libkeymaster/ver1/include/km_shared_util.h

   1 /*
   2  * Copyright (c) 2013-2015 TRUSTONIC LIMITED
   3  * All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions are met:
   7  *
   8  * 1. Redistributions of source code must retain the above copyright notice,
   9  *    this list of conditions and the following disclaimer.
  10  *
  11  * 2. Redistributions in binary form must reproduce the above copyright
  12  *    notice, this list of conditions and the following disclaimer in the
  13  *    documentation and/or other materials provided with the distribution.
  14  *
  15  * 3. Neither the name of the TRUSTONIC LIMITED nor the names of its
  16  *    contributors may be used to endorse or promote products derived from
  17  *    this software without specific prior written permission.
  18  *
  19  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  20  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
  21  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  22  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
  23  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
  24  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
  25  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
  26  * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
  27  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
  28  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
  29  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  30  */
  31
  32 #ifndef __KM_SHARED_UTIL_H__
  33 #define __KM_SHARED_UTIL_H__
  34
  35 #include "hardware/keymaster_defs.h"
  36
  37 #define BITS_TO_BYTES(n) (((n)+7)/8)
  38
  39 #ifndef MIN
  40 #define MIN(a,b) ((a) < (b) ? (a) : (b))
  41 #endif
  42
  43 /**
  44  * Read a serialized little-endian encoding of a uint32_t.
  45  *
  46  * @param  pos position to read from
  47  * @return     value
  48  */
  49 uint32_t get_u32(
  50     const uint8_t *pos);
  51
  52 /**
  53  * Read a serialized little-endian encoding of a uint64_t.
  54  *
  55  * @param  pos position to read from
  56  * @return     value
  57  */
  58 uint64_t get_u64(
  59     const uint8_t *pos);
  60
  61 /**
  62  * Write a serialized little-endian encoding of a uint32_t.
  63  *
  64  * @param pos position to write to
  65  * @param val value
  66  */
  67 void set_u32(
  68     uint8_t *pos,
  69     uint32_t val);
  70
  71 /**
  72  * Write a serialized little-endian encoding of a uint64_t.
  73  *
  74  * @param pos position to write to
  75  * @param val value
  76  */
  77 void set_u64(
  78     uint8_t *pos,
  79     uint64_t val);
  80
  81 /**
  82  * Write a serialized little-endian encoding of a uint32_t and increment the
  83  * position by 4 bytes.
  84  *
  85  * @param pos pointer to position to write to
  86  * @param val value
  87  */
  88 void set_u32_increment_pos(
  89     uint8_t **pos,
  90     uint32_t val);
  91
  92 /**
  93  * Write a serialized little-endian encoding of a uint64_t and increment the
  94  * position by 8 bytes.
  95  *
  96  * @param pos pointer to position to write to
  97  * @param val value
  98  */
  99 void set_u64_increment_pos(
 100     uint8_t **pos,
 101     uint64_t val);
 102
 103 /**
 104  * Write data and increment position by length of data.
 105  *
 106  * @param pos pointer to position to write to
 107  * @param src buffer to write
 108  * @param len length of buffer
 109  */
 110 void set_data_increment_pos(
 111     uint8_t **pos,
 112     const uint8_t *src,
 113     uint32_t len);
 114
 115 /**
 116  * Set a pointer and increment position.
 117  *
 118  * @param ptr pointer to pointer to set
 119  * @param src pointer to position to set it to
 120  * @param len length by which to increment \p *src
 121  */
 122 void set_ptr_increment_src(
 123     uint8_t **ptr,
 124     uint8_t **src,
 125     uint32_t len);
 126
 127 /**
 128  * Check consistency of parameters.
 129  * @param algorithm key type
 130  * @param purpose operation purpose
 131  * @return whether \p algorithm and \p purpose are consistent
 132  */
 133 bool check_algorithm_purpose(
 134     keymaster_algorithm_t algorithm,
 135     keymaster_purpose_t purpose);
 136
 137 /**
 138  * Memory needed to store a set of (HW- or SW-enforced) characteristics, n32 of
 139  * which are uint32_t (enum, uint, bool) and n64 of which are uint64_t (ulong,
 140  * date).
 141  */
 142 #define KM_W_CHARACTERISTICS_SIZE(n32,n64) (4 + (4 + 4)*(n32) + (4 + 8)*(n64))
 143
 144 /* Hardware-enforced characteristics:
 145  *   KM_TAG_PURPOSE, // enum, uint32_t, up to 4 of these
 146  *   KM_TAG_ALGORITHM, // enum, uint32_t
 147  *   KM_TAG_KEY_SIZE, // uint, uint32_t
 148  *   KM_TAG_BLOCK_MODE, // enum, uint32_t, up to 4 of these
 149  *   KM_TAG_DIGEST, // enum, uint32_t, up to 7 of these
 150  *   KM_TAG_PADDING, // enum, uint32_t, up to 5 of these
 151  *   KM_TAG_RSA_PUBLIC_EXPONENT, // ulong, uint64_t
 152  *   KM_TAG_BLOB_USAGE_REQUIREMENTS, // enum, uint32_t
 153  *   KM_TAG_BOOTLOADER_ONLY, // bool, uint32_t
 154  *   KM_TAG_ORIGIN, // enum, uint32_t
 155  *   KM_TAG_ROLLBACK_RESISTANT, // bool, uint32_t
 156  *   KM_TAG_USER_SECURE_ID, // uint64_t, up to ? of these
 157  *   KM_TAG_NO_AUTH_REQUIRED, // bool, uint32_t
 158  *   KM_TAG_USER_AUTH_TYPE, // enum, uint32_t
 159  *   KM_TAG_AUTH_TIMEOUT, // uint, uint32_t
 160  *   KM_TAG_CALLER_NONCE, // bool, uint32_t
 161  *   KM_TAG_MIN_MAC_LENGTH, // uint, uint32_t
 162  */
 163 #define KM_MAX_N_USER_SECURE_ID 8 // arbitrary
 164 #define KM_N_HW_32 31
 165 #define KM_N_HW_64 (1 + KM_MAX_N_USER_SECURE_ID)
 166
 167 /* Software-enforced characteristics: (set and enforced by keystore)
 168  *   KM_TAG_ACTIVE_DATETIME, // date, uint64_t
 169  *   KM_TAG_CREATION_DATETIME, // date, uint64_t
 170  *   KM_TAG_MAX_USES_PER_BOOT, // uint, uint32_t
 171  *   KM_TAG_MIN_SECONDS_BETWEEN_OPS, // uint, uint32_t
 172  *   KM_TAG_ORIGINATION_EXPIRE_DATETIME, // date, uint64_t
 173  *   KM_TAG_USAGE_EXPIRE_DATETIME, // date, uint64_t
 174  */
 175 #define KM_N_SW_32 2
 176 #define KM_N_SW_64 4
 177
 178 #define KM_N_HW_CHARACTERISTICS (KM_N_HW_32 + KM_N_HW_64)
 179 #define KM_N_SW_CHARACTERISTICS (KM_N_SW_32 + KM_N_SW_64)
 180 #define KM_HW_CHARACTERISTICS_SIZE \
 181     KM_W_CHARACTERISTICS_SIZE(KM_N_HW_32, KM_N_HW_64)
 182 #define KM_SW_CHARACTERISTICS_SIZE  \
 183     KM_W_CHARACTERISTICS_SIZE(KM_N_SW_32, KM_N_SW_64)
 184
 185 /**
 186  * Maximum amount of memory needed for serialized key characteristics.
 187  */
 188 #define KM_CHARACTERISTICS_SIZE \
 189     (KM_HW_CHARACTERISTICS_SIZE + KM_SW_CHARACTERISTICS_SIZE)
 190
 191 /* Nuber of parameters added by default on key import or key generation */
 192 #define OWN_PARAMS_NB 3
 193
 194 /* Size of an array storing default parameters */
 195 #define OWN_PARAMS_SIZE ( OWN_PARAMS_NB * (4+4) )  // OWN_PARAMS_NB x (tag + (enum or bool))
 196
 197 /**
 198  * Size of out_params buffer when required for begin() operation.
 199  *
 200  * This is enough to hold a 16-byte IV field, serialized
 201  * (param_count | tag | blob_length | blob_data).
 202  */
 203 #define TEE_BEGIN_OUT_PARAMS_SIZE (4 + 4 + 4 + 16)
 204
 205 #endif /* __KM_SHARED_UTIL_H__ */