keymaster_defs.h revision c3ab05c3c40311cdae88eed35dc8884ecb5b1fd9 
1/*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#ifndef ANDROID_HARDWARE_KEYMASTER_DEFS_H
18#define ANDROID_HARDWARE_KEYMASTER_DEFS_H
19
20#include <stdint.h>
21#include <stdlib.h>
22#include <string.h>
23
24__BEGIN_DECLS
25
26/**
27 * Authorization tags each have an associated type.  This enumeration facilitates tagging each with
28 * a type, by using the high four bits (of an implied 32-bit unsigned enum value) to specify up to
29 * 16 data types.  These values are ORed with tag IDs to generate the final tag ID values.
30 */
31typedef enum {
32    KM_INVALID = 0 << 28, /* Invalid type, used to designate a tag as uninitialized */
33    KM_ENUM = 1 << 28,
34    KM_ENUM_REP = 2 << 28, /* Repeatable enumeration value. */
35    KM_INT = 3 << 28,
36    KM_INT_REP = 4 << 28, /* Repeatable integer value */
37    KM_LONG = 5 << 28,
38    KM_DATE = 6 << 28,
39    KM_BOOL = 7 << 28,
40    KM_BIGNUM = 8 << 28,
41    KM_BYTES = 9 << 28,
42} keymaster_tag_type_t;
43
44typedef enum {
45    KM_TAG_INVALID = KM_INVALID | 0,
46
47    /*
48     * Tags that must be semantically enforced by hardware and software implementations.
49     */
50
51    /* Crypto parameters */
52    KM_TAG_PURPOSE = KM_ENUM_REP | 1,     /* keymaster_purpose_t. */
53    KM_TAG_ALGORITHM = KM_ENUM | 2,       /* keymaster_algorithm_t. */
54    KM_TAG_KEY_SIZE = KM_INT | 3,         /* Key size in bits. */
55    KM_TAG_BLOCK_MODE = KM_ENUM | 4,      /* keymaster_block_mode_t. */
56    KM_TAG_DIGEST = KM_ENUM | 5,          /* keymaster_digest_t. */
57    KM_TAG_MAC_LENGTH = KM_INT | 6,       /* MAC or AEAD authentication tag length in bits. */
58    KM_TAG_PADDING = KM_ENUM | 7,         /* keymaster_padding_t. */
59    KM_TAG_RETURN_UNAUTHED = KM_BOOL | 8, /* Allow AEAD decryption to return plaintext before it has
60                                             been authenticated.  WARNING: Not recommended. */
61    KM_TAG_CALLER_NONCE = KM_BOOL | 9,    /* Allow caller to specify nonce or IV. */
62
63    /* Other hardware-enforced. */
64    KM_TAG_RESCOPING_ADD = KM_ENUM_REP | 101, /* Tags authorized for addition via rescoping. */
65    KM_TAG_RESCOPING_DEL = KM_ENUM_REP | 102, /* Tags authorized for removal via rescoping. */
66    KM_TAG_BLOB_USAGE_REQUIREMENTS = KM_ENUM | 705, /* keymaster_key_blob_usage_requirements_t */
67
68    /* Algorithm-specific. */
69    KM_TAG_RSA_PUBLIC_EXPONENT = KM_LONG | 200, /* Defaults to 2^16+1 */
70    KM_TAG_DSA_GENERATOR = KM_BIGNUM | 201,
71    KM_TAG_DSA_P = KM_BIGNUM | 202,
72    KM_TAG_DSA_Q = KM_BIGNUM | 203,
73    /* Note there are no EC-specific params.  Field size is defined by KM_TAG_KEY_SIZE, and the
74       curve is chosen from NIST recommendations for field size */
75
76    /*
77     * Tags that should be semantically enforced by hardware if possible and will otherwise be
78     * enforced by software (keystore).
79     */
80
81    /* Key validity period */
82    KM_TAG_ACTIVE_DATETIME = KM_DATE | 400,             /* Start of validity */
83    KM_TAG_ORIGINATION_EXPIRE_DATETIME = KM_DATE | 401, /* Date when new "messages" should no
84                                                           longer be created. */
85    KM_TAG_USAGE_EXPIRE_DATETIME = KM_DATE | 402,       /* Date when existing "messages" should no
86                                                           longer be trusted. */
87    KM_TAG_MIN_SECONDS_BETWEEN_OPS = KM_INT | 403,      /* Minimum elapsed time between
88                                                           cryptographic operations with the key. */
89    KM_TAG_MAX_USES_PER_BOOT = KM_INT | 404,            /* Number of times the key can be used per
90                                                           boot. */
91
92    /* User authentication */
93    KM_TAG_ALL_USERS = KM_BOOL | 500,        /* If key is usable by all users. */
94    KM_TAG_USER_ID = KM_INT | 501,           /* ID of authorized user.  Disallowed if
95                                                KM_TAG_ALL_USERS is present. */
96    KM_TAG_NO_AUTH_REQUIRED = KM_BOOL | 502, /* If key is usable without authentication. */
97    KM_TAG_USER_AUTH_ID = KM_INT_REP | 503,  /* ID of the authenticator to use (e.g. password,
98                                                fingerprint, etc.).  Repeatable to support
99                                                multi-factor auth.  Disallowed if
100                                                KM_TAG_NO_AUTH_REQUIRED is present. */
101    KM_TAG_AUTH_TIMEOUT = KM_INT | 504,      /* Required freshness of user authentication for
102                                                private/secret key operations, in seconds.
103                                                Public key operations require no authentication.
104                                                If absent, authentication is required for every
105                                                use.  Authentication state is lost when the
106                                                device is powered off. */
107
108    /* Application access control */
109    KM_TAG_ALL_APPLICATIONS = KM_BOOL | 600, /* If key is usable by all applications. */
110    KM_TAG_APPLICATION_ID = KM_BYTES | 601,  /* ID of authorized application. Disallowed if
111                                                KM_TAG_ALL_APPLICATIONS is present. */
112
113    /*
114     * Semantically unenforceable tags, either because they have no specific meaning or because
115     * they're informational only.
116     */
117    KM_TAG_APPLICATION_DATA = KM_BYTES | 700,  /* Data provided by authorized application. */
118    KM_TAG_CREATION_DATETIME = KM_DATE | 701,  /* Key creation time */
119    KM_TAG_ORIGIN = KM_ENUM | 702,             /* keymaster_key_origin_t. */
120    KM_TAG_ROLLBACK_RESISTANT = KM_BOOL | 703, /* Whether key is rollback-resistant. */
121    KM_TAG_ROOT_OF_TRUST = KM_BYTES | 704,     /* Root of trust ID.  Empty array means usable by all
122                                                  roots. */
123
124    /* Tags used only to provide data to or receive data from operations */
125    KM_TAG_ASSOCIATED_DATA = KM_BYTES | 1000, /* Used to provide associated data for AEAD modes. */
126    KM_TAG_NONCE = KM_BYTES | 1001,           /* Nonce or Initialization Vector */
127    KM_TAG_CHUNK_LENGTH = KM_INT | 1002,      /* AEAD mode chunk size, in bytes.  0 means no limit,
128                                                 which requires KM_TAG_RETURN_UNAUTHED. */
129    KM_TAG_AUTH_TOKEN = KM_BYTES | 1003,      /* Authentication token that proves secure user
130                                                 authentication has been performed.  Structure
131                                                 defined in hw_auth_token_t in hw_auth_token.h. */
132} keymaster_tag_t;
133
134/**
135 * Algorithms that may be provided by keymaster implementations.  Those that must be provided by all
136 * implementations are tagged as "required".
137 */
138typedef enum {
139    /* Asymmetric algorithms. */
140    KM_ALGORITHM_RSA = 1,   /* required */
141    KM_ALGORITHM_DSA = 2,
142    KM_ALGORITHM_ECDSA = 3, /* required */
143    KM_ALGORITHM_ECIES = 4,
144    /* FIPS Approved Ciphers */
145    KM_ALGORITHM_AES = 32, /* required */
146    KM_ALGORITHM_3DES = 33,
147    KM_ALGORITHM_SKIPJACK = 34,
148    /* AES Finalists */
149    KM_ALGORITHM_MARS = 48,
150    KM_ALGORITHM_RC6 = 49,
151    KM_ALGORITHM_SERPENT = 50,
152    KM_ALGORITHM_TWOFISH = 51,
153    /* Other common block ciphers */
154    KM_ALGORITHM_IDEA = 52,
155    KM_ALGORITHM_RC5 = 53,
156    KM_ALGORITHM_CAST5 = 54,
157    KM_ALGORITHM_BLOWFISH = 55,
158    /* Common stream ciphers */
159    KM_ALGORITHM_RC4 = 64,
160    KM_ALGORITHM_CHACHA20 = 65,
161    /* MAC algorithms */
162    KM_ALGORITHM_HMAC = 128, /* required */
163} keymaster_algorithm_t;
164
165/**
166 * Symmetric block cipher modes that may be provided by keymaster implementations.  Those that must
167 * be provided by all implementations are tagged as "required".  This type is new in 0_4.
168 *
169 * KM_MODE_FIRST_UNAUTHENTICATED, KM_MODE_FIRST_AUTHENTICATED and KM_MODE_FIRST_MAC are not modes,
170 * but markers used to separate the available modes into classes.
171 */
172typedef enum {
173    /* Unauthenticated modes, usable only for encryption/decryption and not generally recommended
174     * except for compatibility with existing other protocols. */
175    KM_MODE_FIRST_UNAUTHENTICATED = 1,
176    KM_MODE_ECB = KM_MODE_FIRST_UNAUTHENTICATED, /* required */
177    KM_MODE_CBC = 2,                             /* required */
178    KM_MODE_CBC_CTS = 3,                         /* recommended */
179    KM_MODE_CTR = 4,                             /* recommended */
180    KM_MODE_OFB = 5,
181    KM_MODE_CFB = 6,
182    KM_MODE_XTS = 7, /* Note: requires double-length keys */
183    /* Authenticated modes, usable for encryption/decryption and signing/verification.  Recommended
184     * over unauthenticated modes for all purposes.  One of KM_MODE_GCM and KM_MODE_OCB is
185     * required. */
186    KM_MODE_FIRST_AUTHENTICATED = 32,
187    KM_MODE_GCM = KM_MODE_FIRST_AUTHENTICATED,
188    KM_MODE_OCB = 33,
189    KM_MODE_CCM = 34,
190    /* MAC modes -- only for signing/verification */
191    KM_MODE_FIRST_MAC = 128,
192    KM_MODE_CMAC = KM_MODE_FIRST_MAC,
193    KM_MODE_POLY1305 = 129,
194} keymaster_block_mode_t;
195
196/**
197 * Padding modes that may be applied to plaintext for encryption operations.  This list includes
198 * padding modes for both symmetric and asymmetric algorithms.  Note that implementations should not
199 * provide all possible combinations of algorithm and padding, only the
200 * cryptographically-appropriate pairs.
201 */
202typedef enum {
203    KM_PAD_NONE = 1,     /* required, deprecated */
204    KM_PAD_RSA_OAEP = 2, /* required */
205    KM_PAD_RSA_PSS = 3,  /* required */
206    KM_PAD_RSA_PKCS1_1_5_ENCRYPT = 4,
207    KM_PAD_RSA_PKCS1_1_5_SIGN = 5,
208    KM_PAD_ANSI_X923 = 32,
209    KM_PAD_ISO_10126 = 33,
210    KM_PAD_ZERO = 64,  /* required */
211    KM_PAD_PKCS7 = 65, /* required */
212    KM_PAD_ISO_7816_4 = 66,
213} keymaster_padding_t;
214
215/**
216 * Digests that may be provided by keymaster implementations.  Those that must be provided by all
217 * implementations are tagged as "required".  Those that have been added since version 0_2 of the
218 * API are tagged as "new".
219 */
220typedef enum {
221    KM_DIGEST_NONE = 0,           /* new, required */
222    KM_DIGEST_MD5 = 1,            /* new, for compatibility with old protocols only */
223    KM_DIGEST_SHA1 = 2,           /* new */
224    KM_DIGEST_SHA_2_224 = 3,      /* new */
225    KM_DIGEST_SHA_2_256 = 4,      /* new, required */
226    KM_DIGEST_SHA_2_384 = 5,      /* new, recommended */
227    KM_DIGEST_SHA_2_512 = 6,      /* new, recommended */
228    KM_DIGEST_SHA_3_256 = 7,      /* new */
229    KM_DIGEST_SHA_3_384 = 8,      /* new */
230    KM_DIGEST_SHA_3_512 = 9,      /* new */
231} keymaster_digest_t;
232
233/**
234 * The origin of a key (or pair), i.e. where it was generated.  Origin and can be used together to
235 * determine whether a key may have existed outside of secure hardware.  This type is new in 0_4.
236 */
237typedef enum {
238    KM_ORIGIN_HARDWARE = 0, /* Generated in secure hardware */
239    KM_ORIGIN_SOFTWARE = 1, /* Generated in non-secure software */
240    KM_ORIGIN_IMPORTED = 2, /* Imported, origin unknown */
241} keymaster_key_origin_t;
242
243/**
244 * Usability requirements of key blobs.  This defines what system functionality must be available
245 * for the key to function.  For example, key "blobs" which are actually handles referencing
246 * encrypted key material stored in the file system cannot be used until the file system is
247 * available, and should have BLOB_REQUIRES_FILE_SYSTEM.  Other requirements entries will be added
248 * as needed for implementations.  This type is new in 0_4.
249 */
250typedef enum {
251    KM_BLOB_STANDALONE = 0,
252    KM_BLOB_REQUIRES_FILE_SYSTEM = 1,
253} keymaster_key_blob_usage_requirements_t;
254
255/**
256 * Possible purposes of a key (or pair). This type is new in 0_4.
257 */
258typedef enum {
259    KM_PURPOSE_ENCRYPT = 0,
260    KM_PURPOSE_DECRYPT = 1,
261    KM_PURPOSE_SIGN = 2,
262    KM_PURPOSE_VERIFY = 3,
263} keymaster_purpose_t;
264
265typedef struct {
266    const uint8_t* data;
267    size_t data_length;
268} keymaster_blob_t;
269
270typedef struct {
271    keymaster_tag_t tag;
272    union {
273        uint32_t enumerated;   /* KM_ENUM and KM_ENUM_REP */
274        bool boolean;          /* KM_BOOL */
275        uint32_t integer;      /* KM_INT and KM_INT_REP */
276        uint64_t long_integer; /* KM_LONG */
277        uint64_t date_time;    /* KM_DATE */
278        keymaster_blob_t blob; /* KM_BIGNUM and KM_BYTES*/
279    };
280} keymaster_key_param_t;
281
282typedef struct {
283    keymaster_key_param_t* params; /* may be NULL if length == 0 */
284    size_t length;
285} keymaster_key_param_set_t;
286
287/**
288 * Parameters that define a key's characteristics, including authorized modes of usage and access
289 * control restrictions.  The parameters are divided into two categories, those that are enforced by
290 * secure hardware, and those that are not.  For a software-only keymaster implementation the
291 * enforced array must NULL.  Hardware implementations must enforce everything in the enforced
292 * array.
293 */
294typedef struct {
295    keymaster_key_param_set_t hw_enforced;
296    keymaster_key_param_set_t sw_enforced;
297} keymaster_key_characteristics_t;
298
299typedef struct {
300    const uint8_t* key_material;
301    size_t key_material_size;
302} keymaster_key_blob_t;
303
304/**
305 * Formats for key import and export.  At present, only asymmetric key import/export is supported.
306 * In the future this list will expand greatly to accommodate asymmetric key import/export.
307 */
308typedef enum {
309    KM_KEY_FORMAT_X509 = 0,   /* for public key export, required */
310    KM_KEY_FORMAT_PKCS8 = 1,  /* for asymmetric key pair import, required */
311    KM_KEY_FORMAT_PKCS12 = 2, /* for asymmetric key pair import, not required */
312    KM_KEY_FORMAT_RAW = 3,    /* for symmetric key import, required */
313} keymaster_key_format_t;
314
315/**
316 * The keymaster operation API consists of begin, update, finish and abort. This is the type of the
317 * handle used to tie the sequence of calls together.  A 64-bit value is used because it's important
318 * that handles not be predictable.  Implementations must use strong random numbers for handle
319 * values.
320 */
321typedef uint64_t keymaster_operation_handle_t;
322
323typedef enum {
324    KM_ERROR_OK = 0,
325    KM_ERROR_ROOT_OF_TRUST_ALREADY_SET = -1,
326    KM_ERROR_UNSUPPORTED_PURPOSE = -2,
327    KM_ERROR_INCOMPATIBLE_PURPOSE = -3,
328    KM_ERROR_UNSUPPORTED_ALGORITHM = -4,
329    KM_ERROR_INCOMPATIBLE_ALGORITHM = -5,
330    KM_ERROR_UNSUPPORTED_KEY_SIZE = -6,
331    KM_ERROR_UNSUPPORTED_BLOCK_MODE = -7,
332    KM_ERROR_INCOMPATIBLE_BLOCK_MODE = -8,
333    KM_ERROR_UNSUPPORTED_MAC_LENGTH = -9,
334    KM_ERROR_UNSUPPORTED_PADDING_MODE = -10,
335    KM_ERROR_INCOMPATIBLE_PADDING_MODE = -11,
336    KM_ERROR_UNSUPPORTED_DIGEST = -12,
337    KM_ERROR_INCOMPATIBLE_DIGEST = -13,
338    KM_ERROR_INVALID_EXPIRATION_TIME = -14,
339    KM_ERROR_INVALID_USER_ID = -15,
340    KM_ERROR_INVALID_AUTHORIZATION_TIMEOUT = -16,
341    KM_ERROR_UNSUPPORTED_KEY_FORMAT = -17,
342    KM_ERROR_INCOMPATIBLE_KEY_FORMAT = -18,
343    KM_ERROR_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM = -19,   /* For PKCS8 & PKCS12 */
344    KM_ERROR_UNSUPPORTED_KEY_VERIFICATION_ALGORITHM = -20, /* For PKCS8 & PKCS12 */
345    KM_ERROR_INVALID_INPUT_LENGTH = -21,
346    KM_ERROR_KEY_EXPORT_OPTIONS_INVALID = -22,
347    KM_ERROR_DELEGATION_NOT_ALLOWED = -23,
348    KM_ERROR_KEY_NOT_YET_VALID = -24,
349    KM_ERROR_KEY_EXPIRED = -25,
350    KM_ERROR_KEY_USER_NOT_AUTHENTICATED = -26,
351    KM_ERROR_OUTPUT_PARAMETER_NULL = -27,
352    KM_ERROR_INVALID_OPERATION_HANDLE = -28,
353    KM_ERROR_INSUFFICIENT_BUFFER_SPACE = -29,
354    KM_ERROR_VERIFICATION_FAILED = -30,
355    KM_ERROR_TOO_MANY_OPERATIONS = -31,
356    KM_ERROR_UNEXPECTED_NULL_POINTER = -32,
357    KM_ERROR_INVALID_KEY_BLOB = -33,
358    KM_ERROR_IMPORTED_KEY_NOT_ENCRYPTED = -34,
359    KM_ERROR_IMPORTED_KEY_DECRYPTION_FAILED = -35,
360    KM_ERROR_IMPORTED_KEY_NOT_SIGNED = -36,
361    KM_ERROR_IMPORTED_KEY_VERIFICATION_FAILED = -37,
362    KM_ERROR_INVALID_ARGUMENT = -38,
363    KM_ERROR_UNSUPPORTED_TAG = -39,
364    KM_ERROR_INVALID_TAG = -40,
365    KM_ERROR_MEMORY_ALLOCATION_FAILED = -41,
366    KM_ERROR_INVALID_RESCOPING = -42,
367    KM_ERROR_INVALID_DSA_PARAMS = -43,
368    KM_ERROR_IMPORT_PARAMETER_MISMATCH = -44,
369    KM_ERROR_SECURE_HW_ACCESS_DENIED = -45,
370    KM_ERROR_OPERATION_CANCELLED = -46,
371    KM_ERROR_CONCURRENT_ACCESS_CONFLICT = -47,
372    KM_ERROR_SECURE_HW_BUSY = -48,
373    KM_ERROR_SECURE_HW_COMMUNICATION_FAILED = -49,
374    KM_ERROR_UNSUPPORTED_EC_FIELD = -50,
375    KM_ERROR_MISSING_NONCE = -51,
376    KM_ERROR_INVALID_NONCE = -52,
377    KM_ERROR_UNSUPPORTED_CHUNK_LENGTH = -53,
378    KM_ERROR_RESCOPABLE_KEY_NOT_USABLE = -54,
379
380    KM_ERROR_UNIMPLEMENTED = -100,
381    KM_ERROR_VERSION_MISMATCH = -101,
382
383    /* Additional error codes may be added by implementations, but implementers should coordinate
384     * with Google to avoid code collision. */
385    KM_ERROR_UNKNOWN_ERROR = -1000,
386} keymaster_error_t;
387
388/* Convenience functions for manipulating keymaster tag types */
389
390static inline keymaster_tag_type_t keymaster_tag_get_type(keymaster_tag_t tag) {
391    return (keymaster_tag_type_t)(tag & (0xF << 28));
392}
393
394static inline uint32_t keymaster_tag_mask_type(keymaster_tag_t tag) {
395    return tag & 0x0FFFFFFF;
396}
397
398static inline bool keymaster_tag_type_repeatable(keymaster_tag_type_t type) {
399    switch (type) {
400    case KM_INT_REP:
401    case KM_ENUM_REP:
402        return true;
403    default:
404        return false;
405    }
406}
407
408static inline bool keymaster_tag_repeatable(keymaster_tag_t tag) {
409    return keymaster_tag_type_repeatable(keymaster_tag_get_type(tag));
410}
411
412/* Convenience functions for manipulating keymaster_key_param_t structs */
413
414inline keymaster_key_param_t keymaster_param_enum(keymaster_tag_t tag, uint32_t value) {
415    // assert(keymaster_tag_get_type(tag) == KM_ENUM || keymaster_tag_get_type(tag) == KM_ENUM_REP);
416    keymaster_key_param_t param;
417    memset(&param, 0, sizeof(param));
418    param.tag = tag;
419    param.enumerated = value;
420    return param;
421}
422
423inline keymaster_key_param_t keymaster_param_int(keymaster_tag_t tag, uint32_t value) {
424    // assert(keymaster_tag_get_type(tag) == KM_INT || keymaster_tag_get_type(tag) == KM_INT_REP);
425    keymaster_key_param_t param;
426    memset(&param, 0, sizeof(param));
427    param.tag = tag;
428    param.integer = value;
429    return param;
430}
431
432inline keymaster_key_param_t keymaster_param_long(keymaster_tag_t tag, uint64_t value) {
433    // assert(keymaster_tag_get_type(tag) == KM_LONG);
434    keymaster_key_param_t param;
435    memset(&param, 0, sizeof(param));
436    param.tag = tag;
437    param.long_integer = value;
438    return param;
439}
440
441inline keymaster_key_param_t keymaster_param_blob(keymaster_tag_t tag, const uint8_t* bytes,
442                                                  size_t bytes_len) {
443    // assert(keymaster_tag_get_type(tag) == KM_BYTES || keymaster_tag_get_type(tag) == KM_BIGNUM);
444    keymaster_key_param_t param;
445    memset(&param, 0, sizeof(param));
446    param.tag = tag;
447    param.blob.data = (uint8_t*)bytes;
448    param.blob.data_length = bytes_len;
449    return param;
450}
451
452inline keymaster_key_param_t keymaster_param_bool(keymaster_tag_t tag) {
453    // assert(keymaster_tag_get_type(tag) == KM_BOOL);
454    keymaster_key_param_t param;
455    memset(&param, 0, sizeof(param));
456    param.tag = tag;
457    param.boolean = true;
458    return param;
459}
460
461inline keymaster_key_param_t keymaster_param_date(keymaster_tag_t tag, uint64_t value) {
462    // assert(keymaster_tag_get_type(tag) == KM_DATE);
463    keymaster_key_param_t param;
464    memset(&param, 0, sizeof(param));
465    param.tag = tag;
466    param.date_time = value;
467    return param;
468}
469
470#define KEYMASTER_SIMPLE_COMPARE(a, b) (a < b) ? -1 : ((a > b) ? 1 : 0)
471inline int keymaster_param_compare(const keymaster_key_param_t* a, const keymaster_key_param_t* b) {
472    int retval = KEYMASTER_SIMPLE_COMPARE(a->tag, b->tag);
473    if (retval != 0)
474        return retval;
475
476    switch (keymaster_tag_get_type(a->tag)) {
477    case KM_INVALID:
478    case KM_BOOL:
479        return 0;
480    case KM_ENUM:
481    case KM_ENUM_REP:
482        return KEYMASTER_SIMPLE_COMPARE(a->enumerated, b->enumerated);
483    case KM_INT:
484    case KM_INT_REP:
485        return KEYMASTER_SIMPLE_COMPARE(a->integer, b->integer);
486    case KM_LONG:
487        return KEYMASTER_SIMPLE_COMPARE(a->long_integer, b->long_integer);
488    case KM_DATE:
489        return KEYMASTER_SIMPLE_COMPARE(a->date_time, b->date_time);
490    case KM_BIGNUM:
491    case KM_BYTES:
492        // Handle the empty cases.
493        if (a->blob.data_length != 0 && b->blob.data_length == 0)
494            return -1;
495        if (a->blob.data_length == 0 && b->blob.data_length == 0)
496            return 0;
497        if (a->blob.data_length == 0 && b->blob.data_length > 0)
498            return 1;
499
500        retval = memcmp(a->blob.data, b->blob.data, a->blob.data_length < b->blob.data_length
501                                                        ? a->blob.data_length
502                                                        : b->blob.data_length);
503        if (retval != 0)
504            return retval;
505        else if (a->blob.data_length != b->blob.data_length) {
506            // Equal up to the common length; longer one is larger.
507            if (a->blob.data_length < b->blob.data_length)
508                return -1;
509            if (a->blob.data_length > b->blob.data_length)
510                return 1;
511        };
512    }
513
514    return 0;
515}
516#undef KEYMASTER_SIMPLE_COMPARE
517
518inline void keymaster_free_param_values(keymaster_key_param_t* param, size_t param_count) {
519    while (param_count-- > 0) {
520        switch (keymaster_tag_get_type(param->tag)) {
521        case KM_BIGNUM:
522        case KM_BYTES:
523            free((void*)param->blob.data);
524            param->blob.data = NULL;
525            break;
526        default:
527            // NOP
528            break;
529        }
530        ++param;
531    }
532}
533
534inline void keymaster_free_param_set(keymaster_key_param_set_t* set) {
535    if (set) {
536        keymaster_free_param_values(set->params, set->length);
537        free(set->params);
538        set->params = NULL;
539    }
540}
541
542inline void keymaster_free_characteristics(keymaster_key_characteristics_t* characteristics) {
543    if (characteristics) {
544        keymaster_free_param_set(&characteristics->hw_enforced);
545        keymaster_free_param_set(&characteristics->sw_enforced);
546    }
547}
548
549__END_DECLS
550
551#endif  // ANDROID_HARDWARE_KEYMASTER_DEFS_H
552