gatekeeper_messages.cpp revision 175eea9a2a921314d1a58c3be0bc57a71bd8e62d 
1/*
2 * Copyright 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 *
16 */
17
18#include <gatekeeper/gatekeeper_messages.h>
19
20#include <string.h>
21
22
23namespace gatekeeper {
24
25/**
26 * Methods for serializing/deserializing SizedBuffers
27 */
28
29struct __attribute__((__packed__)) serial_header_t {
30    uint32_t error;
31    uint32_t user_id;
32};
33
34static inline size_t serialized_buffer_size(const SizedBuffer &buf) {
35    return sizeof(uint32_t) + buf.length;
36}
37
38static inline void append_to_buffer(uint8_t **buffer, const SizedBuffer *to_append) {
39    memcpy(*buffer, &to_append->length, sizeof(to_append->length));
40    *buffer += sizeof(to_append->length);
41    if (to_append->length != 0) {
42        memcpy(*buffer, to_append->buffer.get(), to_append->length);
43        *buffer += to_append->length;
44    }
45}
46
47static inline gatekeeper_error_t read_from_buffer(const uint8_t **buffer, const uint8_t *end,
48        SizedBuffer *target) {
49    if (*buffer + sizeof(target->length) > end) return ERROR_INVALID;
50
51    memcpy(&target->length, *buffer, sizeof(target->length));
52    *buffer += sizeof(target->length);
53    if (target->length != 0) {
54        const uint8_t *buffer_end = *buffer + target->length;
55        if (buffer_end > end || buffer_end <= *buffer) return ERROR_INVALID;
56
57        target->buffer.reset(new uint8_t[target->length]);
58        memcpy(target->buffer.get(), *buffer, target->length);
59        *buffer += target->length;
60    }
61    return ERROR_NONE;
62}
63
64
65size_t GateKeeperMessage::GetSerializedSize() const {
66    if (error == ERROR_NONE) {
67        return 2 * sizeof(uint32_t) + nonErrorSerializedSize();
68    } else {
69        return sizeof(uint32_t);
70    }
71}
72
73size_t GateKeeperMessage::Serialize(uint8_t *buffer, const uint8_t *end) const {
74    size_t bytes_written = 0;
75    if (buffer + GetSerializedSize() > end) {
76        return 0;
77    }
78
79    serial_header_t *header = reinterpret_cast<serial_header_t *>(buffer);
80    if (error != ERROR_NONE) {
81        if (buffer + sizeof(error) > end) return 0;
82        header->error = error;
83        bytes_written += sizeof(error);
84    } else {
85        if (buffer + sizeof(serial_header_t) + nonErrorSerializedSize() > end)
86            return 0;
87        header->error = error;
88        header->user_id = user_id;
89        nonErrorSerialize(buffer + sizeof(*header));
90        bytes_written += sizeof(*header) + nonErrorSerializedSize();
91    }
92
93    return bytes_written;
94}
95
96gatekeeper_error_t GateKeeperMessage::Deserialize(const uint8_t *payload, const uint8_t *end) {
97    uint32_t error_value;
98    if (payload + sizeof(uint32_t) > end) return ERROR_INVALID;
99    const serial_header_t *header = reinterpret_cast<const serial_header_t *>(payload);
100    if (header->error == ERROR_NONE) {
101        if (payload == end) return ERROR_INVALID;
102        user_id = header->user_id;
103        error = nonErrorDeserialize(payload + sizeof(*header), end);
104    } else {
105        error = static_cast<gatekeeper_error_t>(header->error);
106    }
107
108    return error;
109}
110
111
112VerifyRequest::VerifyRequest(uint32_t user_id, SizedBuffer *enrolled_password_handle,
113        SizedBuffer *provided_password_payload) {
114    this->user_id = user_id;
115    this->password_handle.buffer.reset(enrolled_password_handle->buffer.release());
116    this->password_handle.length = enrolled_password_handle->length;
117    this->provided_password.buffer.reset(provided_password_payload->buffer.release());
118    this->provided_password.length = provided_password_payload->length;
119}
120
121VerifyRequest::VerifyRequest() {
122    memset_s(&password_handle, 0, sizeof(password_handle));
123    memset_s(&provided_password, 0, sizeof(provided_password));
124}
125
126VerifyRequest::~VerifyRequest() {
127    if (password_handle.buffer.get()) {
128        password_handle.buffer.reset();
129    }
130
131    if (provided_password.buffer.get()) {
132        memset_s(provided_password.buffer.get(), 0, provided_password.length);
133        provided_password.buffer.reset();
134    }
135}
136
137size_t VerifyRequest::nonErrorSerializedSize() const {
138    return serialized_buffer_size(password_handle) + serialized_buffer_size(provided_password);
139}
140
141void VerifyRequest::nonErrorSerialize(uint8_t *buffer) const {
142    append_to_buffer(&buffer, &password_handle);
143    append_to_buffer(&buffer, &provided_password);
144}
145
146gatekeeper_error_t VerifyRequest::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) {
147    gatekeeper_error_t error = ERROR_NONE;
148
149    if (password_handle.buffer.get()) {
150        password_handle.buffer.reset();
151    }
152
153    if (provided_password.buffer.get()) {
154        memset_s(provided_password.buffer.get(), 0, provided_password.length);
155        provided_password.buffer.reset();
156    }
157
158    error = read_from_buffer(&payload, end, &password_handle);
159    if (error != ERROR_NONE) return error;
160
161    return read_from_buffer(&payload, end, &provided_password);
162
163}
164
165VerifyResponse::VerifyResponse(uint32_t user_id, SizedBuffer *auth_token) {
166    this->user_id = user_id;
167    this->auth_token.buffer.reset(auth_token->buffer.release());
168    this->auth_token.length = auth_token->length;
169}
170
171VerifyResponse::VerifyResponse() {
172    memset_s(&auth_token, 0, sizeof(auth_token));
173};
174
175VerifyResponse::~VerifyResponse() {
176    if (auth_token.length > 0) {
177        auth_token.buffer.reset();
178    }
179}
180
181void VerifyResponse::SetVerificationToken(SizedBuffer *auth_token) {
182    this->auth_token.buffer.reset(auth_token->buffer.release());
183    this->auth_token.length = auth_token->length;
184}
185
186size_t VerifyResponse::nonErrorSerializedSize() const {
187    return serialized_buffer_size(auth_token);
188}
189
190void VerifyResponse::nonErrorSerialize(uint8_t *buffer) const {
191    append_to_buffer(&buffer, &auth_token);
192}
193
194gatekeeper_error_t VerifyResponse::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) {
195    if (auth_token.buffer.get()) {
196        auth_token.buffer.reset();
197    }
198
199    return read_from_buffer(&payload, end, &auth_token);
200}
201
202EnrollRequest::EnrollRequest(uint32_t user_id, SizedBuffer *password_handle,
203        SizedBuffer *provided_password,  SizedBuffer *enrolled_password) {
204    this->user_id = user_id;
205    this->provided_password.buffer.reset(provided_password->buffer.release());
206    this->provided_password.length = provided_password->length;
207
208    if (enrolled_password == NULL) {
209        this->enrolled_password.buffer.reset();
210        this->enrolled_password.length = 0;
211    } else {
212        this->enrolled_password.buffer.reset(enrolled_password->buffer.release());
213        this->enrolled_password.length = enrolled_password->length;
214    }
215
216    if (password_handle == NULL) {
217        this->password_handle.buffer.reset();
218        this->password_handle.length = 0;
219    } else {
220        this->password_handle.buffer.reset(password_handle->buffer.release());
221        this->password_handle.length = password_handle->length;
222    }
223}
224
225EnrollRequest::EnrollRequest() {
226    memset_s(&provided_password, 0, sizeof(provided_password));
227    memset_s(&enrolled_password, 0, sizeof(enrolled_password));
228    memset_s(&password_handle, 0, sizeof(password_handle));
229}
230
231EnrollRequest::~EnrollRequest() {
232    if (provided_password.buffer.get()) {
233        memset_s(provided_password.buffer.get(), 0, provided_password.length);
234        provided_password.buffer.reset();
235    }
236
237    if (enrolled_password.buffer.get()) {
238        memset_s(enrolled_password.buffer.get(), 0, enrolled_password.length);
239        enrolled_password.buffer.reset();
240    }
241
242    if (password_handle.buffer.get()) {
243        memset_s(password_handle.buffer.get(), 0, password_handle.length);
244        password_handle.buffer.reset();
245    }
246}
247
248size_t EnrollRequest::nonErrorSerializedSize() const {
249   return serialized_buffer_size(provided_password) + serialized_buffer_size(enrolled_password)
250       + serialized_buffer_size(password_handle);
251}
252
253void EnrollRequest::nonErrorSerialize(uint8_t *buffer) const {
254    append_to_buffer(&buffer, &provided_password);
255    append_to_buffer(&buffer, &enrolled_password);
256    append_to_buffer(&buffer, &password_handle);
257}
258
259gatekeeper_error_t EnrollRequest::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) {
260    gatekeeper_error_t ret;
261    if (provided_password.buffer.get()) {
262        memset_s(provided_password.buffer.get(), 0, provided_password.length);
263        provided_password.buffer.reset();
264    }
265
266    if (enrolled_password.buffer.get()) {
267        memset_s(enrolled_password.buffer.get(), 0, enrolled_password.length);
268        enrolled_password.buffer.reset();
269    }
270
271    if (password_handle.buffer.get()) {
272        memset_s(password_handle.buffer.get(), 0, password_handle.length);
273        password_handle.buffer.reset();
274    }
275
276     ret = read_from_buffer(&payload, end, &provided_password);
277     if (ret != ERROR_NONE) {
278         return ret;
279     }
280
281     ret = read_from_buffer(&payload, end, &enrolled_password);
282     if (ret != ERROR_NONE) {
283         return ret;
284     }
285
286     return read_from_buffer(&payload, end, &password_handle);
287}
288
289EnrollResponse::EnrollResponse(uint32_t user_id, SizedBuffer *enrolled_password_handle) {
290    this->user_id = user_id;
291    this->enrolled_password_handle.buffer.reset(enrolled_password_handle->buffer.release());
292    this->enrolled_password_handle.length = enrolled_password_handle->length;
293}
294
295EnrollResponse::EnrollResponse() {
296    memset_s(&enrolled_password_handle, 0, sizeof(enrolled_password_handle));
297}
298
299EnrollResponse::~EnrollResponse() {
300    if (enrolled_password_handle.buffer.get()) {
301        enrolled_password_handle.buffer.reset();
302    }
303}
304
305void EnrollResponse::SetEnrolledPasswordHandle(SizedBuffer *enrolled_password_handle) {
306    this->enrolled_password_handle.buffer.reset(enrolled_password_handle->buffer.release());
307    this->enrolled_password_handle.length = enrolled_password_handle->length;
308}
309
310size_t EnrollResponse::nonErrorSerializedSize() const {
311    return serialized_buffer_size(enrolled_password_handle);
312}
313
314void EnrollResponse::nonErrorSerialize(uint8_t *buffer) const {
315    append_to_buffer(&buffer, &enrolled_password_handle);
316}
317
318gatekeeper_error_t EnrollResponse::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) {
319    if (enrolled_password_handle.buffer.get()) {
320        enrolled_password_handle.buffer.reset();
321    }
322
323    return read_from_buffer(&payload, end, &enrolled_password_handle);
324}
325
326};
327
328