Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / d29167516f999858a7e2609ab8b290bdd69273a4 / . / keystore / IKeystoreService.cpp
blob: 09a923df218d15fae2941ccfcdb5f32daa33cdad [file] [log] [blame]
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1/*
2**
3** Copyright 2008, The Android Open Source Project
4**
5** Licensed under the Apache License, Version 2.0 (the "License");
6** you may not use this file except in compliance with the License.
7** You may obtain a copy of the License at
8**
9** http://www.apache.org/licenses/LICENSE-2.0
10**
11** Unless required by applicable law or agreed to in writing, software
12** distributed under the License is distributed on an "AS IS" BASIS,
13** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14** See the License for the specific language governing permissions and
15** limitations under the License.
16*/
17
18#include <stdint.h>
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]19#include <sys/limits.h>
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]20#include <sys/types.h>
21
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]22#include <algorithm>
23#include <limits>
24
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]25#define LOG_TAG "KeystoreService"
26#include <utils/Log.h>
27
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]28#include <binder/IPCThreadState.h>
29#include <binder/IServiceManager.h>
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]30#include <binder/Parcel.h>
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]31
32#include <keystore/IKeystoreService.h>
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]33#include <keystore/keystore_hidl_support.h>
34
35#include "keystore_aidl_hidl_marshalling_utils.h"
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]36
37namespace android {
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]38using namespace ::keystore;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]39
Shawn Willden77d71ca2014-11-12 16:45:12 -0700[diff] [blame]40const ssize_t MAX_GENERATE_ARGS = 3;
41
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]42KeystoreArg::KeystoreArg(const void* data, size_t len) : mData(data), mSize(len) {}
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]43
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]44KeystoreArg::~KeystoreArg() {}
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]45
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]46const void* KeystoreArg::data() const {
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]47 return mData;
48}
49
50size_t KeystoreArg::size() const {
51 return mSize;
52}
53
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]54OperationResult::OperationResult() : resultCode(), token(), handle(0), inputConsumed(0), data() {}
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]55
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]56OperationResult::~OperationResult() {}
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]57
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]58status_t OperationResult::readFromParcel(const Parcel* inn) {
59 const Parcel& in = *inn;
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]60 resultCode = ErrorCode(in.readInt32());
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]61 token = in.readStrongBinder();
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]62 handle = static_cast<uint64_t>(in.readInt64());
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]63 inputConsumed = in.readInt32();
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]64 data = readKeymasterBlob(in);
65 outParams = readParamSetFromParcel(in);
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]66 return OK;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]67}
68
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]69status_t OperationResult::writeToParcel(Parcel* out) const {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]70 out->writeInt32(resultCode);
71 out->writeStrongBinder(token);
Chad Brubakerc3a18562015-03-17 18:21:35 -0700[diff] [blame]72 out->writeInt64(handle);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]73 out->writeInt32(inputConsumed);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]74 writeKeymasterBlob(data, out);
75 writeParamSetToParcel(outParams, out);
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]76 return OK;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]77}
78
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]79ExportResult::ExportResult() : resultCode() {}
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]80
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]81ExportResult::~ExportResult() {}
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]82
Bin Chen96d62712016-08-25 14:41:53 +1000[diff] [blame]83status_t ExportResult::readFromParcel(const Parcel* inn) {
84 const Parcel& in = *inn;
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]85 resultCode = ErrorCode(in.readInt32());
86 exportData = readKeymasterBlob(in);
Bin Chen96d62712016-08-25 14:41:53 +1000[diff] [blame]87 return OK;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]88}
89
Bin Chen96d62712016-08-25 14:41:53 +1000[diff] [blame]90status_t ExportResult::writeToParcel(Parcel* out) const {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]91 out->writeInt32(resultCode);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]92 writeKeymasterBlob(exportData, out);
Bin Chen96d62712016-08-25 14:41:53 +1000[diff] [blame]93 return OK;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]94}
95
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]96/**
97 * Read a byte array from in. The data at *data is still owned by the parcel
98 */
99static void readByteArray(const Parcel& in, const uint8_t** data, size_t* length) {
100 ssize_t slength = in.readInt32();
101 if (slength > 0) {
102 *data = reinterpret_cast<const uint8_t*>(in.readInplace(slength));
103 if (*data) {
104 *length = static_cast<size_t>(slength);
105 } else {
106 *length = 0;
107 }
108 } else {
Yi Kongd2916752018-07-26 17:44:27 -0700[diff] [blame^]109 *data = nullptr;
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]110 *length = 0;
111 }
112}
113
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]114class BpKeystoreService : public BpInterface<IKeystoreService> {
115 public:
116 explicit BpKeystoreService(const sp<IBinder>& impl) : BpInterface<IKeystoreService>(impl) {}
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]117
118 // test ping
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]119 KeyStoreServiceReturnCode getState(int32_t userId) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]120 Parcel data, reply;
121 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]122 data.writeInt32(userId);
123 status_t status = remote()->transact(BnKeystoreService::GET_STATE, data, &reply);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]124 if (status != NO_ERROR) {
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]125 ALOGD("getState() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]126 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]127 }
128 int32_t err = reply.readExceptionCode();
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]129 ResponseCode ret = ResponseCode(reply.readInt32());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]130 if (err < 0) {
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]131 ALOGD("getState() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]132 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]133 }
134 return ret;
135 }
136
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]137 KeyStoreServiceReturnCode get(const String16& name, int32_t uid,
138 hidl_vec<uint8_t>* item) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]139 Parcel data, reply;
140 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
141 data.writeString16(name);
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]142 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]143 status_t status = remote()->transact(BnKeystoreService::GET, data, &reply);
144 if (status != NO_ERROR) {
145 ALOGD("get() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]146 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]147 }
148 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]149 if (err < 0) {
150 ALOGD("get() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]151 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]152 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]153 auto resultItem = readBlobAsByteArray(reply);
154 if (item) *item = resultItem.value();
155 return ResponseCode(reply.readInt32());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]156 }
157
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]158 KeyStoreServiceReturnCode insert(const String16& name, const hidl_vec<uint8_t>& item, int uid,
159 int32_t flags) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]160 Parcel data, reply;
161 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
162 data.writeString16(name);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]163 writeBlobAsByteArray(item, &data);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]164 data.writeInt32(uid);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]165 data.writeInt32(flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]166 status_t status = remote()->transact(BnKeystoreService::INSERT, data, &reply);
167 if (status != NO_ERROR) {
168 ALOGD("import() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]169 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]170 }
171 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]172 if (err < 0) {
173 ALOGD("import() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]174 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]175 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]176 return ResponseCode(reply.readInt32());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]177 }
178
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]179 KeyStoreServiceReturnCode del(const String16& name, int uid) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]180 Parcel data, reply;
181 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
182 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]183 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]184 status_t status = remote()->transact(BnKeystoreService::DEL, data, &reply);
185 if (status != NO_ERROR) {
186 ALOGD("del() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]187 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]188 }
189 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]190 if (err < 0) {
191 ALOGD("del() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]192 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]193 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]194 return ResponseCode(reply.readInt32());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]195 }
196
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]197 KeyStoreServiceReturnCode exist(const String16& name, int uid) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]198 Parcel data, reply;
199 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
200 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]201 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]202 status_t status = remote()->transact(BnKeystoreService::EXIST, data, &reply);
203 if (status != NO_ERROR) {
204 ALOGD("exist() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]205 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]206 }
207 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]208 if (err < 0) {
209 ALOGD("exist() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]210 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]211 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]212 return ResponseCode(reply.readInt32());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]213 }
214
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]215 KeyStoreServiceReturnCode list(const String16& prefix, int uid,
216 Vector<String16>* matches) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]217 Parcel data, reply;
218 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]219 data.writeString16(prefix);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]220 data.writeInt32(uid);
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]221 status_t status = remote()->transact(BnKeystoreService::LIST, data, &reply);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]222 if (status != NO_ERROR) {
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]223 ALOGD("list() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]224 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]225 }
226 int32_t err = reply.readExceptionCode();
227 int32_t numMatches = reply.readInt32();
228 for (int32_t i = 0; i < numMatches; i++) {
229 matches->push(reply.readString16());
230 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]231 if (err < 0) {
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]232 ALOGD("list() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]233 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]234 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]235 return ResponseCode(reply.readInt32());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]236 }
237
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]238 KeyStoreServiceReturnCode reset() override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]239 Parcel data, reply;
240 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
241 status_t status = remote()->transact(BnKeystoreService::RESET, data, &reply);
242 if (status != NO_ERROR) {
243 ALOGD("reset() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]244 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]245 }
246 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]247 if (err < 0) {
248 ALOGD("reset() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]249 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]250 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]251 return ResponseCode(reply.readInt32());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]252 }
253
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]254 KeyStoreServiceReturnCode onUserPasswordChanged(int32_t userId,
255 const String16& password) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]256 Parcel data, reply;
257 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubaker96d6d782015-05-07 10:19:40 -0700[diff] [blame]258 data.writeInt32(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]259 data.writeString16(password);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]260 status_t status =
261 remote()->transact(BnKeystoreService::ON_USER_PASSWORD_CHANGED, data, &reply);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]262 if (status != NO_ERROR) {
Chad Brubaker96d6d782015-05-07 10:19:40 -0700[diff] [blame]263 ALOGD("onUserPasswordChanged() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]264 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]265 }
266 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]267 if (err < 0) {
Chad Brubaker96d6d782015-05-07 10:19:40 -0700[diff] [blame]268 ALOGD("onUserPasswordChanged() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]269 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]270 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]271 return ResponseCode(reply.readInt32());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]272 }
273
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]274 KeyStoreServiceReturnCode lock(int32_t userId) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]275 Parcel data, reply;
276 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]277 data.writeInt32(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]278 status_t status = remote()->transact(BnKeystoreService::LOCK, data, &reply);
279 if (status != NO_ERROR) {
280 ALOGD("lock() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]281 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]282 }
283 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]284 if (err < 0) {
285 ALOGD("lock() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]286 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]287 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]288 return ResponseCode(reply.readInt32());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]289 }
290
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]291 KeyStoreServiceReturnCode unlock(int32_t userId, const String16& password) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]292 Parcel data, reply;
293 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubaker96d6d782015-05-07 10:19:40 -0700[diff] [blame]294 data.writeInt32(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]295 data.writeString16(password);
296 status_t status = remote()->transact(BnKeystoreService::UNLOCK, data, &reply);
297 if (status != NO_ERROR) {
298 ALOGD("unlock() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]299 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]300 }
301 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]302 if (err < 0) {
303 ALOGD("unlock() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]304 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]305 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]306 return ResponseCode(reply.readInt32());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]307 }
308
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]309 bool isEmpty(int32_t userId) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]310 Parcel data, reply;
311 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]312 data.writeInt32(userId);
313 status_t status = remote()->transact(BnKeystoreService::IS_EMPTY, data, &reply);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]314 if (status != NO_ERROR) {
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]315 ALOGD("isEmpty() could not contact remote: %d\n", status);
316 return false;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]317 }
318 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]319 if (err < 0) {
Chad Brubakere6c3bfa2015-05-12 15:18:26 -0700[diff] [blame]320 ALOGD("isEmpty() caught exception %d\n", err);
321 return false;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]322 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]323 return reply.readInt32() != 0;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]324 }
325
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]326 KeyStoreServiceReturnCode generate(const String16& name, int32_t uid, int32_t keyType,
327 int32_t keySize, int32_t flags,
328 Vector<sp<KeystoreArg>>* args) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]329 Parcel data, reply;
330 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
331 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]332 data.writeInt32(uid);
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]333 data.writeInt32(keyType);
334 data.writeInt32(keySize);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]335 data.writeInt32(flags);
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]336 data.writeInt32(1);
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]337 data.writeInt32(args->size());
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]338 for (Vector<sp<KeystoreArg>>::iterator it = args->begin(); it != args->end(); ++it) {
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]339 sp<KeystoreArg> item = *it;
340 size_t keyLength = item->size();
341 data.writeInt32(keyLength);
342 void* buf = data.writeInplace(keyLength);
343 memcpy(buf, item->data(), keyLength);
344 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]345 status_t status = remote()->transact(BnKeystoreService::GENERATE, data, &reply);
346 if (status != NO_ERROR) {
347 ALOGD("generate() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]348 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]349 }
350 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]351 if (err < 0) {
352 ALOGD("generate() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]353 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]354 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]355 return ResponseCode(reply.readInt32());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]356 }
357
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]358 KeyStoreServiceReturnCode import(const String16& name, const hidl_vec<uint8_t>& key, int uid,
359 int flags) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]360 Parcel data, reply;
361 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
362 data.writeString16(name);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]363 writeBlobAsByteArray(key, &data);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]364 data.writeInt32(uid);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]365 data.writeInt32(flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]366 status_t status = remote()->transact(BnKeystoreService::IMPORT, data, &reply);
367 if (status != NO_ERROR) {
368 ALOGD("import() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]369 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]370 }
371 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]372 if (err < 0) {
373 ALOGD("import() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]374 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]375 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]376 return ResponseCode(reply.readInt32());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]377 }
378
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]379 KeyStoreServiceReturnCode sign(const String16& name, const hidl_vec<uint8_t>& in,
380 hidl_vec<uint8_t>* out) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]381 Parcel data, reply;
382 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
383 data.writeString16(name);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]384 writeBlobAsByteArray(in, &data);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]385 status_t status = remote()->transact(BnKeystoreService::SIGN, data, &reply);
386 if (status != NO_ERROR) {
387 ALOGD("import() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]388 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]389 }
390 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]391 if (err < 0) {
392 ALOGD("import() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]393 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]394 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]395 auto outBlob = readBlobAsByteArray(reply);
396 if (out) {
397 // don't need to check outBlob.isOk()
398 // if !outBlob.isOk() the wrapped value is default constructed and therefore empty,
399 // as expected.
400 *out = outBlob.value();
401 }
402 return ResponseCode(reply.readInt32());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]403 }
404
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]405 KeyStoreServiceReturnCode verify(const String16& name, const hidl_vec<uint8_t>& in,
406 const hidl_vec<uint8_t>& signature) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]407 Parcel data, reply;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]408
409 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
410 data.writeString16(name);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]411 writeBlobAsByteArray(in, &data);
412 writeBlobAsByteArray(signature, &data);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]413 status_t status = remote()->transact(BnKeystoreService::VERIFY, data, &reply);
414 if (status != NO_ERROR) {
415 ALOGD("verify() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]416 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]417 }
418 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]419 if (err < 0) {
420 ALOGD("verify() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]421 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]422 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]423 return ResponseCode(reply.readInt32());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]424 }
425
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]426 KeyStoreServiceReturnCode get_pubkey(const String16& name, hidl_vec<uint8_t>* pubkey) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]427 Parcel data, reply;
428 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
429 data.writeString16(name);
430 status_t status = remote()->transact(BnKeystoreService::GET_PUBKEY, data, &reply);
431 if (status != NO_ERROR) {
432 ALOGD("get_pubkey() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]433 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]434 }
435 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]436 if (err < 0) {
437 ALOGD("get_pubkey() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]438 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]439 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]440 auto resultKey = readBlobAsByteArray(reply);
441 if (pubkey) *pubkey = resultKey.value();
442 return ResponseCode(reply.readInt32());
443 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]444
Janis Danisevskis32261c82017-06-07 18:03:31 -0700[diff] [blame]445 String16 grant(const String16& name, int32_t granteeUid) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]446 Parcel data, reply;
447 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
448 data.writeString16(name);
449 data.writeInt32(granteeUid);
450 status_t status = remote()->transact(BnKeystoreService::GRANT, data, &reply);
451 if (status != NO_ERROR) {
452 ALOGD("grant() could not contact remote: %d\n", status);
Janis Danisevskis32261c82017-06-07 18:03:31 -0700[diff] [blame]453 return String16();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]454 }
455 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]456 if (err < 0) {
457 ALOGD("grant() caught exception %d\n", err);
Janis Danisevskis32261c82017-06-07 18:03:31 -0700[diff] [blame]458 return String16();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]459 }
Janis Danisevskis32261c82017-06-07 18:03:31 -0700[diff] [blame]460 return reply.readString16();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]461 }
462
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]463 KeyStoreServiceReturnCode ungrant(const String16& name, int32_t granteeUid) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]464 Parcel data, reply;
465 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
466 data.writeString16(name);
467 data.writeInt32(granteeUid);
468 status_t status = remote()->transact(BnKeystoreService::UNGRANT, data, &reply);
469 if (status != NO_ERROR) {
470 ALOGD("ungrant() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]471 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]472 }
473 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]474 if (err < 0) {
475 ALOGD("ungrant() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]476 return ResponseCode::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]477 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]478 return ResponseCode(reply.readInt32());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]479 }
480
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]481 int64_t getmtime(const String16& name, int32_t uid) override {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]482 Parcel data, reply;
483 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
484 data.writeString16(name);
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]485 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]486 status_t status = remote()->transact(BnKeystoreService::GETMTIME, data, &reply);
487 if (status != NO_ERROR) {
488 ALOGD("getmtime() could not contact remote: %d\n", status);
489 return -1;
490 }
491 int32_t err = reply.readExceptionCode();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]492 if (err < 0) {
493 ALOGD("getmtime() caught exception %d\n", err);
494 return -1;
495 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]496 return reply.readInt64();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]497 }
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]498
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]499 KeyStoreServiceReturnCode duplicate(const String16& srcKey, int32_t srcUid,
500 const String16& destKey, int32_t destUid) override {
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]501 Parcel data, reply;
502 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]503 data.writeString16(srcKey);
504 data.writeInt32(srcUid);
505 data.writeString16(destKey);
506 data.writeInt32(destUid);
507 status_t status = remote()->transact(BnKeystoreService::DUPLICATE, data, &reply);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]508 if (status != NO_ERROR) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]509 ALOGD("duplicate() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]510 return ResponseCode::SYSTEM_ERROR;
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]511 }
512 int32_t err = reply.readExceptionCode();
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]513 if (err < 0) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]514 ALOGD("duplicate() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]515 return ResponseCode::SYSTEM_ERROR;
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]516 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]517 return ResponseCode(reply.readInt32());
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]518 }
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]519
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]520 int32_t is_hardware_backed(const String16& keyType) override {
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]521 Parcel data, reply;
522 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]523 data.writeString16(keyType);
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]524 status_t status = remote()->transact(BnKeystoreService::IS_HARDWARE_BACKED, data, &reply);
525 if (status != NO_ERROR) {
526 ALOGD("is_hardware_backed() could not contact remote: %d\n", status);
527 return -1;
528 }
529 int32_t err = reply.readExceptionCode();
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]530 if (err < 0) {
531 ALOGD("is_hardware_backed() caught exception %d\n", err);
532 return -1;
533 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]534 return reply.readInt32();
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]535 }
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]536
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]537 KeyStoreServiceReturnCode clear_uid(int64_t uid) override {
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]538 Parcel data, reply;
539 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
540 data.writeInt64(uid);
541 status_t status = remote()->transact(BnKeystoreService::CLEAR_UID, data, &reply);
542 if (status != NO_ERROR) {
543 ALOGD("clear_uid() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]544 return ResponseCode::SYSTEM_ERROR;
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]545 }
546 int32_t err = reply.readExceptionCode();
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]547 if (err < 0) {
548 ALOGD("clear_uid() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]549 return ResponseCode::SYSTEM_ERROR;
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]550 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]551 return ResponseCode(reply.readInt32());
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]552 }
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]553
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]554 KeyStoreServiceReturnCode addRngEntropy(const hidl_vec<uint8_t>& entropy) override {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]555 Parcel data, reply;
556 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]557 writeBlobAsByteArray(entropy, &data);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]558 status_t status = remote()->transact(BnKeystoreService::ADD_RNG_ENTROPY, data, &reply);
559 if (status != NO_ERROR) {
560 ALOGD("addRngEntropy() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]561 return ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]562 }
563 int32_t err = reply.readExceptionCode();
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]564 if (err < 0) {
565 ALOGD("addRngEntropy() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]566 return ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]567 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]568 return ResponseCode(reply.readInt32());
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]569 };
570
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]571 KeyStoreServiceReturnCode generateKey(const String16& name,
572 const hidl_vec<KeyParameter>& params,
573 const hidl_vec<uint8_t>& entropy, int uid, int flags,
574 KeyCharacteristics* outCharacteristics) override {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]575 Parcel data, reply;
576 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
577 data.writeString16(name);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]578 nullable(writeParamSetToParcel, params, &data);
579 writeBlobAsByteArray(entropy, &data);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]580 data.writeInt32(uid);
581 data.writeInt32(flags);
582 status_t status = remote()->transact(BnKeystoreService::GENERATE_KEY, data, &reply);
583 if (status != NO_ERROR) {
584 ALOGD("generateKey() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]585 return ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]586 }
587 int32_t err = reply.readExceptionCode();
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]588 ResponseCode ret = ResponseCode(reply.readInt32());
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]589 if (err < 0) {
590 ALOGD("generateKey() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]591 return ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]592 }
Bin Chen863f16f2016-08-25 15:13:51 +1000[diff] [blame]593 if (outCharacteristics) {
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]594 *outCharacteristics = nullable(readKeyCharacteristicsFromParcel, reply).value();
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]595 }
596 return ret;
597 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]598 KeyStoreServiceReturnCode
599 getKeyCharacteristics(const String16& name, const hidl_vec<uint8_t>& clientId,
600 const hidl_vec<uint8_t>& appData, int32_t uid,
601 KeyCharacteristics* outCharacteristics) override {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]602 Parcel data, reply;
603 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
604 data.writeString16(name);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]605 writeBlobAsByteArray(clientId, &data);
606 writeBlobAsByteArray(appData, &data);
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]607 data.writeInt32(uid);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]608 status_t status =
609 remote()->transact(BnKeystoreService::GET_KEY_CHARACTERISTICS, data, &reply);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]610 if (status != NO_ERROR) {
611 ALOGD("getKeyCharacteristics() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]612 return ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]613 }
614 int32_t err = reply.readExceptionCode();
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]615 ResponseCode ret = ResponseCode(reply.readInt32());
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]616 if (err < 0) {
617 ALOGD("getKeyCharacteristics() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]618 return ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]619 }
Bin Chen863f16f2016-08-25 15:13:51 +1000[diff] [blame]620 if (outCharacteristics) {
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]621 *outCharacteristics = nullable(readKeyCharacteristicsFromParcel, reply).value();
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]622 }
623 return ret;
624 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]625 KeyStoreServiceReturnCode importKey(const String16& name, const hidl_vec<KeyParameter>& params,
626 KeyFormat format, const hidl_vec<uint8_t>& keyData, int uid,
627 int flags,
628 KeyCharacteristics* outCharacteristics) override {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]629 Parcel data, reply;
630 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
631 data.writeString16(name);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]632 nullable(writeParamSetToParcel, params, &data);
633 data.writeInt32(uint32_t(format));
634 writeBlobAsByteArray(keyData, &data);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]635 data.writeInt32(uid);
636 data.writeInt32(flags);
637 status_t status = remote()->transact(BnKeystoreService::IMPORT_KEY, data, &reply);
638 if (status != NO_ERROR) {
639 ALOGD("importKey() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]640 return ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]641 }
642 int32_t err = reply.readExceptionCode();
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]643 ResponseCode ret = ResponseCode(reply.readInt32());
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]644 if (err < 0) {
645 ALOGD("importKey() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]646 return ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]647 }
Bin Chen863f16f2016-08-25 15:13:51 +1000[diff] [blame]648 if (outCharacteristics) {
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]649 *outCharacteristics = nullable(readKeyCharacteristicsFromParcel, reply).value();
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]650 }
651 return ret;
652 }
653
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]654 void exportKey(const String16& name, KeyFormat format, const hidl_vec<uint8_t>& clientId,
655 const hidl_vec<uint8_t>& appData, int32_t uid, ExportResult* result) override {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]656 if (!result) {
657 return;
658 }
659
660 Parcel data, reply;
661 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
662 data.writeString16(name);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]663 data.writeInt32(int32_t(format));
664 writeBlobAsByteArray(clientId, &data);
665 writeBlobAsByteArray(appData, &data);
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]666 data.writeInt32(uid);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]667 status_t status = remote()->transact(BnKeystoreService::EXPORT_KEY, data, &reply);
668 if (status != NO_ERROR) {
669 ALOGD("exportKey() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]670 result->resultCode = ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]671 return;
672 }
673 int32_t err = reply.readExceptionCode();
674 if (err < 0) {
675 ALOGD("exportKey() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]676 result->resultCode = ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]677 return;
678 }
Bin Chen96d62712016-08-25 14:41:53 +1000[diff] [blame]679
680 reply.readParcelable(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]681 }
682
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]683 void begin(const sp<IBinder>& appToken, const String16& name, KeyPurpose purpose,
684 bool pruneable, const hidl_vec<KeyParameter>& params,
685 const hidl_vec<uint8_t>& entropy, int32_t uid, OperationResult* result) override {
Chad Brubaker57e106d2015-06-01 12:59:00 -0700[diff] [blame]686 if (!result) {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]687 return;
688 }
689 Parcel data, reply;
690 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
691 data.writeStrongBinder(appToken);
692 data.writeString16(name);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]693 data.writeInt32(int32_t(purpose));
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]694 data.writeInt32(pruneable ? 1 : 0);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]695 nullable(writeParamSetToParcel, params, &data);
696 writeBlobAsByteArray(entropy, &data);
Chad Brubakerad6a7f52015-09-09 14:55:22 -0700[diff] [blame]697 data.writeInt32(uid);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]698 status_t status = remote()->transact(BnKeystoreService::BEGIN, data, &reply);
699 if (status != NO_ERROR) {
700 ALOGD("begin() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]701 result->resultCode = ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]702 return;
703 }
704 int32_t err = reply.readExceptionCode();
705 if (err < 0) {
706 ALOGD("begin() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]707 result->resultCode = ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]708 return;
709 }
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]710
711 reply.readParcelable(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]712 }
713
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]714 void update(const sp<IBinder>& token, const hidl_vec<KeyParameter>& params,
715 const hidl_vec<uint8_t>& opData, OperationResult* result) override {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]716 if (!result) {
717 return;
718 }
719 Parcel data, reply;
720 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
721 data.writeStrongBinder(token);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]722 nullable(writeParamSetToParcel, params, &data);
723 writeBlobAsByteArray(opData, &data);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]724 status_t status = remote()->transact(BnKeystoreService::UPDATE, data, &reply);
725 if (status != NO_ERROR) {
726 ALOGD("update() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]727 result->resultCode = ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]728 return;
729 }
730 int32_t err = reply.readExceptionCode();
731 if (err < 0) {
732 ALOGD("update() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]733 result->resultCode = ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]734 return;
735 }
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]736
737 reply.readParcelable(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]738 }
739
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]740 void finish(const sp<IBinder>& token, const hidl_vec<KeyParameter>& params,
741 const hidl_vec<uint8_t>& signature, const hidl_vec<uint8_t>& entropy,
742 OperationResult* result) override {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]743 if (!result) {
744 return;
745 }
746 Parcel data, reply;
747 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
748 data.writeStrongBinder(token);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]749 nullable(writeParamSetToParcel, params, &data);
750 writeBlobAsByteArray(signature, &data);
751 writeBlobAsByteArray(entropy, &data);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]752 status_t status = remote()->transact(BnKeystoreService::FINISH, data, &reply);
753 if (status != NO_ERROR) {
754 ALOGD("finish() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]755 result->resultCode = ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]756 return;
757 }
758 int32_t err = reply.readExceptionCode();
759 if (err < 0) {
760 ALOGD("finish() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]761 result->resultCode = ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]762 return;
763 }
Bin Chen9ec92702016-08-25 14:25:05 +1000[diff] [blame]764
765 reply.readParcelable(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]766 }
767
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]768 KeyStoreServiceReturnCode abort(const sp<IBinder>& token) override {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]769 Parcel data, reply;
770 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
771 data.writeStrongBinder(token);
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]772 status_t status = remote()->transact(BnKeystoreService::ABORT, data, &reply);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]773 if (status != NO_ERROR) {
774 ALOGD("abort() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]775 return ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]776 }
777 int32_t err = reply.readExceptionCode();
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]778 if (err < 0) {
779 ALOGD("abort() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]780 return ResponseCode::SYSTEM_ERROR;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]781 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]782 return ResponseCode(reply.readInt32());
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]783 }
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]784
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]785 bool isOperationAuthorized(const sp<IBinder>& token) override {
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]786 Parcel data, reply;
787 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
788 data.writeStrongBinder(token);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]789 status_t status =
790 remote()->transact(BnKeystoreService::IS_OPERATION_AUTHORIZED, data, &reply);
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]791 if (status != NO_ERROR) {
792 ALOGD("isOperationAuthorized() could not contact remote: %d\n", status);
793 return false;
794 }
795 int32_t err = reply.readExceptionCode();
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]796 if (err < 0) {
797 ALOGD("isOperationAuthorized() caught exception %d\n", err);
798 return false;
799 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]800 return reply.readInt32() == 1;
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]801 }
802
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]803 KeyStoreServiceReturnCode addAuthToken(const uint8_t* token, size_t length) override {
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]804 Parcel data, reply;
805 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
806 data.writeByteArray(length, token);
807 status_t status = remote()->transact(BnKeystoreService::ADD_AUTH_TOKEN, data, &reply);
808 if (status != NO_ERROR) {
809 ALOGD("addAuthToken() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]810 return ResponseCode::SYSTEM_ERROR;
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]811 }
812 int32_t err = reply.readExceptionCode();
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]813 if (err < 0) {
814 ALOGD("addAuthToken() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]815 return ResponseCode::SYSTEM_ERROR;
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]816 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]817 return ResponseCode(reply.readInt32());
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]818 };
Chad Brubakerc0f031a2015-05-12 10:43:10 -0700[diff] [blame]819
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]820 KeyStoreServiceReturnCode onUserAdded(int32_t userId, int32_t parentId) override {
Chad Brubakerc0f031a2015-05-12 10:43:10 -0700[diff] [blame]821 Parcel data, reply;
822 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
823 data.writeInt32(userId);
824 data.writeInt32(parentId);
825 status_t status = remote()->transact(BnKeystoreService::ON_USER_ADDED, data, &reply);
826 if (status != NO_ERROR) {
827 ALOGD("onUserAdded() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]828 return ResponseCode::SYSTEM_ERROR;
Chad Brubakerc0f031a2015-05-12 10:43:10 -0700[diff] [blame]829 }
830 int32_t err = reply.readExceptionCode();
Chad Brubakerc0f031a2015-05-12 10:43:10 -0700[diff] [blame]831 if (err < 0) {
832 ALOGD("onUserAdded() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]833 return ResponseCode::SYSTEM_ERROR;
Chad Brubakerc0f031a2015-05-12 10:43:10 -0700[diff] [blame]834 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]835 return ResponseCode(reply.readInt32());
Chad Brubakerc0f031a2015-05-12 10:43:10 -0700[diff] [blame]836 }
837
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]838 KeyStoreServiceReturnCode onUserRemoved(int32_t userId) override {
Chad Brubakerc0f031a2015-05-12 10:43:10 -0700[diff] [blame]839 Parcel data, reply;
840 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
841 data.writeInt32(userId);
842 status_t status = remote()->transact(BnKeystoreService::ON_USER_REMOVED, data, &reply);
843 if (status != NO_ERROR) {
844 ALOGD("onUserRemoved() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]845 return ResponseCode::SYSTEM_ERROR;
Chad Brubakerc0f031a2015-05-12 10:43:10 -0700[diff] [blame]846 }
847 int32_t err = reply.readExceptionCode();
Chad Brubakerc0f031a2015-05-12 10:43:10 -0700[diff] [blame]848 if (err < 0) {
849 ALOGD("onUserRemoved() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]850 return ResponseCode::SYSTEM_ERROR;
Chad Brubakerc0f031a2015-05-12 10:43:10 -0700[diff] [blame]851 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]852 return ResponseCode(reply.readInt32());
Chad Brubakerc0f031a2015-05-12 10:43:10 -0700[diff] [blame]853 }
854
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]855 KeyStoreServiceReturnCode attestKey(const String16& name, const hidl_vec<KeyParameter>& params,
856 hidl_vec<hidl_vec<uint8_t>>* outChain) override {
857 if (!outChain) return ErrorCode::OUTPUT_PARAMETER_NULL;
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]858
859 Parcel data, reply;
860 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
861 data.writeString16(name);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]862 nullable(writeParamSetToParcel, params, &data);
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]863
864 status_t status = remote()->transact(BnKeystoreService::ATTEST_KEY, data, &reply);
865 if (status != NO_ERROR) {
866 ALOGD("attestkey() count not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]867 return ResponseCode::SYSTEM_ERROR;
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]868 }
869 int32_t err = reply.readExceptionCode();
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]870 ResponseCode ret = ResponseCode(reply.readInt32());
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]871 if (err < 0) {
872 ALOGD("attestKey() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]873 return ResponseCode::SYSTEM_ERROR;
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]874 }
875 if (reply.readInt32() != 0) {
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]876 *outChain = readCertificateChainFromParcel(reply);
Shawn Willden50eb1b22016-01-21 12:41:23 -0700[diff] [blame]877 }
878 return ret;
879 }
880
Bartosz Fabianowski5aa93e02017-04-24 13:54:49 +0200[diff] [blame]881 KeyStoreServiceReturnCode attestDeviceIds(const hidl_vec<KeyParameter>& params,
882 hidl_vec<hidl_vec<uint8_t>>* outChain) override {
883 if (!outChain) return ErrorCode::OUTPUT_PARAMETER_NULL;
884
885 Parcel data, reply;
886 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
887 nullable(writeParamSetToParcel, params, &data);
888
889 status_t status = remote()->transact(BnKeystoreService::ATTEST_DEVICE_IDS, data, &reply);
890 if (status != NO_ERROR) {
891 ALOGD("attestDeviceIds() count not contact remote: %d\n", status);
892 return ResponseCode::SYSTEM_ERROR;
893 }
894 int32_t err = reply.readExceptionCode();
895 ResponseCode ret = ResponseCode(reply.readInt32());
896 if (err < 0) {
897 ALOGD("attestDeviceIds() caught exception %d\n", err);
898 return ResponseCode::SYSTEM_ERROR;
899 }
900 if (reply.readInt32() != 0) {
901 *outChain = readCertificateChainFromParcel(reply);
902 }
903 return ret;
904 }
905
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]906 KeyStoreServiceReturnCode onDeviceOffBody() override {
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]907 Parcel data, reply;
908 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
909 status_t status = remote()->transact(BnKeystoreService::ON_DEVICE_OFF_BODY, data, &reply);
910 if (status != NO_ERROR) {
911 ALOGD("onDeviceOffBody() could not contact remote: %d\n", status);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]912 return ResponseCode::SYSTEM_ERROR;
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]913 }
914 int32_t err = reply.readExceptionCode();
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]915 if (err < 0) {
916 ALOGD("onDeviceOffBody() caught exception %d\n", err);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]917 return ResponseCode::SYSTEM_ERROR;
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]918 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]919 return ResponseCode(reply.readInt32());
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]920 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]921};
922
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]923IMPLEMENT_META_INTERFACE(KeystoreService, "android.security.IKeystoreService");
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]924
925// ----------------------------------------------------------------------
926
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]927status_t BnKeystoreService::onTransact(uint32_t code, const Parcel& data, Parcel* reply,
928 uint32_t flags) {
929 switch (code) {
930 case GET_STATE: {
931 CHECK_INTERFACE(IKeystoreService, data, reply);
932 int32_t userId = data.readInt32();
933 int32_t ret = getState(userId);
934 reply->writeNoException();
935 reply->writeInt32(ret);
936 return NO_ERROR;
937 } break;
938 case GET: {
939 CHECK_INTERFACE(IKeystoreService, data, reply);
940 String16 name = data.readString16();
941 int32_t uid = data.readInt32();
942 hidl_vec<uint8_t> out;
943 auto ret = get(name, uid, &out);
944 reply->writeNoException();
945 if (ret.isOk()) {
946 writeBlobAsByteArray(out, reply);
947 } else {
948 reply->writeInt32(-1);
949 }
950 reply->writeInt32(ret);
951 return NO_ERROR;
952 } break;
953 case INSERT: {
954 CHECK_INTERFACE(IKeystoreService, data, reply);
955 String16 name = data.readString16();
956 auto in = readBlobAsByteArray(data);
957 int uid = data.readInt32();
958 int32_t flags = data.readInt32();
959 int32_t ret = insert(name, in.value(), uid, flags);
960 reply->writeNoException();
961 reply->writeInt32(ret);
962 return NO_ERROR;
963 } break;
964 case DEL: {
965 CHECK_INTERFACE(IKeystoreService, data, reply);
966 String16 name = data.readString16();
967 int uid = data.readInt32();
968 int32_t ret = del(name, uid);
969 reply->writeNoException();
970 reply->writeInt32(ret);
971 return NO_ERROR;
972 } break;
973 case EXIST: {
974 CHECK_INTERFACE(IKeystoreService, data, reply);
975 String16 name = data.readString16();
976 int uid = data.readInt32();
977 int32_t ret = exist(name, uid);
978 reply->writeNoException();
979 reply->writeInt32(ret);
980 return NO_ERROR;
981 } break;
982 case LIST: {
983 CHECK_INTERFACE(IKeystoreService, data, reply);
984 String16 prefix = data.readString16();
985 int uid = data.readInt32();
986 Vector<String16> matches;
987 int32_t ret = list(prefix, uid, &matches);
988 reply->writeNoException();
989 reply->writeInt32(matches.size());
990 Vector<String16>::const_iterator it = matches.begin();
991 for (; it != matches.end(); ++it) {
992 reply->writeString16(*it);
993 }
994 reply->writeInt32(ret);
995 return NO_ERROR;
996 } break;
997 case RESET: {
998 CHECK_INTERFACE(IKeystoreService, data, reply);
999 int32_t ret = reset();
1000 reply->writeNoException();
1001 reply->writeInt32(ret);
1002 return NO_ERROR;
1003 } break;
1004 case ON_USER_PASSWORD_CHANGED: {
1005 CHECK_INTERFACE(IKeystoreService, data, reply);
1006 int32_t userId = data.readInt32();
1007 String16 pass = data.readString16();
1008 int32_t ret = onUserPasswordChanged(userId, pass);
1009 reply->writeNoException();
1010 reply->writeInt32(ret);
1011 return NO_ERROR;
1012 } break;
1013 case LOCK: {
1014 CHECK_INTERFACE(IKeystoreService, data, reply);
1015 int32_t userId = data.readInt32();
1016 int32_t ret = lock(userId);
1017 reply->writeNoException();
1018 reply->writeInt32(ret);
1019 return NO_ERROR;
1020 } break;
1021 case UNLOCK: {
1022 CHECK_INTERFACE(IKeystoreService, data, reply);
1023 int32_t userId = data.readInt32();
1024 String16 pass = data.readString16();
1025 int32_t ret = unlock(userId, pass);
1026 reply->writeNoException();
1027 reply->writeInt32(ret);
1028 return NO_ERROR;
1029 } break;
1030 case IS_EMPTY: {
1031 CHECK_INTERFACE(IKeystoreService, data, reply);
1032 int32_t userId = data.readInt32();
1033 bool ret = isEmpty(userId);
1034 reply->writeNoException();
1035 reply->writeInt32(ret ? 1 : 0);
1036 return NO_ERROR;
1037 } break;
1038 case GENERATE: {
1039 CHECK_INTERFACE(IKeystoreService, data, reply);
1040 String16 name = data.readString16();
1041 int32_t uid = data.readInt32();
1042 int32_t keyType = data.readInt32();
1043 int32_t keySize = data.readInt32();
1044 int32_t flags = data.readInt32();
1045 Vector<sp<KeystoreArg>> args;
1046 int32_t argsPresent = data.readInt32();
1047 if (argsPresent == 1) {
1048 ssize_t numArgs = data.readInt32();
1049 if (numArgs > MAX_GENERATE_ARGS) {
1050 return BAD_VALUE;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1051 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1052 if (numArgs > 0) {
1053 for (size_t i = 0; i < (size_t)numArgs; i++) {
1054 ssize_t inSize = data.readInt32();
1055 if (inSize >= 0 && (size_t)inSize <= data.dataAvail()) {
1056 sp<KeystoreArg> arg = new KeystoreArg(data.readInplace(inSize), inSize);
1057 args.push_back(arg);
1058 } else {
Yi Kongd2916752018-07-26 17:44:27 -0700[diff] [blame^]1059 args.push_back(nullptr);
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1060 }
1061 }
1062 }
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]1063 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1064 int32_t ret = generate(name, uid, keyType, keySize, flags, &args);
1065 reply->writeNoException();
1066 reply->writeInt32(ret);
1067 return NO_ERROR;
1068 } break;
1069 case IMPORT: {
1070 CHECK_INTERFACE(IKeystoreService, data, reply);
1071 String16 name = data.readString16();
1072 auto in = readBlobAsByteArray(data);
1073 int uid = data.readInt32();
1074 int32_t flags = data.readInt32();
1075 auto ret = import(name, in.value(), uid, flags);
1076 reply->writeNoException();
1077 reply->writeInt32(ret);
1078 return NO_ERROR;
1079 } break;
1080 case SIGN: {
1081 CHECK_INTERFACE(IKeystoreService, data, reply);
1082 String16 name = data.readString16();
1083 auto in = readBlobAsByteArray(data);
1084 hidl_vec<uint8_t> out;
1085 auto ret = sign(name, in.value(), &out);
1086 reply->writeNoException();
1087 writeBlobAsByteArray(out, reply);
1088 reply->writeInt32(ret);
1089 return NO_ERROR;
1090 } break;
1091 case VERIFY: {
1092 CHECK_INTERFACE(IKeystoreService, data, reply);
1093 String16 name = data.readString16();
1094 auto in = readBlobAsByteArray(data);
1095 auto signature = readBlobAsByteArray(data);
1096 auto ret = verify(name, in.value(), signature.value());
1097 reply->writeNoException();
1098 reply->writeInt32(ret);
1099 return NO_ERROR;
1100 } break;
1101 case GET_PUBKEY: {
1102 CHECK_INTERFACE(IKeystoreService, data, reply);
1103 String16 name = data.readString16();
1104 hidl_vec<uint8_t> out;
1105 auto ret = get_pubkey(name, &out);
1106 reply->writeNoException();
1107 writeBlobAsByteArray(out, reply);
1108 reply->writeInt32(ret);
1109 return NO_ERROR;
1110 } break;
1111 case GRANT: {
1112 CHECK_INTERFACE(IKeystoreService, data, reply);
1113 String16 name = data.readString16();
1114 int32_t granteeUid = data.readInt32();
Janis Danisevskis32261c82017-06-07 18:03:31 -0700[diff] [blame]1115 String16 ret = grant(name, granteeUid);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1116 reply->writeNoException();
Janis Danisevskis32261c82017-06-07 18:03:31 -0700[diff] [blame]1117 reply->writeString16(ret);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1118 return NO_ERROR;
1119 } break;
1120 case UNGRANT: {
1121 CHECK_INTERFACE(IKeystoreService, data, reply);
1122 String16 name = data.readString16();
1123 int32_t granteeUid = data.readInt32();
1124 int32_t ret = ungrant(name, granteeUid);
1125 reply->writeNoException();
1126 reply->writeInt32(ret);
1127 return NO_ERROR;
1128 } break;
1129 case GETMTIME: {
1130 CHECK_INTERFACE(IKeystoreService, data, reply);
1131 String16 name = data.readString16();
1132 int32_t uid = data.readInt32();
1133 int64_t ret = getmtime(name, uid);
1134 reply->writeNoException();
1135 reply->writeInt64(ret);
1136 return NO_ERROR;
1137 } break;
1138 case DUPLICATE: {
1139 CHECK_INTERFACE(IKeystoreService, data, reply);
1140 String16 srcKey = data.readString16();
1141 int32_t srcUid = data.readInt32();
1142 String16 destKey = data.readString16();
1143 int32_t destUid = data.readInt32();
1144 int32_t ret = duplicate(srcKey, srcUid, destKey, destUid);
1145 reply->writeNoException();
1146 reply->writeInt32(ret);
1147 return NO_ERROR;
1148 } break;
1149 case IS_HARDWARE_BACKED: {
1150 CHECK_INTERFACE(IKeystoreService, data, reply);
1151 String16 keyType = data.readString16();
1152 int32_t ret = is_hardware_backed(keyType);
1153 reply->writeNoException();
1154 reply->writeInt32(ret);
1155 return NO_ERROR;
1156 }
1157 case CLEAR_UID: {
1158 CHECK_INTERFACE(IKeystoreService, data, reply);
1159 int64_t uid = data.readInt64();
1160 int32_t ret = clear_uid(uid);
1161 reply->writeNoException();
1162 reply->writeInt32(ret);
1163 return NO_ERROR;
1164 }
1165 case ADD_RNG_ENTROPY: {
1166 CHECK_INTERFACE(IKeystoreService, data, reply);
1167 auto entropy = readBlobAsByteArray(data);
1168 auto ret = addRngEntropy(entropy.value());
1169 reply->writeNoException();
1170 reply->writeInt32(ret);
1171 return NO_ERROR;
1172 }
1173 case GENERATE_KEY: {
1174 CHECK_INTERFACE(IKeystoreService, data, reply);
1175 String16 name = data.readString16();
1176 auto params = nullable(readParamSetFromParcel, data);
1177 auto entropy = readBlobAsByteArray(data);
1178 int32_t uid = data.readInt32();
1179 int32_t flags = data.readInt32();
1180 KeyCharacteristics outCharacteristics;
1181 int32_t ret =
1182 generateKey(name, params.value(), entropy.value(), uid, flags, &outCharacteristics);
1183 reply->writeNoException();
1184 reply->writeInt32(ret);
1185 nullable(writeKeyCharacteristicsToParcel, outCharacteristics, reply);
1186 return NO_ERROR;
1187 }
1188 case GET_KEY_CHARACTERISTICS: {
1189 CHECK_INTERFACE(IKeystoreService, data, reply);
1190 String16 name = data.readString16();
1191 auto clientId = nullable(readKeymasterBlob, data, true);
1192 auto appData = nullable(readKeymasterBlob, data, true);
1193 int32_t uid = data.readInt32();
1194 KeyCharacteristics outCharacteristics;
1195 int ret = getKeyCharacteristics(name, clientId.value(), appData.value(), uid,
1196 &outCharacteristics);
1197 reply->writeNoException();
1198 reply->writeInt32(ret);
1199 nullable(writeKeyCharacteristicsToParcel, outCharacteristics, reply);
1200 return NO_ERROR;
1201 }
1202 case IMPORT_KEY: {
1203 CHECK_INTERFACE(IKeystoreService, data, reply);
1204 String16 name = data.readString16();
1205 auto args = nullable(readParamSetFromParcel, data);
1206 KeyFormat format = static_cast<KeyFormat>(data.readInt32());
1207 auto keyData = readBlobAsByteArray(data);
1208 int32_t uid = data.readInt32();
1209 int32_t flags = data.readInt32();
1210 KeyCharacteristics outCharacteristics;
1211 int32_t ret =
1212 importKey(name, args.value(), format, keyData.value(), uid, flags, &outCharacteristics);
1213 reply->writeNoException();
1214 reply->writeInt32(ret);
1215 nullable(writeKeyCharacteristicsToParcel, outCharacteristics, reply);
1216 return NO_ERROR;
1217 }
1218 case EXPORT_KEY: {
1219 CHECK_INTERFACE(IKeystoreService, data, reply);
1220 String16 name = data.readString16();
1221 KeyFormat format = static_cast<KeyFormat>(data.readInt32());
1222 auto clientId = nullable(readKeymasterBlob, data, true);
1223 auto appData = nullable(readKeymasterBlob, data, true);
1224 int32_t uid = data.readInt32();
1225 ExportResult result;
1226 exportKey(name, format, clientId.value(), appData.value(), uid, &result);
1227 reply->writeNoException();
1228 reply->writeParcelable(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1229
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1230 return NO_ERROR;
1231 }
1232 case BEGIN: {
1233 CHECK_INTERFACE(IKeystoreService, data, reply);
1234 sp<IBinder> token = data.readStrongBinder();
1235 String16 name = data.readString16();
1236 KeyPurpose purpose = static_cast<KeyPurpose>(data.readInt32());
1237 bool pruneable = data.readInt32() != 0;
1238 auto args = nullable(readParamSetFromParcel, data);
1239 auto entropy = readBlobAsByteArray(data);
1240 int32_t uid = data.readInt32();
1241 OperationResult result;
1242 begin(token, name, purpose, pruneable, args.value(), entropy.value(), uid, &result);
1243 reply->writeNoException();
1244 reply->writeParcelable(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1245
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1246 return NO_ERROR;
1247 }
1248 case UPDATE: {
1249 CHECK_INTERFACE(IKeystoreService, data, reply);
1250 sp<IBinder> token = data.readStrongBinder();
1251 auto args = nullable(readParamSetFromParcel, data);
1252 auto buf = readBlobAsByteArray(data);
1253 OperationResult result;
1254 update(token, args.value(), buf.value(), &result);
1255 reply->writeNoException();
1256 reply->writeParcelable(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1257
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1258 return NO_ERROR;
1259 }
1260 case FINISH: {
1261 CHECK_INTERFACE(IKeystoreService, data, reply);
1262 sp<IBinder> token = data.readStrongBinder();
1263 auto args = nullable(readParamSetFromParcel, data);
1264 auto signature = readBlobAsByteArray(data);
1265 auto entropy = readBlobAsByteArray(data);
1266 OperationResult result;
1267 finish(token, args.value(), signature.value(), entropy.value(), &result);
1268 reply->writeNoException();
1269 reply->writeParcelable(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1270
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1271 return NO_ERROR;
1272 }
1273 case ABORT: {
1274 CHECK_INTERFACE(IKeystoreService, data, reply);
1275 sp<IBinder> token = data.readStrongBinder();
1276 int32_t result = abort(token);
1277 reply->writeNoException();
1278 reply->writeInt32(result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1279
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1280 return NO_ERROR;
1281 }
1282 case IS_OPERATION_AUTHORIZED: {
1283 CHECK_INTERFACE(IKeystoreService, data, reply);
1284 sp<IBinder> token = data.readStrongBinder();
1285 bool result = isOperationAuthorized(token);
1286 reply->writeNoException();
1287 reply->writeInt32(result ? 1 : 0);
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1288
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1289 return NO_ERROR;
1290 }
1291 case ADD_AUTH_TOKEN: {
1292 CHECK_INTERFACE(IKeystoreService, data, reply);
Yi Kongd2916752018-07-26 17:44:27 -0700[diff] [blame^]1293 const uint8_t* token_bytes = nullptr;
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1294 size_t size = 0;
1295 readByteArray(data, &token_bytes, &size);
1296 int32_t result = addAuthToken(token_bytes, size);
1297 reply->writeNoException();
1298 reply->writeInt32(result);
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1299
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1300 return NO_ERROR;
1301 }
1302 case ON_USER_ADDED: {
1303 CHECK_INTERFACE(IKeystoreService, data, reply);
1304 int32_t userId = data.readInt32();
1305 int32_t parentId = data.readInt32();
1306 int32_t result = onUserAdded(userId, parentId);
1307 reply->writeNoException();
1308 reply->writeInt32(result);
Chad Brubakerc0f031a2015-05-12 10:43:10 -0700[diff] [blame]1309
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1310 return NO_ERROR;
1311 }
1312 case ON_USER_REMOVED: {
1313 CHECK_INTERFACE(IKeystoreService, data, reply);
1314 int32_t userId = data.readInt32();
1315 int32_t result = onUserRemoved(userId);
1316 reply->writeNoException();
1317 reply->writeInt32(result);
Chad Brubakerc0f031a2015-05-12 10:43:10 -0700[diff] [blame]1318
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1319 return NO_ERROR;
1320 }
1321 case ATTEST_KEY: {
1322 CHECK_INTERFACE(IKeystoreService, data, reply);
1323 String16 name = data.readString16();
1324 auto params = nullable(readParamSetFromParcel, data);
1325 hidl_vec<hidl_vec<uint8_t>> chain;
1326 int ret = attestKey(name, params.value(), &chain);
1327 reply->writeNoException();
1328 reply->writeInt32(ret);
1329 nullable(writeCertificateChainToParcel, chain, reply);
Shawn Willden3976b6c2016-02-06 20:31:15 -0700[diff] [blame]1330
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1331 return NO_ERROR;
1332 }
Bartosz Fabianowski5aa93e02017-04-24 13:54:49 +0200[diff] [blame]1333
1334 case ATTEST_DEVICE_IDS: {
1335 CHECK_INTERFACE(IKeystoreService, data, reply);
1336 auto params = nullable(readParamSetFromParcel, data);
1337 hidl_vec<hidl_vec<uint8_t>> chain;
1338 int ret = attestDeviceIds(params.value(), &chain);
1339 reply->writeNoException();
1340 reply->writeInt32(ret);
1341 nullable(writeCertificateChainToParcel, chain, reply);
1342
1343 return NO_ERROR;
1344 }
1345
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1346 case ON_DEVICE_OFF_BODY: {
1347 CHECK_INTERFACE(IKeystoreService, data, reply);
1348 int32_t ret = onDeviceOffBody();
1349 reply->writeNoException();
1350 reply->writeInt32(ret);
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]1351
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1352 return NO_ERROR;
1353 }
1354 default:
1355 return BBinder::onTransact(code, data, reply, flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1356 }
1357}
1358
1359// ----------------------------------------------------------------------------
1360
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]1361}; // namespace android