1 /* 2 * Copyright 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef SYSTEM_KEYMASTER_ANDROID_KEYMASTER_MESSAGES_H_ 18 #define SYSTEM_KEYMASTER_ANDROID_KEYMASTER_MESSAGES_H_ 19 20 #include <assert.h> 21 #include <stdlib.h> 22 #include <string.h> 23 24 #include <keymaster/android_keymaster_utils.h> 25 #include <keymaster/authorization_set.h> 26 27 namespace keymaster { 28 29 // Commands 30 enum AndroidKeymasterCommand { 31 GENERATE_KEY = 0, 32 BEGIN_OPERATION = 1, 33 UPDATE_OPERATION = 2, 34 FINISH_OPERATION = 3, 35 ABORT_OPERATION = 4, 36 IMPORT_KEY = 5, 37 EXPORT_KEY = 6, 38 GET_VERSION = 7, 39 ADD_RNG_ENTROPY = 8, 40 GET_SUPPORTED_ALGORITHMS = 9, 41 GET_SUPPORTED_BLOCK_MODES = 10, 42 GET_SUPPORTED_PADDING_MODES = 11, 43 GET_SUPPORTED_DIGESTS = 12, 44 GET_SUPPORTED_IMPORT_FORMATS = 13, 45 GET_SUPPORTED_EXPORT_FORMATS = 14, 46 GET_KEY_CHARACTERISTICS = 15, 47 ATTEST_KEY = 16, 48 UPGRADE_KEY = 17, 49 CONFIGURE = 18, 50 }; 51 52 /** 53 * Keymaster message versions are tied to keymaster versions. We map the keymaster 54 * major.minor.subminor version to a sequential "message version". 55 * 56 * Rather than encoding a version number into each message we rely on the client -- who initiates 57 * all requests -- to check the version of the keymaster implementation with the GET_VERSION command 58 * and to send only requests that the implementation can understand. This means that only the 59 * client side needs to manage version compatibility; the implementation can always expect/produce 60 * messages of its format. 61 * 62 * Because message version selection is purely a client-side issue, all messages default to using 63 * the latest version (MAX_MESSAGE_VERSION). Client code must take care to check versions and pass 64 * correct version values to message constructors. The AndroidKeymaster implementation always uses 65 * the default, latest. 66 * 67 * Note that this approach implies that GetVersionRequest and GetVersionResponse cannot be 68 * versioned. 69 */ 70 const int32_t MAX_MESSAGE_VERSION = 3; 71 inline int32_t MessageVersion(uint8_t major_ver, uint8_t minor_ver, uint8_t /* subminor_ver */) { 72 int32_t message_version = -1; 73 switch (major_ver) { 74 case 0: 75 // For the moment we still support version 0, though in general the plan is not to support 76 // non-matching major versions. 77 message_version = 0; 78 break; 79 case 1: 80 switch (minor_ver) { 81 case 0: 82 message_version = 1; 83 break; 84 case 1: 85 message_version = 2; 86 break; 87 } 88 break; 89 case 2: 90 message_version = 3; 91 break; 92 }; 93 return message_version; 94 } 95 96 struct KeymasterMessage : public Serializable { 97 explicit KeymasterMessage(int32_t ver) : message_version(ver) { assert(ver >= 0); } 98 uint32_t message_version; 99 }; 100 101 /** 102 * All responses include an error value, and if the error is not KM_ERROR_OK, return no additional 103 * data. This abstract class factors out the common serialization functionality for all of the 104 * responses, so we only have to implement it once. Inheritance for reuse is generally not a great 105 * structure, but in this case it's the cleanest option. 106 */ 107 struct KeymasterResponse : public KeymasterMessage { 108 explicit KeymasterResponse(int32_t ver) 109 : KeymasterMessage(ver), error(KM_ERROR_UNKNOWN_ERROR) {} 110 111 size_t SerializedSize() const override; 112 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 113 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 114 115 virtual size_t NonErrorSerializedSize() const = 0; 116 virtual uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const = 0; 117 virtual bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) = 0; 118 119 keymaster_error_t error; 120 }; 121 122 struct SupportedAlgorithmsRequest : public KeymasterMessage { 123 explicit SupportedAlgorithmsRequest(int32_t ver = MAX_MESSAGE_VERSION) 124 : KeymasterMessage(ver) {} 125 126 size_t SerializedSize() const override { return 0; }; 127 uint8_t* Serialize(uint8_t* buf, const uint8_t* /* end */) const override { return buf; } 128 bool Deserialize(const uint8_t** /* buf_ptr */, const uint8_t* /* end */) override { 129 return true; 130 } 131 }; 132 133 struct SupportedByAlgorithmRequest : public KeymasterMessage { 134 explicit SupportedByAlgorithmRequest(int32_t ver) : KeymasterMessage(ver) {} 135 136 size_t SerializedSize() const override { return sizeof(uint32_t); }; 137 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override { 138 return append_uint32_to_buf(buf, end, algorithm); 139 } 140 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override { 141 return copy_uint32_from_buf(buf_ptr, end, &algorithm); 142 } 143 144 keymaster_algorithm_t algorithm; 145 }; 146 147 struct SupportedImportFormatsRequest : public SupportedByAlgorithmRequest { 148 explicit SupportedImportFormatsRequest(int32_t ver = MAX_MESSAGE_VERSION) 149 : SupportedByAlgorithmRequest(ver) {} 150 }; 151 152 struct SupportedExportFormatsRequest : public SupportedByAlgorithmRequest { 153 explicit SupportedExportFormatsRequest(int32_t ver = MAX_MESSAGE_VERSION) 154 : SupportedByAlgorithmRequest(ver) {} 155 }; 156 157 struct SupportedByAlgorithmAndPurposeRequest : public KeymasterMessage { 158 explicit SupportedByAlgorithmAndPurposeRequest(int32_t ver = MAX_MESSAGE_VERSION) 159 : KeymasterMessage(ver) {} 160 161 size_t SerializedSize() const override { return sizeof(uint32_t) * 2; }; 162 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override { 163 buf = append_uint32_to_buf(buf, end, algorithm); 164 return append_uint32_to_buf(buf, end, purpose); 165 } 166 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override { 167 return copy_uint32_from_buf(buf_ptr, end, &algorithm) && 168 copy_uint32_from_buf(buf_ptr, end, &purpose); 169 } 170 171 keymaster_algorithm_t algorithm; 172 keymaster_purpose_t purpose; 173 }; 174 175 struct SupportedBlockModesRequest : public SupportedByAlgorithmAndPurposeRequest { 176 explicit SupportedBlockModesRequest(int32_t ver = MAX_MESSAGE_VERSION) 177 : SupportedByAlgorithmAndPurposeRequest(ver) {} 178 }; 179 180 struct SupportedPaddingModesRequest : public SupportedByAlgorithmAndPurposeRequest { 181 explicit SupportedPaddingModesRequest(int32_t ver = MAX_MESSAGE_VERSION) 182 : SupportedByAlgorithmAndPurposeRequest(ver) {} 183 }; 184 185 struct SupportedDigestsRequest : public SupportedByAlgorithmAndPurposeRequest { 186 explicit SupportedDigestsRequest(int32_t ver = MAX_MESSAGE_VERSION) 187 : SupportedByAlgorithmAndPurposeRequest(ver) {} 188 }; 189 190 template <typename T> struct SupportedResponse : public KeymasterResponse { 191 explicit SupportedResponse(int32_t ver) 192 : KeymasterResponse(ver), results(nullptr), results_length(0) {} 193 ~SupportedResponse() { delete[] results; } 194 195 template <size_t N> void SetResults(const T (&arr)[N]) { SetResults(arr, N); } 196 197 void SetResults(const T* arr, size_t n) { 198 delete[] results; 199 results_length = 0; 200 results = dup_array(arr, n); 201 if (results == nullptr) { 202 error = KM_ERROR_MEMORY_ALLOCATION_FAILED; 203 } else { 204 results_length = n; 205 error = KM_ERROR_OK; 206 } 207 } 208 209 size_t NonErrorSerializedSize() const override { 210 return sizeof(uint32_t) + results_length * sizeof(uint32_t); 211 } 212 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override { 213 return append_uint32_array_to_buf(buf, end, results, results_length); 214 } 215 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override { 216 delete[] results; 217 results = nullptr; 218 UniquePtr<T[]> tmp; 219 if (!copy_uint32_array_from_buf(buf_ptr, end, &tmp, &results_length)) 220 return false; 221 results = tmp.release(); 222 return true; 223 } 224 225 T* results; 226 size_t results_length; 227 }; 228 229 struct SupportedAlgorithmsResponse : public SupportedResponse<keymaster_algorithm_t> { 230 explicit SupportedAlgorithmsResponse(int32_t ver = MAX_MESSAGE_VERSION) 231 : SupportedResponse<keymaster_algorithm_t>(ver) {} 232 }; 233 234 struct SupportedBlockModesResponse : public SupportedResponse<keymaster_block_mode_t> { 235 explicit SupportedBlockModesResponse(int32_t ver = MAX_MESSAGE_VERSION) 236 : SupportedResponse<keymaster_block_mode_t>(ver) {} 237 }; 238 239 struct SupportedPaddingModesResponse : public SupportedResponse<keymaster_padding_t> { 240 explicit SupportedPaddingModesResponse(int32_t ver = MAX_MESSAGE_VERSION) 241 : SupportedResponse<keymaster_padding_t>(ver) {} 242 }; 243 244 struct SupportedDigestsResponse : public SupportedResponse<keymaster_digest_t> { 245 explicit SupportedDigestsResponse(int32_t ver = MAX_MESSAGE_VERSION) 246 : SupportedResponse<keymaster_digest_t>(ver) {} 247 }; 248 249 struct SupportedImportFormatsResponse : public SupportedResponse<keymaster_key_format_t> { 250 explicit SupportedImportFormatsResponse(int32_t ver = MAX_MESSAGE_VERSION) 251 : SupportedResponse<keymaster_key_format_t>(ver) {} 252 }; 253 254 struct SupportedExportFormatsResponse : public SupportedResponse<keymaster_key_format_t> { 255 explicit SupportedExportFormatsResponse(int32_t ver = MAX_MESSAGE_VERSION) 256 : SupportedResponse<keymaster_key_format_t>(ver) {} 257 }; 258 259 struct GenerateKeyRequest : public KeymasterMessage { 260 explicit GenerateKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {} 261 262 size_t SerializedSize() const override { return key_description.SerializedSize(); } 263 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override { 264 return key_description.Serialize(buf, end); 265 } 266 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override { 267 return key_description.Deserialize(buf_ptr, end); 268 } 269 270 AuthorizationSet key_description; 271 }; 272 273 struct GenerateKeyResponse : public KeymasterResponse { 274 explicit GenerateKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) { 275 key_blob.key_material = nullptr; 276 key_blob.key_material_size = 0; 277 } 278 ~GenerateKeyResponse(); 279 280 size_t NonErrorSerializedSize() const override; 281 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 282 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 283 284 keymaster_key_blob_t key_blob; 285 AuthorizationSet enforced; 286 AuthorizationSet unenforced; 287 }; 288 289 struct GetKeyCharacteristicsRequest : public KeymasterMessage { 290 explicit GetKeyCharacteristicsRequest(int32_t ver = MAX_MESSAGE_VERSION) 291 : KeymasterMessage(ver) { 292 key_blob.key_material = nullptr; 293 key_blob.key_material_size = 0; 294 } 295 ~GetKeyCharacteristicsRequest(); 296 297 void SetKeyMaterial(const void* key_material, size_t length); 298 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 299 SetKeyMaterial(blob.key_material, blob.key_material_size); 300 } 301 302 size_t SerializedSize() const override; 303 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 304 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 305 306 keymaster_key_blob_t key_blob; 307 AuthorizationSet additional_params; 308 }; 309 310 struct GetKeyCharacteristicsResponse : public KeymasterResponse { 311 explicit GetKeyCharacteristicsResponse(int32_t ver = MAX_MESSAGE_VERSION) 312 : KeymasterResponse(ver) {} 313 size_t NonErrorSerializedSize() const override; 314 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 315 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 316 317 AuthorizationSet enforced; 318 AuthorizationSet unenforced; 319 }; 320 321 struct BeginOperationRequest : public KeymasterMessage { 322 explicit BeginOperationRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) { 323 key_blob.key_material = nullptr; 324 key_blob.key_material_size = 0; 325 } 326 ~BeginOperationRequest() { delete[] key_blob.key_material; } 327 328 void SetKeyMaterial(const void* key_material, size_t length); 329 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 330 SetKeyMaterial(blob.key_material, blob.key_material_size); 331 } 332 333 size_t SerializedSize() const override; 334 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 335 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 336 337 keymaster_purpose_t purpose; 338 keymaster_key_blob_t key_blob; 339 AuthorizationSet additional_params; 340 }; 341 342 struct BeginOperationResponse : public KeymasterResponse { 343 explicit BeginOperationResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {} 344 345 size_t NonErrorSerializedSize() const override; 346 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 347 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 348 349 keymaster_operation_handle_t op_handle; 350 AuthorizationSet output_params; 351 }; 352 353 struct UpdateOperationRequest : public KeymasterMessage { 354 explicit UpdateOperationRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {} 355 356 size_t SerializedSize() const override; 357 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 358 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 359 360 keymaster_operation_handle_t op_handle; 361 Buffer input; 362 AuthorizationSet additional_params; 363 }; 364 365 struct UpdateOperationResponse : public KeymasterResponse { 366 explicit UpdateOperationResponse(int32_t ver = MAX_MESSAGE_VERSION) 367 : KeymasterResponse(ver), input_consumed(0) {} 368 369 size_t NonErrorSerializedSize() const override; 370 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 371 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 372 373 Buffer output; 374 size_t input_consumed; 375 AuthorizationSet output_params; 376 }; 377 378 struct FinishOperationRequest : public KeymasterMessage { 379 explicit FinishOperationRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {} 380 381 size_t SerializedSize() const override; 382 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 383 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 384 385 keymaster_operation_handle_t op_handle; 386 Buffer input; 387 Buffer signature; 388 AuthorizationSet additional_params; 389 }; 390 391 struct FinishOperationResponse : public KeymasterResponse { 392 explicit FinishOperationResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {} 393 394 size_t NonErrorSerializedSize() const override; 395 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 396 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 397 398 Buffer output; 399 AuthorizationSet output_params; 400 }; 401 402 struct AbortOperationRequest : public KeymasterMessage { 403 explicit AbortOperationRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {} 404 405 size_t SerializedSize() const override { return sizeof(uint64_t); } 406 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override { 407 return append_uint64_to_buf(buf, end, op_handle); 408 } 409 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override { 410 return copy_uint64_from_buf(buf_ptr, end, &op_handle); 411 } 412 413 keymaster_operation_handle_t op_handle; 414 }; 415 416 struct AbortOperationResponse : public KeymasterResponse { 417 explicit AbortOperationResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {} 418 419 size_t NonErrorSerializedSize() const override { return 0; } 420 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t*) const override { return buf; } 421 bool NonErrorDeserialize(const uint8_t**, const uint8_t*) override { return true; } 422 }; 423 424 struct AddEntropyRequest : public KeymasterMessage { 425 explicit AddEntropyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {} 426 427 size_t SerializedSize() const override; 428 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 429 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 430 431 Buffer random_data; 432 }; 433 434 struct AddEntropyResponse : public KeymasterResponse { 435 explicit AddEntropyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {} 436 437 size_t NonErrorSerializedSize() const override { return 0; } 438 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* /* end */) const override { 439 return buf; 440 } 441 bool NonErrorDeserialize(const uint8_t** /* buf_ptr */, const uint8_t* /* end */) override { 442 return true; 443 } 444 }; 445 446 struct ImportKeyRequest : public KeymasterMessage { 447 explicit ImportKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) 448 : KeymasterMessage(ver), key_data(nullptr) {} 449 ~ImportKeyRequest() { delete[] key_data; } 450 451 void SetKeyMaterial(const void* key_material, size_t length); 452 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 453 SetKeyMaterial(blob.key_material, blob.key_material_size); 454 } 455 456 size_t SerializedSize() const override; 457 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 458 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 459 460 AuthorizationSet key_description; 461 keymaster_key_format_t key_format; 462 uint8_t* key_data; 463 size_t key_data_length; 464 }; 465 466 struct ImportKeyResponse : public KeymasterResponse { 467 explicit ImportKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) { 468 key_blob.key_material = nullptr; 469 key_blob.key_material_size = 0; 470 } 471 ~ImportKeyResponse() { delete[] key_blob.key_material; } 472 473 void SetKeyMaterial(const void* key_material, size_t length); 474 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 475 SetKeyMaterial(blob.key_material, blob.key_material_size); 476 } 477 478 size_t NonErrorSerializedSize() const override; 479 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 480 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 481 482 keymaster_key_blob_t key_blob; 483 AuthorizationSet enforced; 484 AuthorizationSet unenforced; 485 }; 486 487 struct ExportKeyRequest : public KeymasterMessage { 488 explicit ExportKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) { 489 key_blob.key_material = nullptr; 490 key_blob.key_material_size = 0; 491 } 492 ~ExportKeyRequest() { delete[] key_blob.key_material; } 493 494 void SetKeyMaterial(const void* key_material, size_t length); 495 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 496 SetKeyMaterial(blob.key_material, blob.key_material_size); 497 } 498 499 size_t SerializedSize() const override; 500 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 501 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 502 503 AuthorizationSet additional_params; 504 keymaster_key_format_t key_format; 505 keymaster_key_blob_t key_blob; 506 }; 507 508 struct ExportKeyResponse : public KeymasterResponse { 509 explicit ExportKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) 510 : KeymasterResponse(ver), key_data(nullptr) {} 511 ~ExportKeyResponse() { delete[] key_data; } 512 513 void SetKeyMaterial(const void* key_material, size_t length); 514 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 515 SetKeyMaterial(blob.key_material, blob.key_material_size); 516 } 517 518 size_t NonErrorSerializedSize() const override; 519 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 520 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 521 522 uint8_t* key_data; 523 size_t key_data_length; 524 }; 525 526 struct DeleteKeyRequest : public KeymasterMessage { 527 explicit DeleteKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) { 528 key_blob.key_material = nullptr; 529 key_blob.key_material_size = 0; 530 } 531 ~DeleteKeyRequest() { delete[] key_blob.key_material; } 532 533 void SetKeyMaterial(const void* key_material, size_t length); 534 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 535 SetKeyMaterial(blob.key_material, blob.key_material_size); 536 } 537 538 size_t SerializedSize() const override; 539 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 540 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 541 542 keymaster_key_blob_t key_blob; 543 }; 544 545 struct DeleteKeyResponse : public KeymasterResponse { 546 explicit DeleteKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {} 547 548 size_t NonErrorSerializedSize() const override { return 0; } 549 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t*) const override { return buf; } 550 bool NonErrorDeserialize(const uint8_t**, const uint8_t*) override { return true; } 551 }; 552 553 struct DeleteAllKeysRequest : public KeymasterMessage { 554 explicit DeleteAllKeysRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {} 555 556 size_t SerializedSize() const override { return 0; } 557 uint8_t* Serialize(uint8_t* buf, const uint8_t*) const override { return buf; } 558 bool Deserialize(const uint8_t**, const uint8_t*) override { return true; }; 559 }; 560 561 struct DeleteAllKeysResponse : public KeymasterResponse { 562 explicit DeleteAllKeysResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {} 563 564 size_t NonErrorSerializedSize() const override { return 0; } 565 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t*) const override { return buf; } 566 bool NonErrorDeserialize(const uint8_t**, const uint8_t*) override { return true; } 567 }; 568 569 struct GetVersionRequest : public KeymasterMessage { 570 GetVersionRequest() : KeymasterMessage(0 /* not versionable */) {} 571 572 size_t SerializedSize() const override { return 0; } 573 uint8_t* Serialize(uint8_t* buf, const uint8_t*) const override { return buf; } 574 bool Deserialize(const uint8_t**, const uint8_t*) override { return true; }; 575 }; 576 577 struct GetVersionResponse : public KeymasterResponse { 578 GetVersionResponse() 579 : KeymasterResponse(0 /* not versionable */), major_ver(0), minor_ver(0), subminor_ver(0) {} 580 581 size_t NonErrorSerializedSize() const override; 582 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 583 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 584 585 uint8_t major_ver; 586 uint8_t minor_ver; 587 uint8_t subminor_ver; 588 }; 589 590 struct AttestKeyRequest : public KeymasterMessage { 591 explicit AttestKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) { 592 key_blob.key_material = nullptr; 593 key_blob.key_material_size = 0; 594 } 595 ~AttestKeyRequest(); 596 597 void SetKeyMaterial(const void* key_material, size_t length); 598 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 599 SetKeyMaterial(blob.key_material, blob.key_material_size); 600 } 601 602 size_t SerializedSize() const override; 603 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 604 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 605 606 keymaster_key_blob_t key_blob; 607 AuthorizationSet attest_params; 608 }; 609 610 struct AttestKeyResponse : public KeymasterResponse { 611 explicit AttestKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) { 612 certificate_chain.entry_count = 0; 613 certificate_chain.entries = nullptr; 614 } 615 ~AttestKeyResponse(); 616 617 bool AllocateChain(size_t entry_count); 618 619 size_t NonErrorSerializedSize() const override; 620 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 621 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 622 623 keymaster_cert_chain_t certificate_chain; 624 }; 625 626 struct UpgradeKeyRequest : public KeymasterMessage { 627 explicit UpgradeKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) { 628 key_blob = {nullptr, 0}; 629 } 630 ~UpgradeKeyRequest(); 631 632 void SetKeyMaterial(const void* key_material, size_t length); 633 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 634 SetKeyMaterial(blob.key_material, blob.key_material_size); 635 } 636 637 size_t SerializedSize() const override; 638 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override; 639 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 640 641 keymaster_key_blob_t key_blob; 642 AuthorizationSet upgrade_params; 643 }; 644 645 struct UpgradeKeyResponse : public KeymasterResponse { 646 explicit UpgradeKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) { 647 upgraded_key = {nullptr, 0}; 648 } 649 ~UpgradeKeyResponse(); 650 651 size_t NonErrorSerializedSize() const override; 652 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override; 653 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override; 654 655 keymaster_key_blob_t upgraded_key; 656 }; 657 658 struct ConfigureRequest : public KeymasterMessage { 659 explicit ConfigureRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {} 660 661 size_t SerializedSize() const override { return sizeof(os_version) + sizeof(os_patchlevel); } 662 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override { 663 buf = append_uint32_to_buf(buf, end, os_version); 664 return append_uint32_to_buf(buf, end, os_patchlevel); 665 } 666 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override { 667 return copy_uint32_from_buf(buf_ptr, end, &os_version) && 668 copy_uint32_from_buf(buf_ptr, end, &os_patchlevel); 669 } 670 671 uint32_t os_version; 672 uint32_t os_patchlevel; 673 }; 674 675 struct ConfigureResponse : public KeymasterResponse { 676 explicit ConfigureResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {} 677 678 size_t NonErrorSerializedSize() const override { return 0; } 679 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t*) const override { return buf; } 680 bool NonErrorDeserialize(const uint8_t**, const uint8_t*) override { return true; } 681 }; 682 683 } // namespace keymaster 684 685 #endif // SYSTEM_KEYMASTER_ANDROID_KEYMASTER_MESSAGES_H_ 686
