1 /*
2 **
3 ** Copyright 2017, The Android Open Source Project
4 **
5 ** Licensed under the Apache License, Version 2.0 (the "License");
6 ** you may not use this file except in compliance with the License.
7 ** You may obtain a copy of the License at
8 **
9 ** http://www.apache.org/licenses/LICENSE-2.0
10 **
11 ** Unless required by applicable law or agreed to in writing, software
12 ** distributed under the License is distributed on an "AS IS" BASIS,
13 ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 ** See the License for the specific language governing permissions and
15 ** limitations under the License.
16 */
17 #include "keymaster_passthrough_operation.h"
18 #include <keymaster/legacy_support/keymaster_passthrough_engine.h>
19 #include <keymaster/legacy_support/keymaster_passthrough_key.h>
20
21 #include <hardware/keymaster1.h>
22 #include <hardware/keymaster2.h>
23
24 #include <assert.h>
25
26 #include <algorithm>
27 #include <memory>
28 #include <type_traits>
29
30 #define LOG_TAG "Keymaster2Engine"
31 #include <android/log.h>
32
33 using std::unique_ptr;
34
35 namespace keymaster {
36
37 template <typename KeymasterDeviceType>
38 class TKeymasterPassthroughEngine : public KeymasterPassthroughEngine {
39 using opfactory_t = KeymasterPassthroughOperationFactory<KeymasterDeviceType>;
40
41 public:
42 /**
43 * The engine takes ownership of the device, and will close it during destruction.
44 */
TKeymasterPassthroughEngine(const KeymasterDeviceType * km_device)45 explicit TKeymasterPassthroughEngine(const KeymasterDeviceType* km_device)
46 : km_device_(km_device) {
47 rsa_encrypt_op_factory_.reset(
48 new opfactory_t(KM_ALGORITHM_RSA, KM_PURPOSE_ENCRYPT, km_device_));
49 rsa_decrypt_op_factory_.reset(
50 new opfactory_t(KM_ALGORITHM_RSA, KM_PURPOSE_DECRYPT, km_device_));
51 rsa_sign_op_factory_.reset(new opfactory_t(KM_ALGORITHM_RSA, KM_PURPOSE_SIGN, km_device_));
52 rsa_verify_op_factory_.reset(
53 new opfactory_t(KM_ALGORITHM_RSA, KM_PURPOSE_VERIFY, km_device_));
54 ec_encrypt_op_factory_.reset(
55 new opfactory_t(KM_ALGORITHM_EC, KM_PURPOSE_ENCRYPT, km_device_));
56 ec_decrypt_op_factory_.reset(
57 new opfactory_t(KM_ALGORITHM_EC, KM_PURPOSE_DECRYPT, km_device_));
58 ec_sign_op_factory_.reset(new opfactory_t(KM_ALGORITHM_EC, KM_PURPOSE_SIGN, km_device_));
59 ec_verify_op_factory_.reset(
60 new opfactory_t(KM_ALGORITHM_EC, KM_PURPOSE_VERIFY, km_device_));
61 ec_derive_op_factory_.reset(
62 new opfactory_t(KM_ALGORITHM_EC, KM_PURPOSE_DERIVE_KEY, km_device_));
63 aes_encrypt_op_factory_.reset(
64 new opfactory_t(KM_ALGORITHM_AES, KM_PURPOSE_ENCRYPT, km_device_));
65 aes_decrypt_op_factory_.reset(
66 new opfactory_t(KM_ALGORITHM_AES, KM_PURPOSE_DECRYPT, km_device_));
67 triple_des_encrypt_op_factory_.reset(
68 new opfactory_t(KM_ALGORITHM_TRIPLE_DES, KM_PURPOSE_ENCRYPT, km_device_));
69 triple_des_decrypt_op_factory_.reset(
70 new opfactory_t(KM_ALGORITHM_TRIPLE_DES, KM_PURPOSE_DECRYPT, km_device_));
71 hmac_sign_op_factory_.reset(
72 new opfactory_t(KM_ALGORITHM_HMAC, KM_PURPOSE_SIGN, km_device_));
73 hmac_verify_op_factory_.reset(
74 new opfactory_t(KM_ALGORITHM_HMAC, KM_PURPOSE_VERIFY, km_device_));
75 }
~TKeymasterPassthroughEngine()76 virtual ~TKeymasterPassthroughEngine() {
77 // QUIRK: we only take ownership if this is a KM2 device.
78 // For KM1 the Keymaster1Engine takes ownership
79 if (std::is_same<KeymasterDeviceType, keymaster2_device_t>::value)
80 km_device_->common.close(
81 reinterpret_cast<hw_device_t*>(const_cast<KeymasterDeviceType*>(km_device_)));
82 }
83
84 keymaster_error_t GenerateKey(const AuthorizationSet& key_description,
85 KeymasterKeyBlob* key_material, AuthorizationSet* hw_enforced,
86 AuthorizationSet* sw_enforced) const override;
87
88 keymaster_error_t ImportKey(const AuthorizationSet& key_description,
89 keymaster_key_format_t input_key_material_format,
90 const KeymasterKeyBlob& input_key_material,
91 KeymasterKeyBlob* output_key_blob, AuthorizationSet* hw_enforced,
92 AuthorizationSet* sw_enforced) const override;
ExportKey(keymaster_key_format_t format,const KeymasterKeyBlob & blob,const KeymasterBlob & client_id,const KeymasterBlob & app_data,KeymasterBlob * export_data) const93 keymaster_error_t ExportKey(keymaster_key_format_t format, const KeymasterKeyBlob& blob,
94 const KeymasterBlob& client_id, const KeymasterBlob& app_data,
95 KeymasterBlob* export_data) const override {
96 keymaster_blob_t my_export_data = {};
97 keymaster_error_t error = km_device_->export_key(km_device_, format, &blob, &client_id,
98 &app_data, &my_export_data);
99 if (error != KM_ERROR_OK) return error;
100 *export_data = KeymasterBlob(my_export_data.data, my_export_data.data_length);
101 free(const_cast<uint8_t*>(my_export_data.data));
102 if (export_data->data == nullptr) {
103 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
104 }
105 return error;
106 }
DeleteKey(const KeymasterKeyBlob & blob) const107 keymaster_error_t DeleteKey(const KeymasterKeyBlob& blob) const override {
108 return km_device_->delete_key(km_device_, &blob);
109 }
DeleteAllKeys() const110 keymaster_error_t DeleteAllKeys() const override {
111 return km_device_->delete_all_keys(km_device_);
112 }
GetOperationFactory(keymaster_purpose_t purpose,keymaster_algorithm_t algorithm) const113 OperationFactory* GetOperationFactory(keymaster_purpose_t purpose,
114 keymaster_algorithm_t algorithm) const override {
115 switch (algorithm) {
116 case KM_ALGORITHM_RSA:
117 switch (purpose) {
118 case KM_PURPOSE_ENCRYPT:
119 return rsa_encrypt_op_factory_.get();
120 case KM_PURPOSE_DECRYPT:
121 return rsa_decrypt_op_factory_.get();
122 case KM_PURPOSE_SIGN:
123 return rsa_sign_op_factory_.get();
124 case KM_PURPOSE_VERIFY:
125 return rsa_verify_op_factory_.get();
126 default:
127 return nullptr;
128 }
129 case KM_ALGORITHM_EC:
130 switch (purpose) {
131 case KM_PURPOSE_ENCRYPT:
132 return ec_encrypt_op_factory_.get();
133 case KM_PURPOSE_DECRYPT:
134 return ec_decrypt_op_factory_.get();
135 case KM_PURPOSE_SIGN:
136 return ec_sign_op_factory_.get();
137 case KM_PURPOSE_VERIFY:
138 return ec_verify_op_factory_.get();
139 case KM_PURPOSE_DERIVE_KEY:
140 return ec_derive_op_factory_.get();
141 default:
142 return nullptr;
143 }
144 case KM_ALGORITHM_AES:
145 switch (purpose) {
146 case KM_PURPOSE_ENCRYPT:
147 return aes_encrypt_op_factory_.get();
148 case KM_PURPOSE_DECRYPT:
149 return aes_decrypt_op_factory_.get();
150 default:
151 return nullptr;
152 }
153 case KM_ALGORITHM_TRIPLE_DES:
154 switch (purpose) {
155 case KM_PURPOSE_ENCRYPT:
156 return triple_des_encrypt_op_factory_.get();
157 case KM_PURPOSE_DECRYPT:
158 return triple_des_decrypt_op_factory_.get();
159 default:
160 return nullptr;
161 }
162 case KM_ALGORITHM_HMAC:
163 switch (purpose) {
164 case KM_PURPOSE_SIGN:
165 return hmac_sign_op_factory_.get();
166 case KM_PURPOSE_VERIFY:
167 return hmac_verify_op_factory_.get();
168 default:
169 return nullptr;
170 }
171 }
172 }
173
device() const174 const KeymasterDeviceType* device() const { return km_device_; }
175
176 private:
177 TKeymasterPassthroughEngine(const KeymasterPassthroughEngine&) = delete; // Uncopyable
178 void operator=(const KeymasterPassthroughEngine&) = delete; // Unassignable
179
180 const KeymasterDeviceType* const km_device_;
181 std::unique_ptr<opfactory_t> rsa_encrypt_op_factory_;
182 std::unique_ptr<opfactory_t> rsa_decrypt_op_factory_;
183 std::unique_ptr<opfactory_t> rsa_sign_op_factory_;
184 std::unique_ptr<opfactory_t> rsa_verify_op_factory_;
185 std::unique_ptr<opfactory_t> ec_encrypt_op_factory_;
186 std::unique_ptr<opfactory_t> ec_decrypt_op_factory_;
187 std::unique_ptr<opfactory_t> ec_sign_op_factory_;
188 std::unique_ptr<opfactory_t> ec_verify_op_factory_;
189 std::unique_ptr<opfactory_t> ec_derive_op_factory_;
190 std::unique_ptr<opfactory_t> aes_encrypt_op_factory_;
191 std::unique_ptr<opfactory_t> aes_decrypt_op_factory_;
192 std::unique_ptr<opfactory_t> triple_des_encrypt_op_factory_;
193 std::unique_ptr<opfactory_t> triple_des_decrypt_op_factory_;
194 std::unique_ptr<opfactory_t> hmac_sign_op_factory_;
195 std::unique_ptr<opfactory_t> hmac_verify_op_factory_;
196 };
197
ConvertCharacteristics(const keymaster_key_characteristics_t & characteristics,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced)198 static void ConvertCharacteristics(const keymaster_key_characteristics_t& characteristics,
199 AuthorizationSet* hw_enforced, AuthorizationSet* sw_enforced) {
200 if (hw_enforced) hw_enforced->Reinitialize(characteristics.hw_enforced);
201 if (sw_enforced) sw_enforced->Reinitialize(characteristics.sw_enforced);
202 }
203
204 template <>
GenerateKey(const AuthorizationSet & key_description,KeymasterKeyBlob * key_blob,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced) const205 keymaster_error_t TKeymasterPassthroughEngine<keymaster1_device_t>::GenerateKey(
206 const AuthorizationSet& key_description, KeymasterKeyBlob* key_blob,
207 AuthorizationSet* hw_enforced, AuthorizationSet* sw_enforced) const {
208 assert(key_blob);
209
210 keymaster_key_characteristics_t* characteristics = nullptr;
211 keymaster_key_blob_t blob = {};
212 keymaster_error_t error =
213 km_device_->generate_key(km_device_, &key_description, &blob, &characteristics);
214 if (error != KM_ERROR_OK) return error;
215 unique_ptr<uint8_t, Malloc_Delete> blob_deleter(const_cast<uint8_t*>(blob.key_material));
216 key_blob->key_material = dup_buffer(blob.key_material, blob.key_material_size);
217 key_blob->key_material_size = blob.key_material_size;
218
219 ConvertCharacteristics(*characteristics, hw_enforced, sw_enforced);
220 keymaster_free_characteristics(characteristics);
221 free(characteristics);
222 return error;
223 }
224 template <>
GenerateKey(const AuthorizationSet & key_description,KeymasterKeyBlob * key_blob,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced) const225 keymaster_error_t TKeymasterPassthroughEngine<keymaster2_device_t>::GenerateKey(
226 const AuthorizationSet& key_description, KeymasterKeyBlob* key_blob,
227 AuthorizationSet* hw_enforced, AuthorizationSet* sw_enforced) const {
228 assert(key_blob);
229
230 keymaster_key_characteristics_t characteristics = {};
231 keymaster_key_blob_t blob = {};
232 keymaster_error_t error =
233 km_device_->generate_key(km_device_, &key_description, &blob, &characteristics);
234 if (error != KM_ERROR_OK) return error;
235 unique_ptr<uint8_t, Malloc_Delete> blob_deleter(const_cast<uint8_t*>(blob.key_material));
236 key_blob->key_material = dup_buffer(blob.key_material, blob.key_material_size);
237 key_blob->key_material_size = blob.key_material_size;
238
239 ConvertCharacteristics(characteristics, hw_enforced, sw_enforced);
240 keymaster_free_characteristics(&characteristics);
241 return error;
242 }
243
244 template <>
ImportKey(const AuthorizationSet & key_description,keymaster_key_format_t input_key_material_format,const KeymasterKeyBlob & input_key_material,KeymasterKeyBlob * output_key_blob,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced) const245 keymaster_error_t TKeymasterPassthroughEngine<keymaster1_device_t>::ImportKey(
246 const AuthorizationSet& key_description, keymaster_key_format_t input_key_material_format,
247 const KeymasterKeyBlob& input_key_material, KeymasterKeyBlob* output_key_blob,
248 AuthorizationSet* hw_enforced, AuthorizationSet* sw_enforced) const {
249 assert(output_key_blob);
250
251 keymaster_key_characteristics_t* characteristics = {};
252 const keymaster_blob_t input_key = {input_key_material.key_material,
253 input_key_material.key_material_size};
254 keymaster_key_blob_t blob = {};
255 keymaster_error_t error =
256 km_device_->import_key(km_device_, &key_description, input_key_material_format, &input_key,
257 &blob, &characteristics);
258 if (error != KM_ERROR_OK) return error;
259 unique_ptr<uint8_t, Malloc_Delete> blob_deleter(const_cast<uint8_t*>(blob.key_material));
260
261 *output_key_blob = KeymasterKeyBlob(blob);
262
263 ConvertCharacteristics(*characteristics, hw_enforced, sw_enforced);
264 keymaster_free_characteristics(characteristics);
265 free(characteristics);
266 return error;
267 }
268
269 template <>
ImportKey(const AuthorizationSet & key_description,keymaster_key_format_t input_key_material_format,const KeymasterKeyBlob & input_key_material,KeymasterKeyBlob * output_key_blob,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced) const270 keymaster_error_t TKeymasterPassthroughEngine<keymaster2_device_t>::ImportKey(
271 const AuthorizationSet& key_description, keymaster_key_format_t input_key_material_format,
272 const KeymasterKeyBlob& input_key_material, KeymasterKeyBlob* output_key_blob,
273 AuthorizationSet* hw_enforced, AuthorizationSet* sw_enforced) const {
274 assert(output_key_blob);
275
276 keymaster_key_characteristics_t characteristics = {};
277 const keymaster_blob_t input_key = {input_key_material.key_material,
278 input_key_material.key_material_size};
279 keymaster_key_blob_t blob = {};
280 keymaster_error_t error =
281 km_device_->import_key(km_device_, &key_description, input_key_material_format, &input_key,
282 &blob, &characteristics);
283 if (error != KM_ERROR_OK) return error;
284 unique_ptr<uint8_t, Malloc_Delete> blob_deleter(const_cast<uint8_t*>(blob.key_material));
285 // TODO why duplicate the blob if we have ownership here anyway?
286 output_key_blob->key_material = dup_buffer(blob.key_material, blob.key_material_size);
287 output_key_blob->key_material_size = blob.key_material_size;
288
289 ConvertCharacteristics(characteristics, hw_enforced, sw_enforced);
290 keymaster_free_characteristics(&characteristics);
291 return error;
292 }
293
294 typedef UniquePtr<KeymasterPassthroughEngine> engine_ptr_t;
295
createInstance(const keymaster1_device_t * dev)296 engine_ptr_t KeymasterPassthroughEngine::createInstance(const keymaster1_device_t* dev) {
297 return engine_ptr_t(new TKeymasterPassthroughEngine<keymaster1_device_t>(dev));
298 }
createInstance(const keymaster2_device_t * dev)299 engine_ptr_t KeymasterPassthroughEngine::createInstance(const keymaster2_device_t* dev) {
300 return engine_ptr_t(new TKeymasterPassthroughEngine<keymaster2_device_t>(dev));
301 }
302
303 } // namespace keymaster
304