Add authorization enforcement to AndroidKeymaster.

Note: Moving List.h into system/keymaster is unfortunate, but required
to allow Trusty to use it.  b/22088154 tracks cleaning this up.

Bug: 19511945
Change-Id: Ia1dfe5fda5ea78935611b0a7656b323770edcbae

4 files changed, 34 insertions, 54 deletions

diff --git a/include/keymaster/keymaster_context.h b/include/keymaster/keymaster_context.h
index be4f8d7..338b408 100644
--- a/include/keymaster/keymaster_context.h
+++ b/include/keymaster/keymaster_context.h
@@ -20,6 +20,7 @@
 #include <assert.h>
 
 #include <hardware/keymaster_defs.h>
+#include <keymaster/keymaster_enforcement.h>
 
 namespace keymaster {
 
@@ -121,6 +122,11 @@ class KeymasterContext {
      */
     virtual keymaster_error_t GenerateRandom(uint8_t* buf, size_t length) const = 0;
 
+    /**
+     * Return the enforcement policy for this context, or null if no enforcement should be done.
+     */
+    virtual KeymasterEnforcement* enforcement_policy() = 0;
+
   private:
     // Uncopyable.
     KeymasterContext(const KeymasterContext&);
diff --git a/include/keymaster/keymaster_enforcement.h b/include/keymaster/keymaster_enforcement.h
index a0fccdf..69ef5e3 100644
--- a/include/keymaster/keymaster_enforcement.h
+++ b/include/keymaster/keymaster_enforcement.h
@@ -19,8 +19,6 @@
 
 #include <stdio.h>
 
-#include <utils/List.h>
-
 #include <keymaster/authorization_set.h>
 
 namespace keymaster {
@@ -35,17 +33,16 @@ class KeymasterEnforcementContext {
      */
 };
 
-class KeymasterEnforcement {
+class AccessTimeMap;
+class AccessCountMap;
 
+class KeymasterEnforcement {
   public:
     /**
-     * Construct a KeymasterEnforcement.  Takes ownership of the context.
+     * Construct a KeymasterEnforcement.
      */
-    explicit KeymasterEnforcement(uint32_t max_access_time_map_size,
-                                  uint32_t max_access_count_map_size)
-        : access_time_map_(max_access_time_map_size), access_count_map_(max_access_count_map_size) {
-    }
-    virtual ~KeymasterEnforcement() {}
+    KeymasterEnforcement(uint32_t max_access_time_map_size, uint32_t max_access_count_map_size);
+    virtual ~KeymasterEnforcement();
 
     /**
      * Iterates through the authorization set and returns the corresponding keymaster error. Will
@@ -159,52 +156,10 @@ class KeymasterEnforcement {
                           const keymaster_operation_handle_t op_handle,
                           bool is_begin_operation) const;
 
-    class AccessTimeMap {
-      public:
-        AccessTimeMap(uint32_t max_size) : max_size_(max_size) {}
-
-        /* If the key is found, returns true and fills \p last_access_time.  If not found returns
-         * false. */
-        bool LastKeyAccessTime(km_id_t keyid, uint32_t* last_access_time) const;
-
-        /* Updates the last key access time with the currentTime parameter.  Adds the key if
-         * needed, returning false if key cannot be added because list is full. */
-        bool UpdateKeyAccessTime(km_id_t keyid, uint32_t current_time, uint32_t timeout);
-
-      private:
-        struct AccessTime {
-            km_id_t keyid;
-            uint32_t access_time;
-            uint32_t timeout;
-        };
-        android::List<AccessTime> last_access_list_;
-        const uint32_t max_size_;
-    };
-
-    class AccessCountMap {
-      public:
-        AccessCountMap(uint32_t max_size) : max_size_(max_size) {}
-
-        /* If the key is found, returns true and fills \p count.  If not found returns
-         * false. */
-        bool KeyAccessCount(km_id_t keyid, uint32_t* count) const;
-
-        /* Increments key access count, adding an entry if the key has never been used.  Returns
-         * false if the list has reached maximum size. */
-        bool IncrementKeyAccessCount(km_id_t keyid);
-
-      private:
-        struct AccessCount {
-            km_id_t keyid;
-            uint64_t access_count;
-        };
-        android::List<AccessCount> access_count_list_;
-        const uint32_t max_size_;
-    };
-
-    AccessTimeMap access_time_map_;
-    AccessCountMap access_count_map_;
+    AccessTimeMap* access_time_map_;
+    AccessCountMap* access_count_map_;
 };
+
 }; /* namespace keymaster */
 
 #endif  // ANDROID_LIBRARY_KEYMASTER_ENFORCEMENT_H
diff --git a/include/keymaster/soft_keymaster_context.h b/include/keymaster/soft_keymaster_context.h
index b0a4c1e..8f6fe2d 100644
--- a/include/keymaster/soft_keymaster_context.h
+++ b/include/keymaster/soft_keymaster_context.h
@@ -52,6 +52,11 @@ class SoftKeymasterContext : public KeymasterContext {
     keymaster_error_t AddRngEntropy(const uint8_t* buf, size_t length) const override;
     keymaster_error_t GenerateRandom(uint8_t* buf, size_t length) const override;
 
+    KeymasterEnforcement* enforcement_policy() override {
+        // SoftKeymaster does no enforcement; it's all done by Keystore.
+        return nullptr;
+    }
+
   private:
     keymaster_error_t ParseOldSoftkeymasterBlob(const KeymasterKeyBlob& blob,
                                                 KeymasterKeyBlob* key_material,
diff --git a/include/keymaster/soft_keymaster_device.h b/include/keymaster/soft_keymaster_device.h
index a4f85c4..75e0066 100644
--- a/include/keymaster/soft_keymaster_device.h
+++ b/include/keymaster/soft_keymaster_device.h
@@ -45,8 +45,20 @@ class AuthorizationSet;
  */
 class SoftKeymasterDevice {
   public:
+    /**
+     * Create a SoftKeymasterDevice wrapping the specified HW keymaster0 device, which may be NULL.
+     *
+     * Uses SoftKeymaserContext.
+     */
     SoftKeymasterDevice(keymaster0_device_t* keymaster0_device = nullptr);
 
+    /**
+     * Create a SoftKeymasterDevice that uses the specified KeymasterContext.
+     *
+     * TODO(swillden): Refactor SoftKeymasterDevice construction to make all components injectable.
+     */
+    SoftKeymasterDevice(KeymasterContext* context);
+
     hw_device_t* hw_device();
     keymaster1_device_t* keymaster_device();
 
@@ -56,6 +68,8 @@ class SoftKeymasterDevice {
     }
 
   private:
+    void initialize(keymaster0_device_t* keymaster0_device);
+
     static void StoreDefaultNewKeyParams(AuthorizationSet* auth_set);
     static keymaster_error_t GetPkcs8KeyAlgorithm(const uint8_t* key, size_t key_length,
                                                   keymaster_algorithm_t* algorithm);