1 // Copyright 2020, The Android Open Source Project 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 //! This crate implements the IKeystoreSecurityLevel interface. 16 17 use crate::attestation_key_utils::{get_attest_key_info, AttestationKeyInfo}; 18 use crate::audit_log::{ 19 log_key_deleted, log_key_generated, log_key_imported, log_key_integrity_violation, 20 }; 21 use crate::database::{CertificateInfo, KeyIdGuard}; 22 use crate::error::{self, map_km_error, map_or_log_err, Error, ErrorCode}; 23 use crate::globals::{DB, ENFORCEMENTS, LEGACY_MIGRATOR, SUPER_KEY}; 24 use crate::key_parameter::KeyParameter as KsKeyParam; 25 use crate::key_parameter::KeyParameterValue as KsKeyParamValue; 26 use crate::metrics_store::log_key_creation_event_stats; 27 use crate::remote_provisioning::RemProvState; 28 use crate::super_key::{KeyBlob, SuperKeyManager}; 29 use crate::utils::{ 30 check_device_attestation_permissions, check_key_permission, is_device_id_attestation_tag, 31 key_characteristics_to_internal, uid_to_android_user, watchdog as wd, Asp, 32 }; 33 use crate::{ 34 database::{ 35 BlobMetaData, BlobMetaEntry, DateTime, KeyEntry, KeyEntryLoadBits, KeyMetaData, 36 KeyMetaEntry, KeyType, SubComponentType, Uuid, 37 }, 38 operation::KeystoreOperation, 39 operation::LoggingInfo, 40 operation::OperationDb, 41 permission::KeyPerm, 42 }; 43 use crate::{globals::get_keymint_device, id_rotation::IdRotationState}; 44 use android_hardware_security_keymint::aidl::android::hardware::security::keymint::{ 45 Algorithm::Algorithm, AttestationKey::AttestationKey, 46 HardwareAuthenticatorType::HardwareAuthenticatorType, IKeyMintDevice::IKeyMintDevice, 47 KeyCreationResult::KeyCreationResult, KeyFormat::KeyFormat, 48 KeyMintHardwareInfo::KeyMintHardwareInfo, KeyParameter::KeyParameter, 49 KeyParameterValue::KeyParameterValue, SecurityLevel::SecurityLevel, Tag::Tag, 50 }; 51 use android_hardware_security_keymint::binder::{BinderFeatures, Strong, ThreadState}; 52 use android_system_keystore2::aidl::android::system::keystore2::{ 53 AuthenticatorSpec::AuthenticatorSpec, CreateOperationResponse::CreateOperationResponse, 54 Domain::Domain, EphemeralStorageKeyResponse::EphemeralStorageKeyResponse, 55 IKeystoreOperation::IKeystoreOperation, IKeystoreSecurityLevel::BnKeystoreSecurityLevel, 56 IKeystoreSecurityLevel::IKeystoreSecurityLevel, KeyDescriptor::KeyDescriptor, 57 KeyMetadata::KeyMetadata, KeyParameters::KeyParameters, 58 }; 59 use anyhow::{anyhow, Context, Result}; 60 61 /// Implementation of the IKeystoreSecurityLevel Interface. 62 pub struct KeystoreSecurityLevel { 63 security_level: SecurityLevel, 64 keymint: Asp, 65 hw_info: KeyMintHardwareInfo, 66 km_uuid: Uuid, 67 operation_db: OperationDb, 68 rem_prov_state: RemProvState, 69 id_rotation_state: IdRotationState, 70 } 71 72 // Blob of 32 zeroes used as empty masking key. 73 static ZERO_BLOB_32: &[u8] = &[0; 32]; 74 75 // Per RFC 5280 4.1.2.5, an undefined expiration (not-after) field should be set to GeneralizedTime 76 // 999912312359559, which is 253402300799000 ms from Jan 1, 1970. 77 const UNDEFINED_NOT_AFTER: i64 = 253402300799000i64; 78 79 impl KeystoreSecurityLevel { 80 /// Creates a new security level instance wrapped in a 81 /// BnKeystoreSecurityLevel proxy object. It also enables 82 /// `BinderFeatures::set_requesting_sid` on the new interface, because 83 /// we need it for checking keystore permissions. new_native_binder( security_level: SecurityLevel, id_rotation_state: IdRotationState, ) -> Result<(Strong<dyn IKeystoreSecurityLevel>, Uuid)>84 pub fn new_native_binder( 85 security_level: SecurityLevel, 86 id_rotation_state: IdRotationState, 87 ) -> Result<(Strong<dyn IKeystoreSecurityLevel>, Uuid)> { 88 let (dev, hw_info, km_uuid) = get_keymint_device(&security_level) 89 .context("In KeystoreSecurityLevel::new_native_binder.")?; 90 let result = BnKeystoreSecurityLevel::new_binder( 91 Self { 92 security_level, 93 keymint: dev, 94 hw_info, 95 km_uuid, 96 operation_db: OperationDb::new(), 97 rem_prov_state: RemProvState::new(security_level, km_uuid), 98 id_rotation_state, 99 }, 100 BinderFeatures { set_requesting_sid: true, ..BinderFeatures::default() }, 101 ); 102 Ok((result, km_uuid)) 103 } 104 watch_millis(&self, id: &'static str, millis: u64) -> Option<wd::WatchPoint>105 fn watch_millis(&self, id: &'static str, millis: u64) -> Option<wd::WatchPoint> { 106 let sec_level = self.security_level; 107 wd::watch_millis_with(id, millis, move || format!("SecurityLevel {:?}", sec_level)) 108 } 109 store_new_key( &self, key: KeyDescriptor, creation_result: KeyCreationResult, user_id: u32, flags: Option<i32>, ) -> Result<KeyMetadata>110 fn store_new_key( 111 &self, 112 key: KeyDescriptor, 113 creation_result: KeyCreationResult, 114 user_id: u32, 115 flags: Option<i32>, 116 ) -> Result<KeyMetadata> { 117 let KeyCreationResult { 118 keyBlob: key_blob, 119 keyCharacteristics: key_characteristics, 120 certificateChain: mut certificate_chain, 121 } = creation_result; 122 123 let mut cert_info: CertificateInfo = CertificateInfo::new( 124 match certificate_chain.len() { 125 0 => None, 126 _ => Some(certificate_chain.remove(0).encodedCertificate), 127 }, 128 match certificate_chain.len() { 129 0 => None, 130 _ => Some( 131 certificate_chain 132 .iter() 133 .map(|c| c.encodedCertificate.iter()) 134 .flatten() 135 .copied() 136 .collect(), 137 ), 138 }, 139 ); 140 141 let mut key_parameters = key_characteristics_to_internal(key_characteristics); 142 143 key_parameters.push(KsKeyParam::new( 144 KsKeyParamValue::UserID(user_id as i32), 145 SecurityLevel::SOFTWARE, 146 )); 147 148 let creation_date = DateTime::now().context("Trying to make creation time.")?; 149 150 let key = match key.domain { 151 Domain::BLOB => KeyDescriptor { 152 domain: Domain::BLOB, 153 blob: Some(key_blob.to_vec()), 154 ..Default::default() 155 }, 156 _ => DB 157 .with::<_, Result<KeyDescriptor>>(|db| { 158 let mut db = db.borrow_mut(); 159 160 let (key_blob, mut blob_metadata) = SUPER_KEY 161 .handle_super_encryption_on_key_init( 162 &mut db, 163 &LEGACY_MIGRATOR, 164 &(key.domain), 165 &key_parameters, 166 flags, 167 user_id, 168 &key_blob, 169 ) 170 .context("In store_new_key. Failed to handle super encryption.")?; 171 172 let mut key_metadata = KeyMetaData::new(); 173 key_metadata.add(KeyMetaEntry::CreationDate(creation_date)); 174 blob_metadata.add(BlobMetaEntry::KmUuid(self.km_uuid)); 175 176 let key_id = db 177 .store_new_key( 178 &key, 179 KeyType::Client, 180 &key_parameters, 181 &(&key_blob, &blob_metadata), 182 &cert_info, 183 &key_metadata, 184 &self.km_uuid, 185 ) 186 .context("In store_new_key.")?; 187 Ok(KeyDescriptor { 188 domain: Domain::KEY_ID, 189 nspace: key_id.id(), 190 ..Default::default() 191 }) 192 }) 193 .context("In store_new_key.")?, 194 }; 195 196 Ok(KeyMetadata { 197 key, 198 keySecurityLevel: self.security_level, 199 certificate: cert_info.take_cert(), 200 certificateChain: cert_info.take_cert_chain(), 201 authorizations: crate::utils::key_parameters_to_authorizations(key_parameters), 202 modificationTimeMs: creation_date.to_millis_epoch(), 203 }) 204 } 205 create_operation( &self, key: &KeyDescriptor, operation_parameters: &[KeyParameter], forced: bool, ) -> Result<CreateOperationResponse>206 fn create_operation( 207 &self, 208 key: &KeyDescriptor, 209 operation_parameters: &[KeyParameter], 210 forced: bool, 211 ) -> Result<CreateOperationResponse> { 212 let caller_uid = ThreadState::get_calling_uid(); 213 // We use `scoping_blob` to extend the life cycle of the blob loaded from the database, 214 // so that we can use it by reference like the blob provided by the key descriptor. 215 // Otherwise, we would have to clone the blob from the key descriptor. 216 let scoping_blob: Vec<u8>; 217 let (km_blob, key_properties, key_id_guard, blob_metadata) = match key.domain { 218 Domain::BLOB => { 219 check_key_permission(KeyPerm::use_(), key, &None) 220 .context("In create_operation: checking use permission for Domain::BLOB.")?; 221 if forced { 222 check_key_permission(KeyPerm::req_forced_op(), key, &None).context( 223 "In create_operation: checking forced permission for Domain::BLOB.", 224 )?; 225 } 226 ( 227 match &key.blob { 228 Some(blob) => blob, 229 None => { 230 return Err(Error::sys()).context(concat!( 231 "In create_operation: Key blob must be specified when", 232 " using Domain::BLOB." 233 )) 234 } 235 }, 236 None, 237 None, 238 BlobMetaData::new(), 239 ) 240 } 241 _ => { 242 let (key_id_guard, mut key_entry) = DB 243 .with::<_, Result<(KeyIdGuard, KeyEntry)>>(|db| { 244 LEGACY_MIGRATOR.with_try_migrate(&key, caller_uid, || { 245 db.borrow_mut().load_key_entry( 246 &key, 247 KeyType::Client, 248 KeyEntryLoadBits::KM, 249 caller_uid, 250 |k, av| { 251 check_key_permission(KeyPerm::use_(), k, &av)?; 252 if forced { 253 check_key_permission(KeyPerm::req_forced_op(), k, &av)?; 254 } 255 Ok(()) 256 }, 257 ) 258 }) 259 }) 260 .context("In create_operation: Failed to load key blob.")?; 261 262 let (blob, blob_metadata) = 263 key_entry.take_key_blob_info().ok_or_else(Error::sys).context(concat!( 264 "In create_operation: Successfully loaded key entry, ", 265 "but KM blob was missing." 266 ))?; 267 scoping_blob = blob; 268 269 ( 270 &scoping_blob, 271 Some((key_id_guard.id(), key_entry.into_key_parameters())), 272 Some(key_id_guard), 273 blob_metadata, 274 ) 275 } 276 }; 277 278 let purpose = operation_parameters.iter().find(|p| p.tag == Tag::PURPOSE).map_or( 279 Err(Error::Km(ErrorCode::INVALID_ARGUMENT)) 280 .context("In create_operation: No operation purpose specified."), 281 |kp| match kp.value { 282 KeyParameterValue::KeyPurpose(p) => Ok(p), 283 _ => Err(Error::Km(ErrorCode::INVALID_ARGUMENT)) 284 .context("In create_operation: Malformed KeyParameter."), 285 }, 286 )?; 287 288 // Remove Tag::PURPOSE from the operation_parameters, since some keymaster devices return 289 // an error on begin() if Tag::PURPOSE is in the operation_parameters. 290 let op_params: Vec<KeyParameter> = 291 operation_parameters.iter().filter(|p| p.tag != Tag::PURPOSE).cloned().collect(); 292 let operation_parameters = op_params.as_slice(); 293 294 let (immediate_hat, mut auth_info) = ENFORCEMENTS 295 .authorize_create( 296 purpose, 297 key_properties.as_ref(), 298 operation_parameters.as_ref(), 299 self.hw_info.timestampTokenRequired, 300 ) 301 .context("In create_operation.")?; 302 303 let km_blob = SUPER_KEY 304 .unwrap_key_if_required(&blob_metadata, km_blob) 305 .context("In create_operation. Failed to handle super encryption.")?; 306 307 let km_dev: Strong<dyn IKeyMintDevice> = self 308 .keymint 309 .get_interface() 310 .context("In create_operation: Failed to get KeyMint device")?; 311 312 let (begin_result, upgraded_blob) = self 313 .upgrade_keyblob_if_required_with( 314 &*km_dev, 315 key_id_guard, 316 &km_blob, 317 &blob_metadata, 318 &operation_parameters, 319 |blob| loop { 320 match map_km_error({ 321 let _wp = self.watch_millis( 322 "In KeystoreSecurityLevel::create_operation: calling begin", 323 500, 324 ); 325 km_dev.begin(purpose, blob, &operation_parameters, immediate_hat.as_ref()) 326 }) { 327 Err(Error::Km(ErrorCode::TOO_MANY_OPERATIONS)) => { 328 self.operation_db.prune(caller_uid, forced)?; 329 continue; 330 } 331 v @ Err(Error::Km(ErrorCode::INVALID_KEY_BLOB)) => { 332 if let Some((key_id, _)) = key_properties { 333 if let Ok(Some(key)) = 334 DB.with(|db| db.borrow_mut().load_key_descriptor(key_id)) 335 { 336 log_key_integrity_violation(&key); 337 } else { 338 log::error!("Failed to load key descriptor for audit log"); 339 } 340 } 341 return v; 342 } 343 v => return v, 344 } 345 }, 346 ) 347 .context("In create_operation: Failed to begin operation.")?; 348 349 let operation_challenge = auth_info.finalize_create_authorization(begin_result.challenge); 350 351 let op_params: Vec<KeyParameter> = operation_parameters.to_vec(); 352 353 let operation = match begin_result.operation { 354 Some(km_op) => self.operation_db.create_operation( 355 km_op, 356 caller_uid, 357 auth_info, 358 forced, 359 LoggingInfo::new(self.security_level, purpose, op_params, upgraded_blob.is_some()), 360 ), 361 None => { 362 return Err(Error::sys()).context(concat!( 363 "In create_operation: Begin operation returned successfully, ", 364 "but did not return a valid operation." 365 )) 366 } 367 }; 368 369 let op_binder: binder::public_api::Strong<dyn IKeystoreOperation> = 370 KeystoreOperation::new_native_binder(operation) 371 .as_binder() 372 .into_interface() 373 .context("In create_operation: Failed to create IKeystoreOperation.")?; 374 375 Ok(CreateOperationResponse { 376 iOperation: Some(op_binder), 377 operationChallenge: operation_challenge, 378 parameters: match begin_result.params.len() { 379 0 => None, 380 _ => Some(KeyParameters { keyParameter: begin_result.params }), 381 }, 382 // An upgraded blob should only be returned if the caller has permission 383 // to use Domain::BLOB keys. If we got to this point, we already checked 384 // that the caller had that permission. 385 upgradedBlob: if key.domain == Domain::BLOB { upgraded_blob } else { None }, 386 }) 387 } 388 add_certificate_parameters( &self, uid: u32, params: &[KeyParameter], key: &KeyDescriptor, ) -> Result<Vec<KeyParameter>>389 fn add_certificate_parameters( 390 &self, 391 uid: u32, 392 params: &[KeyParameter], 393 key: &KeyDescriptor, 394 ) -> Result<Vec<KeyParameter>> { 395 let mut result = params.to_vec(); 396 // If there is an attestation challenge we need to get an application id. 397 if params.iter().any(|kp| kp.tag == Tag::ATTESTATION_CHALLENGE) { 398 let aaid = { 399 let _wp = self.watch_millis( 400 "In KeystoreSecurityLevel::add_certificate_parameters calling: get_aaid", 401 500, 402 ); 403 keystore2_aaid::get_aaid(uid).map_err(|e| { 404 anyhow!(format!( 405 "In add_certificate_parameters: get_aaid returned status {}.", 406 e 407 )) 408 }) 409 }?; 410 411 result.push(KeyParameter { 412 tag: Tag::ATTESTATION_APPLICATION_ID, 413 value: KeyParameterValue::Blob(aaid), 414 }); 415 } 416 417 if params.iter().any(|kp| kp.tag == Tag::INCLUDE_UNIQUE_ID) { 418 check_key_permission(KeyPerm::gen_unique_id(), key, &None).context(concat!( 419 "In add_certificate_parameters: ", 420 "Caller does not have the permission to generate a unique ID" 421 ))?; 422 if self.id_rotation_state.had_factory_reset_since_id_rotation().context( 423 "In add_certificate_parameters: Call to had_factory_reset_since_id_rotation failed." 424 )? { 425 result.push(KeyParameter{ 426 tag: Tag::RESET_SINCE_ID_ROTATION, 427 value: KeyParameterValue::BoolValue(true), 428 }) 429 } 430 } 431 432 // If the caller requests any device identifier attestation tag, check that they hold the 433 // correct Android permission. 434 if params.iter().any(|kp| is_device_id_attestation_tag(kp.tag)) { 435 check_device_attestation_permissions().context(concat!( 436 "In add_certificate_parameters: ", 437 "Caller does not have the permission to attest device identifiers." 438 ))?; 439 } 440 441 // If we are generating/importing an asymmetric key, we need to make sure 442 // that NOT_BEFORE and NOT_AFTER are present. 443 match params.iter().find(|kp| kp.tag == Tag::ALGORITHM) { 444 Some(KeyParameter { tag: _, value: KeyParameterValue::Algorithm(Algorithm::RSA) }) 445 | Some(KeyParameter { tag: _, value: KeyParameterValue::Algorithm(Algorithm::EC) }) => { 446 if !params.iter().any(|kp| kp.tag == Tag::CERTIFICATE_NOT_BEFORE) { 447 result.push(KeyParameter { 448 tag: Tag::CERTIFICATE_NOT_BEFORE, 449 value: KeyParameterValue::DateTime(0), 450 }) 451 } 452 if !params.iter().any(|kp| kp.tag == Tag::CERTIFICATE_NOT_AFTER) { 453 result.push(KeyParameter { 454 tag: Tag::CERTIFICATE_NOT_AFTER, 455 value: KeyParameterValue::DateTime(UNDEFINED_NOT_AFTER), 456 }) 457 } 458 } 459 _ => {} 460 } 461 Ok(result) 462 } 463 generate_key( &self, key: &KeyDescriptor, attest_key_descriptor: Option<&KeyDescriptor>, params: &[KeyParameter], flags: i32, _entropy: &[u8], ) -> Result<KeyMetadata>464 fn generate_key( 465 &self, 466 key: &KeyDescriptor, 467 attest_key_descriptor: Option<&KeyDescriptor>, 468 params: &[KeyParameter], 469 flags: i32, 470 _entropy: &[u8], 471 ) -> Result<KeyMetadata> { 472 if key.domain != Domain::BLOB && key.alias.is_none() { 473 return Err(error::Error::Km(ErrorCode::INVALID_ARGUMENT)) 474 .context("In generate_key: Alias must be specified"); 475 } 476 let caller_uid = ThreadState::get_calling_uid(); 477 478 let key = match key.domain { 479 Domain::APP => KeyDescriptor { 480 domain: key.domain, 481 nspace: caller_uid as i64, 482 alias: key.alias.clone(), 483 blob: None, 484 }, 485 _ => key.clone(), 486 }; 487 488 // generate_key requires the rebind permission. 489 // Must return on error for security reasons. 490 check_key_permission(KeyPerm::rebind(), &key, &None).context("In generate_key.")?; 491 492 let attestation_key_info = match (key.domain, attest_key_descriptor) { 493 (Domain::BLOB, _) => None, 494 _ => DB 495 .with(|db| { 496 get_attest_key_info( 497 &key, 498 caller_uid, 499 attest_key_descriptor, 500 params, 501 &self.rem_prov_state, 502 &mut db.borrow_mut(), 503 ) 504 }) 505 .context("In generate_key: Trying to get an attestation key")?, 506 }; 507 let params = self 508 .add_certificate_parameters(caller_uid, params, &key) 509 .context("In generate_key: Trying to get aaid.")?; 510 511 let km_dev: Strong<dyn IKeyMintDevice> = self.keymint.get_interface()?; 512 513 let creation_result = match attestation_key_info { 514 Some(AttestationKeyInfo::UserGenerated { 515 key_id_guard, 516 blob, 517 blob_metadata, 518 issuer_subject, 519 }) => self 520 .upgrade_keyblob_if_required_with( 521 &*km_dev, 522 Some(key_id_guard), 523 &KeyBlob::Ref(&blob), 524 &blob_metadata, 525 ¶ms, 526 |blob| { 527 let attest_key = Some(AttestationKey { 528 keyBlob: blob.to_vec(), 529 attestKeyParams: vec![], 530 issuerSubjectName: issuer_subject.clone(), 531 }); 532 map_km_error({ 533 let _wp = self.watch_millis( 534 concat!( 535 "In KeystoreSecurityLevel::generate_key (UserGenerated): ", 536 "calling generate_key." 537 ), 538 5000, // Generate can take a little longer. 539 ); 540 km_dev.generateKey(¶ms, attest_key.as_ref()) 541 }) 542 }, 543 ) 544 .context("In generate_key: Using user generated attestation key.") 545 .map(|(result, _)| result), 546 Some(AttestationKeyInfo::RemoteProvisioned { attestation_key, attestation_certs }) => { 547 map_km_error({ 548 let _wp = self.watch_millis( 549 concat!( 550 "In KeystoreSecurityLevel::generate_key (RemoteProvisioned): ", 551 "calling generate_key.", 552 ), 553 5000, // Generate can take a little longer. 554 ); 555 km_dev.generateKey(¶ms, Some(&attestation_key)) 556 }) 557 .context("While generating Key with remote provisioned attestation key.") 558 .map(|mut creation_result| { 559 creation_result.certificateChain.push(attestation_certs); 560 creation_result 561 }) 562 } 563 None => map_km_error({ 564 let _wp = self.watch_millis( 565 concat!( 566 "In KeystoreSecurityLevel::generate_key (No attestation): ", 567 "calling generate_key.", 568 ), 569 5000, // Generate can take a little longer. 570 ); 571 km_dev.generateKey(¶ms, None) 572 }) 573 .context("While generating Key without explicit attestation key."), 574 } 575 .context("In generate_key.")?; 576 577 let user_id = uid_to_android_user(caller_uid); 578 self.store_new_key(key, creation_result, user_id, Some(flags)).context("In generate_key.") 579 } 580 import_key( &self, key: &KeyDescriptor, _attestation_key: Option<&KeyDescriptor>, params: &[KeyParameter], flags: i32, key_data: &[u8], ) -> Result<KeyMetadata>581 fn import_key( 582 &self, 583 key: &KeyDescriptor, 584 _attestation_key: Option<&KeyDescriptor>, 585 params: &[KeyParameter], 586 flags: i32, 587 key_data: &[u8], 588 ) -> Result<KeyMetadata> { 589 if key.domain != Domain::BLOB && key.alias.is_none() { 590 return Err(error::Error::Km(ErrorCode::INVALID_ARGUMENT)) 591 .context("In import_key: Alias must be specified"); 592 } 593 let caller_uid = ThreadState::get_calling_uid(); 594 595 let key = match key.domain { 596 Domain::APP => KeyDescriptor { 597 domain: key.domain, 598 nspace: caller_uid as i64, 599 alias: key.alias.clone(), 600 blob: None, 601 }, 602 _ => key.clone(), 603 }; 604 605 // import_key requires the rebind permission. 606 check_key_permission(KeyPerm::rebind(), &key, &None).context("In import_key.")?; 607 608 let params = self 609 .add_certificate_parameters(caller_uid, params, &key) 610 .context("In import_key: Trying to get aaid.")?; 611 612 let format = params 613 .iter() 614 .find(|p| p.tag == Tag::ALGORITHM) 615 .ok_or(error::Error::Km(ErrorCode::INVALID_ARGUMENT)) 616 .context("No KeyParameter 'Algorithm'.") 617 .and_then(|p| match &p.value { 618 KeyParameterValue::Algorithm(Algorithm::AES) 619 | KeyParameterValue::Algorithm(Algorithm::HMAC) 620 | KeyParameterValue::Algorithm(Algorithm::TRIPLE_DES) => Ok(KeyFormat::RAW), 621 KeyParameterValue::Algorithm(Algorithm::RSA) 622 | KeyParameterValue::Algorithm(Algorithm::EC) => Ok(KeyFormat::PKCS8), 623 v => Err(error::Error::Km(ErrorCode::INVALID_ARGUMENT)) 624 .context(format!("Unknown Algorithm {:?}.", v)), 625 }) 626 .context("In import_key.")?; 627 628 let km_dev: Strong<dyn IKeyMintDevice> = 629 self.keymint.get_interface().context("In import_key: Trying to get the KM device")?; 630 let creation_result = map_km_error({ 631 let _wp = 632 self.watch_millis("In KeystoreSecurityLevel::import_key: calling importKey.", 500); 633 km_dev.importKey(¶ms, format, key_data, None /* attestKey */) 634 }) 635 .context("In import_key: Trying to call importKey")?; 636 637 let user_id = uid_to_android_user(caller_uid); 638 self.store_new_key(key, creation_result, user_id, Some(flags)).context("In import_key.") 639 } 640 import_wrapped_key( &self, key: &KeyDescriptor, wrapping_key: &KeyDescriptor, masking_key: Option<&[u8]>, params: &[KeyParameter], authenticators: &[AuthenticatorSpec], ) -> Result<KeyMetadata>641 fn import_wrapped_key( 642 &self, 643 key: &KeyDescriptor, 644 wrapping_key: &KeyDescriptor, 645 masking_key: Option<&[u8]>, 646 params: &[KeyParameter], 647 authenticators: &[AuthenticatorSpec], 648 ) -> Result<KeyMetadata> { 649 let wrapped_data: &[u8] = match key { 650 KeyDescriptor { domain: Domain::APP, blob: Some(ref blob), alias: Some(_), .. } 651 | KeyDescriptor { 652 domain: Domain::SELINUX, blob: Some(ref blob), alias: Some(_), .. 653 } => blob, 654 _ => { 655 return Err(error::Error::Km(ErrorCode::INVALID_ARGUMENT)).context(format!( 656 concat!( 657 "In import_wrapped_key: Alias and blob must be specified ", 658 "and domain must be APP or SELINUX. {:?}" 659 ), 660 key 661 )) 662 } 663 }; 664 665 if wrapping_key.domain == Domain::BLOB { 666 return Err(error::Error::Km(ErrorCode::INVALID_ARGUMENT)).context( 667 "In import_wrapped_key: Import wrapped key not supported for self managed blobs.", 668 ); 669 } 670 671 let caller_uid = ThreadState::get_calling_uid(); 672 let user_id = uid_to_android_user(caller_uid); 673 674 let key = match key.domain { 675 Domain::APP => KeyDescriptor { 676 domain: key.domain, 677 nspace: caller_uid as i64, 678 alias: key.alias.clone(), 679 blob: None, 680 }, 681 Domain::SELINUX => KeyDescriptor { 682 domain: Domain::SELINUX, 683 nspace: key.nspace, 684 alias: key.alias.clone(), 685 blob: None, 686 }, 687 _ => panic!("Unreachable."), 688 }; 689 690 // Import_wrapped_key requires the rebind permission for the new key. 691 check_key_permission(KeyPerm::rebind(), &key, &None).context("In import_wrapped_key.")?; 692 693 let (wrapping_key_id_guard, mut wrapping_key_entry) = DB 694 .with(|db| { 695 LEGACY_MIGRATOR.with_try_migrate(&key, caller_uid, || { 696 db.borrow_mut().load_key_entry( 697 &wrapping_key, 698 KeyType::Client, 699 KeyEntryLoadBits::KM, 700 caller_uid, 701 |k, av| check_key_permission(KeyPerm::use_(), k, &av), 702 ) 703 }) 704 }) 705 .context("Failed to load wrapping key.")?; 706 707 let (wrapping_key_blob, wrapping_blob_metadata) = wrapping_key_entry 708 .take_key_blob_info() 709 .ok_or_else(error::Error::sys) 710 .context("No km_blob after successfully loading key. This should never happen.")?; 711 712 let wrapping_key_blob = 713 SUPER_KEY.unwrap_key_if_required(&wrapping_blob_metadata, &wrapping_key_blob).context( 714 "In import_wrapped_key. Failed to handle super encryption for wrapping key.", 715 )?; 716 717 // km_dev.importWrappedKey does not return a certificate chain. 718 // TODO Do we assume that all wrapped keys are symmetric? 719 // let certificate_chain: Vec<KmCertificate> = Default::default(); 720 721 let pw_sid = authenticators 722 .iter() 723 .find_map(|a| match a.authenticatorType { 724 HardwareAuthenticatorType::PASSWORD => Some(a.authenticatorId), 725 _ => None, 726 }) 727 .unwrap_or(-1); 728 729 let fp_sid = authenticators 730 .iter() 731 .find_map(|a| match a.authenticatorType { 732 HardwareAuthenticatorType::FINGERPRINT => Some(a.authenticatorId), 733 _ => None, 734 }) 735 .unwrap_or(-1); 736 737 let masking_key = masking_key.unwrap_or(ZERO_BLOB_32); 738 739 let km_dev: Strong<dyn IKeyMintDevice> = self.keymint.get_interface()?; 740 let (creation_result, _) = self 741 .upgrade_keyblob_if_required_with( 742 &*km_dev, 743 Some(wrapping_key_id_guard), 744 &wrapping_key_blob, 745 &wrapping_blob_metadata, 746 &[], 747 |wrapping_blob| { 748 let _wp = self.watch_millis( 749 "In KeystoreSecurityLevel::import_wrapped_key: calling importWrappedKey.", 750 500, 751 ); 752 let creation_result = map_km_error(km_dev.importWrappedKey( 753 wrapped_data, 754 wrapping_blob, 755 masking_key, 756 ¶ms, 757 pw_sid, 758 fp_sid, 759 ))?; 760 Ok(creation_result) 761 }, 762 ) 763 .context("In import_wrapped_key.")?; 764 765 self.store_new_key(key, creation_result, user_id, None) 766 .context("In import_wrapped_key: Trying to store the new key.") 767 } 768 store_upgraded_keyblob( key_id_guard: KeyIdGuard, km_uuid: Option<&Uuid>, key_blob: &KeyBlob, upgraded_blob: &[u8], ) -> Result<()>769 fn store_upgraded_keyblob( 770 key_id_guard: KeyIdGuard, 771 km_uuid: Option<&Uuid>, 772 key_blob: &KeyBlob, 773 upgraded_blob: &[u8], 774 ) -> Result<()> { 775 let (upgraded_blob_to_be_stored, new_blob_metadata) = 776 SuperKeyManager::reencrypt_if_required(key_blob, &upgraded_blob) 777 .context("In store_upgraded_keyblob: Failed to handle super encryption.")?; 778 779 let mut new_blob_metadata = new_blob_metadata.unwrap_or_default(); 780 if let Some(uuid) = km_uuid { 781 new_blob_metadata.add(BlobMetaEntry::KmUuid(*uuid)); 782 } 783 784 DB.with(|db| { 785 let mut db = db.borrow_mut(); 786 db.set_blob( 787 &key_id_guard, 788 SubComponentType::KEY_BLOB, 789 Some(&upgraded_blob_to_be_stored), 790 Some(&new_blob_metadata), 791 ) 792 }) 793 .context("In store_upgraded_keyblob: Failed to insert upgraded blob into the database.") 794 } 795 upgrade_keyblob_if_required_with<T, F>( &self, km_dev: &dyn IKeyMintDevice, key_id_guard: Option<KeyIdGuard>, key_blob: &KeyBlob, blob_metadata: &BlobMetaData, params: &[KeyParameter], f: F, ) -> Result<(T, Option<Vec<u8>>)> where F: Fn(&[u8]) -> Result<T, Error>,796 fn upgrade_keyblob_if_required_with<T, F>( 797 &self, 798 km_dev: &dyn IKeyMintDevice, 799 key_id_guard: Option<KeyIdGuard>, 800 key_blob: &KeyBlob, 801 blob_metadata: &BlobMetaData, 802 params: &[KeyParameter], 803 f: F, 804 ) -> Result<(T, Option<Vec<u8>>)> 805 where 806 F: Fn(&[u8]) -> Result<T, Error>, 807 { 808 match f(key_blob) { 809 Err(Error::Km(ErrorCode::KEY_REQUIRES_UPGRADE)) => { 810 let upgraded_blob = { 811 let _wp = self.watch_millis( 812 concat!( 813 "In KeystoreSecurityLevel::upgrade_keyblob_if_required_with: ", 814 "calling upgradeKey." 815 ), 816 500, 817 ); 818 map_km_error(km_dev.upgradeKey(key_blob, params)) 819 } 820 .context("In upgrade_keyblob_if_required_with: Upgrade failed.")?; 821 822 if let Some(kid) = key_id_guard { 823 Self::store_upgraded_keyblob( 824 kid, 825 blob_metadata.km_uuid(), 826 key_blob, 827 &upgraded_blob, 828 ) 829 .context( 830 "In upgrade_keyblob_if_required_with: store_upgraded_keyblob failed", 831 )?; 832 } 833 834 match f(&upgraded_blob) { 835 Ok(v) => Ok((v, Some(upgraded_blob))), 836 Err(e) => Err(e).context(concat!( 837 "In upgrade_keyblob_if_required_with: ", 838 "Failed to perform operation on second try." 839 )), 840 } 841 } 842 result => { 843 if let Some(kid) = key_id_guard { 844 if key_blob.force_reencrypt() { 845 Self::store_upgraded_keyblob( 846 kid, 847 blob_metadata.km_uuid(), 848 key_blob, 849 key_blob, 850 ) 851 .context(concat!( 852 "In upgrade_keyblob_if_required_with: ", 853 "store_upgraded_keyblob failed in forced reencrypt" 854 ))?; 855 } 856 } 857 result 858 .map(|v| (v, None)) 859 .context("In upgrade_keyblob_if_required_with: Called closure failed.") 860 } 861 } 862 } 863 convert_storage_key_to_ephemeral( &self, storage_key: &KeyDescriptor, ) -> Result<EphemeralStorageKeyResponse>864 fn convert_storage_key_to_ephemeral( 865 &self, 866 storage_key: &KeyDescriptor, 867 ) -> Result<EphemeralStorageKeyResponse> { 868 if storage_key.domain != Domain::BLOB { 869 return Err(error::Error::Km(ErrorCode::INVALID_ARGUMENT)).context(concat!( 870 "In IKeystoreSecurityLevel convert_storage_key_to_ephemeral: ", 871 "Key must be of Domain::BLOB" 872 )); 873 } 874 let key_blob = storage_key 875 .blob 876 .as_ref() 877 .ok_or(error::Error::Km(ErrorCode::INVALID_ARGUMENT)) 878 .context( 879 "In IKeystoreSecurityLevel convert_storage_key_to_ephemeral: No key blob specified", 880 )?; 881 882 // convert_storage_key_to_ephemeral requires the associated permission 883 check_key_permission(KeyPerm::convert_storage_key_to_ephemeral(), storage_key, &None) 884 .context("In convert_storage_key_to_ephemeral: Check permission")?; 885 886 let km_dev: Strong<dyn IKeyMintDevice> = self.keymint.get_interface().context(concat!( 887 "In IKeystoreSecurityLevel convert_storage_key_to_ephemeral: ", 888 "Getting keymint device interface" 889 ))?; 890 match { 891 let _wp = self.watch_millis( 892 concat!( 893 "In IKeystoreSecurityLevel::convert_storage_key_to_ephemeral: ", 894 "calling convertStorageKeyToEphemeral (1)" 895 ), 896 500, 897 ); 898 map_km_error(km_dev.convertStorageKeyToEphemeral(key_blob)) 899 } { 900 Ok(result) => { 901 Ok(EphemeralStorageKeyResponse { ephemeralKey: result, upgradedBlob: None }) 902 } 903 Err(error::Error::Km(ErrorCode::KEY_REQUIRES_UPGRADE)) => { 904 let upgraded_blob = { 905 let _wp = self.watch_millis( 906 "In convert_storage_key_to_ephemeral: calling upgradeKey", 907 500, 908 ); 909 map_km_error(km_dev.upgradeKey(key_blob, &[])) 910 } 911 .context("In convert_storage_key_to_ephemeral: Failed to upgrade key blob.")?; 912 let ephemeral_key = { 913 let _wp = self.watch_millis( 914 "In convert_storage_key_to_ephemeral: calling convertStorageKeyToEphemeral (2)", 915 500, 916 ); 917 map_km_error(km_dev.convertStorageKeyToEphemeral(&upgraded_blob)) 918 } 919 .context(concat!( 920 "In convert_storage_key_to_ephemeral: ", 921 "Failed to retrieve ephemeral key (after upgrade)." 922 ))?; 923 Ok(EphemeralStorageKeyResponse { 924 ephemeralKey: ephemeral_key, 925 upgradedBlob: Some(upgraded_blob), 926 }) 927 } 928 Err(e) => Err(e) 929 .context("In convert_storage_key_to_ephemeral: Failed to retrieve ephemeral key."), 930 } 931 } 932 delete_key(&self, key: &KeyDescriptor) -> Result<()>933 fn delete_key(&self, key: &KeyDescriptor) -> Result<()> { 934 if key.domain != Domain::BLOB { 935 return Err(error::Error::Km(ErrorCode::INVALID_ARGUMENT)) 936 .context("In IKeystoreSecurityLevel delete_key: Key must be of Domain::BLOB"); 937 } 938 939 let key_blob = key 940 .blob 941 .as_ref() 942 .ok_or(error::Error::Km(ErrorCode::INVALID_ARGUMENT)) 943 .context("In IKeystoreSecurityLevel delete_key: No key blob specified")?; 944 945 check_key_permission(KeyPerm::delete(), key, &None) 946 .context("In IKeystoreSecurityLevel delete_key: Checking delete permissions")?; 947 948 let km_dev: Strong<dyn IKeyMintDevice> = self 949 .keymint 950 .get_interface() 951 .context("In IKeystoreSecurityLevel delete_key: Getting keymint device interface")?; 952 { 953 let _wp = 954 self.watch_millis("In KeystoreSecuritylevel::delete_key: calling deleteKey", 500); 955 map_km_error(km_dev.deleteKey(&key_blob)).context("In keymint device deleteKey") 956 } 957 } 958 } 959 960 impl binder::Interface for KeystoreSecurityLevel {} 961 962 impl IKeystoreSecurityLevel for KeystoreSecurityLevel { createOperation( &self, key: &KeyDescriptor, operation_parameters: &[KeyParameter], forced: bool, ) -> binder::public_api::Result<CreateOperationResponse>963 fn createOperation( 964 &self, 965 key: &KeyDescriptor, 966 operation_parameters: &[KeyParameter], 967 forced: bool, 968 ) -> binder::public_api::Result<CreateOperationResponse> { 969 let _wp = self.watch_millis("IKeystoreSecurityLevel::createOperation", 500); 970 map_or_log_err(self.create_operation(key, operation_parameters, forced), Ok) 971 } generateKey( &self, key: &KeyDescriptor, attestation_key: Option<&KeyDescriptor>, params: &[KeyParameter], flags: i32, entropy: &[u8], ) -> binder::public_api::Result<KeyMetadata>972 fn generateKey( 973 &self, 974 key: &KeyDescriptor, 975 attestation_key: Option<&KeyDescriptor>, 976 params: &[KeyParameter], 977 flags: i32, 978 entropy: &[u8], 979 ) -> binder::public_api::Result<KeyMetadata> { 980 // Duration is set to 5 seconds, because generateKey - especially for RSA keys, takes more 981 // time than other operations 982 let _wp = self.watch_millis("IKeystoreSecurityLevel::generateKey", 5000); 983 let result = self.generate_key(key, attestation_key, params, flags, entropy); 984 log_key_creation_event_stats(self.security_level, params, &result); 985 log_key_generated(key, ThreadState::get_calling_uid(), result.is_ok()); 986 map_or_log_err(result, Ok) 987 } importKey( &self, key: &KeyDescriptor, attestation_key: Option<&KeyDescriptor>, params: &[KeyParameter], flags: i32, key_data: &[u8], ) -> binder::public_api::Result<KeyMetadata>988 fn importKey( 989 &self, 990 key: &KeyDescriptor, 991 attestation_key: Option<&KeyDescriptor>, 992 params: &[KeyParameter], 993 flags: i32, 994 key_data: &[u8], 995 ) -> binder::public_api::Result<KeyMetadata> { 996 let _wp = self.watch_millis("IKeystoreSecurityLevel::importKey", 500); 997 let result = self.import_key(key, attestation_key, params, flags, key_data); 998 log_key_creation_event_stats(self.security_level, params, &result); 999 log_key_imported(key, ThreadState::get_calling_uid(), result.is_ok()); 1000 map_or_log_err(result, Ok) 1001 } importWrappedKey( &self, key: &KeyDescriptor, wrapping_key: &KeyDescriptor, masking_key: Option<&[u8]>, params: &[KeyParameter], authenticators: &[AuthenticatorSpec], ) -> binder::public_api::Result<KeyMetadata>1002 fn importWrappedKey( 1003 &self, 1004 key: &KeyDescriptor, 1005 wrapping_key: &KeyDescriptor, 1006 masking_key: Option<&[u8]>, 1007 params: &[KeyParameter], 1008 authenticators: &[AuthenticatorSpec], 1009 ) -> binder::public_api::Result<KeyMetadata> { 1010 let _wp = self.watch_millis("IKeystoreSecurityLevel::importWrappedKey", 500); 1011 let result = 1012 self.import_wrapped_key(key, wrapping_key, masking_key, params, authenticators); 1013 log_key_creation_event_stats(self.security_level, params, &result); 1014 log_key_imported(key, ThreadState::get_calling_uid(), result.is_ok()); 1015 map_or_log_err(result, Ok) 1016 } convertStorageKeyToEphemeral( &self, storage_key: &KeyDescriptor, ) -> binder::public_api::Result<EphemeralStorageKeyResponse>1017 fn convertStorageKeyToEphemeral( 1018 &self, 1019 storage_key: &KeyDescriptor, 1020 ) -> binder::public_api::Result<EphemeralStorageKeyResponse> { 1021 let _wp = self.watch_millis("IKeystoreSecurityLevel::convertStorageKeyToEphemeral", 500); 1022 map_or_log_err(self.convert_storage_key_to_ephemeral(storage_key), Ok) 1023 } deleteKey(&self, key: &KeyDescriptor) -> binder::public_api::Result<()>1024 fn deleteKey(&self, key: &KeyDescriptor) -> binder::public_api::Result<()> { 1025 let _wp = self.watch_millis("IKeystoreSecurityLevel::deleteKey", 500); 1026 let result = self.delete_key(key); 1027 log_key_deleted(key, ThreadState::get_calling_uid(), result.is_ok()); 1028 map_or_log_err(result, Ok) 1029 } 1030 } 1031