1 /*
2 **
3 ** Copyright 2017, The Android Open Source Project
4 **
5 ** Licensed under the Apache License, Version 2.0 (the "License");
6 ** you may not use this file except in compliance with the License.
7 ** You may obtain a copy of the License at
8 **
9 ** http://www.apache.org/licenses/LICENSE-2.0
10 **
11 ** Unless required by applicable law or agreed to in writing, software
12 ** distributed under the License is distributed on an "AS IS" BASIS,
13 ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 ** See the License for the specific language governing permissions and
15 ** limitations under the License.
16 */
17
18 #include <keymaster/contexts/keymaster1_passthrough_context.h>
19
20 #include <keymaster/contexts/soft_attestation_cert.h>
21 #include <keymaster/key_blob_utils/integrity_assured_key_blob.h>
22 #include <keymaster/key_blob_utils/ocb_utils.h>
23 #include <keymaster/key_blob_utils/software_keyblobs.h>
24 #include <keymaster/km_openssl/aes_key.h>
25 #include <keymaster/km_openssl/attestation_utils.h>
26 #include <keymaster/km_openssl/hmac_key.h>
27 #include <keymaster/km_version.h>
28 #include <keymaster/legacy_support/ec_keymaster1_key.h>
29 #include <keymaster/legacy_support/keymaster1_engine.h>
30 #include <keymaster/legacy_support/keymaster1_legacy_support.h>
31 #include <keymaster/legacy_support/keymaster_passthrough_engine.h>
32 #include <keymaster/legacy_support/keymaster_passthrough_key.h>
33 #include <keymaster/legacy_support/rsa_keymaster1_key.h>
34
35 namespace keymaster {
36
Keymaster1PassthroughContext(KmVersion version,keymaster1_device_t * dev)37 Keymaster1PassthroughContext::Keymaster1PassthroughContext(KmVersion version,
38 keymaster1_device_t* dev)
39 : SoftAttestationContext(version), device_(dev),
40 pt_engine_(KeymasterPassthroughEngine::createInstance(dev)),
41 km1_engine_(new Keymaster1Engine(dev)) {}
42
SetSystemVersion(uint32_t os_version,uint32_t os_patchlevel)43 keymaster_error_t Keymaster1PassthroughContext::SetSystemVersion(uint32_t os_version,
44 uint32_t os_patchlevel) {
45 os_version_ = os_version;
46 os_patchlevel_ = os_patchlevel;
47 return KM_ERROR_OK;
48 }
49
GetSystemVersion(uint32_t * os_version,uint32_t * os_patchlevel) const50 void Keymaster1PassthroughContext::GetSystemVersion(uint32_t* os_version,
51 uint32_t* os_patchlevel) const {
52 if (os_version) *os_version = os_version_;
53 if (os_patchlevel) *os_patchlevel = os_patchlevel_;
54 }
55
GetKeyFactory(keymaster_algorithm_t algorithm) const56 KeyFactory* Keymaster1PassthroughContext::GetKeyFactory(keymaster_algorithm_t algorithm) const {
57 auto& result = factories_[algorithm];
58 if (!result) {
59 switch (algorithm) {
60 case KM_ALGORITHM_RSA:
61 result.reset(new Keymaster1ArbitrationFactory<RsaKeymaster1KeyFactory>(
62 pt_engine_.get(), KM_ALGORITHM_RSA, device_, *this /* blob_maker */,
63 *this /* context */, km1_engine_.get()));
64 break;
65 case KM_ALGORITHM_EC:
66 result.reset(new Keymaster1ArbitrationFactory<EcdsaKeymaster1KeyFactory>(
67 pt_engine_.get(), KM_ALGORITHM_EC, device_, *this /* blob_maker */,
68 *this /* context */, km1_engine_.get()));
69 break;
70 case KM_ALGORITHM_AES:
71 result.reset(new Keymaster1ArbitrationFactory<AesKeyFactory>(
72 pt_engine_.get(), KM_ALGORITHM_AES, device_, *this /* blob_maker */,
73 *this /* random_source */));
74 break;
75 case KM_ALGORITHM_HMAC:
76 result.reset(new Keymaster1ArbitrationFactory<HmacKeyFactory>(
77 pt_engine_.get(), KM_ALGORITHM_HMAC, device_, *this /* blob_maker */,
78 *this /* random_source */));
79 break;
80 case KM_ALGORITHM_TRIPLE_DES:
81 // Not supported by KM1.
82 return nullptr;
83 }
84 }
85 return result.get();
86 }
87 OperationFactory*
GetOperationFactory(keymaster_algorithm_t algorithm,keymaster_purpose_t purpose) const88 Keymaster1PassthroughContext::GetOperationFactory(keymaster_algorithm_t algorithm,
89 keymaster_purpose_t purpose) const {
90 auto keyfactory = GetKeyFactory(algorithm);
91 return keyfactory->GetOperationFactory(purpose);
92 }
93 keymaster_algorithm_t*
GetSupportedAlgorithms(size_t * algorithms_count) const94 Keymaster1PassthroughContext::GetSupportedAlgorithms(size_t* algorithms_count) const {
95 if (algorithms_count) *algorithms_count = 0;
96 return nullptr;
97 }
98
99 keymaster_error_t
UpgradeKeyBlob(const KeymasterKeyBlob & key_to_upgrade,const AuthorizationSet & upgrade_params,KeymasterKeyBlob * upgraded_key) const100 Keymaster1PassthroughContext::UpgradeKeyBlob(const KeymasterKeyBlob& key_to_upgrade,
101 const AuthorizationSet& upgrade_params,
102 KeymasterKeyBlob* upgraded_key) const {
103
104 UniquePtr<Key> key;
105 keymaster_error_t error = ParseKeyBlob(key_to_upgrade, upgrade_params, &key);
106 if (error != KM_ERROR_OK) return error;
107
108 if (key->hw_enforced().Contains(TAG_PURPOSE) &&
109 !key->hw_enforced().Contains(TAG_OS_PATCHLEVEL)) {
110 return KM_ERROR_INVALID_ARGUMENT;
111 }
112
113 return UpgradeSoftKeyBlob(key, os_version_, os_patchlevel_, upgrade_params, upgraded_key);
114 }
115
116 static keymaster_error_t
parseKeymaster1HwBlob(const keymaster1_device_t * device,const KeymasterKeyBlob & blob,const AuthorizationSet & additional_params,KeymasterKeyBlob * key_material,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced)117 parseKeymaster1HwBlob(const keymaster1_device_t* device, const KeymasterKeyBlob& blob,
118 const AuthorizationSet& additional_params, KeymasterKeyBlob* key_material,
119 AuthorizationSet* hw_enforced, AuthorizationSet* sw_enforced) {
120 keymaster_blob_t client_id = {nullptr, 0};
121 keymaster_blob_t app_data = {nullptr, 0};
122 keymaster_blob_t* client_id_ptr = nullptr;
123 keymaster_blob_t* app_data_ptr = nullptr;
124 if (additional_params.GetTagValue(TAG_APPLICATION_ID, &client_id)) client_id_ptr = &client_id;
125 if (additional_params.GetTagValue(TAG_APPLICATION_DATA, &app_data)) app_data_ptr = &app_data;
126
127 // Get key characteristics, which incidentally verifies that the HW recognizes the key.
128 keymaster_key_characteristics_t* characteristics;
129 keymaster_error_t error = device->get_key_characteristics(device, &blob, client_id_ptr,
130 app_data_ptr, &characteristics);
131 if (error != KM_ERROR_OK) return error;
132
133 UniquePtr<keymaster_key_characteristics_t, Characteristics_Delete> characteristics_deleter(
134 characteristics);
135
136 hw_enforced->Reinitialize(characteristics->hw_enforced);
137 sw_enforced->Reinitialize(characteristics->sw_enforced);
138 *key_material = blob;
139 return KM_ERROR_OK;
140 }
141
142 keymaster_error_t
ParseKeyBlob(const KeymasterKeyBlob & blob,const AuthorizationSet & additional_params,UniquePtr<Key> * key) const143 Keymaster1PassthroughContext::ParseKeyBlob(const KeymasterKeyBlob& blob,
144 const AuthorizationSet& additional_params,
145 UniquePtr<Key>* key) const {
146 AuthorizationSet hw_enforced;
147 AuthorizationSet sw_enforced;
148 KeymasterKeyBlob key_material;
149
150 AuthorizationSet hidden;
151 keymaster_error_t error =
152 BuildHiddenAuthorizations(additional_params, &hidden, softwareRootOfTrust);
153 if (error != KM_ERROR_OK) return error;
154
155 // Assume it's an integrity-assured blob (new software-only blob
156 error =
157 DeserializeIntegrityAssuredBlob(blob, hidden, &key_material, &hw_enforced, &sw_enforced);
158 if (error != KM_ERROR_INVALID_KEY_BLOB && error != KM_ERROR_OK) return error;
159
160 if (error == KM_ERROR_INVALID_KEY_BLOB) {
161 error = parseKeymaster1HwBlob(km1_engine_->device(), blob, additional_params, &key_material,
162 &hw_enforced, &sw_enforced);
163 if (error != KM_ERROR_OK) return error;
164 }
165
166 // GetKeyFactory
167 keymaster_algorithm_t algorithm;
168 if (!hw_enforced.GetTagValue(TAG_ALGORITHM, &algorithm) &&
169 !sw_enforced.GetTagValue(TAG_ALGORITHM, &algorithm)) {
170 return KM_ERROR_INVALID_ARGUMENT;
171 }
172 auto factory = GetKeyFactory(algorithm);
173
174 return factory->LoadKey(move(key_material), additional_params, move(hw_enforced),
175 move(sw_enforced), key);
176 }
177
DeleteKey(const KeymasterKeyBlob & blob) const178 keymaster_error_t Keymaster1PassthroughContext::DeleteKey(const KeymasterKeyBlob& blob) const {
179 // HACK. Due to a bug with Qualcomm's Keymaster implementation, which causes the device to
180 // reboot if we pass it a key blob it doesn't understand, we need to check for software
181 // keys. If it looks like a software key there's nothing to do so we just return.
182 // Can be removed once b/33385206 is fixed
183 KeymasterKeyBlob key_material;
184 AuthorizationSet hw_enforced, sw_enforced;
185 keymaster_error_t error = DeserializeIntegrityAssuredBlob_NoHmacCheck(
186 blob, &key_material, &hw_enforced, &sw_enforced);
187 if (error == KM_ERROR_OK) {
188 return KM_ERROR_OK;
189 }
190
191 error = km1_engine_->DeleteKey(blob);
192 if (error == KM_ERROR_INVALID_KEY_BLOB) {
193 // Some implementations diagnose invalid keys.
194 // However, all care we about is that the key blob, as supplied, is not usable after the
195 // call.
196 return KM_ERROR_OK;
197 }
198 return error;
199 }
200
DeleteAllKeys() const201 keymaster_error_t Keymaster1PassthroughContext::DeleteAllKeys() const {
202 return km1_engine_->DeleteAllKeys();
203 }
204
AddRngEntropy(const uint8_t * buf,size_t length) const205 keymaster_error_t Keymaster1PassthroughContext::AddRngEntropy(const uint8_t* buf,
206 size_t length) const {
207 return device_->add_rng_entropy(device_, buf, length);
208 }
209
enforcement_policy()210 KeymasterEnforcement* Keymaster1PassthroughContext::enforcement_policy() {
211 return nullptr;
212 }
213
CreateKeyBlob(const AuthorizationSet & key_description,const keymaster_key_origin_t origin,const KeymasterKeyBlob & key_material,KeymasterKeyBlob * blob,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced) const214 keymaster_error_t Keymaster1PassthroughContext::CreateKeyBlob(
215 const AuthorizationSet& key_description, const keymaster_key_origin_t origin,
216 const KeymasterKeyBlob& key_material, KeymasterKeyBlob* blob, AuthorizationSet* hw_enforced,
217 AuthorizationSet* sw_enforced) const {
218 keymaster_error_t error = SetKeyBlobAuthorizations(key_description, origin, os_version_,
219 os_patchlevel_, hw_enforced, sw_enforced);
220 if (error != KM_ERROR_OK) return error;
221
222 AuthorizationSet hidden;
223 error = BuildHiddenAuthorizations(key_description, &hidden, softwareRootOfTrust);
224 if (error != KM_ERROR_OK) return error;
225
226 return SerializeIntegrityAssuredBlob(key_material, hidden, *hw_enforced, *sw_enforced, blob);
227 }
228
GenerateAttestation(const Key & key,const AuthorizationSet & attest_params,UniquePtr<Key>,const KeymasterBlob &,keymaster_error_t * error) const229 CertificateChain Keymaster1PassthroughContext::GenerateAttestation(
230 const Key& key, const AuthorizationSet& attest_params, UniquePtr<Key> /* attest_key */,
231 const KeymasterBlob& /* issuer_subject */, keymaster_error_t* error) const {
232 keymaster_algorithm_t key_algorithm;
233 if (!key.authorizations().GetTagValue(TAG_ALGORITHM, &key_algorithm)) {
234 *error = KM_ERROR_UNKNOWN_ERROR;
235 return {};
236 }
237
238 if ((key_algorithm != KM_ALGORITHM_RSA && key_algorithm != KM_ALGORITHM_EC)) {
239 *error = KM_ERROR_INCOMPATIBLE_ALGORITHM;
240 return {};
241 }
242
243 // We have established that the given key has the correct algorithm, and because this is the
244 // SoftKeymasterContext we can assume that the Key is an AsymmetricKey. So we can downcast.
245 const AsymmetricKey& asymmetric_key = static_cast<const AsymmetricKey&>(key);
246
247 return generate_attestation(asymmetric_key, attest_params, {} /* attest_key */,
248 *this /* AttestationContext */, error);
249 }
250
UnwrapKey(const KeymasterKeyBlob &,const KeymasterKeyBlob &,const AuthorizationSet &,const KeymasterKeyBlob &,AuthorizationSet *,keymaster_key_format_t *,KeymasterKeyBlob *) const251 keymaster_error_t Keymaster1PassthroughContext::UnwrapKey(
252 const KeymasterKeyBlob&, const KeymasterKeyBlob&, const AuthorizationSet&,
253 const KeymasterKeyBlob&, AuthorizationSet*, keymaster_key_format_t*, KeymasterKeyBlob*) const {
254 return KM_ERROR_UNIMPLEMENTED;
255 }
256
257 } // namespace keymaster
258