1 /* 2 * Copyright 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef SYSTEM_KEYMASTER_GOOGLE_KEYMASTER_MESSAGES_H_ 18 #define SYSTEM_KEYMASTER_GOOGLE_KEYMASTER_MESSAGES_H_ 19 20 #include <stdlib.h> 21 #include <string.h> 22 23 #include <keymaster/authorization_set.h> 24 #include <keymaster/google_keymaster_utils.h> 25 26 namespace keymaster { 27 28 // Commands 29 const uint32_t GENERATE_KEY = 0; 30 const uint32_t BEGIN_OPERATION = 1; 31 const uint32_t UPDATE_OPERATION = 2; 32 const uint32_t FINISH_OPERATION = 3; 33 const uint32_t ABORT_OPERATION = 4; 34 const uint32_t IMPORT_KEY = 5; 35 const uint32_t EXPORT_KEY = 6; 36 37 /** 38 * All responses include an error value, and if the error is not KM_ERROR_OK, return no additional 39 * data. This abstract class factors out the common serialization functionality for all of the 40 * responses, so we only have to implement it once. Inheritance for reuse is generally not a great 41 * structure, but in this case it's the cleanest option. 42 */ 43 struct KeymasterResponse : public Serializable { 44 size_t SerializedSize() const; 45 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const; 46 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 47 48 virtual size_t NonErrorSerializedSize() const = 0; 49 virtual uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const = 0; 50 virtual bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) = 0; 51 52 keymaster_error_t error; 53 }; 54 55 struct SupportedAlgorithmsResponse : public KeymasterResponse { SupportedAlgorithmsResponseSupportedAlgorithmsResponse56 SupportedAlgorithmsResponse() : algorithms(NULL), algorithms_length(0) {} ~SupportedAlgorithmsResponseSupportedAlgorithmsResponse57 ~SupportedAlgorithmsResponse() { delete[] algorithms; } 58 59 size_t NonErrorSerializedSize() const; 60 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const; 61 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end); 62 63 keymaster_algorithm_t* algorithms; 64 size_t algorithms_length; 65 }; 66 67 template <typename T> struct SupportedResponse : public KeymasterResponse { SupportedResponseSupportedResponse68 SupportedResponse() : results(NULL), results_length(0) {} ~SupportedResponseSupportedResponse69 ~SupportedResponse() { delete[] results; } 70 SetResultsSupportedResponse71 template <size_t N> void SetResults(const T (&arr)[N]) { 72 delete[] results; 73 results_length = 0; 74 results = dup_array(arr); 75 if (results == NULL) { 76 error = KM_ERROR_MEMORY_ALLOCATION_FAILED; 77 } else { 78 results_length = N; 79 error = KM_ERROR_OK; 80 } 81 } 82 NonErrorSerializedSizeSupportedResponse83 size_t NonErrorSerializedSize() const { 84 return sizeof(uint32_t) + results_length * sizeof(uint32_t); 85 } NonErrorSerializeSupportedResponse86 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const { 87 return append_uint32_array_to_buf(buf, end, results, results_length); 88 } NonErrorDeserializeSupportedResponse89 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) { 90 delete[] results; 91 results = NULL; 92 UniquePtr<T[]> tmp; 93 if (!copy_uint32_array_from_buf(buf_ptr, end, &tmp, &results_length)) 94 return false; 95 results = tmp.release(); 96 return true; 97 } 98 99 T* results; 100 size_t results_length; 101 }; 102 103 struct GenerateKeyRequest : public Serializable { GenerateKeyRequestGenerateKeyRequest104 GenerateKeyRequest() {} GenerateKeyRequestGenerateKeyRequest105 GenerateKeyRequest(uint8_t* buf, size_t size) : key_description(buf, size) {} 106 SerializedSizeGenerateKeyRequest107 size_t SerializedSize() const { return key_description.SerializedSize(); } SerializeGenerateKeyRequest108 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const { 109 return key_description.Serialize(buf, end); 110 } DeserializeGenerateKeyRequest111 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) { 112 return key_description.Deserialize(buf_ptr, end); 113 } 114 115 AuthorizationSet key_description; 116 }; 117 118 struct GenerateKeyResponse : public KeymasterResponse { GenerateKeyResponseGenerateKeyResponse119 GenerateKeyResponse() { 120 error = KM_ERROR_OK; 121 key_blob.key_material = NULL; 122 key_blob.key_material_size = 0; 123 } 124 ~GenerateKeyResponse(); 125 126 size_t NonErrorSerializedSize() const; 127 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const; 128 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end); 129 130 keymaster_key_blob_t key_blob; 131 AuthorizationSet enforced; 132 AuthorizationSet unenforced; 133 }; 134 135 struct GetKeyCharacteristicsRequest : public Serializable { GetKeyCharacteristicsRequestGetKeyCharacteristicsRequest136 GetKeyCharacteristicsRequest() { key_blob.key_material = NULL; } 137 ~GetKeyCharacteristicsRequest(); 138 139 void SetKeyMaterial(const void* key_material, size_t length); SetKeyMaterialGetKeyCharacteristicsRequest140 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 141 SetKeyMaterial(blob.key_material, blob.key_material_size); 142 } 143 144 size_t SerializedSize() const; 145 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const; 146 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 147 148 keymaster_key_blob_t key_blob; 149 AuthorizationSet additional_params; 150 }; 151 152 struct GetKeyCharacteristicsResponse : public KeymasterResponse { 153 size_t NonErrorSerializedSize() const; 154 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const; 155 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end); 156 157 AuthorizationSet enforced; 158 AuthorizationSet unenforced; 159 }; 160 161 struct BeginOperationRequest : public Serializable { BeginOperationRequestBeginOperationRequest162 BeginOperationRequest() { key_blob.key_material = NULL; } ~BeginOperationRequestBeginOperationRequest163 ~BeginOperationRequest() { delete[] key_blob.key_material; } 164 165 void SetKeyMaterial(const void* key_material, size_t length); SetKeyMaterialBeginOperationRequest166 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 167 SetKeyMaterial(blob.key_material, blob.key_material_size); 168 } 169 170 size_t SerializedSize() const; 171 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const; 172 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 173 174 keymaster_purpose_t purpose; 175 keymaster_key_blob_t key_blob; 176 AuthorizationSet additional_params; 177 }; 178 179 struct BeginOperationResponse : public KeymasterResponse { 180 size_t NonErrorSerializedSize() const; 181 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const; 182 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end); 183 184 keymaster_operation_handle_t op_handle; 185 }; 186 187 struct UpdateOperationRequest : public Serializable { 188 size_t SerializedSize() const; 189 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const; 190 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 191 192 keymaster_operation_handle_t op_handle; 193 Buffer input; 194 }; 195 196 struct UpdateOperationResponse : public KeymasterResponse { 197 size_t NonErrorSerializedSize() const; 198 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const; 199 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end); 200 201 Buffer output; 202 }; 203 204 struct FinishOperationRequest : public Serializable { 205 size_t SerializedSize() const; 206 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const; 207 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 208 209 keymaster_operation_handle_t op_handle; 210 Buffer signature; 211 }; 212 213 struct FinishOperationResponse : public KeymasterResponse { 214 size_t NonErrorSerializedSize() const; 215 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const; 216 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end); 217 218 Buffer output; 219 }; 220 221 struct AddEntropyRequest : public Serializable { 222 size_t SerializedSize() const; 223 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const; 224 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 225 226 Buffer random_data; 227 }; 228 229 struct ImportKeyRequest : public Serializable { ImportKeyRequestImportKeyRequest230 ImportKeyRequest() : key_data(NULL) {} ~ImportKeyRequestImportKeyRequest231 ~ImportKeyRequest() { delete[] key_data; } 232 233 void SetKeyMaterial(const void* key_material, size_t length); 234 235 size_t SerializedSize() const; 236 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const; 237 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 238 239 AuthorizationSet key_description; 240 keymaster_key_format_t key_format; 241 uint8_t* key_data; 242 size_t key_data_length; 243 }; 244 245 struct ImportKeyResponse : public KeymasterResponse { ImportKeyResponseImportKeyResponse246 ImportKeyResponse() { key_blob.key_material = NULL; } ~ImportKeyResponseImportKeyResponse247 ~ImportKeyResponse() { delete[] key_blob.key_material; } 248 249 void SetKeyMaterial(const void* key_material, size_t length); SetKeyMaterialImportKeyResponse250 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 251 SetKeyMaterial(blob.key_material, blob.key_material_size); 252 } 253 254 size_t NonErrorSerializedSize() const; 255 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const; 256 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end); 257 258 keymaster_key_blob_t key_blob; 259 AuthorizationSet enforced; 260 AuthorizationSet unenforced; 261 }; 262 263 struct ExportKeyRequest : public Serializable { ExportKeyRequestExportKeyRequest264 ExportKeyRequest() { key_blob.key_material = NULL; } ~ExportKeyRequestExportKeyRequest265 ~ExportKeyRequest() { delete[] key_blob.key_material; } 266 267 void SetKeyMaterial(const void* key_material, size_t length); SetKeyMaterialExportKeyRequest268 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 269 SetKeyMaterial(blob.key_material, blob.key_material_size); 270 } 271 272 size_t SerializedSize() const; 273 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const; 274 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 275 276 AuthorizationSet additional_params; 277 keymaster_key_format_t key_format; 278 keymaster_key_blob_t key_blob; 279 }; 280 281 struct ExportKeyResponse : public KeymasterResponse { ExportKeyResponseExportKeyResponse282 ExportKeyResponse() : key_data(NULL) {} ~ExportKeyResponseExportKeyResponse283 ~ExportKeyResponse() { delete[] key_data; } 284 285 void SetKeyMaterial(const void* key_material, size_t length); 286 287 size_t NonErrorSerializedSize() const; 288 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const; 289 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end); 290 291 uint8_t* key_data; 292 size_t key_data_length; 293 }; 294 295 // The structs below are trivial because they're not implemented yet. 296 struct RescopeRequest : public Serializable {}; 297 struct RescopeResponse : public KeymasterResponse {}; 298 299 } // namespace keymaster 300 301 #endif // SYSTEM_KEYMASTER_GOOGLE_KEYMASTER_MESSAGES_H_ 302