1 /*
2 * Copyright 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <keymaster/km_openssl/ec_key_factory.h>
18
19 #include <openssl/curve25519.h>
20 #include <openssl/evp.h>
21
22 #include <keymaster/keymaster_context.h>
23 #include <keymaster/km_openssl/curve25519_key.h>
24 #include <keymaster/km_openssl/ec_key.h>
25 #include <keymaster/km_openssl/ecdh_operation.h>
26 #include <keymaster/km_openssl/ecdsa_operation.h>
27 #include <keymaster/km_openssl/openssl_err.h>
28
29 #include <keymaster/operation.h>
30
31 namespace keymaster {
32
33 static EcdsaSignOperationFactory sign_factory;
34 static EcdsaVerifyOperationFactory verify_factory;
35 static EcdhOperationFactory agree_key_factory;
36
GetOperationFactory(keymaster_purpose_t purpose) const37 OperationFactory* EcKeyFactory::GetOperationFactory(keymaster_purpose_t purpose) const {
38 switch (purpose) {
39 case KM_PURPOSE_SIGN:
40 return &sign_factory;
41 case KM_PURPOSE_VERIFY:
42 return &verify_factory;
43 case KM_PURPOSE_AGREE_KEY:
44 return &agree_key_factory;
45 default:
46 return nullptr;
47 }
48 }
49
50 /* static */
GetCurveAndSize(const AuthorizationSet & key_description,keymaster_ec_curve_t * curve,uint32_t * key_size_bits)51 keymaster_error_t EcKeyFactory::GetCurveAndSize(const AuthorizationSet& key_description,
52 keymaster_ec_curve_t* curve,
53 uint32_t* key_size_bits) {
54 if (!key_description.GetTagValue(TAG_EC_CURVE, curve)) {
55 // Curve not specified. Fall back to deducing curve from key size.
56 if (!key_description.GetTagValue(TAG_KEY_SIZE, key_size_bits)) {
57 LOG_E("%s", "No curve or key size specified for EC key generation");
58 return KM_ERROR_UNSUPPORTED_KEY_SIZE;
59 }
60 keymaster_error_t error = EllipticKeySizeToCurve(*key_size_bits, curve);
61 if (error != KM_ERROR_OK) {
62 return KM_ERROR_UNSUPPORTED_KEY_SIZE;
63 }
64 } else {
65 keymaster_error_t error = EcCurveToKeySize(*curve, key_size_bits);
66 if (error != KM_ERROR_OK) {
67 return error;
68 }
69 uint32_t tag_key_size_bits;
70 if (key_description.GetTagValue(TAG_KEY_SIZE, &tag_key_size_bits) &&
71 *key_size_bits != tag_key_size_bits) {
72 LOG_E("Curve key size %d and specified key size %d don't match", key_size_bits,
73 tag_key_size_bits);
74 return KM_ERROR_INVALID_ARGUMENT;
75 }
76 }
77
78 return KM_ERROR_OK;
79 }
80
GenerateKey(const AuthorizationSet & key_description,UniquePtr<Key> attest_key,const KeymasterBlob & issuer_subject,KeymasterKeyBlob * key_blob,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced,CertificateChain * cert_chain) const81 keymaster_error_t EcKeyFactory::GenerateKey(const AuthorizationSet& key_description,
82 UniquePtr<Key> attest_key, //
83 const KeymasterBlob& issuer_subject,
84 KeymasterKeyBlob* key_blob,
85 AuthorizationSet* hw_enforced,
86 AuthorizationSet* sw_enforced,
87 CertificateChain* cert_chain) const {
88 if (!key_blob || !hw_enforced || !sw_enforced) return KM_ERROR_OUTPUT_PARAMETER_NULL;
89
90 AuthorizationSet authorizations(key_description);
91
92 keymaster_ec_curve_t ec_curve;
93 uint32_t key_size;
94 keymaster_error_t error = GetCurveAndSize(authorizations, &ec_curve, &key_size);
95 if (error != KM_ERROR_OK) {
96 return error;
97 } else if (!authorizations.Contains(TAG_KEY_SIZE, key_size)) {
98 authorizations.push_back(TAG_KEY_SIZE, key_size);
99 } else if (!authorizations.Contains(TAG_EC_CURVE, ec_curve)) {
100 authorizations.push_back(TAG_EC_CURVE, ec_curve);
101 }
102
103 bool is_ed25519 = false;
104 bool is_x25519 = false;
105 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey;
106 UniquePtr<EC_KEY, EC_KEY_Delete> ec_key(EC_KEY_new());
107 KeymasterKeyBlob key_material;
108 if (ec_curve == KM_EC_CURVE_CURVE_25519) {
109 // Curve 25519 keys do not fall under OpenSSL's EC_KEY category.
110 is_ed25519 = (key_description.Contains(TAG_PURPOSE, KM_PURPOSE_SIGN) ||
111 key_description.Contains(TAG_PURPOSE, KM_PURPOSE_ATTEST_KEY));
112 is_x25519 = key_description.Contains(TAG_PURPOSE, KM_PURPOSE_AGREE_KEY);
113 if (is_ed25519 && is_x25519) {
114 // Cannot have both SIGN (Ed25519) and AGREE_KEY (X25519).
115 return KM_ERROR_INCOMPATIBLE_PURPOSE;
116 }
117
118 if (is_ed25519) {
119 uint8_t priv_key[ED25519_PRIVATE_KEY_LEN];
120 uint8_t pub_key[ED25519_PUBLIC_KEY_LEN];
121 ED25519_keypair(pub_key, priv_key);
122
123 // Only feed in the first 32 bytes of the generated private key.
124 pkey.reset(EVP_PKEY_new_raw_private_key(EVP_PKEY_ED25519, nullptr, priv_key,
125 ED25519_SEED_LEN));
126 } else if (is_x25519) {
127 uint8_t priv_key[X25519_PRIVATE_KEY_LEN];
128 uint8_t pub_key[X25519_PUBLIC_VALUE_LEN];
129 X25519_keypair(pub_key, priv_key);
130
131 pkey.reset(EVP_PKEY_new_raw_private_key(EVP_PKEY_X25519, nullptr, priv_key,
132 X25519_PRIVATE_KEY_LEN));
133 } else {
134 return KM_ERROR_UNSUPPORTED_PURPOSE;
135 }
136 if (pkey.get() == nullptr) {
137 return KM_ERROR_UNKNOWN_ERROR;
138 }
139 } else {
140 pkey.reset(EVP_PKEY_new());
141 if (ec_key.get() == nullptr || pkey.get() == nullptr)
142 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
143
144 UniquePtr<EC_GROUP, EC_GROUP_Delete> group(ChooseGroup(ec_curve));
145 if (group.get() == nullptr) {
146 LOG_E("Unable to get EC group for curve %d", ec_curve);
147 return KM_ERROR_UNSUPPORTED_KEY_SIZE;
148 }
149
150 #if !defined(OPENSSL_IS_BORINGSSL)
151 EC_GROUP_set_point_conversion_form(group.get(), POINT_CONVERSION_UNCOMPRESSED);
152 EC_GROUP_set_asn1_flag(group.get(), OPENSSL_EC_NAMED_CURVE);
153 #endif
154
155 if (EC_KEY_set_group(ec_key.get(), group.get()) != 1 ||
156 EC_KEY_generate_key(ec_key.get()) != 1 || EC_KEY_check_key(ec_key.get()) < 0) {
157 return TranslateLastOpenSslError();
158 }
159
160 if (EVP_PKEY_set1_EC_KEY(pkey.get(), ec_key.get()) != 1) return TranslateLastOpenSslError();
161 }
162
163 error = EvpKeyToKeyMaterial(pkey.get(), &key_material);
164 if (error != KM_ERROR_OK) return error;
165
166 error = blob_maker_.CreateKeyBlob(authorizations, KM_ORIGIN_GENERATED, key_material, key_blob,
167 hw_enforced, sw_enforced);
168 if (error != KM_ERROR_OK) return error;
169
170 // Only generate attestation certificates for KeyMint (KeyMaster uses an attestKey()
171 // entrypoint that is separate from generateKey()).
172 if (context_.GetKmVersion() < KmVersion::KEYMINT_1) return KM_ERROR_OK;
173 if (!cert_chain) return KM_ERROR_UNEXPECTED_NULL_POINTER;
174
175 std::unique_ptr<AsymmetricKey> key;
176 if (is_ed25519) {
177 key.reset(new (std::nothrow) Ed25519Key(*hw_enforced, *sw_enforced, this, key_material));
178 } else if (is_x25519) {
179 key.reset(new (std::nothrow) X25519Key(*hw_enforced, *sw_enforced, this, key_material));
180 } else {
181 key.reset(new (std::nothrow) EcKey(*hw_enforced, *sw_enforced, this, move(ec_key)));
182 }
183 if (key == nullptr) {
184 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
185 }
186
187 if (key_description.Contains(TAG_ATTESTATION_CHALLENGE)) {
188 *cert_chain = context_.GenerateAttestation(*key, key_description, move(attest_key),
189 issuer_subject, &error);
190 } else if (attest_key.get() != nullptr) {
191 return KM_ERROR_ATTESTATION_CHALLENGE_MISSING;
192 } else {
193 *cert_chain = context_.GenerateSelfSignedCertificate(
194 *key, key_description, !IsCertSigningKey(key_description) /* fake_signature */, &error);
195 }
196
197 return error;
198 }
199
ImportKey(const AuthorizationSet & key_description,keymaster_key_format_t input_key_material_format,const KeymasterKeyBlob & input_key_material,UniquePtr<Key> attest_key,const KeymasterBlob & issuer_subject,KeymasterKeyBlob * output_key_blob,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced,CertificateChain * cert_chain) const200 keymaster_error_t EcKeyFactory::ImportKey(const AuthorizationSet& key_description, //
201 keymaster_key_format_t input_key_material_format,
202 const KeymasterKeyBlob& input_key_material,
203 UniquePtr<Key> attest_key, //
204 const KeymasterBlob& issuer_subject,
205 KeymasterKeyBlob* output_key_blob,
206 AuthorizationSet* hw_enforced,
207 AuthorizationSet* sw_enforced,
208 CertificateChain* cert_chain) const {
209 if (input_key_material_format == KM_KEY_FORMAT_RAW) {
210 return ImportRawKey(key_description, input_key_material, move(attest_key), issuer_subject,
211 output_key_blob, hw_enforced, sw_enforced, cert_chain);
212 }
213
214 if (!output_key_blob || !hw_enforced || !sw_enforced) return KM_ERROR_OUTPUT_PARAMETER_NULL;
215
216 AuthorizationSet authorizations;
217 uint32_t key_size;
218 keymaster_error_t error = UpdateImportKeyDescription(
219 key_description, input_key_material_format, input_key_material, &authorizations, &key_size);
220 if (error != KM_ERROR_OK) return error;
221
222 error = blob_maker_.CreateKeyBlob(authorizations, KM_ORIGIN_IMPORTED, input_key_material,
223 output_key_blob, hw_enforced, sw_enforced);
224 if (error != KM_ERROR_OK) return error;
225
226 if (context_.GetKmVersion() < KmVersion::KEYMINT_1) return KM_ERROR_OK;
227 if (!cert_chain) return KM_ERROR_UNEXPECTED_NULL_POINTER;
228
229 EVP_PKEY_Ptr pkey;
230 error = KeyMaterialToEvpKey(KM_KEY_FORMAT_PKCS8, input_key_material, KM_ALGORITHM_EC, &pkey);
231 if (error != KM_ERROR_OK) return error;
232
233 std::unique_ptr<AsymmetricKey> key;
234 switch (EVP_PKEY_type(pkey->type)) {
235 case EVP_PKEY_ED25519:
236 key.reset(new (std::nothrow) Ed25519Key(*hw_enforced, *sw_enforced, this));
237 if (key.get() == nullptr) {
238 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
239 }
240 if (!key->EvpToInternal(pkey.get())) {
241 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
242 }
243 break;
244 case EVP_PKEY_X25519:
245 key.reset(new (std::nothrow) X25519Key(*hw_enforced, *sw_enforced, this));
246 if (key.get() == nullptr) {
247 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
248 }
249 if (!key->EvpToInternal(pkey.get())) {
250 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
251 }
252 break;
253 case EVP_PKEY_EC: {
254 EC_KEY_Ptr ec_key(EVP_PKEY_get1_EC_KEY(pkey.get()));
255 if (!ec_key.get()) return KM_ERROR_INVALID_ARGUMENT;
256
257 key.reset(new (std::nothrow) EcKey(*hw_enforced, *sw_enforced, this, move(ec_key)));
258 if (key.get() == nullptr) {
259 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
260 }
261 break;
262 }
263 default:
264 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
265 }
266 if (key == nullptr) {
267 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
268 }
269
270 if (key_description.Contains(KM_TAG_ATTESTATION_CHALLENGE)) {
271 *cert_chain = context_.GenerateAttestation(*key, key_description, move(attest_key),
272 issuer_subject, &error);
273 } else if (attest_key.get() != nullptr) {
274 return KM_ERROR_ATTESTATION_CHALLENGE_MISSING;
275 } else {
276 *cert_chain = context_.GenerateSelfSignedCertificate(
277 *key, key_description, !IsCertSigningKey(key_description) /* fake_signature */, &error);
278 }
279
280 return error;
281 }
282
ImportRawKey(const AuthorizationSet & key_description,const KeymasterKeyBlob & input_key_material,UniquePtr<Key> attest_key,const KeymasterBlob & issuer_subject,KeymasterKeyBlob * output_key_blob,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced,CertificateChain * cert_chain) const283 keymaster_error_t EcKeyFactory::ImportRawKey(const AuthorizationSet& key_description, //
284 const KeymasterKeyBlob& input_key_material,
285 UniquePtr<Key> attest_key, //
286 const KeymasterBlob& issuer_subject,
287 KeymasterKeyBlob* output_key_blob,
288 AuthorizationSet* hw_enforced,
289 AuthorizationSet* sw_enforced,
290 CertificateChain* cert_chain) const {
291 if (!output_key_blob || !hw_enforced || !sw_enforced) return KM_ERROR_OUTPUT_PARAMETER_NULL;
292
293 // Curve 25519 keys may arrive in raw form, but if they do the key_description must include
294 // enough information to allow the key material to be identified. This means that the
295 // following tags must already be present in key_description:
296 // - TAG_ALGORITHM: KM_ALGORITHM_EC
297 // - TAG_EC_CURVE: KM_EC_CURVE_CURVE_25519
298 // - TAG_PURPOSE: exactly one of:
299 // - KM_SIGN (Ed25519)
300 // - KM_ATTEST_KEY (Ed25519)
301 // - KM_AGREE (X25519)
302 keymaster_ec_curve_t curve;
303 if (!key_description.GetTagValue(TAG_EC_CURVE, &curve) || curve != KM_EC_CURVE_CURVE_25519) {
304 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
305 }
306 bool is_ed25519 = (key_description.Contains(TAG_PURPOSE, KM_PURPOSE_SIGN) ||
307 key_description.Contains(TAG_PURPOSE, KM_PURPOSE_ATTEST_KEY));
308 bool is_x25519 = key_description.Contains(TAG_PURPOSE, KM_PURPOSE_AGREE_KEY);
309 if (is_ed25519 && is_x25519) {
310 // Cannot have both SIGN (Ed25519) and AGREE_KEY (X25519).
311 return KM_ERROR_INCOMPATIBLE_PURPOSE;
312 }
313 if (key_description.Contains(TAG_PURPOSE, KM_PURPOSE_ATTEST_KEY) &&
314 key_description.GetTagCount(TAG_PURPOSE) > 1) {
315 // ATTEST_KEY cannot be combined with another purpose.
316 return KM_ERROR_INCOMPATIBLE_PURPOSE;
317 }
318
319 // First convert the raw key data into an EVP_PKEY.
320 EVP_PKEY_Ptr pkey;
321 if (is_ed25519) {
322 pkey.reset(EVP_PKEY_new_raw_private_key(EVP_PKEY_ED25519, /* unused*/ nullptr,
323 input_key_material.key_material,
324 input_key_material.key_material_size));
325 } else if (is_x25519) {
326 pkey.reset(EVP_PKEY_new_raw_private_key(EVP_PKEY_X25519, /* unused*/ nullptr,
327 input_key_material.key_material,
328 input_key_material.key_material_size));
329 } else {
330 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
331 }
332 if (pkey.get() == nullptr) {
333 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
334 }
335
336 // Now extract PKCS#8 formatted private key material from the EVP_PKEY.
337 KeymasterKeyBlob pkcs8_key_material;
338 keymaster_error_t error = EvpKeyToKeyMaterial(pkey.get(), &pkcs8_key_material);
339 if (error != KM_ERROR_OK) return error;
340
341 // Store the PKCS#8 private key material in the key blob.
342 error = blob_maker_.CreateKeyBlob(key_description, KM_ORIGIN_IMPORTED, pkcs8_key_material,
343 output_key_blob, hw_enforced, sw_enforced);
344 if (error != KM_ERROR_OK) return error;
345
346 if (context_.GetKmVersion() < KmVersion::KEYMINT_1) return KM_ERROR_OK;
347 if (!cert_chain) return KM_ERROR_UNEXPECTED_NULL_POINTER;
348
349 std::unique_ptr<AsymmetricKey> key;
350 if (is_ed25519) {
351 key.reset(new (std::nothrow)
352 Ed25519Key(*hw_enforced, *sw_enforced, this, pkcs8_key_material));
353 } else /* is_x25519 */ {
354 key.reset(new (std::nothrow)
355 X25519Key(*hw_enforced, *sw_enforced, this, pkcs8_key_material));
356 }
357 if (key == nullptr) {
358 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
359 }
360
361 if (key_description.Contains(KM_TAG_ATTESTATION_CHALLENGE)) {
362 *cert_chain = context_.GenerateAttestation(*key, key_description, move(attest_key),
363 issuer_subject, &error);
364 } else if (attest_key.get() != nullptr) {
365 return KM_ERROR_ATTESTATION_CHALLENGE_MISSING;
366 } else {
367 *cert_chain = context_.GenerateSelfSignedCertificate(
368 *key, key_description, !IsCertSigningKey(key_description) /* fake_signature */, &error);
369 }
370
371 return error;
372 }
373
UpdateImportKeyDescription(const AuthorizationSet & key_description,keymaster_key_format_t key_format,const KeymasterKeyBlob & key_material,AuthorizationSet * updated_description,uint32_t * key_size_bits) const374 keymaster_error_t EcKeyFactory::UpdateImportKeyDescription(const AuthorizationSet& key_description,
375 keymaster_key_format_t key_format,
376 const KeymasterKeyBlob& key_material,
377 AuthorizationSet* updated_description,
378 uint32_t* key_size_bits) const {
379 if (!updated_description || !key_size_bits) return KM_ERROR_OUTPUT_PARAMETER_NULL;
380
381 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey;
382 keymaster_error_t error =
383 KeyMaterialToEvpKey(key_format, key_material, keymaster_key_type(), &pkey);
384 if (error != KM_ERROR_OK) return error;
385
386 updated_description->Reinitialize(key_description);
387
388 keymaster_algorithm_t algorithm = KM_ALGORITHM_EC;
389 if (!updated_description->GetTagValue(TAG_ALGORITHM, &algorithm)) {
390 updated_description->push_back(TAG_ALGORITHM, KM_ALGORITHM_EC);
391 } else if (algorithm != KM_ALGORITHM_EC) {
392 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
393 }
394
395 switch (EVP_PKEY_type(pkey->type)) {
396 case EVP_PKEY_EC: {
397 UniquePtr<EC_KEY, EC_KEY_Delete> ec_key(EVP_PKEY_get1_EC_KEY(pkey.get()));
398 if (!ec_key.get()) return TranslateLastOpenSslError();
399
400 size_t extracted_key_size_bits;
401 error = ec_get_group_size(EC_KEY_get0_group(ec_key.get()), &extracted_key_size_bits);
402 if (error != KM_ERROR_OK) return error;
403
404 *key_size_bits = extracted_key_size_bits;
405 if (!updated_description->GetTagValue(TAG_KEY_SIZE, key_size_bits)) {
406 updated_description->push_back(TAG_KEY_SIZE, extracted_key_size_bits);
407 } else if (*key_size_bits != extracted_key_size_bits) {
408 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
409 }
410
411 keymaster_ec_curve_t curve_from_size;
412 error = EcKeySizeToCurve(*key_size_bits, &curve_from_size);
413 if (error != KM_ERROR_OK) return error;
414 keymaster_ec_curve_t curve;
415 if (!updated_description->GetTagValue(TAG_EC_CURVE, &curve)) {
416 updated_description->push_back(TAG_EC_CURVE, curve_from_size);
417 } else if (curve_from_size != curve) {
418 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
419 }
420 break;
421 }
422 case EVP_PKEY_ED25519: {
423 keymaster_ec_curve_t curve;
424 if (!updated_description->GetTagValue(TAG_EC_CURVE, &curve)) {
425 updated_description->push_back(TAG_EC_CURVE, KM_EC_CURVE_CURVE_25519);
426 } else if (curve != KM_EC_CURVE_CURVE_25519) {
427 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
428 }
429 if (updated_description->Contains(TAG_PURPOSE, KM_PURPOSE_AGREE_KEY)) {
430 // Purpose is for X25519, key is Ed25519.
431 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
432 }
433 if (updated_description->Contains(TAG_PURPOSE, KM_PURPOSE_ATTEST_KEY) &&
434 updated_description->GetTagCount(TAG_PURPOSE) > 1) {
435 // ATTEST_KEY cannot be combined with another purpose.
436 return KM_ERROR_INCOMPATIBLE_PURPOSE;
437 }
438 break;
439 }
440 case EVP_PKEY_X25519: {
441 keymaster_ec_curve_t curve;
442 if (!updated_description->GetTagValue(TAG_EC_CURVE, &curve)) {
443 updated_description->push_back(TAG_EC_CURVE, KM_EC_CURVE_CURVE_25519);
444 } else if (curve != KM_EC_CURVE_CURVE_25519) {
445 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
446 }
447 if (updated_description->Contains(TAG_PURPOSE, KM_PURPOSE_SIGN) ||
448 updated_description->Contains(TAG_PURPOSE, KM_PURPOSE_ATTEST_KEY)) {
449 // Purpose is for Ed25519, key is X25519.
450 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
451 }
452 break;
453 }
454 default:
455 return KM_ERROR_INVALID_KEY_BLOB;
456 }
457
458 return KM_ERROR_OK;
459 }
460
461 /* static */
ChooseGroup(size_t key_size_bits)462 EC_GROUP* EcKeyFactory::ChooseGroup(size_t key_size_bits) {
463 switch (key_size_bits) {
464 case 224:
465 return EC_GROUP_new_by_curve_name(NID_secp224r1);
466 break;
467 case 256:
468 return EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
469 break;
470 case 384:
471 return EC_GROUP_new_by_curve_name(NID_secp384r1);
472 break;
473 case 521:
474 return EC_GROUP_new_by_curve_name(NID_secp521r1);
475 break;
476 default:
477 return nullptr;
478 break;
479 }
480 }
481
482 /* static */
ChooseGroup(keymaster_ec_curve_t ec_curve)483 EC_GROUP* EcKeyFactory::ChooseGroup(keymaster_ec_curve_t ec_curve) {
484 switch (ec_curve) {
485 case KM_EC_CURVE_P_224:
486 return EC_GROUP_new_by_curve_name(NID_secp224r1);
487 break;
488 case KM_EC_CURVE_P_256:
489 return EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
490 break;
491 case KM_EC_CURVE_P_384:
492 return EC_GROUP_new_by_curve_name(NID_secp384r1);
493 break;
494 case KM_EC_CURVE_P_521:
495 return EC_GROUP_new_by_curve_name(NID_secp521r1);
496 break;
497 default:
498 return nullptr;
499 break;
500 }
501 }
502
CreateEmptyKey(AuthorizationSet && hw_enforced,AuthorizationSet && sw_enforced,UniquePtr<AsymmetricKey> * key) const503 keymaster_error_t EcKeyFactory::CreateEmptyKey(AuthorizationSet&& hw_enforced,
504 AuthorizationSet&& sw_enforced,
505 UniquePtr<AsymmetricKey>* key) const {
506 bool is_ed25519 = IsEd25519Key(hw_enforced, sw_enforced);
507 bool is_x25519 = IsX25519Key(hw_enforced, sw_enforced);
508 if (is_ed25519) {
509 if (is_x25519) {
510 return KM_ERROR_INCOMPATIBLE_PURPOSE;
511 }
512 key->reset(new (std::nothrow) Ed25519Key(move(hw_enforced), move(sw_enforced), this));
513 } else if (is_x25519) {
514 key->reset(new (std::nothrow) X25519Key(move(hw_enforced), move(sw_enforced), this));
515 } else {
516 key->reset(new (std::nothrow) EcKey(move(hw_enforced), move(sw_enforced), this));
517 }
518 if (!(*key)) return KM_ERROR_MEMORY_ALLOCATION_FAILED;
519 return KM_ERROR_OK;
520 }
521
522 } // namespace keymaster
523