Multi-threaded keystore

This patches changes the keystore to use the asychronous api model for begin, update, finish, and abort. Also removes unused class KeystoreArguments (aidl and implementation). Test: Keystore CTS tests Bug: 111443219 Change-Id: Icc6def9ff6dbe32193272d7d015079a006ebc430
author: Rob Barnes <robbarnes@google.com> 2018-10-04 17:10:37 -0600
committer: Janis Danisevskis <jdanis@google.com> 2018-11-14 14:01:45 -0800
commit: bb6cabdaa19489f0a3c54acf35c56ffe59da9820 (patch)
tree: 0840ed5a9b9cc39a15fdd73059c308d68b958fa9 /keystore/include
parent: 81c7e390e7abe4dfdc8ea8ae88c03259ea4d92be (diff)
download: security-bb6cabdaa19489f0a3c54acf35c56ffe59da9820.tar.gz
8 files changed, 146 insertions, 92 deletions
diff --git a/keystore/include/keystore/KeyCharacteristics.h b/keystore/include/keystore/KeyCharacteristics.h
index 33c5c3a6..40d495c6 100644
--- a/keystore/include/keystore/KeyCharacteristics.h
+++ b/keystore/include/keystore/KeyCharacteristics.h
@@ -27,11 +27,11 @@ namespace keymaster {
 // Parcelable version of keystore::KeyCharacteristics
 struct KeyCharacteristics : public ::android::Parcelable {
     KeyCharacteristics(){};
-    KeyCharacteristics(keystore::KeyCharacteristics&& other) {
+    KeyCharacteristics(::keystore::KeyCharacteristics&& other) {
         softwareEnforced = std::move(other.softwareEnforced);
         hardwareEnforced = std::move(other.hardwareEnforced);
     }
-    explicit KeyCharacteristics(const keystore::KeyCharacteristics& other) {
+    explicit KeyCharacteristics(const ::keystore::KeyCharacteristics& other) {
         softwareEnforced = KeymasterArguments(other.softwareEnforced);
         hardwareEnforced = KeymasterArguments(other.hardwareEnforced);
     }
diff --git a/keystore/include/keystore/KeymasterArguments.h b/keystore/include/keystore/KeymasterArguments.h
index fb35ee7b..b453b113 100644
--- a/keystore/include/keystore/KeymasterArguments.h
+++ b/keystore/include/keystore/KeymasterArguments.h
@@ -26,16 +26,18 @@ namespace keymaster {
 // struct for serializing/deserializing a list of KeyParameters
 struct KeymasterArguments : public Parcelable {
     KeymasterArguments(){};
-    KeymasterArguments(hardware::hidl_vec<keystore::KeyParameter>&& other);
-    explicit KeymasterArguments(const hardware::hidl_vec<keystore::KeyParameter>& other);
+    KeymasterArguments(hardware::hidl_vec<::keystore::KeyParameter>&& other);
+    explicit KeymasterArguments(const hardware::hidl_vec<::keystore::KeyParameter>& other);
 
     status_t readFromParcel(const Parcel* in) override;
     status_t writeToParcel(Parcel* out) const override;
 
-    const inline hardware::hidl_vec<keystore::KeyParameter>& getParameters() const { return data_; }
+    const inline hardware::hidl_vec<::keystore::KeyParameter>& getParameters() const {
+        return data_;
+    }
 
   private:
-    hardware::hidl_vec<keystore::KeyParameter> data_;
+    hardware::hidl_vec<::keystore::KeyParameter> data_;
 };
 
 }  // namespace keymaster
diff --git a/keystore/include/keystore/KeymasterCertificateChain.h b/keystore/include/keystore/KeymasterCertificateChain.h
index 132862c3..f251d084 100644
--- a/keystore/include/keystore/KeymasterCertificateChain.h
+++ b/keystore/include/keystore/KeymasterCertificateChain.h
@@ -16,6 +16,7 @@
 #define KEYSTORE_INCLUDE_KEYSTORE_KEYMASTERCERTIFICATECHAIN_H_
 
 #include <binder/Parcelable.h>
+#include <keystore/keymaster_types.h>
 
 namespace android {
 namespace security {
diff --git a/keystore/include/keystore/KeystoreArg.h b/keystore/include/keystore/KeystoreArg.h
deleted file mode 100644
index a5e68f2b..00000000
--- a/keystore/include/keystore/KeystoreArg.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Copyright (C) 2012 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef KEYSTORE_INCLUDE_KEYSTORE_KEYSTOREARG_H
-#define KEYSTORE_INCLUDE_KEYSTORE_KEYSTOREARG_H
-
-#include <utils/RefBase.h>
-
-namespace android {
-namespace security {
-
-// Simple pair of generic pointer and length of corresponding data structure.
-class KeystoreArg : public RefBase {
-  public:
-    KeystoreArg(const void* data, size_t len) : mData(data), mSize(len) {}
-    ~KeystoreArg() {}
-
-    const void* data() const { return mData; }
-    size_t size() const { return mSize; }
-
-  private:
-    const void* mData;  // provider of the data must handle memory clean-up.
-    size_t mSize;
-};
-
-}  // namespace security
-}  // namespace android
-
-#endif  // KEYSTORE_INCLUDE_KEYSTORE_KEYSTOREARG_H
diff --git a/keystore/include/keystore/KeystoreArguments.h b/keystore/include/keystore/KeystoreArguments.h
deleted file mode 100644
index c0a8b0a2..00000000
--- a/keystore/include/keystore/KeystoreArguments.h
+++ /dev/null
@@ -1,42 +0,0 @@
-// Copyright 2017 The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#ifndef KEYSTORE_INCLUDE_KEYSTORE_KEYSTOREARGUMENTS_H_
-#define KEYSTORE_INCLUDE_KEYSTORE_KEYSTOREARGUMENTS_H_
-
-#include <binder/Parcelable.h>
-#include <utils/RefBase.h>
-#include <utils/Vector.h>
-
-#include "KeystoreArg.h"
-#include "keystore_return_types.h"
-
-namespace android {
-namespace security {
-
-// Parcelable KeystoreArguments.java which simply holds byte[][].
-struct KeystoreArguments : public ::android::Parcelable, public RefBase {
-    status_t readFromParcel(const Parcel* in) override;
-    status_t writeToParcel(Parcel* out) const override;
-
-    const Vector<sp<KeystoreArg>>& getArguments() const { return args; }
-
-  private:
-    Vector<sp<KeystoreArg>> args;
-};
-
-}  // namespace security
-}  // namespace android
-
-#endif  // KEYSTORE_INCLUDE_KEYSTORE_KEYSTOREARGUMENTS_H_
diff --git a/keystore/include/keystore/KeystoreResponse.h b/keystore/include/keystore/KeystoreResponse.h
new file mode 100644
index 00000000..f8925851
--- /dev/null
+++ b/keystore/include/keystore/KeystoreResponse.h
@@ -0,0 +1,62 @@
+// Copyright 2018 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef KEYSTORE_INCLUDE_KEYSTORE_RESPONSE_H_
+#define KEYSTORE_INCLUDE_KEYSTORE_RESPONSE_H_
+
+#include <binder/Parcel.h>
+#include <binder/Parcelable.h>
+#include <utils/String8.h>
+
+#include "keystore_return_types.h"
+
+namespace android {
+namespace security {
+namespace keystore {
+
+// struct for holding response code and optionally an error message for keystore
+// AIDL callbacks
+struct KeystoreResponse : public ::android::Parcelable {
+  public:
+    KeystoreResponse() = default;
+    explicit KeystoreResponse(const int response_code, const String16& error_msg)
+        : response_code_(response_code), error_msg_(std::make_unique<String16>(error_msg)) {}
+    explicit KeystoreResponse(const int response_code)
+        : response_code_(response_code), error_msg_() {}
+    KeystoreResponse(const ::keystore::KeyStoreServiceReturnCode& rc)
+        : response_code_(int32_t(rc)), error_msg_() {}
+    KeystoreResponse(const KeystoreResponse& other)
+        : response_code_(other.response_code_), error_msg_() {
+        if (other.error_msg_) {
+            error_msg_ = std::make_unique<String16>(*other.error_msg_);
+        }
+    }
+    KeystoreResponse(KeystoreResponse&& other) = default;
+
+    status_t readFromParcel(const Parcel* in) override;
+    status_t writeToParcel(Parcel* out) const override;
+
+    int response_code() const { return response_code_; }
+    const String16* error_msg() const { return error_msg_.get(); }
+
+  private:
+    int response_code_;
+    std::unique_ptr<String16> error_msg_;
+};
+
+}  // namespace keystore
+}  // namespace security
+}  // namespace android
+
+#endif  // KEYSTORE_INCLUDE_KEYSTORE_RESPONSE_H_
diff --git a/keystore/include/keystore/keystore_client_impl.h b/keystore/include/keystore/keystore_client_impl.h
index 9edd0824..0bcef98c 100644
--- a/keystore/include/keystore/keystore_client_impl.h
+++ b/keystore/include/keystore/keystore_client_impl.h
@@ -17,11 +17,12 @@
 
 #include "keystore_client.h"
 
+#include <future>
 #include <map>
 #include <string>
 #include <vector>
 
-#include <android/security/IKeystoreService.h>
+#include <android/security/keystore/IKeystoreService.h>
 #include <binder/IBinder.h>
 #include <binder/IServiceManager.h>
 #include <utils/StrongPointer.h>
@@ -109,7 +110,7 @@ class KeystoreClientImpl : public KeystoreClient {
 
     android::sp<android::IServiceManager> service_manager_;
     android::sp<android::IBinder> keystore_binder_;
-    android::sp<android::security::IKeystoreService> keystore_;
+    android::sp<android::security::keystore::IKeystoreService> keystore_;
     uint64_t next_virtual_handle_ = 1;
     std::map<uint64_t, android::sp<android::IBinder>> active_operations_;
 
diff --git a/keystore/include/keystore/keystore_promises.h b/keystore/include/keystore/keystore_promises.h
new file mode 100644
index 00000000..3d45016e
--- /dev/null
+++ b/keystore/include/keystore/keystore_promises.h
@@ -0,0 +1,72 @@
+/*
+**
+** Copyright 2018, The Android Open Source Project
+**
+** Licensed under the Apache License, Version 2.0 (the "License");
+** you may not use this file except in compliance with the License.
+** You may obtain a copy of the License at
+**
+**     http://www.apache.org/licenses/LICENSE-2.0
+**
+** Unless required by applicable law or agreed to in writing, software
+** distributed under the License is distributed on an "AS IS" BASIS,
+** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+** See the License for the specific language governing permissions and
+** limitations under the License.
+*/
+
+#ifndef KEYSTORE_INCLUDE_KEYSTORE_KEYSTORE_PROMISES_H_
+#define KEYSTORE_INCLUDE_KEYSTORE_KEYSTORE_PROMISES_H_
+
+#include <android/security/keystore/BnKeystoreCertificateChainCallback.h>
+#include <android/security/keystore/BnKeystoreExportKeyCallback.h>
+#include <android/security/keystore/BnKeystoreKeyCharacteristicsCallback.h>
+#include <android/security/keystore/BnKeystoreOperationResultCallback.h>
+#include <android/security/keystore/BnKeystoreResponseCallback.h>
+#include <future>
+
+namespace keystore {
+
+template <typename BnInterface, typename Result>
+class CallbackPromise : public BnInterface, public std::promise<Result> {
+  public:
+    ::android::binder::Status onFinished(const Result& result) override {
+        this->set_value(result);
+        return ::android::binder::Status::ok();
+    }
+};
+
+template <typename BnInterface, typename... Results>
+class CallbackPromise<BnInterface, std::tuple<Results...>>
+    : public BnInterface, public std::promise<std::tuple<Results...>> {
+  public:
+    ::android::binder::Status onFinished(const Results&... results) override {
+        this->set_value({results...});
+        return ::android::binder::Status::ok();
+    }
+};
+
+using OperationResultPromise =
+    CallbackPromise<::android::security::keystore::BnKeystoreOperationResultCallback,
+                    ::android::security::keymaster::OperationResult>;
+
+using KeystoreResponsePromise =
+    CallbackPromise<::android::security::keystore::BnKeystoreResponseCallback,
+                    ::android::security::keystore::KeystoreResponse>;
+
+using KeyCharacteristicsPromise =
+    CallbackPromise<::android::security::keystore::BnKeystoreKeyCharacteristicsCallback,
+                    std::tuple<::android::security::keystore::KeystoreResponse,
+                               ::android::security::keymaster::KeyCharacteristics>>;
+using KeystoreExportPromise =
+    CallbackPromise<::android::security::keystore::BnKeystoreExportKeyCallback,
+                    ::android::security::keymaster::ExportResult>;
+
+using KeyCertChainPromise =
+    CallbackPromise<::android::security::keystore::BnKeystoreCertificateChainCallback,
+                    std::tuple<::android::security::keystore::KeystoreResponse,
+                               ::android::security::keymaster::KeymasterCertificateChain>>;
+
+}  // namespace keystore
+
+#endif  // KEYSTORE_INCLUDE_KEYSTORE_KEYSTORE_PROMISES_H_
author	Rob Barnes <robbarnes@google.com>	2018-10-04 17:10:37 -0600
committer	Janis Danisevskis <jdanis@google.com>	2018-11-14 14:01:45 -0800
commit	bb6cabdaa19489f0a3c54acf35c56ffe59da9820 (patch)
tree	0840ed5a9b9cc39a15fdd73059c308d68b958fa9 /keystore/include
parent	81c7e390e7abe4dfdc8ea8ae88c03259ea4d92be (diff)
download	security-bb6cabdaa19489f0a3c54acf35c56ffe59da9820.tar.gz