• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright 2020, The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #pragma once
18 
19 #include <vector>
20 
21 #include <aidl/android/hardware/security/keymint/BnKeyMintOperation.h>
22 #include <aidl/android/hardware/security/secureclock/ISecureClock.h>
23 #include <hardware/keymaster_defs.h>
24 
25 #include "CborConverter.h"
26 #include "JavacardSecureElement.h"
27 
28 #define AES_BLOCK_SIZE 16
29 #define DES_BLOCK_SIZE 8
30 #define RSA_BUFFER_SIZE 256
31 #define EC_BUFFER_SIZE 32
32 #define MAX_CHUNK_SIZE 256
33 
34 namespace aidl::android::hardware::security::keymint {
35 using cppbor::Array;
36 using cppbor::Item;
37 using ::keymint::javacard::CborConverter;
38 using ::keymint::javacard::Instruction;
39 using ::keymint::javacard::JavacardSecureElement;
40 using ::ndk::ScopedAStatus;
41 using secureclock::TimeStampToken;
42 using std::optional;
43 using std::shared_ptr;
44 using std::vector;
45 
46 // Bufferig modes for update
47 enum class BufferingMode : int32_t {
48     NONE = 0,  // Send everything to javacard - most of the assymteric operations
49     RSA_DECRYPT_OR_NO_DIGEST =
50         1,             // Buffer everything in update upto 256 bytes and send in finish. If
51                        // input data is greater then 256 bytes then it is an error. Javacard
52                        // will further check according to exact key size and crypto provider.
53     EC_NO_DIGEST = 2,  // Buffer upto 65 bytes and then truncate. Javacard will further truncate
54                        // upto exact keysize.
55     BUF_AES_ENCRYPT_PKCS7_BLOCK_ALIGNED = 3,  // Buffer 16 bytes.
56     BUF_AES_DECRYPT_PKCS7_BLOCK_ALIGNED = 4,  // Buffer 16 bytes.
57     BUF_DES_ENCRYPT_PKCS7_BLOCK_ALIGNED = 5,  // Buffer 8 bytes.
58     BUF_DES_DECRYPT_PKCS7_BLOCK_ALIGNED = 6,  // Buffer 8 bytes.
59     BUF_AES_GCM_DECRYPT_BLOCK_ALIGNED = 7,    // Buffer 16 bytes.
60 
61 };
62 
63 // The is the view in the input data being processed by update/finish funcion.
64 
65 struct DataView {
66     vector<uint8_t> buffer;       // previously buffered data from cycle n-1
67     const vector<uint8_t>& data;  // current data in cycle n.
68     uint32_t start;               // start of the view
69     size_t length;                // length of the view
70 };
71 
72 class JavacardKeyMintOperation : public BnKeyMintOperation {
73   public:
JavacardKeyMintOperation(keymaster_operation_handle_t opHandle,BufferingMode bufferingMode,uint16_t macLength,shared_ptr<JavacardSecureElement> card)74     explicit JavacardKeyMintOperation(keymaster_operation_handle_t opHandle,
75                                       BufferingMode bufferingMode, uint16_t macLength,
76                                       shared_ptr<JavacardSecureElement> card)
77         : buffer_(vector<uint8_t>()), bufferingMode_(bufferingMode), macLength_(macLength),
78           card_(card), opHandle_(opHandle) {}
79     virtual ~JavacardKeyMintOperation();
80 
81     ScopedAStatus updateAad(const vector<uint8_t>& input,
82                             const optional<HardwareAuthToken>& authToken,
83                             const optional<TimeStampToken>& timestampToken) override;
84 
85     ScopedAStatus update(const vector<uint8_t>& input, const optional<HardwareAuthToken>& authToken,
86                          const optional<TimeStampToken>& timestampToken,
87                          vector<uint8_t>* output) override;
88 
89     ScopedAStatus finish(const optional<vector<uint8_t>>& input,
90                          const optional<vector<uint8_t>>& signature,
91                          const optional<HardwareAuthToken>& authToken,
92                          const optional<TimeStampToken>& timestampToken,
93                          const optional<vector<uint8_t>>& confirmationToken,
94                          vector<uint8_t>* output) override;
95 
96     ScopedAStatus abort() override;
97 
98   private:
99     vector<uint8_t> popNextChunk(DataView& view, uint32_t chunkSize);
100 
101     keymaster_error_t updateInChunks(DataView& data, HardwareAuthToken& authToken,
102                                      TimeStampToken& timestampToken, vector<uint8_t>* output);
103 
104     keymaster_error_t sendFinish(const vector<uint8_t>& data, const vector<uint8_t>& signature,
105                                  const HardwareAuthToken& authToken,
106                                  const TimeStampToken& timestampToken,
107                                  const vector<uint8_t>& confToken, vector<uint8_t>& output);
108 
109     keymaster_error_t sendUpdate(const vector<uint8_t>& data, const HardwareAuthToken& authToken,
110                                  const TimeStampToken& timestampToken, vector<uint8_t>& output);
111 
appendBufferedData(DataView & view)112     inline void appendBufferedData(DataView& view) {
113         if (!buffer_.empty()) {
114             view.buffer = buffer_;
115             view.length = view.length + buffer_.size();
116             view.start = 0;
117             // view.buffer = insert(data.begin(), buffer_.begin(), buffer_.end());
118             buffer_.clear();
119         }
120     }
121 
122     std::tuple<std::unique_ptr<Item>, keymaster_error_t> sendRequest(Instruction ins,
123                                                                      Array& request);
124     keymaster_error_t bufferData(DataView& data);
125     void blockAlign(DataView& data, uint16_t blockSize);
126     uint16_t getDataViewOffset(DataView& view, uint16_t blockSize);
127 
128     vector<uint8_t> buffer_;
129     BufferingMode bufferingMode_;
130     uint16_t macLength_;
131     const shared_ptr<JavacardSecureElement> card_;
132     keymaster_operation_handle_t opHandle_;
133     CborConverter cbor_;
134 };
135 
136 }  // namespace aidl::android::hardware::security::keymint
137