Revise KeymasterMessage versioning system
This CL revamps the KeymasterMessage versioning system, to address a
couple of flaws. First, the message versioning system didn't support
the case where the client was older than the server. Second,
implementations largely weren't actually using the versioning system
at all. Specifically, it:
1. Removes the default of the message version argument from the
KeymasterRequest/Response constructors. Keymaster implementations
had entirely ignored message versioning, resulting in
brittleness. By not providing a default, we force implementors to
think about message versioning, and to use the version negotiation
infrastructure.
2. Adds a new version negotiation mechanism, creatively called
GetVersion2, with corresponding new request and response objects.
The previous mechanism assumed that all adjustment for version
differences between client and server could be done by the client,
but that presumes that the client is always at least as new as the
server, so that it can understand the server version and adapt
accordingly. It turns out that this is a bad assumption; in some
cases the server may be newer than the client. The new approach
is a mutual exchange of maximum message versions understood and
the negotiation consists of both sides using the min of the two
maxes.
3. Defines a protocol for clients and servers to manage the
situation that the other side doesn't underderstand GetVersion2.
Bug: 171846199
Test: keymster_tests
Change-Id: Ibea104c39942c6c88523688306a030f40e9b150f
diff --git a/ng/AndroidKeyMintDevice.cpp b/ng/AndroidKeyMintDevice.cpp
index 8656c66..f024fef 100644
--- a/ng/AndroidKeyMintDevice.cpp
+++ b/ng/AndroidKeyMintDevice.cpp
@@ -62,7 +62,7 @@
const HardwareAuthToken& authToken, //
VerificationToken* verificationToken) {
- VerifyAuthorizationRequest request;
+ VerifyAuthorizationRequest request(impl_->message_version());
request.challenge = static_cast<uint64_t>(challenge);
request.auth_token.challenge = authToken.challenge;
request.auth_token.user_id = authToken.userId;
@@ -93,10 +93,10 @@
return ScopedAStatus::ok();
}
- AddEntropyRequest request;
+ AddEntropyRequest request(impl_->message_version());
request.random_data.Reinitialize(data.data(), data.size());
- AddEntropyResponse response;
+ AddEntropyResponse response(impl_->message_version());
impl_->AddRngEntropy(request, &response);
return kmError2ScopedAStatus(response.error);
@@ -107,10 +107,10 @@
KeyCharacteristics* generatedKeyCharacteristics,
vector<Certificate>* /* certChain */) {
- GenerateKeyRequest request;
+ GenerateKeyRequest request(impl_->message_version());
request.key_description.Reinitialize(KmParamSet(keyParams));
- GenerateKeyResponse response;
+ GenerateKeyResponse response(impl_->message_version());
impl_->GenerateKey(request, &response);
if (response.error != KM_ERROR_OK) {
@@ -139,12 +139,12 @@
KeyCharacteristics* importedKeyCharacteristics,
vector<Certificate>* /* certChain */) {
- ImportKeyRequest request;
+ ImportKeyRequest request(impl_->message_version());
request.key_description.Reinitialize(KmParamSet(keyParams));
request.key_format = legacy_enum_conversion(keyFormat);
request.SetKeyMaterial(keyData.data(), keyData.size());
- ImportKeyResponse response;
+ ImportKeyResponse response(impl_->message_version());
impl_->ImportKey(request, &response);
if (response.error != KM_ERROR_OK) {
@@ -164,7 +164,7 @@
int64_t passwordSid, int64_t biometricSid, ByteArray* importedKeyBlob,
KeyCharacteristics* importedKeyCharacteristics) {
- ImportWrappedKeyRequest request;
+ ImportWrappedKeyRequest request(impl_->message_version());
request.SetWrappedMaterial(wrappedKeyData.data(), wrappedKeyData.size());
request.SetWrappingMaterial(wrappingKeyBlob.data(), wrappingKeyBlob.size());
request.SetMaskingKeyMaterial(maskingKey.data(), maskingKey.size());
@@ -172,7 +172,7 @@
request.password_sid = static_cast<uint64_t>(passwordSid);
request.biometric_sid = static_cast<uint64_t>(biometricSid);
- ImportWrappedKeyResponse response;
+ ImportWrappedKeyResponse response(impl_->message_version());
impl_->ImportWrappedKey(request, &response);
if (response.error != KM_ERROR_OK) {
@@ -190,11 +190,11 @@
const vector<KeyParameter>& upgradeParams,
vector<uint8_t>* keyBlob) {
- UpgradeKeyRequest request;
+ UpgradeKeyRequest request(impl_->message_version());
request.SetKeyMaterial(keyBlobToUpgrade.data(), keyBlobToUpgrade.size());
request.upgrade_params.Reinitialize(KmParamSet(upgradeParams));
- UpgradeKeyResponse response;
+ UpgradeKeyResponse response(impl_->message_version());
impl_->UpgradeKey(request, &response);
if (response.error != KM_ERROR_OK) {
@@ -206,10 +206,10 @@
}
ScopedAStatus AndroidKeyMintDevice::deleteKey(const vector<uint8_t>& keyBlob) {
- DeleteKeyRequest request;
+ DeleteKeyRequest request(impl_->message_version());
request.SetKeyMaterial(keyBlob.data(), keyBlob.size());
- DeleteKeyResponse response;
+ DeleteKeyResponse response(impl_->message_version());
impl_->DeleteKey(request, &response);
return kmError2ScopedAStatus(response.error);
@@ -217,8 +217,8 @@
ScopedAStatus AndroidKeyMintDevice::deleteAllKeys() {
// There's nothing to be done to delete software key blobs.
- DeleteAllKeysRequest request;
- DeleteAllKeysResponse response;
+ DeleteAllKeysRequest request(impl_->message_version());
+ DeleteAllKeysResponse response(impl_->message_version());
impl_->DeleteAllKeys(request, &response);
return kmError2ScopedAStatus(response.error);
@@ -232,7 +232,7 @@
const vector<KeyParameter>& params,
const HardwareAuthToken& authToken, BeginResult* result) {
- BeginOperationRequest request;
+ BeginOperationRequest request(impl_->message_version());
request.purpose = legacy_enum_conversion(purpose);
request.SetKeyMaterial(keyBlob.data(), keyBlob.size());
request.additional_params.Reinitialize(KmParamSet(params));
@@ -241,7 +241,7 @@
request.additional_params.push_back(
TAG_AUTH_TOKEN, reinterpret_cast<uint8_t*>(vector_token.data()), vector_token.size());
- BeginOperationResponse response;
+ BeginOperationResponse response(impl_->message_version());
impl_->BeginOperation(request, &response);
if (response.error != KM_ERROR_OK) {