keyguard_messages.cpp - platform/system/keyguard - Git at Google

 /*
  * Copyright 2015 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
  *
  * TODO(anmorales): figure out a reasonable max buffer size
  */

 #include <keyguard/keyguard_messages.h>

 #include <string.h>

 namespace keyguard {

 /**
  * Variant of memset() that uses GCC-specific pragmas to disable optimizations, so effect is not
  * optimized away.  This is important because we often need to wipe blocks of sensitive data from
  * memory.  As an additional convenience, this implementation avoids writing to NULL pointers.
  */
 #ifdef __clang__
 #define OPTNONE __attribute__((optnone))
 #else  // not __clang__
 #define OPTNONE __attribute__((optimize("O0")))
 #endif  // not __clang__
 inline OPTNONE void* memset_s(void* s, int c, size_t n) {
     if (!s)
         return s;
     return memset(s, c, n);
 }
 #undef OPTNONE

 static inline size_t buffer_size(const SizedBuffer &buf) {
     return sizeof(uint32_t) + buf.length;
 }

 static inline void append_to_buffer(uint8_t **buffer, const SizedBuffer *to_append) {
     memcpy(*buffer, &to_append->length, sizeof(to_append->length));
     *buffer += sizeof(to_append->length);
     memcpy(*buffer, to_append->buffer.get(), to_append->length);
     *buffer += to_append->length;
 }

 static inline keyguard_error_t read_from_buffer(const uint8_t **buffer, const uint8_t *end,
         SizedBuffer *target) {
     if (*buffer + sizeof(target->length) >= end) return KG_ERROR_INVALID;

     memcpy(&target->length, *buffer, sizeof(target->length));
     *buffer += sizeof(target->length);
     const uint8_t *buffer_end = *buffer + target->length;
     if (buffer_end > end || buffer_end <= *buffer) return KG_ERROR_INVALID;

     target->buffer.reset(new uint8_t[target->length]);
     memcpy(target->buffer.get(), *buffer, target->length);
     *buffer += target->length;
     return KG_ERROR_OK;
 }

 size_t KeyguardMessage::GetSerializedSize() const {
     if (error_ == KG_ERROR_OK) {
         return sizeof(uint32_t) + nonErrorSerializedSize();
     } else {
         return sizeof(uint32_t);
     }
 }

 uint8_t *KeyguardMessage::Serialize() const {
     if (error_ != KG_ERROR_OK) {
         uint32_t *error_buf = new uint32_t;
         *error_buf = static_cast<uint32_t>(error_);
         return reinterpret_cast<uint8_t *>(error_buf);
     } else {
         uint8_t *buf = new uint8_t[sizeof(uint32_t) + nonErrorSerializedSize()];
         uint32_t error_value = static_cast<uint32_t>(error_);
         memcpy(buf, &error_value, sizeof(uint32_t));
         nonErrorSerialize(buf + sizeof(uint32_t));
         return buf;
     }
 }

 keyguard_error_t KeyguardMessage::Deserialize(const uint8_t *payload, const uint8_t *end) {
     uint32_t error_value;
     if (payload + sizeof(uint32_t) > end) return KG_ERROR_INVALID;
     memcpy(&error_value, payload, sizeof(uint32_t));
     error_ = static_cast<keyguard_error_t>(error_value);
     if (error_ == KG_ERROR_OK) {
         error_ = nonErrorDeserialize(payload + sizeof(uint32_t), end);
     }

     return error_;
 }


 VerifyRequest::VerifyRequest(SizedBuffer *enrolled_password_handle,
         SizedBuffer *provided_password_payload) {
     password_handle_.buffer = std::move(enrolled_password_handle->buffer);
     password_handle_.length = enrolled_password_handle->length;
     provided_password_.buffer = std::move(provided_password_payload->buffer);
     provided_password_.length = provided_password_payload->length;
 }

 VerifyRequest::VerifyRequest() {
     memset_s(&password_handle_, 0, sizeof(password_handle_));
     memset_s(&provided_password_, 0, sizeof(provided_password_));
 }

 VerifyRequest::~VerifyRequest() {
     if (password_handle_.buffer) {
         password_handle_.buffer.reset();
     }

     if (provided_password_.buffer) {
         memset_s(provided_password_.buffer.get(), 0, provided_password_.length);
         provided_password_.buffer.reset();
     }
 }

 size_t VerifyRequest::nonErrorSerializedSize() const {
     return buffer_size(password_handle_) + buffer_size(provided_password_);
 }

 void VerifyRequest::nonErrorSerialize(uint8_t *buffer) const {
     append_to_buffer(&buffer, &password_handle_);
     append_to_buffer(&buffer, &provided_password_);
 }

 keyguard_error_t VerifyRequest::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) {
     keyguard_error_t error = KG_ERROR_OK;

     if (password_handle_.buffer) {
         password_handle_.buffer.reset();
     }

     if (provided_password_.buffer) {
         memset_s(provided_password_.buffer.get(), 0, provided_password_.length);
         provided_password_.buffer.reset();
     }

     error = read_from_buffer(&payload, end, &password_handle_);
     if (error != KG_ERROR_OK) return error;

     return read_from_buffer(&payload, end, &provided_password_);

 }

 VerifyResponse::VerifyResponse(SizedBuffer *verification_token) {
     verification_token_.buffer = std::move(verification_token->buffer);
     verification_token_.length = verification_token->length;
 }

 VerifyResponse::VerifyResponse() {
     memset_s(&verification_token_, 0, sizeof(verification_token_));
 };

 VerifyResponse::~VerifyResponse() {
     if (verification_token_.length > 0) {
         verification_token_.buffer.reset();
     }
 }

 size_t VerifyResponse::nonErrorSerializedSize() const {
     return buffer_size(verification_token_);
 }

 void VerifyResponse::nonErrorSerialize(uint8_t *buffer) const {
     append_to_buffer(&buffer, &verification_token_);
 }

 keyguard_error_t VerifyResponse::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) {
     if (verification_token_.buffer) {
         verification_token_.buffer.reset();
     }

     return read_from_buffer(&payload, end, &verification_token_);
 }

 EnrollRequest::EnrollRequest(SizedBuffer *provided_password) {
     provided_password_.buffer = std::move(provided_password->buffer);
     provided_password_.length = provided_password->length;
 }

 EnrollRequest::EnrollRequest() {
     memset_s(&provided_password_, 0, sizeof(provided_password_));
 }

 EnrollRequest::~EnrollRequest() {
     if (provided_password_.buffer) {
         memset_s(provided_password_.buffer.get(), 0, provided_password_.length);
         provided_password_.buffer.reset();
     }
 }

 size_t EnrollRequest::nonErrorSerializedSize() const {
    return buffer_size(provided_password_);
 }

 void EnrollRequest::nonErrorSerialize(uint8_t *buffer) const {
     append_to_buffer(&buffer, &provided_password_);
 }

 keyguard_error_t EnrollRequest::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) {
     if (provided_password_.buffer) {
         memset_s(provided_password_.buffer.get(), 0, provided_password_.length);
         provided_password_.buffer.reset();
     }

     return read_from_buffer(&payload, end, &provided_password_);
 }

 EnrollResponse::EnrollResponse(SizedBuffer *enrolled_password_handle) {
     enrolled_password_handle_.buffer = std::move(enrolled_password_handle->buffer);
     enrolled_password_handle_.length = enrolled_password_handle->length;
 }

 EnrollResponse::EnrollResponse() {
     memset_s(&enrolled_password_handle_, 0, sizeof(enrolled_password_handle_));
 }

 EnrollResponse::~EnrollResponse() {
     if (enrolled_password_handle_.buffer) {
         enrolled_password_handle_.buffer.reset();
     }
 }

 size_t EnrollResponse::nonErrorSerializedSize() const {
     return buffer_size(enrolled_password_handle_);
 }

 void EnrollResponse::nonErrorSerialize(uint8_t *buffer) const {
     append_to_buffer(&buffer, &enrolled_password_handle_);
 }

 keyguard_error_t EnrollResponse::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) {
     if (enrolled_password_handle_.buffer) {
         enrolled_password_handle_.buffer.reset();
     }

     return read_from_buffer(&payload, end, &enrolled_password_handle_);
 }

 };
	/*
	* Copyright 2015 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*
	*
	* TODO(anmorales): figure out a reasonable max buffer size
	*/

	#include <keyguard/keyguard_messages.h>

	#include <string.h>

	namespace keyguard {

	/**
	* Variant of memset() that uses GCC-specific pragmas to disable optimizations, so effect is not
	* optimized away. This is important because we often need to wipe blocks of sensitive data from
	* memory. As an additional convenience, this implementation avoids writing to NULL pointers.
	*/
	#ifdef __clang__
	#define OPTNONE __attribute__((optnone))
	#else // not __clang__
	#define OPTNONE __attribute__((optimize("O0")))
	#endif // not __clang__
	inline OPTNONE void* memset_s(void* s, int c, size_t n) {
	if (!s)
	return s;
	return memset(s, c, n);
	}
	#undef OPTNONE

	static inline size_t buffer_size(const SizedBuffer &buf) {
	return sizeof(uint32_t) + buf.length;
	}

	static inline void append_to_buffer(uint8_t *buffer, const SizedBuffer to_append) {
	memcpy(*buffer, &to_append->length, sizeof(to_append->length));
	*buffer += sizeof(to_append->length);
	memcpy(*buffer, to_append->buffer.get(), to_append->length);
	*buffer += to_append->length;
	}

	static inline keyguard_error_t read_from_buffer(const uint8_t *buffer, const uint8_t end,
	SizedBuffer *target) {
	if (*buffer + sizeof(target->length) >= end) return KG_ERROR_INVALID;

	memcpy(&target->length, *buffer, sizeof(target->length));
	*buffer += sizeof(target->length);
	const uint8_t buffer_end = buffer + target->length;
	if (buffer_end > end \|\| buffer_end <= *buffer) return KG_ERROR_INVALID;

	target->buffer.reset(new uint8_t[target->length]);
	memcpy(target->buffer.get(), *buffer, target->length);
	*buffer += target->length;
	return KG_ERROR_OK;
	}

	size_t KeyguardMessage::GetSerializedSize() const {
	if (error_ == KG_ERROR_OK) {
	return sizeof(uint32_t) + nonErrorSerializedSize();
	} else {
	return sizeof(uint32_t);
	}
	}

	uint8_t *KeyguardMessage::Serialize() const {
	if (error_ != KG_ERROR_OK) {
	uint32_t *error_buf = new uint32_t;
	*error_buf = static_cast<uint32_t>(error_);
	return reinterpret_cast<uint8_t *>(error_buf);
	} else {
	uint8_t *buf = new uint8_t[sizeof(uint32_t) + nonErrorSerializedSize()];
	uint32_t error_value = static_cast<uint32_t>(error_);
	memcpy(buf, &error_value, sizeof(uint32_t));
	nonErrorSerialize(buf + sizeof(uint32_t));
	return buf;
	}
	}

	keyguard_error_t KeyguardMessage::Deserialize(const uint8_t payload, const uint8_t end) {
	uint32_t error_value;
	if (payload + sizeof(uint32_t) > end) return KG_ERROR_INVALID;
	memcpy(&error_value, payload, sizeof(uint32_t));
	error_ = static_cast<keyguard_error_t>(error_value);
	if (error_ == KG_ERROR_OK) {
	error_ = nonErrorDeserialize(payload + sizeof(uint32_t), end);
	}

	return error_;
	}


	VerifyRequest::VerifyRequest(SizedBuffer *enrolled_password_handle,
	SizedBuffer *provided_password_payload) {
	password_handle_.buffer = std::move(enrolled_password_handle->buffer);
	password_handle_.length = enrolled_password_handle->length;
	provided_password_.buffer = std::move(provided_password_payload->buffer);
	provided_password_.length = provided_password_payload->length;
	}

	VerifyRequest::VerifyRequest() {
	memset_s(&password_handle_, 0, sizeof(password_handle_));
	memset_s(&provided_password_, 0, sizeof(provided_password_));
	}

	VerifyRequest::~VerifyRequest() {
	if (password_handle_.buffer) {
	password_handle_.buffer.reset();
	}

	if (provided_password_.buffer) {
	memset_s(provided_password_.buffer.get(), 0, provided_password_.length);
	provided_password_.buffer.reset();
	}
	}

	size_t VerifyRequest::nonErrorSerializedSize() const {
	return buffer_size(password_handle_) + buffer_size(provided_password_);
	}

	void VerifyRequest::nonErrorSerialize(uint8_t *buffer) const {
	append_to_buffer(&buffer, &password_handle_);
	append_to_buffer(&buffer, &provided_password_);
	}

	keyguard_error_t VerifyRequest::nonErrorDeserialize(const uint8_t payload, const uint8_t end) {
	keyguard_error_t error = KG_ERROR_OK;

	if (password_handle_.buffer) {
	password_handle_.buffer.reset();
	}

	if (provided_password_.buffer) {
	memset_s(provided_password_.buffer.get(), 0, provided_password_.length);
	provided_password_.buffer.reset();
	}

	error = read_from_buffer(&payload, end, &password_handle_);
	if (error != KG_ERROR_OK) return error;

	return read_from_buffer(&payload, end, &provided_password_);

	}

	VerifyResponse::VerifyResponse(SizedBuffer *verification_token) {
	verification_token_.buffer = std::move(verification_token->buffer);
	verification_token_.length = verification_token->length;
	}

	VerifyResponse::VerifyResponse() {
	memset_s(&verification_token_, 0, sizeof(verification_token_));
	};

	VerifyResponse::~VerifyResponse() {
	if (verification_token_.length > 0) {
	verification_token_.buffer.reset();
	}
	}

	size_t VerifyResponse::nonErrorSerializedSize() const {
	return buffer_size(verification_token_);
	}

	void VerifyResponse::nonErrorSerialize(uint8_t *buffer) const {
	append_to_buffer(&buffer, &verification_token_);
	}

	keyguard_error_t VerifyResponse::nonErrorDeserialize(const uint8_t payload, const uint8_t end) {
	if (verification_token_.buffer) {
	verification_token_.buffer.reset();
	}

	return read_from_buffer(&payload, end, &verification_token_);
	}

	EnrollRequest::EnrollRequest(SizedBuffer *provided_password) {
	provided_password_.buffer = std::move(provided_password->buffer);
	provided_password_.length = provided_password->length;
	}

	EnrollRequest::EnrollRequest() {
	memset_s(&provided_password_, 0, sizeof(provided_password_));
	}

	EnrollRequest::~EnrollRequest() {
	if (provided_password_.buffer) {
	memset_s(provided_password_.buffer.get(), 0, provided_password_.length);
	provided_password_.buffer.reset();
	}
	}

	size_t EnrollRequest::nonErrorSerializedSize() const {
	return buffer_size(provided_password_);
	}

	void EnrollRequest::nonErrorSerialize(uint8_t *buffer) const {
	append_to_buffer(&buffer, &provided_password_);
	}

	keyguard_error_t EnrollRequest::nonErrorDeserialize(const uint8_t payload, const uint8_t end) {
	if (provided_password_.buffer) {
	memset_s(provided_password_.buffer.get(), 0, provided_password_.length);
	provided_password_.buffer.reset();
	}

	return read_from_buffer(&payload, end, &provided_password_);
	}

	EnrollResponse::EnrollResponse(SizedBuffer *enrolled_password_handle) {
	enrolled_password_handle_.buffer = std::move(enrolled_password_handle->buffer);
	enrolled_password_handle_.length = enrolled_password_handle->length;
	}

	EnrollResponse::EnrollResponse() {
	memset_s(&enrolled_password_handle_, 0, sizeof(enrolled_password_handle_));
	}

	EnrollResponse::~EnrollResponse() {
	if (enrolled_password_handle_.buffer) {
	enrolled_password_handle_.buffer.reset();
	}
	}

	size_t EnrollResponse::nonErrorSerializedSize() const {
	return buffer_size(enrolled_password_handle_);
	}

	void EnrollResponse::nonErrorSerialize(uint8_t *buffer) const {
	append_to_buffer(&buffer, &enrolled_password_handle_);
	}

	keyguard_error_t EnrollResponse::nonErrorDeserialize(const uint8_t payload, const uint8_t end) {
	if (enrolled_password_handle_.buffer) {
	enrolled_password_handle_.buffer.reset();
	}

	return read_from_buffer(&payload, end, &enrolled_password_handle_);
	}

	};