1 /*
2  * Copyright 2017 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include "proto_utils.h"
18 
19 #include <android-base/logging.h>
20 #include <android/hardware/keymaster/4.0/types.h>
21 #include <keymasterV4_0/key_param_output.h>
22 
23 namespace android {
24 namespace hardware {
25 namespace keymaster {
26 
27 // HAL
28 using ::android::hardware::keymaster::V4_0::Algorithm;
29 using ::android::hardware::keymaster::V4_0::BlockMode;
30 using ::android::hardware::keymaster::V4_0::Digest;
31 using ::android::hardware::keymaster::V4_0::EcCurve;
32 using ::android::hardware::keymaster::V4_0::HardwareAuthenticatorType;
33 using ::android::hardware::keymaster::V4_0::KeyDerivationFunction;
34 using ::android::hardware::keymaster::V4_0::KeyOrigin;
35 using ::android::hardware::keymaster::V4_0::KeyPurpose;
36 using ::android::hardware::keymaster::V4_0::KeyBlobUsageRequirements;
37 using ::android::hardware::keymaster::V4_0::PaddingMode;
38 using ::android::hardware::keymaster::V4_0::Tag;
39 using ::android::hardware::keymaster::V4_0::TagType;
40 
type_from_tag(Tag tag)41 static TagType type_from_tag(Tag tag)
42 {
43     return static_cast<TagType>(tag & (0xF << 28));
44 }
45 
type_from_tag(nosapp::Tag tag)46 static nosapp::TagType type_from_tag(nosapp::Tag tag)
47 {
48     return static_cast<nosapp::TagType>(tag & (0xF << 16));
49 }
50 
translate_tag(Tag tag)51 static nosapp::Tag translate_tag(Tag tag)
52 {
53     enum TagType tag_type = type_from_tag(tag);
54 
55     /* TODO:  This is gross.  The alternative is to have a complete table. */
56     return static_cast<nosapp::Tag>(
57         (((uint32_t)tag_type >> 28) << 16) | (tag & 0xffff));
58 }
59 
translate_tag(nosapp::Tag tag)60 static Tag translate_tag(nosapp::Tag tag)
61 {
62     enum nosapp::TagType tag_type = type_from_tag(tag);
63 
64     /* TODO:  This is gross.  The alternative is to have a complete table. */
65     return static_cast<Tag>(
66         (((uint32_t)tag_type >> 16) << 28) | (tag & 0xffff));
67 }
68 
translate_purpose(KeyPurpose purpose)69 static nosapp::KeyPurpose translate_purpose(KeyPurpose purpose)
70 {
71     switch (purpose) {
72     case KeyPurpose::ENCRYPT:
73         return nosapp::KeyPurpose::ENCRYPT;
74     case KeyPurpose::DECRYPT:
75         return nosapp::KeyPurpose::DECRYPT;
76     case KeyPurpose::SIGN:
77         return nosapp::KeyPurpose::SIGN;
78     case KeyPurpose::VERIFY:
79         return nosapp::KeyPurpose::VERIFY;
80     case KeyPurpose::WRAP_KEY:
81         return nosapp::KeyPurpose::WRAP_KEY;
82     default:
83         return nosapp::KeyPurpose::PURPOSE_MAX;
84     }
85 }
86 
translate_purpose(nosapp::KeyPurpose purpose,KeyPurpose * out)87 static ErrorCode translate_purpose(nosapp::KeyPurpose purpose, KeyPurpose *out)
88 {
89     switch (purpose) {
90     case nosapp::KeyPurpose::ENCRYPT:
91         *out = KeyPurpose::ENCRYPT;
92         break;
93     case nosapp::KeyPurpose::DECRYPT:
94         *out = KeyPurpose::DECRYPT;
95         break;
96     case nosapp::KeyPurpose::SIGN:
97         *out = KeyPurpose::SIGN;
98         break;
99     case nosapp::KeyPurpose::VERIFY:
100         *out = KeyPurpose::VERIFY;
101         break;
102     case nosapp::KeyPurpose::WRAP_KEY:
103         *out = KeyPurpose::WRAP_KEY;
104         break;
105     default:
106         return ErrorCode::UNKNOWN_ERROR;
107     }
108 
109     return ErrorCode::OK;
110 }
111 
translate_algorithm(Algorithm algorithm)112 static nosapp::Algorithm translate_algorithm(Algorithm algorithm)
113 {
114     switch (algorithm) {
115     case Algorithm::RSA:
116         return nosapp::Algorithm::RSA;
117     case Algorithm::EC:
118         return nosapp::Algorithm::EC;
119     case Algorithm::AES:
120         return nosapp::Algorithm::AES;
121     case Algorithm::TRIPLE_DES:
122         return nosapp::Algorithm::DES;
123     case Algorithm::HMAC:
124         return nosapp::Algorithm::HMAC;
125     default:
126         return nosapp::Algorithm::ALGORITHM_MAX;
127     }
128 }
129 
translate_algorithm(nosapp::Algorithm algorithm,Algorithm * out)130 ErrorCode translate_algorithm(nosapp::Algorithm algorithm,
131                               Algorithm *out)
132 {
133     switch (algorithm) {
134     case nosapp::Algorithm::RSA:
135         *out = Algorithm::RSA;
136         break;
137     case nosapp::Algorithm::EC:
138         *out = Algorithm::EC;
139         break;
140     case nosapp::Algorithm::AES:
141         *out = Algorithm::AES;
142         break;
143     case nosapp::Algorithm::DES:
144         *out = Algorithm::TRIPLE_DES;
145         break;
146     case nosapp::Algorithm::HMAC:
147         *out = Algorithm::HMAC;
148         break;
149     default:
150         return ErrorCode::UNKNOWN_ERROR;
151     }
152 
153     return ErrorCode::OK;
154 }
155 
translate_block_mode(BlockMode block_mode)156 static nosapp::BlockMode translate_block_mode(BlockMode block_mode)
157 {
158     switch (block_mode) {
159     case BlockMode::ECB:
160         return nosapp::BlockMode::ECB;
161     case BlockMode::CBC:
162         return nosapp::BlockMode::CBC;
163     case BlockMode::CTR:
164         return nosapp::BlockMode::CTR;
165     case BlockMode::GCM:
166         return nosapp::BlockMode::GCM;
167     default:
168         return nosapp::BlockMode::BLOCK_MODE_MAX;
169     }
170 }
171 
translate_block_mode(nosapp::BlockMode block_mode,BlockMode * out)172 static ErrorCode translate_block_mode(nosapp::BlockMode block_mode,
173                                       BlockMode *out)
174 {
175     switch (block_mode) {
176     case nosapp::BlockMode::ECB:
177         *out = BlockMode::ECB;
178         break;
179     case nosapp::BlockMode::CBC:
180         *out = BlockMode::CBC;
181         break;
182     case nosapp::BlockMode::CTR:
183         *out = BlockMode::CTR;
184         break;
185     case nosapp::BlockMode::GCM:
186         *out = BlockMode::GCM;
187         break;
188     default:
189         return ErrorCode::UNKNOWN_ERROR;
190         break;
191     }
192 
193     return ErrorCode::OK;
194 }
195 
translate_digest(Digest digest)196 static nosapp::Digest translate_digest(Digest digest)
197 {
198     switch (digest) {
199     case Digest::NONE:
200         return nosapp::Digest::DIGEST_NONE;
201     case Digest::MD5:
202         return nosapp::Digest::DIGEST_MD5;
203     case Digest::SHA1:
204         return nosapp::Digest::DIGEST_SHA1;
205     case Digest::SHA_2_224:
206         return nosapp::Digest::DIGEST_SHA_2_224;
207     case Digest::SHA_2_256:
208         return nosapp::Digest::DIGEST_SHA_2_256;
209     case Digest::SHA_2_384:
210         return nosapp::Digest::DIGEST_SHA_2_384;
211     case Digest::SHA_2_512:
212         return nosapp::Digest::DIGEST_SHA_2_512;
213     default:
214         return nosapp::Digest::DIGEST_MAX;
215     }
216 }
217 
translate_digest(nosapp::Digest digest,Digest * out)218 static ErrorCode translate_digest(nosapp::Digest digest,
219                                   Digest *out)
220 {
221     switch (digest) {
222     case nosapp::Digest::DIGEST_NONE:
223         *out = Digest::NONE;
224         break;
225     case nosapp::Digest::DIGEST_MD5:
226         *out = Digest::MD5;
227         break;
228     case nosapp::Digest::DIGEST_SHA1:
229         *out = Digest::SHA1;
230         break;
231     case nosapp::Digest::DIGEST_SHA_2_224:
232         *out = Digest::SHA_2_224;
233         break;
234     case nosapp::Digest::DIGEST_SHA_2_256:
235         *out = Digest::SHA_2_256;
236         break;
237     case nosapp::Digest::DIGEST_SHA_2_384:
238         *out = Digest::SHA_2_384;
239         break;
240     case nosapp::Digest::DIGEST_SHA_2_512:
241         *out = Digest::SHA_2_512;
242         break;
243     default:
244         return ErrorCode::UNKNOWN_ERROR;
245     }
246 
247     return ErrorCode::OK;
248 }
249 
translate_padding_mode(PaddingMode padding_mode)250 static nosapp::PaddingMode translate_padding_mode(PaddingMode padding_mode)
251 {
252     switch (padding_mode) {
253     case PaddingMode::NONE:
254         return nosapp::PaddingMode::PADDING_NONE;
255     case PaddingMode::RSA_OAEP:
256         return nosapp::PaddingMode::PADDING_RSA_OAEP;
257     case PaddingMode::RSA_PSS:
258         return nosapp::PaddingMode::PADDING_RSA_PSS;
259     case PaddingMode::RSA_PKCS1_1_5_ENCRYPT:
260         return nosapp::PaddingMode::PADDING_RSA_PKCS1_1_5_ENCRYPT;
261     case PaddingMode::RSA_PKCS1_1_5_SIGN:
262         return nosapp::PaddingMode::PADDING_RSA_PKCS1_1_5_SIGN;
263     case PaddingMode::PKCS7:
264         return nosapp::PaddingMode::PADDING_PKCS7;
265     default:
266         return nosapp::PaddingMode::PADDING_MODE_MAX;
267     }
268 }
269 
translate_padding_mode(nosapp::PaddingMode padding_mode,PaddingMode * out)270 static ErrorCode translate_padding_mode(nosapp::PaddingMode padding_mode,
271     PaddingMode *out)
272 {
273     switch (padding_mode) {
274     case nosapp::PaddingMode::PADDING_NONE:
275         *out = PaddingMode::NONE;
276         break;
277     case nosapp::PaddingMode::PADDING_RSA_OAEP:
278         *out = PaddingMode::RSA_OAEP;
279         break;
280     case nosapp::PaddingMode::PADDING_RSA_PSS:
281         *out = PaddingMode::RSA_PSS;
282         break;
283     case nosapp::PaddingMode::PADDING_RSA_PKCS1_1_5_ENCRYPT:
284         *out = PaddingMode::RSA_PKCS1_1_5_ENCRYPT;
285         break;
286     case nosapp::PaddingMode::PADDING_RSA_PKCS1_1_5_SIGN:
287         *out = PaddingMode::RSA_PKCS1_1_5_SIGN;
288         break;
289     case nosapp::PaddingMode::PADDING_PKCS7:
290         *out = PaddingMode::PKCS7;
291         break;
292     default:
293         return ErrorCode::UNKNOWN_ERROR;
294     }
295 
296     return ErrorCode::OK;
297 }
298 
translate_ec_curve(EcCurve ec_curve)299 static nosapp::EcCurve translate_ec_curve(EcCurve ec_curve)
300 {
301     switch (ec_curve) {
302     case EcCurve::P_224:
303         return nosapp::EcCurve::P_224;
304     case EcCurve::P_256:
305         return nosapp::EcCurve::P_256;
306     case EcCurve::P_384:
307         return nosapp::EcCurve::P_384;
308     case EcCurve::P_521:
309         return nosapp::EcCurve::P_521;
310     default:
311         return nosapp::EcCurve::EC_CURVE_MAX;
312     }
313 }
314 
translate_ec_curve(nosapp::EcCurve ec_curve,EcCurve * out)315 ErrorCode translate_ec_curve(nosapp::EcCurve ec_curve, EcCurve *out)
316 {
317     switch (ec_curve) {
318     case nosapp::EcCurve::P_224:
319         *out = EcCurve::P_224;
320         break;
321     case nosapp::EcCurve::P_256:
322         *out = EcCurve::P_256;
323         break;
324     case nosapp::EcCurve::P_384:
325         *out = EcCurve::P_384;
326         break;
327     case nosapp::EcCurve::P_521:
328         *out = EcCurve::P_521;
329         break;
330     default:
331         return ErrorCode::UNKNOWN_ERROR;
332     }
333 
334     return ErrorCode::OK;
335 }
336 
translate_key_blob_usage_requirements(KeyBlobUsageRequirements usage)337 static nosapp::KeyBlobUsageRequirements translate_key_blob_usage_requirements(
338     KeyBlobUsageRequirements usage)
339 {
340     switch (usage) {
341     case KeyBlobUsageRequirements::STANDALONE:
342         return nosapp::KeyBlobUsageRequirements::STANDALONE;
343     case KeyBlobUsageRequirements::REQUIRES_FILE_SYSTEM:
344         return nosapp::KeyBlobUsageRequirements::REQUIRES_FILE_SYSTEM;
345     default:
346         return nosapp::KeyBlobUsageRequirements::KEY_USAGE_MAX;
347         break;
348     }
349 }
350 
translate_key_blob_usage_requirements(nosapp::KeyBlobUsageRequirements usage,KeyBlobUsageRequirements * out)351 static ErrorCode translate_key_blob_usage_requirements(
352     nosapp::KeyBlobUsageRequirements usage, KeyBlobUsageRequirements *out)
353 {
354     switch (usage) {
355     case nosapp::KeyBlobUsageRequirements::STANDALONE:
356         *out = KeyBlobUsageRequirements::STANDALONE;
357         break;
358     case nosapp::KeyBlobUsageRequirements::REQUIRES_FILE_SYSTEM:
359         *out = KeyBlobUsageRequirements::REQUIRES_FILE_SYSTEM;
360         break;
361     default:
362         return ErrorCode::UNKNOWN_ERROR;
363     }
364 
365     return ErrorCode::UNKNOWN_ERROR;
366 }
367 
translate_key_origin(KeyOrigin key_origin)368 static nosapp::KeyOrigin translate_key_origin(KeyOrigin key_origin)
369 {
370     switch (key_origin) {
371     case KeyOrigin::GENERATED:
372         return nosapp::KeyOrigin::GENERATED;
373     case KeyOrigin::DERIVED:
374         return nosapp::KeyOrigin::DERIVED;
375     case KeyOrigin::IMPORTED:
376         return nosapp::KeyOrigin::IMPORTED;
377     case KeyOrigin::UNKNOWN:
378         return nosapp::KeyOrigin::UNKNOWN;
379     default:
380         return nosapp::KeyOrigin::KEY_ORIGIN_MAX;
381     }
382 }
383 
translate_key_origin(nosapp::KeyOrigin key_origin,KeyOrigin * out)384 static ErrorCode translate_key_origin(nosapp::KeyOrigin key_origin,
385                                       KeyOrigin *out)
386 {
387     switch (key_origin) {
388     case nosapp::KeyOrigin::GENERATED:
389         *out = KeyOrigin::GENERATED;
390         break;
391     case nosapp::KeyOrigin::DERIVED:
392         *out = KeyOrigin::DERIVED;
393         break;
394     case nosapp::KeyOrigin::IMPORTED:
395         *out = KeyOrigin::IMPORTED;
396         break;
397     case nosapp::KeyOrigin::UNKNOWN:
398         *out = KeyOrigin::UNKNOWN;
399         break;
400     default:
401         return ErrorCode::UNKNOWN_ERROR;
402     }
403 
404     return ErrorCode::OK;
405 }
406 
translate_auth_token(const HardwareAuthToken & auth_token,nosapp::HardwareAuthToken * out)407 ErrorCode translate_auth_token(const HardwareAuthToken& auth_token,
408                                nosapp::HardwareAuthToken *out)
409 {
410     out->set_challenge(auth_token.challenge);
411     out->set_user_id(auth_token.userId);
412     out->set_authenticator_id(auth_token.authenticatorId);
413     out->set_authenticator_type((uint32_t)auth_token.authenticatorType);
414     out->set_timestamp(auth_token.timestamp);
415     out->set_mac(&auth_token.mac[0], auth_token.mac.size());
416 
417     return ErrorCode::OK;
418 }
419 
translate_verification_token(const VerificationToken & verification_token,nosapp::VerificationToken * out)420 void translate_verification_token(
421     const VerificationToken& verification_token,
422     nosapp::VerificationToken *out)
423 {
424     out->set_challenge(verification_token.challenge);
425     out->set_timestamp(verification_token.timestamp);
426     hidl_params_to_pb(verification_token.parametersVerified,
427                       out->mutable_params_verified());
428     out->set_security_level(static_cast<nosapp::SecurityLevel>(
429                             verification_token.securityLevel));
430     out->set_mac(verification_token.mac.data(),
431                  verification_token.mac.size());
432 }
433 
key_parameter_to_pb(const KeyParameter & param,nosapp::KeyParameter * pb)434 ErrorCode key_parameter_to_pb(const KeyParameter& param,
435                               nosapp::KeyParameter *pb)
436 {
437     switch (param.tag) {
438     case Tag::INVALID:
439         LOG(ERROR) << "key_parameter_to_pb: invalid Tag received: "
440                    << (uint32_t)param.tag;
441         return ErrorCode::INVALID_ARGUMENT;
442         break;
443     case Tag::PURPOSE: // (TagType:ENUM_REP | 1)
444         pb->set_integer((uint32_t)translate_purpose(param.f.purpose));
445         break;
446     case Tag::ALGORITHM: // (TagType:ENUM | 2)
447         pb->set_integer((uint32_t)translate_algorithm(param.f.algorithm));
448         break;
449     case Tag::KEY_SIZE: // (TagType:UINT | 3)
450         pb->set_integer(param.f.integer);
451         break;
452     case Tag::BLOCK_MODE: // (TagType:ENUM_REP | 4)
453         pb->set_integer((uint32_t)translate_block_mode(param.f.blockMode));
454         break;
455     case Tag::DIGEST: // (TagType:ENUM_REP | 5)
456         pb->set_integer((uint32_t)translate_digest(param.f.digest));
457         break;
458     case Tag::PADDING:; // (TagType:ENUM_REP | 6)
459         pb->set_integer((uint32_t)translate_padding_mode(param.f.paddingMode));
460         break;
461     case Tag::CALLER_NONCE: // (TagType:BOOL | 7)
462         pb->set_integer(param.f.boolValue);
463         break;
464     case Tag::MIN_MAC_LENGTH: // (TagType:UINT | 8)
465         pb->set_integer(param.f.integer);
466         break;
467     case Tag::EC_CURVE: // (TagType:ENUM | 10)
468         pb->set_integer((uint32_t)translate_ec_curve(param.f.ecCurve));
469         break;
470     case Tag::RSA_PUBLIC_EXPONENT: // (TagType:ULONG | 200)
471         pb->set_long_integer(param.f.longInteger);
472         break;
473     case Tag::INCLUDE_UNIQUE_ID: // (TagType:BOOL | 202)
474         pb->set_integer(param.f.boolValue);
475         break;
476     case Tag::BLOB_USAGE_REQUIREMENTS: // (TagType:ENUM | 301)
477         pb->set_integer((uint32_t)translate_key_blob_usage_requirements(
478                             param.f.keyBlobUsageRequirements));
479         break;
480     case Tag::BOOTLOADER_ONLY: // (TagType:BOOL | 302)
481         pb->set_integer(param.f.boolValue);
482         break;
483     case Tag::ROLLBACK_RESISTANCE: // (TagType:BOOL | 303)
484         pb->set_integer(param.f.boolValue);
485         break;
486     case Tag::HARDWARE_TYPE: // (TagType:ENUM | 304)
487         break;
488     case Tag::ACTIVE_DATETIME: // (TagType:DATE | 400)
489         pb->set_long_integer(param.f.dateTime);
490         break;
491     case Tag::ORIGINATION_EXPIRE_DATETIME: // (TagType:DATE | 401)
492     case Tag::USAGE_EXPIRE_DATETIME: // (TagType:DATE | 402)
493         pb->set_long_integer(param.f.dateTime);
494         break;
495     case Tag::MIN_SECONDS_BETWEEN_OPS: // (TagType:UINT | 403)
496     case Tag::MAX_USES_PER_BOOT: // (TagType:UINT | 404)
497         pb->set_integer(param.f.integer);
498         break;
499     case Tag::USER_SECURE_ID: // (TagType:ULONG_REP | 502)
500         pb->set_long_integer(param.f.longInteger);
501         break;
502     case Tag::NO_AUTH_REQUIRED: // (TagType:BOOL | 503)
503         pb->set_integer(param.f.boolValue);
504         break;
505     case Tag::USER_AUTH_TYPE: // (TagType:ENUM | 504)
506         // This field is an OR'd bitfield of HAL enum values from
507         // ::android::hardware::keymaster::V4_0::HardwareAuthenticatorType.
508         pb->set_integer((uint32_t)param.f.hardwareAuthenticatorType);
509         break;
510     case Tag::AUTH_TIMEOUT: // (TagType:UINT | 505)
511         pb->set_integer(param.f.integer);
512         break;
513     case Tag::ALLOW_WHILE_ON_BODY: // (TagType:BOOL | 506)
514         pb->set_integer(param.f.boolValue);
515         break;
516     case Tag::TRUSTED_USER_PRESENCE_REQUIRED: // (TagType:BOOL | 507)
517         pb->set_integer(param.f.boolValue);
518         break;
519     case Tag::TRUSTED_CONFIRMATION_REQUIRED: // (TagType:BOOL | 508)
520         pb->set_integer(param.f.boolValue);
521         break;
522     case Tag::APPLICATION_ID: // (TagType:BYTES | 601)
523         pb->set_blob(&param.blob[0], param.blob.size());
524         break;
525     case Tag::APPLICATION_DATA: // (TagType:BYTES | 700)
526         pb->set_blob(&param.blob[0], param.blob.size());
527         break;
528     case Tag::CREATION_DATETIME: // (TagType:DATE | 701)
529         pb->set_long_integer(param.f.dateTime);
530         break;
531     case Tag::ORIGIN: // (TagType:ENUM | 702)
532         pb->set_integer((uint32_t)translate_key_origin(param.f.origin));
533         break;
534     case Tag::ROOT_OF_TRUST: // (TagType:BYTES | 704)
535         pb->set_blob(&param.blob[0], param.blob.size());
536         break;
537     case Tag::OS_VERSION: // (TagType:UINT | 705)
538     case Tag::OS_PATCHLEVEL: // (TagType:UINT | 706)
539         pb->set_integer(param.f.integer);
540         break;
541     case Tag::UNIQUE_ID: // (TagType:BYTES | 707)
542     case Tag::ATTESTATION_CHALLENGE: // (TagType:BYTES | 708)
543     case Tag::ATTESTATION_APPLICATION_ID: // (TagType:BYTES | 709)
544     case Tag::ATTESTATION_ID_BRAND: // (TagType:BYTES | 710)
545     case Tag::ATTESTATION_ID_DEVICE: // (TagType:BYTES | 711)
546     case Tag::ATTESTATION_ID_PRODUCT: // (TagType:BYTES | 712)
547     case Tag::ATTESTATION_ID_SERIAL: // (TagType:BYTES | 713)
548     case Tag::ATTESTATION_ID_IMEI: // (TagType:BYTES | 714)
549     case Tag::ATTESTATION_ID_MEID: // (TagType:BYTES | 715)
550     case Tag::ATTESTATION_ID_MANUFACTURER: // (TagType:BYTES | 716)
551     case Tag::ATTESTATION_ID_MODEL: // (TagType:BYTES | 717)
552         pb->set_blob(&param.blob[0], param.blob.size());
553         break;
554     case Tag::VENDOR_PATCHLEVEL: // (TagType:UINT | 718)
555     case Tag::BOOT_PATCHLEVEL: // (TagType:UINT | 719)
556         pb->set_integer(param.f.integer);
557         break;
558     case Tag::ASSOCIATED_DATA: // (TagType:BYTES | 1000)
559     case Tag::NONCE: // (TagType:BYTES | 1001)
560     case Tag::CONFIRMATION_TOKEN: // (TagType:BYTES | 1005)
561         pb->set_blob(&param.blob[0], param.blob.size());
562         break;
563     case Tag::MAC_LENGTH: // (TagType:UINT | 1003)
564         pb->set_integer(param.f.integer);
565         break;
566     case Tag::RESET_SINCE_ID_ROTATION: // (TagType:BOOL | 1004)
567         pb->set_integer(param.f.boolValue);
568         break;
569     default:
570         LOG(ERROR) << "Unhandled tag value in key_parameter_to_pb: "
571                    << (uint32_t) param.tag;
572     }
573 
574     pb->set_tag(translate_tag(param.tag));
575     return ErrorCode::OK;
576 }
577 
pb_to_key_parameter(const nosapp::KeyParameter & param,KeyParameter * kp)578 ErrorCode pb_to_key_parameter(const nosapp::KeyParameter& param,
579                               KeyParameter *kp)
580 {
581     switch (param.tag()) {
582     case nosapp::Tag::TAG_INVALID:
583         LOG(ERROR) << "pb_to_key_parameter: invalid Tag received: "
584                    << (uint32_t)param.tag();
585         return ErrorCode::UNKNOWN_ERROR;
586         break;
587     case nosapp::Tag::PURPOSE: // (TagType:ENUM_REP | 1)
588         if (translate_purpose(static_cast<nosapp::KeyPurpose>(param.integer()),
589                               &kp->f.purpose) != ErrorCode::OK) {
590             return ErrorCode::UNKNOWN_ERROR;
591         }
592         break;
593     case nosapp::Tag::ALGORITHM: // (TagType:ENUM | 2)
594         if (translate_algorithm(static_cast<nosapp::Algorithm>(param.integer()),
595                                 &kp->f.algorithm) != ErrorCode::OK) {
596             return ErrorCode::UNKNOWN_ERROR;
597         }
598         break;
599     case nosapp::Tag::KEY_SIZE: // (TagType:UINT | 3)
600         kp->f.integer = param.integer();
601         break;
602     case nosapp::Tag::BLOCK_MODE: // (TagType:ENUM_REP | 4)
603         if (translate_block_mode(
604                 static_cast<nosapp::BlockMode>(param.integer()),
605                 &kp->f.blockMode) != ErrorCode::OK) {
606             return ErrorCode::UNKNOWN_ERROR;
607         }
608         break;
609     case nosapp::Tag::DIGEST: // (TagType:ENUM_REP | 5)
610         if (translate_digest(
611                 static_cast<nosapp::Digest>(param.integer()),
612                 &kp->f.digest) != ErrorCode::OK) {
613             return ErrorCode::UNKNOWN_ERROR;
614         }
615         break;
616     case nosapp::Tag::PADDING:; // (TagType:ENUM_REP | 6)
617         if (translate_padding_mode(
618                 static_cast<nosapp::PaddingMode>(param.integer()),
619                 &kp->f.paddingMode) != ErrorCode::OK) {
620             return ErrorCode::UNKNOWN_ERROR;
621         }
622         break;
623     case nosapp::Tag::CALLER_NONCE: // (TagType:BOOL | 7)
624         kp->f.boolValue = (bool)param.integer();
625         break;
626     case nosapp::Tag::MIN_MAC_LENGTH: // (TagType:UINT | 8)
627         kp->f.integer = param.integer();
628         break;
629     case nosapp::Tag::EC_CURVE: // (TagType:ENUM | 10)
630         if (translate_ec_curve(
631                 static_cast<nosapp::EcCurve>(param.integer()),
632                 &kp->f.ecCurve) != ErrorCode::OK) {
633             return ErrorCode::UNKNOWN_ERROR;
634         }
635         break;
636     case nosapp::Tag::RSA_PUBLIC_EXPONENT: // (TagType:ULONG | 200)
637         kp->f.longInteger = param.long_integer();
638         break;
639     case nosapp::Tag::INCLUDE_UNIQUE_ID: // (TagType:BOOL | 202)
640         kp->f.boolValue = (bool)param.integer();
641         break;
642     case nosapp::Tag::BLOB_USAGE_REQUIREMENTS: // (TagType:ENUM | 301)
643         if (translate_key_blob_usage_requirements(
644                 static_cast<nosapp::KeyBlobUsageRequirements>(param.integer()),
645                 &kp->f.keyBlobUsageRequirements) != ErrorCode::OK) {
646             return ErrorCode::UNKNOWN_ERROR;
647         }
648         break;
649     case nosapp::Tag::BOOTLOADER_ONLY: // (TagType:BOOL | 302)
650     case nosapp::Tag::ROLLBACK_RESISTANCE: // (TagType:BOOL | 303)
651         kp->f.boolValue = (bool)param.integer();
652         break;
653     case nosapp::Tag::ACTIVE_DATETIME: // (TagType:DATE | 400)
654     case nosapp::Tag::ORIGINATION_EXPIRE_DATETIME: // (TagType:DATE | 401)
655     case nosapp::Tag::USAGE_EXPIRE_DATETIME: // (TagType:DATE | 402)
656         kp->f.dateTime = param.long_integer();
657         break;
658     case nosapp::Tag::MIN_SECONDS_BETWEEN_OPS: // (TagType:UINT | 403)
659     case nosapp::Tag::MAX_USES_PER_BOOT: // (TagType:UINT | 404)
660         kp->f.integer = param.integer();
661         break;
662     case nosapp::Tag::USER_SECURE_ID: // (TagType:ULONG_REP | 502)
663         kp->f.longInteger = param.long_integer();
664         break;
665     case nosapp::Tag::NO_AUTH_REQUIRED: // (TagType:BOOL | 503)
666         kp->f.boolValue = (bool)param.integer();
667         break;
668     case nosapp::Tag::USER_AUTH_TYPE: // (TagType:ENUM | 504)
669         // This field is an OR'd bitfield of HAL enum values from
670         // ::android::hardware::keymaster::V4_0::HardwareAuthenticatorType.
671         kp->f.hardwareAuthenticatorType =
672             static_cast<HardwareAuthenticatorType>(param.integer());
673         break;
674     case nosapp::Tag::AUTH_TIMEOUT: // (TagType:UINT | 505)
675         kp->f.integer = param.integer();
676         break;
677     case nosapp::Tag::ALLOW_WHILE_ON_BODY: // (TagType:BOOL | 506)
678         kp->f.boolValue = (bool)param.integer();
679         break;
680     case nosapp::Tag::TRUSTED_USER_PRESENCE_REQUIRED: // (TagType:BOOL | 507)
681         kp->f.boolValue = (bool)param.integer();
682         break;
683     case nosapp::Tag::TRUSTED_CONFIRMATION_REQUIRED: // (TagType:BOOL | 508)
684         kp->f.boolValue = (bool)param.integer();
685         break;
686     case nosapp::Tag::APPLICATION_ID: // (TagType:BYTES | 601)
687         kp->blob.setToExternal(
688             reinterpret_cast<uint8_t *>(
689                 const_cast<char *>(param.blob().data())), param.blob().size());;
690         break;
691     case nosapp::Tag::APPLICATION_DATA: // (TagType:BYTES | 700)
692         kp->blob.setToExternal(
693             reinterpret_cast<uint8_t *>(
694                 const_cast<char *>(param.blob().data())), param.blob().size());;
695         break;
696     case nosapp::Tag::CREATION_DATETIME: // (TagType:DATE | 701)
697         kp->f.dateTime = param.long_integer();
698         break;
699     case nosapp::Tag::ORIGIN: // (TagType:ENUM | 702)
700         if (translate_key_origin(
701                 static_cast<nosapp::KeyOrigin>(param.integer()),
702                 &kp->f.origin) != ErrorCode::OK) {
703             return ErrorCode::UNKNOWN_ERROR;
704         }
705         break;
706     case nosapp::Tag::ROOT_OF_TRUST: // (TagType:BYTES | 704)
707         kp->blob.setToExternal(
708             reinterpret_cast<uint8_t *>(
709                 const_cast<char *>(param.blob().data())), param.blob().size());
710         break;
711     case nosapp::Tag::OS_VERSION: // (TagType:UINT | 705)
712     case nosapp::Tag::OS_PATCHLEVEL: // (TagType:UINT | 706)
713         kp->f.integer = param.integer();
714         break;
715     case nosapp::Tag::UNIQUE_ID: // (TagType:BYTES | 707)
716     case nosapp::Tag::ATTESTATION_CHALLENGE: // (TagType:BYTES | 708)
717     case nosapp::Tag::ATTESTATION_APPLICATION_ID: // (TagType:BYTES | 709)
718     case nosapp::Tag::ATTESTATION_ID_BRAND: // (TagType:BYTES | 710)
719     case nosapp::Tag::ATTESTATION_ID_DEVICE: // (TagType:BYTES | 711)
720     case nosapp::Tag::ATTESTATION_ID_PRODUCT: // (TagType:BYTES | 712)
721     case nosapp::Tag::ATTESTATION_ID_SERIAL: // (TagType:BYTES | 713)
722     case nosapp::Tag::ATTESTATION_ID_IMEI: // (TagType:BYTES | 714)
723     case nosapp::Tag::ATTESTATION_ID_MEID: // (TagType:BYTES | 715)
724     case nosapp::Tag::ATTESTATION_ID_MANUFACTURER: // (TagType:BYTES | 716)
725     case nosapp::Tag::ATTESTATION_ID_MODEL: // (TagType:BYTES | 717)
726         kp->blob.setToExternal(
727             reinterpret_cast<uint8_t *>(
728                 const_cast<char *>(param.blob().data())), param.blob().size());
729         break;
730     case nosapp::Tag::VENDOR_PATCHLEVEL: // (TagType:UINT | 718)
731     case nosapp::Tag::BOOT_PATCHLEVEL: // (TagType:UINT | 719)
732         kp->f.integer = param.integer();
733         break;
734     case nosapp::Tag::ASSOCIATED_DATA: // (TagType:BYTES | 1000)
735     case nosapp::Tag::NONCE: // (TagType:BYTES | 1001)
736         kp->blob.setToExternal(
737             reinterpret_cast<uint8_t *>(
738                 const_cast<char *>(param.blob().data())), param.blob().size());
739         break;
740     case nosapp::Tag::MAC_LENGTH: // (TagType:UINT | 1003)
741         kp->f.integer = param.integer();
742         break;
743     case nosapp::Tag::RESET_SINCE_ID_ROTATION: // (TagType:BOOL | 1004)
744         kp->f.boolValue = (bool)param.integer();
745         break;
746     case nosapp::Tag::CONFIRMATION_TOKEN: // (TagType:BOOL | 1005)
747         kp->blob.setToExternal(
748             reinterpret_cast<uint8_t *>(
749                 const_cast<char *>(param.blob().data())), param.blob().size());
750         break;
751     default:
752         return ErrorCode::UNKNOWN_ERROR;
753     }
754 
755     kp->tag = translate_tag(param.tag());
756     return ErrorCode::OK;
757 }
758 
hidl_params_to_pb(const hidl_vec<KeyParameter> & params,nosapp::KeyParameters * pb)759 ErrorCode hidl_params_to_pb(const hidl_vec<KeyParameter>& params,
760                        nosapp::KeyParameters *pb)
761 {
762     for (size_t i = 0; i < params.size(); i++) {
763         nosapp::KeyParameter *param = pb->add_params();
764         ErrorCode error = key_parameter_to_pb(params[i], param);
765         if (error != ErrorCode::OK) {
766             return ErrorCode::INVALID_ARGUMENT;
767         }
768     }
769 
770     return ErrorCode::OK;
771 }
772 
hidl_params_to_map(const hidl_vec<KeyParameter> & params,tag_map_t * tag_map)773 ErrorCode hidl_params_to_map(const hidl_vec<KeyParameter>& params,
774                              tag_map_t *tag_map)
775 {
776     for (size_t i = 0; i < params.size(); i++) {
777         switch (type_from_tag(params[i].tag)) {
778         case TagType::INVALID:
779             return ErrorCode::INVALID_ARGUMENT;
780             break;
781         case TagType::ENUM:
782         case TagType::UINT:
783         case TagType::ULONG:
784         case TagType::DATE:
785         case TagType::BOOL:
786         case TagType::BIGNUM:
787         case TagType::BYTES:
788             if (tag_map->find(params[i].tag) != tag_map->end()) {
789                 // Duplicates not allowed for these tags types.
790                 return ErrorCode::INVALID_ARGUMENT;
791             }
792             FALLTHROUGH_INTENDED;
793         case TagType::ENUM_REP:
794             FALLTHROUGH_INTENDED;
795         case TagType::UINT_REP:
796             FALLTHROUGH_INTENDED;
797         case TagType::ULONG_REP:
798             if (tag_map->find(params[i].tag) == tag_map->end()) {
799                 vector<KeyParameter> v{params[i]};
800                 tag_map->insert(
801                     std::pair<Tag, vector<KeyParameter> >(
802                         params[i].tag, v));
803             } else {
804                 (*tag_map)[params[i].tag].push_back(params[i]);
805             }
806             break;
807         default:
808             /* Unrecognized TagType. */
809             return ErrorCode::INVALID_ARGUMENT;
810             break;
811         }
812     }
813 
814     return ErrorCode::OK;
815 }
816 
map_params_to_pb(const tag_map_t & params,nosapp::KeyParameters * pbParams)817 ErrorCode map_params_to_pb(const tag_map_t& params,
818                            nosapp::KeyParameters *pbParams)
819 {
820     for (const auto& it : params) {
821         for (const auto& pt : it.second) {
822             nosapp::KeyParameter *param = pbParams->add_params();
823             ErrorCode error = key_parameter_to_pb(pt, param);
824             if (error != ErrorCode::OK) {
825                 return error;
826             }
827         }
828     }
829 
830     return ErrorCode::OK;
831 }
832 
pb_to_hidl_params(const nosapp::KeyParameters & pbParams,hidl_vec<KeyParameter> * params)833 ErrorCode pb_to_hidl_params(const nosapp::KeyParameters& pbParams,
834                             hidl_vec<KeyParameter> *params)
835 {
836     std::vector<KeyParameter> kpv;
837     for (size_t i = 0; i < (size_t)pbParams.params_size(); i++) {
838         KeyParameter kp;
839         const nosapp::KeyParameter& param = pbParams.params(i);
840 
841         ErrorCode error = pb_to_key_parameter(param, &kp);
842         if (error != ErrorCode::OK) {
843             return ErrorCode::UNKNOWN_ERROR;
844         }
845 
846         kpv.push_back(kp);
847     }
848 
849     *params = kpv;
850     return ErrorCode::OK;
851 }
852 
translate_error_code(nosapp::ErrorCode error_code)853 ErrorCode translate_error_code(nosapp::ErrorCode error_code)
854 {
855     switch (error_code) {
856     case nosapp::ErrorCode::OK:
857         return ErrorCode::OK;
858     case nosapp::ErrorCode::ROOT_OF_TRUST_ALREADY_SET:
859         return ErrorCode::ROOT_OF_TRUST_ALREADY_SET;
860     case nosapp::ErrorCode::UNSUPPORTED_PURPOSE:
861       return ErrorCode::UNSUPPORTED_PURPOSE;
862     case nosapp::ErrorCode::INCOMPATIBLE_PURPOSE:
863         return ErrorCode::INCOMPATIBLE_PURPOSE;
864     case nosapp::ErrorCode::UNSUPPORTED_ALGORITHM:
865         return ErrorCode::UNSUPPORTED_ALGORITHM;
866     case nosapp::ErrorCode::INCOMPATIBLE_ALGORITHM:
867         return ErrorCode::INCOMPATIBLE_ALGORITHM;
868     case nosapp::ErrorCode::UNSUPPORTED_KEY_SIZE:
869         return ErrorCode::UNSUPPORTED_KEY_SIZE;
870     case nosapp::ErrorCode::UNSUPPORTED_BLOCK_MODE:
871         return ErrorCode::UNSUPPORTED_BLOCK_MODE;
872     case nosapp::ErrorCode::INCOMPATIBLE_BLOCK_MODE:
873         return ErrorCode::INCOMPATIBLE_BLOCK_MODE;
874     case nosapp::ErrorCode::UNSUPPORTED_MAC_LENGTH:
875         return ErrorCode::UNSUPPORTED_MAC_LENGTH;
876     case nosapp::ErrorCode::UNSUPPORTED_PADDING_MODE:
877         return ErrorCode::UNSUPPORTED_PADDING_MODE;
878     case nosapp::ErrorCode::INCOMPATIBLE_PADDING_MODE:
879         return ErrorCode::INCOMPATIBLE_PADDING_MODE;
880     case nosapp::ErrorCode::UNSUPPORTED_DIGEST:
881         return ErrorCode::UNSUPPORTED_DIGEST;
882     case nosapp::ErrorCode::INCOMPATIBLE_DIGEST:
883         return ErrorCode::INCOMPATIBLE_DIGEST;
884     case nosapp::ErrorCode::INVALID_EXPIRATION_TIME:
885         return ErrorCode::INVALID_EXPIRATION_TIME;
886     case nosapp::ErrorCode::INVALID_USER_ID:
887         return ErrorCode::INVALID_USER_ID;
888     case nosapp::ErrorCode::INVALID_AUTHORIZATION_TIMEOUT:
889         return ErrorCode::INVALID_AUTHORIZATION_TIMEOUT;
890     case nosapp::ErrorCode::UNSUPPORTED_KEY_FORMAT:
891         return ErrorCode::UNSUPPORTED_KEY_FORMAT;
892     case nosapp::ErrorCode::INCOMPATIBLE_KEY_FORMAT:
893         return ErrorCode::INCOMPATIBLE_KEY_FORMAT;
894     case nosapp::ErrorCode::UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM:
895         return ErrorCode::UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM;
896     case nosapp::ErrorCode::UNSUPPORTED_KEY_VERIFICATION_ALGORITHM:
897         return ErrorCode::UNSUPPORTED_KEY_VERIFICATION_ALGORITHM;
898     case nosapp::ErrorCode::INVALID_INPUT_LENGTH:
899         return ErrorCode::INVALID_INPUT_LENGTH;
900     case nosapp::ErrorCode::KEY_EXPORT_OPTIONS_INVALID:
901         return ErrorCode::KEY_EXPORT_OPTIONS_INVALID;
902     case nosapp::ErrorCode::DELEGATION_NOT_ALLOWED:
903         return ErrorCode::DELEGATION_NOT_ALLOWED;
904     case nosapp::ErrorCode::KEY_NOT_YET_VALID:
905         return ErrorCode::KEY_NOT_YET_VALID;
906     case nosapp::ErrorCode::KEY_EXPIRED:
907         return ErrorCode::KEY_EXPIRED;
908     case nosapp::ErrorCode::KEY_USER_NOT_AUTHENTICATED:
909         return ErrorCode::KEY_USER_NOT_AUTHENTICATED;
910     case nosapp::ErrorCode::OUTPUT_PARAMETER_NULL:
911         return ErrorCode::OUTPUT_PARAMETER_NULL;
912     case nosapp::ErrorCode::INVALID_OPERATION_HANDLE:
913         return ErrorCode::INVALID_OPERATION_HANDLE;
914     case nosapp::ErrorCode::INSUFFICIENT_BUFFER_SPACE:
915         return ErrorCode::INSUFFICIENT_BUFFER_SPACE;
916     case nosapp::ErrorCode::VERIFICATION_FAILED:
917         return ErrorCode::VERIFICATION_FAILED;
918     case nosapp::ErrorCode::TOO_MANY_OPERATIONS:
919         return ErrorCode::TOO_MANY_OPERATIONS;
920     case nosapp::ErrorCode::UNEXPECTED_NULL_POINTER:
921         return ErrorCode::UNEXPECTED_NULL_POINTER;
922     case nosapp::ErrorCode::INVALID_KEY_BLOB:
923         return ErrorCode::INVALID_KEY_BLOB;
924     case nosapp::ErrorCode::IMPORTED_KEY_NOT_ENCRYPTED:
925         return ErrorCode::IMPORTED_KEY_NOT_ENCRYPTED;
926     case nosapp::ErrorCode::IMPORTED_KEY_DECRYPTION_FAILED:
927         return ErrorCode::IMPORTED_KEY_DECRYPTION_FAILED;
928     case nosapp::ErrorCode::IMPORTED_KEY_NOT_SIGNED:
929         return ErrorCode::IMPORTED_KEY_NOT_SIGNED;
930     case nosapp::ErrorCode::IMPORTED_KEY_VERIFICATION_FAILED:
931         return ErrorCode::IMPORTED_KEY_VERIFICATION_FAILED;
932     case nosapp::ErrorCode::INVALID_ARGUMENT:
933         return ErrorCode::INVALID_ARGUMENT;
934     case nosapp::ErrorCode::UNSUPPORTED_TAG:
935         return ErrorCode::UNSUPPORTED_TAG;
936     case nosapp::ErrorCode::INVALID_TAG:
937         return ErrorCode::INVALID_TAG;
938     case nosapp::ErrorCode::MEMORY_ALLOCATION_FAILED:
939         return ErrorCode::MEMORY_ALLOCATION_FAILED;
940     case nosapp::ErrorCode::IMPORT_PARAMETER_MISMATCH:
941         return ErrorCode::IMPORT_PARAMETER_MISMATCH;
942     case nosapp::ErrorCode::SECURE_HW_ACCESS_DENIED:
943         return ErrorCode::SECURE_HW_ACCESS_DENIED;
944     case nosapp::ErrorCode::OPERATION_CANCELLED:
945         return ErrorCode::OPERATION_CANCELLED;
946     case nosapp::ErrorCode::CONCURRENT_ACCESS_CONFLICT:
947         return ErrorCode::CONCURRENT_ACCESS_CONFLICT;
948     case nosapp::ErrorCode::SECURE_HW_BUSY:
949         return ErrorCode::SECURE_HW_BUSY;
950     case nosapp::ErrorCode::SECURE_HW_COMMUNICATION_FAILED:
951         return ErrorCode::SECURE_HW_COMMUNICATION_FAILED;
952     case nosapp::ErrorCode::UNSUPPORTED_EC_FIELD:
953         return ErrorCode::UNSUPPORTED_EC_FIELD;
954     case nosapp::ErrorCode::MISSING_NONCE:
955         return ErrorCode::MISSING_NONCE;
956     case nosapp::ErrorCode::INVALID_NONCE:
957         return ErrorCode::INVALID_NONCE;
958     case nosapp::ErrorCode::MISSING_MAC_LENGTH:
959         return ErrorCode::MISSING_MAC_LENGTH;
960     case nosapp::ErrorCode::KEY_RATE_LIMIT_EXCEEDED:
961         return ErrorCode::KEY_RATE_LIMIT_EXCEEDED;
962     case nosapp::ErrorCode::CALLER_NONCE_PROHIBITED:
963         return ErrorCode::CALLER_NONCE_PROHIBITED;
964     case nosapp::ErrorCode::KEY_MAX_OPS_EXCEEDED:
965         return ErrorCode::KEY_MAX_OPS_EXCEEDED;
966     case nosapp::ErrorCode::INVALID_MAC_LENGTH:
967         return ErrorCode::INVALID_MAC_LENGTH;
968     case nosapp::ErrorCode::MISSING_MIN_MAC_LENGTH:
969         return ErrorCode::MISSING_MIN_MAC_LENGTH;
970     case nosapp::ErrorCode::UNSUPPORTED_MIN_MAC_LENGTH:
971         return ErrorCode::UNSUPPORTED_MIN_MAC_LENGTH;
972     case nosapp::ErrorCode::UNSUPPORTED_KDF:
973         return ErrorCode::UNSUPPORTED_KDF;
974     case nosapp::ErrorCode::UNSUPPORTED_EC_CURVE:
975         return ErrorCode::UNSUPPORTED_EC_CURVE;
976     case nosapp::ErrorCode::KEY_REQUIRES_UPGRADE:
977         return ErrorCode::KEY_REQUIRES_UPGRADE;
978     case nosapp::ErrorCode::ATTESTATION_CHALLENGE_MISSING:
979         return ErrorCode::ATTESTATION_CHALLENGE_MISSING;
980     case nosapp::ErrorCode::KEYMASTER_NOT_CONFIGURED:
981         return ErrorCode::KEYMASTER_NOT_CONFIGURED;
982     case nosapp::ErrorCode::ATTESTATION_APPLICATION_ID_MISSING:
983         return ErrorCode::ATTESTATION_APPLICATION_ID_MISSING;
984     case nosapp::ErrorCode::CANNOT_ATTEST_IDS:
985         return ErrorCode::CANNOT_ATTEST_IDS;
986     case nosapp::ErrorCode::UNIMPLEMENTED:
987         return ErrorCode::UNIMPLEMENTED;
988     case nosapp::ErrorCode::VERSION_MISMATCH:
989         return ErrorCode::VERSION_MISMATCH;
990     case nosapp::ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE:
991         return ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE;
992     case nosapp::ErrorCode::HARDWARE_TYPE_UNAVAILABLE:
993         return ErrorCode::HARDWARE_TYPE_UNAVAILABLE;
994     case nosapp::ErrorCode::PROOF_OF_PRESENCE_REQUIRED:
995         return ErrorCode::PROOF_OF_PRESENCE_REQUIRED;
996     case nosapp::ErrorCode::CONCURRENT_PROOF_OF_PRESENCE_REQUESTED:
997         return ErrorCode::CONCURRENT_PROOF_OF_PRESENCE_REQUESTED;
998     case nosapp::ErrorCode::UNKNOWN_ERROR:
999         return ErrorCode::UNKNOWN_ERROR;
1000     case nosapp::ErrorCode::NO_USER_CONFIRMATION:
1001         return ErrorCode::NO_USER_CONFIRMATION;
1002 
1003     /* Private error codes, unused by HAL. */
1004     case nosapp::ErrorCode::INVALID_DEVICE_IDS:
1005     case nosapp::ErrorCode::PRODUCTION_MODE_PROVISIONING:
1006     case nosapp::ErrorCode::ErrorCode_INT_MIN_SENTINEL_DO_NOT_USE_:
1007     case nosapp::ErrorCode::ErrorCode_INT_MAX_SENTINEL_DO_NOT_USE_:
1008     default:
1009         LOG(ERROR) << "Unrecognized error_code: " << error_code;
1010         return ErrorCode::UNKNOWN_ERROR;
1011     }
1012 }
1013 
1014 }  // namespace keymaster
1015 }  // hardware
1016 }  // android
1017