• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright 2020, The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 /******************************************************************************
17  **
18  ** The original Work has been changed by NXP.
19  **
20  ** Licensed under the Apache License, Version 2.0 (the "License");
21  ** you may not use this file except in compliance with the License.
22  ** You may obtain a copy of the License at
23  **
24  ** http://www.apache.org/licenses/LICENSE-2.0
25  **
26  ** Unless required by applicable law or agreed to in writing, software
27  ** distributed under the License is distributed on an "AS IS" BASIS,
28  ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
29  ** See the License for the specific language governing permissions and
30  ** limitations under the License.
31  **
32  ** Copyright 2023 NXP
33  **
34  *********************************************************************************/
35 
36 #pragma once
37 
38 #include <vector>
39 
40 #include <aidl/android/hardware/security/keymint/BnKeyMintOperation.h>
41 #include <aidl/android/hardware/security/secureclock/ISecureClock.h>
42 #include <hardware/keymaster_defs.h>
43 
44 #include "CborConverter.h"
45 #include "JavacardSecureElement.h"
46 
47 #define AES_BLOCK_SIZE 16
48 #define DES_BLOCK_SIZE 8
49 #define RSA_BUFFER_SIZE 256
50 #define EC_BUFFER_SIZE 32
51 #define MAX_CHUNK_SIZE 256
52 namespace aidl::android::hardware::security::keymint {
53 using cppbor::Array;
54 using cppbor::Item;
55 using ::keymint::javacard::CborConverter;
56 using ::keymint::javacard::Instruction;
57 using ::keymint::javacard::JavacardSecureElement;
58 using ::ndk::ScopedAStatus;
59 using secureclock::TimeStampToken;
60 using std::optional;
61 using std::shared_ptr;
62 using std::vector;
63 
64 // Bufferig modes for update
65 enum class BufferingMode : int32_t {
66     NONE = 0,  // Send everything to javacard - most of the assymteric operations
67     RSA_DECRYPT_OR_NO_DIGEST = 1,
68                        // Buffer everything in update up to 256 bytes and send in finish. If
69                        // input data is greater than 256 bytes then it is an error. Javacard
70                        // will further check according to exact key size and crypto provider.
71     EC_NO_DIGEST = 2,  // Buffer up to 65 bytes and then truncate. Javacard will further truncate
72                        // up to exact keysize.
73     BUF_AES_ENCRYPT_PKCS7_BLOCK_ALIGNED = 3,  // Buffer 16 bytes.
74     BUF_AES_DECRYPT_PKCS7_BLOCK_ALIGNED = 4,  // Buffer 16 bytes.
75     BUF_DES_ENCRYPT_PKCS7_BLOCK_ALIGNED = 5,  // Buffer 8 bytes.
76     BUF_DES_DECRYPT_PKCS7_BLOCK_ALIGNED = 6,  // Buffer 8 bytes.
77     BUF_AES_GCM_DECRYPT_BLOCK_ALIGNED = 7,    // Buffer 16 bytes.
78 };
79 
80 // The is the view in the input data being processed by update/finish funcion.
81 
82 struct DataView {
83     vector<uint8_t> buffer;       // previously buffered data from cycle n-1
84     const vector<uint8_t>& data;  // current data in cycle n.
85     uint32_t start;               // start of the view
86     size_t length;                // length of the view
87 };
88 
89 class JavacardKeyMintOperation : public BnKeyMintOperation {
90   public:
JavacardKeyMintOperation(keymaster_operation_handle_t opHandle,BufferingMode bufferingMode,uint16_t macLength,shared_ptr<JavacardSecureElement> card)91     explicit JavacardKeyMintOperation(keymaster_operation_handle_t opHandle,
92                                       BufferingMode bufferingMode, uint16_t macLength,
93                                       shared_ptr<JavacardSecureElement> card)
94         : buffer_(vector<uint8_t>()), bufferingMode_(bufferingMode), macLength_(macLength),
95           card_(std::move(card)), opHandle_(opHandle) {}
96     virtual ~JavacardKeyMintOperation();
97 
98     ScopedAStatus updateAad(const vector<uint8_t>& input,
99                             const optional<HardwareAuthToken>& authToken,
100                             const optional<TimeStampToken>& timestampToken) override;
101 
102     ScopedAStatus update(const vector<uint8_t>& input, const optional<HardwareAuthToken>& authToken,
103                          const optional<TimeStampToken>& timestampToken,
104                          vector<uint8_t>* output) override;
105 
106     ScopedAStatus finish(const optional<vector<uint8_t>>& input,
107                          const optional<vector<uint8_t>>& signature,
108                          const optional<HardwareAuthToken>& authToken,
109                          const optional<TimeStampToken>& timestampToken,
110                          const optional<vector<uint8_t>>& confirmationToken,
111                          vector<uint8_t>* output) override;
112 
113     ScopedAStatus abort() override;
114 
115   private:
116     vector<uint8_t> popNextChunk(DataView& view, uint32_t chunkSize);
117 
118     keymaster_error_t updateInChunks(DataView& data, HardwareAuthToken& authToken,
119                                      TimeStampToken& timestampToken, vector<uint8_t>* output);
120 
121     keymaster_error_t sendFinish(const vector<uint8_t>& data, const vector<uint8_t>& signature,
122                                  const HardwareAuthToken& authToken,
123                                  const TimeStampToken& timestampToken,
124                                  const vector<uint8_t>& confToken, vector<uint8_t>& output);
125 
126     keymaster_error_t sendUpdate(const vector<uint8_t>& data, const HardwareAuthToken& authToken,
127                                  const TimeStampToken& timestampToken, vector<uint8_t>& output);
128 
appendBufferedData(DataView & view)129     inline void appendBufferedData(DataView& view) {
130         if (!buffer_.empty()) {
131             view.buffer = buffer_;
132             view.length = view.length + buffer_.size();
133             view.start = 0;
134             // view.buffer = insert(data.begin(), buffer_.begin(), buffer_.end());
135             buffer_.clear();
136         }
137     }
138 
139     std::tuple<std::unique_ptr<Item>, keymaster_error_t> sendRequest(Instruction ins,
140                                                                      Array& request);
141     keymaster_error_t bufferData(DataView& data);
142     void blockAlign(DataView& data, uint16_t blockSize);
143     uint16_t getDataViewOffset(DataView& view, uint16_t blockSize);
144 
145     vector<uint8_t> buffer_;
146     BufferingMode bufferingMode_;
147     uint16_t macLength_;
148     const shared_ptr<JavacardSecureElement> card_;
149     keymaster_operation_handle_t opHandle_;
150     CborConverter cbor_;
151 };
152 
153 }  // namespace aidl::android::hardware::security::keymint
154