From 8c1156e2864c7ae33cd1f32362d617adbd483dc3 Mon Sep 17 00:00:00 2001 From: Rajesh Nyamagoud Date: Tue, 4 May 2021 09:09:45 -0700 Subject: [PATCH 1/3] Added debug and error logs in hal apis. --- .../4.1/JavacardKeymaster4Device.cpp | 99 ++++++++++++++++--- 1 file changed, 87 insertions(+), 12 deletions(-) diff --git a/HAL/keymaster/4.1/JavacardKeymaster4Device.cpp b/HAL/keymaster/4.1/JavacardKeymaster4Device.cpp index a7298172..f82dee0b 100644 --- a/HAL/keymaster/4.1/JavacardKeymaster4Device.cpp +++ b/HAL/keymaster/4.1/JavacardKeymaster4Device.cpp @@ -232,12 +232,11 @@ static void deleteOprHandleEntry(uint64_t halGeneratedOperationHandle) { /* Clears all the strongbox operation handle entries from operation table */ static void clearStrongboxOprHandleEntries(const std::unique_ptr& oprCtx) { - LOG(WARNING) << "secure element reset occurred. All the below operation handles for private key operations" - << " becomes invalid and the owners of these operations has to restart the operation again."; + LOG(INFO) << "Secure Element reset or applet upgrade detected. Removing existing operation handles"; auto it = operationTable.begin(); while (it != operationTable.end()) { if (it->second.second == SB_KM_OPR) { //Strongbox operation - LOG(WARNING) << "operation handle: " << it->first << " is invalid"; + LOG(INFO) << "operation handle: " << it->first << " is removed"; oprCtx->clearOperationData(it->second.first); it = operationTable.erase(it); } else { @@ -283,8 +282,11 @@ static std::tuple, T> decodeData(CborConverter& cb, const // into a signed value of same magnitude and copy back to errorCode. errorCode = static_cast(get2sCompliment(tempErrCode)); - if (T::OK != errorCode) + if (T::OK != errorCode) { errorCode = translateExtendedErrorsToHalErrors(errorCode); + LOG(ERROR) << "error in decodeData: " << (int32_t) errorCode; + } + LOG(DEBUG) << "decodeData status: " << (int32_t) errorCode; return {std::move(item), errorCode}; } @@ -425,16 +427,23 @@ ErrorCode sendData(Instruction ins, std::vector& inData, std::vector apdu; ret = constructApduMessage(ins, inData, apdu); - if(ret != ErrorCode::OK) return ret; + if(ret != ErrorCode::OK) { + LOG(ERROR) << "error in constructApduMessage cmd: " << (int32_t)ins << " status: " << (int32_t)ret; + return ret; + } if(!getTransportFactoryInstance()->sendData(apdu.data(), apdu.size(), response)) { + LOG(ERROR) << "error in sendData cmd: " << (int32_t)ins << " status: " + << (int32_t)ErrorCode::SECURE_HW_COMMUNICATION_FAILED; return (ErrorCode::SECURE_HW_COMMUNICATION_FAILED); } // Response size should be greater than 2. Cbor output data followed by two bytes of APDU status. if((response.size() <= 2) || (getStatus(response) != APDU_RESP_STATUS_OK)) { + LOG(ERROR) << "error in sendData cmd: " << (int32_t)ins << " status: " << getStatus(response); return (ErrorCode::UNKNOWN_ERROR); } + LOG(DEBUG) << "sendData cmd: " << (int32_t)ins << " status: " << (int32_t)ErrorCode::OK; return (ErrorCode::OK);//success } @@ -503,6 +512,7 @@ Return JavacardKeymaster4Device::getHardwareInfo(getHardwareInfo_cb _hidl_ if(!cborConverter_.getUint64(item, 0, securityLevel) || !cborConverter_.getBinaryArray(item, 1, jcKeymasterName) || !cborConverter_.getBinaryArray(item, 2, jcKeymasterAuthor)) { + LOG(ERROR) << "Failed to convert cbor data of INS_GET_HW_INFO_CMD"; _hidl_cb(static_cast(securityLevel), jcKeymasterName, jcKeymasterAuthor); return Void(); } @@ -512,6 +522,7 @@ Return JavacardKeymaster4Device::getHardwareInfo(getHardwareInfo_cb _hidl_ } else { // It should not come here, but incase if for any reason SB keymaster fails to getHardwareInfo // return proper values from HAL. + LOG(ERROR) << "Failed to fetch getHardwareInfo from javacard"; _hidl_cb(SecurityLevel::STRONGBOX, JAVACARD_KEYMASTER_NAME, JAVACARD_KEYMASTER_AUTHOR); return Void(); } @@ -530,6 +541,7 @@ Return JavacardKeymaster4Device::getHmacSharingParameters(getHmacSharingPa true, oprCtx_); if (item != nullptr) { if(!cborConverter_.getHmacSharingParameters(item, 1, hmacSharingParameters)) { + LOG(ERROR) << "Failed to convert cbor data of INS_GET_HMAC_SHARING_PARAM_CMD"; errorCode = ErrorCode::UNKNOWN_ERROR; } } @@ -541,11 +553,14 @@ Return JavacardKeymaster4Device::getHmacSharingParameters(getHmacSharingPa */ else { auto response = softKm_->GetHmacSharingParameters(); + LOG(DEBUG) << "INS_GET_HMAC_SHARING_PARAM_CMD not succeded with javacard"; + LOG(DEBUG) << "Setting software keymaster hmac sharing parameters"; hmacSharingParameters.seed.setToExternal(const_cast(response.params.seed.data), response.params.seed.data_length); static_assert(sizeof(response.params.nonce) == hmacSharingParameters.nonce.size(), "Nonce sizes don't match"); memcpy(hmacSharingParameters.nonce.data(), response.params.nonce, hmacSharingParameters.nonce.size()); errorCode = legacy_enum_conversion(response.error); + LOG(DEBUG) << "INS_GET_HMAC_SHARING_PARAM_CMD softkm status: " << (int32_t) errorCode; } #endif _hidl_cb(errorCode, hmacSharingParameters); @@ -597,6 +612,7 @@ Return JavacardKeymaster4Device::computeSharedHmac(const hidl_vec bstr; if(!cborConverter_.getBinaryArray(item, 1, bstr)) { + LOG(ERROR) << "INS_COMPUTE_SHARED_HMAC_CMD: failed to convert cbor sharing check value"; errorCode = ErrorCode::UNKNOWN_ERROR; } else { sharingCheck = bstr; @@ -621,9 +637,11 @@ Return JavacardKeymaster4Device::computeSharedHmac(const hidl_vecComputeSharedHmac(request); if (response.error == KM_ERROR_OK) sharingCheck = kmBlob2hidlVec(response.sharing_check); errorCode = legacy_enum_conversion(response.error); + LOG(DEBUG) << "INS_COMPUTE_SHARED_HMAC_CMD softkm status: " << (int32_t) errorCode; } #endif _hidl_cb(errorCode, sharingCheck); @@ -632,6 +650,7 @@ Return JavacardKeymaster4Device::computeSharedHmac(const hidl_vec JavacardKeymaster4Device::verifyAuthorization(uint64_t , const hidl_vec& , const HardwareAuthToken& , verifyAuthorization_cb _hidl_cb) { VerificationToken verificationToken; + LOG(DEBUG) << "Verify authorizations UNIMPLEMENTED"; _hidl_cb(ErrorCode::UNIMPLEMENTED, verificationToken); return Void(); } @@ -690,6 +709,7 @@ Return JavacardKeymaster4Device::generateKey(const hidl_vec& keyCharacteristics.softwareEnforced.setToExternal(nullptr, 0); keyCharacteristics.hardwareEnforced.setToExternal(nullptr, 0); errorCode = ErrorCode::UNKNOWN_ERROR; + LOG(ERROR) << "INS_GENERATE_KEY_CMD: error while converting cbor data: " << (int32_t) errorCode; } } } @@ -707,12 +727,14 @@ Return JavacardKeymaster4Device::importKey(const hidl_vec& k cppbor::Array subArray; if(keyFormat != KeyFormat::PKCS8 && keyFormat != KeyFormat::RAW) { + LOG(DEBUG) << "INS_IMPORT_KEY_CMD unsupported key format " << (int32_t)keyFormat; _hidl_cb(ErrorCode::UNSUPPORTED_KEY_FORMAT, keyBlob, keyCharacteristics); return Void(); } cborConverter_.addKeyparameters(array, keyParams); array.add(static_cast(KeyFormat::RAW)); //javacard accepts only RAW. if(ErrorCode::OK != (errorCode = prepareCborArrayFromKeyData(keyParams, keyFormat, keyData, subArray))) { + LOG(ERROR) << "INS_IMPORT_KEY_CMD Error in while creating cbor data from key data:" << (int32_t) errorCode; _hidl_cb(errorCode, keyBlob, keyCharacteristics); return Void(); } @@ -736,6 +758,7 @@ Return JavacardKeymaster4Device::importKey(const hidl_vec& k keyCharacteristics.softwareEnforced.setToExternal(nullptr, 0); keyCharacteristics.hardwareEnforced.setToExternal(nullptr, 0); errorCode = ErrorCode::UNKNOWN_ERROR; + LOG(ERROR) << "INS_IMPORT_KEY_CMD: error while converting cbor data, status: " << (int32_t) errorCode; } } } @@ -760,6 +783,7 @@ Return JavacardKeymaster4Device::importWrappedKey(const hidl_vec& if(ErrorCode::OK != (errorCode = parseWrappedKey(wrappedKeyData, iv, transitKey, secureKey, tag, authList, keyFormat, wrappedKeyDescription))) { + LOG(ERROR) << "INS_IMPORT_WRAPPED_KEY_CMD error while parsing wrapped key status: " << (int32_t) errorCode; _hidl_cb(errorCode, keyBlob, keyCharacteristics); return Void(); } @@ -791,6 +815,7 @@ Return JavacardKeymaster4Device::importWrappedKey(const hidl_vec& keyCharacteristics.softwareEnforced.setToExternal(nullptr, 0); keyCharacteristics.hardwareEnforced.setToExternal(nullptr, 0); errorCode = ErrorCode::UNKNOWN_ERROR; + LOG(ERROR) << "INS_IMPORT_WRAPPED_KEY_CMD: error while converting cbor data, status: " << (int32_t) errorCode; } } } @@ -820,6 +845,7 @@ Return JavacardKeymaster4Device::getKeyCharacteristics(const hidl_vec JavacardKeymaster4Device::exportKey(KeyFormat exportFormat, const h }); if(errorCode != ErrorCode::OK) { + LOG(ERROR) << "Error in exportKey: " << (int32_t) errorCode; _hidl_cb(errorCode, resultKeyBlob); return Void(); } @@ -852,11 +879,14 @@ Return JavacardKeymaster4Device::exportKey(KeyFormat exportFormat, const h if(response.error == KM_ERROR_INCOMPATIBLE_ALGORITHM) { //Symmetric Keys cannot be exported. response.error = KM_ERROR_UNSUPPORTED_KEY_FORMAT; + LOG(ERROR) << "error in exportKey: unsupported algorithm or key format"; } if (response.error == KM_ERROR_OK) { resultKeyBlob.setToExternal(response.key_data, response.key_data_length); } - _hidl_cb(legacy_enum_conversion(response.error), resultKeyBlob); + errorCode = legacy_enum_conversion(response.error); + LOG(DEBUG) << "exportKey status: " << (int32_t) errorCode; + _hidl_cb(errorCode, resultKeyBlob); return Void(); } @@ -884,6 +914,7 @@ Return JavacardKeymaster4Device::attestKey(const hidl_vec& keyToA if (item != nullptr) { if(!cborConverter_.getMultiBinaryArray(item, 1, temp)) { errorCode = ErrorCode::UNKNOWN_ERROR; + LOG(ERROR) << "INS_ATTEST_KEY_CMD: error in converting cbor data, status: " << (int32_t) errorCode; } else { cborData.clear(); cborOutData.clear(); @@ -897,12 +928,15 @@ Return JavacardKeymaster4Device::attestKey(const hidl_vec& keyToA std::vector chain; if(!cborConverter_.getBinaryArray(item, 1, chain)) { errorCode = ErrorCode::UNKNOWN_ERROR; + LOG(ERROR) << "attestkey INS_GET_CERT_CHAIN_CMD: errorn in converting cbor data, status: " << (int32_t) errorCode; } else { if(ErrorCode::OK == (errorCode = getCertificateChain(chain, temp))) { certChain.resize(temp.size()); for(int i = 0; i < temp.size(); i++) { certChain[i] = temp[i]; } + } else { + LOG(ERROR) << "Error in attestkey getCertificateChain: " << (int32_t) errorCode; } } } @@ -932,8 +966,10 @@ Return JavacardKeymaster4Device::upgradeKey(const hidl_vec& keyBl std::tie(item, errorCode) = decodeData(cborConverter_, std::vector(cborOutData.begin(), cborOutData.end()-2), true, oprCtx_); if (item != nullptr) { - if(!cborConverter_.getBinaryArray(item, 1, upgradedKeyBlob)) + if(!cborConverter_.getBinaryArray(item, 1, upgradedKeyBlob)) { errorCode = ErrorCode::UNKNOWN_ERROR; + LOG(ERROR) << "INS_UPGRADE_KEY_CMD: error in converting cbor data, status: " << (int32_t) errorCode; + } } } _hidl_cb(errorCode, upgradedKeyBlob); @@ -998,12 +1034,14 @@ Return JavacardKeymaster4Device::begin(KeyPurpose purpose, const hidl_vec< uint64_t generatedOpHandle = 0; if(keyBlob.size() == 0) { + LOG(ERROR) << "Error in INS_BEGIN_OPERATION_CMD, keyblob size is 0"; _hidl_cb(ErrorCode::INVALID_ARGUMENT, resultParams, operationHandle); return Void(); } /* Asymmetric public key operations like RSA Verify, RSA Encrypt, ECDSA verify * are handled by softkeymaster. */ + LOG(DEBUG) << "INS_BEGIN_OPERATION_CMD purpose: " << (int32_t)purpose; if (KeyPurpose::ENCRYPT == purpose || KeyPurpose::VERIFY == purpose) { BeginOperationRequest request; request.purpose = legacy_enum_conversion(purpose); @@ -1013,6 +1051,10 @@ Return JavacardKeymaster4Device::begin(KeyPurpose purpose, const hidl_vec< BeginOperationResponse response; /* For Symmetric key operation, the BeginOperation returns KM_ERROR_INCOMPATIBLE_ALGORITHM error. */ softKm_->BeginOperation(request, &response); + errorCode = legacy_enum_conversion(response.error); + LOG(DEBUG) << "INS_BEGIN_OPERATION_CMD softkm BeginOperation status: " << (int32_t) errorCode; + if (errorCode != ErrorCode::OK) + LOG(ERROR) << "INS_BEGIN_OPERATION_CMD error in softkm BeginOperation status: " << (int32_t) errorCode; if (response.error == KM_ERROR_OK) { resultParams = kmParamSet2Hidl(response.output_params); @@ -1023,8 +1065,11 @@ Return JavacardKeymaster4Device::begin(KeyPurpose purpose, const hidl_vec< * key - new operation handle * value - hal generated operation handle. */ - if (errorCode == ErrorCode::OK) + if (errorCode == ErrorCode::OK) { errorCode = createOprHandleEntry(response.op_handle, SW_KM_OPR, generatedOpHandle); + if (errorCode != ErrorCode::OK) + LOG(ERROR) << "INS_BEGIN_OPERATION_CMD error while creating new operation handle: " << (int32_t) errorCode; + } _hidl_cb(errorCode, resultParams, generatedOpHandle); return Void(); } @@ -1061,6 +1106,7 @@ Return JavacardKeymaster4Device::begin(KeyPurpose purpose, const hidl_vec< errorCode = error; keyCharacteristics = keyChars; }); + LOG(DEBUG) << "INS_BEGIN_OPERATION_CMD getKeyCharacteristics status: " << (int32_t) errorCode; if(errorCode == ErrorCode::OK) { errorCode = ErrorCode::UNKNOWN_ERROR; @@ -1076,13 +1122,18 @@ Return JavacardKeymaster4Device::begin(KeyPurpose purpose, const hidl_vec< errorCode = ErrorCode::UNKNOWN_ERROR; outParams.setToExternal(nullptr, 0); operationHandle = 0; + LOG(ERROR) << "INS_BEGIN_OPERATION_CMD: error in converting cbor data, status: " << (int32_t) errorCode; } else { /* Store the operationInfo */ oprCtx_->setOperationInfo(operationHandle, purpose, param.f.algorithm, inParams); } } } + } else { + LOG(ERROR) << "INS_BEGIN_OPERATION_CMD couldn't find tag: " << (int32_t)Tag::ALGORITHM; } + } else { + LOG(ERROR) << "INS_BEGIN_OPERATION_CMD error in getKeyCharacteristics status: " << (int32_t) errorCode; } /* Create a new operation handle and add a entry inside the operation table map with * key - new operation handle @@ -1090,6 +1141,7 @@ Return JavacardKeymaster4Device::begin(KeyPurpose purpose, const hidl_vec< */ if (ErrorCode::OK == errorCode) errorCode = createOprHandleEntry(operationHandle, SB_KM_OPR, generatedOpHandle); + _hidl_cb(errorCode, outParams, generatedOpHandle); return Void(); } @@ -1103,14 +1155,14 @@ Return JavacardKeymaster4Device::update(uint64_t halGeneratedOprHandle, co UpdateOperationResponse response; if (ErrorCode::OK != (errorCode = getOrigOperationHandle(halGeneratedOprHandle, operationHandle))) { LOG(ERROR) << " Operation handle is invalid. This could happen if invalid operation handle is passed or if" - << " secure element reset occurred. In case if secure element reset occured owner" - << "has to restart this operation again."; + << " secure element reset occurred."; _hidl_cb(errorCode, inputConsumed, outParams, output); return Void(); } if (!isStrongboxOperation(halGeneratedOprHandle)) { /* SW keymaster (Public key operation) */ + LOG(DEBUG) << "INS_UPDATE_OPERATION_CMD - swkm operation "; UpdateOperationRequest request; request.op_handle = operationHandle; request.input.Reinitialize(input.data(), input.size()); @@ -1118,10 +1170,15 @@ Return JavacardKeymaster4Device::update(uint64_t halGeneratedOprHandle, co softKm_->UpdateOperation(request, &response); errorCode = legacy_enum_conversion(response.error); + LOG(DEBUG) << "INS_UPDATE_OPERATION_CMD - swkm update operation status: " + << (int32_t) errorCode; if (response.error == KM_ERROR_OK) { inputConsumed = response.input_consumed; outParams = kmParamSet2Hidl(response.output_params); output = kmBuffer2hidlVec(response.output); + } else { + LOG(ERROR) << "INS_UPDATE_OPERATION_CMD - error swkm update operation status: " + << (int32_t) errorCode; } } else { /* Strongbox Keymaster operation */ @@ -1141,10 +1198,13 @@ Return JavacardKeymaster4Device::update(uint64_t halGeneratedOprHandle, co //ASSOCIATED_DATA present in KeyParameters. Then we need to make a call to javacard Applet. if(data.size() == 0 && !findTag(inParams, Tag::ASSOCIATED_DATA)) { //Return OK, since this is not error case. + LOG(DEBUG) << "sendDataCallback: data size is zero"; return ErrorCode::OK; } if(ErrorCode::OK != (errorCode = encodeParametersVerified(verificationToken, asn1ParamsVerified))) { + LOG(ERROR) << "sendDataCallback: error in encodeParametersVerified status: " + << (int32_t) errorCode; return errorCode; } @@ -1174,6 +1234,7 @@ Return JavacardKeymaster4Device::update(uint64_t halGeneratedOprHandle, co outParams.setToExternal(nullptr, 0); tempOut.clear(); errorCode = ErrorCode::UNKNOWN_ERROR; + LOG(ERROR) << "sendDataCallback: INS_UPDATE_OPERATION_CMD: error while converting cbor data, status: " << (int32_t) errorCode; } } } @@ -1185,12 +1246,15 @@ Return JavacardKeymaster4Device::update(uint64_t halGeneratedOprHandle, co inputConsumed = input.size(); output = tempOut; } + LOG(DEBUG) << "Update operation status: " << (int32_t) errorCode; if(ErrorCode::OK != errorCode) { + LOG(ERROR) << "Error in update operation, status: " << (int32_t) errorCode; abort(halGeneratedOprHandle); } } if(ErrorCode::OK != errorCode) { /* Delete the entry from operation table. */ + LOG(ERROR) << "Delete entry from operation table, status: " << (int32_t) errorCode; deleteOprHandleEntry(halGeneratedOprHandle); } @@ -1207,14 +1271,14 @@ Return JavacardKeymaster4Device::finish(uint64_t halGeneratedOprHandle, co if (ErrorCode::OK != (errorCode = getOrigOperationHandle(halGeneratedOprHandle, operationHandle))) { LOG(ERROR) << " Operation handle is invalid. This could happen if invalid operation handle is passed or if" - << " secure element reset occurred. In case if secure element reset occured owner" - << "has to restart this operation again."; + << " secure element reset occurred."; _hidl_cb(errorCode, outParams, output); return Void(); } if (!isStrongboxOperation(halGeneratedOprHandle)) { /* SW keymaster (Public key operation) */ + LOG(DEBUG) << "FINISH - swkm operation "; FinishOperationRequest request; request.op_handle = operationHandle; request.input.Reinitialize(input.data(), input.size()); @@ -1224,10 +1288,13 @@ Return JavacardKeymaster4Device::finish(uint64_t halGeneratedOprHandle, co softKm_->FinishOperation(request, &response); errorCode = legacy_enum_conversion(response.error); + LOG(DEBUG) << "FINISH - swkm operation, status: " << (int32_t) errorCode; if (response.error == KM_ERROR_OK) { outParams = kmParamSet2Hidl(response.output_params); output = kmBuffer2hidlVec(response.output); + } else { + LOG(ERROR) << "Error in finish operation, status: " << (int32_t) errorCode; } } else { /* Strongbox Keymaster operation */ @@ -1249,6 +1316,7 @@ Return JavacardKeymaster4Device::finish(uint64_t halGeneratedOprHandle, co std::vector asn1ParamsVerified; if(ErrorCode::OK != (errorCode = encodeParametersVerified(verificationToken, asn1ParamsVerified))) { + LOG(ERROR) << "sendDataCallback: Error in encodeParametersVerified, status: " << (int32_t) errorCode; return errorCode; } @@ -1260,6 +1328,7 @@ Return JavacardKeymaster4Device::finish(uint64_t halGeneratedOprHandle, co array.add(operationHandle); if(finish) { std::vector finishParams; + LOG(DEBUG) << "sendDataCallback: finish operation"; if(aadTag) { for(int i = 0; i < inParams.size(); i++) { if(inParams[i].tag != Tag::ASSOCIATED_DATA) @@ -1275,6 +1344,7 @@ Return JavacardKeymaster4Device::finish(uint64_t halGeneratedOprHandle, co keyParamPos = 1; outputPos = 2; } else { + LOG(DEBUG) << "sendDataCallback: update operation"; if(findTag(inParams, Tag::ASSOCIATED_DATA)) { aadTag = true; } @@ -1304,6 +1374,7 @@ Return JavacardKeymaster4Device::finish(uint64_t halGeneratedOprHandle, co outParams.setToExternal(nullptr, 0); tempOut.clear(); errorCode = ErrorCode::UNKNOWN_ERROR; + LOG(ERROR) << "sendDataCallback: error while converting cbor data in operation: " << (int32_t)ins << " decodeData, status: " << (int32_t) errorCode; } } } @@ -1314,12 +1385,14 @@ Return JavacardKeymaster4Device::finish(uint64_t halGeneratedOprHandle, co output = tempOut; } if (ErrorCode::OK != errorCode) { + LOG(ERROR) << "Error in finish operation, status: " << (int32_t) errorCode; abort(halGeneratedOprHandle); } } /* Delete the entry from operation table. */ deleteOprHandleEntry(halGeneratedOprHandle); oprCtx_->clearOperationData(operationHandle); + LOG(DEBUG) << "finish operation, status: " << (int32_t) errorCode; _hidl_cb(errorCode, outParams, output); return Void(); } @@ -1339,6 +1412,7 @@ Return JavacardKeymaster4Device::abort(uint64_t halGeneratedOprHandle softKm_->AbortOperation(request, &response); errorCode = legacy_enum_conversion(response.error); + LOG(DEBUG) << "swkm abort operation, status: " << (int32_t) errorCode; if (response.error == KM_ERROR_INVALID_OPERATION_HANDLE) { cppbor::Array array; std::unique_ptr item; @@ -1372,6 +1446,7 @@ Return<::android::hardware::keymaster::V4_1::ErrorCode> JavacardKeymaster4Device ErrorCode ret = ErrorCode::UNKNOWN_ERROR; if(ErrorCode::OK != (ret = encodeParametersVerified(verificationToken, asn1ParamsVerified))) { + LOG(DEBUG) << "INS_DEVICE_LOCKED_CMD: Error in encodeParametersVerified, status: " << (int32_t) errorCode; return errorCode; } From 8cef2bf4c0b47acebda0d288aac9f58ffd7e4dd5 Mon Sep 17 00:00:00 2001 From: Rajesh Nyamagoud Date: Tue, 4 May 2021 09:09:45 -0700 Subject: [PATCH 2/3] Added debug and error logs in hal apis. --- HAL/keymaster/4.1/JavacardKeymaster4Device.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/HAL/keymaster/4.1/JavacardKeymaster4Device.cpp b/HAL/keymaster/4.1/JavacardKeymaster4Device.cpp index f82dee0b..84894570 100644 --- a/HAL/keymaster/4.1/JavacardKeymaster4Device.cpp +++ b/HAL/keymaster/4.1/JavacardKeymaster4Device.cpp @@ -283,8 +283,8 @@ static std::tuple, T> decodeData(CborConverter& cb, const errorCode = static_cast(get2sCompliment(tempErrCode)); if (T::OK != errorCode) { - errorCode = translateExtendedErrorsToHalErrors(errorCode); LOG(ERROR) << "error in decodeData: " << (int32_t) errorCode; + errorCode = translateExtendedErrorsToHalErrors(errorCode); } LOG(DEBUG) << "decodeData status: " << (int32_t) errorCode; return {std::move(item), errorCode}; From 6d8edc6278023c8e60508e473976eba72ef743fd Mon Sep 17 00:00:00 2001 From: Rajesh Nyamagoud Date: Tue, 4 May 2021 09:09:45 -0700 Subject: [PATCH 3/3] Added debug and error logs in hal apis. --- HAL/keymaster/4.1/JavacardKeymaster4Device.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/HAL/keymaster/4.1/JavacardKeymaster4Device.cpp b/HAL/keymaster/4.1/JavacardKeymaster4Device.cpp index 84894570..67f8f527 100644 --- a/HAL/keymaster/4.1/JavacardKeymaster4Device.cpp +++ b/HAL/keymaster/4.1/JavacardKeymaster4Device.cpp @@ -727,7 +727,7 @@ Return JavacardKeymaster4Device::importKey(const hidl_vec& k cppbor::Array subArray; if(keyFormat != KeyFormat::PKCS8 && keyFormat != KeyFormat::RAW) { - LOG(DEBUG) << "INS_IMPORT_KEY_CMD unsupported key format " << (int32_t)keyFormat; + LOG(ERROR) << "INS_IMPORT_KEY_CMD unsupported key format " << (int32_t)keyFormat; _hidl_cb(ErrorCode::UNSUPPORTED_KEY_FORMAT, keyBlob, keyCharacteristics); return Void(); } @@ -1130,7 +1130,7 @@ Return JavacardKeymaster4Device::begin(KeyPurpose purpose, const hidl_vec< } } } else { - LOG(ERROR) << "INS_BEGIN_OPERATION_CMD couldn't find tag: " << (int32_t)Tag::ALGORITHM; + LOG(ERROR) << "INS_BEGIN_OPERATION_CMD couldn't find algorithm tag: " << (int32_t)Tag::ALGORITHM; } } else { LOG(ERROR) << "INS_BEGIN_OPERATION_CMD error in getKeyCharacteristics status: " << (int32_t) errorCode;