1 /* 2 ** 3 ** Copyright 2017, The Android Open Source Project 4 ** 5 ** Licensed under the Apache License, Version 2.0 (the "License"); 6 ** you may not use this file except in compliance with the License. 7 ** You may obtain a copy of the License at 8 ** 9 ** http://www.apache.org/licenses/LICENSE-2.0 10 ** 11 ** Unless required by applicable law or agreed to in writing, software 12 ** distributed under the License is distributed on an "AS IS" BASIS, 13 ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 ** See the License for the specific language governing permissions and 15 ** limitations under the License. 16 */ 17 18 #ifndef SOFTWARE_CONTEXT_KEYMASTER1_PASSTHROUGH_CONTEXT_H_ 19 #define SOFTWARE_CONTEXT_KEYMASTER1_PASSTHROUGH_CONTEXT_H_ 20 21 #include <unordered_map> 22 23 #include <hardware/keymaster1.h> 24 #include <hardware/keymaster_defs.h> 25 26 #include <keymaster/attestation_record.h> 27 #include <keymaster/keymaster_context.h> 28 #include <keymaster/km_openssl/software_random_source.h> 29 #include <keymaster/legacy_support/keymaster1_engine.h> 30 #include <keymaster/legacy_support/keymaster_passthrough_engine.h> 31 #include <keymaster/legacy_support/keymaster_passthrough_key.h> 32 #include <keymaster/soft_key_factory.h> 33 34 namespace keymaster { 35 36 class Keymaster1PassthroughContext : public KeymasterContext, 37 AttestationRecordContext, 38 public SoftwareRandomSource, 39 public SoftwareKeyBlobMaker { 40 public: 41 explicit Keymaster1PassthroughContext(keymaster1_device_t* dev); 42 43 /** 44 * Sets the system version as reported by the system *itself*. This is used to verify that the 45 * system believes itself to be running the same version that is reported by the bootloader, in 46 * hardware implementations. For SoftKeymasterDevice, this sets the version information used. 47 * 48 * If the specified values don't match the bootloader-provided values, this method must return 49 * KM_ERROR_INVALID_ARGUMENT; 50 */ 51 keymaster_error_t SetSystemVersion(uint32_t os_version, uint32_t os_patchlevel) override; 52 53 /** 54 * Returns the system version. For hardware-based implementations this will be the value 55 * reported by the bootloader. For SoftKeymasterDevice it will be the verion information set by 56 * SetSystemVersion above. 57 */ 58 void GetSystemVersion(uint32_t* os_version, uint32_t* os_patchlevel) const override; 59 60 KeyFactory* GetKeyFactory(keymaster_algorithm_t algorithm) const override; 61 OperationFactory* GetOperationFactory(keymaster_algorithm_t algorithm, 62 keymaster_purpose_t purpose) const override; 63 keymaster_algorithm_t* GetSupportedAlgorithms(size_t* algorithms_count) const override; 64 65 /** 66 * UpgradeKeyBlob takes an existing blob, parses out key material and constructs a new blob with 67 * the current format and OS version info. 68 */ 69 keymaster_error_t UpgradeKeyBlob(const KeymasterKeyBlob& key_to_upgrade, 70 const AuthorizationSet& upgrade_params, 71 KeymasterKeyBlob* upgraded_key) const override; 72 73 /** 74 * ParseKeyBlob takes a blob and extracts authorization sets and key material, returning an 75 * error if the blob fails integrity checking or decryption. Note that the returned key 76 * material may itself be an opaque blob usable only by secure hardware (in the hybrid case). 77 * 78 * This method is called by AndroidKeymaster. 79 */ 80 keymaster_error_t ParseKeyBlob(const KeymasterKeyBlob& blob, 81 const AuthorizationSet& additional_params, 82 UniquePtr<Key>* key) const override; 83 84 /** 85 * Take whatever environment-specific action is appropriate (if any) to delete the specified 86 * key. 87 */ 88 keymaster_error_t DeleteKey(const KeymasterKeyBlob& /* blob */) const override; 89 90 /** 91 * Take whatever environment-specific action is appropriate to delete all keys. 92 */ 93 keymaster_error_t DeleteAllKeys() const override; 94 95 /** 96 * Adds entropy to the Cryptographic Pseudo Random Number Generator used to generate key 97 * material, and other cryptographic protocol elements. Note that if the underlying CPRNG 98 * tracks the size of its entropy pool, it should not assume that the provided data contributes 99 * any entropy, and it should also ensure that data provided through this interface cannot 100 * "poison" the CPRNG outputs, making them predictable. 101 */ 102 keymaster_error_t AddRngEntropy(const uint8_t* buf, size_t length) const override; 103 104 /** 105 * Return the enforcement policy for this context, or null if no enforcement should be done. 106 */ 107 KeymasterEnforcement* enforcement_policy() override; 108 109 keymaster_error_t GenerateAttestation(const Key& key, const AuthorizationSet& attest_params, 110 CertChainPtr* cert_chain) const override; 111 112 keymaster_error_t CreateKeyBlob(const AuthorizationSet& key_description, 113 const keymaster_key_origin_t origin, 114 const KeymasterKeyBlob& key_material, KeymasterKeyBlob* blob, 115 AuthorizationSet* hw_enforced, 116 AuthorizationSet* sw_enforced) const override; 117 118 keymaster_error_t 119 UnwrapKey(const KeymasterKeyBlob& wrapped_key_blob, const KeymasterKeyBlob& wrapping_key_blob, 120 const AuthorizationSet& wrapping_key_params, const KeymasterKeyBlob& masking_key, 121 AuthorizationSet* wrapped_key_params, keymaster_key_format_t* wrapped_key_format, 122 KeymasterKeyBlob* wrapped_key_material) const override; 123 124 private: 125 keymaster1_device_t* device_; 126 mutable std::unordered_map<keymaster_algorithm_t, UniquePtr<KeyFactory>> factories_; 127 UniquePtr<KeymasterPassthroughEngine> pt_engine_; 128 UniquePtr<Keymaster1Engine> km1_engine_; 129 130 uint32_t os_version_; 131 uint32_t os_patchlevel_; 132 }; 133 134 } // namespace keymaster 135 136 #endif // SOFTWARE_CONTEXT_KEYMASTER1_PASSTHROUGH_CONTEXT_H_ 137