• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright 2015 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef GATEKEEPER_H_
18 #define GATEKEEPER_H_
19 
20 #include <stdint.h>
21 #include <gatekeeper/UniquePtr.h>
22 #include <hardware/hw_auth_token.h>
23 
24 #include "gatekeeper_messages.h"
25 #include "password_handle.h"
26 
27 namespace gatekeeper {
28 
29 struct __attribute__((packed)) failure_record_t {
30     uint64_t secure_user_id;
31     uint64_t last_checked_timestamp;
32     uint32_t failure_counter;
33 };
34 
35 /**
36  * Base class for gatekeeper implementations. Provides all functionality except
37  * the ability to create/access keys and compute signatures. These are left up
38  * to the platform-specific implementation.
39  */
40 class GateKeeper {
41 public:
GateKeeper()42     GateKeeper() {}
~GateKeeper()43     virtual ~GateKeeper() {}
44 
45     void Enroll(const EnrollRequest &request, EnrollResponse *response);
46     void Verify(const VerifyRequest &request, VerifyResponse *response);
47     void DeleteUser(const DeleteUserRequest &request, DeleteUserResponse *response);
48     void DeleteAllUsers(const DeleteAllUsersRequest &request, DeleteAllUsersResponse *response);
49 
50 protected:
51 
52     // The following methods are intended to be implemented by concrete subclasses
53 
54     /**
55      * Retrieves the key used by GateKeeper::MintAuthToken to sign the payload
56      * of the AuthToken. This is not cached as is may have changed due to an event such
57      * as a password change.
58      *
59      * Writes the length in bytes of the returned key to length if it is not null.
60      *
61      * Ownership of the auth_token_key pointer is maintained by the implementor.
62      *
63      * Returns true if the key was successfully fetched.
64      *
65      */
66     virtual bool GetAuthTokenKey(const uint8_t **auth_token_key, uint32_t *length)
67             const = 0;
68 
69     /**
70      * The key used to sign and verify password data.
71      *
72      * MUST be different from the AuthTokenKey.
73      *
74      * GetPasswordKey is not const because unlike AuthTokenKey,
75      * this value can be cached.
76      *
77      * Ownership of the password_key pointer is maintained by the implementor.
78      *
79      */
80     virtual void GetPasswordKey(const uint8_t **password_key, uint32_t *length) = 0;
81 
82     /**
83      * Uses platform-specific routines to compute a signature on the provided password.
84      *
85      * This can be implemented as a simple pass-through to ComputeSignature, but is
86      * available in case handling for password signatures is different from general
87      * purpose signatures.
88      *
89      * Writes the signature_length size signature to the 'signature' pointer.
90      */
91     virtual void ComputePasswordSignature(uint8_t *signature, uint32_t signature_length,
92             const uint8_t *key, uint32_t key_length, const uint8_t *password,
93             uint32_t password_length, salt_t salt) const = 0;
94 
95     /**
96      * Retrieves a unique, cryptographically randomly generated buffer for use in password
97      * hashing, etc.
98      *
99      * Assings the random to the random UniquePtr, relinquishing ownership to the caller
100      */
101     virtual void GetRandom(void *random, uint32_t requested_size) const = 0;
102 
103     /**
104      * Uses platform-specific routines to compute a signature on the provided message.
105      *
106      * Writes the signature_length size signature to the 'signature' pointer.
107      */
108     virtual void ComputeSignature(uint8_t *signature, uint32_t signature_length,
109             const uint8_t *key, uint32_t key_length, const uint8_t *message,
110             const uint32_t length) const = 0;
111 
112     /**
113      * Get the time since boot in milliseconds.
114      *
115      * Should return 0 on error.
116      */
117     virtual uint64_t GetMillisecondsSinceBoot() const = 0;
118 
119     /**
120      * Removes all records for the given user.
121      *
122      * Returns true if the user's records were successfully deleted.
123      */
RemoveUser(uint32_t)124     virtual gatekeeper_error_t RemoveUser(uint32_t /* uid */) { return ERROR_NOT_IMPLEMENTED; }
125 
126     /**
127      * Removes all records.
128      *
129      * Returns true if the records were successfully deleted.
130      */
RemoveAllUsers()131     virtual gatekeeper_error_t RemoveAllUsers() { return ERROR_NOT_IMPLEMENTED; }
132 
133     /**
134      * Returns the value of the current failure record for the user.
135      *
136      * The failure record should be written to hardware-backed secure storage, such as
137      * RPMB, if the target device supports it.
138      *
139      * If 'secure' is false, password is operating in a fallback mode. Implementations
140      * may store the failure record in memory or in non-secure storage if this value is false.
141      *
142      * Returns true on success, false if failure record cannot be retrieved.
143      */
144     virtual bool GetFailureRecord(uint32_t uid, secure_id_t user_id, failure_record_t *record,
145             bool secure) = 0;
146 
147     /**
148      * Initializes or reinitializes the failure record for the current user.
149      *
150      * Must be persisted in secure storage if the target device supports it.
151      *
152      * If 'secure' is false, password is operating in a fallback mode. Implementations
153      * may store the failure record in memory or in non-secure storage if this value is false.
154      *
155      * Returns true if the failure record was successfully persisted.
156      */
157     virtual bool ClearFailureRecord(uint32_t uid, secure_id_t user_id, bool secure) = 0;
158 
159     /*
160      * Writes the provided failure record to persistent storage.
161      *
162      * Must be persisted in secure storage if the target device supports it.
163      *
164      * If 'secure' is false, password is operating in a fallback mode. Implementations
165      * may store the failure record in memory or in non-secure storage if this value is false.
166      *
167      * Returns true if record was successfully written.
168      */
169     virtual bool WriteFailureRecord(uint32_t uid, failure_record_t *record, bool secure) = 0;
170 
171     /**
172      * Computes the amount of time to throttle the user due to the current failure_record
173      * counter. An implementation is provided by the generic GateKeeper, but may be
174      * overriden.
175      */
176     virtual uint32_t ComputeRetryTimeout(const failure_record_t *record);
177 
178     /**
179      * Returns whether the GateKeeper implementation is backed by hardware.
180      */
181     virtual bool IsHardwareBacked() const = 0;
182 
183     /**
184      * Verifies that handle matches password HMAC'ed with the password_key
185      */
186     virtual bool DoVerify(const password_handle_t *expected_handle, const SizedBuffer &password);
187 
188 private:
189     /**
190      * Generates a signed attestation of an authentication event and assings
191      * to auth_token UniquePtr.
192      * The format is consistent with that of hw_auth_token_t.
193      * Also returns the length in length if it is not null.
194      */
195     gatekeeper_error_t MintAuthToken(SizedBuffer *auth_token, uint64_t timestamp,
196             secure_id_t user_id, secure_id_t authenticator_id, uint64_t challenge);
197 
198     /**
199      * Populates password_handle with the data provided and computes HMAC.
200      */
201     bool CreatePasswordHandle(SizedBuffer *password_handle, salt_t salt,
202             secure_id_t secure_id, secure_id_t authenticator_id, uint8_t handle_version,
203             const SizedBuffer & password);
204 
205     /**
206      * Increments the counter on the current failure record for the provided user id.
207      * Sets the last_checked_timestamp to timestamp. Writes the updated record
208      * to *record if not null.
209      *
210      * Returns true if failure record was successfully incremented.
211      */
212     bool IncrementFailureRecord(uint32_t uid, secure_id_t user_id, uint64_t timestamp,
213             failure_record_t *record, bool secure);
214 
215     /**
216      * Determines whether the request is within the current throttle window.
217      *
218      * If the system timer has been reset due to a reboot or otherwise, resets
219      * the throttle window with a base at the current time.
220      *
221      * Returns true if the request is in the throttle window.
222      */
223     bool ThrottleRequest(uint32_t uid, uint64_t timestamp,
224             failure_record_t *record, bool secure, GateKeeperMessage *response);
225 };
226 
227 }
228 
229 #endif // GATEKEEPER_H_
230