1 /* 2 * Copyright 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef SYSTEM_KEYMASTER_ANDROID_KEYMASTER_MESSAGES_H_ 18 #define SYSTEM_KEYMASTER_ANDROID_KEYMASTER_MESSAGES_H_ 19 20 #include <assert.h> 21 #include <stdlib.h> 22 #include <string.h> 23 24 #include <keymaster/android_keymaster_utils.h> 25 #include <keymaster/authorization_set.h> 26 27 namespace keymaster { 28 29 // Commands 30 enum AndroidKeymasterCommand { 31 GENERATE_KEY = 0, 32 BEGIN_OPERATION = 1, 33 UPDATE_OPERATION = 2, 34 FINISH_OPERATION = 3, 35 ABORT_OPERATION = 4, 36 IMPORT_KEY = 5, 37 EXPORT_KEY = 6, 38 GET_VERSION = 7, 39 ADD_RNG_ENTROPY = 8, 40 GET_SUPPORTED_ALGORITHMS = 9, 41 GET_SUPPORTED_BLOCK_MODES = 10, 42 GET_SUPPORTED_PADDING_MODES = 11, 43 GET_SUPPORTED_DIGESTS = 12, 44 GET_SUPPORTED_IMPORT_FORMATS = 13, 45 GET_SUPPORTED_EXPORT_FORMATS = 14, 46 GET_KEY_CHARACTERISTICS = 15, 47 ATTEST_KEY = 16, 48 UPGRADE_KEY = 17, 49 }; 50 51 /** 52 * Keymaster message versions are tied to keymaster versions. We map the keymaster 53 * major.minor.subminor version to a sequential "message version". 54 * 55 * Rather than encoding a version number into each message we rely on the client -- who initiates 56 * all requests -- to check the version of the keymaster implementation with the GET_VERSION command 57 * and to send only requests that the implementation can understand. This means that only the 58 * client side needs to manage version compatibility; the implementation can always expect/produce 59 * messages of its format. 60 * 61 * Because message version selection is purely a client-side issue, all messages default to using 62 * the latest version (MAX_MESSAGE_VERSION). Client code must take care to check versions and pass 63 * correct version values to message constructors. The AndroidKeymaster implementation always uses 64 * the default, latest. 65 * 66 * Note that this approach implies that GetVersionRequest and GetVersionResponse cannot be 67 * versioned. 68 */ 69 const int32_t MAX_MESSAGE_VERSION = 3; 70 inline int32_t MessageVersion(uint8_t major_ver, uint8_t minor_ver, uint8_t /* subminor_ver */) { 71 int32_t message_version = -1; 72 switch (major_ver) { 73 case 0: 74 // For the moment we still support version 0, though in general the plan is not to support 75 // non-matching major versions. 76 message_version = 0; 77 break; 78 case 1: 79 switch (minor_ver) { 80 case 0: 81 message_version = 1; 82 break; 83 case 1: 84 message_version = 2; 85 break; 86 } 87 break; 88 case 2: 89 message_version = 3; 90 break; 91 }; 92 return message_version; 93 } 94 95 struct KeymasterMessage : public Serializable { 96 KeymasterMessage(int32_t ver) : message_version(ver) { assert(ver >= 0); } 97 uint32_t message_version; 98 }; 99 100 /** 101 * All responses include an error value, and if the error is not KM_ERROR_OK, return no additional 102 * data. This abstract class factors out the common serialization functionality for all of the 103 * responses, so we only have to implement it once. Inheritance for reuse is generally not a great 104 * structure, but in this case it's the cleanest option. 105 */ 106 struct KeymasterResponse : public KeymasterMessage { 107 explicit KeymasterResponse(int32_t ver) 108 : KeymasterMessage(ver), error(KM_ERROR_UNKNOWN_ERROR) {} 109 110 size_t SerializedSize() const override; 111 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 112 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 113 114 virtual size_t NonErrorSerializedSize() const = 0; 115 virtual uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const = 0; 116 virtual bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) = 0; 117 118 keymaster_error_t error; 119 }; 120 121 struct SupportedAlgorithmsRequest : public KeymasterMessage { 122 explicit SupportedAlgorithmsRequest(int32_t ver = MAX_MESSAGE_VERSION) 123 : KeymasterMessage(ver) {} 124 125 size_t SerializedSize() const override { return 0; }; 126 uint8_t* Serialize(uint8_t* buf, const uint8_t* /* end */) const override { return buf; } 127 bool Deserialize(const uint8_t** /* buf_ptr */, const uint8_t* /* end */) override { 128 return true; 129 } 130 }; 131 132 struct SupportedByAlgorithmRequest : public KeymasterMessage { 133 explicit SupportedByAlgorithmRequest(int32_t ver) : KeymasterMessage(ver) {} 134 135 size_t SerializedSize() const override { return sizeof(uint32_t); }; 136 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override { 137 return append_uint32_to_buf(buf, end, algorithm); 138 } 139 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override { 140 return copy_uint32_from_buf(buf_ptr, end, &algorithm); 141 } 142 143 keymaster_algorithm_t algorithm; 144 }; 145 146 struct SupportedImportFormatsRequest : public SupportedByAlgorithmRequest { 147 SupportedImportFormatsRequest(int32_t ver = MAX_MESSAGE_VERSION) 148 : SupportedByAlgorithmRequest(ver) {} 149 }; 150 151 struct SupportedExportFormatsRequest : public SupportedByAlgorithmRequest { 152 SupportedExportFormatsRequest(int32_t ver = MAX_MESSAGE_VERSION) 153 : SupportedByAlgorithmRequest(ver) {} 154 }; 155 156 struct SupportedByAlgorithmAndPurposeRequest : public KeymasterMessage { 157 explicit SupportedByAlgorithmAndPurposeRequest(int32_t ver = MAX_MESSAGE_VERSION) 158 : KeymasterMessage(ver) {} 159 160 size_t SerializedSize() const override { return sizeof(uint32_t) * 2; }; 161 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override { 162 buf = append_uint32_to_buf(buf, end, algorithm); 163 return append_uint32_to_buf(buf, end, purpose); 164 } 165 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override { 166 return copy_uint32_from_buf(buf_ptr, end, &algorithm) && 167 copy_uint32_from_buf(buf_ptr, end, &purpose); 168 } 169 170 keymaster_algorithm_t algorithm; 171 keymaster_purpose_t purpose; 172 }; 173 174 struct SupportedBlockModesRequest : public SupportedByAlgorithmAndPurposeRequest { 175 SupportedBlockModesRequest(int32_t ver = MAX_MESSAGE_VERSION) 176 : SupportedByAlgorithmAndPurposeRequest(ver) {} 177 }; 178 179 struct SupportedPaddingModesRequest : public SupportedByAlgorithmAndPurposeRequest { 180 SupportedPaddingModesRequest(int32_t ver = MAX_MESSAGE_VERSION) 181 : SupportedByAlgorithmAndPurposeRequest(ver) {} 182 }; 183 184 struct SupportedDigestsRequest : public SupportedByAlgorithmAndPurposeRequest { 185 SupportedDigestsRequest(int32_t ver = MAX_MESSAGE_VERSION) 186 : SupportedByAlgorithmAndPurposeRequest(ver) {} 187 }; 188 189 template <typename T> struct SupportedResponse : public KeymasterResponse { 190 explicit SupportedResponse(int32_t ver) 191 : KeymasterResponse(ver), results(nullptr), results_length(0) {} 192 ~SupportedResponse() { delete[] results; } 193 194 template <size_t N> void SetResults(const T (&arr)[N]) { SetResults(arr, N); } 195 196 void SetResults(const T* arr, size_t n) { 197 delete[] results; 198 results_length = 0; 199 results = dup_array(arr, n); 200 if (results == nullptr) { 201 error = KM_ERROR_MEMORY_ALLOCATION_FAILED; 202 } else { 203 results_length = n; 204 error = KM_ERROR_OK; 205 } 206 } 207 208 size_t NonErrorSerializedSize() const override { 209 return sizeof(uint32_t) + results_length * sizeof(uint32_t); 210 } 211 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override { 212 return append_uint32_array_to_buf(buf, end, results, results_length); 213 } 214 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override { 215 delete[] results; 216 results = nullptr; 217 UniquePtr<T[]> tmp; 218 if (!copy_uint32_array_from_buf(buf_ptr, end, &tmp, &results_length)) 219 return false; 220 results = tmp.release(); 221 return true; 222 } 223 224 T* results; 225 size_t results_length; 226 }; 227 228 struct SupportedAlgorithmsResponse : public SupportedResponse<keymaster_algorithm_t> { 229 SupportedAlgorithmsResponse(int32_t ver = MAX_MESSAGE_VERSION) 230 : SupportedResponse<keymaster_algorithm_t>(ver) {} 231 }; 232 233 struct SupportedBlockModesResponse : public SupportedResponse<keymaster_block_mode_t> { 234 SupportedBlockModesResponse(int32_t ver = MAX_MESSAGE_VERSION) 235 : SupportedResponse<keymaster_block_mode_t>(ver) {} 236 }; 237 238 struct SupportedPaddingModesResponse : public SupportedResponse<keymaster_padding_t> { 239 SupportedPaddingModesResponse(int32_t ver = MAX_MESSAGE_VERSION) 240 : SupportedResponse<keymaster_padding_t>(ver) {} 241 }; 242 243 struct SupportedDigestsResponse : public SupportedResponse<keymaster_digest_t> { 244 SupportedDigestsResponse(int32_t ver = MAX_MESSAGE_VERSION) 245 : SupportedResponse<keymaster_digest_t>(ver) {} 246 }; 247 248 struct SupportedImportFormatsResponse : public SupportedResponse<keymaster_key_format_t> { 249 SupportedImportFormatsResponse(int32_t ver = MAX_MESSAGE_VERSION) 250 : SupportedResponse<keymaster_key_format_t>(ver) {} 251 }; 252 253 struct SupportedExportFormatsResponse : public SupportedResponse<keymaster_key_format_t> { 254 SupportedExportFormatsResponse(int32_t ver = MAX_MESSAGE_VERSION) 255 : SupportedResponse<keymaster_key_format_t>(ver) {} 256 }; 257 258 struct GenerateKeyRequest : public KeymasterMessage { 259 explicit GenerateKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {} 260 261 size_t SerializedSize() const override { return key_description.SerializedSize(); } 262 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override { 263 return key_description.Serialize(buf, end); 264 } 265 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override { 266 return key_description.Deserialize(buf_ptr, end); 267 } 268 269 AuthorizationSet key_description; 270 }; 271 272 struct GenerateKeyResponse : public KeymasterResponse { 273 explicit GenerateKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) { 274 key_blob.key_material = nullptr; 275 key_blob.key_material_size = 0; 276 } 277 ~GenerateKeyResponse(); 278 279 size_t NonErrorSerializedSize() const override; 280 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 281 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 282 283 keymaster_key_blob_t key_blob; 284 AuthorizationSet enforced; 285 AuthorizationSet unenforced; 286 }; 287 288 struct GetKeyCharacteristicsRequest : public KeymasterMessage { 289 explicit GetKeyCharacteristicsRequest(int32_t ver = MAX_MESSAGE_VERSION) 290 : KeymasterMessage(ver) { 291 key_blob.key_material = nullptr; 292 key_blob.key_material_size = 0; 293 } 294 ~GetKeyCharacteristicsRequest(); 295 296 void SetKeyMaterial(const void* key_material, size_t length); 297 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 298 SetKeyMaterial(blob.key_material, blob.key_material_size); 299 } 300 301 size_t SerializedSize() const override; 302 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 303 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 304 305 keymaster_key_blob_t key_blob; 306 AuthorizationSet additional_params; 307 }; 308 309 struct GetKeyCharacteristicsResponse : public KeymasterResponse { 310 explicit GetKeyCharacteristicsResponse(int32_t ver = MAX_MESSAGE_VERSION) 311 : KeymasterResponse(ver) {} 312 size_t NonErrorSerializedSize() const override; 313 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 314 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 315 316 AuthorizationSet enforced; 317 AuthorizationSet unenforced; 318 }; 319 320 struct BeginOperationRequest : public KeymasterMessage { 321 explicit BeginOperationRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) { 322 key_blob.key_material = nullptr; 323 key_blob.key_material_size = 0; 324 } 325 ~BeginOperationRequest() { delete[] key_blob.key_material; } 326 327 void SetKeyMaterial(const void* key_material, size_t length); 328 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 329 SetKeyMaterial(blob.key_material, blob.key_material_size); 330 } 331 332 size_t SerializedSize() const; 333 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 334 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 335 336 keymaster_purpose_t purpose; 337 keymaster_key_blob_t key_blob; 338 AuthorizationSet additional_params; 339 }; 340 341 struct BeginOperationResponse : public KeymasterResponse { 342 explicit BeginOperationResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {} 343 344 size_t NonErrorSerializedSize() const override; 345 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 346 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 347 348 keymaster_operation_handle_t op_handle; 349 AuthorizationSet output_params; 350 }; 351 352 struct UpdateOperationRequest : public KeymasterMessage { 353 explicit UpdateOperationRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {} 354 355 size_t SerializedSize() const override; 356 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 357 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 358 359 keymaster_operation_handle_t op_handle; 360 Buffer input; 361 AuthorizationSet additional_params; 362 }; 363 364 struct UpdateOperationResponse : public KeymasterResponse { 365 explicit UpdateOperationResponse(int32_t ver = MAX_MESSAGE_VERSION) 366 : KeymasterResponse(ver), input_consumed(0) {} 367 368 size_t NonErrorSerializedSize() const override; 369 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 370 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 371 372 Buffer output; 373 size_t input_consumed; 374 AuthorizationSet output_params; 375 }; 376 377 struct FinishOperationRequest : public KeymasterMessage { 378 explicit FinishOperationRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {} 379 380 size_t SerializedSize() const override; 381 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 382 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 383 384 keymaster_operation_handle_t op_handle; 385 Buffer input; 386 Buffer signature; 387 AuthorizationSet additional_params; 388 }; 389 390 struct FinishOperationResponse : public KeymasterResponse { 391 explicit FinishOperationResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {} 392 393 size_t NonErrorSerializedSize() const override; 394 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 395 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 396 397 Buffer output; 398 AuthorizationSet output_params; 399 }; 400 401 struct AbortOperationRequest : public KeymasterMessage { 402 explicit AbortOperationRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {} 403 404 size_t SerializedSize() const override { return sizeof(uint64_t); } 405 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override { 406 return append_uint64_to_buf(buf, end, op_handle); 407 } 408 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override { 409 return copy_uint64_from_buf(buf_ptr, end, &op_handle); 410 } 411 412 keymaster_operation_handle_t op_handle; 413 }; 414 415 struct AbortOperationResponse : public KeymasterResponse { 416 explicit AbortOperationResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {} 417 418 size_t NonErrorSerializedSize() const override { return 0; } 419 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t*) const override { return buf; } 420 bool NonErrorDeserialize(const uint8_t**, const uint8_t*) override { return true; } 421 }; 422 423 struct AddEntropyRequest : public KeymasterMessage { 424 explicit AddEntropyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {} 425 426 size_t SerializedSize() const override; 427 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 428 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 429 430 Buffer random_data; 431 }; 432 433 struct AddEntropyResponse : public KeymasterResponse { 434 explicit AddEntropyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {} 435 436 size_t NonErrorSerializedSize() const override { return 0; } 437 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* /* end */) const override { 438 return buf; 439 } 440 bool NonErrorDeserialize(const uint8_t** /* buf_ptr */, const uint8_t* /* end */) override { 441 return true; 442 } 443 }; 444 445 struct ImportKeyRequest : public KeymasterMessage { 446 explicit ImportKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) 447 : KeymasterMessage(ver), key_data(nullptr) {} 448 ~ImportKeyRequest() { delete[] key_data; } 449 450 void SetKeyMaterial(const void* key_material, size_t length); 451 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 452 SetKeyMaterial(blob.key_material, blob.key_material_size); 453 } 454 455 size_t SerializedSize() const override; 456 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 457 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 458 459 AuthorizationSet key_description; 460 keymaster_key_format_t key_format; 461 uint8_t* key_data; 462 size_t key_data_length; 463 }; 464 465 struct ImportKeyResponse : public KeymasterResponse { 466 explicit ImportKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) { 467 key_blob.key_material = nullptr; 468 key_blob.key_material_size = 0; 469 } 470 ~ImportKeyResponse() { delete[] key_blob.key_material; } 471 472 void SetKeyMaterial(const void* key_material, size_t length); 473 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 474 SetKeyMaterial(blob.key_material, blob.key_material_size); 475 } 476 477 size_t NonErrorSerializedSize() const override; 478 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 479 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 480 481 keymaster_key_blob_t key_blob; 482 AuthorizationSet enforced; 483 AuthorizationSet unenforced; 484 }; 485 486 struct ExportKeyRequest : public KeymasterMessage { 487 explicit ExportKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) { 488 key_blob.key_material = nullptr; 489 key_blob.key_material_size = 0; 490 } 491 ~ExportKeyRequest() { delete[] key_blob.key_material; } 492 493 void SetKeyMaterial(const void* key_material, size_t length); 494 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 495 SetKeyMaterial(blob.key_material, blob.key_material_size); 496 } 497 498 size_t SerializedSize() const override; 499 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 500 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 501 502 AuthorizationSet additional_params; 503 keymaster_key_format_t key_format; 504 keymaster_key_blob_t key_blob; 505 }; 506 507 struct ExportKeyResponse : public KeymasterResponse { 508 explicit ExportKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) 509 : KeymasterResponse(ver), key_data(nullptr) {} 510 ~ExportKeyResponse() { delete[] key_data; } 511 512 void SetKeyMaterial(const void* key_material, size_t length); 513 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 514 SetKeyMaterial(blob.key_material, blob.key_material_size); 515 } 516 517 size_t NonErrorSerializedSize() const override; 518 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 519 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 520 521 uint8_t* key_data; 522 size_t key_data_length; 523 }; 524 525 struct DeleteKeyRequest : public KeymasterMessage { 526 explicit DeleteKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) { 527 key_blob.key_material = nullptr; 528 key_blob.key_material_size = 0; 529 } 530 ~DeleteKeyRequest() { delete[] key_blob.key_material; } 531 532 void SetKeyMaterial(const void* key_material, size_t length); 533 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 534 SetKeyMaterial(blob.key_material, blob.key_material_size); 535 } 536 537 size_t SerializedSize() const override; 538 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 539 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 540 541 keymaster_key_blob_t key_blob; 542 }; 543 544 struct DeleteKeyResponse : public KeymasterResponse { 545 explicit DeleteKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {} 546 547 size_t NonErrorSerializedSize() const override { return 0; } 548 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t*) const override { return buf; } 549 bool NonErrorDeserialize(const uint8_t**, const uint8_t*) override { return true; } 550 }; 551 552 struct DeleteAllKeysRequest : public KeymasterMessage { 553 explicit DeleteAllKeysRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {} 554 555 size_t SerializedSize() const override { return 0; } 556 uint8_t* Serialize(uint8_t* buf, const uint8_t*) const override { return buf; } 557 bool Deserialize(const uint8_t**, const uint8_t*) override { return true; }; 558 }; 559 560 struct DeleteAllKeysResponse : public KeymasterResponse { 561 explicit DeleteAllKeysResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {} 562 563 size_t NonErrorSerializedSize() const override { return 0; } 564 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t*) const override { return buf; } 565 bool NonErrorDeserialize(const uint8_t**, const uint8_t*) override { return true; } 566 }; 567 568 struct GetVersionRequest : public KeymasterMessage { 569 GetVersionRequest() : KeymasterMessage(0 /* not versionable */) {} 570 571 size_t SerializedSize() const override { return 0; } 572 uint8_t* Serialize(uint8_t* buf, const uint8_t*) const override { return buf; } 573 bool Deserialize(const uint8_t**, const uint8_t*) override { return true; }; 574 }; 575 576 struct GetVersionResponse : public KeymasterResponse { 577 GetVersionResponse() 578 : KeymasterResponse(0 /* not versionable */), major_ver(0), minor_ver(0), subminor_ver(0) {} 579 580 size_t NonErrorSerializedSize() const override; 581 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 582 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 583 584 uint8_t major_ver; 585 uint8_t minor_ver; 586 uint8_t subminor_ver; 587 }; 588 589 struct AttestKeyRequest : public KeymasterMessage { 590 explicit AttestKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) { 591 key_blob.key_material = nullptr; 592 key_blob.key_material_size = 0; 593 } 594 ~AttestKeyRequest(); 595 596 void SetKeyMaterial(const void* key_material, size_t length); 597 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 598 SetKeyMaterial(blob.key_material, blob.key_material_size); 599 } 600 601 size_t SerializedSize() const override; 602 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 603 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 604 605 keymaster_key_blob_t key_blob; 606 AuthorizationSet attest_params; 607 }; 608 609 struct AttestKeyResponse : public KeymasterResponse { 610 explicit AttestKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) { 611 certificate_chain.entry_count = 0; 612 certificate_chain.entries = nullptr; 613 } 614 ~AttestKeyResponse(); 615 616 bool AllocateChain(size_t entry_count); 617 618 size_t NonErrorSerializedSize() const override; 619 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 620 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 621 622 keymaster_cert_chain_t certificate_chain; 623 }; 624 625 struct UpgradeKeyRequest : public KeymasterMessage { 626 explicit UpgradeKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) { 627 key_blob = {nullptr, 0}; 628 } 629 ~UpgradeKeyRequest(); 630 631 void SetKeyMaterial(const void* key_material, size_t length); 632 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 633 SetKeyMaterial(blob.key_material, blob.key_material_size); 634 } 635 636 size_t SerializedSize() const override; 637 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 638 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 639 640 keymaster_key_blob_t key_blob; 641 AuthorizationSet upgrade_params; 642 }; 643 644 struct UpgradeKeyResponse : public KeymasterResponse { 645 explicit UpgradeKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) { 646 upgraded_key = {nullptr, 0}; 647 } 648 ~UpgradeKeyResponse(); 649 650 size_t NonErrorSerializedSize() const override; 651 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 652 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 653 654 keymaster_key_blob_t upgraded_key; 655 }; 656 657 } // namespace keymaster 658 659 #endif // SYSTEM_KEYMASTER_ANDROID_KEYMASTER_MESSAGES_H_ 660
