Gitiles
Code Review Sign In
review.blissroms.org / platform_system_keymaster / f268d742dbefe0e84b4046db7669c4ffbc110f7d / . / asymmetric_key.cpp
blob: 32d8fe978e407831c3d35ea256bc59bb9709b763 [file] [log] [blame]
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]1/*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Shawn Willdenf268d742014-08-19 15:36:26 -0600[diff] [blame^]17#include <openssl/evp.h>
18#include <openssl/x509.h>
19
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]20#include "asymmetric_key.h"
21#include "dsa_operation.h"
22#include "ecdsa_operation.h"
23#include "key_blob.h"
24#include "keymaster_defs.h"
25#include "openssl_utils.h"
26#include "rsa_operation.h"
27
28namespace keymaster {
29
30const uint32_t RSA_DEFAULT_KEY_SIZE = 2048;
31const uint64_t RSA_DEFAULT_EXPONENT = 65537;
32
33const uint32_t DSA_DEFAULT_KEY_SIZE = 2048;
34
35const uint32_t ECDSA_DEFAULT_KEY_SIZE = 192;
36
37keymaster_error_t AsymmetricKey::LoadKey(const KeyBlob& blob) {
38 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> evp_key(EVP_PKEY_new());
39 if (evp_key.get() == NULL)
40 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
41
42 EVP_PKEY* tmp_pkey = evp_key.get();
43 const uint8_t* key_material = blob.key_material();
44 if (d2i_PrivateKey(evp_key_type(), &tmp_pkey, &key_material, blob.key_material_length()) ==
45 NULL) {
46 return KM_ERROR_INVALID_KEY_BLOB;
47 }
48 if (!EvpToInternal(evp_key.get()))
49 return KM_ERROR_UNKNOWN_ERROR;
50
51 return KM_ERROR_OK;
52}
53
54keymaster_error_t AsymmetricKey::key_material(UniquePtr<uint8_t[]>* material, size_t* size) const {
55 if (material == NULL || size == NULL)
56 return KM_ERROR_OUTPUT_PARAMETER_NULL;
57
58 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKEY_new());
59 if (pkey.get() == NULL)
60 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
61
62 if (!InternalToEvp(pkey.get()))
63 return KM_ERROR_UNKNOWN_ERROR;
64
65 *size = i2d_PrivateKey(pkey.get(), NULL /* key_data*/);
66 if (*size <= 0)
67 return KM_ERROR_UNKNOWN_ERROR;
68
69 material->reset(new uint8_t[*size]);
70 uint8_t* tmp = material->get();
71 i2d_PrivateKey(pkey.get(), &tmp);
72
73 return KM_ERROR_OK;
74}
75
Shawn Willdenf268d742014-08-19 15:36:26 -0600[diff] [blame^]76keymaster_error_t AsymmetricKey::formatted_key_material(keymaster_key_format_t format,
77 UniquePtr<uint8_t[]>* material,
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]78 size_t* size) const {
Shawn Willdenf268d742014-08-19 15:36:26 -0600[diff] [blame^]79 if (format != KM_KEY_FORMAT_X509)
80 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
81
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]82 if (material == NULL || size == NULL)
83 return KM_ERROR_OUTPUT_PARAMETER_NULL;
84
Shawn Willdenf268d742014-08-19 15:36:26 -0600[diff] [blame^]85 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKEY_new());
86 if (!InternalToEvp(pkey.get()))
87 return KM_ERROR_UNKNOWN_ERROR;
88
89 int key_data_length = i2d_PUBKEY(pkey.get(), NULL);
90 if (key_data_length <= 0)
91 return KM_ERROR_UNKNOWN_ERROR;
92
93 material->reset(new uint8_t[key_data_length]);
94 if (material->get() == NULL)
95 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
96
97 uint8_t* tmp = material->get();
98 if (i2d_PUBKEY(pkey.get(), &tmp) != key_data_length) {
99 material->reset();
100 return KM_ERROR_UNKNOWN_ERROR;
101 }
102
103 *size = key_data_length;
104 return KM_ERROR_OK;
Shawn Willdend67afae2014-08-19 12:36:27 -0600[diff] [blame]105}
106
107Operation* AsymmetricKey::CreateOperation(keymaster_purpose_t purpose, keymaster_error_t* error) {
108 keymaster_digest_t digest;
109 if (!authorizations().GetTagValue(TAG_DIGEST, &digest) || digest != KM_DIGEST_NONE) {
110 *error = KM_ERROR_UNSUPPORTED_DIGEST;
111 return NULL;
112 }
113
114 keymaster_padding_t padding;
115 if (!authorizations().GetTagValue(TAG_PADDING, &padding) || padding != KM_PAD_NONE) {
116 *error = KM_ERROR_UNSUPPORTED_PADDING_MODE;
117 return NULL;
118 }
119
120 return CreateOperation(purpose, digest, padding, error);
121}
122
123/* static */
124RsaKey* RsaKey::GenerateKey(const AuthorizationSet& key_description, keymaster_error_t* error) {
125 if (!error)
126 return NULL;
127
128 AuthorizationSet authorizations(key_description);
129
130 uint64_t public_exponent = RSA_DEFAULT_EXPONENT;
131 if (!authorizations.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &public_exponent))
132 authorizations.push_back(Authorization(TAG_RSA_PUBLIC_EXPONENT, public_exponent));
133
134 uint32_t key_size = RSA_DEFAULT_KEY_SIZE;
135 if (!authorizations.GetTagValue(TAG_KEY_SIZE, &key_size))
136 authorizations.push_back(Authorization(TAG_KEY_SIZE, key_size));
137
138 UniquePtr<BIGNUM, BIGNUM_Delete> exponent(BN_new());
139 UniquePtr<RSA, RSA_Delete> rsa_key(RSA_new());
140 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKEY_new());
141 if (rsa_key.get() == NULL || pkey.get() == NULL) {
142 *error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
143 return NULL;
144 }
145
146 if (!BN_set_word(exponent.get(), public_exponent) ||
147 !RSA_generate_key_ex(rsa_key.get(), key_size, exponent.get(), NULL /* callback */)) {
148 *error = KM_ERROR_UNKNOWN_ERROR;
149 return NULL;
150 }
151
152 RsaKey* new_key = new RsaKey(rsa_key.release(), authorizations);
153 *error = new_key ? KM_ERROR_OK : KM_ERROR_MEMORY_ALLOCATION_FAILED;
154 return new_key;
155}
156
157RsaKey::RsaKey(const KeyBlob& blob, keymaster_error_t* error) : AsymmetricKey(blob) {
158 if (error)
159 *error = LoadKey(blob);
160}
161
162Operation* RsaKey::CreateOperation(keymaster_purpose_t purpose, keymaster_digest_t digest,
163 keymaster_padding_t padding, keymaster_error_t* error) {
164 Operation* op;
165 switch (purpose) {
166 case KM_PURPOSE_SIGN:
167 op = new RsaSignOperation(purpose, digest, padding, rsa_key_.release());
168 break;
169 case KM_PURPOSE_VERIFY:
170 op = new RsaVerifyOperation(purpose, digest, padding, rsa_key_.release());
171 break;
172 default:
173 *error = KM_ERROR_UNIMPLEMENTED;
174 return NULL;
175 }
176 *error = op ? KM_ERROR_OK : KM_ERROR_MEMORY_ALLOCATION_FAILED;
177 return op;
178}
179
180bool RsaKey::EvpToInternal(const EVP_PKEY* pkey) {
181 rsa_key_.reset(EVP_PKEY_get1_RSA(const_cast<EVP_PKEY*>(pkey)));
182 return rsa_key_.get() != NULL;
183}
184
185bool RsaKey::InternalToEvp(EVP_PKEY* pkey) const {
186 return EVP_PKEY_set1_RSA(pkey, rsa_key_.get()) == 1;
187}
188
189template <keymaster_tag_t Tag>
190static void GetDsaParamData(const AuthorizationSet& auths, TypedTag<KM_BIGNUM, Tag> tag,
191 keymaster_blob_t* blob) {
192 if (!auths.GetTagValue(tag, blob))
193 blob->data = NULL;
194}
195
196// Store the specified DSA param in auths
197template <keymaster_tag_t Tag>
198static void SetDsaParamData(AuthorizationSet* auths, TypedTag<KM_BIGNUM, Tag> tag, BIGNUM* number) {
199 keymaster_blob_t blob;
200 convert_bn_to_blob(number, &blob);
201 auths->push_back(Authorization(tag, blob));
202 delete[] blob.data;
203}
204
205DsaKey* DsaKey::GenerateKey(const AuthorizationSet& key_description, keymaster_error_t* error) {
206 if (!error)
207 return NULL;
208
209 AuthorizationSet authorizations(key_description);
210
211 keymaster_blob_t g_blob;
212 GetDsaParamData(authorizations, TAG_DSA_GENERATOR, &g_blob);
213
214 keymaster_blob_t p_blob;
215 GetDsaParamData(authorizations, TAG_DSA_P, &p_blob);
216
217 keymaster_blob_t q_blob;
218 GetDsaParamData(authorizations, TAG_DSA_Q, &q_blob);
219
220 uint32_t key_size = DSA_DEFAULT_KEY_SIZE;
221 if (!authorizations.GetTagValue(TAG_KEY_SIZE, &key_size))
222 authorizations.push_back(Authorization(TAG_KEY_SIZE, key_size));
223
224 UniquePtr<uint8_t[]> key_data;
225 size_t key_data_size;
226
227 UniquePtr<DSA, DSA_Delete> dsa_key(DSA_new());
228 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKEY_new());
229 if (dsa_key.get() == NULL || pkey.get() == NULL) {
230 *error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
231 return NULL;
232 }
233
234 // If anything goes wrong in the next section, it's a param problem.
235 *error = KM_ERROR_INVALID_DSA_PARAMS;
236
237 if (g_blob.data == NULL && p_blob.data == NULL && q_blob.data == NULL) {
238 // No params provided, generate them.
239 if (!DSA_generate_parameters_ex(dsa_key.get(), key_size, NULL /* seed */, 0 /* seed_len */,
240 NULL /* counter_ret */, NULL /* h_ret */,
241 NULL /* callback */))
242 // TODO(swillden): return a more precise error, depending on ERR_get_error();
243 return NULL;
244
245 SetDsaParamData(&authorizations, TAG_DSA_GENERATOR, dsa_key->g);
246 SetDsaParamData(&authorizations, TAG_DSA_P, dsa_key->p);
247 SetDsaParamData(&authorizations, TAG_DSA_Q, dsa_key->q);
248 } else if (g_blob.data == NULL || p_blob.data == NULL || q_blob.data == NULL) {
249 // Some params provided: that's an error. Provide them all or provide none.
250 return NULL;
251 } else {
252 // All params provided. Use them.
253 dsa_key->g = BN_bin2bn(g_blob.data, g_blob.data_length, NULL);
254 dsa_key->p = BN_bin2bn(p_blob.data, p_blob.data_length, NULL);
255 dsa_key->q = BN_bin2bn(q_blob.data, q_blob.data_length, NULL);
256
257 if (dsa_key->g == NULL || dsa_key->p == NULL || dsa_key->q == NULL)
258 return NULL;
259 }
260
261 if (!DSA_generate_key(dsa_key.get())) {
262 *error = KM_ERROR_UNKNOWN_ERROR;
263 return NULL;
264 }
265
266 DsaKey* new_key = new DsaKey(dsa_key.release(), authorizations);
267 *error = new_key ? KM_ERROR_OK : KM_ERROR_MEMORY_ALLOCATION_FAILED;
268 return new_key;
269}
270
271DsaKey::DsaKey(const KeyBlob& blob, keymaster_error_t* error) : AsymmetricKey(blob) {
272 if (error)
273 *error = LoadKey(blob);
274}
275
276Operation* DsaKey::CreateOperation(keymaster_purpose_t purpose, keymaster_digest_t digest,
277 keymaster_padding_t padding, keymaster_error_t* error) {
278 Operation* op;
279 switch (purpose) {
280 case KM_PURPOSE_SIGN:
281 op = new DsaSignOperation(purpose, digest, padding, dsa_key_.release());
282 break;
283 case KM_PURPOSE_VERIFY:
284 op = new DsaVerifyOperation(purpose, digest, padding, dsa_key_.release());
285 break;
286 default:
287 *error = KM_ERROR_UNIMPLEMENTED;
288 return NULL;
289 }
290 *error = op ? KM_ERROR_OK : KM_ERROR_MEMORY_ALLOCATION_FAILED;
291 return op;
292}
293
294bool DsaKey::EvpToInternal(const EVP_PKEY* pkey) {
295 dsa_key_.reset(EVP_PKEY_get1_DSA(const_cast<EVP_PKEY*>(pkey)));
296 return dsa_key_.get() != NULL;
297}
298
299bool DsaKey::InternalToEvp(EVP_PKEY* pkey) const {
300 return EVP_PKEY_set1_DSA(pkey, dsa_key_.get()) == 1;
301}
302
303/* static */
304EcdsaKey* EcdsaKey::GenerateKey(const AuthorizationSet& key_description, keymaster_error_t* error) {
305 if (!error)
306 return NULL;
307
308 AuthorizationSet authorizations(key_description);
309
310 uint32_t key_size = ECDSA_DEFAULT_KEY_SIZE;
311 if (!authorizations.GetTagValue(TAG_KEY_SIZE, &key_size))
312 authorizations.push_back(Authorization(TAG_KEY_SIZE, key_size));
313
314 UniquePtr<EC_KEY, ECDSA_Delete> ecdsa_key(EC_KEY_new());
315 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKEY_new());
316 if (ecdsa_key.get() == NULL || pkey.get() == NULL) {
317 *error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
318 return NULL;
319 }
320
321 UniquePtr<EC_GROUP, EC_GROUP_Delete> group(choose_group(key_size));
322 if (group.get() == NULL) {
323 // Technically, could also have been a memory allocation problem.
324 *error = KM_ERROR_UNSUPPORTED_KEY_SIZE;
325 return NULL;
326 }
327
328 EC_GROUP_set_point_conversion_form(group.get(), POINT_CONVERSION_UNCOMPRESSED);
329 EC_GROUP_set_asn1_flag(group.get(), OPENSSL_EC_NAMED_CURVE);
330
331 if (EC_KEY_set_group(ecdsa_key.get(), group.get()) != 1 ||
332 EC_KEY_generate_key(ecdsa_key.get()) != 1 || EC_KEY_check_key(ecdsa_key.get()) < 0) {
333 *error = KM_ERROR_UNKNOWN_ERROR;
334 return NULL;
335 }
336
337 EcdsaKey* new_key = new EcdsaKey(ecdsa_key.release(), authorizations);
338 *error = new_key ? KM_ERROR_OK : KM_ERROR_MEMORY_ALLOCATION_FAILED;
339 return new_key;
340}
341
342/* static */
343EC_GROUP* EcdsaKey::choose_group(size_t key_size_bits) {
344 switch (key_size_bits) {
345 case 192:
346 return EC_GROUP_new_by_curve_name(NID_X9_62_prime192v1);
347 break;
348 case 224:
349 return EC_GROUP_new_by_curve_name(NID_secp224r1);
350 break;
351 case 256:
352 return EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
353 break;
354 case 384:
355 return EC_GROUP_new_by_curve_name(NID_secp384r1);
356 break;
357 case 521:
358 return EC_GROUP_new_by_curve_name(NID_secp521r1);
359 break;
360 default:
361 return NULL;
362 break;
363 }
364}
365
366EcdsaKey::EcdsaKey(const KeyBlob& blob, keymaster_error_t* error) : AsymmetricKey(blob) {
367 if (error)
368 *error = LoadKey(blob);
369}
370
371Operation* EcdsaKey::CreateOperation(keymaster_purpose_t purpose, keymaster_digest_t digest,
372 keymaster_padding_t padding, keymaster_error_t* error) {
373 Operation* op;
374 switch (purpose) {
375 case KM_PURPOSE_SIGN:
376 op = new EcdsaSignOperation(purpose, digest, padding, ecdsa_key_.release());
377 break;
378 case KM_PURPOSE_VERIFY:
379 op = new EcdsaVerifyOperation(purpose, digest, padding, ecdsa_key_.release());
380 break;
381 default:
382 *error = KM_ERROR_UNIMPLEMENTED;
383 return NULL;
384 }
385 *error = op ? KM_ERROR_OK : KM_ERROR_MEMORY_ALLOCATION_FAILED;
386 return op;
387}
388
389bool EcdsaKey::EvpToInternal(const EVP_PKEY* pkey) {
390 ecdsa_key_.reset(EVP_PKEY_get1_EC_KEY(const_cast<EVP_PKEY*>(pkey)));
391 return ecdsa_key_.get() != NULL;
392}
393
394bool EcdsaKey::InternalToEvp(EVP_PKEY* pkey) const {
395 return EVP_PKEY_set1_EC_KEY(pkey, ecdsa_key_.get()) == 1;
396}
397
398} // namespace keymaster