2016-01-21 21:26:12 +01:00
|
|
|
/*
|
|
|
|
* Copyright (C) 2016 The Android Open Source Project
|
|
|
|
*
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
* limitations under the License.
|
|
|
|
*/
|
|
|
|
|
2016-03-16 01:04:39 +01:00
|
|
|
#ifndef ANDROID_VOLD_KEYMASTER_H
|
|
|
|
#define ANDROID_VOLD_KEYMASTER_H
|
2016-01-21 21:26:12 +01:00
|
|
|
|
2017-08-01 18:15:53 +02:00
|
|
|
#include "KeyBuffer.h"
|
|
|
|
|
2016-03-16 01:04:39 +01:00
|
|
|
#include <memory>
|
2016-01-21 21:26:12 +01:00
|
|
|
#include <string>
|
2016-03-16 01:04:39 +01:00
|
|
|
#include <utility>
|
2016-01-21 21:26:12 +01:00
|
|
|
|
2016-10-26 15:27:10 +02:00
|
|
|
#include <android/hardware/keymaster/3.0/IKeymasterDevice.h>
|
2017-05-01 21:45:32 +02:00
|
|
|
#include <android-base/macros.h>
|
2016-10-26 15:27:10 +02:00
|
|
|
#include <keystore/authorization_set.h>
|
2016-01-21 21:26:12 +01:00
|
|
|
|
|
|
|
namespace android {
|
|
|
|
namespace vold {
|
2016-10-26 15:27:10 +02:00
|
|
|
using ::android::hardware::keymaster::V3_0::IKeymasterDevice;
|
|
|
|
using ::keystore::ErrorCode;
|
|
|
|
using ::keystore::KeyPurpose;
|
|
|
|
using ::keystore::AuthorizationSet;
|
2016-01-21 21:26:12 +01:00
|
|
|
|
2016-10-26 15:27:10 +02:00
|
|
|
// C++ wrappers to the Keymaster hidl interface.
|
2016-01-21 21:26:12 +01:00
|
|
|
// This is tailored to the needs of KeyStorage, but could be extended to be
|
|
|
|
// a more general interface.
|
|
|
|
|
2016-10-26 15:27:10 +02:00
|
|
|
// Wrapper for a Keymaster operation handle representing an
|
2016-01-21 21:26:12 +01:00
|
|
|
// ongoing Keymaster operation. Aborts the operation
|
|
|
|
// in the destructor if it is unfinished. Methods log failures
|
|
|
|
// to LOG(ERROR).
|
|
|
|
class KeymasterOperation {
|
2016-03-09 18:31:37 +01:00
|
|
|
public:
|
2016-03-16 01:04:39 +01:00
|
|
|
~KeymasterOperation();
|
2016-01-21 21:26:12 +01:00
|
|
|
// Is this instance valid? This is false if creation fails, and becomes
|
|
|
|
// false on finish or if an update fails.
|
2016-10-26 15:27:10 +02:00
|
|
|
explicit operator bool() { return mError == ErrorCode::OK; }
|
2017-02-25 02:43:01 +01:00
|
|
|
ErrorCode errorCode() { return mError; }
|
2016-01-27 15:30:22 +01:00
|
|
|
// Call "update" repeatedly until all of the input is consumed, and
|
2016-01-21 21:26:12 +01:00
|
|
|
// concatenate the output. Return true on success.
|
2017-08-01 18:15:53 +02:00
|
|
|
template <class TI, class TO>
|
|
|
|
bool updateCompletely(TI& input, TO* output) {
|
|
|
|
if (output) output->clear();
|
|
|
|
return updateCompletely(input.data(), input.size(), [&](const char* b, size_t n) {
|
|
|
|
if (output) std::copy(b, b+n, std::back_inserter(*output));
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2016-05-16 17:14:56 +02:00
|
|
|
// Finish and write the output to this string, unless pointer is null.
|
|
|
|
bool finish(std::string* output);
|
2016-01-21 21:26:12 +01:00
|
|
|
// Move constructor
|
|
|
|
KeymasterOperation(KeymasterOperation&& rhs) {
|
2016-03-16 01:04:39 +01:00
|
|
|
mDevice = std::move(rhs.mDevice);
|
2016-05-16 17:14:56 +02:00
|
|
|
mOpHandle = std::move(rhs.mOpHandle);
|
|
|
|
mError = std::move(rhs.mError);
|
2016-01-21 21:26:12 +01:00
|
|
|
}
|
2016-05-16 17:14:56 +02:00
|
|
|
// Construct an object in an error state for error returns
|
2016-10-26 15:27:10 +02:00
|
|
|
KeymasterOperation()
|
2017-01-31 12:31:08 +01:00
|
|
|
: mDevice{nullptr}, mOpHandle{0},
|
2016-10-26 15:27:10 +02:00
|
|
|
mError {ErrorCode::UNKNOWN_ERROR} {}
|
2017-01-31 12:31:08 +01:00
|
|
|
// Move Assignment
|
|
|
|
KeymasterOperation& operator= (KeymasterOperation&& rhs) {
|
|
|
|
mDevice = std::move(rhs.mDevice);
|
|
|
|
mOpHandle = std::move(rhs.mOpHandle);
|
|
|
|
mError = std::move(rhs.mError);
|
|
|
|
rhs.mError = ErrorCode::UNKNOWN_ERROR;
|
|
|
|
rhs.mOpHandle = 0;
|
|
|
|
return *this;
|
|
|
|
}
|
2016-03-09 18:31:37 +01:00
|
|
|
|
|
|
|
private:
|
2016-10-26 15:27:10 +02:00
|
|
|
KeymasterOperation(const sp<IKeymasterDevice>& d, uint64_t h)
|
|
|
|
: mDevice{d}, mOpHandle{h}, mError {ErrorCode::OK} {}
|
|
|
|
KeymasterOperation(ErrorCode error)
|
|
|
|
: mDevice{nullptr}, mOpHandle{0},
|
2016-05-16 17:14:56 +02:00
|
|
|
mError {error} {}
|
2017-08-01 18:15:53 +02:00
|
|
|
|
|
|
|
bool updateCompletely(const char* input, size_t inputLen,
|
|
|
|
const std::function<void(const char*, size_t)> consumer);
|
|
|
|
|
2016-10-26 15:27:10 +02:00
|
|
|
sp<IKeymasterDevice> mDevice;
|
|
|
|
uint64_t mOpHandle;
|
|
|
|
ErrorCode mError;
|
2016-01-21 21:26:12 +01:00
|
|
|
DISALLOW_COPY_AND_ASSIGN(KeymasterOperation);
|
|
|
|
friend class Keymaster;
|
|
|
|
};
|
|
|
|
|
2016-03-16 01:04:39 +01:00
|
|
|
// Wrapper for a Keymaster device for methods that start a KeymasterOperation or are not
|
|
|
|
// part of one.
|
2016-01-21 21:26:12 +01:00
|
|
|
class Keymaster {
|
2016-03-09 18:31:37 +01:00
|
|
|
public:
|
2016-01-21 21:26:12 +01:00
|
|
|
Keymaster();
|
|
|
|
// false if we failed to open the keymaster device.
|
2016-10-26 15:27:10 +02:00
|
|
|
explicit operator bool() { return mDevice.get() != nullptr; }
|
2016-01-21 21:26:12 +01:00
|
|
|
// Generate a key in the keymaster from the given params.
|
2016-03-09 18:31:37 +01:00
|
|
|
bool generateKey(const AuthorizationSet& inParams, std::string* key);
|
2016-01-21 21:26:12 +01:00
|
|
|
// If the keymaster supports it, permanently delete a key.
|
2016-03-09 18:31:37 +01:00
|
|
|
bool deleteKey(const std::string& key);
|
2016-05-16 17:14:56 +02:00
|
|
|
// Replace stored key blob in response to KM_ERROR_KEY_REQUIRES_UPGRADE.
|
|
|
|
bool upgradeKey(const std::string& oldKey, const AuthorizationSet& inParams,
|
|
|
|
std::string* newKey);
|
|
|
|
// Begin a new cryptographic operation, collecting output parameters if pointer is non-null
|
2016-10-26 15:27:10 +02:00
|
|
|
KeymasterOperation begin(KeyPurpose purpose, const std::string& key,
|
2016-03-09 18:31:37 +01:00
|
|
|
const AuthorizationSet& inParams, AuthorizationSet* outParams);
|
2017-01-31 12:31:08 +01:00
|
|
|
bool isSecure();
|
2016-03-09 18:31:37 +01:00
|
|
|
|
|
|
|
private:
|
2016-10-26 15:27:10 +02:00
|
|
|
sp<hardware::keymaster::V3_0::IKeymasterDevice> mDevice;
|
2016-01-21 21:26:12 +01:00
|
|
|
DISALLOW_COPY_AND_ASSIGN(Keymaster);
|
|
|
|
};
|
|
|
|
|
|
|
|
} // namespace vold
|
|
|
|
} // namespace android
|
|
|
|
|
2017-10-09 19:55:21 +02:00
|
|
|
// FIXME no longer needed now cryptfs is in C++.
|
2017-01-31 12:31:08 +01:00
|
|
|
|
|
|
|
/*
|
|
|
|
* The following functions provide C bindings to keymaster services
|
|
|
|
* needed by cryptfs scrypt. The compatibility check checks whether
|
|
|
|
* the keymaster implementation is considered secure, i.e., TEE backed.
|
|
|
|
* The create_key function generates an RSA key for signing.
|
|
|
|
* The sign_object function signes an object with the given keymaster
|
|
|
|
* key.
|
|
|
|
*/
|
|
|
|
|
|
|
|
int keymaster_compatibility_cryptfs_scrypt();
|
|
|
|
int keymaster_create_key_for_cryptfs_scrypt(uint32_t rsa_key_size,
|
|
|
|
uint64_t rsa_exponent,
|
|
|
|
uint32_t ratelimit,
|
|
|
|
uint8_t* key_buffer,
|
|
|
|
uint32_t key_buffer_size,
|
|
|
|
uint32_t* key_out_size);
|
|
|
|
|
|
|
|
int keymaster_sign_object_for_cryptfs_scrypt(const uint8_t* key_blob,
|
|
|
|
size_t key_blob_size,
|
|
|
|
uint32_t ratelimit,
|
|
|
|
const uint8_t* object,
|
|
|
|
const size_t object_size,
|
|
|
|
uint8_t** signature_buffer,
|
|
|
|
size_t* signature_buffer_size);
|
|
|
|
|
|
|
|
|
2016-01-21 21:26:12 +01:00
|
|
|
#endif
|