Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / android_system_vold / 29b54aab8ee2d08e2129832364f9b719dd17fa4e / . / Ext4Crypt.cpp
blob: 150014c503b7cf8630287b3ddd0f768ca07b1b45 [file] [log] [blame]
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]1#include "Ext4Crypt.h"
2
Paul Lawrence5e7f0042015-04-10 07:48:51 -0700[diff] [blame]3#include <iomanip>
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]4#include <map>
Paul Lawrence5e7f0042015-04-10 07:48:51 -0700[diff] [blame]5#include <fstream>
6#include <string>
7#include <sstream>
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]8
9#include <errno.h>
10#include <sys/mount.h>
11#include <cutils/properties.h>
Paul Lawrence5e7f0042015-04-10 07:48:51 -0700[diff] [blame]12#include <openssl/sha.h>
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]13
14#include "unencrypted_properties.h"
15#include "key_control.h"
16#include "cryptfs.h"
17
18#define LOG_TAG "Ext4Crypt"
19#include "cutils/log.h"
20#include <cutils/klog.h>
21
22namespace {
23 // Key length in bits
24 const int key_length = 128;
Paul Lawrence5e7f0042015-04-10 07:48:51 -0700[diff] [blame]25 static_assert(key_length % 8 == 0,
26 "Key length must be multiple of 8 bits");
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]27
28 // How is device encrypted
29 struct keys {
30 std::string master_key;
31 std::string password;
32 };
33 std::map<std::string, keys> s_key_store;
34
Paul Lawrence5e7f0042015-04-10 07:48:51 -0700[diff] [blame]35 // ext4enc:TODO get these consts from somewhere good
36 const int SHA512_LENGTH = 64;
37 const int EXT4_KEY_DESCRIPTOR_SIZE = 8;
38
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]39 // ext4enc:TODO Include structure from somewhere sensible
40 // MUST be in sync with ext4_crypto.c in kernel
Paul Lawrence5e7f0042015-04-10 07:48:51 -0700[diff] [blame]41 const int EXT4_MAX_KEY_SIZE = 64;
42 const int EXT4_ENCRYPTION_MODE_AES_256_XTS = 1;
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]43 struct ext4_encryption_key {
Paul Lawrence5e7f0042015-04-10 07:48:51 -0700[diff] [blame]44 uint32_t mode;
45 char raw[EXT4_MAX_KEY_SIZE];
46 uint32_t size;
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]47 };
48
49 namespace tag {
50 const char* magic = "magic";
51 const char* major_version = "major_version";
52 const char* minor_version = "minor_version";
53 const char* flags = "flags";
54 const char* crypt_type = "crypt_type";
55 const char* failed_decrypt_count = "failed_decrypt_count";
56 const char* crypto_type_name = "crypto_type_name";
57 const char* master_key = "master_key";
58 const char* salt = "salt";
59 const char* kdf_type = "kdf_type";
60 const char* N_factor = "N_factor";
61 const char* r_factor = "r_factor";
62 const char* p_factor = "p_factor";
63 const char* keymaster_blob = "keymaster_blob";
64 const char* scrypted_intermediate_key = "scrypted_intermediate_key";
65 }
66}
67
68static int put_crypt_ftr_and_key(const crypt_mnt_ftr& crypt_ftr,
69 UnencryptedProperties& props)
70{
71 SLOGI("Putting crypt footer");
72
73 bool success = props.Set<int>(tag::magic, crypt_ftr.magic)
74 && props.Set<int>(tag::major_version, crypt_ftr.major_version)
75 && props.Set<int>(tag::minor_version, crypt_ftr.minor_version)
76 && props.Set<int>(tag::flags, crypt_ftr.flags)
77 && props.Set<int>(tag::crypt_type, crypt_ftr.crypt_type)
78 && props.Set<int>(tag::failed_decrypt_count,
79 crypt_ftr.failed_decrypt_count)
80 && props.Set<std::string>(tag::crypto_type_name,
81 std::string(reinterpret_cast<const char*>(crypt_ftr.crypto_type_name)))
82 && props.Set<std::string>(tag::master_key,
83 std::string((const char*) crypt_ftr.master_key,
84 crypt_ftr.keysize))
85 && props.Set<std::string>(tag::salt,
86 std::string((const char*) crypt_ftr.salt,
87 SALT_LEN))
88 && props.Set<int>(tag::kdf_type, crypt_ftr.kdf_type)
89 && props.Set<int>(tag::N_factor, crypt_ftr.N_factor)
90 && props.Set<int>(tag::r_factor, crypt_ftr.r_factor)
91 && props.Set<int>(tag::p_factor, crypt_ftr.p_factor)
92 && props.Set<std::string>(tag::keymaster_blob,
93 std::string((const char*) crypt_ftr.keymaster_blob,
94 crypt_ftr.keymaster_blob_size))
95 && props.Set<std::string>(tag::scrypted_intermediate_key,
96 std::string((const char*) crypt_ftr.scrypted_intermediate_key,
97 SCRYPT_LEN));
98 return success ? 0 : -1;
99}
100
101static int get_crypt_ftr_and_key(crypt_mnt_ftr& crypt_ftr,
102 const UnencryptedProperties& props)
103{
104 memset(&crypt_ftr, 0, sizeof(crypt_ftr));
105 crypt_ftr.magic = props.Get<int>(tag::magic);
106 crypt_ftr.major_version = props.Get<int>(tag::major_version);
107 crypt_ftr.minor_version = props.Get<int>(tag::minor_version);
108 crypt_ftr.flags = props.Get<int>(tag::flags);
109 crypt_ftr.crypt_type = props.Get<int>(tag::crypt_type);
110 crypt_ftr.failed_decrypt_count = props.Get<int>(tag::failed_decrypt_count);
111 std::string crypto_type_name = props.Get<std::string>(tag::crypto_type_name);
112 strlcpy(reinterpret_cast<char*>(crypt_ftr.crypto_type_name),
113 crypto_type_name.c_str(),
114 sizeof(crypt_ftr.crypto_type_name));
115 std::string master_key = props.Get<std::string>(tag::master_key);
116 crypt_ftr.keysize = master_key.size();
117 if (crypt_ftr.keysize > sizeof(crypt_ftr.master_key)) {
118 SLOGE("Master key size too long");
119 return -1;
120 }
121 memcpy(crypt_ftr.master_key, &master_key[0], crypt_ftr.keysize);
122 std::string salt = props.Get<std::string>(tag::salt);
123 if (salt.size() != SALT_LEN) {
124 SLOGE("Salt wrong length");
125 return -1;
126 }
127 memcpy(crypt_ftr.salt, &salt[0], SALT_LEN);
128 crypt_ftr.kdf_type = props.Get<int>(tag::kdf_type);
129 crypt_ftr.N_factor = props.Get<int>(tag::N_factor);
130 crypt_ftr.r_factor = props.Get<int>(tag::r_factor);
131 crypt_ftr.p_factor = props.Get<int>(tag::p_factor);
132 std::string keymaster_blob = props.Get<std::string>(tag::keymaster_blob);
133 crypt_ftr.keymaster_blob_size = keymaster_blob.size();
134 if (crypt_ftr.keymaster_blob_size > sizeof(crypt_ftr.keymaster_blob)) {
135 SLOGE("Keymaster blob too long");
136 return -1;
137 }
138 memcpy(crypt_ftr.keymaster_blob, &keymaster_blob[0],
139 crypt_ftr.keymaster_blob_size);
140 std::string scrypted_intermediate_key = props.Get<std::string>(tag::scrypted_intermediate_key);
141 if (scrypted_intermediate_key.size() != SCRYPT_LEN) {
142 SLOGE("scrypted intermediate key wrong length");
143 return -1;
144 }
145 memcpy(crypt_ftr.scrypted_intermediate_key, &scrypted_intermediate_key[0],
146 SCRYPT_LEN);
147
148 return 0;
149}
150
151static UnencryptedProperties GetProps(const char* path)
152{
153 return UnencryptedProperties(path);
154}
155
156static UnencryptedProperties GetAltProps(const char* path)
157{
158 return UnencryptedProperties((std::string() + path + "/tmp_mnt").c_str());
159}
160
161static UnencryptedProperties GetPropsOrAltProps(const char* path)
162{
163 UnencryptedProperties props = GetProps(path);
164 if (props.OK()) {
165 return props;
166 }
167 return GetAltProps(path);
168}
169
170int e4crypt_enable(const char* path)
171{
172 // Already enabled?
173 if (s_key_store.find(path) != s_key_store.end()) {
174 return 0;
175 }
176
177 // Not an encryptable device?
178 UnencryptedProperties key_props = GetProps(path).GetChild(properties::key);
179 if (!key_props.OK()) {
180 return 0;
181 }
182
183 if (key_props.Get<std::string>(tag::master_key).empty()) {
184 crypt_mnt_ftr ftr;
185 if (cryptfs_create_default_ftr(&ftr, key_length)) {
186 SLOGE("Failed to create crypto footer");
187 return -1;
188 }
189
190 if (put_crypt_ftr_and_key(ftr, key_props)) {
191 SLOGE("Failed to write crypto footer");
192 return -1;
193 }
194
195 crypt_mnt_ftr ftr2;
196 if (get_crypt_ftr_and_key(ftr2, key_props)) {
197 SLOGE("Failed to read crypto footer back");
198 return -1;
199 }
200
201 if (memcmp(&ftr, &ftr2, sizeof(ftr)) != 0) {
202 SLOGE("Crypto footer not correctly written");
203 // ex4enc:TODO why is this failing?
204 //return -1;
205 }
206 }
207
208 if (!UnencryptedProperties(path).Remove(properties::ref)) {
209 SLOGE("Failed to remove key ref");
210 return -1;
211 }
212
213 return e4crypt_check_passwd(path, "");
214}
215
216int e4crypt_change_password(const char* path, int crypt_type,
217 const char* password)
218{
219 SLOGI("e4crypt_change_password");
Paul Lawrenceaaccfac2015-05-04 15:48:24 -0700[diff] [blame]220 auto key_props = GetProps(path).GetChild(properties::key);
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]221
222 crypt_mnt_ftr ftr;
223 if (get_crypt_ftr_and_key(ftr, key_props)) {
224 SLOGE("Failed to read crypto footer back");
225 return -1;
226 }
227
228 auto mki = s_key_store.find(path);
229 if (mki == s_key_store.end()) {
230 SLOGE("No stored master key - can't change password");
231 return -1;
232 }
233
234 const unsigned char* master_key
235 = reinterpret_cast<const unsigned char*>(&mki->second.master_key[0]);
236
237 if (cryptfs_set_password(&ftr, password, master_key)) {
238 SLOGE("Failed to set password");
239 return -1;
240 }
241
242 ftr.crypt_type = crypt_type;
243
244 if (put_crypt_ftr_and_key(ftr, key_props)) {
245 SLOGE("Failed to write crypto footer");
246 return -1;
247 }
248
249 if (!UnencryptedProperties(path).Set(properties::is_default,
250 crypt_type == CRYPT_TYPE_DEFAULT)) {
251 SLOGE("Failed to update default flag");
252 return -1;
253 }
254
255 return 0;
256}
257
258int e4crypt_crypto_complete(const char* path)
259{
260 SLOGI("ext4 crypto complete called on %s", path);
Paul Lawrenceaaccfac2015-05-04 15:48:24 -0700[diff] [blame]261 auto key_props = GetPropsOrAltProps(path).GetChild(properties::key);
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]262 if (key_props.Get<std::string>(tag::master_key).empty()) {
263 SLOGI("No master key, so not ext4enc");
264 return -1;
265 }
266
267 return 0;
268}
269
Paul Lawrence5e7f0042015-04-10 07:48:51 -0700[diff] [blame]270static std::string generate_key_ref(const char* key, int length)
271{
272 SHA512_CTX c;
273
274 SHA512_Init(&c);
275 SHA512_Update(&c, key, length);
276 unsigned char key_ref1[SHA512_LENGTH];
277 SHA512_Final(key_ref1, &c);
278
279 SHA512_Init(&c);
280 SHA512_Update(&c, key_ref1, SHA512_LENGTH);
281 unsigned char key_ref2[SHA512_LENGTH];
282 SHA512_Final(key_ref2, &c);
283
284 return std::string((char*)key_ref2, EXT4_KEY_DESCRIPTOR_SIZE);
285}
286
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]287int e4crypt_check_passwd(const char* path, const char* password)
288{
289 SLOGI("e4crypt_check_password");
Paul Lawrenceaaccfac2015-05-04 15:48:24 -0700[diff] [blame]290 auto props = GetPropsOrAltProps(path);
291 auto key_props = props.GetChild(properties::key);
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]292
293 crypt_mnt_ftr ftr;
294 if (get_crypt_ftr_and_key(ftr, key_props)) {
295 SLOGE("Failed to read crypto footer back");
296 return -1;
297 }
298
299 unsigned char master_key[key_length / 8];
300 if (cryptfs_get_master_key (&ftr, password, master_key)){
301 SLOGI("Incorrect password");
Paul Lawrence3ca21e22015-04-14 15:26:29 -0700[diff] [blame]302 ftr.failed_decrypt_count++;
303 if (put_crypt_ftr_and_key(ftr, key_props)) {
304 SLOGW("Failed to update failed_decrypt_count");
305 }
306 return ftr.failed_decrypt_count;
307 }
308
309 if (ftr.failed_decrypt_count) {
310 ftr.failed_decrypt_count = 0;
311 if (put_crypt_ftr_and_key(ftr, key_props)) {
312 SLOGW("Failed to reset failed_decrypt_count");
313 }
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]314 }
315
316 s_key_store[path] = keys{std::string(reinterpret_cast<char*>(master_key),
317 sizeof(master_key)),
318 password};
319
320 // Install password into global keyring
Paul Lawrence5e7f0042015-04-10 07:48:51 -0700[diff] [blame]321 // ext4enc:TODO Currently raw key is required to be of length
322 // sizeof(ext4_key.raw) == EXT4_MAX_KEY_SIZE, so zero pad to
323 // this length. Change when kernel bug is fixed.
324 ext4_encryption_key ext4_key = {EXT4_ENCRYPTION_MODE_AES_256_XTS,
325 {0},
326 sizeof(ext4_key.raw)};
327 memset(ext4_key.raw, 0, sizeof(ext4_key.raw));
328 static_assert(key_length / 8 <= sizeof(ext4_key.raw),
329 "Key too long!");
330 memcpy(ext4_key.raw, master_key, key_length / 8);
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]331
Paul Lawrence5e7f0042015-04-10 07:48:51 -0700[diff] [blame]332 // Get raw keyref - used to make keyname and to pass to ioctl
333 auto raw_ref = generate_key_ref(ext4_key.raw, ext4_key.size);
334
335 // Generate keyname
336 std::ostringstream o;
337 for (auto i = raw_ref.begin(); i != raw_ref.end(); ++i) {
338 o << std::hex << std::setw(2) << std::setfill('0') << (int)*i;
339 }
340 auto ref = std::string("ext4:") + o.str();
341
342 // Find existing keyring
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]343 key_serial_t device_keyring = keyctl_search(KEY_SPEC_SESSION_KEYRING,
344 "keyring", "e4crypt", 0);
345
346 SLOGI("Found device_keyring - id is %d", device_keyring);
347
Paul Lawrence5e7f0042015-04-10 07:48:51 -0700[diff] [blame]348 // Add key ...
349 key_serial_t key_id = add_key("logon", ref.c_str(),
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]350 (void*)&ext4_key, sizeof(ext4_key),
351 device_keyring);
352
353 if (key_id == -1) {
354 SLOGE("Failed to insert key into keyring with error %s",
355 strerror(errno));
356 return -1;
357 }
358
Paul Lawrence5e7f0042015-04-10 07:48:51 -0700[diff] [blame]359 SLOGI("Added key %d (%s) to keyring %d in process %d",
360 key_id, ref.c_str(), device_keyring, getpid());
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]361
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]362 // Save reference to key so we can set policy later
Paul Lawrence5e7f0042015-04-10 07:48:51 -0700[diff] [blame]363 if (!props.Set(properties::ref, raw_ref)) {
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]364 SLOGE("Cannot save key reference");
365 return -1;
366 }
367
368 return 0;
369}
370
371int e4crypt_restart(const char* path)
372{
373 SLOGI("e4crypt_restart");
374
375 int rc = 0;
376
377 SLOGI("ext4 restart called on %s", path);
378 property_set("vold.decrypt", "trigger_reset_main");
379 SLOGI("Just asked init to shut down class main");
380 sleep(2);
381
382 std::string tmp_path = std::string() + path + "/tmp_mnt";
383
Paul Lawrence29b54aa2015-05-05 14:28:25 -0700[diff] [blame^]384 rc = wait_and_unmount(tmp_path.c_str(), true);
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]385 if (rc) {
386 SLOGE("umount %s failed with rc %d, msg %s",
387 tmp_path.c_str(), rc, strerror(errno));
388 return rc;
389 }
390
Paul Lawrence29b54aa2015-05-05 14:28:25 -0700[diff] [blame^]391 rc = wait_and_unmount(path, true);
Paul Lawrence707fd6c2015-04-28 22:14:15 +0000[diff] [blame]392 if (rc) {
393 SLOGE("umount %s failed with rc %d, msg %s",
394 path, rc, strerror(errno));
395 return rc;
396 }
397
398 return 0;
399}
400
401const char* e4crypt_get_password(const char* path)
402{
403 SLOGI("e4crypt_get_password");
404
405 // ext4enc:TODO scrub password after timeout
406 auto i = s_key_store.find(path);
407 if (i == s_key_store.end()) {
408 return 0;
409 } else {
410 return i->second.password.c_str();
411 }
412}
413
414int e4crypt_get_password_type(const char* path)
415{
416 SLOGI("e4crypt_get_password_type");
417 return GetPropsOrAltProps(path).GetChild(properties::key)
418 .Get<int>(tag::crypt_type, CRYPT_TYPE_DEFAULT);
419}
Paul Lawrence4e727452015-04-15 14:12:00 -0700[diff] [blame]420
421int e4crypt_get_field(const char* path, const char* fieldname,
422 char* value, size_t len)
423{
424 auto v = GetPropsOrAltProps(path).GetChild(properties::props)
425 .Get<std::string>(fieldname);
426
427 if (v == "") {
428 return CRYPTO_GETFIELD_ERROR_NO_FIELD;
429 }
430
431 if (v.length() >= len) {
432 return CRYPTO_GETFIELD_ERROR_BUF_TOO_SMALL;
433 }
434
435 strlcpy(value, v.c_str(), len);
436 return 0;
437}
438
439int e4crypt_set_field(const char* path, const char* fieldname,
440 const char* value)
441{
442 return GetPropsOrAltProps(path).GetChild(properties::props)
443 .Set(fieldname, std::string(value)) ? 0 : -1;
444}