Merge "Create boot params service." into main am: 8c14ce33ba
Original change: https://android-review.googlesource.com/c/trusty/user/desktop/+/3390179
Change-Id: I394dae871b727082e2b22d767f256a3c96660ca0
Signed-off-by: Automerger Merge Worker <[email protected]>
diff --git a/app/gsc_tunnel/app/main.rs b/app/gsc_svc/app/main.rs
similarity index 87%
rename from app/gsc_tunnel/app/main.rs
rename to app/gsc_svc/app/main.rs
index a88895f..a576638 100644
--- a/app/gsc_tunnel/app/main.rs
+++ b/app/gsc_svc/app/main.rs
@@ -15,5 +15,5 @@
*/
fn main() {
- gsc_tunnel::init_and_start_loop().expect("GSC tunnel service quit unexpectedly");
+ gsc_svc::init_and_start_loop().expect("GSC tunnel service quit unexpectedly");
}
diff --git a/app/gsc_tunnel/app/manifest.json b/app/gsc_svc/app/manifest.json
similarity index 74%
rename from app/gsc_tunnel/app/manifest.json
rename to app/gsc_svc/app/manifest.json
index 38a8abb..3d8ee26 100644
--- a/app/gsc_tunnel/app/manifest.json
+++ b/app/gsc_svc/app/manifest.json
@@ -1,5 +1,5 @@
{
- "app_name": "gsc_tunnel_app",
+ "app_name": "gsc_svc_app",
"uuid": "77026d06-be0f-4604-a6d5-f729388a445b",
"min_heap": 16384,
"min_stack": 16384
diff --git a/app/gsc_tunnel/app/rules.mk b/app/gsc_svc/app/rules.mk
similarity index 92%
rename from app/gsc_tunnel/app/rules.mk
rename to app/gsc_svc/app/rules.mk
index 1de2b88..1001f92 100644
--- a/app/gsc_tunnel/app/rules.mk
+++ b/app/gsc_svc/app/rules.mk
@@ -22,13 +22,13 @@
MODULE_SRCS += \
$(LOCAL_DIR)/main.rs \
-MODULE_CRATE_NAME := gsc_tunnel_app
+MODULE_CRATE_NAME := gsc_svc_app
MODULE_LIBRARY_DEPS += \
$(call FIND_CRATE,libc) \
$(call FIND_CRATE,log) \
trusty/user/base/lib/tipc/rust \
trusty/user/base/lib/trusty-log \
- trusty/user/desktop/app/gsc_tunnel \
+ trusty/user/desktop/app/gsc_svc \
include make/trusted_app.mk
diff --git a/app/gsc_svc/boot_params_svc.rs b/app/gsc_svc/boot_params_svc.rs
new file mode 100644
index 0000000..ec72f2c
--- /dev/null
+++ b/app/gsc_svc/boot_params_svc.rs
@@ -0,0 +1,48 @@
+/*
+* Copyright (C) 2024 The Android Open Source Project
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+use alloc::vec::Vec;
+use android_desktop_security_boot_params::aidl::android::desktop::security::boot_params::IBootParams::IBootParams;
+use android_desktop_security_boot_params::aidl::android::desktop::security::boot_params::IBootParams::BnBootParams;
+use binder::{BinderFeatures, Interface, Result as BinderResult, Strong};
+use boot_params::BootParams;
+use tipc::TipcError;
+
+pub struct Server {
+ params: BootParams,
+}
+
+impl Interface for Server {}
+
+impl IBootParams for Server {
+ fn getEarlyEntropy(&self) -> BinderResult<Vec<u8>> {
+ Ok(self.params.gsc_boot_params.early_entropy.to_vec())
+ }
+}
+
+impl Server {
+ fn new() -> Self {
+ Self { params: BootParams::new() }
+ }
+}
+
+pub fn create_boot_params_service() -> Result<Strong<dyn IBootParams>, TipcError> {
+ let srv = Server::new();
+
+ let service = BnBootParams::new_binder(srv, BinderFeatures::default());
+
+ Ok(service)
+}
diff --git a/app/gsc_tunnel/app/main.rs b/app/gsc_svc/gsc_tunnel/app/main.rs
similarity index 87%
copy from app/gsc_tunnel/app/main.rs
copy to app/gsc_svc/gsc_tunnel/app/main.rs
index a88895f..a576638 100644
--- a/app/gsc_tunnel/app/main.rs
+++ b/app/gsc_svc/gsc_tunnel/app/main.rs
@@ -15,5 +15,5 @@
*/
fn main() {
- gsc_tunnel::init_and_start_loop().expect("GSC tunnel service quit unexpectedly");
+ gsc_svc::init_and_start_loop().expect("GSC tunnel service quit unexpectedly");
}
diff --git a/app/gsc_tunnel/app/manifest.json b/app/gsc_svc/gsc_tunnel/app/manifest.json
similarity index 74%
copy from app/gsc_tunnel/app/manifest.json
copy to app/gsc_svc/gsc_tunnel/app/manifest.json
index 38a8abb..3d8ee26 100644
--- a/app/gsc_tunnel/app/manifest.json
+++ b/app/gsc_svc/gsc_tunnel/app/manifest.json
@@ -1,5 +1,5 @@
{
- "app_name": "gsc_tunnel_app",
+ "app_name": "gsc_svc_app",
"uuid": "77026d06-be0f-4604-a6d5-f729388a445b",
"min_heap": 16384,
"min_stack": 16384
diff --git a/app/gsc_tunnel/app/rules.mk b/app/gsc_svc/gsc_tunnel/app/rules.mk
similarity index 92%
copy from app/gsc_tunnel/app/rules.mk
copy to app/gsc_svc/gsc_tunnel/app/rules.mk
index 1de2b88..1001f92 100644
--- a/app/gsc_tunnel/app/rules.mk
+++ b/app/gsc_svc/gsc_tunnel/app/rules.mk
@@ -22,13 +22,13 @@
MODULE_SRCS += \
$(LOCAL_DIR)/main.rs \
-MODULE_CRATE_NAME := gsc_tunnel_app
+MODULE_CRATE_NAME := gsc_svc_app
MODULE_LIBRARY_DEPS += \
$(call FIND_CRATE,libc) \
$(call FIND_CRATE,log) \
trusty/user/base/lib/tipc/rust \
trusty/user/base/lib/trusty-log \
- trusty/user/desktop/app/gsc_tunnel \
+ trusty/user/desktop/app/gsc_svc \
include make/trusted_app.mk
diff --git a/app/gsc_svc/gsc_tunnel/boot_params_svc.rs b/app/gsc_svc/gsc_tunnel/boot_params_svc.rs
new file mode 100644
index 0000000..ec72f2c
--- /dev/null
+++ b/app/gsc_svc/gsc_tunnel/boot_params_svc.rs
@@ -0,0 +1,48 @@
+/*
+* Copyright (C) 2024 The Android Open Source Project
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+use alloc::vec::Vec;
+use android_desktop_security_boot_params::aidl::android::desktop::security::boot_params::IBootParams::IBootParams;
+use android_desktop_security_boot_params::aidl::android::desktop::security::boot_params::IBootParams::BnBootParams;
+use binder::{BinderFeatures, Interface, Result as BinderResult, Strong};
+use boot_params::BootParams;
+use tipc::TipcError;
+
+pub struct Server {
+ params: BootParams,
+}
+
+impl Interface for Server {}
+
+impl IBootParams for Server {
+ fn getEarlyEntropy(&self) -> BinderResult<Vec<u8>> {
+ Ok(self.params.gsc_boot_params.early_entropy.to_vec())
+ }
+}
+
+impl Server {
+ fn new() -> Self {
+ Self { params: BootParams::new() }
+ }
+}
+
+pub fn create_boot_params_service() -> Result<Strong<dyn IBootParams>, TipcError> {
+ let srv = Server::new();
+
+ let service = BnBootParams::new_binder(srv, BinderFeatures::default());
+
+ Ok(service)
+}
diff --git a/app/gsc_tunnel/lib.rs b/app/gsc_svc/gsc_tunnel/lib.rs
similarity index 84%
rename from app/gsc_tunnel/lib.rs
rename to app/gsc_svc/gsc_tunnel/lib.rs
index fb42deb..c9f39d9 100644
--- a/app/gsc_tunnel/lib.rs
+++ b/app/gsc_svc/gsc_tunnel/lib.rs
@@ -14,6 +14,8 @@
* limitations under the License.
*/
+mod boot_params_svc;
+
use alloc::vec::Vec;
use android_system_desktop_security_gsc::aidl::android::system::desktop::security::gsc::IGsc::BnGsc;
use android_system_desktop_security_gsc::aidl::android::system::desktop::security::gsc::IGsc::IGsc;
@@ -30,8 +32,9 @@
};
use trusty_sys::Error;
-const APP_SERVICE_PORT: &str = "com.android.trusty.rust.GscAppService.V1";
+const GSC_SERVICE_PORT: &str = "com.android.trusty.rust.GscAppService.V1";
const TUNNEL_SERVICE_PORT: &str = "com.android.trusty.rust.GscTunnelService.V1";
+const BP_SERVICE_PORT: &str = "com.android.trusty.rust.BootParamsService.V1";
/// A GscProxy implements the IGsc binder interface and forwards requests from trusty apps to the
/// GSC over a GscTunnel.
@@ -149,7 +152,7 @@
}
}
-const PORT_COUNT: usize = 2;
+const PORT_COUNT: usize = 3;
const CONNECTION_COUNT: usize = 4;
pub fn init_and_start_loop() -> Result<(), TipcError> {
@@ -160,20 +163,28 @@
let mut dispatcher =
GscDispatcher::<PORT_COUNT>::new().expect("Could not create test dispatcher");
- let service = BnGsc::new_binder(proxy, BinderFeatures::default());
- let rpc_server = RpcServer::new_per_session(move |_uuid| Some(service.as_binder()));
+ let gsc_service = BnGsc::new_binder(proxy, BinderFeatures::default());
+ let gsc_rpc_server = RpcServer::new_per_session(move |_uuid| Some(gsc_service.as_binder()));
let app_cfg =
- PortCfg::new(APP_SERVICE_PORT).expect("Could not create port config").allow_ta_connect();
+ PortCfg::new(GSC_SERVICE_PORT).expect("Could not create port config").allow_ta_connect();
dispatcher
- .add_service(Rc::new(rpc_server), app_cfg)
- .expect("Could not add service to dispatcher");
+ .add_service(Rc::new(gsc_rpc_server), app_cfg)
+ .expect("Could not add GSC service to dispatcher");
let tunnel_cfg =
PortCfg::new(TUNNEL_SERVICE_PORT).expect("Could not create port config").allow_ns_connect();
dispatcher
.add_service(Rc::new(tunnel), tunnel_cfg)
- .expect("Could not add service to dispatcher");
+ .expect("Could not add tunnel service to dispatcher");
+
+ let bp_cfg =
+ PortCfg::new(BP_SERVICE_PORT).expect("Could not create port config").allow_ta_connect();
+ let bp = boot_params_svc::create_boot_params_service()?;
+ let bp_rpc_server = RpcServer::new_per_session(move |_uuid| Some(bp.as_binder()));
+ dispatcher
+ .add_service(Rc::new(bp_rpc_server), bp_cfg)
+ .expect("Could not add bp service to dispatcher");
Manager::<_, _, PORT_COUNT, CONNECTION_COUNT>::new_with_dispatcher(dispatcher, [])
.expect("Could not create service manager")
diff --git a/app/gsc_tunnel/manifest.json b/app/gsc_svc/gsc_tunnel/manifest.json
similarity index 74%
rename from app/gsc_tunnel/manifest.json
rename to app/gsc_svc/gsc_tunnel/manifest.json
index fd7f4cd..35b61ff 100644
--- a/app/gsc_tunnel/manifest.json
+++ b/app/gsc_svc/gsc_tunnel/manifest.json
@@ -1,5 +1,5 @@
{
- "app_name": "gsc_tunnel_lib",
+ "app_name": "gsc_svc_lib",
"uuid": "01b7938e-abdd-4e35-9395-c6b9b4dd8281",
"min_heap": 20480,
"min_stack": 20480
diff --git a/app/gsc_tunnel/rules.mk b/app/gsc_svc/gsc_tunnel/rules.mk
similarity index 87%
rename from app/gsc_tunnel/rules.mk
rename to app/gsc_svc/gsc_tunnel/rules.mk
index 27677d2..e7dd0f5 100644
--- a/app/gsc_tunnel/rules.mk
+++ b/app/gsc_svc/gsc_tunnel/rules.mk
@@ -22,14 +22,17 @@
MODULE_SRCS += \
$(LOCAL_DIR)/lib.rs \
-MODULE_CRATE_NAME := gsc_tunnel
+MODULE_CRATE_NAME := gsc_svc
MODULE_LIBRARY_DEPS += \
$(call FIND_CRATE,libc) \
$(call FIND_CRATE,log) \
trusty/user/base/lib/tipc/rust \
trusty/user/base/lib/trusty-log \
+ trusty/user/base/lib/vmm_obj/rust \
+ trusty/user/desktop/interface/boot_params/aidl \
trusty/user/desktop/interface/gscd \
+ trusty/user/desktop/lib/boot_params \
frameworks/native/libs/binder/trusty/rust \
frameworks/native/libs/binder/trusty/rust/rpcbinder \
trusty/user/base/lib/keymint-rust/wire \
diff --git a/app/gsc_tunnel/lib.rs b/app/gsc_svc/lib.rs
similarity index 84%
copy from app/gsc_tunnel/lib.rs
copy to app/gsc_svc/lib.rs
index fb42deb..c9f39d9 100644
--- a/app/gsc_tunnel/lib.rs
+++ b/app/gsc_svc/lib.rs
@@ -14,6 +14,8 @@
* limitations under the License.
*/
+mod boot_params_svc;
+
use alloc::vec::Vec;
use android_system_desktop_security_gsc::aidl::android::system::desktop::security::gsc::IGsc::BnGsc;
use android_system_desktop_security_gsc::aidl::android::system::desktop::security::gsc::IGsc::IGsc;
@@ -30,8 +32,9 @@
};
use trusty_sys::Error;
-const APP_SERVICE_PORT: &str = "com.android.trusty.rust.GscAppService.V1";
+const GSC_SERVICE_PORT: &str = "com.android.trusty.rust.GscAppService.V1";
const TUNNEL_SERVICE_PORT: &str = "com.android.trusty.rust.GscTunnelService.V1";
+const BP_SERVICE_PORT: &str = "com.android.trusty.rust.BootParamsService.V1";
/// A GscProxy implements the IGsc binder interface and forwards requests from trusty apps to the
/// GSC over a GscTunnel.
@@ -149,7 +152,7 @@
}
}
-const PORT_COUNT: usize = 2;
+const PORT_COUNT: usize = 3;
const CONNECTION_COUNT: usize = 4;
pub fn init_and_start_loop() -> Result<(), TipcError> {
@@ -160,20 +163,28 @@
let mut dispatcher =
GscDispatcher::<PORT_COUNT>::new().expect("Could not create test dispatcher");
- let service = BnGsc::new_binder(proxy, BinderFeatures::default());
- let rpc_server = RpcServer::new_per_session(move |_uuid| Some(service.as_binder()));
+ let gsc_service = BnGsc::new_binder(proxy, BinderFeatures::default());
+ let gsc_rpc_server = RpcServer::new_per_session(move |_uuid| Some(gsc_service.as_binder()));
let app_cfg =
- PortCfg::new(APP_SERVICE_PORT).expect("Could not create port config").allow_ta_connect();
+ PortCfg::new(GSC_SERVICE_PORT).expect("Could not create port config").allow_ta_connect();
dispatcher
- .add_service(Rc::new(rpc_server), app_cfg)
- .expect("Could not add service to dispatcher");
+ .add_service(Rc::new(gsc_rpc_server), app_cfg)
+ .expect("Could not add GSC service to dispatcher");
let tunnel_cfg =
PortCfg::new(TUNNEL_SERVICE_PORT).expect("Could not create port config").allow_ns_connect();
dispatcher
.add_service(Rc::new(tunnel), tunnel_cfg)
- .expect("Could not add service to dispatcher");
+ .expect("Could not add tunnel service to dispatcher");
+
+ let bp_cfg =
+ PortCfg::new(BP_SERVICE_PORT).expect("Could not create port config").allow_ta_connect();
+ let bp = boot_params_svc::create_boot_params_service()?;
+ let bp_rpc_server = RpcServer::new_per_session(move |_uuid| Some(bp.as_binder()));
+ dispatcher
+ .add_service(Rc::new(bp_rpc_server), bp_cfg)
+ .expect("Could not add bp service to dispatcher");
Manager::<_, _, PORT_COUNT, CONNECTION_COUNT>::new_with_dispatcher(dispatcher, [])
.expect("Could not create service manager")
diff --git a/app/gsc_tunnel/manifest.json b/app/gsc_svc/manifest.json
similarity index 74%
copy from app/gsc_tunnel/manifest.json
copy to app/gsc_svc/manifest.json
index fd7f4cd..35b61ff 100644
--- a/app/gsc_tunnel/manifest.json
+++ b/app/gsc_svc/manifest.json
@@ -1,5 +1,5 @@
{
- "app_name": "gsc_tunnel_lib",
+ "app_name": "gsc_svc_lib",
"uuid": "01b7938e-abdd-4e35-9395-c6b9b4dd8281",
"min_heap": 20480,
"min_stack": 20480
diff --git a/app/gsc_tunnel/rules.mk b/app/gsc_svc/rules.mk
similarity index 87%
copy from app/gsc_tunnel/rules.mk
copy to app/gsc_svc/rules.mk
index 27677d2..e7dd0f5 100644
--- a/app/gsc_tunnel/rules.mk
+++ b/app/gsc_svc/rules.mk
@@ -22,14 +22,17 @@
MODULE_SRCS += \
$(LOCAL_DIR)/lib.rs \
-MODULE_CRATE_NAME := gsc_tunnel
+MODULE_CRATE_NAME := gsc_svc
MODULE_LIBRARY_DEPS += \
$(call FIND_CRATE,libc) \
$(call FIND_CRATE,log) \
trusty/user/base/lib/tipc/rust \
trusty/user/base/lib/trusty-log \
+ trusty/user/base/lib/vmm_obj/rust \
+ trusty/user/desktop/interface/boot_params/aidl \
trusty/user/desktop/interface/gscd \
+ trusty/user/desktop/lib/boot_params \
frameworks/native/libs/binder/trusty/rust \
frameworks/native/libs/binder/trusty/rust/rpcbinder \
trusty/user/base/lib/keymint-rust/wire \
diff --git a/interface/boot_params/aidl/android/desktop/security/boot_params/IBootParams.aidl b/interface/boot_params/aidl/android/desktop/security/boot_params/IBootParams.aidl
new file mode 100644
index 0000000..496ec80
--- /dev/null
+++ b/interface/boot_params/aidl/android/desktop/security/boot_params/IBootParams.aidl
@@ -0,0 +1,30 @@
+/*
+ * Copyright (c) 2024, The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.desktop.security.boot_params;
+
+/**
+ */
+@SensitiveData
+interface IBootParams {
+ /**
+ * Requests the early entropy generated by the GSC for seeding the RNG.
+ *
+ * @return The entropy generated by the GSC at init time.
+ *
+ */
+ byte[] getEarlyEntropy();
+}
diff --git a/app/gsc_tunnel/app/rules.mk b/interface/boot_params/aidl/rules.mk
similarity index 68%
copy from app/gsc_tunnel/app/rules.mk
copy to interface/boot_params/aidl/rules.mk
index 1de2b88..0d4c0e5 100644
--- a/app/gsc_tunnel/app/rules.mk
+++ b/interface/boot_params/aidl/rules.mk
@@ -11,24 +11,20 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#
LOCAL_DIR := $(GET_LOCAL_DIR)
MODULE := $(LOCAL_DIR)
-MANIFEST := $(LOCAL_DIR)/manifest.json
+MODULE_AIDL_PACKAGE := android/desktop/security/boot_params
+MODULE_CRATE_NAME := android_desktop_security_boot_params
-MODULE_SRCS += \
- $(LOCAL_DIR)/main.rs \
+MODULE_AIDLS := \
+ $(LOCAL_DIR)/$(MODULE_AIDL_PACKAGE)/IBootParams.aidl \
-MODULE_CRATE_NAME := gsc_tunnel_app
+MODULE_AIDL_LANGUAGE := rust
MODULE_LIBRARY_DEPS += \
- $(call FIND_CRATE,libc) \
- $(call FIND_CRATE,log) \
- trusty/user/base/lib/tipc/rust \
- trusty/user/base/lib/trusty-log \
- trusty/user/desktop/app/gsc_tunnel \
+ $(call FIND_CRATE,static_assertions) \
-include make/trusted_app.mk
+include make/aidl.mk
diff --git a/lib/boot_params/dice.rs b/lib/boot_params/dice.rs
index 202e204..5056ccb 100644
--- a/lib/boot_params/dice.rs
+++ b/lib/boot_params/dice.rs
@@ -12,7 +12,13 @@
pub cwt: CwtClaims,
pub signature: [u8; 64],
}
+impl Default for CdiCert {
+ fn default() -> Self {
+ Self { cwt: CwtClaims::default(), signature: [0u8; 64] }
+ }
+}
+#[derive(Default)]
pub struct DiceHandover {
pub cdi_attest: [u8; 32],
pub cdi_seal: [u8; 32],
diff --git a/lib/boot_params/gsc.rs b/lib/boot_params/gsc.rs
index 0579a26..908eba2 100644
--- a/lib/boot_params/gsc.rs
+++ b/lib/boot_params/gsc.rs
@@ -9,6 +9,15 @@
pub session_key_seed: [u8; 32],
pub auth_token_key_seed: [u8; 32],
}
+impl Default for GscBootParams {
+ fn default() -> Self {
+ Self {
+ early_entropy: [0u8; 64],
+ session_key_seed: [0u8; 32],
+ auth_token_key_seed: [0u8; 32],
+ }
+ }
+}
impl coset::AsCborValue for GscBootParams {
fn from_cbor_value(value: cbor::value::Value) -> coset::Result<Self> {
diff --git a/lib/boot_params/lib.rs b/lib/boot_params/lib.rs
index 92bd44d..b77b777 100644
--- a/lib/boot_params/lib.rs
+++ b/lib/boot_params/lib.rs
@@ -25,11 +25,10 @@
#[allow(dead_code)]
pub struct BootParams {
- dice: DiceHandover,
- gsc_boot_params: GscBootParams,
+ pub dice: DiceHandover,
+ pub gsc_boot_params: GscBootParams,
}
-#[cfg(feature = "builtin-bcc")]
impl Default for BootParams {
fn default() -> Self {
Self::new()
@@ -60,6 +59,11 @@
Self { dice, gsc_boot_params }
}
+ #[cfg(not(feature = "builtin-bcc"))]
+ pub fn new() -> Self {
+ Self { dice: DiceHandover::default(), gsc_boot_params: GscBootParams::default() }
+ }
+
/// Returns the UDS public key for the device.
pub fn get_uds_public_key(&self) -> Result<&SubjectPublicKey, Error> {
Ok(&self.dice.uds_pubkey)
