1 /*
2 * Copyright 2016 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <keymaster/km_openssl/attestation_record.h>
18
19 #include <assert.h>
20 #include <math.h>
21
22 #include <unordered_map>
23
24 #include <cppbor_parse.h>
25 #include <openssl/asn1t.h>
26
27 #include <keymaster/android_keymaster_utils.h>
28 #include <keymaster/attestation_context.h>
29 #include <keymaster/km_openssl/openssl_err.h>
30 #include <keymaster/km_openssl/openssl_utils.h>
31
32 #define ASSERT_OR_RETURN_ERROR(stmt, error) \
33 do { \
34 assert(stmt); \
35 if (!(stmt)) { \
36 return error; \
37 } \
38 } while (0)
39
40 namespace keymaster {
41
42 constexpr size_t kMaximumAttestationChallengeLength = 128;
43
44 IMPLEMENT_ASN1_FUNCTIONS(KM_ROOT_OF_TRUST);
45 IMPLEMENT_ASN1_FUNCTIONS(KM_AUTH_LIST);
46 IMPLEMENT_ASN1_FUNCTIONS(KM_KEY_DESCRIPTION);
47
48 static const keymaster_tag_t kDeviceAttestationTags[] = {
49 KM_TAG_ATTESTATION_ID_BRAND, KM_TAG_ATTESTATION_ID_DEVICE, KM_TAG_ATTESTATION_ID_PRODUCT,
50 KM_TAG_ATTESTATION_ID_SERIAL, KM_TAG_ATTESTATION_ID_IMEI, KM_TAG_ATTESTATION_ID_MEID,
51 KM_TAG_ATTESTATION_ID_MANUFACTURER, KM_TAG_ATTESTATION_ID_MODEL,
52 };
53
54 struct KM_AUTH_LIST_Delete {
operator ()keymaster::KM_AUTH_LIST_Delete55 void operator()(KM_AUTH_LIST* p) { KM_AUTH_LIST_free(p); }
56 };
57
58 struct KM_KEY_DESCRIPTION_Delete {
operator ()keymaster::KM_KEY_DESCRIPTION_Delete59 void operator()(KM_KEY_DESCRIPTION* p) { KM_KEY_DESCRIPTION_free(p); }
60 };
61
62 struct KM_ROOT_OF_TRUST_Delete {
operator ()keymaster::KM_ROOT_OF_TRUST_Delete63 void operator()(KM_ROOT_OF_TRUST* p) { KM_ROOT_OF_TRUST_free(p); }
64 };
65
blob_to_bstr(const keymaster_blob_t & blob)66 static cppbor::Bstr blob_to_bstr(const keymaster_blob_t& blob) {
67 return cppbor::Bstr(std::pair(blob.data, blob.data_length));
68 }
69
bstr_to_blob(const cppbor::Bstr * bstr,keymaster_blob_t * blob)70 static keymaster_error_t bstr_to_blob(const cppbor::Bstr* bstr, keymaster_blob_t* blob) {
71 ASSERT_OR_RETURN_ERROR(bstr, KM_ERROR_INVALID_TAG);
72 const std::vector<uint8_t>& vec = bstr->value();
73 uint8_t* data = (uint8_t*)calloc(vec.size(), sizeof(uint8_t));
74 if (data == nullptr) {
75 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
76 }
77
78 std::copy(vec.begin(), vec.end(), data);
79 blob->data = data;
80 blob->data_length = vec.size();
81
82 return KM_ERROR_OK;
83 }
84
get_uint32_value(const keymaster_key_param_t & param)85 static uint32_t get_uint32_value(const keymaster_key_param_t& param) {
86 switch (keymaster_tag_get_type(param.tag)) {
87 case KM_ENUM:
88 case KM_ENUM_REP:
89 return param.enumerated;
90 case KM_UINT:
91 case KM_UINT_REP:
92 return param.integer;
93 default:
94 ASSERT_OR_RETURN_ERROR(false, 0xFFFFFFFF);
95 }
96 }
97
get_uint32_value(EatSecurityLevel level)98 static int64_t get_uint32_value(EatSecurityLevel level) {
99 return static_cast<int64_t>(level);
100 }
101
102 // Insert value in either the dest_integer or the dest_integer_set, whichever is provided.
insert_integer(ASN1_INTEGER * value,ASN1_INTEGER ** dest_integer,ASN1_INTEGER_SET ** dest_integer_set)103 static keymaster_error_t insert_integer(ASN1_INTEGER* value, ASN1_INTEGER** dest_integer,
104 ASN1_INTEGER_SET** dest_integer_set) {
105 ASSERT_OR_RETURN_ERROR((dest_integer == nullptr) ^ (dest_integer_set == nullptr),
106 KM_ERROR_UNEXPECTED_NULL_POINTER);
107 ASSERT_OR_RETURN_ERROR(value, KM_ERROR_INVALID_ARGUMENT);
108
109 if (dest_integer_set) {
110 if (!*dest_integer_set) {
111 *dest_integer_set = sk_ASN1_INTEGER_new_null();
112 }
113 if (!*dest_integer_set) {
114 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
115 }
116 if (!sk_ASN1_INTEGER_push(*dest_integer_set, value)) {
117 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
118 }
119 return KM_ERROR_OK;
120
121 } else if (dest_integer) {
122 if (*dest_integer) {
123 ASN1_INTEGER_free(*dest_integer);
124 }
125 *dest_integer = value;
126 return KM_ERROR_OK;
127 }
128
129 ASSERT_OR_RETURN_ERROR(false, KM_ERROR_UNKNOWN_ERROR); // Should never get here.
130 }
131
132 // Add a repeating enum to a map going mapping its key to list of values.
add_repeating_enum(EatClaim key,uint32_t value,std::unordered_map<EatClaim,cppbor::Array> * fields_map)133 static void add_repeating_enum(EatClaim key, uint32_t value,
134 std::unordered_map<EatClaim, cppbor::Array>* fields_map) {
135 auto field = fields_map->find(key);
136 if (field != fields_map->end()) {
137 field->second.add(value);
138 } else {
139 fields_map->insert({key, cppbor::Array().add(value)});
140 }
141 }
142
143 static keymaster_error_t
insert_unknown_tag(const keymaster_key_param_t & param,cppbor::Map * dest_map,std::unordered_map<EatClaim,cppbor::Array> * fields_map)144 insert_unknown_tag(const keymaster_key_param_t& param, cppbor::Map* dest_map,
145 std::unordered_map<EatClaim, cppbor::Array>* fields_map) {
146 EatClaim private_eat_tag = static_cast<EatClaim>(convert_to_eat_claim(param.tag));
147 switch (keymaster_tag_get_type(param.tag)) {
148 case KM_ENUM:
149 dest_map->add(private_eat_tag, param.enumerated);
150 break;
151 case KM_ENUM_REP:
152 add_repeating_enum(private_eat_tag, param.enumerated, fields_map);
153 break;
154 case KM_UINT:
155 dest_map->add(private_eat_tag, param.integer);
156 break;
157 case KM_UINT_REP:
158 add_repeating_enum(private_eat_tag, param.integer, fields_map);
159 break;
160 case KM_ULONG:
161 dest_map->add(private_eat_tag, param.long_integer);
162 break;
163 case KM_ULONG_REP:
164 add_repeating_enum(private_eat_tag, param.long_integer, fields_map);
165 break;
166 case KM_DATE:
167 dest_map->add(private_eat_tag, param.date_time);
168 break;
169 case KM_BOOL:
170 dest_map->add(private_eat_tag, true);
171 break;
172 case KM_BIGNUM:
173 case KM_BYTES:
174 dest_map->add(private_eat_tag, blob_to_bstr(param.blob));
175 break;
176 default:
177 ASSERT_OR_RETURN_ERROR(false, KM_ERROR_INVALID_TAG);
178 }
179 return KM_ERROR_OK;
180 }
181
182 /**
183 * Convert an IMEI encoded as a string of numbers into the UEID format defined in
184 * https://tools.ietf.org/html/draft-ietf-rats-eat.
185 * The resulting format is a bstr encoded as follows:
186 * - Type byte: 0x03
187 * - IMEI (without check digit), encoded as byte string of length 14 with each byte as the digit's
188 * value. The IMEI value encoded SHALL NOT include Luhn checksum or SVN information.
189 */
imei_to_ueid(const keymaster_blob_t & imei_blob,cppbor::Bstr * out)190 keymaster_error_t imei_to_ueid(const keymaster_blob_t& imei_blob, cppbor::Bstr* out) {
191 ASSERT_OR_RETURN_ERROR(imei_blob.data_length == kImeiBlobLength, KM_ERROR_INVALID_TAG);
192
193 uint8_t ueid[kUeidLength];
194 ueid[0] = kImeiTypeByte;
195 // imei_blob corresponds to android.telephony.TelephonyManager#getDeviceId(), which is the
196 // 15-digit IMEI (including the check digit), encoded as a string.
197 for (size_t i = 1; i < kUeidLength; i++) {
198 // Convert each character to its numeric value.
199 ueid[i] = imei_blob.data[i - 1] - '0'; // Intentionally skip check digit at last position.
200 }
201
202 *out = cppbor::Bstr(std::pair(ueid, sizeof(ueid)));
203 return KM_ERROR_OK;
204 }
205
ueid_to_imei_blob(const cppbor::Bstr * ueid,keymaster_blob_t * out)206 keymaster_error_t ueid_to_imei_blob(const cppbor::Bstr* ueid, keymaster_blob_t* out) {
207 ASSERT_OR_RETURN_ERROR(ueid, KM_ERROR_INVALID_TAG);
208 const std::vector<uint8_t>& ueid_vec = ueid->value();
209 ASSERT_OR_RETURN_ERROR(ueid_vec.size() == kUeidLength, KM_ERROR_INVALID_TAG);
210 ASSERT_OR_RETURN_ERROR(ueid_vec[0] == kImeiTypeByte, KM_ERROR_INVALID_TAG);
211
212 uint8_t* imei_string = (uint8_t*)calloc(kImeiBlobLength, sizeof(uint8_t));
213 // Fill string from left to right, and calculate Luhn check digit.
214 int luhn_digit_sum = 0;
215 for (size_t i = 0; i < kImeiBlobLength - 1; i++) {
216 uint8_t digit_i = ueid_vec[i + 1];
217 // Convert digit to its string value.
218 imei_string[i] = '0' + digit_i;
219 luhn_digit_sum += i % 2 == 0 ? digit_i : digit_i * 2 / 10 + (digit_i * 2) % 10;
220 }
221 imei_string[kImeiBlobLength - 1] = '0' + (10 - luhn_digit_sum % 10) % 10;
222
223 *out = {.data = imei_string, .data_length = kImeiBlobLength};
224 return KM_ERROR_OK;
225 }
226
ec_key_size_to_eat_curve(uint32_t key_size_bits,int * curve)227 keymaster_error_t ec_key_size_to_eat_curve(uint32_t key_size_bits, int* curve) {
228 switch (key_size_bits) {
229 default:
230 return KM_ERROR_UNSUPPORTED_KEY_SIZE;
231
232 case 224:
233 *curve = (int)EatEcCurve::P_224;
234 break;
235
236 case 256:
237 *curve = (int)EatEcCurve::P_256;
238 break;
239
240 case 384:
241 *curve = (int)EatEcCurve::P_384;
242 break;
243
244 case 521:
245 *curve = (int)EatEcCurve::P_521;
246 break;
247 }
248
249 return KM_ERROR_OK;
250 }
251
is_valid_attestation_challenge(const keymaster_blob_t & attestation_challenge)252 bool is_valid_attestation_challenge(const keymaster_blob_t& attestation_challenge) {
253 // TODO(171864369): Limit apps targeting >= API 30 to attestations in the range of
254 // [0, 128] bytes.
255 return (attestation_challenge.data_length <= kMaximumAttestationChallengeLength);
256 }
257
generate_unique_id(const AttestationContext & context,const AuthorizationSet & sw_enforced,const AuthorizationSet & attestation_params,keymaster_error_t * error)258 Buffer generate_unique_id(const AttestationContext& context, //
259 const AuthorizationSet& sw_enforced,
260 const AuthorizationSet& attestation_params, //
261 keymaster_error_t* error) {
262 uint64_t creation_datetime;
263 // Only check sw_enforced for TAG_CREATION_DATETIME, since it shouldn't be in tee_enforced,
264 // since this implementation has no secure wall clock.
265 if (!sw_enforced.GetTagValue(TAG_CREATION_DATETIME, &creation_datetime)) {
266 LOG_E("Unique ID cannot be created without creation datetime", 0);
267 *error = KM_ERROR_INVALID_KEY_BLOB;
268 return {};
269 }
270
271 keymaster_blob_t application_id = {nullptr, 0};
272 sw_enforced.GetTagValue(TAG_APPLICATION_ID, &application_id);
273
274 return context.GenerateUniqueId(creation_datetime, application_id,
275 attestation_params.GetTagValue(TAG_RESET_SINCE_ID_ROTATION),
276 error);
277 }
278
279 // Put the contents of the keymaster AuthorizationSet auth_list into the EAT record structure.
build_eat_submod(const AuthorizationSet & auth_list,const EatSecurityLevel security_level,cppbor::Map * submod)280 keymaster_error_t build_eat_submod(const AuthorizationSet& auth_list,
281 const EatSecurityLevel security_level, cppbor::Map* submod) {
282 ASSERT_OR_RETURN_ERROR(submod, KM_ERROR_UNEXPECTED_NULL_POINTER);
283
284 if (auth_list.empty()) return KM_ERROR_OK;
285
286 submod->add(EatClaim::SECURITY_LEVEL, get_uint32_value(security_level));
287
288 // Keep repeating fields in a separate map for easy lookup.
289 // Add them to submod map in postprocessing.
290 std::unordered_map<EatClaim, cppbor::Array> repeating_fields =
291 std::unordered_map<EatClaim, cppbor::Array>();
292
293 for (auto entry : auth_list) {
294
295 switch (entry.tag) {
296
297 default:
298 // Unknown tags should only be included if they're software-enforced.
299 if (security_level == EatSecurityLevel::UNRESTRICTED) {
300 keymaster_error_t error = insert_unknown_tag(entry, submod, &repeating_fields);
301 if (error != KM_ERROR_OK) {
302 return error;
303 }
304 }
305 break;
306
307 /* Tags ignored because they should never exist */
308 case KM_TAG_INVALID:
309
310 /* Tags ignored because they're not used. */
311 case KM_TAG_ALL_USERS:
312 case KM_TAG_EXPORTABLE:
313 case KM_TAG_ECIES_SINGLE_HASH_MODE:
314 case KM_TAG_KDF:
315
316 /* Tags ignored because they're used only to provide information to operations */
317 case KM_TAG_ASSOCIATED_DATA:
318 case KM_TAG_NONCE:
319 case KM_TAG_AUTH_TOKEN:
320 case KM_TAG_MAC_LENGTH:
321 case KM_TAG_ATTESTATION_CHALLENGE:
322 case KM_TAG_RESET_SINCE_ID_ROTATION:
323
324 /* Tags ignored because they have no meaning off-device */
325 case KM_TAG_USER_ID:
326 case KM_TAG_USER_SECURE_ID:
327 case KM_TAG_BLOB_USAGE_REQUIREMENTS:
328
329 /* Tags ignored because they're not usable by app keys */
330 case KM_TAG_BOOTLOADER_ONLY:
331 case KM_TAG_INCLUDE_UNIQUE_ID:
332 case KM_TAG_MAX_USES_PER_BOOT:
333 case KM_TAG_MIN_SECONDS_BETWEEN_OPS:
334 case KM_TAG_UNIQUE_ID:
335
336 /* Tags ignored because they contain data that should not be exported */
337 case KM_TAG_APPLICATION_DATA:
338 case KM_TAG_APPLICATION_ID:
339 case KM_TAG_ROOT_OF_TRUST:
340 continue;
341
342 /* Non-repeating enumerations */
343 case KM_TAG_ALGORITHM:
344 submod->add(EatClaim::ALGORITHM, get_uint32_value(entry));
345 break;
346 case KM_TAG_EC_CURVE:
347 submod->add(EatClaim::EC_CURVE, get_uint32_value(entry));
348 break;
349 case KM_TAG_USER_AUTH_TYPE:
350 submod->add(EatClaim::USER_AUTH_TYPE, get_uint32_value(entry));
351 break;
352 case KM_TAG_ORIGIN:
353 submod->add(EatClaim::ORIGIN, get_uint32_value(entry));
354 break;
355
356 /* Repeating enumerations */
357 case KM_TAG_PURPOSE:
358 add_repeating_enum(EatClaim::PURPOSE, get_uint32_value(entry), &repeating_fields);
359 break;
360 case KM_TAG_PADDING:
361 add_repeating_enum(EatClaim::PADDING, get_uint32_value(entry), &repeating_fields);
362 break;
363 case KM_TAG_DIGEST:
364 add_repeating_enum(EatClaim::DIGEST, get_uint32_value(entry), &repeating_fields);
365 break;
366 case KM_TAG_BLOCK_MODE:
367 add_repeating_enum(EatClaim::BLOCK_MODE, get_uint32_value(entry), &repeating_fields);
368 break;
369
370 /* Non-repeating unsigned integers */
371 case KM_TAG_KEY_SIZE:
372 submod->add(EatClaim::KEY_SIZE, get_uint32_value(entry));
373 break;
374 case KM_TAG_AUTH_TIMEOUT:
375 submod->add(EatClaim::AUTH_TIMEOUT, get_uint32_value(entry));
376 break;
377 case KM_TAG_OS_VERSION:
378 submod->add(EatClaim::OS_VERSION, get_uint32_value(entry));
379 break;
380 case KM_TAG_OS_PATCHLEVEL:
381 submod->add(EatClaim::OS_PATCHLEVEL, get_uint32_value(entry));
382 break;
383 case KM_TAG_VENDOR_PATCHLEVEL:
384 submod->add(EatClaim::VENDOR_PATCHLEVEL, get_uint32_value(entry));
385 break;
386 case KM_TAG_BOOT_PATCHLEVEL:
387 submod->add(EatClaim::BOOT_PATCHLEVEL, get_uint32_value(entry));
388 break;
389 case KM_TAG_MIN_MAC_LENGTH:
390 submod->add(EatClaim::MIN_MAC_LENGTH, get_uint32_value(entry));
391 break;
392
393 /* Non-repeating long unsigned integers */
394 case KM_TAG_RSA_PUBLIC_EXPONENT:
395 submod->add(EatClaim::RSA_PUBLIC_EXPONENT, entry.long_integer);
396 break;
397
398 /* Dates */
399 case KM_TAG_ACTIVE_DATETIME:
400 submod->add(EatClaim::ACTIVE_DATETIME, entry.date_time);
401 break;
402 case KM_TAG_ORIGINATION_EXPIRE_DATETIME:
403 submod->add(EatClaim::ORIGINATION_EXPIRE_DATETIME, entry.date_time);
404 break;
405 case KM_TAG_USAGE_EXPIRE_DATETIME:
406 submod->add(EatClaim::USAGE_EXPIRE_DATETIME, entry.date_time);
407 break;
408 case KM_TAG_CREATION_DATETIME:
409 submod->add(EatClaim::IAT, entry.date_time);
410 break;
411
412 /* Booleans */
413 case KM_TAG_NO_AUTH_REQUIRED:
414 submod->add(EatClaim::NO_AUTH_REQUIRED, true);
415 break;
416 case KM_TAG_ALL_APPLICATIONS:
417 submod->add(EatClaim::ALL_APPLICATIONS, true);
418 break;
419 case KM_TAG_ROLLBACK_RESISTANT:
420 submod->add(EatClaim::ROLLBACK_RESISTANT, true);
421 break;
422 case KM_TAG_ALLOW_WHILE_ON_BODY:
423 submod->add(EatClaim::ALLOW_WHILE_ON_BODY, true);
424 break;
425 case KM_TAG_UNLOCKED_DEVICE_REQUIRED:
426 submod->add(EatClaim::UNLOCKED_DEVICE_REQUIRED, true);
427 break;
428 case KM_TAG_CALLER_NONCE:
429 submod->add(EatClaim::CALLER_NONCE, true);
430 break;
431 case KM_TAG_TRUSTED_CONFIRMATION_REQUIRED:
432 submod->add(EatClaim::TRUSTED_CONFIRMATION_REQUIRED, true);
433 break;
434 case KM_TAG_EARLY_BOOT_ONLY:
435 submod->add(EatClaim::EARLY_BOOT_ONLY, true);
436 break;
437 case KM_TAG_DEVICE_UNIQUE_ATTESTATION:
438 submod->add(EatClaim::DEVICE_UNIQUE_ATTESTATION, true);
439 break;
440 case KM_TAG_IDENTITY_CREDENTIAL_KEY:
441 submod->add(EatClaim::IDENTITY_CREDENTIAL_KEY, true);
442 break;
443 case KM_TAG_TRUSTED_USER_PRESENCE_REQUIRED:
444 submod->add(EatClaim::TRUSTED_USER_PRESENCE_REQUIRED, true);
445 break;
446 case KM_TAG_STORAGE_KEY:
447 submod->add(EatClaim::STORAGE_KEY, true);
448 break;
449
450 /* Byte arrays*/
451 case KM_TAG_ATTESTATION_APPLICATION_ID:
452 submod->add(EatClaim::ATTESTATION_APPLICATION_ID, blob_to_bstr(entry.blob));
453 break;
454 case KM_TAG_ATTESTATION_ID_BRAND:
455 submod->add(EatClaim::ATTESTATION_ID_BRAND, blob_to_bstr(entry.blob));
456 break;
457 case KM_TAG_ATTESTATION_ID_DEVICE:
458 submod->add(EatClaim::ATTESTATION_ID_DEVICE, blob_to_bstr(entry.blob));
459 break;
460 case KM_TAG_ATTESTATION_ID_PRODUCT:
461 submod->add(EatClaim::ATTESTATION_ID_PRODUCT, blob_to_bstr(entry.blob));
462 break;
463 case KM_TAG_ATTESTATION_ID_SERIAL:
464 submod->add(EatClaim::ATTESTATION_ID_SERIAL, blob_to_bstr(entry.blob));
465 break;
466 case KM_TAG_ATTESTATION_ID_IMEI: {
467 cppbor::Bstr ueid("");
468 keymaster_error_t error = imei_to_ueid(entry.blob, &ueid);
469 if (error != KM_ERROR_OK) return error;
470 submod->add(EatClaim::UEID, ueid);
471 break;
472 }
473 case KM_TAG_ATTESTATION_ID_MEID:
474 submod->add(EatClaim::ATTESTATION_ID_MEID, blob_to_bstr(entry.blob));
475 break;
476 case KM_TAG_ATTESTATION_ID_MANUFACTURER:
477 submod->add(EatClaim::ATTESTATION_ID_MANUFACTURER, blob_to_bstr(entry.blob));
478 break;
479 case KM_TAG_ATTESTATION_ID_MODEL:
480 submod->add(EatClaim::ATTESTATION_ID_MODEL, blob_to_bstr(entry.blob));
481 break;
482 case KM_TAG_CONFIRMATION_TOKEN:
483 submod->add(EatClaim::CONFIRMATION_TOKEN, blob_to_bstr(entry.blob));
484 break;
485 }
486 }
487
488 // Move values from repeating enums into the submod map.
489 for (auto const& repeating_field : repeating_fields) {
490 EatClaim key = static_cast<EatClaim>(repeating_field.first);
491 submod->add(key, std::move(repeating_fields.at(key)));
492 }
493
494 int ec_curve;
495 uint32_t key_size;
496 if (auth_list.Contains(TAG_ALGORITHM, KM_ALGORITHM_EC) && !auth_list.Contains(TAG_EC_CURVE) &&
497 auth_list.GetTagValue(TAG_KEY_SIZE, &key_size)) {
498 // This must be a keymaster1 key. It's an EC key with no curve. Insert the curve.
499
500 keymaster_error_t error = ec_key_size_to_eat_curve(key_size, &ec_curve);
501 if (error != KM_ERROR_OK) return error;
502
503 submod->add(EatClaim::EC_CURVE, ec_curve);
504 }
505
506 return KM_ERROR_OK;
507 }
508
509 // Put the contents of the keymaster AuthorizationSet auth_list into the ASN.1 record structure,
510 // record.
build_auth_list(const AuthorizationSet & auth_list,KM_AUTH_LIST * record)511 keymaster_error_t build_auth_list(const AuthorizationSet& auth_list, KM_AUTH_LIST* record) {
512 ASSERT_OR_RETURN_ERROR(record, KM_ERROR_UNEXPECTED_NULL_POINTER);
513
514 if (auth_list.empty()) return KM_ERROR_OK;
515
516 for (auto entry : auth_list) {
517
518 ASN1_INTEGER_SET** integer_set = nullptr;
519 ASN1_INTEGER** integer_ptr = nullptr;
520 ASN1_OCTET_STRING** string_ptr = nullptr;
521 ASN1_NULL** bool_ptr = nullptr;
522
523 switch (entry.tag) {
524
525 /* Tags ignored because they should never exist */
526 case KM_TAG_INVALID:
527
528 /* Tags ignored because they're not used. */
529 case KM_TAG_ALL_USERS:
530 case KM_TAG_EXPORTABLE:
531 case KM_TAG_ECIES_SINGLE_HASH_MODE:
532
533 /* Tags ignored because they're used only to provide information to operations */
534 case KM_TAG_ASSOCIATED_DATA:
535 case KM_TAG_NONCE:
536 case KM_TAG_AUTH_TOKEN:
537 case KM_TAG_MAC_LENGTH:
538 case KM_TAG_ATTESTATION_CHALLENGE:
539 case KM_TAG_RESET_SINCE_ID_ROTATION:
540 case KM_TAG_KDF:
541
542 /* Tags ignored because they're used only to provide for certificate generation */
543 case KM_TAG_CERTIFICATE_SERIAL:
544 case KM_TAG_CERTIFICATE_SUBJECT:
545 case KM_TAG_CERTIFICATE_NOT_BEFORE:
546 case KM_TAG_CERTIFICATE_NOT_AFTER:
547
548 /* Tags ignored because they have no meaning off-device */
549 case KM_TAG_USER_ID:
550 case KM_TAG_USER_SECURE_ID:
551 case KM_TAG_BLOB_USAGE_REQUIREMENTS:
552
553 /* Tags ignored because they're not usable by app keys */
554 case KM_TAG_BOOTLOADER_ONLY:
555 case KM_TAG_INCLUDE_UNIQUE_ID:
556 case KM_TAG_MAX_BOOT_LEVEL:
557 case KM_TAG_MAX_USES_PER_BOOT:
558 case KM_TAG_MIN_SECONDS_BETWEEN_OPS:
559 case KM_TAG_STORAGE_KEY:
560 case KM_TAG_UNIQUE_ID:
561
562 /* Tags ignored because they contain data that should not be exported */
563 case KM_TAG_APPLICATION_DATA:
564 case KM_TAG_APPLICATION_ID:
565 case KM_TAG_CONFIRMATION_TOKEN:
566 case KM_TAG_ROOT_OF_TRUST:
567 continue;
568
569 /* Non-repeating enumerations */
570 case KM_TAG_ALGORITHM:
571 integer_ptr = &record->algorithm;
572 break;
573 case KM_TAG_EC_CURVE:
574 integer_ptr = &record->ec_curve;
575 break;
576 case KM_TAG_USER_AUTH_TYPE:
577 integer_ptr = &record->user_auth_type;
578 break;
579 case KM_TAG_ORIGIN:
580 integer_ptr = &record->origin;
581 break;
582
583 /* Repeating enumerations */
584 case KM_TAG_PURPOSE:
585 integer_set = &record->purpose;
586 break;
587 case KM_TAG_PADDING:
588 integer_set = &record->padding;
589 break;
590 case KM_TAG_DIGEST:
591 integer_set = &record->digest;
592 break;
593 case KM_TAG_BLOCK_MODE:
594 integer_set = &record->block_mode;
595 break;
596 case KM_TAG_RSA_OAEP_MGF_DIGEST:
597 integer_set = &record->mgf_digest;
598 break;
599
600 /* Non-repeating unsigned integers */
601 case KM_TAG_KEY_SIZE:
602 integer_ptr = &record->key_size;
603 break;
604 case KM_TAG_AUTH_TIMEOUT:
605 integer_ptr = &record->auth_timeout;
606 break;
607 case KM_TAG_OS_VERSION:
608 integer_ptr = &record->os_version;
609 break;
610 case KM_TAG_OS_PATCHLEVEL:
611 integer_ptr = &record->os_patchlevel;
612 break;
613 case KM_TAG_MIN_MAC_LENGTH:
614 integer_ptr = &record->min_mac_length;
615 break;
616 case KM_TAG_BOOT_PATCHLEVEL:
617 integer_ptr = &record->boot_patch_level;
618 break;
619 case KM_TAG_VENDOR_PATCHLEVEL:
620 integer_ptr = &record->vendor_patchlevel;
621 break;
622 case KM_TAG_USAGE_COUNT_LIMIT:
623 integer_ptr = &record->usage_count_limit;
624 break;
625
626 /* Non-repeating long unsigned integers */
627 case KM_TAG_RSA_PUBLIC_EXPONENT:
628 integer_ptr = &record->rsa_public_exponent;
629 break;
630
631 /* Dates */
632 case KM_TAG_ACTIVE_DATETIME:
633 integer_ptr = &record->active_date_time;
634 break;
635 case KM_TAG_ORIGINATION_EXPIRE_DATETIME:
636 integer_ptr = &record->origination_expire_date_time;
637 break;
638 case KM_TAG_USAGE_EXPIRE_DATETIME:
639 integer_ptr = &record->usage_expire_date_time;
640 break;
641 case KM_TAG_CREATION_DATETIME:
642 integer_ptr = &record->creation_date_time;
643 break;
644
645 /* Booleans */
646 case KM_TAG_NO_AUTH_REQUIRED:
647 bool_ptr = &record->no_auth_required;
648 break;
649 case KM_TAG_ALL_APPLICATIONS:
650 bool_ptr = &record->all_applications;
651 break;
652 case KM_TAG_ROLLBACK_RESISTANT:
653 bool_ptr = &record->rollback_resistant;
654 break;
655 case KM_TAG_ROLLBACK_RESISTANCE:
656 bool_ptr = &record->rollback_resistance;
657 break;
658 case KM_TAG_ALLOW_WHILE_ON_BODY:
659 bool_ptr = &record->allow_while_on_body;
660 break;
661 case KM_TAG_UNLOCKED_DEVICE_REQUIRED:
662 bool_ptr = &record->unlocked_device_required;
663 break;
664 case KM_TAG_CALLER_NONCE:
665 bool_ptr = &record->caller_nonce;
666 break;
667 case KM_TAG_TRUSTED_CONFIRMATION_REQUIRED:
668 bool_ptr = &record->trusted_confirmation_required;
669 break;
670 case KM_TAG_EARLY_BOOT_ONLY:
671 bool_ptr = &record->early_boot_only;
672 break;
673 case KM_TAG_DEVICE_UNIQUE_ATTESTATION:
674 bool_ptr = &record->device_unique_attestation;
675 break;
676 case KM_TAG_IDENTITY_CREDENTIAL_KEY:
677 bool_ptr = &record->identity_credential_key;
678 break;
679 case KM_TAG_TRUSTED_USER_PRESENCE_REQUIRED:
680 bool_ptr = &record->trusted_user_presence_required;
681 break;
682
683 /* Byte arrays*/
684 case KM_TAG_ATTESTATION_APPLICATION_ID:
685 string_ptr = &record->attestation_application_id;
686 break;
687 case KM_TAG_ATTESTATION_ID_BRAND:
688 string_ptr = &record->attestation_id_brand;
689 break;
690 case KM_TAG_ATTESTATION_ID_DEVICE:
691 string_ptr = &record->attestation_id_device;
692 break;
693 case KM_TAG_ATTESTATION_ID_PRODUCT:
694 string_ptr = &record->attestation_id_product;
695 break;
696 case KM_TAG_ATTESTATION_ID_SERIAL:
697 string_ptr = &record->attestation_id_serial;
698 break;
699 case KM_TAG_ATTESTATION_ID_IMEI:
700 string_ptr = &record->attestation_id_imei;
701 break;
702 case KM_TAG_ATTESTATION_ID_MEID:
703 string_ptr = &record->attestation_id_meid;
704 break;
705 case KM_TAG_ATTESTATION_ID_MANUFACTURER:
706 string_ptr = &record->attestation_id_manufacturer;
707 break;
708 case KM_TAG_ATTESTATION_ID_MODEL:
709 string_ptr = &record->attestation_id_model;
710 break;
711 }
712
713 keymaster_tag_type_t type = keymaster_tag_get_type(entry.tag);
714 switch (type) {
715 case KM_ENUM:
716 case KM_ENUM_REP:
717 case KM_UINT:
718 case KM_UINT_REP: {
719 ASSERT_OR_RETURN_ERROR((keymaster_tag_repeatable(entry.tag) && integer_set) ||
720 (!keymaster_tag_repeatable(entry.tag) && integer_ptr),
721 KM_ERROR_INVALID_TAG);
722
723 UniquePtr<ASN1_INTEGER, ASN1_INTEGER_Delete> value(ASN1_INTEGER_new());
724 if (!value.get()) {
725 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
726 }
727 if (!ASN1_INTEGER_set(value.get(), get_uint32_value(entry))) {
728 return TranslateLastOpenSslError();
729 }
730
731 insert_integer(value.release(), integer_ptr, integer_set);
732 break;
733 }
734
735 case KM_ULONG:
736 case KM_ULONG_REP:
737 case KM_DATE: {
738 ASSERT_OR_RETURN_ERROR((keymaster_tag_repeatable(entry.tag) && integer_set) ||
739 (!keymaster_tag_repeatable(entry.tag) && integer_ptr),
740 KM_ERROR_INVALID_TAG);
741
742 UniquePtr<BIGNUM, BIGNUM_Delete> bn_value(BN_new());
743 if (!bn_value.get()) {
744 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
745 }
746
747 if (type == KM_DATE) {
748 if (!BN_set_u64(bn_value.get(), entry.date_time)) {
749 return TranslateLastOpenSslError();
750 }
751 } else {
752 if (!BN_set_u64(bn_value.get(), entry.long_integer)) {
753 return TranslateLastOpenSslError();
754 }
755 }
756
757 UniquePtr<ASN1_INTEGER, ASN1_INTEGER_Delete> value(
758 BN_to_ASN1_INTEGER(bn_value.get(), nullptr));
759 if (!value.get()) {
760 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
761 }
762
763 insert_integer(value.release(), integer_ptr, integer_set);
764 break;
765 }
766
767 case KM_BOOL:
768 ASSERT_OR_RETURN_ERROR(bool_ptr, KM_ERROR_INVALID_TAG);
769 if (!*bool_ptr) *bool_ptr = ASN1_NULL_new();
770 if (!*bool_ptr) return KM_ERROR_MEMORY_ALLOCATION_FAILED;
771 break;
772
773 /* Byte arrays*/
774 case KM_BYTES:
775 ASSERT_OR_RETURN_ERROR(string_ptr, KM_ERROR_INVALID_TAG);
776 if (!*string_ptr) {
777 *string_ptr = ASN1_OCTET_STRING_new();
778 }
779 if (!*string_ptr) {
780 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
781 }
782 if (!ASN1_OCTET_STRING_set(*string_ptr, entry.blob.data, entry.blob.data_length)) {
783 return TranslateLastOpenSslError();
784 }
785 break;
786
787 default:
788 return KM_ERROR_UNIMPLEMENTED;
789 }
790 }
791
792 keymaster_ec_curve_t ec_curve;
793 uint32_t key_size;
794 if (auth_list.Contains(TAG_ALGORITHM, KM_ALGORITHM_EC) && //
795 !auth_list.Contains(TAG_EC_CURVE) && //
796 auth_list.GetTagValue(TAG_KEY_SIZE, &key_size)) {
797 // This must be a keymaster1 key. It's an EC key with no curve. Insert the curve.
798
799 keymaster_error_t error = EcKeySizeToCurve(key_size, &ec_curve);
800 if (error != KM_ERROR_OK) return error;
801
802 UniquePtr<ASN1_INTEGER, ASN1_INTEGER_Delete> value(ASN1_INTEGER_new());
803 if (!value.get()) {
804 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
805 }
806
807 if (!ASN1_INTEGER_set(value.get(), ec_curve)) {
808 return TranslateLastOpenSslError();
809 }
810
811 insert_integer(value.release(), &record->ec_curve, nullptr);
812 }
813
814 return KM_ERROR_OK;
815 }
816
817 // Construct a CBOR-encoded attestation record containing the values from sw_enforced
818 // and tee_enforced.
build_eat_record(const AuthorizationSet & attestation_params,AuthorizationSet sw_enforced,AuthorizationSet tee_enforced,const AttestationContext & context,std::vector<uint8_t> * eat_token)819 keymaster_error_t build_eat_record(const AuthorizationSet& attestation_params,
820 AuthorizationSet sw_enforced, AuthorizationSet tee_enforced,
821 const AttestationContext& context,
822 std::vector<uint8_t>* eat_token) {
823 ASSERT_OR_RETURN_ERROR(eat_token, KM_ERROR_UNEXPECTED_NULL_POINTER);
824
825 cppbor::Map eat_record;
826 switch (context.GetSecurityLevel()) {
827 case KM_SECURITY_LEVEL_SOFTWARE:
828 eat_record.add(EatClaim::SECURITY_LEVEL, get_uint32_value(EatSecurityLevel::UNRESTRICTED));
829 break;
830 case KM_SECURITY_LEVEL_TRUSTED_ENVIRONMENT:
831 eat_record.add(EatClaim::SECURITY_LEVEL,
832 get_uint32_value(EatSecurityLevel::SECURE_RESTRICTED));
833 break;
834 case KM_SECURITY_LEVEL_STRONGBOX:
835 eat_record.add(EatClaim::SECURITY_LEVEL, get_uint32_value(EatSecurityLevel::HARDWARE));
836 break;
837 default:
838 return KM_ERROR_UNKNOWN_ERROR;
839 }
840
841 keymaster_error_t error;
842 const AttestationContext::VerifiedBootParams* vb_params = context.GetVerifiedBootParams(&error);
843 if (error != KM_ERROR_OK) return error;
844
845 if (vb_params->verified_boot_key.data_length) {
846 eat_record.add(EatClaim::VERIFIED_BOOT_KEY, blob_to_bstr(vb_params->verified_boot_key));
847 }
848 if (vb_params->verified_boot_hash.data_length) {
849 eat_record.add(EatClaim::VERIFIED_BOOT_HASH, blob_to_bstr(vb_params->verified_boot_hash));
850 }
851 if (vb_params->device_locked) {
852 eat_record.add(EatClaim::DEVICE_LOCKED, vb_params->device_locked);
853 }
854
855 bool verified_or_self_signed = (vb_params->verified_boot_state == KM_VERIFIED_BOOT_VERIFIED ||
856 vb_params->verified_boot_state == KM_VERIFIED_BOOT_SELF_SIGNED);
857 auto eat_boot_state = cppbor::Array()
858 .add(verified_or_self_signed) // secure-boot-enabled
859 .add(verified_or_self_signed) // debug-disabled
860 .add(verified_or_self_signed) // debug-disabled-since-boot
861 .add(verified_or_self_signed) // debug-permanent-disable
862 .add(false); // debug-full-permanent-disable (no way to verify)
863 eat_record.add(EatClaim::BOOT_STATE, std::move(eat_boot_state));
864 eat_record.add(EatClaim::OFFICIAL_BUILD,
865 vb_params->verified_boot_state == KM_VERIFIED_BOOT_VERIFIED);
866
867 eat_record.add(EatClaim::ATTESTATION_VERSION,
868 version_to_attestation_version(context.GetKmVersion()));
869 eat_record.add(EatClaim::KEYMASTER_VERSION,
870 version_to_attestation_km_version(context.GetKmVersion()));
871
872 keymaster_blob_t attestation_challenge = {nullptr, 0};
873 if (!attestation_params.GetTagValue(TAG_ATTESTATION_CHALLENGE, &attestation_challenge)) {
874 return KM_ERROR_ATTESTATION_CHALLENGE_MISSING;
875 }
876
877 if (!is_valid_attestation_challenge(attestation_challenge)) {
878 return KM_ERROR_INVALID_INPUT_LENGTH;
879 }
880
881 eat_record.add(EatClaim::NONCE, blob_to_bstr(attestation_challenge));
882
883 keymaster_blob_t attestation_app_id;
884 if (!attestation_params.GetTagValue(TAG_ATTESTATION_APPLICATION_ID, &attestation_app_id)) {
885 return KM_ERROR_ATTESTATION_APPLICATION_ID_MISSING;
886 }
887 // TODO: what should happen when sw_enforced already contains TAG_ATTESTATION_APPLICATION_ID?
888 // (as is the case in android_keymaster_test.cpp). For now, we will ignore the provided one in
889 // attestation_params if that's the case.
890 keymaster_blob_t existing_app_id;
891 if (!sw_enforced.GetTagValue(TAG_ATTESTATION_APPLICATION_ID, &existing_app_id)) {
892 sw_enforced.push_back(TAG_ATTESTATION_APPLICATION_ID, attestation_app_id);
893 }
894
895 error = context.VerifyAndCopyDeviceIds(
896 attestation_params,
897 context.GetSecurityLevel() == KM_SECURITY_LEVEL_SOFTWARE ? &sw_enforced : &tee_enforced);
898 if (error == KM_ERROR_UNIMPLEMENTED) {
899 // The KeymasterContext implementation does not support device ID attestation. Bail out if
900 // device ID attestation is being attempted.
901 for (const auto& tag : kDeviceAttestationTags) {
902 if (attestation_params.find(tag) != -1) {
903 return KM_ERROR_CANNOT_ATTEST_IDS;
904 }
905 }
906 } else if (error != KM_ERROR_OK) {
907 return error;
908 }
909
910 if (attestation_params.Contains(TAG_DEVICE_UNIQUE_ATTESTATION) &&
911 context.GetSecurityLevel() == KM_SECURITY_LEVEL_STRONGBOX) {
912 eat_record.add(EatClaim::DEVICE_UNIQUE_ATTESTATION, true);
913 }
914
915 cppbor::Map software_submod;
916 error = build_eat_submod(sw_enforced, EatSecurityLevel::UNRESTRICTED, &software_submod);
917 if (error != KM_ERROR_OK) return error;
918
919 cppbor::Map tee_submod;
920 error = build_eat_submod(tee_enforced, EatSecurityLevel::SECURE_RESTRICTED, &tee_submod);
921 if (error != KM_ERROR_OK) return error;
922
923 if (software_submod.size() + tee_submod.size() > 0) {
924 cppbor::Map submods;
925 if (software_submod.size() > 0) {
926 submods.add(kEatSubmodNameSoftware, std::move(software_submod));
927 }
928 if (tee_submod.size() > 0) {
929 submods.add(kEatSubmodNameTee, std::move(tee_submod));
930 }
931
932 eat_record.add(EatClaim::SUBMODS, std::move(submods));
933 }
934
935 // Only check tee_enforced for TAG_INCLUDE_UNIQUE_ID. If we don't have hardware we can't
936 // generate unique IDs.
937 if (tee_enforced.GetTagValue(TAG_INCLUDE_UNIQUE_ID)) {
938 uint64_t creation_datetime;
939 // Only check sw_enforced for TAG_CREATION_DATETIME, since it shouldn't be in tee_enforced,
940 // since this implementation has no secure wall clock.
941 if (!sw_enforced.GetTagValue(TAG_CREATION_DATETIME, &creation_datetime)) {
942 LOG_E("Unique ID cannot be created without creation datetime", 0);
943 return KM_ERROR_INVALID_KEY_BLOB;
944 }
945
946 keymaster_blob_t application_id = {nullptr, 0};
947 sw_enforced.GetTagValue(TAG_APPLICATION_ID, &application_id);
948
949 Buffer unique_id = context.GenerateUniqueId(
950 creation_datetime, application_id,
951 attestation_params.GetTagValue(TAG_RESET_SINCE_ID_ROTATION), &error);
952 if (error != KM_ERROR_OK) return error;
953
954 eat_record.add(EatClaim::CTI,
955 cppbor::Bstr(std::pair(unique_id.begin(), unique_id.available_read())));
956 }
957
958 *eat_token = eat_record.encode();
959
960 return KM_ERROR_OK;
961 }
962
963 // Construct an ASN1.1 DER-encoded attestation record containing the values from sw_enforced and
964 // tee_enforced.
build_attestation_record(const AuthorizationSet & attestation_params,AuthorizationSet sw_enforced,AuthorizationSet tee_enforced,const AttestationContext & context,UniquePtr<uint8_t[]> * asn1_key_desc,size_t * asn1_key_desc_len)965 keymaster_error_t build_attestation_record(const AuthorizationSet& attestation_params, //
966 AuthorizationSet sw_enforced,
967 AuthorizationSet tee_enforced,
968 const AttestationContext& context,
969 UniquePtr<uint8_t[]>* asn1_key_desc,
970 size_t* asn1_key_desc_len) {
971 ASSERT_OR_RETURN_ERROR(asn1_key_desc && asn1_key_desc_len, KM_ERROR_UNEXPECTED_NULL_POINTER);
972
973 UniquePtr<KM_KEY_DESCRIPTION, KM_KEY_DESCRIPTION_Delete> key_desc(KM_KEY_DESCRIPTION_new());
974 if (!key_desc.get()) return KM_ERROR_MEMORY_ALLOCATION_FAILED;
975
976 KM_ROOT_OF_TRUST* root_of_trust = nullptr;
977 if (context.GetSecurityLevel() == KM_SECURITY_LEVEL_SOFTWARE) {
978 key_desc->software_enforced->root_of_trust = KM_ROOT_OF_TRUST_new();
979 root_of_trust = key_desc->software_enforced->root_of_trust;
980 } else {
981 key_desc->tee_enforced->root_of_trust = KM_ROOT_OF_TRUST_new();
982 root_of_trust = key_desc->tee_enforced->root_of_trust;
983 }
984
985 keymaster_error_t error;
986 auto vb_params = context.GetVerifiedBootParams(&error);
987 if (error != KM_ERROR_OK) return error;
988 if (vb_params->verified_boot_key.data_length &&
989 !ASN1_OCTET_STRING_set(root_of_trust->verified_boot_key, vb_params->verified_boot_key.data,
990 vb_params->verified_boot_key.data_length)) {
991 return TranslateLastOpenSslError();
992 }
993 if (vb_params->verified_boot_hash.data_length &&
994 !ASN1_OCTET_STRING_set(root_of_trust->verified_boot_hash,
995 vb_params->verified_boot_hash.data,
996 vb_params->verified_boot_hash.data_length)) {
997 return TranslateLastOpenSslError();
998 }
999
1000 root_of_trust->device_locked = vb_params->device_locked ? 0xFF : 0x00;
1001 if (!ASN1_ENUMERATED_set(root_of_trust->verified_boot_state, vb_params->verified_boot_state)) {
1002 return TranslateLastOpenSslError();
1003 }
1004
1005 if (!ASN1_INTEGER_set(key_desc->attestation_version,
1006 version_to_attestation_version(context.GetKmVersion())) ||
1007 !ASN1_ENUMERATED_set(key_desc->attestation_security_level, context.GetSecurityLevel()) ||
1008 !ASN1_INTEGER_set(key_desc->keymaster_version,
1009 version_to_attestation_km_version(context.GetKmVersion())) ||
1010 !ASN1_ENUMERATED_set(key_desc->keymaster_security_level, context.GetSecurityLevel())) {
1011 return TranslateLastOpenSslError();
1012 }
1013
1014 keymaster_blob_t attestation_challenge = {nullptr, 0};
1015 if (!attestation_params.GetTagValue(TAG_ATTESTATION_CHALLENGE, &attestation_challenge)) {
1016 return KM_ERROR_ATTESTATION_CHALLENGE_MISSING;
1017 }
1018
1019 if (!is_valid_attestation_challenge(attestation_challenge)) {
1020 return KM_ERROR_INVALID_INPUT_LENGTH;
1021 }
1022
1023 if (!ASN1_OCTET_STRING_set(key_desc->attestation_challenge, attestation_challenge.data,
1024 attestation_challenge.data_length)) {
1025 return TranslateLastOpenSslError();
1026 }
1027
1028 keymaster_blob_t attestation_app_id;
1029 if (!attestation_params.GetTagValue(TAG_ATTESTATION_APPLICATION_ID, &attestation_app_id)) {
1030 return KM_ERROR_ATTESTATION_APPLICATION_ID_MISSING;
1031 }
1032 sw_enforced.push_back(TAG_ATTESTATION_APPLICATION_ID, attestation_app_id);
1033
1034 error = context.VerifyAndCopyDeviceIds(
1035 attestation_params,
1036 context.GetSecurityLevel() == KM_SECURITY_LEVEL_SOFTWARE ? &sw_enforced : &tee_enforced);
1037 if (error == KM_ERROR_UNIMPLEMENTED) {
1038 // The KeymasterContext implementation does not support device ID attestation. Bail out if
1039 // device ID attestation is being attempted.
1040 for (const auto& tag : kDeviceAttestationTags) {
1041 if (attestation_params.find(tag) != -1) {
1042 return KM_ERROR_CANNOT_ATTEST_IDS;
1043 }
1044 }
1045 } else if (error != KM_ERROR_OK) {
1046 return error;
1047 }
1048
1049 if (attestation_params.Contains(TAG_DEVICE_UNIQUE_ATTESTATION) &&
1050 context.GetSecurityLevel() == KM_SECURITY_LEVEL_STRONGBOX) {
1051 tee_enforced.push_back(TAG_DEVICE_UNIQUE_ATTESTATION);
1052 };
1053
1054 error = build_auth_list(sw_enforced, key_desc->software_enforced);
1055 if (error != KM_ERROR_OK) return error;
1056
1057 error = build_auth_list(tee_enforced, key_desc->tee_enforced);
1058 if (error != KM_ERROR_OK) return error;
1059
1060 // Only check tee_enforced for TAG_INCLUDE_UNIQUE_ID. If we don't have hardware we can't
1061 // generate unique IDs.
1062 if (tee_enforced.GetTagValue(TAG_INCLUDE_UNIQUE_ID)) {
1063 uint64_t creation_datetime;
1064 // Only check sw_enforced for TAG_CREATION_DATETIME, since it shouldn't be in tee_enforced,
1065 // since this implementation has no secure wall clock.
1066 if (!sw_enforced.GetTagValue(TAG_CREATION_DATETIME, &creation_datetime)) {
1067 LOG_E("Unique ID cannot be created without creation datetime", 0);
1068 return KM_ERROR_INVALID_KEY_BLOB;
1069 }
1070
1071 keymaster_blob_t application_id = {nullptr, 0};
1072 sw_enforced.GetTagValue(TAG_APPLICATION_ID, &application_id);
1073
1074 Buffer unique_id = context.GenerateUniqueId(
1075 creation_datetime, application_id,
1076 attestation_params.GetTagValue(TAG_RESET_SINCE_ID_ROTATION), &error);
1077 if (error != KM_ERROR_OK) return error;
1078
1079 key_desc->unique_id = ASN1_OCTET_STRING_new();
1080 if (!key_desc->unique_id ||
1081 !ASN1_OCTET_STRING_set(key_desc->unique_id, unique_id.peek_read(),
1082 unique_id.available_read()))
1083 return TranslateLastOpenSslError();
1084 }
1085
1086 int len = i2d_KM_KEY_DESCRIPTION(key_desc.get(), nullptr);
1087 if (len < 0) return TranslateLastOpenSslError();
1088 *asn1_key_desc_len = len;
1089 asn1_key_desc->reset(new (std::nothrow) uint8_t[*asn1_key_desc_len]);
1090 if (!asn1_key_desc->get()) return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1091 uint8_t* p = asn1_key_desc->get();
1092 len = i2d_KM_KEY_DESCRIPTION(key_desc.get(), &p);
1093 if (len < 0) return TranslateLastOpenSslError();
1094
1095 return KM_ERROR_OK;
1096 }
1097
1098 // Copy all enumerated values with the specified tag from stack to auth_list.
get_repeated_enums(const ASN1_INTEGER_SET * stack,keymaster_tag_t tag,AuthorizationSet * auth_list)1099 static bool get_repeated_enums(const ASN1_INTEGER_SET* stack, keymaster_tag_t tag,
1100 AuthorizationSet* auth_list) {
1101 ASSERT_OR_RETURN_ERROR(keymaster_tag_get_type(tag) == KM_ENUM_REP, KM_ERROR_INVALID_TAG);
1102 for (size_t i = 0; i < sk_ASN1_INTEGER_num(stack); ++i) {
1103 if (!auth_list->push_back(
1104 keymaster_param_enum(tag, ASN1_INTEGER_get(sk_ASN1_INTEGER_value(stack, i)))))
1105 return false;
1106 }
1107 return true;
1108 }
1109
1110 // Add the specified integer tag/value pair to auth_list.
1111 template <keymaster_tag_type_t Type, keymaster_tag_t Tag, typename KeymasterEnum>
get_enum(const ASN1_INTEGER * asn1_int,TypedEnumTag<Type,Tag,KeymasterEnum> tag,AuthorizationSet * auth_list)1112 static bool get_enum(const ASN1_INTEGER* asn1_int, TypedEnumTag<Type, Tag, KeymasterEnum> tag,
1113 AuthorizationSet* auth_list) {
1114 if (!asn1_int) return true;
1115 return auth_list->push_back(tag, static_cast<KeymasterEnum>(ASN1_INTEGER_get(asn1_int)));
1116 }
1117
1118 // Add the specified ulong tag/value pair to auth_list.
get_ulong(const ASN1_INTEGER * asn1_int,keymaster_tag_t tag,AuthorizationSet * auth_list)1119 static bool get_ulong(const ASN1_INTEGER* asn1_int, keymaster_tag_t tag,
1120 AuthorizationSet* auth_list) {
1121 if (!asn1_int) return true;
1122 UniquePtr<BIGNUM, BIGNUM_Delete> bn(ASN1_INTEGER_to_BN(asn1_int, nullptr));
1123 if (!bn.get()) return false;
1124 uint64_t ulong = 0;
1125 BN_get_u64(bn.get(), &ulong);
1126 return auth_list->push_back(keymaster_param_long(tag, ulong));
1127 }
1128
1129 // Extract the values from the specified ASN.1 record and place them in auth_list.
extract_auth_list(const KM_AUTH_LIST * record,AuthorizationSet * auth_list)1130 keymaster_error_t extract_auth_list(const KM_AUTH_LIST* record, AuthorizationSet* auth_list) {
1131 if (!record) return KM_ERROR_OK;
1132
1133 // Purpose
1134 if (!get_repeated_enums(record->purpose, TAG_PURPOSE, auth_list)) {
1135 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1136 }
1137
1138 // Algorithm
1139 if (!get_enum(record->algorithm, TAG_ALGORITHM, auth_list)) {
1140 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1141 }
1142
1143 // Key size
1144 if (record->key_size &&
1145 !auth_list->push_back(TAG_KEY_SIZE, ASN1_INTEGER_get(record->key_size))) {
1146 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1147 }
1148
1149 // Block mode
1150 if (!get_repeated_enums(record->block_mode, TAG_BLOCK_MODE, auth_list)) {
1151 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1152 }
1153
1154 // Digest
1155 if (!get_repeated_enums(record->digest, TAG_DIGEST, auth_list)) {
1156 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1157 }
1158
1159 // Padding
1160 if (!get_repeated_enums(record->padding, TAG_PADDING, auth_list)) {
1161 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1162 }
1163
1164 // Caller nonce
1165 if (record->caller_nonce && !auth_list->push_back(TAG_CALLER_NONCE)) {
1166 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1167 }
1168
1169 // Min mac length
1170 if (!get_ulong(record->min_mac_length, TAG_MIN_MAC_LENGTH, auth_list)) {
1171 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1172 }
1173
1174 // EC curve
1175 if (!get_enum(record->ec_curve, TAG_EC_CURVE, auth_list)) {
1176 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1177 }
1178
1179 // RSA public exponent
1180 if (!get_ulong(record->rsa_public_exponent, TAG_RSA_PUBLIC_EXPONENT, auth_list)) {
1181 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1182 }
1183
1184 // Rsa Oaep Mgf Digest
1185 if (!get_repeated_enums(record->mgf_digest, TAG_RSA_OAEP_MGF_DIGEST, auth_list)) {
1186 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1187 }
1188
1189 // Rollback resistance
1190 if (record->rollback_resistance && !auth_list->push_back(TAG_ROLLBACK_RESISTANCE)) {
1191 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1192 }
1193
1194 // Early boot only
1195 if (record->early_boot_only && !auth_list->push_back(TAG_EARLY_BOOT_ONLY)) {
1196 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1197 }
1198
1199 // Active date time
1200 if (!get_ulong(record->active_date_time, TAG_ACTIVE_DATETIME, auth_list)) {
1201 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1202 }
1203
1204 // Origination expire date time
1205 if (!get_ulong(record->origination_expire_date_time, TAG_ORIGINATION_EXPIRE_DATETIME,
1206 auth_list)) {
1207 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1208 }
1209
1210 // Usage Expire date time
1211 if (!get_ulong(record->usage_expire_date_time, TAG_USAGE_EXPIRE_DATETIME, auth_list)) {
1212 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1213 }
1214
1215 // Usage count limit
1216 if (record->usage_count_limit &&
1217 !auth_list->push_back(TAG_USAGE_COUNT_LIMIT, ASN1_INTEGER_get(record->usage_count_limit))) {
1218 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1219 }
1220
1221 // No auth required
1222 if (record->no_auth_required && !auth_list->push_back(TAG_NO_AUTH_REQUIRED)) {
1223 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1224 }
1225
1226 // User auth type
1227 if (!get_enum(record->user_auth_type, TAG_USER_AUTH_TYPE, auth_list)) {
1228 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1229 }
1230
1231 // Auth timeout
1232 if (record->auth_timeout &&
1233 !auth_list->push_back(TAG_AUTH_TIMEOUT, ASN1_INTEGER_get(record->auth_timeout))) {
1234 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1235 }
1236
1237 // Allow while on body
1238 if (record->allow_while_on_body && !auth_list->push_back(TAG_ALLOW_WHILE_ON_BODY)) {
1239 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1240 }
1241
1242 // trusted user presence required
1243 if (record->trusted_user_presence_required &&
1244 !auth_list->push_back(TAG_TRUSTED_USER_PRESENCE_REQUIRED)) {
1245 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1246 }
1247
1248 // trusted confirmation required
1249 if (record->trusted_confirmation_required &&
1250 !auth_list->push_back(TAG_TRUSTED_CONFIRMATION_REQUIRED)) {
1251 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1252 }
1253
1254 // Unlocked device required
1255 if (record->unlocked_device_required && !auth_list->push_back(TAG_UNLOCKED_DEVICE_REQUIRED)) {
1256 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1257 }
1258
1259 // All applications
1260 if (record->all_applications && !auth_list->push_back(TAG_ALL_APPLICATIONS)) {
1261 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1262 }
1263
1264 // Application ID
1265 if (record->application_id &&
1266 !auth_list->push_back(TAG_APPLICATION_ID, record->application_id->data,
1267 record->application_id->length)) {
1268 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1269 }
1270
1271 // Creation date time
1272 if (!get_ulong(record->creation_date_time, TAG_CREATION_DATETIME, auth_list)) {
1273 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1274 }
1275
1276 // Origin
1277 if (!get_enum(record->origin, TAG_ORIGIN, auth_list)) {
1278 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1279 }
1280
1281 // Rollback resistant
1282 if (record->rollback_resistant && !auth_list->push_back(TAG_ROLLBACK_RESISTANT)) {
1283 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1284 }
1285
1286 // Root of trust
1287 if (record->root_of_trust) {
1288 KM_ROOT_OF_TRUST* rot = record->root_of_trust;
1289 if (!rot->verified_boot_key) return KM_ERROR_INVALID_KEY_BLOB;
1290
1291 // Other root of trust fields are not mapped to auth set entries.
1292 }
1293
1294 // OS Version
1295 if (record->os_version &&
1296 !auth_list->push_back(TAG_OS_VERSION, ASN1_INTEGER_get(record->os_version))) {
1297 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1298 }
1299
1300 // OS Patch level
1301 if (record->os_patchlevel &&
1302 !auth_list->push_back(TAG_OS_PATCHLEVEL, ASN1_INTEGER_get(record->os_patchlevel))) {
1303 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1304 }
1305
1306 // attestation application Id
1307 if (record->attestation_application_id &&
1308 !auth_list->push_back(TAG_ATTESTATION_APPLICATION_ID,
1309 record->attestation_application_id->data,
1310 record->attestation_application_id->length)) {
1311 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1312 }
1313
1314 // Brand name
1315 if (record->attestation_id_brand &&
1316 !auth_list->push_back(TAG_ATTESTATION_ID_BRAND, record->attestation_id_brand->data,
1317 record->attestation_id_brand->length)) {
1318 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1319 }
1320
1321 // Device name
1322 if (record->attestation_id_device &&
1323 !auth_list->push_back(TAG_ATTESTATION_ID_DEVICE, record->attestation_id_device->data,
1324 record->attestation_id_device->length)) {
1325 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1326 }
1327
1328 // Product name
1329 if (record->attestation_id_product &&
1330 !auth_list->push_back(TAG_ATTESTATION_ID_PRODUCT, record->attestation_id_product->data,
1331 record->attestation_id_product->length)) {
1332 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1333 }
1334
1335 // Serial number
1336 if (record->attestation_id_serial &&
1337 !auth_list->push_back(TAG_ATTESTATION_ID_SERIAL, record->attestation_id_serial->data,
1338 record->attestation_id_serial->length)) {
1339 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1340 }
1341
1342 // IMEI
1343 if (record->attestation_id_imei &&
1344 !auth_list->push_back(TAG_ATTESTATION_ID_IMEI, record->attestation_id_imei->data,
1345 record->attestation_id_imei->length)) {
1346 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1347 }
1348
1349 // MEID
1350 if (record->attestation_id_meid &&
1351 !auth_list->push_back(TAG_ATTESTATION_ID_MEID, record->attestation_id_meid->data,
1352 record->attestation_id_meid->length)) {
1353 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1354 }
1355
1356 // Manufacturer name
1357 if (record->attestation_id_manufacturer &&
1358 !auth_list->push_back(TAG_ATTESTATION_ID_MANUFACTURER,
1359 record->attestation_id_manufacturer->data,
1360 record->attestation_id_manufacturer->length)) {
1361 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1362 }
1363
1364 // Model name
1365 if (record->attestation_id_model &&
1366 !auth_list->push_back(TAG_ATTESTATION_ID_MODEL, record->attestation_id_model->data,
1367 record->attestation_id_model->length)) {
1368 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1369 }
1370
1371 // vendor patch level
1372 if (record->vendor_patchlevel &&
1373 !auth_list->push_back(TAG_VENDOR_PATCHLEVEL, ASN1_INTEGER_get(record->vendor_patchlevel))) {
1374 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1375 }
1376
1377 // boot patch level
1378 if (record->boot_patch_level &&
1379 !auth_list->push_back(TAG_BOOT_PATCHLEVEL, ASN1_INTEGER_get(record->boot_patch_level))) {
1380 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1381 }
1382
1383 // device unique attestation
1384 if (record->device_unique_attestation && !auth_list->push_back(TAG_DEVICE_UNIQUE_ATTESTATION)) {
1385 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1386 }
1387
1388 // identity credential key
1389 if (record->identity_credential_key && !auth_list->push_back(TAG_IDENTITY_CREDENTIAL_KEY)) {
1390 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1391 }
1392
1393 return KM_ERROR_OK;
1394 }
1395
1396 // Parse the DER-encoded attestation record, placing the results in keymaster_version,
1397 // attestation_challenge, software_enforced, tee_enforced and unique_id.
parse_attestation_record(const uint8_t * asn1_key_desc,size_t asn1_key_desc_len,uint32_t * attestation_version,keymaster_security_level_t * attestation_security_level,uint32_t * keymaster_version,keymaster_security_level_t * keymaster_security_level,keymaster_blob_t * attestation_challenge,AuthorizationSet * software_enforced,AuthorizationSet * tee_enforced,keymaster_blob_t * unique_id)1398 keymaster_error_t parse_attestation_record(const uint8_t* asn1_key_desc, size_t asn1_key_desc_len,
1399 uint32_t* attestation_version, //
1400 keymaster_security_level_t* attestation_security_level,
1401 uint32_t* keymaster_version,
1402 keymaster_security_level_t* keymaster_security_level,
1403 keymaster_blob_t* attestation_challenge,
1404 AuthorizationSet* software_enforced,
1405 AuthorizationSet* tee_enforced,
1406 keymaster_blob_t* unique_id) {
1407 const uint8_t* p = asn1_key_desc;
1408 UniquePtr<KM_KEY_DESCRIPTION, KM_KEY_DESCRIPTION_Delete> record(
1409 d2i_KM_KEY_DESCRIPTION(nullptr, &p, asn1_key_desc_len));
1410 if (!record.get()) return TranslateLastOpenSslError();
1411
1412 *attestation_version = ASN1_INTEGER_get(record->attestation_version);
1413 *attestation_security_level = static_cast<keymaster_security_level_t>(
1414 ASN1_ENUMERATED_get(record->attestation_security_level));
1415 *keymaster_version = ASN1_INTEGER_get(record->keymaster_version);
1416 *keymaster_security_level = static_cast<keymaster_security_level_t>(
1417 ASN1_ENUMERATED_get(record->keymaster_security_level));
1418
1419 attestation_challenge->data =
1420 dup_buffer(record->attestation_challenge->data, record->attestation_challenge->length);
1421 attestation_challenge->data_length = record->attestation_challenge->length;
1422
1423 unique_id->data = dup_buffer(record->unique_id->data, record->unique_id->length);
1424 unique_id->data_length = record->unique_id->length;
1425
1426 keymaster_error_t error = extract_auth_list(record->software_enforced, software_enforced);
1427 if (error != KM_ERROR_OK) return error;
1428
1429 return extract_auth_list(record->tee_enforced, tee_enforced);
1430 }
1431
parse_root_of_trust(const uint8_t * asn1_key_desc,size_t asn1_key_desc_len,keymaster_blob_t * verified_boot_key,keymaster_verified_boot_t * verified_boot_state,bool * device_locked)1432 keymaster_error_t parse_root_of_trust(const uint8_t* asn1_key_desc, size_t asn1_key_desc_len,
1433 keymaster_blob_t* verified_boot_key,
1434 keymaster_verified_boot_t* verified_boot_state,
1435 bool* device_locked) {
1436 const uint8_t* p = asn1_key_desc;
1437 UniquePtr<KM_KEY_DESCRIPTION, KM_KEY_DESCRIPTION_Delete> record(
1438 d2i_KM_KEY_DESCRIPTION(nullptr, &p, asn1_key_desc_len));
1439 if (!record.get()) {
1440 return TranslateLastOpenSslError();
1441 }
1442 if (!record->tee_enforced) {
1443 return KM_ERROR_INVALID_ARGUMENT;
1444 }
1445 if (!record->tee_enforced->root_of_trust) {
1446 return KM_ERROR_INVALID_ARGUMENT;
1447 }
1448 if (!record->tee_enforced->root_of_trust->verified_boot_key) {
1449 return KM_ERROR_INVALID_ARGUMENT;
1450 }
1451 KM_ROOT_OF_TRUST* root_of_trust = record->tee_enforced->root_of_trust;
1452 verified_boot_key->data = dup_buffer(root_of_trust->verified_boot_key->data,
1453 root_of_trust->verified_boot_key->length);
1454 verified_boot_key->data_length = root_of_trust->verified_boot_key->length;
1455 *verified_boot_state = static_cast<keymaster_verified_boot_t>(
1456 ASN1_ENUMERATED_get(root_of_trust->verified_boot_state));
1457 *device_locked = root_of_trust->device_locked;
1458 return KM_ERROR_OK;
1459 }
1460
1461 // Parse the EAT-encoded attestation record, placing the results in keymaster_version,
1462 // attestation_challenge, software_enforced, tee_enforced and unique_id.
parse_eat_record(const uint8_t * eat_key_desc,size_t eat_key_desc_len,uint32_t * attestation_version,keymaster_security_level_t * attestation_security_level,uint32_t * keymaster_version,keymaster_security_level_t * keymaster_security_level,keymaster_blob_t * attestation_challenge,AuthorizationSet * software_enforced,AuthorizationSet * tee_enforced,keymaster_blob_t * unique_id,keymaster_blob_t * verified_boot_key,keymaster_verified_boot_t * verified_boot_state,bool * device_locked,std::vector<int64_t> * unexpected_claims)1463 keymaster_error_t parse_eat_record(
1464 const uint8_t* eat_key_desc, size_t eat_key_desc_len, uint32_t* attestation_version,
1465 keymaster_security_level_t* attestation_security_level, uint32_t* keymaster_version,
1466 keymaster_security_level_t* keymaster_security_level, keymaster_blob_t* attestation_challenge,
1467 AuthorizationSet* software_enforced, AuthorizationSet* tee_enforced,
1468 keymaster_blob_t* unique_id, keymaster_blob_t* verified_boot_key,
1469 keymaster_verified_boot_t* verified_boot_state, bool* device_locked,
1470 std::vector<int64_t>* unexpected_claims) {
1471 auto [top_level_item, next_pos, error] = cppbor::parse(eat_key_desc, eat_key_desc_len);
1472 ASSERT_OR_RETURN_ERROR(top_level_item, KM_ERROR_INVALID_TAG);
1473 const cppbor::Map* eat_map = top_level_item->asMap();
1474 ASSERT_OR_RETURN_ERROR(eat_map, KM_ERROR_INVALID_TAG);
1475 bool verified_or_self_signed = false;
1476
1477 for (size_t i = 0; i < eat_map->size(); i++) {
1478 auto& [key_item, value_item] = (*eat_map)[i];
1479 const cppbor::Int* key = key_item->asInt();
1480 ASSERT_OR_RETURN_ERROR(key, (KM_ERROR_INVALID_TAG));
1481
1482 // The following values will either hold the typed value, or be null (if not the right
1483 // type).
1484 const cppbor::Int* int_value = value_item->asInt();
1485 const cppbor::Bstr* bstr_value = value_item->asBstr();
1486 const cppbor::Simple* simple_value = value_item->asSimple();
1487 const cppbor::Array* array_value = value_item->asArray();
1488 const cppbor::Map* map_value = value_item->asMap();
1489
1490 keymaster_error_t error;
1491 switch ((EatClaim)key->value()) {
1492 default:
1493 unexpected_claims->push_back(key->value());
1494 break;
1495 case EatClaim::ATTESTATION_VERSION:
1496 ASSERT_OR_RETURN_ERROR(int_value, KM_ERROR_INVALID_TAG);
1497 *attestation_version = int_value->value();
1498 break;
1499 case EatClaim::SECURITY_LEVEL:
1500 ASSERT_OR_RETURN_ERROR(int_value, KM_ERROR_INVALID_TAG);
1501 switch ((EatSecurityLevel)int_value->value()) {
1502 // TODO: Is my assumption correct that the security level of the attestation data should
1503 // always be equal to the security level of keymint, as the attestation data always
1504 // lives in the top-level module?
1505 case EatSecurityLevel::UNRESTRICTED:
1506 *keymaster_security_level = *attestation_security_level =
1507 KM_SECURITY_LEVEL_SOFTWARE;
1508 break;
1509 case EatSecurityLevel::SECURE_RESTRICTED:
1510 *keymaster_security_level = *attestation_security_level =
1511 KM_SECURITY_LEVEL_TRUSTED_ENVIRONMENT;
1512 break;
1513 case EatSecurityLevel::HARDWARE:
1514 *keymaster_security_level = *attestation_security_level =
1515 KM_SECURITY_LEVEL_STRONGBOX;
1516 break;
1517 default:
1518 return KM_ERROR_INVALID_TAG;
1519 }
1520 break;
1521 case EatClaim::KEYMASTER_VERSION:
1522 ASSERT_OR_RETURN_ERROR(int_value, KM_ERROR_INVALID_TAG);
1523 *keymaster_version = int_value->value();
1524 break;
1525 case EatClaim::SUBMODS:
1526 ASSERT_OR_RETURN_ERROR(map_value, KM_ERROR_INVALID_TAG);
1527 for (size_t j = 0; j < map_value->size(); j++) {
1528 auto& [submod_key, submod_value] = (*map_value)[j];
1529 const cppbor::Map* submod_map = submod_value->asMap();
1530 ASSERT_OR_RETURN_ERROR(submod_map, KM_ERROR_INVALID_TAG);
1531 error = parse_eat_submod(submod_map, software_enforced, tee_enforced);
1532 if (error != KM_ERROR_OK) return error;
1533 }
1534 break;
1535 case EatClaim::CTI:
1536 error = bstr_to_blob(bstr_value, unique_id);
1537 if (error != KM_ERROR_OK) return error;
1538 break;
1539 case EatClaim::NONCE:
1540 error = bstr_to_blob(bstr_value, attestation_challenge);
1541 if (error != KM_ERROR_OK) return error;
1542 break;
1543 case EatClaim::VERIFIED_BOOT_KEY:
1544 error = bstr_to_blob(bstr_value, verified_boot_key);
1545 if (error != KM_ERROR_OK) return error;
1546 break;
1547 case EatClaim::VERIFIED_BOOT_HASH:
1548 // Not parsing this for now.
1549 break;
1550 case EatClaim::DEVICE_UNIQUE_ATTESTATION:
1551 if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1552 return KM_ERROR_INVALID_TAG;
1553 }
1554 // Not parsing this for now.
1555 break;
1556 case EatClaim::DEVICE_LOCKED:
1557 ASSERT_OR_RETURN_ERROR(simple_value->asBool(), KM_ERROR_INVALID_TAG);
1558 *device_locked = simple_value->asBool()->value();
1559 break;
1560 case EatClaim::BOOT_STATE:
1561 ASSERT_OR_RETURN_ERROR(array_value, KM_ERROR_INVALID_TAG);
1562 ASSERT_OR_RETURN_ERROR(array_value->size() == 5, KM_ERROR_INVALID_TAG);
1563 ASSERT_OR_RETURN_ERROR((*array_value)[4]->asSimple()->asBool()->value() == false,
1564 KM_ERROR_INVALID_TAG);
1565 verified_or_self_signed = (*array_value)[0]->asSimple()->asBool()->value();
1566 ASSERT_OR_RETURN_ERROR(verified_or_self_signed ==
1567 (*array_value)[1]->asSimple()->asBool()->value(),
1568 KM_ERROR_INVALID_TAG);
1569 ASSERT_OR_RETURN_ERROR(verified_or_self_signed ==
1570 (*array_value)[2]->asSimple()->asBool()->value(),
1571 KM_ERROR_INVALID_TAG);
1572 ASSERT_OR_RETURN_ERROR(verified_or_self_signed ==
1573 (*array_value)[3]->asSimple()->asBool()->value(),
1574 KM_ERROR_INVALID_TAG);
1575 break;
1576 case EatClaim::OFFICIAL_BUILD:
1577 *verified_boot_state = KM_VERIFIED_BOOT_VERIFIED;
1578 break;
1579 }
1580 }
1581
1582 if (*verified_boot_state == KM_VERIFIED_BOOT_VERIFIED) {
1583 (void)(verified_boot_state);
1584 // TODO: re-enable this
1585 // ASSERT_OR_RETURN_ERROR(verified_or_self_signed, KM_ERROR_INVALID_TAG);
1586 } else {
1587 *verified_boot_state =
1588 verified_or_self_signed ? KM_VERIFIED_BOOT_SELF_SIGNED : KM_VERIFIED_BOOT_UNVERIFIED;
1589 }
1590
1591 return KM_ERROR_OK;
1592 }
1593
parse_submod_values(AuthorizationSetBuilder * set_builder,int * auth_set_security_level,const cppbor::Map * submod_map)1594 keymaster_error_t parse_submod_values(AuthorizationSetBuilder* set_builder,
1595 int* auth_set_security_level, const cppbor::Map* submod_map) {
1596 ASSERT_OR_RETURN_ERROR(set_builder, KM_ERROR_UNEXPECTED_NULL_POINTER);
1597 for (size_t i = 0; i < submod_map->size(); i++) {
1598 auto& [key_item, value_item] = (*submod_map)[i];
1599 const cppbor::Int* key_int = key_item->asInt();
1600 ASSERT_OR_RETURN_ERROR(key_int, KM_ERROR_INVALID_TAG);
1601 int key = key_int->value();
1602 keymaster_error_t error;
1603 keymaster_blob_t blob;
1604
1605 switch ((EatClaim)key) {
1606 default:
1607 return KM_ERROR_INVALID_TAG;
1608 case EatClaim::ALGORITHM:
1609 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1610 set_builder->Authorization(
1611 TAG_ALGORITHM, static_cast<keymaster_algorithm_t>(value_item->asInt()->value()));
1612 break;
1613 case EatClaim::EC_CURVE:
1614 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1615 set_builder->Authorization(
1616 TAG_EC_CURVE, static_cast<keymaster_ec_curve_t>(value_item->asInt()->value()));
1617 break;
1618 case EatClaim::USER_AUTH_TYPE:
1619 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1620 set_builder->Authorization(TAG_USER_AUTH_TYPE, static_cast<hw_authenticator_type_t>(
1621 value_item->asInt()->value()));
1622 break;
1623 case EatClaim::ORIGIN:
1624 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1625 set_builder->Authorization(
1626 TAG_ORIGIN, static_cast<keymaster_key_origin_t>(value_item->asInt()->value()));
1627 break;
1628 case EatClaim::PURPOSE:
1629 for (size_t j = 0; j < value_item->asArray()->size(); j++) {
1630 set_builder->Authorization(TAG_PURPOSE,
1631 static_cast<keymaster_purpose_t>(
1632 (*value_item->asArray())[j]->asInt()->value()));
1633 }
1634 break;
1635 case EatClaim::PADDING:
1636 for (size_t j = 0; j < value_item->asArray()->size(); j++) {
1637 set_builder->Authorization(TAG_PADDING,
1638 static_cast<keymaster_padding_t>(
1639 (*value_item->asArray())[j]->asInt()->value()));
1640 }
1641 break;
1642 case EatClaim::DIGEST:
1643 for (size_t j = 0; j < value_item->asArray()->size(); j++) {
1644 set_builder->Authorization(
1645 TAG_DIGEST,
1646 static_cast<keymaster_digest_t>((*value_item->asArray())[j]->asInt()->value()));
1647 }
1648 break;
1649 case EatClaim::BLOCK_MODE:
1650 for (size_t j = 0; j < value_item->asArray()->size(); j++) {
1651 set_builder->Authorization(TAG_BLOCK_MODE,
1652 static_cast<keymaster_block_mode_t>(
1653 (*value_item->asArray())[j]->asInt()->value()));
1654 }
1655 break;
1656 case EatClaim::KEY_SIZE:
1657 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1658 set_builder->Authorization(TAG_KEY_SIZE, value_item->asInt()->value());
1659 break;
1660 case EatClaim::AUTH_TIMEOUT:
1661 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1662 set_builder->Authorization(TAG_AUTH_TIMEOUT, value_item->asInt()->value());
1663 break;
1664 case EatClaim::OS_VERSION:
1665 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1666 set_builder->Authorization(TAG_OS_VERSION, value_item->asInt()->value());
1667 break;
1668 case EatClaim::OS_PATCHLEVEL:
1669 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1670 set_builder->Authorization(TAG_OS_PATCHLEVEL, value_item->asInt()->value());
1671 break;
1672 case EatClaim::MIN_MAC_LENGTH:
1673 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1674 set_builder->Authorization(TAG_MIN_MAC_LENGTH, value_item->asInt()->value());
1675 break;
1676 case EatClaim::BOOT_PATCHLEVEL:
1677 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1678 set_builder->Authorization(TAG_BOOT_PATCHLEVEL, value_item->asInt()->value());
1679 break;
1680 case EatClaim::VENDOR_PATCHLEVEL:
1681 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1682 set_builder->Authorization(TAG_VENDOR_PATCHLEVEL, value_item->asInt()->value());
1683 break;
1684 case EatClaim::RSA_PUBLIC_EXPONENT:
1685 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1686 set_builder->Authorization(TAG_RSA_PUBLIC_EXPONENT, value_item->asInt()->value());
1687 break;
1688 case EatClaim::ACTIVE_DATETIME:
1689 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1690 set_builder->Authorization(TAG_ACTIVE_DATETIME, value_item->asInt()->value());
1691 break;
1692 case EatClaim::ORIGINATION_EXPIRE_DATETIME:
1693 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1694 set_builder->Authorization(TAG_ORIGINATION_EXPIRE_DATETIME,
1695 value_item->asInt()->value());
1696 break;
1697 case EatClaim::USAGE_EXPIRE_DATETIME:
1698 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1699 set_builder->Authorization(TAG_USAGE_EXPIRE_DATETIME, value_item->asInt()->value());
1700 break;
1701 case EatClaim::IAT:
1702 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1703 set_builder->Authorization(TAG_CREATION_DATETIME, value_item->asInt()->value());
1704 break;
1705 case EatClaim::NO_AUTH_REQUIRED:
1706 if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1707 return KM_ERROR_INVALID_TAG;
1708 }
1709 set_builder->Authorization(TAG_NO_AUTH_REQUIRED);
1710 break;
1711 case EatClaim::ALL_APPLICATIONS:
1712 if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1713 return KM_ERROR_INVALID_TAG;
1714 }
1715 set_builder->Authorization(TAG_ALL_APPLICATIONS);
1716 break;
1717 case EatClaim::ROLLBACK_RESISTANT:
1718 if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1719 return KM_ERROR_INVALID_TAG;
1720 }
1721 set_builder->Authorization(TAG_ROLLBACK_RESISTANT);
1722 break;
1723 case EatClaim::ALLOW_WHILE_ON_BODY:
1724 if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1725 return KM_ERROR_INVALID_TAG;
1726 }
1727 set_builder->Authorization(TAG_ALLOW_WHILE_ON_BODY);
1728 break;
1729 case EatClaim::UNLOCKED_DEVICE_REQUIRED:
1730 if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1731 return KM_ERROR_INVALID_TAG;
1732 }
1733 set_builder->Authorization(TAG_UNLOCKED_DEVICE_REQUIRED);
1734 break;
1735 case EatClaim::CALLER_NONCE:
1736 if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1737 return KM_ERROR_INVALID_TAG;
1738 }
1739 set_builder->Authorization(TAG_CALLER_NONCE);
1740 break;
1741 case EatClaim::TRUSTED_CONFIRMATION_REQUIRED:
1742 if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1743 return KM_ERROR_INVALID_TAG;
1744 }
1745 set_builder->Authorization(TAG_TRUSTED_CONFIRMATION_REQUIRED);
1746 break;
1747 case EatClaim::EARLY_BOOT_ONLY:
1748 if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1749 return KM_ERROR_INVALID_TAG;
1750 }
1751 set_builder->Authorization(TAG_EARLY_BOOT_ONLY);
1752 break;
1753 case EatClaim::IDENTITY_CREDENTIAL_KEY:
1754 if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1755 return KM_ERROR_INVALID_TAG;
1756 }
1757 set_builder->Authorization(TAG_IDENTITY_CREDENTIAL_KEY);
1758 break;
1759 case EatClaim::STORAGE_KEY:
1760 if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1761 return KM_ERROR_INVALID_TAG;
1762 }
1763 set_builder->Authorization(TAG_STORAGE_KEY);
1764 break;
1765 case EatClaim::TRUSTED_USER_PRESENCE_REQUIRED:
1766 if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1767 return KM_ERROR_INVALID_TAG;
1768 }
1769 set_builder->Authorization(TAG_TRUSTED_USER_PRESENCE_REQUIRED);
1770 break;
1771 case EatClaim::DEVICE_UNIQUE_ATTESTATION:
1772 if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1773 return KM_ERROR_INVALID_TAG;
1774 }
1775 set_builder->Authorization(TAG_DEVICE_UNIQUE_ATTESTATION);
1776 break;
1777 case EatClaim::APPLICATION_ID:
1778 error = bstr_to_blob(value_item->asBstr(), &blob);
1779 if (error != KM_ERROR_OK) return error;
1780 set_builder->Authorization(TAG_APPLICATION_ID, blob);
1781 break;
1782 case EatClaim::ATTESTATION_APPLICATION_ID:
1783 error = bstr_to_blob(value_item->asBstr(), &blob);
1784 if (error != KM_ERROR_OK) return error;
1785 set_builder->Authorization(TAG_ATTESTATION_APPLICATION_ID, blob);
1786 break;
1787 case EatClaim::ATTESTATION_ID_BRAND:
1788 error = bstr_to_blob(value_item->asBstr(), &blob);
1789 if (error != KM_ERROR_OK) return error;
1790 set_builder->Authorization(TAG_ATTESTATION_ID_BRAND, blob);
1791 break;
1792 case EatClaim::ATTESTATION_ID_DEVICE:
1793 error = bstr_to_blob(value_item->asBstr(), &blob);
1794 if (error != KM_ERROR_OK) return error;
1795 set_builder->Authorization(TAG_ATTESTATION_ID_DEVICE, blob);
1796 break;
1797 case EatClaim::ATTESTATION_ID_PRODUCT:
1798 error = bstr_to_blob(value_item->asBstr(), &blob);
1799 if (error != KM_ERROR_OK) return error;
1800 set_builder->Authorization(TAG_ATTESTATION_ID_PRODUCT, blob);
1801 break;
1802 case EatClaim::ATTESTATION_ID_SERIAL:
1803 error = bstr_to_blob(value_item->asBstr(), &blob);
1804 if (error != KM_ERROR_OK) return error;
1805 set_builder->Authorization(TAG_ATTESTATION_ID_SERIAL, blob);
1806 break;
1807 case EatClaim::UEID:
1808 error = ueid_to_imei_blob(value_item->asBstr(), &blob);
1809 if (error != KM_ERROR_OK) return error;
1810 set_builder->Authorization(TAG_ATTESTATION_ID_IMEI, blob);
1811 break;
1812 case EatClaim::ATTESTATION_ID_MEID:
1813 error = bstr_to_blob(value_item->asBstr(), &blob);
1814 if (error != KM_ERROR_OK) return error;
1815 set_builder->Authorization(TAG_ATTESTATION_ID_MEID, blob);
1816 break;
1817 case EatClaim::ATTESTATION_ID_MANUFACTURER:
1818 error = bstr_to_blob(value_item->asBstr(), &blob);
1819 if (error != KM_ERROR_OK) return error;
1820 set_builder->Authorization(TAG_ATTESTATION_ID_MANUFACTURER, blob);
1821 break;
1822 case EatClaim::ATTESTATION_ID_MODEL:
1823 error = bstr_to_blob(value_item->asBstr(), &blob);
1824 if (error != KM_ERROR_OK) return error;
1825 set_builder->Authorization(TAG_ATTESTATION_ID_MODEL, blob);
1826 break;
1827 case EatClaim::CONFIRMATION_TOKEN:
1828 error = bstr_to_blob(value_item->asBstr(), &blob);
1829 if (error != KM_ERROR_OK) return error;
1830 set_builder->Authorization(TAG_CONFIRMATION_TOKEN, blob);
1831 break;
1832 case EatClaim::SECURITY_LEVEL:
1833 ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1834 *auth_set_security_level = value_item->asInt()->value();
1835 }
1836 }
1837
1838 return KM_ERROR_OK;
1839 }
1840
parse_eat_submod(const cppbor::Map * submod_values,AuthorizationSet * software_enforced,AuthorizationSet * tee_enforced)1841 keymaster_error_t parse_eat_submod(const cppbor::Map* submod_values,
1842 AuthorizationSet* software_enforced,
1843 AuthorizationSet* tee_enforced) {
1844 AuthorizationSetBuilder auth_set_builder;
1845 int auth_set_security_level = 0;
1846 keymaster_error_t error =
1847 parse_submod_values(&auth_set_builder, &auth_set_security_level, submod_values);
1848 if (error) return error;
1849 switch ((EatSecurityLevel)auth_set_security_level) {
1850 case EatSecurityLevel::HARDWARE:
1851 // Hardware attestation should never occur in a submod of another EAT.
1852 [[fallthrough]];
1853 default:
1854 return KM_ERROR_INVALID_TAG;
1855 case EatSecurityLevel::UNRESTRICTED:
1856 *software_enforced = AuthorizationSet(auth_set_builder);
1857 break;
1858 case EatSecurityLevel::SECURE_RESTRICTED:
1859 *tee_enforced = AuthorizationSet(auth_set_builder);
1860 break;
1861 }
1862
1863 return KM_ERROR_OK;
1864 }
1865 } // namespace keymaster
1866