1/* 2 * Copyright 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#ifndef SYSTEM_KEYMASTER_ANDROID_KEYMASTER_UTILS_H_ 18#define SYSTEM_KEYMASTER_ANDROID_KEYMASTER_UTILS_H_ 19 20#include <stdint.h> 21#include <string.h> 22#include <time.h> // for time_t. 23 24#include <keymaster/UniquePtr.h> 25 26#include <hardware/keymaster_defs.h> 27#include <keymaster/serializable.h> 28 29namespace keymaster { 30 31/** 32 * Convert the specified time value into "Java time", which is a signed 64-bit integer representing 33 * elapsed milliseconds since Jan 1, 1970. 34 */ 35inline int64_t java_time(time_t time) { 36 // The exact meaning of a time_t value is implementation-dependent. If this code is ported to a 37 // platform that doesn't define it as "seconds since Jan 1, 1970 UTC", this function will have 38 // to be revised. 39 return static_cast<int64_t>(time) * 1000; 40} 41 42/* 43 * Array Manipulation functions. This set of templated inline functions provides some nice tools 44 * for operating on c-style arrays. C-style arrays actually do have a defined size associated with 45 * them, as long as they are not allowed to decay to a pointer. These template methods exploit this 46 * to allow size-based array operations without explicitly specifying the size. If passed a pointer 47 * rather than an array, they'll fail to compile. 48 */ 49 50/** 51 * Return the size in bytes of the array \p a. 52 */ 53template <typename T, size_t N> inline size_t array_size(const T (&a)[N]) { 54 return sizeof(a); 55} 56 57/** 58 * Return the number of elements in array \p a. 59 */ 60template <typename T, size_t N> inline size_t array_length(const T (&)[N]) { 61 return N; 62} 63 64/** 65 * Duplicate the array \p a. The memory for the new array is allocated and the caller takes 66 * responsibility. 67 */ 68template <typename T> inline T* dup_array(const T* a, size_t n) { 69 T* dup = new (std::nothrow) T[n]; 70 if (dup) 71 for (size_t i = 0; i < n; ++i) 72 dup[i] = a[i]; 73 return dup; 74} 75 76/** 77 * Duplicate the array \p a. The memory for the new array is allocated and the caller takes 78 * responsibility. Note that the dup is necessarily returned as a pointer, so size is lost. Call 79 * array_length() on the original array to discover the size. 80 */ 81template <typename T, size_t N> inline T* dup_array(const T (&a)[N]) { 82 return dup_array(a, N); 83} 84 85/** 86 * Duplicate the buffer \p buf. The memory for the new buffer is allocated and the caller takes 87 * responsibility. 88 */ 89uint8_t* dup_buffer(const void* buf, size_t size); 90 91/** 92 * Copy the contents of array \p arr to \p dest. 93 */ 94template <typename T, size_t N> inline void copy_array(const T (&arr)[N], T* dest) { 95 for (size_t i = 0; i < N; ++i) 96 dest[i] = arr[i]; 97} 98 99/** 100 * Search array \p a for value \p val, returning true if found. Note that this function is 101 * early-exit, meaning that it should not be used in contexts where timing analysis attacks could be 102 * a concern. 103 */ 104template <typename T, size_t N> inline bool array_contains(const T (&a)[N], T val) { 105 for (size_t i = 0; i < N; ++i) { 106 if (a[i] == val) { 107 return true; 108 } 109 } 110 return false; 111} 112 113/** 114 * Variant of memset() that uses GCC-specific pragmas to disable optimizations, so effect is not 115 * optimized away. This is important because we often need to wipe blocks of sensitive data from 116 * memory. As an additional convenience, this implementation avoids writing to NULL pointers. 117 */ 118#ifdef __clang__ 119#define OPTNONE __attribute__((optnone)) 120#else // not __clang__ 121#define OPTNONE __attribute__((optimize("O0"))) 122#endif // not __clang__ 123inline OPTNONE void* memset_s(void* s, int c, size_t n) { 124 if (!s) 125 return s; 126 return memset(s, c, n); 127} 128#undef OPTNONE 129 130/** 131 * Variant of memcmp that has the same runtime regardless of whether the data matches (i.e. doesn't 132 * short-circuit). Not an exact equivalent to memcmp because it doesn't return <0 if p1 < p2, just 133 * 0 for match and non-zero for non-match. 134 */ 135int memcmp_s(const void* p1, const void* p2, size_t length); 136 137/** 138 * Eraser clears buffers. Construct it with a buffer or object and the destructor will ensure that 139 * it is zeroed. 140 */ 141class Eraser { 142 public: 143 /* Not implemented. If this gets used, we want a link error. */ 144 template <typename T> explicit Eraser(T* t); 145 146 template <typename T> 147 explicit Eraser(T& t) : buf_(reinterpret_cast<uint8_t*>(&t)), size_(sizeof(t)) {} 148 149 template <size_t N> explicit Eraser(uint8_t (&arr)[N]) : buf_(arr), size_(N) {} 150 151 Eraser(void* buf, size_t size) : buf_(static_cast<uint8_t*>(buf)), size_(size) {} 152 ~Eraser() { memset_s(buf_, 0, size_); } 153 154 private: 155 Eraser(const Eraser&); 156 void operator=(const Eraser&); 157 158 uint8_t* buf_; 159 size_t size_; 160}; 161 162/** 163 * ArrayWrapper is a trivial wrapper around a C-style array that provides begin() and end() 164 * methods. This is primarily to facilitate range-based iteration on arrays. It does not copy, nor 165 * does it take ownership; it just holds pointers. 166 */ 167template <typename T> class ArrayWrapper { 168 public: 169 ArrayWrapper(T* array, size_t size) : begin_(array), end_(array + size) {} 170 171 T* begin() { return begin_; } 172 T* end() { return end_; } 173 174 private: 175 T* begin_; 176 T* end_; 177}; 178 179template <typename T> ArrayWrapper<T> array_range(T* begin, size_t length) { 180 return ArrayWrapper<T>(begin, length); 181} 182 183template <typename T, size_t n> ArrayWrapper<T> array_range(T (&a)[n]) { 184 return ArrayWrapper<T>(a, n); 185} 186 187/** 188 * Convert any unsigned integer from network to host order. We implement this here rather than 189 * using the functions from arpa/inet.h because the TEE doesn't have inet.h. This isn't the most 190 * efficient implementation, but the compiler should unroll the loop and tighten it up. 191 */ 192template <typename T> T ntoh(T t) { 193 const uint8_t* byte_ptr = reinterpret_cast<const uint8_t*>(&t); 194 T retval = 0; 195 for (size_t i = 0; i < sizeof(t); ++i) { 196 retval <<= 8; 197 retval |= byte_ptr[i]; 198 } 199 return retval; 200} 201 202/** 203 * Convert any unsigned integer from host to network order. We implement this here rather than 204 * using the functions from arpa/inet.h because the TEE doesn't have inet.h. This isn't the most 205 * efficient implementation, but the compiler should unroll the loop and tighten it up. 206 */ 207template <typename T> T hton(T t) { 208 T retval; 209 uint8_t* byte_ptr = reinterpret_cast<uint8_t*>(&retval); 210 for (size_t i = sizeof(t); i > 0; --i) { 211 byte_ptr[i - 1] = t & 0xFF; 212 t >>= 8; 213 } 214 return retval; 215} 216 217/** 218 * KeymasterKeyBlob is a very simple extension of the C struct keymaster_key_blob_t. It manages its 219 * own memory, which makes avoiding memory leaks much easier. 220 */ 221struct KeymasterKeyBlob : public keymaster_key_blob_t { 222 KeymasterKeyBlob() { 223 key_material = nullptr; 224 key_material_size = 0; 225 } 226 227 KeymasterKeyBlob(const uint8_t* data, size_t size) { 228 key_material_size = 0; 229 key_material = dup_buffer(data, size); 230 if (key_material) 231 key_material_size = size; 232 } 233 234 explicit KeymasterKeyBlob(size_t size) { 235 key_material_size = 0; 236 key_material = new (std::nothrow) uint8_t[size]; 237 if (key_material) 238 key_material_size = size; 239 } 240 241 explicit KeymasterKeyBlob(const keymaster_key_blob_t& blob) { 242 key_material_size = 0; 243 key_material = dup_buffer(blob.key_material, blob.key_material_size); 244 if (key_material) 245 key_material_size = blob.key_material_size; 246 } 247 248 KeymasterKeyBlob(const KeymasterKeyBlob& blob) { 249 key_material_size = 0; 250 key_material = dup_buffer(blob.key_material, blob.key_material_size); 251 if (key_material) 252 key_material_size = blob.key_material_size; 253 } 254 255 void operator=(const KeymasterKeyBlob& blob) { 256 Clear(); 257 key_material = dup_buffer(blob.key_material, blob.key_material_size); 258 key_material_size = blob.key_material_size; 259 } 260 261 ~KeymasterKeyBlob() { Clear(); } 262 263 const uint8_t* begin() const { return key_material; } 264 const uint8_t* end() const { return key_material + key_material_size; } 265 266 void Clear() { 267 memset_s(const_cast<uint8_t*>(key_material), 0, key_material_size); 268 delete[] key_material; 269 key_material = nullptr; 270 key_material_size = 0; 271 } 272 273 const uint8_t* Reset(size_t new_size) { 274 Clear(); 275 key_material = new (std::nothrow) uint8_t[new_size]; 276 if (key_material) 277 key_material_size = new_size; 278 return key_material; 279 } 280 281 // The key_material in keymaster_key_blob_t is const, which is the right thing in most 282 // circumstances, but occasionally we do need to write into it. This method exposes a non-const 283 // version of the pointer. Use sparingly. 284 uint8_t* writable_data() { return const_cast<uint8_t*>(key_material); } 285 286 keymaster_key_blob_t release() { 287 keymaster_key_blob_t tmp = {key_material, key_material_size}; 288 key_material = nullptr; 289 key_material_size = 0; 290 return tmp; 291 } 292 293 size_t SerializedSize() const { return sizeof(uint32_t) + key_material_size; } 294 uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const { 295 return append_size_and_data_to_buf(buf, end, key_material, key_material_size); 296 } 297 298 bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) { 299 Clear(); 300 UniquePtr<uint8_t[]> tmp; 301 if (!copy_size_and_data_from_buf(buf_ptr, end, &key_material_size, &tmp)) { 302 key_material = nullptr; 303 key_material_size = 0; 304 return false; 305 } 306 key_material = tmp.release(); 307 return true; 308 } 309}; 310 311struct Characteristics_Delete { 312 void operator()(keymaster_key_characteristics_t* p) { 313 keymaster_free_characteristics(p); 314 free(p); 315 } 316}; 317 318struct Malloc_Delete { 319 void operator()(void* p) { free(p); } 320}; 321 322struct CertificateChainDelete { 323 void operator()(keymaster_cert_chain_t* p) { 324 if (!p) 325 return; 326 for (size_t i = 0; i < p->entry_count; ++i) 327 delete[] p->entries[i].data; 328 delete[] p->entries; 329 delete p; 330 } 331}; 332 333keymaster_error_t EcKeySizeToCurve(uint32_t key_size_bits, keymaster_ec_curve_t* curve); 334keymaster_error_t EcCurveToKeySize(keymaster_ec_curve_t curve, uint32_t* key_size_bits); 335 336} // namespace keymaster 337 338#endif // SYSTEM_KEYMASTER_ANDROID_KEYMASTER_UTILS_H_ 339