1 /*
2 * Copyright 2017 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "proto_utils.h"
18
19 #include <android-base/logging.h>
20 #include <android/hardware/keymaster/4.0/types.h>
21 #include <keymasterV4_0/key_param_output.h>
22
23 namespace android {
24 namespace hardware {
25 namespace keymaster {
26
27 // HAL
28 using ::android::hardware::keymaster::V4_0::Algorithm;
29 using ::android::hardware::keymaster::V4_0::BlockMode;
30 using ::android::hardware::keymaster::V4_0::Digest;
31 using ::android::hardware::keymaster::V4_0::EcCurve;
32 using ::android::hardware::keymaster::V4_0::HardwareAuthenticatorType;
33 using ::android::hardware::keymaster::V4_0::KeyDerivationFunction;
34 using ::android::hardware::keymaster::V4_0::KeyOrigin;
35 using ::android::hardware::keymaster::V4_0::KeyPurpose;
36 using ::android::hardware::keymaster::V4_0::KeyBlobUsageRequirements;
37 using ::android::hardware::keymaster::V4_0::PaddingMode;
38 using ::android::hardware::keymaster::V4_0::Tag;
39 using ::android::hardware::keymaster::V4_0::TagType;
40
type_from_tag(Tag tag)41 static TagType type_from_tag(Tag tag)
42 {
43 return static_cast<TagType>(tag & (0xF << 28));
44 }
45
type_from_tag(nosapp::Tag tag)46 static nosapp::TagType type_from_tag(nosapp::Tag tag)
47 {
48 return static_cast<nosapp::TagType>(tag & (0xF << 16));
49 }
50
translate_tag(Tag tag)51 static nosapp::Tag translate_tag(Tag tag)
52 {
53 enum TagType tag_type = type_from_tag(tag);
54
55 /* TODO: This is gross. The alternative is to have a complete table. */
56 return static_cast<nosapp::Tag>(
57 (((uint32_t)tag_type >> 28) << 16) | (tag & 0xffff));
58 }
59
translate_tag(nosapp::Tag tag)60 static Tag translate_tag(nosapp::Tag tag)
61 {
62 enum nosapp::TagType tag_type = type_from_tag(tag);
63
64 /* TODO: This is gross. The alternative is to have a complete table. */
65 return static_cast<Tag>(
66 (((uint32_t)tag_type >> 16) << 28) | (tag & 0xffff));
67 }
68
translate_purpose(KeyPurpose purpose)69 static nosapp::KeyPurpose translate_purpose(KeyPurpose purpose)
70 {
71 switch (purpose) {
72 case KeyPurpose::ENCRYPT:
73 return nosapp::KeyPurpose::ENCRYPT;
74 case KeyPurpose::DECRYPT:
75 return nosapp::KeyPurpose::DECRYPT;
76 case KeyPurpose::SIGN:
77 return nosapp::KeyPurpose::SIGN;
78 case KeyPurpose::VERIFY:
79 return nosapp::KeyPurpose::VERIFY;
80 case KeyPurpose::WRAP_KEY:
81 return nosapp::KeyPurpose::WRAP_KEY;
82 default:
83 return nosapp::KeyPurpose::PURPOSE_MAX;
84 }
85 }
86
translate_purpose(nosapp::KeyPurpose purpose,KeyPurpose * out)87 static ErrorCode translate_purpose(nosapp::KeyPurpose purpose, KeyPurpose *out)
88 {
89 switch (purpose) {
90 case nosapp::KeyPurpose::ENCRYPT:
91 *out = KeyPurpose::ENCRYPT;
92 break;
93 case nosapp::KeyPurpose::DECRYPT:
94 *out = KeyPurpose::DECRYPT;
95 break;
96 case nosapp::KeyPurpose::SIGN:
97 *out = KeyPurpose::SIGN;
98 break;
99 case nosapp::KeyPurpose::VERIFY:
100 *out = KeyPurpose::VERIFY;
101 break;
102 case nosapp::KeyPurpose::WRAP_KEY:
103 *out = KeyPurpose::WRAP_KEY;
104 break;
105 default:
106 return ErrorCode::UNKNOWN_ERROR;
107 }
108
109 return ErrorCode::OK;
110 }
111
translate_algorithm(Algorithm algorithm)112 static nosapp::Algorithm translate_algorithm(Algorithm algorithm)
113 {
114 switch (algorithm) {
115 case Algorithm::RSA:
116 return nosapp::Algorithm::RSA;
117 case Algorithm::EC:
118 return nosapp::Algorithm::EC;
119 case Algorithm::AES:
120 return nosapp::Algorithm::AES;
121 case Algorithm::TRIPLE_DES:
122 return nosapp::Algorithm::DES;
123 case Algorithm::HMAC:
124 return nosapp::Algorithm::HMAC;
125 default:
126 return nosapp::Algorithm::ALGORITHM_MAX;
127 }
128 }
129
translate_algorithm(nosapp::Algorithm algorithm,Algorithm * out)130 ErrorCode translate_algorithm(nosapp::Algorithm algorithm,
131 Algorithm *out)
132 {
133 switch (algorithm) {
134 case nosapp::Algorithm::RSA:
135 *out = Algorithm::RSA;
136 break;
137 case nosapp::Algorithm::EC:
138 *out = Algorithm::EC;
139 break;
140 case nosapp::Algorithm::AES:
141 *out = Algorithm::AES;
142 break;
143 case nosapp::Algorithm::DES:
144 *out = Algorithm::TRIPLE_DES;
145 break;
146 case nosapp::Algorithm::HMAC:
147 *out = Algorithm::HMAC;
148 break;
149 default:
150 return ErrorCode::UNKNOWN_ERROR;
151 }
152
153 return ErrorCode::OK;
154 }
155
translate_block_mode(BlockMode block_mode)156 static nosapp::BlockMode translate_block_mode(BlockMode block_mode)
157 {
158 switch (block_mode) {
159 case BlockMode::ECB:
160 return nosapp::BlockMode::ECB;
161 case BlockMode::CBC:
162 return nosapp::BlockMode::CBC;
163 case BlockMode::CTR:
164 return nosapp::BlockMode::CTR;
165 case BlockMode::GCM:
166 return nosapp::BlockMode::GCM;
167 default:
168 return nosapp::BlockMode::BLOCK_MODE_MAX;
169 }
170 }
171
translate_block_mode(nosapp::BlockMode block_mode,BlockMode * out)172 static ErrorCode translate_block_mode(nosapp::BlockMode block_mode,
173 BlockMode *out)
174 {
175 switch (block_mode) {
176 case nosapp::BlockMode::ECB:
177 *out = BlockMode::ECB;
178 break;
179 case nosapp::BlockMode::CBC:
180 *out = BlockMode::CBC;
181 break;
182 case nosapp::BlockMode::CTR:
183 *out = BlockMode::CTR;
184 break;
185 case nosapp::BlockMode::GCM:
186 *out = BlockMode::GCM;
187 break;
188 default:
189 return ErrorCode::UNKNOWN_ERROR;
190 break;
191 }
192
193 return ErrorCode::OK;
194 }
195
translate_digest(Digest digest)196 static nosapp::Digest translate_digest(Digest digest)
197 {
198 switch (digest) {
199 case Digest::NONE:
200 return nosapp::Digest::DIGEST_NONE;
201 case Digest::MD5:
202 return nosapp::Digest::DIGEST_MD5;
203 case Digest::SHA1:
204 return nosapp::Digest::DIGEST_SHA1;
205 case Digest::SHA_2_224:
206 return nosapp::Digest::DIGEST_SHA_2_224;
207 case Digest::SHA_2_256:
208 return nosapp::Digest::DIGEST_SHA_2_256;
209 case Digest::SHA_2_384:
210 return nosapp::Digest::DIGEST_SHA_2_384;
211 case Digest::SHA_2_512:
212 return nosapp::Digest::DIGEST_SHA_2_512;
213 default:
214 return nosapp::Digest::DIGEST_MAX;
215 }
216 }
217
translate_digest(nosapp::Digest digest,Digest * out)218 static ErrorCode translate_digest(nosapp::Digest digest,
219 Digest *out)
220 {
221 switch (digest) {
222 case nosapp::Digest::DIGEST_NONE:
223 *out = Digest::NONE;
224 break;
225 case nosapp::Digest::DIGEST_MD5:
226 *out = Digest::MD5;
227 break;
228 case nosapp::Digest::DIGEST_SHA1:
229 *out = Digest::SHA1;
230 break;
231 case nosapp::Digest::DIGEST_SHA_2_224:
232 *out = Digest::SHA_2_224;
233 break;
234 case nosapp::Digest::DIGEST_SHA_2_256:
235 *out = Digest::SHA_2_256;
236 break;
237 case nosapp::Digest::DIGEST_SHA_2_384:
238 *out = Digest::SHA_2_384;
239 break;
240 case nosapp::Digest::DIGEST_SHA_2_512:
241 *out = Digest::SHA_2_512;
242 break;
243 default:
244 return ErrorCode::UNKNOWN_ERROR;
245 }
246
247 return ErrorCode::OK;
248 }
249
translate_padding_mode(PaddingMode padding_mode)250 static nosapp::PaddingMode translate_padding_mode(PaddingMode padding_mode)
251 {
252 switch (padding_mode) {
253 case PaddingMode::NONE:
254 return nosapp::PaddingMode::PADDING_NONE;
255 case PaddingMode::RSA_OAEP:
256 return nosapp::PaddingMode::PADDING_RSA_OAEP;
257 case PaddingMode::RSA_PSS:
258 return nosapp::PaddingMode::PADDING_RSA_PSS;
259 case PaddingMode::RSA_PKCS1_1_5_ENCRYPT:
260 return nosapp::PaddingMode::PADDING_RSA_PKCS1_1_5_ENCRYPT;
261 case PaddingMode::RSA_PKCS1_1_5_SIGN:
262 return nosapp::PaddingMode::PADDING_RSA_PKCS1_1_5_SIGN;
263 case PaddingMode::PKCS7:
264 return nosapp::PaddingMode::PADDING_PKCS7;
265 default:
266 return nosapp::PaddingMode::PADDING_MODE_MAX;
267 }
268 }
269
translate_padding_mode(nosapp::PaddingMode padding_mode,PaddingMode * out)270 static ErrorCode translate_padding_mode(nosapp::PaddingMode padding_mode,
271 PaddingMode *out)
272 {
273 switch (padding_mode) {
274 case nosapp::PaddingMode::PADDING_NONE:
275 *out = PaddingMode::NONE;
276 break;
277 case nosapp::PaddingMode::PADDING_RSA_OAEP:
278 *out = PaddingMode::RSA_OAEP;
279 break;
280 case nosapp::PaddingMode::PADDING_RSA_PSS:
281 *out = PaddingMode::RSA_PSS;
282 break;
283 case nosapp::PaddingMode::PADDING_RSA_PKCS1_1_5_ENCRYPT:
284 *out = PaddingMode::RSA_PKCS1_1_5_ENCRYPT;
285 break;
286 case nosapp::PaddingMode::PADDING_RSA_PKCS1_1_5_SIGN:
287 *out = PaddingMode::RSA_PKCS1_1_5_SIGN;
288 break;
289 case nosapp::PaddingMode::PADDING_PKCS7:
290 *out = PaddingMode::PKCS7;
291 break;
292 default:
293 return ErrorCode::UNKNOWN_ERROR;
294 }
295
296 return ErrorCode::OK;
297 }
298
translate_ec_curve(EcCurve ec_curve)299 static nosapp::EcCurve translate_ec_curve(EcCurve ec_curve)
300 {
301 switch (ec_curve) {
302 case EcCurve::P_224:
303 return nosapp::EcCurve::P_224;
304 case EcCurve::P_256:
305 return nosapp::EcCurve::P_256;
306 case EcCurve::P_384:
307 return nosapp::EcCurve::P_384;
308 case EcCurve::P_521:
309 return nosapp::EcCurve::P_521;
310 default:
311 return nosapp::EcCurve::EC_CURVE_MAX;
312 }
313 }
314
translate_ec_curve(nosapp::EcCurve ec_curve,EcCurve * out)315 ErrorCode translate_ec_curve(nosapp::EcCurve ec_curve, EcCurve *out)
316 {
317 switch (ec_curve) {
318 case nosapp::EcCurve::P_224:
319 *out = EcCurve::P_224;
320 break;
321 case nosapp::EcCurve::P_256:
322 *out = EcCurve::P_256;
323 break;
324 case nosapp::EcCurve::P_384:
325 *out = EcCurve::P_384;
326 break;
327 case nosapp::EcCurve::P_521:
328 *out = EcCurve::P_521;
329 break;
330 default:
331 return ErrorCode::UNKNOWN_ERROR;
332 }
333
334 return ErrorCode::OK;
335 }
336
translate_key_blob_usage_requirements(KeyBlobUsageRequirements usage)337 static nosapp::KeyBlobUsageRequirements translate_key_blob_usage_requirements(
338 KeyBlobUsageRequirements usage)
339 {
340 switch (usage) {
341 case KeyBlobUsageRequirements::STANDALONE:
342 return nosapp::KeyBlobUsageRequirements::STANDALONE;
343 case KeyBlobUsageRequirements::REQUIRES_FILE_SYSTEM:
344 return nosapp::KeyBlobUsageRequirements::REQUIRES_FILE_SYSTEM;
345 default:
346 return nosapp::KeyBlobUsageRequirements::KEY_USAGE_MAX;
347 break;
348 }
349 }
350
translate_key_blob_usage_requirements(nosapp::KeyBlobUsageRequirements usage,KeyBlobUsageRequirements * out)351 static ErrorCode translate_key_blob_usage_requirements(
352 nosapp::KeyBlobUsageRequirements usage, KeyBlobUsageRequirements *out)
353 {
354 switch (usage) {
355 case nosapp::KeyBlobUsageRequirements::STANDALONE:
356 *out = KeyBlobUsageRequirements::STANDALONE;
357 break;
358 case nosapp::KeyBlobUsageRequirements::REQUIRES_FILE_SYSTEM:
359 *out = KeyBlobUsageRequirements::REQUIRES_FILE_SYSTEM;
360 break;
361 default:
362 return ErrorCode::UNKNOWN_ERROR;
363 }
364
365 return ErrorCode::UNKNOWN_ERROR;
366 }
367
translate_hardware_authenticator_type(HardwareAuthenticatorType authenticator_type)368 static nosapp::HardwareAuthenticatorType translate_hardware_authenticator_type(
369 HardwareAuthenticatorType authenticator_type)
370 {
371 switch (authenticator_type) {
372 case HardwareAuthenticatorType::NONE:
373 return nosapp::HardwareAuthenticatorType::AUTH_NONE;
374 case HardwareAuthenticatorType::PASSWORD:
375 return nosapp::HardwareAuthenticatorType::AUTH_PASSWORD;
376 case HardwareAuthenticatorType::FINGERPRINT:
377 return nosapp::HardwareAuthenticatorType::AUTH_FINGERPRINT;
378 case HardwareAuthenticatorType::ANY:
379 return nosapp::HardwareAuthenticatorType::AUTH_ANY;
380 default:
381 return nosapp::HardwareAuthenticatorType::AUTH_MAX;
382 }
383 }
384
translate_hardware_authenticator_type(nosapp::HardwareAuthenticatorType authenticator_type,HardwareAuthenticatorType * out)385 static ErrorCode translate_hardware_authenticator_type(
386 nosapp::HardwareAuthenticatorType authenticator_type,
387 HardwareAuthenticatorType *out)
388 {
389 switch (authenticator_type) {
390 case nosapp::HardwareAuthenticatorType::AUTH_NONE:
391 *out = HardwareAuthenticatorType::NONE;
392 break;
393 case nosapp::HardwareAuthenticatorType::AUTH_PASSWORD:
394 *out = HardwareAuthenticatorType::PASSWORD;
395 break;
396 case nosapp::HardwareAuthenticatorType::AUTH_FINGERPRINT:
397 *out = HardwareAuthenticatorType::FINGERPRINT;
398 break;
399 case nosapp::HardwareAuthenticatorType::AUTH_ANY:
400 *out = HardwareAuthenticatorType::ANY;
401 break;
402 default:
403 return ErrorCode::UNKNOWN_ERROR;
404 }
405
406 return ErrorCode::OK;
407 }
408
translate_key_origin(KeyOrigin key_origin)409 static nosapp::KeyOrigin translate_key_origin(KeyOrigin key_origin)
410 {
411 switch (key_origin) {
412 case KeyOrigin::GENERATED:
413 return nosapp::KeyOrigin::GENERATED;
414 case KeyOrigin::DERIVED:
415 return nosapp::KeyOrigin::DERIVED;
416 case KeyOrigin::IMPORTED:
417 return nosapp::KeyOrigin::IMPORTED;
418 case KeyOrigin::UNKNOWN:
419 return nosapp::KeyOrigin::UNKNOWN;
420 default:
421 return nosapp::KeyOrigin::KEY_ORIGIN_MAX;
422 }
423 }
424
translate_key_origin(nosapp::KeyOrigin key_origin,KeyOrigin * out)425 static ErrorCode translate_key_origin(nosapp::KeyOrigin key_origin,
426 KeyOrigin *out)
427 {
428 switch (key_origin) {
429 case nosapp::KeyOrigin::GENERATED:
430 *out = KeyOrigin::GENERATED;
431 break;
432 case nosapp::KeyOrigin::DERIVED:
433 *out = KeyOrigin::DERIVED;
434 break;
435 case nosapp::KeyOrigin::IMPORTED:
436 *out = KeyOrigin::IMPORTED;
437 break;
438 case nosapp::KeyOrigin::UNKNOWN:
439 *out = KeyOrigin::UNKNOWN;
440 break;
441 default:
442 return ErrorCode::UNKNOWN_ERROR;
443 }
444
445 return ErrorCode::OK;
446 }
447
translate_auth_token(const HardwareAuthToken & auth_token,nosapp::HardwareAuthToken * out)448 ErrorCode translate_auth_token(const HardwareAuthToken& auth_token,
449 nosapp::HardwareAuthToken *out)
450 {
451 out->set_challenge(auth_token.challenge);
452 out->set_user_id(auth_token.userId);
453 out->set_authenticator_id(auth_token.authenticatorId);
454
455 switch (auth_token.authenticatorType) {
456 case HardwareAuthenticatorType::NONE:
457 out->set_authenticator_type(
458 nosapp::HardwareAuthenticatorType::AUTH_NONE);
459 break;
460 case HardwareAuthenticatorType::PASSWORD:
461 out->set_authenticator_type(
462 nosapp::HardwareAuthenticatorType::AUTH_PASSWORD);
463 break;
464 case HardwareAuthenticatorType::FINGERPRINT:
465 out->set_authenticator_type(
466 nosapp::HardwareAuthenticatorType::AUTH_FINGERPRINT);
467 break;
468 case HardwareAuthenticatorType::ANY:
469 out->set_authenticator_type(
470 nosapp::HardwareAuthenticatorType::AUTH_ANY);
471 break;
472 default:
473 return ErrorCode::UNKNOWN_ERROR;
474 }
475
476 out->set_timestamp(auth_token.timestamp);
477 out->set_mac(&auth_token.mac[0], auth_token.mac.size());
478
479 return ErrorCode::OK;
480 }
481
translate_verification_token(const VerificationToken & verification_token,nosapp::VerificationToken * out)482 void translate_verification_token(
483 const VerificationToken& verification_token,
484 nosapp::VerificationToken *out)
485 {
486 out->set_challenge(verification_token.challenge);
487 out->set_timestamp(verification_token.timestamp);
488 hidl_params_to_pb(verification_token.parametersVerified,
489 out->mutable_params_verified());
490 out->set_security_level(nosapp::SecurityLevel::STRONGBOX);
491 out->set_mac(verification_token.mac.data(),
492 verification_token.mac.size());
493 }
494
key_parameter_to_pb(const KeyParameter & param,nosapp::KeyParameter * pb)495 ErrorCode key_parameter_to_pb(const KeyParameter& param,
496 nosapp::KeyParameter *pb)
497 {
498 switch (param.tag) {
499 case Tag::INVALID:
500 LOG(ERROR) << "key_parameter_to_pb: invalid Tag received: "
501 << (uint32_t)param.tag;
502 return ErrorCode::INVALID_ARGUMENT;
503 break;
504 case Tag::PURPOSE: // (TagType:ENUM_REP | 1)
505 pb->set_integer((uint32_t)translate_purpose(param.f.purpose));
506 break;
507 case Tag::ALGORITHM: // (TagType:ENUM | 2)
508 pb->set_integer((uint32_t)translate_algorithm(param.f.algorithm));
509 break;
510 case Tag::KEY_SIZE: // (TagType:UINT | 3)
511 pb->set_integer(param.f.integer);
512 break;
513 case Tag::BLOCK_MODE: // (TagType:ENUM_REP | 4)
514 pb->set_integer((uint32_t)translate_block_mode(param.f.blockMode));
515 break;
516 case Tag::DIGEST: // (TagType:ENUM_REP | 5)
517 pb->set_integer((uint32_t)translate_digest(param.f.digest));
518 break;
519 case Tag::PADDING:; // (TagType:ENUM_REP | 6)
520 pb->set_integer((uint32_t)translate_padding_mode(param.f.paddingMode));
521 break;
522 case Tag::CALLER_NONCE: // (TagType:BOOL | 7)
523 pb->set_integer(param.f.boolValue);
524 break;
525 case Tag::MIN_MAC_LENGTH: // (TagType:UINT | 8)
526 pb->set_integer(param.f.integer);
527 break;
528 case Tag::EC_CURVE: // (TagType:ENUM | 10)
529 pb->set_integer((uint32_t)translate_ec_curve(param.f.ecCurve));
530 break;
531 case Tag::RSA_PUBLIC_EXPONENT: // (TagType:ULONG | 200)
532 pb->set_long_integer(param.f.longInteger);
533 break;
534 case Tag::INCLUDE_UNIQUE_ID: // (TagType:BOOL | 202)
535 pb->set_integer(param.f.boolValue);
536 break;
537 case Tag::BLOB_USAGE_REQUIREMENTS: // (TagType:ENUM | 301)
538 pb->set_integer((uint32_t)translate_key_blob_usage_requirements(
539 param.f.keyBlobUsageRequirements));
540 break;
541 case Tag::BOOTLOADER_ONLY: // (TagType:BOOL | 302)
542 pb->set_integer(param.f.boolValue);
543 break;
544 case Tag::ROLLBACK_RESISTANCE: // (TagType:BOOL | 303)
545 pb->set_integer(param.f.boolValue);
546 break;
547 case Tag::HARDWARE_TYPE: // (TagType:ENUM | 304)
548 break;
549 case Tag::ACTIVE_DATETIME: // (TagType:DATE | 400)
550 pb->set_long_integer(param.f.dateTime);
551 break;
552 case Tag::ORIGINATION_EXPIRE_DATETIME: // (TagType:DATE | 401)
553 case Tag::USAGE_EXPIRE_DATETIME: // (TagType:DATE | 402)
554 pb->set_long_integer(param.f.dateTime);
555 break;
556 case Tag::MIN_SECONDS_BETWEEN_OPS: // (TagType:UINT | 403)
557 case Tag::MAX_USES_PER_BOOT: // (TagType:UINT | 404)
558 pb->set_integer(param.f.integer);
559 break;
560 case Tag::USER_SECURE_ID: // (TagType:ULONG_REP | 502)
561 pb->set_long_integer(param.f.longInteger);
562 break;
563 case Tag::NO_AUTH_REQUIRED: // (TagType:BOOL | 503)
564 pb->set_integer(param.f.boolValue);
565 break;
566 case Tag::USER_AUTH_TYPE: // (TagType:ENUM | 504)
567 pb->set_integer((uint32_t)translate_hardware_authenticator_type(
568 param.f.hardwareAuthenticatorType));
569 break;
570 case Tag::AUTH_TIMEOUT: // (TagType:UINT | 505)
571 pb->set_integer(param.f.integer);
572 break;
573 case Tag::ALLOW_WHILE_ON_BODY: // (TagType:BOOL | 506)
574 pb->set_integer(param.f.boolValue);
575 break;
576 case Tag::APPLICATION_ID: // (TagType:BYTES | 601)
577 pb->set_blob(¶m.blob[0], param.blob.size());
578 break;
579 case Tag::APPLICATION_DATA: // (TagType:BYTES | 700)
580 pb->set_blob(¶m.blob[0], param.blob.size());
581 break;
582 case Tag::CREATION_DATETIME: // (TagType:DATE | 701)
583 pb->set_long_integer(param.f.dateTime);
584 break;
585 case Tag::ORIGIN: // (TagType:ENUM | 702)
586 pb->set_integer((uint32_t)translate_key_origin(param.f.origin));
587 break;
588 case Tag::ROOT_OF_TRUST: // (TagType:BYTES | 704)
589 pb->set_blob(¶m.blob[0], param.blob.size());
590 break;
591 case Tag::OS_VERSION: // (TagType:UINT | 705)
592 case Tag::OS_PATCHLEVEL: // (TagType:UINT | 706)
593 pb->set_integer(param.f.integer);
594 break;
595 case Tag::UNIQUE_ID: // (TagType:BYTES | 707)
596 case Tag::ATTESTATION_CHALLENGE: // (TagType:BYTES | 708)
597 case Tag::ATTESTATION_APPLICATION_ID: // (TagType:BYTES | 709)
598 case Tag::ATTESTATION_ID_BRAND: // (TagType:BYTES | 710)
599 case Tag::ATTESTATION_ID_DEVICE: // (TagType:BYTES | 711)
600 case Tag::ATTESTATION_ID_PRODUCT: // (TagType:BYTES | 712)
601 case Tag::ATTESTATION_ID_SERIAL: // (TagType:BYTES | 713)
602 case Tag::ATTESTATION_ID_IMEI: // (TagType:BYTES | 714)
603 case Tag::ATTESTATION_ID_MEID: // (TagType:BYTES | 715)
604 case Tag::ATTESTATION_ID_MANUFACTURER: // (TagType:BYTES | 716)
605 case Tag::ATTESTATION_ID_MODEL: // (TagType:BYTES | 717)
606 pb->set_blob(¶m.blob[0], param.blob.size());
607 break;
608 case Tag::VENDOR_PATCHLEVEL: // (TagType:UINT | 718)
609 case Tag::BOOT_PATCHLEVEL: // (TagType:UINT | 719)
610 pb->set_integer(param.f.integer);
611 break;
612 case Tag::ASSOCIATED_DATA: // (TagType:BYTES | 1000)
613 case Tag::NONCE: // (TagType:BYTES | 1001)
614 pb->set_blob(¶m.blob[0], param.blob.size());
615 break;
616 case Tag::MAC_LENGTH: // (TagType:UINT | 1003)
617 pb->set_integer(param.f.integer);
618 break;
619 case Tag::RESET_SINCE_ID_ROTATION: // (TagType:BOOL | 1004)
620 pb->set_integer(param.f.boolValue);
621 break;
622 default:
623 LOG(ERROR) << "Unhandled tag value in key_parameter_to_pb: "
624 << (uint32_t) param.tag;
625 }
626
627 pb->set_tag(translate_tag(param.tag));
628 return ErrorCode::OK;
629 }
630
pb_to_key_parameter(const nosapp::KeyParameter & param,KeyParameter * kp)631 ErrorCode pb_to_key_parameter(const nosapp::KeyParameter& param,
632 KeyParameter *kp)
633 {
634 switch (param.tag()) {
635 case nosapp::Tag::TAG_INVALID:
636 LOG(ERROR) << "pb_to_key_parameter: invalid Tag received: "
637 << (uint32_t)param.tag();
638 return ErrorCode::UNKNOWN_ERROR;
639 break;
640 case nosapp::Tag::PURPOSE: // (TagType:ENUM_REP | 1)
641 if (translate_purpose(static_cast<nosapp::KeyPurpose>(param.integer()),
642 &kp->f.purpose) != ErrorCode::OK) {
643 return ErrorCode::UNKNOWN_ERROR;
644 }
645 break;
646 case nosapp::Tag::ALGORITHM: // (TagType:ENUM | 2)
647 if (translate_algorithm(static_cast<nosapp::Algorithm>(param.integer()),
648 &kp->f.algorithm) != ErrorCode::OK) {
649 return ErrorCode::UNKNOWN_ERROR;
650 }
651 break;
652 case nosapp::Tag::KEY_SIZE: // (TagType:UINT | 3)
653 kp->f.integer = param.integer();
654 break;
655 case nosapp::Tag::BLOCK_MODE: // (TagType:ENUM_REP | 4)
656 if (translate_block_mode(
657 static_cast<nosapp::BlockMode>(param.integer()),
658 &kp->f.blockMode) != ErrorCode::OK) {
659 return ErrorCode::UNKNOWN_ERROR;
660 }
661 break;
662 case nosapp::Tag::DIGEST: // (TagType:ENUM_REP | 5)
663 if (translate_digest(
664 static_cast<nosapp::Digest>(param.integer()),
665 &kp->f.digest) != ErrorCode::OK) {
666 return ErrorCode::UNKNOWN_ERROR;
667 }
668 break;
669 case nosapp::Tag::PADDING:; // (TagType:ENUM_REP | 6)
670 if (translate_padding_mode(
671 static_cast<nosapp::PaddingMode>(param.integer()),
672 &kp->f.paddingMode) != ErrorCode::OK) {
673 return ErrorCode::UNKNOWN_ERROR;
674 }
675 break;
676 case nosapp::Tag::CALLER_NONCE: // (TagType:BOOL | 7)
677 kp->f.boolValue = (bool)param.integer();
678 break;
679 case nosapp::Tag::MIN_MAC_LENGTH: // (TagType:UINT | 8)
680 kp->f.integer = param.integer();
681 break;
682 case nosapp::Tag::EC_CURVE: // (TagType:ENUM | 10)
683 if (translate_ec_curve(
684 static_cast<nosapp::EcCurve>(param.integer()),
685 &kp->f.ecCurve) != ErrorCode::OK) {
686 return ErrorCode::UNKNOWN_ERROR;
687 }
688 break;
689 case nosapp::Tag::RSA_PUBLIC_EXPONENT: // (TagType:ULONG | 200)
690 kp->f.longInteger = param.long_integer();
691 break;
692 case nosapp::Tag::INCLUDE_UNIQUE_ID: // (TagType:BOOL | 202)
693 kp->f.boolValue = (bool)param.integer();
694 break;
695 case nosapp::Tag::BLOB_USAGE_REQUIREMENTS: // (TagType:ENUM | 301)
696 if (translate_key_blob_usage_requirements(
697 static_cast<nosapp::KeyBlobUsageRequirements>(param.integer()),
698 &kp->f.keyBlobUsageRequirements) != ErrorCode::OK) {
699 return ErrorCode::UNKNOWN_ERROR;
700 }
701 break;
702 case nosapp::Tag::BOOTLOADER_ONLY: // (TagType:BOOL | 302)
703 case nosapp::Tag::ROLLBACK_RESISTANCE: // (TagType:BOOL | 303)
704 kp->f.boolValue = (bool)param.integer();
705 break;
706 case nosapp::Tag::ACTIVE_DATETIME: // (TagType:DATE | 400)
707 case nosapp::Tag::ORIGINATION_EXPIRE_DATETIME: // (TagType:DATE | 401)
708 case nosapp::Tag::USAGE_EXPIRE_DATETIME: // (TagType:DATE | 402)
709 kp->f.dateTime = param.long_integer();
710 break;
711 case nosapp::Tag::MIN_SECONDS_BETWEEN_OPS: // (TagType:UINT | 403)
712 case nosapp::Tag::MAX_USES_PER_BOOT: // (TagType:UINT | 404)
713 kp->f.integer = param.integer();
714 break;
715 case nosapp::Tag::USER_SECURE_ID: // (TagType:ULONG_REP | 502)
716 kp->f.longInteger = param.long_integer();
717 break;
718 case nosapp::Tag::NO_AUTH_REQUIRED: // (TagType:BOOL | 503)
719 kp->f.boolValue = (bool)param.integer();
720 break;
721 case nosapp::Tag::USER_AUTH_TYPE: // (TagType:ENUM | 504)
722 if (translate_hardware_authenticator_type(
723 static_cast<nosapp::HardwareAuthenticatorType>(param.integer()),
724 &kp->f.hardwareAuthenticatorType) != ErrorCode::OK) {
725 return ErrorCode::UNKNOWN_ERROR;
726 }
727 break;
728 case nosapp::Tag::AUTH_TIMEOUT: // (TagType:UINT | 505)
729 kp->f.integer = param.integer();
730 break;
731 case nosapp::Tag::ALLOW_WHILE_ON_BODY: // (TagType:BOOL | 506)
732 kp->f.boolValue = (bool)param.integer();
733 break;
734 case nosapp::Tag::APPLICATION_ID: // (TagType:BYTES | 601)
735 kp->blob.setToExternal(
736 reinterpret_cast<uint8_t *>(
737 const_cast<char *>(param.blob().data())), param.blob().size());;
738 break;
739 case nosapp::Tag::APPLICATION_DATA: // (TagType:BYTES | 700)
740 kp->blob.setToExternal(
741 reinterpret_cast<uint8_t *>(
742 const_cast<char *>(param.blob().data())), param.blob().size());;
743 break;
744 case nosapp::Tag::CREATION_DATETIME: // (TagType:DATE | 701)
745 kp->f.dateTime = param.long_integer();
746 break;
747 case nosapp::Tag::ORIGIN: // (TagType:ENUM | 702)
748 if (translate_key_origin(
749 static_cast<nosapp::KeyOrigin>(param.integer()),
750 &kp->f.origin) != ErrorCode::OK) {
751 return ErrorCode::UNKNOWN_ERROR;
752 }
753 break;
754 case nosapp::Tag::ROOT_OF_TRUST: // (TagType:BYTES | 704)
755 kp->blob.setToExternal(
756 reinterpret_cast<uint8_t *>(
757 const_cast<char *>(param.blob().data())), param.blob().size());
758 break;
759 case nosapp::Tag::OS_VERSION: // (TagType:UINT | 705)
760 case nosapp::Tag::OS_PATCHLEVEL: // (TagType:UINT | 706)
761 kp->f.integer = param.integer();
762 break;
763 case nosapp::Tag::UNIQUE_ID: // (TagType:BYTES | 707)
764 case nosapp::Tag::ATTESTATION_CHALLENGE: // (TagType:BYTES | 708)
765 case nosapp::Tag::ATTESTATION_APPLICATION_ID: // (TagType:BYTES | 709)
766 case nosapp::Tag::ATTESTATION_ID_BRAND: // (TagType:BYTES | 710)
767 case nosapp::Tag::ATTESTATION_ID_DEVICE: // (TagType:BYTES | 711)
768 case nosapp::Tag::ATTESTATION_ID_PRODUCT: // (TagType:BYTES | 712)
769 case nosapp::Tag::ATTESTATION_ID_SERIAL: // (TagType:BYTES | 713)
770 case nosapp::Tag::ATTESTATION_ID_IMEI: // (TagType:BYTES | 714)
771 case nosapp::Tag::ATTESTATION_ID_MEID: // (TagType:BYTES | 715)
772 case nosapp::Tag::ATTESTATION_ID_MANUFACTURER: // (TagType:BYTES | 716)
773 case nosapp::Tag::ATTESTATION_ID_MODEL: // (TagType:BYTES | 717)
774 kp->blob.setToExternal(
775 reinterpret_cast<uint8_t *>(
776 const_cast<char *>(param.blob().data())), param.blob().size());
777 break;
778 case nosapp::Tag::VENDOR_PATCHLEVEL: // (TagType:UINT | 718)
779 case nosapp::Tag::BOOT_PATCHLEVEL: // (TagType:UINT | 719)
780 kp->f.integer = param.integer();
781 break;
782 case nosapp::Tag::ASSOCIATED_DATA: // (TagType:BYTES | 1000)
783 case nosapp::Tag::NONCE: // (TagType:BYTES | 1001)
784 kp->blob.setToExternal(
785 reinterpret_cast<uint8_t *>(
786 const_cast<char *>(param.blob().data())), param.blob().size());
787 break;
788 case nosapp::Tag::MAC_LENGTH: // (TagType:UINT | 1003)
789 kp->f.integer = param.integer();
790 break;
791 case nosapp::Tag::RESET_SINCE_ID_ROTATION: // (TagType:BOOL | 1004)
792 kp->f.boolValue = (bool)param.integer();
793 break;
794 default:
795 return ErrorCode::UNKNOWN_ERROR;
796 }
797
798 kp->tag = translate_tag(param.tag());
799 return ErrorCode::OK;
800 }
801
hidl_params_to_pb(const hidl_vec<KeyParameter> & params,nosapp::KeyParameters * pb)802 ErrorCode hidl_params_to_pb(const hidl_vec<KeyParameter>& params,
803 nosapp::KeyParameters *pb)
804 {
805 for (size_t i = 0; i < params.size(); i++) {
806 nosapp::KeyParameter *param = pb->add_params();
807 ErrorCode error = key_parameter_to_pb(params[i], param);
808 if (error != ErrorCode::OK) {
809 return ErrorCode::INVALID_ARGUMENT;
810 }
811 }
812
813 return ErrorCode::OK;
814 }
815
hidl_params_to_map(const hidl_vec<KeyParameter> & params,tag_map_t * tag_map)816 ErrorCode hidl_params_to_map(const hidl_vec<KeyParameter>& params,
817 tag_map_t *tag_map)
818 {
819 for (size_t i = 0; i < params.size(); i++) {
820 switch (type_from_tag(params[i].tag)) {
821 case TagType::INVALID:
822 return ErrorCode::INVALID_ARGUMENT;
823 break;
824 case TagType::ENUM:
825 case TagType::UINT:
826 case TagType::ULONG:
827 case TagType::DATE:
828 case TagType::BOOL:
829 case TagType::BIGNUM:
830 case TagType::BYTES:
831 if (tag_map->find(params[i].tag) != tag_map->end()) {
832 // Duplicates not allowed for these tags types.
833 return ErrorCode::INVALID_ARGUMENT;
834 }
835 /* Fall-through! */
836 case TagType::ENUM_REP:
837 case TagType::UINT_REP:
838 case TagType::ULONG_REP:
839 if (tag_map->find(params[i].tag) == tag_map->end()) {
840 vector<KeyParameter> v{params[i]};
841 tag_map->insert(
842 std::pair<Tag, vector<KeyParameter> >(
843 params[i].tag, v));
844 } else {
845 (*tag_map)[params[i].tag].push_back(params[i]);
846 }
847 break;
848 default:
849 /* Unrecognized TagType. */
850 return ErrorCode::INVALID_ARGUMENT;
851 break;
852 }
853 }
854
855 return ErrorCode::OK;
856 }
857
map_params_to_pb(const tag_map_t & params,nosapp::KeyParameters * pbParams)858 ErrorCode map_params_to_pb(const tag_map_t& params,
859 nosapp::KeyParameters *pbParams)
860 {
861 for (const auto& it : params) {
862 for (const auto& pt : it.second) {
863 nosapp::KeyParameter *param = pbParams->add_params();
864 ErrorCode error = key_parameter_to_pb(pt, param);
865 if (error != ErrorCode::OK) {
866 return error;
867 }
868 }
869 }
870
871 return ErrorCode::OK;
872 }
873
pb_to_hidl_params(const nosapp::KeyParameters & pbParams,hidl_vec<KeyParameter> * params)874 ErrorCode pb_to_hidl_params(const nosapp::KeyParameters& pbParams,
875 hidl_vec<KeyParameter> *params)
876 {
877 std::vector<KeyParameter> kpv;
878 for (size_t i = 0; i < (size_t)pbParams.params_size(); i++) {
879 KeyParameter kp;
880 const nosapp::KeyParameter& param = pbParams.params(i);
881
882 ErrorCode error = pb_to_key_parameter(param, &kp);
883 if (error != ErrorCode::OK) {
884 return ErrorCode::UNKNOWN_ERROR;
885 }
886
887 kpv.push_back(kp);
888 }
889
890 *params = kpv;
891 return ErrorCode::OK;
892 }
893
translate_error_code(nosapp::ErrorCode error_code)894 ErrorCode translate_error_code(nosapp::ErrorCode error_code)
895 {
896 switch (error_code) {
897 case nosapp::ErrorCode::OK:
898 return ErrorCode::OK;
899 case nosapp::ErrorCode::ROOT_OF_TRUST_ALREADY_SET:
900 return ErrorCode::ROOT_OF_TRUST_ALREADY_SET;
901 case nosapp::ErrorCode::UNSUPPORTED_PURPOSE:
902 return ErrorCode::UNSUPPORTED_PURPOSE;
903 case nosapp::ErrorCode::INCOMPATIBLE_PURPOSE:
904 return ErrorCode::INCOMPATIBLE_PURPOSE;
905 case nosapp::ErrorCode::UNSUPPORTED_ALGORITHM:
906 return ErrorCode::UNSUPPORTED_ALGORITHM;
907 case nosapp::ErrorCode::INCOMPATIBLE_ALGORITHM:
908 return ErrorCode::INCOMPATIBLE_ALGORITHM;
909 case nosapp::ErrorCode::UNSUPPORTED_KEY_SIZE:
910 return ErrorCode::UNSUPPORTED_KEY_SIZE;
911 case nosapp::ErrorCode::UNSUPPORTED_BLOCK_MODE:
912 return ErrorCode::UNSUPPORTED_BLOCK_MODE;
913 case nosapp::ErrorCode::INCOMPATIBLE_BLOCK_MODE:
914 return ErrorCode::INCOMPATIBLE_BLOCK_MODE;
915 case nosapp::ErrorCode::UNSUPPORTED_MAC_LENGTH:
916 return ErrorCode::UNSUPPORTED_MAC_LENGTH;
917 case nosapp::ErrorCode::UNSUPPORTED_PADDING_MODE:
918 return ErrorCode::UNSUPPORTED_PADDING_MODE;
919 case nosapp::ErrorCode::INCOMPATIBLE_PADDING_MODE:
920 return ErrorCode::INCOMPATIBLE_PADDING_MODE;
921 case nosapp::ErrorCode::UNSUPPORTED_DIGEST:
922 return ErrorCode::UNSUPPORTED_DIGEST;
923 case nosapp::ErrorCode::INCOMPATIBLE_DIGEST:
924 return ErrorCode::INCOMPATIBLE_DIGEST;
925 case nosapp::ErrorCode::INVALID_EXPIRATION_TIME:
926 return ErrorCode::INVALID_EXPIRATION_TIME;
927 case nosapp::ErrorCode::INVALID_USER_ID:
928 return ErrorCode::INVALID_USER_ID;
929 case nosapp::ErrorCode::INVALID_AUTHORIZATION_TIMEOUT:
930 return ErrorCode::INVALID_AUTHORIZATION_TIMEOUT;
931 case nosapp::ErrorCode::UNSUPPORTED_KEY_FORMAT:
932 return ErrorCode::UNSUPPORTED_KEY_FORMAT;
933 case nosapp::ErrorCode::INCOMPATIBLE_KEY_FORMAT:
934 return ErrorCode::INCOMPATIBLE_KEY_FORMAT;
935 case nosapp::ErrorCode::UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM:
936 return ErrorCode::UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM;
937 case nosapp::ErrorCode::UNSUPPORTED_KEY_VERIFICATION_ALGORITHM:
938 return ErrorCode::UNSUPPORTED_KEY_VERIFICATION_ALGORITHM;
939 case nosapp::ErrorCode::INVALID_INPUT_LENGTH:
940 return ErrorCode::INVALID_INPUT_LENGTH;
941 case nosapp::ErrorCode::KEY_EXPORT_OPTIONS_INVALID:
942 return ErrorCode::KEY_EXPORT_OPTIONS_INVALID;
943 case nosapp::ErrorCode::DELEGATION_NOT_ALLOWED:
944 return ErrorCode::DELEGATION_NOT_ALLOWED;
945 case nosapp::ErrorCode::KEY_NOT_YET_VALID:
946 return ErrorCode::KEY_NOT_YET_VALID;
947 case nosapp::ErrorCode::KEY_EXPIRED:
948 return ErrorCode::KEY_EXPIRED;
949 case nosapp::ErrorCode::KEY_USER_NOT_AUTHENTICATED:
950 return ErrorCode::KEY_USER_NOT_AUTHENTICATED;
951 case nosapp::ErrorCode::OUTPUT_PARAMETER_NULL:
952 return ErrorCode::OUTPUT_PARAMETER_NULL;
953 case nosapp::ErrorCode::INVALID_OPERATION_HANDLE:
954 return ErrorCode::INVALID_OPERATION_HANDLE;
955 case nosapp::ErrorCode::INSUFFICIENT_BUFFER_SPACE:
956 return ErrorCode::INSUFFICIENT_BUFFER_SPACE;
957 case nosapp::ErrorCode::VERIFICATION_FAILED:
958 return ErrorCode::VERIFICATION_FAILED;
959 case nosapp::ErrorCode::TOO_MANY_OPERATIONS:
960 return ErrorCode::TOO_MANY_OPERATIONS;
961 case nosapp::ErrorCode::UNEXPECTED_NULL_POINTER:
962 return ErrorCode::UNEXPECTED_NULL_POINTER;
963 case nosapp::ErrorCode::INVALID_KEY_BLOB:
964 return ErrorCode::INVALID_KEY_BLOB;
965 case nosapp::ErrorCode::IMPORTED_KEY_NOT_ENCRYPTED:
966 return ErrorCode::IMPORTED_KEY_NOT_ENCRYPTED;
967 case nosapp::ErrorCode::IMPORTED_KEY_DECRYPTION_FAILED:
968 return ErrorCode::IMPORTED_KEY_DECRYPTION_FAILED;
969 case nosapp::ErrorCode::IMPORTED_KEY_NOT_SIGNED:
970 return ErrorCode::IMPORTED_KEY_NOT_SIGNED;
971 case nosapp::ErrorCode::IMPORTED_KEY_VERIFICATION_FAILED:
972 return ErrorCode::IMPORTED_KEY_VERIFICATION_FAILED;
973 case nosapp::ErrorCode::INVALID_ARGUMENT:
974 return ErrorCode::INVALID_ARGUMENT;
975 case nosapp::ErrorCode::UNSUPPORTED_TAG:
976 return ErrorCode::UNSUPPORTED_TAG;
977 case nosapp::ErrorCode::INVALID_TAG:
978 return ErrorCode::INVALID_TAG;
979 case nosapp::ErrorCode::MEMORY_ALLOCATION_FAILED:
980 return ErrorCode::MEMORY_ALLOCATION_FAILED;
981 case nosapp::ErrorCode::IMPORT_PARAMETER_MISMATCH:
982 return ErrorCode::IMPORT_PARAMETER_MISMATCH;
983 case nosapp::ErrorCode::SECURE_HW_ACCESS_DENIED:
984 return ErrorCode::SECURE_HW_ACCESS_DENIED;
985 case nosapp::ErrorCode::OPERATION_CANCELLED:
986 return ErrorCode::OPERATION_CANCELLED;
987 case nosapp::ErrorCode::CONCURRENT_ACCESS_CONFLICT:
988 return ErrorCode::CONCURRENT_ACCESS_CONFLICT;
989 case nosapp::ErrorCode::SECURE_HW_BUSY:
990 return ErrorCode::SECURE_HW_BUSY;
991 case nosapp::ErrorCode::SECURE_HW_COMMUNICATION_FAILED:
992 return ErrorCode::SECURE_HW_COMMUNICATION_FAILED;
993 case nosapp::ErrorCode::UNSUPPORTED_EC_FIELD:
994 return ErrorCode::UNSUPPORTED_EC_FIELD;
995 case nosapp::ErrorCode::MISSING_NONCE:
996 return ErrorCode::MISSING_NONCE;
997 case nosapp::ErrorCode::INVALID_NONCE:
998 return ErrorCode::INVALID_NONCE;
999 case nosapp::ErrorCode::MISSING_MAC_LENGTH:
1000 return ErrorCode::MISSING_MAC_LENGTH;
1001 case nosapp::ErrorCode::KEY_RATE_LIMIT_EXCEEDED:
1002 return ErrorCode::KEY_RATE_LIMIT_EXCEEDED;
1003 case nosapp::ErrorCode::CALLER_NONCE_PROHIBITED:
1004 return ErrorCode::CALLER_NONCE_PROHIBITED;
1005 case nosapp::ErrorCode::KEY_MAX_OPS_EXCEEDED:
1006 return ErrorCode::KEY_MAX_OPS_EXCEEDED;
1007 case nosapp::ErrorCode::INVALID_MAC_LENGTH:
1008 return ErrorCode::INVALID_MAC_LENGTH;
1009 case nosapp::ErrorCode::MISSING_MIN_MAC_LENGTH:
1010 return ErrorCode::MISSING_MIN_MAC_LENGTH;
1011 case nosapp::ErrorCode::UNSUPPORTED_MIN_MAC_LENGTH:
1012 return ErrorCode::UNSUPPORTED_MIN_MAC_LENGTH;
1013 case nosapp::ErrorCode::UNSUPPORTED_KDF:
1014 return ErrorCode::UNSUPPORTED_KDF;
1015 case nosapp::ErrorCode::UNSUPPORTED_EC_CURVE:
1016 return ErrorCode::UNSUPPORTED_EC_CURVE;
1017 case nosapp::ErrorCode::KEY_REQUIRES_UPGRADE:
1018 return ErrorCode::KEY_REQUIRES_UPGRADE;
1019 case nosapp::ErrorCode::ATTESTATION_CHALLENGE_MISSING:
1020 return ErrorCode::ATTESTATION_CHALLENGE_MISSING;
1021 case nosapp::ErrorCode::KEYMASTER_NOT_CONFIGURED:
1022 return ErrorCode::KEYMASTER_NOT_CONFIGURED;
1023 case nosapp::ErrorCode::ATTESTATION_APPLICATION_ID_MISSING:
1024 return ErrorCode::ATTESTATION_APPLICATION_ID_MISSING;
1025 case nosapp::ErrorCode::CANNOT_ATTEST_IDS:
1026 return ErrorCode::CANNOT_ATTEST_IDS;
1027 case nosapp::ErrorCode::UNIMPLEMENTED:
1028 return ErrorCode::UNIMPLEMENTED;
1029 case nosapp::ErrorCode::VERSION_MISMATCH:
1030 return ErrorCode::VERSION_MISMATCH;
1031 case nosapp::ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE:
1032 return ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE;
1033 case nosapp::ErrorCode::HARDWARE_TYPE_UNAVAILABLE:
1034 return ErrorCode::HARDWARE_TYPE_UNAVAILABLE;
1035 case nosapp::ErrorCode::PROOF_OF_PRESENCE_REQUIRED:
1036 return ErrorCode::PROOF_OF_PRESENCE_REQUIRED;
1037 case nosapp::ErrorCode::CONCURRENT_PROOF_OF_PRESENCE_REQUESTED:
1038 return ErrorCode::CONCURRENT_PROOF_OF_PRESENCE_REQUESTED;
1039 case nosapp::ErrorCode::UNKNOWN_ERROR:
1040 return ErrorCode::UNKNOWN_ERROR;
1041
1042 /* Private error codes, unused by HAL. */
1043 case nosapp::ErrorCode::INVALID_DEVICE_IDS:
1044 case nosapp::ErrorCode::PRODUCTION_MODE_PROVISIONING:
1045 case nosapp::ErrorCode::ErrorCode_INT_MIN_SENTINEL_DO_NOT_USE_:
1046 case nosapp::ErrorCode::ErrorCode_INT_MAX_SENTINEL_DO_NOT_USE_:
1047 LOG(ERROR) << "Unrecognized error_code: " << error_code;
1048 return ErrorCode::UNKNOWN_ERROR;
1049 }
1050 }
1051
1052 } // namespace keymaster
1053 } // hardware
1054 } // android
1055