Android R:FingerprintBoundKeysTest log

流程:

0275 09-26 15:45:29.341  3393  3393 D FingerprintBoundKeysTest: 1. startTest --> createKey
0279 09-26 15:45:29.344  3393  3393 D FingerprintBoundKeysTest: createKey ==> getInstance
0288 09-26 15:45:29.348  3393  3393 D FingerprintBoundKeysTest: createKey ==> init
0290 09-26 15:45:29.353  3393  3393 D FingerprintBoundKeysTest: createKey ==> generateKey

KM_GENERATE_KEY

request:

  1. indirect data size:0
  2. indirect data:if available
  3. element count:0x09
  4. element size:0x50
  5. element:tag + value

9个element:

  1. key size
  2. algorithm
  3. purpose
  4. purpose
  5. block mode
  6. padding
  7. user secure id
  8. user auth type
  9. creation datetime
bpkm: bp_keymaster_send 309 command: 0 = KM_GENERATE_KEY
bpkm: dump_data data_len = 92, count = 6
bpkm: [000] 00 00 00 00 09 00 00 00 50 00 00 00 03 00 00 30 //indirect_data_size=0(4字节), elem count=0x09(4字节), elem size=0x50=80(4字节), tag:KM_TAG_KEY_SIZE(4字节)
bpkm: [001] 80 00 00 00 02 00 00 10 20 00 00 00 01 00 00 20 //value:0x80(4字节); tag:KM_TAG_ALGORITHM(4字节); value:0x20(4字节), KM_ALGORITHM_AES; tag:KM_TAG_PURPOSE(4字节)
bpkm: [002] 00 00 00 00 01 00 00 20 01 00 00 00 04 00 00 20 //value:0x0(4字节),为KM_PURPOSE_ENCRYPT; tag:KM_TAG_PURPOSE(4字节); value: KM_PURPOSE_DECRYPT; tag:KM_TAG_BLOCK_MODE(4字节)
bpkm: [003] 02 00 00 00 06 00 00 20 40 00 00 00 f6 01 00 a0 //value:0x02, KM_MODE_CBC; tag:0x20000006, KM_TAG_PADDING; value: 0x40, KM_PAD_PKCS7; tag: KM_TAG_USER_SECURE_ID(0xa00001f6)
bpkm: [004] 35 ae 46 dd 49 d7 85 d9 f8 01 00 10 02 00 00 00 //value:8字节; tag:0x100001f8,KM_TAG_USER_AUTH_TYPE; value: 0x02,HW_AUTH_FINGERPRINT;
bpkm: [005] bd 02 00 60 18 66 35 98 8a 01 00 00 //tag: KM_TAG_CREATION_DATETIME, value:8字节
bpkm: cmd:0 Received 467 byte response
bpkm: response size = 467
bpkm: dump_data data_len = 467, count = 30
bpkm: [000] 00 00 00 00 4b 01 00 00 01 00 00 00 10 0b e0 ad //4字节error code;4字节keyblob size,0x014b=331
bpkm: [001] ec 1c aa 1b 04 03 f5 fd 57 3c 8f 32 58 f1 7d b1
bpkm: [002] 92 e3 05 2e 40 39 fa 61 c5 1d 98 72 9e 9c bb 21
bpkm: [003] f1 61 77 66 c0 b1 fb e2 1d d2 8a 71 86 1d 9c e5
bpkm: [004] e7 12 4d 77 e8 53 c3 a6 18 40 82 dc 7e 3c 75 4b
bpkm: [005] cd 0c 35 8d a9 21 04 03 51 ad 45 4c 11 47 f8 2c
bpkm: [006] f6 27 eb 4f 6b ba 86 1e fb ea a5 26 4e 99 d0 8a
bpkm: [007] 84 a3 4d 76 f2 38 71 10 d6 94 59 e0 38 38 bb d1
bpkm: [008] 0e a4 d8 dc 18 53 02 a9 5a 4d 13 6d a0 b8 e8 78
bpkm: [009] f0 d4 82 0c 29 01 05 2e e2 35 d7 3d 2e ef 39 4f
bpkm: [00a] c4 70 24 01 39 13 75 23 b9 87 06 a6 d4 6a 89 8e
bpkm: [00b] 4c 40 46 9d 40 6d be c3 98 82 ab 74 81 8b 3b b7
bpkm: [00c] a3 57 d7 a7 17 69 f0 ba 19 32 49 42 20 53 12 1b
bpkm: [00d] ed cc 5b 24 69 e3 2a ae 4b 68 86 5d e8 1c 4c 11
bpkm: [00e] b8 f0 1b 8b 2b 1c 44 62 29 1b 7c f1 79 66 67 48
bpkm: [00f] 4b de c4 4e a9 ad 86 9f a9 59 0b 63 5a 16 92 de
bpkm: [010] d8 84 95 60 1a f9 16 2e d9 d1 97 85 82 bb 71 d6
bpkm: [011] 84 d4 d8 33 7e 69 2f cc 6e 5f 64 88 64 a6 bb 9e
bpkm: [012] 5d f0 52 ba 00 e5 e9 bf c9 11 69 88 e0 d5 f7 65
bpkm: [013] 42 9d 2f fc 7c 52 b6 b1 62 e2 35 62 3e c6 13 bd
bpkm: [014] 45 f7 d9 22 fc 6c 02 b1 bf 41 9e 46 64 f9 37 88
bpkm: [015] 5c b2 3e 00 00 00 00 0b 00 00 00 5c 00 00 00 03 //hw_enforced数据:indirect_data_size=0; element count=0x0b, element size=0x5c
bpkm: [016] 00 00 30 80 00 00 00 02 00 00 10 20 00 00 00 01 //tag: KM_TAG_KEY_SIZE; tag: KM_TAG_ALGORITHM
bpkm: [017] 00 00 20 00 00 00 00 01 00 00 20 01 00 00 00 04 //tag: KM_TAG_PURPOSE; tag: KM_TAG_PURPOSE; 
bpkm: [018] 00 00 20 02 00 00 00 06 00 00 20 40 00 00 00 f6 //tag: KM_TAG_BLOCK_MODE; tag: KM_TAG_PADDING
bpkm: [019] 01 00 a0 35 ae 46 dd 49 d7 85 d9 f8 01 00 10 02 //tag: KM_TAG_USER_SECURE_ID; tag: KM_TAG_USER_AUTH_TYPE
bpkm: [01a] 00 00 00 be 02 00 10 00 00 00 00 c1 02 00 30 b0 //tag: KM_TAG_ORIGIN; tag: KM_TAG_OS_VERSION 
bpkm: [01b] ad 01 00 c2 02 00 30 45 16 03 00 00 00 00 00 01 //tag: KM_TAG_OS_PATCHLEVEL; sw_enforced数据:indirect_data_size=0; element count=1;
bpkm: [01c] 00 00 00 0c 00 00 00 bd 02 00 60 18 66 35 98 8a //element size=0xc=12, tag:KM_TAG_CREATION_DATETIME, value占8字节
bpkm: [01d] 01 00 00

response:

hw_enforced数据:

  1. key size
  2. algorithm
  3. purpose
  4. purpose
  5. block mode
  6. padding
  7. user secure id
  8. user auth type
  9. origin
  10. os version
  11. os patch level

sw_enforced数据:

  1. creation datetime

流程继续:

0372 09-26 15:45:29.396  3393  3393 I FingerprintBoundKeysTest: createKey: [1]: done
0373 09-26 15:45:29.396  3393  3393 D FingerprintBoundKeysTest: 2. startTest --> prepareEncrypt
0374 09-26 15:45:29.396  3393  3393 D FingerprintBoundKeysTest: 1. encryptInternal ==> getInstance
0375 09-26 15:45:29.396  3393  3393 D FingerprintBoundKeysTest: 2. encryptInternal ==> load
0376 09-26 15:45:29.398  3393  3393 D FingerprintBoundKeysTest: 3. encryptInternal ==> getKey
0380 09-26 15:45:29.404  3393  3393 I FingerprintBoundKeysTest: encryptInternal: [1]: key retrieved
0381 09-26 15:45:29.404  3393  3393 D FingerprintBoundKeysTest: 4. encryptInternal ==> Cipher getInstance
0382 09-26 15:45:29.406  3393  3393 D FingerprintBoundKeysTest: 5. encryptInternal ==> init

KM_BEGIN_OPERATION:

request:

  1. purpose:4字节
  2. keyblob: keysize(4字节) + data
  3. indirect data size:4字节
  4. indirect data(根据size大小,如果为0,则没有此项)
  5. element count:4字节
  6. element size:4字节
  7. element集合:tag(4字节) + value(根据tag类别,长度有所不同,大部分是4字节)
bpkm: bp_keymaster_send 309 command: 4 = KM_BEGIN_OPERATION
bpkm: dump_data data_len = 456, count = 29
bpkm: [000] 00 00 00 00 4b 01 00 00 01 00 00 00 10 0b e0 ad //purpose:0,表encrypt;keyblob size=0x014b=331,是generateKey返回的keyblob
bpkm: [001] ec 1c aa 1b 04 03 f5 fd 57 3c 8f 32 58 f1 7d b1
bpkm: [002] 92 e3 05 2e 40 39 fa 61 c5 1d 98 72 9e 9c bb 21
bpkm: [003] f1 61 77 66 c0 b1 fb e2 1d d2 8a 71 86 1d 9c e5
bpkm: [004] e7 12 4d 77 e8 53 c3 a6 18 40 82 dc 7e 3c 75 4b
bpkm: [005] cd 0c 35 8d a9 21 04 03 51 ad 45 4c 11 47 f8 2c
bpkm: [006] f6 27 eb 4f 6b ba 86 1e fb ea a5 26 4e 99 d0 8a
bpkm: [007] 84 a3 4d 76 f2 38 71 10 d6 94 59 e0 38 38 bb d1
bpkm: [008] 0e a4 d8 dc 18 53 02 a9 5a 4d 13 6d a0 b8 e8 78
bpkm: [009] f0 d4 82 0c 29 01 05 2e e2 35 d7 3d 2e ef 39 4f
bpkm: [00a] c4 70 24 01 39 13 75 23 b9 87 06 a6 d4 6a 89 8e
bpkm: [00b] 4c 40 46 9d 40 6d be c3 98 82 ab 74 81 8b 3b b7
bpkm: [00c] a3 57 d7 a7 17 69 f0 ba 19 32 49 42 20 53 12 1b
bpkm: [00d] ed cc 5b 24 69 e3 2a ae 4b 68 86 5d e8 1c 4c 11
bpkm: [00e] b8 f0 1b 8b 2b 1c 44 62 29 1b 7c f1 79 66 67 48
bpkm: [00f] 4b de c4 4e a9 ad 86 9f a9 59 0b 63 5a 16 92 de
bpkm: [010] d8 84 95 60 1a f9 16 2e d9 d1 97 85 82 bb 71 d6
bpkm: [011] 84 d4 d8 33 7e 69 2f cc 6e 5f 64 88 64 a6 bb 9e
bpkm: [012] 5d f0 52 ba 00 e5 e9 bf c9 11 69 88 e0 d5 f7 65
bpkm: [013] 42 9d 2f fc 7c 52 b6 b1 62 e2 35 62 3e c6 13 bd
bpkm: [014] 45 f7 d9 22 fc 6c 02 b1 bf 41 9e 46 64 f9 37 88
bpkm: [015] 5c b2 3e 45 00 00 00 00 00 00 00 00 00 00 00 00 //indirect_data_size=0x45=69,这个是auth token
bpkm: [016] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
bpkm: [017] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
bpkm: [018] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
bpkm: [019] 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 //element count=0x04;
bpkm: [01a] 24 00 00 00 02 00 00 10 20 00 00 00 04 00 00 20 //element size=0x24=36, tag:0x10000002,表algorithm;tag:0x20000004,表block mode
bpkm: [01b] 02 00 00 00 06 00 00 20 40 00 00 00 ea 03 00 90 //tag:0x20000006,表padding;tag:0x900003ea,表KM_TAG_AUTH_TOKEN
bpkm: [01c] 45 00 00 00 00 00 00 00
bpkm: cmd:4 Received 52 byte response
bpkm: response size = 52
bpkm: dump_data data_len = 52, count = 4
bpkm: [000] 00 00 00 00 f9 90 fa e7 ad 38 58 05 10 00 00 00 //error code:4字节; op handle:8字节; indirect data size:4字节,0x10
bpkm: [001] ae a2 05 44 bf 11 79 3f b4 94 12 9c 63 79 3c 9e
bpkm: [002] 01 00 00 00 0c 00 00 00 e9 03 00 90 10 00 00 00 //element count:1; element size: 0x0c, tag:0x900003e9,表KM_TAG_NONCE
bpkm: [003] 00 00 00 00

response:

  1. error code:4字节
  2. op handle:8字节
  3. indirect data size:4字节
  4. indirect data
  5. element count:4字节
  6. element size:4字节
  7. element集合:tag + value

流程继续:

0499 09-26 15:45:29.437  3393  3393 I FingerprintBoundKeysTest: encryptInternal: [2]: cipher initialized
0500 09-26 15:45:29.438  3393  3393 D FingerprintBoundKeysTest: 6. encryptInternal ==> doFinal
0524 09-26 15:45:29.440   600   600 D key_store_service: update
0527 09-26 15:45:29.441   600  3449 E keymaster_worker: getAuthToken failed: -5
0528 09-26 15:45:29.441   600  3449 D key_store_service: update callback
0529 09-26 15:45:29.441   600  3449 D key_store_service: update callback result not ok
0530 09-26 15:45:29.441   316   316 I bpkm: Enter bpkm AbortOperation
0531 09-26 15:45:29.442   316   316 D bpkm: bp_keymaster_send 309 command: 16 = KM_ABORT_OPERATION
0532 09-26 15:45:29.442   316   316 D bpkm: dump_data data_len = 8, count = 1
0533 09-26 15:45:29.442   316   316 D bpkm: [000] 2c bf 10 26 f0 b6 d0 55
0534 09-26 15:45:29.442   316   316 I bpkm: cmd:10 Received 4 byte response
0535 09-26 15:45:29.443   316   316 D bpkm: response size = 4
0536 09-26 15:45:29.443   316   316 D bpkm: dump_data data_len = 4, count = 1
0537 09-26 15:45:29.443   316   316 D bpkm: [000] 00 00 00 00
0539 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest: encryptInternal: [4]: Encryption failed
0540 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest: javax.crypto.IllegalBlockSizeException
0541 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:525)
0542 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at javax.crypto.Cipher.doFinal(Cipher.java:2055)
0543 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at com.android.cts.verifier.security.FingerprintBoundKeysTest.encryptInternal(FingerprintBoundKeysTest.java:247)
0544 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at com.android.cts.verifier.security.FingerprintBoundKeysTest.tryEncrypt(FingerprintBoundKeysTest.java:206)
0545 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at com.android.cts.verifier.security.FingerprintBoundKeysTest.startTest(FingerprintBoundKeysTest.java:142)
0546 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at com.android.cts.verifier.security.FingerprintBoundKeysTest$1.onClick(FingerprintBoundKeysTest.java:118)
0547 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at android.view.View.performClick(View.java:7448)
0548 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at android.view.View.performClickInternal(View.java:7425)
0549 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at android.view.View.access$3600(View.java:810)
0550 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at android.view.View$PerformClick.run(View.java:28305)
0551 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at android.os.Handler.handleCallback(Handler.java:938)
0552 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at android.os.Handler.dispatchMessage(Handler.java:99)
0553 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at android.os.Looper.loop(Looper.java:223)
0554 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at android.app.ActivityThread.main(ActivityThread.java:7664)
0555 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at java.lang.reflect.Method.invoke(Native Method)
0556 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:592)
0557 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:948)
0558 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest: Caused by: android.security.KeyStoreException: Key user not authenticated
0559 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at android.security.KeyStore.getKeyStoreException(KeyStore.java:1343)
0560 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.update(KeyStoreCryptoOperationChunkedStreamer.java:140)
0561 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:179)
0562 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:512)
0563 09-26 15:45:29.445  3393  3393 W FingerprintBoundKeysTest:     ... 16 more
0564 09-26 15:45:29.445  3393  3393 D FingerprintBoundKeysTest: 4. startTest --> prepareEncrypt
0565 09-26 15:45:29.445  3393  3393 D FingerprintBoundKeysTest: 1. encryptInternal ==> getInstance
0566 09-26 15:45:29.446  3393  3393 D FingerprintBoundKeysTest: 2. encryptInternal ==> load
0567 09-26 15:45:29.448  3393  3393 D FingerprintBoundKeysTest: 3. encryptInternal ==> getKey
0571 09-26 15:45:29.454  3393  3393 I FingerprintBoundKeysTest: encryptInternal: [1]: key retrieved
0572 09-26 15:45:29.454  3393  3393 D FingerprintBoundKeysTest: 5. encryptInternal ==> init

KM_BEGIN_OPERATION:

bpkm: bp_keymaster_send 309 command: 4 = KM_BEGIN_OPERATION
bpkm: dump_data data_len = 456, count = 29
bpkm: [000] 00 00 00 00 4b 01 00 00 01 00 00 00 10 0b e0 ad
bpkm: [001] ec 1c aa 1b 04 03 f5 fd 57 3c 8f 32 58 f1 7d b1
bpkm: [002] 92 e3 05 2e 40 39 fa 61 c5 1d 98 72 9e 9c bb 21
bpkm: [003] f1 61 77 66 c0 b1 fb e2 1d d2 8a 71 86 1d 9c e5
bpkm: [004] e7 12 4d 77 e8 53 c3 a6 18 40 82 dc 7e 3c 75 4b
bpkm: [005] cd 0c 35 8d a9 21 04 03 51 ad 45 4c 11 47 f8 2c
bpkm: [006] f6 27 eb 4f 6b ba 86 1e fb ea a5 26 4e 99 d0 8a
bpkm: [007] 84 a3 4d 76 f2 38 71 10 d6 94 59 e0 38 38 bb d1
bpkm: [008] 0e a4 d8 dc 18 53 02 a9 5a 4d 13 6d a0 b8 e8 78
bpkm: [009] f0 d4 82 0c 29 01 05 2e e2 35 d7 3d 2e ef 39 4f
bpkm: [00a] c4 70 24 01 39 13 75 23 b9 87 06 a6 d4 6a 89 8e
bpkm: [00b] 4c 40 46 9d 40 6d be c3 98 82 ab 74 81 8b 3b b7
bpkm: [00c] a3 57 d7 a7 17 69 f0 ba 19 32 49 42 20 53 12 1b
bpkm: [00d] ed cc 5b 24 69 e3 2a ae 4b 68 86 5d e8 1c 4c 11
bpkm: [00e] b8 f0 1b 8b 2b 1c 44 62 29 1b 7c f1 79 66 67 48
bpkm: [00f] 4b de c4 4e a9 ad 86 9f a9 59 0b 63 5a 16 92 de
bpkm: [010] d8 84 95 60 1a f9 16 2e d9 d1 97 85 82 bb 71 d6
bpkm: [011] 84 d4 d8 33 7e 69 2f cc 6e 5f 64 88 64 a6 bb 9e
bpkm: [012] 5d f0 52 ba 00 e5 e9 bf c9 11 69 88 e0 d5 f7 65
bpkm: [013] 42 9d 2f fc 7c 52 b6 b1 62 e2 35 62 3e c6 13 bd
bpkm: [014] 45 f7 d9 22 fc 6c 02 b1 bf 41 9e 46 64 f9 37 88
bpkm: [015] 5c b2 3e 45 00 00 00 00 00 00 00 00 00 00 00 00
bpkm: [016] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
bpkm: [017] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
bpkm: [018] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
bpkm: [019] 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00
bpkm: [01a] 24 00 00 00 02 00 00 10 20 00 00 00 04 00 00 20
bpkm: [01b] 02 00 00 00 06 00 00 20 40 00 00 00 ea 03 00 90
bpkm: [01c] 45 00 00 00 00 00 00 00
bpkm: cmd:4 Received 52 byte response
bpkm: response size = 52
bpkm: dump_data data_len = 52, count = 4
bpkm: [000] 00 00 00 00 41 99 13 94 ad 64 59 ee 10 00 00 00
bpkm: [001] 22 f7 cc ac 5d cc 2e c0 fc bd 7c 96 7f f5 d1 df
bpkm: [002] 01 00 00 00 0c 00 00 00 e9 03 00 90 10 00 00 00
bpkm: [003] 00 00 00 00

流程继续,弹框,输入指纹:

0689 09-26 15:45:29.479  3393  3393 I FingerprintBoundKeysTest: encryptInternal: [2]: cipher initialized
0690 09-26 15:45:29.479  3393  3393 D FingerprintBoundKeysTest: 5. startTest --> showAuthenticationScreen
0781 09-26 15:45:32.360  1130  1130 D fw-KeyStore: addAuthToken --> mBinder.addAuthToken
0782 09-26 15:45:32.361   600   600 D key_store_service: addAuthToken->AddAuthenticationToken
0785 09-26 15:45:32.363  3393  3393 I FingerprintBoundKeysTest: onAuthenticationSucceeded
0786 09-26 15:45:32.364  3393  3393 D FingerprintBoundKeysTest: 6. encryptInternal ==> doFinal//这里会接连调用update和finish
0807 09-26 15:45:32.367   600   600 D key_store_service: update

KM_UPDATE_OPERATION:

  1. op handle:8字节
  2. size:4字节
  3. data:size长度
  4. indirect data size:4字节,值为0x45=69字节
  5. indirect data:69字节。这个貌似是auth token的组合。
  6. element count:4字节
  7. element size:4字节
  8. element:tag(4字节) + value
bpkm: bp_keymaster_send 309 command: 8 = KM_UPDATE_OPERATION
bpkm: dump_data data_len = 111, count = 7
bpkm: [000] 41 99 13 94 ad 64 59 ee 06 00 00 00 01 02 03 04 //op handle
bpkm: [001] 05 06 45 00 00 00 00 41 99 13 94 ad 64 59 ee ca
bpkm: [002] 6f 9c 35 76 1d 2c c1 35 ae 46 dd 49 d7 85 d9 00
bpkm: [003] 00 00 02 00 00 00 00 00 07 5b 9b 0c c9 34 05 0b
bpkm: [004] 02 4a 6b 42 74 30 2b 08 35 60 96 d0 61 47 5f 05
bpkm: [005] 9b 11 02 ea 46 ee 29 6a ab 12 bc 01 00 00 00 0c
bpkm: [006] 00 00 00 ea 03 00 90 45 00 00 00 00 00 00 00
bpkm: cmd:8 Received 24 byte response
bpkm: response size = 24
bpkm: dump_data data_len = 24, count = 2
bpkm: [000] 00 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00
bpkm: [001] 00 00 00 00 00 00 00 00

KM_FINISH_OPERATION:

request:

  1. op handle:8字节
  2. signature size:4字节,此处为0
  3. signature data:size长度,此处没有
  4. indirect data size:4字节,0x45
  5. indirect data:size长度,此处为0x45个字节
  6. element count:4字节,值:01
  7. element size:4字节,值0x0c
  8. element:tag(4字节) + value

response:

  1. error code:4字节
  2. data size:4字节,此处值为0x10
  3. data:size大小,此处值为16
  4. 后面的是param:indirect data size + indirect data + param count + param size + param(tag + value)
bpkm: bp_keymaster_send 309 command: 12 = KM_FINISH_OPERATION
bpkm: dump_data data_len = 109, count = 7
bpkm: [000] 41 99 13 94 ad 64 59 ee 00 00 00 00 45 00 00 00
bpkm: [001] 00 41 99 13 94 ad 64 59 ee ca 6f 9c 35 76 1d 2c
bpkm: [002] c1 35 ae 46 dd 49 d7 85 d9 00 00 00 02 00 00 00
bpkm: [003] 00 00 07 5b 9b 0c c9 34 05 0b 02 4a 6b 42 74 30
bpkm: [004] 2b 08 35 60 96 d0 61 47 5f 05 9b 11 02 ea 46 ee
bpkm: [005] 29 6a ab 12 bc 01 00 00 00 0c 00 00 00 ea 03 00 //tag: KM_TAG_AUTH_TOKEN
bpkm: [006] 90 45 00 00 00 00 00 00 00 00 00 00 00
bpkm: cmd:c Received 36 byte response
bpkm: response size = 36
bpkm: dump_data data_len = 36, count = 3
bpkm: [000] 00 00 00 00 10 00 00 00 b1 d0 4c 00 ac 21 3d cd
bpkm: [001] c9 b2 87 59 91 ad 9d c5 00 00 00 00 00 00 00 00
bpkm: [002] 00 00 00 00

流程继续:

0867 09-26 15:45:32.380  3393  3393 I FingerprintBoundKeysTest: encryptInternal: [3]: encryption performed
0868 09-26 15:45:32.382  3393  3393 D FingerprintBoundKeysTest: createKey ==> getInstance
0869 09-26 15:45:32.383  3393  3393 D FingerprintBoundKeysTest: createKey ==> init
0870 09-26 15:45:32.385  3393  3393 D FingerprintBoundKeysTest: createKey ==> generateKey

KM_GENERATE_KEY:

request:

  1. indirect data size:4字节,值为0
  2. indirect data:if available。此处无
  3. element count:4字节,值为0x0a
  4. element size:4字节,值为0x58
  5. element:tag + value

10个element分别为:

  1. 0x30000003:KM_TAG_KEY_SIZE,值0x80
  2. 0x10000002:KM_TAG_ALGORITHM,值0x20,表AES
  3. 0x20000001:KM_TAG_PURPOSE,值0,表encrypt
  4. 0x20000001:KM_TAG_PURPOSE,值1,表decrypt
  5. 0x20000004:KM_TAG_BLOCK_MODE,值02
  6. 0x20000006:KM_TAG_PADDING,值0x40,表示KM_PAD_PKCS7
  7. 0xa00001f6:KM_TAG_USER_SECURE_ID,值占8字节
  8. 0x100001f8:KM_TAG_USER_AUTH_TYPE,值03,这个值貌似是无效值???
  9. 0x300001f9:KM_TAG_AUTH_TIMEOUT,值占4个字节
  10. 0x600002bd:KM_TAG_CREATION_DATETIME,值占8个字节
bpkm: bp_keymaster_send 309 command: 0 = KM_GENERATE_KEY
bpkm: dump_data data_len = 100, count = 7
bpkm: [000] 00 00 00 00 0a 00 00 00 58 00 00 00 03 00 00 30
bpkm: [001] 80 00 00 00 02 00 00 10 20 00 00 00 01 00 00 20
bpkm: [002] 00 00 00 00 01 00 00 20 01 00 00 00 04 00 00 20
bpkm: [003] 02 00 00 00 06 00 00 20 40 00 00 00 f6 01 00 a0
bpkm: [004] ca 6f 9c 35 76 1d 2c c1 f8 01 00 10 03 00 00 00
bpkm: [005] f9 01 00 30 02 00 00 00 bd 02 00 60 d0 71 35 98
bpkm: [006] 8a 01 00 00
bpkm: cmd:0 Received 483 byte response
bpkm: response size = 483
bpkm: dump_data data_len = 483, count = 31
bpkm: [000] 00 00 00 00 53 01 00 00 01 00 00 00 10 97 53 0a
bpkm: [001] 71 54 9b 9b 2d 4a 90 ca e9 f1 86 81 3d 24 e8 f4
bpkm: [002] 57 7e 92 b7 b8 6c 66 fa ee 9f 64 8a 40 f2 e7 37
bpkm: [003] 95 83 10 ab 92 86 1d 3b b5 49 cc c0 68 16 6f 92
bpkm: [004] 04 35 40 d4 2a 2a f0 f3 4a a3 97 67 56 17 53 45
bpkm: [005] 7c b3 2b f0 1e 1c 5f 59 74 43 2e 93 65 d4 64 17
bpkm: [006] 38 c8 4a 4b 7f 64 48 e2 5b b5 54 04 62 57 7a 6b
bpkm: [007] ce c0 b6 7a 33 c8 84 10 f4 3c ea b7 5f b1 48 1d
bpkm: [008] 34 12 e3 c5 3e 75 5e ab e6 06 29 60 78 2a 45 14
bpkm: [009] d0 c8 4a 4e 48 05 ff 93 15 c1 a2 7f ed 1a 05 47
bpkm: [00a] f6 16 24 ac 83 69 58 35 0e 7c 25 ef df 48 9d 4a
bpkm: [00b] c8 15 7d e6 f3 a5 2b 8c b6 40 8a 33 30 98 6b 56
bpkm: [00c] cc 4f d2 1f 6a a8 6f 60 26 ef aa a8 84 4e b3 0d
bpkm: [00d] 68 74 83 00 9d e7 96 cb f8 83 aa 19 cf db 2d 55
bpkm: [00e] 71 fa ef 20 13 cd 21 80 7b 5c 87 c7 b0 94 b6 a5
bpkm: [00f] c1 2e 16 59 2a 41 5f b9 ee 5b ba 03 a7 a3 f2 0e
bpkm: [010] 90 d7 ff 52 d1 88 bd 1a 7c 31 4b de e7 84 e0 93
bpkm: [011] 67 51 5b c6 52 20 29 32 11 ae 11 ea d8 6b 03 dd
bpkm: [012] b7 f8 85 61 b6 27 2e 3d 9d f4 be 7b 94 12 e3 ac
bpkm: [013] 05 7a ec 14 5c 34 2c 72 f9 ac cd 9a da 44 b5 35
bpkm: [014] 62 21 d5 de 95 8a 97 c9 16 5d ba a5 e6 78 2f 70
bpkm: [015] b8 aa fa 47 0d 15 34 6b f4 c8 48 00 00 00 00 0c
bpkm: [016] 00 00 00 64 00 00 00 03 00 00 30 80 00 00 00 02
bpkm: [017] 00 00 10 20 00 00 00 01 00 00 20 00 00 00 00 01
bpkm: [018] 00 00 20 01 00 00 00 04 00 00 20 02 00 00 00 06
bpkm: [019] 00 00 20 40 00 00 00 f6 01 00 a0 ca 6f 9c 35 76
bpkm: [01a] 1d 2c c1 f8 01 00 10 03 00 00 00 f9 01 00 30 02
bpkm: [01b] 00 00 00 be 02 00 10 00 00 00 00 c1 02 00 30 b0
bpkm: [01c] ad 01 00 c2 02 00 30 45 16 03 00 00 00 00 00 01
bpkm: [01d] 00 00 00 0c 00 00 00 bd 02 00 60 d0 71 35 98 8a
bpkm: [01e] 01 00 00

response:

  1. error code:4字节
  2. key size:4字节,值为0x0153=339
  3. key data:占339字节
  4. enforce auth set:
    1. indirect data size:4字节,值0
    2. indirect data:无
    3. element count:0xc,12个
    4. element size:0x64
    5. element:
      1. 0x30000003:KM_TAG_KEY_SIZE,值0x80
      2. 0x10000002:KM_TAG_ALGORITHM,值20,表AES
      3. 0x20000001:KM_TAG_PURPOSE,值0,表encrypt
      4. 0x20000001:KM_TAG_PURPOSE,值1,表decrypt
      5. 0x20000004:KM_TAG_BLOCK_MODE,值02
      6. 0x20000006:KM_TAG_PADDING,值0x40,表示KM_PAD_PKCS7
      7. 0xa00001f6:KM_TAG_USER_SECURE_ID,值占8字节
      8. 0x100001f8:KM_TAG_USER_AUTH_TYPE,值03???
      9. 0x300001f9:KM_TAG_AUTH_TIMEOUT,值占4个字节
      10. 0x100002be:KM_TAG_ORIGIN,值0
      11. 0x300002c1:KM_TAG_OS_VERSION
      12. 0c300002c2:KM_TAG_OS_PATCHLEVEL
  5. unenforced auth set:
    1. indirect data size:4字节,值0
    2. indirect data:无
    3. element count:4字节,值1
    4. element size:4字节,值0x0c=12
    5. element:
      1. 0x600002bd:KM_TAG_CREATION_DATETIME,值占8字节

流程继续:

0950 09-26 15:45:32.418  3393  3393 I FingerprintBoundKeysTest: createKey: [1]: done
0951 09-26 15:45:32.418  3393  3393 D FingerprintBoundKeysTest: 1. encryptInternal ==> getInstance
0952 09-26 15:45:32.418  3393  3393 D FingerprintBoundKeysTest: 2. encryptInternal ==> load
0953 09-26 15:45:32.420  3393  3393 D FingerprintBoundKeysTest: 3. encryptInternal ==> getKey
0957 09-26 15:45:32.425  3393  3393 I FingerprintBoundKeysTest: encryptInternal: [1]: key retrieved
0958 09-26 15:45:32.425  3393  3393 D FingerprintBoundKeysTest: 4. encryptInternal ==> Cipher getInstance
0959 09-26 15:45:32.426  3393  3393 D FingerprintBoundKeysTest: 5. encryptInternal ==> init

KM_BEGIN_OPERATION:

request:

  1. purpose:4字节,值0
  2. key size:4字节,值0x0153=339
  3. key data:339字节
  4. indirect data size:4字节,值0x45
  5. indirect data:0x45字节
  6. element count:4字节,值4
  7. element size:4字节,值0x24
  8. element:
    1. 0x10000002:KM_TAG_ALGORITHM,值20,表AES
    2. 0x20000004:KM_TAG_BLOCK_MODE,值02
    3. 0x20000006:KM_TAG_PADDING,值0x40,表示KM_PAD_PKCS7
    4. 0x900003ea:KM_TAG_AUTH_TOKEN,值占8字节
bpkm: bp_keymaster_send 309 command: 4 = KM_BEGIN_OPERATION
bpkm: dump_data data_len = 464, count = 29
bpkm: [000] 00 00 00 00 53 01 00 00 01 00 00 00 10 97 53 0a
bpkm: [001] 71 54 9b 9b 2d 4a 90 ca e9 f1 86 81 3d 24 e8 f4
bpkm: [002] 57 7e 92 b7 b8 6c 66 fa ee 9f 64 8a 40 f2 e7 37
bpkm: [003] 95 83 10 ab 92 86 1d 3b b5 49 cc c0 68 16 6f 92
bpkm: [004] 04 35 40 d4 2a 2a f0 f3 4a a3 97 67 56 17 53 45
bpkm: [005] 7c b3 2b f0 1e 1c 5f 59 74 43 2e 93 65 d4 64 17
bpkm: [006] 38 c8 4a 4b 7f 64 48 e2 5b b5 54 04 62 57 7a 6b
bpkm: [007] ce c0 b6 7a 33 c8 84 10 f4 3c ea b7 5f b1 48 1d
bpkm: [008] 34 12 e3 c5 3e 75 5e ab e6 06 29 60 78 2a 45 14
bpkm: [009] d0 c8 4a 4e 48 05 ff 93 15 c1 a2 7f ed 1a 05 47
bpkm: [00a] f6 16 24 ac 83 69 58 35 0e 7c 25 ef df 48 9d 4a
bpkm: [00b] c8 15 7d e6 f3 a5 2b 8c b6 40 8a 33 30 98 6b 56
bpkm: [00c] cc 4f d2 1f 6a a8 6f 60 26 ef aa a8 84 4e b3 0d
bpkm: [00d] 68 74 83 00 9d e7 96 cb f8 83 aa 19 cf db 2d 55
bpkm: [00e] 71 fa ef 20 13 cd 21 80 7b 5c 87 c7 b0 94 b6 a5
bpkm: [00f] c1 2e 16 59 2a 41 5f b9 ee 5b ba 03 a7 a3 f2 0e
bpkm: [010] 90 d7 ff 52 d1 88 bd 1a 7c 31 4b de e7 84 e0 93
bpkm: [011] 67 51 5b c6 52 20 29 32 11 ae 11 ea d8 6b 03 dd
bpkm: [012] b7 f8 85 61 b6 27 2e 3d 9d f4 be 7b 94 12 e3 ac
bpkm: [013] 05 7a ec 14 5c 34 2c 72 f9 ac cd 9a da 44 b5 35
bpkm: [014] 62 21 d5 de 95 8a 97 c9 16 5d ba a5 e6 78 2f 70
bpkm: [015] b8 aa fa 47 0d 15 34 6b f4 c8 48 45 00 00 00 00
bpkm: [016] 41 99 13 94 ad 64 59 ee ca 6f 9c 35 76 1d 2c c1
bpkm: [017] 35 ae 46 dd 49 d7 85 d9 00 00 00 02 00 00 00 00
bpkm: [018] 00 07 5b 9b 0c c9 34 05 0b 02 4a 6b 42 74 30 2b
bpkm: [019] 08 35 60 96 d0 61 47 5f 05 9b 11 02 ea 46 ee 29
bpkm: [01a] 6a ab 12 bc 04 00 00 00 24 00 00 00 02 00 00 10
bpkm: [01b] 20 00 00 00 04 00 00 20 02 00 00 00 06 00 00 20
bpkm: [01c] 40 00 00 00 ea 03 00 90 45 00 00 00 00 00 00 00
bpkm: cmd:4 Received 52 byte response
bpkm: response size = 52
bpkm: dump_data data_len = 52, count = 4
bpkm: [000] 00 00 00 00 85 5e 67 70 55 29 ab 75 10 00 00 00
bpkm: [001] 3e 19 f9 1c f7 02 65 4d ee c3 e7 44 c7 06 76 f4
bpkm: [002] 01 00 00 00 0c 00 00 00 e9 03 00 90 10 00 00 00
bpkm: [003] 00 00 00 00

response:

  1. error code:4字节
  2. op handle:8字节
  3. indirect data size:4字节,值0x10=16
  4. indirect data:16字节
  5. element count:4字节,值01
  6. element size:4字节,值0x0c=12
  7. element集合:tag + value,这里只有一个element,tag为0x900003e9,表KM_TAG_NONCE

流程继续:

1069 09-26 15:45:32.444  3393  3393 I FingerprintBoundKeysTest: encryptInternal: [2]: cipher initialized
1070 09-26 15:45:32.444  3393  3393 D FingerprintBoundKeysTest: 6. encryptInternal ==> doFinal
1092 09-26 15:45:32.447   600   600 D key_store_service: update

KM_UPDATE_OPERATION

request:

  1. op handle:8字节
  2. size:4字节,值06
  3. data:size长度,这里是6字节
  4. indirect data size:4字节,值为0x45=69字节
  5. indirect data:69字节。这个貌似是auth token的组合。
  6. element count:4字节,值01
  7. element size:4字节,值0c
  8. element:tag(4字节) + value,这里只有一个element,tag:0x900003ea,KM_TAG_AUTH_TOKEN
bpkm: bp_keymaster_send 309 command: 8 = KM_UPDATE_OPERATION
bpkm: dump_data data_len = 111, count = 7
bpkm: [000] 85 5e 67 70 55 29 ab 75 06 00 00 00 01 02 03 04
bpkm: [001] 05 06 45 00 00 00 00 41 99 13 94 ad 64 59 ee ca
bpkm: [002] 6f 9c 35 76 1d 2c c1 35 ae 46 dd 49 d7 85 d9 00
bpkm: [003] 00 00 02 00 00 00 00 00 07 5b 9b 0c c9 34 05 0b
bpkm: [004] 02 4a 6b 42 74 30 2b 08 35 60 96 d0 61 47 5f 05
bpkm: [005] 9b 11 02 ea 46 ee 29 6a ab 12 bc 01 00 00 00 0c
bpkm: [006] 00 00 00 ea 03 00 90 45 00 00 00 00 00 00 00
bpkm: cmd:8 Received 24 byte response
bpkm: response size = 24
bpkm: dump_data data_len = 24, count = 2
bpkm: [000] 00 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00
bpkm: [001] 00 00 00 00 00 00 00 00

KM_FINISH_OPERATION

request:

  1. op handle:8字节
  2. signature size:4字节,此处为0
  3. signature data:size长度,此处没有
  4. indirect data size:4字节,0x45
  5. indirect data:size长度,此处为0x45个字节
  6. element count:4字节,值:01
  7. element size:4字节,值0x0c
  8. element:tag(4字节) + value,tag为0x900003ea,KM_TAG_AUTH_TOKEN
bpkm: bp_keymaster_send 309 command: 12 = KM_FINISH_OPERATION
bpkm: dump_data data_len = 109, count = 7
bpkm: [000] 85 5e 67 70 55 29 ab 75 00 00 00 00 45 00 00 00
bpkm: [001] 00 41 99 13 94 ad 64 59 ee ca 6f 9c 35 76 1d 2c
bpkm: [002] c1 35 ae 46 dd 49 d7 85 d9 00 00 00 02 00 00 00
bpkm: [003] 00 00 07 5b 9b 0c c9 34 05 0b 02 4a 6b 42 74 30
bpkm: [004] 2b 08 35 60 96 d0 61 47 5f 05 9b 11 02 ea 46 ee
bpkm: [005] 29 6a ab 12 bc 01 00 00 00 0c 00 00 00 ea 03 00
bpkm: [006] 90 45 00 00 00 00 00 00 00 00 00 00 00
bpkm: cmd:c Received 36 byte response
bpkm: response size = 36
bpkm: dump_data data_len = 36, count = 3
bpkm: [000] 00 00 00 00 10 00 00 00 75 8a 54 a1 cb 81 7f df
bpkm: [001] 6d fb a1 60 65 76 eb 8f 00 00 00 00 00 00 00 00
bpkm: [002] 00 00 00 00

response:

  1. error code:4字节
  2. data size:4字节,此处值为0x10
  3. data:size大小,此处值为16
  4. 后面的是param:indirect data size + indirect data + param count + param size + param(tag + value)

流程继续:

1154 09-26 15:45:32.458  3393  3393 I FingerprintBoundKeysTest: encryptInternal: [3]: encryption performed
1224 09-26 15:45:35.462  3393  3393 D FingerprintBoundKeysTest: createKey ==> getInstance
1225 09-26 15:45:35.464  3393  3393 D FingerprintBoundKeysTest: createKey ==> init
1226 09-26 15:45:35.468  3393  3393 D FingerprintBoundKeysTest: createKey ==> generateKey

KM_GENERATE_KEY

request:

  1. indirect data size:4字节,值为0
  2. indirect data:if available。此处无
  3. element count:4字节,值为0x0a
  4. element size:4字节,值为0x58
  5. element:tag + value

10个element分别为:

 

  1. 0x30000003:KM_TAG_KEY_SIZE,值0x80
  2. 0x10000002:KM_TAG_ALGORITHM,值0x20,表AES
  3. 0x20000001:KM_TAG_PURPOSE,值0,表encrypt
  4. 0x20000001:KM_TAG_PURPOSE,值1,表decrypt
  5. 0x20000004:KM_TAG_BLOCK_MODE,值02
  6. 0x20000006:KM_TAG_PADDING,值0x40,表示KM_PAD_PKCS7
  7. 0xa00001f6:KM_TAG_USER_SECURE_ID,值占8字节
  8. 0x100001f8:KM_TAG_USER_AUTH_TYPE,值03,这个值貌似是无效值???
  9. 0x300001f9:KM_TAG_AUTH_TIMEOUT,值占4个字节
  10. 0x600002bd:KM_TAG_CREATION_DATETIME,值占8个字节
bpkm: bp_keymaster_send 309 command: 0 = KM_GENERATE_KEY
bpkm: dump_data data_len = 100, count = 7
bpkm: [000] 00 00 00 00 0a 00 00 00 58 00 00 00 03 00 00 30
bpkm: [001] 80 00 00 00 02 00 00 10 20 00 00 00 01 00 00 20
bpkm: [002] 00 00 00 00 01 00 00 20 01 00 00 00 04 00 00 20
bpkm: [003] 02 00 00 00 06 00 00 20 40 00 00 00 f6 01 00 a0
bpkm: [004] ca 6f 9c 35 76 1d 2c c1 f8 01 00 10 03 00 00 00
bpkm: [005] f9 01 00 30 02 00 00 00 bd 02 00 60 88 7d 35 98
bpkm: [006] 8a 01 00 00
bpkm: cmd:0 Received 483 byte response
bpkm: response size = 483
bpkm: dump_data data_len = 483, count = 31
bpkm: [000] 00 00 00 00 53 01 00 00 01 00 00 00 10 bc 8c fc
bpkm: [001] 1f eb c7 fd 41 26 b0 78 84 54 a2 11 b5 d4 2b 02
bpkm: [002] 41 71 0d 58 26 87 5b 13 4e 24 d3 be 7b f7 df 61
bpkm: [003] 76 ea 4f c2 86 74 35 5f eb 94 eb 6c dd 47 07 4d
bpkm: [004] 8f 1c 18 52 40 2e 6c 67 83 9b c0 93 98 10 59 c0
bpkm: [005] da 9b e8 b5 cf 6f df 48 8a 20 cd e5 1b ac dc a6
bpkm: [006] 97 00 9d 55 4f 87 22 c9 5c 1b 69 1b d3 50 a3 3b
bpkm: [007] 76 8d 1d 88 82 48 3e 69 fb 45 03 10 40 81 30 6d
bpkm: [008] f7 76 3e e8 80 85 50 89 1c 5a 7c 00 76 50 03 73
bpkm: [009] 25 aa 9f 23 be 45 2f a4 b3 25 67 0d e0 8b 27 3f
bpkm: [00a] 56 32 d8 7e 3d d7 2f 70 a9 7d e6 83 a8 83 49 70
bpkm: [00b] bc 41 c8 38 7f 71 4d e3 9a a9 10 81 2d e3 82 fe
bpkm: [00c] 38 af 6f dc 21 6e e2 5d b8 f5 53 e4 89 c2 f3 1a
bpkm: [00d] bd 6f 55 56 39 66 47 b8 9d 3b 25 ea 58 8a 47 ec
bpkm: [00e] f1 fb 6f c7 ad df 9c 6e 71 7f f7 ae 89 2a 23 71
bpkm: [00f] 8f 76 e5 7b f3 99 4e 4c c9 29 44 bc 26 15 44 71
bpkm: [010] b6 0c f9 c8 50 85 eb 03 62 61 10 d2 46 0e 71 17
bpkm: [011] 4a e6 07 47 33 50 01 61 fb a1 ff ec 9d 77 04 cd
bpkm: [012] 4b a6 a5 db c3 87 b8 49 40 63 d9 08 6f ff ba 99
bpkm: [013] 48 d0 21 95 db 3d 18 69 70 b7 de fe 14 4d 05 23
bpkm: [014] ea 2d 87 59 d6 d2 31 d2 1d a7 85 04 01 77 af 66
bpkm: [015] f2 4c 5d cd 9f e3 67 2c 70 61 2d 00 00 00 00 0c
bpkm: [016] 00 00 00 64 00 00 00 03 00 00 30 80 00 00 00 02
bpkm: [017] 00 00 10 20 00 00 00 01 00 00 20 00 00 00 00 01
bpkm: [018] 00 00 20 01 00 00 00 04 00 00 20 02 00 00 00 06
bpkm: [019] 00 00 20 40 00 00 00 f6 01 00 a0 ca 6f 9c 35 76
bpkm: [01a] 1d 2c c1 f8 01 00 10 03 00 00 00 f9 01 00 30 02
bpkm: [01b] 00 00 00 be 02 00 10 00 00 00 00 c1 02 00 30 b0
bpkm: [01c] ad 01 00 c2 02 00 30 45 16 03 00 00 00 00 00 01
bpkm: [01d] 00 00 00 0c 00 00 00 bd 02 00 60 88 7d 35 98 8a
bpkm: [01e] 01 00 00

response:

  1. error code:4字节
  2. key size:4字节,值为0x0153=339
  3. key data:占339字节
  4. enforce auth set:
    1. indirect data size:4字节,值0
    2. indirect data:无
    3. element count:0xc,12个
    4. element size:0x64
    5. element:
      1. 0x30000003:KM_TAG_KEY_SIZE,值0x80
      2. 0x10000002:KM_TAG_ALGORITHM,值20,表AES
      3. 0x20000001:KM_TAG_PURPOSE,值0,表encrypt
      4. 0x20000001:KM_TAG_PURPOSE,值1,表decrypt
      5. 0x20000004:KM_TAG_BLOCK_MODE,值02
      6. 0x20000006:KM_TAG_PADDING,值0x40,表示KM_PAD_PKCS7
      7. 0xa00001f6:KM_TAG_USER_SECURE_ID,值占8字节
      8. 0x100001f8:KM_TAG_USER_AUTH_TYPE,值03???
      9. 0x300001f9:KM_TAG_AUTH_TIMEOUT,值占4个字节
      10. 0x100002be:KM_TAG_ORIGIN,值0
      11. 0x300002c1:KM_TAG_OS_VERSION
      12. 0c300002c2:KM_TAG_OS_PATCHLEVEL
  5. unenforced auth set:
    1. indirect data size:4字节,值0
    2. indirect data:无
    3. element count:4字节,值1
    4. element size:4字节,值0x0c=12
    5. element:
      1. 0x600002bd:KM_TAG_CREATION_DATETIME,值占8字节

流程正常结束:

1306 09-26 15:45:35.537  3393  3393 I FingerprintBoundKeysTest: createKey: [1]: done
1307 09-26 15:45:35.537  3393  3393 D FingerprintBoundKeysTest: 1. encryptInternal ==> getInstance
1308 09-26 15:45:35.538  3393  3393 D FingerprintBoundKeysTest: 2. encryptInternal ==> load
1309 09-26 15:45:35.540  3393  3393 D FingerprintBoundKeysTest: 3. encryptInternal ==> getKey
1313 09-26 15:45:35.550  3393  3393 I FingerprintBoundKeysTest: encryptInternal: [1]: key retrieved
1314 09-26 15:45:35.550  3393  3393 D FingerprintBoundKeysTest: 4. encryptInternal ==> Cipher getInstance
1315 09-26 15:45:35.552  3393  3393 D FingerprintBoundKeysTest: 5. encryptInternal ==> init
1375 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest: encryptInternal: [6]: User not authenticated
1376 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest: android.security.keystore.UserNotAuthenticatedException: User not authenticated
1377 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at android.security.KeyStore.getInvalidKeyException(KeyStore.java:1388)
1378 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at android.security.KeyStore.getInvalidKeyException(KeyStore.java:1430)
1379 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at android.security.keystore.KeyStoreCryptoOperationUtils.getInvalidKeyExceptionForInit(KeyStoreCryptoOperationUtils.java:54)
1380 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at android.security.keystore.KeyStoreCryptoOperationUtils.getExceptionForCipherInit(KeyStoreCryptoOperationUtils.java:89)
1381 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at android.security.keystore.AndroidKeyStoreCipherSpiBase.ensureKeystoreOperationInitialized(AndroidKeyStoreCipherSpiBase.java:271)
1382 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineInit(AndroidKeyStoreCipherSpiBase.java:111)
1383 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at javax.crypto.Cipher.tryTransformWithProvider(Cipher.java:2984)
1384 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at javax.crypto.Cipher.tryCombinations(Cipher.java:2891)
1385 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at javax.crypto.Cipher$SpiAndProviderUpdater.updateAndGetSpiAndProvider(Cipher.java:2796)
1386 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at javax.crypto.Cipher.chooseProvider(Cipher.java:773)
1387 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at javax.crypto.Cipher.init(Cipher.java:1143)
1388 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at javax.crypto.Cipher.init(Cipher.java:1084)
1389 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at com.android.cts.verifier.security.FingerprintBoundKeysTest.encryptInternal(FingerprintBoundKeysTest.java:241)
1390 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at com.android.cts.verifier.security.FingerprintBoundKeysTest.prepareEncrypt(FingerprintBoundKeysTest.java:197)
1391 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at com.android.cts.verifier.security.FingerprintBoundKeysTest.doValidityDurationTest(FingerprintBoundKeysTest.java:216)
1392 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at com.android.cts.verifier.security.FingerprintBoundKeysTest$FingerprintAuthDialogFragment$FingerprintManagerCallback.onAuthenticationSucceeded(FingerprintBoundKeysTest.java:335)
1393 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at android.hardware.fingerprint.FingerprintManager.sendAuthenticatedSucceeded(FingerprintManager.java:900)
1394 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at android.hardware.fingerprint.FingerprintManager.access$900(FingerprintManager.java:68)
1395 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at android.hardware.fingerprint.FingerprintManager$MyHandler.handleMessage(FingerprintManager.java:834)
1396 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at android.os.Handler.dispatchMessage(Handler.java:106)
1397 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at android.os.Looper.loop(Looper.java:223)
1398 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at android.app.ActivityThread.main(ActivityThread.java:7664)
1399 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at java.lang.reflect.Method.invoke(Native Method)
1400 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:592)
1401 09-26 15:45:35.603  3393  3393 W FingerprintBoundKeysTest:     at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:948)

 

posted @ 2023-09-26 16:34  xiululu  阅读(30)  评论(0编辑  收藏  举报