1 /*
2 **
3 ** Copyright 2017, The Android Open Source Project
4 **
5 ** Licensed under the Apache License, Version 2.0 (the "License");
6 ** you may not use this file except in compliance with the License.
7 ** You may obtain a copy of the License at
8 **
9 **     http://www.apache.org/licenses/LICENSE-2.0
10 **
11 ** Unless required by applicable law or agreed to in writing, software
12 ** distributed under the License is distributed on an "AS IS" BASIS,
13 ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 ** See the License for the specific language governing permissions and
15 ** limitations under the License.
16 */
17 
18 #include "keymaster_passthrough_operation.h"
19 #include <keymaster/android_keymaster_utils.h>
20 #include <utility>
21 #include <vector>
22 
23 namespace keymaster {
24 
25 template <>
Finish(const AuthorizationSet & input_params,const Buffer & input,const Buffer & signature,AuthorizationSet * output_params,Buffer * output)26 keymaster_error_t KeymasterPassthroughOperation<keymaster1_device_t>::Finish(
27     const AuthorizationSet& input_params, const Buffer& input, const Buffer& signature,
28     AuthorizationSet* output_params, Buffer* output) {
29     keymaster_key_param_set_t out_params = {};
30     keymaster_blob_t in{input.peek_read(), input.available_read()};
31     keymaster_blob_t out = {};
32     keymaster_error_t rc;
33     std::vector<KeymasterBlob> accumulate_output;
34     size_t accumulated_output_size = 0;
35     AuthorizationSet accumulated_out_params;
36     AuthorizationSet mutable_input_params = input_params;
37     while (in.data_length != 0) {
38         size_t consumed = 0;
39         rc = km_device_->update(km_device_, operation_handle_, &mutable_input_params, &in,
40                                 &consumed, &out_params, &out);
41         if (rc == KM_ERROR_OK) {
42             accumulate_output.push_back(KeymasterBlob(out));
43             accumulated_output_size += out.data_length;
44             free(const_cast<uint8_t*>(out.data));
45             out = {};
46             accumulated_out_params.push_back(out_params);
47             keymaster_free_param_set(&out_params);
48         } else {
49             return rc;
50         }
51 
52         int aad_pos = mutable_input_params.find(TAG_ASSOCIATED_DATA);
53         if (aad_pos != -1) {
54             mutable_input_params.erase(aad_pos);
55         }
56 
57         if (consumed == 0) {
58             km_device_->abort(km_device_, operation_handle_);
59             return KM_ERROR_INVALID_INPUT_LENGTH;
60         } else {
61             in.data += consumed;
62             if (consumed > in.data_length) return KM_ERROR_UNKNOWN_ERROR;
63             in.data_length -= consumed;
64         }
65     }
66 
67     keymaster_blob_t sig{signature.peek_read(), signature.available_read()};
68 
69     rc = km_device_->finish(km_device_, operation_handle_, &mutable_input_params, &sig, &out_params,
70                             &out);
71     if (rc != KM_ERROR_OK) return rc;
72     accumulate_output.push_back(KeymasterBlob(out));
73     accumulated_output_size += out.data_length;
74     free(const_cast<uint8_t*>(out.data));
75     out = {};
76     accumulated_out_params.push_back(out_params);
77     keymaster_free_param_set(&out_params);
78 
79     if (output && accumulated_output_size) {
80         if (!output->reserve(accumulated_output_size)) {
81             return KM_ERROR_MEMORY_ALLOCATION_FAILED;
82         }
83         for (auto& outBlob : accumulate_output) {
84             output->write(outBlob.data, outBlob.data_length);
85         }
86     }
87 
88     accumulated_out_params.Deduplicate();
89     if (output_params) *output_params = std::move(accumulated_out_params);
90 
91     return KM_ERROR_OK;
92 }
93 
94 template <>
Finish(const AuthorizationSet & input_params,const Buffer & input,const Buffer & signature,AuthorizationSet * output_params,Buffer * output)95 keymaster_error_t KeymasterPassthroughOperation<keymaster2_device_t>::Finish(
96     const AuthorizationSet& input_params, const Buffer& input, const Buffer& signature,
97     AuthorizationSet* output_params, Buffer* output) {
98     keymaster_key_param_set_t out_params = {};
99     keymaster_blob_t sig{signature.peek_read(), signature.available_read()};
100     keymaster_blob_t in{input.peek_read(), input.available_read()};
101     keymaster_blob_t out = {};
102     keymaster_error_t rc;
103     rc = km_device_->finish(km_device_, operation_handle_, &input_params, &in, &sig, &out_params,
104                             &out);
105     if (rc == KM_ERROR_OK) {
106         if (output) output->Reinitialize(out.data, out.data_length);
107         if (output_params) output_params->Reinitialize(out_params);
108     }
109     keymaster_free_param_set(&out_params);
110     free(const_cast<uint8_t*>(out.data));
111     return rc;
112 }
113 
114 }  // namespace keymaster
115