1 /*
2 **
3 ** Copyright 2017, The Android Open Source Project
4 **
5 ** Licensed under the Apache License, Version 2.0 (the "License");
6 ** you may not use this file except in compliance with the License.
7 ** You may obtain a copy of the License at
8 **
9 **     http://www.apache.org/licenses/LICENSE-2.0
10 **
11 ** Unless required by applicable law or agreed to in writing, software
12 ** distributed under the License is distributed on an "AS IS" BASIS,
13 ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 ** See the License for the specific language governing permissions and
15 ** limitations under the License.
16 */
17 
18 #include "keymaster_passthrough_operation.h"
19 #include <keymaster/android_keymaster_utils.h>
20 #include <vector>
21 
22 namespace keymaster {
23 
24 template <>
Finish(const AuthorizationSet & input_params,const Buffer & input,const Buffer & signature,AuthorizationSet * output_params,Buffer * output)25 keymaster_error_t KeymasterPassthroughOperation<keymaster1_device_t>::Finish(
26     const AuthorizationSet& input_params, const Buffer& input, const Buffer& signature,
27     AuthorizationSet* output_params, Buffer* output) {
28     keymaster_key_param_set_t out_params = {};
29     keymaster_blob_t in{input.peek_read(), input.available_read()};
30     keymaster_blob_t out = {};
31     keymaster_error_t rc;
32     std::vector<KeymasterBlob> accumulate_output;
33     size_t accumulated_output_size = 0;
34     AuthorizationSet accumulated_out_params;
35     AuthorizationSet mutable_input_params = input_params;
36     while (in.data_length != 0) {
37         size_t consumed = 0;
38         rc = km_device_->update(km_device_, operation_handle_, &mutable_input_params, &in,
39                                 &consumed, &out_params, &out);
40         if (rc == KM_ERROR_OK) {
41             accumulate_output.push_back(KeymasterBlob(out));
42             accumulated_output_size += out.data_length;
43             free(const_cast<uint8_t*>(out.data));
44             out = {};
45             accumulated_out_params.push_back(out_params);
46             keymaster_free_param_set(&out_params);
47         } else {
48             return rc;
49         }
50 
51         int aad_pos = mutable_input_params.find(TAG_ASSOCIATED_DATA);
52         if (aad_pos != -1) {
53             mutable_input_params.erase(aad_pos);
54         }
55 
56         if (consumed == 0) {
57             km_device_->abort(km_device_, operation_handle_);
58             return KM_ERROR_INVALID_INPUT_LENGTH;
59         } else {
60             in.data += consumed;
61             if (consumed > in.data_length) return KM_ERROR_UNKNOWN_ERROR;
62             in.data_length -= consumed;
63         }
64     }
65 
66     keymaster_blob_t sig{signature.peek_read(), signature.available_read()};
67 
68     rc = km_device_->finish(km_device_, operation_handle_, &mutable_input_params, &sig, &out_params,
69                             &out);
70     if (rc != KM_ERROR_OK) return rc;
71     accumulate_output.push_back(KeymasterBlob(out));
72     accumulated_output_size += out.data_length;
73     free(const_cast<uint8_t*>(out.data));
74     out = {};
75     accumulated_out_params.push_back(out_params);
76     keymaster_free_param_set(&out_params);
77 
78     if (output && accumulated_output_size) {
79         if (!output->reserve(accumulated_output_size)) {
80             return KM_ERROR_MEMORY_ALLOCATION_FAILED;
81         }
82         for (auto& outBlob : accumulate_output) {
83             output->write(outBlob.data, outBlob.data_length);
84         }
85     }
86 
87     accumulated_out_params.Deduplicate();
88     if (output_params) *output_params = move(accumulated_out_params);
89 
90     return KM_ERROR_OK;
91 }
92 
93 template <>
Finish(const AuthorizationSet & input_params,const Buffer & input,const Buffer & signature,AuthorizationSet * output_params,Buffer * output)94 keymaster_error_t KeymasterPassthroughOperation<keymaster2_device_t>::Finish(
95     const AuthorizationSet& input_params, const Buffer& input, const Buffer& signature,
96     AuthorizationSet* output_params, Buffer* output) {
97     keymaster_key_param_set_t out_params = {};
98     keymaster_blob_t sig{signature.peek_read(), signature.available_read()};
99     keymaster_blob_t in{input.peek_read(), input.available_read()};
100     keymaster_blob_t out = {};
101     keymaster_error_t rc;
102     rc = km_device_->finish(km_device_, operation_handle_, &input_params, &in, &sig, &out_params,
103                             &out);
104     if (rc == KM_ERROR_OK) {
105         if (output) output->Reinitialize(out.data, out.data_length);
106         if (output_params) output_params->Reinitialize(out_params);
107     }
108     keymaster_free_param_set(&out_params);
109     free(const_cast<uint8_t*>(out.data));
110     return rc;
111 }
112 
113 }  // namespace keymaster
114