commit 62f63c7ddbd08737e298a97975754225e5da0126
author Shawn Willden <swillden@google.com> Fri Feb 17 12:23:51 2017 -0700
committer Shawn Willden <swillden@google.com> Fri Mar 24 22:22:34 2017 -0600
tree ee444e6f99a9b4fa3d6a3d26e9c7b09d5a1ad58b
parent d4417fb98233bf090755fb2eba580c8e33d1714b

Add auth token parsing to IKeymasterDevice.hal

Auth tokens have an unfortunate dual character. To most of the system
they are opaque blobs that are intended only to be obtained from one
HAL (e.g. gatekeeper or fingerprint) and passed to another
HAL (keymaster), but keystore actually needs to extract some bits of
information from them in order to determine which of the available blobs
should be provided for a given keymaster key operation.

This CL adds a method that resolves this dual nature by moving the
responsibility of parsing blobs to the HAL so that no component of the
framework has to make any assumptions about their content and all can
treat them as fully opaque. This still means that the various HAL
implementers have to agree on content, but they also have to agree on an
HMAC key which much be securely distributed to all at every boot, so
asking them to agree on an auth token format is perfectly
acceptable. But now the Android system doesn't have to care about the
format.

Bug: 32962548
Test: CTS tests pass, plus manual testing.
Change-Id: I78aa6e4ea9c5d8f34906b0969909387e2c5894e6

keymaster/3.0/default/KeymasterDevice.cpp

diff --git a/keymaster/3.0/default/KeymasterDevice.cpp b/keymaster/3.0/default/KeymasterDevice.cpp
index 720b946..b2baa2b 100644
--- a/keymaster/3.0/default/KeymasterDevice.cpp
+++ b/keymaster/3.0/default/KeymasterDevice.cpp
@@ -33,6 +33,8 @@
 
 using ::keymaster::SoftKeymasterDevice;
 
+namespace {
+
 class SoftwareOnlyHidlKeymasterEnforcement : public ::keymaster::KeymasterEnforcement {
   public:
     SoftwareOnlyHidlKeymasterEnforcement() : KeymasterEnforcement(64, 64) {}
@@ -60,7 +62,7 @@
     std::unique_ptr<::keymaster::KeymasterEnforcement> enforcement_;
 };
 
-static int keymaster0_device_initialize(const hw_module_t* mod, keymaster2_device_t** dev) {
+int keymaster0_device_initialize(const hw_module_t* mod, keymaster2_device_t** dev) {
     assert(mod->module_api_version < KEYMASTER_MODULE_API_VERSION_1_0);
     ALOGI("Found keymaster0 module %s, version %x", mod->name, mod->module_api_version);
 
@@ -137,7 +139,7 @@
     return rc;
 }
 
-static int keymaster2_device_initialize(const hw_module_t* mod, keymaster2_device_t** dev) {
+int keymaster2_device_initialize(const hw_module_t* mod, keymaster2_device_t** dev) {
     assert(mod->module_api_version >= KEYMASTER_MODULE_API_VERSION_2_0);
     ALOGI("Found keymaster2 module %s, version %x", mod->name, mod->module_api_version);
 
@@ -191,6 +193,30 @@
     }
 }
 
+template <typename IntType, uint32_t byteOrder> struct choose_ntoh;
+
+template <typename IntType> struct choose_ntoh<IntType, __ORDER_LITTLE_ENDIAN__> {
+    inline static IntType ntoh(const IntType& value) {
+        IntType result = 0;
+        const unsigned char* inbytes = reinterpret_cast<const unsigned char*>(&value);
+        unsigned char* outbytes = reinterpret_cast<unsigned char*>(&result);
+        for (int i = sizeof(IntType) - 1; i >= 0; --i) {
+            *(outbytes++) = inbytes[i];
+        }
+        return result;
+    }
+};
+
+template <typename IntType> struct choose_ntoh<IntType, __ORDER_BIG_ENDIAN__> {
+    inline static IntType hton(const IntType& value) { return value; }
+};
+
+template <typename IntType> inline IntType ntoh(const IntType& value) {
+    return choose_ntoh<IntType, __BYTE_ORDER__>::ntoh(value);
+}
+
+}  // anonymous namespace
+
 KeymasterDevice::~KeymasterDevice() {
     if (keymaster_device_) keymaster_device_->common.close(&keymaster_device_->common);
 }
@@ -376,6 +402,34 @@
     return Void();
 }
 
+Return<void> KeymasterDevice::parseHardwareAuthToken(const hidl_vec<uint8_t>& token,
+                                                     parseHardwareAuthToken_cb _hidl_cb) {
+    HardwareAuthTokenInfo parsedToken;
+    if (token.size() != sizeof(hw_auth_token_t)) {
+        ALOGE("Received auth token of length %zu, expected %zu", token.size(),
+              sizeof(hw_auth_token_t));
+        _hidl_cb(ErrorCode::INVALID_ARGUMENT, parsedToken);
+        return Void();
+    }
+
+    const hw_auth_token_t* authToken = reinterpret_cast<const hw_auth_token_t*>(token.data());
+    if (authToken->version != 0) {
+        ALOGE("Auth token version %u, expected version ", authToken->version);
+        _hidl_cb(ErrorCode::INVALID_ARGUMENT, parsedToken);
+        return Void();
+    }
+
+    parsedToken.challenge = authToken->challenge;
+    parsedToken.userId = authToken->user_id;
+    parsedToken.authenticatorId = authToken->authenticator_id;
+    parsedToken.authenticatorType =
+        static_cast<HardwareAuthenticatorType>(ntoh(authToken->authenticator_type));
+    parsedToken.timestamp = ntoh(authToken->timestamp);
+
+    _hidl_cb(ErrorCode::OK, parsedToken);
+    return Void();
+}
+
 Return<ErrorCode> KeymasterDevice::addRngEntropy(const hidl_vec<uint8_t>& data) {
     if (!data.size()) return ErrorCode::OK;
     return legacy_enum_conversion(