Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_native / cdcee265cad1fe10960bd3df32ac76c4afbd3963 / . / cmds / keystore / keymgmt.c
blob: 9a1f8457d224da88765d40cc4992a7a6d3cf27eb [file] [log] [blame]
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]1/*
2** Copyright 2009, The Android Open Source Project
3**
4** Licensed under the Apache License, Version 2.0 (the "License");
5** you may not use this file except in compliance with the License.
6** You may obtain a copy of the License at
7**
8** http://www.apache.org/licenses/LICENSE-2.0
9**
10** Unless required by applicable law or agreed to in writing, software
11** distributed under the License is distributed on an "AS IS" BASIS,
12** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13** See the License for the specific language governing permissions and
14** limitations under the License.
15*/
16
17#include <stdio.h>
18#include <stdlib.h>
19#include <string.h>
20#include <sys/stat.h>
21#include <sys/types.h>
22#include <ctype.h>
23#include <fcntl.h>
24#include <dirent.h>
25#include <errno.h>
26#include <openssl/aes.h>
27#include <openssl/evp.h>
28#include <cutils/log.h>
29
30#include "common.h"
31#include "keymgmt.h"
32
33static int retry_count = 0;
34static unsigned char iv[IV_LEN];
35static KEYSTORE_STATE state = BOOTUP;
36static AES_KEY encryptKey, decryptKey;
37
38inline void unlock_keystore(unsigned char *master_key)
39{
40 AES_set_encrypt_key(master_key, AES_KEY_LEN, &encryptKey);
41 AES_set_decrypt_key(master_key, AES_KEY_LEN, &decryptKey);
42 memset(master_key, 0, sizeof(master_key));
43 state = UNLOCKED;
44}
45
46inline void lock_keystore()
47{
48 memset(&encryptKey, 0 , sizeof(AES_KEY));
49 memset(&decryptKey, 0 , sizeof(AES_KEY));
50 state = LOCKED;
51}
52
53inline void get_encrypt_key(char *passwd, AES_KEY *key)
54{
55 unsigned char user_key[USER_KEY_LEN];
56 gen_key(passwd, user_key, USER_KEY_LEN);
57 AES_set_encrypt_key(user_key, AES_KEY_LEN, key);
58}
59
60inline void get_decrypt_key(char *passwd, AES_KEY *key)
61{
62 unsigned char user_key[USER_KEY_LEN];
63 gen_key(passwd, user_key, USER_KEY_LEN);
64 AES_set_decrypt_key(user_key, AES_KEY_LEN, key);
65}
66
67static int gen_random_blob(unsigned char *key, int size)
68{
69 int ret = 0;
70 int fd = open("/dev/urandom", O_RDONLY);
71 if (fd == -1) return -1;
72 if (read(fd, key, size) != size) ret = -1;
73 close(fd);
74 return ret;
75}
76
77static int encrypt_n_save(AES_KEY *enc_key, DATA_BLOB *blob,
78 const char *keyfile)
79{
80 int size, fd, ret = -1;
81 unsigned char enc_blob[MAX_BLOB_LEN];
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]82 char tmpfile[KEYFILE_LEN];
Jean-Baptiste Queru110b3142009-07-31 17:38:20 -0700[diff] [blame]83
84 if ((keyfile == NULL) || (strlen(keyfile) >= (KEYFILE_LEN - 4))) {
85 LOGE("keyfile name is too long or null");
86 return -1;
87 }
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]88 strcpy(tmpfile, keyfile);
89 strcat(tmpfile, ".tmp");
90
91 // prepare the blob
Jean-Baptiste Queru110b3142009-07-31 17:38:20 -0700[diff] [blame]92 if (IV_LEN > USER_KEY_LEN) {
93 LOGE("iv length is too long.");
94 return -1;
95 }
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]96 memcpy(blob->iv, iv, IV_LEN);
97 blob->blob_size = get_blob_size(blob);
Jean-Baptiste Queru110b3142009-07-31 17:38:20 -0700[diff] [blame]98 if (blob->blob_size > MAX_BLOB_LEN) {
99 LOGE("blob data size is too large.");
100 return -1;
101 }
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]102 memcpy(enc_blob, blob->blob, blob->blob_size);
103 AES_cbc_encrypt((unsigned char *)enc_blob, (unsigned char *)blob->blob,
104 blob->blob_size, enc_key, iv, AES_ENCRYPT);
105 // write to keyfile
106 size = data_blob_size(blob);
107 if ((fd = open(tmpfile, O_CREAT|O_RDWR)) == -1) return -1;
108 if (write(fd, blob, size) == size) ret = 0;
109 close(fd);
110 if (!ret) {
111 unlink(keyfile);
112 rename(tmpfile, keyfile);
113 chmod(keyfile, 0440);
114 }
115 return ret;
116}
117
118static int load_n_decrypt(const char *keyname, const char *keyfile,
119 AES_KEY *key, DATA_BLOB *blob)
120{
121 int fd, ret = -1;
122 if ((fd = open(keyfile, O_RDONLY)) == -1) return -1;
123 // get the encrypted blob and iv
124 if ((read(fd, blob->iv, sizeof(blob->iv)) != sizeof(blob->iv)) ||
125 (read(fd, &blob->blob_size, sizeof(uint32_t)) != sizeof(uint32_t)) ||
126 (blob->blob_size > MAX_BLOB_LEN)) {
127 goto err;
128 } else {
129 unsigned char enc_blob[MAX_BLOB_LEN];
130 if (read(fd, enc_blob, blob->blob_size) !=
131 (int) blob->blob_size) goto err;
132 // decrypt the blob
133 AES_cbc_encrypt((unsigned char *)enc_blob, (unsigned char*)blob->blob,
134 blob->blob_size, key, blob->iv, AES_DECRYPT);
135 if (strcmp(keyname, (char*)blob->keyname) == 0) ret = 0;
136 }
137err:
138 close(fd);
139 return ret;
140}
141
142static int store_master_key(char *upasswd, unsigned char *master_key)
143{
144 AES_KEY key;
145 DATA_BLOB blob;
146
147 // prepare the blob
Jean-Baptiste Queru110b3142009-07-31 17:38:20 -0700[diff] [blame]148 if (strlen(MASTER_KEY_TAG) >= USER_KEY_LEN) return -1;
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]149 strlcpy(blob.keyname, MASTER_KEY_TAG, USER_KEY_LEN);
150 blob.value_size = USER_KEY_LEN;
Jean-Baptiste Queru110b3142009-07-31 17:38:20 -0700[diff] [blame]151 if (USER_KEY_LEN > MAX_KEY_VALUE_LENGTH) {
152 LOGE("master_key length is too long.");
153 return -1;
154 }
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]155 memcpy((void*)blob.value, (const void*)master_key, USER_KEY_LEN);
156
157 // generate the encryption key
158 get_encrypt_key(upasswd, &key);
159 return encrypt_n_save(&key, &blob, MASTER_KEY);
160}
161
162static int get_master_key(char *upasswd, unsigned char *master_key)
163{
164 AES_KEY key;
165 int size, ret = 0;
166 DATA_BLOB blob;
167
168 get_decrypt_key(upasswd, &key);
169 ret = load_n_decrypt(MASTER_KEY_TAG, MASTER_KEY, &key, &blob);
Jean-Baptiste Queru110b3142009-07-31 17:38:20 -0700[diff] [blame]170 if (blob.value_size > USER_KEY_LEN) {
171 LOGE("the blob's value size is too large");
172 return -1;
173 }
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]174 if (!ret) memcpy(master_key, blob.value, blob.value_size);
175 return ret;
176}
177
178static int create_master_key(char *upasswd)
179{
180 int ret;
181 unsigned char mpasswd[AES_KEY_LEN];
182 unsigned char master_key[USER_KEY_LEN];
183
184 gen_random_blob(mpasswd, AES_KEY_LEN);
185 gen_key((char*)mpasswd, master_key, USER_KEY_LEN);
186 if ((ret = store_master_key(upasswd, master_key)) == 0) {
187 unlock_keystore(master_key);
188 }
189 memset(master_key, 0, USER_KEY_LEN);
190 memset(mpasswd, 0, AES_KEY_LEN);
191
192 return ret;
193}
194
195static int change_passwd(char *data)
196{
197 unsigned char master_key[USER_KEY_LEN];
198 char *old_pass, *new_pass = NULL, *p, *delimiter=" ";
199 int ret, count = 0;
200 char *context = NULL;
201
202 old_pass = p = strtok_r(data, delimiter, &context);
203 while (p != NULL) {
204 count++;
205 new_pass = p;
206 p = strtok_r(NULL, delimiter, &context);
207 }
208 if (count != 2) return -1;
209 if (strlen(new_pass) < MIN_PASSWD_LENGTH) return -1;
210 if ((ret = get_master_key(old_pass, master_key)) == 0) {
211 ret = store_master_key(new_pass, master_key);
212 retry_count = 0;
213 } else {
214 ret = MAX_RETRY_COUNT - ++retry_count;
215 if (ret == 0) {
216 retry_count = 0;
217 LOGE("passwd:reach max retry count, reset the keystore now.");
218 reset_keystore();
219 return -1;
220 }
221
222 }
223 return ret;
224}
225
226int remove_key(const char *namespace, const char *keyname)
227{
228 char keyfile[KEYFILE_LEN];
229
230 if (state != UNLOCKED) return -state;
Jean-Baptiste Queru110b3142009-07-31 17:38:20 -0700[diff] [blame]231 if ((strlen(namespace) >= MAX_KEY_NAME_LENGTH) ||
232 (strlen(keyname) >= MAX_KEY_NAME_LENGTH)) {
233 LOGE("keyname is too long.");
234 return -1;
235 }
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]236 sprintf(keyfile, KEYFILE_NAME, namespace, keyname);
237 return unlink(keyfile);
238}
239
240int put_key(const char *namespace, const char *keyname,
241 unsigned char *data, int size)
242{
243 DATA_BLOB blob;
244 uint32_t real_size;
245 char keyfile[KEYFILE_LEN];
246
247 if (state != UNLOCKED) {
248 LOGE("Can not store key with current state %d\n", state);
249 return -state;
250 }
Jean-Baptiste Queru110b3142009-07-31 17:38:20 -0700[diff] [blame]251 if ((strlen(namespace) >= MAX_KEY_NAME_LENGTH) ||
252 (strlen(keyname) >= MAX_KEY_NAME_LENGTH)) {
253 LOGE("keyname is too long.");
254 return -1;
255 }
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]256 sprintf(keyfile, KEYFILE_NAME, namespace, keyname);
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]257 strcpy(blob.keyname, keyname);
258 blob.value_size = size;
Jean-Baptiste Queru110b3142009-07-31 17:38:20 -0700[diff] [blame]259 if (size > MAX_KEY_VALUE_LENGTH) {
260 LOGE("the data size is too large.");
261 return -1;
262 }
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]263 memcpy(blob.value, data, size);
264 return encrypt_n_save(&encryptKey, &blob, keyfile);
265}
266
267int get_key(const char *namespace, const char *keyname,
268 unsigned char *data, int *size)
269{
270 int ret;
271 DATA_BLOB blob;
272 uint32_t blob_size;
273 char keyfile[KEYFILE_LEN];
274
275 if (state != UNLOCKED) {
276 LOGE("Can not retrieve key value with current state %d\n", state);
277 return -state;
278 }
Jean-Baptiste Queru110b3142009-07-31 17:38:20 -0700[diff] [blame]279 if ((strlen(namespace) >= MAX_KEY_NAME_LENGTH) ||
280 (strlen(keyname) >= MAX_KEY_NAME_LENGTH)) {
281 LOGE("keyname is too long.");
282 return -1;
283 }
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]284 sprintf(keyfile, KEYFILE_NAME, namespace, keyname);
285 ret = load_n_decrypt(keyname, keyfile, &decryptKey, &blob);
286 if (!ret) {
287 if ((blob.value_size > MAX_KEY_VALUE_LENGTH)) {
Jean-Baptiste Queru110b3142009-07-31 17:38:20 -0700[diff] [blame]288 LOGE("blob value size is too large.");
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]289 ret = -1;
290 } else {
291 *size = blob.value_size;
292 memcpy(data, blob.value, *size);
293 }
294 }
295 return ret;
296}
297
298int list_keys(const char *namespace, char reply[BUFFER_MAX])
299{
300 DIR *d;
301 struct dirent *de;
302
303 if (state != UNLOCKED) {
304 LOGE("Can not list key with current state %d\n", state);
305 return -1;
306 }
307
308 if (!namespace || ((d = opendir("."))) == NULL) {
309 LOGE("cannot open keystore dir or namespace is null\n");
310 return -1;
311 }
Jean-Baptiste Queru110b3142009-07-31 17:38:20 -0700[diff] [blame]312
313 if (strlen(namespace) >= MAX_KEY_NAME_LENGTH) {
314 LOGE("namespace is too long.");
315 return -1;
316 }
317
318 reply[0] = 0;
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]319 while ((de = readdir(d))) {
320 char *prefix, *name, *keyfile = de->d_name;
321 char *context = NULL;
322
323 if (de->d_type != DT_REG) continue;
324 if ((prefix = strtok_r(keyfile, NAME_DELIMITER, &context))
325 == NULL) continue;
326 if (strcmp(prefix, namespace)) continue;
327 if ((name = strtok_r(NULL, NAME_DELIMITER, &context)) == NULL) continue;
328 // append the key name into reply
329 if (reply[0] != 0) strlcat(reply, " ", BUFFER_MAX);
330 if (strlcat(reply, name, BUFFER_MAX) >= BUFFER_MAX) {
331 LOGE("too many files under keystore directory\n");
332 return -1;
333 }
334 }
335 closedir(d);
336 return 0;
337}
338
339int passwd(char *data)
340{
341 if (state == UNINITIALIZED) {
342 if (strchr(data, ' ')) return -1;
343 if (strlen(data) < MIN_PASSWD_LENGTH) return -1;
344 return create_master_key(data);
345 }
346 return change_passwd(data);
347}
348
349int lock()
350{
351 switch(state) {
352 case UNLOCKED:
353 lock_keystore();
354 case LOCKED:
355 return 0;
356 default:
357 return -1;
358 }
359}
360
361int unlock(char *passwd)
362{
363 unsigned char master_key[USER_KEY_LEN];
364 int ret = get_master_key(passwd, master_key);
365 if (!ret) {
366 unlock_keystore(master_key);
367 retry_count = 0;
368 } else {
369 ret = MAX_RETRY_COUNT - ++retry_count;
370 if (ret == 0) {
371 retry_count = 0;
372 LOGE("unlock:reach max retry count, reset the keystore now.");
373 reset_keystore();
374 return -1;
375 }
376 }
377 return ret;
378}
379
380KEYSTORE_STATE get_state()
381{
382 return state;
383}
384
385int reset_keystore()
386{
Jean-Baptiste Queru110b3142009-07-31 17:38:20 -0700[diff] [blame]387 int ret = 0;
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]388 DIR *d;
389 struct dirent *de;
390
391 if ((d = opendir(".")) == NULL) {
392 LOGE("cannot open keystore dir\n");
393 return -1;
394 }
Jean-Baptiste Queru110b3142009-07-31 17:38:20 -0700[diff] [blame]395 while ((de = readdir(d))) {
396 if (unlink(de->d_name) != 0) ret = -1;
397 }
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]398 closedir(d);
399 state = UNINITIALIZED;
Jean-Baptiste Queru110b3142009-07-31 17:38:20 -0700[diff] [blame]400 if (ret == 0) {
401 LOGI("keystore is reset.");
402 } else {
403 LOGI("keystore can not be cleaned up entirely.");
404 }
405 return ret;
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]406}
407
408int init_keystore(const char *dir)
409{
410 int fd;
411
Jean-Baptiste Queru110b3142009-07-31 17:38:20 -0700[diff] [blame]412 if (dir) mkdir(dir, 0770);
Jean-Baptiste Queru4d3b5c12009-07-21 11:16:54 -0700[diff] [blame]413 if (!dir || chdir(dir)) {
414 LOGE("Can not open/create the keystore directory %s\n",
415 dir ? dir : "(null)");
416 return -1;
417 }
418 gen_random_blob(iv, IV_LEN);
419 if ((fd = open(MASTER_KEY, O_RDONLY)) == -1) {
420 state = UNINITIALIZED;
421 return 0;
422 }
423 close(fd);
424 state = LOCKED;
425 return 0;
426}