• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 //
2 // Copyright (C) 2020 The Android Open Source Project
3 //
4 // Licensed under the Apache License, Version 2.0 (the "License");
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
7 //
8 //      http://www.apache.org/licenses/LICENSE-2.0
9 //
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
15 
16 #pragma once
17 
18 #include <keymaster/serializable.h>
19 
20 #include "host/commands/secure_env/tpm_resource_manager.h"
21 
22 /**
23  * A keymaster::Serializable that wraps another keymaster::Serializable,
24  * encrypting the data with a TPM to ensure privacy.
25  *
26  * This implementation randomly generates a unique key which only exists inside
27  * the TPM, and uses it to encrypt the data from the other Serializable
28  * instance. The encrypted data, together with information about the unique key
29  * is stored in the output data. The unique key information is something that
30  * can only be decoded using a TPM, which will detect if the key is corrupted.
31  * However, this implementation will not detect if the encrypted data is
32  * corrupted, which could break the other Serializable instance on
33  * deserialization. This class should be used with something else to verify
34  * that the data hasn't been tampered with.
35  *
36  * The serialization format is:
37  * [tpm key public data] [tpm key private data]
38  * [uint32_t: block_size]
39  * [uint32_t: encrypted_length] [encrypted_data]
40  *
41  * The actual length of [encrypted_data] in the serialized format is
42  * [encrypted_length] rounded up to the nearest multiple of [block_size].
43  * [encrypted_length] is the true length of the data before encryption, without
44  * padding.
45  */
46 class EncryptedSerializable : public keymaster::Serializable {
47 public:
48   EncryptedSerializable(TpmResourceManager&,
49                         std::function<TpmObjectSlot(TpmResourceManager&)>,
50                         Serializable&);
51 
52   size_t SerializedSize() const override;
53   uint8_t* Serialize(uint8_t* buf, const uint8_t* end) const override;
54   bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end) override;
55 private:
56   TpmResourceManager& resource_manager_;
57   std::function<TpmObjectSlot(TpmResourceManager&)> parent_key_fn_;
58   keymaster::Serializable& wrapped_;
59 };
60