blob: a83aa1f7b8f9b30e146ac4dc666f0155e3404d3c
1 | /* |
2 | * Copyright 2017 The Android Open Source Project |
3 | * |
4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
5 | * you may not use this file except in compliance with the License. |
6 | * You may obtain a copy of the License at |
7 | * |
8 | * http://www.apache.org/licenses/LICENSE-2.0 |
9 | * |
10 | * Unless required by applicable law or agreed to in writing, software |
11 | * distributed under the License is distributed on an "AS IS" BASIS, |
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
13 | * See the License for the specific language governing permissions and |
14 | * limitations under the License. |
15 | */ |
16 | |
17 | #ifndef TRUSTY_APP_KEYMASTER_TRUSTY_KEYMASTER_MESSAGES_H_ |
18 | #define TRUSTY_APP_KEYMASTER_TRUSTY_KEYMASTER_MESSAGES_H_ |
19 | |
20 | #include <keymaster/android_keymaster_messages.h> |
21 | |
22 | namespace keymaster { |
23 | |
24 | /** |
25 | * Generic struct for Keymaster requests which hold a single raw buffer. |
26 | */ |
27 | struct RawBufferRequest : public KeymasterMessage { |
28 | explicit RawBufferRequest(int32_t ver = MAX_MESSAGE_VERSION) |
29 | : KeymasterMessage(ver) {} |
30 | |
31 | size_t SerializedSize() const override { return data.SerializedSize(); } |
32 | uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override { |
33 | return data.Serialize(buf, end); |
34 | } |
35 | bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override { |
36 | return data.Deserialize(buf_ptr, end); |
37 | } |
38 | |
39 | Buffer data; |
40 | }; |
41 | |
42 | /** |
43 | * Generic struct for Keymaster responses which hold a single raw buffer. |
44 | */ |
45 | struct RawBufferResponse : public KeymasterResponse { |
46 | explicit RawBufferResponse(int32_t ver = MAX_MESSAGE_VERSION) |
47 | : KeymasterResponse(ver) {} |
48 | |
49 | size_t NonErrorSerializedSize() const override { |
50 | return data.SerializedSize(); |
51 | } |
52 | uint8_t* NonErrorSerialize(uint8_t* buf, |
53 | const uint8_t* end) const override { |
54 | return data.Serialize(buf, end); |
55 | } |
56 | bool NonErrorDeserialize(const uint8_t** buf_ptr, |
57 | const uint8_t* end) override { |
58 | return data.Deserialize(buf_ptr, end); |
59 | } |
60 | |
61 | Buffer data; |
62 | }; |
63 | |
64 | /** |
65 | * Generic struct for Keymaster responses which have no specialized response |
66 | * data. |
67 | */ |
68 | struct NoResponse : public KeymasterResponse { |
69 | explicit NoResponse(int32_t ver = MAX_MESSAGE_VERSION) |
70 | : KeymasterResponse(ver) {} |
71 | |
72 | size_t NonErrorSerializedSize() const override { return 0; } |
73 | uint8_t* NonErrorSerialize(uint8_t* buf, |
74 | const uint8_t* end) const override { |
75 | (void)end; |
76 | return buf; |
77 | } |
78 | bool NonErrorDeserialize(const uint8_t** buf_ptr, |
79 | const uint8_t* end) override { |
80 | (void)buf_ptr; |
81 | (void)end; |
82 | return true; |
83 | } |
84 | }; |
85 | |
86 | struct NoRequest : public KeymasterMessage { |
87 | explicit NoRequest(int32_t ver = MAX_MESSAGE_VERSION) |
88 | : KeymasterMessage(ver) {} |
89 | |
90 | size_t SerializedSize() const override { return 0; } |
91 | uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override { |
92 | (void)end; |
93 | return buf; |
94 | } |
95 | bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override { |
96 | (void)buf_ptr; |
97 | (void)end; |
98 | return true; |
99 | } |
100 | }; |
101 | |
102 | struct SetBootParamsRequest : public KeymasterMessage { |
103 | explicit SetBootParamsRequest(int32_t ver = MAX_MESSAGE_VERSION) |
104 | : KeymasterMessage(ver) {} |
105 | |
106 | size_t SerializedSize() const override { |
107 | return (sizeof(os_version) + sizeof(os_patchlevel) + |
108 | sizeof(device_locked) + sizeof(verified_boot_state) + |
109 | verified_boot_key.SerializedSize() + |
110 | verified_boot_hash.SerializedSize()); |
111 | } |
112 | uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override { |
113 | buf = append_uint32_to_buf(buf, end, os_version); |
114 | buf = append_uint32_to_buf(buf, end, os_patchlevel); |
115 | buf = append_uint32_to_buf(buf, end, device_locked); |
116 | buf = append_uint32_to_buf(buf, end, verified_boot_state); |
117 | buf = verified_boot_key.Serialize(buf, end); |
118 | return verified_boot_hash.Serialize(buf, end); |
119 | } |
120 | bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override { |
121 | return copy_uint32_from_buf(buf_ptr, end, &os_version) && |
122 | copy_uint32_from_buf(buf_ptr, end, &os_patchlevel) && |
123 | copy_uint32_from_buf(buf_ptr, end, &device_locked) && |
124 | copy_uint32_from_buf(buf_ptr, end, &verified_boot_state) && |
125 | verified_boot_key.Deserialize(buf_ptr, end) && |
126 | verified_boot_hash.Deserialize(buf_ptr, end); |
127 | } |
128 | |
129 | uint32_t os_version; |
130 | uint32_t os_patchlevel; |
131 | uint32_t device_locked; |
132 | keymaster_verified_boot_t verified_boot_state; |
133 | Buffer verified_boot_key; |
134 | Buffer verified_boot_hash; |
135 | }; |
136 | |
137 | struct SetBootParamsResponse : public NoResponse {}; |
138 | |
139 | struct SetAttestationKeyRequest : public KeymasterMessage { |
140 | explicit SetAttestationKeyRequest(int32_t ver = MAX_MESSAGE_VERSION) |
141 | : KeymasterMessage(ver) {} |
142 | |
143 | size_t SerializedSize() const override { |
144 | return sizeof(uint32_t) + key_data.SerializedSize(); |
145 | } |
146 | uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override { |
147 | buf = append_uint32_to_buf(buf, end, algorithm); |
148 | return key_data.Serialize(buf, end); |
149 | } |
150 | bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override { |
151 | return copy_uint32_from_buf(buf_ptr, end, &algorithm) && |
152 | key_data.Deserialize(buf_ptr, end); |
153 | } |
154 | |
155 | keymaster_algorithm_t algorithm; |
156 | Buffer key_data; |
157 | }; |
158 | |
159 | struct SetAttestationKeyResponse : public NoResponse {}; |
160 | |
161 | struct AppendAttestationCertChainRequest : public KeymasterMessage { |
162 | explicit AppendAttestationCertChainRequest( |
163 | int32_t ver = MAX_MESSAGE_VERSION) |
164 | : KeymasterMessage(ver) {} |
165 | |
166 | size_t SerializedSize() const override { |
167 | return sizeof(uint32_t) + cert_data.SerializedSize(); |
168 | } |
169 | uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override { |
170 | buf = append_uint32_to_buf(buf, end, algorithm); |
171 | return cert_data.Serialize(buf, end); |
172 | } |
173 | bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override { |
174 | return copy_uint32_from_buf(buf_ptr, end, &algorithm) && |
175 | cert_data.Deserialize(buf_ptr, end); |
176 | } |
177 | |
178 | keymaster_algorithm_t algorithm; |
179 | Buffer cert_data; |
180 | }; |
181 | |
182 | struct AppendAttestationCertChainResponse : public NoResponse {}; |
183 | |
184 | /** |
185 | * For Android Things Attestation Provisioning (ATAP), the GetCaRequest message |
186 | * in the protocol are raw opaque messages for the purposes of this IPC call. |
187 | * Since the SetCaResponse message will be very large (> 10k), SetCaResponse is |
188 | * split into *Begin, *Update, and *Finish operations. |
189 | */ |
190 | struct AtapGetCaRequestRequest : public RawBufferRequest {}; |
191 | struct AtapGetCaRequestResponse : public RawBufferResponse {}; |
192 | |
193 | struct AtapSetCaResponseBeginRequest : public KeymasterMessage { |
194 | explicit AtapSetCaResponseBeginRequest(int32_t ver = MAX_MESSAGE_VERSION) |
195 | : KeymasterMessage(ver) {} |
196 | |
197 | size_t SerializedSize() const override { return sizeof(uint32_t); } |
198 | uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override { |
199 | return append_uint32_to_buf(buf, end, ca_response_size); |
200 | } |
201 | bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override { |
202 | return copy_uint32_from_buf(buf_ptr, end, &ca_response_size); |
203 | } |
204 | |
205 | uint32_t ca_response_size; |
206 | }; |
207 | struct AtapSetCaResponseBeginResponse : public NoResponse {}; |
208 | |
209 | struct AtapSetCaResponseUpdateRequest : public RawBufferRequest {}; |
210 | struct AtapSetCaResponseUpdateResponse : public NoResponse {}; |
211 | |
212 | struct AtapSetCaResponseFinishRequest : public NoRequest {}; |
213 | struct AtapSetCaResponseFinishResponse : public NoResponse {}; |
214 | struct AtapSetProductIdRequest : public RawBufferRequest {}; |
215 | struct AtapSetProductIdResponse : public NoResponse {}; |
216 | |
217 | struct AtapReadUuidRequest : public NoRequest {}; |
218 | struct AtapReadUuidResponse : public RawBufferResponse {}; |
219 | |
220 | } // namespace keymaster |
221 | |
222 | #endif // TRUSTY_APP_KEYMASTER_TRUSTY_KEYMASTER_MESSAGES_H_ |
223 |