1 /* 2 * Copyright 2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef SYSTEM_KEYMASTER_ATTESTATION_RECORD_H_ 18 #define SYSTEM_KEYMASTER_ATTESTATION_RECORD_H_ 19 20 #include <hardware/keymaster_defs.h> 21 22 #include <keymaster/authorization_set.h> 23 24 #include <openssl/asn1t.h> 25 26 namespace keymaster { 27 28 struct stack_st_ASN1_TYPE_Delete { operatorstack_st_ASN1_TYPE_Delete29 void operator()(stack_st_ASN1_TYPE* p) { sk_ASN1_TYPE_free(p); } 30 }; 31 32 struct ASN1_STRING_Delete { operatorASN1_STRING_Delete33 void operator()(ASN1_STRING* p) { ASN1_STRING_free(p); } 34 }; 35 36 struct ASN1_TYPE_Delete { operatorASN1_TYPE_Delete37 void operator()(ASN1_TYPE* p) { ASN1_TYPE_free(p); } 38 }; 39 40 #define ASN1_INTEGER_SET STACK_OF(ASN1_INTEGER) 41 42 typedef struct km_root_of_trust { 43 ASN1_OCTET_STRING* verified_boot_key; 44 ASN1_BOOLEAN* device_locked; 45 ASN1_ENUMERATED* verified_boot_state; 46 } KM_ROOT_OF_TRUST; 47 48 ASN1_SEQUENCE(KM_ROOT_OF_TRUST) = { 49 ASN1_SIMPLE(KM_ROOT_OF_TRUST, verified_boot_key, ASN1_OCTET_STRING), 50 ASN1_SIMPLE(KM_ROOT_OF_TRUST, device_locked, ASN1_BOOLEAN), 51 ASN1_SIMPLE(KM_ROOT_OF_TRUST, verified_boot_state, ASN1_ENUMERATED), 52 } ASN1_SEQUENCE_END(KM_ROOT_OF_TRUST); 53 DECLARE_ASN1_FUNCTIONS(KM_ROOT_OF_TRUST); 54 55 typedef struct km_auth_list { 56 ASN1_INTEGER_SET* purpose; 57 ASN1_INTEGER* algorithm; 58 ASN1_INTEGER* key_size; 59 ASN1_INTEGER_SET* block_mode; 60 ASN1_INTEGER_SET* digest; 61 ASN1_INTEGER_SET* padding; 62 ASN1_NULL* caller_nonce; 63 ASN1_INTEGER* min_mac_length; 64 ASN1_INTEGER_SET* kdf; 65 ASN1_INTEGER* ec_curve; 66 ASN1_INTEGER* rsa_public_exponent; 67 ASN1_INTEGER* active_date_time; 68 ASN1_INTEGER* origination_expire_date_time; 69 ASN1_INTEGER* usage_expire_date_time; 70 ASN1_NULL* no_auth_required; 71 ASN1_INTEGER* user_auth_type; 72 ASN1_INTEGER* auth_timeout; 73 ASN1_NULL* allow_while_on_body; 74 ASN1_NULL* trusted_confirmation_required; 75 ASN1_NULL* unlocked_device_required; 76 ASN1_NULL* all_applications; 77 ASN1_OCTET_STRING* application_id; 78 ASN1_INTEGER* creation_date_time; 79 ASN1_INTEGER* origin; 80 ASN1_NULL* rollback_resistant; 81 KM_ROOT_OF_TRUST* root_of_trust; 82 ASN1_INTEGER* os_version; 83 ASN1_INTEGER* os_patchlevel; 84 ASN1_OCTET_STRING* attestation_application_id; 85 ASN1_OCTET_STRING* attestation_id_brand; 86 ASN1_OCTET_STRING* attestation_id_device; 87 ASN1_OCTET_STRING* attestation_id_product; 88 ASN1_OCTET_STRING* attestation_id_serial; 89 ASN1_OCTET_STRING* attestation_id_imei; 90 ASN1_OCTET_STRING* attestation_id_meid; 91 ASN1_OCTET_STRING* attestation_id_manufacturer; 92 ASN1_OCTET_STRING* attestation_id_model; 93 } KM_AUTH_LIST; 94 95 ASN1_SEQUENCE(KM_AUTH_LIST) = { 96 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, purpose, ASN1_INTEGER, TAG_PURPOSE.masked_tag()), 97 ASN1_EXP_OPT(KM_AUTH_LIST, algorithm, ASN1_INTEGER, TAG_ALGORITHM.masked_tag()), 98 ASN1_EXP_OPT(KM_AUTH_LIST, key_size, ASN1_INTEGER, TAG_KEY_SIZE.masked_tag()), 99 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, block_mode, ASN1_INTEGER, TAG_BLOCK_MODE.masked_tag()), 100 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, digest, ASN1_INTEGER, TAG_DIGEST.masked_tag()), 101 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, padding, ASN1_INTEGER, TAG_PADDING.masked_tag()), 102 ASN1_EXP_OPT(KM_AUTH_LIST, caller_nonce, ASN1_NULL, TAG_CALLER_NONCE.masked_tag()), 103 ASN1_EXP_OPT(KM_AUTH_LIST, min_mac_length, ASN1_INTEGER, TAG_MIN_MAC_LENGTH.masked_tag()), 104 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, kdf, ASN1_INTEGER, TAG_KDF.masked_tag()), 105 ASN1_EXP_OPT(KM_AUTH_LIST, ec_curve, ASN1_INTEGER, TAG_EC_CURVE.masked_tag()), 106 ASN1_EXP_OPT(KM_AUTH_LIST, rsa_public_exponent, ASN1_INTEGER, 107 TAG_RSA_PUBLIC_EXPONENT.masked_tag()), 108 ASN1_EXP_OPT(KM_AUTH_LIST, active_date_time, ASN1_INTEGER, TAG_ACTIVE_DATETIME.masked_tag()), 109 ASN1_EXP_OPT(KM_AUTH_LIST, origination_expire_date_time, ASN1_INTEGER, 110 TAG_ORIGINATION_EXPIRE_DATETIME.masked_tag()), 111 ASN1_EXP_OPT(KM_AUTH_LIST, usage_expire_date_time, ASN1_INTEGER, 112 TAG_USAGE_EXPIRE_DATETIME.masked_tag()), 113 ASN1_EXP_OPT(KM_AUTH_LIST, no_auth_required, ASN1_NULL, TAG_NO_AUTH_REQUIRED.masked_tag()), 114 ASN1_EXP_OPT(KM_AUTH_LIST, user_auth_type, ASN1_INTEGER, TAG_USER_AUTH_TYPE.masked_tag()), 115 ASN1_EXP_OPT(KM_AUTH_LIST, auth_timeout, ASN1_INTEGER, TAG_AUTH_TIMEOUT.masked_tag()), 116 ASN1_EXP_OPT(KM_AUTH_LIST, allow_while_on_body, ASN1_NULL, 117 TAG_ALLOW_WHILE_ON_BODY.masked_tag()), 118 ASN1_EXP_OPT(KM_AUTH_LIST, unlocked_device_required, ASN1_NULL, 119 TAG_UNLOCKED_DEVICE_REQUIRED.masked_tag()), 120 ASN1_EXP_OPT(KM_AUTH_LIST, all_applications, ASN1_NULL, TAG_ALL_APPLICATIONS.masked_tag()), 121 ASN1_EXP_OPT(KM_AUTH_LIST, application_id, ASN1_OCTET_STRING, TAG_APPLICATION_ID.masked_tag()), 122 ASN1_EXP_OPT(KM_AUTH_LIST, creation_date_time, ASN1_INTEGER, 123 TAG_CREATION_DATETIME.masked_tag()), 124 ASN1_EXP_OPT(KM_AUTH_LIST, origin, ASN1_INTEGER, TAG_ORIGIN.masked_tag()), 125 ASN1_EXP_OPT(KM_AUTH_LIST, rollback_resistant, ASN1_NULL, TAG_ROLLBACK_RESISTANT.masked_tag()), 126 ASN1_EXP_OPT(KM_AUTH_LIST, root_of_trust, KM_ROOT_OF_TRUST, TAG_ROOT_OF_TRUST.masked_tag()), 127 ASN1_EXP_OPT(KM_AUTH_LIST, os_version, ASN1_INTEGER, TAG_OS_VERSION.masked_tag()), 128 ASN1_EXP_OPT(KM_AUTH_LIST, os_patchlevel, ASN1_INTEGER, TAG_OS_PATCHLEVEL.masked_tag()), 129 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_application_id, ASN1_OCTET_STRING, 130 TAG_ATTESTATION_APPLICATION_ID.masked_tag()), 131 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_brand, ASN1_OCTET_STRING, 132 TAG_ATTESTATION_ID_BRAND.masked_tag()), 133 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_device, ASN1_OCTET_STRING, 134 TAG_ATTESTATION_ID_DEVICE.masked_tag()), 135 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_product, ASN1_OCTET_STRING, 136 TAG_ATTESTATION_ID_PRODUCT.masked_tag()), 137 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_serial, ASN1_OCTET_STRING, 138 TAG_ATTESTATION_ID_SERIAL.masked_tag()), 139 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_imei, ASN1_OCTET_STRING, 140 TAG_ATTESTATION_ID_IMEI.masked_tag()), 141 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_meid, ASN1_OCTET_STRING, 142 TAG_ATTESTATION_ID_MEID.masked_tag()), 143 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_manufacturer, ASN1_OCTET_STRING, 144 TAG_ATTESTATION_ID_MANUFACTURER.masked_tag()), 145 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_model, ASN1_OCTET_STRING, 146 TAG_ATTESTATION_ID_MODEL.masked_tag()), 147 } ASN1_SEQUENCE_END(KM_AUTH_LIST); 148 DECLARE_ASN1_FUNCTIONS(KM_AUTH_LIST); 149 150 typedef struct km_key_description { 151 ASN1_INTEGER* attestation_version; 152 ASN1_ENUMERATED* attestation_security_level; 153 ASN1_INTEGER* keymaster_version; 154 ASN1_ENUMERATED* keymaster_security_level; 155 ASN1_OCTET_STRING* attestation_challenge; 156 KM_AUTH_LIST* software_enforced; 157 KM_AUTH_LIST* tee_enforced; 158 ASN1_INTEGER* unique_id; 159 } KM_KEY_DESCRIPTION; 160 161 ASN1_SEQUENCE(KM_KEY_DESCRIPTION) = { 162 ASN1_SIMPLE(KM_KEY_DESCRIPTION, attestation_version, ASN1_INTEGER), 163 ASN1_SIMPLE(KM_KEY_DESCRIPTION, attestation_security_level, ASN1_ENUMERATED), 164 ASN1_SIMPLE(KM_KEY_DESCRIPTION, keymaster_version, ASN1_INTEGER), 165 ASN1_SIMPLE(KM_KEY_DESCRIPTION, keymaster_security_level, ASN1_ENUMERATED), 166 ASN1_SIMPLE(KM_KEY_DESCRIPTION, attestation_challenge, ASN1_OCTET_STRING), 167 ASN1_SIMPLE(KM_KEY_DESCRIPTION, unique_id, ASN1_OCTET_STRING), 168 ASN1_SIMPLE(KM_KEY_DESCRIPTION, software_enforced, KM_AUTH_LIST), 169 ASN1_SIMPLE(KM_KEY_DESCRIPTION, tee_enforced, KM_AUTH_LIST), 170 } ASN1_SEQUENCE_END(KM_KEY_DESCRIPTION); 171 DECLARE_ASN1_FUNCTIONS(KM_KEY_DESCRIPTION); 172 173 class AttestationRecordContext { 174 protected: ~AttestationRecordContext()175 virtual ~AttestationRecordContext() {} 176 177 public: 178 /** 179 * Returns the security level (SW or TEE) of this keymaster implementation. 180 */ GetSecurityLevel()181 virtual keymaster_security_level_t GetSecurityLevel() const { 182 return KM_SECURITY_LEVEL_SOFTWARE; 183 } 184 185 /** 186 * Verify that the device IDs provided in the attestation_params match the device's actual IDs 187 * and copy them to attestation. If *any* of the IDs do not match or verification is not 188 * possible, return KM_ERROR_CANNOT_ATTEST_IDS. If *all* IDs provided are successfully verified 189 * or no IDs were provided, return KM_ERROR_OK. 190 * 191 * If you do not support device ID attestation, ignore all arguments and return 192 * KM_ERROR_UNIMPLEMENTED. 193 */ 194 virtual keymaster_error_t VerifyAndCopyDeviceIds(const AuthorizationSet &,AuthorizationSet *)195 VerifyAndCopyDeviceIds(const AuthorizationSet& /* attestation_params */, 196 AuthorizationSet* /* attestation */) const { 197 return KM_ERROR_UNIMPLEMENTED; 198 } 199 /** 200 * Generate the current unique ID. 201 */ GenerateUniqueId(uint64_t,const keymaster_blob_t &,bool,Buffer *)202 virtual keymaster_error_t GenerateUniqueId(uint64_t /*creation_date_time*/, 203 const keymaster_blob_t& /*application_id*/, 204 bool /*reset_since_rotation*/, 205 Buffer* /*unique_id*/) const { 206 return KM_ERROR_UNIMPLEMENTED; 207 } 208 209 /** 210 * Returns verified boot parameters for the Attestation Extension. For hardware-based 211 * implementations, these will be the values reported by the bootloader. By default, verified 212 * boot state is unknown, and KM_ERROR_UNIMPLEMENTED is returned. 213 */ 214 virtual keymaster_error_t GetVerifiedBootParams(keymaster_blob_t *,keymaster_verified_boot_t *,bool *)215 GetVerifiedBootParams(keymaster_blob_t* /* verified_boot_key */, 216 keymaster_verified_boot_t* /* verified_boot_state */, 217 bool* /* device_locked */) const { 218 return KM_ERROR_UNIMPLEMENTED; 219 } 220 }; 221 222 /** 223 * The OID for Android attestation records. For the curious, it breaks down as follows: 224 * 225 * 1 = ISO 226 * 3 = org 227 * 6 = DoD (Huh? OIDs are weird.) 228 * 1 = IANA 229 * 4 = Private 230 * 1 = Enterprises 231 * 11129 = Google 232 * 2 = Google security 233 * 1 = certificate extension 234 * 17 = Android attestation extension. 235 */ 236 static const char kAttestionRecordOid[] = "1.3.6.1.4.1.11129.2.1.17"; 237 238 keymaster_error_t build_attestation_record(const AuthorizationSet& attestation_params, 239 AuthorizationSet software_enforced, 240 AuthorizationSet tee_enforced, 241 const AttestationRecordContext& context, 242 UniquePtr<uint8_t[]>* asn1_key_desc, 243 size_t* asn1_key_desc_len); 244 245 /** 246 * Helper functions for attestation record tests. Caller takes ownership of 247 * |attestation_challenge->data| and |unique_id->data|, deallocate using delete[]. 248 */ 249 keymaster_error_t parse_attestation_record(const uint8_t* asn1_key_desc, size_t asn1_key_desc_len, 250 uint32_t* attestation_version, // 251 keymaster_security_level_t* attestation_security_level, 252 uint32_t* keymaster_version, 253 keymaster_security_level_t* keymaster_security_level, 254 keymaster_blob_t* attestation_challenge, 255 AuthorizationSet* software_enforced, 256 AuthorizationSet* tee_enforced, 257 keymaster_blob_t* unique_id); 258 259 /** 260 * Caller takes ownership of |verified_boot_key->data|, deallocate using delete[]. 261 */ 262 keymaster_error_t parse_root_of_trust(const uint8_t* asn1_key_desc, size_t asn1_key_desc_len, 263 keymaster_blob_t* verified_boot_key, 264 keymaster_verified_boot_t* verified_boot_state, 265 bool* device_locked); 266 267 keymaster_error_t build_auth_list(const AuthorizationSet& auth_list, KM_AUTH_LIST* record); 268 269 keymaster_error_t extract_auth_list(const KM_AUTH_LIST* record, AuthorizationSet* auth_list); 270 } // namespace keymaster 271 272 #endif // SYSTEM_KEYMASTER_ATTESTATION_RECORD_H_ 273