1/* 2 * Copyright 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#ifndef SYSTEM_KEYMASTER_GOOGLE_KEYMASTER_MESSAGES_H_ 18#define SYSTEM_KEYMASTER_GOOGLE_KEYMASTER_MESSAGES_H_ 19 20#include <stdlib.h> 21#include <string.h> 22 23#include <keymaster/authorization_set.h> 24#include <keymaster/google_keymaster_utils.h> 25 26namespace keymaster { 27 28// Commands 29const uint32_t GENERATE_KEY = 0; 30const uint32_t BEGIN_OPERATION = 1; 31const uint32_t UPDATE_OPERATION = 2; 32const uint32_t FINISH_OPERATION = 3; 33const uint32_t ABORT_OPERATION = 4; 34const uint32_t IMPORT_KEY = 5; 35const uint32_t EXPORT_KEY = 6; 36 37/** 38 * All responses include an error value, and if the error is not KM_ERROR_OK, return no additional 39 * data. This abstract class factors out the common serialization functionality for all of the 40 * responses, so we only have to implement it once. Inheritance for reuse is generally not a great 41 * structure, but in this case it's the cleanest option. 42 */ 43struct KeymasterResponse : public Serializable { 44 size_t SerializedSize() const; 45 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const; 46 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 47 48 virtual size_t NonErrorSerializedSize() const = 0; 49 virtual uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const = 0; 50 virtual bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) = 0; 51 52 keymaster_error_t error; 53}; 54 55struct SupportedAlgorithmsResponse : public KeymasterResponse { 56 SupportedAlgorithmsResponse() : algorithms(NULL), algorithms_length(0) {} 57 ~SupportedAlgorithmsResponse() { delete[] algorithms; } 58 59 size_t NonErrorSerializedSize() const; 60 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const; 61 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end); 62 63 keymaster_algorithm_t* algorithms; 64 size_t algorithms_length; 65}; 66 67template <typename T> struct SupportedResponse : public KeymasterResponse { 68 SupportedResponse() : results(NULL), results_length(0) {} 69 ~SupportedResponse() { delete[] results; } 70 71 template <size_t N> void SetResults(const T (&arr)[N]) { 72 delete[] results; 73 results_length = 0; 74 results = dup_array(arr); 75 if (results == NULL) { 76 error = KM_ERROR_MEMORY_ALLOCATION_FAILED; 77 } else { 78 results_length = N; 79 error = KM_ERROR_OK; 80 } 81 } 82 83 size_t NonErrorSerializedSize() const { 84 return sizeof(uint32_t) + results_length * sizeof(uint32_t); 85 } 86 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const { 87 return append_uint32_array_to_buf(buf, end, results, results_length); 88 } 89 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) { 90 delete[] results; 91 results = NULL; 92 UniquePtr<T[]> tmp; 93 if (!copy_uint32_array_from_buf(buf_ptr, end, &tmp, &results_length)) 94 return false; 95 results = tmp.release(); 96 return true; 97 } 98 99 T* results; 100 size_t results_length; 101}; 102 103struct GenerateKeyRequest : public Serializable { 104 GenerateKeyRequest() {} 105 GenerateKeyRequest(uint8_t* buf, size_t size) : key_description(buf, size) {} 106 107 size_t SerializedSize() const { return key_description.SerializedSize(); } 108 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const { 109 return key_description.Serialize(buf, end); 110 } 111 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) { 112 return key_description.Deserialize(buf_ptr, end); 113 } 114 115 AuthorizationSet key_description; 116}; 117 118struct GenerateKeyResponse : public KeymasterResponse { 119 GenerateKeyResponse() { 120 error = KM_ERROR_OK; 121 key_blob.key_material = NULL; 122 key_blob.key_material_size = 0; 123 } 124 ~GenerateKeyResponse(); 125 126 size_t NonErrorSerializedSize() const; 127 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const; 128 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end); 129 130 keymaster_key_blob_t key_blob; 131 AuthorizationSet enforced; 132 AuthorizationSet unenforced; 133}; 134 135struct GetKeyCharacteristicsRequest : public Serializable { 136 GetKeyCharacteristicsRequest() { key_blob.key_material = NULL; } 137 ~GetKeyCharacteristicsRequest(); 138 139 void SetKeyMaterial(const void* key_material, size_t length); 140 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 141 SetKeyMaterial(blob.key_material, blob.key_material_size); 142 } 143 144 size_t SerializedSize() const; 145 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const; 146 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 147 148 keymaster_key_blob_t key_blob; 149 AuthorizationSet additional_params; 150}; 151 152struct GetKeyCharacteristicsResponse : public KeymasterResponse { 153 size_t NonErrorSerializedSize() const; 154 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const; 155 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end); 156 157 AuthorizationSet enforced; 158 AuthorizationSet unenforced; 159}; 160 161struct BeginOperationRequest : public Serializable { 162 BeginOperationRequest() { key_blob.key_material = NULL; } 163 ~BeginOperationRequest() { delete[] key_blob.key_material; } 164 165 void SetKeyMaterial(const void* key_material, size_t length); 166 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 167 SetKeyMaterial(blob.key_material, blob.key_material_size); 168 } 169 170 size_t SerializedSize() const; 171 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const; 172 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 173 174 keymaster_purpose_t purpose; 175 keymaster_key_blob_t key_blob; 176 AuthorizationSet additional_params; 177}; 178 179struct BeginOperationResponse : public KeymasterResponse { 180 size_t NonErrorSerializedSize() const; 181 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const; 182 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end); 183 184 keymaster_operation_handle_t op_handle; 185}; 186 187struct UpdateOperationRequest : public Serializable { 188 size_t SerializedSize() const; 189 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const; 190 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 191 192 keymaster_operation_handle_t op_handle; 193 Buffer input; 194}; 195 196struct UpdateOperationResponse : public KeymasterResponse { 197 size_t NonErrorSerializedSize() const; 198 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const; 199 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end); 200 201 Buffer output; 202}; 203 204struct FinishOperationRequest : public Serializable { 205 size_t SerializedSize() const; 206 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const; 207 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 208 209 keymaster_operation_handle_t op_handle; 210 Buffer signature; 211}; 212 213struct FinishOperationResponse : public KeymasterResponse { 214 size_t NonErrorSerializedSize() const; 215 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const; 216 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end); 217 218 Buffer output; 219}; 220 221struct AddEntropyRequest : public Serializable { 222 size_t SerializedSize() const; 223 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const; 224 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 225 226 Buffer random_data; 227}; 228 229struct ImportKeyRequest : public Serializable { 230 ImportKeyRequest() : key_data(NULL) {} 231 ~ImportKeyRequest() { delete[] key_data; } 232 233 void SetKeyMaterial(const void* key_material, size_t length); 234 235 size_t SerializedSize() const; 236 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const; 237 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 238 239 AuthorizationSet key_description; 240 keymaster_key_format_t key_format; 241 uint8_t* key_data; 242 size_t key_data_length; 243}; 244 245struct ImportKeyResponse : public KeymasterResponse { 246 ImportKeyResponse() { key_blob.key_material = NULL; } 247 ~ImportKeyResponse() { delete[] key_blob.key_material; } 248 249 void SetKeyMaterial(const void* key_material, size_t length); 250 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 251 SetKeyMaterial(blob.key_material, blob.key_material_size); 252 } 253 254 size_t NonErrorSerializedSize() const; 255 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const; 256 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end); 257 258 keymaster_key_blob_t key_blob; 259 AuthorizationSet enforced; 260 AuthorizationSet unenforced; 261}; 262 263struct ExportKeyRequest : public Serializable { 264 ExportKeyRequest() { key_blob.key_material = NULL; } 265 ~ExportKeyRequest() { delete[] key_blob.key_material; } 266 267 void SetKeyMaterial(const void* key_material, size_t length); 268 void SetKeyMaterial(const keymaster_key_blob_t& blob) { 269 SetKeyMaterial(blob.key_material, blob.key_material_size); 270 } 271 272 size_t SerializedSize() const; 273 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const; 274 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 275 276 AuthorizationSet additional_params; 277 keymaster_key_format_t key_format; 278 keymaster_key_blob_t key_blob; 279}; 280 281struct ExportKeyResponse : public KeymasterResponse { 282 ExportKeyResponse() : key_data(NULL) {} 283 ~ExportKeyResponse() { delete[] key_data; } 284 285 void SetKeyMaterial(const void* key_material, size_t length); 286 287 size_t NonErrorSerializedSize() const; 288 uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const; 289 bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end); 290 291 uint8_t* key_data; 292 size_t key_data_length; 293}; 294 295// The structs below are trivial because they're not implemented yet. 296struct RescopeRequest : public Serializable {}; 297struct RescopeResponse : public KeymasterResponse {}; 298 299} // namespace keymaster 300 301#endif // SYSTEM_KEYMASTER_GOOGLE_KEYMASTER_MESSAGES_H_ 302