -1;
49 }
50 int32_t err = reply.readExceptionCode();
51 int32_t ret = reply.readInt32();
52 if (err < 0) {
53 ALOGD("test() caught exception %d\n", err);
54 return -1;
55 }
56 return ret;
57 }
58
59 virtual int32_t get(const String16& name, uint8_t** item, size_t* itemLength)
60 {
61 Parcel data, reply;
62 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
63 data.writeString16(name);
64 status_t status = remote()->transact(BnKeystoreService::GET, data, &reply);
65 if (status != NO_ERROR) {
66 ALOGD("get() could not contact remote: %d\n", status);
67 return -1;
68 }
69 int32_t err = reply.readExceptionCode();
70 ssize_t len = reply.readInt32();
71 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
72 size_t ulen = (size_t) len;
73 const void* buf = reply.readInplace(ulen);
74 *item = (uint8_t*) malloc(ulen);
75 if (*item != NULL) {
76 memcpy(*item, buf, ulen);
77 *itemLength = ulen;
78 } else {
79 ALOGE("out of memory allocating output array in get");
80 *itemLength = 0;
81 }
82 } else {
83 *itemLength = 0;
84 }
85 if (err < 0) {
86 ALOGD("get() caught exception %d\n", err);
87 return -1;
88 }
89 return 0;
90 }
91
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]92 virtual int32_t insert(const String16& name, const uint8_t* item, size_t itemLength, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]93 {
94 Parcel data, reply;
95 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
96 data.writeString16(name);
97 data.writeInt32(itemLength);
98 void* buf = data.writeInplace(itemLength);
99 memcpy(buf, item, itemLength);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]100 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]101 status_t status = remote()->transact(BnKeystoreService::INSERT, data, &reply);
102 if (status != NO_ERROR) {
103 ALOGD("import() could not contact remote: %d\n", status);
104 return -1;
105 }
106 int32_t err = reply.readExceptionCode();
107 int32_t ret = reply.readInt32();
108 if (err < 0) {
109 ALOGD("import() caught exception %d\n", err);
110 return -1;
111 }
112 return ret;
113 }
114
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]115 virtual int32_t del(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]116 {
117 Parcel data, reply;
118 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
119 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]120 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]121 status_t status = remote()->transact(BnKeystoreService::DEL, data, &reply);
122 if (status != NO_ERROR) {
123 ALOGD("del() could not contact remote: %d\n", status);
124 return -1;
125 }
126 int32_t err = reply.readExceptionCode();
127 int32_t ret = reply.readInt32();
128 if (err < 0) {
129 ALOGD("del() caught exception %d\n", err);
130 return -1;
131 }
132 return ret;
133 }
134
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]135 virtual int32_t exist(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]136 {
137 Parcel data, reply;
138 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
139 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]140 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]141 status_t status = remote()->transact(BnKeystoreService::EXIST, data, &reply);
142 if (status != NO_ERROR) {
143 ALOGD("exist() could not contact remote: %d\n", status);
144 return -1;
145 }
146 int32_t err = reply.readExceptionCode();
147 int32_t ret = reply.readInt32();
148 if (err < 0) {
149 ALOGD("exist() caught exception %d\n", err);
150 return -1;
151 }
152 return ret;
153 }
154
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]155 virtual int32_t saw(const String16& name, int uid, Vector<String16>* matches)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]156 {
157 Parcel data, reply;
158 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
159 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]160 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]161 status_t status = remote()->transact(BnKeystoreService::SAW, data, &reply);
162 if (status != NO_ERROR) {
163 ALOGD("saw() could not contact remote: %d\n", status);
164 return -1;
165 }
166 int32_t err = reply.readExceptionCode();
167 int32_t numMatches = reply.readInt32();
168 for (int32_t i = 0; i < numMatches; i++) {
169 matches->push(reply.readString16());
170 }
171 int32_t ret = reply.readInt32();
172 if (err < 0) {
173 ALOGD("saw() caught exception %d\n", err);
174 return -1;
175 }
176 return ret;
177 }
178
179 virtual int32_t reset()
180 {
181 Parcel data, reply;
182 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
183 status_t status = remote()->transact(BnKeystoreService::RESET, data, &reply);
184 if (status != NO_ERROR) {
185 ALOGD("reset() could not contact remote: %d\n", status);
186 return -1;
187 }
188 int32_t err = reply.readExceptionCode();
189 int32_t ret = reply.readInt32();
190 if (err < 0) {
191 ALOGD("reset() caught exception %d\n", err);
192 return -1;
193 }
194 return ret;
195 }
196
197 virtual int32_t password(const String16& password)
198 {
199 Parcel data, reply;
200 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
201 data.writeString16(password);
202 status_t status = remote()->transact(BnKeystoreService::PASSWORD, data, &reply);
203 if (status != NO_ERROR) {
204 ALOGD("password() could not contact remote: %d\n", status);
205 return -1;
206 }
207 int32_t err = reply.readExceptionCode();
208 int32_t ret = reply.readInt32();
209 if (err < 0) {
210 ALOGD("password() caught exception %d\n", err);
211 return -1;
212 }
213 return ret;
214 }
215
216 virtual int32_t lock()
217 {
218 Parcel data, reply;
219 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
220 status_t status = remote()->transact(BnKeystoreService::LOCK, data, &reply);
221 if (status != NO_ERROR) {
222 ALOGD("lock() could not contact remote: %d\n", status);
223 return -1;
224 }
225 int32_t err = reply.readExceptionCode();
226 int32_t ret = reply.readInt32();
227 if (err < 0) {
228 ALOGD("lock() caught exception %d\n", err);
229 return -1;
230 }
231 return ret;
232 }
233
234 virtual int32_t unlock(const String16& password)
235 {
236 Parcel data, reply;
237 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
238 data.writeString16(password);
239 status_t status = remote()->transact(BnKeystoreService::UNLOCK, data, &reply);
240 if (status != NO_ERROR) {
241 ALOGD("unlock() could not contact remote: %d\n", status);
242 return -1;
243 }
244 int32_t err = reply.readExceptionCode();
245 int32_t ret = reply.readInt32();
246 if (err < 0) {
247 ALOGD("unlock() caught exception %d\n", err);
248 return -1;
249 }
250 return ret;
251 }
252
253 virtual int32_t zero()
254 {
255 Parcel data, reply;
256 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
257 status_t status = remote()->transact(BnKeystoreService::ZERO, data, &reply);
258 if (status != NO_ERROR) {
259 ALOGD("zero() could not contact remote: %d\n", status);
260 return -1;
261 }
262 int32_t err = reply.readExceptionCode();
263 int32_t ret = reply.readInt32();
264 if (err < 0) {
265 ALOGD("zero() caught exception %d\n", err);
266 return -1;
267 }
268 return ret;
269 }
270
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]271 virtual int32_t generate(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]272 {
273 Parcel data, reply;
274 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
275 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]276 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]277 status_t status = remote()->transact(BnKeystoreService::GENERATE, data, &reply);
278 if (status != NO_ERROR) {
279 ALOGD("generate() could not contact remote: %d\n", status);
280 return -1;
281 }
282 int32_t err = reply.readExceptionCode();
283 int32_t ret = reply.readInt32();
284 if (err < 0) {
285 ALOGD("generate() caught exception %d\n", err);
286 return -1;
287 }
288 return ret;
289 }
290
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]291 virtual int32_t import(const String16& name, const uint8_t* key, size_t keyLength, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]292 {
293 Parcel data, reply;
294 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
295 data.writeString16(name);
296 data.writeInt32(keyLength);
297 void* buf = data.writeInplace(keyLength);
298 memcpy(buf, key, keyLength);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]299 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]300 status_t status = remote()->transact(BnKeystoreService::IMPORT, data, &reply);
301 if (status != NO_ERROR) {
302 ALOGD("import() could not contact remote: %d\n", status);
303 return -1;
304 }
305 int32_t err = reply.readExceptionCode();
306 int32_t ret = reply.readInt32();
307 if (err < 0) {
308 ALOGD("import() caught exception %d\n", err);
309 return -1;
310 }
311 return ret;
312 }
313
314 virtual int32_t sign(const String16& name, const uint8_t* in, size_t inLength, uint8_t** out,
315 size_t* outLength)
316 {
317 Parcel data, reply;
318 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
319 data.writeString16(name);
320 data.writeInt32(inLength);
321 void* buf = data.writeInplace(inLength);
322 memcpy(buf, in, inLength);
323 status_t status = remote()->transact(BnKeystoreService::SIGN, data, &reply);
324 if (status != NO_ERROR) {
325 ALOGD("import() could not contact remote: %d\n", status);
326 return -1;
327 }
328 int32_t err = reply.readExceptionCode();
329 ssize_t len = reply.readInt32();
330 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
331 size_t ulen = (size_t) len;
332 const void* outBuf = reply.readInplace(ulen);
333 *out = (uint8_t*) malloc(ulen);
334 if (*out != NULL) {
335 memcpy((void*) *out, outBuf, ulen);
336 *outLength = ulen;
337 } else {
338 ALOGE("out of memory allocating output array in sign");
339 *outLength = 0;
340 }
341 } else {
342 *outLength = 0;
343 }
344 if (err < 0) {
345 ALOGD("import() caught exception %d\n", err);
346 return -1;
347 }
348 return 0;
349 }
350
351 virtual int32_t verify(const String16& name, const uint8_t* in, size_t inLength,
352 const uint8_t* signature, size_t signatureLength)
353 {
354 Parcel data, reply;
355 void* buf;
356
357 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
358 data.writeString16(name);
359 data.writeInt32(inLength);
360 buf = data.writeInplace(inLength);
361 memcpy(buf, in, inLength);
362 data.writeInt32(signatureLength);
363 buf = data.writeInplace(signatureLength);
364 memcpy(buf, signature, signatureLength);
365 status_t status = remote()->transact(BnKeystoreService::VERIFY, data, &reply);
366 if (status != NO_ERROR) {
367 ALOGD("verify() could not contact remote: %d\n", status);
368 return -1;
369 }
370 int32_t err = reply.readExceptionCode();
371 int32_t ret = reply.readInt32();
372 if (err < 0) {
373 ALOGD("verify() caught exception %d\n", err);
374 return -1;
375 }
376 return ret;
377 }
378
379 virtual int32_t get_pubkey(const String16& name, uint8_t** pubkey, size_t* pubkeyLength)
380 {
381 Parcel data, reply;
382 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
383 data.writeString16(name);
384 status_t status = remote()->transact(BnKeystoreService::GET_PUBKEY, data, &reply);
385 if (status != NO_ERROR) {
386 ALOGD("get_pubkey() could not contact remote: %d\n", status);
387 return -1;
388 }
389 int32_t err = reply.readExceptionCode();
390 ssize_t len = reply.readInt32();
391 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
392 size_t ulen = (size_t) len;
393 const void* buf = reply.readInplace(ulen);
394 *pubkey = (uint8_t*) malloc(ulen);
395 if (*pubkey != NULL) {
396 memcpy(*pubkey, buf, ulen);
397 *pubkeyLength = ulen;
398 } else {
399 ALOGE("out of memory allocating output array in get_pubkey");
400 *pubkeyLength = 0;
401 }
402 } else {
403 *pubkeyLength = 0;
404 }
405 if (err < 0) {
406 ALOGD("get_pubkey() caught exception %d\n", err);
407 return -1;
408 }
409 return 0;
410 }
411
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]412 virtual int32_t del_key(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]413 {
414 Parcel data, reply;
415 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
416 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]417 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]418 status_t status = remote()->transact(BnKeystoreService::DEL_KEY, data, &reply);
419 if (status != NO_ERROR) {
420 ALOGD("del_key() could not contact remote: %d\n", status);
421 return -1;
422 }
423 int32_t err = reply.readExceptionCode();
424 int32_t ret = reply.readInt32();
425 if (err < 0) {
426 ALOGD("del_key() caught exception %d\n", err);
427 return -1;
428 }
429 return ret;
430 }
431
432 virtual int32_t grant(const String16& name, int32_t granteeUid)
433 {
434 Parcel data, reply;
435 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
436 data.writeString16(name);
437 data.writeInt32(granteeUid);
438 status_t status = remote()->transact(BnKeystoreService::GRANT, data, &reply);
439 if (status != NO_ERROR) {
440 ALOGD("grant() could not contact remote: %d\n", status);
441 return -1;
442 }
443 int32_t err = reply.readExceptionCode();
444 int32_t ret = reply.readInt32();
445 if (err < 0) {
446 ALOGD("grant() caught exception %d\n", err);
447 return -1;
448 }
449 return ret;
450 }
451
452 virtual int32_t ungrant(const String16& name, int32_t granteeUid)
453 {
454 Parcel data, reply;
455 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
456 data.writeString16(name);
457 data.writeInt32(granteeUid);
458 status_t status = remote()->transact(BnKeystoreService::UNGRANT, data, &reply);
459 if (status != NO_ERROR) {
460 ALOGD("ungrant() could not contact remote: %d\n", status);
461 return -1;
462 }
463 int32_t err = reply.readExceptionCode();
464 int32_t ret = reply.readInt32();
465 if (err < 0) {
466 ALOGD("ungrant() caught exception %d\n", err);
467 return -1;
468 }
469 return ret;
470 }
471
472 int64_t getmtime(const String16& name)
473 {
474 Parcel data, reply;
475 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
476 data.writeString16(name);
477 status_t status = remote()->transact(BnKeystoreService::GETMTIME, data, &reply);
478 if (status != NO_ERROR) {
479 ALOGD("getmtime() could not contact remote: %d\n", status);
480 return -1;
481 }
482 int32_t err = reply.readExceptionCode();
483 int64_t ret = reply.readInt64();
484 if (err < 0) {
485 ALOGD("getmtime() caught exception %d\n", err);
486 return -1;
487 }
488 return ret;
489 }
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]490
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]491 virtual int32_t duplicate(const String16& srcKey, int32_t srcUid, const String16& destKey,
492 int32_t destUid)
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]493 {
494 Parcel data, reply;
495 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]496 data.writeString16(srcKey);
497 data.writeInt32(srcUid);
498 data.writeString16(destKey);
499 data.writeInt32(destUid);
500 status_t status = remote()->transact(BnKeystoreService::DUPLICATE, data, &reply);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]501 if (status != NO_ERROR) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]502 ALOGD("duplicate() could not contact remote: %d\n", status);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]503 return -1;
504 }
505 int32_t err = reply.readExceptionCode();
506 int32_t ret = reply.readInt32();
507 if (err < 0) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]508 ALOGD("duplicate() caught exception %d\n", err);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]509 return -1;
510 }
511 return ret;
512 }
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]513
514 virtual int32_t is_hardware_backed()
515 {
516 Parcel data, reply;
517 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
518 status_t status = remote()->transact(BnKeystoreService::IS_HARDWARE_BACKED, data, &reply);
519 if (status != NO_ERROR) {
520 ALOGD("is_hardware_backed() could not contact remote: %d\n", status);
521 return -1;
522 }
523 int32_t err = reply.readExceptionCode();
524 int32_t ret = reply.readInt32();
525 if (err < 0) {
526 ALOGD("is_hardware_backed() caught exception %d\n", err);
527 return -1;
528 }
529 return ret;
530 }
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame^]531
532 virtual int32_t clear_uid(int64_t uid)
533 {
534 Parcel data, reply;
535 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
536 data.writeInt64(uid);
537 status_t status = remote()->transact(BnKeystoreService::CLEAR_UID, data, &reply);
538 if (status != NO_ERROR) {
539 ALOGD("clear_uid() could not contact remote: %d\n", status);
540 return -1;
541 }
542 int32_t err = reply.readExceptionCode();
543 int32_t ret = reply.readInt32();
544 if (err < 0) {
545 ALOGD("clear_uid() caught exception %d\n", err);
546 return -1;
547 }
548 return ret;
549 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]550};
551
552IMPLEMENT_META_INTERFACE(KeystoreService, "android.security.keystore");
553
554// ----------------------------------------------------------------------
555
556status_t BnKeystoreService::onTransact(
557 uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags)
558{
559 switch(code) {
560 case TEST: {
561 CHECK_INTERFACE(IKeystoreService, data, reply);
562 int32_t ret = test();
563 reply->writeNoException();
564 reply->writeInt32(ret);
565 return NO_ERROR;
566 } break;
567 case GET: {
568 CHECK_INTERFACE(IKeystoreService, data, reply);
569 String16 name = data.readString16();
570 void* out = NULL;
571 size_t outSize = 0;
572 int32_t ret = get(name, (uint8_t**) &out, &outSize);
573 reply->writeNoException();
574 if (ret == 1) {
575 reply->writeInt32(outSize);
576 void* buf = reply->writeInplace(outSize);
577 memcpy(buf, out, outSize);
578 free(out);
579 } else {
580 reply->writeInt32(-1);
581 }
582 return NO_ERROR;
583 } break;
584 case INSERT: {
585 CHECK_INTERFACE(IKeystoreService, data, reply);
586 String16 name = data.readString16();
587 ssize_t inSize = data.readInt32();
588 const void* in;
589 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
590 in = data.readInplace(inSize);
591 } else {
592 in = NULL;
593 inSize = 0;
594 }
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]595 int uid = data.readInt32();
596 int32_t ret = insert(name, (const uint8_t*) in, (size_t) inSize, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]597 reply->writeNoException();
598 reply->writeInt32(ret);
599 return NO_ERROR;
600 } break;
601 case DEL: {
602 CHECK_INTERFACE(IKeystoreService, data, reply);
603 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]604 int uid = data.readInt32();
605 int32_t ret = del(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]606 reply->writeNoException();
607 reply->writeInt32(ret);
608 return NO_ERROR;
609 } break;
610 case EXIST: {
611 CHECK_INTERFACE(IKeystoreService, data, reply);
612 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]613 int uid = data.readInt32();
614 int32_t ret = exist(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]615 reply->writeNoException();
616 reply->writeInt32(ret);
617 return NO_ERROR;
618 } break;
619 case SAW: {
620 CHECK_INTERFACE(IKeystoreService, data, reply);
621 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]622 int uid = data.readInt32();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]623 Vector<String16> matches;
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]624 int32_t ret = saw(name, uid, &matches);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]625 reply->writeNoException();
626 reply->writeInt32(matches.size());
627 Vector<String16>::const_iterator it = matches.begin();
628 for (; it != matches.end(); ++it) {
629 reply->writeString16(*it);
630 }
631 reply->writeInt32(ret);
632 return NO_ERROR;
633 } break;
634 case RESET: {
635 CHECK_INTERFACE(IKeystoreService, data, reply);
636 int32_t ret = reset();
637 reply->writeNoException();
638 reply->writeInt32(ret);
639 return NO_ERROR;
640 } break;
641 case PASSWORD: {
642 CHECK_INTERFACE(IKeystoreService, data, reply);
643 String16 pass = data.readString16();
644 int32_t ret = password(pass);
645 reply->writeNoException();
646 reply->writeInt32(ret);
647 return NO_ERROR;
648 } break;
649 case LOCK: {
650 CHECK_INTERFACE(IKeystoreService, data, reply);
651 int32_t ret = lock();
652 reply->writeNoException();
653 reply->writeInt32(ret);
654 return NO_ERROR;
655 } break;
656 case UNLOCK: {
657 CHECK_INTERFACE(IKeystoreService, data, reply);
658 String16 pass = data.readString16();
659 int32_t ret = unlock(pass);
660 reply->writeNoException();
661 reply->writeInt32(ret);
662 return NO_ERROR;
663 } break;
664 case ZERO: {
665 CHECK_INTERFACE(IKeystoreService, data, reply);
666 int32_t ret = zero();
667 reply->writeNoException();
668 reply->writeInt32(ret);
669 return NO_ERROR;
670 } break;
671 case GENERATE: {
672 CHECK_INTERFACE(IKeystoreService, data, reply);
673 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]674 int uid = data.readInt32();
675 int32_t ret = generate(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]676 reply->writeNoException();
677 reply->writeInt32(ret);
678 return NO_ERROR;
679 } break;
680 case IMPORT: {
681 CHECK_INTERFACE(IKeystoreService, data, reply);
682 String16 name = data.readString16();
683 ssize_t inSize = data.readInt32();
684 const void* in;
685 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
686 in = data.readInplace(inSize);
687 } else {
688 in = NULL;
689 inSize = 0;
690 }
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]691 int uid = data.readInt32();
692 int32_t ret = import(name, (const uint8_t*) in, (size_t) inSize, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]693 reply->writeNoException();
694 reply->writeInt32(ret);
695 return NO_ERROR;
696 } break;
697 case SIGN: {
698 CHECK_INTERFACE(IKeystoreService, data, reply);
699 String16 name = data.readString16();
700 ssize_t inSize = data.readInt32();
701 const void* in;
702 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
703 in = data.readInplace(inSize);
704 } else {
705 in = NULL;
706 inSize = 0;
707 }
708 void* out = NULL;
709 size_t outSize = 0;
710 int32_t ret = sign(name, (const uint8_t*) in, (size_t) inSize, (uint8_t**) &out, &outSize);
711 reply->writeNoException();
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]712 if (outSize > 0 && out != NULL) {
713 reply->writeInt32(outSize);
714 void* buf = reply->writeInplace(outSize);
715 memcpy(buf, out, outSize);
716 free(out);
717 } else {
Kenny Roote289c402013-02-14 11:31:53 -0800[diff] [blame]718 reply->writeInt32(-1);
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]719 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]720 reply->writeInt32(ret);
721 return NO_ERROR;
722 } break;
723 case VERIFY: {
724 CHECK_INTERFACE(IKeystoreService, data, reply);
725 String16 name = data.readString16();
726 ssize_t inSize = data.readInt32();
727 const void* in;
728 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
729 in = data.readInplace(inSize);
730 } else {
731 in = NULL;
732 inSize = 0;
733 }
734 ssize_t sigSize = data.readInt32();
735 const void* sig;
736 if (sigSize >= 0 && (size_t) sigSize <= data.dataAvail()) {
737 sig = data.readInplace(sigSize);
738 } else {
739 sig = NULL;
740 sigSize = 0;
741 }
742 bool ret = verify(name, (const uint8_t*) in, (size_t) inSize, (const uint8_t*) sig,
743 (size_t) sigSize);
744 reply->writeNoException();
745 reply->writeInt32(ret ? 1 : 0);
746 return NO_ERROR;
747 } break;
748 case GET_PUBKEY: {
749 CHECK_INTERFACE(IKeystoreService, data, reply);
750 String16 name = data.readString16();
751 void* out = NULL;
752 size_t outSize = 0;
753 int32_t ret = get_pubkey(name, (unsigned char**) &out, &outSize);
754 reply->writeNoException();
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]755 if (outSize > 0 && out != NULL) {
756 reply->writeInt32(outSize);
757 void* buf = reply->writeInplace(outSize);
758 memcpy(buf, out, outSize);
759 free(out);
760 } else {
Kenny Roote289c402013-02-14 11:31:53 -0800[diff] [blame]761 reply->writeInt32(-1);
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]762 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]763 reply->writeInt32(ret);
764 return NO_ERROR;
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]765 } break;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]766 case DEL_KEY: {
767 CHECK_INTERFACE(IKeystoreService, data, reply);
768 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]769 int uid = data.readInt32();
770 int32_t ret = del_key(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]771 reply->writeNoException();
772 reply->writeInt32(ret);
773 return NO_ERROR;
774 } break;
775 case GRANT: {
776 CHECK_INTERFACE(IKeystoreService, data, reply);
777 String16 name = data.readString16();
778 int32_t granteeUid = data.readInt32();
779 int32_t ret = grant(name, granteeUid);
780 reply->writeNoException();
781 reply->writeInt32(ret);
782 return NO_ERROR;
783 } break;
784 case UNGRANT: {
785 CHECK_INTERFACE(IKeystoreService, data, reply);
786 String16 name = data.readString16();
787 int32_t granteeUid = data.readInt32();
788 int32_t ret = ungrant(name, granteeUid);
789 reply->writeNoException();
790 reply->writeInt32(ret);
791 return NO_ERROR;
792 } break;
793 case GETMTIME: {
794 CHECK_INTERFACE(IKeystoreService, data, reply);
795 String16 name = data.readString16();
796 int64_t ret = getmtime(name);
797 reply->writeNoException();
798 reply->writeInt64(ret);
799 return NO_ERROR;
800 } break;
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]801 case DUPLICATE: {
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]802 CHECK_INTERFACE(IKeystoreService, data, reply);
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]803 String16 srcKey = data.readString16();
804 int32_t srcUid = data.readInt32();
805 String16 destKey = data.readString16();
806 int32_t destUid = data.readInt32();
807 int32_t ret = duplicate(srcKey, srcUid, destKey, destUid);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]808 reply->writeNoException();
809 reply->writeInt32(ret);
810 return NO_ERROR;
811 } break;
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]812 case IS_HARDWARE_BACKED: {
813 CHECK_INTERFACE(IKeystoreService, data, reply);
814 int32_t ret = is_hardware_backed();
815 reply->writeNoException();
816 reply->writeInt32(ret);
817 return NO_ERROR;
818 }
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame^]819 case CLEAR_UID: {
820 CHECK_INTERFACE(IKeystoreService, data, reply);
821 int64_t uid = data.readInt64();
822 int32_t ret = clear_uid(uid);
823 reply->writeNoException();
824 reply->writeInt32(ret);
825 return NO_ERROR;
826 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]827 default:
828 return BBinder::onTransact(code, data, reply, flags);
829 }
830}
831
832// ----------------------------------------------------------------------------
833
834}; // namespace android