1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
/*
* Copyright 2014 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#pragma once
#include <keymaster/android_keymaster.h>
#include <keymaster/logger.h>
#include "trusty_keymaster_context.h"
#include "trusty_keymaster_messages.h"
namespace keymaster {
// TrustyKeymaster implements handlers for IPC operations. Most operations are
// implemented by AndroidKeymaster but some operations which are not part of the
// interface with Android are implemented here. These operations are expected to
// be called from a bootloader or another Trusty application.
class TrustyKeymaster : public AndroidKeymaster {
public:
TrustyKeymaster(TrustyKeymasterContext* context,
size_t operation_table_size)
: AndroidKeymaster(context, operation_table_size),
context_(context) {
LOG_D("Creating TrustyKeymaster");
}
// Replace GetVersion2 handler from AndroidKeymaster. It's not virtual, but
// that's okay because it's only called non-polymorphically.
GetVersion2Response GetVersion2(const GetVersion2Request& req);
// The GetAuthTokenKey IPC call is accepted only from Gatekeeper.
long GetAuthTokenKey(keymaster_key_blob_t* key);
// Retrieve the device information needed for remote key provisioning.
std::unique_ptr<cppbor::Map> GetDeviceInfo();
// SetBootParams can only be called once. If it is never called then
// Keymaster will fail to configure. The intention is that it is called from
// the bootloader.
void SetBootParams(const SetBootParamsRequest& request,
SetBootParamsResponse* response);
// SetAttestastionKey sets a single attestation key. There should be one
// call for each supported algorithm.
void SetAttestationKey(const SetAttestationKeyRequest& request,
SetAttestationKeyResponse* response);
// SetWrappedAttestationKey sets a single attestation key. There should be
// one call for each supported algorithm.
void SetWrappedAttestationKey(const SetAttestationKeyRequest& request,
SetAttestationKeyResponse* response);
// DestroyAttestationIds clears the device IDs.
void DestroyAttestationIds(const DestroyAttestationIdsRequest& request,
DestroyAttestationIdsResponse* response);
// SetDeviceIds sets all device IDs in the KM spec under ATTESTATION_ID_*
// This is a factory provisioning step that should not be callable after
// provisioning.
void SetAttestationIds(const SetAttestationIdsRequest& request,
EmptyKeymasterResponse* response);
// SetAttestationIdsKM3 sets the device IDs added to the spec under KM3
// This is a factory provisioning step that should not be callable after
// provisioning.
void SetAttestationIdsKM3(const SetAttestationIdsKM3Request& request,
EmptyKeymasterResponse* response);
// ClearAttestationCertChain clears the attestation certificate chain for
// the specified algorithm.
void ClearAttestationCertChain(
const ClearAttestationCertChainRequest& request,
ClearAttestationCertChainResponse* response);
// AppendAttestationCertChain sets a single certificate in an attestation
// certificate chain. The bootloader should push certificates into Trusty,
// one certificate per request, starting with the attestation certificate.
// Multiple AppendAttestationCertChain requests are expected.
void AppendAttestationCertChain(
const AppendAttestationCertChainRequest& request,
AppendAttestationCertChainResponse* response);
// AtapGetCaRequest is the first of two calls that are part of the the
// Android Things Attestation Provisioning (ATAP) protocol. This protocol is
// used instead of SetAttestationKey and AppendAttestationCertChain.
void AtapGetCaRequest(const AtapGetCaRequestRequest& request,
AtapGetCaRequestResponse* response);
// AtapSetCaResponse is the second of two calls that are part of the the
// Android Things Attestation Provisioning (ATAP) protocol. This protocol is
// used instead of SetAttestationKey and AppendAttestationCertChain. The CA
// Response message is larger than 4k, so the call is split into Begin,
// Update, and Finish messages.
void AtapSetCaResponseBegin(const AtapSetCaResponseBeginRequest& request,
AtapSetCaResponseBeginResponse* response);
void AtapSetCaResponseUpdate(const AtapSetCaResponseUpdateRequest& request,
AtapSetCaResponseUpdateResponse* response);
void AtapSetCaResponseFinish(const AtapSetCaResponseFinishRequest& request,
AtapSetCaResponseFinishResponse* response);
// Reads the UUID from the certificate of the last provisioned attestation
// credentials.
void AtapReadUuid(const AtapReadUuidRequest& request,
AtapReadUuidResponse* response);
// SetProductId is only called once to set the secure product id. Caller
// should read the product id from permanent attributes structure and set
// the product id while fusing the permanent attributes.
void AtapSetProductId(const AtapSetProductIdRequest& request,
AtapSetProductIdResponse* response);
bool ConfigureCalled() {
return configure_error_ != KM_ERROR_KEYMASTER_NOT_CONFIGURED;
}
keymaster_error_t get_configure_error() { return configure_error_; }
void set_configure_error(keymaster_error_t err) { configure_error_ = err; }
private:
TrustyKeymasterContext* context_;
keymaster_error_t configure_error_ = KM_ERROR_KEYMASTER_NOT_CONFIGURED;
Buffer ca_response_;
};
} // namespace keymaster
|
