Home | History | Annotate | Download | only in keymaster 
      1 /*
      2  * Copyright 2014 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 
     17 #ifndef SYSTEM_KEYMASTER_GOOGLE_KEYMASTER_MESSAGES_H_
     18 #define SYSTEM_KEYMASTER_GOOGLE_KEYMASTER_MESSAGES_H_
     19 
     20 #include <stdlib.h>
     21 #include <string.h>
     22 
     23 #include <keymaster/authorization_set.h>
     24 #include <keymaster/google_keymaster_utils.h>
     25 
     26 namespace keymaster {
     27 
     28 // Commands
     29 const uint32_t GENERATE_KEY = 0;
     30 const uint32_t BEGIN_OPERATION = 1;
     31 const uint32_t UPDATE_OPERATION = 2;
     32 const uint32_t FINISH_OPERATION = 3;
     33 const uint32_t ABORT_OPERATION = 4;
     34 const uint32_t IMPORT_KEY = 5;
     35 const uint32_t EXPORT_KEY = 6;
     36 
     37 /**
     38  * All responses include an error value, and if the error is not KM_ERROR_OK, return no additional
     39  * data.  This abstract class factors out the common serialization functionality for all of the
     40  * responses, so we only have to implement it once.  Inheritance for reuse is generally not a great
     41  * structure, but in this case it's the cleanest option.
     42  */
     43 struct KeymasterResponse : public Serializable {
     44     size_t SerializedSize() const;
     45     uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const;
     46     bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end);
     47 
     48     virtual size_t NonErrorSerializedSize() const = 0;
     49     virtual uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const = 0;
     50     virtual bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) = 0;
     51 
     52     keymaster_error_t error;
     53 };
     54 
     55 struct SupportedAlgorithmsResponse : public KeymasterResponse {
     56     SupportedAlgorithmsResponse() : algorithms(NULL), algorithms_length(0) {}
     57     ~SupportedAlgorithmsResponse() { delete[] algorithms; }
     58 
     59     size_t NonErrorSerializedSize() const;
     60     uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const;
     61     bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end);
     62 
     63     keymaster_algorithm_t* algorithms;
     64     size_t algorithms_length;
     65 };
     66 
     67 template <typename T> struct SupportedResponse : public KeymasterResponse {
     68     SupportedResponse() : results(NULL), results_length(0) {}
     69     ~SupportedResponse() { delete[] results; }
     70 
     71     template <size_t N> void SetResults(const T (&arr)[N]) {
     72         delete[] results;
     73         results_length = 0;
     74         results = dup_array(arr);
     75         if (results == NULL) {
     76             error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
     77         } else {
     78             results_length = N;
     79             error = KM_ERROR_OK;
     80         }
     81     }
     82 
     83     size_t NonErrorSerializedSize() const {
     84         return sizeof(uint32_t) + results_length * sizeof(uint32_t);
     85     }
     86     uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const {
     87         return append_uint32_array_to_buf(buf, end, results, results_length);
     88     }
     89     bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) {
     90         delete[] results;
     91         results = NULL;
     92         UniquePtr<T[]> tmp;
     93         if (!copy_uint32_array_from_buf(buf_ptr, end, &tmp, &results_length))
     94             return false;
     95         results = tmp.release();
     96         return true;
     97     }
     98 
     99     T* results;
    100     size_t results_length;
    101 };
    102 
    103 struct GenerateKeyRequest : public Serializable {
    104     GenerateKeyRequest() {}
    105     GenerateKeyRequest(uint8_t* buf, size_t size) : key_description(buf, size) {}
    106 
    107     size_t SerializedSize() const { return key_description.SerializedSize(); }
    108     uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const {
    109         return key_description.Serialize(buf, end);
    110     }
    111     bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) {
    112         return key_description.Deserialize(buf_ptr, end);
    113     }
    114 
    115     AuthorizationSet key_description;
    116 };
    117 
    118 struct GenerateKeyResponse : public KeymasterResponse {
    119     GenerateKeyResponse() {
    120         error = KM_ERROR_OK;
    121         key_blob.key_material = NULL;
    122         key_blob.key_material_size = 0;
    123     }
    124     ~GenerateKeyResponse();
    125 
    126     size_t NonErrorSerializedSize() const;
    127     uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const;
    128     bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end);
    129 
    130     keymaster_key_blob_t key_blob;
    131     AuthorizationSet enforced;
    132     AuthorizationSet unenforced;
    133 };
    134 
    135 struct GetKeyCharacteristicsRequest : public Serializable {
    136     GetKeyCharacteristicsRequest() { key_blob.key_material = NULL; }
    137     ~GetKeyCharacteristicsRequest();
    138 
    139     void SetKeyMaterial(const void* key_material, size_t length);
    140     void SetKeyMaterial(const keymaster_key_blob_t& blob) {
    141         SetKeyMaterial(blob.key_material, blob.key_material_size);
    142     }
    143 
    144     size_t SerializedSize() const;
    145     uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const;
    146     bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end);
    147 
    148     keymaster_key_blob_t key_blob;
    149     AuthorizationSet additional_params;
    150 };
    151 
    152 struct GetKeyCharacteristicsResponse : public KeymasterResponse {
    153     size_t NonErrorSerializedSize() const;
    154     uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const;
    155     bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end);
    156 
    157     AuthorizationSet enforced;
    158     AuthorizationSet unenforced;
    159 };
    160 
    161 struct BeginOperationRequest : public Serializable {
    162     BeginOperationRequest() { key_blob.key_material = NULL; }
    163     ~BeginOperationRequest() { delete[] key_blob.key_material; }
    164 
    165     void SetKeyMaterial(const void* key_material, size_t length);
    166     void SetKeyMaterial(const keymaster_key_blob_t& blob) {
    167         SetKeyMaterial(blob.key_material, blob.key_material_size);
    168     }
    169 
    170     size_t SerializedSize() const;
    171     uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const;
    172     bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end);
    173 
    174     keymaster_purpose_t purpose;
    175     keymaster_key_blob_t key_blob;
    176     AuthorizationSet additional_params;
    177 };
    178 
    179 struct BeginOperationResponse : public KeymasterResponse {
    180     size_t NonErrorSerializedSize() const;
    181     uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const;
    182     bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end);
    183 
    184     keymaster_operation_handle_t op_handle;
    185 };
    186 
    187 struct UpdateOperationRequest : public Serializable {
    188     size_t SerializedSize() const;
    189     uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const;
    190     bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end);
    191 
    192     keymaster_operation_handle_t op_handle;
    193     Buffer input;
    194 };
    195 
    196 struct UpdateOperationResponse : public KeymasterResponse {
    197     size_t NonErrorSerializedSize() const;
    198     uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const;
    199     bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end);
    200 
    201     Buffer output;
    202 };
    203 
    204 struct FinishOperationRequest : public Serializable {
    205     size_t SerializedSize() const;
    206     uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const;
    207     bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end);
    208 
    209     keymaster_operation_handle_t op_handle;
    210     Buffer signature;
    211 };
    212 
    213 struct FinishOperationResponse : public KeymasterResponse {
    214     size_t NonErrorSerializedSize() const;
    215     uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const;
    216     bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end);
    217 
    218     Buffer output;
    219 };
    220 
    221 struct AddEntropyRequest : public Serializable {
    222     size_t SerializedSize() const;
    223     uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const;
    224     bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end);
    225 
    226     Buffer random_data;
    227 };
    228 
    229 struct ImportKeyRequest : public Serializable {
    230     ImportKeyRequest() : key_data(NULL) {}
    231     ~ImportKeyRequest() { delete[] key_data; }
    232 
    233     void SetKeyMaterial(const void* key_material, size_t length);
    234 
    235     size_t SerializedSize() const;
    236     uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const;
    237     bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end);
    238 
    239     AuthorizationSet key_description;
    240     keymaster_key_format_t key_format;
    241     uint8_t* key_data;
    242     size_t key_data_length;
    243 };
    244 
    245 struct ImportKeyResponse : public KeymasterResponse {
    246     ImportKeyResponse() { key_blob.key_material = NULL; }
    247     ~ImportKeyResponse() { delete[] key_blob.key_material; }
    248 
    249     void SetKeyMaterial(const void* key_material, size_t length);
    250     void SetKeyMaterial(const keymaster_key_blob_t& blob) {
    251         SetKeyMaterial(blob.key_material, blob.key_material_size);
    252     }
    253 
    254     size_t NonErrorSerializedSize() const;
    255     uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const;
    256     bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end);
    257 
    258     keymaster_key_blob_t key_blob;
    259     AuthorizationSet enforced;
    260     AuthorizationSet unenforced;
    261 };
    262 
    263 struct ExportKeyRequest : public Serializable {
    264     ExportKeyRequest() { key_blob.key_material = NULL; }
    265     ~ExportKeyRequest() { delete[] key_blob.key_material; }
    266 
    267     void SetKeyMaterial(const void* key_material, size_t length);
    268     void SetKeyMaterial(const keymaster_key_blob_t& blob) {
    269         SetKeyMaterial(blob.key_material, blob.key_material_size);
    270     }
    271 
    272     size_t SerializedSize() const;
    273     uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const;
    274     bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end);
    275 
    276     AuthorizationSet additional_params;
    277     keymaster_key_format_t key_format;
    278     keymaster_key_blob_t key_blob;
    279 };
    280 
    281 struct ExportKeyResponse : public KeymasterResponse {
    282     ExportKeyResponse() : key_data(NULL) {}
    283     ~ExportKeyResponse() { delete[] key_data; }
    284 
    285     void SetKeyMaterial(const void* key_material, size_t length);
    286 
    287     size_t NonErrorSerializedSize() const;
    288     uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const;
    289     bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end);
    290 
    291     uint8_t* key_data;
    292     size_t key_data_length;
    293 };
    294 
    295 // The structs below are trivial because they're not implemented yet.
    296 struct RescopeRequest : public Serializable {};
    297 struct RescopeResponse : public KeymasterResponse {};
    298 
    299 }  // namespace keymaster
    300 
    301 #endif  // SYSTEM_KEYMASTER_GOOGLE_KEYMASTER_MESSAGES_H_
    302