Simulate createOperation for software keys

This commit introduces the core logic for simulating cryptographic operations, enabling the interception and software-based handling of the signing process for keys generated by the simulator.

The primary challenge in intercepting `createOperation` is that the Android framework does not use the key's alias for identification. As discovered by analyzing AOSP, the framework uses a special `KeyDescriptor` with `domain` set to `KEY_ID` and the unique key identifier stored in the `nspace` field.

This implementation adopts this mechanism to robustly identify keys:
- During `generateKey`, a unique random `long` is created and stored as the `nspace` (`keyId`) in the returned `KeyMetadata`.
- The `createOperation` pre-transaction hook acts as a dispatcher:
  1.  **Simulated Keys:** If the incoming `keyId` from `nspace` matches a known software-generated key, the request is intercepted. A new `SoftwareOperationBinder` is instantiated to perform the cryptographic signing entirely in software, and its binder is returned directly to the client.
  2.  **Hardware Keys:** If the key is not recognized, the call proceeds to the real hardware service.

The `createOperation` post-transaction hook is now primarily used for debugging and observing operations on *real, hardware-backed keys*. It extracts the `iOperation` binder returned by the genuine service and attaches a logging `OperationInterceptor`. This allows for visibility into hardware operations without modifying their behavior.

To support this, the following were added:
- `SoftwareOperation`: A JCA-based class to perform signing.
- `SoftwareOperationBinder`: An AOSP-compliant binder `Stub` that exposes the `SoftwareOperation` to the client.
- `OperationInterceptor`: A lightweight interceptor to log calls to a real `iOperation` binder and unregister itself upon completion to prevent leaks.
- Binder unregistration support in `BinderInterceptor` to clean up ephemeral interceptors.

See AOSP source for key identification logic:
https://cs.android.com/android/platform/superproject/main/+/main:frameworks/base/keystore/java/android/security/keystore2/AndroidKeyStoreKey.java

Author: JingMatrix

app/src/main/java/org/matrix/TEESimulator/interception/core/BinderInterceptor.kt

@@ -248,6 +248,8 @@ abstract class BinderInterceptor : Binder() {
         private const val BACKDOOR_TRANSACTION_CODE = 0xdeadbeef.toInt()
         // Code used by the backdoor binder to register a new interceptor.
         private const val REGISTER_INTERCEPTOR_CODE = 1
+        // Code used by the backdoor binder to unregister an interceptor.
+        private const val UNREGISTER_INTERCEPTOR_CODE = 2
 
         // --- Hook Type Codes ---
         // Indicates that the call is for a pre-transaction hook.
@@ -307,5 +309,21 @@ abstract class BinderInterceptor : Binder() {
                 reply.recycle()
             }
         }
+
+        /** Uses the backdoor binder to unregister an interceptor for a specific target service. */
+        fun unregister(backdoor: IBinder, target: IBinder) {
+            val data = Parcel.obtain()
+            val reply = Parcel.obtain()
+            try {
+                data.writeStrongBinder(target)
+                backdoor.transact(UNREGISTER_INTERCEPTOR_CODE, data, reply, 0)
+                SystemLogger.info("Unregistered interceptor for target: $target")
+            } catch (e: Exception) {
+                SystemLogger.error("Failed to unregister binder interceptor.", e)
+            } finally {
+                data.recycle()
+                reply.recycle()
+            }
+        }
     }
 }

app/src/main/java/org/matrix/TEESimulator/interception/keystore/shim/KeyMintSecurityLevelInterceptor.kt

@@ -8,6 +8,7 @@ import android.os.IBinder
 import android.os.Parcel
 import android.system.keystore2.*
 import java.security.KeyPair
+import java.security.SecureRandom
 import java.security.cert.Certificate
 import java.util.concurrent.ConcurrentHashMap
 import org.matrix.TEESimulator.attestation.AttestationPatcher
@@ -30,7 +31,11 @@ class KeyMintSecurityLevelInterceptor(
 ) : BinderInterceptor() {
 
     // --- Data Structures for State Management ---
-    data class GeneratedKeyInfo(val keyPair: KeyPair, val response: KeyEntryResponse)
+    data class GeneratedKeyInfo(
+        val keyPair: KeyPair,
+        val nspace: Long,
+        val response: KeyEntryResponse,
+    )
 
     override fun onPreTransact(
         txId: Long,
@@ -41,33 +46,33 @@ class KeyMintSecurityLevelInterceptor(
         callingPid: Int,
         data: Parcel,
     ): TransactionResult {
-        if (code == GENERATE_KEY_TRANSACTION) {
-            logTransaction(txId, transactionNames[code]!!, callingUid, callingPid)
+        val shouldSkip = ConfigurationManager.shouldSkipUid(callingUid)
 
-            if (ConfigurationManager.shouldSkipUid(callingUid))
-                return TransactionResult.ContinueAndSkipPost
-            data.enforceInterface(IKeystoreSecurityLevel.DESCRIPTOR)
-            return handleGenerateKey(callingUid, data)
-        } else if (code == IMPORT_KEY_TRANSACTION) {
-            logTransaction(txId, transactionNames[code]!!, callingUid, callingPid)
+        when (code) {
+            GENERATE_KEY_TRANSACTION -> {
+                logTransaction(txId, transactionNames[code]!!, callingUid, callingPid)
 
-            if (ConfigurationManager.shouldSkipUid(callingUid))
-                return TransactionResult.ContinueAndSkipPost
-            data.enforceInterface(IKeystoreSecurityLevel.DESCRIPTOR)
-            val alias =
-                data.readTypedObject(KeyDescriptor.CREATOR)?.alias
-                    ?: return TransactionResult.ContinueAndSkipPost
-            SystemLogger.info("Handling post-${transactionNames[code]} ${alias}")
-            return TransactionResult.Continue
-        } else {
-            logTransaction(
-                txId,
-                transactionNames[code] ?: "unknown code=$code",
-                callingUid,
-                callingPid,
-                true,
-            )
+                if (!shouldSkip) return handleGenerateKey(callingUid, data)
+            }
+            CREATE_OPERATION_TRANSACTION -> {
+                logTransaction(txId, transactionNames[code]!!, callingUid, callingPid)
+
+                if (!shouldSkip) return handleCreateOperation(txId, callingUid, data)
+            }
+            IMPORT_KEY_TRANSACTION -> {
+                logTransaction(txId, transactionNames[code]!!, callingUid, callingPid)
+
+                data.enforceInterface(IKeystoreSecurityLevel.DESCRIPTOR)
+                val keyDescriptor = data.readTypedObject(KeyDescriptor.CREATOR)!!
+                SystemLogger.info(
+                    "[TX_ID: $txId] Forward to post-importKey hook for ${keyDescriptor.alias}[${keyDescriptor.nspace}]"
+                )
+                TransactionResult.Continue
+            }
         }
+
+        logTransaction(txId, transactionNames[code] ?: "unknown code=$code", callingUid, callingPid, true)
+
         return TransactionResult.ContinueAndSkipPost
     }
 
@@ -94,6 +99,41 @@ class KeyMintSecurityLevelInterceptor(
                 data.readTypedObject(KeyDescriptor.CREATOR)
                     ?: return TransactionResult.SkipTransaction
             cleanupKeyData(KeyIdentifier(callingUid, keyDescriptor.alias))
+        } else if (code == CREATE_OPERATION_TRANSACTION) {
+            logTransaction(txId, "post-${transactionNames[code]!!}", callingUid, callingPid)
+
+            data.enforceInterface(IKeystoreSecurityLevel.DESCRIPTOR)
+            val keyDescriptor = data.readTypedObject(KeyDescriptor.CREATOR)!!
+            val params = data.createTypedArray(KeyParameter.CREATOR)!!
+            val parsedParams = KeyMintAttestation(params)
+            val forced = data.readBoolean()
+            if (forced)
+                SystemLogger.verbose(
+                    "[TX_ID: $txId] Current operation has a very high pruning power."
+                )
+            val response: CreateOperationResponse =
+                reply.readTypedObject(CreateOperationResponse.CREATOR)!!
+            SystemLogger.verbose(
+                "[TX_ID: $txId] CreateOperationResponse: ${response.iOperation} ${response.operationChallenge}"
+            )
+
+            // Intercept the IKeystoreOperation binder
+            response.iOperation?.let { operation ->
+                val operationBinder = operation.asBinder()
+                if (!interceptedOperations.containsKey(operationBinder)) {
+                    SystemLogger.info("Found new IKeystoreOperation. Registering interceptor...")
+                    val backdoor = getBackdoor(target)
+                    if (backdoor != null) {
+                        val interceptor = OperationInterceptor(operation, backdoor)
+                        register(backdoor, operationBinder, interceptor)
+                        interceptedOperations[operationBinder] = interceptor
+                    } else {
+                        SystemLogger.error(
+                            "Failed to get backdoor to register OperationInterceptor."
+                        )
+                    }
+                }
+            }
         } else if (code == GENERATE_KEY_TRANSACTION) {
             logTransaction(txId, "post-${transactionNames[code]!!}", callingUid, callingPid)
 
@@ -109,9 +149,12 @@ class KeyMintSecurityLevelInterceptor(
                 // Cache the newly patched chain to ensure consistency across subsequent API calls.
                 data.enforceInterface(IKeystoreSecurityLevel.DESCRIPTOR)
                 val keyDescriptor = data.readTypedObject(KeyDescriptor.CREATOR)!!
+                val key = metadata.key!!
                 val keyId = KeyIdentifier(callingUid, keyDescriptor.alias)
                 patchedChains[keyId] = newChain
-                SystemLogger.debug("Cached patched certificate chain for $keyId.")
+                SystemLogger.debug(
+                    "Cached patched certificate chain for $keyId. (${key.alias} [${key.domain}, ${key.nspace}])"
+                )
 
                 CertificateHelper.updateCertificateChain(metadata, newChain).getOrThrow()
 
@@ -121,12 +164,59 @@ class KeyMintSecurityLevelInterceptor(
         return TransactionResult.SkipTransaction
     }
 
+    /**
+     * Handles the `createOperation` transaction. It checks if the operation is for a key that was
+     * generated in software. If so, it creates a software-based operation handler. Otherwise, it
+     * lets the call proceed to the real hardware service.
+     */
+    private fun handleCreateOperation(
+        txId: Long,
+        callingUid: Int,
+        data: Parcel,
+    ): TransactionResult {
+        data.enforceInterface(IKeystoreSecurityLevel.DESCRIPTOR)
+        val keyDescriptor = data.readTypedObject(KeyDescriptor.CREATOR)!!
+
+        // An operation must use the KEY_ID domain.
+        if (keyDescriptor.domain != Domain.KEY_ID) {
+            return TransactionResult.ContinueAndSkipPost
+        }
+
+        val nspace = keyDescriptor.nspace
+        val generatedKeyInfo = findGeneratedKeyByKeyId(callingUid, nspace)
+
+        if (generatedKeyInfo == null) {
+            SystemLogger.debug(
+                "[TX_ID: $txId] Operation for unknown/hardware KeyId ($nspace). Forwarding."
+            )
+            return TransactionResult.Continue
+        }
+
+        SystemLogger.info("[TX_ID: $txId] Creating SOFTWARE operation for KeyId $nspace.")
+
+        val params = data.createTypedArray(KeyParameter.CREATOR)!!
+        val parsedParams = KeyMintAttestation(params)
+
+        val softwareOperation =
+            SoftwareOperation(txId, generatedKeyInfo.keyPair.private, parsedParams)
+        val operationBinder = SoftwareOperationBinder(softwareOperation)
+
+        val response =
+            CreateOperationResponse().apply {
+                iOperation = operationBinder
+                operationChallenge = null
+            }
+
+        return InterceptorUtils.createTypedObjectReply(response, 0)
+    }
+
     /**
      * Handles the `generateKey` transaction. Based on the configuration for the calling UID, it
      * either generates a key in software or lets the call pass through to the hardware.
      */
     private fun handleGenerateKey(callingUid: Int, data: Parcel): TransactionResult {
         return runCatching {
+                data.enforceInterface(IKeystoreSecurityLevel.DESCRIPTOR)
                 val keyDescriptor = data.readTypedObject(KeyDescriptor.CREATOR)!!
                 val attestationKey = data.readTypedObject(KeyDescriptor.CREATOR)
                 SystemLogger.debug(
@@ -148,7 +238,10 @@ class KeyMintSecurityLevelInterceptor(
                             isAttestationKey(KeyIdentifier(callingUid, attestationKey.alias)))
 
                 if (needsSoftwareGeneration) {
-                    SystemLogger.info("Generating software key for ${keyId}.")
+                    keyDescriptor.nspace = secureRandom.nextLong()
+                    SystemLogger.info(
+                        "Generating software key for ${keyDescriptor.alias}[${keyDescriptor.nspace}]."
+                    )
 
                     // Generate the key pair and certificate chain.
                     val keyData =
@@ -164,16 +257,12 @@ class KeyMintSecurityLevelInterceptor(
                     val response =
                         buildKeyEntryResponse(keyData.second, parsedParams, keyDescriptor)
 
-                    generatedKeys[keyId] = GeneratedKeyInfo(keyData.first, response)
+                    generatedKeys[keyId] =
+                        GeneratedKeyInfo(keyData.first, keyDescriptor.nspace, response)
                     if (isAttestKeyRequest) attestationKeys.add(keyId)
 
                     // Return the metadata of our generated key, skipping the real hardware call.
-                    val resultParcel =
-                        Parcel.obtain().apply {
-                            writeNoException()
-                            writeTypedObject(response.metadata, 0)
-                        }
-                    return TransactionResult.OverrideReply(0, resultParcel)
+                    return InterceptorUtils.createTypedObjectReply(response.metadata, 0)
                 } else if (parsedParams.attestationChallenge != null) {
                     return TransactionResult.Continue
                 }
@@ -210,11 +299,18 @@ class KeyMintSecurityLevelInterceptor(
     }
 
     companion object {
+        private val secureRandom = SecureRandom()
+
         // Transaction codes for IKeystoreSecurityLevel interface.
         private val GENERATE_KEY_TRANSACTION =
             InterceptorUtils.getTransactCode(IKeystoreSecurityLevel.Stub::class.java, "generateKey")
         private val IMPORT_KEY_TRANSACTION =
             InterceptorUtils.getTransactCode(IKeystoreSecurityLevel.Stub::class.java, "importKey")
+        private val CREATE_OPERATION_TRANSACTION =
+            InterceptorUtils.getTransactCode(
+                IKeystoreSecurityLevel.Stub::class.java,
+                "createOperation",
+            )
 
         private val transactionNames: Map<Int, String> by lazy {
             IKeystoreSecurityLevel.Stub::class
@@ -233,11 +329,30 @@ class KeyMintSecurityLevelInterceptor(
         private val patchedChains = ConcurrentHashMap<KeyIdentifier, Array<Certificate>>()
         // A set to quickly identify keys that were generated for attestation purposes.
         private val attestationKeys = ConcurrentHashMap.newKeySet<KeyIdentifier>()
+        // Stores interceptors for active cryptographic operations.
+        private val interceptedOperations = ConcurrentHashMap<IBinder, OperationInterceptor>()
 
         // --- Public Accessors for Other Interceptors ---
         fun getGeneratedKeyResponse(keyId: KeyIdentifier): KeyEntryResponse? =
             generatedKeys[keyId]?.response
 
+        /**
+         * Finds a software-generated key by first filtering all known keys by the caller's UID, and
+         * then matching the specific nspace.
+         *
+         * @param callingUid The UID of the process that initiated the createOperation call.
+         * @param nspace The unique key identifier from the operation's KeyDescriptor.
+         * @return The matching GeneratedKeyInfo if found, otherwise null.
+         */
+        private fun findGeneratedKeyByKeyId(callingUid: Int, nspace: Long): GeneratedKeyInfo? {
+            // Iterate through all entries in the map to check both the key (for UID) and value (for
+            // nspace).
+            return generatedKeys.entries
+                .filter { (keyIdentifier, _) -> keyIdentifier.uid == callingUid }
+                .find { (_, info) -> info.nspace == nspace }
+                ?.value
+        }
+
         fun getPatchedChain(keyId: KeyIdentifier): Array<Certificate>? = patchedChains[keyId]
 
         fun isAttestationKey(keyId: KeyIdentifier): Boolean = attestationKeys.contains(keyId)
@@ -254,6 +369,15 @@ class KeyMintSecurityLevelInterceptor(
             }
         }
 
+        fun removeOperationInterceptor(operationBinder: IBinder, backdoor: IBinder) {
+            // Unregister from the native hook layer first.
+            unregister(backdoor, operationBinder)
+
+            if (interceptedOperations.remove(operationBinder) != null) {
+                SystemLogger.debug("Removed operation interceptor for binder: $operationBinder")
+            }
+        }
+
         // Clears all cached keys.
         fun clearAllGeneratedKeys(reason: String? = null) {
             val count = generatedKeys.size

app/src/main/java/org/matrix/TEESimulator/interception/keystore/shim/OperationInterceptor.kt

@@ -0,0 +1,58 @@
+package org.matrix.TEESimulator.interception.keystore.shim
+
+import android.os.IBinder
+import android.os.Parcel
+import android.system.keystore2.IKeystoreOperation
+import org.matrix.TEESimulator.interception.core.BinderInterceptor
+import org.matrix.TEESimulator.interception.keystore.InterceptorUtils
+
+/**
+ * Intercepts calls to an `IKeystoreOperation` service. This is used to log the data manipulation
+ * methods of a cryptographic operation.
+ */
+class OperationInterceptor(
+    private val original: IKeystoreOperation,
+    private val backdoor: IBinder,
+) : BinderInterceptor() {
+
+    override fun onPreTransact(
+        txId: Long,
+        target: IBinder,
+        code: Int,
+        flags: Int,
+        callingUid: Int,
+        callingPid: Int,
+        data: Parcel,
+    ): TransactionResult {
+        val methodName = transactionNames[code] ?: "unknown code=$code"
+        logTransaction(txId, methodName, callingUid, callingPid, true)
+
+        if (code == FINISH_TRANSACTION || code == ABORT_TRANSACTION) {
+            KeyMintSecurityLevelInterceptor.removeOperationInterceptor(target, backdoor)
+        }
+
+        return TransactionResult.ContinueAndSkipPost
+    }
+
+    companion object {
+        private val UPDATE_AAD_TRANSACTION =
+            InterceptorUtils.getTransactCode(IKeystoreOperation.Stub::class.java, "updateAad")
+        private val UPDATE_TRANSACTION =
+            InterceptorUtils.getTransactCode(IKeystoreOperation.Stub::class.java, "update")
+        private val FINISH_TRANSACTION =
+            InterceptorUtils.getTransactCode(IKeystoreOperation.Stub::class.java, "finish")
+        private val ABORT_TRANSACTION =
+            InterceptorUtils.getTransactCode(IKeystoreOperation.Stub::class.java, "abort")
+
+        private val transactionNames: Map<Int, String> by lazy {
+            IKeystoreOperation.Stub::class
+                .java
+                .declaredFields
+                .filter {
+                    it.isAccessible = true
+                    it.type == Int::class.java && it.name.startsWith("TRANSACTION_")
+                }
+                .associate { field -> (field.get(null) as Int) to field.name.split("_")[1] }
+        }
+    }
+}