• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2016 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include "Keymaster.h"
18 
19 #include <android-base/logging.h>
20 #include <keymasterV4_0/authorization_set.h>
21 #include <keymasterV4_0/keymaster_utils.h>
22 
23 namespace android {
24 namespace vold {
25 
26 using ::android::hardware::hidl_string;
27 using ::android::hardware::hidl_vec;
28 using ::android::hardware::keymaster::V4_0::SecurityLevel;
29 
~KeymasterOperation()30 KeymasterOperation::~KeymasterOperation() {
31     if (mDevice) mDevice->abort(mOpHandle);
32 }
33 
updateCompletely(const char * input,size_t inputLen,const std::function<void (const char *,size_t)> consumer)34 bool KeymasterOperation::updateCompletely(const char* input, size_t inputLen,
35                                           const std::function<void(const char*, size_t)> consumer) {
36     uint32_t inputConsumed = 0;
37 
38     km::ErrorCode km_error;
39     auto hidlCB = [&](km::ErrorCode ret, uint32_t inputConsumedDelta,
40                       const hidl_vec<km::KeyParameter>& /*ignored*/,
41                       const hidl_vec<uint8_t>& _output) {
42         km_error = ret;
43         if (km_error != km::ErrorCode::OK) return;
44         inputConsumed += inputConsumedDelta;
45         consumer(reinterpret_cast<const char*>(&_output[0]), _output.size());
46     };
47 
48     while (inputConsumed != inputLen) {
49         size_t toRead = static_cast<size_t>(inputLen - inputConsumed);
50         auto inputBlob = km::support::blob2hidlVec(
51             reinterpret_cast<const uint8_t*>(&input[inputConsumed]), toRead);
52         auto error = mDevice->update(mOpHandle, hidl_vec<km::KeyParameter>(), inputBlob,
53                                      km::HardwareAuthToken(), km::VerificationToken(), hidlCB);
54         if (!error.isOk()) {
55             LOG(ERROR) << "update failed: " << error.description();
56             mDevice = nullptr;
57             return false;
58         }
59         if (km_error != km::ErrorCode::OK) {
60             LOG(ERROR) << "update failed, code " << int32_t(km_error);
61             mDevice = nullptr;
62             return false;
63         }
64         if (inputConsumed > inputLen) {
65             LOG(ERROR) << "update reported too much input consumed";
66             mDevice = nullptr;
67             return false;
68         }
69     }
70     return true;
71 }
72 
finish(std::string * output)73 bool KeymasterOperation::finish(std::string* output) {
74     km::ErrorCode km_error;
75     auto hidlCb = [&](km::ErrorCode ret, const hidl_vec<km::KeyParameter>& /*ignored*/,
76                       const hidl_vec<uint8_t>& _output) {
77         km_error = ret;
78         if (km_error != km::ErrorCode::OK) return;
79         if (output) output->assign(reinterpret_cast<const char*>(&_output[0]), _output.size());
80     };
81     auto error = mDevice->finish(mOpHandle, hidl_vec<km::KeyParameter>(), hidl_vec<uint8_t>(),
82                                  hidl_vec<uint8_t>(), km::HardwareAuthToken(),
83                                  km::VerificationToken(), hidlCb);
84     mDevice = nullptr;
85     if (!error.isOk()) {
86         LOG(ERROR) << "finish failed: " << error.description();
87         return false;
88     }
89     if (km_error != km::ErrorCode::OK) {
90         LOG(ERROR) << "finish failed, code " << int32_t(km_error);
91         return false;
92     }
93     return true;
94 }
95 
96 /* static */ bool Keymaster::hmacKeyGenerated = false;
97 
Keymaster()98 Keymaster::Keymaster() {
99     auto devices = KmDevice::enumerateAvailableDevices();
100     if (!hmacKeyGenerated) {
101         KmDevice::performHmacKeyAgreement(devices);
102         hmacKeyGenerated = true;
103     }
104     for (auto& dev : devices) {
105         // Do not use StrongBox for device encryption / credential encryption.  If a security chip
106         // is present it will have Weaver, which already strengthens CE.  We get no additional
107         // benefit from using StrongBox here, so skip it.
108         if (dev->halVersion().securityLevel != SecurityLevel::STRONGBOX) {
109             mDevice = std::move(dev);
110             break;
111         }
112     }
113     if (!mDevice) return;
114     auto& version = mDevice->halVersion();
115     LOG(INFO) << "Using " << version.keymasterName << " from " << version.authorName
116               << " for encryption.  Security level: " << toString(version.securityLevel)
117               << ", HAL: " << mDevice->descriptor() << "/" << mDevice->instanceName();
118 }
119 
generateKey(const km::AuthorizationSet & inParams,std::string * key)120 bool Keymaster::generateKey(const km::AuthorizationSet& inParams, std::string* key) {
121     km::ErrorCode km_error;
122     auto hidlCb = [&](km::ErrorCode ret, const hidl_vec<uint8_t>& keyBlob,
123                       const km::KeyCharacteristics& /*ignored*/) {
124         km_error = ret;
125         if (km_error != km::ErrorCode::OK) return;
126         if (key) key->assign(reinterpret_cast<const char*>(&keyBlob[0]), keyBlob.size());
127     };
128 
129     auto error = mDevice->generateKey(inParams.hidl_data(), hidlCb);
130     if (!error.isOk()) {
131         LOG(ERROR) << "generate_key failed: " << error.description();
132         return false;
133     }
134     if (km_error != km::ErrorCode::OK) {
135         LOG(ERROR) << "generate_key failed, code " << int32_t(km_error);
136         return false;
137     }
138     return true;
139 }
140 
deleteKey(const std::string & key)141 bool Keymaster::deleteKey(const std::string& key) {
142     auto keyBlob = km::support::blob2hidlVec(key);
143     auto error = mDevice->deleteKey(keyBlob);
144     if (!error.isOk()) {
145         LOG(ERROR) << "delete_key failed: " << error.description();
146         return false;
147     }
148     if (error != km::ErrorCode::OK) {
149         LOG(ERROR) << "delete_key failed, code " << int32_t(km::ErrorCode(error));
150         return false;
151     }
152     return true;
153 }
154 
upgradeKey(const std::string & oldKey,const km::AuthorizationSet & inParams,std::string * newKey)155 bool Keymaster::upgradeKey(const std::string& oldKey, const km::AuthorizationSet& inParams,
156                            std::string* newKey) {
157     auto oldKeyBlob = km::support::blob2hidlVec(oldKey);
158     km::ErrorCode km_error;
159     auto hidlCb = [&](km::ErrorCode ret, const hidl_vec<uint8_t>& upgradedKeyBlob) {
160         km_error = ret;
161         if (km_error != km::ErrorCode::OK) return;
162         if (newKey)
163             newKey->assign(reinterpret_cast<const char*>(&upgradedKeyBlob[0]),
164                            upgradedKeyBlob.size());
165     };
166     auto error = mDevice->upgradeKey(oldKeyBlob, inParams.hidl_data(), hidlCb);
167     if (!error.isOk()) {
168         LOG(ERROR) << "upgrade_key failed: " << error.description();
169         return false;
170     }
171     if (km_error != km::ErrorCode::OK) {
172         LOG(ERROR) << "upgrade_key failed, code " << int32_t(km_error);
173         return false;
174     }
175     return true;
176 }
177 
begin(km::KeyPurpose purpose,const std::string & key,const km::AuthorizationSet & inParams,const km::HardwareAuthToken & authToken,km::AuthorizationSet * outParams)178 KeymasterOperation Keymaster::begin(km::KeyPurpose purpose, const std::string& key,
179                                     const km::AuthorizationSet& inParams,
180                                     const km::HardwareAuthToken& authToken,
181                                     km::AuthorizationSet* outParams) {
182     auto keyBlob = km::support::blob2hidlVec(key);
183     uint64_t mOpHandle;
184     km::ErrorCode km_error;
185 
186     auto hidlCb = [&](km::ErrorCode ret, const hidl_vec<km::KeyParameter>& _outParams,
187                       uint64_t operationHandle) {
188         km_error = ret;
189         if (km_error != km::ErrorCode::OK) return;
190         if (outParams) *outParams = _outParams;
191         mOpHandle = operationHandle;
192     };
193 
194     auto error = mDevice->begin(purpose, keyBlob, inParams.hidl_data(), authToken, hidlCb);
195     if (!error.isOk()) {
196         LOG(ERROR) << "begin failed: " << error.description();
197         return KeymasterOperation(km::ErrorCode::UNKNOWN_ERROR);
198     }
199     if (km_error != km::ErrorCode::OK) {
200         LOG(ERROR) << "begin failed, code " << int32_t(km_error);
201         return KeymasterOperation(km_error);
202     }
203     return KeymasterOperation(mDevice.get(), mOpHandle);
204 }
205 
isSecure()206 bool Keymaster::isSecure() {
207     return mDevice->halVersion().securityLevel != km::SecurityLevel::SOFTWARE;
208 }
209 
210 }  // namespace vold
211 }  // namespace android
212 
213 using namespace ::android::vold;
214 
keymaster_compatibility_cryptfs_scrypt()215 int keymaster_compatibility_cryptfs_scrypt() {
216     Keymaster dev;
217     if (!dev) {
218         LOG(ERROR) << "Failed to initiate keymaster session";
219         return -1;
220     }
221     return dev.isSecure();
222 }
223 
write_string_to_buf(const std::string & towrite,uint8_t * buffer,uint32_t buffer_size,uint32_t * out_size)224 static bool write_string_to_buf(const std::string& towrite, uint8_t* buffer, uint32_t buffer_size,
225                                 uint32_t* out_size) {
226     if (!buffer || !out_size) {
227         LOG(ERROR) << "Missing target pointers";
228         return false;
229     }
230     *out_size = towrite.size();
231     if (buffer_size < towrite.size()) {
232         LOG(ERROR) << "Buffer too small " << buffer_size << " < " << towrite.size();
233         return false;
234     }
235     memset(buffer, '\0', buffer_size);
236     std::copy(towrite.begin(), towrite.end(), buffer);
237     return true;
238 }
239 
keyParams(uint32_t rsa_key_size,uint64_t rsa_exponent,uint32_t ratelimit)240 static km::AuthorizationSet keyParams(uint32_t rsa_key_size, uint64_t rsa_exponent,
241                                       uint32_t ratelimit) {
242     return km::AuthorizationSetBuilder()
243         .RsaSigningKey(rsa_key_size, rsa_exponent)
244         .NoDigestOrPadding()
245         .Authorization(km::TAG_BLOB_USAGE_REQUIREMENTS, km::KeyBlobUsageRequirements::STANDALONE)
246         .Authorization(km::TAG_NO_AUTH_REQUIRED)
247         .Authorization(km::TAG_MIN_SECONDS_BETWEEN_OPS, ratelimit);
248 }
249 
keymaster_create_key_for_cryptfs_scrypt(uint32_t rsa_key_size,uint64_t rsa_exponent,uint32_t ratelimit,uint8_t * key_buffer,uint32_t key_buffer_size,uint32_t * key_out_size)250 int keymaster_create_key_for_cryptfs_scrypt(uint32_t rsa_key_size, uint64_t rsa_exponent,
251                                             uint32_t ratelimit, uint8_t* key_buffer,
252                                             uint32_t key_buffer_size, uint32_t* key_out_size) {
253     if (key_out_size) {
254         *key_out_size = 0;
255     }
256     Keymaster dev;
257     if (!dev) {
258         LOG(ERROR) << "Failed to initiate keymaster session";
259         return -1;
260     }
261     std::string key;
262     if (!dev.generateKey(keyParams(rsa_key_size, rsa_exponent, ratelimit), &key)) return -1;
263     if (!write_string_to_buf(key, key_buffer, key_buffer_size, key_out_size)) return -1;
264     return 0;
265 }
266 
keymaster_upgrade_key_for_cryptfs_scrypt(uint32_t rsa_key_size,uint64_t rsa_exponent,uint32_t ratelimit,const uint8_t * key_blob,size_t key_blob_size,uint8_t * key_buffer,uint32_t key_buffer_size,uint32_t * key_out_size)267 int keymaster_upgrade_key_for_cryptfs_scrypt(uint32_t rsa_key_size, uint64_t rsa_exponent,
268                                              uint32_t ratelimit, const uint8_t* key_blob,
269                                              size_t key_blob_size, uint8_t* key_buffer,
270                                              uint32_t key_buffer_size, uint32_t* key_out_size) {
271     if (key_out_size) {
272         *key_out_size = 0;
273     }
274     Keymaster dev;
275     if (!dev) {
276         LOG(ERROR) << "Failed to initiate keymaster session";
277         return -1;
278     }
279     std::string old_key(reinterpret_cast<const char*>(key_blob), key_blob_size);
280     std::string new_key;
281     if (!dev.upgradeKey(old_key, keyParams(rsa_key_size, rsa_exponent, ratelimit), &new_key))
282         return -1;
283     if (!write_string_to_buf(new_key, key_buffer, key_buffer_size, key_out_size)) return -1;
284     return 0;
285 }
286 
keymaster_sign_object_for_cryptfs_scrypt(const uint8_t * key_blob,size_t key_blob_size,uint32_t ratelimit,const uint8_t * object,const size_t object_size,uint8_t ** signature_buffer,size_t * signature_buffer_size)287 KeymasterSignResult keymaster_sign_object_for_cryptfs_scrypt(
288     const uint8_t* key_blob, size_t key_blob_size, uint32_t ratelimit, const uint8_t* object,
289     const size_t object_size, uint8_t** signature_buffer, size_t* signature_buffer_size) {
290     Keymaster dev;
291     if (!dev) {
292         LOG(ERROR) << "Failed to initiate keymaster session";
293         return KeymasterSignResult::error;
294     }
295     if (!key_blob || !object || !signature_buffer || !signature_buffer_size) {
296         LOG(ERROR) << __FILE__ << ":" << __LINE__ << ":Invalid argument";
297         return KeymasterSignResult::error;
298     }
299 
300     km::AuthorizationSet outParams;
301     std::string key(reinterpret_cast<const char*>(key_blob), key_blob_size);
302     std::string input(reinterpret_cast<const char*>(object), object_size);
303     std::string output;
304     KeymasterOperation op;
305 
306     auto paramBuilder = km::AuthorizationSetBuilder().NoDigestOrPadding();
307     while (true) {
308         op = dev.begin(km::KeyPurpose::SIGN, key, paramBuilder, km::HardwareAuthToken(), &outParams);
309         if (op.errorCode() == km::ErrorCode::KEY_RATE_LIMIT_EXCEEDED) {
310             sleep(ratelimit);
311             continue;
312         } else
313             break;
314     }
315 
316     if (op.errorCode() == km::ErrorCode::KEY_REQUIRES_UPGRADE) {
317         LOG(ERROR) << "Keymaster key requires upgrade";
318         return KeymasterSignResult::upgrade;
319     }
320 
321     if (op.errorCode() != km::ErrorCode::OK) {
322         LOG(ERROR) << "Error starting keymaster signature transaction: " << int32_t(op.errorCode());
323         return KeymasterSignResult::error;
324     }
325 
326     if (!op.updateCompletely(input, &output)) {
327         LOG(ERROR) << "Error sending data to keymaster signature transaction: "
328                    << uint32_t(op.errorCode());
329         return KeymasterSignResult::error;
330     }
331 
332     if (!op.finish(&output)) {
333         LOG(ERROR) << "Error finalizing keymaster signature transaction: "
334                    << int32_t(op.errorCode());
335         return KeymasterSignResult::error;
336     }
337 
338     *signature_buffer = reinterpret_cast<uint8_t*>(malloc(output.size()));
339     if (*signature_buffer == nullptr) {
340         LOG(ERROR) << "Error allocation buffer for keymaster signature";
341         return KeymasterSignResult::error;
342     }
343     *signature_buffer_size = output.size();
344     std::copy(output.data(), output.data() + output.size(), *signature_buffer);
345     return KeymasterSignResult::ok;
346 }
347