Skip to content

Pull request from chirag branch #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
BKSSMVenkateswarlu merged 4 commits into from
Mar 24, 2020
Merged

Pull request from chirag branch #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a71771b
First Commit of the framework code.
cpathak Mar 16, 2020
ca64fd1
Changes to execute on Simulator
cpathak Mar 16, 2020
47607d8
Added getHardwareInfo command
cpathak Mar 16, 2020
33d3092
Added AddRngEntropy command
cpathak Mar 24, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
build
36 changes: 36 additions & 0 deletions Applet/Applet/src/com/android/javacard/keymaster/KMAbortOperationCmd.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
/*
* Copyright(C) 2020 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.android.javacard.keymaster;

public class KMAbortOperationCmd extends KMAbstractCmd {
public static final byte INS_ABORT_OPERATION_CMD = 0x22;

@Override
protected KMArray getExpectedArgs() {
return null;
}

@Override
protected KMArray process(KMArray args, KMContext context) {
return null;
}

@Override
public byte getIns() {
return INS_ABORT_OPERATION_CMD;
}
}
83 changes: 83 additions & 0 deletions Applet/Applet/src/com/android/javacard/keymaster/KMAbstractCmd.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
/*
* Copyright(C) 2020 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.android.javacard.keymaster;

public abstract class KMAbstractCmd implements KMCommand {

/**
* Implements the KMCommand interface.
*
* @param context provides information required to execute the command.
*/
@Override
public void execute(KMContext context) {
// Assert the command's operational state
if (!this.validateState(context.getKeymasterState())) {
throw new KMException(KMException.CMD_NOT_ACCEPTED_WRONG_STATE);
}
KMEncoder encoder = context.getRepository().getEncoder();
KMDecoder decoder = context.getRepository().getDecoder();
// Get getExpectedArgs if expected
KMArray args = null;
if (hasArguments()) {
// Deserialize the getExpectedArgs
KMArray argsProto = getExpectedArgs();
args = decoder.decode(argsProto, context.getBuffer(), (short) 0, context.getBufferLength());
}
// Pass control to concrete command subclass
KMArray resp = this.process(args, context);
context.setBufferLength((short)0);
// If there is resp then serialize and send
if (resp != null) {
// set outgoing buffer
short len = encoder.encode(resp, context.getBuffer(), (short) 0, (short)context.getBuffer().length);
context.setBufferLength(len);
}
}

/**
* Get the getExpectedArgs prototype expression from the concrete subclass.
*
* @return KMArray of KMType objects which provides expression for the command's getExpectedArgs..
*/
protected abstract KMArray getExpectedArgs();

/**
* Implemented by the subclass to execute the command specific functionality.
*
* @param args which are decoded from the the apdu.
* @param context within which the command should be executed.
* @return Null or response having the result of the command's execution.
*/
protected abstract KMArray process(KMArray args, KMContext context);

/**
* Validate the state required by the command to execute. By default all the commands can execute
* in active state.
*
* @param state is the current state of the applet
* @return true if the state is valid for command's execution else false is returned.
*/
protected boolean validateState(byte state) {
return (KMKeymasterApplet.ACTIVE_STATE == state);
}

@Override
public boolean hasArguments(){
return true;
}
}
70 changes: 70 additions & 0 deletions Applet/Applet/src/com/android/javacard/keymaster/KMAddRngEntropyCmd.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,70 @@
/*
* Copyright(C) 2020 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.android.javacard.keymaster;

import javacard.framework.ISO7816;
import javacard.framework.JCSystem;
import javacard.framework.Util;

// This command adds entropy into the current entropy pool as per hal specifications.
public class KMAddRngEntropyCmd extends KMAbstractCmd {
public static final byte INS_ADD_RNG_ENTROPY_CMD = 0x18;
public static final short MAX_SEED_SIZE = 2048;

@Override
protected KMArray getExpectedArgs() {
return KMArray.instance((short) 1).add((short) 0, KMByteBlob.instance());
}

@Override
protected KMArray process(KMArray args, KMContext context) {
KMByteBlob blob = (KMByteBlob) args.get((short) 0);
// maximum 2KiB of seed is allowed.
if (blob.length() > MAX_SEED_SIZE) {
throw new KMException(ISO7816.SW_WRONG_LENGTH);
}
KMUtil.init(context.getRepository());
// Get existing entropy pool.
byte[] entPool = context.getRepository().getEntropyPool();
// Create new temporary pool.
byte[] heapRef = context.getRepository().getByteHeapRef();
short poolStart = context.getRepository().newByteArray((short) entPool.length);
// Populate the new pool with the entropy which is derived from current entropy pool.
KMUtil.newRandomNumber(heapRef, poolStart, (short) entPool.length);
// Copy the entropy to the current pool - updates the entropy pool.
Util.arrayCopy(heapRef, poolStart, entPool, (short) 0, (short) entPool.length);
short index = 0;
short randIndex = 0;
// Mix (XOR) the seed received from the master in the entropy pool - 32 bytes (entPool.length).
// at a time.
while (index < blob.length()) {
entPool[randIndex] = (byte) (entPool[randIndex] ^ blob.get(index));
randIndex++;
index++;
if (randIndex >= entPool.length) {
randIndex = 0;
}
}
// TODO return success error code.
return null;
}

@Override
public byte getIns() {
return INS_ADD_RNG_ENTROPY_CMD;
}
}
82 changes: 82 additions & 0 deletions Applet/Applet/src/com/android/javacard/keymaster/KMArray.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
/*
* Copyright(C) 2020 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.android.javacard.keymaster;

import javacard.framework.ISO7816;

public class KMArray extends KMType {
private KMType[] vals;
private short length;
private short startOff;

private KMArray() {
init();
}

@Override
public void init() {
vals = null;
startOff = 0;
length = 0;
}

@Override
public short length() {
return length;
}

public static void create(KMArray[] arrayRefTable) {
byte index = 0;
while (index < arrayRefTable.length) {
arrayRefTable[index] = new KMArray();
index++;
}
}

public static KMArray instance() {
return repository.newArray();
}

public static KMArray instance(short length) {

KMArray inst = repository.newArray();
inst.startOff = repository.newTypeArray(length);
inst.vals = repository.getTypeArrayRef();
inst.length = length;
return inst;
}

public KMArray withLength(short length) {
this.length = length;
return this;
}

public KMArray add(short index, KMType val) {
if (index >= length) {
throw new KMException(ISO7816.SW_WRONG_LENGTH);
}
vals[(short) (startOff + index)] = val;
return this;
}

public KMType get(short index) {
if (index >= length) {
throw new KMException(ISO7816.SW_WRONG_LENGTH);
}
return vals[(short) (startOff + index)];
}
}
36 changes: 36 additions & 0 deletions Applet/Applet/src/com/android/javacard/keymaster/KMAttestKeyCmd.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
/*
* Copyright(C) 2020 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.android.javacard.keymaster;

public class KMAttestKeyCmd extends KMAbstractCmd {
public static final byte INS_ATTEST_KEY_CMD = 0x14;

@Override
protected KMArray getExpectedArgs() {
return null;
}

@Override
protected KMArray process(KMArray args, KMContext context) {
return null;
}

@Override
public byte getIns() {
return INS_ATTEST_KEY_CMD;
}
}
36 changes: 36 additions & 0 deletions Applet/Applet/src/com/android/javacard/keymaster/KMBeginOperationCmd.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
/*
* Copyright(C) 2020 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.android.javacard.keymaster;

public class KMBeginOperationCmd extends KMAbstractCmd {
public static final byte INS_BEGIN_OPERATION_CMD = 0x1F;

@Override
protected KMArray getExpectedArgs() {
return null;
}

@Override
protected KMArray process(KMArray args, KMContext context) {
return null;
}

@Override
public byte getIns() {
return INS_BEGIN_OPERATION_CMD;
}
}
Loading