Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 8521f7a41c717a064960f7535b1665b96a8dbba4 / . / keystore / IKeystoreService.cpp
blob: 0fb3fcb0d3b1a8ed4110907499097ff425bd07b5 [file] [log] [blame]
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1/*
2**
3** Copyright 2008, The Android Open Source Project
4**
5** Licensed under the Apache License, Version 2.0 (the "License");
6** you may not use this file except in compliance with the License.
7** You may obtain a copy of the License at
8**
9** http://www.apache.org/licenses/LICENSE-2.0
10**
11** Unless required by applicable law or agreed to in writing, software
12** distributed under the License is distributed on an "AS IS" BASIS,
13** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14** See the License for the specific language governing permissions and
15** limitations under the License.
16*/
17
18#include <stdint.h>
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]19#include <sys/limits.h>
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]20#include <sys/types.h>
21
22#define LOG_TAG "KeystoreService"
23#include <utils/Log.h>
24
25#include <binder/Parcel.h>
26#include <binder/IPCThreadState.h>
27#include <binder/IServiceManager.h>
28
29#include <keystore/IKeystoreService.h>
30
31namespace android {
32
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]33static keymaster_key_param_t* readParamList(const Parcel& in, size_t* length);
34
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]35KeystoreArg::KeystoreArg(const void* data, size_t len)
36 : mData(data), mSize(len) {
37}
38
39KeystoreArg::~KeystoreArg() {
40}
41
42const void *KeystoreArg::data() const {
43 return mData;
44}
45
46size_t KeystoreArg::size() const {
47 return mSize;
48}
49
Chad Brubakerc3a18562015-03-17 18:21:35 -0700[diff] [blame]50OperationResult::OperationResult() : resultCode(0), token(), handle(0), inputConsumed(0),
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]51 data(NULL), dataLength(0) {
52}
53
54OperationResult::~OperationResult() {
55}
56
57void OperationResult::readFromParcel(const Parcel& in) {
58 resultCode = in.readInt32();
59 token = in.readStrongBinder();
Chad Brubakerc3a18562015-03-17 18:21:35 -0700[diff] [blame]60 handle = static_cast<keymaster_operation_handle_t>(in.readInt64());
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]61 inputConsumed = in.readInt32();
62 ssize_t length = in.readInt32();
63 dataLength = 0;
64 if (length > 0) {
65 const void* buf = in.readInplace(length);
66 if (buf) {
67 data.reset(reinterpret_cast<uint8_t*>(malloc(length)));
68 if (data.get()) {
69 memcpy(data.get(), buf, length);
70 dataLength = (size_t) length;
71 } else {
72 ALOGE("Failed to allocate OperationResult buffer");
73 }
74 } else {
75 ALOGE("Failed to readInplace OperationResult data");
76 }
77 }
78}
79
80void OperationResult::writeToParcel(Parcel* out) const {
81 out->writeInt32(resultCode);
82 out->writeStrongBinder(token);
Chad Brubakerc3a18562015-03-17 18:21:35 -0700[diff] [blame]83 out->writeInt64(handle);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]84 out->writeInt32(inputConsumed);
85 out->writeInt32(dataLength);
86 if (dataLength && data) {
87 void* buf = out->writeInplace(dataLength);
88 if (buf) {
89 memcpy(buf, data.get(), dataLength);
90 } else {
91 ALOGE("Failed to writeInplace OperationResult data.");
92 }
93 }
94}
95
96ExportResult::ExportResult() : resultCode(0), exportData(NULL), dataLength(0) {
97}
98
99ExportResult::~ExportResult() {
100}
101
102void ExportResult::readFromParcel(const Parcel& in) {
103 resultCode = in.readInt32();
104 ssize_t length = in.readInt32();
105 dataLength = 0;
106 if (length > 0) {
107 const void* buf = in.readInplace(length);
108 if (buf) {
109 exportData.reset(reinterpret_cast<uint8_t*>(malloc(length)));
110 if (exportData.get()) {
111 memcpy(exportData.get(), buf, length);
112 dataLength = (size_t) length;
113 } else {
114 ALOGE("Failed to allocate ExportData buffer");
115 }
116 } else {
117 ALOGE("Failed to readInplace ExportData data");
118 }
119 }
120}
121
122void ExportResult::writeToParcel(Parcel* out) const {
123 out->writeInt32(resultCode);
124 out->writeInt32(dataLength);
125 if (exportData && dataLength) {
126 void* buf = out->writeInplace(dataLength);
127 if (buf) {
128 memcpy(buf, exportData.get(), dataLength);
129 } else {
130 ALOGE("Failed to writeInplace ExportResult data.");
131 }
132 }
133}
134
135KeymasterArguments::KeymasterArguments() {
136}
137
138KeymasterArguments::~KeymasterArguments() {
139 keymaster_free_param_values(params.data(), params.size());
140}
141
142void KeymasterArguments::readFromParcel(const Parcel& in) {
143 ssize_t length = in.readInt32();
144 size_t ulength = (size_t) length;
145 if (length < 0) {
146 ulength = 0;
147 }
148 keymaster_free_param_values(params.data(), params.size());
149 params.clear();
150 for(size_t i = 0; i < ulength; i++) {
151 keymaster_key_param_t param;
152 if (!readKeymasterArgumentFromParcel(in, &param)) {
153 ALOGE("Error reading keymaster argument from parcel");
154 break;
155 }
156 params.push_back(param);
157 }
158}
159
160void KeymasterArguments::writeToParcel(Parcel* out) const {
161 out->writeInt32(params.size());
162 for (auto param : params) {
163 out->writeInt32(1);
164 writeKeymasterArgumentToParcel(param, out);
165 }
166}
167
168KeyCharacteristics::KeyCharacteristics() {
169 memset((void*) &characteristics, 0, sizeof(characteristics));
170}
171
172KeyCharacteristics::~KeyCharacteristics() {
173 keymaster_free_characteristics(&characteristics);
174}
175
176void KeyCharacteristics::readFromParcel(const Parcel& in) {
177 size_t length = 0;
178 keymaster_key_param_t* params = readParamList(in, &length);
179 characteristics.sw_enforced.params = params;
180 characteristics.sw_enforced.length = length;
181
182 params = readParamList(in, &length);
183 characteristics.hw_enforced.params = params;
184 characteristics.hw_enforced.length = length;
185}
186
187void KeyCharacteristics::writeToParcel(Parcel* out) const {
188 if (characteristics.sw_enforced.params) {
189 out->writeInt32(characteristics.sw_enforced.length);
190 for (size_t i = 0; i < characteristics.sw_enforced.length; i++) {
191 out->writeInt32(1);
192 writeKeymasterArgumentToParcel(characteristics.sw_enforced.params[i], out);
193 }
194 } else {
195 out->writeInt32(0);
196 }
197 if (characteristics.hw_enforced.params) {
198 out->writeInt32(characteristics.hw_enforced.length);
199 for (size_t i = 0; i < characteristics.hw_enforced.length; i++) {
200 out->writeInt32(1);
201 writeKeymasterArgumentToParcel(characteristics.hw_enforced.params[i], out);
202 }
203 } else {
204 out->writeInt32(0);
205 }
206}
207
208void writeKeymasterArgumentToParcel(const keymaster_key_param_t& param, Parcel* out) {
209 switch (keymaster_tag_get_type(param.tag)) {
210 case KM_ENUM:
211 case KM_ENUM_REP: {
212 out->writeInt32(param.tag);
213 out->writeInt32(param.enumerated);
214 break;
215 }
216 case KM_INT:
217 case KM_INT_REP: {
218 out->writeInt32(param.tag);
219 out->writeInt32(param.integer);
220 break;
221 }
Chad Brubaker686db062015-04-16 14:21:10 -0700[diff] [blame]222 case KM_LONG:
223 case KM_LONG_REP: {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]224 out->writeInt32(param.tag);
225 out->writeInt64(param.long_integer);
226 break;
227 }
228 case KM_DATE: {
229 out->writeInt32(param.tag);
230 out->writeInt64(param.date_time);
231 break;
232 }
233 case KM_BOOL: {
234 out->writeInt32(param.tag);
235 break;
236 }
237 case KM_BIGNUM:
238 case KM_BYTES: {
239 out->writeInt32(param.tag);
240 out->writeInt32(param.blob.data_length);
241 void* buf = out->writeInplace(param.blob.data_length);
242 if (buf) {
243 memcpy(buf, param.blob.data, param.blob.data_length);
244 } else {
245 ALOGE("Failed to writeInplace keymaster blob param");
246 }
247 break;
248 }
249 default: {
250 ALOGE("Failed to write argument: Unsupported keymaster_tag_t %d", param.tag);
251 }
252 }
253}
254
255
256bool readKeymasterArgumentFromParcel(const Parcel& in, keymaster_key_param_t* out) {
257 if (in.readInt32() == 0) {
258 return false;
259 }
260 keymaster_tag_t tag = static_cast<keymaster_tag_t>(in.readInt32());
261 switch (keymaster_tag_get_type(tag)) {
262 case KM_ENUM:
263 case KM_ENUM_REP: {
264 uint32_t value = in.readInt32();
265 *out = keymaster_param_enum(tag, value);
266 break;
267 }
268 case KM_INT:
269 case KM_INT_REP: {
270 uint32_t value = in.readInt32();
271 *out = keymaster_param_int(tag, value);
272 break;
273 }
Chad Brubaker686db062015-04-16 14:21:10 -0700[diff] [blame]274 case KM_LONG:
275 case KM_LONG_REP: {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]276 uint64_t value = in.readInt64();
277 *out = keymaster_param_long(tag, value);
278 break;
279 }
280 case KM_DATE: {
281 uint64_t value = in.readInt64();
282 *out = keymaster_param_date(tag, value);
283 break;
284 }
285 case KM_BOOL: {
286 *out = keymaster_param_bool(tag);
287 break;
288 }
289 case KM_BIGNUM:
290 case KM_BYTES: {
291 ssize_t length = in.readInt32();
292 uint8_t* data = NULL;
293 size_t ulength = 0;
294 if (length >= 0) {
295 ulength = (size_t) length;
296 // use malloc here so we can use keymaster_free_param_values
297 // consistently.
298 data = reinterpret_cast<uint8_t*>(malloc(ulength));
299 const void* buf = in.readInplace(ulength);
300 if (!buf || !data) {
301 ALOGE("Failed to allocate buffer for keymaster blob param");
302 return false;
303 }
304 memcpy(data, buf, ulength);
305 }
306 *out = keymaster_param_blob(tag, data, ulength);
307 break;
308 }
309 default: {
310 ALOGE("Unsupported keymaster_tag_t %d", tag);
311 return false;
312 }
313 }
314 return true;
315}
316
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]317/**
318 * Read a byte array from in. The data at *data is still owned by the parcel
319 */
320static void readByteArray(const Parcel& in, const uint8_t** data, size_t* length) {
321 ssize_t slength = in.readInt32();
322 if (slength > 0) {
323 *data = reinterpret_cast<const uint8_t*>(in.readInplace(slength));
324 if (*data) {
325 *length = static_cast<size_t>(slength);
326 } else {
327 *length = 0;
328 }
329 } else {
330 *data = NULL;
331 *length = 0;
332 }
333}
334
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]335// Read a keymaster_key_param_t* from a Parcel for use in a
336// keymaster_key_characteristics_t. This will be free'd by calling
337// keymaster_free_key_characteristics.
338static keymaster_key_param_t* readParamList(const Parcel& in, size_t* length) {
339 ssize_t slength = in.readInt32();
340 *length = 0;
341 if (slength < 0) {
342 return NULL;
343 }
344 *length = (size_t) slength;
345 if (*length >= UINT_MAX / sizeof(keymaster_key_param_t)) {
346 return NULL;
347 }
348 keymaster_key_param_t* list =
349 reinterpret_cast<keymaster_key_param_t*>(malloc(*length *
350 sizeof(keymaster_key_param_t)));
351 if (!list) {
352 ALOGD("Failed to allocate buffer for generateKey outCharacteristics");
353 goto err;
354 }
355 for (size_t i = 0; i < *length ; i++) {
356 if (!readKeymasterArgumentFromParcel(in, &list[i])) {
357 ALOGE("Failed to read keymaster argument");
358 keymaster_free_param_values(list, i);
359 goto err;
360 }
361 }
362 return list;
363err:
364 free(list);
365 return NULL;
366}
367
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]368static std::unique_ptr<keymaster_blob_t> readKeymasterBlob(const Parcel& in) {
369 std::unique_ptr<keymaster_blob_t> blob;
370 if (in.readInt32() != 1) {
371 blob.reset(NULL);
372 return blob;
373 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]374 ssize_t length = in.readInt32();
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]375 blob.reset(new keymaster_blob_t);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]376 if (length > 0) {
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]377 blob->data = reinterpret_cast<const uint8_t*>(in.readInplace(length));
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]378 if (blob->data) {
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]379 blob->data_length = static_cast<size_t>(length);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]380 } else {
381 blob->data_length = 0;
382 }
383 } else {
384 blob->data = NULL;
385 blob->data_length = 0;
386 }
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]387 return blob;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]388}
389
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]390class BpKeystoreService: public BpInterface<IKeystoreService>
391{
392public:
393 BpKeystoreService(const sp<IBinder>& impl)
394 : BpInterface<IKeystoreService>(impl)
395 {
396 }
397
398 // test ping
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]399 virtual int32_t getState(int32_t userId)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]400 {
401 Parcel data, reply;
402 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]403 data.writeInt32(userId);
404 status_t status = remote()->transact(BnKeystoreService::GET_STATE, data, &reply);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]405 if (status != NO_ERROR) {
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]406 ALOGD("getState() could not contact remote: %d\n", status);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]407 return -1;
408 }
409 int32_t err = reply.readExceptionCode();
410 int32_t ret = reply.readInt32();
411 if (err < 0) {
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]412 ALOGD("getState() caught exception %d\n", err);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]413 return -1;
414 }
415 return ret;
416 }
417
418 virtual int32_t get(const String16& name, uint8_t** item, size_t* itemLength)
419 {
420 Parcel data, reply;
421 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
422 data.writeString16(name);
423 status_t status = remote()->transact(BnKeystoreService::GET, data, &reply);
424 if (status != NO_ERROR) {
425 ALOGD("get() could not contact remote: %d\n", status);
426 return -1;
427 }
428 int32_t err = reply.readExceptionCode();
429 ssize_t len = reply.readInt32();
430 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
431 size_t ulen = (size_t) len;
432 const void* buf = reply.readInplace(ulen);
433 *item = (uint8_t*) malloc(ulen);
434 if (*item != NULL) {
435 memcpy(*item, buf, ulen);
436 *itemLength = ulen;
437 } else {
438 ALOGE("out of memory allocating output array in get");
439 *itemLength = 0;
440 }
441 } else {
442 *itemLength = 0;
443 }
444 if (err < 0) {
445 ALOGD("get() caught exception %d\n", err);
446 return -1;
447 }
448 return 0;
449 }
450
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]451 virtual int32_t insert(const String16& name, const uint8_t* item, size_t itemLength, int uid,
452 int32_t flags)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]453 {
454 Parcel data, reply;
455 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
456 data.writeString16(name);
457 data.writeInt32(itemLength);
458 void* buf = data.writeInplace(itemLength);
459 memcpy(buf, item, itemLength);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]460 data.writeInt32(uid);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]461 data.writeInt32(flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]462 status_t status = remote()->transact(BnKeystoreService::INSERT, data, &reply);
463 if (status != NO_ERROR) {
464 ALOGD("import() could not contact remote: %d\n", status);
465 return -1;
466 }
467 int32_t err = reply.readExceptionCode();
468 int32_t ret = reply.readInt32();
469 if (err < 0) {
470 ALOGD("import() caught exception %d\n", err);
471 return -1;
472 }
473 return ret;
474 }
475
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]476 virtual int32_t del(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]477 {
478 Parcel data, reply;
479 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
480 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]481 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]482 status_t status = remote()->transact(BnKeystoreService::DEL, data, &reply);
483 if (status != NO_ERROR) {
484 ALOGD("del() could not contact remote: %d\n", status);
485 return -1;
486 }
487 int32_t err = reply.readExceptionCode();
488 int32_t ret = reply.readInt32();
489 if (err < 0) {
490 ALOGD("del() caught exception %d\n", err);
491 return -1;
492 }
493 return ret;
494 }
495
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]496 virtual int32_t exist(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]497 {
498 Parcel data, reply;
499 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
500 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]501 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]502 status_t status = remote()->transact(BnKeystoreService::EXIST, data, &reply);
503 if (status != NO_ERROR) {
504 ALOGD("exist() could not contact remote: %d\n", status);
505 return -1;
506 }
507 int32_t err = reply.readExceptionCode();
508 int32_t ret = reply.readInt32();
509 if (err < 0) {
510 ALOGD("exist() caught exception %d\n", err);
511 return -1;
512 }
513 return ret;
514 }
515
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]516 virtual int32_t list(const String16& prefix, int uid, Vector<String16>* matches)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]517 {
518 Parcel data, reply;
519 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]520 data.writeString16(prefix);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]521 data.writeInt32(uid);
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]522 status_t status = remote()->transact(BnKeystoreService::LIST, data, &reply);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]523 if (status != NO_ERROR) {
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]524 ALOGD("list() could not contact remote: %d\n", status);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]525 return -1;
526 }
527 int32_t err = reply.readExceptionCode();
528 int32_t numMatches = reply.readInt32();
529 for (int32_t i = 0; i < numMatches; i++) {
530 matches->push(reply.readString16());
531 }
532 int32_t ret = reply.readInt32();
533 if (err < 0) {
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]534 ALOGD("list() caught exception %d\n", err);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]535 return -1;
536 }
537 return ret;
538 }
539
540 virtual int32_t reset()
541 {
542 Parcel data, reply;
543 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
544 status_t status = remote()->transact(BnKeystoreService::RESET, data, &reply);
545 if (status != NO_ERROR) {
546 ALOGD("reset() could not contact remote: %d\n", status);
547 return -1;
548 }
549 int32_t err = reply.readExceptionCode();
550 int32_t ret = reply.readInt32();
551 if (err < 0) {
552 ALOGD("reset() caught exception %d\n", err);
553 return -1;
554 }
555 return ret;
556 }
557
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]558 virtual int32_t onUserPasswordChanged(int32_t userId, const String16& password)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]559 {
560 Parcel data, reply;
561 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]562 data.writeInt32(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]563 data.writeString16(password);
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]564 status_t status = remote()->transact(BnKeystoreService::ON_USER_PASSWORD_CHANGED, data,
565 &reply);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]566 if (status != NO_ERROR) {
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]567 ALOGD("onUserPasswordChanged() could not contact remote: %d\n", status);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]568 return -1;
569 }
570 int32_t err = reply.readExceptionCode();
571 int32_t ret = reply.readInt32();
572 if (err < 0) {
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]573 ALOGD("onUserPasswordChanged() caught exception %d\n", err);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]574 return -1;
575 }
576 return ret;
577 }
578
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]579 virtual int32_t lock(int32_t userId)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]580 {
581 Parcel data, reply;
582 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]583 data.writeInt32(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]584 status_t status = remote()->transact(BnKeystoreService::LOCK, data, &reply);
585 if (status != NO_ERROR) {
586 ALOGD("lock() could not contact remote: %d\n", status);
587 return -1;
588 }
589 int32_t err = reply.readExceptionCode();
590 int32_t ret = reply.readInt32();
591 if (err < 0) {
592 ALOGD("lock() caught exception %d\n", err);
593 return -1;
594 }
595 return ret;
596 }
597
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]598 virtual int32_t unlock(int32_t userId, const String16& password)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]599 {
600 Parcel data, reply;
601 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]602 data.writeInt32(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]603 data.writeString16(password);
604 status_t status = remote()->transact(BnKeystoreService::UNLOCK, data, &reply);
605 if (status != NO_ERROR) {
606 ALOGD("unlock() could not contact remote: %d\n", status);
607 return -1;
608 }
609 int32_t err = reply.readExceptionCode();
610 int32_t ret = reply.readInt32();
611 if (err < 0) {
612 ALOGD("unlock() caught exception %d\n", err);
613 return -1;
614 }
615 return ret;
616 }
617
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]618 virtual bool isEmpty(int32_t userId)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]619 {
620 Parcel data, reply;
621 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]622 data.writeInt32(userId);
623 status_t status = remote()->transact(BnKeystoreService::IS_EMPTY, data, &reply);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]624 if (status != NO_ERROR) {
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]625 ALOGD("isEmpty() could not contact remote: %d\n", status);
626 return false;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]627 }
628 int32_t err = reply.readExceptionCode();
629 int32_t ret = reply.readInt32();
630 if (err < 0) {
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]631 ALOGD("isEmpty() caught exception %d\n", err);
632 return false;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]633 }
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]634 return ret != 0;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]635 }
636
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]637 virtual int32_t generate(const String16& name, int32_t uid, int32_t keyType, int32_t keySize,
638 int32_t flags, Vector<sp<KeystoreArg> >* args)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]639 {
640 Parcel data, reply;
641 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
642 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]643 data.writeInt32(uid);
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]644 data.writeInt32(keyType);
645 data.writeInt32(keySize);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]646 data.writeInt32(flags);
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]647 data.writeInt32(1);
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]648 data.writeInt32(args->size());
649 for (Vector<sp<KeystoreArg> >::iterator it = args->begin(); it != args->end(); ++it) {
650 sp<KeystoreArg> item = *it;
651 size_t keyLength = item->size();
652 data.writeInt32(keyLength);
653 void* buf = data.writeInplace(keyLength);
654 memcpy(buf, item->data(), keyLength);
655 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]656 status_t status = remote()->transact(BnKeystoreService::GENERATE, data, &reply);
657 if (status != NO_ERROR) {
658 ALOGD("generate() could not contact remote: %d\n", status);
659 return -1;
660 }
661 int32_t err = reply.readExceptionCode();
662 int32_t ret = reply.readInt32();
663 if (err < 0) {
664 ALOGD("generate() caught exception %d\n", err);
665 return -1;
666 }
667 return ret;
668 }
669
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]670 virtual int32_t import(const String16& name, const uint8_t* key, size_t keyLength, int uid,
671 int flags)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]672 {
673 Parcel data, reply;
674 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
675 data.writeString16(name);
676 data.writeInt32(keyLength);
677 void* buf = data.writeInplace(keyLength);
678 memcpy(buf, key, keyLength);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]679 data.writeInt32(uid);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]680 data.writeInt32(flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]681 status_t status = remote()->transact(BnKeystoreService::IMPORT, data, &reply);
682 if (status != NO_ERROR) {
683 ALOGD("import() could not contact remote: %d\n", status);
684 return -1;
685 }
686 int32_t err = reply.readExceptionCode();
687 int32_t ret = reply.readInt32();
688 if (err < 0) {
689 ALOGD("import() caught exception %d\n", err);
690 return -1;
691 }
692 return ret;
693 }
694
695 virtual int32_t sign(const String16& name, const uint8_t* in, size_t inLength, uint8_t** out,
696 size_t* outLength)
697 {
698 Parcel data, reply;
699 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
700 data.writeString16(name);
701 data.writeInt32(inLength);
702 void* buf = data.writeInplace(inLength);
703 memcpy(buf, in, inLength);
704 status_t status = remote()->transact(BnKeystoreService::SIGN, data, &reply);
705 if (status != NO_ERROR) {
706 ALOGD("import() could not contact remote: %d\n", status);
707 return -1;
708 }
709 int32_t err = reply.readExceptionCode();
710 ssize_t len = reply.readInt32();
711 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
712 size_t ulen = (size_t) len;
713 const void* outBuf = reply.readInplace(ulen);
714 *out = (uint8_t*) malloc(ulen);
715 if (*out != NULL) {
716 memcpy((void*) *out, outBuf, ulen);
717 *outLength = ulen;
718 } else {
719 ALOGE("out of memory allocating output array in sign");
720 *outLength = 0;
721 }
722 } else {
723 *outLength = 0;
724 }
725 if (err < 0) {
726 ALOGD("import() caught exception %d\n", err);
727 return -1;
728 }
729 return 0;
730 }
731
732 virtual int32_t verify(const String16& name, const uint8_t* in, size_t inLength,
733 const uint8_t* signature, size_t signatureLength)
734 {
735 Parcel data, reply;
736 void* buf;
737
738 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
739 data.writeString16(name);
740 data.writeInt32(inLength);
741 buf = data.writeInplace(inLength);
742 memcpy(buf, in, inLength);
743 data.writeInt32(signatureLength);
744 buf = data.writeInplace(signatureLength);
745 memcpy(buf, signature, signatureLength);
746 status_t status = remote()->transact(BnKeystoreService::VERIFY, data, &reply);
747 if (status != NO_ERROR) {
748 ALOGD("verify() could not contact remote: %d\n", status);
749 return -1;
750 }
751 int32_t err = reply.readExceptionCode();
752 int32_t ret = reply.readInt32();
753 if (err < 0) {
754 ALOGD("verify() caught exception %d\n", err);
755 return -1;
756 }
757 return ret;
758 }
759
760 virtual int32_t get_pubkey(const String16& name, uint8_t** pubkey, size_t* pubkeyLength)
761 {
762 Parcel data, reply;
763 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
764 data.writeString16(name);
765 status_t status = remote()->transact(BnKeystoreService::GET_PUBKEY, data, &reply);
766 if (status != NO_ERROR) {
767 ALOGD("get_pubkey() could not contact remote: %d\n", status);
768 return -1;
769 }
770 int32_t err = reply.readExceptionCode();
771 ssize_t len = reply.readInt32();
772 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
773 size_t ulen = (size_t) len;
774 const void* buf = reply.readInplace(ulen);
775 *pubkey = (uint8_t*) malloc(ulen);
776 if (*pubkey != NULL) {
777 memcpy(*pubkey, buf, ulen);
778 *pubkeyLength = ulen;
779 } else {
780 ALOGE("out of memory allocating output array in get_pubkey");
781 *pubkeyLength = 0;
782 }
783 } else {
784 *pubkeyLength = 0;
785 }
786 if (err < 0) {
787 ALOGD("get_pubkey() caught exception %d\n", err);
788 return -1;
789 }
790 return 0;
791 }
792
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]793 virtual int32_t grant(const String16& name, int32_t granteeUid)
794 {
795 Parcel data, reply;
796 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
797 data.writeString16(name);
798 data.writeInt32(granteeUid);
799 status_t status = remote()->transact(BnKeystoreService::GRANT, data, &reply);
800 if (status != NO_ERROR) {
801 ALOGD("grant() could not contact remote: %d\n", status);
802 return -1;
803 }
804 int32_t err = reply.readExceptionCode();
805 int32_t ret = reply.readInt32();
806 if (err < 0) {
807 ALOGD("grant() caught exception %d\n", err);
808 return -1;
809 }
810 return ret;
811 }
812
813 virtual int32_t ungrant(const String16& name, int32_t granteeUid)
814 {
815 Parcel data, reply;
816 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
817 data.writeString16(name);
818 data.writeInt32(granteeUid);
819 status_t status = remote()->transact(BnKeystoreService::UNGRANT, data, &reply);
820 if (status != NO_ERROR) {
821 ALOGD("ungrant() could not contact remote: %d\n", status);
822 return -1;
823 }
824 int32_t err = reply.readExceptionCode();
825 int32_t ret = reply.readInt32();
826 if (err < 0) {
827 ALOGD("ungrant() caught exception %d\n", err);
828 return -1;
829 }
830 return ret;
831 }
832
833 int64_t getmtime(const String16& name)
834 {
835 Parcel data, reply;
836 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
837 data.writeString16(name);
838 status_t status = remote()->transact(BnKeystoreService::GETMTIME, data, &reply);
839 if (status != NO_ERROR) {
840 ALOGD("getmtime() could not contact remote: %d\n", status);
841 return -1;
842 }
843 int32_t err = reply.readExceptionCode();
844 int64_t ret = reply.readInt64();
845 if (err < 0) {
846 ALOGD("getmtime() caught exception %d\n", err);
847 return -1;
848 }
849 return ret;
850 }
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]851
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]852 virtual int32_t duplicate(const String16& srcKey, int32_t srcUid, const String16& destKey,
853 int32_t destUid)
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]854 {
855 Parcel data, reply;
856 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]857 data.writeString16(srcKey);
858 data.writeInt32(srcUid);
859 data.writeString16(destKey);
860 data.writeInt32(destUid);
861 status_t status = remote()->transact(BnKeystoreService::DUPLICATE, data, &reply);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]862 if (status != NO_ERROR) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]863 ALOGD("duplicate() could not contact remote: %d\n", status);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]864 return -1;
865 }
866 int32_t err = reply.readExceptionCode();
867 int32_t ret = reply.readInt32();
868 if (err < 0) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]869 ALOGD("duplicate() caught exception %d\n", err);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]870 return -1;
871 }
872 return ret;
873 }
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]874
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]875 virtual int32_t is_hardware_backed(const String16& keyType)
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]876 {
877 Parcel data, reply;
878 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]879 data.writeString16(keyType);
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]880 status_t status = remote()->transact(BnKeystoreService::IS_HARDWARE_BACKED, data, &reply);
881 if (status != NO_ERROR) {
882 ALOGD("is_hardware_backed() could not contact remote: %d\n", status);
883 return -1;
884 }
885 int32_t err = reply.readExceptionCode();
886 int32_t ret = reply.readInt32();
887 if (err < 0) {
888 ALOGD("is_hardware_backed() caught exception %d\n", err);
889 return -1;
890 }
891 return ret;
892 }
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]893
894 virtual int32_t clear_uid(int64_t uid)
895 {
896 Parcel data, reply;
897 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
898 data.writeInt64(uid);
899 status_t status = remote()->transact(BnKeystoreService::CLEAR_UID, data, &reply);
900 if (status != NO_ERROR) {
901 ALOGD("clear_uid() could not contact remote: %d\n", status);
902 return -1;
903 }
904 int32_t err = reply.readExceptionCode();
905 int32_t ret = reply.readInt32();
906 if (err < 0) {
907 ALOGD("clear_uid() caught exception %d\n", err);
908 return -1;
909 }
910 return ret;
911 }
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]912
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]913 virtual int32_t addRngEntropy(const uint8_t* buf, size_t bufLength)
914 {
915 Parcel data, reply;
916 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]917 data.writeByteArray(bufLength, buf);
918 status_t status = remote()->transact(BnKeystoreService::ADD_RNG_ENTROPY, data, &reply);
919 if (status != NO_ERROR) {
920 ALOGD("addRngEntropy() could not contact remote: %d\n", status);
921 return -1;
922 }
923 int32_t err = reply.readExceptionCode();
924 int32_t ret = reply.readInt32();
925 if (err < 0) {
926 ALOGD("addRngEntropy() caught exception %d\n", err);
927 return -1;
928 }
929 return ret;
930 };
931
932 virtual int32_t generateKey(const String16& name, const KeymasterArguments& params,
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]933 const uint8_t* entropy, size_t entropyLength, int uid, int flags,
934 KeyCharacteristics* outCharacteristics)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]935 {
936 Parcel data, reply;
937 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
938 data.writeString16(name);
939 data.writeInt32(1);
940 params.writeToParcel(&data);
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]941 data.writeByteArray(entropyLength, entropy);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]942 data.writeInt32(uid);
943 data.writeInt32(flags);
944 status_t status = remote()->transact(BnKeystoreService::GENERATE_KEY, data, &reply);
945 if (status != NO_ERROR) {
946 ALOGD("generateKey() could not contact remote: %d\n", status);
947 return KM_ERROR_UNKNOWN_ERROR;
948 }
949 int32_t err = reply.readExceptionCode();
950 int32_t ret = reply.readInt32();
951 if (err < 0) {
952 ALOGD("generateKey() caught exception %d\n", err);
953 return KM_ERROR_UNKNOWN_ERROR;
954 }
955 if (reply.readInt32() != 0 && outCharacteristics) {
956 outCharacteristics->readFromParcel(reply);
957 }
958 return ret;
959 }
960 virtual int32_t getKeyCharacteristics(const String16& name,
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]961 const keymaster_blob_t* clientId,
962 const keymaster_blob_t* appData,
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]963 KeyCharacteristics* outCharacteristics)
964 {
965 Parcel data, reply;
966 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
967 data.writeString16(name);
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]968 if (clientId) {
969 data.writeByteArray(clientId->data_length, clientId->data);
970 } else {
971 data.writeInt32(-1);
972 }
973 if (appData) {
974 data.writeByteArray(appData->data_length, appData->data);
975 } else {
976 data.writeInt32(-1);
977 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]978 status_t status = remote()->transact(BnKeystoreService::GET_KEY_CHARACTERISTICS,
979 data, &reply);
980 if (status != NO_ERROR) {
981 ALOGD("getKeyCharacteristics() could not contact remote: %d\n", status);
982 return KM_ERROR_UNKNOWN_ERROR;
983 }
984 int32_t err = reply.readExceptionCode();
985 int32_t ret = reply.readInt32();
986 if (err < 0) {
987 ALOGD("getKeyCharacteristics() caught exception %d\n", err);
988 return KM_ERROR_UNKNOWN_ERROR;
989 }
990 if (reply.readInt32() != 0 && outCharacteristics) {
991 outCharacteristics->readFromParcel(reply);
992 }
993 return ret;
994 }
995 virtual int32_t importKey(const String16& name, const KeymasterArguments& params,
996 keymaster_key_format_t format, const uint8_t *keyData,
997 size_t keyLength, int uid, int flags,
998 KeyCharacteristics* outCharacteristics)
999 {
1000 Parcel data, reply;
1001 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1002 data.writeString16(name);
1003 data.writeInt32(1);
1004 params.writeToParcel(&data);
1005 data.writeInt32(format);
1006 data.writeByteArray(keyLength, keyData);
1007 data.writeInt32(uid);
1008 data.writeInt32(flags);
1009 status_t status = remote()->transact(BnKeystoreService::IMPORT_KEY, data, &reply);
1010 if (status != NO_ERROR) {
1011 ALOGD("importKey() could not contact remote: %d\n", status);
1012 return KM_ERROR_UNKNOWN_ERROR;
1013 }
1014 int32_t err = reply.readExceptionCode();
1015 int32_t ret = reply.readInt32();
1016 if (err < 0) {
1017 ALOGD("importKey() caught exception %d\n", err);
1018 return KM_ERROR_UNKNOWN_ERROR;
1019 }
1020 if (reply.readInt32() != 0 && outCharacteristics) {
1021 outCharacteristics->readFromParcel(reply);
1022 }
1023 return ret;
1024 }
1025
1026 virtual void exportKey(const String16& name, keymaster_key_format_t format,
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1027 const keymaster_blob_t* clientId,
1028 const keymaster_blob_t* appData, ExportResult* result)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1029 {
1030 if (!result) {
1031 return;
1032 }
1033
1034 Parcel data, reply;
1035 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1036 data.writeString16(name);
1037 data.writeInt32(format);
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1038 if (clientId) {
1039 data.writeByteArray(clientId->data_length, clientId->data);
1040 } else {
1041 data.writeInt32(-1);
1042 }
1043 if (appData) {
1044 data.writeByteArray(appData->data_length, appData->data);
1045 } else {
1046 data.writeInt32(-1);
1047 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1048 status_t status = remote()->transact(BnKeystoreService::EXPORT_KEY, data, &reply);
1049 if (status != NO_ERROR) {
1050 ALOGD("exportKey() could not contact remote: %d\n", status);
1051 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1052 return;
1053 }
1054 int32_t err = reply.readExceptionCode();
1055 if (err < 0) {
1056 ALOGD("exportKey() caught exception %d\n", err);
1057 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1058 return;
1059 }
1060 if (reply.readInt32() != 0) {
1061 result->readFromParcel(reply);
1062 }
1063 }
1064
1065 virtual void begin(const sp<IBinder>& appToken, const String16& name,
1066 keymaster_purpose_t purpose, bool pruneable,
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1067 const KeymasterArguments& params, const uint8_t* entropy,
1068 size_t entropyLength, KeymasterArguments* outParams,
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1069 OperationResult* result)
1070 {
1071 if (!result || !outParams) {
1072 return;
1073 }
1074 Parcel data, reply;
1075 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1076 data.writeStrongBinder(appToken);
1077 data.writeString16(name);
1078 data.writeInt32(purpose);
1079 data.writeInt32(pruneable ? 1 : 0);
1080 data.writeInt32(1);
1081 params.writeToParcel(&data);
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1082 data.writeByteArray(entropyLength, entropy);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1083 status_t status = remote()->transact(BnKeystoreService::BEGIN, data, &reply);
1084 if (status != NO_ERROR) {
1085 ALOGD("begin() could not contact remote: %d\n", status);
1086 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1087 return;
1088 }
1089 int32_t err = reply.readExceptionCode();
1090 if (err < 0) {
1091 ALOGD("begin() caught exception %d\n", err);
1092 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1093 return;
1094 }
1095 if (reply.readInt32() != 0) {
1096 result->readFromParcel(reply);
1097 }
1098 if (reply.readInt32() != 0) {
1099 outParams->readFromParcel(reply);
1100 }
1101 }
1102
1103 virtual void update(const sp<IBinder>& token, const KeymasterArguments& params,
Chad Brubaker40a1a9b2015-02-20 14:08:13 -0800[diff] [blame]1104 const uint8_t* opData, size_t dataLength, OperationResult* result)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1105 {
1106 if (!result) {
1107 return;
1108 }
1109 Parcel data, reply;
1110 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1111 data.writeStrongBinder(token);
1112 data.writeInt32(1);
1113 params.writeToParcel(&data);
1114 data.writeByteArray(dataLength, opData);
1115 status_t status = remote()->transact(BnKeystoreService::UPDATE, data, &reply);
1116 if (status != NO_ERROR) {
1117 ALOGD("update() could not contact remote: %d\n", status);
1118 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1119 return;
1120 }
1121 int32_t err = reply.readExceptionCode();
1122 if (err < 0) {
1123 ALOGD("update() caught exception %d\n", err);
1124 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1125 return;
1126 }
1127 if (reply.readInt32() != 0) {
1128 result->readFromParcel(reply);
1129 }
1130 }
1131
1132 virtual void finish(const sp<IBinder>& token, const KeymasterArguments& params,
Chad Brubaker8cfb8ac2015-05-29 12:30:19 -0700[diff] [blame]1133 const uint8_t* signature, size_t signatureLength,
1134 const uint8_t* entropy, size_t entropyLength,
1135 OperationResult* result)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1136 {
1137 if (!result) {
1138 return;
1139 }
1140 Parcel data, reply;
1141 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1142 data.writeStrongBinder(token);
1143 data.writeInt32(1);
1144 params.writeToParcel(&data);
1145 data.writeByteArray(signatureLength, signature);
Chad Brubaker8cfb8ac2015-05-29 12:30:19 -0700[diff] [blame]1146 data.writeByteArray(entropyLength, entropy);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1147 status_t status = remote()->transact(BnKeystoreService::FINISH, data, &reply);
1148 if (status != NO_ERROR) {
1149 ALOGD("finish() could not contact remote: %d\n", status);
1150 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1151 return;
1152 }
1153 int32_t err = reply.readExceptionCode();
1154 if (err < 0) {
1155 ALOGD("finish() caught exception %d\n", err);
1156 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1157 return;
1158 }
1159 if (reply.readInt32() != 0) {
1160 result->readFromParcel(reply);
1161 }
1162 }
1163
1164 virtual int32_t abort(const sp<IBinder>& token)
1165 {
1166 Parcel data, reply;
1167 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1168 data.writeStrongBinder(token);
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1169 status_t status = remote()->transact(BnKeystoreService::ABORT, data, &reply);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1170 if (status != NO_ERROR) {
1171 ALOGD("abort() could not contact remote: %d\n", status);
1172 return KM_ERROR_UNKNOWN_ERROR;
1173 }
1174 int32_t err = reply.readExceptionCode();
1175 int32_t ret = reply.readInt32();
1176 if (err < 0) {
1177 ALOGD("abort() caught exception %d\n", err);
1178 return KM_ERROR_UNKNOWN_ERROR;
1179 }
1180 return ret;
1181 }
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1182
1183 virtual bool isOperationAuthorized(const sp<IBinder>& token)
1184 {
1185 Parcel data, reply;
1186 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1187 data.writeStrongBinder(token);
1188 status_t status = remote()->transact(BnKeystoreService::IS_OPERATION_AUTHORIZED, data,
1189 &reply);
1190 if (status != NO_ERROR) {
1191 ALOGD("isOperationAuthorized() could not contact remote: %d\n", status);
1192 return false;
1193 }
1194 int32_t err = reply.readExceptionCode();
1195 int32_t ret = reply.readInt32();
1196 if (err < 0) {
1197 ALOGD("isOperationAuthorized() caught exception %d\n", err);
1198 return false;
1199 }
1200 return ret == 1;
1201 }
1202
1203 virtual int32_t addAuthToken(const uint8_t* token, size_t length)
1204 {
1205 Parcel data, reply;
1206 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1207 data.writeByteArray(length, token);
1208 status_t status = remote()->transact(BnKeystoreService::ADD_AUTH_TOKEN, data, &reply);
1209 if (status != NO_ERROR) {
1210 ALOGD("addAuthToken() could not contact remote: %d\n", status);
1211 return -1;
1212 }
1213 int32_t err = reply.readExceptionCode();
1214 int32_t ret = reply.readInt32();
1215 if (err < 0) {
1216 ALOGD("addAuthToken() caught exception %d\n", err);
1217 return -1;
1218 }
1219 return ret;
1220 };
Chad Brubakerfd777e72015-05-12 10:43:10 -0700[diff] [blame]1221
1222 virtual int32_t onUserAdded(int32_t userId, int32_t parentId)
1223 {
1224 Parcel data, reply;
1225 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1226 data.writeInt32(userId);
1227 data.writeInt32(parentId);
1228 status_t status = remote()->transact(BnKeystoreService::ON_USER_ADDED, data, &reply);
1229 if (status != NO_ERROR) {
1230 ALOGD("onUserAdded() could not contact remote: %d\n", status);
1231 return -1;
1232 }
1233 int32_t err = reply.readExceptionCode();
1234 int32_t ret = reply.readInt32();
1235 if (err < 0) {
1236 ALOGD("onUserAdded() caught exception %d\n", err);
1237 return -1;
1238 }
1239 return ret;
1240 }
1241
1242 virtual int32_t onUserRemoved(int32_t userId)
1243 {
1244 Parcel data, reply;
1245 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1246 data.writeInt32(userId);
1247 status_t status = remote()->transact(BnKeystoreService::ON_USER_REMOVED, data, &reply);
1248 if (status != NO_ERROR) {
1249 ALOGD("onUserRemoved() could not contact remote: %d\n", status);
1250 return -1;
1251 }
1252 int32_t err = reply.readExceptionCode();
1253 int32_t ret = reply.readInt32();
1254 if (err < 0) {
1255 ALOGD("onUserRemoved() caught exception %d\n", err);
1256 return -1;
1257 }
1258 return ret;
1259 }
1260
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1261};
1262
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]1263IMPLEMENT_META_INTERFACE(KeystoreService, "android.security.IKeystoreService");
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1264
1265// ----------------------------------------------------------------------
1266
1267status_t BnKeystoreService::onTransact(
1268 uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags)
1269{
1270 switch(code) {
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]1271 case GET_STATE: {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1272 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]1273 int32_t userId = data.readInt32();
1274 int32_t ret = getState(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1275 reply->writeNoException();
1276 reply->writeInt32(ret);
1277 return NO_ERROR;
1278 } break;
1279 case GET: {
1280 CHECK_INTERFACE(IKeystoreService, data, reply);
1281 String16 name = data.readString16();
1282 void* out = NULL;
1283 size_t outSize = 0;
1284 int32_t ret = get(name, (uint8_t**) &out, &outSize);
1285 reply->writeNoException();
1286 if (ret == 1) {
1287 reply->writeInt32(outSize);
1288 void* buf = reply->writeInplace(outSize);
1289 memcpy(buf, out, outSize);
1290 free(out);
1291 } else {
1292 reply->writeInt32(-1);
1293 }
1294 return NO_ERROR;
1295 } break;
1296 case INSERT: {
1297 CHECK_INTERFACE(IKeystoreService, data, reply);
1298 String16 name = data.readString16();
1299 ssize_t inSize = data.readInt32();
1300 const void* in;
1301 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1302 in = data.readInplace(inSize);
1303 } else {
1304 in = NULL;
1305 inSize = 0;
1306 }
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1307 int uid = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]1308 int32_t flags = data.readInt32();
1309 int32_t ret = insert(name, (const uint8_t*) in, (size_t) inSize, uid, flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1310 reply->writeNoException();
1311 reply->writeInt32(ret);
1312 return NO_ERROR;
1313 } break;
1314 case DEL: {
1315 CHECK_INTERFACE(IKeystoreService, data, reply);
1316 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1317 int uid = data.readInt32();
1318 int32_t ret = del(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1319 reply->writeNoException();
1320 reply->writeInt32(ret);
1321 return NO_ERROR;
1322 } break;
1323 case EXIST: {
1324 CHECK_INTERFACE(IKeystoreService, data, reply);
1325 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1326 int uid = data.readInt32();
1327 int32_t ret = exist(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1328 reply->writeNoException();
1329 reply->writeInt32(ret);
1330 return NO_ERROR;
1331 } break;
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]1332 case LIST: {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1333 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]1334 String16 prefix = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1335 int uid = data.readInt32();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1336 Vector<String16> matches;
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]1337 int32_t ret = list(prefix, uid, &matches);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1338 reply->writeNoException();
1339 reply->writeInt32(matches.size());
1340 Vector<String16>::const_iterator it = matches.begin();
1341 for (; it != matches.end(); ++it) {
1342 reply->writeString16(*it);
1343 }
1344 reply->writeInt32(ret);
1345 return NO_ERROR;
1346 } break;
1347 case RESET: {
1348 CHECK_INTERFACE(IKeystoreService, data, reply);
1349 int32_t ret = reset();
1350 reply->writeNoException();
1351 reply->writeInt32(ret);
1352 return NO_ERROR;
1353 } break;
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]1354 case ON_USER_PASSWORD_CHANGED: {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1355 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]1356 int32_t userId = data.readInt32();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1357 String16 pass = data.readString16();
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]1358 int32_t ret = onUserPasswordChanged(userId, pass);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1359 reply->writeNoException();
1360 reply->writeInt32(ret);
1361 return NO_ERROR;
1362 } break;
1363 case LOCK: {
1364 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]1365 int32_t userId = data.readInt32();
1366 int32_t ret = lock(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1367 reply->writeNoException();
1368 reply->writeInt32(ret);
1369 return NO_ERROR;
1370 } break;
1371 case UNLOCK: {
1372 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]1373 int32_t userId = data.readInt32();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1374 String16 pass = data.readString16();
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]1375 int32_t ret = unlock(userId, pass);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1376 reply->writeNoException();
1377 reply->writeInt32(ret);
1378 return NO_ERROR;
1379 } break;
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]1380 case IS_EMPTY: {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1381 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]1382 int32_t userId = data.readInt32();
1383 bool ret = isEmpty(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1384 reply->writeNoException();
Chad Brubaker94436162015-05-12 15:18:26 -0700[diff] [blame]1385 reply->writeInt32(ret ? 1 : 0);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1386 return NO_ERROR;
1387 } break;
1388 case GENERATE: {
1389 CHECK_INTERFACE(IKeystoreService, data, reply);
1390 String16 name = data.readString16();
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1391 int32_t uid = data.readInt32();
1392 int32_t keyType = data.readInt32();
1393 int32_t keySize = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]1394 int32_t flags = data.readInt32();
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1395 Vector<sp<KeystoreArg> > args;
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]1396 int32_t argsPresent = data.readInt32();
1397 if (argsPresent == 1) {
1398 ssize_t numArgs = data.readInt32();
1399 if (numArgs > 0) {
1400 for (size_t i = 0; i < (size_t) numArgs; i++) {
1401 ssize_t inSize = data.readInt32();
1402 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1403 sp<KeystoreArg> arg = new KeystoreArg(data.readInplace(inSize),
1404 inSize);
1405 args.push_back(arg);
1406 } else {
1407 args.push_back(NULL);
1408 }
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1409 }
1410 }
1411 }
1412 int32_t ret = generate(name, uid, keyType, keySize, flags, &args);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1413 reply->writeNoException();
1414 reply->writeInt32(ret);
1415 return NO_ERROR;
1416 } break;
1417 case IMPORT: {
1418 CHECK_INTERFACE(IKeystoreService, data, reply);
1419 String16 name = data.readString16();
1420 ssize_t inSize = data.readInt32();
1421 const void* in;
1422 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1423 in = data.readInplace(inSize);
1424 } else {
1425 in = NULL;
1426 inSize = 0;
1427 }
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1428 int uid = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]1429 int32_t flags = data.readInt32();
1430 int32_t ret = import(name, (const uint8_t*) in, (size_t) inSize, uid, flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1431 reply->writeNoException();
1432 reply->writeInt32(ret);
1433 return NO_ERROR;
1434 } break;
1435 case SIGN: {
1436 CHECK_INTERFACE(IKeystoreService, data, reply);
1437 String16 name = data.readString16();
1438 ssize_t inSize = data.readInt32();
1439 const void* in;
1440 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1441 in = data.readInplace(inSize);
1442 } else {
1443 in = NULL;
1444 inSize = 0;
1445 }
1446 void* out = NULL;
1447 size_t outSize = 0;
1448 int32_t ret = sign(name, (const uint8_t*) in, (size_t) inSize, (uint8_t**) &out, &outSize);
1449 reply->writeNoException();
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1450 if (outSize > 0 && out != NULL) {
1451 reply->writeInt32(outSize);
1452 void* buf = reply->writeInplace(outSize);
1453 memcpy(buf, out, outSize);
1454 free(out);
1455 } else {
Kenny Roote289c402013-02-14 11:31:53 -0800[diff] [blame]1456 reply->writeInt32(-1);
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1457 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1458 reply->writeInt32(ret);
1459 return NO_ERROR;
1460 } break;
1461 case VERIFY: {
1462 CHECK_INTERFACE(IKeystoreService, data, reply);
1463 String16 name = data.readString16();
1464 ssize_t inSize = data.readInt32();
1465 const void* in;
1466 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1467 in = data.readInplace(inSize);
1468 } else {
1469 in = NULL;
1470 inSize = 0;
1471 }
1472 ssize_t sigSize = data.readInt32();
1473 const void* sig;
1474 if (sigSize >= 0 && (size_t) sigSize <= data.dataAvail()) {
1475 sig = data.readInplace(sigSize);
1476 } else {
1477 sig = NULL;
1478 sigSize = 0;
1479 }
1480 bool ret = verify(name, (const uint8_t*) in, (size_t) inSize, (const uint8_t*) sig,
1481 (size_t) sigSize);
1482 reply->writeNoException();
1483 reply->writeInt32(ret ? 1 : 0);
1484 return NO_ERROR;
1485 } break;
1486 case GET_PUBKEY: {
1487 CHECK_INTERFACE(IKeystoreService, data, reply);
1488 String16 name = data.readString16();
1489 void* out = NULL;
1490 size_t outSize = 0;
1491 int32_t ret = get_pubkey(name, (unsigned char**) &out, &outSize);
1492 reply->writeNoException();
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1493 if (outSize > 0 && out != NULL) {
1494 reply->writeInt32(outSize);
1495 void* buf = reply->writeInplace(outSize);
1496 memcpy(buf, out, outSize);
1497 free(out);
1498 } else {
Kenny Roote289c402013-02-14 11:31:53 -0800[diff] [blame]1499 reply->writeInt32(-1);
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1500 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1501 reply->writeInt32(ret);
1502 return NO_ERROR;
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1503 } break;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1504 case GRANT: {
1505 CHECK_INTERFACE(IKeystoreService, data, reply);
1506 String16 name = data.readString16();
1507 int32_t granteeUid = data.readInt32();
1508 int32_t ret = grant(name, granteeUid);
1509 reply->writeNoException();
1510 reply->writeInt32(ret);
1511 return NO_ERROR;
1512 } break;
1513 case UNGRANT: {
1514 CHECK_INTERFACE(IKeystoreService, data, reply);
1515 String16 name = data.readString16();
1516 int32_t granteeUid = data.readInt32();
1517 int32_t ret = ungrant(name, granteeUid);
1518 reply->writeNoException();
1519 reply->writeInt32(ret);
1520 return NO_ERROR;
1521 } break;
1522 case GETMTIME: {
1523 CHECK_INTERFACE(IKeystoreService, data, reply);
1524 String16 name = data.readString16();
1525 int64_t ret = getmtime(name);
1526 reply->writeNoException();
1527 reply->writeInt64(ret);
1528 return NO_ERROR;
1529 } break;
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]1530 case DUPLICATE: {
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]1531 CHECK_INTERFACE(IKeystoreService, data, reply);
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]1532 String16 srcKey = data.readString16();
1533 int32_t srcUid = data.readInt32();
1534 String16 destKey = data.readString16();
1535 int32_t destUid = data.readInt32();
1536 int32_t ret = duplicate(srcKey, srcUid, destKey, destUid);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]1537 reply->writeNoException();
1538 reply->writeInt32(ret);
1539 return NO_ERROR;
1540 } break;
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]1541 case IS_HARDWARE_BACKED: {
1542 CHECK_INTERFACE(IKeystoreService, data, reply);
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]1543 String16 keyType = data.readString16();
1544 int32_t ret = is_hardware_backed(keyType);
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]1545 reply->writeNoException();
1546 reply->writeInt32(ret);
1547 return NO_ERROR;
1548 }
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]1549 case CLEAR_UID: {
1550 CHECK_INTERFACE(IKeystoreService, data, reply);
1551 int64_t uid = data.readInt64();
1552 int32_t ret = clear_uid(uid);
1553 reply->writeNoException();
1554 reply->writeInt32(ret);
1555 return NO_ERROR;
1556 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1557 case ADD_RNG_ENTROPY: {
1558 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1559 const uint8_t* bytes = NULL;
1560 size_t size = 0;
1561 readByteArray(data, &bytes, &size);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1562 int32_t ret = addRngEntropy(bytes, size);
1563 reply->writeNoException();
1564 reply->writeInt32(ret);
1565 return NO_ERROR;
1566 }
1567 case GENERATE_KEY: {
1568 CHECK_INTERFACE(IKeystoreService, data, reply);
1569 String16 name = data.readString16();
1570 KeymasterArguments args;
1571 if (data.readInt32() != 0) {
1572 args.readFromParcel(data);
1573 }
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1574 const uint8_t* entropy = NULL;
1575 size_t entropyLength = 0;
1576 readByteArray(data, &entropy, &entropyLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1577 int32_t uid = data.readInt32();
1578 int32_t flags = data.readInt32();
1579 KeyCharacteristics outCharacteristics;
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1580 int32_t ret = generateKey(name, args, entropy, entropyLength, uid, flags,
1581 &outCharacteristics);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1582 reply->writeNoException();
1583 reply->writeInt32(ret);
1584 reply->writeInt32(1);
1585 outCharacteristics.writeToParcel(reply);
1586 return NO_ERROR;
1587 }
1588 case GET_KEY_CHARACTERISTICS: {
1589 CHECK_INTERFACE(IKeystoreService, data, reply);
1590 String16 name = data.readString16();
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1591 std::unique_ptr<keymaster_blob_t> clientId = readKeymasterBlob(data);
1592 std::unique_ptr<keymaster_blob_t> appData = readKeymasterBlob(data);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1593 KeyCharacteristics outCharacteristics;
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1594 int ret = getKeyCharacteristics(name, clientId.get(), appData.get(),
1595 &outCharacteristics);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1596 reply->writeNoException();
1597 reply->writeInt32(ret);
1598 reply->writeInt32(1);
1599 outCharacteristics.writeToParcel(reply);
1600 return NO_ERROR;
1601 }
1602 case IMPORT_KEY: {
1603 CHECK_INTERFACE(IKeystoreService, data, reply);
1604 String16 name = data.readString16();
1605 KeymasterArguments args;
1606 if (data.readInt32() != 0) {
1607 args.readFromParcel(data);
1608 }
1609 keymaster_key_format_t format = static_cast<keymaster_key_format_t>(data.readInt32());
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1610 const uint8_t* keyData = NULL;
1611 size_t keyLength = 0;
1612 readByteArray(data, &keyData, &keyLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1613 int32_t uid = data.readInt32();
1614 int32_t flags = data.readInt32();
1615 KeyCharacteristics outCharacteristics;
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1616 int32_t ret = importKey(name, args, format, keyData, keyLength, uid, flags,
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1617 &outCharacteristics);
1618 reply->writeNoException();
1619 reply->writeInt32(ret);
1620 reply->writeInt32(1);
1621 outCharacteristics.writeToParcel(reply);
1622
1623 return NO_ERROR;
1624 }
1625 case EXPORT_KEY: {
1626 CHECK_INTERFACE(IKeystoreService, data, reply);
1627 String16 name = data.readString16();
1628 keymaster_key_format_t format = static_cast<keymaster_key_format_t>(data.readInt32());
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1629 std::unique_ptr<keymaster_blob_t> clientId = readKeymasterBlob(data);
1630 std::unique_ptr<keymaster_blob_t> appData = readKeymasterBlob(data);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1631 ExportResult result;
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1632 exportKey(name, format, clientId.get(), appData.get(), &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1633 reply->writeNoException();
1634 reply->writeInt32(1);
1635 result.writeToParcel(reply);
1636
1637 return NO_ERROR;
1638 }
1639 case BEGIN: {
1640 CHECK_INTERFACE(IKeystoreService, data, reply);
1641 sp<IBinder> token = data.readStrongBinder();
1642 String16 name = data.readString16();
1643 keymaster_purpose_t purpose = static_cast<keymaster_purpose_t>(data.readInt32());
1644 bool pruneable = data.readInt32() != 0;
1645 KeymasterArguments args;
1646 if (data.readInt32() != 0) {
1647 args.readFromParcel(data);
1648 }
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1649 const uint8_t* entropy = NULL;
1650 size_t entropyLength = 0;
1651 readByteArray(data, &entropy, &entropyLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1652 KeymasterArguments outArgs;
1653 OperationResult result;
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1654 begin(token, name, purpose, pruneable, args, entropy, entropyLength, &outArgs,
1655 &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1656 reply->writeNoException();
1657 reply->writeInt32(1);
1658 result.writeToParcel(reply);
1659 reply->writeInt32(1);
1660 outArgs.writeToParcel(reply);
1661
1662 return NO_ERROR;
1663 }
1664 case UPDATE: {
1665 CHECK_INTERFACE(IKeystoreService, data, reply);
1666 sp<IBinder> token = data.readStrongBinder();
1667 KeymasterArguments args;
1668 if (data.readInt32() != 0) {
1669 args.readFromParcel(data);
1670 }
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1671 const uint8_t* buf = NULL;
1672 size_t bufLength = 0;
1673 readByteArray(data, &buf, &bufLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1674 OperationResult result;
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1675 update(token, args, buf, bufLength, &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1676 reply->writeNoException();
1677 reply->writeInt32(1);
1678 result.writeToParcel(reply);
1679
1680 return NO_ERROR;
1681 }
1682 case FINISH: {
1683 CHECK_INTERFACE(IKeystoreService, data, reply);
1684 sp<IBinder> token = data.readStrongBinder();
1685 KeymasterArguments args;
1686 if (data.readInt32() != 0) {
1687 args.readFromParcel(data);
1688 }
Chad Brubaker8cfb8ac2015-05-29 12:30:19 -0700[diff] [blame]1689 const uint8_t* signature = NULL;
1690 size_t signatureLength = 0;
1691 readByteArray(data, &signature, &signatureLength);
1692 const uint8_t* entropy = NULL;
1693 size_t entropyLength = 0;
1694 readByteArray(data, &entropy, &entropyLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1695 OperationResult result;
Chad Brubaker8cfb8ac2015-05-29 12:30:19 -0700[diff] [blame]1696 finish(token, args, signature, signatureLength, entropy, entropyLength, &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1697 reply->writeNoException();
1698 reply->writeInt32(1);
1699 result.writeToParcel(reply);
1700
1701 return NO_ERROR;
1702 }
1703 case ABORT: {
1704 CHECK_INTERFACE(IKeystoreService, data, reply);
1705 sp<IBinder> token = data.readStrongBinder();
1706 int32_t result = abort(token);
1707 reply->writeNoException();
1708 reply->writeInt32(result);
1709
1710 return NO_ERROR;
1711 }
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1712 case IS_OPERATION_AUTHORIZED: {
1713 CHECK_INTERFACE(IKeystoreService, data, reply);
1714 sp<IBinder> token = data.readStrongBinder();
1715 bool result = isOperationAuthorized(token);
1716 reply->writeNoException();
1717 reply->writeInt32(result ? 1 : 0);
1718
1719 return NO_ERROR;
1720 }
1721 case ADD_AUTH_TOKEN: {
1722 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1723 const uint8_t* token_bytes = NULL;
1724 size_t size = 0;
1725 readByteArray(data, &token_bytes, &size);
1726 int32_t result = addAuthToken(token_bytes, size);
1727 reply->writeNoException();
1728 reply->writeInt32(result);
1729
1730 return NO_ERROR;
1731 }
Chad Brubakerfd777e72015-05-12 10:43:10 -0700[diff] [blame]1732 case ON_USER_ADDED: {
1733 CHECK_INTERFACE(IKeystoreService, data, reply);
1734 int32_t userId = data.readInt32();
1735 int32_t parentId = data.readInt32();
1736 int32_t result = onUserAdded(userId, parentId);
1737 reply->writeNoException();
1738 reply->writeInt32(result);
1739
1740 return NO_ERROR;
1741 }
1742 case ON_USER_REMOVED: {
1743 CHECK_INTERFACE(IKeystoreService, data, reply);
1744 int32_t userId = data.readInt32();
1745 int32_t result = onUserRemoved(userId);
1746 reply->writeNoException();
1747 reply->writeInt32(result);
1748
1749 return NO_ERROR;
1750 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1751 default:
1752 return BBinder::onTransact(code, data, reply, flags);
1753 }
1754}
1755
1756// ----------------------------------------------------------------------------
1757
1758}; // namespace android