1 /*
2  * Copyright 2014 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include <keymaster/keymaster_tags.h>
18 
19 namespace keymaster {
20 
21 #ifdef KEYMASTER_NAME_TAGS
StringifyTag(keymaster_tag_t tag)22 const char* StringifyTag(keymaster_tag_t tag) {
23     switch (tag) {
24     case KM_TAG_INVALID:
25         return "KM_TAG_INVALID";
26     case KM_TAG_PURPOSE:
27         return "KM_TAG_PURPOSE";
28     case KM_TAG_ALGORITHM:
29         return "KM_TAG_ALGORITHM";
30     case KM_TAG_KEY_SIZE:
31         return "KM_TAG_KEY_SIZE";
32     case KM_TAG_BLOCK_MODE:
33         return "KM_TAG_BLOCK_MODE";
34     case KM_TAG_DIGEST:
35         return "KM_TAG_DIGEST";
36     case KM_TAG_PADDING:
37         return "KM_TAG_PADDING";
38     case KM_TAG_CALLER_NONCE:
39         return "KM_TAG_CALLER_NONCE";
40     case KM_TAG_MIN_MAC_LENGTH:
41         return "KM_TAG_MIN_MAC_LENGTH";
42     case KM_TAG_RSA_PUBLIC_EXPONENT:
43         return "KM_TAG_RSA_PUBLIC_EXPONENT";
44     case KM_TAG_BLOB_USAGE_REQUIREMENTS:
45         return "KM_TAG_BLOB_USAGE_REQUIREMENTS";
46     case KM_TAG_BOOTLOADER_ONLY:
47         return "KM_TAG_BOOTLOADER_ONLY";
48     case KM_TAG_ACTIVE_DATETIME:
49         return "KM_TAG_ACTIVE_DATETIME";
50     case KM_TAG_ORIGINATION_EXPIRE_DATETIME:
51         return "KM_TAG_ORIGINATION_EXPIRE_DATETIME";
52     case KM_TAG_USAGE_EXPIRE_DATETIME:
53         return "KM_TAG_USAGE_EXPIRE_DATETIME";
54     case KM_TAG_MIN_SECONDS_BETWEEN_OPS:
55         return "KM_TAG_MIN_SECONDS_BETWEEN_OPS";
56     case KM_TAG_MAX_USES_PER_BOOT:
57         return "KM_TAG_MAX_USES_PER_BOOT";
58     case KM_TAG_USAGE_COUNT_LIMIT:
59         return "KM_TAG_USAGE_COUNT_LIMIT";
60     case KM_TAG_ALL_USERS:
61         return "KM_TAG_ALL_USERS";
62     case KM_TAG_USER_ID:
63         return "KM_TAG_USER_ID";
64     case KM_TAG_USER_SECURE_ID:
65         return "KM_TAG_USER_SECURE_ID";
66     case KM_TAG_NO_AUTH_REQUIRED:
67         return "KM_TAG_NO_AUTH_REQUIRED";
68     case KM_TAG_USER_AUTH_TYPE:
69         return "KM_TAG_USER_AUTH_TYPE";
70     case KM_TAG_AUTH_TIMEOUT:
71         return "KM_TAG_AUTH_TIMEOUT";
72     case KM_TAG_ALL_APPLICATIONS:
73         return "KM_TAG_ALL_APPLICATIONS";
74     case KM_TAG_APPLICATION_ID:
75         return "KM_TAG_APPLICATION_ID";
76     case KM_TAG_APPLICATION_DATA:
77         return "KM_TAG_APPLICATION_DATA";
78     case KM_TAG_CREATION_DATETIME:
79         return "KM_TAG_CREATION_DATETIME";
80     case KM_TAG_ORIGIN:
81         return "KM_TAG_ORIGIN";
82     case KM_TAG_ROLLBACK_RESISTANCE:
83         return "KM_TAG_ROLLBACK_RESISTANCE";
84     case KM_TAG_ROLLBACK_RESISTANT:
85         return "KM_TAG_ROLLBACK_RESISTANT";
86     case KM_TAG_ROOT_OF_TRUST:
87         return "KM_TAG_ROOT_OF_TRUST";
88     case KM_TAG_ASSOCIATED_DATA:
89         return "KM_TAG_ASSOCIATED_DATA";
90     case KM_TAG_NONCE:
91         return "KM_TAG_NONCE";
92     case KM_TAG_AUTH_TOKEN:
93         return "KM_TAG_AUTH_TOKEN";
94     case KM_TAG_MAC_LENGTH:
95         return "KM_TAG_MAC_LENGTH";
96     case KM_TAG_KDF:
97         return "KM_TAG_KDF";
98     case KM_TAG_EC_CURVE:
99         return "KM_TAG_EC_CURVE";
100     case KM_TAG_ECIES_SINGLE_HASH_MODE:
101         return "KM_TAG_ECIES_SINGLE_HASH_MODE";
102     case KM_TAG_OS_VERSION:
103         return "KM_TAG_OS_VERSION";
104     case KM_TAG_OS_PATCHLEVEL:
105         return "KM_TAG_OS_PATCHLEVEL";
106     case KM_TAG_EXPORTABLE:
107         return "KM_TAG_EXPORTABLE";
108     case KM_TAG_UNIQUE_ID:
109         return "KM_TAG_UNIQUE_ID";
110     case KM_TAG_INCLUDE_UNIQUE_ID:
111         return "KM_TAG_INCLUDE_UNIQUE_ID";
112     case KM_TAG_RESET_SINCE_ID_ROTATION:
113         return "KM_TAG_RESET_SINCE_ID_ROTATION";
114     case KM_TAG_ALLOW_WHILE_ON_BODY:
115         return "KM_TAG_ALLOW_WHILE_ON_BODY";
116     case KM_TAG_TRUSTED_CONFIRMATION_REQUIRED:
117         return "KM_TAG_TRUSTED_CONFIRMATION_REQUIRED";
118     case KM_TAG_UNLOCKED_DEVICE_REQUIRED:
119         return "KM_TAG_UNLOCKED_DEVICE_REQUIRED";
120     case KM_TAG_ATTESTATION_CHALLENGE:
121         return "KM_TAG_ATTESTATION_CHALLENGE";
122     case KM_TAG_ATTESTATION_APPLICATION_ID:
123         return "KM_TAG_ATTESTATION_APPLICATION_ID";
124     case KM_TAG_ATTESTATION_ID_BRAND:
125         return "KM_TAG_ATTESTATION_ID_BRAND";
126     case KM_TAG_ATTESTATION_ID_DEVICE:
127         return "KM_TAG_ATTESTATION_ID_DEVICE";
128     case KM_TAG_ATTESTATION_ID_PRODUCT:
129         return "KM_TAG_ATTESTATION_ID_PRODUCT";
130     case KM_TAG_ATTESTATION_ID_SERIAL:
131         return "KM_TAG_ATTESTATION_ID_SERIAL";
132     case KM_TAG_ATTESTATION_ID_IMEI:
133         return "KM_TAG_ATTESTATION_ID_IMEI";
134     case KM_TAG_ATTESTATION_ID_SECOND_IMEI:
135         return "KM_TAG_ATTESTATION_ID_SECOND_IMEI";
136     case KM_TAG_ATTESTATION_ID_MEID:
137         return "KM_TAG_ATTESTATION_ID_MEID";
138     case KM_TAG_ATTESTATION_ID_MANUFACTURER:
139         return "KM_TAG_ATTESTATION_ID_MANUFACTURER";
140     case KM_TAG_ATTESTATION_ID_MODEL:
141         return "KM_TAG_ATTESTATION_ID_MODEL";
142     case KM_TAG_EARLY_BOOT_ONLY:
143         return "KM_TAG_EARLY_BOOT_ONLY";
144     case KM_TAG_DEVICE_UNIQUE_ATTESTATION:
145         return "KM_TAG_DEVICE_UNIQUE_ATTESTATION";
146     case KM_TAG_IDENTITY_CREDENTIAL_KEY:
147         return "KM_TAG_IDENTITY_CREDENTIAL_KEY";
148     case KM_TAG_CONFIRMATION_TOKEN:
149         return "KM_TAG_CONFIRMATION_TOKEN";
150     case KM_TAG_CERTIFICATE_SERIAL:
151         return "KM_TAG_CERTIFICATE_SERIAL";
152     case KM_TAG_CERTIFICATE_SUBJECT:
153         return "KM_TAG_CERTIFICATE_SUBJECT";
154     case KM_TAG_CERTIFICATE_NOT_BEFORE:
155         return "KM_TAG_CERTIFICATE_NOT_BEFORE";
156     case KM_TAG_CERTIFICATE_NOT_AFTER:
157         return "KM_TAG_CERTIFICATE_NOT_AFTER";
158     case KM_TAG_STORAGE_KEY:
159         return "KM_TAG_STORAGE_KEY";
160     case KM_TAG_TRUSTED_USER_PRESENCE_REQUIRED:
161         return "KM_TAG_TRUSTED_USER_PRESENCE_REQUIRED";
162     case KM_TAG_BOOT_PATCHLEVEL:
163         return "KM_TAG_BOOT_PATCHLEVEL";
164     case KM_TAG_VENDOR_PATCHLEVEL:
165         return "KM_TAG_VENDOR_PATCHLEVEL";
166     case KM_TAG_RSA_OAEP_MGF_DIGEST:
167         return "KM_TAG_RSA_OAEP_MGF_DIGEST";
168     case KM_TAG_MAX_BOOT_LEVEL:
169         return "KM_TAG_MAX_BOOT_LEVEL";
170     }
171     return "<Unknown>";
172 }
173 #endif  // KEYMASTER_NAME_TAGS
174 
175 // DEFINE_KEYMASTER_TAG is used to create TypedTag instances for each non-enum keymaster tag.
176 #define DEFINE_KEYMASTER_TAG(type, name) TypedTag<type, KM_##name> name
177 
178 DEFINE_KEYMASTER_TAG(KM_INVALID, TAG_INVALID);
179 DEFINE_KEYMASTER_TAG(KM_UINT, TAG_KEY_SIZE);
180 DEFINE_KEYMASTER_TAG(KM_UINT, TAG_MAC_LENGTH);
181 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_CALLER_NONCE);
182 DEFINE_KEYMASTER_TAG(KM_UINT, TAG_MIN_MAC_LENGTH);
183 DEFINE_KEYMASTER_TAG(KM_ULONG, TAG_RSA_PUBLIC_EXPONENT);
184 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_ECIES_SINGLE_HASH_MODE);
185 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_INCLUDE_UNIQUE_ID);
186 DEFINE_KEYMASTER_TAG(KM_DATE, TAG_ACTIVE_DATETIME);
187 DEFINE_KEYMASTER_TAG(KM_DATE, TAG_ORIGINATION_EXPIRE_DATETIME);
188 DEFINE_KEYMASTER_TAG(KM_DATE, TAG_USAGE_EXPIRE_DATETIME);
189 DEFINE_KEYMASTER_TAG(KM_UINT, TAG_MIN_SECONDS_BETWEEN_OPS);
190 DEFINE_KEYMASTER_TAG(KM_UINT, TAG_MAX_USES_PER_BOOT);
191 DEFINE_KEYMASTER_TAG(KM_UINT, TAG_USAGE_COUNT_LIMIT);
192 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_ALL_USERS);
193 DEFINE_KEYMASTER_TAG(KM_UINT, TAG_USER_ID);
194 DEFINE_KEYMASTER_TAG(KM_ULONG_REP, TAG_USER_SECURE_ID);
195 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_NO_AUTH_REQUIRED);
196 DEFINE_KEYMASTER_TAG(KM_UINT, TAG_AUTH_TIMEOUT);
197 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_ALLOW_WHILE_ON_BODY);
198 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_ALL_APPLICATIONS);
199 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_APPLICATION_ID);
200 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_APPLICATION_DATA);
201 DEFINE_KEYMASTER_TAG(KM_DATE, TAG_CREATION_DATETIME);
202 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_ROLLBACK_RESISTANCE);
203 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_ROLLBACK_RESISTANT);
204 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_ROOT_OF_TRUST);
205 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_ASSOCIATED_DATA);
206 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_NONCE);
207 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_AUTH_TOKEN);
208 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_BOOTLOADER_ONLY);
209 DEFINE_KEYMASTER_TAG(KM_UINT, TAG_OS_VERSION);
210 DEFINE_KEYMASTER_TAG(KM_UINT, TAG_OS_PATCHLEVEL);
211 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_UNIQUE_ID);
212 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_ATTESTATION_CHALLENGE);
213 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_ATTESTATION_APPLICATION_ID);
214 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_ATTESTATION_ID_BRAND);
215 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_ATTESTATION_ID_DEVICE);
216 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_ATTESTATION_ID_PRODUCT);
217 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_ATTESTATION_ID_SERIAL);
218 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_ATTESTATION_ID_IMEI);
219 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_ATTESTATION_ID_SECOND_IMEI);
220 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_ATTESTATION_ID_MEID);
221 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_ATTESTATION_ID_MANUFACTURER);
222 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_ATTESTATION_ID_MODEL);
223 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_UNLOCKED_DEVICE_REQUIRED);
224 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_TRUSTED_CONFIRMATION_REQUIRED);
225 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_EARLY_BOOT_ONLY);
226 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_DEVICE_UNIQUE_ATTESTATION);
227 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_IDENTITY_CREDENTIAL_KEY);
228 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_TRUSTED_USER_PRESENCE_REQUIRED);
229 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_CONFIRMATION_TOKEN);
230 DEFINE_KEYMASTER_TAG(KM_BIGNUM, TAG_CERTIFICATE_SERIAL);
231 DEFINE_KEYMASTER_TAG(KM_BYTES, TAG_CERTIFICATE_SUBJECT);
232 DEFINE_KEYMASTER_TAG(KM_DATE, TAG_CERTIFICATE_NOT_BEFORE);
233 DEFINE_KEYMASTER_TAG(KM_DATE, TAG_CERTIFICATE_NOT_AFTER);
234 DEFINE_KEYMASTER_TAG(KM_BOOL, TAG_STORAGE_KEY);
235 DEFINE_KEYMASTER_TAG(KM_UINT, TAG_BOOT_PATCHLEVEL);
236 DEFINE_KEYMASTER_TAG(KM_UINT, TAG_VENDOR_PATCHLEVEL);
237 DEFINE_KEYMASTER_TAG(KM_UINT, TAG_MAX_BOOT_LEVEL);
238 
239 // DEFINE_KEYMASTER_ENUM_TAG is used to create TypedEnumTag instances for each enum keymaster tag.
240 
241 #define DEFINE_KEYMASTER_ENUM_TAG(type, name, enumtype) TypedEnumTag<type, KM_##name, enumtype> name
242 
243 DEFINE_KEYMASTER_ENUM_TAG(KM_ENUM_REP, TAG_PURPOSE, keymaster_purpose_t);
244 DEFINE_KEYMASTER_ENUM_TAG(KM_ENUM, TAG_ALGORITHM, keymaster_algorithm_t);
245 DEFINE_KEYMASTER_ENUM_TAG(KM_ENUM_REP, TAG_BLOCK_MODE, keymaster_block_mode_t);
246 DEFINE_KEYMASTER_ENUM_TAG(KM_ENUM_REP, TAG_DIGEST, keymaster_digest_t);
247 DEFINE_KEYMASTER_ENUM_TAG(KM_ENUM, TAG_DIGEST_OLD, keymaster_digest_t);
248 DEFINE_KEYMASTER_ENUM_TAG(KM_ENUM_REP, TAG_PADDING, keymaster_padding_t);
249 DEFINE_KEYMASTER_ENUM_TAG(KM_ENUM, TAG_PADDING_OLD, keymaster_padding_t);
250 DEFINE_KEYMASTER_ENUM_TAG(KM_ENUM, TAG_BLOB_USAGE_REQUIREMENTS,
251                           keymaster_key_blob_usage_requirements_t);
252 DEFINE_KEYMASTER_ENUM_TAG(KM_ENUM, TAG_ORIGIN, keymaster_key_origin_t);
253 DEFINE_KEYMASTER_ENUM_TAG(KM_ENUM, TAG_USER_AUTH_TYPE, hw_authenticator_type_t);
254 DEFINE_KEYMASTER_ENUM_TAG(KM_ENUM_REP, TAG_KDF, keymaster_kdf_t);
255 DEFINE_KEYMASTER_ENUM_TAG(KM_ENUM, TAG_EC_CURVE, keymaster_ec_curve_t);
256 DEFINE_KEYMASTER_ENUM_TAG(KM_ENUM_REP, TAG_RSA_OAEP_MGF_DIGEST, keymaster_digest_t);
257 
258 }  // namespace keymaster
259