Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / b37a52337f001f8a43f7cbb64203dba78560ee6b / . / keystore / IKeystoreService.cpp
blob: df1c5dda217b6504b7bc27bab274bb8ecb22b49d [file] [log] [blame]
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1/*
2**
3** Copyright 2008, The Android Open Source Project
4**
5** Licensed under the Apache License, Version 2.0 (the "License");
6** you may not use this file except in compliance with the License.
7** You may obtain a copy of the License at
8**
9** http://www.apache.org/licenses/LICENSE-2.0
10**
11** Unless required by applicable law or agreed to in writing, software
12** distributed under the License is distributed on an "AS IS" BASIS,
13** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14** See the License for the specific language governing permissions and
15** limitations under the License.
16*/
17
18#include <stdint.h>
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]19#include <sys/limits.h>
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]20#include <sys/types.h>
21
22#define LOG_TAG "KeystoreService"
23#include <utils/Log.h>
24
25#include <binder/Parcel.h>
26#include <binder/IPCThreadState.h>
27#include <binder/IServiceManager.h>
28
29#include <keystore/IKeystoreService.h>
30
31namespace android {
32
Shawn Willden77d71ca2014-11-12 16:45:12 -0700[diff] [blame]33const ssize_t MAX_GENERATE_ARGS = 3;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]34static keymaster_key_param_t* readParamList(const Parcel& in, size_t* length);
Shawn Willden77d71ca2014-11-12 16:45:12 -0700[diff] [blame]35
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]36KeystoreArg::KeystoreArg(const void* data, size_t len)
37 : mData(data), mSize(len) {
38}
39
40KeystoreArg::~KeystoreArg() {
41}
42
43const void *KeystoreArg::data() const {
44 return mData;
45}
46
47size_t KeystoreArg::size() const {
48 return mSize;
49}
50
Chad Brubakerc3a18562015-03-17 18:21:35 -0700[diff] [blame]51OperationResult::OperationResult() : resultCode(0), token(), handle(0), inputConsumed(0),
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]52 data(NULL), dataLength(0) {
53}
54
55OperationResult::~OperationResult() {
56}
57
58void OperationResult::readFromParcel(const Parcel& in) {
59 resultCode = in.readInt32();
60 token = in.readStrongBinder();
Chad Brubakerc3a18562015-03-17 18:21:35 -0700[diff] [blame]61 handle = static_cast<keymaster_operation_handle_t>(in.readInt64());
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]62 inputConsumed = in.readInt32();
63 ssize_t length = in.readInt32();
64 dataLength = 0;
65 if (length > 0) {
66 const void* buf = in.readInplace(length);
67 if (buf) {
68 data.reset(reinterpret_cast<uint8_t*>(malloc(length)));
69 if (data.get()) {
70 memcpy(data.get(), buf, length);
71 dataLength = (size_t) length;
72 } else {
73 ALOGE("Failed to allocate OperationResult buffer");
74 }
75 } else {
76 ALOGE("Failed to readInplace OperationResult data");
77 }
78 }
79}
80
81void OperationResult::writeToParcel(Parcel* out) const {
82 out->writeInt32(resultCode);
83 out->writeStrongBinder(token);
Chad Brubakerc3a18562015-03-17 18:21:35 -0700[diff] [blame]84 out->writeInt64(handle);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]85 out->writeInt32(inputConsumed);
86 out->writeInt32(dataLength);
87 if (dataLength && data) {
88 void* buf = out->writeInplace(dataLength);
89 if (buf) {
90 memcpy(buf, data.get(), dataLength);
91 } else {
92 ALOGE("Failed to writeInplace OperationResult data.");
93 }
94 }
95}
96
97ExportResult::ExportResult() : resultCode(0), exportData(NULL), dataLength(0) {
98}
99
100ExportResult::~ExportResult() {
101}
102
103void ExportResult::readFromParcel(const Parcel& in) {
104 resultCode = in.readInt32();
105 ssize_t length = in.readInt32();
106 dataLength = 0;
107 if (length > 0) {
108 const void* buf = in.readInplace(length);
109 if (buf) {
110 exportData.reset(reinterpret_cast<uint8_t*>(malloc(length)));
111 if (exportData.get()) {
112 memcpy(exportData.get(), buf, length);
113 dataLength = (size_t) length;
114 } else {
115 ALOGE("Failed to allocate ExportData buffer");
116 }
117 } else {
118 ALOGE("Failed to readInplace ExportData data");
119 }
120 }
121}
122
123void ExportResult::writeToParcel(Parcel* out) const {
124 out->writeInt32(resultCode);
125 out->writeInt32(dataLength);
126 if (exportData && dataLength) {
127 void* buf = out->writeInplace(dataLength);
128 if (buf) {
129 memcpy(buf, exportData.get(), dataLength);
130 } else {
131 ALOGE("Failed to writeInplace ExportResult data.");
132 }
133 }
134}
135
136KeymasterArguments::KeymasterArguments() {
137}
138
139KeymasterArguments::~KeymasterArguments() {
140 keymaster_free_param_values(params.data(), params.size());
141}
142
143void KeymasterArguments::readFromParcel(const Parcel& in) {
144 ssize_t length = in.readInt32();
145 size_t ulength = (size_t) length;
146 if (length < 0) {
147 ulength = 0;
148 }
149 keymaster_free_param_values(params.data(), params.size());
150 params.clear();
151 for(size_t i = 0; i < ulength; i++) {
152 keymaster_key_param_t param;
153 if (!readKeymasterArgumentFromParcel(in, &param)) {
154 ALOGE("Error reading keymaster argument from parcel");
155 break;
156 }
157 params.push_back(param);
158 }
159}
160
161void KeymasterArguments::writeToParcel(Parcel* out) const {
162 out->writeInt32(params.size());
163 for (auto param : params) {
164 out->writeInt32(1);
165 writeKeymasterArgumentToParcel(param, out);
166 }
167}
168
169KeyCharacteristics::KeyCharacteristics() {
170 memset((void*) &characteristics, 0, sizeof(characteristics));
171}
172
173KeyCharacteristics::~KeyCharacteristics() {
174 keymaster_free_characteristics(&characteristics);
175}
176
177void KeyCharacteristics::readFromParcel(const Parcel& in) {
178 size_t length = 0;
179 keymaster_key_param_t* params = readParamList(in, &length);
180 characteristics.sw_enforced.params = params;
181 characteristics.sw_enforced.length = length;
182
183 params = readParamList(in, &length);
184 characteristics.hw_enforced.params = params;
185 characteristics.hw_enforced.length = length;
186}
187
188void KeyCharacteristics::writeToParcel(Parcel* out) const {
189 if (characteristics.sw_enforced.params) {
190 out->writeInt32(characteristics.sw_enforced.length);
191 for (size_t i = 0; i < characteristics.sw_enforced.length; i++) {
192 out->writeInt32(1);
193 writeKeymasterArgumentToParcel(characteristics.sw_enforced.params[i], out);
194 }
195 } else {
196 out->writeInt32(0);
197 }
198 if (characteristics.hw_enforced.params) {
199 out->writeInt32(characteristics.hw_enforced.length);
200 for (size_t i = 0; i < characteristics.hw_enforced.length; i++) {
201 out->writeInt32(1);
202 writeKeymasterArgumentToParcel(characteristics.hw_enforced.params[i], out);
203 }
204 } else {
205 out->writeInt32(0);
206 }
207}
208
209void writeKeymasterArgumentToParcel(const keymaster_key_param_t& param, Parcel* out) {
210 switch (keymaster_tag_get_type(param.tag)) {
211 case KM_ENUM:
212 case KM_ENUM_REP: {
213 out->writeInt32(param.tag);
214 out->writeInt32(param.enumerated);
215 break;
216 }
217 case KM_INT:
218 case KM_INT_REP: {
219 out->writeInt32(param.tag);
220 out->writeInt32(param.integer);
221 break;
222 }
Chad Brubaker686db062015-04-16 14:21:10 -0700[diff] [blame]223 case KM_LONG:
224 case KM_LONG_REP: {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]225 out->writeInt32(param.tag);
226 out->writeInt64(param.long_integer);
227 break;
228 }
229 case KM_DATE: {
230 out->writeInt32(param.tag);
231 out->writeInt64(param.date_time);
232 break;
233 }
234 case KM_BOOL: {
235 out->writeInt32(param.tag);
236 break;
237 }
238 case KM_BIGNUM:
239 case KM_BYTES: {
240 out->writeInt32(param.tag);
241 out->writeInt32(param.blob.data_length);
242 void* buf = out->writeInplace(param.blob.data_length);
243 if (buf) {
244 memcpy(buf, param.blob.data, param.blob.data_length);
245 } else {
246 ALOGE("Failed to writeInplace keymaster blob param");
247 }
248 break;
249 }
250 default: {
251 ALOGE("Failed to write argument: Unsupported keymaster_tag_t %d", param.tag);
252 }
253 }
254}
255
256
257bool readKeymasterArgumentFromParcel(const Parcel& in, keymaster_key_param_t* out) {
258 if (in.readInt32() == 0) {
259 return false;
260 }
261 keymaster_tag_t tag = static_cast<keymaster_tag_t>(in.readInt32());
262 switch (keymaster_tag_get_type(tag)) {
263 case KM_ENUM:
264 case KM_ENUM_REP: {
265 uint32_t value = in.readInt32();
266 *out = keymaster_param_enum(tag, value);
267 break;
268 }
269 case KM_INT:
270 case KM_INT_REP: {
271 uint32_t value = in.readInt32();
272 *out = keymaster_param_int(tag, value);
273 break;
274 }
Chad Brubaker686db062015-04-16 14:21:10 -0700[diff] [blame]275 case KM_LONG:
276 case KM_LONG_REP: {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]277 uint64_t value = in.readInt64();
278 *out = keymaster_param_long(tag, value);
279 break;
280 }
281 case KM_DATE: {
282 uint64_t value = in.readInt64();
283 *out = keymaster_param_date(tag, value);
284 break;
285 }
286 case KM_BOOL: {
287 *out = keymaster_param_bool(tag);
288 break;
289 }
290 case KM_BIGNUM:
291 case KM_BYTES: {
292 ssize_t length = in.readInt32();
293 uint8_t* data = NULL;
294 size_t ulength = 0;
295 if (length >= 0) {
296 ulength = (size_t) length;
297 // use malloc here so we can use keymaster_free_param_values
298 // consistently.
299 data = reinterpret_cast<uint8_t*>(malloc(ulength));
300 const void* buf = in.readInplace(ulength);
301 if (!buf || !data) {
302 ALOGE("Failed to allocate buffer for keymaster blob param");
303 return false;
304 }
305 memcpy(data, buf, ulength);
306 }
307 *out = keymaster_param_blob(tag, data, ulength);
308 break;
309 }
310 default: {
311 ALOGE("Unsupported keymaster_tag_t %d", tag);
312 return false;
313 }
314 }
315 return true;
316}
317
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]318/**
319 * Read a byte array from in. The data at *data is still owned by the parcel
320 */
321static void readByteArray(const Parcel& in, const uint8_t** data, size_t* length) {
322 ssize_t slength = in.readInt32();
323 if (slength > 0) {
324 *data = reinterpret_cast<const uint8_t*>(in.readInplace(slength));
325 if (*data) {
326 *length = static_cast<size_t>(slength);
327 } else {
328 *length = 0;
329 }
330 } else {
331 *data = NULL;
332 *length = 0;
333 }
334}
335
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]336// Read a keymaster_key_param_t* from a Parcel for use in a
337// keymaster_key_characteristics_t. This will be free'd by calling
338// keymaster_free_key_characteristics.
339static keymaster_key_param_t* readParamList(const Parcel& in, size_t* length) {
340 ssize_t slength = in.readInt32();
341 *length = 0;
342 if (slength < 0) {
343 return NULL;
344 }
345 *length = (size_t) slength;
346 if (*length >= UINT_MAX / sizeof(keymaster_key_param_t)) {
347 return NULL;
348 }
349 keymaster_key_param_t* list =
350 reinterpret_cast<keymaster_key_param_t*>(malloc(*length *
351 sizeof(keymaster_key_param_t)));
352 if (!list) {
353 ALOGD("Failed to allocate buffer for generateKey outCharacteristics");
354 goto err;
355 }
356 for (size_t i = 0; i < *length ; i++) {
357 if (!readKeymasterArgumentFromParcel(in, &list[i])) {
358 ALOGE("Failed to read keymaster argument");
359 keymaster_free_param_values(list, i);
360 goto err;
361 }
362 }
363 return list;
364err:
365 free(list);
366 return NULL;
367}
368
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]369static std::unique_ptr<keymaster_blob_t> readKeymasterBlob(const Parcel& in) {
370 std::unique_ptr<keymaster_blob_t> blob;
371 if (in.readInt32() != 1) {
372 blob.reset(NULL);
373 return blob;
374 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]375 ssize_t length = in.readInt32();
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]376 blob.reset(new keymaster_blob_t);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]377 if (length > 0) {
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]378 blob->data = reinterpret_cast<const uint8_t*>(in.readInplace(length));
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]379 if (blob->data) {
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]380 blob->data_length = static_cast<size_t>(length);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]381 } else {
382 blob->data_length = 0;
383 }
384 } else {
385 blob->data = NULL;
386 blob->data_length = 0;
387 }
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]388 return blob;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]389}
390
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]391class BpKeystoreService: public BpInterface<IKeystoreService>
392{
393public:
394 BpKeystoreService(const sp<IBinder>& impl)
395 : BpInterface<IKeystoreService>(impl)
396 {
397 }
398
399 // test ping
400 virtual int32_t test()
401 {
402 Parcel data, reply;
403 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
404 status_t status = remote()->transact(BnKeystoreService::TEST, data, &reply);
405 if (status != NO_ERROR) {
406 ALOGD("test() could not contact remote: %d\n", status);
407 return -1;
408 }
409 int32_t err = reply.readExceptionCode();
410 int32_t ret = reply.readInt32();
411 if (err < 0) {
412 ALOGD("test() caught exception %d\n", err);
413 return -1;
414 }
415 return ret;
416 }
417
418 virtual int32_t get(const String16& name, uint8_t** item, size_t* itemLength)
419 {
420 Parcel data, reply;
421 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
422 data.writeString16(name);
423 status_t status = remote()->transact(BnKeystoreService::GET, data, &reply);
424 if (status != NO_ERROR) {
425 ALOGD("get() could not contact remote: %d\n", status);
426 return -1;
427 }
428 int32_t err = reply.readExceptionCode();
429 ssize_t len = reply.readInt32();
430 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
431 size_t ulen = (size_t) len;
432 const void* buf = reply.readInplace(ulen);
433 *item = (uint8_t*) malloc(ulen);
434 if (*item != NULL) {
435 memcpy(*item, buf, ulen);
436 *itemLength = ulen;
437 } else {
438 ALOGE("out of memory allocating output array in get");
439 *itemLength = 0;
440 }
441 } else {
442 *itemLength = 0;
443 }
444 if (err < 0) {
445 ALOGD("get() caught exception %d\n", err);
446 return -1;
447 }
448 return 0;
449 }
450
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]451 virtual int32_t insert(const String16& name, const uint8_t* item, size_t itemLength, int uid,
452 int32_t flags)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]453 {
454 Parcel data, reply;
455 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
456 data.writeString16(name);
457 data.writeInt32(itemLength);
458 void* buf = data.writeInplace(itemLength);
459 memcpy(buf, item, itemLength);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]460 data.writeInt32(uid);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]461 data.writeInt32(flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]462 status_t status = remote()->transact(BnKeystoreService::INSERT, data, &reply);
463 if (status != NO_ERROR) {
464 ALOGD("import() could not contact remote: %d\n", status);
465 return -1;
466 }
467 int32_t err = reply.readExceptionCode();
468 int32_t ret = reply.readInt32();
469 if (err < 0) {
470 ALOGD("import() caught exception %d\n", err);
471 return -1;
472 }
473 return ret;
474 }
475
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]476 virtual int32_t del(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]477 {
478 Parcel data, reply;
479 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
480 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]481 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]482 status_t status = remote()->transact(BnKeystoreService::DEL, data, &reply);
483 if (status != NO_ERROR) {
484 ALOGD("del() could not contact remote: %d\n", status);
485 return -1;
486 }
487 int32_t err = reply.readExceptionCode();
488 int32_t ret = reply.readInt32();
489 if (err < 0) {
490 ALOGD("del() caught exception %d\n", err);
491 return -1;
492 }
493 return ret;
494 }
495
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]496 virtual int32_t exist(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]497 {
498 Parcel data, reply;
499 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
500 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]501 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]502 status_t status = remote()->transact(BnKeystoreService::EXIST, data, &reply);
503 if (status != NO_ERROR) {
504 ALOGD("exist() could not contact remote: %d\n", status);
505 return -1;
506 }
507 int32_t err = reply.readExceptionCode();
508 int32_t ret = reply.readInt32();
509 if (err < 0) {
510 ALOGD("exist() caught exception %d\n", err);
511 return -1;
512 }
513 return ret;
514 }
515
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]516 virtual int32_t saw(const String16& name, int uid, Vector<String16>* matches)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]517 {
518 Parcel data, reply;
519 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
520 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]521 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]522 status_t status = remote()->transact(BnKeystoreService::SAW, data, &reply);
523 if (status != NO_ERROR) {
524 ALOGD("saw() could not contact remote: %d\n", status);
525 return -1;
526 }
527 int32_t err = reply.readExceptionCode();
528 int32_t numMatches = reply.readInt32();
529 for (int32_t i = 0; i < numMatches; i++) {
530 matches->push(reply.readString16());
531 }
532 int32_t ret = reply.readInt32();
533 if (err < 0) {
534 ALOGD("saw() caught exception %d\n", err);
535 return -1;
536 }
537 return ret;
538 }
539
540 virtual int32_t reset()
541 {
542 Parcel data, reply;
543 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
544 status_t status = remote()->transact(BnKeystoreService::RESET, data, &reply);
545 if (status != NO_ERROR) {
546 ALOGD("reset() could not contact remote: %d\n", status);
547 return -1;
548 }
549 int32_t err = reply.readExceptionCode();
550 int32_t ret = reply.readInt32();
551 if (err < 0) {
552 ALOGD("reset() caught exception %d\n", err);
553 return -1;
554 }
555 return ret;
556 }
557
558 virtual int32_t password(const String16& password)
559 {
560 Parcel data, reply;
561 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
562 data.writeString16(password);
563 status_t status = remote()->transact(BnKeystoreService::PASSWORD, data, &reply);
564 if (status != NO_ERROR) {
565 ALOGD("password() could not contact remote: %d\n", status);
566 return -1;
567 }
568 int32_t err = reply.readExceptionCode();
569 int32_t ret = reply.readInt32();
570 if (err < 0) {
571 ALOGD("password() caught exception %d\n", err);
572 return -1;
573 }
574 return ret;
575 }
576
577 virtual int32_t lock()
578 {
579 Parcel data, reply;
580 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
581 status_t status = remote()->transact(BnKeystoreService::LOCK, data, &reply);
582 if (status != NO_ERROR) {
583 ALOGD("lock() could not contact remote: %d\n", status);
584 return -1;
585 }
586 int32_t err = reply.readExceptionCode();
587 int32_t ret = reply.readInt32();
588 if (err < 0) {
589 ALOGD("lock() caught exception %d\n", err);
590 return -1;
591 }
592 return ret;
593 }
594
595 virtual int32_t unlock(const String16& password)
596 {
597 Parcel data, reply;
598 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
599 data.writeString16(password);
600 status_t status = remote()->transact(BnKeystoreService::UNLOCK, data, &reply);
601 if (status != NO_ERROR) {
602 ALOGD("unlock() could not contact remote: %d\n", status);
603 return -1;
604 }
605 int32_t err = reply.readExceptionCode();
606 int32_t ret = reply.readInt32();
607 if (err < 0) {
608 ALOGD("unlock() caught exception %d\n", err);
609 return -1;
610 }
611 return ret;
612 }
613
614 virtual int32_t zero()
615 {
616 Parcel data, reply;
617 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
618 status_t status = remote()->transact(BnKeystoreService::ZERO, data, &reply);
619 if (status != NO_ERROR) {
620 ALOGD("zero() could not contact remote: %d\n", status);
621 return -1;
622 }
623 int32_t err = reply.readExceptionCode();
624 int32_t ret = reply.readInt32();
625 if (err < 0) {
626 ALOGD("zero() caught exception %d\n", err);
627 return -1;
628 }
629 return ret;
630 }
631
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]632 virtual int32_t generate(const String16& name, int32_t uid, int32_t keyType, int32_t keySize,
633 int32_t flags, Vector<sp<KeystoreArg> >* args)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]634 {
635 Parcel data, reply;
636 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
637 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]638 data.writeInt32(uid);
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]639 data.writeInt32(keyType);
640 data.writeInt32(keySize);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]641 data.writeInt32(flags);
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]642 data.writeInt32(1);
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]643 data.writeInt32(args->size());
644 for (Vector<sp<KeystoreArg> >::iterator it = args->begin(); it != args->end(); ++it) {
645 sp<KeystoreArg> item = *it;
646 size_t keyLength = item->size();
647 data.writeInt32(keyLength);
648 void* buf = data.writeInplace(keyLength);
649 memcpy(buf, item->data(), keyLength);
650 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]651 status_t status = remote()->transact(BnKeystoreService::GENERATE, data, &reply);
652 if (status != NO_ERROR) {
653 ALOGD("generate() could not contact remote: %d\n", status);
654 return -1;
655 }
656 int32_t err = reply.readExceptionCode();
657 int32_t ret = reply.readInt32();
658 if (err < 0) {
659 ALOGD("generate() caught exception %d\n", err);
660 return -1;
661 }
662 return ret;
663 }
664
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]665 virtual int32_t import(const String16& name, const uint8_t* key, size_t keyLength, int uid,
666 int flags)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]667 {
668 Parcel data, reply;
669 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
670 data.writeString16(name);
671 data.writeInt32(keyLength);
672 void* buf = data.writeInplace(keyLength);
673 memcpy(buf, key, keyLength);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]674 data.writeInt32(uid);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]675 data.writeInt32(flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]676 status_t status = remote()->transact(BnKeystoreService::IMPORT, data, &reply);
677 if (status != NO_ERROR) {
678 ALOGD("import() could not contact remote: %d\n", status);
679 return -1;
680 }
681 int32_t err = reply.readExceptionCode();
682 int32_t ret = reply.readInt32();
683 if (err < 0) {
684 ALOGD("import() caught exception %d\n", err);
685 return -1;
686 }
687 return ret;
688 }
689
690 virtual int32_t sign(const String16& name, const uint8_t* in, size_t inLength, uint8_t** out,
691 size_t* outLength)
692 {
693 Parcel data, reply;
694 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
695 data.writeString16(name);
696 data.writeInt32(inLength);
697 void* buf = data.writeInplace(inLength);
698 memcpy(buf, in, inLength);
699 status_t status = remote()->transact(BnKeystoreService::SIGN, data, &reply);
700 if (status != NO_ERROR) {
701 ALOGD("import() could not contact remote: %d\n", status);
702 return -1;
703 }
704 int32_t err = reply.readExceptionCode();
705 ssize_t len = reply.readInt32();
706 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
707 size_t ulen = (size_t) len;
708 const void* outBuf = reply.readInplace(ulen);
709 *out = (uint8_t*) malloc(ulen);
710 if (*out != NULL) {
711 memcpy((void*) *out, outBuf, ulen);
712 *outLength = ulen;
713 } else {
714 ALOGE("out of memory allocating output array in sign");
715 *outLength = 0;
716 }
717 } else {
718 *outLength = 0;
719 }
720 if (err < 0) {
721 ALOGD("import() caught exception %d\n", err);
722 return -1;
723 }
724 return 0;
725 }
726
727 virtual int32_t verify(const String16& name, const uint8_t* in, size_t inLength,
728 const uint8_t* signature, size_t signatureLength)
729 {
730 Parcel data, reply;
731 void* buf;
732
733 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
734 data.writeString16(name);
735 data.writeInt32(inLength);
736 buf = data.writeInplace(inLength);
737 memcpy(buf, in, inLength);
738 data.writeInt32(signatureLength);
739 buf = data.writeInplace(signatureLength);
740 memcpy(buf, signature, signatureLength);
741 status_t status = remote()->transact(BnKeystoreService::VERIFY, data, &reply);
742 if (status != NO_ERROR) {
743 ALOGD("verify() could not contact remote: %d\n", status);
744 return -1;
745 }
746 int32_t err = reply.readExceptionCode();
747 int32_t ret = reply.readInt32();
748 if (err < 0) {
749 ALOGD("verify() caught exception %d\n", err);
750 return -1;
751 }
752 return ret;
753 }
754
755 virtual int32_t get_pubkey(const String16& name, uint8_t** pubkey, size_t* pubkeyLength)
756 {
757 Parcel data, reply;
758 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
759 data.writeString16(name);
760 status_t status = remote()->transact(BnKeystoreService::GET_PUBKEY, data, &reply);
761 if (status != NO_ERROR) {
762 ALOGD("get_pubkey() could not contact remote: %d\n", status);
763 return -1;
764 }
765 int32_t err = reply.readExceptionCode();
766 ssize_t len = reply.readInt32();
767 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
768 size_t ulen = (size_t) len;
769 const void* buf = reply.readInplace(ulen);
770 *pubkey = (uint8_t*) malloc(ulen);
771 if (*pubkey != NULL) {
772 memcpy(*pubkey, buf, ulen);
773 *pubkeyLength = ulen;
774 } else {
775 ALOGE("out of memory allocating output array in get_pubkey");
776 *pubkeyLength = 0;
777 }
778 } else {
779 *pubkeyLength = 0;
780 }
781 if (err < 0) {
782 ALOGD("get_pubkey() caught exception %d\n", err);
783 return -1;
784 }
785 return 0;
786 }
787
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]788 virtual int32_t del_key(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]789 {
790 Parcel data, reply;
791 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
792 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]793 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]794 status_t status = remote()->transact(BnKeystoreService::DEL_KEY, data, &reply);
795 if (status != NO_ERROR) {
796 ALOGD("del_key() could not contact remote: %d\n", status);
797 return -1;
798 }
799 int32_t err = reply.readExceptionCode();
800 int32_t ret = reply.readInt32();
801 if (err < 0) {
802 ALOGD("del_key() caught exception %d\n", err);
803 return -1;
804 }
805 return ret;
806 }
807
808 virtual int32_t grant(const String16& name, int32_t granteeUid)
809 {
810 Parcel data, reply;
811 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
812 data.writeString16(name);
813 data.writeInt32(granteeUid);
814 status_t status = remote()->transact(BnKeystoreService::GRANT, data, &reply);
815 if (status != NO_ERROR) {
816 ALOGD("grant() could not contact remote: %d\n", status);
817 return -1;
818 }
819 int32_t err = reply.readExceptionCode();
820 int32_t ret = reply.readInt32();
821 if (err < 0) {
822 ALOGD("grant() caught exception %d\n", err);
823 return -1;
824 }
825 return ret;
826 }
827
828 virtual int32_t ungrant(const String16& name, int32_t granteeUid)
829 {
830 Parcel data, reply;
831 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
832 data.writeString16(name);
833 data.writeInt32(granteeUid);
834 status_t status = remote()->transact(BnKeystoreService::UNGRANT, data, &reply);
835 if (status != NO_ERROR) {
836 ALOGD("ungrant() could not contact remote: %d\n", status);
837 return -1;
838 }
839 int32_t err = reply.readExceptionCode();
840 int32_t ret = reply.readInt32();
841 if (err < 0) {
842 ALOGD("ungrant() caught exception %d\n", err);
843 return -1;
844 }
845 return ret;
846 }
847
848 int64_t getmtime(const String16& name)
849 {
850 Parcel data, reply;
851 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
852 data.writeString16(name);
853 status_t status = remote()->transact(BnKeystoreService::GETMTIME, data, &reply);
854 if (status != NO_ERROR) {
855 ALOGD("getmtime() could not contact remote: %d\n", status);
856 return -1;
857 }
858 int32_t err = reply.readExceptionCode();
859 int64_t ret = reply.readInt64();
860 if (err < 0) {
861 ALOGD("getmtime() caught exception %d\n", err);
862 return -1;
863 }
864 return ret;
865 }
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]866
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]867 virtual int32_t duplicate(const String16& srcKey, int32_t srcUid, const String16& destKey,
868 int32_t destUid)
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]869 {
870 Parcel data, reply;
871 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]872 data.writeString16(srcKey);
873 data.writeInt32(srcUid);
874 data.writeString16(destKey);
875 data.writeInt32(destUid);
876 status_t status = remote()->transact(BnKeystoreService::DUPLICATE, data, &reply);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]877 if (status != NO_ERROR) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]878 ALOGD("duplicate() could not contact remote: %d\n", status);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]879 return -1;
880 }
881 int32_t err = reply.readExceptionCode();
882 int32_t ret = reply.readInt32();
883 if (err < 0) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]884 ALOGD("duplicate() caught exception %d\n", err);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]885 return -1;
886 }
887 return ret;
888 }
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]889
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]890 virtual int32_t is_hardware_backed(const String16& keyType)
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]891 {
892 Parcel data, reply;
893 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]894 data.writeString16(keyType);
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]895 status_t status = remote()->transact(BnKeystoreService::IS_HARDWARE_BACKED, data, &reply);
896 if (status != NO_ERROR) {
897 ALOGD("is_hardware_backed() could not contact remote: %d\n", status);
898 return -1;
899 }
900 int32_t err = reply.readExceptionCode();
901 int32_t ret = reply.readInt32();
902 if (err < 0) {
903 ALOGD("is_hardware_backed() caught exception %d\n", err);
904 return -1;
905 }
906 return ret;
907 }
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]908
909 virtual int32_t clear_uid(int64_t uid)
910 {
911 Parcel data, reply;
912 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
913 data.writeInt64(uid);
914 status_t status = remote()->transact(BnKeystoreService::CLEAR_UID, data, &reply);
915 if (status != NO_ERROR) {
916 ALOGD("clear_uid() could not contact remote: %d\n", status);
917 return -1;
918 }
919 int32_t err = reply.readExceptionCode();
920 int32_t ret = reply.readInt32();
921 if (err < 0) {
922 ALOGD("clear_uid() caught exception %d\n", err);
923 return -1;
924 }
925 return ret;
926 }
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]927
928 virtual int32_t reset_uid(int32_t uid) {
929 Parcel data, reply;
930 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
931 data.writeInt32(uid);
932 status_t status = remote()->transact(BnKeystoreService::RESET_UID, data, &reply);
933 if (status != NO_ERROR) {
934 ALOGD("reset_uid() could not contact remote: %d\n", status);
935 return -1;
936 }
937 int32_t err = reply.readExceptionCode();
938 int32_t ret = reply.readInt32();
939 if (err < 0) {
940 ALOGD("reset_uid() caught exception %d\n", err);
941 return -1;
942 }
943 return ret;
944
945 }
946
947 virtual int32_t sync_uid(int32_t sourceUid, int32_t targetUid)
948 {
949 Parcel data, reply;
950 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
951 data.writeInt32(sourceUid);
952 data.writeInt32(targetUid);
953 status_t status = remote()->transact(BnKeystoreService::SYNC_UID, data, &reply);
954 if (status != NO_ERROR) {
955 ALOGD("sync_uid() could not contact remote: %d\n", status);
956 return -1;
957 }
958 int32_t err = reply.readExceptionCode();
959 int32_t ret = reply.readInt32();
960 if (err < 0) {
961 ALOGD("sync_uid() caught exception %d\n", err);
962 return -1;
963 }
964 return ret;
965 }
966
967 virtual int32_t password_uid(const String16& password, int32_t uid)
968 {
969 Parcel data, reply;
970 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
971 data.writeString16(password);
972 data.writeInt32(uid);
973 status_t status = remote()->transact(BnKeystoreService::PASSWORD_UID, data, &reply);
974 if (status != NO_ERROR) {
975 ALOGD("password_uid() could not contact remote: %d\n", status);
976 return -1;
977 }
978 int32_t err = reply.readExceptionCode();
979 int32_t ret = reply.readInt32();
980 if (err < 0) {
981 ALOGD("password_uid() caught exception %d\n", err);
982 return -1;
983 }
984 return ret;
985 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]986 virtual int32_t addRngEntropy(const uint8_t* buf, size_t bufLength)
987 {
988 Parcel data, reply;
989 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]990 data.writeByteArray(bufLength, buf);
991 status_t status = remote()->transact(BnKeystoreService::ADD_RNG_ENTROPY, data, &reply);
992 if (status != NO_ERROR) {
993 ALOGD("addRngEntropy() could not contact remote: %d\n", status);
994 return -1;
995 }
996 int32_t err = reply.readExceptionCode();
997 int32_t ret = reply.readInt32();
998 if (err < 0) {
999 ALOGD("addRngEntropy() caught exception %d\n", err);
1000 return -1;
1001 }
1002 return ret;
1003 };
1004
1005 virtual int32_t generateKey(const String16& name, const KeymasterArguments& params,
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1006 const uint8_t* entropy, size_t entropyLength, int uid, int flags,
1007 KeyCharacteristics* outCharacteristics)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1008 {
1009 Parcel data, reply;
1010 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1011 data.writeString16(name);
1012 data.writeInt32(1);
1013 params.writeToParcel(&data);
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1014 data.writeByteArray(entropyLength, entropy);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1015 data.writeInt32(uid);
1016 data.writeInt32(flags);
1017 status_t status = remote()->transact(BnKeystoreService::GENERATE_KEY, data, &reply);
1018 if (status != NO_ERROR) {
1019 ALOGD("generateKey() could not contact remote: %d\n", status);
1020 return KM_ERROR_UNKNOWN_ERROR;
1021 }
1022 int32_t err = reply.readExceptionCode();
1023 int32_t ret = reply.readInt32();
1024 if (err < 0) {
1025 ALOGD("generateKey() caught exception %d\n", err);
1026 return KM_ERROR_UNKNOWN_ERROR;
1027 }
1028 if (reply.readInt32() != 0 && outCharacteristics) {
1029 outCharacteristics->readFromParcel(reply);
1030 }
1031 return ret;
1032 }
1033 virtual int32_t getKeyCharacteristics(const String16& name,
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1034 const keymaster_blob_t* clientId,
1035 const keymaster_blob_t* appData,
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1036 KeyCharacteristics* outCharacteristics)
1037 {
1038 Parcel data, reply;
1039 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1040 data.writeString16(name);
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1041 if (clientId) {
1042 data.writeByteArray(clientId->data_length, clientId->data);
1043 } else {
1044 data.writeInt32(-1);
1045 }
1046 if (appData) {
1047 data.writeByteArray(appData->data_length, appData->data);
1048 } else {
1049 data.writeInt32(-1);
1050 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1051 status_t status = remote()->transact(BnKeystoreService::GET_KEY_CHARACTERISTICS,
1052 data, &reply);
1053 if (status != NO_ERROR) {
1054 ALOGD("getKeyCharacteristics() could not contact remote: %d\n", status);
1055 return KM_ERROR_UNKNOWN_ERROR;
1056 }
1057 int32_t err = reply.readExceptionCode();
1058 int32_t ret = reply.readInt32();
1059 if (err < 0) {
1060 ALOGD("getKeyCharacteristics() caught exception %d\n", err);
1061 return KM_ERROR_UNKNOWN_ERROR;
1062 }
1063 if (reply.readInt32() != 0 && outCharacteristics) {
1064 outCharacteristics->readFromParcel(reply);
1065 }
1066 return ret;
1067 }
1068 virtual int32_t importKey(const String16& name, const KeymasterArguments& params,
1069 keymaster_key_format_t format, const uint8_t *keyData,
1070 size_t keyLength, int uid, int flags,
1071 KeyCharacteristics* outCharacteristics)
1072 {
1073 Parcel data, reply;
1074 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1075 data.writeString16(name);
1076 data.writeInt32(1);
1077 params.writeToParcel(&data);
1078 data.writeInt32(format);
1079 data.writeByteArray(keyLength, keyData);
1080 data.writeInt32(uid);
1081 data.writeInt32(flags);
1082 status_t status = remote()->transact(BnKeystoreService::IMPORT_KEY, data, &reply);
1083 if (status != NO_ERROR) {
1084 ALOGD("importKey() could not contact remote: %d\n", status);
1085 return KM_ERROR_UNKNOWN_ERROR;
1086 }
1087 int32_t err = reply.readExceptionCode();
1088 int32_t ret = reply.readInt32();
1089 if (err < 0) {
1090 ALOGD("importKey() caught exception %d\n", err);
1091 return KM_ERROR_UNKNOWN_ERROR;
1092 }
1093 if (reply.readInt32() != 0 && outCharacteristics) {
1094 outCharacteristics->readFromParcel(reply);
1095 }
1096 return ret;
1097 }
1098
1099 virtual void exportKey(const String16& name, keymaster_key_format_t format,
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1100 const keymaster_blob_t* clientId,
1101 const keymaster_blob_t* appData, ExportResult* result)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1102 {
1103 if (!result) {
1104 return;
1105 }
1106
1107 Parcel data, reply;
1108 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1109 data.writeString16(name);
1110 data.writeInt32(format);
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1111 if (clientId) {
1112 data.writeByteArray(clientId->data_length, clientId->data);
1113 } else {
1114 data.writeInt32(-1);
1115 }
1116 if (appData) {
1117 data.writeByteArray(appData->data_length, appData->data);
1118 } else {
1119 data.writeInt32(-1);
1120 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1121 status_t status = remote()->transact(BnKeystoreService::EXPORT_KEY, data, &reply);
1122 if (status != NO_ERROR) {
1123 ALOGD("exportKey() could not contact remote: %d\n", status);
1124 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1125 return;
1126 }
1127 int32_t err = reply.readExceptionCode();
1128 if (err < 0) {
1129 ALOGD("exportKey() caught exception %d\n", err);
1130 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1131 return;
1132 }
1133 if (reply.readInt32() != 0) {
1134 result->readFromParcel(reply);
1135 }
1136 }
1137
1138 virtual void begin(const sp<IBinder>& appToken, const String16& name,
1139 keymaster_purpose_t purpose, bool pruneable,
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1140 const KeymasterArguments& params, const uint8_t* entropy,
1141 size_t entropyLength, KeymasterArguments* outParams,
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1142 OperationResult* result)
1143 {
1144 if (!result || !outParams) {
1145 return;
1146 }
1147 Parcel data, reply;
1148 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1149 data.writeStrongBinder(appToken);
1150 data.writeString16(name);
1151 data.writeInt32(purpose);
1152 data.writeInt32(pruneable ? 1 : 0);
1153 data.writeInt32(1);
1154 params.writeToParcel(&data);
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1155 data.writeByteArray(entropyLength, entropy);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1156 status_t status = remote()->transact(BnKeystoreService::BEGIN, data, &reply);
1157 if (status != NO_ERROR) {
1158 ALOGD("begin() could not contact remote: %d\n", status);
1159 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1160 return;
1161 }
1162 int32_t err = reply.readExceptionCode();
1163 if (err < 0) {
1164 ALOGD("begin() caught exception %d\n", err);
1165 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1166 return;
1167 }
1168 if (reply.readInt32() != 0) {
1169 result->readFromParcel(reply);
1170 }
1171 if (reply.readInt32() != 0) {
1172 outParams->readFromParcel(reply);
1173 }
1174 }
1175
1176 virtual void update(const sp<IBinder>& token, const KeymasterArguments& params,
Chad Brubaker40a1a9b2015-02-20 14:08:13 -0800[diff] [blame]1177 const uint8_t* opData, size_t dataLength, OperationResult* result)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1178 {
1179 if (!result) {
1180 return;
1181 }
1182 Parcel data, reply;
1183 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1184 data.writeStrongBinder(token);
1185 data.writeInt32(1);
1186 params.writeToParcel(&data);
1187 data.writeByteArray(dataLength, opData);
1188 status_t status = remote()->transact(BnKeystoreService::UPDATE, data, &reply);
1189 if (status != NO_ERROR) {
1190 ALOGD("update() could not contact remote: %d\n", status);
1191 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1192 return;
1193 }
1194 int32_t err = reply.readExceptionCode();
1195 if (err < 0) {
1196 ALOGD("update() caught exception %d\n", err);
1197 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1198 return;
1199 }
1200 if (reply.readInt32() != 0) {
1201 result->readFromParcel(reply);
1202 }
1203 }
1204
1205 virtual void finish(const sp<IBinder>& token, const KeymasterArguments& params,
Chad Brubaker40a1a9b2015-02-20 14:08:13 -0800[diff] [blame]1206 const uint8_t* signature, size_t signatureLength, OperationResult* result)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1207 {
1208 if (!result) {
1209 return;
1210 }
1211 Parcel data, reply;
1212 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1213 data.writeStrongBinder(token);
1214 data.writeInt32(1);
1215 params.writeToParcel(&data);
1216 data.writeByteArray(signatureLength, signature);
1217 status_t status = remote()->transact(BnKeystoreService::FINISH, data, &reply);
1218 if (status != NO_ERROR) {
1219 ALOGD("finish() could not contact remote: %d\n", status);
1220 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1221 return;
1222 }
1223 int32_t err = reply.readExceptionCode();
1224 if (err < 0) {
1225 ALOGD("finish() caught exception %d\n", err);
1226 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1227 return;
1228 }
1229 if (reply.readInt32() != 0) {
1230 result->readFromParcel(reply);
1231 }
1232 }
1233
1234 virtual int32_t abort(const sp<IBinder>& token)
1235 {
1236 Parcel data, reply;
1237 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1238 data.writeStrongBinder(token);
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1239 status_t status = remote()->transact(BnKeystoreService::ABORT, data, &reply);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1240 if (status != NO_ERROR) {
1241 ALOGD("abort() could not contact remote: %d\n", status);
1242 return KM_ERROR_UNKNOWN_ERROR;
1243 }
1244 int32_t err = reply.readExceptionCode();
1245 int32_t ret = reply.readInt32();
1246 if (err < 0) {
1247 ALOGD("abort() caught exception %d\n", err);
1248 return KM_ERROR_UNKNOWN_ERROR;
1249 }
1250 return ret;
1251 }
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1252
1253 virtual bool isOperationAuthorized(const sp<IBinder>& token)
1254 {
1255 Parcel data, reply;
1256 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1257 data.writeStrongBinder(token);
1258 status_t status = remote()->transact(BnKeystoreService::IS_OPERATION_AUTHORIZED, data,
1259 &reply);
1260 if (status != NO_ERROR) {
1261 ALOGD("isOperationAuthorized() could not contact remote: %d\n", status);
1262 return false;
1263 }
1264 int32_t err = reply.readExceptionCode();
1265 int32_t ret = reply.readInt32();
1266 if (err < 0) {
1267 ALOGD("isOperationAuthorized() caught exception %d\n", err);
1268 return false;
1269 }
1270 return ret == 1;
1271 }
1272
1273 virtual int32_t addAuthToken(const uint8_t* token, size_t length)
1274 {
1275 Parcel data, reply;
1276 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1277 data.writeByteArray(length, token);
1278 status_t status = remote()->transact(BnKeystoreService::ADD_AUTH_TOKEN, data, &reply);
1279 if (status != NO_ERROR) {
1280 ALOGD("addAuthToken() could not contact remote: %d\n", status);
1281 return -1;
1282 }
1283 int32_t err = reply.readExceptionCode();
1284 int32_t ret = reply.readInt32();
1285 if (err < 0) {
1286 ALOGD("addAuthToken() caught exception %d\n", err);
1287 return -1;
1288 }
1289 return ret;
1290 };
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1291};
1292
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]1293IMPLEMENT_META_INTERFACE(KeystoreService, "android.security.IKeystoreService");
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1294
1295// ----------------------------------------------------------------------
1296
1297status_t BnKeystoreService::onTransact(
1298 uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags)
1299{
1300 switch(code) {
1301 case TEST: {
1302 CHECK_INTERFACE(IKeystoreService, data, reply);
1303 int32_t ret = test();
1304 reply->writeNoException();
1305 reply->writeInt32(ret);
1306 return NO_ERROR;
1307 } break;
1308 case GET: {
1309 CHECK_INTERFACE(IKeystoreService, data, reply);
1310 String16 name = data.readString16();
1311 void* out = NULL;
1312 size_t outSize = 0;
1313 int32_t ret = get(name, (uint8_t**) &out, &outSize);
1314 reply->writeNoException();
1315 if (ret == 1) {
1316 reply->writeInt32(outSize);
1317 void* buf = reply->writeInplace(outSize);
1318 memcpy(buf, out, outSize);
1319 free(out);
1320 } else {
1321 reply->writeInt32(-1);
1322 }
1323 return NO_ERROR;
1324 } break;
1325 case INSERT: {
1326 CHECK_INTERFACE(IKeystoreService, data, reply);
1327 String16 name = data.readString16();
1328 ssize_t inSize = data.readInt32();
1329 const void* in;
1330 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1331 in = data.readInplace(inSize);
1332 } else {
1333 in = NULL;
1334 inSize = 0;
1335 }
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1336 int uid = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]1337 int32_t flags = data.readInt32();
1338 int32_t ret = insert(name, (const uint8_t*) in, (size_t) inSize, uid, flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1339 reply->writeNoException();
1340 reply->writeInt32(ret);
1341 return NO_ERROR;
1342 } break;
1343 case DEL: {
1344 CHECK_INTERFACE(IKeystoreService, data, reply);
1345 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1346 int uid = data.readInt32();
1347 int32_t ret = del(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1348 reply->writeNoException();
1349 reply->writeInt32(ret);
1350 return NO_ERROR;
1351 } break;
1352 case EXIST: {
1353 CHECK_INTERFACE(IKeystoreService, data, reply);
1354 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1355 int uid = data.readInt32();
1356 int32_t ret = exist(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1357 reply->writeNoException();
1358 reply->writeInt32(ret);
1359 return NO_ERROR;
1360 } break;
1361 case SAW: {
1362 CHECK_INTERFACE(IKeystoreService, data, reply);
1363 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1364 int uid = data.readInt32();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1365 Vector<String16> matches;
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1366 int32_t ret = saw(name, uid, &matches);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1367 reply->writeNoException();
1368 reply->writeInt32(matches.size());
1369 Vector<String16>::const_iterator it = matches.begin();
1370 for (; it != matches.end(); ++it) {
1371 reply->writeString16(*it);
1372 }
1373 reply->writeInt32(ret);
1374 return NO_ERROR;
1375 } break;
1376 case RESET: {
1377 CHECK_INTERFACE(IKeystoreService, data, reply);
1378 int32_t ret = reset();
1379 reply->writeNoException();
1380 reply->writeInt32(ret);
1381 return NO_ERROR;
1382 } break;
1383 case PASSWORD: {
1384 CHECK_INTERFACE(IKeystoreService, data, reply);
1385 String16 pass = data.readString16();
1386 int32_t ret = password(pass);
1387 reply->writeNoException();
1388 reply->writeInt32(ret);
1389 return NO_ERROR;
1390 } break;
1391 case LOCK: {
1392 CHECK_INTERFACE(IKeystoreService, data, reply);
1393 int32_t ret = lock();
1394 reply->writeNoException();
1395 reply->writeInt32(ret);
1396 return NO_ERROR;
1397 } break;
1398 case UNLOCK: {
1399 CHECK_INTERFACE(IKeystoreService, data, reply);
1400 String16 pass = data.readString16();
1401 int32_t ret = unlock(pass);
1402 reply->writeNoException();
1403 reply->writeInt32(ret);
1404 return NO_ERROR;
1405 } break;
1406 case ZERO: {
1407 CHECK_INTERFACE(IKeystoreService, data, reply);
1408 int32_t ret = zero();
1409 reply->writeNoException();
1410 reply->writeInt32(ret);
1411 return NO_ERROR;
1412 } break;
1413 case GENERATE: {
1414 CHECK_INTERFACE(IKeystoreService, data, reply);
1415 String16 name = data.readString16();
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1416 int32_t uid = data.readInt32();
1417 int32_t keyType = data.readInt32();
1418 int32_t keySize = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]1419 int32_t flags = data.readInt32();
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1420 Vector<sp<KeystoreArg> > args;
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]1421 int32_t argsPresent = data.readInt32();
1422 if (argsPresent == 1) {
1423 ssize_t numArgs = data.readInt32();
Chad Brubakered4f5662015-01-14 19:22:09 -0800[diff] [blame]1424 if (numArgs > MAX_GENERATE_ARGS) {
1425 return BAD_VALUE;
1426 }
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]1427 if (numArgs > 0) {
1428 for (size_t i = 0; i < (size_t) numArgs; i++) {
1429 ssize_t inSize = data.readInt32();
1430 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1431 sp<KeystoreArg> arg = new KeystoreArg(data.readInplace(inSize),
1432 inSize);
1433 args.push_back(arg);
1434 } else {
1435 args.push_back(NULL);
1436 }
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1437 }
1438 }
1439 }
1440 int32_t ret = generate(name, uid, keyType, keySize, flags, &args);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1441 reply->writeNoException();
1442 reply->writeInt32(ret);
1443 return NO_ERROR;
1444 } break;
1445 case IMPORT: {
1446 CHECK_INTERFACE(IKeystoreService, data, reply);
1447 String16 name = data.readString16();
1448 ssize_t inSize = data.readInt32();
1449 const void* in;
1450 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1451 in = data.readInplace(inSize);
1452 } else {
1453 in = NULL;
1454 inSize = 0;
1455 }
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1456 int uid = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]1457 int32_t flags = data.readInt32();
1458 int32_t ret = import(name, (const uint8_t*) in, (size_t) inSize, uid, flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1459 reply->writeNoException();
1460 reply->writeInt32(ret);
1461 return NO_ERROR;
1462 } break;
1463 case SIGN: {
1464 CHECK_INTERFACE(IKeystoreService, data, reply);
1465 String16 name = data.readString16();
1466 ssize_t inSize = data.readInt32();
1467 const void* in;
1468 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1469 in = data.readInplace(inSize);
1470 } else {
1471 in = NULL;
1472 inSize = 0;
1473 }
1474 void* out = NULL;
1475 size_t outSize = 0;
1476 int32_t ret = sign(name, (const uint8_t*) in, (size_t) inSize, (uint8_t**) &out, &outSize);
1477 reply->writeNoException();
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1478 if (outSize > 0 && out != NULL) {
1479 reply->writeInt32(outSize);
1480 void* buf = reply->writeInplace(outSize);
1481 memcpy(buf, out, outSize);
1482 free(out);
1483 } else {
Kenny Roote289c402013-02-14 11:31:53 -0800[diff] [blame]1484 reply->writeInt32(-1);
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1485 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1486 reply->writeInt32(ret);
1487 return NO_ERROR;
1488 } break;
1489 case VERIFY: {
1490 CHECK_INTERFACE(IKeystoreService, data, reply);
1491 String16 name = data.readString16();
1492 ssize_t inSize = data.readInt32();
1493 const void* in;
1494 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1495 in = data.readInplace(inSize);
1496 } else {
1497 in = NULL;
1498 inSize = 0;
1499 }
1500 ssize_t sigSize = data.readInt32();
1501 const void* sig;
1502 if (sigSize >= 0 && (size_t) sigSize <= data.dataAvail()) {
1503 sig = data.readInplace(sigSize);
1504 } else {
1505 sig = NULL;
1506 sigSize = 0;
1507 }
1508 bool ret = verify(name, (const uint8_t*) in, (size_t) inSize, (const uint8_t*) sig,
1509 (size_t) sigSize);
1510 reply->writeNoException();
1511 reply->writeInt32(ret ? 1 : 0);
1512 return NO_ERROR;
1513 } break;
1514 case GET_PUBKEY: {
1515 CHECK_INTERFACE(IKeystoreService, data, reply);
1516 String16 name = data.readString16();
1517 void* out = NULL;
1518 size_t outSize = 0;
1519 int32_t ret = get_pubkey(name, (unsigned char**) &out, &outSize);
1520 reply->writeNoException();
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1521 if (outSize > 0 && out != NULL) {
1522 reply->writeInt32(outSize);
1523 void* buf = reply->writeInplace(outSize);
1524 memcpy(buf, out, outSize);
1525 free(out);
1526 } else {
Kenny Roote289c402013-02-14 11:31:53 -0800[diff] [blame]1527 reply->writeInt32(-1);
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1528 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1529 reply->writeInt32(ret);
1530 return NO_ERROR;
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1531 } break;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1532 case DEL_KEY: {
1533 CHECK_INTERFACE(IKeystoreService, data, reply);
1534 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1535 int uid = data.readInt32();
1536 int32_t ret = del_key(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1537 reply->writeNoException();
1538 reply->writeInt32(ret);
1539 return NO_ERROR;
1540 } break;
1541 case GRANT: {
1542 CHECK_INTERFACE(IKeystoreService, data, reply);
1543 String16 name = data.readString16();
1544 int32_t granteeUid = data.readInt32();
1545 int32_t ret = grant(name, granteeUid);
1546 reply->writeNoException();
1547 reply->writeInt32(ret);
1548 return NO_ERROR;
1549 } break;
1550 case UNGRANT: {
1551 CHECK_INTERFACE(IKeystoreService, data, reply);
1552 String16 name = data.readString16();
1553 int32_t granteeUid = data.readInt32();
1554 int32_t ret = ungrant(name, granteeUid);
1555 reply->writeNoException();
1556 reply->writeInt32(ret);
1557 return NO_ERROR;
1558 } break;
1559 case GETMTIME: {
1560 CHECK_INTERFACE(IKeystoreService, data, reply);
1561 String16 name = data.readString16();
1562 int64_t ret = getmtime(name);
1563 reply->writeNoException();
1564 reply->writeInt64(ret);
1565 return NO_ERROR;
1566 } break;
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]1567 case DUPLICATE: {
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]1568 CHECK_INTERFACE(IKeystoreService, data, reply);
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]1569 String16 srcKey = data.readString16();
1570 int32_t srcUid = data.readInt32();
1571 String16 destKey = data.readString16();
1572 int32_t destUid = data.readInt32();
1573 int32_t ret = duplicate(srcKey, srcUid, destKey, destUid);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]1574 reply->writeNoException();
1575 reply->writeInt32(ret);
1576 return NO_ERROR;
1577 } break;
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]1578 case IS_HARDWARE_BACKED: {
1579 CHECK_INTERFACE(IKeystoreService, data, reply);
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]1580 String16 keyType = data.readString16();
1581 int32_t ret = is_hardware_backed(keyType);
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]1582 reply->writeNoException();
1583 reply->writeInt32(ret);
1584 return NO_ERROR;
1585 }
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]1586 case CLEAR_UID: {
1587 CHECK_INTERFACE(IKeystoreService, data, reply);
1588 int64_t uid = data.readInt64();
1589 int32_t ret = clear_uid(uid);
1590 reply->writeNoException();
1591 reply->writeInt32(ret);
1592 return NO_ERROR;
1593 }
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]1594 case RESET_UID: {
1595 CHECK_INTERFACE(IKeystoreService, data, reply);
1596 int32_t uid = data.readInt32();
1597 int32_t ret = reset_uid(uid);
1598 reply->writeNoException();
1599 reply->writeInt32(ret);
1600 return NO_ERROR;
1601 }
1602 case SYNC_UID: {
1603 CHECK_INTERFACE(IKeystoreService, data, reply);
1604 int32_t sourceUid = data.readInt32();
1605 int32_t targetUid = data.readInt32();
1606 int32_t ret = sync_uid(sourceUid, targetUid);
1607 reply->writeNoException();
1608 reply->writeInt32(ret);
1609 return NO_ERROR;
1610 }
1611 case PASSWORD_UID: {
1612 CHECK_INTERFACE(IKeystoreService, data, reply);
1613 String16 password = data.readString16();
1614 int32_t uid = data.readInt32();
1615 int32_t ret = password_uid(password, uid);
1616 reply->writeNoException();
1617 reply->writeInt32(ret);
1618 return NO_ERROR;
1619 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1620 case ADD_RNG_ENTROPY: {
1621 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1622 const uint8_t* bytes = NULL;
1623 size_t size = 0;
1624 readByteArray(data, &bytes, &size);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1625 int32_t ret = addRngEntropy(bytes, size);
1626 reply->writeNoException();
1627 reply->writeInt32(ret);
1628 return NO_ERROR;
1629 }
1630 case GENERATE_KEY: {
1631 CHECK_INTERFACE(IKeystoreService, data, reply);
1632 String16 name = data.readString16();
1633 KeymasterArguments args;
1634 if (data.readInt32() != 0) {
1635 args.readFromParcel(data);
1636 }
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1637 const uint8_t* entropy = NULL;
1638 size_t entropyLength = 0;
1639 readByteArray(data, &entropy, &entropyLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1640 int32_t uid = data.readInt32();
1641 int32_t flags = data.readInt32();
1642 KeyCharacteristics outCharacteristics;
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1643 int32_t ret = generateKey(name, args, entropy, entropyLength, uid, flags,
1644 &outCharacteristics);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1645 reply->writeNoException();
1646 reply->writeInt32(ret);
1647 reply->writeInt32(1);
1648 outCharacteristics.writeToParcel(reply);
1649 return NO_ERROR;
1650 }
1651 case GET_KEY_CHARACTERISTICS: {
1652 CHECK_INTERFACE(IKeystoreService, data, reply);
1653 String16 name = data.readString16();
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1654 std::unique_ptr<keymaster_blob_t> clientId = readKeymasterBlob(data);
1655 std::unique_ptr<keymaster_blob_t> appData = readKeymasterBlob(data);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1656 KeyCharacteristics outCharacteristics;
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1657 int ret = getKeyCharacteristics(name, clientId.get(), appData.get(),
1658 &outCharacteristics);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1659 reply->writeNoException();
1660 reply->writeInt32(ret);
1661 reply->writeInt32(1);
1662 outCharacteristics.writeToParcel(reply);
1663 return NO_ERROR;
1664 }
1665 case IMPORT_KEY: {
1666 CHECK_INTERFACE(IKeystoreService, data, reply);
1667 String16 name = data.readString16();
1668 KeymasterArguments args;
1669 if (data.readInt32() != 0) {
1670 args.readFromParcel(data);
1671 }
1672 keymaster_key_format_t format = static_cast<keymaster_key_format_t>(data.readInt32());
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1673 const uint8_t* keyData = NULL;
1674 size_t keyLength = 0;
1675 readByteArray(data, &keyData, &keyLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1676 int32_t uid = data.readInt32();
1677 int32_t flags = data.readInt32();
1678 KeyCharacteristics outCharacteristics;
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1679 int32_t ret = importKey(name, args, format, keyData, keyLength, uid, flags,
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1680 &outCharacteristics);
1681 reply->writeNoException();
1682 reply->writeInt32(ret);
1683 reply->writeInt32(1);
1684 outCharacteristics.writeToParcel(reply);
1685
1686 return NO_ERROR;
1687 }
1688 case EXPORT_KEY: {
1689 CHECK_INTERFACE(IKeystoreService, data, reply);
1690 String16 name = data.readString16();
1691 keymaster_key_format_t format = static_cast<keymaster_key_format_t>(data.readInt32());
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1692 std::unique_ptr<keymaster_blob_t> clientId = readKeymasterBlob(data);
1693 std::unique_ptr<keymaster_blob_t> appData = readKeymasterBlob(data);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1694 ExportResult result;
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1695 exportKey(name, format, clientId.get(), appData.get(), &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1696 reply->writeNoException();
1697 reply->writeInt32(1);
1698 result.writeToParcel(reply);
1699
1700 return NO_ERROR;
1701 }
1702 case BEGIN: {
1703 CHECK_INTERFACE(IKeystoreService, data, reply);
1704 sp<IBinder> token = data.readStrongBinder();
1705 String16 name = data.readString16();
1706 keymaster_purpose_t purpose = static_cast<keymaster_purpose_t>(data.readInt32());
1707 bool pruneable = data.readInt32() != 0;
1708 KeymasterArguments args;
1709 if (data.readInt32() != 0) {
1710 args.readFromParcel(data);
1711 }
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1712 const uint8_t* entropy = NULL;
1713 size_t entropyLength = 0;
1714 readByteArray(data, &entropy, &entropyLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1715 KeymasterArguments outArgs;
1716 OperationResult result;
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1717 begin(token, name, purpose, pruneable, args, entropy, entropyLength, &outArgs,
1718 &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1719 reply->writeNoException();
1720 reply->writeInt32(1);
1721 result.writeToParcel(reply);
1722 reply->writeInt32(1);
1723 outArgs.writeToParcel(reply);
1724
1725 return NO_ERROR;
1726 }
1727 case UPDATE: {
1728 CHECK_INTERFACE(IKeystoreService, data, reply);
1729 sp<IBinder> token = data.readStrongBinder();
1730 KeymasterArguments args;
1731 if (data.readInt32() != 0) {
1732 args.readFromParcel(data);
1733 }
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1734 const uint8_t* buf = NULL;
1735 size_t bufLength = 0;
1736 readByteArray(data, &buf, &bufLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1737 OperationResult result;
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1738 update(token, args, buf, bufLength, &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1739 reply->writeNoException();
1740 reply->writeInt32(1);
1741 result.writeToParcel(reply);
1742
1743 return NO_ERROR;
1744 }
1745 case FINISH: {
1746 CHECK_INTERFACE(IKeystoreService, data, reply);
1747 sp<IBinder> token = data.readStrongBinder();
1748 KeymasterArguments args;
1749 if (data.readInt32() != 0) {
1750 args.readFromParcel(data);
1751 }
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1752 const uint8_t* buf = NULL;
1753 size_t bufLength = 0;
1754 readByteArray(data, &buf, &bufLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1755 OperationResult result;
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1756 finish(token, args, buf, bufLength, &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1757 reply->writeNoException();
1758 reply->writeInt32(1);
1759 result.writeToParcel(reply);
1760
1761 return NO_ERROR;
1762 }
1763 case ABORT: {
1764 CHECK_INTERFACE(IKeystoreService, data, reply);
1765 sp<IBinder> token = data.readStrongBinder();
1766 int32_t result = abort(token);
1767 reply->writeNoException();
1768 reply->writeInt32(result);
1769
1770 return NO_ERROR;
1771 }
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1772 case IS_OPERATION_AUTHORIZED: {
1773 CHECK_INTERFACE(IKeystoreService, data, reply);
1774 sp<IBinder> token = data.readStrongBinder();
1775 bool result = isOperationAuthorized(token);
1776 reply->writeNoException();
1777 reply->writeInt32(result ? 1 : 0);
1778
1779 return NO_ERROR;
1780 }
1781 case ADD_AUTH_TOKEN: {
1782 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1783 const uint8_t* token_bytes = NULL;
1784 size_t size = 0;
1785 readByteArray(data, &token_bytes, &size);
1786 int32_t result = addAuthToken(token_bytes, size);
1787 reply->writeNoException();
1788 reply->writeInt32(result);
1789
1790 return NO_ERROR;
1791 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1792 default:
1793 return BBinder::onTransact(code, data, reply, flags);
1794 }
1795}
1796
1797// ----------------------------------------------------------------------------
1798
1799}; // namespace android