IKeystoreService.cpp revision 50eb1b2f89ca455b2e9caa635bfe0b5ed94b416a
1/* 2** 3** Copyright 2008, The Android Open Source Project 4** 5** Licensed under the Apache License, Version 2.0 (the "License"); 6** you may not use this file except in compliance with the License. 7** You may obtain a copy of the License at 8** 9** http://www.apache.org/licenses/LICENSE-2.0 10** 11** Unless required by applicable law or agreed to in writing, software 12** distributed under the License is distributed on an "AS IS" BASIS, 13** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14** See the License for the specific language governing permissions and 15** limitations under the License. 16*/ 17 18#include <stdint.h> 19#include <sys/limits.h> 20#include <sys/types.h> 21 22#define LOG_TAG "KeystoreService" 23#include <utils/Log.h> 24 25#include <binder/Parcel.h> 26#include <binder/IPCThreadState.h> 27#include <binder/IServiceManager.h> 28 29#include <keystore/IKeystoreService.h> 30 31namespace android { 32 33const ssize_t MAX_GENERATE_ARGS = 3; 34static keymaster_key_param_t* readParamList(const Parcel& in, size_t* length); 35 36KeystoreArg::KeystoreArg(const void* data, size_t len) 37 : mData(data), mSize(len) { 38} 39 40KeystoreArg::~KeystoreArg() { 41} 42 43const void *KeystoreArg::data() const { 44 return mData; 45} 46 47size_t KeystoreArg::size() const { 48 return mSize; 49} 50 51OperationResult::OperationResult() : resultCode(0), token(), handle(0), inputConsumed(0), 52 data(NULL), dataLength(0) { 53} 54 55OperationResult::~OperationResult() { 56} 57 58void OperationResult::readFromParcel(const Parcel& in) { 59 resultCode = in.readInt32(); 60 token = in.readStrongBinder(); 61 handle = static_cast<keymaster_operation_handle_t>(in.readInt64()); 62 inputConsumed = in.readInt32(); 63 ssize_t length = in.readInt32(); 64 dataLength = 0; 65 if (length > 0) { 66 const void* buf = in.readInplace(length); 67 if (buf) { 68 data.reset(reinterpret_cast<uint8_t*>(malloc(length))); 69 if (data.get()) { 70 memcpy(data.get(), buf, length); 71 dataLength = (size_t) length; 72 } else { 73 ALOGE("Failed to allocate OperationResult buffer"); 74 } 75 } else { 76 ALOGE("Failed to readInplace OperationResult data"); 77 } 78 } 79 outParams.readFromParcel(in); 80} 81 82void OperationResult::writeToParcel(Parcel* out) const { 83 out->writeInt32(resultCode); 84 out->writeStrongBinder(token); 85 out->writeInt64(handle); 86 out->writeInt32(inputConsumed); 87 out->writeInt32(dataLength); 88 if (dataLength && data) { 89 void* buf = out->writeInplace(dataLength); 90 if (buf) { 91 memcpy(buf, data.get(), dataLength); 92 } else { 93 ALOGE("Failed to writeInplace OperationResult data."); 94 } 95 } 96 outParams.writeToParcel(out); 97} 98 99ExportResult::ExportResult() : resultCode(0), exportData(NULL), dataLength(0) { 100} 101 102ExportResult::~ExportResult() { 103} 104 105void ExportResult::readFromParcel(const Parcel& in) { 106 resultCode = in.readInt32(); 107 ssize_t length = in.readInt32(); 108 dataLength = 0; 109 if (length > 0) { 110 const void* buf = in.readInplace(length); 111 if (buf) { 112 exportData.reset(reinterpret_cast<uint8_t*>(malloc(length))); 113 if (exportData.get()) { 114 memcpy(exportData.get(), buf, length); 115 dataLength = (size_t) length; 116 } else { 117 ALOGE("Failed to allocate ExportData buffer"); 118 } 119 } else { 120 ALOGE("Failed to readInplace ExportData data"); 121 } 122 } 123} 124 125void ExportResult::writeToParcel(Parcel* out) const { 126 out->writeInt32(resultCode); 127 out->writeInt32(dataLength); 128 if (exportData && dataLength) { 129 void* buf = out->writeInplace(dataLength); 130 if (buf) { 131 memcpy(buf, exportData.get(), dataLength); 132 } else { 133 ALOGE("Failed to writeInplace ExportResult data."); 134 } 135 } 136} 137 138KeymasterArguments::KeymasterArguments() { 139} 140 141KeymasterArguments::~KeymasterArguments() { 142 keymaster_free_param_values(params.data(), params.size()); 143} 144 145void KeymasterArguments::readFromParcel(const Parcel& in) { 146 ssize_t length = in.readInt32(); 147 size_t ulength = (size_t) length; 148 if (length < 0) { 149 ulength = 0; 150 } 151 keymaster_free_param_values(params.data(), params.size()); 152 params.clear(); 153 for(size_t i = 0; i < ulength; i++) { 154 keymaster_key_param_t param; 155 if (!readKeymasterArgumentFromParcel(in, ¶m)) { 156 ALOGE("Error reading keymaster argument from parcel"); 157 break; 158 } 159 params.push_back(param); 160 } 161} 162 163void KeymasterArguments::writeToParcel(Parcel* out) const { 164 out->writeInt32(params.size()); 165 for (auto param : params) { 166 out->writeInt32(1); 167 writeKeymasterArgumentToParcel(param, out); 168 } 169} 170 171KeyCharacteristics::KeyCharacteristics() { 172 memset((void*) &characteristics, 0, sizeof(characteristics)); 173} 174 175KeyCharacteristics::~KeyCharacteristics() { 176 keymaster_free_characteristics(&characteristics); 177} 178 179void KeyCharacteristics::readFromParcel(const Parcel& in) { 180 size_t length = 0; 181 keymaster_key_param_t* params = readParamList(in, &length); 182 characteristics.sw_enforced.params = params; 183 characteristics.sw_enforced.length = length; 184 185 params = readParamList(in, &length); 186 characteristics.hw_enforced.params = params; 187 characteristics.hw_enforced.length = length; 188} 189 190void KeyCharacteristics::writeToParcel(Parcel* out) const { 191 if (characteristics.sw_enforced.params) { 192 out->writeInt32(characteristics.sw_enforced.length); 193 for (size_t i = 0; i < characteristics.sw_enforced.length; i++) { 194 out->writeInt32(1); 195 writeKeymasterArgumentToParcel(characteristics.sw_enforced.params[i], out); 196 } 197 } else { 198 out->writeInt32(0); 199 } 200 if (characteristics.hw_enforced.params) { 201 out->writeInt32(characteristics.hw_enforced.length); 202 for (size_t i = 0; i < characteristics.hw_enforced.length; i++) { 203 out->writeInt32(1); 204 writeKeymasterArgumentToParcel(characteristics.hw_enforced.params[i], out); 205 } 206 } else { 207 out->writeInt32(0); 208 } 209} 210 211KeymasterCertificateChain::KeymasterCertificateChain() { 212 memset(&chain, 0, sizeof(chain)); 213} 214 215KeymasterCertificateChain::~KeymasterCertificateChain() { 216 keymaster_free_cert_chain(&chain); 217} 218 219static bool readKeymasterBlob(const Parcel& in, keymaster_blob_t* blob) { 220 if (in.readInt32() != 1) { 221 return false; 222 } 223 224 blob->data_length = 0; 225 ssize_t length = in.readInt32(); 226 if (length <= 0) { 227 blob->data = nullptr; 228 return false; 229 } 230 231 blob->data = reinterpret_cast<const uint8_t*>(in.readInplace(length)); 232 if (blob->data) { 233 blob->data_length = static_cast<size_t>(length); 234 } 235 return true; 236} 237 238void KeymasterCertificateChain::readFromParcel(const Parcel& in) { 239 ssize_t count = in.readInt32(); 240 size_t ucount = count; 241 if (count < 0) { 242 ucount = 0; 243 } 244 keymaster_free_cert_chain(&chain); 245 chain.entries = new keymaster_blob_t[ucount]; 246 memset(chain.entries, 0, sizeof(keymaster_blob_t) * ucount); 247 for (size_t i = 0; i < ucount; ++i) { 248 if (!readKeymasterBlob(in, &chain.entries[i])) { 249 keymaster_free_cert_chain(&chain); 250 return; 251 } 252 } 253} 254 255void KeymasterCertificateChain::writeToParcel(Parcel* out) const { 256 out->writeInt32(chain.entry_count); 257 for (size_t i = 0; i < chain.entry_count; ++i) { 258 if (chain.entries[i].data) { 259 out->writeInt32(1); // Tell Java side that object is not NULL 260 out->writeInt32(chain.entries[i].data_length); 261 void* buf = out->writeInplace(chain.entries[i].data_length); 262 if (buf) { 263 memcpy(buf, chain.entries[i].data, chain.entries[i].data_length); 264 } else { 265 ALOGE("Failed to writeInplace keymaster cert chain entry"); 266 } 267 } else { 268 out->writeInt32(0); // Tell Java side this object is NULL. 269 ALOGE("Found NULL certificate chain entry"); 270 } 271 } 272} 273 274void writeKeymasterArgumentToParcel(const keymaster_key_param_t& param, Parcel* out) { 275 switch (keymaster_tag_get_type(param.tag)) { 276 case KM_ENUM: 277 case KM_ENUM_REP: { 278 out->writeInt32(param.tag); 279 out->writeInt32(param.enumerated); 280 break; 281 } 282 case KM_UINT: 283 case KM_UINT_REP: { 284 out->writeInt32(param.tag); 285 out->writeInt32(param.integer); 286 break; 287 } 288 case KM_ULONG: 289 case KM_ULONG_REP: { 290 out->writeInt32(param.tag); 291 out->writeInt64(param.long_integer); 292 break; 293 } 294 case KM_DATE: { 295 out->writeInt32(param.tag); 296 out->writeInt64(param.date_time); 297 break; 298 } 299 case KM_BOOL: { 300 out->writeInt32(param.tag); 301 break; 302 } 303 case KM_BIGNUM: 304 case KM_BYTES: { 305 out->writeInt32(param.tag); 306 out->writeInt32(param.blob.data_length); 307 void* buf = out->writeInplace(param.blob.data_length); 308 if (buf) { 309 memcpy(buf, param.blob.data, param.blob.data_length); 310 } else { 311 ALOGE("Failed to writeInplace keymaster blob param"); 312 } 313 break; 314 } 315 default: { 316 ALOGE("Failed to write argument: Unsupported keymaster_tag_t %d", param.tag); 317 } 318 } 319} 320 321 322bool readKeymasterArgumentFromParcel(const Parcel& in, keymaster_key_param_t* out) { 323 if (in.readInt32() == 0) { 324 return false; 325 } 326 keymaster_tag_t tag = static_cast<keymaster_tag_t>(in.readInt32()); 327 switch (keymaster_tag_get_type(tag)) { 328 case KM_ENUM: 329 case KM_ENUM_REP: { 330 uint32_t value = in.readInt32(); 331 *out = keymaster_param_enum(tag, value); 332 break; 333 } 334 case KM_UINT: 335 case KM_UINT_REP: { 336 uint32_t value = in.readInt32(); 337 *out = keymaster_param_int(tag, value); 338 break; 339 } 340 case KM_ULONG: 341 case KM_ULONG_REP: { 342 uint64_t value = in.readInt64(); 343 *out = keymaster_param_long(tag, value); 344 break; 345 } 346 case KM_DATE: { 347 uint64_t value = in.readInt64(); 348 *out = keymaster_param_date(tag, value); 349 break; 350 } 351 case KM_BOOL: { 352 *out = keymaster_param_bool(tag); 353 break; 354 } 355 case KM_BIGNUM: 356 case KM_BYTES: { 357 ssize_t length = in.readInt32(); 358 uint8_t* data = NULL; 359 size_t ulength = 0; 360 if (length >= 0) { 361 ulength = (size_t) length; 362 // use malloc here so we can use keymaster_free_param_values 363 // consistently. 364 data = reinterpret_cast<uint8_t*>(malloc(ulength)); 365 const void* buf = in.readInplace(ulength); 366 if (!buf || !data) { 367 ALOGE("Failed to allocate buffer for keymaster blob param"); 368 return false; 369 } 370 memcpy(data, buf, ulength); 371 } 372 *out = keymaster_param_blob(tag, data, ulength); 373 break; 374 } 375 default: { 376 ALOGE("Unsupported keymaster_tag_t %d", tag); 377 return false; 378 } 379 } 380 return true; 381} 382 383/** 384 * Read a byte array from in. The data at *data is still owned by the parcel 385 */ 386static void readByteArray(const Parcel& in, const uint8_t** data, size_t* length) { 387 ssize_t slength = in.readInt32(); 388 if (slength > 0) { 389 *data = reinterpret_cast<const uint8_t*>(in.readInplace(slength)); 390 if (*data) { 391 *length = static_cast<size_t>(slength); 392 } else { 393 *length = 0; 394 } 395 } else { 396 *data = NULL; 397 *length = 0; 398 } 399} 400 401// Read a keymaster_key_param_t* from a Parcel for use in a 402// keymaster_key_characteristics_t. This will be free'd by calling 403// keymaster_free_key_characteristics. 404static keymaster_key_param_t* readParamList(const Parcel& in, size_t* length) { 405 ssize_t slength = in.readInt32(); 406 *length = 0; 407 if (slength < 0) { 408 return NULL; 409 } 410 *length = (size_t) slength; 411 if (*length >= UINT_MAX / sizeof(keymaster_key_param_t)) { 412 return NULL; 413 } 414 keymaster_key_param_t* list = 415 reinterpret_cast<keymaster_key_param_t*>(malloc(*length * 416 sizeof(keymaster_key_param_t))); 417 if (!list) { 418 ALOGD("Failed to allocate buffer for generateKey outCharacteristics"); 419 goto err; 420 } 421 for (size_t i = 0; i < *length ; i++) { 422 if (!readKeymasterArgumentFromParcel(in, &list[i])) { 423 ALOGE("Failed to read keymaster argument"); 424 keymaster_free_param_values(list, i); 425 goto err; 426 } 427 } 428 return list; 429err: 430 free(list); 431 return NULL; 432} 433 434static std::unique_ptr<keymaster_blob_t> readKeymasterBlob(const Parcel& in) { 435 std::unique_ptr<keymaster_blob_t> blob (new keymaster_blob_t); 436 if (!readKeymasterBlob(in, blob.get())) { 437 blob.reset(); 438 } 439 return blob; 440} 441 442class BpKeystoreService: public BpInterface<IKeystoreService> 443{ 444public: 445 BpKeystoreService(const sp<IBinder>& impl) 446 : BpInterface<IKeystoreService>(impl) 447 { 448 } 449 450 // test ping 451 virtual int32_t getState(int32_t userId) 452 { 453 Parcel data, reply; 454 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 455 data.writeInt32(userId); 456 status_t status = remote()->transact(BnKeystoreService::GET_STATE, data, &reply); 457 if (status != NO_ERROR) { 458 ALOGD("getState() could not contact remote: %d\n", status); 459 return -1; 460 } 461 int32_t err = reply.readExceptionCode(); 462 int32_t ret = reply.readInt32(); 463 if (err < 0) { 464 ALOGD("getState() caught exception %d\n", err); 465 return -1; 466 } 467 return ret; 468 } 469 470 virtual int32_t get(const String16& name, uint8_t** item, size_t* itemLength) 471 { 472 Parcel data, reply; 473 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 474 data.writeString16(name); 475 status_t status = remote()->transact(BnKeystoreService::GET, data, &reply); 476 if (status != NO_ERROR) { 477 ALOGD("get() could not contact remote: %d\n", status); 478 return -1; 479 } 480 int32_t err = reply.readExceptionCode(); 481 ssize_t len = reply.readInt32(); 482 if (len >= 0 && (size_t) len <= reply.dataAvail()) { 483 size_t ulen = (size_t) len; 484 const void* buf = reply.readInplace(ulen); 485 *item = (uint8_t*) malloc(ulen); 486 if (*item != NULL) { 487 memcpy(*item, buf, ulen); 488 *itemLength = ulen; 489 } else { 490 ALOGE("out of memory allocating output array in get"); 491 *itemLength = 0; 492 } 493 } else { 494 *itemLength = 0; 495 } 496 if (err < 0) { 497 ALOGD("get() caught exception %d\n", err); 498 return -1; 499 } 500 return 0; 501 } 502 503 virtual int32_t insert(const String16& name, const uint8_t* item, size_t itemLength, int uid, 504 int32_t flags) 505 { 506 Parcel data, reply; 507 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 508 data.writeString16(name); 509 data.writeInt32(itemLength); 510 void* buf = data.writeInplace(itemLength); 511 memcpy(buf, item, itemLength); 512 data.writeInt32(uid); 513 data.writeInt32(flags); 514 status_t status = remote()->transact(BnKeystoreService::INSERT, data, &reply); 515 if (status != NO_ERROR) { 516 ALOGD("import() could not contact remote: %d\n", status); 517 return -1; 518 } 519 int32_t err = reply.readExceptionCode(); 520 int32_t ret = reply.readInt32(); 521 if (err < 0) { 522 ALOGD("import() caught exception %d\n", err); 523 return -1; 524 } 525 return ret; 526 } 527 528 virtual int32_t del(const String16& name, int uid) 529 { 530 Parcel data, reply; 531 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 532 data.writeString16(name); 533 data.writeInt32(uid); 534 status_t status = remote()->transact(BnKeystoreService::DEL, data, &reply); 535 if (status != NO_ERROR) { 536 ALOGD("del() could not contact remote: %d\n", status); 537 return -1; 538 } 539 int32_t err = reply.readExceptionCode(); 540 int32_t ret = reply.readInt32(); 541 if (err < 0) { 542 ALOGD("del() caught exception %d\n", err); 543 return -1; 544 } 545 return ret; 546 } 547 548 virtual int32_t exist(const String16& name, int uid) 549 { 550 Parcel data, reply; 551 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 552 data.writeString16(name); 553 data.writeInt32(uid); 554 status_t status = remote()->transact(BnKeystoreService::EXIST, data, &reply); 555 if (status != NO_ERROR) { 556 ALOGD("exist() could not contact remote: %d\n", status); 557 return -1; 558 } 559 int32_t err = reply.readExceptionCode(); 560 int32_t ret = reply.readInt32(); 561 if (err < 0) { 562 ALOGD("exist() caught exception %d\n", err); 563 return -1; 564 } 565 return ret; 566 } 567 568 virtual int32_t list(const String16& prefix, int uid, Vector<String16>* matches) 569 { 570 Parcel data, reply; 571 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 572 data.writeString16(prefix); 573 data.writeInt32(uid); 574 status_t status = remote()->transact(BnKeystoreService::LIST, data, &reply); 575 if (status != NO_ERROR) { 576 ALOGD("list() could not contact remote: %d\n", status); 577 return -1; 578 } 579 int32_t err = reply.readExceptionCode(); 580 int32_t numMatches = reply.readInt32(); 581 for (int32_t i = 0; i < numMatches; i++) { 582 matches->push(reply.readString16()); 583 } 584 int32_t ret = reply.readInt32(); 585 if (err < 0) { 586 ALOGD("list() caught exception %d\n", err); 587 return -1; 588 } 589 return ret; 590 } 591 592 virtual int32_t reset() 593 { 594 Parcel data, reply; 595 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 596 status_t status = remote()->transact(BnKeystoreService::RESET, data, &reply); 597 if (status != NO_ERROR) { 598 ALOGD("reset() could not contact remote: %d\n", status); 599 return -1; 600 } 601 int32_t err = reply.readExceptionCode(); 602 int32_t ret = reply.readInt32(); 603 if (err < 0) { 604 ALOGD("reset() caught exception %d\n", err); 605 return -1; 606 } 607 return ret; 608 } 609 610 virtual int32_t onUserPasswordChanged(int32_t userId, const String16& password) 611 { 612 Parcel data, reply; 613 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 614 data.writeInt32(userId); 615 data.writeString16(password); 616 status_t status = remote()->transact(BnKeystoreService::ON_USER_PASSWORD_CHANGED, data, 617 &reply); 618 if (status != NO_ERROR) { 619 ALOGD("onUserPasswordChanged() could not contact remote: %d\n", status); 620 return -1; 621 } 622 int32_t err = reply.readExceptionCode(); 623 int32_t ret = reply.readInt32(); 624 if (err < 0) { 625 ALOGD("onUserPasswordChanged() caught exception %d\n", err); 626 return -1; 627 } 628 return ret; 629 } 630 631 virtual int32_t lock(int32_t userId) 632 { 633 Parcel data, reply; 634 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 635 data.writeInt32(userId); 636 status_t status = remote()->transact(BnKeystoreService::LOCK, data, &reply); 637 if (status != NO_ERROR) { 638 ALOGD("lock() could not contact remote: %d\n", status); 639 return -1; 640 } 641 int32_t err = reply.readExceptionCode(); 642 int32_t ret = reply.readInt32(); 643 if (err < 0) { 644 ALOGD("lock() caught exception %d\n", err); 645 return -1; 646 } 647 return ret; 648 } 649 650 virtual int32_t unlock(int32_t userId, const String16& password) 651 { 652 Parcel data, reply; 653 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 654 data.writeInt32(userId); 655 data.writeString16(password); 656 status_t status = remote()->transact(BnKeystoreService::UNLOCK, data, &reply); 657 if (status != NO_ERROR) { 658 ALOGD("unlock() could not contact remote: %d\n", status); 659 return -1; 660 } 661 int32_t err = reply.readExceptionCode(); 662 int32_t ret = reply.readInt32(); 663 if (err < 0) { 664 ALOGD("unlock() caught exception %d\n", err); 665 return -1; 666 } 667 return ret; 668 } 669 670 virtual bool isEmpty(int32_t userId) 671 { 672 Parcel data, reply; 673 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 674 data.writeInt32(userId); 675 status_t status = remote()->transact(BnKeystoreService::IS_EMPTY, data, &reply); 676 if (status != NO_ERROR) { 677 ALOGD("isEmpty() could not contact remote: %d\n", status); 678 return false; 679 } 680 int32_t err = reply.readExceptionCode(); 681 int32_t ret = reply.readInt32(); 682 if (err < 0) { 683 ALOGD("isEmpty() caught exception %d\n", err); 684 return false; 685 } 686 return ret != 0; 687 } 688 689 virtual int32_t generate(const String16& name, int32_t uid, int32_t keyType, int32_t keySize, 690 int32_t flags, Vector<sp<KeystoreArg> >* args) 691 { 692 Parcel data, reply; 693 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 694 data.writeString16(name); 695 data.writeInt32(uid); 696 data.writeInt32(keyType); 697 data.writeInt32(keySize); 698 data.writeInt32(flags); 699 data.writeInt32(1); 700 data.writeInt32(args->size()); 701 for (Vector<sp<KeystoreArg> >::iterator it = args->begin(); it != args->end(); ++it) { 702 sp<KeystoreArg> item = *it; 703 size_t keyLength = item->size(); 704 data.writeInt32(keyLength); 705 void* buf = data.writeInplace(keyLength); 706 memcpy(buf, item->data(), keyLength); 707 } 708 status_t status = remote()->transact(BnKeystoreService::GENERATE, data, &reply); 709 if (status != NO_ERROR) { 710 ALOGD("generate() could not contact remote: %d\n", status); 711 return -1; 712 } 713 int32_t err = reply.readExceptionCode(); 714 int32_t ret = reply.readInt32(); 715 if (err < 0) { 716 ALOGD("generate() caught exception %d\n", err); 717 return -1; 718 } 719 return ret; 720 } 721 722 virtual int32_t import(const String16& name, const uint8_t* key, size_t keyLength, int uid, 723 int flags) 724 { 725 Parcel data, reply; 726 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 727 data.writeString16(name); 728 data.writeInt32(keyLength); 729 void* buf = data.writeInplace(keyLength); 730 memcpy(buf, key, keyLength); 731 data.writeInt32(uid); 732 data.writeInt32(flags); 733 status_t status = remote()->transact(BnKeystoreService::IMPORT, data, &reply); 734 if (status != NO_ERROR) { 735 ALOGD("import() could not contact remote: %d\n", status); 736 return -1; 737 } 738 int32_t err = reply.readExceptionCode(); 739 int32_t ret = reply.readInt32(); 740 if (err < 0) { 741 ALOGD("import() caught exception %d\n", err); 742 return -1; 743 } 744 return ret; 745 } 746 747 virtual int32_t sign(const String16& name, const uint8_t* in, size_t inLength, uint8_t** out, 748 size_t* outLength) 749 { 750 Parcel data, reply; 751 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 752 data.writeString16(name); 753 data.writeInt32(inLength); 754 void* buf = data.writeInplace(inLength); 755 memcpy(buf, in, inLength); 756 status_t status = remote()->transact(BnKeystoreService::SIGN, data, &reply); 757 if (status != NO_ERROR) { 758 ALOGD("import() could not contact remote: %d\n", status); 759 return -1; 760 } 761 int32_t err = reply.readExceptionCode(); 762 ssize_t len = reply.readInt32(); 763 if (len >= 0 && (size_t) len <= reply.dataAvail()) { 764 size_t ulen = (size_t) len; 765 const void* outBuf = reply.readInplace(ulen); 766 *out = (uint8_t*) malloc(ulen); 767 if (*out != NULL) { 768 memcpy((void*) *out, outBuf, ulen); 769 *outLength = ulen; 770 } else { 771 ALOGE("out of memory allocating output array in sign"); 772 *outLength = 0; 773 } 774 } else { 775 *outLength = 0; 776 } 777 if (err < 0) { 778 ALOGD("import() caught exception %d\n", err); 779 return -1; 780 } 781 return 0; 782 } 783 784 virtual int32_t verify(const String16& name, const uint8_t* in, size_t inLength, 785 const uint8_t* signature, size_t signatureLength) 786 { 787 Parcel data, reply; 788 void* buf; 789 790 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 791 data.writeString16(name); 792 data.writeInt32(inLength); 793 buf = data.writeInplace(inLength); 794 memcpy(buf, in, inLength); 795 data.writeInt32(signatureLength); 796 buf = data.writeInplace(signatureLength); 797 memcpy(buf, signature, signatureLength); 798 status_t status = remote()->transact(BnKeystoreService::VERIFY, data, &reply); 799 if (status != NO_ERROR) { 800 ALOGD("verify() could not contact remote: %d\n", status); 801 return -1; 802 } 803 int32_t err = reply.readExceptionCode(); 804 int32_t ret = reply.readInt32(); 805 if (err < 0) { 806 ALOGD("verify() caught exception %d\n", err); 807 return -1; 808 } 809 return ret; 810 } 811 812 virtual int32_t get_pubkey(const String16& name, uint8_t** pubkey, size_t* pubkeyLength) 813 { 814 Parcel data, reply; 815 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 816 data.writeString16(name); 817 status_t status = remote()->transact(BnKeystoreService::GET_PUBKEY, data, &reply); 818 if (status != NO_ERROR) { 819 ALOGD("get_pubkey() could not contact remote: %d\n", status); 820 return -1; 821 } 822 int32_t err = reply.readExceptionCode(); 823 ssize_t len = reply.readInt32(); 824 if (len >= 0 && (size_t) len <= reply.dataAvail()) { 825 size_t ulen = (size_t) len; 826 const void* buf = reply.readInplace(ulen); 827 *pubkey = (uint8_t*) malloc(ulen); 828 if (*pubkey != NULL) { 829 memcpy(*pubkey, buf, ulen); 830 *pubkeyLength = ulen; 831 } else { 832 ALOGE("out of memory allocating output array in get_pubkey"); 833 *pubkeyLength = 0; 834 } 835 } else { 836 *pubkeyLength = 0; 837 } 838 if (err < 0) { 839 ALOGD("get_pubkey() caught exception %d\n", err); 840 return -1; 841 } 842 return 0; 843 } 844 845 virtual int32_t grant(const String16& name, int32_t granteeUid) 846 { 847 Parcel data, reply; 848 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 849 data.writeString16(name); 850 data.writeInt32(granteeUid); 851 status_t status = remote()->transact(BnKeystoreService::GRANT, data, &reply); 852 if (status != NO_ERROR) { 853 ALOGD("grant() could not contact remote: %d\n", status); 854 return -1; 855 } 856 int32_t err = reply.readExceptionCode(); 857 int32_t ret = reply.readInt32(); 858 if (err < 0) { 859 ALOGD("grant() caught exception %d\n", err); 860 return -1; 861 } 862 return ret; 863 } 864 865 virtual int32_t ungrant(const String16& name, int32_t granteeUid) 866 { 867 Parcel data, reply; 868 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 869 data.writeString16(name); 870 data.writeInt32(granteeUid); 871 status_t status = remote()->transact(BnKeystoreService::UNGRANT, data, &reply); 872 if (status != NO_ERROR) { 873 ALOGD("ungrant() could not contact remote: %d\n", status); 874 return -1; 875 } 876 int32_t err = reply.readExceptionCode(); 877 int32_t ret = reply.readInt32(); 878 if (err < 0) { 879 ALOGD("ungrant() caught exception %d\n", err); 880 return -1; 881 } 882 return ret; 883 } 884 885 int64_t getmtime(const String16& name) 886 { 887 Parcel data, reply; 888 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 889 data.writeString16(name); 890 status_t status = remote()->transact(BnKeystoreService::GETMTIME, data, &reply); 891 if (status != NO_ERROR) { 892 ALOGD("getmtime() could not contact remote: %d\n", status); 893 return -1; 894 } 895 int32_t err = reply.readExceptionCode(); 896 int64_t ret = reply.readInt64(); 897 if (err < 0) { 898 ALOGD("getmtime() caught exception %d\n", err); 899 return -1; 900 } 901 return ret; 902 } 903 904 virtual int32_t duplicate(const String16& srcKey, int32_t srcUid, const String16& destKey, 905 int32_t destUid) 906 { 907 Parcel data, reply; 908 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 909 data.writeString16(srcKey); 910 data.writeInt32(srcUid); 911 data.writeString16(destKey); 912 data.writeInt32(destUid); 913 status_t status = remote()->transact(BnKeystoreService::DUPLICATE, data, &reply); 914 if (status != NO_ERROR) { 915 ALOGD("duplicate() could not contact remote: %d\n", status); 916 return -1; 917 } 918 int32_t err = reply.readExceptionCode(); 919 int32_t ret = reply.readInt32(); 920 if (err < 0) { 921 ALOGD("duplicate() caught exception %d\n", err); 922 return -1; 923 } 924 return ret; 925 } 926 927 virtual int32_t is_hardware_backed(const String16& keyType) 928 { 929 Parcel data, reply; 930 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 931 data.writeString16(keyType); 932 status_t status = remote()->transact(BnKeystoreService::IS_HARDWARE_BACKED, data, &reply); 933 if (status != NO_ERROR) { 934 ALOGD("is_hardware_backed() could not contact remote: %d\n", status); 935 return -1; 936 } 937 int32_t err = reply.readExceptionCode(); 938 int32_t ret = reply.readInt32(); 939 if (err < 0) { 940 ALOGD("is_hardware_backed() caught exception %d\n", err); 941 return -1; 942 } 943 return ret; 944 } 945 946 virtual int32_t clear_uid(int64_t uid) 947 { 948 Parcel data, reply; 949 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 950 data.writeInt64(uid); 951 status_t status = remote()->transact(BnKeystoreService::CLEAR_UID, data, &reply); 952 if (status != NO_ERROR) { 953 ALOGD("clear_uid() could not contact remote: %d\n", status); 954 return -1; 955 } 956 int32_t err = reply.readExceptionCode(); 957 int32_t ret = reply.readInt32(); 958 if (err < 0) { 959 ALOGD("clear_uid() caught exception %d\n", err); 960 return -1; 961 } 962 return ret; 963 } 964 965 virtual int32_t addRngEntropy(const uint8_t* buf, size_t bufLength) 966 { 967 Parcel data, reply; 968 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 969 data.writeByteArray(bufLength, buf); 970 status_t status = remote()->transact(BnKeystoreService::ADD_RNG_ENTROPY, data, &reply); 971 if (status != NO_ERROR) { 972 ALOGD("addRngEntropy() could not contact remote: %d\n", status); 973 return -1; 974 } 975 int32_t err = reply.readExceptionCode(); 976 int32_t ret = reply.readInt32(); 977 if (err < 0) { 978 ALOGD("addRngEntropy() caught exception %d\n", err); 979 return -1; 980 } 981 return ret; 982 }; 983 984 virtual int32_t generateKey(const String16& name, const KeymasterArguments& params, 985 const uint8_t* entropy, size_t entropyLength, int uid, int flags, 986 KeyCharacteristics* outCharacteristics) 987 { 988 Parcel data, reply; 989 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 990 data.writeString16(name); 991 data.writeInt32(1); 992 params.writeToParcel(&data); 993 data.writeByteArray(entropyLength, entropy); 994 data.writeInt32(uid); 995 data.writeInt32(flags); 996 status_t status = remote()->transact(BnKeystoreService::GENERATE_KEY, data, &reply); 997 if (status != NO_ERROR) { 998 ALOGD("generateKey() could not contact remote: %d\n", status); 999 return KM_ERROR_UNKNOWN_ERROR; 1000 } 1001 int32_t err = reply.readExceptionCode(); 1002 int32_t ret = reply.readInt32(); 1003 if (err < 0) { 1004 ALOGD("generateKey() caught exception %d\n", err); 1005 return KM_ERROR_UNKNOWN_ERROR; 1006 } 1007 if (reply.readInt32() != 0 && outCharacteristics) { 1008 outCharacteristics->readFromParcel(reply); 1009 } 1010 return ret; 1011 } 1012 virtual int32_t getKeyCharacteristics(const String16& name, 1013 const keymaster_blob_t* clientId, 1014 const keymaster_blob_t* appData, 1015 KeyCharacteristics* outCharacteristics) 1016 { 1017 Parcel data, reply; 1018 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 1019 data.writeString16(name); 1020 if (clientId) { 1021 data.writeByteArray(clientId->data_length, clientId->data); 1022 } else { 1023 data.writeInt32(-1); 1024 } 1025 if (appData) { 1026 data.writeByteArray(appData->data_length, appData->data); 1027 } else { 1028 data.writeInt32(-1); 1029 } 1030 status_t status = remote()->transact(BnKeystoreService::GET_KEY_CHARACTERISTICS, 1031 data, &reply); 1032 if (status != NO_ERROR) { 1033 ALOGD("getKeyCharacteristics() could not contact remote: %d\n", status); 1034 return KM_ERROR_UNKNOWN_ERROR; 1035 } 1036 int32_t err = reply.readExceptionCode(); 1037 int32_t ret = reply.readInt32(); 1038 if (err < 0) { 1039 ALOGD("getKeyCharacteristics() caught exception %d\n", err); 1040 return KM_ERROR_UNKNOWN_ERROR; 1041 } 1042 if (reply.readInt32() != 0 && outCharacteristics) { 1043 outCharacteristics->readFromParcel(reply); 1044 } 1045 return ret; 1046 } 1047 virtual int32_t importKey(const String16& name, const KeymasterArguments& params, 1048 keymaster_key_format_t format, const uint8_t *keyData, 1049 size_t keyLength, int uid, int flags, 1050 KeyCharacteristics* outCharacteristics) 1051 { 1052 Parcel data, reply; 1053 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 1054 data.writeString16(name); 1055 data.writeInt32(1); 1056 params.writeToParcel(&data); 1057 data.writeInt32(format); 1058 data.writeByteArray(keyLength, keyData); 1059 data.writeInt32(uid); 1060 data.writeInt32(flags); 1061 status_t status = remote()->transact(BnKeystoreService::IMPORT_KEY, data, &reply); 1062 if (status != NO_ERROR) { 1063 ALOGD("importKey() could not contact remote: %d\n", status); 1064 return KM_ERROR_UNKNOWN_ERROR; 1065 } 1066 int32_t err = reply.readExceptionCode(); 1067 int32_t ret = reply.readInt32(); 1068 if (err < 0) { 1069 ALOGD("importKey() caught exception %d\n", err); 1070 return KM_ERROR_UNKNOWN_ERROR; 1071 } 1072 if (reply.readInt32() != 0 && outCharacteristics) { 1073 outCharacteristics->readFromParcel(reply); 1074 } 1075 return ret; 1076 } 1077 1078 virtual void exportKey(const String16& name, keymaster_key_format_t format, 1079 const keymaster_blob_t* clientId, 1080 const keymaster_blob_t* appData, ExportResult* result) 1081 { 1082 if (!result) { 1083 return; 1084 } 1085 1086 Parcel data, reply; 1087 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 1088 data.writeString16(name); 1089 data.writeInt32(format); 1090 if (clientId) { 1091 data.writeByteArray(clientId->data_length, clientId->data); 1092 } else { 1093 data.writeInt32(-1); 1094 } 1095 if (appData) { 1096 data.writeByteArray(appData->data_length, appData->data); 1097 } else { 1098 data.writeInt32(-1); 1099 } 1100 status_t status = remote()->transact(BnKeystoreService::EXPORT_KEY, data, &reply); 1101 if (status != NO_ERROR) { 1102 ALOGD("exportKey() could not contact remote: %d\n", status); 1103 result->resultCode = KM_ERROR_UNKNOWN_ERROR; 1104 return; 1105 } 1106 int32_t err = reply.readExceptionCode(); 1107 if (err < 0) { 1108 ALOGD("exportKey() caught exception %d\n", err); 1109 result->resultCode = KM_ERROR_UNKNOWN_ERROR; 1110 return; 1111 } 1112 if (reply.readInt32() != 0) { 1113 result->readFromParcel(reply); 1114 } 1115 } 1116 1117 virtual void begin(const sp<IBinder>& appToken, const String16& name, 1118 keymaster_purpose_t purpose, bool pruneable, 1119 const KeymasterArguments& params, const uint8_t* entropy, 1120 size_t entropyLength, OperationResult* result) 1121 { 1122 if (!result) { 1123 return; 1124 } 1125 Parcel data, reply; 1126 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 1127 data.writeStrongBinder(appToken); 1128 data.writeString16(name); 1129 data.writeInt32(purpose); 1130 data.writeInt32(pruneable ? 1 : 0); 1131 data.writeInt32(1); 1132 params.writeToParcel(&data); 1133 data.writeByteArray(entropyLength, entropy); 1134 status_t status = remote()->transact(BnKeystoreService::BEGIN, data, &reply); 1135 if (status != NO_ERROR) { 1136 ALOGD("begin() could not contact remote: %d\n", status); 1137 result->resultCode = KM_ERROR_UNKNOWN_ERROR; 1138 return; 1139 } 1140 int32_t err = reply.readExceptionCode(); 1141 if (err < 0) { 1142 ALOGD("begin() caught exception %d\n", err); 1143 result->resultCode = KM_ERROR_UNKNOWN_ERROR; 1144 return; 1145 } 1146 if (reply.readInt32() != 0) { 1147 result->readFromParcel(reply); 1148 } 1149 } 1150 1151 virtual void update(const sp<IBinder>& token, const KeymasterArguments& params, 1152 const uint8_t* opData, size_t dataLength, OperationResult* result) 1153 { 1154 if (!result) { 1155 return; 1156 } 1157 Parcel data, reply; 1158 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 1159 data.writeStrongBinder(token); 1160 data.writeInt32(1); 1161 params.writeToParcel(&data); 1162 data.writeByteArray(dataLength, opData); 1163 status_t status = remote()->transact(BnKeystoreService::UPDATE, data, &reply); 1164 if (status != NO_ERROR) { 1165 ALOGD("update() could not contact remote: %d\n", status); 1166 result->resultCode = KM_ERROR_UNKNOWN_ERROR; 1167 return; 1168 } 1169 int32_t err = reply.readExceptionCode(); 1170 if (err < 0) { 1171 ALOGD("update() caught exception %d\n", err); 1172 result->resultCode = KM_ERROR_UNKNOWN_ERROR; 1173 return; 1174 } 1175 if (reply.readInt32() != 0) { 1176 result->readFromParcel(reply); 1177 } 1178 } 1179 1180 virtual void finish(const sp<IBinder>& token, const KeymasterArguments& params, 1181 const uint8_t* signature, size_t signatureLength, 1182 const uint8_t* entropy, size_t entropyLength, 1183 OperationResult* result) 1184 { 1185 if (!result) { 1186 return; 1187 } 1188 Parcel data, reply; 1189 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 1190 data.writeStrongBinder(token); 1191 data.writeInt32(1); 1192 params.writeToParcel(&data); 1193 data.writeByteArray(signatureLength, signature); 1194 data.writeByteArray(entropyLength, entropy); 1195 status_t status = remote()->transact(BnKeystoreService::FINISH, data, &reply); 1196 if (status != NO_ERROR) { 1197 ALOGD("finish() could not contact remote: %d\n", status); 1198 result->resultCode = KM_ERROR_UNKNOWN_ERROR; 1199 return; 1200 } 1201 int32_t err = reply.readExceptionCode(); 1202 if (err < 0) { 1203 ALOGD("finish() caught exception %d\n", err); 1204 result->resultCode = KM_ERROR_UNKNOWN_ERROR; 1205 return; 1206 } 1207 if (reply.readInt32() != 0) { 1208 result->readFromParcel(reply); 1209 } 1210 } 1211 1212 virtual int32_t abort(const sp<IBinder>& token) 1213 { 1214 Parcel data, reply; 1215 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 1216 data.writeStrongBinder(token); 1217 status_t status = remote()->transact(BnKeystoreService::ABORT, data, &reply); 1218 if (status != NO_ERROR) { 1219 ALOGD("abort() could not contact remote: %d\n", status); 1220 return KM_ERROR_UNKNOWN_ERROR; 1221 } 1222 int32_t err = reply.readExceptionCode(); 1223 int32_t ret = reply.readInt32(); 1224 if (err < 0) { 1225 ALOGD("abort() caught exception %d\n", err); 1226 return KM_ERROR_UNKNOWN_ERROR; 1227 } 1228 return ret; 1229 } 1230 1231 virtual bool isOperationAuthorized(const sp<IBinder>& token) 1232 { 1233 Parcel data, reply; 1234 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 1235 data.writeStrongBinder(token); 1236 status_t status = remote()->transact(BnKeystoreService::IS_OPERATION_AUTHORIZED, data, 1237 &reply); 1238 if (status != NO_ERROR) { 1239 ALOGD("isOperationAuthorized() could not contact remote: %d\n", status); 1240 return false; 1241 } 1242 int32_t err = reply.readExceptionCode(); 1243 int32_t ret = reply.readInt32(); 1244 if (err < 0) { 1245 ALOGD("isOperationAuthorized() caught exception %d\n", err); 1246 return false; 1247 } 1248 return ret == 1; 1249 } 1250 1251 virtual int32_t addAuthToken(const uint8_t* token, size_t length) 1252 { 1253 Parcel data, reply; 1254 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 1255 data.writeByteArray(length, token); 1256 status_t status = remote()->transact(BnKeystoreService::ADD_AUTH_TOKEN, data, &reply); 1257 if (status != NO_ERROR) { 1258 ALOGD("addAuthToken() could not contact remote: %d\n", status); 1259 return -1; 1260 } 1261 int32_t err = reply.readExceptionCode(); 1262 int32_t ret = reply.readInt32(); 1263 if (err < 0) { 1264 ALOGD("addAuthToken() caught exception %d\n", err); 1265 return -1; 1266 } 1267 return ret; 1268 }; 1269 1270 virtual int32_t onUserAdded(int32_t userId, int32_t parentId) 1271 { 1272 Parcel data, reply; 1273 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 1274 data.writeInt32(userId); 1275 data.writeInt32(parentId); 1276 status_t status = remote()->transact(BnKeystoreService::ON_USER_ADDED, data, &reply); 1277 if (status != NO_ERROR) { 1278 ALOGD("onUserAdded() could not contact remote: %d\n", status); 1279 return -1; 1280 } 1281 int32_t err = reply.readExceptionCode(); 1282 int32_t ret = reply.readInt32(); 1283 if (err < 0) { 1284 ALOGD("onUserAdded() caught exception %d\n", err); 1285 return -1; 1286 } 1287 return ret; 1288 } 1289 1290 virtual int32_t onUserRemoved(int32_t userId) 1291 { 1292 Parcel data, reply; 1293 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 1294 data.writeInt32(userId); 1295 status_t status = remote()->transact(BnKeystoreService::ON_USER_REMOVED, data, &reply); 1296 if (status != NO_ERROR) { 1297 ALOGD("onUserRemoved() could not contact remote: %d\n", status); 1298 return -1; 1299 } 1300 int32_t err = reply.readExceptionCode(); 1301 int32_t ret = reply.readInt32(); 1302 if (err < 0) { 1303 ALOGD("onUserRemoved() caught exception %d\n", err); 1304 return -1; 1305 } 1306 return ret; 1307 } 1308 1309 virtual int32_t attestKey(const String16& name, const KeymasterArguments& params, 1310 KeymasterCertificateChain* outChain) { 1311 if (!outChain) 1312 return KM_ERROR_OUTPUT_PARAMETER_NULL; 1313 1314 Parcel data, reply; 1315 data.writeInterfaceToken(IKeystoreService::getInterfaceDescriptor()); 1316 data.writeString16(name); 1317 data.writeInt32(1); // params is not NULL. 1318 params.writeToParcel(&data); 1319 1320 status_t status = remote()->transact(BnKeystoreService::ATTEST_KEY, data, &reply); 1321 if (status != NO_ERROR) { 1322 ALOGD("attestkey() count not contact remote: %d\n", status); 1323 return KM_ERROR_UNKNOWN_ERROR; 1324 } 1325 int32_t err = reply.readExceptionCode(); 1326 int32_t ret = reply.readInt32(); 1327 if (err < 0) { 1328 ALOGD("attestKey() caught exception %d\n", err); 1329 return KM_ERROR_UNKNOWN_ERROR; 1330 } 1331 if (reply.readInt32() != 0) { 1332 outChain->readFromParcel(reply); 1333 } 1334 return ret; 1335 } 1336 1337}; 1338 1339IMPLEMENT_META_INTERFACE(KeystoreService, "android.security.IKeystoreService"); 1340 1341// ---------------------------------------------------------------------- 1342 1343status_t BnKeystoreService::onTransact( 1344 uint32_t code, const Parcel& data, Parcel* reply, uint32_t flags) 1345{ 1346 switch(code) { 1347 case GET_STATE: { 1348 CHECK_INTERFACE(IKeystoreService, data, reply); 1349 int32_t userId = data.readInt32(); 1350 int32_t ret = getState(userId); 1351 reply->writeNoException(); 1352 reply->writeInt32(ret); 1353 return NO_ERROR; 1354 } break; 1355 case GET: { 1356 CHECK_INTERFACE(IKeystoreService, data, reply); 1357 String16 name = data.readString16(); 1358 void* out = NULL; 1359 size_t outSize = 0; 1360 int32_t ret = get(name, (uint8_t**) &out, &outSize); 1361 reply->writeNoException(); 1362 if (ret == 1) { 1363 reply->writeInt32(outSize); 1364 void* buf = reply->writeInplace(outSize); 1365 memcpy(buf, out, outSize); 1366 free(out); 1367 } else { 1368 reply->writeInt32(-1); 1369 } 1370 return NO_ERROR; 1371 } break; 1372 case INSERT: { 1373 CHECK_INTERFACE(IKeystoreService, data, reply); 1374 String16 name = data.readString16(); 1375 ssize_t inSize = data.readInt32(); 1376 const void* in; 1377 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) { 1378 in = data.readInplace(inSize); 1379 } else { 1380 in = NULL; 1381 inSize = 0; 1382 } 1383 int uid = data.readInt32(); 1384 int32_t flags = data.readInt32(); 1385 int32_t ret = insert(name, (const uint8_t*) in, (size_t) inSize, uid, flags); 1386 reply->writeNoException(); 1387 reply->writeInt32(ret); 1388 return NO_ERROR; 1389 } break; 1390 case DEL: { 1391 CHECK_INTERFACE(IKeystoreService, data, reply); 1392 String16 name = data.readString16(); 1393 int uid = data.readInt32(); 1394 int32_t ret = del(name, uid); 1395 reply->writeNoException(); 1396 reply->writeInt32(ret); 1397 return NO_ERROR; 1398 } break; 1399 case EXIST: { 1400 CHECK_INTERFACE(IKeystoreService, data, reply); 1401 String16 name = data.readString16(); 1402 int uid = data.readInt32(); 1403 int32_t ret = exist(name, uid); 1404 reply->writeNoException(); 1405 reply->writeInt32(ret); 1406 return NO_ERROR; 1407 } break; 1408 case LIST: { 1409 CHECK_INTERFACE(IKeystoreService, data, reply); 1410 String16 prefix = data.readString16(); 1411 int uid = data.readInt32(); 1412 Vector<String16> matches; 1413 int32_t ret = list(prefix, uid, &matches); 1414 reply->writeNoException(); 1415 reply->writeInt32(matches.size()); 1416 Vector<String16>::const_iterator it = matches.begin(); 1417 for (; it != matches.end(); ++it) { 1418 reply->writeString16(*it); 1419 } 1420 reply->writeInt32(ret); 1421 return NO_ERROR; 1422 } break; 1423 case RESET: { 1424 CHECK_INTERFACE(IKeystoreService, data, reply); 1425 int32_t ret = reset(); 1426 reply->writeNoException(); 1427 reply->writeInt32(ret); 1428 return NO_ERROR; 1429 } break; 1430 case ON_USER_PASSWORD_CHANGED: { 1431 CHECK_INTERFACE(IKeystoreService, data, reply); 1432 int32_t userId = data.readInt32(); 1433 String16 pass = data.readString16(); 1434 int32_t ret = onUserPasswordChanged(userId, pass); 1435 reply->writeNoException(); 1436 reply->writeInt32(ret); 1437 return NO_ERROR; 1438 } break; 1439 case LOCK: { 1440 CHECK_INTERFACE(IKeystoreService, data, reply); 1441 int32_t userId = data.readInt32(); 1442 int32_t ret = lock(userId); 1443 reply->writeNoException(); 1444 reply->writeInt32(ret); 1445 return NO_ERROR; 1446 } break; 1447 case UNLOCK: { 1448 CHECK_INTERFACE(IKeystoreService, data, reply); 1449 int32_t userId = data.readInt32(); 1450 String16 pass = data.readString16(); 1451 int32_t ret = unlock(userId, pass); 1452 reply->writeNoException(); 1453 reply->writeInt32(ret); 1454 return NO_ERROR; 1455 } break; 1456 case IS_EMPTY: { 1457 CHECK_INTERFACE(IKeystoreService, data, reply); 1458 int32_t userId = data.readInt32(); 1459 bool ret = isEmpty(userId); 1460 reply->writeNoException(); 1461 reply->writeInt32(ret ? 1 : 0); 1462 return NO_ERROR; 1463 } break; 1464 case GENERATE: { 1465 CHECK_INTERFACE(IKeystoreService, data, reply); 1466 String16 name = data.readString16(); 1467 int32_t uid = data.readInt32(); 1468 int32_t keyType = data.readInt32(); 1469 int32_t keySize = data.readInt32(); 1470 int32_t flags = data.readInt32(); 1471 Vector<sp<KeystoreArg> > args; 1472 int32_t argsPresent = data.readInt32(); 1473 if (argsPresent == 1) { 1474 ssize_t numArgs = data.readInt32(); 1475 if (numArgs > MAX_GENERATE_ARGS) { 1476 return BAD_VALUE; 1477 } 1478 if (numArgs > 0) { 1479 for (size_t i = 0; i < (size_t) numArgs; i++) { 1480 ssize_t inSize = data.readInt32(); 1481 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) { 1482 sp<KeystoreArg> arg = new KeystoreArg(data.readInplace(inSize), 1483 inSize); 1484 args.push_back(arg); 1485 } else { 1486 args.push_back(NULL); 1487 } 1488 } 1489 } 1490 } 1491 int32_t ret = generate(name, uid, keyType, keySize, flags, &args); 1492 reply->writeNoException(); 1493 reply->writeInt32(ret); 1494 return NO_ERROR; 1495 } break; 1496 case IMPORT: { 1497 CHECK_INTERFACE(IKeystoreService, data, reply); 1498 String16 name = data.readString16(); 1499 ssize_t inSize = data.readInt32(); 1500 const void* in; 1501 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) { 1502 in = data.readInplace(inSize); 1503 } else { 1504 in = NULL; 1505 inSize = 0; 1506 } 1507 int uid = data.readInt32(); 1508 int32_t flags = data.readInt32(); 1509 int32_t ret = import(name, (const uint8_t*) in, (size_t) inSize, uid, flags); 1510 reply->writeNoException(); 1511 reply->writeInt32(ret); 1512 return NO_ERROR; 1513 } break; 1514 case SIGN: { 1515 CHECK_INTERFACE(IKeystoreService, data, reply); 1516 String16 name = data.readString16(); 1517 ssize_t inSize = data.readInt32(); 1518 const void* in; 1519 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) { 1520 in = data.readInplace(inSize); 1521 } else { 1522 in = NULL; 1523 inSize = 0; 1524 } 1525 void* out = NULL; 1526 size_t outSize = 0; 1527 int32_t ret = sign(name, (const uint8_t*) in, (size_t) inSize, (uint8_t**) &out, &outSize); 1528 reply->writeNoException(); 1529 if (outSize > 0 && out != NULL) { 1530 reply->writeInt32(outSize); 1531 void* buf = reply->writeInplace(outSize); 1532 memcpy(buf, out, outSize); 1533 delete[] reinterpret_cast<uint8_t*>(out); 1534 } else { 1535 reply->writeInt32(-1); 1536 } 1537 reply->writeInt32(ret); 1538 return NO_ERROR; 1539 } break; 1540 case VERIFY: { 1541 CHECK_INTERFACE(IKeystoreService, data, reply); 1542 String16 name = data.readString16(); 1543 ssize_t inSize = data.readInt32(); 1544 const void* in; 1545 if (inSize >= 0 && (size_t) inSize <= data.dataAvail()) { 1546 in = data.readInplace(inSize); 1547 } else { 1548 in = NULL; 1549 inSize = 0; 1550 } 1551 ssize_t sigSize = data.readInt32(); 1552 const void* sig; 1553 if (sigSize >= 0 && (size_t) sigSize <= data.dataAvail()) { 1554 sig = data.readInplace(sigSize); 1555 } else { 1556 sig = NULL; 1557 sigSize = 0; 1558 } 1559 bool ret = verify(name, (const uint8_t*) in, (size_t) inSize, (const uint8_t*) sig, 1560 (size_t) sigSize); 1561 reply->writeNoException(); 1562 reply->writeInt32(ret ? 1 : 0); 1563 return NO_ERROR; 1564 } break; 1565 case GET_PUBKEY: { 1566 CHECK_INTERFACE(IKeystoreService, data, reply); 1567 String16 name = data.readString16(); 1568 void* out = NULL; 1569 size_t outSize = 0; 1570 int32_t ret = get_pubkey(name, (unsigned char**) &out, &outSize); 1571 reply->writeNoException(); 1572 if (outSize > 0 && out != NULL) { 1573 reply->writeInt32(outSize); 1574 void* buf = reply->writeInplace(outSize); 1575 memcpy(buf, out, outSize); 1576 free(out); 1577 } else { 1578 reply->writeInt32(-1); 1579 } 1580 reply->writeInt32(ret); 1581 return NO_ERROR; 1582 } break; 1583 case GRANT: { 1584 CHECK_INTERFACE(IKeystoreService, data, reply); 1585 String16 name = data.readString16(); 1586 int32_t granteeUid = data.readInt32(); 1587 int32_t ret = grant(name, granteeUid); 1588 reply->writeNoException(); 1589 reply->writeInt32(ret); 1590 return NO_ERROR; 1591 } break; 1592 case UNGRANT: { 1593 CHECK_INTERFACE(IKeystoreService, data, reply); 1594 String16 name = data.readString16(); 1595 int32_t granteeUid = data.readInt32(); 1596 int32_t ret = ungrant(name, granteeUid); 1597 reply->writeNoException(); 1598 reply->writeInt32(ret); 1599 return NO_ERROR; 1600 } break; 1601 case GETMTIME: { 1602 CHECK_INTERFACE(IKeystoreService, data, reply); 1603 String16 name = data.readString16(); 1604 int64_t ret = getmtime(name); 1605 reply->writeNoException(); 1606 reply->writeInt64(ret); 1607 return NO_ERROR; 1608 } break; 1609 case DUPLICATE: { 1610 CHECK_INTERFACE(IKeystoreService, data, reply); 1611 String16 srcKey = data.readString16(); 1612 int32_t srcUid = data.readInt32(); 1613 String16 destKey = data.readString16(); 1614 int32_t destUid = data.readInt32(); 1615 int32_t ret = duplicate(srcKey, srcUid, destKey, destUid); 1616 reply->writeNoException(); 1617 reply->writeInt32(ret); 1618 return NO_ERROR; 1619 } break; 1620 case IS_HARDWARE_BACKED: { 1621 CHECK_INTERFACE(IKeystoreService, data, reply); 1622 String16 keyType = data.readString16(); 1623 int32_t ret = is_hardware_backed(keyType); 1624 reply->writeNoException(); 1625 reply->writeInt32(ret); 1626 return NO_ERROR; 1627 } 1628 case CLEAR_UID: { 1629 CHECK_INTERFACE(IKeystoreService, data, reply); 1630 int64_t uid = data.readInt64(); 1631 int32_t ret = clear_uid(uid); 1632 reply->writeNoException(); 1633 reply->writeInt32(ret); 1634 return NO_ERROR; 1635 } 1636 case ADD_RNG_ENTROPY: { 1637 CHECK_INTERFACE(IKeystoreService, data, reply); 1638 const uint8_t* bytes = NULL; 1639 size_t size = 0; 1640 readByteArray(data, &bytes, &size); 1641 int32_t ret = addRngEntropy(bytes, size); 1642 reply->writeNoException(); 1643 reply->writeInt32(ret); 1644 return NO_ERROR; 1645 } 1646 case GENERATE_KEY: { 1647 CHECK_INTERFACE(IKeystoreService, data, reply); 1648 String16 name = data.readString16(); 1649 KeymasterArguments args; 1650 if (data.readInt32() != 0) { 1651 args.readFromParcel(data); 1652 } 1653 const uint8_t* entropy = NULL; 1654 size_t entropyLength = 0; 1655 readByteArray(data, &entropy, &entropyLength); 1656 int32_t uid = data.readInt32(); 1657 int32_t flags = data.readInt32(); 1658 KeyCharacteristics outCharacteristics; 1659 int32_t ret = generateKey(name, args, entropy, entropyLength, uid, flags, 1660 &outCharacteristics); 1661 reply->writeNoException(); 1662 reply->writeInt32(ret); 1663 reply->writeInt32(1); 1664 outCharacteristics.writeToParcel(reply); 1665 return NO_ERROR; 1666 } 1667 case GET_KEY_CHARACTERISTICS: { 1668 CHECK_INTERFACE(IKeystoreService, data, reply); 1669 String16 name = data.readString16(); 1670 std::unique_ptr<keymaster_blob_t> clientId = readKeymasterBlob(data); 1671 std::unique_ptr<keymaster_blob_t> appData = readKeymasterBlob(data); 1672 KeyCharacteristics outCharacteristics; 1673 int ret = getKeyCharacteristics(name, clientId.get(), appData.get(), 1674 &outCharacteristics); 1675 reply->writeNoException(); 1676 reply->writeInt32(ret); 1677 reply->writeInt32(1); 1678 outCharacteristics.writeToParcel(reply); 1679 return NO_ERROR; 1680 } 1681 case IMPORT_KEY: { 1682 CHECK_INTERFACE(IKeystoreService, data, reply); 1683 String16 name = data.readString16(); 1684 KeymasterArguments args; 1685 if (data.readInt32() != 0) { 1686 args.readFromParcel(data); 1687 } 1688 keymaster_key_format_t format = static_cast<keymaster_key_format_t>(data.readInt32()); 1689 const uint8_t* keyData = NULL; 1690 size_t keyLength = 0; 1691 readByteArray(data, &keyData, &keyLength); 1692 int32_t uid = data.readInt32(); 1693 int32_t flags = data.readInt32(); 1694 KeyCharacteristics outCharacteristics; 1695 int32_t ret = importKey(name, args, format, keyData, keyLength, uid, flags, 1696 &outCharacteristics); 1697 reply->writeNoException(); 1698 reply->writeInt32(ret); 1699 reply->writeInt32(1); 1700 outCharacteristics.writeToParcel(reply); 1701 1702 return NO_ERROR; 1703 } 1704 case EXPORT_KEY: { 1705 CHECK_INTERFACE(IKeystoreService, data, reply); 1706 String16 name = data.readString16(); 1707 keymaster_key_format_t format = static_cast<keymaster_key_format_t>(data.readInt32()); 1708 std::unique_ptr<keymaster_blob_t> clientId = readKeymasterBlob(data); 1709 std::unique_ptr<keymaster_blob_t> appData = readKeymasterBlob(data); 1710 ExportResult result; 1711 exportKey(name, format, clientId.get(), appData.get(), &result); 1712 reply->writeNoException(); 1713 reply->writeInt32(1); 1714 result.writeToParcel(reply); 1715 1716 return NO_ERROR; 1717 } 1718 case BEGIN: { 1719 CHECK_INTERFACE(IKeystoreService, data, reply); 1720 sp<IBinder> token = data.readStrongBinder(); 1721 String16 name = data.readString16(); 1722 keymaster_purpose_t purpose = static_cast<keymaster_purpose_t>(data.readInt32()); 1723 bool pruneable = data.readInt32() != 0; 1724 KeymasterArguments args; 1725 if (data.readInt32() != 0) { 1726 args.readFromParcel(data); 1727 } 1728 const uint8_t* entropy = NULL; 1729 size_t entropyLength = 0; 1730 readByteArray(data, &entropy, &entropyLength); 1731 OperationResult result; 1732 begin(token, name, purpose, pruneable, args, entropy, entropyLength, &result); 1733 reply->writeNoException(); 1734 reply->writeInt32(1); 1735 result.writeToParcel(reply); 1736 1737 return NO_ERROR; 1738 } 1739 case UPDATE: { 1740 CHECK_INTERFACE(IKeystoreService, data, reply); 1741 sp<IBinder> token = data.readStrongBinder(); 1742 KeymasterArguments args; 1743 if (data.readInt32() != 0) { 1744 args.readFromParcel(data); 1745 } 1746 const uint8_t* buf = NULL; 1747 size_t bufLength = 0; 1748 readByteArray(data, &buf, &bufLength); 1749 OperationResult result; 1750 update(token, args, buf, bufLength, &result); 1751 reply->writeNoException(); 1752 reply->writeInt32(1); 1753 result.writeToParcel(reply); 1754 1755 return NO_ERROR; 1756 } 1757 case FINISH: { 1758 CHECK_INTERFACE(IKeystoreService, data, reply); 1759 sp<IBinder> token = data.readStrongBinder(); 1760 KeymasterArguments args; 1761 if (data.readInt32() != 0) { 1762 args.readFromParcel(data); 1763 } 1764 const uint8_t* signature = NULL; 1765 size_t signatureLength = 0; 1766 readByteArray(data, &signature, &signatureLength); 1767 const uint8_t* entropy = NULL; 1768 size_t entropyLength = 0; 1769 readByteArray(data, &entropy, &entropyLength); 1770 OperationResult result; 1771 finish(token, args, signature, signatureLength, entropy, entropyLength, &result); 1772 reply->writeNoException(); 1773 reply->writeInt32(1); 1774 result.writeToParcel(reply); 1775 1776 return NO_ERROR; 1777 } 1778 case ABORT: { 1779 CHECK_INTERFACE(IKeystoreService, data, reply); 1780 sp<IBinder> token = data.readStrongBinder(); 1781 int32_t result = abort(token); 1782 reply->writeNoException(); 1783 reply->writeInt32(result); 1784 1785 return NO_ERROR; 1786 } 1787 case IS_OPERATION_AUTHORIZED: { 1788 CHECK_INTERFACE(IKeystoreService, data, reply); 1789 sp<IBinder> token = data.readStrongBinder(); 1790 bool result = isOperationAuthorized(token); 1791 reply->writeNoException(); 1792 reply->writeInt32(result ? 1 : 0); 1793 1794 return NO_ERROR; 1795 } 1796 case ADD_AUTH_TOKEN: { 1797 CHECK_INTERFACE(IKeystoreService, data, reply); 1798 const uint8_t* token_bytes = NULL; 1799 size_t size = 0; 1800 readByteArray(data, &token_bytes, &size); 1801 int32_t result = addAuthToken(token_bytes, size); 1802 reply->writeNoException(); 1803 reply->writeInt32(result); 1804 1805 return NO_ERROR; 1806 } 1807 case ON_USER_ADDED: { 1808 CHECK_INTERFACE(IKeystoreService, data, reply); 1809 int32_t userId = data.readInt32(); 1810 int32_t parentId = data.readInt32(); 1811 int32_t result = onUserAdded(userId, parentId); 1812 reply->writeNoException(); 1813 reply->writeInt32(result); 1814 1815 return NO_ERROR; 1816 } 1817 case ON_USER_REMOVED: { 1818 CHECK_INTERFACE(IKeystoreService, data, reply); 1819 int32_t userId = data.readInt32(); 1820 int32_t result = onUserRemoved(userId); 1821 reply->writeNoException(); 1822 reply->writeInt32(result); 1823 1824 return NO_ERROR; 1825 } 1826 default: 1827 return BBinder::onTransact(code, data, reply, flags); 1828 } 1829} 1830 1831// ---------------------------------------------------------------------------- 1832 1833}; // namespace android 1834