Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / fd777e7111ce01c672706867302db08371e5afce / . / keystore / IKeystoreService.cpp
blob: 3d1a7b11e3e93864e6866dc0f2911482deecb65b [file] [log] [blame]
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1/*
2**
3** Copyright 2008, The Android Open Source Project
4**
5** Licensed under the Apache License, Version 2.0 (the "License");
6** you may not use this file except in compliance with the License.
7** You may obtain a copy of the License at
8**
9** http://www.apache.org/licenses/LICENSE-2.0
10**
11** Unless required by applicable law or agreed to in writing, software
12** distributed under the License is distributed on an "AS IS" BASIS,
13** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14** See the License for the specific language governing permissions and
15** limitations under the License.
16*/
17
18#include <stdint.h>
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]19#include <sys/limits.h>
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]20#include <sys/types.h>
21
22#define LOG_TAG "KeystoreService"
23#include <utils/Log.h>
24
25#include <binder/Parcel.h>
26#include <binder/IPCThreadState.h>
27#include <binder/IServiceManager.h>
28
29#include <keystore/IKeystoreService.h>
30
31namespace android {
32
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]33static keymaster_key_param_t* readParamList(const Parcel& in, size_t* length);
34
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]35KeystoreArg::KeystoreArg(const void* data, size_t len)
36 : mData(data), mSize(len) {
37}
38
39KeystoreArg::~KeystoreArg() {
40}
41
42const void *KeystoreArg::data() const {
43 return mData;
44}
45
46size_t KeystoreArg::size() const {
47 return mSize;
48}
49
Chad Brubakerc3a18562015-03-17 18:21:35 -0700[diff] [blame]50OperationResult::OperationResult() : resultCode(0), token(), handle(0), inputConsumed(0),
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]51 data(NULL), dataLength(0) {
52}
53
54OperationResult::~OperationResult() {
55}
56
57void OperationResult::readFromParcel(const Parcel& in) {
58 resultCode = in.readInt32();
59 token = in.readStrongBinder();
Chad Brubakerc3a18562015-03-17 18:21:35 -0700[diff] [blame]60 handle = static_cast<keymaster_operation_handle_t>(in.readInt64());
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]61 inputConsumed = in.readInt32();
62 ssize_t length = in.readInt32();
63 dataLength = 0;
64 if (length > 0) {
65 const void* buf = in.readInplace(length);
66 if (buf) {
67 data.reset(reinterpret_cast<uint8_t*>(malloc(length)));
68 if (data.get()) {
69 memcpy(data.get(), buf, length);
70 dataLength = (size_t) length;
71 } else {
72 ALOGE("Failed to allocate OperationResult buffer");
73 }
74 } else {
75 ALOGE("Failed to readInplace OperationResult data");
76 }
77 }
78}
79
80void OperationResult::writeToParcel(Parcel* out) const {
81 out->writeInt32(resultCode);
82 out->writeStrongBinder(token);
Chad Brubakerc3a18562015-03-17 18:21:35 -0700[diff] [blame]83 out->writeInt64(handle);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]84 out->writeInt32(inputConsumed);
85 out->writeInt32(dataLength);
86 if (dataLength && data) {
87 void* buf = out->writeInplace(dataLength);
88 if (buf) {
89 memcpy(buf, data.get(), dataLength);
90 } else {
91 ALOGE("Failed to writeInplace OperationResult data.");
92 }
93 }
94}
95
96ExportResult::ExportResult() : resultCode(0), exportData(NULL), dataLength(0) {
97}
98
99ExportResult::~ExportResult() {
100}
101
102void ExportResult::readFromParcel(const Parcel& in) {
103 resultCode = in.readInt32();
104 ssize_t length = in.readInt32();
105 dataLength = 0;
106 if (length > 0) {
107 const void* buf = in.readInplace(length);
108 if (buf) {
109 exportData.reset(reinterpret_cast<uint8_t*>(malloc(length)));
110 if (exportData.get()) {
111 memcpy(exportData.get(), buf, length);
112 dataLength = (size_t) length;
113 } else {
114 ALOGE("Failed to allocate ExportData buffer");
115 }
116 } else {
117 ALOGE("Failed to readInplace ExportData data");
118 }
119 }
120}
121
122void ExportResult::writeToParcel(Parcel* out) const {
123 out->writeInt32(resultCode);
124 out->writeInt32(dataLength);
125 if (exportData && dataLength) {
126 void* buf = out->writeInplace(dataLength);
127 if (buf) {
128 memcpy(buf, exportData.get(), dataLength);
129 } else {
130 ALOGE("Failed to writeInplace ExportResult data.");
131 }
132 }
133}
134
135KeymasterArguments::KeymasterArguments() {
136}
137
138KeymasterArguments::~KeymasterArguments() {
139 keymaster_free_param_values(params.data(), params.size());
140}
141
142void KeymasterArguments::readFromParcel(const Parcel& in) {
143 ssize_t length = in.readInt32();
144 size_t ulength = (size_t) length;
145 if (length < 0) {
146 ulength = 0;
147 }
148 keymaster_free_param_values(params.data(), params.size());
149 params.clear();
150 for(size_t i = 0; i < ulength; i++) {
151 keymaster_key_param_t param;
152 if (!readKeymasterArgumentFromParcel(in, &param)) {
153 ALOGE("Error reading keymaster argument from parcel");
154 break;
155 }
156 params.push_back(param);
157 }
158}
159
160void KeymasterArguments::writeToParcel(Parcel* out) const {
161 out->writeInt32(params.size());
162 for (auto param : params) {
163 out->writeInt32(1);
164 writeKeymasterArgumentToParcel(param, out);
165 }
166}
167
168KeyCharacteristics::KeyCharacteristics() {
169 memset((void*) &characteristics, 0, sizeof(characteristics));
170}
171
172KeyCharacteristics::~KeyCharacteristics() {
173 keymaster_free_characteristics(&characteristics);
174}
175
176void KeyCharacteristics::readFromParcel(const Parcel& in) {
177 size_t length = 0;
178 keymaster_key_param_t* params = readParamList(in, &length);
179 characteristics.sw_enforced.params = params;
180 characteristics.sw_enforced.length = length;
181
182 params = readParamList(in, &length);
183 characteristics.hw_enforced.params = params;
184 characteristics.hw_enforced.length = length;
185}
186
187void KeyCharacteristics::writeToParcel(Parcel* out) const {
188 if (characteristics.sw_enforced.params) {
189 out->writeInt32(characteristics.sw_enforced.length);
190 for (size_t i = 0; i < characteristics.sw_enforced.length; i++) {
191 out->writeInt32(1);
192 writeKeymasterArgumentToParcel(characteristics.sw_enforced.params[i], out);
193 }
194 } else {
195 out->writeInt32(0);
196 }
197 if (characteristics.hw_enforced.params) {
198 out->writeInt32(characteristics.hw_enforced.length);
199 for (size_t i = 0; i < characteristics.hw_enforced.length; i++) {
200 out->writeInt32(1);
201 writeKeymasterArgumentToParcel(characteristics.hw_enforced.params[i], out);
202 }
203 } else {
204 out->writeInt32(0);
205 }
206}
207
208void writeKeymasterArgumentToParcel(const keymaster_key_param_t& param, Parcel* out) {
209 switch (keymaster_tag_get_type(param.tag)) {
210 case KM_ENUM:
211 case KM_ENUM_REP: {
212 out->writeInt32(param.tag);
213 out->writeInt32(param.enumerated);
214 break;
215 }
216 case KM_INT:
217 case KM_INT_REP: {
218 out->writeInt32(param.tag);
219 out->writeInt32(param.integer);
220 break;
221 }
Chad Brubaker686db062015-04-16 14:21:10 -0700[diff] [blame]222 case KM_LONG:
223 case KM_LONG_REP: {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]224 out->writeInt32(param.tag);
225 out->writeInt64(param.long_integer);
226 break;
227 }
228 case KM_DATE: {
229 out->writeInt32(param.tag);
230 out->writeInt64(param.date_time);
231 break;
232 }
233 case KM_BOOL: {
234 out->writeInt32(param.tag);
235 break;
236 }
237 case KM_BIGNUM:
238 case KM_BYTES: {
239 out->writeInt32(param.tag);
240 out->writeInt32(param.blob.data_length);
241 void* buf = out->writeInplace(param.blob.data_length);
242 if (buf) {
243 memcpy(buf, param.blob.data, param.blob.data_length);
244 } else {
245 ALOGE("Failed to writeInplace keymaster blob param");
246 }
247 break;
248 }
249 default: {
250 ALOGE("Failed to write argument: Unsupported keymaster_tag_t %d", param.tag);
251 }
252 }
253}
254
255
256bool readKeymasterArgumentFromParcel(const Parcel& in, keymaster_key_param_t* out) {
257 if (in.readInt32() == 0) {
258 return false;
259 }
260 keymaster_tag_t tag = static_cast<keymaster_tag_t>(in.readInt32());
261 switch (keymaster_tag_get_type(tag)) {
262 case KM_ENUM:
263 case KM_ENUM_REP: {
264 uint32_t value = in.readInt32();
265 *out = keymaster_param_enum(tag, value);
266 break;
267 }
268 case KM_INT:
269 case KM_INT_REP: {
270 uint32_t value = in.readInt32();
271 *out = keymaster_param_int(tag, value);
272 break;
273 }
Chad Brubaker686db062015-04-16 14:21:10 -0700[diff] [blame]274 case KM_LONG:
275 case KM_LONG_REP: {
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]276 uint64_t value = in.readInt64();
277 *out = keymaster_param_long(tag, value);
278 break;
279 }
280 case KM_DATE: {
281 uint64_t value = in.readInt64();
282 *out = keymaster_param_date(tag, value);
283 break;
284 }
285 case KM_BOOL: {
286 *out = keymaster_param_bool(tag);
287 break;
288 }
289 case KM_BIGNUM:
290 case KM_BYTES: {
291 ssize_t length = in.readInt32();
292 uint8_t* data = NULL;
293 size_t ulength = 0;
294 if (length >= 0) {
295 ulength = (size_t) length;
296 // use malloc here so we can use keymaster_free_param_values
297 // consistently.
298 data = reinterpret_cast<uint8_t*>(malloc(ulength));
299 const void* buf = in.readInplace(ulength);
300 if (!buf || !data) {
301 ALOGE("Failed to allocate buffer for keymaster blob param");
302 return false;
303 }
304 memcpy(data, buf, ulength);
305 }
306 *out = keymaster_param_blob(tag, data, ulength);
307 break;
308 }
309 default: {
310 ALOGE("Unsupported keymaster_tag_t %d", tag);
311 return false;
312 }
313 }
314 return true;
315}
316
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]317/**
318 * Read a byte array from in. The data at *data is still owned by the parcel
319 */
320static void readByteArray(const Parcel& in, const uint8_t** data, size_t* length) {
321 ssize_t slength = in.readInt32();
322 if (slength > 0) {
323 *data = reinterpret_cast<const uint8_t*>(in.readInplace(slength));
324 if (*data) {
325 *length = static_cast<size_t>(slength);
326 } else {
327 *length = 0;
328 }
329 } else {
330 *data = NULL;
331 *length = 0;
332 }
333}
334
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]335// Read a keymaster_key_param_t* from a Parcel for use in a
336// keymaster_key_characteristics_t. This will be free'd by calling
337// keymaster_free_key_characteristics.
338static keymaster_key_param_t* readParamList(const Parcel& in, size_t* length) {
339 ssize_t slength = in.readInt32();
340 *length = 0;
341 if (slength < 0) {
342 return NULL;
343 }
344 *length = (size_t) slength;
345 if (*length >= UINT_MAX / sizeof(keymaster_key_param_t)) {
346 return NULL;
347 }
348 keymaster_key_param_t* list =
349 reinterpret_cast<keymaster_key_param_t*>(malloc(*length *
350 sizeof(keymaster_key_param_t)));
351 if (!list) {
352 ALOGD("Failed to allocate buffer for generateKey outCharacteristics");
353 goto err;
354 }
355 for (size_t i = 0; i < *length ; i++) {
356 if (!readKeymasterArgumentFromParcel(in, &list[i])) {
357 ALOGE("Failed to read keymaster argument");
358 keymaster_free_param_values(list, i);
359 goto err;
360 }
361 }
362 return list;
363err:
364 free(list);
365 return NULL;
366}
367
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]368static std::unique_ptr<keymaster_blob_t> readKeymasterBlob(const Parcel& in) {
369 std::unique_ptr<keymaster_blob_t> blob;
370 if (in.readInt32() != 1) {
371 blob.reset(NULL);
372 return blob;
373 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]374 ssize_t length = in.readInt32();
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]375 blob.reset(new keymaster_blob_t);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]376 if (length > 0) {
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]377 blob->data = reinterpret_cast<const uint8_t*>(in.readInplace(length));
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]378 if (blob->data) {
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]379 blob->data_length = static_cast<size_t>(length);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]380 } else {
381 blob->data_length = 0;
382 }
383 } else {
384 blob->data = NULL;
385 blob->data_length = 0;
386 }
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]387 return blob;
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]388}
389
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]390class BpKeystoreService: public BpInterface<IKeystoreService>
391{
392public:
393 BpKeystoreService(const sp<IBinder>& impl)
394 : BpInterface<IKeystoreService>(impl)
395 {
396 }
397
398 // test ping
399 virtual int32_t test()
400 {
401 Parcel data, reply;
402 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
403 status_t status = remote()->transact(BnKeystoreService::TEST, data, &reply);
404 if (status != NO_ERROR) {
405 ALOGD("test() could not contact remote: %d\n", status);
406 return -1;
407 }
408 int32_t err = reply.readExceptionCode();
409 int32_t ret = reply.readInt32();
410 if (err < 0) {
411 ALOGD("test() caught exception %d\n", err);
412 return -1;
413 }
414 return ret;
415 }
416
417 virtual int32_t get(const String16& name, uint8_t** item, size_t* itemLength)
418 {
419 Parcel data, reply;
420 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
421 data.writeString16(name);
422 status_t status = remote()->transact(BnKeystoreService::GET, data, &reply);
423 if (status != NO_ERROR) {
424 ALOGD("get() could not contact remote: %d\n", status);
425 return -1;
426 }
427 int32_t err = reply.readExceptionCode();
428 ssize_t len = reply.readInt32();
429 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
430 size_t ulen = (size_t) len;
431 const void* buf = reply.readInplace(ulen);
432 *item = (uint8_t*) malloc(ulen);
433 if (*item != NULL) {
434 memcpy(*item, buf, ulen);
435 *itemLength = ulen;
436 } else {
437 ALOGE("out of memory allocating output array in get");
438 *itemLength = 0;
439 }
440 } else {
441 *itemLength = 0;
442 }
443 if (err < 0) {
444 ALOGD("get() caught exception %d\n", err);
445 return -1;
446 }
447 return 0;
448 }
449
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]450 virtual int32_t insert(const String16& name, const uint8_t* item, size_t itemLength, int uid,
451 int32_t flags)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]452 {
453 Parcel data, reply;
454 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
455 data.writeString16(name);
456 data.writeInt32(itemLength);
457 void* buf = data.writeInplace(itemLength);
458 memcpy(buf, item, itemLength);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]459 data.writeInt32(uid);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]460 data.writeInt32(flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]461 status_t status = remote()->transact(BnKeystoreService::INSERT, data, &reply);
462 if (status != NO_ERROR) {
463 ALOGD("import() could not contact remote: %d\n", status);
464 return -1;
465 }
466 int32_t err = reply.readExceptionCode();
467 int32_t ret = reply.readInt32();
468 if (err < 0) {
469 ALOGD("import() caught exception %d\n", err);
470 return -1;
471 }
472 return ret;
473 }
474
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]475 virtual int32_t del(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]476 {
477 Parcel data, reply;
478 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
479 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]480 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]481 status_t status = remote()->transact(BnKeystoreService::DEL, data, &reply);
482 if (status != NO_ERROR) {
483 ALOGD("del() could not contact remote: %d\n", status);
484 return -1;
485 }
486 int32_t err = reply.readExceptionCode();
487 int32_t ret = reply.readInt32();
488 if (err < 0) {
489 ALOGD("del() caught exception %d\n", err);
490 return -1;
491 }
492 return ret;
493 }
494
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]495 virtual int32_t exist(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]496 {
497 Parcel data, reply;
498 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
499 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]500 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]501 status_t status = remote()->transact(BnKeystoreService::EXIST, data, &reply);
502 if (status != NO_ERROR) {
503 ALOGD("exist() could not contact remote: %d\n", status);
504 return -1;
505 }
506 int32_t err = reply.readExceptionCode();
507 int32_t ret = reply.readInt32();
508 if (err < 0) {
509 ALOGD("exist() caught exception %d\n", err);
510 return -1;
511 }
512 return ret;
513 }
514
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]515 virtual int32_t saw(const String16& name, int uid, Vector<String16>* matches)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]516 {
517 Parcel data, reply;
518 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
519 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]520 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]521 status_t status = remote()->transact(BnKeystoreService::SAW, data, &reply);
522 if (status != NO_ERROR) {
523 ALOGD("saw() could not contact remote: %d\n", status);
524 return -1;
525 }
526 int32_t err = reply.readExceptionCode();
527 int32_t numMatches = reply.readInt32();
528 for (int32_t i = 0; i < numMatches; i++) {
529 matches->push(reply.readString16());
530 }
531 int32_t ret = reply.readInt32();
532 if (err < 0) {
533 ALOGD("saw() caught exception %d\n", err);
534 return -1;
535 }
536 return ret;
537 }
538
539 virtual int32_t reset()
540 {
541 Parcel data, reply;
542 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
543 status_t status = remote()->transact(BnKeystoreService::RESET, data, &reply);
544 if (status != NO_ERROR) {
545 ALOGD("reset() could not contact remote: %d\n", status);
546 return -1;
547 }
548 int32_t err = reply.readExceptionCode();
549 int32_t ret = reply.readInt32();
550 if (err < 0) {
551 ALOGD("reset() caught exception %d\n", err);
552 return -1;
553 }
554 return ret;
555 }
556
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]557 virtual int32_t onUserPasswordChanged(int32_t userId, const String16& password)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]558 {
559 Parcel data, reply;
560 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]561 data.writeInt32(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]562 data.writeString16(password);
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]563 status_t status = remote()->transact(BnKeystoreService::ON_USER_PASSWORD_CHANGED, data,
564 &reply);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]565 if (status != NO_ERROR) {
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]566 ALOGD("onUserPasswordChanged() could not contact remote: %d\n", status);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]567 return -1;
568 }
569 int32_t err = reply.readExceptionCode();
570 int32_t ret = reply.readInt32();
571 if (err < 0) {
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]572 ALOGD("onUserPasswordChanged() caught exception %d\n", err);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]573 return -1;
574 }
575 return ret;
576 }
577
578 virtual int32_t lock()
579 {
580 Parcel data, reply;
581 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
582 status_t status = remote()->transact(BnKeystoreService::LOCK, data, &reply);
583 if (status != NO_ERROR) {
584 ALOGD("lock() could not contact remote: %d\n", status);
585 return -1;
586 }
587 int32_t err = reply.readExceptionCode();
588 int32_t ret = reply.readInt32();
589 if (err < 0) {
590 ALOGD("lock() caught exception %d\n", err);
591 return -1;
592 }
593 return ret;
594 }
595
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]596 virtual int32_t unlock(int32_t userId, const String16& password)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]597 {
598 Parcel data, reply;
599 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]600 data.writeInt32(userId);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]601 data.writeString16(password);
602 status_t status = remote()->transact(BnKeystoreService::UNLOCK, data, &reply);
603 if (status != NO_ERROR) {
604 ALOGD("unlock() could not contact remote: %d\n", status);
605 return -1;
606 }
607 int32_t err = reply.readExceptionCode();
608 int32_t ret = reply.readInt32();
609 if (err < 0) {
610 ALOGD("unlock() caught exception %d\n", err);
611 return -1;
612 }
613 return ret;
614 }
615
616 virtual int32_t zero()
617 {
618 Parcel data, reply;
619 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
620 status_t status = remote()->transact(BnKeystoreService::ZERO, data, &reply);
621 if (status != NO_ERROR) {
622 ALOGD("zero() could not contact remote: %d\n", status);
623 return -1;
624 }
625 int32_t err = reply.readExceptionCode();
626 int32_t ret = reply.readInt32();
627 if (err < 0) {
628 ALOGD("zero() caught exception %d\n", err);
629 return -1;
630 }
631 return ret;
632 }
633
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]634 virtual int32_t generate(const String16& name, int32_t uid, int32_t keyType, int32_t keySize,
635 int32_t flags, Vector<sp<KeystoreArg> >* args)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]636 {
637 Parcel data, reply;
638 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
639 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]640 data.writeInt32(uid);
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]641 data.writeInt32(keyType);
642 data.writeInt32(keySize);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]643 data.writeInt32(flags);
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]644 data.writeInt32(1);
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]645 data.writeInt32(args->size());
646 for (Vector<sp<KeystoreArg> >::iterator it = args->begin(); it != args->end(); ++it) {
647 sp<KeystoreArg> item = *it;
648 size_t keyLength = item->size();
649 data.writeInt32(keyLength);
650 void* buf = data.writeInplace(keyLength);
651 memcpy(buf, item->data(), keyLength);
652 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]653 status_t status = remote()->transact(BnKeystoreService::GENERATE, data, &reply);
654 if (status != NO_ERROR) {
655 ALOGD("generate() could not contact remote: %d\n", status);
656 return -1;
657 }
658 int32_t err = reply.readExceptionCode();
659 int32_t ret = reply.readInt32();
660 if (err < 0) {
661 ALOGD("generate() caught exception %d\n", err);
662 return -1;
663 }
664 return ret;
665 }
666
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]667 virtual int32_t import(const String16& name, const uint8_t* key, size_t keyLength, int uid,
668 int flags)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]669 {
670 Parcel data, reply;
671 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
672 data.writeString16(name);
673 data.writeInt32(keyLength);
674 void* buf = data.writeInplace(keyLength);
675 memcpy(buf, key, keyLength);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]676 data.writeInt32(uid);
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]677 data.writeInt32(flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]678 status_t status = remote()->transact(BnKeystoreService::IMPORT, data, &reply);
679 if (status != NO_ERROR) {
680 ALOGD("import() could not contact remote: %d\n", status);
681 return -1;
682 }
683 int32_t err = reply.readExceptionCode();
684 int32_t ret = reply.readInt32();
685 if (err < 0) {
686 ALOGD("import() caught exception %d\n", err);
687 return -1;
688 }
689 return ret;
690 }
691
692 virtual int32_t sign(const String16& name, const uint8_t* in, size_t inLength, uint8_t** out,
693 size_t* outLength)
694 {
695 Parcel data, reply;
696 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
697 data.writeString16(name);
698 data.writeInt32(inLength);
699 void* buf = data.writeInplace(inLength);
700 memcpy(buf, in, inLength);
701 status_t status = remote()->transact(BnKeystoreService::SIGN, data, &reply);
702 if (status != NO_ERROR) {
703 ALOGD("import() could not contact remote: %d\n", status);
704 return -1;
705 }
706 int32_t err = reply.readExceptionCode();
707 ssize_t len = reply.readInt32();
708 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
709 size_t ulen = (size_t) len;
710 const void* outBuf = reply.readInplace(ulen);
711 *out = (uint8_t*) malloc(ulen);
712 if (*out != NULL) {
713 memcpy((void*) *out, outBuf, ulen);
714 *outLength = ulen;
715 } else {
716 ALOGE("out of memory allocating output array in sign");
717 *outLength = 0;
718 }
719 } else {
720 *outLength = 0;
721 }
722 if (err < 0) {
723 ALOGD("import() caught exception %d\n", err);
724 return -1;
725 }
726 return 0;
727 }
728
729 virtual int32_t verify(const String16& name, const uint8_t* in, size_t inLength,
730 const uint8_t* signature, size_t signatureLength)
731 {
732 Parcel data, reply;
733 void* buf;
734
735 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
736 data.writeString16(name);
737 data.writeInt32(inLength);
738 buf = data.writeInplace(inLength);
739 memcpy(buf, in, inLength);
740 data.writeInt32(signatureLength);
741 buf = data.writeInplace(signatureLength);
742 memcpy(buf, signature, signatureLength);
743 status_t status = remote()->transact(BnKeystoreService::VERIFY, data, &reply);
744 if (status != NO_ERROR) {
745 ALOGD("verify() could not contact remote: %d\n", status);
746 return -1;
747 }
748 int32_t err = reply.readExceptionCode();
749 int32_t ret = reply.readInt32();
750 if (err < 0) {
751 ALOGD("verify() caught exception %d\n", err);
752 return -1;
753 }
754 return ret;
755 }
756
757 virtual int32_t get_pubkey(const String16& name, uint8_t** pubkey, size_t* pubkeyLength)
758 {
759 Parcel data, reply;
760 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
761 data.writeString16(name);
762 status_t status = remote()->transact(BnKeystoreService::GET_PUBKEY, data, &reply);
763 if (status != NO_ERROR) {
764 ALOGD("get_pubkey() could not contact remote: %d\n", status);
765 return -1;
766 }
767 int32_t err = reply.readExceptionCode();
768 ssize_t len = reply.readInt32();
769 if (len >= 0 && (size_t) len <= reply.dataAvail()) {
770 size_t ulen = (size_t) len;
771 const void* buf = reply.readInplace(ulen);
772 *pubkey = (uint8_t*) malloc(ulen);
773 if (*pubkey != NULL) {
774 memcpy(*pubkey, buf, ulen);
775 *pubkeyLength = ulen;
776 } else {
777 ALOGE("out of memory allocating output array in get_pubkey");
778 *pubkeyLength = 0;
779 }
780 } else {
781 *pubkeyLength = 0;
782 }
783 if (err < 0) {
784 ALOGD("get_pubkey() caught exception %d\n", err);
785 return -1;
786 }
787 return 0;
788 }
789
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]790 virtual int32_t del_key(const String16& name, int uid)
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]791 {
792 Parcel data, reply;
793 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
794 data.writeString16(name);
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]795 data.writeInt32(uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]796 status_t status = remote()->transact(BnKeystoreService::DEL_KEY, data, &reply);
797 if (status != NO_ERROR) {
798 ALOGD("del_key() could not contact remote: %d\n", status);
799 return -1;
800 }
801 int32_t err = reply.readExceptionCode();
802 int32_t ret = reply.readInt32();
803 if (err < 0) {
804 ALOGD("del_key() caught exception %d\n", err);
805 return -1;
806 }
807 return ret;
808 }
809
810 virtual int32_t grant(const String16& name, int32_t granteeUid)
811 {
812 Parcel data, reply;
813 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
814 data.writeString16(name);
815 data.writeInt32(granteeUid);
816 status_t status = remote()->transact(BnKeystoreService::GRANT, data, &reply);
817 if (status != NO_ERROR) {
818 ALOGD("grant() could not contact remote: %d\n", status);
819 return -1;
820 }
821 int32_t err = reply.readExceptionCode();
822 int32_t ret = reply.readInt32();
823 if (err < 0) {
824 ALOGD("grant() caught exception %d\n", err);
825 return -1;
826 }
827 return ret;
828 }
829
830 virtual int32_t ungrant(const String16& name, int32_t granteeUid)
831 {
832 Parcel data, reply;
833 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
834 data.writeString16(name);
835 data.writeInt32(granteeUid);
836 status_t status = remote()->transact(BnKeystoreService::UNGRANT, data, &reply);
837 if (status != NO_ERROR) {
838 ALOGD("ungrant() could not contact remote: %d\n", status);
839 return -1;
840 }
841 int32_t err = reply.readExceptionCode();
842 int32_t ret = reply.readInt32();
843 if (err < 0) {
844 ALOGD("ungrant() caught exception %d\n", err);
845 return -1;
846 }
847 return ret;
848 }
849
850 int64_t getmtime(const String16& name)
851 {
852 Parcel data, reply;
853 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
854 data.writeString16(name);
855 status_t status = remote()->transact(BnKeystoreService::GETMTIME, data, &reply);
856 if (status != NO_ERROR) {
857 ALOGD("getmtime() could not contact remote: %d\n", status);
858 return -1;
859 }
860 int32_t err = reply.readExceptionCode();
861 int64_t ret = reply.readInt64();
862 if (err < 0) {
863 ALOGD("getmtime() caught exception %d\n", err);
864 return -1;
865 }
866 return ret;
867 }
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]868
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]869 virtual int32_t duplicate(const String16& srcKey, int32_t srcUid, const String16& destKey,
870 int32_t destUid)
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]871 {
872 Parcel data, reply;
873 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]874 data.writeString16(srcKey);
875 data.writeInt32(srcUid);
876 data.writeString16(destKey);
877 data.writeInt32(destUid);
878 status_t status = remote()->transact(BnKeystoreService::DUPLICATE, data, &reply);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]879 if (status != NO_ERROR) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]880 ALOGD("duplicate() could not contact remote: %d\n", status);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]881 return -1;
882 }
883 int32_t err = reply.readExceptionCode();
884 int32_t ret = reply.readInt32();
885 if (err < 0) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]886 ALOGD("duplicate() caught exception %d\n", err);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]887 return -1;
888 }
889 return ret;
890 }
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]891
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]892 virtual int32_t is_hardware_backed(const String16& keyType)
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]893 {
894 Parcel data, reply;
895 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]896 data.writeString16(keyType);
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]897 status_t status = remote()->transact(BnKeystoreService::IS_HARDWARE_BACKED, data, &reply);
898 if (status != NO_ERROR) {
899 ALOGD("is_hardware_backed() could not contact remote: %d\n", status);
900 return -1;
901 }
902 int32_t err = reply.readExceptionCode();
903 int32_t ret = reply.readInt32();
904 if (err < 0) {
905 ALOGD("is_hardware_backed() caught exception %d\n", err);
906 return -1;
907 }
908 return ret;
909 }
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]910
911 virtual int32_t clear_uid(int64_t uid)
912 {
913 Parcel data, reply;
914 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
915 data.writeInt64(uid);
916 status_t status = remote()->transact(BnKeystoreService::CLEAR_UID, data, &reply);
917 if (status != NO_ERROR) {
918 ALOGD("clear_uid() could not contact remote: %d\n", status);
919 return -1;
920 }
921 int32_t err = reply.readExceptionCode();
922 int32_t ret = reply.readInt32();
923 if (err < 0) {
924 ALOGD("clear_uid() caught exception %d\n", err);
925 return -1;
926 }
927 return ret;
928 }
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]929
930 virtual int32_t reset_uid(int32_t uid) {
931 Parcel data, reply;
932 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
933 data.writeInt32(uid);
934 status_t status = remote()->transact(BnKeystoreService::RESET_UID, data, &reply);
935 if (status != NO_ERROR) {
936 ALOGD("reset_uid() could not contact remote: %d\n", status);
937 return -1;
938 }
939 int32_t err = reply.readExceptionCode();
940 int32_t ret = reply.readInt32();
941 if (err < 0) {
942 ALOGD("reset_uid() caught exception %d\n", err);
943 return -1;
944 }
945 return ret;
946
947 }
948
949 virtual int32_t sync_uid(int32_t sourceUid, int32_t targetUid)
950 {
951 Parcel data, reply;
952 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
953 data.writeInt32(sourceUid);
954 data.writeInt32(targetUid);
955 status_t status = remote()->transact(BnKeystoreService::SYNC_UID, data, &reply);
956 if (status != NO_ERROR) {
957 ALOGD("sync_uid() could not contact remote: %d\n", status);
958 return -1;
959 }
960 int32_t err = reply.readExceptionCode();
961 int32_t ret = reply.readInt32();
962 if (err < 0) {
963 ALOGD("sync_uid() caught exception %d\n", err);
964 return -1;
965 }
966 return ret;
967 }
968
969 virtual int32_t password_uid(const String16& password, int32_t uid)
970 {
971 Parcel data, reply;
972 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
973 data.writeString16(password);
974 data.writeInt32(uid);
975 status_t status = remote()->transact(BnKeystoreService::PASSWORD_UID, data, &reply);
976 if (status != NO_ERROR) {
977 ALOGD("password_uid() could not contact remote: %d\n", status);
978 return -1;
979 }
980 int32_t err = reply.readExceptionCode();
981 int32_t ret = reply.readInt32();
982 if (err < 0) {
983 ALOGD("password_uid() caught exception %d\n", err);
984 return -1;
985 }
986 return ret;
987 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]988 virtual int32_t addRngEntropy(const uint8_t* buf, size_t bufLength)
989 {
990 Parcel data, reply;
991 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]992 data.writeByteArray(bufLength, buf);
993 status_t status = remote()->transact(BnKeystoreService::ADD_RNG_ENTROPY, data, &reply);
994 if (status != NO_ERROR) {
995 ALOGD("addRngEntropy() could not contact remote: %d\n", status);
996 return -1;
997 }
998 int32_t err = reply.readExceptionCode();
999 int32_t ret = reply.readInt32();
1000 if (err < 0) {
1001 ALOGD("addRngEntropy() caught exception %d\n", err);
1002 return -1;
1003 }
1004 return ret;
1005 };
1006
1007 virtual int32_t generateKey(const String16& name, const KeymasterArguments& params,
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1008 const uint8_t* entropy, size_t entropyLength, int uid, int flags,
1009 KeyCharacteristics* outCharacteristics)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1010 {
1011 Parcel data, reply;
1012 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1013 data.writeString16(name);
1014 data.writeInt32(1);
1015 params.writeToParcel(&data);
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1016 data.writeByteArray(entropyLength, entropy);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1017 data.writeInt32(uid);
1018 data.writeInt32(flags);
1019 status_t status = remote()->transact(BnKeystoreService::GENERATE_KEY, data, &reply);
1020 if (status != NO_ERROR) {
1021 ALOGD("generateKey() could not contact remote: %d\n", status);
1022 return KM_ERROR_UNKNOWN_ERROR;
1023 }
1024 int32_t err = reply.readExceptionCode();
1025 int32_t ret = reply.readInt32();
1026 if (err < 0) {
1027 ALOGD("generateKey() caught exception %d\n", err);
1028 return KM_ERROR_UNKNOWN_ERROR;
1029 }
1030 if (reply.readInt32() != 0 && outCharacteristics) {
1031 outCharacteristics->readFromParcel(reply);
1032 }
1033 return ret;
1034 }
1035 virtual int32_t getKeyCharacteristics(const String16& name,
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1036 const keymaster_blob_t* clientId,
1037 const keymaster_blob_t* appData,
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1038 KeyCharacteristics* outCharacteristics)
1039 {
1040 Parcel data, reply;
1041 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1042 data.writeString16(name);
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1043 if (clientId) {
1044 data.writeByteArray(clientId->data_length, clientId->data);
1045 } else {
1046 data.writeInt32(-1);
1047 }
1048 if (appData) {
1049 data.writeByteArray(appData->data_length, appData->data);
1050 } else {
1051 data.writeInt32(-1);
1052 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1053 status_t status = remote()->transact(BnKeystoreService::GET_KEY_CHARACTERISTICS,
1054 data, &reply);
1055 if (status != NO_ERROR) {
1056 ALOGD("getKeyCharacteristics() could not contact remote: %d\n", status);
1057 return KM_ERROR_UNKNOWN_ERROR;
1058 }
1059 int32_t err = reply.readExceptionCode();
1060 int32_t ret = reply.readInt32();
1061 if (err < 0) {
1062 ALOGD("getKeyCharacteristics() caught exception %d\n", err);
1063 return KM_ERROR_UNKNOWN_ERROR;
1064 }
1065 if (reply.readInt32() != 0 && outCharacteristics) {
1066 outCharacteristics->readFromParcel(reply);
1067 }
1068 return ret;
1069 }
1070 virtual int32_t importKey(const String16& name, const KeymasterArguments& params,
1071 keymaster_key_format_t format, const uint8_t *keyData,
1072 size_t keyLength, int uid, int flags,
1073 KeyCharacteristics* outCharacteristics)
1074 {
1075 Parcel data, reply;
1076 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1077 data.writeString16(name);
1078 data.writeInt32(1);
1079 params.writeToParcel(&data);
1080 data.writeInt32(format);
1081 data.writeByteArray(keyLength, keyData);
1082 data.writeInt32(uid);
1083 data.writeInt32(flags);
1084 status_t status = remote()->transact(BnKeystoreService::IMPORT_KEY, data, &reply);
1085 if (status != NO_ERROR) {
1086 ALOGD("importKey() could not contact remote: %d\n", status);
1087 return KM_ERROR_UNKNOWN_ERROR;
1088 }
1089 int32_t err = reply.readExceptionCode();
1090 int32_t ret = reply.readInt32();
1091 if (err < 0) {
1092 ALOGD("importKey() caught exception %d\n", err);
1093 return KM_ERROR_UNKNOWN_ERROR;
1094 }
1095 if (reply.readInt32() != 0 && outCharacteristics) {
1096 outCharacteristics->readFromParcel(reply);
1097 }
1098 return ret;
1099 }
1100
1101 virtual void exportKey(const String16& name, keymaster_key_format_t format,
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1102 const keymaster_blob_t* clientId,
1103 const keymaster_blob_t* appData, ExportResult* result)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1104 {
1105 if (!result) {
1106 return;
1107 }
1108
1109 Parcel data, reply;
1110 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1111 data.writeString16(name);
1112 data.writeInt32(format);
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1113 if (clientId) {
1114 data.writeByteArray(clientId->data_length, clientId->data);
1115 } else {
1116 data.writeInt32(-1);
1117 }
1118 if (appData) {
1119 data.writeByteArray(appData->data_length, appData->data);
1120 } else {
1121 data.writeInt32(-1);
1122 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1123 status_t status = remote()->transact(BnKeystoreService::EXPORT_KEY, data, &reply);
1124 if (status != NO_ERROR) {
1125 ALOGD("exportKey() could not contact remote: %d\n", status);
1126 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1127 return;
1128 }
1129 int32_t err = reply.readExceptionCode();
1130 if (err < 0) {
1131 ALOGD("exportKey() caught exception %d\n", err);
1132 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1133 return;
1134 }
1135 if (reply.readInt32() != 0) {
1136 result->readFromParcel(reply);
1137 }
1138 }
1139
1140 virtual void begin(const sp<IBinder>& appToken, const String16& name,
1141 keymaster_purpose_t purpose, bool pruneable,
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1142 const KeymasterArguments& params, const uint8_t* entropy,
1143 size_t entropyLength, KeymasterArguments* outParams,
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1144 OperationResult* result)
1145 {
1146 if (!result || !outParams) {
1147 return;
1148 }
1149 Parcel data, reply;
1150 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1151 data.writeStrongBinder(appToken);
1152 data.writeString16(name);
1153 data.writeInt32(purpose);
1154 data.writeInt32(pruneable ? 1 : 0);
1155 data.writeInt32(1);
1156 params.writeToParcel(&data);
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1157 data.writeByteArray(entropyLength, entropy);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1158 status_t status = remote()->transact(BnKeystoreService::BEGIN, data, &reply);
1159 if (status != NO_ERROR) {
1160 ALOGD("begin() could not contact remote: %d\n", status);
1161 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1162 return;
1163 }
1164 int32_t err = reply.readExceptionCode();
1165 if (err < 0) {
1166 ALOGD("begin() caught exception %d\n", err);
1167 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1168 return;
1169 }
1170 if (reply.readInt32() != 0) {
1171 result->readFromParcel(reply);
1172 }
1173 if (reply.readInt32() != 0) {
1174 outParams->readFromParcel(reply);
1175 }
1176 }
1177
1178 virtual void update(const sp<IBinder>& token, const KeymasterArguments& params,
Chad Brubaker40a1a9b2015-02-20 14:08:13 -0800[diff] [blame]1179 const uint8_t* opData, size_t dataLength, OperationResult* result)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1180 {
1181 if (!result) {
1182 return;
1183 }
1184 Parcel data, reply;
1185 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1186 data.writeStrongBinder(token);
1187 data.writeInt32(1);
1188 params.writeToParcel(&data);
1189 data.writeByteArray(dataLength, opData);
1190 status_t status = remote()->transact(BnKeystoreService::UPDATE, data, &reply);
1191 if (status != NO_ERROR) {
1192 ALOGD("update() could not contact remote: %d\n", status);
1193 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1194 return;
1195 }
1196 int32_t err = reply.readExceptionCode();
1197 if (err < 0) {
1198 ALOGD("update() caught exception %d\n", err);
1199 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1200 return;
1201 }
1202 if (reply.readInt32() != 0) {
1203 result->readFromParcel(reply);
1204 }
1205 }
1206
1207 virtual void finish(const sp<IBinder>& token, const KeymasterArguments& params,
Chad Brubaker40a1a9b2015-02-20 14:08:13 -0800[diff] [blame]1208 const uint8_t* signature, size_t signatureLength, OperationResult* result)
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1209 {
1210 if (!result) {
1211 return;
1212 }
1213 Parcel data, reply;
1214 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1215 data.writeStrongBinder(token);
1216 data.writeInt32(1);
1217 params.writeToParcel(&data);
1218 data.writeByteArray(signatureLength, signature);
1219 status_t status = remote()->transact(BnKeystoreService::FINISH, data, &reply);
1220 if (status != NO_ERROR) {
1221 ALOGD("finish() could not contact remote: %d\n", status);
1222 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1223 return;
1224 }
1225 int32_t err = reply.readExceptionCode();
1226 if (err < 0) {
1227 ALOGD("finish() caught exception %d\n", err);
1228 result->resultCode = KM_ERROR_UNKNOWN_ERROR;
1229 return;
1230 }
1231 if (reply.readInt32() != 0) {
1232 result->readFromParcel(reply);
1233 }
1234 }
1235
1236 virtual int32_t abort(const sp<IBinder>& token)
1237 {
1238 Parcel data, reply;
1239 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1240 data.writeStrongBinder(token);
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1241 status_t status = remote()->transact(BnKeystoreService::ABORT, data, &reply);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1242 if (status != NO_ERROR) {
1243 ALOGD("abort() could not contact remote: %d\n", status);
1244 return KM_ERROR_UNKNOWN_ERROR;
1245 }
1246 int32_t err = reply.readExceptionCode();
1247 int32_t ret = reply.readInt32();
1248 if (err < 0) {
1249 ALOGD("abort() caught exception %d\n", err);
1250 return KM_ERROR_UNKNOWN_ERROR;
1251 }
1252 return ret;
1253 }
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1254
1255 virtual bool isOperationAuthorized(const sp<IBinder>& token)
1256 {
1257 Parcel data, reply;
1258 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1259 data.writeStrongBinder(token);
1260 status_t status = remote()->transact(BnKeystoreService::IS_OPERATION_AUTHORIZED, data,
1261 &reply);
1262 if (status != NO_ERROR) {
1263 ALOGD("isOperationAuthorized() could not contact remote: %d\n", status);
1264 return false;
1265 }
1266 int32_t err = reply.readExceptionCode();
1267 int32_t ret = reply.readInt32();
1268 if (err < 0) {
1269 ALOGD("isOperationAuthorized() caught exception %d\n", err);
1270 return false;
1271 }
1272 return ret == 1;
1273 }
1274
1275 virtual int32_t addAuthToken(const uint8_t* token, size_t length)
1276 {
1277 Parcel data, reply;
1278 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1279 data.writeByteArray(length, token);
1280 status_t status = remote()->transact(BnKeystoreService::ADD_AUTH_TOKEN, data, &reply);
1281 if (status != NO_ERROR) {
1282 ALOGD("addAuthToken() could not contact remote: %d\n", status);
1283 return -1;
1284 }
1285 int32_t err = reply.readExceptionCode();
1286 int32_t ret = reply.readInt32();
1287 if (err < 0) {
1288 ALOGD("addAuthToken() caught exception %d\n", err);
1289 return -1;
1290 }
1291 return ret;
1292 };
Chad Brubakerfd777e72015-05-12 10:43:10 -0700[diff] [blame^]1293
1294 virtual int32_t onUserAdded(int32_t userId, int32_t parentId)
1295 {
1296 Parcel data, reply;
1297 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1298 data.writeInt32(userId);
1299 data.writeInt32(parentId);
1300 status_t status = remote()->transact(BnKeystoreService::ON_USER_ADDED, data, &reply);
1301 if (status != NO_ERROR) {
1302 ALOGD("onUserAdded() could not contact remote: %d\n", status);
1303 return -1;
1304 }
1305 int32_t err = reply.readExceptionCode();
1306 int32_t ret = reply.readInt32();
1307 if (err < 0) {
1308 ALOGD("onUserAdded() caught exception %d\n", err);
1309 return -1;
1310 }
1311 return ret;
1312 }
1313
1314 virtual int32_t onUserRemoved(int32_t userId)
1315 {
1316 Parcel data, reply;
1317 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor());
1318 data.writeInt32(userId);
1319 status_t status = remote()->transact(BnKeystoreService::ON_USER_REMOVED, data, &reply);
1320 if (status != NO_ERROR) {
1321 ALOGD("onUserRemoved() could not contact remote: %d\n", status);
1322 return -1;
1323 }
1324 int32_t err = reply.readExceptionCode();
1325 int32_t ret = reply.readInt32();
1326 if (err < 0) {
1327 ALOGD("onUserRemoved() caught exception %d\n", err);
1328 return -1;
1329 }
1330 return ret;
1331 }
1332
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1333};
1334
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]1335IMPLEMENT_META_INTERFACE(KeystoreService, "android.security.IKeystoreService");
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1336
1337// ----------------------------------------------------------------------
1338
1339status_t BnKeystoreService::onTransact(
1340 uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags)
1341{
1342 switch(code) {
1343 case TEST: {
1344 CHECK_INTERFACE(IKeystoreService, data, reply);
1345 int32_t ret = test();
1346 reply->writeNoException();
1347 reply->writeInt32(ret);
1348 return NO_ERROR;
1349 } break;
1350 case GET: {
1351 CHECK_INTERFACE(IKeystoreService, data, reply);
1352 String16 name = data.readString16();
1353 void* out = NULL;
1354 size_t outSize = 0;
1355 int32_t ret = get(name, (uint8_t**) &out, &outSize);
1356 reply->writeNoException();
1357 if (ret == 1) {
1358 reply->writeInt32(outSize);
1359 void* buf = reply->writeInplace(outSize);
1360 memcpy(buf, out, outSize);
1361 free(out);
1362 } else {
1363 reply->writeInt32(-1);
1364 }
1365 return NO_ERROR;
1366 } break;
1367 case INSERT: {
1368 CHECK_INTERFACE(IKeystoreService, data, reply);
1369 String16 name = data.readString16();
1370 ssize_t inSize = data.readInt32();
1371 const void* in;
1372 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1373 in = data.readInplace(inSize);
1374 } else {
1375 in = NULL;
1376 inSize = 0;
1377 }
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1378 int uid = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]1379 int32_t flags = data.readInt32();
1380 int32_t ret = insert(name, (const uint8_t*) in, (size_t) inSize, uid, flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1381 reply->writeNoException();
1382 reply->writeInt32(ret);
1383 return NO_ERROR;
1384 } break;
1385 case DEL: {
1386 CHECK_INTERFACE(IKeystoreService, data, reply);
1387 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1388 int uid = data.readInt32();
1389 int32_t ret = del(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1390 reply->writeNoException();
1391 reply->writeInt32(ret);
1392 return NO_ERROR;
1393 } break;
1394 case EXIST: {
1395 CHECK_INTERFACE(IKeystoreService, data, reply);
1396 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1397 int uid = data.readInt32();
1398 int32_t ret = exist(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1399 reply->writeNoException();
1400 reply->writeInt32(ret);
1401 return NO_ERROR;
1402 } break;
1403 case SAW: {
1404 CHECK_INTERFACE(IKeystoreService, data, reply);
1405 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1406 int uid = data.readInt32();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1407 Vector<String16> matches;
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1408 int32_t ret = saw(name, uid, &matches);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1409 reply->writeNoException();
1410 reply->writeInt32(matches.size());
1411 Vector<String16>::const_iterator it = matches.begin();
1412 for (; it != matches.end(); ++it) {
1413 reply->writeString16(*it);
1414 }
1415 reply->writeInt32(ret);
1416 return NO_ERROR;
1417 } break;
1418 case RESET: {
1419 CHECK_INTERFACE(IKeystoreService, data, reply);
1420 int32_t ret = reset();
1421 reply->writeNoException();
1422 reply->writeInt32(ret);
1423 return NO_ERROR;
1424 } break;
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]1425 case ON_USER_PASSWORD_CHANGED: {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1426 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]1427 int32_t userId = data.readInt32();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1428 String16 pass = data.readString16();
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]1429 int32_t ret = onUserPasswordChanged(userId, pass);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1430 reply->writeNoException();
1431 reply->writeInt32(ret);
1432 return NO_ERROR;
1433 } break;
1434 case LOCK: {
1435 CHECK_INTERFACE(IKeystoreService, data, reply);
1436 int32_t ret = lock();
1437 reply->writeNoException();
1438 reply->writeInt32(ret);
1439 return NO_ERROR;
1440 } break;
1441 case UNLOCK: {
1442 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]1443 int32_t userId = data.readInt32();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1444 String16 pass = data.readString16();
Chad Brubakereecdd122015-05-07 10:19:40 -0700[diff] [blame]1445 int32_t ret = unlock(userId, pass);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1446 reply->writeNoException();
1447 reply->writeInt32(ret);
1448 return NO_ERROR;
1449 } break;
1450 case ZERO: {
1451 CHECK_INTERFACE(IKeystoreService, data, reply);
1452 int32_t ret = zero();
1453 reply->writeNoException();
1454 reply->writeInt32(ret);
1455 return NO_ERROR;
1456 } break;
1457 case GENERATE: {
1458 CHECK_INTERFACE(IKeystoreService, data, reply);
1459 String16 name = data.readString16();
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1460 int32_t uid = data.readInt32();
1461 int32_t keyType = data.readInt32();
1462 int32_t keySize = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]1463 int32_t flags = data.readInt32();
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1464 Vector<sp<KeystoreArg> > args;
Chad Brubaker468fc692015-01-13 17:33:14 -0800[diff] [blame]1465 int32_t argsPresent = data.readInt32();
1466 if (argsPresent == 1) {
1467 ssize_t numArgs = data.readInt32();
1468 if (numArgs > 0) {
1469 for (size_t i = 0; i < (size_t) numArgs; i++) {
1470 ssize_t inSize = data.readInt32();
1471 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1472 sp<KeystoreArg> arg = new KeystoreArg(data.readInplace(inSize),
1473 inSize);
1474 args.push_back(arg);
1475 } else {
1476 args.push_back(NULL);
1477 }
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1478 }
1479 }
1480 }
1481 int32_t ret = generate(name, uid, keyType, keySize, flags, &args);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1482 reply->writeNoException();
1483 reply->writeInt32(ret);
1484 return NO_ERROR;
1485 } break;
1486 case IMPORT: {
1487 CHECK_INTERFACE(IKeystoreService, data, reply);
1488 String16 name = data.readString16();
1489 ssize_t inSize = data.readInt32();
1490 const void* in;
1491 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1492 in = data.readInplace(inSize);
1493 } else {
1494 in = NULL;
1495 inSize = 0;
1496 }
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1497 int uid = data.readInt32();
Kenny Root0c540aa2013-04-03 09:22:15 -0700[diff] [blame]1498 int32_t flags = data.readInt32();
1499 int32_t ret = import(name, (const uint8_t*) in, (size_t) inSize, uid, flags);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1500 reply->writeNoException();
1501 reply->writeInt32(ret);
1502 return NO_ERROR;
1503 } break;
1504 case SIGN: {
1505 CHECK_INTERFACE(IKeystoreService, data, reply);
1506 String16 name = data.readString16();
1507 ssize_t inSize = data.readInt32();
1508 const void* in;
1509 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1510 in = data.readInplace(inSize);
1511 } else {
1512 in = NULL;
1513 inSize = 0;
1514 }
1515 void* out = NULL;
1516 size_t outSize = 0;
1517 int32_t ret = sign(name, (const uint8_t*) in, (size_t) inSize, (uint8_t**) &out, &outSize);
1518 reply->writeNoException();
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1519 if (outSize > 0 && out != NULL) {
1520 reply->writeInt32(outSize);
1521 void* buf = reply->writeInplace(outSize);
1522 memcpy(buf, out, outSize);
1523 free(out);
1524 } else {
Kenny Roote289c402013-02-14 11:31:53 -0800[diff] [blame]1525 reply->writeInt32(-1);
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1526 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1527 reply->writeInt32(ret);
1528 return NO_ERROR;
1529 } break;
1530 case VERIFY: {
1531 CHECK_INTERFACE(IKeystoreService, data, reply);
1532 String16 name = data.readString16();
1533 ssize_t inSize = data.readInt32();
1534 const void* in;
1535 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) {
1536 in = data.readInplace(inSize);
1537 } else {
1538 in = NULL;
1539 inSize = 0;
1540 }
1541 ssize_t sigSize = data.readInt32();
1542 const void* sig;
1543 if (sigSize >= 0 && (size_t) sigSize <= data.dataAvail()) {
1544 sig = data.readInplace(sigSize);
1545 } else {
1546 sig = NULL;
1547 sigSize = 0;
1548 }
1549 bool ret = verify(name, (const uint8_t*) in, (size_t) inSize, (const uint8_t*) sig,
1550 (size_t) sigSize);
1551 reply->writeNoException();
1552 reply->writeInt32(ret ? 1 : 0);
1553 return NO_ERROR;
1554 } break;
1555 case GET_PUBKEY: {
1556 CHECK_INTERFACE(IKeystoreService, data, reply);
1557 String16 name = data.readString16();
1558 void* out = NULL;
1559 size_t outSize = 0;
1560 int32_t ret = get_pubkey(name, (unsigned char**) &out, &outSize);
1561 reply->writeNoException();
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1562 if (outSize > 0 && out != NULL) {
1563 reply->writeInt32(outSize);
1564 void* buf = reply->writeInplace(outSize);
1565 memcpy(buf, out, outSize);
1566 free(out);
1567 } else {
Kenny Roote289c402013-02-14 11:31:53 -0800[diff] [blame]1568 reply->writeInt32(-1);
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1569 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1570 reply->writeInt32(ret);
1571 return NO_ERROR;
Kenny Rootb03c9fb2013-02-04 16:42:51 -0800[diff] [blame]1572 } break;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1573 case DEL_KEY: {
1574 CHECK_INTERFACE(IKeystoreService, data, reply);
1575 String16 name = data.readString16();
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1576 int uid = data.readInt32();
1577 int32_t ret = del_key(name, uid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1578 reply->writeNoException();
1579 reply->writeInt32(ret);
1580 return NO_ERROR;
1581 } break;
1582 case GRANT: {
1583 CHECK_INTERFACE(IKeystoreService, data, reply);
1584 String16 name = data.readString16();
1585 int32_t granteeUid = data.readInt32();
1586 int32_t ret = grant(name, granteeUid);
1587 reply->writeNoException();
1588 reply->writeInt32(ret);
1589 return NO_ERROR;
1590 } break;
1591 case UNGRANT: {
1592 CHECK_INTERFACE(IKeystoreService, data, reply);
1593 String16 name = data.readString16();
1594 int32_t granteeUid = data.readInt32();
1595 int32_t ret = ungrant(name, granteeUid);
1596 reply->writeNoException();
1597 reply->writeInt32(ret);
1598 return NO_ERROR;
1599 } break;
1600 case GETMTIME: {
1601 CHECK_INTERFACE(IKeystoreService, data, reply);
1602 String16 name = data.readString16();
1603 int64_t ret = getmtime(name);
1604 reply->writeNoException();
1605 reply->writeInt64(ret);
1606 return NO_ERROR;
1607 } break;
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]1608 case DUPLICATE: {
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]1609 CHECK_INTERFACE(IKeystoreService, data, reply);
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]1610 String16 srcKey = data.readString16();
1611 int32_t srcUid = data.readInt32();
1612 String16 destKey = data.readString16();
1613 int32_t destUid = data.readInt32();
1614 int32_t ret = duplicate(srcKey, srcUid, destKey, destUid);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]1615 reply->writeNoException();
1616 reply->writeInt32(ret);
1617 return NO_ERROR;
1618 } break;
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]1619 case IS_HARDWARE_BACKED: {
1620 CHECK_INTERFACE(IKeystoreService, data, reply);
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]1621 String16 keyType = data.readString16();
1622 int32_t ret = is_hardware_backed(keyType);
Kenny Root43061232013-03-29 11:15:50 -0700[diff] [blame]1623 reply->writeNoException();
1624 reply->writeInt32(ret);
1625 return NO_ERROR;
1626 }
Kenny Root2ecc7a12013-04-01 16:29:11 -0700[diff] [blame]1627 case CLEAR_UID: {
1628 CHECK_INTERFACE(IKeystoreService, data, reply);
1629 int64_t uid = data.readInt64();
1630 int32_t ret = clear_uid(uid);
1631 reply->writeNoException();
1632 reply->writeInt32(ret);
1633 return NO_ERROR;
1634 }
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]1635 case RESET_UID: {
1636 CHECK_INTERFACE(IKeystoreService, data, reply);
1637 int32_t uid = data.readInt32();
1638 int32_t ret = reset_uid(uid);
1639 reply->writeNoException();
1640 reply->writeInt32(ret);
1641 return NO_ERROR;
1642 }
1643 case SYNC_UID: {
1644 CHECK_INTERFACE(IKeystoreService, data, reply);
1645 int32_t sourceUid = data.readInt32();
1646 int32_t targetUid = data.readInt32();
1647 int32_t ret = sync_uid(sourceUid, targetUid);
1648 reply->writeNoException();
1649 reply->writeInt32(ret);
1650 return NO_ERROR;
1651 }
1652 case PASSWORD_UID: {
1653 CHECK_INTERFACE(IKeystoreService, data, reply);
1654 String16 password = data.readString16();
1655 int32_t uid = data.readInt32();
1656 int32_t ret = password_uid(password, uid);
1657 reply->writeNoException();
1658 reply->writeInt32(ret);
1659 return NO_ERROR;
1660 }
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1661 case ADD_RNG_ENTROPY: {
1662 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1663 const uint8_t* bytes = NULL;
1664 size_t size = 0;
1665 readByteArray(data, &bytes, &size);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1666 int32_t ret = addRngEntropy(bytes, size);
1667 reply->writeNoException();
1668 reply->writeInt32(ret);
1669 return NO_ERROR;
1670 }
1671 case GENERATE_KEY: {
1672 CHECK_INTERFACE(IKeystoreService, data, reply);
1673 String16 name = data.readString16();
1674 KeymasterArguments args;
1675 if (data.readInt32() != 0) {
1676 args.readFromParcel(data);
1677 }
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1678 const uint8_t* entropy = NULL;
1679 size_t entropyLength = 0;
1680 readByteArray(data, &entropy, &entropyLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1681 int32_t uid = data.readInt32();
1682 int32_t flags = data.readInt32();
1683 KeyCharacteristics outCharacteristics;
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1684 int32_t ret = generateKey(name, args, entropy, entropyLength, uid, flags,
1685 &outCharacteristics);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1686 reply->writeNoException();
1687 reply->writeInt32(ret);
1688 reply->writeInt32(1);
1689 outCharacteristics.writeToParcel(reply);
1690 return NO_ERROR;
1691 }
1692 case GET_KEY_CHARACTERISTICS: {
1693 CHECK_INTERFACE(IKeystoreService, data, reply);
1694 String16 name = data.readString16();
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1695 std::unique_ptr<keymaster_blob_t> clientId = readKeymasterBlob(data);
1696 std::unique_ptr<keymaster_blob_t> appData = readKeymasterBlob(data);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1697 KeyCharacteristics outCharacteristics;
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1698 int ret = getKeyCharacteristics(name, clientId.get(), appData.get(),
1699 &outCharacteristics);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1700 reply->writeNoException();
1701 reply->writeInt32(ret);
1702 reply->writeInt32(1);
1703 outCharacteristics.writeToParcel(reply);
1704 return NO_ERROR;
1705 }
1706 case IMPORT_KEY: {
1707 CHECK_INTERFACE(IKeystoreService, data, reply);
1708 String16 name = data.readString16();
1709 KeymasterArguments args;
1710 if (data.readInt32() != 0) {
1711 args.readFromParcel(data);
1712 }
1713 keymaster_key_format_t format = static_cast<keymaster_key_format_t>(data.readInt32());
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1714 const uint8_t* keyData = NULL;
1715 size_t keyLength = 0;
1716 readByteArray(data, &keyData, &keyLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1717 int32_t uid = data.readInt32();
1718 int32_t flags = data.readInt32();
1719 KeyCharacteristics outCharacteristics;
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1720 int32_t ret = importKey(name, args, format, keyData, keyLength, uid, flags,
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1721 &outCharacteristics);
1722 reply->writeNoException();
1723 reply->writeInt32(ret);
1724 reply->writeInt32(1);
1725 outCharacteristics.writeToParcel(reply);
1726
1727 return NO_ERROR;
1728 }
1729 case EXPORT_KEY: {
1730 CHECK_INTERFACE(IKeystoreService, data, reply);
1731 String16 name = data.readString16();
1732 keymaster_key_format_t format = static_cast<keymaster_key_format_t>(data.readInt32());
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1733 std::unique_ptr<keymaster_blob_t> clientId = readKeymasterBlob(data);
1734 std::unique_ptr<keymaster_blob_t> appData = readKeymasterBlob(data);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1735 ExportResult result;
Chad Brubakerd6634422015-03-21 22:36:07 -0700[diff] [blame]1736 exportKey(name, format, clientId.get(), appData.get(), &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1737 reply->writeNoException();
1738 reply->writeInt32(1);
1739 result.writeToParcel(reply);
1740
1741 return NO_ERROR;
1742 }
1743 case BEGIN: {
1744 CHECK_INTERFACE(IKeystoreService, data, reply);
1745 sp<IBinder> token = data.readStrongBinder();
1746 String16 name = data.readString16();
1747 keymaster_purpose_t purpose = static_cast<keymaster_purpose_t>(data.readInt32());
1748 bool pruneable = data.readInt32() != 0;
1749 KeymasterArguments args;
1750 if (data.readInt32() != 0) {
1751 args.readFromParcel(data);
1752 }
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1753 const uint8_t* entropy = NULL;
1754 size_t entropyLength = 0;
1755 readByteArray(data, &entropy, &entropyLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1756 KeymasterArguments outArgs;
1757 OperationResult result;
Chad Brubaker154d7692015-03-27 13:59:31 -0700[diff] [blame]1758 begin(token, name, purpose, pruneable, args, entropy, entropyLength, &outArgs,
1759 &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1760 reply->writeNoException();
1761 reply->writeInt32(1);
1762 result.writeToParcel(reply);
1763 reply->writeInt32(1);
1764 outArgs.writeToParcel(reply);
1765
1766 return NO_ERROR;
1767 }
1768 case UPDATE: {
1769 CHECK_INTERFACE(IKeystoreService, data, reply);
1770 sp<IBinder> token = data.readStrongBinder();
1771 KeymasterArguments args;
1772 if (data.readInt32() != 0) {
1773 args.readFromParcel(data);
1774 }
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1775 const uint8_t* buf = NULL;
1776 size_t bufLength = 0;
1777 readByteArray(data, &buf, &bufLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1778 OperationResult result;
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1779 update(token, args, buf, bufLength, &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1780 reply->writeNoException();
1781 reply->writeInt32(1);
1782 result.writeToParcel(reply);
1783
1784 return NO_ERROR;
1785 }
1786 case FINISH: {
1787 CHECK_INTERFACE(IKeystoreService, data, reply);
1788 sp<IBinder> token = data.readStrongBinder();
1789 KeymasterArguments args;
1790 if (data.readInt32() != 0) {
1791 args.readFromParcel(data);
1792 }
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1793 const uint8_t* buf = NULL;
1794 size_t bufLength = 0;
1795 readByteArray(data, &buf, &bufLength);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1796 OperationResult result;
Chad Brubaker6432df72015-03-20 16:23:04 -0700[diff] [blame]1797 finish(token, args, buf, bufLength, &result);
Chad Brubaker9899d6b2015-02-03 13:03:00 -0800[diff] [blame]1798 reply->writeNoException();
1799 reply->writeInt32(1);
1800 result.writeToParcel(reply);
1801
1802 return NO_ERROR;
1803 }
1804 case ABORT: {
1805 CHECK_INTERFACE(IKeystoreService, data, reply);
1806 sp<IBinder> token = data.readStrongBinder();
1807 int32_t result = abort(token);
1808 reply->writeNoException();
1809 reply->writeInt32(result);
1810
1811 return NO_ERROR;
1812 }
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1813 case IS_OPERATION_AUTHORIZED: {
1814 CHECK_INTERFACE(IKeystoreService, data, reply);
1815 sp<IBinder> token = data.readStrongBinder();
1816 bool result = isOperationAuthorized(token);
1817 reply->writeNoException();
1818 reply->writeInt32(result ? 1 : 0);
1819
1820 return NO_ERROR;
1821 }
1822 case ADD_AUTH_TOKEN: {
1823 CHECK_INTERFACE(IKeystoreService, data, reply);
Chad Brubaker2ed2baa2015-03-21 21:20:10 -0700[diff] [blame]1824 const uint8_t* token_bytes = NULL;
1825 size_t size = 0;
1826 readByteArray(data, &token_bytes, &size);
1827 int32_t result = addAuthToken(token_bytes, size);
1828 reply->writeNoException();
1829 reply->writeInt32(result);
1830
1831 return NO_ERROR;
1832 }
Chad Brubakerfd777e72015-05-12 10:43:10 -0700[diff] [blame^]1833 case ON_USER_ADDED: {
1834 CHECK_INTERFACE(IKeystoreService, data, reply);
1835 int32_t userId = data.readInt32();
1836 int32_t parentId = data.readInt32();
1837 int32_t result = onUserAdded(userId, parentId);
1838 reply->writeNoException();
1839 reply->writeInt32(result);
1840
1841 return NO_ERROR;
1842 }
1843 case ON_USER_REMOVED: {
1844 CHECK_INTERFACE(IKeystoreService, data, reply);
1845 int32_t userId = data.readInt32();
1846 int32_t result = onUserRemoved(userId);
1847 reply->writeNoException();
1848 reply->writeInt32(result);
1849
1850 return NO_ERROR;
1851 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1852 default:
1853 return BBinder::onTransact(code, data, reply, flags);
1854 }
1855}
1856
1857// ----------------------------------------------------------------------------
1858
1859}; // namespace android