diff options
author | Rob Barnes <robbarnes@google.com> | 2018-10-04 17:10:37 -0600 |
---|---|---|
committer | Janis Danisevskis <jdanis@google.com> | 2018-11-14 14:01:45 -0800 |
commit | bb6cabdaa19489f0a3c54acf35c56ffe59da9820 (patch) | |
tree | 0840ed5a9b9cc39a15fdd73059c308d68b958fa9 /keystore/include | |
parent | 81c7e390e7abe4dfdc8ea8ae88c03259ea4d92be (diff) | |
download | security-bb6cabdaa19489f0a3c54acf35c56ffe59da9820.tar.gz |
Multi-threaded keystore
This patches changes the keystore to use the asychronous api model for
begin, update, finish, and abort.
Also removes unused class KeystoreArguments (aidl and implementation).
Test: Keystore CTS tests
Bug: 111443219
Change-Id: Icc6def9ff6dbe32193272d7d015079a006ebc430
Diffstat (limited to 'keystore/include')
-rw-r--r-- | keystore/include/keystore/KeyCharacteristics.h | 4 | ||||
-rw-r--r-- | keystore/include/keystore/KeymasterArguments.h | 10 | ||||
-rw-r--r-- | keystore/include/keystore/KeymasterCertificateChain.h | 1 | ||||
-rw-r--r-- | keystore/include/keystore/KeystoreArg.h | 42 | ||||
-rw-r--r-- | keystore/include/keystore/KeystoreArguments.h | 42 | ||||
-rw-r--r-- | keystore/include/keystore/KeystoreResponse.h | 62 | ||||
-rw-r--r-- | keystore/include/keystore/keystore_client_impl.h | 5 | ||||
-rw-r--r-- | keystore/include/keystore/keystore_promises.h | 72 |
8 files changed, 146 insertions, 92 deletions
diff --git a/keystore/include/keystore/KeyCharacteristics.h b/keystore/include/keystore/KeyCharacteristics.h index 33c5c3a6..40d495c6 100644 --- a/keystore/include/keystore/KeyCharacteristics.h +++ b/keystore/include/keystore/KeyCharacteristics.h @@ -27,11 +27,11 @@ namespace keymaster { // Parcelable version of keystore::KeyCharacteristics struct KeyCharacteristics : public ::android::Parcelable { KeyCharacteristics(){}; - KeyCharacteristics(keystore::KeyCharacteristics&& other) { + KeyCharacteristics(::keystore::KeyCharacteristics&& other) { softwareEnforced = std::move(other.softwareEnforced); hardwareEnforced = std::move(other.hardwareEnforced); } - explicit KeyCharacteristics(const keystore::KeyCharacteristics& other) { + explicit KeyCharacteristics(const ::keystore::KeyCharacteristics& other) { softwareEnforced = KeymasterArguments(other.softwareEnforced); hardwareEnforced = KeymasterArguments(other.hardwareEnforced); } diff --git a/keystore/include/keystore/KeymasterArguments.h b/keystore/include/keystore/KeymasterArguments.h index fb35ee7b..b453b113 100644 --- a/keystore/include/keystore/KeymasterArguments.h +++ b/keystore/include/keystore/KeymasterArguments.h @@ -26,16 +26,18 @@ namespace keymaster { // struct for serializing/deserializing a list of KeyParameters struct KeymasterArguments : public Parcelable { KeymasterArguments(){}; - KeymasterArguments(hardware::hidl_vec<keystore::KeyParameter>&& other); - explicit KeymasterArguments(const hardware::hidl_vec<keystore::KeyParameter>& other); + KeymasterArguments(hardware::hidl_vec<::keystore::KeyParameter>&& other); + explicit KeymasterArguments(const hardware::hidl_vec<::keystore::KeyParameter>& other); status_t readFromParcel(const Parcel* in) override; status_t writeToParcel(Parcel* out) const override; - const inline hardware::hidl_vec<keystore::KeyParameter>& getParameters() const { return data_; } + const inline hardware::hidl_vec<::keystore::KeyParameter>& getParameters() const { + return data_; + } private: - hardware::hidl_vec<keystore::KeyParameter> data_; + hardware::hidl_vec<::keystore::KeyParameter> data_; }; } // namespace keymaster diff --git a/keystore/include/keystore/KeymasterCertificateChain.h b/keystore/include/keystore/KeymasterCertificateChain.h index 132862c3..f251d084 100644 --- a/keystore/include/keystore/KeymasterCertificateChain.h +++ b/keystore/include/keystore/KeymasterCertificateChain.h @@ -16,6 +16,7 @@ #define KEYSTORE_INCLUDE_KEYSTORE_KEYMASTERCERTIFICATECHAIN_H_ #include <binder/Parcelable.h> +#include <keystore/keymaster_types.h> namespace android { namespace security { diff --git a/keystore/include/keystore/KeystoreArg.h b/keystore/include/keystore/KeystoreArg.h deleted file mode 100644 index a5e68f2b..00000000 --- a/keystore/include/keystore/KeystoreArg.h +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (C) 2012 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef KEYSTORE_INCLUDE_KEYSTORE_KEYSTOREARG_H -#define KEYSTORE_INCLUDE_KEYSTORE_KEYSTOREARG_H - -#include <utils/RefBase.h> - -namespace android { -namespace security { - -// Simple pair of generic pointer and length of corresponding data structure. -class KeystoreArg : public RefBase { - public: - KeystoreArg(const void* data, size_t len) : mData(data), mSize(len) {} - ~KeystoreArg() {} - - const void* data() const { return mData; } - size_t size() const { return mSize; } - - private: - const void* mData; // provider of the data must handle memory clean-up. - size_t mSize; -}; - -} // namespace security -} // namespace android - -#endif // KEYSTORE_INCLUDE_KEYSTORE_KEYSTOREARG_H diff --git a/keystore/include/keystore/KeystoreArguments.h b/keystore/include/keystore/KeystoreArguments.h deleted file mode 100644 index c0a8b0a2..00000000 --- a/keystore/include/keystore/KeystoreArguments.h +++ /dev/null @@ -1,42 +0,0 @@ -// Copyright 2017 The Android Open Source Project -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef KEYSTORE_INCLUDE_KEYSTORE_KEYSTOREARGUMENTS_H_ -#define KEYSTORE_INCLUDE_KEYSTORE_KEYSTOREARGUMENTS_H_ - -#include <binder/Parcelable.h> -#include <utils/RefBase.h> -#include <utils/Vector.h> - -#include "KeystoreArg.h" -#include "keystore_return_types.h" - -namespace android { -namespace security { - -// Parcelable KeystoreArguments.java which simply holds byte[][]. -struct KeystoreArguments : public ::android::Parcelable, public RefBase { - status_t readFromParcel(const Parcel* in) override; - status_t writeToParcel(Parcel* out) const override; - - const Vector<sp<KeystoreArg>>& getArguments() const { return args; } - - private: - Vector<sp<KeystoreArg>> args; -}; - -} // namespace security -} // namespace android - -#endif // KEYSTORE_INCLUDE_KEYSTORE_KEYSTOREARGUMENTS_H_ diff --git a/keystore/include/keystore/KeystoreResponse.h b/keystore/include/keystore/KeystoreResponse.h new file mode 100644 index 00000000..f8925851 --- /dev/null +++ b/keystore/include/keystore/KeystoreResponse.h @@ -0,0 +1,62 @@ +// Copyright 2018 The Android Open Source Project +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef KEYSTORE_INCLUDE_KEYSTORE_RESPONSE_H_ +#define KEYSTORE_INCLUDE_KEYSTORE_RESPONSE_H_ + +#include <binder/Parcel.h> +#include <binder/Parcelable.h> +#include <utils/String8.h> + +#include "keystore_return_types.h" + +namespace android { +namespace security { +namespace keystore { + +// struct for holding response code and optionally an error message for keystore +// AIDL callbacks +struct KeystoreResponse : public ::android::Parcelable { + public: + KeystoreResponse() = default; + explicit KeystoreResponse(const int response_code, const String16& error_msg) + : response_code_(response_code), error_msg_(std::make_unique<String16>(error_msg)) {} + explicit KeystoreResponse(const int response_code) + : response_code_(response_code), error_msg_() {} + KeystoreResponse(const ::keystore::KeyStoreServiceReturnCode& rc) + : response_code_(int32_t(rc)), error_msg_() {} + KeystoreResponse(const KeystoreResponse& other) + : response_code_(other.response_code_), error_msg_() { + if (other.error_msg_) { + error_msg_ = std::make_unique<String16>(*other.error_msg_); + } + } + KeystoreResponse(KeystoreResponse&& other) = default; + + status_t readFromParcel(const Parcel* in) override; + status_t writeToParcel(Parcel* out) const override; + + int response_code() const { return response_code_; } + const String16* error_msg() const { return error_msg_.get(); } + + private: + int response_code_; + std::unique_ptr<String16> error_msg_; +}; + +} // namespace keystore +} // namespace security +} // namespace android + +#endif // KEYSTORE_INCLUDE_KEYSTORE_RESPONSE_H_ diff --git a/keystore/include/keystore/keystore_client_impl.h b/keystore/include/keystore/keystore_client_impl.h index 9edd0824..0bcef98c 100644 --- a/keystore/include/keystore/keystore_client_impl.h +++ b/keystore/include/keystore/keystore_client_impl.h @@ -17,11 +17,12 @@ #include "keystore_client.h" +#include <future> #include <map> #include <string> #include <vector> -#include <android/security/IKeystoreService.h> +#include <android/security/keystore/IKeystoreService.h> #include <binder/IBinder.h> #include <binder/IServiceManager.h> #include <utils/StrongPointer.h> @@ -109,7 +110,7 @@ class KeystoreClientImpl : public KeystoreClient { android::sp<android::IServiceManager> service_manager_; android::sp<android::IBinder> keystore_binder_; - android::sp<android::security::IKeystoreService> keystore_; + android::sp<android::security::keystore::IKeystoreService> keystore_; uint64_t next_virtual_handle_ = 1; std::map<uint64_t, android::sp<android::IBinder>> active_operations_; diff --git a/keystore/include/keystore/keystore_promises.h b/keystore/include/keystore/keystore_promises.h new file mode 100644 index 00000000..3d45016e --- /dev/null +++ b/keystore/include/keystore/keystore_promises.h @@ -0,0 +1,72 @@ +/* +** +** Copyright 2018, The Android Open Source Project +** +** Licensed under the Apache License, Version 2.0 (the "License"); +** you may not use this file except in compliance with the License. +** You may obtain a copy of the License at +** +** http://www.apache.org/licenses/LICENSE-2.0 +** +** Unless required by applicable law or agreed to in writing, software +** distributed under the License is distributed on an "AS IS" BASIS, +** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +** See the License for the specific language governing permissions and +** limitations under the License. +*/ + +#ifndef KEYSTORE_INCLUDE_KEYSTORE_KEYSTORE_PROMISES_H_ +#define KEYSTORE_INCLUDE_KEYSTORE_KEYSTORE_PROMISES_H_ + +#include <android/security/keystore/BnKeystoreCertificateChainCallback.h> +#include <android/security/keystore/BnKeystoreExportKeyCallback.h> +#include <android/security/keystore/BnKeystoreKeyCharacteristicsCallback.h> +#include <android/security/keystore/BnKeystoreOperationResultCallback.h> +#include <android/security/keystore/BnKeystoreResponseCallback.h> +#include <future> + +namespace keystore { + +template <typename BnInterface, typename Result> +class CallbackPromise : public BnInterface, public std::promise<Result> { + public: + ::android::binder::Status onFinished(const Result& result) override { + this->set_value(result); + return ::android::binder::Status::ok(); + } +}; + +template <typename BnInterface, typename... Results> +class CallbackPromise<BnInterface, std::tuple<Results...>> + : public BnInterface, public std::promise<std::tuple<Results...>> { + public: + ::android::binder::Status onFinished(const Results&... results) override { + this->set_value({results...}); + return ::android::binder::Status::ok(); + } +}; + +using OperationResultPromise = + CallbackPromise<::android::security::keystore::BnKeystoreOperationResultCallback, + ::android::security::keymaster::OperationResult>; + +using KeystoreResponsePromise = + CallbackPromise<::android::security::keystore::BnKeystoreResponseCallback, + ::android::security::keystore::KeystoreResponse>; + +using KeyCharacteristicsPromise = + CallbackPromise<::android::security::keystore::BnKeystoreKeyCharacteristicsCallback, + std::tuple<::android::security::keystore::KeystoreResponse, + ::android::security::keymaster::KeyCharacteristics>>; +using KeystoreExportPromise = + CallbackPromise<::android::security::keystore::BnKeystoreExportKeyCallback, + ::android::security::keymaster::ExportResult>; + +using KeyCertChainPromise = + CallbackPromise<::android::security::keystore::BnKeystoreCertificateChainCallback, + std::tuple<::android::security::keystore::KeystoreResponse, + ::android::security::keymaster::KeymasterCertificateChain>>; + +} // namespace keystore + +#endif // KEYSTORE_INCLUDE_KEYSTORE_KEYSTORE_PROMISES_H_ |