Janis Danisevskis | 2fea235 | 2017-07-26 16:52:33 -0700 | [diff] [blame] | 1 | /* |
| 2 | ** |
| 3 | ** Copyright 2017, The Android Open Source Project |
| 4 | ** |
| 5 | ** Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | ** you may not use this file except in compliance with the License. |
| 7 | ** You may obtain a copy of the License at |
| 8 | ** |
| 9 | ** http://www.apache.org/licenses/LICENSE-2.0 |
| 10 | ** |
| 11 | ** Unless required by applicable law or agreed to in writing, software |
| 12 | ** distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | ** See the License for the specific language governing permissions and |
| 15 | ** limitations under the License. |
| 16 | */ |
| 17 | |
| 18 | #include <keymaster/contexts/keymaster1_passthrough_context.h> |
| 19 | |
Selene Huang | b0d3830 | 2020-02-14 17:39:36 -0800 | [diff] [blame] | 20 | #include <keymaster/contexts/soft_attestation_cert.h> |
Janis Danisevskis | 2fea235 | 2017-07-26 16:52:33 -0700 | [diff] [blame] | 21 | #include <keymaster/key_blob_utils/integrity_assured_key_blob.h> |
| 22 | #include <keymaster/key_blob_utils/ocb_utils.h> |
Selene Huang | b0d3830 | 2020-02-14 17:39:36 -0800 | [diff] [blame] | 23 | #include <keymaster/key_blob_utils/software_keyblobs.h> |
Janis Danisevskis | 2fea235 | 2017-07-26 16:52:33 -0700 | [diff] [blame] | 24 | #include <keymaster/km_openssl/aes_key.h> |
Janis Danisevskis | 2fea235 | 2017-07-26 16:52:33 -0700 | [diff] [blame] | 25 | #include <keymaster/km_openssl/attestation_utils.h> |
Selene Huang | b0d3830 | 2020-02-14 17:39:36 -0800 | [diff] [blame] | 26 | #include <keymaster/km_openssl/hmac_key.h> |
| 27 | #include <keymaster/legacy_support/ec_keymaster1_key.h> |
| 28 | #include <keymaster/legacy_support/keymaster1_engine.h> |
| 29 | #include <keymaster/legacy_support/keymaster1_legacy_support.h> |
| 30 | #include <keymaster/legacy_support/keymaster_passthrough_engine.h> |
| 31 | #include <keymaster/legacy_support/keymaster_passthrough_key.h> |
| 32 | #include <keymaster/legacy_support/rsa_keymaster1_key.h> |
Janis Danisevskis | 2fea235 | 2017-07-26 16:52:33 -0700 | [diff] [blame] | 33 | |
| 34 | namespace keymaster { |
| 35 | |
| 36 | Keymaster1PassthroughContext::Keymaster1PassthroughContext(keymaster1_device_t* dev) |
| 37 | : device_(dev), pt_engine_(KeymasterPassthroughEngine::createInstance(dev)), |
| 38 | km1_engine_(new Keymaster1Engine(dev)) { |
| 39 | |
| 40 | } |
| 41 | |
| 42 | keymaster_error_t Keymaster1PassthroughContext::SetSystemVersion(uint32_t os_version, |
| 43 | uint32_t os_patchlevel) { |
| 44 | os_version_ = os_version; |
| 45 | os_patchlevel_ = os_patchlevel; |
| 46 | return KM_ERROR_OK; |
| 47 | } |
| 48 | |
| 49 | void Keymaster1PassthroughContext::GetSystemVersion(uint32_t* os_version, |
| 50 | uint32_t* os_patchlevel) const { |
| 51 | if (os_version) *os_version = os_version_; |
| 52 | if (os_patchlevel) *os_patchlevel = os_patchlevel_; |
| 53 | } |
| 54 | |
| 55 | KeyFactory* Keymaster1PassthroughContext::GetKeyFactory(keymaster_algorithm_t algorithm) const { |
| 56 | auto& result = factories_[algorithm]; |
| 57 | if (!result) { |
| 58 | switch(algorithm) { |
| 59 | case KM_ALGORITHM_RSA: |
| 60 | result.reset(new Keymaster1ArbitrationFactory<RsaKeymaster1KeyFactory>(pt_engine_.get(), |
| 61 | KM_ALGORITHM_RSA, device_, this, km1_engine_.get())); |
| 62 | break; |
| 63 | case KM_ALGORITHM_EC: |
| 64 | result.reset(new Keymaster1ArbitrationFactory<EcdsaKeymaster1KeyFactory>(pt_engine_.get(), |
| 65 | KM_ALGORITHM_EC, device_, this, km1_engine_.get())); |
| 66 | break; |
| 67 | case KM_ALGORITHM_AES: |
| 68 | result.reset(new Keymaster1ArbitrationFactory<AesKeyFactory>(pt_engine_.get(), |
| 69 | KM_ALGORITHM_AES, device_, this, this)); |
| 70 | break; |
| 71 | case KM_ALGORITHM_HMAC: |
| 72 | result.reset(new Keymaster1ArbitrationFactory<HmacKeyFactory>(pt_engine_.get(), |
| 73 | KM_ALGORITHM_HMAC, device_, this, this)); |
| 74 | break; |
Shawn Willden | 7efc772 | 2018-01-08 22:00:12 -0700 | [diff] [blame] | 75 | case KM_ALGORITHM_TRIPLE_DES: |
| 76 | // Not supported by KM1. |
| 77 | return nullptr; |
Janis Danisevskis | 2fea235 | 2017-07-26 16:52:33 -0700 | [diff] [blame] | 78 | } |
| 79 | } |
| 80 | return result.get(); |
| 81 | } |
| 82 | OperationFactory* Keymaster1PassthroughContext::GetOperationFactory(keymaster_algorithm_t algorithm, |
| 83 | keymaster_purpose_t purpose) const { |
| 84 | auto keyfactory = GetKeyFactory(algorithm); |
| 85 | return keyfactory->GetOperationFactory(purpose); |
| 86 | } |
| 87 | keymaster_algorithm_t* Keymaster1PassthroughContext::GetSupportedAlgorithms( |
| 88 | size_t* algorithms_count) const { |
| 89 | if (algorithms_count) *algorithms_count = 0; |
| 90 | return nullptr; |
| 91 | } |
| 92 | |
| 93 | keymaster_error_t Keymaster1PassthroughContext::UpgradeKeyBlob( |
| 94 | const KeymasterKeyBlob& key_to_upgrade, const AuthorizationSet& upgrade_params, |
| 95 | KeymasterKeyBlob* upgraded_key) const { |
| 96 | |
| 97 | UniquePtr<Key> key; |
| 98 | keymaster_error_t error = ParseKeyBlob(key_to_upgrade, upgrade_params, &key); |
| 99 | if (error != KM_ERROR_OK) |
| 100 | return error; |
| 101 | |
| 102 | if (key->hw_enforced().Contains(TAG_PURPOSE) && |
| 103 | !key->hw_enforced().Contains(TAG_OS_PATCHLEVEL)) { |
| 104 | return KM_ERROR_INVALID_ARGUMENT; |
| 105 | } |
| 106 | |
| 107 | return UpgradeSoftKeyBlob(key, os_version_, os_patchlevel_, upgrade_params, upgraded_key); |
| 108 | } |
| 109 | |
| 110 | static keymaster_error_t parseKeymaster1HwBlob(const keymaster1_device_t* device, |
| 111 | const KeymasterKeyBlob& blob, |
| 112 | const AuthorizationSet& additional_params, |
| 113 | KeymasterKeyBlob* key_material, |
| 114 | AuthorizationSet* hw_enforced, |
| 115 | AuthorizationSet* sw_enforced) { |
| 116 | keymaster_blob_t client_id = {nullptr, 0}; |
| 117 | keymaster_blob_t app_data = {nullptr, 0}; |
| 118 | keymaster_blob_t* client_id_ptr = nullptr; |
| 119 | keymaster_blob_t* app_data_ptr = nullptr; |
| 120 | if (additional_params.GetTagValue(TAG_APPLICATION_ID, &client_id)) |
| 121 | client_id_ptr = &client_id; |
| 122 | if (additional_params.GetTagValue(TAG_APPLICATION_DATA, &app_data)) |
| 123 | app_data_ptr = &app_data; |
| 124 | |
| 125 | // Get key characteristics, which incidentally verifies that the HW recognizes the key. |
| 126 | keymaster_key_characteristics_t* characteristics; |
| 127 | keymaster_error_t error = device->get_key_characteristics(device, &blob, client_id_ptr, |
| 128 | app_data_ptr, &characteristics); |
| 129 | if (error != KM_ERROR_OK) |
| 130 | return error; |
| 131 | |
| 132 | UniquePtr<keymaster_key_characteristics_t, Characteristics_Delete> characteristics_deleter( |
| 133 | characteristics); |
| 134 | |
| 135 | hw_enforced->Reinitialize(characteristics->hw_enforced); |
| 136 | sw_enforced->Reinitialize(characteristics->sw_enforced); |
| 137 | *key_material = blob; |
| 138 | return KM_ERROR_OK; |
| 139 | } |
| 140 | |
| 141 | keymaster_error_t Keymaster1PassthroughContext::ParseKeyBlob(const KeymasterKeyBlob& blob, |
| 142 | const AuthorizationSet& additional_params, UniquePtr<Key>* key) const { |
| 143 | AuthorizationSet hw_enforced; |
| 144 | AuthorizationSet sw_enforced; |
| 145 | KeymasterKeyBlob key_material; |
| 146 | |
| 147 | AuthorizationSet hidden; |
| 148 | keymaster_error_t error = BuildHiddenAuthorizations(additional_params, &hidden, |
| 149 | softwareRootOfTrust); |
| 150 | if (error != KM_ERROR_OK) |
| 151 | return error; |
| 152 | |
| 153 | // Assume it's an integrity-assured blob (new software-only blob |
| 154 | error = DeserializeIntegrityAssuredBlob(blob, hidden, &key_material, &hw_enforced, &sw_enforced); |
| 155 | if (error != KM_ERROR_INVALID_KEY_BLOB && error != KM_ERROR_OK) |
| 156 | return error; |
| 157 | |
| 158 | if (error == KM_ERROR_INVALID_KEY_BLOB) { |
| 159 | error = parseKeymaster1HwBlob(km1_engine_->device(), blob, additional_params, |
| 160 | &key_material, &hw_enforced, &sw_enforced); |
| 161 | if (error != KM_ERROR_OK) return error; |
| 162 | } |
| 163 | |
| 164 | // GetKeyFactory |
| 165 | keymaster_algorithm_t algorithm; |
| 166 | if (!hw_enforced.GetTagValue(TAG_ALGORITHM, &algorithm) && |
| 167 | !sw_enforced.GetTagValue(TAG_ALGORITHM, &algorithm)) { |
| 168 | return KM_ERROR_INVALID_ARGUMENT; |
| 169 | } |
| 170 | auto factory = GetKeyFactory(algorithm); |
| 171 | |
| 172 | return factory->LoadKey(move(key_material), additional_params, move(hw_enforced), |
| 173 | move(sw_enforced), key); |
| 174 | } |
| 175 | |
| 176 | keymaster_error_t Keymaster1PassthroughContext::DeleteKey(const KeymasterKeyBlob& blob) const { |
| 177 | // HACK. Due to a bug with Qualcomm's Keymaster implementation, which causes the device to |
| 178 | // reboot if we pass it a key blob it doesn't understand, we need to check for software |
| 179 | // keys. If it looks like a software key there's nothing to do so we just return. |
| 180 | // Can be removed once b/33385206 is fixed |
| 181 | KeymasterKeyBlob key_material; |
| 182 | AuthorizationSet hw_enforced, sw_enforced; |
| 183 | keymaster_error_t error = DeserializeIntegrityAssuredBlob_NoHmacCheck( |
| 184 | blob, &key_material, &hw_enforced, &sw_enforced); |
| 185 | if (error == KM_ERROR_OK) { |
| 186 | return KM_ERROR_OK; |
| 187 | } |
| 188 | |
| 189 | error = km1_engine_->DeleteKey(blob); |
| 190 | if (error == KM_ERROR_INVALID_KEY_BLOB) { |
| 191 | // Some implementations diagnose invalid keys. |
| 192 | // However, all care we about is that the key blob, as supplied, is not usable after the |
| 193 | // call. |
| 194 | return KM_ERROR_OK; |
| 195 | } |
| 196 | return error; |
| 197 | } |
| 198 | |
| 199 | keymaster_error_t Keymaster1PassthroughContext::DeleteAllKeys() const { |
| 200 | return km1_engine_->DeleteAllKeys(); |
| 201 | } |
| 202 | |
| 203 | keymaster_error_t Keymaster1PassthroughContext::AddRngEntropy(const uint8_t* buf, |
| 204 | size_t length) const { |
| 205 | return device_->add_rng_entropy(device_, buf, length); |
| 206 | } |
| 207 | |
| 208 | |
| 209 | KeymasterEnforcement* Keymaster1PassthroughContext::enforcement_policy() { |
| 210 | return nullptr; |
| 211 | } |
| 212 | |
| 213 | keymaster_error_t Keymaster1PassthroughContext::CreateKeyBlob(const AuthorizationSet& key_description, |
| 214 | const keymaster_key_origin_t origin, |
| 215 | const KeymasterKeyBlob& key_material, |
| 216 | KeymasterKeyBlob* blob, |
| 217 | AuthorizationSet* hw_enforced, |
| 218 | AuthorizationSet* sw_enforced) const { |
| 219 | keymaster_error_t error = SetKeyBlobAuthorizations(key_description, origin, os_version_, |
| 220 | os_patchlevel_, hw_enforced, sw_enforced); |
| 221 | if (error != KM_ERROR_OK) |
| 222 | return error; |
| 223 | |
| 224 | AuthorizationSet hidden; |
| 225 | error = BuildHiddenAuthorizations(key_description, &hidden, softwareRootOfTrust); |
| 226 | if (error != KM_ERROR_OK) |
| 227 | return error; |
| 228 | |
| 229 | return SerializeIntegrityAssuredBlob(key_material, hidden, *hw_enforced, *sw_enforced, blob); |
| 230 | } |
| 231 | |
| 232 | keymaster_error_t Keymaster1PassthroughContext::GenerateAttestation(const Key& key, |
| 233 | const AuthorizationSet& attest_params, CertChainPtr* cert_chain) const { |
| 234 | keymaster_error_t error = KM_ERROR_OK; |
| 235 | keymaster_algorithm_t key_algorithm; |
| 236 | if (!key.authorizations().GetTagValue(TAG_ALGORITHM, &key_algorithm)) { |
| 237 | return KM_ERROR_UNKNOWN_ERROR; |
| 238 | } |
| 239 | |
| 240 | if ((key_algorithm != KM_ALGORITHM_RSA && key_algorithm != KM_ALGORITHM_EC)) |
| 241 | return KM_ERROR_INCOMPATIBLE_ALGORITHM; |
| 242 | |
| 243 | // We have established that the given key has the correct algorithm, and because this is the |
| 244 | // SoftKeymasterContext we can assume that the Key is an AsymmetricKey. So we can downcast. |
| 245 | const AsymmetricKey& asymmetric_key = static_cast<const AsymmetricKey&>(key); |
| 246 | |
| 247 | auto attestation_chain = getAttestationChain(key_algorithm, &error); |
| 248 | if (error != KM_ERROR_OK) return error; |
| 249 | |
| 250 | auto attestation_key = getAttestationKey(key_algorithm, &error); |
| 251 | if (error != KM_ERROR_OK) return error; |
| 252 | |
| 253 | return generate_attestation(asymmetric_key, attest_params, |
| 254 | *attestation_chain, *attestation_key, *this, cert_chain); |
| 255 | } |
| 256 | |
Shawn Willden | dd7e8a0 | 2018-01-12 13:03:37 -0700 | [diff] [blame] | 257 | keymaster_error_t Keymaster1PassthroughContext::UnwrapKey( |
| 258 | const KeymasterKeyBlob&, const KeymasterKeyBlob&, const AuthorizationSet&, |
| 259 | const KeymasterKeyBlob&, AuthorizationSet*, keymaster_key_format_t*, KeymasterKeyBlob*) const { |
| 260 | return KM_ERROR_UNIMPLEMENTED; |
| 261 | } |
| 262 | |
Janis Danisevskis | 2fea235 | 2017-07-26 16:52:33 -0700 | [diff] [blame] | 263 | } // namespace keymaster |