Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9323f411 authored by Shawn Willden's avatar Shawn Willden
Browse files

Revert^2 "Revise KeymasterMessage versioning system" 

24d46bd5

Change-Id: I4edcfdada8321ff181db70002a2661b821f6b33f
Bug: 176867651
Merged-In: Idefcdd64afa7977f6dc2c4299e69cc5065dcc20d
parent 24d46bd5

trusty/keymaster/3.0/TrustyKeymaster3Device.cpp

+27 −27
Original line number Original line Diff line number Diff line
@@ -221,10 +221,10 @@ Return<void> TrustyKeymaster3Device::getHardwareFeatures(getHardwareFeatures_cb 




Return<ErrorCode> TrustyKeymaster3Device::addRngEntropy(const hidl_vec<uint8_t>& data) {

Return<ErrorCode> TrustyKeymaster3Device::addRngEntropy(const hidl_vec<uint8_t>& data) {

    if (data.size() == 0) return ErrorCode::OK;

    if (data.size() == 0) return ErrorCode::OK;

    AddEntropyRequest request;

    AddEntropyRequest request(impl_->message_version());

    request.random_data.Reinitialize(data.data(), data.size());

    request.random_data.Reinitialize(data.data(), data.size());





    AddEntropyResponse response;

    AddEntropyResponse response(impl_->message_version());

    impl_->AddRngEntropy(request, &response);

    impl_->AddRngEntropy(request, &response);





    return legacy_enum_conversion(response.error);

    return legacy_enum_conversion(response.error);
@@ -232,10 +232,10 @@ Return<ErrorCode> TrustyKeymaster3Device::addRngEntropy(const hidl_vec<uint8_t>& 




Return<void> TrustyKeymaster3Device::generateKey(const hidl_vec<KeyParameter>& keyParams,

Return<void> TrustyKeymaster3Device::generateKey(const hidl_vec<KeyParameter>& keyParams,

                                                 generateKey_cb _hidl_cb) {

                                                 generateKey_cb _hidl_cb) {

    GenerateKeyRequest request;

    GenerateKeyRequest request(impl_->message_version());

    request.key_description.Reinitialize(KmParamSet(keyParams));

    request.key_description.Reinitialize(KmParamSet(keyParams));





    GenerateKeyResponse response;

    GenerateKeyResponse response(impl_->message_version());

    impl_->GenerateKey(request, &response);

    impl_->GenerateKey(request, &response);





    KeyCharacteristics resultCharacteristics;

    KeyCharacteristics resultCharacteristics;
@@ -253,11 +253,11 @@ Return<void> TrustyKeymaster3Device::getKeyCharacteristics(const hidl_vec<uint8_ 
                                                           const hidl_vec<uint8_t>& clientId,

                                                           const hidl_vec<uint8_t>& clientId,

                                                           const hidl_vec<uint8_t>& appData,

                                                           const hidl_vec<uint8_t>& appData,

                                                           getKeyCharacteristics_cb _hidl_cb) {

                                                           getKeyCharacteristics_cb _hidl_cb) {

    GetKeyCharacteristicsRequest request;

    GetKeyCharacteristicsRequest request(impl_->message_version());

    request.SetKeyMaterial(keyBlob.data(), keyBlob.size());

    request.SetKeyMaterial(keyBlob.data(), keyBlob.size());

    addClientAndAppData(clientId, appData, &request.additional_params);

    addClientAndAppData(clientId, appData, &request.additional_params);





    GetKeyCharacteristicsResponse response;

    GetKeyCharacteristicsResponse response(impl_->message_version());

    impl_->GetKeyCharacteristics(request, &response);

    impl_->GetKeyCharacteristics(request, &response);





    KeyCharacteristics resultCharacteristics;

    KeyCharacteristics resultCharacteristics;
@@ -273,12 +273,12 @@ Return<void> TrustyKeymaster3Device::importKey(const hidl_vec<KeyParameter>& par 
                                               KeyFormat keyFormat,

                                               KeyFormat keyFormat,

                                               const hidl_vec<uint8_t>& keyData,

                                               const hidl_vec<uint8_t>& keyData,

                                               importKey_cb _hidl_cb) {

                                               importKey_cb _hidl_cb) {

    ImportKeyRequest request;

    ImportKeyRequest request(impl_->message_version());

    request.key_description.Reinitialize(KmParamSet(params));

    request.key_description.Reinitialize(KmParamSet(params));

    request.key_format = legacy_enum_conversion(keyFormat);

    request.key_format = legacy_enum_conversion(keyFormat);

    request.SetKeyMaterial(keyData.data(), keyData.size());

    request.SetKeyMaterial(keyData.data(), keyData.size());





    ImportKeyResponse response;

    ImportKeyResponse response(impl_->message_version());

    impl_->ImportKey(request, &response);

    impl_->ImportKey(request, &response);





    KeyCharacteristics resultCharacteristics;

    KeyCharacteristics resultCharacteristics;
@@ -297,12 +297,12 @@ Return<void> TrustyKeymaster3Device::exportKey(KeyFormat exportFormat, 
                                               const hidl_vec<uint8_t>& clientId,

                                               const hidl_vec<uint8_t>& clientId,

                                               const hidl_vec<uint8_t>& appData,

                                               const hidl_vec<uint8_t>& appData,

                                               exportKey_cb _hidl_cb) {

                                               exportKey_cb _hidl_cb) {

    ExportKeyRequest request;

    ExportKeyRequest request(impl_->message_version());

    request.key_format = legacy_enum_conversion(exportFormat);

    request.key_format = legacy_enum_conversion(exportFormat);

    request.SetKeyMaterial(keyBlob.data(), keyBlob.size());

    request.SetKeyMaterial(keyBlob.data(), keyBlob.size());

    addClientAndAppData(clientId, appData, &request.additional_params);

    addClientAndAppData(clientId, appData, &request.additional_params);





    ExportKeyResponse response;

    ExportKeyResponse response(impl_->message_version());

    impl_->ExportKey(request, &response);

    impl_->ExportKey(request, &response);





    hidl_vec<uint8_t> resultKeyBlob;

    hidl_vec<uint8_t> resultKeyBlob;
@@ -316,11 +316,11 @@ Return<void> TrustyKeymaster3Device::exportKey(KeyFormat exportFormat, 
Return<void> TrustyKeymaster3Device::attestKey(const hidl_vec<uint8_t>& keyToAttest,

Return<void> TrustyKeymaster3Device::attestKey(const hidl_vec<uint8_t>& keyToAttest,

                                               const hidl_vec<KeyParameter>& attestParams,

                                               const hidl_vec<KeyParameter>& attestParams,

                                               attestKey_cb _hidl_cb) {

                                               attestKey_cb _hidl_cb) {

    AttestKeyRequest request;

    AttestKeyRequest request(impl_->message_version());

    request.SetKeyMaterial(keyToAttest.data(), keyToAttest.size());

    request.SetKeyMaterial(keyToAttest.data(), keyToAttest.size());

    request.attest_params.Reinitialize(KmParamSet(attestParams));

    request.attest_params.Reinitialize(KmParamSet(attestParams));





    AttestKeyResponse response;

    AttestKeyResponse response(impl_->message_version());

    impl_->AttestKey(request, &response);

    impl_->AttestKey(request, &response);





    hidl_vec<hidl_vec<uint8_t>> resultCertChain;

    hidl_vec<hidl_vec<uint8_t>> resultCertChain;
@@ -334,11 +334,11 @@ Return<void> TrustyKeymaster3Device::attestKey(const hidl_vec<uint8_t>& keyToAtt 
Return<void> TrustyKeymaster3Device::upgradeKey(const hidl_vec<uint8_t>& keyBlobToUpgrade,

Return<void> TrustyKeymaster3Device::upgradeKey(const hidl_vec<uint8_t>& keyBlobToUpgrade,

                                                const hidl_vec<KeyParameter>& upgradeParams,

                                                const hidl_vec<KeyParameter>& upgradeParams,

                                                upgradeKey_cb _hidl_cb) {

                                                upgradeKey_cb _hidl_cb) {

    UpgradeKeyRequest request;

    UpgradeKeyRequest request(impl_->message_version());

    request.SetKeyMaterial(keyBlobToUpgrade.data(), keyBlobToUpgrade.size());

    request.SetKeyMaterial(keyBlobToUpgrade.data(), keyBlobToUpgrade.size());

    request.upgrade_params.Reinitialize(KmParamSet(upgradeParams));

    request.upgrade_params.Reinitialize(KmParamSet(upgradeParams));





    UpgradeKeyResponse response;

    UpgradeKeyResponse response(impl_->message_version());

    impl_->UpgradeKey(request, &response);

    impl_->UpgradeKey(request, &response);





    if (response.error == KM_ERROR_OK) {

    if (response.error == KM_ERROR_OK) {
@@ -350,18 +350,18 @@ Return<void> TrustyKeymaster3Device::upgradeKey(const hidl_vec<uint8_t>& keyBlob 
}

}





Return<ErrorCode> TrustyKeymaster3Device::deleteKey(const hidl_vec<uint8_t>& keyBlob) {

Return<ErrorCode> TrustyKeymaster3Device::deleteKey(const hidl_vec<uint8_t>& keyBlob) {

    DeleteKeyRequest request;

    DeleteKeyRequest request(impl_->message_version());

    request.SetKeyMaterial(keyBlob.data(), keyBlob.size());

    request.SetKeyMaterial(keyBlob.data(), keyBlob.size());





    DeleteKeyResponse response;

    DeleteKeyResponse response(impl_->message_version());

    impl_->DeleteKey(request, &response);

    impl_->DeleteKey(request, &response);





    return legacy_enum_conversion(response.error);

    return legacy_enum_conversion(response.error);

}

}





Return<ErrorCode> TrustyKeymaster3Device::deleteAllKeys() {

Return<ErrorCode> TrustyKeymaster3Device::deleteAllKeys() {

    DeleteAllKeysRequest request;

    DeleteAllKeysRequest request(impl_->message_version());

    DeleteAllKeysResponse response;

    DeleteAllKeysResponse response(impl_->message_version());

    impl_->DeleteAllKeys(request, &response);

    impl_->DeleteAllKeys(request, &response);





    return legacy_enum_conversion(response.error);

    return legacy_enum_conversion(response.error);
@@ -374,15 +374,15 @@ Return<ErrorCode> TrustyKeymaster3Device::destroyAttestationIds() { 
Return<void> TrustyKeymaster3Device::begin(KeyPurpose purpose, const hidl_vec<uint8_t>& key,

Return<void> TrustyKeymaster3Device::begin(KeyPurpose purpose, const hidl_vec<uint8_t>& key,

                                           const hidl_vec<KeyParameter>& inParams,

                                           const hidl_vec<KeyParameter>& inParams,

                                           begin_cb _hidl_cb) {

                                           begin_cb _hidl_cb) {

    BeginOperationRequest request;

    BeginOperationRequest request(impl_->message_version());

    request.purpose = legacy_enum_conversion(purpose);

    request.purpose = legacy_enum_conversion(purpose);

    request.SetKeyMaterial(key.data(), key.size());

    request.SetKeyMaterial(key.data(), key.size());

    request.additional_params.Reinitialize(KmParamSet(inParams));

    request.additional_params.Reinitialize(KmParamSet(inParams));





    BeginOperationResponse response;

    BeginOperationResponse response(impl_->message_version());

    impl_->BeginOperation(request, &response);

    impl_->BeginOperation(request, &response);





    hidl_vec<KeyParameter> resultParams;

    hidl_vec<KeyParameter> resultParams(impl_->message_version());

    if (response.error == KM_ERROR_OK) {

    if (response.error == KM_ERROR_OK) {

        resultParams = kmParamSet2Hidl(response.output_params);

        resultParams = kmParamSet2Hidl(response.output_params);

    }

    }
@@ -394,8 +394,8 @@ Return<void> TrustyKeymaster3Device::begin(KeyPurpose purpose, const hidl_vec<ui 
Return<void> TrustyKeymaster3Device::update(uint64_t operationHandle,

Return<void> TrustyKeymaster3Device::update(uint64_t operationHandle,

                                            const hidl_vec<KeyParameter>& inParams,

                                            const hidl_vec<KeyParameter>& inParams,

                                            const hidl_vec<uint8_t>& input, update_cb _hidl_cb) {

                                            const hidl_vec<uint8_t>& input, update_cb _hidl_cb) {

    UpdateOperationRequest request;

    UpdateOperationRequest request(impl_->message_version());

    UpdateOperationResponse response;

    UpdateOperationResponse response(impl_->message_version());

    hidl_vec<KeyParameter> resultParams;

    hidl_vec<KeyParameter> resultParams;

    hidl_vec<uint8_t> resultBlob;

    hidl_vec<uint8_t> resultBlob;

    uint32_t resultConsumed = 0;

    uint32_t resultConsumed = 0;
@@ -431,13 +431,13 @@ Return<void> TrustyKeymaster3Device::finish(uint64_t operationHandle, 
                                            const hidl_vec<uint8_t>& input,

                                            const hidl_vec<uint8_t>& input,

                                            const hidl_vec<uint8_t>& signature,

                                            const hidl_vec<uint8_t>& signature,

                                            finish_cb _hidl_cb) {

                                            finish_cb _hidl_cb) {

    FinishOperationRequest request;

    FinishOperationRequest request(impl_->message_version());

    request.op_handle = operationHandle;

    request.op_handle = operationHandle;

    request.input.Reinitialize(input.data(), input.size());

    request.input.Reinitialize(input.data(), input.size());

    request.signature.Reinitialize(signature.data(), signature.size());

    request.signature.Reinitialize(signature.data(), signature.size());

    request.additional_params.Reinitialize(KmParamSet(inParams));

    request.additional_params.Reinitialize(KmParamSet(inParams));





    FinishOperationResponse response;

    FinishOperationResponse response(impl_->message_version());

    impl_->FinishOperation(request, &response);

    impl_->FinishOperation(request, &response);





    hidl_vec<KeyParameter> resultParams;

    hidl_vec<KeyParameter> resultParams;
@@ -451,10 +451,10 @@ Return<void> TrustyKeymaster3Device::finish(uint64_t operationHandle, 
}

}





Return<ErrorCode> TrustyKeymaster3Device::abort(uint64_t operationHandle) {

Return<ErrorCode> TrustyKeymaster3Device::abort(uint64_t operationHandle) {

    AbortOperationRequest request;

    AbortOperationRequest request(impl_->message_version());

    request.op_handle = operationHandle;

    request.op_handle = operationHandle;





    AbortOperationResponse response;

    AbortOperationResponse response(impl_->message_version());

    impl_->AbortOperation(request, &response);

    impl_->AbortOperation(request, &response);





    return legacy_enum_conversion(response.error);

    return legacy_enum_conversion(response.error);

trusty/keymaster/4.0/TrustyKeymaster4Device.cpp

+30 −30
Original line number Original line Diff line number Diff line
@@ -284,7 +284,7 @@ Return<void> TrustyKeymaster4Device::getHmacSharingParameters( 




Return<void> TrustyKeymaster4Device::computeSharedHmac(

Return<void> TrustyKeymaster4Device::computeSharedHmac(

        const hidl_vec<HmacSharingParameters>& params, computeSharedHmac_cb _hidl_cb) {

        const hidl_vec<HmacSharingParameters>& params, computeSharedHmac_cb _hidl_cb) {

    ComputeSharedHmacRequest request;

    ComputeSharedHmacRequest request(impl_->message_version());

    request.params_array.params_array = new keymaster::HmacSharingParameters[params.size()];

    request.params_array.params_array = new keymaster::HmacSharingParameters[params.size()];

    request.params_array.num_params = params.size();

    request.params_array.num_params = params.size();

    for (size_t i = 0; i < params.size(); ++i) {

    for (size_t i = 0; i < params.size(); ++i) {
@@ -309,7 +309,7 @@ Return<void> TrustyKeymaster4Device::computeSharedHmac( 
Return<void> TrustyKeymaster4Device::verifyAuthorization(

Return<void> TrustyKeymaster4Device::verifyAuthorization(

        uint64_t challenge, const hidl_vec<KeyParameter>& parametersToVerify,

        uint64_t challenge, const hidl_vec<KeyParameter>& parametersToVerify,

        const HardwareAuthToken& authToken, verifyAuthorization_cb _hidl_cb) {

        const HardwareAuthToken& authToken, verifyAuthorization_cb _hidl_cb) {

    VerifyAuthorizationRequest request;

    VerifyAuthorizationRequest request(impl_->message_version());

    request.challenge = challenge;

    request.challenge = challenge;

    request.parameters_to_verify.Reinitialize(KmParamSet(parametersToVerify));

    request.parameters_to_verify.Reinitialize(KmParamSet(parametersToVerify));

    request.auth_token.challenge = authToken.challenge;

    request.auth_token.challenge = authToken.challenge;
@@ -336,10 +336,10 @@ Return<void> TrustyKeymaster4Device::verifyAuthorization( 




Return<ErrorCode> TrustyKeymaster4Device::addRngEntropy(const hidl_vec<uint8_t>& data) {

Return<ErrorCode> TrustyKeymaster4Device::addRngEntropy(const hidl_vec<uint8_t>& data) {

    if (data.size() == 0) return ErrorCode::OK;

    if (data.size() == 0) return ErrorCode::OK;

    AddEntropyRequest request;

    AddEntropyRequest request(impl_->message_version());

    request.random_data.Reinitialize(data.data(), data.size());

    request.random_data.Reinitialize(data.data(), data.size());





    AddEntropyResponse response;

    AddEntropyResponse response(impl_->message_version());

    impl_->AddRngEntropy(request, &response);

    impl_->AddRngEntropy(request, &response);





    return legacy_enum_conversion(response.error);

    return legacy_enum_conversion(response.error);
@@ -347,10 +347,10 @@ Return<ErrorCode> TrustyKeymaster4Device::addRngEntropy(const hidl_vec<uint8_t>& 




Return<void> TrustyKeymaster4Device::generateKey(const hidl_vec<KeyParameter>& keyParams,

Return<void> TrustyKeymaster4Device::generateKey(const hidl_vec<KeyParameter>& keyParams,

                                                 generateKey_cb _hidl_cb) {

                                                 generateKey_cb _hidl_cb) {

    GenerateKeyRequest request;

    GenerateKeyRequest request(impl_->message_version());

    request.key_description.Reinitialize(KmParamSet(keyParams));

    request.key_description.Reinitialize(KmParamSet(keyParams));





    GenerateKeyResponse response;

    GenerateKeyResponse response(impl_->message_version());

    impl_->GenerateKey(request, &response);

    impl_->GenerateKey(request, &response);





    KeyCharacteristics resultCharacteristics;

    KeyCharacteristics resultCharacteristics;
@@ -368,11 +368,11 @@ Return<void> TrustyKeymaster4Device::getKeyCharacteristics(const hidl_vec<uint8_ 
                                                           const hidl_vec<uint8_t>& clientId,

                                                           const hidl_vec<uint8_t>& clientId,

                                                           const hidl_vec<uint8_t>& appData,

                                                           const hidl_vec<uint8_t>& appData,

                                                           getKeyCharacteristics_cb _hidl_cb) {

                                                           getKeyCharacteristics_cb _hidl_cb) {

    GetKeyCharacteristicsRequest request;

    GetKeyCharacteristicsRequest request(impl_->message_version());

    request.SetKeyMaterial(keyBlob.data(), keyBlob.size());

    request.SetKeyMaterial(keyBlob.data(), keyBlob.size());

    addClientAndAppData(clientId, appData, &request.additional_params);

    addClientAndAppData(clientId, appData, &request.additional_params);





    GetKeyCharacteristicsResponse response;

    GetKeyCharacteristicsResponse response(impl_->message_version());

    impl_->GetKeyCharacteristics(request, &response);

    impl_->GetKeyCharacteristics(request, &response);





    KeyCharacteristics resultCharacteristics;

    KeyCharacteristics resultCharacteristics;
@@ -388,12 +388,12 @@ Return<void> TrustyKeymaster4Device::importKey(const hidl_vec<KeyParameter>& par 
                                               KeyFormat keyFormat,

                                               KeyFormat keyFormat,

                                               const hidl_vec<uint8_t>& keyData,

                                               const hidl_vec<uint8_t>& keyData,

                                               importKey_cb _hidl_cb) {

                                               importKey_cb _hidl_cb) {

    ImportKeyRequest request;

    ImportKeyRequest request(impl_->message_version());

    request.key_description.Reinitialize(KmParamSet(params));

    request.key_description.Reinitialize(KmParamSet(params));

    request.key_format = legacy_enum_conversion(keyFormat);

    request.key_format = legacy_enum_conversion(keyFormat);

    request.SetKeyMaterial(keyData.data(), keyData.size());

    request.SetKeyMaterial(keyData.data(), keyData.size());





    ImportKeyResponse response;

    ImportKeyResponse response(impl_->message_version());

    impl_->ImportKey(request, &response);

    impl_->ImportKey(request, &response);





    KeyCharacteristics resultCharacteristics;

    KeyCharacteristics resultCharacteristics;
@@ -411,7 +411,7 @@ Return<void> TrustyKeymaster4Device::importWrappedKey( 
        const hidl_vec<uint8_t>& wrappedKeyData, const hidl_vec<uint8_t>& wrappingKeyBlob,

        const hidl_vec<uint8_t>& wrappedKeyData, const hidl_vec<uint8_t>& wrappingKeyBlob,

        const hidl_vec<uint8_t>& maskingKey, const hidl_vec<KeyParameter>& unwrappingParams,

        const hidl_vec<uint8_t>& maskingKey, const hidl_vec<KeyParameter>& unwrappingParams,

        uint64_t passwordSid, uint64_t biometricSid, importWrappedKey_cb _hidl_cb) {

        uint64_t passwordSid, uint64_t biometricSid, importWrappedKey_cb _hidl_cb) {

    ImportWrappedKeyRequest request;

    ImportWrappedKeyRequest request(impl_->message_version());

    request.SetWrappedMaterial(wrappedKeyData.data(), wrappedKeyData.size());

    request.SetWrappedMaterial(wrappedKeyData.data(), wrappedKeyData.size());

    request.SetWrappingMaterial(wrappingKeyBlob.data(), wrappingKeyBlob.size());

    request.SetWrappingMaterial(wrappingKeyBlob.data(), wrappingKeyBlob.size());

    request.SetMaskingKeyMaterial(maskingKey.data(), maskingKey.size());

    request.SetMaskingKeyMaterial(maskingKey.data(), maskingKey.size());
@@ -419,7 +419,7 @@ Return<void> TrustyKeymaster4Device::importWrappedKey( 
    request.password_sid = passwordSid;

    request.password_sid = passwordSid;

    request.biometric_sid = biometricSid;

    request.biometric_sid = biometricSid;





    ImportWrappedKeyResponse response;

    ImportWrappedKeyResponse response(impl_->message_version());

    impl_->ImportWrappedKey(request, &response);

    impl_->ImportWrappedKey(request, &response);





    KeyCharacteristics resultCharacteristics;

    KeyCharacteristics resultCharacteristics;
@@ -438,12 +438,12 @@ Return<void> TrustyKeymaster4Device::exportKey(KeyFormat exportFormat, 
                                               const hidl_vec<uint8_t>& clientId,

                                               const hidl_vec<uint8_t>& clientId,

                                               const hidl_vec<uint8_t>& appData,

                                               const hidl_vec<uint8_t>& appData,

                                               exportKey_cb _hidl_cb) {

                                               exportKey_cb _hidl_cb) {

    ExportKeyRequest request;

    ExportKeyRequest request(impl_->message_version());

    request.key_format = legacy_enum_conversion(exportFormat);

    request.key_format = legacy_enum_conversion(exportFormat);

    request.SetKeyMaterial(keyBlob.data(), keyBlob.size());

    request.SetKeyMaterial(keyBlob.data(), keyBlob.size());

    addClientAndAppData(clientId, appData, &request.additional_params);

    addClientAndAppData(clientId, appData, &request.additional_params);





    ExportKeyResponse response;

    ExportKeyResponse response(impl_->message_version());

    impl_->ExportKey(request, &response);

    impl_->ExportKey(request, &response);





    hidl_vec<uint8_t> resultKeyBlob;

    hidl_vec<uint8_t> resultKeyBlob;
@@ -457,11 +457,11 @@ Return<void> TrustyKeymaster4Device::exportKey(KeyFormat exportFormat, 
Return<void> TrustyKeymaster4Device::attestKey(const hidl_vec<uint8_t>& keyToAttest,

Return<void> TrustyKeymaster4Device::attestKey(const hidl_vec<uint8_t>& keyToAttest,

                                               const hidl_vec<KeyParameter>& attestParams,

                                               const hidl_vec<KeyParameter>& attestParams,

                                               attestKey_cb _hidl_cb) {

                                               attestKey_cb _hidl_cb) {

    AttestKeyRequest request;

    AttestKeyRequest request(impl_->message_version());

    request.SetKeyMaterial(keyToAttest.data(), keyToAttest.size());

    request.SetKeyMaterial(keyToAttest.data(), keyToAttest.size());

    request.attest_params.Reinitialize(KmParamSet(attestParams));

    request.attest_params.Reinitialize(KmParamSet(attestParams));





    AttestKeyResponse response;

    AttestKeyResponse response(impl_->message_version());

    impl_->AttestKey(request, &response);

    impl_->AttestKey(request, &response);





    hidl_vec<hidl_vec<uint8_t>> resultCertChain;

    hidl_vec<hidl_vec<uint8_t>> resultCertChain;
@@ -475,11 +475,11 @@ Return<void> TrustyKeymaster4Device::attestKey(const hidl_vec<uint8_t>& keyToAtt 
Return<void> TrustyKeymaster4Device::upgradeKey(const hidl_vec<uint8_t>& keyBlobToUpgrade,

Return<void> TrustyKeymaster4Device::upgradeKey(const hidl_vec<uint8_t>& keyBlobToUpgrade,

                                                const hidl_vec<KeyParameter>& upgradeParams,

                                                const hidl_vec<KeyParameter>& upgradeParams,

                                                upgradeKey_cb _hidl_cb) {

                                                upgradeKey_cb _hidl_cb) {

    UpgradeKeyRequest request;

    UpgradeKeyRequest request(impl_->message_version());

    request.SetKeyMaterial(keyBlobToUpgrade.data(), keyBlobToUpgrade.size());

    request.SetKeyMaterial(keyBlobToUpgrade.data(), keyBlobToUpgrade.size());

    request.upgrade_params.Reinitialize(KmParamSet(upgradeParams));

    request.upgrade_params.Reinitialize(KmParamSet(upgradeParams));





    UpgradeKeyResponse response;

    UpgradeKeyResponse response(impl_->message_version());

    impl_->UpgradeKey(request, &response);

    impl_->UpgradeKey(request, &response);





    if (response.error == KM_ERROR_OK) {

    if (response.error == KM_ERROR_OK) {
@@ -491,18 +491,18 @@ Return<void> TrustyKeymaster4Device::upgradeKey(const hidl_vec<uint8_t>& keyBlob 
}

}





Return<ErrorCode> TrustyKeymaster4Device::deleteKey(const hidl_vec<uint8_t>& keyBlob) {

Return<ErrorCode> TrustyKeymaster4Device::deleteKey(const hidl_vec<uint8_t>& keyBlob) {

    DeleteKeyRequest request;

    DeleteKeyRequest request(impl_->message_version());

    request.SetKeyMaterial(keyBlob.data(), keyBlob.size());

    request.SetKeyMaterial(keyBlob.data(), keyBlob.size());





    DeleteKeyResponse response;

    DeleteKeyResponse response(impl_->message_version());

    impl_->DeleteKey(request, &response);

    impl_->DeleteKey(request, &response);





    return legacy_enum_conversion(response.error);

    return legacy_enum_conversion(response.error);

}

}





Return<ErrorCode> TrustyKeymaster4Device::deleteAllKeys() {

Return<ErrorCode> TrustyKeymaster4Device::deleteAllKeys() {

    DeleteAllKeysRequest request;

    DeleteAllKeysRequest request(impl_->message_version());

    DeleteAllKeysResponse response;

    DeleteAllKeysResponse response(impl_->message_version());

    impl_->DeleteAllKeys(request, &response);

    impl_->DeleteAllKeys(request, &response);





    return legacy_enum_conversion(response.error);

    return legacy_enum_conversion(response.error);
@@ -516,12 +516,12 @@ Return<void> TrustyKeymaster4Device::begin(KeyPurpose purpose, const hidl_vec<ui 
                                           const hidl_vec<KeyParameter>& inParams,

                                           const hidl_vec<KeyParameter>& inParams,

                                           const HardwareAuthToken& authToken, begin_cb _hidl_cb) {

                                           const HardwareAuthToken& authToken, begin_cb _hidl_cb) {

    hidl_vec<KeyParameter> extendedParams = injectAuthToken(inParams, authToken);

    hidl_vec<KeyParameter> extendedParams = injectAuthToken(inParams, authToken);

    BeginOperationRequest request;

    BeginOperationRequest request(impl_->message_version());

    request.purpose = legacy_enum_conversion(purpose);

    request.purpose = legacy_enum_conversion(purpose);

    request.SetKeyMaterial(key.data(), key.size());

    request.SetKeyMaterial(key.data(), key.size());

    request.additional_params.Reinitialize(KmParamSet(extendedParams));

    request.additional_params.Reinitialize(KmParamSet(extendedParams));





    BeginOperationResponse response;

    BeginOperationResponse response(impl_->message_version());

    impl_->BeginOperation(request, &response);

    impl_->BeginOperation(request, &response);





    hidl_vec<KeyParameter> resultParams;

    hidl_vec<KeyParameter> resultParams;
@@ -540,8 +540,8 @@ Return<void> TrustyKeymaster4Device::update(uint64_t operationHandle, 
                                            const VerificationToken& verificationToken,

                                            const VerificationToken& verificationToken,

                                            update_cb _hidl_cb) {

                                            update_cb _hidl_cb) {

    (void)verificationToken;

    (void)verificationToken;

    UpdateOperationRequest request;

    UpdateOperationRequest request(impl_->message_version());

    UpdateOperationResponse response;

    UpdateOperationResponse response(impl_->message_version());

    hidl_vec<KeyParameter> resultParams;

    hidl_vec<KeyParameter> resultParams;

    hidl_vec<uint8_t> resultBlob;

    hidl_vec<uint8_t> resultBlob;

    hidl_vec<KeyParameter> extendedParams = injectAuthToken(inParams, authToken);

    hidl_vec<KeyParameter> extendedParams = injectAuthToken(inParams, authToken);
@@ -581,14 +581,14 @@ Return<void> TrustyKeymaster4Device::finish(uint64_t operationHandle, 
                                            const VerificationToken& verificationToken,

                                            const VerificationToken& verificationToken,

                                            finish_cb _hidl_cb) {

                                            finish_cb _hidl_cb) {

    (void)verificationToken;

    (void)verificationToken;

    FinishOperationRequest request;

    FinishOperationRequest request(impl_->message_version());

    hidl_vec<KeyParameter> extendedParams = injectAuthToken(inParams, authToken);

    hidl_vec<KeyParameter> extendedParams = injectAuthToken(inParams, authToken);

    request.op_handle = operationHandle;

    request.op_handle = operationHandle;

    request.input.Reinitialize(input.data(), input.size());

    request.input.Reinitialize(input.data(), input.size());

    request.signature.Reinitialize(signature.data(), signature.size());

    request.signature.Reinitialize(signature.data(), signature.size());

    request.additional_params.Reinitialize(KmParamSet(extendedParams));

    request.additional_params.Reinitialize(KmParamSet(extendedParams));





    FinishOperationResponse response;

    FinishOperationResponse response(impl_->message_version());

    impl_->FinishOperation(request, &response);

    impl_->FinishOperation(request, &response);





    hidl_vec<KeyParameter> resultParams;

    hidl_vec<KeyParameter> resultParams;
@@ -602,10 +602,10 @@ Return<void> TrustyKeymaster4Device::finish(uint64_t operationHandle, 
}

}





Return<ErrorCode> TrustyKeymaster4Device::abort(uint64_t operationHandle) {

Return<ErrorCode> TrustyKeymaster4Device::abort(uint64_t operationHandle) {

    AbortOperationRequest request;

    AbortOperationRequest request(impl_->message_version());

    request.op_handle = operationHandle;

    request.op_handle = operationHandle;





    AbortOperationResponse response;

    AbortOperationResponse response(impl_->message_version());

    impl_->AbortOperation(request, &response);

    impl_->AbortOperation(request, &response);





    return legacy_enum_conversion(response.error);

    return legacy_enum_conversion(response.error);

trusty/keymaster/TrustyKeymaster.cpp

+37 −8
Original line number Original line Diff line number Diff line
@@ -31,11 +31,35 @@ int TrustyKeymaster::Initialize() { 
        return err;

        return err;

    }

    }





    ConfigureRequest req;

    // Try GetVersion2 first.

    GetVersion2Request versionReq;

    GetVersion2Response versionRsp = GetVersion2(versionReq);

    if (versionRsp.error != KM_ERROR_OK) {

        ALOGW("TA appears not to support GetVersion2, falling back (err = %d)", versionRsp.error);



        GetVersionRequest versionReq;

        GetVersionResponse versionRsp;

        GetVersion(versionReq, &versionRsp);

        if (versionRsp.error != KM_ERROR_OK) {

            ALOGE("Failed to get TA version %d", versionRsp.error);

            return -1;

        } else {

            keymaster_error_t error;

            message_version_ = NegotiateMessageVersion(versionRsp, &error);

            if (error != KM_ERROR_OK) {

                ALOGE("Failed to negotiate message version %d", error);

                return -1;

            }

        }

    } else {

        message_version_ = NegotiateMessageVersion(versionReq, versionRsp);

    }



    ConfigureRequest req(message_version());

    req.os_version = GetOsVersion();

    req.os_version = GetOsVersion();

    req.os_patchlevel = GetOsPatchlevel();

    req.os_patchlevel = GetOsPatchlevel();





    ConfigureResponse rsp;

    ConfigureResponse rsp(message_version());

    Configure(req, &rsp);

    Configure(req, &rsp);





    if (rsp.error != KM_ERROR_OK) {

    if (rsp.error != KM_ERROR_OK) {
@@ -52,7 +76,7 @@ TrustyKeymaster::~TrustyKeymaster() { 
    trusty_keymaster_disconnect();

    trusty_keymaster_disconnect();

}

}





static void ForwardCommand(enum keymaster_command command, const Serializable& req,

static void ForwardCommand(enum keymaster_command command, const KeymasterMessage& req,

                           KeymasterResponse* rsp) {

                           KeymasterResponse* rsp) {

    keymaster_error_t err;

    keymaster_error_t err;

    err = trusty_keymaster_send(command, req, rsp);

    err = trusty_keymaster_send(command, req, rsp);
@@ -173,25 +197,30 @@ void TrustyKeymaster::AbortOperation(const AbortOperationRequest& request, 
}

}





GetHmacSharingParametersResponse TrustyKeymaster::GetHmacSharingParameters() {

GetHmacSharingParametersResponse TrustyKeymaster::GetHmacSharingParameters() {

    // Empty buffer to allow ForwardCommand to have something to serialize

    GetHmacSharingParametersRequest request(message_version());

    Buffer request;

    GetHmacSharingParametersResponse response(message_version());

    GetHmacSharingParametersResponse response;

    ForwardCommand(KM_GET_HMAC_SHARING_PARAMETERS, request, &response);

    ForwardCommand(KM_GET_HMAC_SHARING_PARAMETERS, request, &response);

    return response;

    return response;

}

}





ComputeSharedHmacResponse TrustyKeymaster::ComputeSharedHmac(

ComputeSharedHmacResponse TrustyKeymaster::ComputeSharedHmac(

        const ComputeSharedHmacRequest& request) {

        const ComputeSharedHmacRequest& request) {

    ComputeSharedHmacResponse response;

    ComputeSharedHmacResponse response(message_version());

    ForwardCommand(KM_COMPUTE_SHARED_HMAC, request, &response);

    ForwardCommand(KM_COMPUTE_SHARED_HMAC, request, &response);

    return response;

    return response;

}

}





VerifyAuthorizationResponse TrustyKeymaster::VerifyAuthorization(

VerifyAuthorizationResponse TrustyKeymaster::VerifyAuthorization(

        const VerifyAuthorizationRequest& request) {

        const VerifyAuthorizationRequest& request) {

    VerifyAuthorizationResponse response;

    VerifyAuthorizationResponse response(message_version());

    ForwardCommand(KM_VERIFY_AUTHORIZATION, request, &response);

    ForwardCommand(KM_VERIFY_AUTHORIZATION, request, &response);

    return response;

    return response;

}

}





GetVersion2Response TrustyKeymaster::GetVersion2(const GetVersion2Request& request) {

    GetVersion2Response response(message_version());

    ForwardCommand(KM_GET_VERSION_2, request, &response);

    return response;

}



}  // namespace keymaster
 
}  // namespace keymaster

trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h

+6 −0
Original line number Original line Diff line number Diff line
@@ -59,6 +59,12 @@ class TrustyKeymaster { 
    GetHmacSharingParametersResponse GetHmacSharingParameters();

    GetHmacSharingParametersResponse GetHmacSharingParameters();

    ComputeSharedHmacResponse ComputeSharedHmac(const ComputeSharedHmacRequest& request);

    ComputeSharedHmacResponse ComputeSharedHmac(const ComputeSharedHmacRequest& request);

    VerifyAuthorizationResponse VerifyAuthorization(const VerifyAuthorizationRequest& request);

    VerifyAuthorizationResponse VerifyAuthorization(const VerifyAuthorizationRequest& request);

    GetVersion2Response GetVersion2(const GetVersion2Request& request);



    uint32_t message_version() const { return message_version_; }



  private:

    uint32_t message_version_;

};

};





}  // namespace keymaster

}  // namespace keymaster

trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h

+1 −0
Original line number Original line Diff line number Diff line
@@ -53,6 +53,7 @@ enum keymaster_command : uint32_t { 
    KM_DELETE_ALL_KEYS              = (23 << KEYMASTER_REQ_SHIFT),

    KM_DELETE_ALL_KEYS              = (23 << KEYMASTER_REQ_SHIFT),

    KM_DESTROY_ATTESTATION_IDS      = (24 << KEYMASTER_REQ_SHIFT),

    KM_DESTROY_ATTESTATION_IDS      = (24 << KEYMASTER_REQ_SHIFT),

    KM_IMPORT_WRAPPED_KEY           = (25 << KEYMASTER_REQ_SHIFT),

    KM_IMPORT_WRAPPED_KEY           = (25 << KEYMASTER_REQ_SHIFT),

    KM_GET_VERSION_2                = (28 << KEYMASTER_REQ_SHIFT),





    // Bootloader/provisioning calls.

    // Bootloader/provisioning calls.

    KM_SET_BOOT_PARAMS = (0x1000 << KEYMASTER_REQ_SHIFT),

    KM_SET_BOOT_PARAMS = (0x1000 << KEYMASTER_REQ_SHIFT),