1/*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#ifndef SYSTEM_KEYMASTER_GOOGLE_KEYMASTER_MESSAGES_H_
18#define SYSTEM_KEYMASTER_GOOGLE_KEYMASTER_MESSAGES_H_
19
20#include <stdlib.h>
21#include <string.h>
22
23#include <keymaster/authorization_set.h>
24#include <keymaster/google_keymaster_utils.h>
25
26namespace keymaster {
27
28// Commands
29const uint32_t GENERATE_KEY = 0;
30const uint32_t BEGIN_OPERATION = 1;
31const uint32_t UPDATE_OPERATION = 2;
32const uint32_t FINISH_OPERATION = 3;
33const uint32_t ABORT_OPERATION = 4;
34const uint32_t IMPORT_KEY = 5;
35const uint32_t EXPORT_KEY = 6;
36
37/**
38 * All responses include an error value, and if the error is not KM_ERROR_OK, return no additional
39 * data.  This abstract class factors out the common serialization functionality for all of the
40 * responses, so we only have to implement it once.  Inheritance for reuse is generally not a great
41 * structure, but in this case it's the cleanest option.
42 */
43struct KeymasterResponse : public Serializable {
44    size_t SerializedSize() const;
45    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const;
46    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end);
47
48    virtual size_t NonErrorSerializedSize() const = 0;
49    virtual uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const = 0;
50    virtual bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) = 0;
51
52    keymaster_error_t error;
53};
54
55struct SupportedAlgorithmsResponse : public KeymasterResponse {
56    SupportedAlgorithmsResponse() : algorithms(NULL), algorithms_length(0) {}
57    ~SupportedAlgorithmsResponse() { delete[] algorithms; }
58
59    size_t NonErrorSerializedSize() const;
60    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const;
61    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end);
62
63    keymaster_algorithm_t* algorithms;
64    size_t algorithms_length;
65};
66
67template <typename T> struct SupportedResponse : public KeymasterResponse {
68    SupportedResponse() : results(NULL), results_length(0) {}
69    ~SupportedResponse() { delete[] results; }
70
71    template <size_t N> void SetResults(const T (&arr)[N]) {
72        delete[] results;
73        results_length = 0;
74        results = dup_array(arr);
75        if (results == NULL) {
76            error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
77        } else {
78            results_length = N;
79            error = KM_ERROR_OK;
80        }
81    }
82
83    size_t NonErrorSerializedSize() const {
84        return sizeof(uint32_t) + results_length * sizeof(uint32_t);
85    }
86    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const {
87        return append_uint32_array_to_buf(buf, end, results, results_length);
88    }
89    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) {
90        delete[] results;
91        results = NULL;
92        UniquePtr<T[]> tmp;
93        if (!copy_uint32_array_from_buf(buf_ptr, end, &tmp, &results_length))
94            return false;
95        results = tmp.release();
96        return true;
97    }
98
99    T* results;
100    size_t results_length;
101};
102
103struct GenerateKeyRequest : public Serializable {
104    GenerateKeyRequest() {}
105    GenerateKeyRequest(uint8_t* buf, size_t size) : key_description(buf, size) {}
106
107    size_t SerializedSize() const { return key_description.SerializedSize(); }
108    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const {
109        return key_description.Serialize(buf, end);
110    }
111    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) {
112        return key_description.Deserialize(buf_ptr, end);
113    }
114
115    AuthorizationSet key_description;
116};
117
118struct GenerateKeyResponse : public KeymasterResponse {
119    GenerateKeyResponse() {
120        error = KM_ERROR_OK;
121        key_blob.key_material = NULL;
122        key_blob.key_material_size = 0;
123    }
124    ~GenerateKeyResponse();
125
126    size_t NonErrorSerializedSize() const;
127    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const;
128    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end);
129
130    keymaster_key_blob_t key_blob;
131    AuthorizationSet enforced;
132    AuthorizationSet unenforced;
133};
134
135struct GetKeyCharacteristicsRequest : public Serializable {
136    GetKeyCharacteristicsRequest() { key_blob.key_material = NULL; }
137    ~GetKeyCharacteristicsRequest();
138
139    void SetKeyMaterial(const void* key_material, size_t length);
140    void SetKeyMaterial(const keymaster_key_blob_t& blob) {
141        SetKeyMaterial(blob.key_material, blob.key_material_size);
142    }
143
144    size_t SerializedSize() const;
145    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const;
146    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end);
147
148    keymaster_key_blob_t key_blob;
149    AuthorizationSet additional_params;
150};
151
152struct GetKeyCharacteristicsResponse : public KeymasterResponse {
153    size_t NonErrorSerializedSize() const;
154    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const;
155    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end);
156
157    AuthorizationSet enforced;
158    AuthorizationSet unenforced;
159};
160
161struct BeginOperationRequest : public Serializable {
162    BeginOperationRequest() { key_blob.key_material = NULL; }
163    ~BeginOperationRequest() { delete[] key_blob.key_material; }
164
165    void SetKeyMaterial(const void* key_material, size_t length);
166    void SetKeyMaterial(const keymaster_key_blob_t& blob) {
167        SetKeyMaterial(blob.key_material, blob.key_material_size);
168    }
169
170    size_t SerializedSize() const;
171    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const;
172    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end);
173
174    keymaster_purpose_t purpose;
175    keymaster_key_blob_t key_blob;
176    AuthorizationSet additional_params;
177};
178
179struct BeginOperationResponse : public KeymasterResponse {
180    size_t NonErrorSerializedSize() const;
181    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const;
182    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end);
183
184    keymaster_operation_handle_t op_handle;
185};
186
187struct UpdateOperationRequest : public Serializable {
188    size_t SerializedSize() const;
189    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const;
190    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end);
191
192    keymaster_operation_handle_t op_handle;
193    Buffer input;
194};
195
196struct UpdateOperationResponse : public KeymasterResponse {
197    size_t NonErrorSerializedSize() const;
198    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const;
199    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end);
200
201    Buffer output;
202};
203
204struct FinishOperationRequest : public Serializable {
205    size_t SerializedSize() const;
206    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const;
207    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end);
208
209    keymaster_operation_handle_t op_handle;
210    Buffer signature;
211};
212
213struct FinishOperationResponse : public KeymasterResponse {
214    size_t NonErrorSerializedSize() const;
215    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const;
216    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end);
217
218    Buffer output;
219};
220
221struct AddEntropyRequest : public Serializable {
222    size_t SerializedSize() const;
223    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const;
224    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end);
225
226    Buffer random_data;
227};
228
229struct ImportKeyRequest : public Serializable {
230    ImportKeyRequest() : key_data(NULL) {}
231    ~ImportKeyRequest() { delete[] key_data; }
232
233    void SetKeyMaterial(const void* key_material, size_t length);
234
235    size_t SerializedSize() const;
236    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const;
237    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end);
238
239    AuthorizationSet key_description;
240    keymaster_key_format_t key_format;
241    uint8_t* key_data;
242    size_t key_data_length;
243};
244
245struct ImportKeyResponse : public KeymasterResponse {
246    ImportKeyResponse() { key_blob.key_material = NULL; }
247    ~ImportKeyResponse() { delete[] key_blob.key_material; }
248
249    void SetKeyMaterial(const void* key_material, size_t length);
250    void SetKeyMaterial(const keymaster_key_blob_t& blob) {
251        SetKeyMaterial(blob.key_material, blob.key_material_size);
252    }
253
254    size_t NonErrorSerializedSize() const;
255    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const;
256    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end);
257
258    keymaster_key_blob_t key_blob;
259    AuthorizationSet enforced;
260    AuthorizationSet unenforced;
261};
262
263struct ExportKeyRequest : public Serializable {
264    ExportKeyRequest() { key_blob.key_material = NULL; }
265    ~ExportKeyRequest() { delete[] key_blob.key_material; }
266
267    void SetKeyMaterial(const void* key_material, size_t length);
268    void SetKeyMaterial(const keymaster_key_blob_t& blob) {
269        SetKeyMaterial(blob.key_material, blob.key_material_size);
270    }
271
272    size_t SerializedSize() const;
273    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const;
274    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end);
275
276    AuthorizationSet additional_params;
277    keymaster_key_format_t key_format;
278    keymaster_key_blob_t key_blob;
279};
280
281struct ExportKeyResponse : public KeymasterResponse {
282    ExportKeyResponse() : key_data(NULL) {}
283    ~ExportKeyResponse() { delete[] key_data; }
284
285    void SetKeyMaterial(const void* key_material, size_t length);
286
287    size_t NonErrorSerializedSize() const;
288    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const;
289    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end);
290
291    uint8_t* key_data;
292    size_t key_data_length;
293};
294
295// The structs below are trivial because they're not implemented yet.
296struct RescopeRequest : public Serializable {};
297struct RescopeResponse : public KeymasterResponse {};
298
299}  // namespace keymaster
300
301#endif  // SYSTEM_KEYMASTER_GOOGLE_KEYMASTER_MESSAGES_H_
302