platform/hardware/amlogic/keymaster.git - Unnamed repository; edit this file 'description' to name the repository.

1 /*
2  * Copyright 2014 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16
17 #ifndef AML_KEYMASTER_AML_KEYMASTER_DEVICE_H_
18 #define AML_KEYMASTER_AML_KEYMASTER_DEVICE_H_
19
20 #include <hardware/keymaster2.h>
21 #include <keymaster/android_keymaster_messages.h>
22
23 extern "C" {
24 #include <tee_client_api.h>
25 }
26
27 namespace keymaster {
28
29 /**
30  * Aml Keymaster device.
31  *
32  * IMPORTANT MAINTAINER NOTE: Pointers to instances of this class must be castable to hw_device_t
33  * and keymaster_device. This means it must remain a standard layout class (no virtual functions and
34  * no data members which aren't standard layout), and device_ must be the first data member.
35  * Assertions in the constructor validate compliance with those constraints.
36  */
37 class AmlKeymasterDevice {
38   public:
39     /*
40      * These are the only symbols that will be exported by libamlkeymaster.  All functionality
41      * can be reached via the function pointers in device_.
42      */
43     __attribute__((visibility("default"))) explicit AmlKeymasterDevice(const hw_module_t* module);
44     __attribute__((visibility("default"))) hw_device_t* hw_device();
45
46     ~AmlKeymasterDevice();
47
48     keymaster_error_t session_error() { return error_; }
49
50     keymaster_error_t configure(const keymaster_key_param_set_t* params);
51     keymaster_error_t add_rng_entropy(const uint8_t* data, size_t data_length);
52     keymaster_error_t generate_key(const keymaster_key_param_set_t* params,
53                                    keymaster_key_blob_t* key_blob,
54                                    keymaster_key_characteristics_t* characteristics);
55     keymaster_error_t get_key_characteristics(const keymaster_key_blob_t* key_blob,
56                                               const keymaster_blob_t* client_id,
57                                               const keymaster_blob_t* app_data,
58                                               keymaster_key_characteristics_t* character);
59     keymaster_error_t import_key(const keymaster_key_param_set_t* params,
60                                  keymaster_key_format_t key_format,
61                                  const keymaster_blob_t* key_data, keymaster_key_blob_t* key_blob,
62                                  keymaster_key_characteristics_t* characteristics);
63     keymaster_error_t export_key(keymaster_key_format_t export_format,
64                                  const keymaster_key_blob_t* key_to_export,
65                                  const keymaster_blob_t* client_id,
66                                  const keymaster_blob_t* app_data, keymaster_blob_t* export_data);
67     keymaster_error_t attest_key(const keymaster_key_blob_t* key_to_attest,
68                                  const keymaster_key_param_set_t* attest_params,
69                                  keymaster_cert_chain_t* cert_chain);
70     keymaster_error_t upgrade_key(const keymaster_key_blob_t* key_to_upgrade,
71                                   const keymaster_key_param_set_t* upgrade_params,
72                                   keymaster_key_blob_t* upgraded_key);
73     keymaster_error_t delete_key(const keymaster_key_blob_t* key);
74     keymaster_error_t begin(keymaster_purpose_t purpose, const keymaster_key_blob_t* key,
75                             const keymaster_key_param_set_t* in_params,
76                             keymaster_key_param_set_t* out_params,
77                             keymaster_operation_handle_t* operation_handle);
78     keymaster_error_t update(keymaster_operation_handle_t operation_handle,
79                              const keymaster_key_param_set_t* in_params,
80                              const keymaster_blob_t* input, size_t* input_consumed,
81                              keymaster_key_param_set_t* out_params, keymaster_blob_t* output);
82     keymaster_error_t finish(keymaster_operation_handle_t operation_handle,
83                              const keymaster_key_param_set_t* in_params,
84                              const keymaster_blob_t* input, const keymaster_blob_t* signature,
85                              keymaster_key_param_set_t* out_params, keymaster_blob_t* output);
86     keymaster_error_t abort(keymaster_operation_handle_t operation_handle);
87
88     keymaster_error_t store_encrypted_key(keymaster_key_blob_t* key_blob);
89     keymaster_error_t delete_encrypted_key(const keymaster_key_blob_t* key_blob);
90     keymaster_error_t simple_bin2ascii(uint8_t *data, size_t data_length, char *out);
91   private:
92     keymaster_error_t Send(uint32_t command, const Serializable& request,
93                            KeymasterResponse* response);
94
95     /*
96      * These static methods are the functions referenced through the function pointers in
97      * keymaster_device.  They're all trivial wrappers.
98      */
99     static int close_device(hw_device_t* dev);
100     static keymaster_error_t configure(const keymaster2_device_t* dev,
101                                        const keymaster_key_param_set_t* params);
102     static keymaster_error_t add_rng_entropy(const keymaster2_device_t* dev, const uint8_t* data,
103                                              size_t data_length);
104     static keymaster_error_t generate_key(const keymaster2_device_t* dev,
105                                           const keymaster_key_param_set_t* params,
106                                           keymaster_key_blob_t* key_blob,
107                                           keymaster_key_characteristics_t* characteristics);
108     static keymaster_error_t get_key_characteristics(const keymaster2_device_t* dev,
109                                                      const keymaster_key_blob_t* key_blob,
110                                                      const keymaster_blob_t* client_id,
111                                                      const keymaster_blob_t* app_data,
112                                                      keymaster_key_characteristics_t* character);
113     static keymaster_error_t import_key(const keymaster2_device_t* dev,
114                                         const keymaster_key_param_set_t* params,
115                                         keymaster_key_format_t key_format,
116                                         const keymaster_blob_t* key_data,
117                                         keymaster_key_blob_t* key_blob,
118                                         keymaster_key_characteristics_t* characteristics);
119     static keymaster_error_t export_key(const keymaster2_device_t* dev,
120                                         keymaster_key_format_t export_format,
121                                         const keymaster_key_blob_t* key_to_export,
122                                         const keymaster_blob_t* client_id,
123                                         const keymaster_blob_t* app_data,
124                                         keymaster_blob_t* export_data);
125     static keymaster_error_t attest_key(const keymaster2_device_t* dev,
126                                         const keymaster_key_blob_t* key_to_attest,
127                                         const keymaster_key_param_set_t* attest_params,
128                                         keymaster_cert_chain_t* cert_chain);
129     static keymaster_error_t upgrade_key(const keymaster2_device_t* dev,
130                                          const keymaster_key_blob_t* key_to_upgrade,
131                                          const keymaster_key_param_set_t* upgrade_params,
132                                          keymaster_key_blob_t* upgraded_key);
133     static keymaster_error_t delete_key(const keymaster2_device_t* dev,
134                                         const keymaster_key_blob_t* key);
135     static keymaster_error_t delete_all_keys(const keymaster2_device_t* dev);
136     static keymaster_error_t begin(const keymaster2_device_t* dev, keymaster_purpose_t purpose,
137                                    const keymaster_key_blob_t* key,
138                                    const keymaster_key_param_set_t* in_params,
139                                    keymaster_key_param_set_t* out_params,
140                                    keymaster_operation_handle_t* operation_handle);
141     static keymaster_error_t update(const keymaster2_device_t* dev,
142                                     keymaster_operation_handle_t operation_handle,
143                                     const keymaster_key_param_set_t* in_params,
144                                     const keymaster_blob_t* input, size_t* input_consumed,
145                                     keymaster_key_param_set_t* out_params, keymaster_blob_t* output);
146     static keymaster_error_t finish(const keymaster2_device_t* dev,
147                                     keymaster_operation_handle_t operation_handle,
148                                     const keymaster_key_param_set_t* in_params,
149                                     const keymaster_blob_t* input, const keymaster_blob_t* signature,
150                                     keymaster_key_param_set_t* out_params, keymaster_blob_t* output);
151     static keymaster_error_t abort(const keymaster2_device_t* dev,
152                                    keymaster_operation_handle_t operation_handle);
153
154     void dump_tags(const char *name, const keymaster_key_param_set_t *params);
155     void dump_tag_item_value(const char *name, const keymaster_key_param_t* item);
156
157     keymaster2_device_t device_;
158     keymaster_error_t error_;
159     int32_t message_version_;
160
161     TEEC_Context KM_context;
162     TEEC_Session KM_session;
163 };
164
165 #if ANDROID_PLATFORM_SDK_VERSION == 26 //8.0
166 struct ConfigureRequest : public KeymasterMessage {
167     explicit ConfigureRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {}
168
169     size_t SerializedSize() const override { return sizeof(os_version) + sizeof(os_patchlevel); }
170     uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override {
171         buf = append_uint32_to_buf(buf, end, os_version);
172         return append_uint32_to_buf(buf, end, os_patchlevel);
173     }
174     bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override {
175         return copy_uint32_from_buf(buf_ptr, end, &os_version) &&
176                copy_uint32_from_buf(buf_ptr, end, &os_patchlevel);
177     }
178
179     uint32_t os_version;
180     uint32_t os_patchlevel;
181 };
182
183 struct ConfigureResponse : public KeymasterResponse {
184     explicit ConfigureResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {}
185
186     size_t NonErrorSerializedSize() const override { return 0; }
187     uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t*) const override { return buf; }
188     bool NonErrorDeserialize(const uint8_t**, const uint8_t*) override { return true; }
189 };
190 #endif
191
192 }  // namespace keymaster
193
194 #endif  // AML_KEYMASTER_AML_KEYMASTER_DEVICE_H_
195
1	/*
2	* Copyright 2014 The Android Open Source Project
3	*
4	* Licensed under the Apache License, Version 2.0 (the "License");
5	* you may not use this file except in compliance with the License.
6	* You may obtain a copy of the License at
7	*
8	* http://www.apache.org/licenses/LICENSE-2.0
9	*
10	* Unless required by applicable law or agreed to in writing, software
11	* distributed under the License is distributed on an "AS IS" BASIS,
12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13	* See the License for the specific language governing permissions and
14	* limitations under the License.
15	*/
16
17	#ifndef AML_KEYMASTER_AML_KEYMASTER_DEVICE_H_
18	#define AML_KEYMASTER_AML_KEYMASTER_DEVICE_H_
19
20	#include <hardware/keymaster2.h>
21	#include <keymaster/android_keymaster_messages.h>
22
23	extern "C" {
24	#include <tee_client_api.h>
25	}
26
27	namespace keymaster {
28
29	/**
30	* Aml Keymaster device.
31	*
32	* IMPORTANT MAINTAINER NOTE: Pointers to instances of this class must be castable to hw_device_t
33	* and keymaster_device. This means it must remain a standard layout class (no virtual functions and
34	* no data members which aren't standard layout), and device_ must be the first data member.
35	* Assertions in the constructor validate compliance with those constraints.
36	*/
37	class AmlKeymasterDevice {
38	public:
39	/*
40	* These are the only symbols that will be exported by libamlkeymaster. All functionality
41	* can be reached via the function pointers in device_.
42	*/
43	__attribute__((visibility("default"))) explicit AmlKeymasterDevice(const hw_module_t* module);
44	__attribute__((visibility("default"))) hw_device_t* hw_device();
45
46	~AmlKeymasterDevice();
47
48	keymaster_error_t session_error() { return error_; }
49
50	keymaster_error_t configure(const keymaster_key_param_set_t* params);
51	keymaster_error_t add_rng_entropy(const uint8_t* data, size_t data_length);
52	keymaster_error_t generate_key(const keymaster_key_param_set_t* params,
53	keymaster_key_blob_t* key_blob,
54	keymaster_key_characteristics_t* characteristics);
55	keymaster_error_t get_key_characteristics(const keymaster_key_blob_t* key_blob,
56	const keymaster_blob_t* client_id,
57	const keymaster_blob_t* app_data,
58	keymaster_key_characteristics_t* character);
59	keymaster_error_t import_key(const keymaster_key_param_set_t* params,
60	keymaster_key_format_t key_format,
61	const keymaster_blob_t* key_data, keymaster_key_blob_t* key_blob,
62	keymaster_key_characteristics_t* characteristics);
63	keymaster_error_t export_key(keymaster_key_format_t export_format,
64	const keymaster_key_blob_t* key_to_export,
65	const keymaster_blob_t* client_id,
66	const keymaster_blob_t* app_data, keymaster_blob_t* export_data);
67	keymaster_error_t attest_key(const keymaster_key_blob_t* key_to_attest,
68	const keymaster_key_param_set_t* attest_params,
69	keymaster_cert_chain_t* cert_chain);
70	keymaster_error_t upgrade_key(const keymaster_key_blob_t* key_to_upgrade,
71	const keymaster_key_param_set_t* upgrade_params,
72	keymaster_key_blob_t* upgraded_key);
73	keymaster_error_t delete_key(const keymaster_key_blob_t* key);
74	keymaster_error_t begin(keymaster_purpose_t purpose, const keymaster_key_blob_t* key,
75	const keymaster_key_param_set_t* in_params,
76	keymaster_key_param_set_t* out_params,
77	keymaster_operation_handle_t* operation_handle);
78	keymaster_error_t update(keymaster_operation_handle_t operation_handle,
79	const keymaster_key_param_set_t* in_params,
80	const keymaster_blob_t* input, size_t* input_consumed,
81	keymaster_key_param_set_t* out_params, keymaster_blob_t* output);
82	keymaster_error_t finish(keymaster_operation_handle_t operation_handle,
83	const keymaster_key_param_set_t* in_params,
84	const keymaster_blob_t* input, const keymaster_blob_t* signature,
85	keymaster_key_param_set_t* out_params, keymaster_blob_t* output);
86	keymaster_error_t abort(keymaster_operation_handle_t operation_handle);
87
88	keymaster_error_t store_encrypted_key(keymaster_key_blob_t* key_blob);
89	keymaster_error_t delete_encrypted_key(const keymaster_key_blob_t* key_blob);
90	keymaster_error_t simple_bin2ascii(uint8_t data, size_t data_length, char out);
91	private:
92	keymaster_error_t Send(uint32_t command, const Serializable& request,
93	KeymasterResponse* response);
94
95	/*
96	* These static methods are the functions referenced through the function pointers in
97	* keymaster_device. They're all trivial wrappers.
98	*/
99	static int close_device(hw_device_t* dev);
100	static keymaster_error_t configure(const keymaster2_device_t* dev,
101	const keymaster_key_param_set_t* params);
102	static keymaster_error_t add_rng_entropy(const keymaster2_device_t* dev, const uint8_t* data,
103	size_t data_length);
104	static keymaster_error_t generate_key(const keymaster2_device_t* dev,
105	const keymaster_key_param_set_t* params,
106	keymaster_key_blob_t* key_blob,
107	keymaster_key_characteristics_t* characteristics);
108	static keymaster_error_t get_key_characteristics(const keymaster2_device_t* dev,
109	const keymaster_key_blob_t* key_blob,
110	const keymaster_blob_t* client_id,
111	const keymaster_blob_t* app_data,
112	keymaster_key_characteristics_t* character);
113	static keymaster_error_t import_key(const keymaster2_device_t* dev,
114	const keymaster_key_param_set_t* params,
115	keymaster_key_format_t key_format,
116	const keymaster_blob_t* key_data,
117	keymaster_key_blob_t* key_blob,
118	keymaster_key_characteristics_t* characteristics);
119	static keymaster_error_t export_key(const keymaster2_device_t* dev,
120	keymaster_key_format_t export_format,
121	const keymaster_key_blob_t* key_to_export,
122	const keymaster_blob_t* client_id,
123	const keymaster_blob_t* app_data,
124	keymaster_blob_t* export_data);
125	static keymaster_error_t attest_key(const keymaster2_device_t* dev,
126	const keymaster_key_blob_t* key_to_attest,
127	const keymaster_key_param_set_t* attest_params,
128	keymaster_cert_chain_t* cert_chain);
129	static keymaster_error_t upgrade_key(const keymaster2_device_t* dev,
130	const keymaster_key_blob_t* key_to_upgrade,
131	const keymaster_key_param_set_t* upgrade_params,
132	keymaster_key_blob_t* upgraded_key);
133	static keymaster_error_t delete_key(const keymaster2_device_t* dev,
134	const keymaster_key_blob_t* key);
135	static keymaster_error_t delete_all_keys(const keymaster2_device_t* dev);
136	static keymaster_error_t begin(const keymaster2_device_t* dev, keymaster_purpose_t purpose,
137	const keymaster_key_blob_t* key,
138	const keymaster_key_param_set_t* in_params,
139	keymaster_key_param_set_t* out_params,
140	keymaster_operation_handle_t* operation_handle);
141	static keymaster_error_t update(const keymaster2_device_t* dev,
142	keymaster_operation_handle_t operation_handle,
143	const keymaster_key_param_set_t* in_params,
144	const keymaster_blob_t* input, size_t* input_consumed,
145	keymaster_key_param_set_t* out_params, keymaster_blob_t* output);
146	static keymaster_error_t finish(const keymaster2_device_t* dev,
147	keymaster_operation_handle_t operation_handle,
148	const keymaster_key_param_set_t* in_params,
149	const keymaster_blob_t* input, const keymaster_blob_t* signature,
150	keymaster_key_param_set_t* out_params, keymaster_blob_t* output);
151	static keymaster_error_t abort(const keymaster2_device_t* dev,
152	keymaster_operation_handle_t operation_handle);
153
154	void dump_tags(const char name, const keymaster_key_param_set_t params);
155	void dump_tag_item_value(const char name, const keymaster_key_param_t item);
156
157	keymaster2_device_t device_;
158	keymaster_error_t error_;
159	int32_t message_version_;
160
161	TEEC_Context KM_context;
162	TEEC_Session KM_session;
163	};
164
165	#if ANDROID_PLATFORM_SDK_VERSION == 26 //8.0
166	struct ConfigureRequest : public KeymasterMessage {
167	explicit ConfigureRequest(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterMessage(ver) {}
168
169	size_t SerializedSize() const override { return sizeof(os_version) + sizeof(os_patchlevel); }
170	uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override {
171	buf = append_uint32_to_buf(buf, end, os_version);
172	return append_uint32_to_buf(buf, end, os_patchlevel);
173	}
174	bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override {
175	return copy_uint32_from_buf(buf_ptr, end, &os_version) &&
176	copy_uint32_from_buf(buf_ptr, end, &os_patchlevel);
177	}
178
179	uint32_t os_version;
180	uint32_t os_patchlevel;
181	};
182
183	struct ConfigureResponse : public KeymasterResponse {
184	explicit ConfigureResponse(int32_t ver = MAX_MESSAGE_VERSION) : KeymasterResponse(ver) {}
185
186	size_t NonErrorSerializedSize() const override { return 0; }
187	uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t*) const override { return buf; }
188	bool NonErrorDeserialize(const uint8_t*, const uint8_t) override { return true; }
189	};
190	#endif
191
192	} // namespace keymaster
193
194	#endif // AML_KEYMASTER_AML_KEYMASTER_DEVICE_H_
195