gatekeeper_messages.cpp revision 175eea9a2a921314d1a58c3be0bc57a71bd8e62d
1/* 2 * Copyright 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 * 16 */ 17 18#include <gatekeeper/gatekeeper_messages.h> 19 20#include <string.h> 21 22 23namespace gatekeeper { 24 25/** 26 * Methods for serializing/deserializing SizedBuffers 27 */ 28 29struct __attribute__((__packed__)) serial_header_t { 30 uint32_t error; 31 uint32_t user_id; 32}; 33 34static inline size_t serialized_buffer_size(const SizedBuffer &buf) { 35 return sizeof(uint32_t) + buf.length; 36} 37 38static inline void append_to_buffer(uint8_t **buffer, const SizedBuffer *to_append) { 39 memcpy(*buffer, &to_append->length, sizeof(to_append->length)); 40 *buffer += sizeof(to_append->length); 41 if (to_append->length != 0) { 42 memcpy(*buffer, to_append->buffer.get(), to_append->length); 43 *buffer += to_append->length; 44 } 45} 46 47static inline gatekeeper_error_t read_from_buffer(const uint8_t **buffer, const uint8_t *end, 48 SizedBuffer *target) { 49 if (*buffer + sizeof(target->length) > end) return ERROR_INVALID; 50 51 memcpy(&target->length, *buffer, sizeof(target->length)); 52 *buffer += sizeof(target->length); 53 if (target->length != 0) { 54 const uint8_t *buffer_end = *buffer + target->length; 55 if (buffer_end > end || buffer_end <= *buffer) return ERROR_INVALID; 56 57 target->buffer.reset(new uint8_t[target->length]); 58 memcpy(target->buffer.get(), *buffer, target->length); 59 *buffer += target->length; 60 } 61 return ERROR_NONE; 62} 63 64 65size_t GateKeeperMessage::GetSerializedSize() const { 66 if (error == ERROR_NONE) { 67 return 2 * sizeof(uint32_t) + nonErrorSerializedSize(); 68 } else { 69 return sizeof(uint32_t); 70 } 71} 72 73size_t GateKeeperMessage::Serialize(uint8_t *buffer, const uint8_t *end) const { 74 size_t bytes_written = 0; 75 if (buffer + GetSerializedSize() > end) { 76 return 0; 77 } 78 79 serial_header_t *header = reinterpret_cast<serial_header_t *>(buffer); 80 if (error != ERROR_NONE) { 81 if (buffer + sizeof(error) > end) return 0; 82 header->error = error; 83 bytes_written += sizeof(error); 84 } else { 85 if (buffer + sizeof(serial_header_t) + nonErrorSerializedSize() > end) 86 return 0; 87 header->error = error; 88 header->user_id = user_id; 89 nonErrorSerialize(buffer + sizeof(*header)); 90 bytes_written += sizeof(*header) + nonErrorSerializedSize(); 91 } 92 93 return bytes_written; 94} 95 96gatekeeper_error_t GateKeeperMessage::Deserialize(const uint8_t *payload, const uint8_t *end) { 97 uint32_t error_value; 98 if (payload + sizeof(uint32_t) > end) return ERROR_INVALID; 99 const serial_header_t *header = reinterpret_cast<const serial_header_t *>(payload); 100 if (header->error == ERROR_NONE) { 101 if (payload == end) return ERROR_INVALID; 102 user_id = header->user_id; 103 error = nonErrorDeserialize(payload + sizeof(*header), end); 104 } else { 105 error = static_cast<gatekeeper_error_t>(header->error); 106 } 107 108 return error; 109} 110 111 112VerifyRequest::VerifyRequest(uint32_t user_id, SizedBuffer *enrolled_password_handle, 113 SizedBuffer *provided_password_payload) { 114 this->user_id = user_id; 115 this->password_handle.buffer.reset(enrolled_password_handle->buffer.release()); 116 this->password_handle.length = enrolled_password_handle->length; 117 this->provided_password.buffer.reset(provided_password_payload->buffer.release()); 118 this->provided_password.length = provided_password_payload->length; 119} 120 121VerifyRequest::VerifyRequest() { 122 memset_s(&password_handle, 0, sizeof(password_handle)); 123 memset_s(&provided_password, 0, sizeof(provided_password)); 124} 125 126VerifyRequest::~VerifyRequest() { 127 if (password_handle.buffer.get()) { 128 password_handle.buffer.reset(); 129 } 130 131 if (provided_password.buffer.get()) { 132 memset_s(provided_password.buffer.get(), 0, provided_password.length); 133 provided_password.buffer.reset(); 134 } 135} 136 137size_t VerifyRequest::nonErrorSerializedSize() const { 138 return serialized_buffer_size(password_handle) + serialized_buffer_size(provided_password); 139} 140 141void VerifyRequest::nonErrorSerialize(uint8_t *buffer) const { 142 append_to_buffer(&buffer, &password_handle); 143 append_to_buffer(&buffer, &provided_password); 144} 145 146gatekeeper_error_t VerifyRequest::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) { 147 gatekeeper_error_t error = ERROR_NONE; 148 149 if (password_handle.buffer.get()) { 150 password_handle.buffer.reset(); 151 } 152 153 if (provided_password.buffer.get()) { 154 memset_s(provided_password.buffer.get(), 0, provided_password.length); 155 provided_password.buffer.reset(); 156 } 157 158 error = read_from_buffer(&payload, end, &password_handle); 159 if (error != ERROR_NONE) return error; 160 161 return read_from_buffer(&payload, end, &provided_password); 162 163} 164 165VerifyResponse::VerifyResponse(uint32_t user_id, SizedBuffer *auth_token) { 166 this->user_id = user_id; 167 this->auth_token.buffer.reset(auth_token->buffer.release()); 168 this->auth_token.length = auth_token->length; 169} 170 171VerifyResponse::VerifyResponse() { 172 memset_s(&auth_token, 0, sizeof(auth_token)); 173}; 174 175VerifyResponse::~VerifyResponse() { 176 if (auth_token.length > 0) { 177 auth_token.buffer.reset(); 178 } 179} 180 181void VerifyResponse::SetVerificationToken(SizedBuffer *auth_token) { 182 this->auth_token.buffer.reset(auth_token->buffer.release()); 183 this->auth_token.length = auth_token->length; 184} 185 186size_t VerifyResponse::nonErrorSerializedSize() const { 187 return serialized_buffer_size(auth_token); 188} 189 190void VerifyResponse::nonErrorSerialize(uint8_t *buffer) const { 191 append_to_buffer(&buffer, &auth_token); 192} 193 194gatekeeper_error_t VerifyResponse::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) { 195 if (auth_token.buffer.get()) { 196 auth_token.buffer.reset(); 197 } 198 199 return read_from_buffer(&payload, end, &auth_token); 200} 201 202EnrollRequest::EnrollRequest(uint32_t user_id, SizedBuffer *password_handle, 203 SizedBuffer *provided_password, SizedBuffer *enrolled_password) { 204 this->user_id = user_id; 205 this->provided_password.buffer.reset(provided_password->buffer.release()); 206 this->provided_password.length = provided_password->length; 207 208 if (enrolled_password == NULL) { 209 this->enrolled_password.buffer.reset(); 210 this->enrolled_password.length = 0; 211 } else { 212 this->enrolled_password.buffer.reset(enrolled_password->buffer.release()); 213 this->enrolled_password.length = enrolled_password->length; 214 } 215 216 if (password_handle == NULL) { 217 this->password_handle.buffer.reset(); 218 this->password_handle.length = 0; 219 } else { 220 this->password_handle.buffer.reset(password_handle->buffer.release()); 221 this->password_handle.length = password_handle->length; 222 } 223} 224 225EnrollRequest::EnrollRequest() { 226 memset_s(&provided_password, 0, sizeof(provided_password)); 227 memset_s(&enrolled_password, 0, sizeof(enrolled_password)); 228 memset_s(&password_handle, 0, sizeof(password_handle)); 229} 230 231EnrollRequest::~EnrollRequest() { 232 if (provided_password.buffer.get()) { 233 memset_s(provided_password.buffer.get(), 0, provided_password.length); 234 provided_password.buffer.reset(); 235 } 236 237 if (enrolled_password.buffer.get()) { 238 memset_s(enrolled_password.buffer.get(), 0, enrolled_password.length); 239 enrolled_password.buffer.reset(); 240 } 241 242 if (password_handle.buffer.get()) { 243 memset_s(password_handle.buffer.get(), 0, password_handle.length); 244 password_handle.buffer.reset(); 245 } 246} 247 248size_t EnrollRequest::nonErrorSerializedSize() const { 249 return serialized_buffer_size(provided_password) + serialized_buffer_size(enrolled_password) 250 + serialized_buffer_size(password_handle); 251} 252 253void EnrollRequest::nonErrorSerialize(uint8_t *buffer) const { 254 append_to_buffer(&buffer, &provided_password); 255 append_to_buffer(&buffer, &enrolled_password); 256 append_to_buffer(&buffer, &password_handle); 257} 258 259gatekeeper_error_t EnrollRequest::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) { 260 gatekeeper_error_t ret; 261 if (provided_password.buffer.get()) { 262 memset_s(provided_password.buffer.get(), 0, provided_password.length); 263 provided_password.buffer.reset(); 264 } 265 266 if (enrolled_password.buffer.get()) { 267 memset_s(enrolled_password.buffer.get(), 0, enrolled_password.length); 268 enrolled_password.buffer.reset(); 269 } 270 271 if (password_handle.buffer.get()) { 272 memset_s(password_handle.buffer.get(), 0, password_handle.length); 273 password_handle.buffer.reset(); 274 } 275 276 ret = read_from_buffer(&payload, end, &provided_password); 277 if (ret != ERROR_NONE) { 278 return ret; 279 } 280 281 ret = read_from_buffer(&payload, end, &enrolled_password); 282 if (ret != ERROR_NONE) { 283 return ret; 284 } 285 286 return read_from_buffer(&payload, end, &password_handle); 287} 288 289EnrollResponse::EnrollResponse(uint32_t user_id, SizedBuffer *enrolled_password_handle) { 290 this->user_id = user_id; 291 this->enrolled_password_handle.buffer.reset(enrolled_password_handle->buffer.release()); 292 this->enrolled_password_handle.length = enrolled_password_handle->length; 293} 294 295EnrollResponse::EnrollResponse() { 296 memset_s(&enrolled_password_handle, 0, sizeof(enrolled_password_handle)); 297} 298 299EnrollResponse::~EnrollResponse() { 300 if (enrolled_password_handle.buffer.get()) { 301 enrolled_password_handle.buffer.reset(); 302 } 303} 304 305void EnrollResponse::SetEnrolledPasswordHandle(SizedBuffer *enrolled_password_handle) { 306 this->enrolled_password_handle.buffer.reset(enrolled_password_handle->buffer.release()); 307 this->enrolled_password_handle.length = enrolled_password_handle->length; 308} 309 310size_t EnrollResponse::nonErrorSerializedSize() const { 311 return serialized_buffer_size(enrolled_password_handle); 312} 313 314void EnrollResponse::nonErrorSerialize(uint8_t *buffer) const { 315 append_to_buffer(&buffer, &enrolled_password_handle); 316} 317 318gatekeeper_error_t EnrollResponse::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) { 319 if (enrolled_password_handle.buffer.get()) { 320 enrolled_password_handle.buffer.reset(); 321 } 322 323 return read_from_buffer(&payload, end, &enrolled_password_handle); 324} 325 326}; 327 328