/*
**
** Copyright 2016, The Android Open Source Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
#define LOG_TAG "KeystoreService"
#include <utils/Log.h>
#include "keystore_aidl_hidl_marshalling_utils.h"
#include <keystore/keystore_hidl_support.h>
namespace keystore {
hidl_vec<uint8_t> readKeymasterBlob(const android::Parcel& in, bool inPlace) {
ssize_t length = in.readInt32();
if (length <= 0) {
return {};
}
const void* buf = in.readInplace(length);
if (!buf) return {};
return blob2hidlVec(reinterpret_cast<const uint8_t*>(buf), size_t(length), inPlace);
}
android::status_t writeKeymasterBlob(const hidl_vec<uint8_t>& blob, android::Parcel* out) {
int32_t size = int32_t(std::min<size_t>(blob.size(), std::numeric_limits<int32_t>::max()));
auto rc = out->writeInt32(size);
if (rc != ::android::OK) return rc;
if (!size) return ::android::OK;
return out->write(&blob[0], size);
}
NullOr<hidl_vec<uint8_t>> readBlobAsByteArray(const android::Parcel& in, bool inPlace) {
// The distinction from readKeymasterBob is that the byte array is not prefixed with a presence
// value, instead a -1 in the length field indicates NULL.
ssize_t length = in.readInt32();
if (length < 0) {
return {};
}
if (length == 0) {
return hidl_vec<uint8_t>();
}
const void* buf = in.readInplace(length);
if (!buf) return hidl_vec<uint8_t>();
return blob2hidlVec(reinterpret_cast<const uint8_t*>(buf), size_t(length), inPlace);
}
android::status_t writeBlobAsByteArray(const NullOr<const hidl_vec<uint8_t>&>& blob,
android::Parcel* out) {
if (!blob.isOk()) {
return out->writeInt32(-1);
}
int32_t size =
int32_t(std::min<size_t>(blob.value().size(), std::numeric_limits<int32_t>::max()));
auto rc = out->writeInt32(size);
if (rc != ::android::OK) return rc;
if (!size) return ::android::OK;
return out->write(&blob.value()[0], size);
}
NullOr<KeyParameter> readKeyParameterFromParcel(const android::Parcel& in) {
if (in.readInt32() == 0) {
return {};
}
KeyParameter result;
Tag tag = static_cast<Tag>(in.readInt32());
result.tag = tag;
switch (typeFromTag(tag)) {
case TagType::ENUM:
case TagType::ENUM_REP:
case TagType::UINT:
case TagType::UINT_REP:
result.f.integer = in.readInt32();
break;
case TagType::ULONG:
case TagType::ULONG_REP:
case TagType::DATE:
result.f.longInteger = in.readInt64();
break;
case TagType::BOOL:
result.f.boolValue = true;
break;
case TagType::BIGNUM:
case TagType::BYTES:
result.blob = readKeymasterBlob(in);
break;
default:
ALOGE("Unsupported KeyParameter tag %d", tag);
return {};
}
return result;
}
android::status_t writeKeyParameterToParcel(const KeyParameter& param, android::Parcel* out) {
auto tag = param.tag;
auto rc = out->writeInt32(uint32_t(tag));
if (rc != ::android::OK) return rc;
switch (typeFromTag(param.tag)) {
case TagType::ENUM:
case TagType::ENUM_REP:
case TagType::UINT:
case TagType::UINT_REP:
rc = out->writeInt32(param.f.integer);
break;
case TagType::ULONG:
case TagType::ULONG_REP:
case TagType::DATE:
rc = out->writeInt64(param.f.longInteger);
break;
case TagType::BOOL:
// nothing to do here presence indicates true
break;
case TagType::BIGNUM:
case TagType::BYTES:
rc = writeKeymasterBlob(param.blob, out);
break;
default:
ALOGE("Failed to write KeyParameter: Unsupported tag %d", param.tag);
rc = android::BAD_VALUE;
break;
}
return rc;
}
hidl_vec<KeyParameter> readParamSetFromParcel(const android::Parcel& in) {
ssize_t length = in.readInt32();
size_t ulength = (size_t)length;
if (length < 0) {
ulength = 0;
}
hidl_vec<KeyParameter> result;
result.resize(ulength);
for (size_t i = 0; i < ulength; ++i) {
auto param = readKeyParameterFromParcel(in);
if (!param.isOk()) {
ALOGE("Error reading KeyParameter from parcel");
return {};
}
result[i] = param.value();
}
return result;
}
android::status_t writeParamSetToParcel(const hidl_vec<KeyParameter>& params,
android::Parcel* out) {
int32_t size = int32_t(std::min<size_t>(params.size(), std::numeric_limits<int32_t>::max()));
auto rc = out->writeInt32(size);
if (rc != ::android::OK) return rc;
for (int32_t i = 0; i < size; ++i) {
rc = out->writeInt32(1);
if (rc != ::android::OK) return rc;
rc = writeKeyParameterToParcel(params[i], out);
if (rc != ::android::OK) return rc;
}
return rc;
}
KeyCharacteristics readKeyCharacteristicsFromParcel(const android::Parcel& in) {
KeyCharacteristics result;
result.softwareEnforced = readParamSetFromParcel(in);
result.teeEnforced = readParamSetFromParcel(in);
return result;
}
android::status_t writeKeyCharacteristicsToParcel(const KeyCharacteristics& keyChara,
android::Parcel* out) {
auto rc = writeParamSetToParcel(keyChara.softwareEnforced, out);
if (rc != ::android::OK) return rc;
return writeParamSetToParcel(keyChara.teeEnforced, out);
}
hidl_vec<hidl_vec<uint8_t>> readCertificateChainFromParcel(const android::Parcel& in) {
hidl_vec<hidl_vec<uint8_t>> result;
ssize_t count = in.readInt32();
size_t ucount = count;
if (count <= 0) {
return result;
}
result.resize(ucount);
for (size_t i = 0; i < ucount; ++i) {
result[i] = readKeymasterBlob(in);
}
return result;
}
android::status_t writeCertificateChainToParcel(const hidl_vec<hidl_vec<uint8_t>>& certs,
android::Parcel* out) {
int32_t count = int32_t(std::min<size_t>(certs.size(), std::numeric_limits<int32_t>::max()));
auto rc = out->writeInt32(count);
for (int32_t i = 0; i < count; ++i) {
rc = writeKeymasterBlob(certs[i], out);
if (rc != ::android::OK) return rc;
}
return rc;
}
}