Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 668cd308b7663d9c266aed83f328145086452666 / . / keystore / IKeystoreService.cpp
blob: acd6968916144ed1cf85f9a0c99dad95b68b2273 [file] [log] [blame]
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1/*
2**
3** Copyright 2008, The Android Open Source Project
4**
5** Licensed under the Apache License, Version 2.0 (the "License");
6** you may not use this file except in compliance with the License.
7** You may obtain a copy of the License at
8**
9** http://www.apache.org/licenses/LICENSE-2.0
10**
11** Unless required by applicable law or agreed to in writing, software
12** distributed under the License is distributed on an "AS IS" BASIS,
13** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14** See the License for the specific language governing permissions and
15** limitations under the License.
16*/
17
18#include <stdint.h>
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]19#include <sys/limits.h>
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]20#include <sys/types.h>
21
22#define LOG_TAG "KeystoreService"
23#include <utils/Log.h>
24
25#include <binder/Parcel.h>
26#include <binder/IPCThreadState.h>
27#include <binder/IServiceManager.h>
28
29#include <keystore/IKeystoreService.h>
30
31namespace android {
32
Shawn Willden77d71ca2014-11-12 16:45:12 -0700[diff] [blame]33const ssize_t MAX_GENERATE_ARGS = 3;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]34static keymaster_key_param_t* readParamList(const Parcel& in, size_t* length);
Shawn Willden77d71ca2014-11-12 16:45:12 -0700[diff] [blame]35
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]36KeystoreArg::KeystoreArg(const void* data, size_t len)
37 : mData(data), mSize(len) {
38}
39
40KeystoreArg::~KeystoreArg() {
41}
42
43const void *KeystoreArg::data() const {
44 return mData;
45}
46
47size_t KeystoreArg::size() const {
48 return mSize;
49}
50
Chad Brubakerc3a18562015-03-17 18:21:35 -0700[diff] [blame]51OperationResult::OperationResult() : resultCode(0), token(), handle(0), inputConsumed(0),
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]52 data(NULL), dataLength(0) {
53}
54
55OperationResult::~OperationResult() {
56}
57
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]58status_t OperationResult::readFromParcel(const Parcel* inn) {
59 const Parcel& in = *inn;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]60 resultCode = in.readInt32();
61 token = in.readStrongBinder();
Chad Brubakerc3a18562015-03-17 18:21:35 -0700[diff] [blame]62 handle = static_cast<keymaster_operation_handle_t>(in.readInt64());
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]63 inputConsumed = in.readInt32();
64 ssize_t length = in.readInt32();
65 dataLength = 0;
66 if (length > 0) {
67 const void* buf = in.readInplace(length);
68 if (buf) {
69 data.reset(reinterpret_cast<uint8_t*>(malloc(length)));
70 if (data.get()) {
71 memcpy(data.get(), buf, length);
72 dataLength = (size_t) length;
73 } else {
74 ALOGE("Failed to allocate OperationResult buffer");
75 }
76 } else {
77 ALOGE("Failed to readInplace OperationResult data");
78 }
79 }
Chad Brubaker57e106d2015-06-01 12:59:00 -0700[diff] [blame]80 outParams.readFromParcel(in);
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]81 return OK;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]82}
83
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]84status_t OperationResult::writeToParcel(Parcel* out) const {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]85 out->writeInt32(resultCode);
86 out->writeStrongBinder(token);
Chad Brubakerc3a18562015-03-17 18:21:35 -0700[diff] [blame]87 out->writeInt64(handle);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]88 out->writeInt32(inputConsumed);
89 out->writeInt32(dataLength);
90 if (dataLength && data) {
91 void* buf = out->writeInplace(dataLength);
92 if (buf) {
93 memcpy(buf, data.get(), dataLength);
94 } else {
95 ALOGE("Failed to writeInplace OperationResult data.");
96 }
97 }
Chad Brubaker57e106d2015-06-01 12:59:00 -0700[diff] [blame]98 outParams.writeToParcel(out);
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]99 return OK;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]100}
101
102ExportResult::ExportResult() : resultCode(0), exportData(NULL), dataLength(0) {
103}
104
105ExportResult::~ExportResult() {
106}
107
Bin Chen96d62712016-08-25 14:41:53 +1000[diff] [blame]108status_t ExportResult::readFromParcel(const Parcel* inn) {
109 const Parcel& in = *inn;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]110 resultCode = in.readInt32();
111 ssize_t length = in.readInt32();
112 dataLength = 0;
113 if (length > 0) {
114 const void* buf = in.readInplace(length);
115 if (buf) {
116 exportData.reset(reinterpret_cast<uint8_t*>(malloc(length)));
117 if (exportData.get()) {
118 memcpy(exportData.get(), buf, length);
119 dataLength = (size_t) length;
120 } else {
121 ALOGE("Failed to allocate ExportData buffer");
122 }
123 } else {
124 ALOGE("Failed to readInplace ExportData data");
125 }
126 }
Bin Chen96d62712016-08-25 14:41:53 +1000[diff] [blame]127 return OK;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]128}
129
Bin Chen96d62712016-08-25 14:41:53 +1000[diff] [blame]130status_t ExportResult::writeToParcel(Parcel* out) const {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]131 out->writeInt32(resultCode);
132 out->writeInt32(dataLength);
133 if (exportData && dataLength) {
134 void* buf = out->writeInplace(dataLength);
135 if (buf) {
136 memcpy(buf, exportData.get(), dataLength);
137 } else {
138 ALOGE("Failed to writeInplace ExportResult data.");
139 }
140 }
Bin Chen96d62712016-08-25 14:41:53 +1000[diff] [blame]141 return OK;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]142}
143
144KeymasterArguments::KeymasterArguments() {
145}
146
147KeymasterArguments::~KeymasterArguments() {
148 keymaster_free_param_values(params.data(), params.size());
149}
150
151void KeymasterArguments::readFromParcel(const Parcel& in) {
152 ssize_t length = in.readInt32();
153 size_t ulength = (size_t) length;
154 if (length < 0) {
155 ulength = 0;
156 }
157 keymaster_free_param_values(params.data(), params.size());
158 params.clear();
159 for(size_t i = 0; i < ulength; i++) {
160 keymaster_key_param_t param;
161 if (!readKeymasterArgumentFromParcel(in, &param)) {
162 ALOGE("Error reading keymaster argument from parcel");
163 break;
164 }
165 params.push_back(param);
166 }
167}
168
169void KeymasterArguments::writeToParcel(Parcel* out) const {
170 out->writeInt32(params.size());
171 for (auto param : params) {
172 out->writeInt32(1);
173 writeKeymasterArgumentToParcel(param, out);
174 }
175}
176
177KeyCharacteristics::KeyCharacteristics() {
178 memset((void*) &characteristics, 0, sizeof(characteristics));
179}
180
181KeyCharacteristics::~KeyCharacteristics() {
182 keymaster_free_characteristics(&characteristics);
183}
184
Bin Chen863f16f2016-08-25 15:13:51 +1000[diff] [blame]185status_t KeyCharacteristics::readFromParcel(const Parcel* inn) {
186 const Parcel& in = *inn;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]187 size_t length = 0;
188 keymaster_key_param_t* params = readParamList(in, &length);
189 characteristics.sw_enforced.params = params;
190 characteristics.sw_enforced.length = length;
191
192 params = readParamList(in, &length);
193 characteristics.hw_enforced.params = params;
194 characteristics.hw_enforced.length = length;
Bin Chen863f16f2016-08-25 15:13:51 +1000[diff] [blame]195 return OK;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]196}
197
Bin Chen863f16f2016-08-25 15:13:51 +1000[diff] [blame]198status_t KeyCharacteristics::writeToParcel(Parcel* out) const {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]199 if (characteristics.sw_enforced.params) {
200 out->writeInt32(characteristics.sw_enforced.length);
201 for (size_t i = 0; i < characteristics.sw_enforced.length; i++) {
202 out->writeInt32(1);
203 writeKeymasterArgumentToParcel(characteristics.sw_enforced.params[i], out);
204 }
205 } else {
206 out->writeInt32(0);
207 }
208 if (characteristics.hw_enforced.params) {
209 out->writeInt32(characteristics.hw_enforced.length);
210 for (size_t i = 0; i < characteristics.hw_enforced.length; i++) {
211 out->writeInt32(1);
212 writeKeymasterArgumentToParcel(characteristics.hw_enforced.params[i], out);
213 }
214 } else {
215 out->writeInt32(0);
216 }
Bin Chen863f16f2016-08-25 15:13:51 +1000[diff] [blame]217 return OK;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]218}
219
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]220KeymasterCertificateChain::KeymasterCertificateChain() {
221 memset(&chain, 0, sizeof(chain));
222}
223
224KeymasterCertificateChain::~KeymasterCertificateChain() {
225 keymaster_free_cert_chain(&chain);
226}
227
228static bool readKeymasterBlob(const Parcel& in, keymaster_blob_t* blob) {
229 if (in.readInt32() != 1) {
230 return false;
231 }
232
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]233 ssize_t length = in.readInt32();
234 if (length <= 0) {
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]235 return false;
236 }
237
Bin Chen2cbb7ce2016-09-02 22:06:29 +1000[diff] [blame]238 blob->data = static_cast<const uint8_t*>(malloc(length));
Shawn Willden067042f2016-02-02 17:32:31 -0700[diff] [blame]239 if (!blob->data)
240 return false;
241
242 const void* buf = in.readInplace(length);
243 if (!buf)
244 return false;
245
246 blob->data_length = static_cast<size_t>(length);
247 memcpy(const_cast<uint8_t*>(blob->data), buf, length);
248
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]249 return true;
250}
251
252void KeymasterCertificateChain::readFromParcel(const Parcel& in) {
Shawn Willden067042f2016-02-02 17:32:31 -0700[diff] [blame]253 keymaster_free_cert_chain(&chain);
254
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]255 ssize_t count = in.readInt32();
256 size_t ucount = count;
Shawn Willden067042f2016-02-02 17:32:31 -0700[diff] [blame]257 if (count <= 0) {
258 return;
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]259 }
Shawn Willden067042f2016-02-02 17:32:31 -0700[diff] [blame]260
261 chain.entries = reinterpret_cast<keymaster_blob_t*>(malloc(sizeof(keymaster_blob_t) * ucount));
262 if (!chain.entries) {
263 ALOGE("Error allocating memory for certificate chain");
264 return;
265 }
266
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]267 memset(chain.entries, 0, sizeof(keymaster_blob_t) * ucount);
268 for (size_t i = 0; i < ucount; ++i) {
269 if (!readKeymasterBlob(in, &chain.entries[i])) {
Shawn Willden067042f2016-02-02 17:32:31 -0700[diff] [blame]270 ALOGE("Error reading certificate from parcel");
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]271 keymaster_free_cert_chain(&chain);
272 return;
273 }
274 }
275}
276
277void KeymasterCertificateChain::writeToParcel(Parcel* out) const {
278 out->writeInt32(chain.entry_count);
279 for (size_t i = 0; i < chain.entry_count; ++i) {
280 if (chain.entries[i].data) {
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]281 out->writeInt32(chain.entries[i].data_length);
282 void* buf = out->writeInplace(chain.entries[i].data_length);
283 if (buf) {
284 memcpy(buf, chain.entries[i].data, chain.entries[i].data_length);
285 } else {
286 ALOGE("Failed to writeInplace keymaster cert chain entry");
287 }
288 } else {
289 out->writeInt32(0); // Tell Java side this object is NULL.
290 ALOGE("Found NULL certificate chain entry");
291 }
292 }
293}
294
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]295void writeKeymasterArgumentToParcel(const keymaster_key_param_t& param, Parcel* out) {
296 switch (keymaster_tag_get_type(param.tag)) {
297 case KM_ENUM:
298 case KM_ENUM_REP: {
299 out->writeInt32(param.tag);
300 out->writeInt32(param.enumerated);
301 break;
302 }
Shawn Willden0ebf13d2015-06-24 16:29:45 -0700[diff] [blame]303 case KM_UINT:
304 case KM_UINT_REP: {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]305 out->writeInt32(param.tag);
306 out->writeInt32(param.integer);
307 break;
308 }
Shawn Willden0ebf13d2015-06-24 16:29:45 -0700[diff] [blame]309 case KM_ULONG:
310 case KM_ULONG_REP: {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]311 out->writeInt32(param.tag);
312 out->writeInt64(param.long_integer);
313 break;
314 }
315 case KM_DATE: {
316 out->writeInt32(param.tag);
317 out->writeInt64(param.date_time);
318 break;
319 }
320 case KM_BOOL: {
321 out->writeInt32(param.tag);
322 break;
323 }
324 case KM_BIGNUM:
325 case KM_BYTES: {
326 out->writeInt32(param.tag);
327 out->writeInt32(param.blob.data_length);
328 void* buf = out->writeInplace(param.blob.data_length);
329 if (buf) {
330 memcpy(buf, param.blob.data, param.blob.data_length);
331 } else {
332 ALOGE("Failed to writeInplace keymaster blob param");
333 }
334 break;
335 }
336 default: {
337 ALOGE("Failed to write argument: Unsupported keymaster_tag_t %d", param.tag);
338 }
339 }
340}
341
342
343bool readKeymasterArgumentFromParcel(const Parcel& in, keymaster_key_param_t* out) {
344 if (in.readInt32() == 0) {
345 return false;
346 }
347 keymaster_tag_t tag = static_cast<keymaster_tag_t>(in.readInt32());
348 switch (keymaster_tag_get_type(tag)) {
349 case KM_ENUM:
350 case KM_ENUM_REP: {
351 uint32_t value = in.readInt32();
352 *out = keymaster_param_enum(tag, value);
353 break;
354 }
Shawn Willden0ebf13d2015-06-24 16:29:45 -0700[diff] [blame]355 case KM_UINT:
356 case KM_UINT_REP: {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]357 uint32_t value = in.readInt32();
358 *out = keymaster_param_int(tag, value);
359 break;
360 }
Shawn Willden0ebf13d2015-06-24 16:29:45 -0700[diff] [blame]361 case KM_ULONG:
362 case KM_ULONG_REP: {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]363 uint64_t value = in.readInt64();
364 *out = keymaster_param_long(tag, value);
365 break;
366 }
367 case KM_DATE: {
368 uint64_t value = in.readInt64();
369 *out = keymaster_param_date(tag, value);
370 break;
371 }
372 case KM_BOOL: {
373 *out = keymaster_param_bool(tag);
374 break;
375 }
376 case KM_BIGNUM:
377 case KM_BYTES: {
378 ssize_t length = in.readInt32();
379 uint8_t* data = NULL;
380 size_t ulength = 0;
381 if (length >= 0) {
382 ulength = (size_t) length;
383 // use malloc here so we can use keymaster_free_param_values
384 // consistently.
385 data = reinterpret_cast<uint8_t*>(malloc(ulength));
386 const void* buf = in.readInplace(ulength);
387 if (!buf || !data) {
388 ALOGE("Failed to allocate buffer for keymaster blob param");
Shawn Willden067042f2016-02-02 17:32:31 -0700[diff] [blame]389 free(data);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]390 return false;
391 }
392 memcpy(data, buf, ulength);
393 }
394 *out = keymaster_param_blob(tag, data, ulength);
395 break;
396 }
397 default: {
398 ALOGE("Unsupported keymaster_tag_t %d", tag);
399 return false;
400 }
401 }
402 return true;
403}
404
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]405/**
406 * Read a byte array from in. The data at *data is still owned by the parcel
407 */
408static void readByteArray(const Parcel& in, const uint8_t** data, size_t* length) {
409 ssize_t slength = in.readInt32();
410 if (slength > 0) {
411 *data = reinterpret_cast<const uint8_t*>(in.readInplace(slength));
412 if (*data) {
413 *length = static_cast<size_t>(slength);
414 } else {
415 *length = 0;
416 }
417 } else {
418 *data = NULL;
419 *length = 0;
420 }
421}
422
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]423// Read a keymaster_key_param_t* from a Parcel for use in a
424// keymaster_key_characteristics_t. This will be free'd by calling
425// keymaster_free_key_characteristics.
426static keymaster_key_param_t* readParamList(const Parcel& in, size_t* length) {
427 ssize_t slength = in.readInt32();
428 *length = 0;
429 if (slength < 0) {
430 return NULL;
431 }
432 *length = (size_t) slength;
433 if (*length >= UINT_MAX / sizeof(keymaster_key_param_t)) {
434 return NULL;
435 }
436 keymaster_key_param_t* list =
437 reinterpret_cast<keymaster_key_param_t*>(malloc(*length *
438 sizeof(keymaster_key_param_t)));
439 if (!list) {
440 ALOGD("Failed to allocate buffer for generateKey outCharacteristics");
441 goto err;
442 }
443 for (size_t i = 0; i < *length ; i++) {
444 if (!readKeymasterArgumentFromParcel(in, &list[i])) {
445 ALOGE("Failed to read keymaster argument");
446 keymaster_free_param_values(list, i);
447 goto err;
448 }
449 }
450 return list;
451err:
452 free(list);
453 return NULL;
454}
455
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]456static std::unique_ptr<keymaster_blob_t> readKeymasterBlob(const Parcel& in) {
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]457 std::unique_ptr<keymaster_blob_t> blob (new keymaster_blob_t);
458 if (!readKeymasterBlob(in, blob.get())) {
459 blob.reset();
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]460 }
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]461 return blob;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]462}
463
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]464class BpKeystoreService: public BpInterface<IKeystoreService>
465{
466public:
Chih-Hung Hsiehd3bccc82016-04-25 12:11:44 -0700[diff] [blame]467 explicit BpKeystoreService(const sp<IBinder>& impl)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]468 : BpInterface<IKeystoreService>(impl)
469 {
470 }
471
472 // test ping
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]473 virtual int32_t getState(int32_t userId)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]474 {
475 Parcel data, reply;
476 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]477 data.writeInt32(userId);
478 status_t status = remote()->transact(BnKeystoreService::GET_STATE, data, &reply);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]479 if (status != NO_ERROR) {
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]480 ALOGD("getState() could not contact remote: %d\n", status);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]481 return -1;
482 }
483 int32_t err = reply.readExceptionCode();
484 int32_t ret = reply.readInt32();
485 if (err < 0) {
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]486 ALOGD("getState() caught exception %d\n", err);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]487 return -1;
488 }
489 return ret;
490 }
491
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]492 virtual int32_t get(const String16& name, int32_t uid, uint8_t** item, size_t* itemLength)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]493 {
494 Parcel data, reply;
495 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
496 data.writeString16(name);
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]497 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]498 status_t status = remote()->transact(BnKeystoreService::GET, data, &reply);
499 if (status != NO_ERROR) {
500 ALOGD("get() could not contact remote: %d\n", status);
501 return -1;
502 }
503 int32_t err = reply.readExceptionCode();
504 ssize_t len = reply.readInt32();
505 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
506 size_t ulen = (size_t) len;
507 const void* buf = reply.readInplace(ulen);
508 *item = (uint8_t*) malloc(ulen);
509 if (*item != NULL) {
510 memcpy(*item, buf, ulen);
511 *itemLength = ulen;
512 } else {
513 ALOGE("out of memory allocating output array in get");
514 *itemLength = 0;
515 }
516 } else {
517 *itemLength = 0;
518 }
519 if (err < 0) {
520 ALOGD("get() caught exception %d\n", err);
521 return -1;
522 }
523 return 0;
524 }
525
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]526 virtual int32_t insert(const String16& name, const uint8_t* item, size_t itemLength, int uid,
527 int32_t flags)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]528 {
529 Parcel data, reply;
530 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
531 data.writeString16(name);
532 data.writeInt32(itemLength);
533 void* buf = data.writeInplace(itemLength);
534 memcpy(buf, item, itemLength);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]535 data.writeInt32(uid);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]536 data.writeInt32(flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]537 status_t status = remote()->transact(BnKeystoreService::INSERT, data, &reply);
538 if (status != NO_ERROR) {
539 ALOGD("import() could not contact remote: %d\n", status);
540 return -1;
541 }
542 int32_t err = reply.readExceptionCode();
543 int32_t ret = reply.readInt32();
544 if (err < 0) {
545 ALOGD("import() caught exception %d\n", err);
546 return -1;
547 }
548 return ret;
549 }
550
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]551 virtual int32_t del(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]552 {
553 Parcel data, reply;
554 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
555 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]556 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]557 status_t status = remote()->transact(BnKeystoreService::DEL, data, &reply);
558 if (status != NO_ERROR) {
559 ALOGD("del() could not contact remote: %d\n", status);
560 return -1;
561 }
562 int32_t err = reply.readExceptionCode();
563 int32_t ret = reply.readInt32();
564 if (err < 0) {
565 ALOGD("del() caught exception %d\n", err);
566 return -1;
567 }
568 return ret;
569 }
570
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]571 virtual int32_t exist(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]572 {
573 Parcel data, reply;
574 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
575 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]576 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]577 status_t status = remote()->transact(BnKeystoreService::EXIST, data, &reply);
578 if (status != NO_ERROR) {
579 ALOGD("exist() could not contact remote: %d\n", status);
580 return -1;
581 }
582 int32_t err = reply.readExceptionCode();
583 int32_t ret = reply.readInt32();
584 if (err < 0) {
585 ALOGD("exist() caught exception %d\n", err);
586 return -1;
587 }
588 return ret;
589 }
590
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]591 virtual int32_t list(const String16& prefix, int uid, Vector<String16>* matches)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]592 {
593 Parcel data, reply;
594 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]595 data.writeString16(prefix);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]596 data.writeInt32(uid);
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]597 status_t status = remote()->transact(BnKeystoreService::LIST, data, &reply);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]598 if (status != NO_ERROR) {
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]599 ALOGD("list() could not contact remote: %d\n", status);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]600 return -1;
601 }
602 int32_t err = reply.readExceptionCode();
603 int32_t numMatches = reply.readInt32();
604 for (int32_t i = 0; i < numMatches; i++) {
605 matches->push(reply.readString16());
606 }
607 int32_t ret = reply.readInt32();
608 if (err < 0) {
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]609 ALOGD("list() caught exception %d\n", err);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]610 return -1;
611 }
612 return ret;
613 }
614
615 virtual int32_t reset()
616 {
617 Parcel data, reply;
618 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
619 status_t status = remote()->transact(BnKeystoreService::RESET, data, &reply);
620 if (status != NO_ERROR) {
621 ALOGD("reset() could not contact remote: %d\n", status);
622 return -1;
623 }
624 int32_t err = reply.readExceptionCode();
625 int32_t ret = reply.readInt32();
626 if (err < 0) {
627 ALOGD("reset() caught exception %d\n", err);
628 return -1;
629 }
630 return ret;
631 }
632
Chad Brubaker96d6d782015-05-07 10:19:40 -0700[diff] [blame]633 virtual int32_t onUserPasswordChanged(int32_t userId, const String16& password)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]634 {
635 Parcel data, reply;
636 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubaker96d6d782015-05-07 10:19:40 -0700[diff] [blame]637 data.writeInt32(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]638 data.writeString16(password);
Chad Brubaker96d6d782015-05-07 10:19:40 -0700[diff] [blame]639 status_t status = remote()->transact(BnKeystoreService::ON_USER_PASSWORD_CHANGED, data,
640 &reply);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]641 if (status != NO_ERROR) {
Chad Brubaker96d6d782015-05-07 10:19:40 -0700[diff] [blame]642 ALOGD("onUserPasswordChanged() could not contact remote: %d\n", status);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]643 return -1;
644 }
645 int32_t err = reply.readExceptionCode();
646 int32_t ret = reply.readInt32();
647 if (err < 0) {
Chad Brubaker96d6d782015-05-07 10:19:40 -0700[diff] [blame]648 ALOGD("onUserPasswordChanged() caught exception %d\n", err);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]649 return -1;
650 }
651 return ret;
652 }
653
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]654 virtual int32_t lock(int32_t userId)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]655 {
656 Parcel data, reply;
657 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]658 data.writeInt32(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]659 status_t status = remote()->transact(BnKeystoreService::LOCK, data, &reply);
660 if (status != NO_ERROR) {
661 ALOGD("lock() could not contact remote: %d\n", status);
662 return -1;
663 }
664 int32_t err = reply.readExceptionCode();
665 int32_t ret = reply.readInt32();
666 if (err < 0) {
667 ALOGD("lock() caught exception %d\n", err);
668 return -1;
669 }
670 return ret;
671 }
672
Chad Brubaker96d6d782015-05-07 10:19:40 -0700[diff] [blame]673 virtual int32_t unlock(int32_t userId, const String16& password)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]674 {
675 Parcel data, reply;
676 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubaker96d6d782015-05-07 10:19:40 -0700[diff] [blame]677 data.writeInt32(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]678 data.writeString16(password);
679 status_t status = remote()->transact(BnKeystoreService::UNLOCK, data, &reply);
680 if (status != NO_ERROR) {
681 ALOGD("unlock() could not contact remote: %d\n", status);
682 return -1;
683 }
684 int32_t err = reply.readExceptionCode();
685 int32_t ret = reply.readInt32();
686 if (err < 0) {
687 ALOGD("unlock() caught exception %d\n", err);
688 return -1;
689 }
690 return ret;
691 }
692
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]693 virtual bool isEmpty(int32_t userId)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]694 {
695 Parcel data, reply;
696 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]697 data.writeInt32(userId);
698 status_t status = remote()->transact(BnKeystoreService::IS_EMPTY, data, &reply);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]699 if (status != NO_ERROR) {
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]700 ALOGD("isEmpty() could not contact remote: %d\n", status);
701 return false;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]702 }
703 int32_t err = reply.readExceptionCode();
704 int32_t ret = reply.readInt32();
705 if (err < 0) {
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]706 ALOGD("isEmpty() caught exception %d\n", err);
707 return false;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]708 }
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]709 return ret != 0;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]710 }
711
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]712 virtual int32_t generate(const String16& name, int32_t uid, int32_t keyType, int32_t keySize,
713 int32_t flags, Vector<sp<KeystoreArg> >* args)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]714 {
715 Parcel data, reply;
716 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
717 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]718 data.writeInt32(uid);
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]719 data.writeInt32(keyType);
720 data.writeInt32(keySize);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]721 data.writeInt32(flags);
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]722 data.writeInt32(1);
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]723 data.writeInt32(args->size());
724 for (Vector<sp<KeystoreArg> >::iterator it = args->begin(); it != args->end(); ++it) {
725 sp<KeystoreArg> item = *it;
726 size_t keyLength = item->size();
727 data.writeInt32(keyLength);
728 void* buf = data.writeInplace(keyLength);
729 memcpy(buf, item->data(), keyLength);
730 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]731 status_t status = remote()->transact(BnKeystoreService::GENERATE, data, &reply);
732 if (status != NO_ERROR) {
733 ALOGD("generate() could not contact remote: %d\n", status);
734 return -1;
735 }
736 int32_t err = reply.readExceptionCode();
737 int32_t ret = reply.readInt32();
738 if (err < 0) {
739 ALOGD("generate() caught exception %d\n", err);
740 return -1;
741 }
742 return ret;
743 }
744
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]745 virtual int32_t import(const String16& name, const uint8_t* key, size_t keyLength, int uid,
746 int flags)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]747 {
748 Parcel data, reply;
749 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
750 data.writeString16(name);
751 data.writeInt32(keyLength);
752 void* buf = data.writeInplace(keyLength);
753 memcpy(buf, key, keyLength);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]754 data.writeInt32(uid);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]755 data.writeInt32(flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]756 status_t status = remote()->transact(BnKeystoreService::IMPORT, data, &reply);
757 if (status != NO_ERROR) {
758 ALOGD("import() could not contact remote: %d\n", status);
759 return -1;
760 }
761 int32_t err = reply.readExceptionCode();
762 int32_t ret = reply.readInt32();
763 if (err < 0) {
764 ALOGD("import() caught exception %d\n", err);
765 return -1;
766 }
767 return ret;
768 }
769
770 virtual int32_t sign(const String16& name, const uint8_t* in, size_t inLength, uint8_t** out,
771 size_t* outLength)
772 {
773 Parcel data, reply;
774 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
775 data.writeString16(name);
776 data.writeInt32(inLength);
777 void* buf = data.writeInplace(inLength);
778 memcpy(buf, in, inLength);
779 status_t status = remote()->transact(BnKeystoreService::SIGN, data, &reply);
780 if (status != NO_ERROR) {
781 ALOGD("import() could not contact remote: %d\n", status);
782 return -1;
783 }
784 int32_t err = reply.readExceptionCode();
785 ssize_t len = reply.readInt32();
786 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
787 size_t ulen = (size_t) len;
788 const void* outBuf = reply.readInplace(ulen);
789 *out = (uint8_t*) malloc(ulen);
790 if (*out != NULL) {
791 memcpy((void*) *out, outBuf, ulen);
792 *outLength = ulen;
793 } else {
794 ALOGE("out of memory allocating output array in sign");
795 *outLength = 0;
796 }
797 } else {
798 *outLength = 0;
799 }
800 if (err < 0) {
801 ALOGD("import() caught exception %d\n", err);
802 return -1;
803 }
804 return 0;
805 }
806
807 virtual int32_t verify(const String16& name, const uint8_t* in, size_t inLength,
808 const uint8_t* signature, size_t signatureLength)
809 {
810 Parcel data, reply;
811 void* buf;
812
813 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
814 data.writeString16(name);
815 data.writeInt32(inLength);
816 buf = data.writeInplace(inLength);
817 memcpy(buf, in, inLength);
818 data.writeInt32(signatureLength);
819 buf = data.writeInplace(signatureLength);
820 memcpy(buf, signature, signatureLength);
821 status_t status = remote()->transact(BnKeystoreService::VERIFY, data, &reply);
822 if (status != NO_ERROR) {
823 ALOGD("verify() could not contact remote: %d\n", status);
824 return -1;
825 }
826 int32_t err = reply.readExceptionCode();
827 int32_t ret = reply.readInt32();
828 if (err < 0) {
829 ALOGD("verify() caught exception %d\n", err);
830 return -1;
831 }
832 return ret;
833 }
834
835 virtual int32_t get_pubkey(const String16& name, uint8_t** pubkey, size_t* pubkeyLength)
836 {
837 Parcel data, reply;
838 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
839 data.writeString16(name);
840 status_t status = remote()->transact(BnKeystoreService::GET_PUBKEY, data, &reply);
841 if (status != NO_ERROR) {
842 ALOGD("get_pubkey() could not contact remote: %d\n", status);
843 return -1;
844 }
845 int32_t err = reply.readExceptionCode();
846 ssize_t len = reply.readInt32();
847 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
848 size_t ulen = (size_t) len;
849 const void* buf = reply.readInplace(ulen);
850 *pubkey = (uint8_t*) malloc(ulen);
851 if (*pubkey != NULL) {
852 memcpy(*pubkey, buf, ulen);
853 *pubkeyLength = ulen;
854 } else {
855 ALOGE("out of memory allocating output array in get_pubkey");
856 *pubkeyLength = 0;
857 }
858 } else {
859 *pubkeyLength = 0;
860 }
861 if (err < 0) {
862 ALOGD("get_pubkey() caught exception %d\n", err);
863 return -1;
864 }
865 return 0;
866 }
867
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]868 virtual int32_t grant(const String16& name, int32_t granteeUid)
869 {
870 Parcel data, reply;
871 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
872 data.writeString16(name);
873 data.writeInt32(granteeUid);
874 status_t status = remote()->transact(BnKeystoreService::GRANT, data, &reply);
875 if (status != NO_ERROR) {
876 ALOGD("grant() could not contact remote: %d\n", status);
877 return -1;
878 }
879 int32_t err = reply.readExceptionCode();
880 int32_t ret = reply.readInt32();
881 if (err < 0) {
882 ALOGD("grant() caught exception %d\n", err);
883 return -1;
884 }
885 return ret;
886 }
887
888 virtual int32_t ungrant(const String16& name, int32_t granteeUid)
889 {
890 Parcel data, reply;
891 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
892 data.writeString16(name);
893 data.writeInt32(granteeUid);
894 status_t status = remote()->transact(BnKeystoreService::UNGRANT, data, &reply);
895 if (status != NO_ERROR) {
896 ALOGD("ungrant() could not contact remote: %d\n", status);
897 return -1;
898 }
899 int32_t err = reply.readExceptionCode();
900 int32_t ret = reply.readInt32();
901 if (err < 0) {
902 ALOGD("ungrant() caught exception %d\n", err);
903 return -1;
904 }
905 return ret;
906 }
907
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]908 int64_t getmtime(const String16& name, int32_t uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]909 {
910 Parcel data, reply;
911 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
912 data.writeString16(name);
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]913 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]914 status_t status = remote()->transact(BnKeystoreService::GETMTIME, data, &reply);
915 if (status != NO_ERROR) {
916 ALOGD("getmtime() could not contact remote: %d\n", status);
917 return -1;
918 }
919 int32_t err = reply.readExceptionCode();
920 int64_t ret = reply.readInt64();
921 if (err < 0) {
922 ALOGD("getmtime() caught exception %d\n", err);
923 return -1;
924 }
925 return ret;
926 }
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]927
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]928 virtual int32_t duplicate(const String16& srcKey, int32_t srcUid, const String16& destKey,
929 int32_t destUid)
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]930 {
931 Parcel data, reply;
932 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]933 data.writeString16(srcKey);
934 data.writeInt32(srcUid);
935 data.writeString16(destKey);
936 data.writeInt32(destUid);
937 status_t status = remote()->transact(BnKeystoreService::DUPLICATE, data, &reply);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]938 if (status != NO_ERROR) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]939 ALOGD("duplicate() could not contact remote: %d\n", status);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]940 return -1;
941 }
942 int32_t err = reply.readExceptionCode();
943 int32_t ret = reply.readInt32();
944 if (err < 0) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]945 ALOGD("duplicate() caught exception %d\n", err);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]946 return -1;
947 }
948 return ret;
949 }
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]950
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]951 virtual int32_t is_hardware_backed(const String16& keyType)
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]952 {
953 Parcel data, reply;
954 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]955 data.writeString16(keyType);
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]956 status_t status = remote()->transact(BnKeystoreService::IS_HARDWARE_BACKED, data, &reply);
957 if (status != NO_ERROR) {
958 ALOGD("is_hardware_backed() could not contact remote: %d\n", status);
959 return -1;
960 }
961 int32_t err = reply.readExceptionCode();
962 int32_t ret = reply.readInt32();
963 if (err < 0) {
964 ALOGD("is_hardware_backed() caught exception %d\n", err);
965 return -1;
966 }
967 return ret;
968 }
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]969
970 virtual int32_t clear_uid(int64_t uid)
971 {
972 Parcel data, reply;
973 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
974 data.writeInt64(uid);
975 status_t status = remote()->transact(BnKeystoreService::CLEAR_UID, data, &reply);
976 if (status != NO_ERROR) {
977 ALOGD("clear_uid() could not contact remote: %d\n", status);
978 return -1;
979 }
980 int32_t err = reply.readExceptionCode();
981 int32_t ret = reply.readInt32();
982 if (err < 0) {
983 ALOGD("clear_uid() caught exception %d\n", err);
984 return -1;
985 }
986 return ret;
987 }
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]988
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]989 virtual int32_t addRngEntropy(const uint8_t* buf, size_t bufLength)
990 {
991 Parcel data, reply;
992 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]993 data.writeByteArray(bufLength, buf);
994 status_t status = remote()->transact(BnKeystoreService::ADD_RNG_ENTROPY, data, &reply);
995 if (status != NO_ERROR) {
996 ALOGD("addRngEntropy() could not contact remote: %d\n", status);
997 return -1;
998 }
999 int32_t err = reply.readExceptionCode();
1000 int32_t ret = reply.readInt32();
1001 if (err < 0) {
1002 ALOGD("addRngEntropy() caught exception %d\n", err);
1003 return -1;
1004 }
1005 return ret;
1006 };
1007
1008 virtual int32_t generateKey(const String16& name, const KeymasterArguments& params,
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1009 const uint8_t* entropy, size_t entropyLength, int uid, int flags,
1010 KeyCharacteristics* outCharacteristics)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1011 {
1012 Parcel data, reply;
1013 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1014 data.writeString16(name);
1015 data.writeInt32(1);
1016 params.writeToParcel(&data);
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1017 data.writeByteArray(entropyLength, entropy);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1018 data.writeInt32(uid);
1019 data.writeInt32(flags);
1020 status_t status = remote()->transact(BnKeystoreService::GENERATE_KEY, data, &reply);
1021 if (status != NO_ERROR) {
1022 ALOGD("generateKey() could not contact remote: %d\n", status);
1023 return KM_ERROR_UNKNOWN_ERROR;
1024 }
1025 int32_t err = reply.readExceptionCode();
1026 int32_t ret = reply.readInt32();
1027 if (err < 0) {
1028 ALOGD("generateKey() caught exception %d\n", err);
1029 return KM_ERROR_UNKNOWN_ERROR;
1030 }
Bin Chen863f16f2016-08-25 15:13:51 +1000[diff] [blame]1031 if (outCharacteristics) {
1032 reply.readParcelable(outCharacteristics);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1033 }
1034 return ret;
1035 }
1036 virtual int32_t getKeyCharacteristics(const String16& name,
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1037 const keymaster_blob_t* clientId,
1038 const keymaster_blob_t* appData,
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]1039 int32_t uid, KeyCharacteristics* outCharacteristics)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1040 {
1041 Parcel data, reply;
1042 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1043 data.writeString16(name);
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1044 if (clientId) {
1045 data.writeByteArray(clientId->data_length, clientId->data);
1046 } else {
1047 data.writeInt32(-1);
1048 }
1049 if (appData) {
1050 data.writeByteArray(appData->data_length, appData->data);
1051 } else {
1052 data.writeInt32(-1);
1053 }
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]1054 data.writeInt32(uid);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1055 status_t status = remote()->transact(BnKeystoreService::GET_KEY_CHARACTERISTICS,
1056 data, &reply);
1057 if (status != NO_ERROR) {
1058 ALOGD("getKeyCharacteristics() could not contact remote: %d\n", status);
1059 return KM_ERROR_UNKNOWN_ERROR;
1060 }
1061 int32_t err = reply.readExceptionCode();
1062 int32_t ret = reply.readInt32();
1063 if (err < 0) {
1064 ALOGD("getKeyCharacteristics() caught exception %d\n", err);
1065 return KM_ERROR_UNKNOWN_ERROR;
1066 }
Bin Chen863f16f2016-08-25 15:13:51 +1000[diff] [blame]1067 if (outCharacteristics) {
1068 reply.readParcelable(outCharacteristics);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1069 }
1070 return ret;
1071 }
1072 virtual int32_t importKey(const String16& name, const KeymasterArguments& params,
1073 keymaster_key_format_t format, const uint8_t *keyData,
1074 size_t keyLength, int uid, int flags,
1075 KeyCharacteristics* outCharacteristics)
1076 {
1077 Parcel data, reply;
1078 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1079 data.writeString16(name);
1080 data.writeInt32(1);
1081 params.writeToParcel(&data);
1082 data.writeInt32(format);
1083 data.writeByteArray(keyLength, keyData);
1084 data.writeInt32(uid);
1085 data.writeInt32(flags);
1086 status_t status = remote()->transact(BnKeystoreService::IMPORT_KEY, data, &reply);
1087 if (status != NO_ERROR) {
1088 ALOGD("importKey() could not contact remote: %d\n", status);
1089 return KM_ERROR_UNKNOWN_ERROR;
1090 }
1091 int32_t err = reply.readExceptionCode();
1092 int32_t ret = reply.readInt32();
1093 if (err < 0) {
1094 ALOGD("importKey() caught exception %d\n", err);
1095 return KM_ERROR_UNKNOWN_ERROR;
1096 }
Bin Chen863f16f2016-08-25 15:13:51 +1000[diff] [blame]1097 if (outCharacteristics) {
1098 reply.readParcelable(outCharacteristics);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1099 }
1100 return ret;
1101 }
1102
1103 virtual void exportKey(const String16& name, keymaster_key_format_t format,
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1104 const keymaster_blob_t* clientId,
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]1105 const keymaster_blob_t* appData, int32_t uid, ExportResult* result)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1106 {
1107 if (!result) {
1108 return;
1109 }
1110
1111 Parcel data, reply;
1112 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1113 data.writeString16(name);
1114 data.writeInt32(format);
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1115 if (clientId) {
1116 data.writeByteArray(clientId->data_length, clientId->data);
1117 } else {
1118 data.writeInt32(-1);
1119 }
1120 if (appData) {
1121 data.writeByteArray(appData->data_length, appData->data);
1122 } else {
1123 data.writeInt32(-1);
1124 }
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]1125 data.writeInt32(uid);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1126 status_t status = remote()->transact(BnKeystoreService::EXPORT_KEY, data, &reply);
1127 if (status != NO_ERROR) {
1128 ALOGD("exportKey() could not contact remote: %d\n", status);
1129 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1130 return;
1131 }
1132 int32_t err = reply.readExceptionCode();
1133 if (err < 0) {
1134 ALOGD("exportKey() caught exception %d\n", err);
1135 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1136 return;
1137 }
Bin Chen96d62712016-08-25 14:41:53 +1000[diff] [blame]1138
1139 reply.readParcelable(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1140 }
1141
1142 virtual void begin(const sp<IBinder>& appToken, const String16& name,
1143 keymaster_purpose_t purpose, bool pruneable,
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1144 const KeymasterArguments& params, const uint8_t* entropy,
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]1145 size_t entropyLength, int32_t uid, OperationResult* result)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1146 {
Chad Brubaker57e106d2015-06-01 12:59:00 -0700[diff] [blame]1147 if (!result) {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1148 return;
1149 }
1150 Parcel data, reply;
1151 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1152 data.writeStrongBinder(appToken);
1153 data.writeString16(name);
1154 data.writeInt32(purpose);
1155 data.writeInt32(pruneable ? 1 : 0);
1156 data.writeInt32(1);
1157 params.writeToParcel(&data);
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1158 data.writeByteArray(entropyLength, entropy);
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]1159 data.writeInt32(uid);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1160 status_t status = remote()->transact(BnKeystoreService::BEGIN, data, &reply);
1161 if (status != NO_ERROR) {
1162 ALOGD("begin() could not contact remote: %d\n", status);
1163 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1164 return;
1165 }
1166 int32_t err = reply.readExceptionCode();
1167 if (err < 0) {
1168 ALOGD("begin() caught exception %d\n", err);
1169 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1170 return;
1171 }
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]1172
1173 reply.readParcelable(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1174 }
1175
1176 virtual void update(const sp<IBinder>& token, const KeymasterArguments& params,
Chad Brubaker40a1a9b2015-02-20 14:08:13 -0800[diff] [blame]1177 const uint8_t* opData, size_t dataLength, OperationResult* result)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1178 {
1179 if (!result) {
1180 return;
1181 }
1182 Parcel data, reply;
1183 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1184 data.writeStrongBinder(token);
1185 data.writeInt32(1);
1186 params.writeToParcel(&data);
1187 data.writeByteArray(dataLength, opData);
1188 status_t status = remote()->transact(BnKeystoreService::UPDATE, data, &reply);
1189 if (status != NO_ERROR) {
1190 ALOGD("update() could not contact remote: %d\n", status);
1191 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1192 return;
1193 }
1194 int32_t err = reply.readExceptionCode();
1195 if (err < 0) {
1196 ALOGD("update() caught exception %d\n", err);
1197 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1198 return;
1199 }
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]1200
1201 reply.readParcelable(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1202 }
1203
1204 virtual void finish(const sp<IBinder>& token, const KeymasterArguments& params,
Chad Brubaker0d33e0b2015-05-29 12:30:19 -0700[diff] [blame]1205 const uint8_t* signature, size_t signatureLength,
1206 const uint8_t* entropy, size_t entropyLength,
1207 OperationResult* result)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1208 {
1209 if (!result) {
1210 return;
1211 }
1212 Parcel data, reply;
1213 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1214 data.writeStrongBinder(token);
1215 data.writeInt32(1);
1216 params.writeToParcel(&data);
1217 data.writeByteArray(signatureLength, signature);
Chad Brubaker0d33e0b2015-05-29 12:30:19 -0700[diff] [blame]1218 data.writeByteArray(entropyLength, entropy);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1219 status_t status = remote()->transact(BnKeystoreService::FINISH, data, &reply);
1220 if (status != NO_ERROR) {
1221 ALOGD("finish() could not contact remote: %d\n", status);
1222 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1223 return;
1224 }
1225 int32_t err = reply.readExceptionCode();
1226 if (err < 0) {
1227 ALOGD("finish() caught exception %d\n", err);
1228 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1229 return;
1230 }
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]1231
1232 reply.readParcelable(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1233 }
1234
1235 virtual int32_t abort(const sp<IBinder>& token)
1236 {
1237 Parcel data, reply;
1238 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1239 data.writeStrongBinder(token);
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1240 status_t status = remote()->transact(BnKeystoreService::ABORT, data, &reply);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1241 if (status != NO_ERROR) {
1242 ALOGD("abort() could not contact remote: %d\n", status);
1243 return KM_ERROR_UNKNOWN_ERROR;
1244 }
1245 int32_t err = reply.readExceptionCode();
1246 int32_t ret = reply.readInt32();
1247 if (err < 0) {
1248 ALOGD("abort() caught exception %d\n", err);
1249 return KM_ERROR_UNKNOWN_ERROR;
1250 }
1251 return ret;
1252 }
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1253
1254 virtual bool isOperationAuthorized(const sp<IBinder>& token)
1255 {
1256 Parcel data, reply;
1257 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1258 data.writeStrongBinder(token);
1259 status_t status = remote()->transact(BnKeystoreService::IS_OPERATION_AUTHORIZED, data,
1260 &reply);
1261 if (status != NO_ERROR) {
1262 ALOGD("isOperationAuthorized() could not contact remote: %d\n", status);
1263 return false;
1264 }
1265 int32_t err = reply.readExceptionCode();
1266 int32_t ret = reply.readInt32();
1267 if (err < 0) {
1268 ALOGD("isOperationAuthorized() caught exception %d\n", err);
1269 return false;
1270 }
1271 return ret == 1;
1272 }
1273
1274 virtual int32_t addAuthToken(const uint8_t* token, size_t length)
1275 {
1276 Parcel data, reply;
1277 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1278 data.writeByteArray(length, token);
1279 status_t status = remote()->transact(BnKeystoreService::ADD_AUTH_TOKEN, data, &reply);
1280 if (status != NO_ERROR) {
1281 ALOGD("addAuthToken() could not contact remote: %d\n", status);
1282 return -1;
1283 }
1284 int32_t err = reply.readExceptionCode();
1285 int32_t ret = reply.readInt32();
1286 if (err < 0) {
1287 ALOGD("addAuthToken() caught exception %d\n", err);
1288 return -1;
1289 }
1290 return ret;
1291 };
Chad Brubakerc0f031a2015-05-12 10:43:10 -0700[diff] [blame]1292
1293 virtual int32_t onUserAdded(int32_t userId, int32_t parentId)
1294 {
1295 Parcel data, reply;
1296 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1297 data.writeInt32(userId);
1298 data.writeInt32(parentId);
1299 status_t status = remote()->transact(BnKeystoreService::ON_USER_ADDED, data, &reply);
1300 if (status != NO_ERROR) {
1301 ALOGD("onUserAdded() could not contact remote: %d\n", status);
1302 return -1;
1303 }
1304 int32_t err = reply.readExceptionCode();
1305 int32_t ret = reply.readInt32();
1306 if (err < 0) {
1307 ALOGD("onUserAdded() caught exception %d\n", err);
1308 return -1;
1309 }
1310 return ret;
1311 }
1312
1313 virtual int32_t onUserRemoved(int32_t userId)
1314 {
1315 Parcel data, reply;
1316 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1317 data.writeInt32(userId);
1318 status_t status = remote()->transact(BnKeystoreService::ON_USER_REMOVED, data, &reply);
1319 if (status != NO_ERROR) {
1320 ALOGD("onUserRemoved() could not contact remote: %d\n", status);
1321 return -1;
1322 }
1323 int32_t err = reply.readExceptionCode();
1324 int32_t ret = reply.readInt32();
1325 if (err < 0) {
1326 ALOGD("onUserRemoved() caught exception %d\n", err);
1327 return -1;
1328 }
1329 return ret;
1330 }
1331
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]1332 virtual int32_t attestKey(const String16& name, const KeymasterArguments& params,
1333 KeymasterCertificateChain* outChain) {
1334 if (!outChain)
1335 return KM_ERROR_OUTPUT_PARAMETER_NULL;
1336
1337 Parcel data, reply;
1338 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1339 data.writeString16(name);
1340 data.writeInt32(1); // params is not NULL.
1341 params.writeToParcel(&data);
1342
1343 status_t status = remote()->transact(BnKeystoreService::ATTEST_KEY, data, &reply);
1344 if (status != NO_ERROR) {
1345 ALOGD("attestkey() count not contact remote: %d\n", status);
1346 return KM_ERROR_UNKNOWN_ERROR;
1347 }
1348 int32_t err = reply.readExceptionCode();
1349 int32_t ret = reply.readInt32();
1350 if (err < 0) {
1351 ALOGD("attestKey() caught exception %d\n", err);
1352 return KM_ERROR_UNKNOWN_ERROR;
1353 }
1354 if (reply.readInt32() != 0) {
1355 outChain->readFromParcel(reply);
1356 }
1357 return ret;
1358 }
1359
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]1360 virtual int32_t onDeviceOffBody()
1361 {
1362 Parcel data, reply;
1363 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1364 status_t status = remote()->transact(BnKeystoreService::ON_DEVICE_OFF_BODY, data, &reply);
1365 if (status != NO_ERROR) {
1366 ALOGD("onDeviceOffBody() could not contact remote: %d\n", status);
1367 return -1;
1368 }
1369 int32_t err = reply.readExceptionCode();
1370 int32_t ret = reply.readInt32();
1371 if (err < 0) {
1372 ALOGD("onDeviceOffBody() caught exception %d\n", err);
1373 return -1;
1374 }
1375 return ret;
1376 }
1377
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1378};
1379
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]1380IMPLEMENT_META_INTERFACE(KeystoreService, "android.security.IKeystoreService");
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1381
1382// ----------------------------------------------------------------------
1383
1384status_t BnKeystoreService::onTransact(
1385 uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags)
1386{
1387 switch(code) {
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]1388 case GET_STATE: {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1389 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]1390 int32_t userId = data.readInt32();
1391 int32_t ret = getState(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1392 reply->writeNoException();
1393 reply->writeInt32(ret);
1394 return NO_ERROR;
1395 } break;
1396 case GET: {
1397 CHECK_INTERFACE(IKeystoreService, data, reply);
1398 String16 name = data.readString16();
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]1399 int32_t uid = data.readInt32();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1400 void* out = NULL;
1401 size_t outSize = 0;
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]1402 int32_t ret = get(name, uid, (uint8_t**) &out, &outSize);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1403 reply->writeNoException();
1404 if (ret == 1) {
1405 reply->writeInt32(outSize);
1406 void* buf = reply->writeInplace(outSize);
1407 memcpy(buf, out, outSize);
1408 free(out);
1409 } else {
1410 reply->writeInt32(-1);
1411 }
1412 return NO_ERROR;
1413 } break;
1414 case INSERT: {
1415 CHECK_INTERFACE(IKeystoreService, data, reply);
1416 String16 name = data.readString16();
1417 ssize_t inSize = data.readInt32();
1418 const void* in;
1419 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1420 in = data.readInplace(inSize);
1421 } else {
1422 in = NULL;
1423 inSize = 0;
1424 }
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1425 int uid = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]1426 int32_t flags = data.readInt32();
1427 int32_t ret = insert(name, (const uint8_t*) in, (size_t) inSize, uid, flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1428 reply->writeNoException();
1429 reply->writeInt32(ret);
1430 return NO_ERROR;
1431 } break;
1432 case DEL: {
1433 CHECK_INTERFACE(IKeystoreService, data, reply);
1434 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1435 int uid = data.readInt32();
1436 int32_t ret = del(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1437 reply->writeNoException();
1438 reply->writeInt32(ret);
1439 return NO_ERROR;
1440 } break;
1441 case EXIST: {
1442 CHECK_INTERFACE(IKeystoreService, data, reply);
1443 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1444 int uid = data.readInt32();
1445 int32_t ret = exist(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1446 reply->writeNoException();
1447 reply->writeInt32(ret);
1448 return NO_ERROR;
1449 } break;
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]1450 case LIST: {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1451 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]1452 String16 prefix = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1453 int uid = data.readInt32();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1454 Vector<String16> matches;
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]1455 int32_t ret = list(prefix, uid, &matches);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1456 reply->writeNoException();
1457 reply->writeInt32(matches.size());
1458 Vector<String16>::const_iterator it = matches.begin();
1459 for (; it != matches.end(); ++it) {
1460 reply->writeString16(*it);
1461 }
1462 reply->writeInt32(ret);
1463 return NO_ERROR;
1464 } break;
1465 case RESET: {
1466 CHECK_INTERFACE(IKeystoreService, data, reply);
1467 int32_t ret = reset();
1468 reply->writeNoException();
1469 reply->writeInt32(ret);
1470 return NO_ERROR;
1471 } break;
Chad Brubaker96d6d782015-05-07 10:19:40 -0700[diff] [blame]1472 case ON_USER_PASSWORD_CHANGED: {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1473 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubaker96d6d782015-05-07 10:19:40 -0700[diff] [blame]1474 int32_t userId = data.readInt32();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1475 String16 pass = data.readString16();
Chad Brubaker96d6d782015-05-07 10:19:40 -0700[diff] [blame]1476 int32_t ret = onUserPasswordChanged(userId, pass);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1477 reply->writeNoException();
1478 reply->writeInt32(ret);
1479 return NO_ERROR;
1480 } break;
1481 case LOCK: {
1482 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]1483 int32_t userId = data.readInt32();
1484 int32_t ret = lock(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1485 reply->writeNoException();
1486 reply->writeInt32(ret);
1487 return NO_ERROR;
1488 } break;
1489 case UNLOCK: {
1490 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubaker96d6d782015-05-07 10:19:40 -0700[diff] [blame]1491 int32_t userId = data.readInt32();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1492 String16 pass = data.readString16();
Chad Brubaker96d6d782015-05-07 10:19:40 -0700[diff] [blame]1493 int32_t ret = unlock(userId, pass);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1494 reply->writeNoException();
1495 reply->writeInt32(ret);
1496 return NO_ERROR;
1497 } break;
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]1498 case IS_EMPTY: {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1499 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]1500 int32_t userId = data.readInt32();
1501 bool ret = isEmpty(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1502 reply->writeNoException();
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]1503 reply->writeInt32(ret ? 1 : 0);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1504 return NO_ERROR;
1505 } break;
1506 case GENERATE: {
1507 CHECK_INTERFACE(IKeystoreService, data, reply);
1508 String16 name = data.readString16();
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1509 int32_t uid = data.readInt32();
1510 int32_t keyType = data.readInt32();
1511 int32_t keySize = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]1512 int32_t flags = data.readInt32();
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1513 Vector<sp<KeystoreArg> > args;
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]1514 int32_t argsPresent = data.readInt32();
1515 if (argsPresent == 1) {
1516 ssize_t numArgs = data.readInt32();
Chad Brubakered4f5662015-01-14 19:22:09 -0800[diff] [blame]1517 if (numArgs > MAX_GENERATE_ARGS) {
1518 return BAD_VALUE;
1519 }
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]1520 if (numArgs > 0) {
1521 for (size_t i = 0; i < (size_t) numArgs; i++) {
1522 ssize_t inSize = data.readInt32();
1523 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1524 sp<KeystoreArg> arg = new KeystoreArg(data.readInplace(inSize),
1525 inSize);
1526 args.push_back(arg);
1527 } else {
1528 args.push_back(NULL);
1529 }
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1530 }
1531 }
1532 }
1533 int32_t ret = generate(name, uid, keyType, keySize, flags, &args);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1534 reply->writeNoException();
1535 reply->writeInt32(ret);
1536 return NO_ERROR;
1537 } break;
1538 case IMPORT: {
1539 CHECK_INTERFACE(IKeystoreService, data, reply);
1540 String16 name = data.readString16();
1541 ssize_t inSize = data.readInt32();
1542 const void* in;
1543 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1544 in = data.readInplace(inSize);
1545 } else {
1546 in = NULL;
1547 inSize = 0;
1548 }
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1549 int uid = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]1550 int32_t flags = data.readInt32();
1551 int32_t ret = import(name, (const uint8_t*) in, (size_t) inSize, uid, flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1552 reply->writeNoException();
1553 reply->writeInt32(ret);
1554 return NO_ERROR;
1555 } break;
1556 case SIGN: {
1557 CHECK_INTERFACE(IKeystoreService, data, reply);
1558 String16 name = data.readString16();
1559 ssize_t inSize = data.readInt32();
1560 const void* in;
1561 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1562 in = data.readInplace(inSize);
1563 } else {
1564 in = NULL;
1565 inSize = 0;
1566 }
1567 void* out = NULL;
1568 size_t outSize = 0;
1569 int32_t ret = sign(name, (const uint8_t*) in, (size_t) inSize, (uint8_t**) &out, &outSize);
1570 reply->writeNoException();
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1571 if (outSize > 0 && out != NULL) {
1572 reply->writeInt32(outSize);
1573 void* buf = reply->writeInplace(outSize);
1574 memcpy(buf, out, outSize);
Chad Brubaker3a7d9e62015-06-04 15:01:46 -0700[diff] [blame]1575 delete[] reinterpret_cast<uint8_t*>(out);
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1576 } else {
Kenny Roote289c402013-02-14 11:31:53 -0800[diff] [blame]1577 reply->writeInt32(-1);
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1578 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1579 reply->writeInt32(ret);
1580 return NO_ERROR;
1581 } break;
1582 case VERIFY: {
1583 CHECK_INTERFACE(IKeystoreService, data, reply);
1584 String16 name = data.readString16();
1585 ssize_t inSize = data.readInt32();
1586 const void* in;
1587 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1588 in = data.readInplace(inSize);
1589 } else {
1590 in = NULL;
1591 inSize = 0;
1592 }
1593 ssize_t sigSize = data.readInt32();
1594 const void* sig;
1595 if (sigSize >= 0 && (size_t) sigSize <= data.dataAvail()) {
1596 sig = data.readInplace(sigSize);
1597 } else {
1598 sig = NULL;
1599 sigSize = 0;
1600 }
1601 bool ret = verify(name, (const uint8_t*) in, (size_t) inSize, (const uint8_t*) sig,
1602 (size_t) sigSize);
1603 reply->writeNoException();
1604 reply->writeInt32(ret ? 1 : 0);
1605 return NO_ERROR;
1606 } break;
1607 case GET_PUBKEY: {
1608 CHECK_INTERFACE(IKeystoreService, data, reply);
1609 String16 name = data.readString16();
1610 void* out = NULL;
1611 size_t outSize = 0;
1612 int32_t ret = get_pubkey(name, (unsigned char**) &out, &outSize);
1613 reply->writeNoException();
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1614 if (outSize > 0 && out != NULL) {
1615 reply->writeInt32(outSize);
1616 void* buf = reply->writeInplace(outSize);
1617 memcpy(buf, out, outSize);
1618 free(out);
1619 } else {
Kenny Roote289c402013-02-14 11:31:53 -0800[diff] [blame]1620 reply->writeInt32(-1);
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1621 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1622 reply->writeInt32(ret);
1623 return NO_ERROR;
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1624 } break;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1625 case GRANT: {
1626 CHECK_INTERFACE(IKeystoreService, data, reply);
1627 String16 name = data.readString16();
1628 int32_t granteeUid = data.readInt32();
1629 int32_t ret = grant(name, granteeUid);
1630 reply->writeNoException();
1631 reply->writeInt32(ret);
1632 return NO_ERROR;
1633 } break;
1634 case UNGRANT: {
1635 CHECK_INTERFACE(IKeystoreService, data, reply);
1636 String16 name = data.readString16();
1637 int32_t granteeUid = data.readInt32();
1638 int32_t ret = ungrant(name, granteeUid);
1639 reply->writeNoException();
1640 reply->writeInt32(ret);
1641 return NO_ERROR;
1642 } break;
1643 case GETMTIME: {
1644 CHECK_INTERFACE(IKeystoreService, data, reply);
1645 String16 name = data.readString16();
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]1646 int32_t uid = data.readInt32();
1647 int64_t ret = getmtime(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1648 reply->writeNoException();
1649 reply->writeInt64(ret);
1650 return NO_ERROR;
1651 } break;
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]1652 case DUPLICATE: {
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]1653 CHECK_INTERFACE(IKeystoreService, data, reply);
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]1654 String16 srcKey = data.readString16();
1655 int32_t srcUid = data.readInt32();
1656 String16 destKey = data.readString16();
1657 int32_t destUid = data.readInt32();
1658 int32_t ret = duplicate(srcKey, srcUid, destKey, destUid);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]1659 reply->writeNoException();
1660 reply->writeInt32(ret);
1661 return NO_ERROR;
1662 } break;
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]1663 case IS_HARDWARE_BACKED: {
1664 CHECK_INTERFACE(IKeystoreService, data, reply);
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]1665 String16 keyType = data.readString16();
1666 int32_t ret = is_hardware_backed(keyType);
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]1667 reply->writeNoException();
1668 reply->writeInt32(ret);
1669 return NO_ERROR;
1670 }
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]1671 case CLEAR_UID: {
1672 CHECK_INTERFACE(IKeystoreService, data, reply);
1673 int64_t uid = data.readInt64();
1674 int32_t ret = clear_uid(uid);
1675 reply->writeNoException();
1676 reply->writeInt32(ret);
1677 return NO_ERROR;
1678 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1679 case ADD_RNG_ENTROPY: {
1680 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1681 const uint8_t* bytes = NULL;
1682 size_t size = 0;
1683 readByteArray(data, &bytes, &size);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1684 int32_t ret = addRngEntropy(bytes, size);
1685 reply->writeNoException();
1686 reply->writeInt32(ret);
1687 return NO_ERROR;
1688 }
1689 case GENERATE_KEY: {
1690 CHECK_INTERFACE(IKeystoreService, data, reply);
1691 String16 name = data.readString16();
1692 KeymasterArguments args;
1693 if (data.readInt32() != 0) {
1694 args.readFromParcel(data);
1695 }
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1696 const uint8_t* entropy = NULL;
1697 size_t entropyLength = 0;
1698 readByteArray(data, &entropy, &entropyLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1699 int32_t uid = data.readInt32();
1700 int32_t flags = data.readInt32();
1701 KeyCharacteristics outCharacteristics;
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1702 int32_t ret = generateKey(name, args, entropy, entropyLength, uid, flags,
1703 &outCharacteristics);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1704 reply->writeNoException();
1705 reply->writeInt32(ret);
Bin Chen863f16f2016-08-25 15:13:51 +1000[diff] [blame]1706 reply->writeParcelable(outCharacteristics);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1707 return NO_ERROR;
1708 }
1709 case GET_KEY_CHARACTERISTICS: {
1710 CHECK_INTERFACE(IKeystoreService, data, reply);
1711 String16 name = data.readString16();
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1712 std::unique_ptr<keymaster_blob_t> clientId = readKeymasterBlob(data);
1713 std::unique_ptr<keymaster_blob_t> appData = readKeymasterBlob(data);
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]1714 int32_t uid = data.readInt32();
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1715 KeyCharacteristics outCharacteristics;
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]1716 int ret = getKeyCharacteristics(name, clientId.get(), appData.get(), uid,
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1717 &outCharacteristics);
Bin Chen62ddfe02016-09-02 22:01:36 +1000[diff] [blame]1718 if (clientId.get() && clientId->data) {
1719 free(const_cast<void*>(static_cast<const void*>(clientId->data)));
1720 }
1721 if (appData.get() && appData->data) {
1722 free(const_cast<void*>(static_cast<const void*>(appData->data)));
1723 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1724 reply->writeNoException();
1725 reply->writeInt32(ret);
Bin Chen863f16f2016-08-25 15:13:51 +1000[diff] [blame]1726 reply->writeParcelable(outCharacteristics);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1727 return NO_ERROR;
1728 }
1729 case IMPORT_KEY: {
1730 CHECK_INTERFACE(IKeystoreService, data, reply);
1731 String16 name = data.readString16();
1732 KeymasterArguments args;
1733 if (data.readInt32() != 0) {
1734 args.readFromParcel(data);
1735 }
1736 keymaster_key_format_t format = static_cast<keymaster_key_format_t>(data.readInt32());
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1737 const uint8_t* keyData = NULL;
1738 size_t keyLength = 0;
1739 readByteArray(data, &keyData, &keyLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1740 int32_t uid = data.readInt32();
1741 int32_t flags = data.readInt32();
1742 KeyCharacteristics outCharacteristics;
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1743 int32_t ret = importKey(name, args, format, keyData, keyLength, uid, flags,
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1744 &outCharacteristics);
1745 reply->writeNoException();
1746 reply->writeInt32(ret);
Bin Chen863f16f2016-08-25 15:13:51 +1000[diff] [blame]1747 reply->writeParcelable(outCharacteristics);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1748 return NO_ERROR;
1749 }
1750 case EXPORT_KEY: {
1751 CHECK_INTERFACE(IKeystoreService, data, reply);
1752 String16 name = data.readString16();
1753 keymaster_key_format_t format = static_cast<keymaster_key_format_t>(data.readInt32());
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1754 std::unique_ptr<keymaster_blob_t> clientId = readKeymasterBlob(data);
1755 std::unique_ptr<keymaster_blob_t> appData = readKeymasterBlob(data);
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]1756 int32_t uid = data.readInt32();
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1757 ExportResult result;
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]1758 exportKey(name, format, clientId.get(), appData.get(), uid, &result);
Bin Chen62ddfe02016-09-02 22:01:36 +1000[diff] [blame]1759 if (clientId.get() && clientId->data) {
1760 free(const_cast<void*>(static_cast<const void*>(clientId->data)));
1761 }
1762 if (appData.get() && appData->data) {
1763 free(const_cast<void*>(static_cast<const void*>(appData->data)));
1764 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1765 reply->writeNoException();
Bin Chen96d62712016-08-25 14:41:53 +1000[diff] [blame]1766 reply->writeParcelable(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1767
1768 return NO_ERROR;
1769 }
1770 case BEGIN: {
1771 CHECK_INTERFACE(IKeystoreService, data, reply);
1772 sp<IBinder> token = data.readStrongBinder();
1773 String16 name = data.readString16();
1774 keymaster_purpose_t purpose = static_cast<keymaster_purpose_t>(data.readInt32());
1775 bool pruneable = data.readInt32() != 0;
1776 KeymasterArguments args;
1777 if (data.readInt32() != 0) {
1778 args.readFromParcel(data);
1779 }
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1780 const uint8_t* entropy = NULL;
1781 size_t entropyLength = 0;
1782 readByteArray(data, &entropy, &entropyLength);
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]1783 int32_t uid = data.readInt32();
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1784 OperationResult result;
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]1785 begin(token, name, purpose, pruneable, args, entropy, entropyLength, uid, &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1786 reply->writeNoException();
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]1787 reply->writeParcelable(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1788
1789 return NO_ERROR;
1790 }
1791 case UPDATE: {
1792 CHECK_INTERFACE(IKeystoreService, data, reply);
1793 sp<IBinder> token = data.readStrongBinder();
1794 KeymasterArguments args;
1795 if (data.readInt32() != 0) {
1796 args.readFromParcel(data);
1797 }
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1798 const uint8_t* buf = NULL;
1799 size_t bufLength = 0;
1800 readByteArray(data, &buf, &bufLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1801 OperationResult result;
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1802 update(token, args, buf, bufLength, &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1803 reply->writeNoException();
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]1804 reply->writeParcelable(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1805
1806 return NO_ERROR;
1807 }
1808 case FINISH: {
1809 CHECK_INTERFACE(IKeystoreService, data, reply);
1810 sp<IBinder> token = data.readStrongBinder();
1811 KeymasterArguments args;
1812 if (data.readInt32() != 0) {
1813 args.readFromParcel(data);
1814 }
Chad Brubaker0d33e0b2015-05-29 12:30:19 -0700[diff] [blame]1815 const uint8_t* signature = NULL;
1816 size_t signatureLength = 0;
1817 readByteArray(data, &signature, &signatureLength);
1818 const uint8_t* entropy = NULL;
1819 size_t entropyLength = 0;
1820 readByteArray(data, &entropy, &entropyLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1821 OperationResult result;
Chad Brubaker0d33e0b2015-05-29 12:30:19 -0700[diff] [blame]1822 finish(token, args, signature, signatureLength, entropy, entropyLength, &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1823 reply->writeNoException();
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]1824 reply->writeParcelable(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1825
1826 return NO_ERROR;
1827 }
1828 case ABORT: {
1829 CHECK_INTERFACE(IKeystoreService, data, reply);
1830 sp<IBinder> token = data.readStrongBinder();
1831 int32_t result = abort(token);
1832 reply->writeNoException();
1833 reply->writeInt32(result);
1834
1835 return NO_ERROR;
1836 }
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1837 case IS_OPERATION_AUTHORIZED: {
1838 CHECK_INTERFACE(IKeystoreService, data, reply);
1839 sp<IBinder> token = data.readStrongBinder();
1840 bool result = isOperationAuthorized(token);
1841 reply->writeNoException();
1842 reply->writeInt32(result ? 1 : 0);
1843
1844 return NO_ERROR;
1845 }
1846 case ADD_AUTH_TOKEN: {
1847 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1848 const uint8_t* token_bytes = NULL;
1849 size_t size = 0;
1850 readByteArray(data, &token_bytes, &size);
1851 int32_t result = addAuthToken(token_bytes, size);
1852 reply->writeNoException();
1853 reply->writeInt32(result);
1854
1855 return NO_ERROR;
1856 }
Chad Brubakerc0f031a2015-05-12 10:43:10 -0700[diff] [blame]1857 case ON_USER_ADDED: {
1858 CHECK_INTERFACE(IKeystoreService, data, reply);
1859 int32_t userId = data.readInt32();
1860 int32_t parentId = data.readInt32();
1861 int32_t result = onUserAdded(userId, parentId);
1862 reply->writeNoException();
1863 reply->writeInt32(result);
1864
1865 return NO_ERROR;
1866 }
1867 case ON_USER_REMOVED: {
1868 CHECK_INTERFACE(IKeystoreService, data, reply);
1869 int32_t userId = data.readInt32();
1870 int32_t result = onUserRemoved(userId);
1871 reply->writeNoException();
1872 reply->writeInt32(result);
1873
1874 return NO_ERROR;
1875 }
Shawn Willden3976b6c2016-02-06 20:31:15 -0700[diff] [blame]1876 case ATTEST_KEY: {
1877 CHECK_INTERFACE(IKeystoreService, data, reply);
1878 String16 name = data.readString16();
1879 KeymasterArguments params;
1880 if (data.readInt32() != 0) {
1881 params.readFromParcel(data);
1882 }
1883 KeymasterCertificateChain chain;
1884 int ret = attestKey(name, params, &chain);
1885 reply->writeNoException();
1886 reply->writeInt32(ret);
1887 reply->writeInt32(1);
1888 chain.writeToParcel(reply);
1889
1890 return NO_ERROR;
1891 }
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]1892 case ON_DEVICE_OFF_BODY: {
1893 CHECK_INTERFACE(IKeystoreService, data, reply);
1894 int32_t ret = onDeviceOffBody();
1895 reply->writeNoException();
1896 reply->writeInt32(ret);
1897
1898 return NO_ERROR;
1899 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1900 default:
1901 return BBinder::onTransact(code, data, reply, flags);
1902 }
1903}
1904
1905// ----------------------------------------------------------------------------
1906
1907}; // namespace android