1 /*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #ifndef ANDROID_HARDWARE_KEYMASTER_DEFS_H
18 #define ANDROID_HARDWARE_KEYMASTER_DEFS_H
19
20 #include <stdint.h>
21 #include <stdlib.h>
22 #include <string.h>
23
24 #ifdef __cplusplus
25 extern "C" {
26 #endif // __cplusplus
27
28 /**
29 * Authorization tags each have an associated type. This enumeration facilitates tagging each with
30 * a type, by using the high four bits (of an implied 32-bit unsigned enum value) to specify up to
31 * 16 data types. These values are ORed with tag IDs to generate the final tag ID values.
32 */
33 typedef enum {
34 KM_INVALID = 0 << 28, /* Invalid type, used to designate a tag as uninitialized */
35 KM_ENUM = 1 << 28,
36 KM_ENUM_REP = 2 << 28, /* Repeatable enumeration value. */
37 KM_UINT = 3 << 28,
38 KM_UINT_REP = 4 << 28, /* Repeatable integer value */
39 KM_ULONG = 5 << 28,
40 KM_DATE = 6 << 28,
41 KM_BOOL = 7 << 28,
42 KM_BIGNUM = 8 << 28,
43 KM_BYTES = 9 << 28,
44 KM_ULONG_REP = 10 << 28, /* Repeatable long value */
45 } keymaster_tag_type_t;
46
47 typedef enum {
48 KM_TAG_INVALID = KM_INVALID | 0,
49
50 /*
51 * Tags that must be semantically enforced by hardware and software implementations.
52 */
53
54 /* Crypto parameters */
55 KM_TAG_PURPOSE = KM_ENUM_REP | 1, /* keymaster_purpose_t. */
56 KM_TAG_ALGORITHM = KM_ENUM | 2, /* keymaster_algorithm_t. */
57 KM_TAG_KEY_SIZE = KM_UINT | 3, /* Key size in bits. */
58 KM_TAG_BLOCK_MODE = KM_ENUM_REP | 4, /* keymaster_block_mode_t. */
59 KM_TAG_DIGEST = KM_ENUM_REP | 5, /* keymaster_digest_t. */
60 KM_TAG_PADDING = KM_ENUM_REP | 6, /* keymaster_padding_t. */
61 KM_TAG_CALLER_NONCE = KM_BOOL | 7, /* Allow caller to specify nonce or IV. */
62 KM_TAG_MIN_MAC_LENGTH = KM_UINT | 8, /* Minimum length of MAC or AEAD authentication tag in
63 * bits. */
64 KM_TAG_KDF = KM_ENUM_REP | 9, /* keymaster_kdf_t (keymaster2) */
65 KM_TAG_EC_CURVE = KM_ENUM | 10, /* keymaster_ec_curve_t (keymaster2) */
66
67 /* Algorithm-specific. */
68 KM_TAG_RSA_PUBLIC_EXPONENT = KM_ULONG | 200,
69 KM_TAG_ECIES_SINGLE_HASH_MODE = KM_BOOL | 201, /* Whether the ephemeral public key is fed into
70 * the KDF */
71 KM_TAG_INCLUDE_UNIQUE_ID = KM_BOOL | 202, /* If true, attestation certificates for this key
72 * will contain an application-scoped and
73 * time-bounded device-unique ID. (keymaster2) */
74
75 /* Other hardware-enforced. */
76 KM_TAG_BLOB_USAGE_REQUIREMENTS = KM_ENUM | 301, /* keymaster_key_blob_usage_requirements_t */
77 KM_TAG_BOOTLOADER_ONLY = KM_BOOL | 302, /* Usable only by bootloader */
78
79 /*
80 * Tags that should be semantically enforced by hardware if possible and will otherwise be
81 * enforced by software (keystore).
82 */
83
84 /* Key validity period */
85 KM_TAG_ACTIVE_DATETIME = KM_DATE | 400, /* Start of validity */
86 KM_TAG_ORIGINATION_EXPIRE_DATETIME = KM_DATE | 401, /* Date when new "messages" should no
87 longer be created. */
88 KM_TAG_USAGE_EXPIRE_DATETIME = KM_DATE | 402, /* Date when existing "messages" should no
89 longer be trusted. */
90 KM_TAG_MIN_SECONDS_BETWEEN_OPS = KM_UINT | 403, /* Minimum elapsed time between
91 cryptographic operations with the key. */
92 KM_TAG_MAX_USES_PER_BOOT = KM_UINT | 404, /* Number of times the key can be used per
93 boot. */
94
95 /* User authentication */
96 KM_TAG_ALL_USERS = KM_BOOL | 500, /* Reserved for future use -- ignore */
97 KM_TAG_USER_ID = KM_UINT | 501, /* Reserved for future use -- ignore */
98 KM_TAG_USER_SECURE_ID = KM_ULONG_REP | 502, /* Secure ID of authorized user or authenticator(s).
99 Disallowed if KM_TAG_ALL_USERS or
100 KM_TAG_NO_AUTH_REQUIRED is present. */
101 KM_TAG_NO_AUTH_REQUIRED = KM_BOOL | 503, /* If key is usable without authentication. */
102 KM_TAG_USER_AUTH_TYPE = KM_ENUM | 504, /* Bitmask of authenticator types allowed when
103 * KM_TAG_USER_SECURE_ID contains a secure user ID,
104 * rather than a secure authenticator ID. Defined in
105 * hw_authenticator_type_t in hw_auth_token.h. */
106 KM_TAG_AUTH_TIMEOUT = KM_UINT | 505, /* Required freshness of user authentication for
107 private/secret key operations, in seconds.
108 Public key operations require no authentication.
109 If absent, authentication is required for every
110 use. Authentication state is lost when the
111 device is powered off. */
112 KM_TAG_ALLOW_WHILE_ON_BODY = KM_BOOL | 506, /* Allow key to be used after authentication timeout
113 * if device is still on-body (requires secure
114 * on-body sensor. */
115
116 /* Application access control */
117 KM_TAG_ALL_APPLICATIONS = KM_BOOL | 600, /* Specified to indicate key is usable by all
118 * applications. */
119 KM_TAG_APPLICATION_ID = KM_BYTES | 601, /* Byte string identifying the authorized
120 * application. */
121 KM_TAG_EXPORTABLE = KM_BOOL | 602, /* If true, private/secret key can be exported, but
122 * only if all access control requirements for use are
123 * met. (keymaster2) */
124
125 /*
126 * Semantically unenforceable tags, either because they have no specific meaning or because
127 * they're informational only.
128 */
129 KM_TAG_APPLICATION_DATA = KM_BYTES | 700, /* Data provided by authorized application. */
130 KM_TAG_CREATION_DATETIME = KM_DATE | 701, /* Key creation time */
131 KM_TAG_ORIGIN = KM_ENUM | 702, /* keymaster_key_origin_t. */
132 KM_TAG_ROLLBACK_RESISTANT = KM_BOOL | 703, /* Whether key is rollback-resistant. */
133 KM_TAG_ROOT_OF_TRUST = KM_BYTES | 704, /* Root of trust ID. */
134 KM_TAG_OS_VERSION = KM_UINT | 705, /* Version of system (keymaster2) */
135 KM_TAG_OS_PATCHLEVEL = KM_UINT | 706, /* Patch level of system (keymaster2) */
136 KM_TAG_UNIQUE_ID = KM_BYTES | 707, /* Used to provide unique ID in attestation */
137 KM_TAG_ATTESTATION_CHALLENGE = KM_BYTES | 708, /* Used to provide challenge in attestation */
138
139 /* Tags used only to provide data to or receive data from operations */
140 KM_TAG_ASSOCIATED_DATA = KM_BYTES | 1000, /* Used to provide associated data for AEAD modes. */
141 KM_TAG_NONCE = KM_BYTES | 1001, /* Nonce or Initialization Vector */
142 KM_TAG_AUTH_TOKEN = KM_BYTES | 1002, /* Authentication token that proves secure user
143 authentication has been performed. Structure
144 defined in hw_auth_token_t in hw_auth_token.h. */
145 KM_TAG_MAC_LENGTH = KM_UINT | 1003, /* MAC or AEAD authentication tag length in
146 * bits. */
147
148 KM_TAG_RESET_SINCE_ID_ROTATION = KM_BOOL | 1004, /* Whether the device has beeen factory reset
149 since the last unique ID rotation. Used for
150 key attestation. */
151 } keymaster_tag_t;
152
153 /**
154 * Algorithms that may be provided by keymaster implementations. Those that must be provided by all
155 * implementations are tagged as "required".
156 */
157 typedef enum {
158 /* Asymmetric algorithms. */
159 KM_ALGORITHM_RSA = 1,
160 // KM_ALGORITHM_DSA = 2, -- Removed, do not re-use value 2.
161 KM_ALGORITHM_EC = 3,
162
163 /* Block ciphers algorithms */
164 KM_ALGORITHM_AES = 32,
165
166 /* MAC algorithms */
167 KM_ALGORITHM_HMAC = 128,
168 } keymaster_algorithm_t;
169
170 /**
171 * Symmetric block cipher modes provided by keymaster implementations.
172 */
173 typedef enum {
174 /* Unauthenticated modes, usable only for encryption/decryption and not generally recommended
175 * except for compatibility with existing other protocols. */
176 KM_MODE_ECB = 1,
177 KM_MODE_CBC = 2,
178 KM_MODE_CTR = 3,
179
180 /* Authenticated modes, usable for encryption/decryption and signing/verification. Recommended
181 * over unauthenticated modes for all purposes. */
182 KM_MODE_GCM = 32,
183 } keymaster_block_mode_t;
184
185 /**
186 * Padding modes that may be applied to plaintext for encryption operations. This list includes
187 * padding modes for both symmetric and asymmetric algorithms. Note that implementations should not
188 * provide all possible combinations of algorithm and padding, only the
189 * cryptographically-appropriate pairs.
190 */
191 typedef enum {
192 KM_PAD_NONE = 1, /* deprecated */
193 KM_PAD_RSA_OAEP = 2,
194 KM_PAD_RSA_PSS = 3,
195 KM_PAD_RSA_PKCS1_1_5_ENCRYPT = 4,
196 KM_PAD_RSA_PKCS1_1_5_SIGN = 5,
197 KM_PAD_PKCS7 = 64,
198 } keymaster_padding_t;
199
200 /**
201 * Digests provided by keymaster implementations.
202 */
203 typedef enum {
204 KM_DIGEST_NONE = 0,
205 KM_DIGEST_MD5 = 1, /* Optional, may not be implemented in hardware, will be handled in software
206 * if needed. */
207 KM_DIGEST_SHA1 = 2,
208 KM_DIGEST_SHA_2_224 = 3,
209 KM_DIGEST_SHA_2_256 = 4,
210 KM_DIGEST_SHA_2_384 = 5,
211 KM_DIGEST_SHA_2_512 = 6,
212 } keymaster_digest_t;
213
214 /*
215 * Key derivation functions, mostly used in ECIES.
216 */
217 typedef enum {
218 /* Do not apply a key derivation function; use the raw agreed key */
219 KM_KDF_NONE = 0,
220 /* HKDF defined in RFC 5869 with SHA256 */
221 KM_KDF_RFC5869_SHA256 = 1,
222 /* KDF1 defined in ISO 18033-2 with SHA1 */
223 KM_KDF_ISO18033_2_KDF1_SHA1 = 2,
224 /* KDF1 defined in ISO 18033-2 with SHA256 */
225 KM_KDF_ISO18033_2_KDF1_SHA256 = 3,
226 /* KDF2 defined in ISO 18033-2 with SHA1 */
227 KM_KDF_ISO18033_2_KDF2_SHA1 = 4,
228 /* KDF2 defined in ISO 18033-2 with SHA256 */
229 KM_KDF_ISO18033_2_KDF2_SHA256 = 5,
230 } keymaster_kdf_t;
231
232 /**
233 * Supported EC curves, used in ECDSA/ECIES.
234 */
235 typedef enum {
236 KM_EC_CURVE_P_224 = 0,
237 KM_EC_CURVE_P_256 = 1,
238 KM_EC_CURVE_P_384 = 2,
239 KM_EC_CURVE_P_521 = 3,
240 } keymaster_ec_curve_t;
241
242 /**
243 * The origin of a key (or pair), i.e. where it was generated. Note that KM_TAG_ORIGIN can be found
244 * in either the hardware-enforced or software-enforced list for a key, indicating whether the key
245 * is hardware or software-based. Specifically, a key with KM_ORIGIN_GENERATED in the
246 * hardware-enforced list is guaranteed never to have existed outide the secure hardware.
247 */
248 typedef enum {
249 KM_ORIGIN_GENERATED = 0, /* Generated in keymaster. Should not exist outside the TEE. */
250 KM_ORIGIN_DERIVED = 1, /* Derived inside keymaster. Likely exists off-device. */
251 KM_ORIGIN_IMPORTED = 2, /* Imported into keymaster. Existed as cleartext in Android. */
252 KM_ORIGIN_UNKNOWN = 3, /* Keymaster did not record origin. This value can only be seen on
253 * keys in a keymaster0 implementation. The keymaster0 adapter uses
254 * this value to document the fact that it is unkown whether the key
255 * was generated inside or imported into keymaster. */
256 } keymaster_key_origin_t;
257
258 /**
259 * Usability requirements of key blobs. This defines what system functionality must be available
260 * for the key to function. For example, key "blobs" which are actually handles referencing
261 * encrypted key material stored in the file system cannot be used until the file system is
262 * available, and should have BLOB_REQUIRES_FILE_SYSTEM. Other requirements entries will be added
263 * as needed for implementations.
264 */
265 typedef enum {
266 KM_BLOB_STANDALONE = 0,
267 KM_BLOB_REQUIRES_FILE_SYSTEM = 1,
268 } keymaster_key_blob_usage_requirements_t;
269
270 /**
271 * Possible purposes of a key (or pair).
272 */
273 typedef enum {
274 KM_PURPOSE_ENCRYPT = 0, /* Usable with RSA, EC and AES keys. */
275 KM_PURPOSE_DECRYPT = 1, /* Usable with RSA, EC and AES keys. */
276 KM_PURPOSE_SIGN = 2, /* Usable with RSA, EC and HMAC keys. */
277 KM_PURPOSE_VERIFY = 3, /* Usable with RSA, EC and HMAC keys. */
278 KM_PURPOSE_DERIVE_KEY = 4, /* Usable with EC keys. */
279 } keymaster_purpose_t;
280
281 typedef struct {
282 const uint8_t* data;
283 size_t data_length;
284 } keymaster_blob_t;
285
286 typedef struct {
287 keymaster_tag_t tag;
288 union {
289 uint32_t enumerated; /* KM_ENUM and KM_ENUM_REP */
290 bool boolean; /* KM_BOOL */
291 uint32_t integer; /* KM_INT and KM_INT_REP */
292 uint64_t long_integer; /* KM_LONG */
293 uint64_t date_time; /* KM_DATE */
294 keymaster_blob_t blob; /* KM_BIGNUM and KM_BYTES*/
295 };
296 } keymaster_key_param_t;
297
298 typedef struct {
299 keymaster_key_param_t* params; /* may be NULL if length == 0 */
300 size_t length;
301 } keymaster_key_param_set_t;
302
303 /**
304 * Parameters that define a key's characteristics, including authorized modes of usage and access
305 * control restrictions. The parameters are divided into two categories, those that are enforced by
306 * secure hardware, and those that are not. For a software-only keymaster implementation the
307 * enforced array must NULL. Hardware implementations must enforce everything in the enforced
308 * array.
309 */
310 typedef struct {
311 keymaster_key_param_set_t hw_enforced;
312 keymaster_key_param_set_t sw_enforced;
313 } keymaster_key_characteristics_t;
314
315 typedef struct {
316 const uint8_t* key_material;
317 size_t key_material_size;
318 } keymaster_key_blob_t;
319
320 typedef struct {
321 keymaster_blob_t* entries;
322 size_t entry_count;
323 } keymaster_cert_chain_t;
324
325 typedef enum {
326 KM_VERIFIED_BOOT_VERIFIED = 0, /* Full chain of trust extending from the bootloader to
327 * verified partitions, including the bootloader, boot
328 * partition, and all verified partitions*/
329 KM_VERIFIED_BOOT_SELF_SIGNED = 1, /* The boot partition has been verified using the embedded
330 * certificate, and the signature is valid. The bootloader
331 * displays a warning and the fingerprint of the public
332 * key before allowing the boot process to continue.*/
333 KM_VERIFIED_BOOT_UNVERIFIED = 2, /* The device may be freely modified. Device integrity is left
334 * to the user to verify out-of-band. The bootloader
335 * displays a warning to the user before allowing the boot
336 * process to continue */
337 KM_VERIFIED_BOOT_FAILED = 3, /* The device failed verification. The bootloader displays a
338 * warning and stops the boot process, so no keymaster
339 * implementation should ever actually return this value,
340 * since it should not run. Included here only for
341 * completeness. */
342 } keymaster_verified_boot_t;
343
344 typedef enum {
345 KM_SECURITY_LEVEL_SOFTWARE = 0,
346 KM_SECURITY_LEVEL_TRUSTED_ENVIRONMENT = 1,
347 } keymaster_security_level_t;
348
349 /**
350 * Formats for key import and export.
351 */
352 typedef enum {
353 KM_KEY_FORMAT_X509 = 0, /* for public key export */
354 KM_KEY_FORMAT_PKCS8 = 1, /* for asymmetric key pair import */
355 KM_KEY_FORMAT_RAW = 3, /* for symmetric key import and export*/
356 } keymaster_key_format_t;
357
358 /**
359 * The keymaster operation API consists of begin, update, finish and abort. This is the type of the
360 * handle used to tie the sequence of calls together. A 64-bit value is used because it's important
361 * that handles not be predictable. Implementations must use strong random numbers for handle
362 * values.
363 */
364 typedef uint64_t keymaster_operation_handle_t;
365
366 typedef enum {
367 KM_ERROR_OK = 0,
368 KM_ERROR_ROOT_OF_TRUST_ALREADY_SET = -1,
369 KM_ERROR_UNSUPPORTED_PURPOSE = -2,
370 KM_ERROR_INCOMPATIBLE_PURPOSE = -3,
371 KM_ERROR_UNSUPPORTED_ALGORITHM = -4,
372 KM_ERROR_INCOMPATIBLE_ALGORITHM = -5,
373 KM_ERROR_UNSUPPORTED_KEY_SIZE = -6,
374 KM_ERROR_UNSUPPORTED_BLOCK_MODE = -7,
375 KM_ERROR_INCOMPATIBLE_BLOCK_MODE = -8,
376 KM_ERROR_UNSUPPORTED_MAC_LENGTH = -9,
377 KM_ERROR_UNSUPPORTED_PADDING_MODE = -10,
378 KM_ERROR_INCOMPATIBLE_PADDING_MODE = -11,
379 KM_ERROR_UNSUPPORTED_DIGEST = -12,
380 KM_ERROR_INCOMPATIBLE_DIGEST = -13,
381 KM_ERROR_INVALID_EXPIRATION_TIME = -14,
382 KM_ERROR_INVALID_USER_ID = -15,
383 KM_ERROR_INVALID_AUTHORIZATION_TIMEOUT = -16,
384 KM_ERROR_UNSUPPORTED_KEY_FORMAT = -17,
385 KM_ERROR_INCOMPATIBLE_KEY_FORMAT = -18,
386 KM_ERROR_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM = -19, /* For PKCS8 & PKCS12 */
387 KM_ERROR_UNSUPPORTED_KEY_VERIFICATION_ALGORITHM = -20, /* For PKCS8 & PKCS12 */
388 KM_ERROR_INVALID_INPUT_LENGTH = -21,
389 KM_ERROR_KEY_EXPORT_OPTIONS_INVALID = -22,
390 KM_ERROR_DELEGATION_NOT_ALLOWED = -23,
391 KM_ERROR_KEY_NOT_YET_VALID = -24,
392 KM_ERROR_KEY_EXPIRED = -25,
393 KM_ERROR_KEY_USER_NOT_AUTHENTICATED = -26,
394 KM_ERROR_OUTPUT_PARAMETER_NULL = -27,
395 KM_ERROR_INVALID_OPERATION_HANDLE = -28,
396 KM_ERROR_INSUFFICIENT_BUFFER_SPACE = -29,
397 KM_ERROR_VERIFICATION_FAILED = -30,
398 KM_ERROR_TOO_MANY_OPERATIONS = -31,
399 KM_ERROR_UNEXPECTED_NULL_POINTER = -32,
400 KM_ERROR_INVALID_KEY_BLOB = -33,
401 KM_ERROR_IMPORTED_KEY_NOT_ENCRYPTED = -34,
402 KM_ERROR_IMPORTED_KEY_DECRYPTION_FAILED = -35,
403 KM_ERROR_IMPORTED_KEY_NOT_SIGNED = -36,
404 KM_ERROR_IMPORTED_KEY_VERIFICATION_FAILED = -37,
405 KM_ERROR_INVALID_ARGUMENT = -38,
406 KM_ERROR_UNSUPPORTED_TAG = -39,
407 KM_ERROR_INVALID_TAG = -40,
408 KM_ERROR_MEMORY_ALLOCATION_FAILED = -41,
409 KM_ERROR_IMPORT_PARAMETER_MISMATCH = -44,
410 KM_ERROR_SECURE_HW_ACCESS_DENIED = -45,
411 KM_ERROR_OPERATION_CANCELLED = -46,
412 KM_ERROR_CONCURRENT_ACCESS_CONFLICT = -47,
413 KM_ERROR_SECURE_HW_BUSY = -48,
414 KM_ERROR_SECURE_HW_COMMUNICATION_FAILED = -49,
415 KM_ERROR_UNSUPPORTED_EC_FIELD = -50,
416 KM_ERROR_MISSING_NONCE = -51,
417 KM_ERROR_INVALID_NONCE = -52,
418 KM_ERROR_MISSING_MAC_LENGTH = -53,
419 KM_ERROR_KEY_RATE_LIMIT_EXCEEDED = -54,
420 KM_ERROR_CALLER_NONCE_PROHIBITED = -55,
421 KM_ERROR_KEY_MAX_OPS_EXCEEDED = -56,
422 KM_ERROR_INVALID_MAC_LENGTH = -57,
423 KM_ERROR_MISSING_MIN_MAC_LENGTH = -58,
424 KM_ERROR_UNSUPPORTED_MIN_MAC_LENGTH = -59,
425 KM_ERROR_UNSUPPORTED_KDF = -60,
426 KM_ERROR_UNSUPPORTED_EC_CURVE = -61,
427 KM_ERROR_KEY_REQUIRES_UPGRADE = -62,
428 KM_ERROR_ATTESTATION_CHALLENGE_MISSING = -63,
429 KM_ERROR_KEYMASTER_NOT_CONFIGURED = -64,
430
431 KM_ERROR_UNIMPLEMENTED = -100,
432 KM_ERROR_VERSION_MISMATCH = -101,
433
434 KM_ERROR_UNKNOWN_ERROR = -1000,
435 } keymaster_error_t;
436
437 /* Convenience functions for manipulating keymaster tag types */
438
keymaster_tag_get_type(keymaster_tag_t tag)439 static inline keymaster_tag_type_t keymaster_tag_get_type(keymaster_tag_t tag) {
440 return (keymaster_tag_type_t)(tag & (0xF << 28));
441 }
442
keymaster_tag_mask_type(keymaster_tag_t tag)443 static inline uint32_t keymaster_tag_mask_type(keymaster_tag_t tag) {
444 return tag & 0x0FFFFFFF;
445 }
446
keymaster_tag_type_repeatable(keymaster_tag_type_t type)447 static inline bool keymaster_tag_type_repeatable(keymaster_tag_type_t type) {
448 switch (type) {
449 case KM_UINT_REP:
450 case KM_ENUM_REP:
451 return true;
452 default:
453 return false;
454 }
455 }
456
keymaster_tag_repeatable(keymaster_tag_t tag)457 static inline bool keymaster_tag_repeatable(keymaster_tag_t tag) {
458 return keymaster_tag_type_repeatable(keymaster_tag_get_type(tag));
459 }
460
461 /* Convenience functions for manipulating keymaster_key_param_t structs */
462
keymaster_param_enum(keymaster_tag_t tag,uint32_t value)463 inline keymaster_key_param_t keymaster_param_enum(keymaster_tag_t tag, uint32_t value) {
464 // assert(keymaster_tag_get_type(tag) == KM_ENUM || keymaster_tag_get_type(tag) == KM_ENUM_REP);
465 keymaster_key_param_t param;
466 memset(¶m, 0, sizeof(param));
467 param.tag = tag;
468 param.enumerated = value;
469 return param;
470 }
471
keymaster_param_int(keymaster_tag_t tag,uint32_t value)472 inline keymaster_key_param_t keymaster_param_int(keymaster_tag_t tag, uint32_t value) {
473 // assert(keymaster_tag_get_type(tag) == KM_INT || keymaster_tag_get_type(tag) == KM_INT_REP);
474 keymaster_key_param_t param;
475 memset(¶m, 0, sizeof(param));
476 param.tag = tag;
477 param.integer = value;
478 return param;
479 }
480
keymaster_param_long(keymaster_tag_t tag,uint64_t value)481 inline keymaster_key_param_t keymaster_param_long(keymaster_tag_t tag, uint64_t value) {
482 // assert(keymaster_tag_get_type(tag) == KM_LONG);
483 keymaster_key_param_t param;
484 memset(¶m, 0, sizeof(param));
485 param.tag = tag;
486 param.long_integer = value;
487 return param;
488 }
489
keymaster_param_blob(keymaster_tag_t tag,const uint8_t * bytes,size_t bytes_len)490 inline keymaster_key_param_t keymaster_param_blob(keymaster_tag_t tag, const uint8_t* bytes,
491 size_t bytes_len) {
492 // assert(keymaster_tag_get_type(tag) == KM_BYTES || keymaster_tag_get_type(tag) == KM_BIGNUM);
493 keymaster_key_param_t param;
494 memset(¶m, 0, sizeof(param));
495 param.tag = tag;
496 param.blob.data = (uint8_t*)bytes;
497 param.blob.data_length = bytes_len;
498 return param;
499 }
500
keymaster_param_bool(keymaster_tag_t tag)501 inline keymaster_key_param_t keymaster_param_bool(keymaster_tag_t tag) {
502 // assert(keymaster_tag_get_type(tag) == KM_BOOL);
503 keymaster_key_param_t param;
504 memset(¶m, 0, sizeof(param));
505 param.tag = tag;
506 param.boolean = true;
507 return param;
508 }
509
keymaster_param_date(keymaster_tag_t tag,uint64_t value)510 inline keymaster_key_param_t keymaster_param_date(keymaster_tag_t tag, uint64_t value) {
511 // assert(keymaster_tag_get_type(tag) == KM_DATE);
512 keymaster_key_param_t param;
513 memset(¶m, 0, sizeof(param));
514 param.tag = tag;
515 param.date_time = value;
516 return param;
517 }
518
519 #define KEYMASTER_SIMPLE_COMPARE(a, b) (a < b) ? -1 : ((a > b) ? 1 : 0)
keymaster_param_compare(const keymaster_key_param_t * a,const keymaster_key_param_t * b)520 inline int keymaster_param_compare(const keymaster_key_param_t* a, const keymaster_key_param_t* b) {
521 int retval = KEYMASTER_SIMPLE_COMPARE(a->tag, b->tag);
522 if (retval != 0)
523 return retval;
524
525 switch (keymaster_tag_get_type(a->tag)) {
526 case KM_INVALID:
527 case KM_BOOL:
528 return 0;
529 case KM_ENUM:
530 case KM_ENUM_REP:
531 return KEYMASTER_SIMPLE_COMPARE(a->enumerated, b->enumerated);
532 case KM_UINT:
533 case KM_UINT_REP:
534 return KEYMASTER_SIMPLE_COMPARE(a->integer, b->integer);
535 case KM_ULONG:
536 case KM_ULONG_REP:
537 return KEYMASTER_SIMPLE_COMPARE(a->long_integer, b->long_integer);
538 case KM_DATE:
539 return KEYMASTER_SIMPLE_COMPARE(a->date_time, b->date_time);
540 case KM_BIGNUM:
541 case KM_BYTES:
542 // Handle the empty cases.
543 if (a->blob.data_length != 0 && b->blob.data_length == 0)
544 return -1;
545 if (a->blob.data_length == 0 && b->blob.data_length == 0)
546 return 0;
547 if (a->blob.data_length == 0 && b->blob.data_length > 0)
548 return 1;
549
550 retval = memcmp(a->blob.data, b->blob.data, a->blob.data_length < b->blob.data_length
551 ? a->blob.data_length
552 : b->blob.data_length);
553 if (retval != 0)
554 return retval;
555 else if (a->blob.data_length != b->blob.data_length) {
556 // Equal up to the common length; longer one is larger.
557 if (a->blob.data_length < b->blob.data_length)
558 return -1;
559 if (a->blob.data_length > b->blob.data_length)
560 return 1;
561 };
562 }
563
564 return 0;
565 }
566 #undef KEYMASTER_SIMPLE_COMPARE
567
keymaster_free_param_values(keymaster_key_param_t * param,size_t param_count)568 inline void keymaster_free_param_values(keymaster_key_param_t* param, size_t param_count) {
569 while (param_count > 0) {
570 param_count--;
571 switch (keymaster_tag_get_type(param->tag)) {
572 case KM_BIGNUM:
573 case KM_BYTES:
574 free((void*)param->blob.data);
575 param->blob.data = NULL;
576 break;
577 default:
578 // NOP
579 break;
580 }
581 ++param;
582 }
583 }
584
keymaster_free_param_set(keymaster_key_param_set_t * set)585 inline void keymaster_free_param_set(keymaster_key_param_set_t* set) {
586 if (set) {
587 keymaster_free_param_values(set->params, set->length);
588 free(set->params);
589 set->params = NULL;
590 set->length = 0;
591 }
592 }
593
keymaster_free_characteristics(keymaster_key_characteristics_t * characteristics)594 inline void keymaster_free_characteristics(keymaster_key_characteristics_t* characteristics) {
595 if (characteristics) {
596 keymaster_free_param_set(&characteristics->hw_enforced);
597 keymaster_free_param_set(&characteristics->sw_enforced);
598 }
599 }
600
keymaster_free_cert_chain(keymaster_cert_chain_t * chain)601 inline void keymaster_free_cert_chain(keymaster_cert_chain_t* chain) {
602 if (chain) {
603 for (size_t i = 0; i < chain->entry_count; ++i) {
604 free((uint8_t*)chain->entries[i].data);
605 chain->entries[i].data = NULL;
606 chain->entries[i].data_length = 0;
607 }
608 free(chain->entries);
609 chain->entries = NULL;
610 chain->entry_count = 0;
611 }
612 }
613
614 #ifdef __cplusplus
615 } // extern "C"
616 #endif // __cplusplus
617
618 #endif // ANDROID_HARDWARE_KEYMASTER_DEFS_H
619