blob: ea102f56672b758fd6df072a860b87f53fb40da2 [file] [log] [blame]
Paul Crowley1ef25582016-01-21 20:26:12 +00001/*
2 * Copyright (C) 2016 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Paul Crowley0323afd2016-03-15 17:04:39 -070017#ifndef ANDROID_VOLD_KEYMASTER_H
18#define ANDROID_VOLD_KEYMASTER_H
Paul Crowley1ef25582016-01-21 20:26:12 +000019
Pavel Grafove2e2d302017-08-01 17:15:53 +010020#include "KeyBuffer.h"
21
Paul Crowley0323afd2016-03-15 17:04:39 -070022#include <memory>
Paul Crowley1ef25582016-01-21 20:26:12 +000023#include <string>
Paul Crowley0323afd2016-03-15 17:04:39 -070024#include <utility>
Paul Crowley1ef25582016-01-21 20:26:12 +000025
Steven Moreland25e8b4b2017-05-01 12:45:32 -070026#include <android-base/macros.h>
Shawn Willden35f0f222020-01-16 13:21:42 -070027#include <keymasterV4_1/Keymaster.h>
28#include <keymasterV4_1/authorization_set.h>
Paul Crowley1ef25582016-01-21 20:26:12 +000029
30namespace android {
31namespace vold {
Shawn Willden35351812018-01-22 09:08:32 -070032
Shawn Willden35f0f222020-01-16 13:21:42 -070033namespace km {
34
35using namespace ::android::hardware::keymaster::V4_1;
36
37// Surprisingly -- to me, at least -- this is totally fine. You can re-define symbols that were
38// brought in via a using directive (the "using namespace") above. In general this seems like a
39// dangerous thing to rely on, but in this case its implications are simple and straightforward:
40// km::ErrorCode refers to the 4.0 ErrorCode, though we pull everything else from 4.1.
41using ErrorCode = ::android::hardware::keymaster::V4_0::ErrorCode;
Shawn Willden2b1ff5a2020-01-16 14:08:36 -070042using V4_1_ErrorCode = ::android::hardware::keymaster::V4_1::ErrorCode;
Shawn Willden35f0f222020-01-16 13:21:42 -070043
44} // namespace km
45
Shawn Willden35351812018-01-22 09:08:32 -070046using KmDevice = km::support::Keymaster;
Paul Crowley1ef25582016-01-21 20:26:12 +000047
Janis Danisevskis8e537b82016-10-26 14:27:10 +010048// C++ wrappers to the Keymaster hidl interface.
Paul Crowley1ef25582016-01-21 20:26:12 +000049// This is tailored to the needs of KeyStorage, but could be extended to be
50// a more general interface.
51
Janis Danisevskis8e537b82016-10-26 14:27:10 +010052// Wrapper for a Keymaster operation handle representing an
Paul Crowley1ef25582016-01-21 20:26:12 +000053// ongoing Keymaster operation. Aborts the operation
54// in the destructor if it is unfinished. Methods log failures
55// to LOG(ERROR).
56class KeymasterOperation {
Paul Crowleydf528a72016-03-09 09:31:37 -080057 public:
Paul Crowley0323afd2016-03-15 17:04:39 -070058 ~KeymasterOperation();
Paul Crowley1ef25582016-01-21 20:26:12 +000059 // Is this instance valid? This is false if creation fails, and becomes
60 // false on finish or if an update fails.
Greg Kaiseref9abab2018-12-18 08:42:08 -080061 explicit operator bool() const { return mError == km::ErrorCode::OK; }
62 km::ErrorCode errorCode() const { return mError; }
Paul Crowley13ffd8e2016-01-27 14:30:22 +000063 // Call "update" repeatedly until all of the input is consumed, and
Paul Crowley1ef25582016-01-21 20:26:12 +000064 // concatenate the output. Return true on success.
Pavel Grafove2e2d302017-08-01 17:15:53 +010065 template <class TI, class TO>
66 bool updateCompletely(TI& input, TO* output) {
67 if (output) output->clear();
68 return updateCompletely(input.data(), input.size(), [&](const char* b, size_t n) {
Shawn Willden785365b2018-01-20 09:37:36 -070069 if (output) std::copy(b, b + n, std::back_inserter(*output));
Pavel Grafove2e2d302017-08-01 17:15:53 +010070 });
71 }
72
Paul Crowleydff8c722016-05-16 08:14:56 -070073 // Finish and write the output to this string, unless pointer is null.
74 bool finish(std::string* output);
Paul Crowley1ef25582016-01-21 20:26:12 +000075 // Move constructor
Shawn Willden35351812018-01-22 09:08:32 -070076 KeymasterOperation(KeymasterOperation&& rhs) { *this = std::move(rhs); }
Paul Crowleydff8c722016-05-16 08:14:56 -070077 // Construct an object in an error state for error returns
Shawn Willden35351812018-01-22 09:08:32 -070078 KeymasterOperation() : mDevice{nullptr}, mOpHandle{0}, mError{km::ErrorCode::UNKNOWN_ERROR} {}
Janis Danisevskis015ec302017-01-31 11:31:08 +000079 // Move Assignment
Shawn Willden785365b2018-01-20 09:37:36 -070080 KeymasterOperation& operator=(KeymasterOperation&& rhs) {
Shawn Willden3e02df82018-02-07 15:06:06 -070081 mDevice = rhs.mDevice;
82 rhs.mDevice = nullptr;
83
84 mOpHandle = rhs.mOpHandle;
Janis Danisevskis015ec302017-01-31 11:31:08 +000085 rhs.mOpHandle = 0;
Shawn Willden3e02df82018-02-07 15:06:06 -070086
87 mError = rhs.mError;
88 rhs.mError = km::ErrorCode::UNKNOWN_ERROR;
89
Janis Danisevskis015ec302017-01-31 11:31:08 +000090 return *this;
91 }
Paul Crowleydf528a72016-03-09 09:31:37 -080092
93 private:
Shawn Willden35351812018-01-22 09:08:32 -070094 KeymasterOperation(KmDevice* d, uint64_t h)
95 : mDevice{d}, mOpHandle{h}, mError{km::ErrorCode::OK} {}
96 KeymasterOperation(km::ErrorCode error) : mDevice{nullptr}, mOpHandle{0}, mError{error} {}
Pavel Grafove2e2d302017-08-01 17:15:53 +010097
98 bool updateCompletely(const char* input, size_t inputLen,
99 const std::function<void(const char*, size_t)> consumer);
100
Shawn Willden35351812018-01-22 09:08:32 -0700101 KmDevice* mDevice;
Janis Danisevskis8e537b82016-10-26 14:27:10 +0100102 uint64_t mOpHandle;
Shawn Willden35351812018-01-22 09:08:32 -0700103 km::ErrorCode mError;
Paul Crowley1ef25582016-01-21 20:26:12 +0000104 DISALLOW_COPY_AND_ASSIGN(KeymasterOperation);
105 friend class Keymaster;
106};
107
Paul Crowley0323afd2016-03-15 17:04:39 -0700108// Wrapper for a Keymaster device for methods that start a KeymasterOperation or are not
109// part of one.
Paul Crowley1ef25582016-01-21 20:26:12 +0000110class Keymaster {
Paul Crowleydf528a72016-03-09 09:31:37 -0800111 public:
Paul Crowley1ef25582016-01-21 20:26:12 +0000112 Keymaster();
Paul Crowley1ef25582016-01-21 20:26:12 +0000113 // false if we failed to open the keymaster device.
Janis Danisevskis8e537b82016-10-26 14:27:10 +0100114 explicit operator bool() { return mDevice.get() != nullptr; }
Paul Crowley1ef25582016-01-21 20:26:12 +0000115 // Generate a key in the keymaster from the given params.
Shawn Willden35351812018-01-22 09:08:32 -0700116 bool generateKey(const km::AuthorizationSet& inParams, std::string* key);
Barani Muthukumaran3dfb0942020-02-03 13:06:45 -0800117 // Exports a keymaster key with STORAGE_KEY tag wrapped with a per-boot ephemeral key
118 bool exportKey(const KeyBuffer& kmKey, std::string* key);
Paul Crowley1ef25582016-01-21 20:26:12 +0000119 // If the keymaster supports it, permanently delete a key.
Paul Crowleydf528a72016-03-09 09:31:37 -0800120 bool deleteKey(const std::string& key);
Paul Crowleydff8c722016-05-16 08:14:56 -0700121 // Replace stored key blob in response to KM_ERROR_KEY_REQUIRES_UPGRADE.
Shawn Willden35351812018-01-22 09:08:32 -0700122 bool upgradeKey(const std::string& oldKey, const km::AuthorizationSet& inParams,
Paul Crowleydff8c722016-05-16 08:14:56 -0700123 std::string* newKey);
124 // Begin a new cryptographic operation, collecting output parameters if pointer is non-null
Shawn Willden35351812018-01-22 09:08:32 -0700125 KeymasterOperation begin(km::KeyPurpose purpose, const std::string& key,
126 const km::AuthorizationSet& inParams,
127 const km::HardwareAuthToken& authToken,
128 km::AuthorizationSet* outParams);
Janis Danisevskis015ec302017-01-31 11:31:08 +0000129 bool isSecure();
Paul Crowleydf528a72016-03-09 09:31:37 -0800130
Shawn Willden2b1ff5a2020-01-16 14:08:36 -0700131 // Tell Keymaster that early boot has ended and early boot-only keys can no longer be created or
132 // used.
133 void earlyBootEnded();
134
Paul Crowleydf528a72016-03-09 09:31:37 -0800135 private:
Shawn Willden35351812018-01-22 09:08:32 -0700136 std::unique_ptr<KmDevice> mDevice;
Paul Crowley1ef25582016-01-21 20:26:12 +0000137 DISALLOW_COPY_AND_ASSIGN(Keymaster);
Shawn Willden28075362018-05-09 08:12:10 -0600138 static bool hmacKeyGenerated;
Paul Crowley1ef25582016-01-21 20:26:12 +0000139};
140
Paul Crowley1ef25582016-01-21 20:26:12 +0000141} // namespace vold
142} // namespace android
143
Paul Crowley3b71fc52017-10-09 10:55:21 -0700144// FIXME no longer needed now cryptfs is in C++.
Janis Danisevskis015ec302017-01-31 11:31:08 +0000145
146/*
147 * The following functions provide C bindings to keymaster services
148 * needed by cryptfs scrypt. The compatibility check checks whether
149 * the keymaster implementation is considered secure, i.e., TEE backed.
150 * The create_key function generates an RSA key for signing.
151 * The sign_object function signes an object with the given keymaster
152 * key.
153 */
Janis Danisevskis015ec302017-01-31 11:31:08 +0000154
Paul Crowley73473332017-11-21 15:43:51 -0800155/* Return values for keymaster_sign_object_for_cryptfs_scrypt */
156
157enum class KeymasterSignResult {
158 ok = 0,
159 error = -1,
160 upgrade = -2,
161};
162
Janis Danisevskis015ec302017-01-31 11:31:08 +0000163int keymaster_compatibility_cryptfs_scrypt();
Shawn Willden785365b2018-01-20 09:37:36 -0700164int keymaster_create_key_for_cryptfs_scrypt(uint32_t rsa_key_size, uint64_t rsa_exponent,
165 uint32_t ratelimit, uint8_t* key_buffer,
166 uint32_t key_buffer_size, uint32_t* key_out_size);
Janis Danisevskis015ec302017-01-31 11:31:08 +0000167
Paul Crowley73473332017-11-21 15:43:51 -0800168int keymaster_upgrade_key_for_cryptfs_scrypt(uint32_t rsa_key_size, uint64_t rsa_exponent,
169 uint32_t ratelimit, const uint8_t* key_blob,
170 size_t key_blob_size, uint8_t* key_buffer,
171 uint32_t key_buffer_size, uint32_t* key_out_size);
172
173KeymasterSignResult keymaster_sign_object_for_cryptfs_scrypt(
174 const uint8_t* key_blob, size_t key_blob_size, uint32_t ratelimit, const uint8_t* object,
175 const size_t object_size, uint8_t** signature_buffer, size_t* signature_buffer_size);
Janis Danisevskis015ec302017-01-31 11:31:08 +0000176
Paul Crowley1ef25582016-01-21 20:26:12 +0000177#endif