1 /*
2 * Copyright (C) 2020 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "km_compat.h"
18
19 #include "km_compat_type_conversion.h"
20 #include <AndroidKeyMintDevice.h>
21 #include <aidl/android/hardware/security/keymint/Algorithm.h>
22 #include <aidl/android/hardware/security/keymint/Digest.h>
23 #include <aidl/android/hardware/security/keymint/ErrorCode.h>
24 #include <aidl/android/hardware/security/keymint/KeyParameterValue.h>
25 #include <aidl/android/hardware/security/keymint/PaddingMode.h>
26 #include <aidl/android/system/keystore2/ResponseCode.h>
27 #include <android-base/logging.h>
28 #include <android/hidl/manager/1.2/IServiceManager.h>
29 #include <binder/IServiceManager.h>
30 #include <hardware/keymaster_defs.h>
31 #include <keymasterV4_1/Keymaster.h>
32 #include <keymasterV4_1/Keymaster3.h>
33 #include <keymasterV4_1/Keymaster4.h>
34
35 #include <chrono>
36
37 #include "certificate_utils.h"
38
39 using ::aidl::android::hardware::security::keymint::Algorithm;
40 using ::aidl::android::hardware::security::keymint::CreateKeyMintDevice;
41 using ::aidl::android::hardware::security::keymint::Digest;
42 using ::aidl::android::hardware::security::keymint::KeyParameterValue;
43 using ::aidl::android::hardware::security::keymint::PaddingMode;
44 using ::aidl::android::hardware::security::keymint::Tag;
45 using ::aidl::android::system::keystore2::ResponseCode;
46 using ::android::hardware::hidl_vec;
47 using ::android::hardware::keymaster::V4_0::TagType;
48 using ::android::hidl::manager::V1_2::IServiceManager;
49 using V4_0_HardwareAuthToken = ::android::hardware::keymaster::V4_0::HardwareAuthToken;
50 using V4_0_HmacSharingParameters = ::android::hardware::keymaster::V4_0::HmacSharingParameters;
51 using V4_0_KeyCharacteristics = ::android::hardware::keymaster::V4_0::KeyCharacteristics;
52 using V4_0_KeyFormat = ::android::hardware::keymaster::V4_0::KeyFormat;
53 using V4_0_KeyParameter = ::android::hardware::keymaster::V4_0::KeyParameter;
54 using V4_0_VerificationToken = ::android::hardware::keymaster::V4_0::VerificationToken;
55 namespace V4_0 = ::android::hardware::keymaster::V4_0;
56 namespace V4_1 = ::android::hardware::keymaster::V4_1;
57 namespace KMV1 = ::aidl::android::hardware::security::keymint;
58
59 using namespace std::chrono_literals;
60 using std::chrono::duration_cast;
61
62 // Utility functions
63
64 // Returns true if this parameter may be passed to attestKey.
isAttestationParameter(const KMV1::KeyParameter & param)65 bool isAttestationParameter(const KMV1::KeyParameter& param) {
66 switch (param.tag) {
67 case Tag::APPLICATION_ID:
68 case Tag::APPLICATION_DATA:
69 case Tag::ATTESTATION_CHALLENGE:
70 case Tag::ATTESTATION_APPLICATION_ID:
71 case Tag::ATTESTATION_ID_BRAND:
72 case Tag::ATTESTATION_ID_DEVICE:
73 case Tag::ATTESTATION_ID_PRODUCT:
74 case Tag::ATTESTATION_ID_SERIAL:
75 case Tag::ATTESTATION_ID_IMEI:
76 case Tag::ATTESTATION_ID_MEID:
77 case Tag::ATTESTATION_ID_MANUFACTURER:
78 case Tag::ATTESTATION_ID_MODEL:
79 case Tag::CERTIFICATE_SERIAL:
80 case Tag::CERTIFICATE_SUBJECT:
81 case Tag::CERTIFICATE_NOT_BEFORE:
82 case Tag::CERTIFICATE_NOT_AFTER:
83 case Tag::INCLUDE_UNIQUE_ID:
84 case Tag::DEVICE_UNIQUE_ATTESTATION:
85 return true;
86 default:
87 return false;
88 }
89 }
90
91 // Returns true if this parameter may be passed to generate/importKey.
isKeyCreationParameter(const KMV1::KeyParameter & param)92 bool isKeyCreationParameter(const KMV1::KeyParameter& param) {
93 switch (param.tag) {
94 case Tag::APPLICATION_ID:
95 case Tag::APPLICATION_DATA:
96 case Tag::CERTIFICATE_SERIAL:
97 case Tag::CERTIFICATE_SUBJECT:
98 case Tag::CERTIFICATE_NOT_BEFORE:
99 case Tag::CERTIFICATE_NOT_AFTER:
100 case Tag::PURPOSE:
101 case Tag::ALGORITHM:
102 case Tag::KEY_SIZE:
103 case Tag::BLOCK_MODE:
104 case Tag::DIGEST:
105 case Tag::PADDING:
106 case Tag::CALLER_NONCE:
107 case Tag::MIN_MAC_LENGTH:
108 case Tag::EC_CURVE:
109 case Tag::RSA_PUBLIC_EXPONENT:
110 case Tag::RSA_OAEP_MGF_DIGEST:
111 case Tag::BOOTLOADER_ONLY:
112 case Tag::ROLLBACK_RESISTANCE:
113 case Tag::EARLY_BOOT_ONLY:
114 case Tag::ACTIVE_DATETIME:
115 case Tag::ORIGINATION_EXPIRE_DATETIME:
116 case Tag::USAGE_EXPIRE_DATETIME:
117 case Tag::MIN_SECONDS_BETWEEN_OPS:
118 case Tag::MAX_USES_PER_BOOT:
119 case Tag::USAGE_COUNT_LIMIT:
120 case Tag::USER_ID:
121 case Tag::USER_SECURE_ID:
122 case Tag::NO_AUTH_REQUIRED:
123 case Tag::USER_AUTH_TYPE:
124 case Tag::AUTH_TIMEOUT:
125 case Tag::ALLOW_WHILE_ON_BODY:
126 case Tag::TRUSTED_USER_PRESENCE_REQUIRED:
127 case Tag::TRUSTED_CONFIRMATION_REQUIRED:
128 case Tag::UNLOCKED_DEVICE_REQUIRED:
129 case Tag::CREATION_DATETIME:
130 case Tag::UNIQUE_ID:
131 case Tag::IDENTITY_CREDENTIAL_KEY:
132 case Tag::STORAGE_KEY:
133 case Tag::MAC_LENGTH:
134 return true;
135 default:
136 return false;
137 }
138 }
139
140 // Size of prefix for blobs, see keyBlobPrefix().
141 //
142 const size_t kKeyBlobPrefixSize = 8;
143
144 // Magic used in blob prefix, see keyBlobPrefix().
145 //
146 const uint8_t kKeyBlobMagic[7] = {'p', 'K', 'M', 'b', 'l', 'o', 'b'};
147
148 // Prefixes a keyblob returned by e.g. generateKey() with information on whether it
149 // originated from the real underlying KeyMaster HAL or from soft-KeyMint.
150 //
151 // When dealing with a keyblob, use prefixedKeyBlobRemovePrefix() to remove the
152 // prefix and prefixedKeyBlobIsSoftKeyMint() to determine its origin.
153 //
154 // Note how the prefix itself has a magic marker ("pKMblob") which can be used
155 // to identify if a blob has a prefix at all (it's assumed that any valid blob
156 // from KeyMint or KeyMaster HALs never starts with the magic). This is needed
157 // because blobs persisted to disk prior to using this code will not have the
158 // prefix and in that case we want prefixedKeyBlobRemovePrefix() to still work.
159 //
keyBlobPrefix(const std::vector<uint8_t> & blob,bool isSoftKeyMint)160 std::vector<uint8_t> keyBlobPrefix(const std::vector<uint8_t>& blob, bool isSoftKeyMint) {
161 std::vector<uint8_t> result;
162 result.reserve(blob.size() + kKeyBlobPrefixSize);
163 result.insert(result.begin(), kKeyBlobMagic, kKeyBlobMagic + sizeof kKeyBlobMagic);
164 result.push_back(isSoftKeyMint ? 1 : 0);
165 std::copy(blob.begin(), blob.end(), std::back_inserter(result));
166 return result;
167 }
168
169 // Helper for prefixedKeyBlobRemovePrefix() and prefixedKeyBlobIsSoftKeyMint().
170 //
171 // First bool is whether there's a valid prefix. If there is, the second bool is
172 // the |isSoftKeyMint| value of the prefix
173 //
prefixedKeyBlobParsePrefix(const std::vector<uint8_t> & prefixedBlob)174 std::pair<bool, bool> prefixedKeyBlobParsePrefix(const std::vector<uint8_t>& prefixedBlob) {
175 // Having a unprefixed blob is not that uncommon, for example all devices
176 // upgrading to keystore2 (so e.g. upgrading to Android 12) will have
177 // unprefixed blobs. So don't spew warnings/errors in this case...
178 if (prefixedBlob.size() < kKeyBlobPrefixSize) {
179 return std::make_pair(false, false);
180 }
181 if (std::memcmp(prefixedBlob.data(), kKeyBlobMagic, sizeof kKeyBlobMagic) != 0) {
182 return std::make_pair(false, false);
183 }
184 if (prefixedBlob[kKeyBlobPrefixSize - 1] != 0 && prefixedBlob[kKeyBlobPrefixSize - 1] != 1) {
185 return std::make_pair(false, false);
186 }
187 bool isSoftKeyMint = (prefixedBlob[kKeyBlobPrefixSize - 1] == 1);
188 return std::make_pair(true, isSoftKeyMint);
189 }
190
191 // Removes the prefix from a blob. If there's no prefix, returns the passed-in blob.
192 //
prefixedKeyBlobRemovePrefix(const std::vector<uint8_t> & prefixedBlob)193 std::vector<uint8_t> prefixedKeyBlobRemovePrefix(const std::vector<uint8_t>& prefixedBlob) {
194 auto parsed = prefixedKeyBlobParsePrefix(prefixedBlob);
195 if (!parsed.first) {
196 // Not actually prefixed, blob was probably persisted to disk prior to the
197 // prefixing code being introduced.
198 return prefixedBlob;
199 }
200 return std::vector<uint8_t>(prefixedBlob.begin() + kKeyBlobPrefixSize, prefixedBlob.end());
201 }
202
203 // Returns true if the blob's origin is soft-KeyMint, false otherwise or if there
204 // is no prefix on the passed-in blob.
205 //
prefixedKeyBlobIsSoftKeyMint(const std::vector<uint8_t> & prefixedBlob)206 bool prefixedKeyBlobIsSoftKeyMint(const std::vector<uint8_t>& prefixedBlob) {
207 auto parsed = prefixedKeyBlobParsePrefix(prefixedBlob);
208 return parsed.second;
209 }
210
211 // Inspects the given blob for prefixes.
212 // Returns the blob stripped of the prefix if present. The boolean argument is true if the blob was
213 // a software blob.
214 std::pair<std::vector<uint8_t>, bool>
dissectPrefixedKeyBlob(const std::vector<uint8_t> & prefixedBlob)215 dissectPrefixedKeyBlob(const std::vector<uint8_t>& prefixedBlob) {
216 auto [hasPrefix, isSoftware] = prefixedKeyBlobParsePrefix(prefixedBlob);
217 if (!hasPrefix) {
218 // Not actually prefixed, blob was probably persisted to disk prior to the
219 // prefixing code being introduced.
220 return {prefixedBlob, false};
221 }
222 return {std::vector<uint8_t>(prefixedBlob.begin() + kKeyBlobPrefixSize, prefixedBlob.end()),
223 isSoftware};
224 }
225
226 /*
227 * Returns true if the parameter is not understood by KM 4.1 and older but can be enforced by
228 * Keystore. These parameters need to be included in the returned KeyCharacteristics, but will not
229 * be passed to the legacy backend.
230 */
isNewAndKeystoreEnforceable(const KMV1::KeyParameter & param)231 bool isNewAndKeystoreEnforceable(const KMV1::KeyParameter& param) {
232 switch (param.tag) {
233 case KMV1::Tag::MAX_BOOT_LEVEL:
234 return true;
235 case KMV1::Tag::USAGE_COUNT_LIMIT:
236 return true;
237 default:
238 return false;
239 }
240 }
241
242 std::vector<KMV1::KeyParameter>
extractGenerationParams(const std::vector<KMV1::KeyParameter> & params)243 extractGenerationParams(const std::vector<KMV1::KeyParameter>& params) {
244 std::vector<KMV1::KeyParameter> result;
245 std::copy_if(params.begin(), params.end(), std::back_inserter(result), isKeyCreationParameter);
246 return result;
247 }
248
249 std::vector<KMV1::KeyParameter>
extractAttestationParams(const std::vector<KMV1::KeyParameter> & params)250 extractAttestationParams(const std::vector<KMV1::KeyParameter>& params) {
251 std::vector<KMV1::KeyParameter> result;
252 std::copy_if(params.begin(), params.end(), std::back_inserter(result), isAttestationParameter);
253 return result;
254 }
255
256 std::vector<KMV1::KeyParameter>
extractNewAndKeystoreEnforceableParams(const std::vector<KMV1::KeyParameter> & params)257 extractNewAndKeystoreEnforceableParams(const std::vector<KMV1::KeyParameter>& params) {
258 std::vector<KMV1::KeyParameter> result;
259 std::copy_if(params.begin(), params.end(), std::back_inserter(result),
260 isNewAndKeystoreEnforceable);
261 return result;
262 }
263
convertErrorCode(KMV1::ErrorCode result)264 ScopedAStatus convertErrorCode(KMV1::ErrorCode result) {
265 if (result == KMV1::ErrorCode::OK) {
266 return ScopedAStatus::ok();
267 }
268 return ScopedAStatus::fromServiceSpecificError(static_cast<int32_t>(result));
269 }
270
271 // Converts a V4 error code into a ScopedAStatus
convertErrorCode(V4_0_ErrorCode result)272 ScopedAStatus convertErrorCode(V4_0_ErrorCode result) {
273 return convertErrorCode(convert(result));
274 }
275
toErrorCode(const ScopedAStatus & status)276 static KMV1::ErrorCode toErrorCode(const ScopedAStatus& status) {
277 if (status.getExceptionCode() == EX_SERVICE_SPECIFIC) {
278 return static_cast<KMV1::ErrorCode>(status.getServiceSpecificError());
279 } else {
280 return KMV1::ErrorCode::UNKNOWN_ERROR;
281 }
282 }
283
284 static std::vector<V4_0::KeyParameter>
convertKeyParametersToLegacy(const std::vector<KeyParameter> & kps)285 convertKeyParametersToLegacy(const std::vector<KeyParameter>& kps) {
286 std::vector<V4_0::KeyParameter> legacyKps;
287 legacyKps.reserve(kps.size());
288 for (const auto& kp : kps) {
289 auto p = convertKeyParameterToLegacy(kp);
290 if (p.tag != V4_0::Tag::INVALID) {
291 legacyKps.push_back(std::move(p));
292 }
293 }
294 return legacyKps;
295 }
296
297 static std::vector<KeyParameter>
convertKeyParametersFromLegacy(const std::vector<V4_0_KeyParameter> & legacyKps)298 convertKeyParametersFromLegacy(const std::vector<V4_0_KeyParameter>& legacyKps) {
299 std::vector<KeyParameter> kps(legacyKps.size());
300 std::transform(legacyKps.begin(), legacyKps.end(), kps.begin(), convertKeyParameterFromLegacy);
301 return kps;
302 }
303
304 static std::vector<KeyCharacteristics>
processLegacyCharacteristics(KeyMintSecurityLevel securityLevel,const std::vector<KeyParameter> & genParams,const V4_0_KeyCharacteristics & legacyKc,bool kmEnforcedOnly=false)305 processLegacyCharacteristics(KeyMintSecurityLevel securityLevel,
306 const std::vector<KeyParameter>& genParams,
307 const V4_0_KeyCharacteristics& legacyKc, bool kmEnforcedOnly = false) {
308
309 KeyCharacteristics kmEnforced{securityLevel, convertKeyParametersFromLegacy(
310 securityLevel == KeyMintSecurityLevel::SOFTWARE
311 ? legacyKc.softwareEnforced
312 : legacyKc.hardwareEnforced)};
313
314 if (securityLevel == KeyMintSecurityLevel::SOFTWARE && legacyKc.hardwareEnforced.size() > 0) {
315 LOG(WARNING) << "Unexpected hardware enforced parameters.";
316 }
317
318 if (kmEnforcedOnly) {
319 return {kmEnforced};
320 }
321
322 KeyCharacteristics keystoreEnforced{KeyMintSecurityLevel::KEYSTORE, {}};
323
324 if (securityLevel != KeyMintSecurityLevel::SOFTWARE) {
325 // Don't include these tags on software backends, else they'd end up duplicated
326 // across both the keystore-enforced and software keymaster-enforced tags.
327 keystoreEnforced.authorizations = convertKeyParametersFromLegacy(legacyKc.softwareEnforced);
328 }
329
330 // Add all parameters that we know can be enforced by keystore but not by the legacy backend.
331 auto unsupported_requested = extractNewAndKeystoreEnforceableParams(genParams);
332 keystoreEnforced.authorizations.insert(keystoreEnforced.authorizations.end(),
333 std::begin(unsupported_requested),
334 std::end(unsupported_requested));
335
336 return {kmEnforced, keystoreEnforced};
337 }
338
convertKeyFormatToLegacy(const KeyFormat & kf)339 static V4_0_KeyFormat convertKeyFormatToLegacy(const KeyFormat& kf) {
340 return static_cast<V4_0_KeyFormat>(kf);
341 }
342
convertAuthTokenToLegacy(const std::optional<HardwareAuthToken> & at)343 static V4_0_HardwareAuthToken convertAuthTokenToLegacy(const std::optional<HardwareAuthToken>& at) {
344 if (!at) return {};
345
346 V4_0_HardwareAuthToken legacyAt;
347 legacyAt.challenge = at->challenge;
348 legacyAt.userId = at->userId;
349 legacyAt.authenticatorId = at->authenticatorId;
350 legacyAt.authenticatorType =
351 static_cast<::android::hardware::keymaster::V4_0::HardwareAuthenticatorType>(
352 at->authenticatorType);
353 legacyAt.timestamp = at->timestamp.milliSeconds;
354 legacyAt.mac = at->mac;
355 return legacyAt;
356 }
357
358 static V4_0_VerificationToken
convertTimestampTokenToLegacy(const std::optional<TimeStampToken> & tst)359 convertTimestampTokenToLegacy(const std::optional<TimeStampToken>& tst) {
360 if (!tst) return {};
361
362 V4_0_VerificationToken legacyVt;
363 legacyVt.challenge = tst->challenge;
364 legacyVt.timestamp = tst->timestamp.milliSeconds;
365 // Legacy verification tokens were always minted by TEE.
366 legacyVt.securityLevel = V4_0::SecurityLevel::TRUSTED_ENVIRONMENT;
367 legacyVt.mac = tst->mac;
368 return legacyVt;
369 }
370
371 static V4_0_HmacSharingParameters
convertSharedSecretParameterToLegacy(const SharedSecretParameters & ssp)372 convertSharedSecretParameterToLegacy(const SharedSecretParameters& ssp) {
373 V4_0_HmacSharingParameters legacyHsp;
374 legacyHsp.seed = ssp.seed;
375 std::copy(ssp.nonce.begin(), ssp.nonce.end(), legacyHsp.nonce.data());
376 return legacyHsp;
377 }
378
379 static std::vector<V4_0_HmacSharingParameters>
convertSharedSecretParametersToLegacy(const std::vector<SharedSecretParameters> & legacySsps)380 convertSharedSecretParametersToLegacy(const std::vector<SharedSecretParameters>& legacySsps) {
381 std::vector<V4_0_HmacSharingParameters> ssps(legacySsps.size());
382 std::transform(legacySsps.begin(), legacySsps.end(), ssps.begin(),
383 convertSharedSecretParameterToLegacy);
384 return ssps;
385 }
386
setNumFreeSlots(uint8_t numFreeSlots)387 void OperationSlots::setNumFreeSlots(uint8_t numFreeSlots) {
388 std::lock_guard<std::mutex> lock(mNumFreeSlotsMutex);
389 mNumFreeSlots = numFreeSlots;
390 }
391
claimSlot()392 bool OperationSlots::claimSlot() {
393 std::lock_guard<std::mutex> lock(mNumFreeSlotsMutex);
394 if (mNumFreeSlots > 0) {
395 mNumFreeSlots--;
396 return true;
397 }
398 return false;
399 }
400
freeSlot()401 void OperationSlots::freeSlot() {
402 std::lock_guard<std::mutex> lock(mNumFreeSlotsMutex);
403 mNumFreeSlots++;
404 }
405
freeSlot()406 void OperationSlot::freeSlot() {
407 if (mIsActive) {
408 mOperationSlots->freeSlot();
409 mIsActive = false;
410 }
411 }
412
413 // KeyMintDevice implementation
414
getHardwareInfo(KeyMintHardwareInfo * _aidl_return)415 ScopedAStatus KeyMintDevice::getHardwareInfo(KeyMintHardwareInfo* _aidl_return) {
416 auto result = mDevice->halVersion();
417 _aidl_return->versionNumber = result.majorVersion * 10 + result.minorVersion;
418 securityLevel_ = convert(result.securityLevel);
419 _aidl_return->securityLevel = securityLevel_;
420 _aidl_return->keyMintName = result.keymasterName;
421 _aidl_return->keyMintAuthorName = result.authorName;
422 _aidl_return->timestampTokenRequired = securityLevel_ == KMV1::SecurityLevel::STRONGBOX;
423 return ScopedAStatus::ok();
424 }
425
addRngEntropy(const std::vector<uint8_t> & in_data)426 ScopedAStatus KeyMintDevice::addRngEntropy(const std::vector<uint8_t>& in_data) {
427 auto result = mDevice->addRngEntropy(in_data);
428 if (!result.isOk()) {
429 LOG(ERROR) << __func__ << " transaction failed. " << result.description();
430 return convertErrorCode(KMV1::ErrorCode::UNKNOWN_ERROR);
431 }
432 return convertErrorCode(result);
433 }
434
generateKey(const std::vector<KeyParameter> & inKeyParams,const std::optional<AttestationKey> & in_attestationKey,KeyCreationResult * out_creationResult)435 ScopedAStatus KeyMintDevice::generateKey(const std::vector<KeyParameter>& inKeyParams,
436 const std::optional<AttestationKey>& in_attestationKey,
437 KeyCreationResult* out_creationResult) {
438
439 // Since KeyMaster doesn't support ECDH, route all key creation requests to
440 // soft-KeyMint if and only an ECDH key is requested.
441 //
442 // For this to work we'll need to also route begin() and deleteKey() calls to
443 // soft-KM. In order to do that, we'll prefix all keyblobs with whether it was
444 // created by the real underlying KeyMaster HAL or whether it was created by
445 // soft-KeyMint.
446 //
447 // See keyBlobPrefix() for more discussion.
448 //
449 for (const auto& keyParam : inKeyParams) {
450 if (keyParam.tag == Tag::PURPOSE &&
451 keyParam.value.get<KeyParameterValue::Tag::keyPurpose>() == KeyPurpose::AGREE_KEY) {
452 auto ret =
453 softKeyMintDevice_->generateKey(inKeyParams, in_attestationKey, out_creationResult);
454 if (ret.isOk()) {
455 out_creationResult->keyBlob = keyBlobPrefix(out_creationResult->keyBlob, true);
456 }
457 return ret;
458 }
459 }
460
461 auto legacyKeyGenParams = convertKeyParametersToLegacy(extractGenerationParams(inKeyParams));
462 KMV1::ErrorCode errorCode;
463 auto result = mDevice->generateKey(
464 legacyKeyGenParams, [&](V4_0_ErrorCode error, const hidl_vec<uint8_t>& keyBlob,
465 const V4_0_KeyCharacteristics& keyCharacteristics) {
466 errorCode = convert(error);
467 out_creationResult->keyBlob = keyBlobPrefix(keyBlob, false);
468 out_creationResult->keyCharacteristics =
469 processLegacyCharacteristics(securityLevel_, inKeyParams, keyCharacteristics);
470 });
471 if (!result.isOk()) {
472 LOG(ERROR) << __func__ << " transaction failed. " << result.description();
473 return convertErrorCode(KMV1::ErrorCode::UNKNOWN_ERROR);
474 }
475 if (errorCode == KMV1::ErrorCode::OK) {
476 auto cert = getCertificate(inKeyParams, out_creationResult->keyBlob);
477 if (std::holds_alternative<KMV1::ErrorCode>(cert)) {
478 auto code = std::get<KMV1::ErrorCode>(cert);
479 // We return OK in successful cases that do not generate a certificate.
480 if (code != KMV1::ErrorCode::OK) {
481 errorCode = code;
482 deleteKey(out_creationResult->keyBlob);
483 }
484 } else {
485 out_creationResult->certificateChain = std::get<std::vector<Certificate>>(cert);
486 }
487 }
488 return convertErrorCode(errorCode);
489 }
490
importKey(const std::vector<KeyParameter> & inKeyParams,KeyFormat in_inKeyFormat,const std::vector<uint8_t> & in_inKeyData,const std::optional<AttestationKey> &,KeyCreationResult * out_creationResult)491 ScopedAStatus KeyMintDevice::importKey(const std::vector<KeyParameter>& inKeyParams,
492 KeyFormat in_inKeyFormat,
493 const std::vector<uint8_t>& in_inKeyData,
494 const std::optional<AttestationKey>& /* in_attestationKey */,
495 KeyCreationResult* out_creationResult) {
496 auto legacyKeyGENParams = convertKeyParametersToLegacy(extractGenerationParams(inKeyParams));
497 auto legacyKeyFormat = convertKeyFormatToLegacy(in_inKeyFormat);
498 KMV1::ErrorCode errorCode;
499 auto result = mDevice->importKey(legacyKeyGENParams, legacyKeyFormat, in_inKeyData,
500 [&](V4_0_ErrorCode error, const hidl_vec<uint8_t>& keyBlob,
501 const V4_0_KeyCharacteristics& keyCharacteristics) {
502 errorCode = convert(error);
503 out_creationResult->keyBlob =
504 keyBlobPrefix(keyBlob, false);
505 out_creationResult->keyCharacteristics =
506 processLegacyCharacteristics(
507 securityLevel_, inKeyParams, keyCharacteristics);
508 });
509 if (!result.isOk()) {
510 LOG(ERROR) << __func__ << " transaction failed. " << result.description();
511 return convertErrorCode(KMV1::ErrorCode::UNKNOWN_ERROR);
512 }
513 if (errorCode == KMV1::ErrorCode::OK) {
514 auto cert = getCertificate(inKeyParams, out_creationResult->keyBlob);
515 if (std::holds_alternative<KMV1::ErrorCode>(cert)) {
516 auto code = std::get<KMV1::ErrorCode>(cert);
517 // We return OK in successful cases that do not generate a certificate.
518 if (code != KMV1::ErrorCode::OK) {
519 errorCode = code;
520 deleteKey(out_creationResult->keyBlob);
521 }
522 } else {
523 out_creationResult->certificateChain = std::get<std::vector<Certificate>>(cert);
524 }
525 }
526 return convertErrorCode(errorCode);
527 }
528
529 ScopedAStatus
importWrappedKey(const std::vector<uint8_t> & in_inWrappedKeyData,const std::vector<uint8_t> & in_inPrefixedWrappingKeyBlob,const std::vector<uint8_t> & in_inMaskingKey,const std::vector<KeyParameter> & in_inUnwrappingParams,int64_t in_inPasswordSid,int64_t in_inBiometricSid,KeyCreationResult * out_creationResult)530 KeyMintDevice::importWrappedKey(const std::vector<uint8_t>& in_inWrappedKeyData,
531 const std::vector<uint8_t>& in_inPrefixedWrappingKeyBlob,
532 const std::vector<uint8_t>& in_inMaskingKey,
533 const std::vector<KeyParameter>& in_inUnwrappingParams,
534 int64_t in_inPasswordSid, int64_t in_inBiometricSid,
535 KeyCreationResult* out_creationResult) {
536 const std::vector<uint8_t>& wrappingKeyBlob =
537 prefixedKeyBlobRemovePrefix(in_inPrefixedWrappingKeyBlob);
538 if (prefixedKeyBlobIsSoftKeyMint(in_inPrefixedWrappingKeyBlob)) {
539 return softKeyMintDevice_->importWrappedKey(
540 in_inWrappedKeyData, wrappingKeyBlob, in_inMaskingKey, in_inUnwrappingParams,
541 in_inPasswordSid, in_inBiometricSid, out_creationResult);
542 }
543
544 auto legacyUnwrappingParams = convertKeyParametersToLegacy(in_inUnwrappingParams);
545 KMV1::ErrorCode errorCode;
546 auto result = mDevice->importWrappedKey(
547 in_inWrappedKeyData, wrappingKeyBlob, in_inMaskingKey, legacyUnwrappingParams,
548 in_inPasswordSid, in_inBiometricSid,
549 [&](V4_0_ErrorCode error, const hidl_vec<uint8_t>& keyBlob,
550 const V4_0_KeyCharacteristics& keyCharacteristics) {
551 errorCode = convert(error);
552 out_creationResult->keyBlob = keyBlobPrefix(keyBlob, false);
553 out_creationResult->keyCharacteristics =
554 processLegacyCharacteristics(securityLevel_, {}, keyCharacteristics);
555 });
556 if (!result.isOk()) {
557 LOG(ERROR) << __func__ << " transaction failed. " << result.description();
558 return convertErrorCode(KMV1::ErrorCode::UNKNOWN_ERROR);
559 }
560 return convertErrorCode(errorCode);
561 }
562
upgradeKey(const std::vector<uint8_t> & in_inKeyBlobToUpgrade,const std::vector<KeyParameter> & in_inUpgradeParams,std::vector<uint8_t> * _aidl_return)563 ScopedAStatus KeyMintDevice::upgradeKey(const std::vector<uint8_t>& in_inKeyBlobToUpgrade,
564 const std::vector<KeyParameter>& in_inUpgradeParams,
565 std::vector<uint8_t>* _aidl_return) {
566 auto legacyUpgradeParams = convertKeyParametersToLegacy(in_inUpgradeParams);
567 V4_0_ErrorCode errorCode;
568
569 auto result =
570 mDevice->upgradeKey(prefixedKeyBlobRemovePrefix(in_inKeyBlobToUpgrade), legacyUpgradeParams,
571 [&](V4_0_ErrorCode error, const hidl_vec<uint8_t>& upgradedKeyBlob) {
572 errorCode = error;
573 *_aidl_return = keyBlobPrefix(upgradedKeyBlob, false);
574 });
575 if (!result.isOk()) {
576 LOG(ERROR) << __func__ << " transaction failed. " << result.description();
577 return convertErrorCode(KMV1::ErrorCode::UNKNOWN_ERROR);
578 }
579 return convertErrorCode(errorCode);
580 }
581
deleteKey(const std::vector<uint8_t> & prefixedKeyBlob)582 ScopedAStatus KeyMintDevice::deleteKey(const std::vector<uint8_t>& prefixedKeyBlob) {
583 const std::vector<uint8_t>& keyBlob = prefixedKeyBlobRemovePrefix(prefixedKeyBlob);
584 if (prefixedKeyBlobIsSoftKeyMint(prefixedKeyBlob)) {
585 return softKeyMintDevice_->deleteKey(keyBlob);
586 }
587
588 auto result = mDevice->deleteKey(keyBlob);
589 if (!result.isOk()) {
590 LOG(ERROR) << __func__ << " transaction failed. " << result.description();
591 return convertErrorCode(KMV1::ErrorCode::UNKNOWN_ERROR);
592 }
593 return convertErrorCode(result);
594 }
595
deleteAllKeys()596 ScopedAStatus KeyMintDevice::deleteAllKeys() {
597 auto result = mDevice->deleteAllKeys();
598 if (!result.isOk()) {
599 LOG(ERROR) << __func__ << " transaction failed. " << result.description();
600 return convertErrorCode(KMV1::ErrorCode::UNKNOWN_ERROR);
601 }
602 return convertErrorCode(result);
603 }
604
605 // We're not implementing this.
destroyAttestationIds()606 ScopedAStatus KeyMintDevice::destroyAttestationIds() {
607 return ScopedAStatus::fromServiceSpecificError(
608 static_cast<int32_t>(V4_0_ErrorCode::UNIMPLEMENTED));
609 }
610
begin(KeyPurpose in_inPurpose,const std::vector<uint8_t> & prefixedKeyBlob,const std::vector<KeyParameter> & in_inParams,const std::optional<HardwareAuthToken> & in_inAuthToken,BeginResult * _aidl_return)611 ScopedAStatus KeyMintDevice::begin(KeyPurpose in_inPurpose,
612 const std::vector<uint8_t>& prefixedKeyBlob,
613 const std::vector<KeyParameter>& in_inParams,
614 const std::optional<HardwareAuthToken>& in_inAuthToken,
615 BeginResult* _aidl_return) {
616 if (!mOperationSlots.claimSlot()) {
617 return convertErrorCode(V4_0_ErrorCode::TOO_MANY_OPERATIONS);
618 }
619
620 const std::vector<uint8_t>& in_inKeyBlob = prefixedKeyBlobRemovePrefix(prefixedKeyBlob);
621 if (prefixedKeyBlobIsSoftKeyMint(prefixedKeyBlob)) {
622 return softKeyMintDevice_->begin(in_inPurpose, in_inKeyBlob, in_inParams, in_inAuthToken,
623 _aidl_return);
624 }
625
626 auto legacyPurpose =
627 static_cast<::android::hardware::keymaster::V4_0::KeyPurpose>(in_inPurpose);
628 auto legacyParams = convertKeyParametersToLegacy(in_inParams);
629 auto legacyAuthToken = convertAuthTokenToLegacy(in_inAuthToken);
630 KMV1::ErrorCode errorCode;
631 auto result = mDevice->begin(
632 legacyPurpose, in_inKeyBlob, legacyParams, legacyAuthToken,
633 [&](V4_0_ErrorCode error, const hidl_vec<V4_0_KeyParameter>& outParams,
634 uint64_t operationHandle) {
635 errorCode = convert(error);
636 _aidl_return->challenge = operationHandle;
637 _aidl_return->params = convertKeyParametersFromLegacy(outParams);
638 _aidl_return->operation = ndk::SharedRefBase::make<KeyMintOperation>(
639 mDevice, operationHandle, &mOperationSlots, error == V4_0_ErrorCode::OK);
640 });
641 if (!result.isOk()) {
642 LOG(ERROR) << __func__ << " transaction failed. " << result.description();
643 errorCode = KMV1::ErrorCode::UNKNOWN_ERROR;
644 }
645 if (errorCode != KMV1::ErrorCode::OK) {
646 mOperationSlots.freeSlot();
647 }
648 return convertErrorCode(errorCode);
649 }
650
deviceLocked(bool passwordOnly,const std::optional<TimeStampToken> & timestampToken)651 ScopedAStatus KeyMintDevice::deviceLocked(bool passwordOnly,
652 const std::optional<TimeStampToken>& timestampToken) {
653 V4_0_VerificationToken token;
654 if (timestampToken.has_value()) {
655 token = convertTimestampTokenToLegacy(timestampToken.value());
656 }
657 auto ret = mDevice->deviceLocked(passwordOnly, token);
658 if (!ret.isOk()) {
659 return convertErrorCode(KMV1::ErrorCode::UNKNOWN_ERROR);
660 } else {
661 return convertErrorCode(KMV1::ErrorCode::OK);
662 }
663 }
664
earlyBootEnded()665 ScopedAStatus KeyMintDevice::earlyBootEnded() {
666 auto ret = mDevice->earlyBootEnded();
667 if (!ret.isOk()) {
668 return convertErrorCode(KMV1::ErrorCode::UNKNOWN_ERROR);
669 } else {
670 return convertErrorCode(KMV1::ErrorCode::OK);
671 }
672 }
673
674 ScopedAStatus
convertStorageKeyToEphemeral(const std::vector<uint8_t> & prefixedStorageKeyBlob,std::vector<uint8_t> * ephemeralKeyBlob)675 KeyMintDevice::convertStorageKeyToEphemeral(const std::vector<uint8_t>& prefixedStorageKeyBlob,
676 std::vector<uint8_t>* ephemeralKeyBlob) {
677 KMV1::ErrorCode km_error;
678
679 /*
680 * Wrapped storage keys cannot be emulated (and they don't need to, because if a platform
681 * supports wrapped storage keys, then the legacy backend will support it too. So error out
682 * if the wrapped storage key given is a soft keymint key.
683 */
684 if (prefixedKeyBlobIsSoftKeyMint(prefixedStorageKeyBlob)) {
685 return convertErrorCode(KMV1::ErrorCode::UNIMPLEMENTED);
686 }
687
688 const std::vector<uint8_t>& storageKeyBlob =
689 prefixedKeyBlobRemovePrefix(prefixedStorageKeyBlob);
690
691 auto hidlCb = [&](V4_0_ErrorCode ret, const hidl_vec<uint8_t>& exportedKeyBlob) {
692 km_error = convert(ret);
693 if (km_error != KMV1::ErrorCode::OK) return;
694 /*
695 * This must return the blob without the prefix since it will be used directly
696 * as a storage encryption key. But this is alright, since this wrapped ephemeral
697 * key shouldn't/won't ever be used with keymint.
698 */
699 *ephemeralKeyBlob = exportedKeyBlob;
700 };
701
702 auto ret = mDevice->exportKey(V4_0_KeyFormat::RAW, storageKeyBlob, {}, {}, hidlCb);
703 if (!ret.isOk()) {
704 LOG(ERROR) << __func__ << " export_key failed: " << ret.description();
705 return convertErrorCode(KMV1::ErrorCode::UNKNOWN_ERROR);
706 }
707 if (km_error != KMV1::ErrorCode::OK)
708 LOG(ERROR) << __func__ << " export_key failed, code " << int32_t(km_error);
709
710 return convertErrorCode(km_error);
711 }
712
getKeyCharacteristics(const std::vector<uint8_t> & prefixedKeyBlob,const std::vector<uint8_t> & appId,const std::vector<uint8_t> & appData,std::vector<KeyCharacteristics> * keyCharacteristics)713 ScopedAStatus KeyMintDevice::getKeyCharacteristics(
714 const std::vector<uint8_t>& prefixedKeyBlob, const std::vector<uint8_t>& appId,
715 const std::vector<uint8_t>& appData, std::vector<KeyCharacteristics>* keyCharacteristics) {
716 auto [strippedKeyBlob, isSoftware] = dissectPrefixedKeyBlob(prefixedKeyBlob);
717 if (isSoftware) {
718 return softKeyMintDevice_->getKeyCharacteristics(strippedKeyBlob, appId, appData,
719 keyCharacteristics);
720 } else {
721 KMV1::ErrorCode km_error;
722 auto ret = mDevice->getKeyCharacteristics(
723 strippedKeyBlob, appId, appData,
724 [&](V4_0_ErrorCode errorCode, const V4_0_KeyCharacteristics& v40KeyCharacteristics) {
725 km_error = convert(errorCode);
726 *keyCharacteristics =
727 processLegacyCharacteristics(securityLevel_, {} /* getParams */,
728 v40KeyCharacteristics, true /* kmEnforcedOnly */);
729 });
730
731 if (!ret.isOk()) {
732 LOG(ERROR) << __func__ << " getKeyCharacteristics failed: " << ret.description();
733 return convertErrorCode(KMV1::ErrorCode::UNKNOWN_ERROR);
734 }
735 if (km_error != KMV1::ErrorCode::OK) {
736 LOG(ERROR) << __func__
737 << " getKeyCharacteristics failed with code: " << toString(km_error);
738 }
739
740 return convertErrorCode(km_error);
741 }
742 }
743
updateAad(const std::vector<uint8_t> & input,const std::optional<HardwareAuthToken> & optAuthToken,const std::optional<TimeStampToken> & optTimeStampToken)744 ScopedAStatus KeyMintOperation::updateAad(const std::vector<uint8_t>& input,
745 const std::optional<HardwareAuthToken>& optAuthToken,
746 const std::optional<TimeStampToken>& optTimeStampToken) {
747 V4_0_HardwareAuthToken authToken = convertAuthTokenToLegacy(optAuthToken);
748 V4_0_VerificationToken verificationToken = convertTimestampTokenToLegacy(optTimeStampToken);
749
750 KMV1::ErrorCode errorCode;
751 auto result = mDevice->update(
752 mOperationHandle, {V4_0::makeKeyParameter(V4_0::TAG_ASSOCIATED_DATA, input)}, {}, authToken,
753 verificationToken,
754 [&](V4_0_ErrorCode error, auto, auto, auto) { errorCode = convert(error); });
755
756 if (!result.isOk()) {
757 LOG(ERROR) << __func__ << " transaction failed. " << result.description();
758 errorCode = KMV1::ErrorCode::UNKNOWN_ERROR;
759 }
760 if (errorCode != KMV1::ErrorCode::OK) mOperationSlot.freeSlot();
761
762 return convertErrorCode(errorCode);
763 }
764
setUpdateBuffer(std::vector<uint8_t> data)765 void KeyMintOperation::setUpdateBuffer(std::vector<uint8_t> data) {
766 mUpdateBuffer = std::move(data);
767 }
768
769 const std::vector<uint8_t>&
getExtendedUpdateBuffer(const std::vector<uint8_t> & suffix)770 KeyMintOperation::getExtendedUpdateBuffer(const std::vector<uint8_t>& suffix) {
771 if (mUpdateBuffer.empty()) {
772 return suffix;
773 } else {
774 mUpdateBuffer.insert(mUpdateBuffer.end(), suffix.begin(), suffix.end());
775 return mUpdateBuffer;
776 }
777 }
778
update(const std::vector<uint8_t> & input_raw,const std::optional<HardwareAuthToken> & optAuthToken,const std::optional<TimeStampToken> & optTimeStampToken,std::vector<uint8_t> * out_output)779 ScopedAStatus KeyMintOperation::update(const std::vector<uint8_t>& input_raw,
780 const std::optional<HardwareAuthToken>& optAuthToken,
781 const std::optional<TimeStampToken>& optTimeStampToken,
782 std::vector<uint8_t>* out_output) {
783 V4_0_HardwareAuthToken authToken = convertAuthTokenToLegacy(optAuthToken);
784 V4_0_VerificationToken verificationToken = convertTimestampTokenToLegacy(optTimeStampToken);
785
786 size_t inputPos = 0;
787 *out_output = {};
788 KMV1::ErrorCode errorCode = KMV1::ErrorCode::OK;
789 auto input = getExtendedUpdateBuffer(input_raw);
790
791 while (inputPos < input.size() && errorCode == KMV1::ErrorCode::OK) {
792 uint32_t consumed = 0;
793 auto result =
794 mDevice->update(mOperationHandle, {} /* inParams */,
795 {input.begin() + inputPos, input.end()}, authToken, verificationToken,
796 [&](V4_0_ErrorCode error, uint32_t inputConsumed, auto /* outParams */,
797 const hidl_vec<uint8_t>& output) {
798 errorCode = convert(error);
799 out_output->insert(out_output->end(), output.begin(), output.end());
800 consumed = inputConsumed;
801 });
802
803 if (!result.isOk()) {
804 LOG(ERROR) << __func__ << " transaction failed. " << result.description();
805 errorCode = KMV1::ErrorCode::UNKNOWN_ERROR;
806 }
807
808 if (errorCode == KMV1::ErrorCode::OK && consumed == 0) {
809 // Some very old KM implementations do not buffer sub blocks in certain block modes,
810 // instead, the simply return consumed == 0. So we buffer the input here in the
811 // hope that we complete the bock in a future call to update.
812 setUpdateBuffer({input.begin() + inputPos, input.end()});
813 return convertErrorCode(errorCode);
814 }
815 inputPos += consumed;
816 }
817
818 if (errorCode != KMV1::ErrorCode::OK) mOperationSlot.freeSlot();
819
820 return convertErrorCode(errorCode);
821 }
822
823 ScopedAStatus
finish(const std::optional<std::vector<uint8_t>> & in_input,const std::optional<std::vector<uint8_t>> & in_signature,const std::optional<HardwareAuthToken> & in_authToken,const std::optional<TimeStampToken> & in_timeStampToken,const std::optional<std::vector<uint8_t>> & in_confirmationToken,std::vector<uint8_t> * out_output)824 KeyMintOperation::finish(const std::optional<std::vector<uint8_t>>& in_input,
825 const std::optional<std::vector<uint8_t>>& in_signature,
826 const std::optional<HardwareAuthToken>& in_authToken,
827 const std::optional<TimeStampToken>& in_timeStampToken,
828 const std::optional<std::vector<uint8_t>>& in_confirmationToken,
829 std::vector<uint8_t>* out_output) {
830 auto input_raw = in_input.value_or(std::vector<uint8_t>());
831 auto input = getExtendedUpdateBuffer(input_raw);
832 auto signature = in_signature.value_or(std::vector<uint8_t>());
833 V4_0_HardwareAuthToken authToken = convertAuthTokenToLegacy(in_authToken);
834 V4_0_VerificationToken verificationToken = convertTimestampTokenToLegacy(in_timeStampToken);
835
836 std::vector<V4_0_KeyParameter> inParams;
837 if (in_confirmationToken) {
838 inParams.push_back(makeKeyParameter(V4_0::TAG_CONFIRMATION_TOKEN, *in_confirmationToken));
839 }
840
841 KMV1::ErrorCode errorCode;
842 auto result = mDevice->finish(
843 mOperationHandle, inParams, input, signature, authToken, verificationToken,
844 [&](V4_0_ErrorCode error, auto /* outParams */, const hidl_vec<uint8_t>& output) {
845 errorCode = convert(error);
846 *out_output = output;
847 });
848
849 mOperationSlot.freeSlot();
850 if (!result.isOk()) {
851 LOG(ERROR) << __func__ << " transaction failed. " << result.description();
852 errorCode = KMV1::ErrorCode::UNKNOWN_ERROR;
853 }
854 return convertErrorCode(errorCode);
855 }
856
abort()857 ScopedAStatus KeyMintOperation::abort() {
858 auto result = mDevice->abort(mOperationHandle);
859 mOperationSlot.freeSlot();
860 if (!result.isOk()) {
861 LOG(ERROR) << __func__ << " transaction failed. " << result.description();
862 return convertErrorCode(KMV1::ErrorCode::UNKNOWN_ERROR);
863 }
864 return convertErrorCode(result);
865 }
866
~KeyMintOperation()867 KeyMintOperation::~KeyMintOperation() {
868 if (mOperationSlot.hasSlot()) {
869 auto error = abort();
870 if (!error.isOk()) {
871 LOG(WARNING) << "Error calling abort in ~KeyMintOperation: " << error.getMessage();
872 }
873 }
874 }
875
876 // SecureClock implementation
877
generateTimeStamp(int64_t in_challenge,TimeStampToken * _aidl_return)878 ScopedAStatus SecureClock::generateTimeStamp(int64_t in_challenge, TimeStampToken* _aidl_return) {
879 KMV1::ErrorCode errorCode;
880 auto result = mDevice->verifyAuthorization(
881 in_challenge, {}, V4_0_HardwareAuthToken(),
882 [&](V4_0_ErrorCode error, const V4_0_VerificationToken& token) {
883 errorCode = convert(error);
884 _aidl_return->challenge = token.challenge;
885 _aidl_return->timestamp.milliSeconds = token.timestamp;
886 _aidl_return->mac = token.mac;
887 });
888 if (!result.isOk()) {
889 LOG(ERROR) << __func__ << " transaction failed. " << result.description();
890 errorCode = KMV1::ErrorCode::UNKNOWN_ERROR;
891 }
892 return convertErrorCode(errorCode);
893 }
894
895 // SharedSecret implementation
896
getSharedSecretParameters(SharedSecretParameters * _aidl_return)897 ScopedAStatus SharedSecret::getSharedSecretParameters(SharedSecretParameters* _aidl_return) {
898 KMV1::ErrorCode errorCode;
899 auto result = mDevice->getHmacSharingParameters(
900 [&](V4_0_ErrorCode error, const V4_0_HmacSharingParameters& params) {
901 errorCode = convert(error);
902 _aidl_return->seed = params.seed;
903 std::copy(params.nonce.data(), params.nonce.data() + params.nonce.elementCount(),
904 std::back_inserter(_aidl_return->nonce));
905 });
906 if (!result.isOk()) {
907 LOG(ERROR) << __func__ << " transaction failed. " << result.description();
908 errorCode = KMV1::ErrorCode::UNKNOWN_ERROR;
909 }
910 return convertErrorCode(errorCode);
911 }
912
913 ScopedAStatus
computeSharedSecret(const std::vector<SharedSecretParameters> & in_params,std::vector<uint8_t> * _aidl_return)914 SharedSecret::computeSharedSecret(const std::vector<SharedSecretParameters>& in_params,
915 std::vector<uint8_t>* _aidl_return) {
916 KMV1::ErrorCode errorCode;
917 auto legacyParams = convertSharedSecretParametersToLegacy(in_params);
918 auto result = mDevice->computeSharedHmac(
919 legacyParams, [&](V4_0_ErrorCode error, const hidl_vec<uint8_t>& sharingCheck) {
920 errorCode = convert(error);
921 *_aidl_return = sharingCheck;
922 });
923 if (!result.isOk()) {
924 LOG(ERROR) << __func__ << " transaction failed. " << result.description();
925 errorCode = KMV1::ErrorCode::UNKNOWN_ERROR;
926 }
927 return convertErrorCode(errorCode);
928 }
929
930 // Certificate implementation
931
932 template <KMV1::Tag tag, KMV1::TagType type>
getParam(const std::vector<KeyParameter> & keyParams,KMV1::TypedTag<type,tag> ttag)933 static auto getParam(const std::vector<KeyParameter>& keyParams, KMV1::TypedTag<type, tag> ttag)
934 -> decltype(authorizationValue(ttag, KeyParameter())) {
935 for (const auto& p : keyParams) {
936
937 if (auto v = authorizationValue(ttag, p)) {
938 return v;
939 }
940 }
941 return {};
942 }
943
944 template <typename T>
containsParam(const std::vector<KeyParameter> & keyParams,T ttag)945 static bool containsParam(const std::vector<KeyParameter>& keyParams, T ttag) {
946 return static_cast<bool>(getParam(keyParams, ttag));
947 }
948
949 // Prefer the smallest.
950 // If no options are found, return the first.
951 template <typename T>
952 static typename KMV1::TypedTag2ValueType<T>::type
getMaximum(const std::vector<KeyParameter> & keyParams,T tag,std::vector<typename KMV1::TypedTag2ValueType<T>::type> sortedOptions)953 getMaximum(const std::vector<KeyParameter>& keyParams, T tag,
954 std::vector<typename KMV1::TypedTag2ValueType<T>::type> sortedOptions) {
955 auto bestSoFar = sortedOptions.end();
956 for (const KeyParameter& kp : keyParams) {
957 if (auto value = authorizationValue(tag, kp)) {
958 auto candidate = std::find(sortedOptions.begin(), sortedOptions.end(), *value);
959 // sortedOptions is sorted from best to worst. `std::distance(first, last)` counts the
960 // hops from `first` to `last`. So a better `candidate` yields a positive distance to
961 // `bestSoFar`.
962 if (std::distance(candidate, bestSoFar) > 0) {
963 bestSoFar = candidate;
964 }
965 }
966 }
967 if (bestSoFar == sortedOptions.end()) {
968 return sortedOptions[0];
969 }
970 return *bestSoFar;
971 }
972
973 static std::variant<keystore::X509_Ptr, KMV1::ErrorCode>
makeCert(::android::sp<Keymaster> mDevice,const std::vector<KeyParameter> & keyParams,const std::vector<uint8_t> & keyBlob)974 makeCert(::android::sp<Keymaster> mDevice, const std::vector<KeyParameter>& keyParams,
975 const std::vector<uint8_t>& keyBlob) {
976 // Start generating the certificate.
977 // Get public key for makeCert.
978 KMV1::ErrorCode errorCode;
979 std::vector<uint8_t> key;
980 static std::vector<uint8_t> empty_vector;
981 auto unwrapBlob = [&](auto b) -> const std::vector<uint8_t>& {
982 if (b)
983 return *b;
984 else
985 return empty_vector;
986 };
987 auto result = mDevice->exportKey(
988 V4_0_KeyFormat::X509, keyBlob, unwrapBlob(getParam(keyParams, KMV1::TAG_APPLICATION_ID)),
989 unwrapBlob(getParam(keyParams, KMV1::TAG_APPLICATION_DATA)),
990 [&](V4_0_ErrorCode error, const hidl_vec<uint8_t>& keyMaterial) {
991 errorCode = convert(error);
992 key = keyMaterial;
993 });
994 if (!result.isOk()) {
995 LOG(ERROR) << __func__ << " exportKey transaction failed. " << result.description();
996 return KMV1::ErrorCode::UNKNOWN_ERROR;
997 }
998 if (errorCode != KMV1::ErrorCode::OK) {
999 return errorCode;
1000 }
1001 // Get pkey for makeCert.
1002 CBS cbs;
1003 CBS_init(&cbs, key.data(), key.size());
1004 auto pkey = EVP_parse_public_key(&cbs);
1005
1006 // makeCert
1007 std::optional<std::reference_wrapper<const std::vector<uint8_t>>> subject;
1008 if (auto blob = getParam(keyParams, KMV1::TAG_CERTIFICATE_SUBJECT)) {
1009 subject = *blob;
1010 }
1011
1012 std::optional<std::reference_wrapper<const std::vector<uint8_t>>> serial;
1013 if (auto blob = getParam(keyParams, KMV1::TAG_CERTIFICATE_SERIAL)) {
1014 serial = *blob;
1015 }
1016
1017 int64_t activation;
1018 if (auto date = getParam(keyParams, KMV1::TAG_CERTIFICATE_NOT_BEFORE)) {
1019 activation = static_cast<int64_t>(*date);
1020 } else {
1021 return KMV1::ErrorCode::MISSING_NOT_BEFORE;
1022 }
1023
1024 int64_t expiration;
1025 if (auto date = getParam(keyParams, KMV1::TAG_CERTIFICATE_NOT_AFTER)) {
1026 expiration = static_cast<int64_t>(*date);
1027 } else {
1028 return KMV1::ErrorCode::MISSING_NOT_AFTER;
1029 }
1030
1031 auto certOrError = keystore::makeCert(
1032 pkey, serial, subject, activation, expiration, false /* intentionally left blank */,
1033 std::nullopt /* intentionally left blank */, std::nullopt /* intentionally left blank */);
1034 if (std::holds_alternative<keystore::CertUtilsError>(certOrError)) {
1035 LOG(ERROR) << __func__ << ": Failed to make certificate";
1036 return KMV1::ErrorCode::UNKNOWN_ERROR;
1037 }
1038 return std::move(std::get<keystore::X509_Ptr>(certOrError));
1039 }
1040
getKeystoreAlgorithm(Algorithm algorithm)1041 static std::variant<keystore::Algo, KMV1::ErrorCode> getKeystoreAlgorithm(Algorithm algorithm) {
1042 switch (algorithm) {
1043 case Algorithm::RSA:
1044 return keystore::Algo::RSA;
1045 case Algorithm::EC:
1046 return keystore::Algo::ECDSA;
1047 default:
1048 LOG(ERROR) << __func__ << ": This should not be called with symmetric algorithm.";
1049 return KMV1::ErrorCode::UNKNOWN_ERROR;
1050 }
1051 }
1052
getKeystorePadding(PaddingMode padding)1053 static std::variant<keystore::Padding, KMV1::ErrorCode> getKeystorePadding(PaddingMode padding) {
1054 switch (padding) {
1055 case PaddingMode::RSA_PKCS1_1_5_SIGN:
1056 return keystore::Padding::PKCS1_5;
1057 case PaddingMode::RSA_PSS:
1058 return keystore::Padding::PSS;
1059 default:
1060 return keystore::Padding::Ignored;
1061 }
1062 }
1063
getKeystoreDigest(Digest digest)1064 static std::variant<keystore::Digest, KMV1::ErrorCode> getKeystoreDigest(Digest digest) {
1065 switch (digest) {
1066 case Digest::SHA1:
1067 return keystore::Digest::SHA1;
1068 case Digest::SHA_2_224:
1069 return keystore::Digest::SHA224;
1070 case Digest::SHA_2_256:
1071 case Digest::NONE:
1072 return keystore::Digest::SHA256;
1073 case Digest::SHA_2_384:
1074 return keystore::Digest::SHA384;
1075 case Digest::SHA_2_512:
1076 return keystore::Digest::SHA512;
1077 default:
1078 LOG(ERROR) << __func__ << ": Unknown digest.";
1079 return KMV1::ErrorCode::UNKNOWN_ERROR;
1080 }
1081 }
1082
1083 std::optional<KMV1::ErrorCode>
signCertificate(const std::vector<KeyParameter> & keyParams,const std::vector<uint8_t> & prefixedKeyBlob,X509 * cert)1084 KeyMintDevice::signCertificate(const std::vector<KeyParameter>& keyParams,
1085 const std::vector<uint8_t>& prefixedKeyBlob, X509* cert) {
1086
1087 auto algorithm = getParam(keyParams, KMV1::TAG_ALGORITHM);
1088 auto algoOrError = getKeystoreAlgorithm(*algorithm);
1089 if (std::holds_alternative<KMV1::ErrorCode>(algoOrError)) {
1090 return std::get<KMV1::ErrorCode>(algoOrError);
1091 }
1092 auto algo = std::get<keystore::Algo>(algoOrError);
1093 auto origPadding = getMaximum(keyParams, KMV1::TAG_PADDING,
1094 {PaddingMode::RSA_PSS, PaddingMode::RSA_PKCS1_1_5_SIGN});
1095 auto paddingOrError = getKeystorePadding(origPadding);
1096 if (std::holds_alternative<KMV1::ErrorCode>(paddingOrError)) {
1097 return std::get<KMV1::ErrorCode>(paddingOrError);
1098 }
1099 auto padding = std::get<keystore::Padding>(paddingOrError);
1100 auto origDigest = getMaximum(keyParams, KMV1::TAG_DIGEST,
1101 {Digest::SHA_2_256, Digest::SHA_2_512, Digest::SHA_2_384,
1102 Digest::SHA_2_224, Digest::SHA1, Digest::NONE});
1103 auto digestOrError = getKeystoreDigest(origDigest);
1104 if (std::holds_alternative<KMV1::ErrorCode>(digestOrError)) {
1105 return std::get<KMV1::ErrorCode>(digestOrError);
1106 }
1107 auto digest = std::get<keystore::Digest>(digestOrError);
1108
1109 KMV1::ErrorCode errorCode = KMV1::ErrorCode::OK;
1110 auto error = keystore::signCertWith(
1111 &*cert,
1112 [&](const uint8_t* data, size_t len) {
1113 std::vector<uint8_t> dataVec(data, data + len);
1114 std::vector<KeyParameter> kps = {
1115 KMV1::makeKeyParameter(KMV1::TAG_DIGEST, origDigest),
1116 };
1117 if (algorithm == KMV1::Algorithm::RSA) {
1118 kps.push_back(KMV1::makeKeyParameter(KMV1::TAG_PADDING, origPadding));
1119 }
1120 BeginResult beginResult;
1121 auto error =
1122 begin(KeyPurpose::SIGN, prefixedKeyBlob, kps, HardwareAuthToken(), &beginResult);
1123 if (!error.isOk()) {
1124 errorCode = toErrorCode(error);
1125 return std::vector<uint8_t>();
1126 }
1127
1128 std::vector<uint8_t> result;
1129 error = beginResult.operation->finish(dataVec, //
1130 {} /* signature */, //
1131 {} /* authToken */, //
1132 {} /* timestampToken */, //
1133 {} /* confirmationToken */, //
1134 &result);
1135 if (!error.isOk()) {
1136 errorCode = toErrorCode(error);
1137 return std::vector<uint8_t>();
1138 }
1139 return result;
1140 },
1141 algo, padding, digest);
1142 if (error) {
1143 LOG(ERROR) << __func__
1144 << ": signCertWith failed. (Callback diagnosed: " << toString(errorCode) << ")";
1145 return KMV1::ErrorCode::UNKNOWN_ERROR;
1146 }
1147 if (errorCode != KMV1::ErrorCode::OK) {
1148 return errorCode;
1149 }
1150 return std::nullopt;
1151 }
1152
1153 std::variant<std::vector<Certificate>, KMV1::ErrorCode>
getCertificate(const std::vector<KeyParameter> & keyParams,const std::vector<uint8_t> & prefixedKeyBlob)1154 KeyMintDevice::getCertificate(const std::vector<KeyParameter>& keyParams,
1155 const std::vector<uint8_t>& prefixedKeyBlob) {
1156 const std::vector<uint8_t>& keyBlob = prefixedKeyBlobRemovePrefix(prefixedKeyBlob);
1157
1158 // There are no certificates for symmetric keys.
1159 auto algorithm = getParam(keyParams, KMV1::TAG_ALGORITHM);
1160 if (!algorithm) {
1161 LOG(ERROR) << __func__ << ": Unable to determine key algorithm.";
1162 return KMV1::ErrorCode::UNKNOWN_ERROR;
1163 }
1164 switch (*algorithm) {
1165 case Algorithm::RSA:
1166 case Algorithm::EC:
1167 break;
1168 default:
1169 return KMV1::ErrorCode::OK;
1170 }
1171
1172 // If attestation was requested, call and use attestKey.
1173 if (containsParam(keyParams, KMV1::TAG_ATTESTATION_CHALLENGE)) {
1174 auto legacyParams = convertKeyParametersToLegacy(extractAttestationParams(keyParams));
1175 std::vector<Certificate> certs;
1176 KMV1::ErrorCode errorCode = KMV1::ErrorCode::OK;
1177 auto result = mDevice->attestKey(
1178 keyBlob, legacyParams,
1179 [&](V4_0::ErrorCode error, const hidl_vec<hidl_vec<uint8_t>>& certChain) {
1180 errorCode = convert(error);
1181 for (const auto& cert : certChain) {
1182 Certificate certificate;
1183 certificate.encodedCertificate = cert;
1184 certs.push_back(certificate);
1185 }
1186 });
1187 if (!result.isOk()) {
1188 LOG(ERROR) << __func__ << ": Call to attestKey failed.";
1189 return KMV1::ErrorCode::UNKNOWN_ERROR;
1190 }
1191 if (errorCode != KMV1::ErrorCode::OK) {
1192 return errorCode;
1193 }
1194 return certs;
1195 }
1196
1197 // makeCert
1198 auto certOrError = makeCert(mDevice, keyParams, keyBlob);
1199 if (std::holds_alternative<KMV1::ErrorCode>(certOrError)) {
1200 return std::get<KMV1::ErrorCode>(certOrError);
1201 }
1202 auto cert = std::move(std::get<keystore::X509_Ptr>(certOrError));
1203
1204 // setIssuer
1205 auto error = keystore::setIssuer(&*cert, &*cert, false);
1206 if (error) {
1207 LOG(ERROR) << __func__ << ": Set issuer failed.";
1208 return KMV1::ErrorCode::UNKNOWN_ERROR;
1209 }
1210
1211 // Signing
1212 auto canSelfSign =
1213 std::find_if(keyParams.begin(), keyParams.end(), [&](const KeyParameter& kp) {
1214 if (auto v = KMV1::authorizationValue(KMV1::TAG_PURPOSE, kp)) {
1215 return *v == KeyPurpose::SIGN;
1216 }
1217 return false;
1218 }) != keyParams.end();
1219 auto noAuthRequired = containsParam(keyParams, KMV1::TAG_NO_AUTH_REQUIRED);
1220 // If we cannot sign because of purpose or authorization requirement,
1221 if (!(canSelfSign && noAuthRequired)
1222 // or if self signing fails for any other reason,
1223 || signCertificate(keyParams, keyBlob, &*cert).has_value()) {
1224 // we sign with ephemeral key.
1225 keystore::EVP_PKEY_CTX_Ptr pkey_ctx(EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL));
1226 EVP_PKEY_keygen_init(pkey_ctx.get());
1227 EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pkey_ctx.get(), NID_X9_62_prime256v1);
1228 EVP_PKEY* pkey_ptr = nullptr;
1229 EVP_PKEY_keygen(pkey_ctx.get(), &pkey_ptr);
1230 error = keystore::signCert(&*cert, pkey_ptr);
1231 if (error) {
1232 LOG(ERROR) << __func__ << ": signCert failed.";
1233 return KMV1::ErrorCode::UNKNOWN_ERROR;
1234 }
1235 }
1236
1237 // encodeCert
1238 auto encodedCertOrError = keystore::encodeCert(&*cert);
1239 if (std::holds_alternative<keystore::CertUtilsError>(encodedCertOrError)) {
1240 LOG(ERROR) << __func__ << ": encodeCert failed.";
1241 return KMV1::ErrorCode::UNKNOWN_ERROR;
1242 }
1243
1244 Certificate certificate{.encodedCertificate =
1245 std::get<std::vector<uint8_t>>(encodedCertOrError)};
1246 std::vector certificates = {certificate};
1247 return certificates;
1248 }
1249
1250 // Code to find the Keymaster devices (copied from existing code).
1251
1252 // Copied from system/security/keystore/include/keystore/keymaster_types.h.
1253
1254 // Changing this namespace alias will change the keymaster version.
1255 namespace keymasterNs = ::android::hardware::keymaster::V4_1;
1256
1257 using keymasterNs::SecurityLevel;
1258
1259 // Copied from system/security/keystore/KeyStore.h.
1260
1261 using ::android::sp;
1262 using keymasterNs::support::Keymaster;
1263
1264 template <typename T, size_t count> class Devices : public std::array<T, count> {
1265 public:
operator [](SecurityLevel secLevel)1266 T& operator[](SecurityLevel secLevel) {
1267 static_assert(uint32_t(SecurityLevel::SOFTWARE) == 0 &&
1268 uint32_t(SecurityLevel::TRUSTED_ENVIRONMENT) == 1 &&
1269 uint32_t(SecurityLevel::STRONGBOX) == 2,
1270 "Numeric values of security levels have changed");
1271 return std::array<T, count>::at(static_cast<uint32_t>(secLevel));
1272 }
__anona80f3eea1302(SecurityLevel secLevel) 1273 T operator[](SecurityLevel secLevel) const {
1274 if (static_cast<uint32_t>(secLevel) > static_cast<uint32_t>(SecurityLevel::STRONGBOX)) {
1275 LOG(ERROR) << "Invalid security level requested";
1276 return {};
1277 }
1278 return (*const_cast<Devices*>(this))[secLevel];
1279 }
1280 };
1281
1282 using KeymasterDevices = Devices<sp<Keymaster>, 3>;
1283
1284 // Copied from system/security/keystore/keystore_main.cpp.
1285
1286 using ::android::hardware::hidl_string;
1287 using keymasterNs::support::Keymaster3;
1288 using keymasterNs::support::Keymaster4;
1289
1290 template <typename Wrapper>
enumerateKeymasterDevices(IServiceManager * serviceManager)1291 KeymasterDevices enumerateKeymasterDevices(IServiceManager* serviceManager) {
1292 KeymasterDevices result;
1293 serviceManager->listManifestByInterface(
1294 Wrapper::WrappedIKeymasterDevice::descriptor, [&](const hidl_vec<hidl_string>& names) {
1295 auto try_get_device = [&](const auto& name, bool fail_silent) {
1296 auto device = Wrapper::WrappedIKeymasterDevice::getService(name);
1297 if (fail_silent && !device) return;
1298 CHECK(device) << "Failed to get service for \""
1299 << Wrapper::WrappedIKeymasterDevice::descriptor
1300 << "\" with interface name \"" << name << "\"";
1301
1302 sp<Keymaster> kmDevice(new Wrapper(device, name));
1303 auto halVersion = kmDevice->halVersion();
1304 SecurityLevel securityLevel = halVersion.securityLevel;
1305 LOG(INFO) << "found " << Wrapper::WrappedIKeymasterDevice::descriptor
1306 << " with interface name " << name << " and seclevel "
1307 << toString(securityLevel);
1308 CHECK(static_cast<uint32_t>(securityLevel) < result.size())
1309 << "Security level of \"" << Wrapper::WrappedIKeymasterDevice::descriptor
1310 << "\" with interface name \"" << name << "\" out of range";
1311 auto& deviceSlot = result[securityLevel];
1312 if (deviceSlot) {
1313 if (!fail_silent) {
1314 LOG(WARNING) << "Implementation of \""
1315 << Wrapper::WrappedIKeymasterDevice::descriptor
1316 << "\" with interface name \"" << name
1317 << "\" and security level: " << toString(securityLevel)
1318 << " Masked by other implementation of Keymaster";
1319 }
1320 } else {
1321 deviceSlot = kmDevice;
1322 }
1323 };
1324 bool has_default = false;
1325 for (auto& n : names) {
1326 try_get_device(n, false);
1327 if (n == "default") has_default = true;
1328 }
1329 // Make sure that we always check the default device. If we enumerate only what is
1330 // known to hwservicemanager, we miss a possible passthrough HAL.
1331 if (!has_default) {
1332 try_get_device("default", true /* fail_silent */);
1333 }
1334 });
1335 return result;
1336 }
1337
initializeKeymasters()1338 KeymasterDevices initializeKeymasters() {
1339 auto serviceManager = IServiceManager::getService();
1340 CHECK(serviceManager.get()) << "Failed to get ServiceManager";
1341 auto result = enumerateKeymasterDevices<Keymaster4>(serviceManager.get());
1342 auto softKeymaster = result[SecurityLevel::SOFTWARE];
1343 if ((!result[SecurityLevel::TRUSTED_ENVIRONMENT]) && (!result[SecurityLevel::STRONGBOX])) {
1344 result = enumerateKeymasterDevices<Keymaster3>(serviceManager.get());
1345 }
1346 if (softKeymaster) result[SecurityLevel::SOFTWARE] = softKeymaster;
1347 if (result[SecurityLevel::SOFTWARE] && !result[SecurityLevel::TRUSTED_ENVIRONMENT]) {
1348 LOG(WARNING) << "No secure Keymaster implementation found, but device offers insecure"
1349 " Keymaster HAL. Using as default.";
1350 result[SecurityLevel::TRUSTED_ENVIRONMENT] = result[SecurityLevel::SOFTWARE];
1351 result[SecurityLevel::SOFTWARE] = nullptr;
1352 }
1353 // The software bit was removed since we do not need it.
1354 return result;
1355 }
1356
setNumFreeSlots(uint8_t numFreeSlots)1357 void KeyMintDevice::setNumFreeSlots(uint8_t numFreeSlots) {
1358 mOperationSlots.setNumFreeSlots(numFreeSlots);
1359 }
1360
1361 // Constructors and helpers.
1362
KeyMintDevice(sp<Keymaster> device,KeyMintSecurityLevel securityLevel)1363 KeyMintDevice::KeyMintDevice(sp<Keymaster> device, KeyMintSecurityLevel securityLevel)
1364 : mDevice(device), securityLevel_(securityLevel) {
1365 if (securityLevel == KeyMintSecurityLevel::STRONGBOX) {
1366 setNumFreeSlots(3);
1367 } else {
1368 setNumFreeSlots(15);
1369 }
1370
1371 softKeyMintDevice_.reset(CreateKeyMintDevice(KeyMintSecurityLevel::SOFTWARE));
1372 }
1373
getDevice(KeyMintSecurityLevel securityLevel)1374 sp<Keymaster> getDevice(KeyMintSecurityLevel securityLevel) {
1375 static std::mutex mutex;
1376 static sp<Keymaster> teeDevice;
1377 static sp<Keymaster> sbDevice;
1378 std::lock_guard<std::mutex> lock(mutex);
1379 if (!teeDevice) {
1380 auto devices = initializeKeymasters();
1381 teeDevice = devices[V4_0::SecurityLevel::TRUSTED_ENVIRONMENT];
1382 sbDevice = devices[V4_0::SecurityLevel::STRONGBOX];
1383 }
1384 switch (securityLevel) {
1385 case KeyMintSecurityLevel::TRUSTED_ENVIRONMENT:
1386 return teeDevice;
1387 case KeyMintSecurityLevel::STRONGBOX:
1388 return sbDevice;
1389 default:
1390 return {};
1391 }
1392 }
1393
1394 std::shared_ptr<KeyMintDevice>
createKeyMintDevice(KeyMintSecurityLevel securityLevel)1395 KeyMintDevice::createKeyMintDevice(KeyMintSecurityLevel securityLevel) {
1396 if (auto dev = getDevice(securityLevel)) {
1397 return ndk::SharedRefBase::make<KeyMintDevice>(std::move(dev), securityLevel);
1398 }
1399 return {};
1400 }
1401
createSharedSecret(KeyMintSecurityLevel securityLevel)1402 std::shared_ptr<SharedSecret> SharedSecret::createSharedSecret(KeyMintSecurityLevel securityLevel) {
1403 auto device = getDevice(securityLevel);
1404 if (!device) {
1405 return {};
1406 }
1407 return ndk::SharedRefBase::make<SharedSecret>(std::move(device));
1408 }
1409
createSecureClock(KeyMintSecurityLevel securityLevel)1410 std::shared_ptr<SecureClock> SecureClock::createSecureClock(KeyMintSecurityLevel securityLevel) {
1411 auto device = getDevice(securityLevel);
1412 if (!device) {
1413 return {};
1414 }
1415 return ndk::SharedRefBase::make<SecureClock>(std::move(device));
1416 }
1417
1418 ScopedAStatus
getKeyMintDevice(KeyMintSecurityLevel in_securityLevel,std::shared_ptr<IKeyMintDevice> * _aidl_return)1419 KeystoreCompatService::getKeyMintDevice(KeyMintSecurityLevel in_securityLevel,
1420 std::shared_ptr<IKeyMintDevice>* _aidl_return) {
1421 auto i = mDeviceCache.find(in_securityLevel);
1422 if (i == mDeviceCache.end()) {
1423 auto device = KeyMintDevice::createKeyMintDevice(in_securityLevel);
1424 if (!device) {
1425 return ScopedAStatus::fromStatus(STATUS_NAME_NOT_FOUND);
1426 }
1427 i = mDeviceCache.insert(i, {in_securityLevel, std::move(device)});
1428 }
1429 *_aidl_return = i->second;
1430 return ScopedAStatus::ok();
1431 }
1432
getSharedSecret(KeyMintSecurityLevel in_securityLevel,std::shared_ptr<ISharedSecret> * _aidl_return)1433 ScopedAStatus KeystoreCompatService::getSharedSecret(KeyMintSecurityLevel in_securityLevel,
1434 std::shared_ptr<ISharedSecret>* _aidl_return) {
1435 auto i = mSharedSecretCache.find(in_securityLevel);
1436 if (i == mSharedSecretCache.end()) {
1437 auto secret = SharedSecret::createSharedSecret(in_securityLevel);
1438 if (!secret) {
1439 return ScopedAStatus::fromStatus(STATUS_NAME_NOT_FOUND);
1440 }
1441 i = mSharedSecretCache.insert(i, {in_securityLevel, std::move(secret)});
1442 }
1443 *_aidl_return = i->second;
1444 return ScopedAStatus::ok();
1445 }
1446
getSecureClock(std::shared_ptr<ISecureClock> * _aidl_return)1447 ScopedAStatus KeystoreCompatService::getSecureClock(std::shared_ptr<ISecureClock>* _aidl_return) {
1448 if (!mSecureClock) {
1449 // The legacy verification service was always provided by the TEE variant.
1450 auto clock = SecureClock::createSecureClock(KeyMintSecurityLevel::TRUSTED_ENVIRONMENT);
1451 if (!clock) {
1452 return ScopedAStatus::fromStatus(STATUS_NAME_NOT_FOUND);
1453 }
1454 mSecureClock = std::move(clock);
1455 }
1456 *_aidl_return = mSecureClock;
1457 return ScopedAStatus::ok();
1458 }
1459