1 /*
2 * Copyright 2017, The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "KeymasterDevice.h"
18 #include "buffer.h"
19 #include "export_key.h"
20 #include "certs.h"
21 #include "import_key.h"
22 #include "import_wrapped_key.h"
23 #include "proto_utils.h"
24
25 #include <Keymaster.client.h>
26 #include <nos/debug.h>
27 #include <nos/NuggetClient.h>
28
29 #include <keymasterV4_0/key_param_output.h>
30
31 #include <openssl/sha.h>
32
33 #include <android-base/logging.h>
34 #include <android-base/properties.h>
35
36 #include <algorithm>
37
38 #include <time.h>
39
40 namespace android {
41 namespace hardware {
42 namespace keymaster {
43
44 namespace {
45
46 constexpr char PROPERTY_OS_VERSION[] = "ro.build.version.release";
47 constexpr char PROPERTY_OS_PATCHLEVEL[] = "ro.build.version.security_patch";
48 constexpr char PROPERTY_VENDOR_PATCHLEVEL[] = "ro.vendor.build.security_patch";
49
DigitsOnly(const std::string & code)50 std::string DigitsOnly(const std::string& code) {
51 // Keep digits only.
52 std::string filtered_code;
53 std::copy_if(code.begin(), code.end(), std::back_inserter(filtered_code),
54 isdigit);
55 return filtered_code;
56 }
57
58 /** Get one version number from a string and move loc to the point after the
59 * next version delimiter.
60 */
ExtractVersion(const std::string & version,size_t * loc)61 uint32_t ExtractVersion(const std::string& version, size_t* loc) {
62 if (*loc == std::string::npos || *loc >= version.size()) {
63 return 0;
64 }
65
66 uint32_t value = 0;
67 size_t new_loc = version.find('.', *loc);
68 if (new_loc == std::string::npos) {
69 auto sanitized = DigitsOnly(version.substr(*loc));
70 if (!sanitized.empty()) {
71 if (sanitized.size() < version.size() - *loc) {
72 LOG(ERROR) << "Unexpected version format: \"" << version
73 << "\"";
74 }
75 value = std::stoi(sanitized);
76 }
77 *loc = new_loc;
78 } else {
79 auto sanitized = DigitsOnly(version.substr(*loc, new_loc - *loc));
80 if (!sanitized.empty()) {
81 if (sanitized.size() < new_loc - *loc) {
82 LOG(ERROR) << "Unexpected version format: \"" << version
83 << "\"";
84 }
85 value = std::stoi(sanitized);
86 }
87 *loc = new_loc + 1;
88 }
89 return value;
90 }
91
VersionToUint32(const std::string & version)92 uint32_t VersionToUint32(const std::string& version) {
93 size_t loc = 0;
94 uint32_t major = ExtractVersion(version, &loc);
95 uint32_t minor = ExtractVersion(version, &loc);
96 uint32_t subminor = ExtractVersion(version, &loc);
97 return major * 10000 + minor * 100 + subminor;
98 }
99
DateCodeToUint32(const std::string & code,bool include_day)100 uint32_t DateCodeToUint32(const std::string& code, bool include_day) {
101 // Keep digits only.
102 std::string filtered_code = DigitsOnly(code);
103
104 // Return 0 if the date string has an unexpected number of digits.
105 uint32_t return_value = 0;
106 if (filtered_code.size() == 8) {
107 return_value = std::stoi(filtered_code);
108 if (!include_day) {
109 return_value /= 100;
110 }
111 } else if (filtered_code.size() == 6) {
112 return_value = std::stoi(filtered_code);
113 if (include_day) {
114 return_value *= 100;
115 }
116 } else {
117 LOG(ERROR) << "Unexpected patchset format: \"" << code << "\"";
118 }
119 return return_value;
120 }
121
122 // Helper class to call a finalizer on stack unwind.
123 class Finalize {
124 private:
125 std::function<void()> f_;
126
127 public:
Finalize(std::function<void ()> f)128 Finalize(std::function<void()> f) : f_(f) {}
~Finalize()129 ~Finalize() { if (f_) f_(); }
release()130 void release() { f_ = {}; }
131 };
132
hidlVec2String(const hidl_vec<uint8_t> & value)133 inline std::string hidlVec2String(const hidl_vec<uint8_t>& value) {
134 return std::string(
135 reinterpret_cast<const std::string::value_type*>(
136 &value[0]), value.size());
137 }
138
139 } // namespace
140
141 // std
142 using std::string;
143
144 // base
145 using ::android::base::GetProperty;
146 using ::android::base::WaitForPropertyCreation;
147
148 // libhidl
149 using ::android::hardware::Void;
150
151 // HAL
152 using ::android::hardware::keymaster::V4_0::Algorithm;
153 using ::android::hardware::keymaster::V4_0::KeyCharacteristics;
154 using ::android::hardware::keymaster::V4_0::KeyFormat;
155 using ::android::hardware::keymaster::V4_0::HardwareAuthToken;
156 using ::android::hardware::keymaster::V4_0::HardwareAuthenticatorType;
157 using ::android::hardware::keymaster::V4_0::SecurityLevel;
158 using ::android::hardware::keymaster::V4_0::Tag;
159
160 // nos
161 using nos::NuggetClient;
162
163 // Keymaster app
164 // KM 3.0 types
165 using ::nugget::app::keymaster::AddRngEntropyRequest;
166 using ::nugget::app::keymaster::AddRngEntropyResponse;
167 using ::nugget::app::keymaster::GenerateKeyRequest;
168 using ::nugget::app::keymaster::GenerateKeyResponse;
169 using ::nugget::app::keymaster::GetKeyCharacteristicsRequest;
170 using ::nugget::app::keymaster::GetKeyCharacteristicsResponse;
171 using ::nugget::app::keymaster::ImportKeyRequest;
172 using ::nugget::app::keymaster::ImportKeyResponse;
173 using ::nugget::app::keymaster::ExportKeyRequest;
174 using ::nugget::app::keymaster::ExportKeyResponse;
175 using ::nugget::app::keymaster::StartAttestKeyRequest;
176 using ::nugget::app::keymaster::StartAttestKeyResponse;
177 using ::nugget::app::keymaster::ContinueAttestKeyRequest;
178 using ::nugget::app::keymaster::ContinueAttestKeyResponse;
179 using ::nugget::app::keymaster::FinishAttestKeyRequest;
180 using ::nugget::app::keymaster::FinishAttestKeyResponse;
181 using ::nugget::app::keymaster::UpgradeKeyRequest;
182 using ::nugget::app::keymaster::UpgradeKeyResponse;
183 using ::nugget::app::keymaster::DeleteKeyRequest;
184 using ::nugget::app::keymaster::DeleteKeyResponse;
185 using ::nugget::app::keymaster::DeleteAllKeysRequest;
186 using ::nugget::app::keymaster::DeleteAllKeysResponse;
187 using ::nugget::app::keymaster::DestroyAttestationIdsRequest;
188 using ::nugget::app::keymaster::DestroyAttestationIdsResponse;
189 using ::nugget::app::keymaster::BeginOperationRequest;
190 using ::nugget::app::keymaster::BeginOperationResponse;
191 using ::nugget::app::keymaster::UpdateOperationRequest;
192 using ::nugget::app::keymaster::UpdateOperationResponse;
193 using ::nugget::app::keymaster::FinishOperationRequest;
194 using ::nugget::app::keymaster::FinishOperationResponse;
195 using ::nugget::app::keymaster::AbortOperationRequest;
196 using ::nugget::app::keymaster::AbortOperationResponse;
197 using ::nugget::app::keymaster::ComputeSharedHmacRequest;
198 using ::nugget::app::keymaster::ComputeSharedHmacResponse;
199 using ::nugget::app::keymaster::GetHmacSharingParametersRequest;
200 using ::nugget::app::keymaster::GetHmacSharingParametersResponse;
201 using ::nugget::app::keymaster::SetSystemVersionInfoRequest;
202 using ::nugget::app::keymaster::SetSystemVersionInfoResponse;
203 using ::nugget::app::keymaster::GetBootInfoRequest;
204 using ::nugget::app::keymaster::GetBootInfoResponse;
205
206 // KM 4.0 types
207 using ::nugget::app::keymaster::ImportWrappedKeyRequest;
208 namespace nosapp = ::nugget::app::keymaster;
209
210 // KM internal types
211 using ::nugget::app::keymaster::AttestationSelector;
212
status_to_error_code(uint32_t status)213 static ErrorCode status_to_error_code(uint32_t status)
214 {
215 switch (status) {
216 case APP_SUCCESS:
217 return ErrorCode::OK;
218 break;
219 case APP_ERROR_BOGUS_ARGS:
220 return ErrorCode::INVALID_ARGUMENT;
221 break;
222 case APP_ERROR_INTERNAL:
223 return ErrorCode::UNKNOWN_ERROR;
224 break;
225 case APP_ERROR_TOO_MUCH:
226 return ErrorCode::INSUFFICIENT_BUFFER_SPACE;
227 break;
228 case APP_ERROR_RPC:
229 return ErrorCode::SECURE_HW_COMMUNICATION_FAILED;
230 break;
231 // TODO: app specific error codes go here.
232 default:
233 return ErrorCode::UNKNOWN_ERROR;
234 break;
235 }
236 }
237
ms_since_epoch(void)238 static uint64_t ms_since_epoch(void)
239 {
240 uint64_t seconds;
241 uint64_t milli_seconds;
242 struct timespec spec;
243
244 ::clock_gettime(CLOCK_REALTIME, &spec);
245
246 seconds = spec.tv_sec;
247 milli_seconds = spec.tv_nsec / (1000 * 1000);
248
249 return (seconds * 1000) + milli_seconds;
250 }
251
252 #define KM_CALL(meth, request, response) { \
253 const uint32_t status = _keymaster. meth (request, &response); \
254 const ErrorCode error_code = translate_error_code(response.error_code()); \
255 if (status != APP_SUCCESS) { \
256 LOG(ERROR) << #meth << " : request failed with status: " \
257 << nos::StatusCodeString(status); \
258 return status_to_error_code(status); \
259 } \
260 if (error_code != ErrorCode::OK) { \
261 LOG(ERROR) << #meth << " : device response error code: " \
262 << error_code; \
263 return error_code; \
264 } \
265 }
266
267 #define KM_CALLV(meth, request, response, ...) { \
268 const uint32_t status = _keymaster. meth (request, &response); \
269 const ErrorCode error_code = translate_error_code(response.error_code()); \
270 if (status != APP_SUCCESS) { \
271 LOG(ERROR) << #meth << " : request failed with status: " \
272 << nos::StatusCodeString(status); \
273 _hidl_cb(status_to_error_code(status), __VA_ARGS__); \
274 return Void(); \
275 } \
276 if (error_code != ErrorCode::OK) { \
277 LOG(ERROR) << #meth << " : device response error code: " \
278 << error_code; \
279 _hidl_cb(error_code, __VA_ARGS__); \
280 return Void(); \
281 } \
282 }
283
284 #define KM_CALLV_ABORT(meth, request, response, ...) { \
285 const uint32_t status = _keymaster. meth (request, &response); \
286 const ErrorCode error_code = translate_error_code(response.error_code()); \
287 if (status != APP_SUCCESS) { \
288 LOG(ERROR) << #meth << " : request failed with status: " \
289 << nos::StatusCodeString(status) << " aborting operation"; \
290 _hidl_cb(status_to_error_code(status), __VA_ARGS__); \
291 abort(request.handle().handle()); \
292 return Void(); \
293 } \
294 if (error_code != ErrorCode::OK) { \
295 LOG(ERROR) << #meth << " : device response error code: " \
296 << error_code; \
297 _hidl_cb(error_code, __VA_ARGS__); \
298 return Void(); \
299 } \
300 }
301
302 // Methods from ::android::hardware::keymaster::V3_0::IKeymasterDevice follow.
303
KeymasterDevice(KeymasterClient & keymaster)304 KeymasterDevice::KeymasterDevice(KeymasterClient& keymaster) :
305 _keymaster{keymaster} {
306 // Block until all of the properties have been created
307 while (!(WaitForPropertyCreation(PROPERTY_OS_VERSION) &&
308 WaitForPropertyCreation(PROPERTY_OS_PATCHLEVEL) &&
309 WaitForPropertyCreation(PROPERTY_VENDOR_PATCHLEVEL))) {}
310
311 _os_version = VersionToUint32(GetProperty(PROPERTY_OS_VERSION, ""));
312 _os_patchlevel = DateCodeToUint32(GetProperty(PROPERTY_OS_PATCHLEVEL, ""),
313 false /* include_day */);
314 _vendor_patchlevel = DateCodeToUint32(
315 GetProperty(PROPERTY_VENDOR_PATCHLEVEL, ""),
316 true /* include_day */);
317
318 SendSystemVersionInfo();
319 GetBootInfo();
320 }
321
getHardwareInfo(getHardwareInfo_cb _hidl_cb)322 Return<void> KeymasterDevice::getHardwareInfo(
323 getHardwareInfo_cb _hidl_cb)
324 {
325 LOG(VERBOSE) << "Running KeymasterDevice::getHardwareInfo";
326
327 (void)_keymaster;
328 _hidl_cb(SecurityLevel::STRONGBOX,
329 string("CitadelKeymaster"), string("Google"));
330
331 return Void();
332 }
333
getHmacSharingParameters(getHmacSharingParameters_cb _hidl_cb)334 Return<void> KeymasterDevice::getHmacSharingParameters(
335 getHmacSharingParameters_cb _hidl_cb)
336 {
337 LOG(VERBOSE) << "Running KeymasterDevice::getHmacSharingParameters";
338
339 GetHmacSharingParametersRequest request;
340 GetHmacSharingParametersResponse response;
341 HmacSharingParameters result;
342
343 KM_CALLV(GetHmacSharingParameters, request, response, result);
344
345 ErrorCode ec = translate_error_code(response.error_code());
346
347 if (ec != ErrorCode::OK) {
348 _hidl_cb(ec, HmacSharingParameters());
349 }
350
351 const std::string & nonce = response.hmac_sharing_params().nonce();
352 const std::string & seed = response.hmac_sharing_params().seed();
353
354 if (seed.size() == 32) {
355 result.seed.setToExternal(reinterpret_cast<uint8_t*>(
356 const_cast<char*>(seed.data())),
357 seed.size(), false);
358 } else if (seed.size() != 0) {
359 LOG(ERROR) << "Citadel returned unexpected seed size: "
360 << seed.size();
361 _hidl_cb(ErrorCode::UNKNOWN_ERROR, HmacSharingParameters());
362 return Void();
363 }
364
365 if (nonce.size() == result.nonce.size()) {
366 std::copy(nonce.begin(), nonce.end(), result.nonce.data());
367 } else {
368 LOG(ERROR) << "Citadel returned unexpected nonce size: "
369 << nonce.size();
370 _hidl_cb(ErrorCode::UNKNOWN_ERROR, HmacSharingParameters());
371 return Void();
372 }
373
374 _hidl_cb(ec, result);
375
376 return Void();
377 }
378
computeSharedHmac(const hidl_vec<HmacSharingParameters> & params,computeSharedHmac_cb _hidl_cb)379 Return<void> KeymasterDevice::computeSharedHmac(
380 const hidl_vec<HmacSharingParameters>& params,
381 computeSharedHmac_cb _hidl_cb)
382 {
383 LOG(VERBOSE) << "Running KeymasterDevice::computeSharedHmac";
384
385 ComputeSharedHmacRequest request;
386 ComputeSharedHmacResponse response;
387 hidl_vec<uint8_t> result;
388
389 for (const HmacSharingParameters & param : params) {
390 // TODO respect max number of parameters defined in
391 // keymaster_types.proto
392 nosapp::HmacSharingParameters* req_param =
393 request.add_hmac_sharing_params();
394 req_param->set_nonce(
395 reinterpret_cast<const int8_t*>(
396 param.nonce.data()), param.nonce.size());
397 req_param->set_seed(reinterpret_cast<const int8_t*>(param.seed.data()),
398 param.seed.size());
399 }
400
401 KM_CALLV(ComputeSharedHmac, request, response, result);
402
403 ErrorCode ec = translate_error_code(response.error_code());
404
405 if (ec != ErrorCode::OK) {
406 _hidl_cb(ec, result);
407 return Void();
408 }
409
410 const std::string & share_check = response.sharing_check();
411
412 result.setToExternal(reinterpret_cast<uint8_t*>(
413 const_cast<char*>(share_check.data())), share_check.size(), false);
414 _hidl_cb(ec, result);
415
416 return Void();
417 }
418
verifyAuthorization(uint64_t operationHandle,const hidl_vec<KeyParameter> & parametersToVerify,const HardwareAuthToken & authToken,verifyAuthorization_cb _hidl_cb)419 Return<void> KeymasterDevice::verifyAuthorization(
420 uint64_t operationHandle, const hidl_vec<KeyParameter>& parametersToVerify,
421 const HardwareAuthToken& authToken, verifyAuthorization_cb _hidl_cb)
422 {
423 LOG(VERBOSE) << "Running KeymasterDevice::verifyAuthorization";
424
425 (void)operationHandle;
426 (void)parametersToVerify;
427 (void)authToken;
428
429 (void)_keymaster;
430 _hidl_cb(ErrorCode::UNIMPLEMENTED, VerificationToken());
431
432 return Void();
433 }
434
addRngEntropy(const hidl_vec<uint8_t> & data)435 Return<ErrorCode> KeymasterDevice::addRngEntropy(const hidl_vec<uint8_t>& data)
436 {
437 LOG(VERBOSE) << "Running KeymasterDevice::addRngEntropy";
438
439 if (!data.size()) return ErrorCode::OK;
440
441 const size_t chunk_size = 1024;
442 for (size_t i = 0; i < data.size(); i += chunk_size) {
443 AddRngEntropyRequest request;
444 AddRngEntropyResponse response;
445
446 request.set_data(&data[i], std::min(chunk_size, data.size() - i));
447
448 // Call device.
449 KM_CALL(AddRngEntropy, request, response);
450 }
451
452 return ErrorCode::OK;
453 }
454
generateKey(const hidl_vec<KeyParameter> & keyParams,generateKey_cb _hidl_cb)455 Return<void> KeymasterDevice::generateKey(
456 const hidl_vec<KeyParameter>& keyParams,
457 generateKey_cb _hidl_cb)
458 {
459 LOG(VERBOSE) << "Running KeymasterDevice::generateKey";
460
461 GenerateKeyRequest request;
462 GenerateKeyResponse response;
463
464 hidl_vec<uint8_t> blob;
465 KeyCharacteristics characteristics;
466 if (hidl_params_to_pb(
467 keyParams, request.mutable_params()) != ErrorCode::OK) {
468 _hidl_cb(ErrorCode::INVALID_ARGUMENT, blob, characteristics);
469 return Void();
470 }
471 request.set_creation_time_ms(ms_since_epoch());
472
473 // Call device.
474 KM_CALLV(GenerateKey, request, response,
475 hidl_vec<uint8_t>{}, KeyCharacteristics());
476
477 blob.setToExternal(
478 reinterpret_cast<uint8_t*>(
479 const_cast<char*>(response.blob().blob().data())),
480 response.blob().blob().size(), false);
481 pb_to_hidl_params(response.characteristics().software_enforced(),
482 &characteristics.softwareEnforced);
483 pb_to_hidl_params(response.characteristics().tee_enforced(),
484 &characteristics.hardwareEnforced);
485
486 _hidl_cb(translate_error_code(response.error_code()),
487 blob, characteristics);
488 return Void();
489 }
490
getKeyCharacteristics(const hidl_vec<uint8_t> & keyBlob,const hidl_vec<uint8_t> & clientId,const hidl_vec<uint8_t> & appData,getKeyCharacteristics_cb _hidl_cb)491 Return<void> KeymasterDevice::getKeyCharacteristics(
492 const hidl_vec<uint8_t>& keyBlob,
493 const hidl_vec<uint8_t>& clientId,
494 const hidl_vec<uint8_t>& appData,
495 getKeyCharacteristics_cb _hidl_cb)
496 {
497 LOG(VERBOSE) << "Running KeymasterDevice::getKeyCharacteristics";
498
499 GetKeyCharacteristicsRequest request;
500 GetKeyCharacteristicsResponse response;
501
502 request.mutable_blob()->set_blob(&keyBlob[0], keyBlob.size());
503 request.set_client_id(&clientId[0], clientId.size());
504 request.set_app_data(&appData[0], appData.size());
505
506 // Call device.
507 KM_CALLV(GetKeyCharacteristics, request, response, KeyCharacteristics());
508
509 KeyCharacteristics characteristics;
510 pb_to_hidl_params(response.characteristics().software_enforced(),
511 &characteristics.softwareEnforced);
512 pb_to_hidl_params(response.characteristics().tee_enforced(),
513 &characteristics.hardwareEnforced);
514
515 _hidl_cb(translate_error_code(response.error_code()), characteristics);
516 return Void();
517 }
518
importKey(const hidl_vec<KeyParameter> & params,KeyFormat keyFormat,const hidl_vec<uint8_t> & keyData,importKey_cb _hidl_cb)519 Return<void> KeymasterDevice::importKey(
520 const hidl_vec<KeyParameter>& params, KeyFormat keyFormat,
521 const hidl_vec<uint8_t>& keyData, importKey_cb _hidl_cb)
522 {
523 LOG(VERBOSE) << "Running KeymasterDevice::importKey";
524
525 ErrorCode error;
526 ImportKeyRequest request;
527 ImportKeyResponse response;
528
529 error = import_key_request(params, keyFormat, keyData, &request);
530 if (error != ErrorCode::OK) {
531 LOG(ERROR) << "ImportKey request parsing failed with error "
532 << error;
533 _hidl_cb(error, hidl_vec<uint8_t>{}, KeyCharacteristics{});
534 return Void();
535 }
536 request.set_creation_time_ms(ms_since_epoch());
537
538 KM_CALLV(ImportKey, request, response,
539 hidl_vec<uint8_t>{}, KeyCharacteristics{});
540
541 hidl_vec<uint8_t> blob;
542 blob.setToExternal(
543 reinterpret_cast<uint8_t*>(
544 const_cast<char*>(response.blob().blob().data())),
545 response.blob().blob().size(), false);
546
547 KeyCharacteristics characteristics;
548 pb_to_hidl_params(response.characteristics().software_enforced(),
549 &characteristics.softwareEnforced);
550 error = pb_to_hidl_params(response.characteristics().tee_enforced(),
551 &characteristics.hardwareEnforced);
552 if (error != ErrorCode::OK) {
553 LOG(ERROR) << "KeymasterDevice::importKey: response tee_enforced :"
554 << error;
555 _hidl_cb(error, hidl_vec<uint8_t>{}, KeyCharacteristics{});
556 return Void();
557 }
558
559 _hidl_cb(ErrorCode::OK, blob, characteristics);
560 return Void();
561 }
562
exportKey(KeyFormat exportFormat,const hidl_vec<uint8_t> & keyBlob,const hidl_vec<uint8_t> & clientId,const hidl_vec<uint8_t> & appData,exportKey_cb _hidl_cb)563 Return<void> KeymasterDevice::exportKey(
564 KeyFormat exportFormat, const hidl_vec<uint8_t>& keyBlob,
565 const hidl_vec<uint8_t>& clientId,
566 const hidl_vec<uint8_t>& appData, exportKey_cb _hidl_cb)
567 {
568 LOG(VERBOSE) << "Running KeymasterDevice::exportKey";
569
570 ExportKeyRequest request;
571 ExportKeyResponse response;
572
573 request.set_format((::nugget::app::keymaster::KeyFormat)exportFormat);
574 request.mutable_blob()->set_blob(&keyBlob[0], keyBlob.size());
575 request.set_client_id(&clientId[0], clientId.size());
576 request.set_app_data(&appData[0], appData.size());
577
578 KM_CALLV(ExportKey, request, response, hidl_vec<uint8_t>{});
579
580 hidl_vec<uint8_t> der;
581 ErrorCode error_code = export_key_der(response, &der);
582 if (error_code != ErrorCode::OK) {
583 LOG(ERROR) << "KeymasterDevice::exportKey: DER conversion failed: "
584 << error_code;
585 _hidl_cb(error_code, hidl_vec<uint8_t>{});
586 return Void();
587 }
588
589 _hidl_cb(error_code, der);
590 return Void();
591 }
592
593 #define ATTESTATION_APPLICATION_ID_MAX_SIZE 1024
594 #define UTCTIME_STR_WITH_NUL_SIZE 14
integer_size(uint64_t value)595 static size_t integer_size(uint64_t value)
596 {
597 size_t octet_count = 1;
598 for (value >>= 8; value; value >>= 8) {
599 octet_count++;
600 }
601 return octet_count;
602 }
encoded_length_size(size_t length)603 static size_t encoded_length_size(size_t length)
604 {
605 if (length < 0x80) {
606 return 1;
607 }
608 return integer_size(length) + 1;
609 }
610
asn1_encode_length(size_t length,const uint8_t * head,uint8_t * tail)611 static uint8_t *asn1_encode_length(size_t length, const uint8_t *head, uint8_t *tail)
612 {
613 if (!tail || tail < head + encoded_length_size(length)) {
614 return NULL;
615 }
616
617 if (length < 0x80) {
618 // Short length case
619 *(--tail) = length;
620 } else {
621 // Encode length
622 uint8_t length_len;
623 uint8_t *orig_tail = tail;
624 do {
625 *(--tail) = length & 0xFF;
626 length >>= 8;
627 } while (length);
628
629 // Encode length of length. Assumes length < pow(128, 127).
630 // Should be good.
631 length_len = (orig_tail - tail);
632 *(--tail) = 0x80 | length_len;
633 }
634 return tail;
635 }
636
attestKey(const hidl_vec<uint8_t> & keyToAttest,const hidl_vec<KeyParameter> & attestParams,attestKey_cb _hidl_cb)637 Return<void> KeymasterDevice::attestKey(
638 const hidl_vec<uint8_t>& keyToAttest,
639 const hidl_vec<KeyParameter>& attestParams,
640 attestKey_cb _hidl_cb)
641 {
642 LOG(VERBOSE) << "Running KeymasterDevice::attestKey";
643
644 StartAttestKeyRequest startRequest;
645 StartAttestKeyResponse startResponse;
646
647 // Ensure that required parameters are present.
648 tag_map_t attest_tag_map;
649 if (hidl_params_to_map(attestParams, &attest_tag_map) != ErrorCode::OK) {
650 _hidl_cb(ErrorCode::INVALID_ARGUMENT, hidl_vec<hidl_vec<uint8_t> >{});
651 return Void();
652 }
653 if (attest_tag_map.find(Tag::ATTESTATION_APPLICATION_ID) ==
654 attest_tag_map.end()) {
655 _hidl_cb(ErrorCode::ATTESTATION_APPLICATION_ID_MISSING,
656 hidl_vec<hidl_vec<uint8_t> >{});
657 return Void();
658 }
659
660 hidl_vec<uint8_t> client_id;
661 if (attest_tag_map.find(Tag::APPLICATION_ID) != attest_tag_map.end()) {
662 client_id = attest_tag_map.find(Tag::APPLICATION_ID)->second[0].blob;
663 }
664 hidl_vec<uint8_t> app_data;
665 if (attest_tag_map.find(Tag::APPLICATION_DATA) != attest_tag_map.end()) {
666 app_data = attest_tag_map.find(
667 Tag::APPLICATION_DATA)->second[0].blob;
668 }
669
670 GetKeyCharacteristicsRequest charRequest;
671 GetKeyCharacteristicsResponse charResponse;
672
673 charRequest.mutable_blob()->set_blob(&keyToAttest[0], keyToAttest.size());
674 charRequest.set_client_id(&client_id[0], client_id.size());
675 charRequest.set_app_data(&app_data[0], app_data.size());
676
677 // Call device.
678 KM_CALLV(GetKeyCharacteristics, charRequest,
679 charResponse, hidl_vec<hidl_vec<uint8_t> >{});
680
681 KeyCharacteristics characteristics;
682 pb_to_hidl_params(charResponse.characteristics().software_enforced(),
683 &characteristics.softwareEnforced);
684 pb_to_hidl_params(charResponse.characteristics().tee_enforced(),
685 &characteristics.hardwareEnforced);
686
687 tag_map_t char_tag_map;
688 if (hidl_params_to_map(characteristics.softwareEnforced,
689 &attest_tag_map) != ErrorCode::OK) {
690 _hidl_cb(ErrorCode::INVALID_ARGUMENT, hidl_vec<hidl_vec<uint8_t> >{});
691 return Void();
692 }
693
694 time_t not_before = 0;
695 if (char_tag_map.find(Tag::ACTIVE_DATETIME) != char_tag_map.end()) {
696 not_before = char_tag_map.find(
697 Tag::ACTIVE_DATETIME)->second[0].f.dateTime;
698 } else if (char_tag_map.find(Tag::CREATION_DATETIME) !=
699 char_tag_map.end()) {
700 not_before = char_tag_map.find(
701 Tag::CREATION_DATETIME)->second[0].f.dateTime;
702 }
703 // TODO: else: both ACTIVE and CREATION datetime are absent, is
704 // this an error?
705 time_t not_after = 0;
706 if (char_tag_map.find(Tag::USAGE_EXPIRE_DATETIME) != char_tag_map.end()) {
707 not_after = char_tag_map.find(
708 Tag::USAGE_EXPIRE_DATETIME)->second[0].f.dateTime;
709 } else {
710 not_after = 1842739199; // Batch cert expiry date: 2028-05-23:23:59:59.
711 }
712
713 char not_before_str[UTCTIME_STR_WITH_NUL_SIZE] = {};
714 char not_after_str[UTCTIME_STR_WITH_NUL_SIZE] = {};
715 if (::strftime(not_before_str, sizeof(not_before_str),
716 "%y%m%d%H%M%SZ", gmtime(¬_before)) == 0 ||
717 ::strftime(not_after_str, sizeof(not_after_str),
718 "%y%m%d%H%M%SZ", gmtime(¬_after)) == 0) {
719 _hidl_cb(ErrorCode::UNKNOWN_ERROR, hidl_vec<hidl_vec<uint8_t> >{});
720 }
721
722 startRequest.mutable_blob()->set_blob(&keyToAttest[0], keyToAttest.size());
723 if (hidl_params_to_pb(
724 attestParams, startRequest.mutable_params()) != ErrorCode::OK) {
725 _hidl_cb(ErrorCode::INVALID_ARGUMENT, hidl_vec<hidl_vec<uint8_t> >{});
726 return Void();
727 }
728
729 // Developer configs (i.e. nodelocked-RO), and PROTO devices will
730 // fall back to TEST certs here, since BATCH certs will be
731 // unavailable. The selected certificate may be determined via
732 // info included in the response to FinishAttestKeyRequest().
733 startRequest.set_selector(AttestationSelector::ATTEST_BATCH);
734
735 startRequest.set_not_before(not_before_str,
736 sizeof(not_before_str) - 1);
737 startRequest.set_not_after(not_after_str,
738 sizeof(not_after_str) - 1);
739
740 // TODO: as an optimization, avoid sending the
741 // ATTESTATION_APPLICATION_ID to Start, since only the length of
742 // this field is needed at this stage.
743 // NOTE: citadel adds the AAID to the hash in the prologue for now. So if this
744 // is ever changes the HASH_update call needs to move in the citadel firmware.
745
746 KM_CALLV(StartAttestKey, startRequest, startResponse,
747 hidl_vec<hidl_vec<uint8_t> >{});
748
749 uint64_t operationHandle = startResponse.handle().handle();
750 ContinueAttestKeyRequest continueRequest;
751 ContinueAttestKeyResponse continueResponse;
752 // Prepare to abort the pending operation in event of an error.
753 Finalize finalize([&] () { abort(operationHandle); });
754
755 continueRequest.mutable_handle()->set_handle(operationHandle);
756 if (hidl_params_to_pb(
757 attestParams, continueRequest.mutable_params()) != ErrorCode::OK) {
758 LOG(ERROR) << "Failed to parse attest params";
759 _hidl_cb(ErrorCode::INVALID_ARGUMENT, hidl_vec<hidl_vec<uint8_t> >{});
760 return Void();
761 }
762
763 KM_CALLV(ContinueAttestKey, continueRequest, continueResponse,
764 hidl_vec<hidl_vec<uint8_t> >{});
765
766 FinishAttestKeyRequest finishRequest;
767 FinishAttestKeyResponse finishResponse;
768
769 finishRequest.mutable_handle()->set_handle(operationHandle);
770
771 KM_CALLV(FinishAttestKey, finishRequest, finishResponse,
772 hidl_vec<hidl_vec<uint8_t> >{});
773
774 hidl_vec<uint8_t>& attestation_application_id =
775 attest_tag_map[Tag::ATTESTATION_APPLICATION_ID].begin()->blob;
776 size_t cert_len = startResponse.certificate_prologue().size()
777 + attestation_application_id.size()
778 + continueResponse.certificate_body().size()
779 + finishResponse.certificate_epilogue().size();
780
781 std::stringstream ss;
782 {
783 char c = 0x30;
784 ss.write(&c, 1); // DER_SEQUENCE | DER_CONSTRUCTED
785
786 uint8_t buffer[10];
787 auto * cert_header = asn1_encode_length(cert_len, buffer, buffer + sizeof(buffer));
788
789 if (cert_header == nullptr) {
790 LOG(ERROR) << "Failed to generate attestation certificate sequence header";
791 _hidl_cb(ErrorCode::UNKNOWN_ERROR, hidl_vec<hidl_vec<uint8_t> >{});
792 return Void();
793 }
794 ss.write(reinterpret_cast<char*>(cert_header), buffer + sizeof(buffer) - cert_header);
795 }
796
797 ss << startResponse.certificate_prologue();
798 ss.write(reinterpret_cast<const std::stringstream::char_type*>(
799 attestation_application_id.data()), attestation_application_id.size());
800 ss << continueResponse.certificate_body();
801 ss << finishResponse.certificate_epilogue();
802
803 if (!ss) {
804 LOG(ERROR) << "Failed to generate attestation certificate";
805 _hidl_cb(ErrorCode::UNKNOWN_ERROR, hidl_vec<hidl_vec<uint8_t> >{});
806 return Void();
807 }
808
809 vector<hidl_vec<uint8_t> > chain;
810 string attestation_str = ss.str();
811 {
812 hidl_vec<uint8_t> attestation_certificate;
813 attestation_certificate.setToExternal(
814 reinterpret_cast<uint8_t*>(
815 const_cast<char*>(attestation_str.data())),
816 attestation_str.size(), false);
817
818 chain.push_back(std::move(attestation_certificate));
819
820 hidl_vec<uint8_t> batch_cert;
821 hidl_vec<uint8_t> intermediate_cert;
822 hidl_vec<uint8_t> root;
823
824 for (const KeyParameter ¶m : characteristics.hardwareEnforced) {
825 if (param.tag != Tag::ALGORITHM) {
826 continue;
827 }
828
829 // Node-locked RO implies that factory provisioned certs
830 // (if any), are inaccessible, so fallback to the TEST
831 // certs. Similarly, PROTO chips were not provisioned
832 // with certs, and hence will fallback to TEST certs.
833 if (finishResponse.nodelocked_ro() ||
834 finishResponse.chip_fusing() == nosapp::FUSING_PROTO) {
835 if (param.f.algorithm == Algorithm::RSA) {
836 batch_cert.setToExternal(
837 const_cast<uint8_t*>(
838 TEST_BATCH_RSA_CERT),
839 sizeof(TEST_BATCH_RSA_CERT));
840 intermediate_cert.setToExternal(
841 const_cast<uint8_t*>(
842 TEST_BATCH_RSA_INT_CERT),
843 sizeof(TEST_BATCH_RSA_INT_CERT));
844 root.setToExternal(
845 const_cast<uint8_t*>(
846 TEST_BATCH_ROOT_CERT),
847 sizeof(TEST_BATCH_ROOT_CERT));
848 } else {
849 batch_cert.setToExternal(
850 const_cast<uint8_t*>(
851 TEST_BATCH_EC_CERT),
852 sizeof(TEST_BATCH_EC_CERT));
853 intermediate_cert.setToExternal(
854 const_cast<uint8_t*>(
855 TEST_BATCH_EC_INT_CERT),
856 sizeof(TEST_BATCH_EC_INT_CERT));
857 root.setToExternal(
858 const_cast<uint8_t*>(
859 TEST_BATCH_ROOT_CERT),
860 sizeof(TEST_BATCH_ROOT_CERT));
861 }
862 } else if (finishResponse.chip_fusing() == nosapp::FUSING_DVT) {
863 if (param.f.algorithm == Algorithm::RSA) {
864 batch_cert.setToExternal(
865 const_cast<uint8_t*>(DEV_BATCH_RSA_CERT),
866 sizeof(DEV_BATCH_RSA_CERT));
867 intermediate_cert.setToExternal(
868 const_cast<uint8_t*>(DEV_BATCH_RSA_INT_CERT),
869 sizeof(DEV_BATCH_RSA_INT_CERT));
870 } else {
871 batch_cert.setToExternal(
872 const_cast<uint8_t*>(DEV_BATCH_EC_CERT),
873 sizeof(DEV_BATCH_EC_CERT));
874 intermediate_cert.setToExternal(
875 const_cast<uint8_t*>(DEV_BATCH_EC_INT_CERT),
876 sizeof(DEV_BATCH_EC_INT_CERT));
877 }
878 root.setToExternal(
879 const_cast<uint8_t*>(DEV_BATCH_ROOT_CERT),
880 sizeof(DEV_BATCH_ROOT_CERT));
881 } else { // PVT!
882 if (param.f.algorithm == Algorithm::RSA) {
883 batch_cert.setToExternal(
884 const_cast<uint8_t*>(PROD_BATCH_RSA_CERT),
885 sizeof(PROD_BATCH_RSA_CERT));
886 intermediate_cert.setToExternal(
887 const_cast<uint8_t*>(PROD_BATCH_RSA_INT_CERT),
888 sizeof(PROD_BATCH_RSA_INT_CERT));
889 } else {
890 batch_cert.setToExternal(
891 const_cast<uint8_t*>(PROD_BATCH_EC_CERT),
892 sizeof(PROD_BATCH_EC_CERT));
893 intermediate_cert.setToExternal(
894 const_cast<uint8_t*>(PROD_BATCH_EC_INT_CERT),
895 sizeof(PROD_BATCH_EC_INT_CERT));
896 }
897 root.setToExternal(
898 const_cast<uint8_t*>(PROD_BATCH_ROOT_CERT),
899 sizeof(PROD_BATCH_ROOT_CERT));
900 }
901 break; // we found the ALGORITM tag so we can break the loop
902 }
903
904 chain.push_back(std::move(batch_cert));
905 chain.push_back(std::move(intermediate_cert));
906 chain.push_back(std::move(root));
907 }
908
909 _hidl_cb(ErrorCode::OK, chain);
910 finalize.release();
911 return Void();
912 }
913
upgradeKey(const hidl_vec<uint8_t> & keyBlobToUpgrade,const hidl_vec<KeyParameter> & upgradeParams,upgradeKey_cb _hidl_cb)914 Return<void> KeymasterDevice::upgradeKey(
915 const hidl_vec<uint8_t>& keyBlobToUpgrade,
916 const hidl_vec<KeyParameter>& upgradeParams,
917 upgradeKey_cb _hidl_cb)
918 {
919 LOG(VERBOSE) << "Running KeymasterDevice::upgradeKey";
920
921 UpgradeKeyRequest request;
922 UpgradeKeyResponse response;
923
924 request.mutable_blob()->set_blob(&keyBlobToUpgrade[0],
925 keyBlobToUpgrade.size());
926
927 hidl_vec<uint8_t> blob;
928 if (hidl_params_to_pb(
929 upgradeParams, request.mutable_params()) != ErrorCode::OK) {
930 _hidl_cb(ErrorCode::INVALID_ARGUMENT, blob);
931 return Void();
932 }
933
934 KM_CALLV(UpgradeKey, request, response, hidl_vec<uint8_t>{});
935
936 blob.setToExternal(
937 reinterpret_cast<uint8_t*>(
938 const_cast<char*>(response.blob().blob().data())),
939 response.blob().blob().size(), false);
940
941 _hidl_cb(translate_error_code(response.error_code()), blob);
942 return Void();
943 }
944
deleteKey(const hidl_vec<uint8_t> & keyBlob)945 Return<ErrorCode> KeymasterDevice::deleteKey(const hidl_vec<uint8_t>& keyBlob)
946 {
947 LOG(VERBOSE) << "Running KeymasterDevice::deleteKey";
948
949 DeleteKeyRequest request;
950 DeleteKeyResponse response;
951
952 request.mutable_blob()->set_blob(&keyBlob[0], keyBlob.size());
953
954 KM_CALL(DeleteKey, request, response);
955
956 return translate_error_code(response.error_code());
957 }
958
deleteAllKeys()959 Return<ErrorCode> KeymasterDevice::deleteAllKeys()
960 {
961 LOG(VERBOSE) << "Running KeymasterDevice::deleteAllKeys";
962
963 DeleteAllKeysRequest request;
964 DeleteAllKeysResponse response;
965
966 KM_CALL(DeleteAllKeys, request, response);
967
968 return translate_error_code(response.error_code());
969 }
970
destroyAttestationIds()971 Return<ErrorCode> KeymasterDevice::destroyAttestationIds()
972 {
973 LOG(VERBOSE) << "Running KeymasterDevice::destroyAttestationIds";
974
975 DestroyAttestationIdsRequest request;
976 DestroyAttestationIdsResponse response;
977
978 KM_CALL(DestroyAttestationIds, request, response);
979
980 return translate_error_code(response.error_code());
981 }
982
begin(KeyPurpose purpose,const hidl_vec<uint8_t> & key,const hidl_vec<KeyParameter> & inParams,const HardwareAuthToken & authToken,begin_cb _hidl_cb)983 Return<void> KeymasterDevice::begin(
984 KeyPurpose purpose, const hidl_vec<uint8_t>& key,
985 const hidl_vec<KeyParameter>& inParams,
986 const HardwareAuthToken& authToken,
987 begin_cb _hidl_cb)
988 {
989 LOG(VERBOSE) << "Running KeymasterDevice::begin";
990
991 BeginOperationRequest request;
992 BeginOperationResponse response;
993
994 request.set_purpose((::nugget::app::keymaster::KeyPurpose)purpose);
995 request.mutable_blob()->set_blob(&key[0], key.size());
996
997 hidl_vec<KeyParameter> params;
998 if (translate_auth_token(
999 authToken, request.mutable_auth_token()) != ErrorCode::OK) {
1000 _hidl_cb(ErrorCode::INVALID_ARGUMENT, params,
1001 response.handle().handle());
1002 return Void();
1003 }
1004 if (hidl_params_to_pb(
1005 inParams, request.mutable_params()) != ErrorCode::OK) {
1006 _hidl_cb(ErrorCode::INVALID_ARGUMENT, params,
1007 response.handle().handle());
1008 return Void();
1009 }
1010 tag_map_t tag_map;
1011 if (hidl_params_to_map(inParams, &tag_map) != ErrorCode::OK) {
1012 _hidl_cb(ErrorCode::INVALID_ARGUMENT, params,
1013 response.handle().handle());
1014 return Void();
1015 }
1016
1017 KM_CALLV(BeginOperation, request, response, hidl_vec<KeyParameter>{}, 0);
1018
1019 // Setup HAL buffering for this operation's data.
1020 Algorithm algorithm;
1021 if (translate_algorithm(response.algorithm(), &algorithm) !=
1022 ErrorCode::OK) {
1023 if (this->abort(response.handle().handle()) != ErrorCode::OK) {
1024 LOG(ERROR) << "abort( " << response.handle().handle()
1025 << ") failed";
1026 }
1027 _hidl_cb(ErrorCode::INVALID_ARGUMENT, params,
1028 response.handle().handle());
1029 return Void();
1030 }
1031 ErrorCode error_code = buffer_begin(response.handle().handle(), algorithm);
1032 if (error_code != ErrorCode::OK) {
1033 if (this->abort(response.handle().handle()) != ErrorCode::OK) {
1034 LOG(ERROR) << "abort( " << response.handle().handle()
1035 << ") failed";
1036 }
1037 _hidl_cb(ErrorCode::UNKNOWN_ERROR, params,
1038 response.handle().handle());
1039 return Void();
1040 }
1041
1042 pb_to_hidl_params(response.params(), ¶ms);
1043
1044 _hidl_cb(translate_error_code(response.error_code()), params,
1045 response.handle().handle());
1046 return Void();
1047 }
1048
update(uint64_t operationHandle,const hidl_vec<KeyParameter> & inParams,const hidl_vec<uint8_t> & input,const HardwareAuthToken & authToken,const VerificationToken & verificationToken,update_cb _hidl_cb)1049 Return<void> KeymasterDevice::update(
1050 uint64_t operationHandle,
1051 const hidl_vec<KeyParameter>& inParams,
1052 const hidl_vec<uint8_t>& input,
1053 const HardwareAuthToken& authToken,
1054 const VerificationToken& verificationToken,
1055 update_cb _hidl_cb)
1056 {
1057 LOG(VERBOSE) << "Running KeymasterDevice::update";
1058
1059 UpdateOperationRequest request;
1060 UpdateOperationResponse response;
1061
1062 uint32_t consumed;
1063 hidl_vec<uint8_t> output;
1064 hidl_vec<KeyParameter> params;
1065 ErrorCode error_code;
1066 error_code = buffer_append(operationHandle, input, &consumed);
1067 if (error_code != ErrorCode::OK) {
1068 _hidl_cb(error_code, 0, params, output);
1069 return Void();
1070 }
1071
1072 hidl_vec<uint8_t> blocks;
1073 error_code = buffer_peek(operationHandle, &blocks);
1074 if (error_code != ErrorCode::OK) {
1075 _hidl_cb(error_code, 0, params, output);
1076 return Void();
1077 }
1078
1079 // blocks.size() may be zero, but do a round-trip none-the-less
1080 // since this may be GCM, there may be AAD data in params.
1081 // TODO: as an optimization, do some inspection apriori.
1082
1083 request.mutable_handle()->set_handle(operationHandle);
1084
1085 if (hidl_params_to_pb(
1086 inParams, request.mutable_params()) != ErrorCode::OK) {
1087 _hidl_cb(ErrorCode::INVALID_ARGUMENT, 0, params, output);
1088 return Void();
1089 }
1090
1091 request.set_input(&blocks[0], blocks.size());
1092 if (translate_auth_token(
1093 authToken, request.mutable_auth_token()) != ErrorCode::OK) {
1094 _hidl_cb(ErrorCode::INVALID_ARGUMENT, 0, params, output);
1095 return Void();
1096 }
1097 translate_verification_token(verificationToken,
1098 request.mutable_verification_token());
1099
1100 KM_CALLV_ABORT(UpdateOperation, request, response,
1101 0, hidl_vec<KeyParameter>{}, hidl_vec<uint8_t>{});
1102
1103 if (buffer_advance(operationHandle, response.consumed()) != ErrorCode::OK) {
1104 _hidl_cb(ErrorCode::UNKNOWN_ERROR, 0, params, output);
1105 return Void();
1106 }
1107
1108 pb_to_hidl_params(response.params(), ¶ms);
1109 output.setToExternal(
1110 reinterpret_cast<uint8_t*>(const_cast<char*>(response.output().data())),
1111 response.output().size(), false);
1112
1113 // Special case ECDSA sign + Digest::NONE, which discards all but
1114 // the left-most len(SHA256) bytes.
1115 Algorithm algorithm;
1116 buffer_algorithm(operationHandle, &algorithm);
1117 if (algorithm == Algorithm::EC) {
1118 if (response.consumed() == 0 && // Implies Digest::NONE.
1119 buffer_remaining(operationHandle) >= SHA256_DIGEST_LENGTH) {
1120 consumed = input.size(); // Discard remaining input.
1121 }
1122 }
1123 _hidl_cb(ErrorCode::OK, consumed, params, output);
1124 return Void();
1125 }
1126
finish(uint64_t operationHandle,const hidl_vec<KeyParameter> & inParams,const hidl_vec<uint8_t> & input,const hidl_vec<uint8_t> & signature,const HardwareAuthToken & authToken,const VerificationToken & verificationToken,finish_cb _hidl_cb)1127 Return<void> KeymasterDevice::finish(
1128 uint64_t operationHandle,
1129 const hidl_vec<KeyParameter>& inParams,
1130 const hidl_vec<uint8_t>& input,
1131 const hidl_vec<uint8_t>& signature,
1132 const HardwareAuthToken& authToken,
1133 const VerificationToken& verificationToken,
1134 finish_cb _hidl_cb)
1135 {
1136 LOG(VERBOSE) << "Running KeymasterDevice::finish";
1137
1138 FinishOperationRequest request;
1139 FinishOperationResponse response;
1140
1141 ErrorCode error_code;
1142 hidl_vec<uint8_t> output;
1143
1144 // Consume any input data via update calls.
1145 size_t consumed = 0;
1146 hidl_vec<KeyParameter> input_params = inParams;
1147 string update_output_str;
1148 while (consumed < input.size()) {
1149 hidl_vec<KeyParameter> out_params;
1150 update_cb _update_hidl_cb =
1151 [&] (
1152 ErrorCode error, uint32_t input_consumed,
1153 const hidl_vec<KeyParameter>& params,
1154 const hidl_vec<uint8_t>& update_output) {
1155 error_code = error;
1156 if (error == ErrorCode::OK) {
1157 consumed += input_consumed;
1158 input_params = params; // Update the params.
1159 update_output_str += hidlVec2String(update_output);
1160 }
1161 };
1162
1163 hidl_vec<uint8_t> input_data;
1164 input_data.setToExternal(const_cast<uint8_t*>(&input.data()[consumed]),
1165 input.size() - consumed);
1166 update(operationHandle, input_params, input_data, authToken,
1167 verificationToken, _update_hidl_cb);
1168 if (error_code != ErrorCode::OK) {
1169 _hidl_cb(error_code,
1170 hidl_vec<KeyParameter>{}, hidl_vec<uint8_t>{});
1171 return Void();
1172 }
1173 }
1174
1175 hidl_vec<uint8_t> data;
1176 error_code = buffer_final(operationHandle, &data);
1177 if (error_code != ErrorCode::OK) {
1178 _hidl_cb(error_code,
1179 hidl_vec<KeyParameter>{}, hidl_vec<uint8_t>{});
1180 return Void();
1181 }
1182
1183 request.mutable_handle()->set_handle(operationHandle);
1184
1185 hidl_vec<KeyParameter> params;
1186 if (hidl_params_to_pb(
1187 input_params, request.mutable_params()) != ErrorCode::OK) {
1188 _hidl_cb(ErrorCode::INVALID_ARGUMENT, params, output);
1189 return Void();
1190 }
1191
1192 request.set_input(&data[0], data.size());
1193 request.set_signature(&signature[0], signature.size());
1194
1195 if (translate_auth_token(
1196 authToken, request.mutable_auth_token()) != ErrorCode::OK) {
1197 _hidl_cb(ErrorCode::INVALID_ARGUMENT, params, output);
1198 return Void();
1199 }
1200 translate_verification_token(verificationToken,
1201 request.mutable_verification_token());
1202
1203 KM_CALLV_ABORT(FinishOperation, request, response,
1204 hidl_vec<KeyParameter>{}, hidl_vec<uint8_t>{});
1205
1206 pb_to_hidl_params(response.params(), ¶ms);
1207 // Concatenate accumulated output from Update().
1208 update_output_str += string(
1209 response.output().data(), response.output().size());
1210 output.setToExternal(
1211 reinterpret_cast<uint8_t*>(const_cast<char*>(
1212 update_output_str.data())),
1213 update_output_str.size(), false);
1214
1215 _hidl_cb(ErrorCode::OK, params, output);
1216 return Void();
1217 }
1218
abort(uint64_t operationHandle)1219 Return<ErrorCode> KeymasterDevice::abort(uint64_t operationHandle)
1220 {
1221 LOG(VERBOSE) << "Running KeymasterDevice::abort";
1222
1223 AbortOperationRequest request;
1224 AbortOperationResponse response;
1225
1226 request.mutable_handle()->set_handle(operationHandle);
1227
1228 KM_CALL(AbortOperation, request, response);
1229
1230 return ErrorCode::OK;
1231 }
1232
1233 // Methods from ::android::hardware::keymaster::V4_0::IKeymasterDevice follow.
importWrappedKey(const hidl_vec<uint8_t> & wrappedKeyData,const hidl_vec<uint8_t> & wrappingKeyBlob,const hidl_vec<uint8_t> & maskingKey,const hidl_vec<KeyParameter> &,uint64_t,uint64_t,importWrappedKey_cb _hidl_cb)1234 Return<void> KeymasterDevice::importWrappedKey(
1235 const hidl_vec<uint8_t>& wrappedKeyData,
1236 const hidl_vec<uint8_t>& wrappingKeyBlob,
1237 const hidl_vec<uint8_t>& maskingKey,
1238 const hidl_vec<KeyParameter>& /* unwrappingParams */,
1239 uint64_t /* passwordSid */, uint64_t /* biometricSid */,
1240 importWrappedKey_cb _hidl_cb)
1241 {
1242 LOG(VERBOSE) << "Running KeymasterDevice::importWrappedKey";
1243
1244 ErrorCode error;
1245 ImportWrappedKeyRequest request;
1246 ImportKeyResponse response;
1247
1248 if (maskingKey.size() != KM_WRAPPER_MASKING_KEY_SIZE) {
1249 _hidl_cb(ErrorCode::INVALID_ARGUMENT, hidl_vec<uint8_t>{},
1250 KeyCharacteristics{});
1251 return Void();
1252 }
1253
1254 error = import_wrapped_key_request(wrappedKeyData, wrappingKeyBlob,
1255 maskingKey, &request);
1256 if (error != ErrorCode::OK) {
1257 LOG(ERROR) << "ImportWrappedKey request parsing failed with error "
1258 << error;
1259 _hidl_cb(error, hidl_vec<uint8_t>{}, KeyCharacteristics{});
1260 return Void();
1261 }
1262 request.set_creation_time_ms(ms_since_epoch());
1263
1264 KM_CALLV(ImportWrappedKey, request, response,
1265 hidl_vec<uint8_t>{}, KeyCharacteristics{});
1266
1267 hidl_vec<uint8_t> blob;
1268 blob.setToExternal(
1269 reinterpret_cast<uint8_t*>(
1270 const_cast<char*>(response.blob().blob().data())),
1271 response.blob().blob().size(), false);
1272
1273 KeyCharacteristics characteristics;
1274 // TODO: anything to do here with softwareEnforced?
1275 pb_to_hidl_params(response.characteristics().software_enforced(),
1276 &characteristics.softwareEnforced);
1277 error = pb_to_hidl_params(response.characteristics().tee_enforced(),
1278 &characteristics.hardwareEnforced);
1279 if (error != ErrorCode::OK) {
1280 LOG(ERROR) <<
1281 "KeymasterDevice::importWrappedKey: response tee_enforced :"
1282 << error;
1283 _hidl_cb(error, hidl_vec<uint8_t>{}, KeyCharacteristics{});
1284 return Void();
1285 }
1286
1287 _hidl_cb(ErrorCode::OK, blob, characteristics);
1288 return Void();
1289 }
1290
1291 // Private methods.
SendSystemVersionInfo() const1292 Return<ErrorCode> KeymasterDevice::SendSystemVersionInfo() const {
1293 SetSystemVersionInfoRequest request;
1294 SetSystemVersionInfoResponse response;
1295
1296 request.set_system_version(_os_version);
1297 request.set_system_security_level(_os_patchlevel);
1298 request.set_vendor_security_level(_vendor_patchlevel);
1299
1300 KM_CALL(SetSystemVersionInfo, request, response);
1301 return ErrorCode::OK;
1302 }
1303
GetBootInfo()1304 Return<ErrorCode> KeymasterDevice::GetBootInfo() {
1305 GetBootInfoRequest request;
1306 GetBootInfoResponse response;
1307
1308 KM_CALL(GetBootInfo, request, response);
1309
1310 _is_unlocked = response.is_unlocked();
1311 _boot_color = response.boot_color();
1312 _boot_key.assign(response.boot_key().begin(), response.boot_key().end());
1313 _boot_hash.assign(response.boot_hash().begin(), response.boot_hash().end());
1314 return ErrorCode::OK;
1315 }
1316
1317 } // namespace keymaster
1318 } // namespace hardware
1319 } // namespace android
1320