You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
132 lines
3.7 KiB
132 lines
3.7 KiB
/*
|
|
* Copyright (c) 2019, The Android Open Source Project
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
#define LOG_TAG "credstore"
|
|
|
|
#include <fcntl.h>
|
|
#include <stdlib.h>
|
|
#include <sys/stat.h>
|
|
#include <sys/types.h>
|
|
#include <unistd.h>
|
|
|
|
#include <android-base/logging.h>
|
|
#include <android-base/stringprintf.h>
|
|
|
|
#include <android/security/identity/ICredentialStore.h>
|
|
|
|
#include "Util.h"
|
|
|
|
namespace android {
|
|
namespace security {
|
|
namespace identity {
|
|
|
|
using ::android::base::StringPrintf;
|
|
|
|
Status halStatusToError(const Status& halStatus, int credStoreError) {
|
|
string message = StringPrintf(
|
|
"HAL failed with exception code %d (%s), service-specific error code %d, message '%s'",
|
|
halStatus.exceptionCode(), Status::exceptionToString(halStatus.exceptionCode()).c_str(),
|
|
halStatus.serviceSpecificErrorCode(), halStatus.exceptionMessage().c_str());
|
|
return Status::fromServiceSpecificError(credStoreError, message.c_str());
|
|
}
|
|
|
|
Status halStatusToGenericError(const Status& halStatus) {
|
|
return halStatusToError(halStatus, ICredentialStore::ERROR_GENERIC);
|
|
}
|
|
|
|
optional<vector<uint8_t>> fileGetContents(const string& path) {
|
|
int fd = open(path.c_str(), O_RDONLY);
|
|
if (fd == -1) {
|
|
PLOG(ERROR) << "Error opening " << path;
|
|
return {};
|
|
}
|
|
|
|
struct stat statbuf;
|
|
if (fstat(fd, &statbuf) != 0) {
|
|
PLOG(ERROR) << "Error statting " << path;
|
|
close(fd);
|
|
return {};
|
|
}
|
|
vector<uint8_t> data;
|
|
data.resize(statbuf.st_size);
|
|
|
|
uint8_t* p = data.data();
|
|
size_t remaining = data.size();
|
|
while (remaining > 0) {
|
|
ssize_t numRead = TEMP_FAILURE_RETRY(read(fd, p, remaining));
|
|
if (numRead <= 0) {
|
|
PLOG(ERROR) << "Failed reading from '" << path << "'";
|
|
close(fd);
|
|
return {};
|
|
}
|
|
p += numRead;
|
|
remaining -= numRead;
|
|
}
|
|
close(fd);
|
|
|
|
return data;
|
|
}
|
|
|
|
bool fileSetContents(const string& path, const vector<uint8_t>& data) {
|
|
char tempName[4096];
|
|
int fd;
|
|
|
|
string tempNameStr = path + ".XXXXXX";
|
|
if (tempNameStr.size() >= sizeof tempName - 1) {
|
|
LOG(ERROR) << "Path name too long";
|
|
return false;
|
|
}
|
|
strncpy(tempName, tempNameStr.c_str(), sizeof tempName);
|
|
|
|
fd = mkstemp(tempName);
|
|
if (fd == -1) {
|
|
PLOG(ERROR) << "Error creating temp file for '" << path << "'";
|
|
return false;
|
|
}
|
|
|
|
const uint8_t* p = data.data();
|
|
size_t remaining = data.size();
|
|
while (remaining > 0) {
|
|
ssize_t numWritten = TEMP_FAILURE_RETRY(write(fd, p, remaining));
|
|
if (numWritten <= 0) {
|
|
PLOG(ERROR) << "Failed writing into temp file for '" << path << "'";
|
|
close(fd);
|
|
return false;
|
|
}
|
|
p += numWritten;
|
|
remaining -= numWritten;
|
|
}
|
|
|
|
if (TEMP_FAILURE_RETRY(fsync(fd))) {
|
|
PLOG(ERROR) << "Failed fsyncing temp file for '" << path << "'";
|
|
close(fd);
|
|
return false;
|
|
}
|
|
close(fd);
|
|
|
|
if (rename(tempName, path.c_str()) != 0) {
|
|
PLOG(ERROR) << "Error renaming temp file for '" << path << "'";
|
|
close(fd);
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
} // namespace identity
|
|
} // namespace security
|
|
} // namespace android
|