Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2017 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
Robert Berry | 5397d4d | 2017-12-12 13:22:00 +0000 | [diff] [blame] | 17 | package com.android.server.locksettings.recoverablekeystore; |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 18 | |
Bo Zhu | 2c8e538 | 2018-02-26 15:54:25 -0800 | [diff] [blame^] | 19 | import android.annotation.NonNull; |
| 20 | |
Robert Berry | a244b2e | 2017-12-19 10:44:56 +0000 | [diff] [blame] | 21 | import com.android.server.locksettings.recoverablekeystore.storage.RecoverableKeyStoreDb; |
| 22 | |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 23 | import java.security.InvalidKeyException; |
| 24 | import java.security.KeyStoreException; |
| 25 | import java.security.NoSuchAlgorithmException; |
Robert Berry | a244b2e | 2017-12-19 10:44:56 +0000 | [diff] [blame] | 26 | import java.util.Locale; |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 27 | |
| 28 | import javax.crypto.KeyGenerator; |
| 29 | import javax.crypto.SecretKey; |
Bo Zhu | 2c8e538 | 2018-02-26 15:54:25 -0800 | [diff] [blame^] | 30 | import javax.crypto.spec.SecretKeySpec; |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 31 | |
Bo Zhu | 2c8e538 | 2018-02-26 15:54:25 -0800 | [diff] [blame^] | 32 | // TODO: Rename RecoverableKeyGenerator to RecoverableKeyManager as it can import a key too now |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 33 | /** |
Bo Zhu | 2c8e538 | 2018-02-26 15:54:25 -0800 | [diff] [blame^] | 34 | * Generates/imports keys and stores them both in AndroidKeyStore and on disk, in wrapped form. |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 35 | * |
Bo Zhu | 2c8e538 | 2018-02-26 15:54:25 -0800 | [diff] [blame^] | 36 | * <p>Generates/imports 256-bit AES keys, which can be used for encrypt and decrypt with AES-GCM. |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 37 | * They are synced to disk wrapped by a platform key. This allows them to be exported to a remote |
| 38 | * service. |
| 39 | * |
| 40 | * @hide |
| 41 | */ |
| 42 | public class RecoverableKeyGenerator { |
Bo Zhu | 2c8e538 | 2018-02-26 15:54:25 -0800 | [diff] [blame^] | 43 | |
Robert Berry | a244b2e | 2017-12-19 10:44:56 +0000 | [diff] [blame] | 44 | private static final int RESULT_CANNOT_INSERT_ROW = -1; |
Bo Zhu | 2c8e538 | 2018-02-26 15:54:25 -0800 | [diff] [blame^] | 45 | private static final String SECRET_KEY_ALGORITHM = "AES"; |
| 46 | |
| 47 | static final int KEY_SIZE_BITS = 256; |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 48 | |
| 49 | /** |
| 50 | * A new {@link RecoverableKeyGenerator} instance. |
| 51 | * |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 52 | * @throws NoSuchAlgorithmException if "AES" key generation or "AES/GCM/NoPadding" cipher is |
| 53 | * unavailable. Should never happen. |
| 54 | * |
| 55 | * @hide |
| 56 | */ |
Robert Berry | a244b2e | 2017-12-19 10:44:56 +0000 | [diff] [blame] | 57 | public static RecoverableKeyGenerator newInstance(RecoverableKeyStoreDb database) |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 58 | throws NoSuchAlgorithmException { |
| 59 | // NB: This cannot use AndroidKeyStore as the provider, as we need access to the raw key |
| 60 | // material, so that it can be synced to disk in encrypted form. |
Bo Zhu | 2c8e538 | 2018-02-26 15:54:25 -0800 | [diff] [blame^] | 61 | KeyGenerator keyGenerator = KeyGenerator.getInstance(SECRET_KEY_ALGORITHM); |
Robert Berry | cfc990a | 2017-12-22 15:54:30 +0000 | [diff] [blame] | 62 | return new RecoverableKeyGenerator(keyGenerator, database); |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 63 | } |
| 64 | |
| 65 | private final KeyGenerator mKeyGenerator; |
Robert Berry | a244b2e | 2017-12-19 10:44:56 +0000 | [diff] [blame] | 66 | private final RecoverableKeyStoreDb mDatabase; |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 67 | |
| 68 | private RecoverableKeyGenerator( |
| 69 | KeyGenerator keyGenerator, |
Robert Berry | cfc990a | 2017-12-22 15:54:30 +0000 | [diff] [blame] | 70 | RecoverableKeyStoreDb recoverableKeyStoreDb) { |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 71 | mKeyGenerator = keyGenerator; |
Robert Berry | a244b2e | 2017-12-19 10:44:56 +0000 | [diff] [blame] | 72 | mDatabase = recoverableKeyStoreDb; |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 73 | } |
| 74 | |
| 75 | /** |
| 76 | * Generates a 256-bit AES key with the given alias. |
| 77 | * |
| 78 | * <p>Stores in the AndroidKeyStore, as well as persisting in wrapped form to disk. It is |
| 79 | * persisted to disk so that it can be synced remotely, and then recovered on another device. |
| 80 | * The generated key allows encrypt/decrypt only using AES/GCM/NoPadding. |
| 81 | * |
Robert Berry | a244b2e | 2017-12-19 10:44:56 +0000 | [diff] [blame] | 82 | * @param platformKey The user's platform key, with which to wrap the generated key. |
Robert Berry | b7c06ea | 2017-12-21 13:37:23 +0000 | [diff] [blame] | 83 | * @param userId The user ID of the profile to which the calling app belongs. |
Robert Berry | a244b2e | 2017-12-19 10:44:56 +0000 | [diff] [blame] | 84 | * @param uid The uid of the application that will own the key. |
Robert Berry | cfc990a | 2017-12-22 15:54:30 +0000 | [diff] [blame] | 85 | * @param alias The alias by which the key will be known in the recoverable key store. |
Robert Berry | a244b2e | 2017-12-19 10:44:56 +0000 | [diff] [blame] | 86 | * @throws RecoverableKeyStorageException if there is some error persisting the key either to |
Robert Berry | cfc990a | 2017-12-22 15:54:30 +0000 | [diff] [blame] | 87 | * the database. |
Robert Berry | a244b2e | 2017-12-19 10:44:56 +0000 | [diff] [blame] | 88 | * @throws KeyStoreException if there is a KeyStore error wrapping the generated key. |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 89 | * @throws InvalidKeyException if the platform key cannot be used to wrap keys. |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 90 | * |
| 91 | * @hide |
| 92 | */ |
Robert Berry | cfc990a | 2017-12-22 15:54:30 +0000 | [diff] [blame] | 93 | public byte[] generateAndStoreKey( |
Robert Berry | b7c06ea | 2017-12-21 13:37:23 +0000 | [diff] [blame] | 94 | PlatformEncryptionKey platformKey, int userId, int uid, String alias) |
Robert Berry | a244b2e | 2017-12-19 10:44:56 +0000 | [diff] [blame] | 95 | throws RecoverableKeyStorageException, KeyStoreException, InvalidKeyException { |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 96 | mKeyGenerator.init(KEY_SIZE_BITS); |
| 97 | SecretKey key = mKeyGenerator.generateKey(); |
| 98 | |
Robert Berry | a244b2e | 2017-12-19 10:44:56 +0000 | [diff] [blame] | 99 | WrappedKey wrappedKey = WrappedKey.fromSecretKey(platformKey, key); |
Robert Berry | b7c06ea | 2017-12-21 13:37:23 +0000 | [diff] [blame] | 100 | long result = mDatabase.insertKey(userId, uid, alias, wrappedKey); |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 101 | |
Robert Berry | a244b2e | 2017-12-19 10:44:56 +0000 | [diff] [blame] | 102 | if (result == RESULT_CANNOT_INSERT_ROW) { |
Robert Berry | a244b2e | 2017-12-19 10:44:56 +0000 | [diff] [blame] | 103 | throw new RecoverableKeyStorageException( |
| 104 | String.format( |
| 105 | Locale.US, "Failed writing (%d, %s) to database.", uid, alias)); |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 106 | } |
Robert Berry | cfc990a | 2017-12-22 15:54:30 +0000 | [diff] [blame] | 107 | |
Dmitry Dementyev | 77183ef | 2018-01-05 15:46:00 -0800 | [diff] [blame] | 108 | mDatabase.setShouldCreateSnapshot(userId, uid, true); |
Robert Berry | cfc990a | 2017-12-22 15:54:30 +0000 | [diff] [blame] | 109 | return key.getEncoded(); |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 110 | } |
Bo Zhu | 2c8e538 | 2018-02-26 15:54:25 -0800 | [diff] [blame^] | 111 | |
| 112 | /** |
| 113 | * Imports an AES key with the given alias. |
| 114 | * |
| 115 | * <p>Stores in the AndroidKeyStore, as well as persisting in wrapped form to disk. It is |
| 116 | * persisted to disk so that it can be synced remotely, and then recovered on another device. |
| 117 | * The generated key allows encrypt/decrypt only using AES/GCM/NoPadding. |
| 118 | * |
| 119 | * @param platformKey The user's platform key, with which to wrap the generated key. |
| 120 | * @param userId The user ID of the profile to which the calling app belongs. |
| 121 | * @param uid The uid of the application that will own the key. |
| 122 | * @param alias The alias by which the key will be known in the recoverable key store. |
| 123 | * @param keyBytes The raw bytes of the AES key to be imported. |
| 124 | * @throws RecoverableKeyStorageException if there is some error persisting the key either to |
| 125 | * the database. |
| 126 | * @throws KeyStoreException if there is a KeyStore error wrapping the generated key. |
| 127 | * @throws InvalidKeyException if the platform key cannot be used to wrap keys. |
| 128 | * |
| 129 | * @hide |
| 130 | */ |
| 131 | public void importKey( |
| 132 | @NonNull PlatformEncryptionKey platformKey, int userId, int uid, @NonNull String alias, |
| 133 | @NonNull byte[] keyBytes) |
| 134 | throws RecoverableKeyStorageException, KeyStoreException, InvalidKeyException { |
| 135 | SecretKey key = new SecretKeySpec(keyBytes, SECRET_KEY_ALGORITHM); |
| 136 | |
| 137 | WrappedKey wrappedKey = WrappedKey.fromSecretKey(platformKey, key); |
| 138 | long result = mDatabase.insertKey(userId, uid, alias, wrappedKey); |
| 139 | |
| 140 | if (result == RESULT_CANNOT_INSERT_ROW) { |
| 141 | throw new RecoverableKeyStorageException( |
| 142 | String.format( |
| 143 | Locale.US, "Failed writing (%d, %s) to database.", uid, alias)); |
| 144 | } |
| 145 | |
| 146 | mDatabase.setShouldCreateSnapshot(userId, uid, true); |
| 147 | } |
Robert Berry | ce50cd3 | 2017-12-07 14:33:54 +0000 | [diff] [blame] | 148 | } |