1 /*
2 * Copyright 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <keymaster/km_openssl/ec_key_factory.h>
18
19 #include <utility>
20
21 #include <openssl/curve25519.h>
22 #include <openssl/evp.h>
23
24 #include <keymaster/keymaster_context.h>
25 #include <keymaster/km_openssl/curve25519_key.h>
26 #include <keymaster/km_openssl/ec_key.h>
27 #include <keymaster/km_openssl/ecdh_operation.h>
28 #include <keymaster/km_openssl/ecdsa_operation.h>
29 #include <keymaster/km_openssl/openssl_err.h>
30
31 #include <keymaster/operation.h>
32
33 namespace keymaster {
34
35 static EcdsaSignOperationFactory sign_factory;
36 static EcdsaVerifyOperationFactory verify_factory;
37 static EcdhOperationFactory agree_key_factory;
38
GetOperationFactory(keymaster_purpose_t purpose) const39 OperationFactory* EcKeyFactory::GetOperationFactory(keymaster_purpose_t purpose) const {
40 switch (purpose) {
41 case KM_PURPOSE_SIGN:
42 return &sign_factory;
43 case KM_PURPOSE_VERIFY:
44 return &verify_factory;
45 case KM_PURPOSE_AGREE_KEY:
46 return &agree_key_factory;
47 default:
48 return nullptr;
49 }
50 }
51
52 /* static */
GetCurveAndSize(const AuthorizationSet & key_description,keymaster_ec_curve_t * curve,uint32_t * key_size_bits)53 keymaster_error_t EcKeyFactory::GetCurveAndSize(const AuthorizationSet& key_description,
54 keymaster_ec_curve_t* curve,
55 uint32_t* key_size_bits) {
56 if (!key_description.GetTagValue(TAG_EC_CURVE, curve)) {
57 // Curve not specified. Fall back to deducing curve from key size.
58 if (!key_description.GetTagValue(TAG_KEY_SIZE, key_size_bits)) {
59 LOG_E("%s", "No curve or key size specified for EC key generation");
60 return KM_ERROR_UNSUPPORTED_KEY_SIZE;
61 }
62 keymaster_error_t error = EllipticKeySizeToCurve(*key_size_bits, curve);
63 if (error != KM_ERROR_OK) {
64 return KM_ERROR_UNSUPPORTED_KEY_SIZE;
65 }
66 } else {
67 keymaster_error_t error = EcCurveToKeySize(*curve, key_size_bits);
68 if (error != KM_ERROR_OK) {
69 return error;
70 }
71 uint32_t tag_key_size_bits;
72 if (key_description.GetTagValue(TAG_KEY_SIZE, &tag_key_size_bits) &&
73 *key_size_bits != tag_key_size_bits) {
74 LOG_E("Curve key size %d and specified key size %d don't match", key_size_bits,
75 tag_key_size_bits);
76 return KM_ERROR_INVALID_ARGUMENT;
77 }
78 }
79
80 return KM_ERROR_OK;
81 }
82
GenerateKey(const AuthorizationSet & key_description,UniquePtr<Key> attest_key,const KeymasterBlob & issuer_subject,KeymasterKeyBlob * key_blob,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced,CertificateChain * cert_chain) const83 keymaster_error_t EcKeyFactory::GenerateKey(const AuthorizationSet& key_description,
84 UniquePtr<Key> attest_key, //
85 const KeymasterBlob& issuer_subject,
86 KeymasterKeyBlob* key_blob,
87 AuthorizationSet* hw_enforced,
88 AuthorizationSet* sw_enforced,
89 CertificateChain* cert_chain) const {
90 if (!key_blob || !hw_enforced || !sw_enforced) return KM_ERROR_OUTPUT_PARAMETER_NULL;
91
92 AuthorizationSet authorizations(key_description);
93
94 keymaster_ec_curve_t ec_curve;
95 uint32_t key_size;
96 keymaster_error_t error = GetCurveAndSize(authorizations, &ec_curve, &key_size);
97 if (error != KM_ERROR_OK) {
98 return error;
99 } else if (!authorizations.Contains(TAG_KEY_SIZE, key_size)) {
100 authorizations.push_back(TAG_KEY_SIZE, key_size);
101 } else if (!authorizations.Contains(TAG_EC_CURVE, ec_curve)) {
102 authorizations.push_back(TAG_EC_CURVE, ec_curve);
103 }
104
105 bool is_ed25519 = false;
106 bool is_x25519 = false;
107 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey;
108 UniquePtr<EC_KEY, EC_KEY_Delete> ec_key(EC_KEY_new());
109 KeymasterKeyBlob key_material;
110 if (ec_curve == KM_EC_CURVE_CURVE_25519) {
111 // Curve 25519 keys do not fall under OpenSSL's EC_KEY category.
112 is_ed25519 = (key_description.Contains(TAG_PURPOSE, KM_PURPOSE_SIGN) ||
113 key_description.Contains(TAG_PURPOSE, KM_PURPOSE_ATTEST_KEY));
114 is_x25519 = key_description.Contains(TAG_PURPOSE, KM_PURPOSE_AGREE_KEY);
115 if (is_ed25519 && is_x25519) {
116 // Cannot have both SIGN (Ed25519) and AGREE_KEY (X25519).
117 return KM_ERROR_INCOMPATIBLE_PURPOSE;
118 }
119
120 if (is_ed25519) {
121 uint8_t priv_key[ED25519_PRIVATE_KEY_LEN];
122 uint8_t pub_key[ED25519_PUBLIC_KEY_LEN];
123 ED25519_keypair(pub_key, priv_key);
124
125 // Only feed in the first 32 bytes of the generated private key.
126 pkey.reset(EVP_PKEY_new_raw_private_key(EVP_PKEY_ED25519, nullptr, priv_key,
127 ED25519_SEED_LEN));
128 } else if (is_x25519) {
129 uint8_t priv_key[X25519_PRIVATE_KEY_LEN];
130 uint8_t pub_key[X25519_PUBLIC_VALUE_LEN];
131 X25519_keypair(pub_key, priv_key);
132
133 pkey.reset(EVP_PKEY_new_raw_private_key(EVP_PKEY_X25519, nullptr, priv_key,
134 X25519_PRIVATE_KEY_LEN));
135 } else {
136 return KM_ERROR_UNSUPPORTED_PURPOSE;
137 }
138 if (pkey.get() == nullptr) {
139 return KM_ERROR_UNKNOWN_ERROR;
140 }
141 } else {
142 pkey.reset(EVP_PKEY_new());
143 if (ec_key.get() == nullptr || pkey.get() == nullptr)
144 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
145
146 UniquePtr<EC_GROUP, EC_GROUP_Delete> group(ChooseGroup(ec_curve));
147 if (group.get() == nullptr) {
148 LOG_E("Unable to get EC group for curve %d", ec_curve);
149 return KM_ERROR_UNSUPPORTED_KEY_SIZE;
150 }
151
152 #if !defined(OPENSSL_IS_BORINGSSL)
153 EC_GROUP_set_point_conversion_form(group.get(), POINT_CONVERSION_UNCOMPRESSED);
154 EC_GROUP_set_asn1_flag(group.get(), OPENSSL_EC_NAMED_CURVE);
155 #endif
156
157 if (EC_KEY_set_group(ec_key.get(), group.get()) != 1 ||
158 EC_KEY_generate_key(ec_key.get()) != 1 || EC_KEY_check_key(ec_key.get()) < 0) {
159 return TranslateLastOpenSslError();
160 }
161
162 if (EVP_PKEY_set1_EC_KEY(pkey.get(), ec_key.get()) != 1) return TranslateLastOpenSslError();
163 }
164
165 error = EvpKeyToKeyMaterial(pkey.get(), &key_material);
166 if (error != KM_ERROR_OK) return error;
167
168 error = blob_maker_.CreateKeyBlob(authorizations, KM_ORIGIN_GENERATED, key_material, key_blob,
169 hw_enforced, sw_enforced);
170 if (error != KM_ERROR_OK) return error;
171
172 // Only generate attestation certificates for KeyMint (KeyMaster uses an attestKey()
173 // entrypoint that is separate from generateKey()).
174 if (context_.GetKmVersion() < KmVersion::KEYMINT_1) return KM_ERROR_OK;
175 if (!cert_chain) return KM_ERROR_UNEXPECTED_NULL_POINTER;
176
177 std::unique_ptr<AsymmetricKey> key;
178 if (is_ed25519) {
179 key.reset(new (std::nothrow) Ed25519Key(*hw_enforced, *sw_enforced, this, key_material));
180 } else if (is_x25519) {
181 key.reset(new (std::nothrow) X25519Key(*hw_enforced, *sw_enforced, this, key_material));
182 } else {
183 key.reset(new (std::nothrow) EcKey(*hw_enforced, *sw_enforced, this, std::move(ec_key)));
184 }
185 if (key == nullptr) {
186 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
187 }
188
189 if (key_description.Contains(TAG_ATTESTATION_CHALLENGE)) {
190 *cert_chain = context_.GenerateAttestation(*key, key_description, std::move(attest_key),
191 issuer_subject, &error);
192 } else if (attest_key.get() != nullptr) {
193 return KM_ERROR_ATTESTATION_CHALLENGE_MISSING;
194 } else {
195 *cert_chain = context_.GenerateSelfSignedCertificate(
196 *key, key_description, !IsCertSigningKey(key_description) /* fake_signature */, &error);
197 }
198
199 return error;
200 }
201
ImportKey(const AuthorizationSet & key_description,keymaster_key_format_t input_key_material_format,const KeymasterKeyBlob & input_key_material,UniquePtr<Key> attest_key,const KeymasterBlob & issuer_subject,KeymasterKeyBlob * output_key_blob,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced,CertificateChain * cert_chain) const202 keymaster_error_t EcKeyFactory::ImportKey(const AuthorizationSet& key_description, //
203 keymaster_key_format_t input_key_material_format,
204 const KeymasterKeyBlob& input_key_material,
205 UniquePtr<Key> attest_key, //
206 const KeymasterBlob& issuer_subject,
207 KeymasterKeyBlob* output_key_blob,
208 AuthorizationSet* hw_enforced,
209 AuthorizationSet* sw_enforced,
210 CertificateChain* cert_chain) const {
211 if (input_key_material_format == KM_KEY_FORMAT_RAW) {
212 return ImportRawKey(key_description, input_key_material, std::move(attest_key),
213 issuer_subject, output_key_blob, hw_enforced, sw_enforced, cert_chain);
214 }
215
216 if (!output_key_blob || !hw_enforced || !sw_enforced) return KM_ERROR_OUTPUT_PARAMETER_NULL;
217
218 AuthorizationSet authorizations;
219 uint32_t key_size;
220 keymaster_error_t error = UpdateImportKeyDescription(
221 key_description, input_key_material_format, input_key_material, &authorizations, &key_size);
222 if (error != KM_ERROR_OK) return error;
223
224 error = blob_maker_.CreateKeyBlob(authorizations, KM_ORIGIN_IMPORTED, input_key_material,
225 output_key_blob, hw_enforced, sw_enforced);
226 if (error != KM_ERROR_OK) return error;
227
228 if (context_.GetKmVersion() < KmVersion::KEYMINT_1) return KM_ERROR_OK;
229 if (!cert_chain) return KM_ERROR_UNEXPECTED_NULL_POINTER;
230
231 EVP_PKEY_Ptr pkey;
232 error = KeyMaterialToEvpKey(KM_KEY_FORMAT_PKCS8, input_key_material, KM_ALGORITHM_EC, &pkey);
233 if (error != KM_ERROR_OK) return error;
234
235 std::unique_ptr<AsymmetricKey> key;
236 switch (EVP_PKEY_id(pkey.get())) {
237 case EVP_PKEY_ED25519:
238 key.reset(new (std::nothrow) Ed25519Key(*hw_enforced, *sw_enforced, this));
239 if (key.get() == nullptr) {
240 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
241 }
242 if (!key->EvpToInternal(pkey.get())) {
243 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
244 }
245 break;
246 case EVP_PKEY_X25519:
247 key.reset(new (std::nothrow) X25519Key(*hw_enforced, *sw_enforced, this));
248 if (key.get() == nullptr) {
249 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
250 }
251 if (!key->EvpToInternal(pkey.get())) {
252 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
253 }
254 break;
255 case EVP_PKEY_EC: {
256 EC_KEY_Ptr ec_key(EVP_PKEY_get1_EC_KEY(pkey.get()));
257 if (!ec_key.get()) return KM_ERROR_INVALID_ARGUMENT;
258
259 key.reset(new (std::nothrow) EcKey(*hw_enforced, *sw_enforced, this, std::move(ec_key)));
260 if (key.get() == nullptr) {
261 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
262 }
263 break;
264 }
265 default:
266 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
267 }
268 if (key == nullptr) {
269 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
270 }
271
272 if (key_description.Contains(KM_TAG_ATTESTATION_CHALLENGE)) {
273 *cert_chain = context_.GenerateAttestation(*key, key_description, std::move(attest_key),
274 issuer_subject, &error);
275 } else if (attest_key.get() != nullptr) {
276 return KM_ERROR_ATTESTATION_CHALLENGE_MISSING;
277 } else {
278 *cert_chain = context_.GenerateSelfSignedCertificate(
279 *key, key_description, !IsCertSigningKey(key_description) /* fake_signature */, &error);
280 }
281
282 return error;
283 }
284
ImportRawKey(const AuthorizationSet & key_description,const KeymasterKeyBlob & input_key_material,UniquePtr<Key> attest_key,const KeymasterBlob & issuer_subject,KeymasterKeyBlob * output_key_blob,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced,CertificateChain * cert_chain) const285 keymaster_error_t EcKeyFactory::ImportRawKey(const AuthorizationSet& key_description, //
286 const KeymasterKeyBlob& input_key_material,
287 UniquePtr<Key> attest_key, //
288 const KeymasterBlob& issuer_subject,
289 KeymasterKeyBlob* output_key_blob,
290 AuthorizationSet* hw_enforced,
291 AuthorizationSet* sw_enforced,
292 CertificateChain* cert_chain) const {
293 if (!output_key_blob || !hw_enforced || !sw_enforced) return KM_ERROR_OUTPUT_PARAMETER_NULL;
294
295 // Curve 25519 keys may arrive in raw form, but if they do the key_description must include
296 // enough information to allow the key material to be identified. This means that the
297 // following tags must already be present in key_description:
298 // - TAG_ALGORITHM: KM_ALGORITHM_EC
299 // - TAG_EC_CURVE: KM_EC_CURVE_CURVE_25519
300 // - TAG_PURPOSE: exactly one of:
301 // - KM_SIGN (Ed25519)
302 // - KM_ATTEST_KEY (Ed25519)
303 // - KM_AGREE (X25519)
304 keymaster_ec_curve_t curve;
305 if (!key_description.GetTagValue(TAG_EC_CURVE, &curve) || curve != KM_EC_CURVE_CURVE_25519) {
306 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
307 }
308 bool is_ed25519 = (key_description.Contains(TAG_PURPOSE, KM_PURPOSE_SIGN) ||
309 key_description.Contains(TAG_PURPOSE, KM_PURPOSE_ATTEST_KEY));
310 bool is_x25519 = key_description.Contains(TAG_PURPOSE, KM_PURPOSE_AGREE_KEY);
311 if (is_ed25519 && is_x25519) {
312 // Cannot have both SIGN (Ed25519) and AGREE_KEY (X25519).
313 return KM_ERROR_INCOMPATIBLE_PURPOSE;
314 }
315 if (key_description.Contains(TAG_PURPOSE, KM_PURPOSE_ATTEST_KEY) &&
316 key_description.GetTagCount(TAG_PURPOSE) > 1) {
317 // ATTEST_KEY cannot be combined with another purpose.
318 return KM_ERROR_INCOMPATIBLE_PURPOSE;
319 }
320
321 // First convert the raw key data into an EVP_PKEY.
322 EVP_PKEY_Ptr pkey;
323 if (is_ed25519) {
324 pkey.reset(EVP_PKEY_new_raw_private_key(EVP_PKEY_ED25519, /* unused*/ nullptr,
325 input_key_material.key_material,
326 input_key_material.key_material_size));
327 } else if (is_x25519) {
328 pkey.reset(EVP_PKEY_new_raw_private_key(EVP_PKEY_X25519, /* unused*/ nullptr,
329 input_key_material.key_material,
330 input_key_material.key_material_size));
331 } else {
332 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
333 }
334 if (pkey.get() == nullptr) {
335 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
336 }
337
338 // Now extract PKCS#8 formatted private key material from the EVP_PKEY.
339 KeymasterKeyBlob pkcs8_key_material;
340 keymaster_error_t error = EvpKeyToKeyMaterial(pkey.get(), &pkcs8_key_material);
341 if (error != KM_ERROR_OK) return error;
342
343 // Store the PKCS#8 private key material in the key blob.
344 error = blob_maker_.CreateKeyBlob(key_description, KM_ORIGIN_IMPORTED, pkcs8_key_material,
345 output_key_blob, hw_enforced, sw_enforced);
346 if (error != KM_ERROR_OK) return error;
347
348 if (context_.GetKmVersion() < KmVersion::KEYMINT_1) return KM_ERROR_OK;
349 if (!cert_chain) return KM_ERROR_UNEXPECTED_NULL_POINTER;
350
351 std::unique_ptr<AsymmetricKey> key;
352 if (is_ed25519) {
353 key.reset(new (std::nothrow)
354 Ed25519Key(*hw_enforced, *sw_enforced, this, pkcs8_key_material));
355 } else /* is_x25519 */ {
356 key.reset(new (std::nothrow)
357 X25519Key(*hw_enforced, *sw_enforced, this, pkcs8_key_material));
358 }
359 if (key == nullptr) {
360 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
361 }
362
363 if (key_description.Contains(KM_TAG_ATTESTATION_CHALLENGE)) {
364 *cert_chain = context_.GenerateAttestation(*key, key_description, std::move(attest_key),
365 issuer_subject, &error);
366 } else if (attest_key.get() != nullptr) {
367 return KM_ERROR_ATTESTATION_CHALLENGE_MISSING;
368 } else {
369 *cert_chain = context_.GenerateSelfSignedCertificate(
370 *key, key_description, !IsCertSigningKey(key_description) /* fake_signature */, &error);
371 }
372
373 return error;
374 }
375
UpdateImportKeyDescription(const AuthorizationSet & key_description,keymaster_key_format_t key_format,const KeymasterKeyBlob & key_material,AuthorizationSet * updated_description,uint32_t * key_size_bits) const376 keymaster_error_t EcKeyFactory::UpdateImportKeyDescription(const AuthorizationSet& key_description,
377 keymaster_key_format_t key_format,
378 const KeymasterKeyBlob& key_material,
379 AuthorizationSet* updated_description,
380 uint32_t* key_size_bits) const {
381 if (!updated_description || !key_size_bits) return KM_ERROR_OUTPUT_PARAMETER_NULL;
382
383 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey;
384 keymaster_error_t error =
385 KeyMaterialToEvpKey(key_format, key_material, keymaster_key_type(), &pkey);
386 if (error != KM_ERROR_OK) return error;
387
388 updated_description->Reinitialize(key_description);
389
390 keymaster_algorithm_t algorithm = KM_ALGORITHM_EC;
391 if (!updated_description->GetTagValue(TAG_ALGORITHM, &algorithm)) {
392 updated_description->push_back(TAG_ALGORITHM, KM_ALGORITHM_EC);
393 } else if (algorithm != KM_ALGORITHM_EC) {
394 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
395 }
396
397 switch (EVP_PKEY_id(pkey.get())) {
398 case EVP_PKEY_EC: {
399 UniquePtr<EC_KEY, EC_KEY_Delete> ec_key(EVP_PKEY_get1_EC_KEY(pkey.get()));
400 if (!ec_key.get()) return TranslateLastOpenSslError();
401
402 size_t extracted_key_size_bits;
403 error = ec_get_group_size(EC_KEY_get0_group(ec_key.get()), &extracted_key_size_bits);
404 if (error != KM_ERROR_OK) return error;
405
406 *key_size_bits = extracted_key_size_bits;
407 if (!updated_description->GetTagValue(TAG_KEY_SIZE, key_size_bits)) {
408 updated_description->push_back(TAG_KEY_SIZE, extracted_key_size_bits);
409 } else if (*key_size_bits != extracted_key_size_bits) {
410 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
411 }
412
413 keymaster_ec_curve_t curve_from_size;
414 error = EcKeySizeToCurve(*key_size_bits, &curve_from_size);
415 if (error != KM_ERROR_OK) return error;
416 keymaster_ec_curve_t curve;
417 if (!updated_description->GetTagValue(TAG_EC_CURVE, &curve)) {
418 updated_description->push_back(TAG_EC_CURVE, curve_from_size);
419 } else if (curve_from_size != curve) {
420 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
421 }
422 break;
423 }
424 case EVP_PKEY_ED25519: {
425 keymaster_ec_curve_t curve;
426 if (!updated_description->GetTagValue(TAG_EC_CURVE, &curve)) {
427 updated_description->push_back(TAG_EC_CURVE, KM_EC_CURVE_CURVE_25519);
428 } else if (curve != KM_EC_CURVE_CURVE_25519) {
429 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
430 }
431 if (updated_description->Contains(TAG_PURPOSE, KM_PURPOSE_AGREE_KEY)) {
432 // Purpose is for X25519, key is Ed25519.
433 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
434 }
435 if (updated_description->Contains(TAG_PURPOSE, KM_PURPOSE_ATTEST_KEY) &&
436 updated_description->GetTagCount(TAG_PURPOSE) > 1) {
437 // ATTEST_KEY cannot be combined with another purpose.
438 return KM_ERROR_INCOMPATIBLE_PURPOSE;
439 }
440 break;
441 }
442 case EVP_PKEY_X25519: {
443 keymaster_ec_curve_t curve;
444 if (!updated_description->GetTagValue(TAG_EC_CURVE, &curve)) {
445 updated_description->push_back(TAG_EC_CURVE, KM_EC_CURVE_CURVE_25519);
446 } else if (curve != KM_EC_CURVE_CURVE_25519) {
447 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
448 }
449 if (updated_description->Contains(TAG_PURPOSE, KM_PURPOSE_SIGN) ||
450 updated_description->Contains(TAG_PURPOSE, KM_PURPOSE_ATTEST_KEY)) {
451 // Purpose is for Ed25519, key is X25519.
452 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
453 }
454 break;
455 }
456 default:
457 return KM_ERROR_INVALID_KEY_BLOB;
458 }
459
460 return KM_ERROR_OK;
461 }
462
463 /* static */
ChooseGroup(size_t key_size_bits)464 EC_GROUP* EcKeyFactory::ChooseGroup(size_t key_size_bits) {
465 switch (key_size_bits) {
466 case 224:
467 return EC_GROUP_new_by_curve_name(NID_secp224r1);
468 break;
469 case 256:
470 return EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
471 break;
472 case 384:
473 return EC_GROUP_new_by_curve_name(NID_secp384r1);
474 break;
475 case 521:
476 return EC_GROUP_new_by_curve_name(NID_secp521r1);
477 break;
478 default:
479 return nullptr;
480 break;
481 }
482 }
483
484 /* static */
ChooseGroup(keymaster_ec_curve_t ec_curve)485 EC_GROUP* EcKeyFactory::ChooseGroup(keymaster_ec_curve_t ec_curve) {
486 switch (ec_curve) {
487 case KM_EC_CURVE_P_224:
488 return EC_GROUP_new_by_curve_name(NID_secp224r1);
489 break;
490 case KM_EC_CURVE_P_256:
491 return EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
492 break;
493 case KM_EC_CURVE_P_384:
494 return EC_GROUP_new_by_curve_name(NID_secp384r1);
495 break;
496 case KM_EC_CURVE_P_521:
497 return EC_GROUP_new_by_curve_name(NID_secp521r1);
498 break;
499 default:
500 return nullptr;
501 break;
502 }
503 }
504
CreateEmptyKey(AuthorizationSet && hw_enforced,AuthorizationSet && sw_enforced,UniquePtr<AsymmetricKey> * key) const505 keymaster_error_t EcKeyFactory::CreateEmptyKey(AuthorizationSet&& hw_enforced,
506 AuthorizationSet&& sw_enforced,
507 UniquePtr<AsymmetricKey>* key) const {
508 bool is_ed25519 = IsEd25519Key(hw_enforced, sw_enforced);
509 bool is_x25519 = IsX25519Key(hw_enforced, sw_enforced);
510 if (is_ed25519) {
511 if (is_x25519) {
512 return KM_ERROR_INCOMPATIBLE_PURPOSE;
513 }
514 key->reset(new (std::nothrow) Ed25519Key(std::move(hw_enforced), std::move(sw_enforced),
515 this));
516 } else if (is_x25519) {
517 key->reset(new (std::nothrow) X25519Key(std::move(hw_enforced), std::move(sw_enforced),
518 this));
519 } else {
520 key->reset(new (std::nothrow) EcKey(std::move(hw_enforced), std::move(sw_enforced), this));
521 }
522 if (!(*key)) return KM_ERROR_MEMORY_ALLOCATION_FAILED;
523 return KM_ERROR_OK;
524 }
525
526 } // namespace keymaster
527