1/*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#ifndef SYSTEM_KEYMASTER_ANDROID_KEYMASTER_MESSAGES_H_
18#define SYSTEM_KEYMASTER_ANDROID_KEYMASTER_MESSAGES_H_
19
20#include <assert.h>
21#include <stdlib.h>
22#include <string.h>
23
24#include <keymaster/android_keymaster_utils.h>
25#include <keymaster/authorization_set.h>
26
27namespace keymaster {
28
29// Commands
30enum AndroidKeymasterCommand {
31    GENERATE_KEY = 0,
32    BEGIN_OPERATION = 1,
33    UPDATE_OPERATION = 2,
34    FINISH_OPERATION = 3,
35    ABORT_OPERATION = 4,
36    IMPORT_KEY = 5,
37    EXPORT_KEY = 6,
38    GET_VERSION = 7,
39    ADD_RNG_ENTROPY = 8,
40    GET_SUPPORTED_ALGORITHMS = 9,
41    GET_SUPPORTED_BLOCK_MODES = 10,
42    GET_SUPPORTED_PADDING_MODES = 11,
43    GET_SUPPORTED_DIGESTS = 12,
44    GET_SUPPORTED_IMPORT_FORMATS = 13,
45    GET_SUPPORTED_EXPORT_FORMATS = 14,
46    GET_KEY_CHARACTERISTICS = 15,
47    ATTEST_KEY = 16,
48    UPGRADE_KEY = 17,
49    CONFIGURE = 18,
50};
51
52/**
53 * Keymaster message versions are tied to keymaster versions.  We map the keymaster
54 * major.minor.subminor version to a sequential "message version".
55 *
56 * Rather than encoding a version number into each message we rely on the client -- who initiates
57 * all requests -- to check the version of the keymaster implementation with the GET_VERSION command
58 * and to send only requests that the implementation can understand.  This means that only the
59 * client side needs to manage version compatibility; the implementation can always expect/produce
60 * messages of its format.
61 *
62 * Because message version selection is purely a client-side issue, all messages default to using
63 * the latest version (MAX_MESSAGE_VERSION).  Client code must take care to check versions and pass
64 * correct version values to message constructors.  The AndroidKeymaster implementation always uses
65 * the default, latest.
66 *
67 * Note that this approach implies that GetVersionRequest and GetVersionResponse cannot be
68 * versioned.
69 */
70const int32_t MAX_MESSAGE_VERSION = 3;
71inline int32_t MessageVersion(uint8_t major_ver, uint8_t minor_ver, uint8_t /* subminor_ver */) {
72    int32_t message_version = -1;
73    switch (major_ver) {
74    case 0:
75        // For the moment we still support version 0, though in general the plan is not to support
76        // non-matching major versions.
77        message_version = 0;
78        break;
79    case 1:
80        switch (minor_ver) {
81        case 0:
82            message_version = 1;
83            break;
84        case 1:
85            message_version = 2;
86            break;
87        }
88        break;
89    case 2:
90        message_version = 3;
91        break;
92    };
93    return message_version;
94}
95
96struct KeymasterMessage : public Serializable {
97    explicit KeymasterMessage(int32_t ver) : message_version(ver) { assert(ver >= 0); }
98    uint32_t message_version;
99};
100
101/**
102 * All responses include an error value, and if the error is not KM_ERROR_OK, return no additional
103 * data.  This abstract class factors out the common serialization functionality for all of the
104 * responses, so we only have to implement it once.  Inheritance for reuse is generally not a great
105 * structure, but in this case it's the cleanest option.
106 */
107struct KeymasterResponse : public KeymasterMessage {
108    explicit KeymasterResponse(int32_t ver)
109        : KeymasterMessage(ver), error(KM_ERROR_UNKNOWN_ERROR) {}
110
111    size_t SerializedSize() const override;
112    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override;
113    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
114
115    virtual size_t NonErrorSerializedSize() const = 0;
116    virtual uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const = 0;
117    virtual bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) = 0;
118
119    keymaster_error_t error;
120};
121
122struct SupportedAlgorithmsRequest : public KeymasterMessage {
123    explicit SupportedAlgorithmsRequest(int32_t ver = MAX_MESSAGE_VERSION)
124        : KeymasterMessage(ver) {}
125
126    size_t SerializedSize() const override { return 0; };
127    uint8_t* Serialize(uint8_t* buf, const uint8_t* /* end */) const override { return buf; }
128    bool Deserialize(const uint8_t** /* buf_ptr */, const uint8_t* /* end */) override {
129        return true;
130    }
131};
132
133struct SupportedByAlgorithmRequest : public KeymasterMessage {
134    explicit SupportedByAlgorithmRequest(int32_t ver) : KeymasterMessage(ver) {}
135
136    size_t SerializedSize() const override { return sizeof(uint32_t); };
137    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override {
138        return append_uint32_to_buf(buf, end, algorithm);
139    }
140    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override {
141        return copy_uint32_from_buf(buf_ptr, end, &algorithm);
142    }
143
144    keymaster_algorithm_t algorithm;
145};
146
147struct SupportedImportFormatsRequest : public SupportedByAlgorithmRequest {
148    explicit SupportedImportFormatsRequest(int32_t ver = MAX_MESSAGE_VERSION)
149        : SupportedByAlgorithmRequest(ver) {}
150};
151
152struct SupportedExportFormatsRequest : public SupportedByAlgorithmRequest {
153    explicit SupportedExportFormatsRequest(int32_t ver = MAX_MESSAGE_VERSION)
154        : SupportedByAlgorithmRequest(ver) {}
155};
156
157struct SupportedByAlgorithmAndPurposeRequest : public KeymasterMessage {
158    explicit SupportedByAlgorithmAndPurposeRequest(int32_t ver = MAX_MESSAGE_VERSION)
159        : KeymasterMessage(ver) {}
160
161    size_t SerializedSize() const override { return sizeof(uint32_t) * 2; };
162    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override {
163        buf = append_uint32_to_buf(buf, end, algorithm);
164        return append_uint32_to_buf(buf, end, purpose);
165    }
166    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override {
167        return copy_uint32_from_buf(buf_ptr, end, &algorithm) &&
168               copy_uint32_from_buf(buf_ptr, end, &purpose);
169    }
170
171    keymaster_algorithm_t algorithm;
172    keymaster_purpose_t purpose;
173};
174
175struct SupportedBlockModesRequest : public SupportedByAlgorithmAndPurposeRequest {
176    explicit SupportedBlockModesRequest(int32_t ver = MAX_MESSAGE_VERSION)
177        : SupportedByAlgorithmAndPurposeRequest(ver) {}
178};
179
180struct SupportedPaddingModesRequest : public SupportedByAlgorithmAndPurposeRequest {
181    explicit SupportedPaddingModesRequest(int32_t ver = MAX_MESSAGE_VERSION)
182        : SupportedByAlgorithmAndPurposeRequest(ver) {}
183};
184
185struct SupportedDigestsRequest : public SupportedByAlgorithmAndPurposeRequest {
186    explicit SupportedDigestsRequest(int32_t ver = MAX_MESSAGE_VERSION)
187        : SupportedByAlgorithmAndPurposeRequest(ver) {}
188};
189
190template <typename T> struct SupportedResponse : public KeymasterResponse {
191    explicit SupportedResponse(int32_t ver)
192        : KeymasterResponse(ver), results(nullptr), results_length(0) {}
193    ~SupportedResponse() { delete[] results; }
194
195    template <size_t N> void SetResults(const T (&arr)[N]) { SetResults(arr, N); }
196
197    void SetResults(const T* arr, size_t n) {
198        delete[] results;
199        results_length = 0;
200        results = dup_array(arr, n);
201        if (results == nullptr) {
202            error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
203        } else {
204            results_length = n;
205            error = KM_ERROR_OK;
206        }
207    }
208
209    size_t NonErrorSerializedSize() const override {
210        return sizeof(uint32_t) + results_length * sizeof(uint32_t);
211    }
212    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override {
213        return append_uint32_array_to_buf(buf, end, results, results_length);
214    }
215    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override {
216        delete[] results;
217        results = nullptr;
218        UniquePtr<T[]> tmp;
219        if (!copy_uint32_array_from_buf(buf_ptr, end, &tmp, &results_length))
220            return false;
221        results = tmp.release();
222        return true;
223    }
224
225    T* results;
226    size_t results_length;
227};
228
229struct SupportedAlgorithmsResponse : public SupportedResponse<keymaster_algorithm_t> {
230    explicit SupportedAlgorithmsResponse(int32_t ver = MAX_MESSAGE_VERSION)
231        : SupportedResponse<keymaster_algorithm_t>(ver) {}
232};
233
234struct SupportedBlockModesResponse : public SupportedResponse<keymaster_block_mode_t> {
235    explicit SupportedBlockModesResponse(int32_t ver = MAX_MESSAGE_VERSION)
236        : SupportedResponse<keymaster_block_mode_t>(ver) {}
237};
238
239struct SupportedPaddingModesResponse : public SupportedResponse<keymaster_padding_t> {
240    explicit SupportedPaddingModesResponse(int32_t ver = MAX_MESSAGE_VERSION)
241        : SupportedResponse<keymaster_padding_t>(ver) {}
242};
243
244struct SupportedDigestsResponse : public SupportedResponse<keymaster_digest_t> {
245    explicit SupportedDigestsResponse(int32_t ver = MAX_MESSAGE_VERSION)
246        : SupportedResponse<keymaster_digest_t>(ver) {}
247};
248
249struct SupportedImportFormatsResponse : public SupportedResponse<keymaster_key_format_t> {
250    explicit SupportedImportFormatsResponse(int32_t ver = MAX_MESSAGE_VERSION)
251        : SupportedResponse<keymaster_key_format_t>(ver) {}
252};
253
254struct SupportedExportFormatsResponse : public SupportedResponse<keymaster_key_format_t> {
255    explicit SupportedExportFormatsResponse(int32_t ver = MAX_MESSAGE_VERSION)
256        : SupportedResponse<keymaster_key_format_t>(ver) {}
257};
258
259struct GenerateKeyRequest : public KeymasterMessage {
260    explicit GenerateKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {}
261
262    size_t SerializedSize() const override { return key_description.SerializedSize(); }
263    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override {
264        return key_description.Serialize(buf, end);
265    }
266    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override {
267        return key_description.Deserialize(buf_ptr, end);
268    }
269
270    AuthorizationSet key_description;
271};
272
273struct GenerateKeyResponse : public KeymasterResponse {
274    explicit GenerateKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {
275        key_blob.key_material = nullptr;
276        key_blob.key_material_size = 0;
277    }
278    ~GenerateKeyResponse();
279
280    size_t NonErrorSerializedSize() const override;
281    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override;
282    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
283
284    keymaster_key_blob_t key_blob;
285    AuthorizationSet enforced;
286    AuthorizationSet unenforced;
287};
288
289struct GetKeyCharacteristicsRequest : public KeymasterMessage {
290    explicit GetKeyCharacteristicsRequest(int32_t ver = MAX_MESSAGE_VERSION)
291        : KeymasterMessage(ver) {
292        key_blob.key_material = nullptr;
293        key_blob.key_material_size = 0;
294    }
295    ~GetKeyCharacteristicsRequest();
296
297    void SetKeyMaterial(const void* key_material, size_t length);
298    void SetKeyMaterial(const keymaster_key_blob_t& blob) {
299        SetKeyMaterial(blob.key_material, blob.key_material_size);
300    }
301
302    size_t SerializedSize() const override;
303    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override;
304    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
305
306    keymaster_key_blob_t key_blob;
307    AuthorizationSet additional_params;
308};
309
310struct GetKeyCharacteristicsResponse : public KeymasterResponse {
311    explicit GetKeyCharacteristicsResponse(int32_t ver = MAX_MESSAGE_VERSION)
312        : KeymasterResponse(ver) {}
313    size_t NonErrorSerializedSize() const override;
314    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override;
315    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
316
317    AuthorizationSet enforced;
318    AuthorizationSet unenforced;
319};
320
321struct BeginOperationRequest : public KeymasterMessage {
322    explicit BeginOperationRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {
323        key_blob.key_material = nullptr;
324        key_blob.key_material_size = 0;
325    }
326    ~BeginOperationRequest() { delete[] key_blob.key_material; }
327
328    void SetKeyMaterial(const void* key_material, size_t length);
329    void SetKeyMaterial(const keymaster_key_blob_t& blob) {
330        SetKeyMaterial(blob.key_material, blob.key_material_size);
331    }
332
333    size_t SerializedSize() const override;
334    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override;
335    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
336
337    keymaster_purpose_t purpose;
338    keymaster_key_blob_t key_blob;
339    AuthorizationSet additional_params;
340};
341
342struct BeginOperationResponse : public KeymasterResponse {
343    explicit BeginOperationResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {}
344
345    size_t NonErrorSerializedSize() const override;
346    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override;
347    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
348
349    keymaster_operation_handle_t op_handle;
350    AuthorizationSet output_params;
351};
352
353struct UpdateOperationRequest : public KeymasterMessage {
354    explicit UpdateOperationRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {}
355
356    size_t SerializedSize() const override;
357    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override;
358    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
359
360    keymaster_operation_handle_t op_handle;
361    Buffer input;
362    AuthorizationSet additional_params;
363};
364
365struct UpdateOperationResponse : public KeymasterResponse {
366    explicit UpdateOperationResponse(int32_t ver = MAX_MESSAGE_VERSION)
367        : KeymasterResponse(ver), input_consumed(0) {}
368
369    size_t NonErrorSerializedSize() const override;
370    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override;
371    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
372
373    Buffer output;
374    size_t input_consumed;
375    AuthorizationSet output_params;
376};
377
378struct FinishOperationRequest : public KeymasterMessage {
379    explicit FinishOperationRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {}
380
381    size_t SerializedSize() const override;
382    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override;
383    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
384
385    keymaster_operation_handle_t op_handle;
386    Buffer input;
387    Buffer signature;
388    AuthorizationSet additional_params;
389};
390
391struct FinishOperationResponse : public KeymasterResponse {
392    explicit FinishOperationResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {}
393
394    size_t NonErrorSerializedSize() const override;
395    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override;
396    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
397
398    Buffer output;
399    AuthorizationSet output_params;
400};
401
402struct AbortOperationRequest : public KeymasterMessage {
403    explicit AbortOperationRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {}
404
405    size_t SerializedSize() const override { return sizeof(uint64_t); }
406    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override {
407        return append_uint64_to_buf(buf, end, op_handle);
408    }
409    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override {
410        return copy_uint64_from_buf(buf_ptr, end, &op_handle);
411    }
412
413    keymaster_operation_handle_t op_handle;
414};
415
416struct AbortOperationResponse : public KeymasterResponse {
417    explicit AbortOperationResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {}
418
419    size_t NonErrorSerializedSize() const override { return 0; }
420    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t*) const override { return buf; }
421    bool NonErrorDeserialize(const uint8_t**, const uint8_t*) override { return true; }
422};
423
424struct AddEntropyRequest : public KeymasterMessage {
425    explicit AddEntropyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {}
426
427    size_t SerializedSize() const override;
428    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override;
429    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
430
431    Buffer random_data;
432};
433
434struct AddEntropyResponse : public KeymasterResponse {
435    explicit AddEntropyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {}
436
437    size_t NonErrorSerializedSize() const override { return 0; }
438    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* /* end */) const override {
439        return buf;
440    }
441    bool NonErrorDeserialize(const uint8_t** /* buf_ptr */, const uint8_t* /* end */) override {
442        return true;
443    }
444};
445
446struct ImportKeyRequest : public KeymasterMessage {
447    explicit ImportKeyRequest(int32_t ver = MAX_MESSAGE_VERSION)
448        : KeymasterMessage(ver), key_data(nullptr) {}
449    ~ImportKeyRequest() { delete[] key_data; }
450
451    void SetKeyMaterial(const void* key_material, size_t length);
452    void SetKeyMaterial(const keymaster_key_blob_t& blob) {
453        SetKeyMaterial(blob.key_material, blob.key_material_size);
454    }
455
456    size_t SerializedSize() const override;
457    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override;
458    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
459
460    AuthorizationSet key_description;
461    keymaster_key_format_t key_format;
462    uint8_t* key_data;
463    size_t key_data_length;
464};
465
466struct ImportKeyResponse : public KeymasterResponse {
467    explicit ImportKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {
468        key_blob.key_material = nullptr;
469        key_blob.key_material_size = 0;
470    }
471    ~ImportKeyResponse() { delete[] key_blob.key_material; }
472
473    void SetKeyMaterial(const void* key_material, size_t length);
474    void SetKeyMaterial(const keymaster_key_blob_t& blob) {
475        SetKeyMaterial(blob.key_material, blob.key_material_size);
476    }
477
478    size_t NonErrorSerializedSize() const override;
479    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override;
480    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
481
482    keymaster_key_blob_t key_blob;
483    AuthorizationSet enforced;
484    AuthorizationSet unenforced;
485};
486
487struct ExportKeyRequest : public KeymasterMessage {
488    explicit ExportKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {
489        key_blob.key_material = nullptr;
490        key_blob.key_material_size = 0;
491    }
492    ~ExportKeyRequest() { delete[] key_blob.key_material; }
493
494    void SetKeyMaterial(const void* key_material, size_t length);
495    void SetKeyMaterial(const keymaster_key_blob_t& blob) {
496        SetKeyMaterial(blob.key_material, blob.key_material_size);
497    }
498
499    size_t SerializedSize() const override;
500    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override;
501    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
502
503    AuthorizationSet additional_params;
504    keymaster_key_format_t key_format;
505    keymaster_key_blob_t key_blob;
506};
507
508struct ExportKeyResponse : public KeymasterResponse {
509    explicit ExportKeyResponse(int32_t ver = MAX_MESSAGE_VERSION)
510        : KeymasterResponse(ver), key_data(nullptr) {}
511    ~ExportKeyResponse() { delete[] key_data; }
512
513    void SetKeyMaterial(const void* key_material, size_t length);
514    void SetKeyMaterial(const keymaster_key_blob_t& blob) {
515        SetKeyMaterial(blob.key_material, blob.key_material_size);
516    }
517
518    size_t NonErrorSerializedSize() const override;
519    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override;
520    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
521
522    uint8_t* key_data;
523    size_t key_data_length;
524};
525
526struct DeleteKeyRequest : public KeymasterMessage {
527    explicit DeleteKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {
528        key_blob.key_material = nullptr;
529        key_blob.key_material_size = 0;
530    }
531    ~DeleteKeyRequest() { delete[] key_blob.key_material; }
532
533    void SetKeyMaterial(const void* key_material, size_t length);
534    void SetKeyMaterial(const keymaster_key_blob_t& blob) {
535        SetKeyMaterial(blob.key_material, blob.key_material_size);
536    }
537
538    size_t SerializedSize() const override;
539    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override;
540    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
541
542    keymaster_key_blob_t key_blob;
543};
544
545struct DeleteKeyResponse : public KeymasterResponse {
546    explicit DeleteKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {}
547
548    size_t NonErrorSerializedSize() const override { return 0; }
549    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t*) const override { return buf; }
550    bool NonErrorDeserialize(const uint8_t**, const uint8_t*) override { return true; }
551};
552
553struct DeleteAllKeysRequest : public KeymasterMessage {
554    explicit DeleteAllKeysRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {}
555
556    size_t SerializedSize() const override { return 0; }
557    uint8_t* Serialize(uint8_t* buf, const uint8_t*) const override { return buf; }
558    bool Deserialize(const uint8_t**, const uint8_t*) override { return true; };
559};
560
561struct DeleteAllKeysResponse : public KeymasterResponse {
562    explicit DeleteAllKeysResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {}
563
564    size_t NonErrorSerializedSize() const override { return 0; }
565    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t*) const override { return buf; }
566    bool NonErrorDeserialize(const uint8_t**, const uint8_t*) override { return true; }
567};
568
569struct GetVersionRequest : public KeymasterMessage {
570    GetVersionRequest() : KeymasterMessage(0 /* not versionable */) {}
571
572    size_t SerializedSize() const override { return 0; }
573    uint8_t* Serialize(uint8_t* buf, const uint8_t*) const override { return buf; }
574    bool Deserialize(const uint8_t**, const uint8_t*) override { return true; };
575};
576
577struct GetVersionResponse : public KeymasterResponse {
578    GetVersionResponse()
579        : KeymasterResponse(0 /* not versionable */), major_ver(0), minor_ver(0), subminor_ver(0) {}
580
581    size_t NonErrorSerializedSize() const override;
582    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override;
583    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
584
585    uint8_t major_ver;
586    uint8_t minor_ver;
587    uint8_t subminor_ver;
588};
589
590struct AttestKeyRequest : public KeymasterMessage {
591    explicit AttestKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {
592        key_blob.key_material = nullptr;
593        key_blob.key_material_size = 0;
594    }
595    ~AttestKeyRequest();
596
597    void SetKeyMaterial(const void* key_material, size_t length);
598    void SetKeyMaterial(const keymaster_key_blob_t& blob) {
599        SetKeyMaterial(blob.key_material, blob.key_material_size);
600    }
601
602    size_t SerializedSize() const override;
603    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override;
604    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
605
606    keymaster_key_blob_t key_blob;
607    AuthorizationSet attest_params;
608};
609
610struct AttestKeyResponse : public KeymasterResponse {
611    explicit AttestKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {
612        certificate_chain.entry_count = 0;
613        certificate_chain.entries = nullptr;
614    }
615    ~AttestKeyResponse();
616
617    bool AllocateChain(size_t entry_count);
618
619    size_t NonErrorSerializedSize() const override;
620    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override;
621    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
622
623    keymaster_cert_chain_t certificate_chain;
624};
625
626struct UpgradeKeyRequest : public KeymasterMessage {
627    explicit UpgradeKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {
628        key_blob = {nullptr, 0};
629    }
630    ~UpgradeKeyRequest();
631
632    void SetKeyMaterial(const void* key_material, size_t length);
633    void SetKeyMaterial(const keymaster_key_blob_t& blob) {
634        SetKeyMaterial(blob.key_material, blob.key_material_size);
635    }
636
637    size_t SerializedSize() const override;
638    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override;
639    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
640
641    keymaster_key_blob_t key_blob;
642    AuthorizationSet upgrade_params;
643};
644
645struct UpgradeKeyResponse : public KeymasterResponse {
646    explicit UpgradeKeyResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {
647        upgraded_key = {nullptr, 0};
648    }
649    ~UpgradeKeyResponse();
650
651    size_t NonErrorSerializedSize() const override;
652    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* end) const override;
653    bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
654
655    keymaster_key_blob_t upgraded_key;
656};
657
658struct ConfigureRequest : public KeymasterMessage {
659    explicit ConfigureRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {}
660
661    size_t SerializedSize() const override { return sizeof(os_version) + sizeof(os_patchlevel); }
662    uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override {
663        buf = append_uint32_to_buf(buf, end, os_version);
664        return append_uint32_to_buf(buf, end, os_patchlevel);
665    }
666    bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override {
667        return copy_uint32_from_buf(buf_ptr, end, &os_version) &&
668               copy_uint32_from_buf(buf_ptr, end, &os_patchlevel);
669    }
670
671    uint32_t os_version;
672    uint32_t os_patchlevel;
673};
674
675struct ConfigureResponse : public KeymasterResponse {
676    explicit ConfigureResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {}
677
678    size_t NonErrorSerializedSize() const override { return 0; }
679    uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t*) const override { return buf; }
680    bool NonErrorDeserialize(const uint8_t**, const uint8_t*) override { return true; }
681};
682
683}  // namespace keymaster
684
685#endif  // SYSTEM_KEYMASTER_ANDROID_KEYMASTER_MESSAGES_H_
686