Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 468fc6935176d1615002956fcbe01fd3341c75ec / . / keystore / IKeystoreService.cpp
blob: 53788bdbe5c8e874b8c851abdff2c0819348142b [file] [log] [blame]
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1/*
2**
3** Copyright 2008, The Android Open Source Project
4**
5** Licensed under the Apache License, Version 2.0 (the "License");
6** you may not use this file except in compliance with the License.
7** You may obtain a copy of the License at
8**
9** http://www.apache.org/licenses/LICENSE-2.0
10**
11** Unless required by applicable law or agreed to in writing, software
12** distributed under the License is distributed on an "AS IS" BASIS,
13** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14** See the License for the specific language governing permissions and
15** limitations under the License.
16*/
17
18#include <stdint.h>
19#include <sys/types.h>
20
21#define LOG_TAG "KeystoreService"
22#include <utils/Log.h>
23
24#include <binder/Parcel.h>
25#include <binder/IPCThreadState.h>
26#include <binder/IServiceManager.h>
27
28#include <keystore/IKeystoreService.h>
29
30namespace android {
31
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]32KeystoreArg::KeystoreArg(const void* data, size_t len)
33 : mData(data), mSize(len) {
34}
35
36KeystoreArg::~KeystoreArg() {
37}
38
39const void *KeystoreArg::data() const {
40 return mData;
41}
42
43size_t KeystoreArg::size() const {
44 return mSize;
45}
46
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]47class BpKeystoreService: public BpInterface<IKeystoreService>
48{
49public:
50 BpKeystoreService(const sp<IBinder>& impl)
51 : BpInterface<IKeystoreService>(impl)
52 {
53 }
54
55 // test ping
56 virtual int32_t test()
57 {
58 Parcel data, reply;
59 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
60 status_t status = remote()->transact(BnKeystoreService::TEST, data, &reply);
61 if (status != NO_ERROR) {
62 ALOGD("test() could not contact remote: %d\n", status);
63 return -1;
64 }
65 int32_t err = reply.readExceptionCode();
66 int32_t ret = reply.readInt32();
67 if (err < 0) {
68 ALOGD("test() caught exception %d\n", err);
69 return -1;
70 }
71 return ret;
72 }
73
74 virtual int32_t get(const String16& name, uint8_t** item, size_t* itemLength)
75 {
76 Parcel data, reply;
77 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
78 data.writeString16(name);
79 status_t status = remote()->transact(BnKeystoreService::GET, data, &reply);
80 if (status != NO_ERROR) {
81 ALOGD("get() could not contact remote: %d\n", status);
82 return -1;
83 }
84 int32_t err = reply.readExceptionCode();
85 ssize_t len = reply.readInt32();
86 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
87 size_t ulen = (size_t) len;
88 const void* buf = reply.readInplace(ulen);
89 *item = (uint8_t*) malloc(ulen);
90 if (*item != NULL) {
91 memcpy(*item, buf, ulen);
92 *itemLength = ulen;
93 } else {
94 ALOGE("out of memory allocating output array in get");
95 *itemLength = 0;
96 }
97 } else {
98 *itemLength = 0;
99 }
100 if (err < 0) {
101 ALOGD("get() caught exception %d\n", err);
102 return -1;
103 }
104 return 0;
105 }
106
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]107 virtual int32_t insert(const String16& name, const uint8_t* item, size_t itemLength, int uid,
108 int32_t flags)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]109 {
110 Parcel data, reply;
111 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
112 data.writeString16(name);
113 data.writeInt32(itemLength);
114 void* buf = data.writeInplace(itemLength);
115 memcpy(buf, item, itemLength);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]116 data.writeInt32(uid);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]117 data.writeInt32(flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]118 status_t status = remote()->transact(BnKeystoreService::INSERT, data, &reply);
119 if (status != NO_ERROR) {
120 ALOGD("import() could not contact remote: %d\n", status);
121 return -1;
122 }
123 int32_t err = reply.readExceptionCode();
124 int32_t ret = reply.readInt32();
125 if (err < 0) {
126 ALOGD("import() caught exception %d\n", err);
127 return -1;
128 }
129 return ret;
130 }
131
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]132 virtual int32_t del(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]133 {
134 Parcel data, reply;
135 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
136 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]137 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]138 status_t status = remote()->transact(BnKeystoreService::DEL, data, &reply);
139 if (status != NO_ERROR) {
140 ALOGD("del() could not contact remote: %d\n", status);
141 return -1;
142 }
143 int32_t err = reply.readExceptionCode();
144 int32_t ret = reply.readInt32();
145 if (err < 0) {
146 ALOGD("del() caught exception %d\n", err);
147 return -1;
148 }
149 return ret;
150 }
151
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]152 virtual int32_t exist(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]153 {
154 Parcel data, reply;
155 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
156 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]157 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]158 status_t status = remote()->transact(BnKeystoreService::EXIST, data, &reply);
159 if (status != NO_ERROR) {
160 ALOGD("exist() could not contact remote: %d\n", status);
161 return -1;
162 }
163 int32_t err = reply.readExceptionCode();
164 int32_t ret = reply.readInt32();
165 if (err < 0) {
166 ALOGD("exist() caught exception %d\n", err);
167 return -1;
168 }
169 return ret;
170 }
171
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]172 virtual int32_t saw(const String16& name, int uid, Vector<String16>* matches)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]173 {
174 Parcel data, reply;
175 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
176 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]177 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]178 status_t status = remote()->transact(BnKeystoreService::SAW, data, &reply);
179 if (status != NO_ERROR) {
180 ALOGD("saw() could not contact remote: %d\n", status);
181 return -1;
182 }
183 int32_t err = reply.readExceptionCode();
184 int32_t numMatches = reply.readInt32();
185 for (int32_t i = 0; i < numMatches; i++) {
186 matches->push(reply.readString16());
187 }
188 int32_t ret = reply.readInt32();
189 if (err < 0) {
190 ALOGD("saw() caught exception %d\n", err);
191 return -1;
192 }
193 return ret;
194 }
195
196 virtual int32_t reset()
197 {
198 Parcel data, reply;
199 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
200 status_t status = remote()->transact(BnKeystoreService::RESET, data, &reply);
201 if (status != NO_ERROR) {
202 ALOGD("reset() could not contact remote: %d\n", status);
203 return -1;
204 }
205 int32_t err = reply.readExceptionCode();
206 int32_t ret = reply.readInt32();
207 if (err < 0) {
208 ALOGD("reset() caught exception %d\n", err);
209 return -1;
210 }
211 return ret;
212 }
213
214 virtual int32_t password(const String16& password)
215 {
216 Parcel data, reply;
217 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
218 data.writeString16(password);
219 status_t status = remote()->transact(BnKeystoreService::PASSWORD, data, &reply);
220 if (status != NO_ERROR) {
221 ALOGD("password() could not contact remote: %d\n", status);
222 return -1;
223 }
224 int32_t err = reply.readExceptionCode();
225 int32_t ret = reply.readInt32();
226 if (err < 0) {
227 ALOGD("password() caught exception %d\n", err);
228 return -1;
229 }
230 return ret;
231 }
232
233 virtual int32_t lock()
234 {
235 Parcel data, reply;
236 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
237 status_t status = remote()->transact(BnKeystoreService::LOCK, data, &reply);
238 if (status != NO_ERROR) {
239 ALOGD("lock() could not contact remote: %d\n", status);
240 return -1;
241 }
242 int32_t err = reply.readExceptionCode();
243 int32_t ret = reply.readInt32();
244 if (err < 0) {
245 ALOGD("lock() caught exception %d\n", err);
246 return -1;
247 }
248 return ret;
249 }
250
251 virtual int32_t unlock(const String16& password)
252 {
253 Parcel data, reply;
254 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
255 data.writeString16(password);
256 status_t status = remote()->transact(BnKeystoreService::UNLOCK, data, &reply);
257 if (status != NO_ERROR) {
258 ALOGD("unlock() could not contact remote: %d\n", status);
259 return -1;
260 }
261 int32_t err = reply.readExceptionCode();
262 int32_t ret = reply.readInt32();
263 if (err < 0) {
264 ALOGD("unlock() caught exception %d\n", err);
265 return -1;
266 }
267 return ret;
268 }
269
270 virtual int32_t zero()
271 {
272 Parcel data, reply;
273 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
274 status_t status = remote()->transact(BnKeystoreService::ZERO, data, &reply);
275 if (status != NO_ERROR) {
276 ALOGD("zero() could not contact remote: %d\n", status);
277 return -1;
278 }
279 int32_t err = reply.readExceptionCode();
280 int32_t ret = reply.readInt32();
281 if (err < 0) {
282 ALOGD("zero() caught exception %d\n", err);
283 return -1;
284 }
285 return ret;
286 }
287
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]288 virtual int32_t generate(const String16& name, int32_t uid, int32_t keyType, int32_t keySize,
289 int32_t flags, Vector<sp<KeystoreArg> >* args)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]290 {
291 Parcel data, reply;
292 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
293 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]294 data.writeInt32(uid);
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]295 data.writeInt32(keyType);
296 data.writeInt32(keySize);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]297 data.writeInt32(flags);
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame^]298 data.writeInt32(1);
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]299 data.writeInt32(args->size());
300 for (Vector<sp<KeystoreArg> >::iterator it = args->begin(); it != args->end(); ++it) {
301 sp<KeystoreArg> item = *it;
302 size_t keyLength = item->size();
303 data.writeInt32(keyLength);
304 void* buf = data.writeInplace(keyLength);
305 memcpy(buf, item->data(), keyLength);
306 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]307 status_t status = remote()->transact(BnKeystoreService::GENERATE, data, &reply);
308 if (status != NO_ERROR) {
309 ALOGD("generate() could not contact remote: %d\n", status);
310 return -1;
311 }
312 int32_t err = reply.readExceptionCode();
313 int32_t ret = reply.readInt32();
314 if (err < 0) {
315 ALOGD("generate() caught exception %d\n", err);
316 return -1;
317 }
318 return ret;
319 }
320
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]321 virtual int32_t import(const String16& name, const uint8_t* key, size_t keyLength, int uid,
322 int flags)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]323 {
324 Parcel data, reply;
325 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
326 data.writeString16(name);
327 data.writeInt32(keyLength);
328 void* buf = data.writeInplace(keyLength);
329 memcpy(buf, key, keyLength);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]330 data.writeInt32(uid);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]331 data.writeInt32(flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]332 status_t status = remote()->transact(BnKeystoreService::IMPORT, data, &reply);
333 if (status != NO_ERROR) {
334 ALOGD("import() could not contact remote: %d\n", status);
335 return -1;
336 }
337 int32_t err = reply.readExceptionCode();
338 int32_t ret = reply.readInt32();
339 if (err < 0) {
340 ALOGD("import() caught exception %d\n", err);
341 return -1;
342 }
343 return ret;
344 }
345
346 virtual int32_t sign(const String16& name, const uint8_t* in, size_t inLength, uint8_t** out,
347 size_t* outLength)
348 {
349 Parcel data, reply;
350 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
351 data.writeString16(name);
352 data.writeInt32(inLength);
353 void* buf = data.writeInplace(inLength);
354 memcpy(buf, in, inLength);
355 status_t status = remote()->transact(BnKeystoreService::SIGN, data, &reply);
356 if (status != NO_ERROR) {
357 ALOGD("import() could not contact remote: %d\n", status);
358 return -1;
359 }
360 int32_t err = reply.readExceptionCode();
361 ssize_t len = reply.readInt32();
362 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
363 size_t ulen = (size_t) len;
364 const void* outBuf = reply.readInplace(ulen);
365 *out = (uint8_t*) malloc(ulen);
366 if (*out != NULL) {
367 memcpy((void*) *out, outBuf, ulen);
368 *outLength = ulen;
369 } else {
370 ALOGE("out of memory allocating output array in sign");
371 *outLength = 0;
372 }
373 } else {
374 *outLength = 0;
375 }
376 if (err < 0) {
377 ALOGD("import() caught exception %d\n", err);
378 return -1;
379 }
380 return 0;
381 }
382
383 virtual int32_t verify(const String16& name, const uint8_t* in, size_t inLength,
384 const uint8_t* signature, size_t signatureLength)
385 {
386 Parcel data, reply;
387 void* buf;
388
389 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
390 data.writeString16(name);
391 data.writeInt32(inLength);
392 buf = data.writeInplace(inLength);
393 memcpy(buf, in, inLength);
394 data.writeInt32(signatureLength);
395 buf = data.writeInplace(signatureLength);
396 memcpy(buf, signature, signatureLength);
397 status_t status = remote()->transact(BnKeystoreService::VERIFY, data, &reply);
398 if (status != NO_ERROR) {
399 ALOGD("verify() could not contact remote: %d\n", status);
400 return -1;
401 }
402 int32_t err = reply.readExceptionCode();
403 int32_t ret = reply.readInt32();
404 if (err < 0) {
405 ALOGD("verify() caught exception %d\n", err);
406 return -1;
407 }
408 return ret;
409 }
410
411 virtual int32_t get_pubkey(const String16& name, uint8_t** pubkey, size_t* pubkeyLength)
412 {
413 Parcel data, reply;
414 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
415 data.writeString16(name);
416 status_t status = remote()->transact(BnKeystoreService::GET_PUBKEY, data, &reply);
417 if (status != NO_ERROR) {
418 ALOGD("get_pubkey() could not contact remote: %d\n", status);
419 return -1;
420 }
421 int32_t err = reply.readExceptionCode();
422 ssize_t len = reply.readInt32();
423 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
424 size_t ulen = (size_t) len;
425 const void* buf = reply.readInplace(ulen);
426 *pubkey = (uint8_t*) malloc(ulen);
427 if (*pubkey != NULL) {
428 memcpy(*pubkey, buf, ulen);
429 *pubkeyLength = ulen;
430 } else {
431 ALOGE("out of memory allocating output array in get_pubkey");
432 *pubkeyLength = 0;
433 }
434 } else {
435 *pubkeyLength = 0;
436 }
437 if (err < 0) {
438 ALOGD("get_pubkey() caught exception %d\n", err);
439 return -1;
440 }
441 return 0;
442 }
443
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]444 virtual int32_t del_key(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]445 {
446 Parcel data, reply;
447 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
448 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]449 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]450 status_t status = remote()->transact(BnKeystoreService::DEL_KEY, data, &reply);
451 if (status != NO_ERROR) {
452 ALOGD("del_key() could not contact remote: %d\n", status);
453 return -1;
454 }
455 int32_t err = reply.readExceptionCode();
456 int32_t ret = reply.readInt32();
457 if (err < 0) {
458 ALOGD("del_key() caught exception %d\n", err);
459 return -1;
460 }
461 return ret;
462 }
463
464 virtual int32_t grant(const String16& name, int32_t granteeUid)
465 {
466 Parcel data, reply;
467 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
468 data.writeString16(name);
469 data.writeInt32(granteeUid);
470 status_t status = remote()->transact(BnKeystoreService::GRANT, data, &reply);
471 if (status != NO_ERROR) {
472 ALOGD("grant() could not contact remote: %d\n", status);
473 return -1;
474 }
475 int32_t err = reply.readExceptionCode();
476 int32_t ret = reply.readInt32();
477 if (err < 0) {
478 ALOGD("grant() caught exception %d\n", err);
479 return -1;
480 }
481 return ret;
482 }
483
484 virtual int32_t ungrant(const String16& name, int32_t granteeUid)
485 {
486 Parcel data, reply;
487 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
488 data.writeString16(name);
489 data.writeInt32(granteeUid);
490 status_t status = remote()->transact(BnKeystoreService::UNGRANT, data, &reply);
491 if (status != NO_ERROR) {
492 ALOGD("ungrant() could not contact remote: %d\n", status);
493 return -1;
494 }
495 int32_t err = reply.readExceptionCode();
496 int32_t ret = reply.readInt32();
497 if (err < 0) {
498 ALOGD("ungrant() caught exception %d\n", err);
499 return -1;
500 }
501 return ret;
502 }
503
504 int64_t getmtime(const String16& name)
505 {
506 Parcel data, reply;
507 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
508 data.writeString16(name);
509 status_t status = remote()->transact(BnKeystoreService::GETMTIME, data, &reply);
510 if (status != NO_ERROR) {
511 ALOGD("getmtime() could not contact remote: %d\n", status);
512 return -1;
513 }
514 int32_t err = reply.readExceptionCode();
515 int64_t ret = reply.readInt64();
516 if (err < 0) {
517 ALOGD("getmtime() caught exception %d\n", err);
518 return -1;
519 }
520 return ret;
521 }
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]522
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]523 virtual int32_t duplicate(const String16& srcKey, int32_t srcUid, const String16& destKey,
524 int32_t destUid)
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]525 {
526 Parcel data, reply;
527 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]528 data.writeString16(srcKey);
529 data.writeInt32(srcUid);
530 data.writeString16(destKey);
531 data.writeInt32(destUid);
532 status_t status = remote()->transact(BnKeystoreService::DUPLICATE, data, &reply);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]533 if (status != NO_ERROR) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]534 ALOGD("duplicate() could not contact remote: %d\n", status);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]535 return -1;
536 }
537 int32_t err = reply.readExceptionCode();
538 int32_t ret = reply.readInt32();
539 if (err < 0) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]540 ALOGD("duplicate() caught exception %d\n", err);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]541 return -1;
542 }
543 return ret;
544 }
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]545
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]546 virtual int32_t is_hardware_backed(const String16& keyType)
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]547 {
548 Parcel data, reply;
549 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]550 data.writeString16(keyType);
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]551 status_t status = remote()->transact(BnKeystoreService::IS_HARDWARE_BACKED, data, &reply);
552 if (status != NO_ERROR) {
553 ALOGD("is_hardware_backed() could not contact remote: %d\n", status);
554 return -1;
555 }
556 int32_t err = reply.readExceptionCode();
557 int32_t ret = reply.readInt32();
558 if (err < 0) {
559 ALOGD("is_hardware_backed() caught exception %d\n", err);
560 return -1;
561 }
562 return ret;
563 }
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]564
565 virtual int32_t clear_uid(int64_t uid)
566 {
567 Parcel data, reply;
568 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
569 data.writeInt64(uid);
570 status_t status = remote()->transact(BnKeystoreService::CLEAR_UID, data, &reply);
571 if (status != NO_ERROR) {
572 ALOGD("clear_uid() could not contact remote: %d\n", status);
573 return -1;
574 }
575 int32_t err = reply.readExceptionCode();
576 int32_t ret = reply.readInt32();
577 if (err < 0) {
578 ALOGD("clear_uid() caught exception %d\n", err);
579 return -1;
580 }
581 return ret;
582 }
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]583
584 virtual int32_t reset_uid(int32_t uid) {
585 Parcel data, reply;
586 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
587 data.writeInt32(uid);
588 status_t status = remote()->transact(BnKeystoreService::RESET_UID, data, &reply);
589 if (status != NO_ERROR) {
590 ALOGD("reset_uid() could not contact remote: %d\n", status);
591 return -1;
592 }
593 int32_t err = reply.readExceptionCode();
594 int32_t ret = reply.readInt32();
595 if (err < 0) {
596 ALOGD("reset_uid() caught exception %d\n", err);
597 return -1;
598 }
599 return ret;
600
601 }
602
603 virtual int32_t sync_uid(int32_t sourceUid, int32_t targetUid)
604 {
605 Parcel data, reply;
606 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
607 data.writeInt32(sourceUid);
608 data.writeInt32(targetUid);
609 status_t status = remote()->transact(BnKeystoreService::SYNC_UID, data, &reply);
610 if (status != NO_ERROR) {
611 ALOGD("sync_uid() could not contact remote: %d\n", status);
612 return -1;
613 }
614 int32_t err = reply.readExceptionCode();
615 int32_t ret = reply.readInt32();
616 if (err < 0) {
617 ALOGD("sync_uid() caught exception %d\n", err);
618 return -1;
619 }
620 return ret;
621 }
622
623 virtual int32_t password_uid(const String16& password, int32_t uid)
624 {
625 Parcel data, reply;
626 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
627 data.writeString16(password);
628 data.writeInt32(uid);
629 status_t status = remote()->transact(BnKeystoreService::PASSWORD_UID, data, &reply);
630 if (status != NO_ERROR) {
631 ALOGD("password_uid() could not contact remote: %d\n", status);
632 return -1;
633 }
634 int32_t err = reply.readExceptionCode();
635 int32_t ret = reply.readInt32();
636 if (err < 0) {
637 ALOGD("password_uid() caught exception %d\n", err);
638 return -1;
639 }
640 return ret;
641 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]642};
643
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame^]644IMPLEMENT_META_INTERFACE(KeystoreService, "android.security.IKeystoreService");
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]645
646// ----------------------------------------------------------------------
647
648status_t BnKeystoreService::onTransact(
649 uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags)
650{
651 switch(code) {
652 case TEST: {
653 CHECK_INTERFACE(IKeystoreService, data, reply);
654 int32_t ret = test();
655 reply->writeNoException();
656 reply->writeInt32(ret);
657 return NO_ERROR;
658 } break;
659 case GET: {
660 CHECK_INTERFACE(IKeystoreService, data, reply);
661 String16 name = data.readString16();
662 void* out = NULL;
663 size_t outSize = 0;
664 int32_t ret = get(name, (uint8_t**) &out, &outSize);
665 reply->writeNoException();
666 if (ret == 1) {
667 reply->writeInt32(outSize);
668 void* buf = reply->writeInplace(outSize);
669 memcpy(buf, out, outSize);
670 free(out);
671 } else {
672 reply->writeInt32(-1);
673 }
674 return NO_ERROR;
675 } break;
676 case INSERT: {
677 CHECK_INTERFACE(IKeystoreService, data, reply);
678 String16 name = data.readString16();
679 ssize_t inSize = data.readInt32();
680 const void* in;
681 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
682 in = data.readInplace(inSize);
683 } else {
684 in = NULL;
685 inSize = 0;
686 }
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]687 int uid = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]688 int32_t flags = data.readInt32();
689 int32_t ret = insert(name, (const uint8_t*) in, (size_t) inSize, uid, flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]690 reply->writeNoException();
691 reply->writeInt32(ret);
692 return NO_ERROR;
693 } break;
694 case DEL: {
695 CHECK_INTERFACE(IKeystoreService, data, reply);
696 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]697 int uid = data.readInt32();
698 int32_t ret = del(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]699 reply->writeNoException();
700 reply->writeInt32(ret);
701 return NO_ERROR;
702 } break;
703 case EXIST: {
704 CHECK_INTERFACE(IKeystoreService, data, reply);
705 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]706 int uid = data.readInt32();
707 int32_t ret = exist(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]708 reply->writeNoException();
709 reply->writeInt32(ret);
710 return NO_ERROR;
711 } break;
712 case SAW: {
713 CHECK_INTERFACE(IKeystoreService, data, reply);
714 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]715 int uid = data.readInt32();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]716 Vector<String16> matches;
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]717 int32_t ret = saw(name, uid, &matches);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]718 reply->writeNoException();
719 reply->writeInt32(matches.size());
720 Vector<String16>::const_iterator it = matches.begin();
721 for (; it != matches.end(); ++it) {
722 reply->writeString16(*it);
723 }
724 reply->writeInt32(ret);
725 return NO_ERROR;
726 } break;
727 case RESET: {
728 CHECK_INTERFACE(IKeystoreService, data, reply);
729 int32_t ret = reset();
730 reply->writeNoException();
731 reply->writeInt32(ret);
732 return NO_ERROR;
733 } break;
734 case PASSWORD: {
735 CHECK_INTERFACE(IKeystoreService, data, reply);
736 String16 pass = data.readString16();
737 int32_t ret = password(pass);
738 reply->writeNoException();
739 reply->writeInt32(ret);
740 return NO_ERROR;
741 } break;
742 case LOCK: {
743 CHECK_INTERFACE(IKeystoreService, data, reply);
744 int32_t ret = lock();
745 reply->writeNoException();
746 reply->writeInt32(ret);
747 return NO_ERROR;
748 } break;
749 case UNLOCK: {
750 CHECK_INTERFACE(IKeystoreService, data, reply);
751 String16 pass = data.readString16();
752 int32_t ret = unlock(pass);
753 reply->writeNoException();
754 reply->writeInt32(ret);
755 return NO_ERROR;
756 } break;
757 case ZERO: {
758 CHECK_INTERFACE(IKeystoreService, data, reply);
759 int32_t ret = zero();
760 reply->writeNoException();
761 reply->writeInt32(ret);
762 return NO_ERROR;
763 } break;
764 case GENERATE: {
765 CHECK_INTERFACE(IKeystoreService, data, reply);
766 String16 name = data.readString16();
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]767 int32_t uid = data.readInt32();
768 int32_t keyType = data.readInt32();
769 int32_t keySize = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]770 int32_t flags = data.readInt32();
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]771 Vector<sp<KeystoreArg> > args;
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame^]772 int32_t argsPresent = data.readInt32();
773 if (argsPresent == 1) {
774 ssize_t numArgs = data.readInt32();
775 if (numArgs > 0) {
776 for (size_t i = 0; i < (size_t) numArgs; i++) {
777 ssize_t inSize = data.readInt32();
778 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
779 sp<KeystoreArg> arg = new KeystoreArg(data.readInplace(inSize),
780 inSize);
781 args.push_back(arg);
782 } else {
783 args.push_back(NULL);
784 }
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]785 }
786 }
787 }
788 int32_t ret = generate(name, uid, keyType, keySize, flags, &args);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]789 reply->writeNoException();
790 reply->writeInt32(ret);
791 return NO_ERROR;
792 } break;
793 case IMPORT: {
794 CHECK_INTERFACE(IKeystoreService, data, reply);
795 String16 name = data.readString16();
796 ssize_t inSize = data.readInt32();
797 const void* in;
798 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
799 in = data.readInplace(inSize);
800 } else {
801 in = NULL;
802 inSize = 0;
803 }
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]804 int uid = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]805 int32_t flags = data.readInt32();
806 int32_t ret = import(name, (const uint8_t*) in, (size_t) inSize, uid, flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]807 reply->writeNoException();
808 reply->writeInt32(ret);
809 return NO_ERROR;
810 } break;
811 case SIGN: {
812 CHECK_INTERFACE(IKeystoreService, data, reply);
813 String16 name = data.readString16();
814 ssize_t inSize = data.readInt32();
815 const void* in;
816 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
817 in = data.readInplace(inSize);
818 } else {
819 in = NULL;
820 inSize = 0;
821 }
822 void* out = NULL;
823 size_t outSize = 0;
824 int32_t ret = sign(name, (const uint8_t*) in, (size_t) inSize, (uint8_t**) &out, &outSize);
825 reply->writeNoException();
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]826 if (outSize > 0 && out != NULL) {
827 reply->writeInt32(outSize);
828 void* buf = reply->writeInplace(outSize);
829 memcpy(buf, out, outSize);
830 free(out);
831 } else {
Kenny Roote289c402013-02-14 11:31:53 -0800[diff] [blame]832 reply->writeInt32(-1);
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]833 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]834 reply->writeInt32(ret);
835 return NO_ERROR;
836 } break;
837 case VERIFY: {
838 CHECK_INTERFACE(IKeystoreService, data, reply);
839 String16 name = data.readString16();
840 ssize_t inSize = data.readInt32();
841 const void* in;
842 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
843 in = data.readInplace(inSize);
844 } else {
845 in = NULL;
846 inSize = 0;
847 }
848 ssize_t sigSize = data.readInt32();
849 const void* sig;
850 if (sigSize >= 0 && (size_t) sigSize <= data.dataAvail()) {
851 sig = data.readInplace(sigSize);
852 } else {
853 sig = NULL;
854 sigSize = 0;
855 }
856 bool ret = verify(name, (const uint8_t*) in, (size_t) inSize, (const uint8_t*) sig,
857 (size_t) sigSize);
858 reply->writeNoException();
859 reply->writeInt32(ret ? 1 : 0);
860 return NO_ERROR;
861 } break;
862 case GET_PUBKEY: {
863 CHECK_INTERFACE(IKeystoreService, data, reply);
864 String16 name = data.readString16();
865 void* out = NULL;
866 size_t outSize = 0;
867 int32_t ret = get_pubkey(name, (unsigned char**) &out, &outSize);
868 reply->writeNoException();
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]869 if (outSize > 0 && out != NULL) {
870 reply->writeInt32(outSize);
871 void* buf = reply->writeInplace(outSize);
872 memcpy(buf, out, outSize);
873 free(out);
874 } else {
Kenny Roote289c402013-02-14 11:31:53 -0800[diff] [blame]875 reply->writeInt32(-1);
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]876 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]877 reply->writeInt32(ret);
878 return NO_ERROR;
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]879 } break;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]880 case DEL_KEY: {
881 CHECK_INTERFACE(IKeystoreService, data, reply);
882 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]883 int uid = data.readInt32();
884 int32_t ret = del_key(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]885 reply->writeNoException();
886 reply->writeInt32(ret);
887 return NO_ERROR;
888 } break;
889 case GRANT: {
890 CHECK_INTERFACE(IKeystoreService, data, reply);
891 String16 name = data.readString16();
892 int32_t granteeUid = data.readInt32();
893 int32_t ret = grant(name, granteeUid);
894 reply->writeNoException();
895 reply->writeInt32(ret);
896 return NO_ERROR;
897 } break;
898 case UNGRANT: {
899 CHECK_INTERFACE(IKeystoreService, data, reply);
900 String16 name = data.readString16();
901 int32_t granteeUid = data.readInt32();
902 int32_t ret = ungrant(name, granteeUid);
903 reply->writeNoException();
904 reply->writeInt32(ret);
905 return NO_ERROR;
906 } break;
907 case GETMTIME: {
908 CHECK_INTERFACE(IKeystoreService, data, reply);
909 String16 name = data.readString16();
910 int64_t ret = getmtime(name);
911 reply->writeNoException();
912 reply->writeInt64(ret);
913 return NO_ERROR;
914 } break;
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]915 case DUPLICATE: {
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]916 CHECK_INTERFACE(IKeystoreService, data, reply);
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]917 String16 srcKey = data.readString16();
918 int32_t srcUid = data.readInt32();
919 String16 destKey = data.readString16();
920 int32_t destUid = data.readInt32();
921 int32_t ret = duplicate(srcKey, srcUid, destKey, destUid);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]922 reply->writeNoException();
923 reply->writeInt32(ret);
924 return NO_ERROR;
925 } break;
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]926 case IS_HARDWARE_BACKED: {
927 CHECK_INTERFACE(IKeystoreService, data, reply);
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]928 String16 keyType = data.readString16();
929 int32_t ret = is_hardware_backed(keyType);
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]930 reply->writeNoException();
931 reply->writeInt32(ret);
932 return NO_ERROR;
933 }
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]934 case CLEAR_UID: {
935 CHECK_INTERFACE(IKeystoreService, data, reply);
936 int64_t uid = data.readInt64();
937 int32_t ret = clear_uid(uid);
938 reply->writeNoException();
939 reply->writeInt32(ret);
940 return NO_ERROR;
941 }
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]942 case RESET_UID: {
943 CHECK_INTERFACE(IKeystoreService, data, reply);
944 int32_t uid = data.readInt32();
945 int32_t ret = reset_uid(uid);
946 reply->writeNoException();
947 reply->writeInt32(ret);
948 return NO_ERROR;
949 }
950 case SYNC_UID: {
951 CHECK_INTERFACE(IKeystoreService, data, reply);
952 int32_t sourceUid = data.readInt32();
953 int32_t targetUid = data.readInt32();
954 int32_t ret = sync_uid(sourceUid, targetUid);
955 reply->writeNoException();
956 reply->writeInt32(ret);
957 return NO_ERROR;
958 }
959 case PASSWORD_UID: {
960 CHECK_INTERFACE(IKeystoreService, data, reply);
961 String16 password = data.readString16();
962 int32_t uid = data.readInt32();
963 int32_t ret = password_uid(password, uid);
964 reply->writeNoException();
965 reply->writeInt32(ret);
966 return NO_ERROR;
967 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]968 default:
969 return BBinder::onTransact(code, data, reply, flags);
970 }
971}
972
973// ----------------------------------------------------------------------------
974
975}; // namespace android