Merge changes from topic 'keymaster_hal_iface'

// This file is autogenerated by hidl-gen. Do not edit manually.

genrule {

    name: "android.hardware.keymaster@3.0_genc++",

    tools: ["hidl-gen"],

    cmd: "$(location hidl-gen) -o $(genDir) -Lc++ -randroid.hardware:hardware/interfaces -randroid.hidl:system/libhidl/transport android.hardware.keymaster@3.0",

    srcs: [

        "types.hal",

        "IKeymasterDevice.hal",

    ],

    out: [

        "android/hardware/keymaster/3.0/types.cpp",

        "android/hardware/keymaster/3.0/KeymasterDeviceAll.cpp",

    ],

}

genrule {

    name: "android.hardware.keymaster@3.0_genc++_headers",

    tools: ["hidl-gen"],

    cmd: "$(location hidl-gen) -o $(genDir) -Lc++ -randroid.hardware:hardware/interfaces -randroid.hidl:system/libhidl/transport android.hardware.keymaster@3.0",

    srcs: [

        "types.hal",

        "IKeymasterDevice.hal",

    ],

    out: [

        "android/hardware/keymaster/3.0/types.h",

        "android/hardware/keymaster/3.0/IKeymasterDevice.h",

        "android/hardware/keymaster/3.0/IHwKeymasterDevice.h",

        "android/hardware/keymaster/3.0/BnKeymasterDevice.h",

        "android/hardware/keymaster/3.0/BpKeymasterDevice.h",

        "android/hardware/keymaster/3.0/BsKeymasterDevice.h",

    ],

}

cc_library_shared {

    name: "android.hardware.keymaster@3.0",

    generated_sources: ["android.hardware.keymaster@3.0_genc++"],

    generated_headers: ["android.hardware.keymaster@3.0_genc++_headers"],

    export_generated_headers: ["android.hardware.keymaster@3.0_genc++_headers"],

    shared_libs: [

        "libhidlbase",

        "libhidltransport",

        "libhwbinder",

        "liblog",

        "libutils",

        "libcutils",

        "android.hidl.base@1.0",

    ],

    export_shared_lib_headers: [

        "libhidlbase",

        "libhidltransport",

        "libhwbinder",

        "libutils",

        "android.hidl.base@1.0",

    ],

}

/*

 * Copyright (C) 2016 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.hardware.keymaster@3.0;

/**

 * Keymaster device definition.  For thorough documentation see the implementer's reference, at

 * https://source.android.com/security/keystore/implementer-ref.html

 */

interface IKeymasterDevice {

    /**

     * Returns information about the underlying keymaster hardware.

     *

     * @return isSecure is true if keys are stored and never leave secure hardware (Trusted

     *             Execution Environment or similar). CDD requires that all devices initially

     *             launched with Marshmallow or later must have secure hardware.

     *

     * @return supportsEllipticCurve is true if the hardware supports Elliptic Curve cryptography

     *             with the NIST curves (P-224, P-256, P-384, and P-521). CDD requires that all

     *             devices initially launched with Nougat or later must support Elliptic Curve

     *             cryptography.

     *

     * @return supportsSymmetricCryptography is true if the hardware supports symmetric

     *             cryptography, including AES and HMAC. CDD requires that all devices initially

     *             launched with Nougat or later must support hardware enforcement of Keymaster

     *             authorizations.

     *

     * @return supportsAttestation is true if the hardware supports generation of Keymaster public

     *             key attestation certificates, signed with a key injected in a secure

     *             environment. CDD requires that all devices initially launched with Android O or

     *             later must support hardware attestation.

     */

    getHardwareFeatures()

        generates(bool isSecure, bool supportsEllipticCurve,

                  bool supportsSymmetricCryptography, bool supportsAttestation);

    /**

     * Adds entropy to the RNG used by keymaster. Entropy added through this method is guaranteed

     * not to be the only source of entropy used, and the mixing function is required to be secure,

     * in the sense that if the RNG is seeded (from any source) with any data the attacker cannot

     * predict (or control), then the RNG output is indistinguishable from random. Thus, if the

     * entropy from any source is good, the output must be good.

     *

     * @param data Bytes to be mixed into the RNG.

     *

     * @return error See the ErrorCode enum in types.hal.

     */

    addRngEntropy(vec<uint8_t> data) generates(ErrorCode error);

    /**

     * Generates a key, or key pair, returning a key blob and/or a description of the key.

     *

     * @param keyParams Key generation parameters are defined as keymaster tag/value pairs, provided

     *             in params. See Tag in types.hal for the full list.

     *

     * @return error See the ErrorCode enum in types.hal.

     *

     * @return keyBlob Opaque, encrypted descriptor of the generated key, which generally contains a

     *             copy of the key material, wrapped in a key unavailable outside secure hardware.

     *

     * @return keyCharacteristics Description of the generated key.  See KeyCharacteristis in

     *             types.hal.

     */

    generateKey(vec<KeyParameter> keyParams)

        generates(ErrorCode error, vec<uint8_t> keyBlob, KeyCharacteristics keyCharacteristics);

    /**

     * Imports a key, or key pair, returning a key blob and/or a description of the key.

     *

     * @param keyParams Key generation parameters are defined as keymaster tag/value pairs, provided

     *             in params.  See Tag for the full list.

     *

     * @param keyFormat The format of the key material to import. See KeyFormat in types.hal.

     *

     * @pram keyData The key material to import, in the format specifed in keyFormat.

     *

     * @return error See the ErrorCode enum.

     *

     * @return keyBlob Opaque, encrypted descriptor of the generated key, which will generally

     *             contain a copy of the key material, wrapped in a key unavailable outside secure

     *             hardware.

     *

     * @return keyCharacteristics Decription of the generated key.  See KeyCharacteristis.

     *

     * @return error See the ErrorCode enum.

     */

    importKey(vec<KeyParameter> params, KeyFormat keyFormat, vec<uint8_t> keyData)

        generates(ErrorCode error, vec<uint8_t> keyBlob, KeyCharacteristics keyCharacteristics);

    /**

     * Returns the characteristics of the specified key, if the keyBlob is valid (implementations

     * must fully validate the integrity of the key).

     *

     * @param keyBlob The opaque descriptor returned by generateKey() or importKey();

     *

     * @param clientId An opaque byte string identifying the client. This value must match the

     *             Tag::APPLICATION_ID data provided during key generation/import.  Without the

     *             correct value it must be cryptographically impossible for the secure hardware to

     *             obtain the key material.

     *

     * @param appData An opaque byte string provided by the application. This value must match the

     *             Tag::APPLICATION_DATA data provided during key generation/import.  Without the

     *             correct value it must be cryptographically impossible for the secure hardware to

     *             obtain the key material.

     *

     * @return error See the ErrorCode enum in types.hal.

     *

     * @return keyCharacteristics Decription of the generated key.  See KeyCharacteristis in

     *             types.hal.

     */

    getKeyCharacteristics(vec<uint8_t> keyBlob, vec<uint8_t> clientId, vec<uint8_t> appData)

        generates(ErrorCode error, KeyCharacteristics keyCharacteristics);

    /**

     * Exports a public key, returning the key in the specified format.

     *

     * @parm keyFormat The format used for export. See KeyFormat in types.hal.

     *

     * @param keyBlob The opaque descriptor returned by generateKey() or importKey().  The

     *             referenced key must be asymmetric.

     *

     * @param clientId An opaque byte string identifying the client. This value must match the

     *             Tag::APPLICATION_ID data provided during key generation/import.  Without the

     *             correct value it must be cryptographically impossible for the secure hardware to

     *             obtain the key material.

     *

     * @param appData An opaque byte string provided by the application. This value must match the

     *             Tag::APPLICATION_DATA data provided during key generation/import.  Without the

     *             correct value it must be cryptographically impossible for the secure hardware to

     *             obtain the key material.

     *

     * @return error See the ErrorCode enum in types.hal.

     *

     * @return keyMaterial The public key material in PKCS#8 format.

     */

    exportKey(KeyFormat keyFormat, vec<uint8_t> keyBlob, vec<uint8_t> clientId,

              vec<uint8_t> appData) generates(ErrorCode error, vec<uint8_t> keyMaterial);

    /**

     * Generates a signed X.509 certificate chain attesting to the presence of keyToAttest in

     * keymaster. The certificate will contain an extension with OID 1.3.6.1.4.1.11129.2.1.17 and

     * value defined in:

     *

     *     https://developer.android.com/training/articles/security-key-attestation.html.

     *

     * @param keyToAttest The opaque descriptor returned by generateKey() or importKey().  The

     *             referenced key must be asymmetric.

     *

     * @param attestParams Parameters for the attestation, notably Tag::ATTESTATION_CHALLENGE.

     *

     * @return error See the ErrorCode enum in types.hal.

     */

    attestKey(vec<uint8_t> keyToAttest, vec<KeyParameter> attestParams)

        generates(ErrorCode error, vec<vec<uint8_t>> certChain);

    /**

     * Upgrades an old key. Keys can become "old" in two ways: Keymaster can be upgraded to a new

     * version, or the system can be updated to invalidate the OS version and/or patch level. In

     * either case, attempts to use an old key with getKeyCharacteristics(), exportKey(),

     * attestKey() or begin() will result in keymaster returning

     * ErrorCode::KEY_REQUIRES_UPGRADE. This method must then be called to upgrade the key.

     *

     * @param keyBlobToUpgrade The opaque descriptor returned by generateKey() or importKey();

     *

     * @param upgradeParams A parameter list containing any parameters needed to complete the

     *             upgrade, including Tag::APPLICATION_ID and Tag::APPLICATION_DATA.

     *

     * @return error See the ErrorCode enum.

     */

    upgradeKey(vec<uint8_t> keyBlobToUpgrade, vec<KeyParameter> upgradeParams)

        generates(ErrorCode error, vec<uint8_t> upgradedKeyBlob);

    /**

     * Deletes the key, or key pair, associated with the key blob. After calling this function it

     * will be impossible to use the key for any other operations. May be applied to keys from

     * foreign roots of trust (keys not usable under the current root of trust).

     *

     * This is a NOP for keys that don't have rollback protection.

     *

     * @param keyBlobToUpgrade The opaque descriptor returned by generateKey() or importKey();

     *

     * @return error See the ErrorCode enum.

     */

    deleteKey(vec<uint8_t> keyBlob) generates(ErrorCode error);

    /**

     * Deletes all keys in the hardware keystore. Used when keystore is reset completely. After

     * calling this function it will be impossible to use any previously generated or imported key

     * blobs for any operations.

     *

     * This is a NOP if keys don't have rollback protection.

     *

     * @return error See the ErrorCode enum.

     */

    deleteAllKeys() generates(ErrorCode error);

    /**

     * Begins a cryptographic operation using the specified key. If all is well, begin() will return

     * ErrorCode::OK and create an operation handle which must be passed to subsequent calls to

     * update(), finish() or abort().

     *

     * It is critical that each call to begin() be paired with a subsequent call to finish() or

     * abort(), to allow the keymaster implementation to clean up any internal operation state.

     * Failure to do this may leak internal state space or other internal resources and may

     * eventually cause begin() to return ErrorCode::TOO_MANY_OPERATIONS when it runs out of space

     * for operations. Any result other than ErrorCode::OK from begin(), update() or finish()

     * implicitly aborts the operation, in which case abort() need not be called (and will return

     * ErrorCode::INVALID_OPERATION_HANDLE if called).

     *

     * @param purpose The purpose of the operation, one of KeyPurpose::ENCRYPT, KeyPurpose::DECRYPT,

     *             KeyPurpose::SIGN or KeyPurpose::VERIFY. Note that for AEAD modes, encryption and

     *             decryption imply signing and verification, respectively, but must be specified as

     *             KeyPurpose::ENCRYPT and KeyPurpose::DECRYPT.

     *

     * @param keyBlob The opaque key descriptor returned by generateKey() or importKey().  The key

     *             must have a purpose compatible with purpose and all of its usage requirements

     *             must be satisfied, or begin() will return an appropriate error code.

     *

     * @param inParams Additional parameters for the operation. This is typically used to provide

     *             authentication data, with Tag::AUTH_TOKEN. If Tag::APPLICATION_ID or

     *             Tag::APPLICATION_DATA were provided during generation, they must be provided

     *             here, or the operation will fail with ErrorCode::INVALID_KEY_BLOB. For operations

     *             that require a nonce or IV, on keys that were generated with Tag::CALLER_NONCE,

     *             inParams may contain a tag Tag::NONCE.

     *

     * @return error See the ErrorCode enum in types.hal.

     *

     * @return outParams Output parameters. Used to return additional data from the operation

     *             initialization, notably to return the IV or nonce from operations that generate

     *             an IV or nonce.

     *

     * @return operationHandle The newly-created operation handle which must be passed to update(),

     *             finish() or abort().

     */

    begin(KeyPurpose purpose, vec<uint8_t> key, vec<KeyParameter> inParams)

        generates(ErrorCode error, vec<KeyParameter> outParams, OperationHandle operationHandle);

    /**

     * Provides data to, and possibly receives output from, an ongoing cryptographic operation begun

     * with begin().

     *

     * If operationHandle is invalid, update() will return ErrorCode::INVALID_OPERATION_HANDLE.

     *

     * update() may not consume all of the data provided in the data buffer. update() will return

     * the amount consumed in inputConsumed. The caller may provide the unconsumed data in a

     * subsequent call.

     *

     * @param operationHandle The operation handle returned by begin().

     *

     * @param inParams Additional parameters for the operation. For AEAD modes, this is used to

     *             specify Tag::ADDITIONAL_DATA. Note that additional data may be provided in

     *             multiple calls to update(), but only until input data has been provided.

     *

     * @param input Data to be processed, per the parameters established in the call to begin().

     *             Note that update() may or may not consume all of the data provided. See

     *             inputConsumed.

     *

     * @return error See the ErrorCode enum in types.hal.

     *

     * @return inputConsumed Amount of data that was consumed by update(). If this is less than the

     *             amount provided, the caller may provide the remainder in a subsequent call to

     *             update() or finish().

     *

     * @return outParams Output parameters, used to return additional data from the operation The

     *             caller takes ownership of the output parameters array and must free it with

     *             keymaster_free_param_set().

     *

     * @return output The output data, if any.

     */

    update(OperationHandle operationHandle, vec<KeyParameter> inParams, vec<uint8_t> input)

        generates(ErrorCode error, uint32_t inputConsumed, vec<KeyParameter> outParams,

                  vec<uint8_t> output);

    /**

     * Finalizes a cryptographic operation begun with begin() and invalidates operationHandle.

     *

     * @param operationHandle The operation handle returned by begin(). This handle will be

     *             invalid when finish() returns.

     *

     * @param inParams Additional parameters for the operation. For AEAD modes, this is used to

     *             specify Tag::ADDITIONAL_DATA, but only if no input data was provided to update().

     *

     * @param input Data to be processed, per the parameters established in the call to

     *             begin(). finish() must consume all provided data or return

     *             ErrorCode::INVALID_INPUT_LENGTH.

     *

     * @param signature The signature to be verified if the purpose specified in the begin() call

     *             was KeyPurpose::VERIFY.

     *

     * @return error See the ErrorCode enum in types.hal.

     *

     * @return outParams Any output parameters generated by finish().

     *

     * @return output The output data, if any.

     */

    finish(OperationHandle operationHandle, vec<KeyParameter> inParams, vec<uint8_t> input,

           vec<uint8_t> signature)

        generates(ErrorCode error, vec<KeyParameter> outParams, vec<uint8_t> output);

    /**

     * Aborts a cryptographic operation begun with begin(), freeing all internal resources and

     * invalidating operationHandle.

     *

     * @param operationHandle The operation handle returned by begin(). This handle will be

     *             invalid when abort() returns.

     *

     * @return error See the ErrorCode enum in types.hal.

     */

    abort(OperationHandle operationHandle) generates(ErrorCode error);

};

LOCAL_PATH := $(call my-dir)

include $(CLEAR_VARS)

LOCAL_MODULE := android.hardware.keymaster@3.0-impl

LOCAL_MODULE_RELATIVE_PATH := hw

LOCAL_SRC_FILES := \

    KeymasterDevice.cpp \

LOCAL_SHARED_LIBRARIES := \

    liblog \

    libsoftkeymasterdevice \

    libcrypto \

    libkeymaster1 \

    libhidlbase \

    libhidltransport \

    libhwbinder \

    libutils \

    libhardware \

    android.hardware.keymaster@3.0

include $(BUILD_SHARED_LIBRARY)

include $(CLEAR_VARS)

LOCAL_MODULE_RELATIVE_PATH := hw

LOCAL_MODULE := android.hardware.keymaster@3.0-service

LOCAL_INIT_RC := android.hardware.keymaster@3.0-service.rc

LOCAL_SRC_FILES := \

    service.cpp

LOCAL_SHARED_LIBRARIES := \

    liblog \

    libcutils \

    libdl \

    libbase \

    libutils \

    libhardware_legacy \

    libhardware \

    libhwbinder \

    libhidlbase \

    libhidltransport \

    android.hardware.keymaster@3.0

include $(BUILD_EXECUTABLE)

/*

 **

 ** Copyright 2016, The Android Open Source Project

 **

 ** Licensed under the Apache License, Version 2.0 (the "License");

 ** you may not use this file except in compliance with the License.

 ** You may obtain a copy of the License at

 **

 **     http://www.apache.org/licenses/LICENSE-2.0

 **

 ** Unless required by applicable law or agreed to in writing, software

 ** distributed under the License is distributed on an "AS IS" BASIS,

 ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 ** See the License for the specific language governing permissions and

 ** limitations under the License.

 */

#ifndef HIDL_GENERATED_android_hardware_keymaster_V3_0_KeymasterDevice_H_

#define HIDL_GENERATED_android_hardware_keymaster_V3_0_KeymasterDevice_H_

#include <hardware/keymaster2.h>

#include <android/hardware/keymaster/3.0/IKeymasterDevice.h>

#include <hidl/Status.h>

#include <hidl/MQDescriptor.h>

namespace android {

namespace hardware {

namespace keymaster {

namespace V3_0 {

namespace implementation {

using ::android::hardware::keymaster::V3_0::ErrorCode;

using ::android::hardware::keymaster::V3_0::IKeymasterDevice;

using ::android::hardware::keymaster::V3_0::KeyCharacteristics;

using ::android::hardware::keymaster::V3_0::KeyFormat;

using ::android::hardware::keymaster::V3_0::KeyParameter;

using ::android::hardware::keymaster::V3_0::KeyPurpose;

using ::android::hardware::Return;

using ::android::hardware::Void;

using ::android::hardware::hidl_vec;

using ::android::hardware::hidl_string;

using ::android::sp;

class KeymasterDevice : public IKeymasterDevice {

  public:

    KeymasterDevice(keymaster2_device_t* dev, uint32_t hardware_version, bool hardware_supports_ec)

        : keymaster_device_(dev), hardware_version_(hardware_version),

          hardware_supports_ec_(hardware_supports_ec) {}

    virtual ~KeymasterDevice();

    // Methods from ::android::hardware::keymaster::V3_0::IKeymasterDevice follow.

    Return<void> getHardwareFeatures(getHardwareFeatures_cb _hidl_cb);

    Return<ErrorCode> addRngEntropy(const hidl_vec<uint8_t>& data) override;

    Return<void> generateKey(const hidl_vec<KeyParameter>& keyParams,

                             generateKey_cb _hidl_cb) override;

    Return<void> getKeyCharacteristics(const hidl_vec<uint8_t>& keyBlob,

                                       const hidl_vec<uint8_t>& clientId,

                                       const hidl_vec<uint8_t>& appData,

                                       getKeyCharacteristics_cb _hidl_cb) override;

    Return<void> importKey(const hidl_vec<KeyParameter>& params, KeyFormat keyFormat,

                           const hidl_vec<uint8_t>& keyData, importKey_cb _hidl_cb) override;

    Return<void> exportKey(KeyFormat exportFormat, const hidl_vec<uint8_t>& keyBlob,

                           const hidl_vec<uint8_t>& clientId, const hidl_vec<uint8_t>& appData,

                           exportKey_cb _hidl_cb) override;

    Return<void> attestKey(const hidl_vec<uint8_t>& keyToAttest,

                           const hidl_vec<KeyParameter>& attestParams,

                           attestKey_cb _hidl_cb) override;

    Return<void> upgradeKey(const hidl_vec<uint8_t>& keyBlobToUpgrade,

                            const hidl_vec<KeyParameter>& upgradeParams,

                            upgradeKey_cb _hidl_cb) override;

    Return<ErrorCode> deleteKey(const hidl_vec<uint8_t>& keyBlob) override;

    Return<ErrorCode> deleteAllKeys() override;

    Return<void> begin(KeyPurpose purpose, const hidl_vec<uint8_t>& key,

                       const hidl_vec<KeyParameter>& inParams, begin_cb _hidl_cb) override;

    Return<void> update(uint64_t operationHandle, const hidl_vec<KeyParameter>& inParams,

                        const hidl_vec<uint8_t>& input, update_cb _hidl_cb) override;

    Return<void> finish(uint64_t operationHandle, const hidl_vec<KeyParameter>& inParams,

                        const hidl_vec<uint8_t>& input, const hidl_vec<uint8_t>& signature,

                        finish_cb _hidl_cb) override;

    Return<ErrorCode> abort(uint64_t operationHandle) override;

  private:

    keymaster2_device_t* keymaster_device_;

    uint32_t hardware_version_;

    bool hardware_supports_ec_;

};

extern "C" IKeymasterDevice* HIDL_FETCH_IKeymasterDevice(const char* name);

}  // namespace implementation

}  // namespace V3_0

}  // namespace keymaster

}  // namespace hardware

}  // namespace android

#endif  // HIDL_GENERATED_android_hardware_keymaster_V3_0_KeymasterDevice_H_