Blame - services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java - platform/frameworks/base

2017-12-11 11:33:12 -0800

[diff] [blame]

/*

*

* Licensed under the Apache License, Version 2.0 (the "License");

5

* you may not use this file except in compliance with the License.

6

* You may obtain a copy of the License at

7

*

8

* http://www.apache.org/licenses/LICENSE-2.0

9

*

10

* Unless required by applicable law or agreed to in writing, software

11

* distributed under the License is distributed on an "AS IS" BASIS,

12

* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

13

* See the License for the specific language governing permissions and

14

* limitations under the License.

15

*/

16

17

package com.android.server.locksettings.recoverablekeystore;

18

Robert Berry

74928a1

2018-01-18 17:49:07 +0000

[diff] [blame]

19

import static android.security.keystore.RecoveryController.ERROR_BAD_CERTIFICATE_FORMAT;

20

import static android.security.keystore.RecoveryController.ERROR_DECRYPTION_FAILED;

21

import static android.security.keystore.RecoveryController.ERROR_INSECURE_USER;

22

import static android.security.keystore.RecoveryController.ERROR_NO_SNAPSHOT_PENDING;

23

import static android.security.keystore.RecoveryController.ERROR_SERVICE_INTERNAL_ERROR;

24

import static android.security.keystore.RecoveryController.ERROR_SESSION_EXPIRED;

Robert Berry

2018-01-05 12:43:13 +0000

[diff] [blame]

25

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

26

import android.annotation.NonNull;

27

import android.annotation.Nullable;

Dmitry Dementyev

2017-12-19 11:02:54 -0800

[diff] [blame]

28

import android.app.PendingIntent;

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

29

import android.content.Context;

Dmitry Dementyev

ed89ea0

2018-01-11 13:53:52 -0800

[diff] [blame]

30

import android.Manifest;

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

31

import android.os.Binder;

32

import android.os.RemoteException;

33

import android.os.ServiceSpecificException;

34

import android.os.UserHandle;

35

Robert Berry

2018-01-17 23:28:45 +0000

[diff] [blame]

36

import android.security.keystore.KeychainProtectionParams;

Robert Berry

2018-01-17 15:18:05 +0000

[diff] [blame]

37

import android.security.keystore.KeychainSnapshot;

Robert Berry

74928a1

2018-01-18 17:49:07 +0000

[diff] [blame]

38

import android.security.keystore.RecoveryController;

Robert Berry

2018-01-17 15:18:05 +0000

[diff] [blame]

39

import android.security.keystore.WrappedApplicationKey;

Robert Berry

2017-12-21 15:44:02 +0000

[diff] [blame]

40

import android.util.Log;

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

41

42

import com.android.internal.annotations.VisibleForTesting;

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

43

import com.android.server.locksettings.recoverablekeystore.storage.RecoverableKeyStoreDb;

44

import com.android.server.locksettings.recoverablekeystore.storage.RecoverySessionStorage;

Robert Berry

2017-12-27 13:29:39 +0000

[diff] [blame]

45

import com.android.server.locksettings.recoverablekeystore.storage.RecoverySnapshotStorage;

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

46

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

47

import java.security.InvalidKeyException;

Robert Berry

2017-12-21 15:44:02 +0000

[diff] [blame]

48

import java.security.KeyStoreException;

Bo Zhu

2017-12-21 14:36:11 -0800

[diff] [blame]

49

import java.security.KeyFactory;

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

50

import java.security.NoSuchAlgorithmException;

51

import java.security.PublicKey;

Robert Berry

2017-12-22 15:54:30 +0000

[diff] [blame]

52

import java.security.UnrecoverableKeyException;

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

53

import java.security.spec.InvalidKeySpecException;

Bo Zhu

2017-12-21 14:36:11 -0800

[diff] [blame]

54

import java.security.spec.X509EncodedKeySpec;

Bo Zhu

2018-01-05 14:50:52 -0800

[diff] [blame]

55

import java.util.Arrays;

Robert Berry

2017-12-22 11:35:14 +0000

[diff] [blame]

56

import java.util.HashMap;

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

57

import java.util.List;

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

58

import java.util.Locale;

Dmitry Dementyev

2017-12-19 11:02:54 -0800

[diff] [blame]

59

import java.util.Map;

Robert Berry

2017-12-21 15:44:02 +0000

[diff] [blame]

60

import java.util.concurrent.ExecutorService;

61

import java.util.concurrent.Executors;

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

62

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

63

import javax.crypto.AEADBadTagException;

64

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

65

/**

Robert Berry

74928a1

2018-01-18 17:49:07 +0000

[diff] [blame]

66

* Class with {@link RecoveryController} API implementation and internal methods to interact

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

67

* with {@code LockSettingsService}.

*

* @hide

*/

public class RecoverableKeyStoreManager {

Robert Berry

2017-12-21 15:44:02 +0000

[diff] [blame]

72

private static final String TAG = "RecoverableKeyStoreMgr";

Robert Berry

2017-12-22 15:54:30 +0000

[diff] [blame]

73

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

74

private static RecoverableKeyStoreManager mInstance;

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

75

76

private final Context mContext;

77

private final RecoverableKeyStoreDb mDatabase;

78

private final RecoverySessionStorage mRecoverySessionStorage;

Robert Berry

2017-12-21 15:44:02 +0000

[diff] [blame]

79

private final ExecutorService mExecutorService;

Robert Berry

2017-12-27 12:05:58 +0000

[diff] [blame]

80

private final RecoverySnapshotListenersStorage mListenersStorage;

Robert Berry

2017-12-22 15:54:30 +0000

[diff] [blame]

81

private final RecoverableKeyGenerator mRecoverableKeyGenerator;

Robert Berry

2017-12-27 13:29:39 +0000

[diff] [blame]

82

private final RecoverySnapshotStorage mSnapshotStorage;

Bo Zhu

2018-01-04 22:42:36 -0800

[diff] [blame]

83

private final PlatformKeyManager mPlatformKeyManager;

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

84

85

/**

86

* Returns a new or existing instance.

87

*

88

* @hide

89

*/

Bo Zhu

2018-01-04 22:42:36 -0800

[diff] [blame]

90

public static synchronized RecoverableKeyStoreManager getInstance(Context context) {

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

91

if (mInstance == null) {

Bo Zhu

2018-01-04 22:42:36 -0800

[diff] [blame]

92

RecoverableKeyStoreDb db = RecoverableKeyStoreDb.newInstance(context);

93

PlatformKeyManager platformKeyManager;

94

try {

95

platformKeyManager = PlatformKeyManager.getInstance(context, db);

96

} catch (NoSuchAlgorithmException e) {

97

// Impossible: all algorithms must be supported by AOSP

98

throw new RuntimeException(e);

99

} catch (KeyStoreException e) {

Robert Berry

2018-01-17 14:43:09 +0000

[diff] [blame]

100

throw new ServiceSpecificException(ERROR_SERVICE_INTERNAL_ERROR, e.getMessage());

Bo Zhu

2018-01-04 22:42:36 -0800

[diff] [blame]

101

}

102

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

103

mInstance = new RecoverableKeyStoreManager(

Bo Zhu

2018-01-04 22:42:36 -0800

[diff] [blame]

104

context.getApplicationContext(),

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

105

db,

Robert Berry

2017-12-21 15:44:02 +0000

[diff] [blame]

106

new RecoverySessionStorage(),

Dmitry Dementyev

3b17c63

2017-12-21 17:30:48 -0800

[diff] [blame]

107

Executors.newSingleThreadExecutor(),

Robert Berry

2017-12-27 12:05:58 +0000

[diff] [blame]

108

new RecoverySnapshotStorage(),

Bo Zhu

2018-01-04 22:42:36 -0800

[diff] [blame]

109

new RecoverySnapshotListenersStorage(),

110

platformKeyManager);

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

}

return mInstance;

}

@VisibleForTesting

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

116

RecoverableKeyStoreManager(

117

Context context,

118

RecoverableKeyStoreDb recoverableKeyStoreDb,

Robert Berry

2017-12-21 15:44:02 +0000

[diff] [blame]

119

RecoverySessionStorage recoverySessionStorage,

Dmitry Dementyev

3b17c63

2017-12-21 17:30:48 -0800

[diff] [blame]

120

ExecutorService executorService,

Robert Berry

2017-12-27 12:05:58 +0000

[diff] [blame]

121

RecoverySnapshotStorage snapshotStorage,

Bo Zhu

2018-01-04 22:42:36 -0800

[diff] [blame]

122

RecoverySnapshotListenersStorage listenersStorage,

123

PlatformKeyManager platformKeyManager) {

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

124

mContext = context;

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

125

mDatabase = recoverableKeyStoreDb;

126

mRecoverySessionStorage = recoverySessionStorage;

Robert Berry

2017-12-21 15:44:02 +0000

[diff] [blame]

127

mExecutorService = executorService;

Dmitry Dementyev

3b17c63

2017-12-21 17:30:48 -0800

[diff] [blame]

128

mListenersStorage = listenersStorage;

Robert Berry

2017-12-27 13:29:39 +0000

[diff] [blame]

129

mSnapshotStorage = snapshotStorage;

Bo Zhu

2018-01-04 22:42:36 -0800

[diff] [blame]

130

mPlatformKeyManager = platformKeyManager;

131

Robert Berry

2017-12-22 15:54:30 +0000

[diff] [blame]

132

try {

133

mRecoverableKeyGenerator = RecoverableKeyGenerator.newInstance(mDatabase);

134

} catch (NoSuchAlgorithmException e) {

Robert Berry

2018-01-05 12:43:13 +0000

[diff] [blame]

135

Log.wtf(TAG, "AES keygen algorithm not available. AOSP must support this.", e);

Robert Berry

2018-01-17 14:43:09 +0000

[diff] [blame]

136

throw new ServiceSpecificException(ERROR_SERVICE_INTERNAL_ERROR, e.getMessage());

Robert Berry

2017-12-22 15:54:30 +0000

[diff] [blame]

137

}

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

138

}

139

Bo Zhu

2017-12-21 14:36:11 -0800

[diff] [blame]

140

public void initRecoveryService(

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

141

@NonNull String rootCertificateAlias, @NonNull byte[] signedPublicKeyList)

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

142

throws RemoteException {

143

checkRecoverKeyStorePermission();

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

144

int userId = UserHandle.getCallingUserId();

Dmitry Dementyev

2018-01-10 18:03:37 -0800

[diff] [blame]

145

int uid = Binder.getCallingUid();

Bo Zhu

2017-12-21 14:36:11 -0800

[diff] [blame]

146

// TODO: open /system/etc/security/... cert file, and check the signature on the public keys

147

PublicKey publicKey;

148

try {

149

KeyFactory kf = KeyFactory.getInstance("EC");

150

// TODO: Randomly choose a key from the list -- right now we just use the whole input

151

X509EncodedKeySpec pkSpec = new X509EncodedKeySpec(signedPublicKeyList);

152

publicKey = kf.generatePublic(pkSpec);

153

} catch (NoSuchAlgorithmException e) {

Robert Berry

2018-01-05 12:43:13 +0000

[diff] [blame]

154

Log.wtf(TAG, "EC algorithm not available. AOSP must support this.", e);

Robert Berry

2018-01-17 14:43:09 +0000

[diff] [blame]

155

throw new ServiceSpecificException(ERROR_SERVICE_INTERNAL_ERROR, e.getMessage());

Bo Zhu

2017-12-21 14:36:11 -0800

[diff] [blame]

156

} catch (InvalidKeySpecException e) {

Robert Berry

2018-01-05 12:43:13 +0000

[diff] [blame]

157

throw new ServiceSpecificException(

Robert Berry

2018-01-17 14:43:09 +0000

[diff] [blame]

158

ERROR_BAD_CERTIFICATE_FORMAT, "Not a valid X509 certificate.");

Bo Zhu

2017-12-21 14:36:11 -0800

[diff] [blame]

159

}

Dmitry Dementyev

2018-01-10 18:03:37 -0800

[diff] [blame]

160

long updatedRows = mDatabase.setRecoveryServicePublicKey(userId, uid, publicKey);

161

if (updatedRows > 0) {

162

mDatabase.setShouldCreateSnapshot(userId, uid, true);

163

}

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

}

/**

* Gets all data necessary to recover application keys on new device.

168

*

169

* @return recovery data

170

* @hide

171

*/

Robert Berry

2018-01-17 15:18:05 +0000

[diff] [blame]

172

public @NonNull

173

KeychainSnapshot getRecoveryData(@NonNull byte[] account)

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

174

throws RemoteException {

175

checkRecoverKeyStorePermission();

Dmitry Dementyev

2018-01-05 15:46:00 -0800

[diff] [blame]

176

int uid = Binder.getCallingUid();

Robert Berry

2018-01-17 15:18:05 +0000

[diff] [blame]

177

KeychainSnapshot snapshot = mSnapshotStorage.get(uid);

Robert Berry

2017-12-27 13:29:39 +0000

[diff] [blame]

178

if (snapshot == null) {

Dmitry Dementyev

7d8c78a

2018-01-12 19:14:07 -0800

[diff] [blame]

179

throw new ServiceSpecificException(ERROR_NO_SNAPSHOT_PENDING);

Robert Berry

2017-12-27 13:29:39 +0000

[diff] [blame]

180

}

181

return snapshot;

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

182

}

183

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

184

public void setSnapshotCreatedPendingIntent(@Nullable PendingIntent intent)

Dmitry Dementyev

2017-12-19 11:02:54 -0800

[diff] [blame]

185

throws RemoteException {

186

checkRecoverKeyStorePermission();

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

187

int uid = Binder.getCallingUid();

188

mListenersStorage.setSnapshotListener(uid, intent);

Dmitry Dementyev

2017-12-19 11:02:54 -0800

[diff] [blame]

}

/**

* Gets recovery snapshot versions for all accounts. Note that snapshot may have 0 application

193

* keys, but it still needs to be synced, if previous versions were not empty.

194

*

195

* @return Map from Recovery agent account to snapshot version.

196

*/

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

197

public @NonNull Map<byte[], Integer> getRecoverySnapshotVersions()

Dmitry Dementyev

2017-12-19 11:02:54 -0800

[diff] [blame]

198

throws RemoteException {

199

checkRecoverKeyStorePermission();

200

throw new UnsupportedOperationException();

201

}

202

Dmitry Dementyev

7d8c78a

2018-01-12 19:14:07 -0800

[diff] [blame]

203

public void setServerParams(byte[] serverParams) throws RemoteException {

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

204

checkRecoverKeyStorePermission();

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

205

int userId = UserHandle.getCallingUserId();

Dmitry Dementyev

2018-01-10 18:03:37 -0800

[diff] [blame]

206

int uid = Binder.getCallingUid();

Dmitry Dementyev

7d8c78a

2018-01-12 19:14:07 -0800

[diff] [blame]

207

long updatedRows = mDatabase.setServerParams(userId, uid, serverParams);

Dmitry Dementyev

2018-01-10 18:03:37 -0800

[diff] [blame]

208

if (updatedRows > 0) {

209

mDatabase.setShouldCreateSnapshot(userId, uid, true);

210

}

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

211

}

212

Dmitry Dementyev

2017-12-20 12:38:36 -0800

[diff] [blame]

213

/**

214

* Updates recovery status for the application given its {@code packageName}.

215

*

216

* @param packageName which recoverable key statuses will be returned

217

* @param aliases - KeyStore aliases or {@code null} for all aliases of the app

218

* @param status - new status

219

*/

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

220

public void setRecoveryStatus(

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

221

@NonNull String packageName, @Nullable String[] aliases, int status)

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

222

throws RemoteException {

223

checkRecoverKeyStorePermission();

Dmitry Dementyev

2017-12-20 12:38:36 -0800

[diff] [blame]

224

int uid = Binder.getCallingUid();

225

if (packageName != null) {

226

// TODO: get uid for package name, when many apps are supported.

227

}

228

if (aliases == null) {

229

// Get all keys for the app.

230

Map<String, Integer> allKeys = mDatabase.getStatusForAllKeys(uid);

231

aliases = new String[allKeys.size()];

232

allKeys.keySet().toArray(aliases);

233

}

234

for (String alias: aliases) {

235

mDatabase.setRecoveryStatus(uid, alias, status);

236

}

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

237

}

238

239

/**

Dmitry Dementyev

2017-12-20 12:38:36 -0800

[diff] [blame]

240

* Gets recovery status for caller or other application {@code packageName}.

241

* @param packageName which recoverable keys statuses will be returned.

Dmitry Dementyev

2017-12-19 11:02:54 -0800

[diff] [blame]

242

*

Dmitry Dementyev

2017-12-20 12:38:36 -0800

[diff] [blame]

243

* @return {@code Map} from KeyStore alias to recovery status.

Dmitry Dementyev

2017-12-19 11:02:54 -0800

[diff] [blame]

244

*/

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

245

public @NonNull Map<String, Integer> getRecoveryStatus(@Nullable String packageName)

Dmitry Dementyev

2017-12-19 11:02:54 -0800

[diff] [blame]

246

throws RemoteException {

247

// Any application should be able to check status for its own keys.

248

// If caller is a recovery agent it can check statuses for other packages, but

249

// only for recoverable keys it manages.

Dmitry Dementyev

2017-12-20 12:38:36 -0800

[diff] [blame]

250

return mDatabase.getStatusForAllKeys(Binder.getCallingUid());

Dmitry Dementyev

2017-12-19 11:02:54 -0800

[diff] [blame]

251

}

252

253

/**

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

254

* Sets recovery secrets list used by all recovery agents for given {@code userId}

*

* @hide

*/

public void setRecoverySecretTypes(

Robert Berry

2018-01-17 23:28:45 +0000

[diff] [blame]

259

@NonNull @KeychainProtectionParams.UserSecretType int[] secretTypes)

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

260

throws RemoteException {

261

checkRecoverKeyStorePermission();

Dmitry Dementyev

2018-01-10 18:03:37 -0800

[diff] [blame]

262

int userId = UserHandle.getCallingUserId();

263

int uid = Binder.getCallingUid();

264

long updatedRows = mDatabase.setRecoverySecretTypes(userId, uid, secretTypes);

265

if (updatedRows > 0) {

266

mDatabase.setShouldCreateSnapshot(userId, uid, true);

267

}

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

}

/**

* Gets secret types necessary to create Recovery Data.

272

*

273

* @return secret types

274

* @hide

275

*/

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

276

public @NonNull int[] getRecoverySecretTypes() throws RemoteException {

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

277

checkRecoverKeyStorePermission();

Dmitry Dementyev

bdfdf53

2017-12-27 11:58:45 -0800

[diff] [blame]

278

return mDatabase.getRecoverySecretTypes(UserHandle.getCallingUserId(),

279

Binder.getCallingUid());

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

280

}

281

282

/**

Dmitry Dementyev

ed89ea0

2018-01-11 13:53:52 -0800

[diff] [blame]

283

* Gets secret types RecoveryManagers is waiting for to create new Recovery Data.

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

284

*

285

* @return secret types

286

* @hide

287

*/

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

288

public @NonNull int[] getPendingRecoverySecretTypes() throws RemoteException {

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

289

checkRecoverKeyStorePermission();

290

throw new UnsupportedOperationException();

291

}

292

293

public void recoverySecretAvailable(

Robert Berry

2018-01-17 23:28:45 +0000

[diff] [blame]

294

@NonNull KeychainProtectionParams recoverySecret) throws RemoteException {

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

295

int uid = Binder.getCallingUid();

Robert Berry

2018-01-17 23:28:45 +0000

[diff] [blame]

296

if (recoverySecret.getLockScreenUiFormat() == KeychainProtectionParams.TYPE_LOCKSCREEN) {

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

297

throw new SecurityException(

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

298

"Caller " + uid + " is not allowed to set lock screen secret");

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

299

}

300

checkRecoverKeyStorePermission();

301

// TODO: add hook from LockSettingsService to set lock screen secret.

302

throw new UnsupportedOperationException();

}

/**

* Initializes recovery session.

307

*

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

308

* @param sessionId A unique ID to identify the recovery session.

309

* @param verifierPublicKey X509-encoded public key.

310

* @param vaultParams Additional params associated with vault.

311

* @param vaultChallenge Challenge issued by vault service.

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

312

* @param secrets Lock-screen hashes. For now only a single secret is supported.

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

313

* @return Encrypted bytes of recovery claim. This can then be issued to the vault service.

314

*

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

315

* @hide

316

*/

Dmitry Dementyev

2017-12-19 11:02:54 -0800

[diff] [blame]

317

public @NonNull byte[] startRecoverySession(

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

318

@NonNull String sessionId,

319

@NonNull byte[] verifierPublicKey,

320

@NonNull byte[] vaultParams,

321

@NonNull byte[] vaultChallenge,

Robert Berry

2018-01-17 23:28:45 +0000

[diff] [blame]

322

@NonNull List<KeychainProtectionParams> secrets)

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

323

throws RemoteException {

324

checkRecoverKeyStorePermission();

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

325

int uid = Binder.getCallingUid();

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

326

327

if (secrets.size() != 1) {

Robert Berry

2018-01-17 23:28:45 +0000

[diff] [blame]

328

throw new UnsupportedOperationException(

329

"Only a single KeychainProtectionParams is supported");

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

330

}

331

Bo Zhu

2018-01-05 14:50:52 -0800

[diff] [blame]

332

PublicKey publicKey;

333

try {

334

publicKey = KeySyncUtils.deserializePublicKey(verifierPublicKey);

335

} catch (NoSuchAlgorithmException e) {

336

// Should never happen

337

throw new RuntimeException(e);

338

} catch (InvalidKeySpecException e) {

Robert Berry

2018-01-17 14:43:09 +0000

[diff] [blame]

339

throw new ServiceSpecificException(ERROR_BAD_CERTIFICATE_FORMAT, "Not a valid X509 key");

Bo Zhu

2018-01-05 14:50:52 -0800

[diff] [blame]

340

}

341

// The raw public key bytes contained in vaultParams must match the ones given in

342

// verifierPublicKey; otherwise, the user secret may be decrypted by a key that is not owned

343

// by the original recovery service.

344

if (!publicKeysMatch(publicKey, vaultParams)) {

Robert Berry

2018-01-17 14:43:09 +0000

[diff] [blame]

345

throw new ServiceSpecificException(ERROR_BAD_CERTIFICATE_FORMAT,

Bo Zhu

2018-01-05 14:50:52 -0800

[diff] [blame]

346

"The public keys given in verifierPublicKey and vaultParams do not match.");

347

}

348

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

349

byte[] keyClaimant = KeySyncUtils.generateKeyClaimant();

350

byte[] kfHash = secrets.get(0).getSecret();

351

mRecoverySessionStorage.add(

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

352

uid,

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

353

new RecoverySessionStorage.Entry(sessionId, kfHash, keyClaimant, vaultParams));

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

354

355

try {

356

byte[] thmKfHash = KeySyncUtils.calculateThmKfHash(kfHash);

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

357

return KeySyncUtils.encryptRecoveryClaim(

publicKey,

vaultParams,

vaultChallenge,

thmKfHash,

keyClaimant);

} catch (NoSuchAlgorithmException e) {

Robert Berry

2018-01-05 12:43:13 +0000

[diff] [blame]

364

Log.wtf(TAG, "SecureBox algorithm missing. AOSP must support this.", e);

Robert Berry

2018-01-17 14:43:09 +0000

[diff] [blame]

365

throw new ServiceSpecificException(ERROR_SERVICE_INTERNAL_ERROR, e.getMessage());

Bo Zhu

2018-01-05 14:50:52 -0800

[diff] [blame]

366

} catch (InvalidKeyException e) {

Robert Berry

2018-01-17 14:43:09 +0000

[diff] [blame]

367

throw new ServiceSpecificException(ERROR_BAD_CERTIFICATE_FORMAT, e.getMessage());

Robert Berry

2017-12-20 15:59:37 +0000

[diff] [blame]

368

}

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

369

}

370

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

371

/**

372

* Invoked by a recovery agent after a successful recovery claim is sent to the remote vault

373

* service.

374

*

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

375

* @param sessionId The session ID used to generate the claim. See

Bo Zhu

2018-01-05 14:50:52 -0800

[diff] [blame]

376

* {@link #startRecoverySession(String, byte[], byte[], byte[], List)}.

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

377

* @param encryptedRecoveryKey The encrypted recovery key blob returned by the remote vault

378

* service.

379

* @param applicationKeys The encrypted key blobs returned by the remote vault service. These

380

* were wrapped with the recovery key.

Robert Berry

2017-12-22 11:35:14 +0000

[diff] [blame]

381

* @return Map from alias to raw key material.

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

382

* @throws RemoteException if an error occurred recovering the keys.

383

*/

Robert Berry

2017-12-22 11:35:14 +0000

[diff] [blame]

384

public Map<String, byte[]> recoverKeys(

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

385

@NonNull String sessionId,

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

386

@NonNull byte[] encryptedRecoveryKey,

Robert Berry

2018-01-17 15:18:05 +0000

[diff] [blame]

387

@NonNull List<WrappedApplicationKey> applicationKeys)

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

388

throws RemoteException {

389

checkRecoverKeyStorePermission();

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

390

int uid = Binder.getCallingUid();

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

391

RecoverySessionStorage.Entry sessionEntry = mRecoverySessionStorage.get(uid, sessionId);

392

if (sessionEntry == null) {

Robert Berry

2018-01-17 14:43:09 +0000

[diff] [blame]

393

throw new ServiceSpecificException(ERROR_SESSION_EXPIRED,

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

394

String.format(Locale.US,

395

"Application uid=%d does not have pending session '%s'", uid, sessionId));

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

}

try {

byte[] recoveryKey = decryptRecoveryKey(sessionEntry, encryptedRecoveryKey);

Robert Berry

2017-12-22 11:35:14 +0000

[diff] [blame]

400

return recoverApplicationKeys(recoveryKey, applicationKeys);

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

401

} finally {

402

sessionEntry.destroy();

403

mRecoverySessionStorage.remove(uid);

}

}

Robert Berry

2017-12-22 15:54:30 +0000

[diff] [blame]

407

/**

408

* Generates a key named {@code alias} in the recoverable store for the calling uid. Then

409

* returns the raw key material.

410

*

411

* <p>TODO: Once AndroidKeyStore has added move api, do not return raw bytes.

*

* @hide

*/

public byte[] generateAndStoreKey(@NonNull String alias) throws RemoteException {

416

int uid = Binder.getCallingUid();

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

417

int userId = UserHandle.getCallingUserId();

Robert Berry

2017-12-22 15:54:30 +0000

[diff] [blame]

418

Bo Zhu

2018-01-04 22:42:36 -0800

[diff] [blame]

419

PlatformEncryptionKey encryptionKey;

Robert Berry

2017-12-22 15:54:30 +0000

[diff] [blame]

420

try {

Bo Zhu

2018-01-04 22:42:36 -0800

[diff] [blame]

421

encryptionKey = mPlatformKeyManager.getEncryptKey(userId);

Robert Berry

2017-12-22 15:54:30 +0000

[diff] [blame]

422

} catch (NoSuchAlgorithmException e) {

423

// Impossible: all algorithms must be supported by AOSP

424

throw new RuntimeException(e);

425

} catch (KeyStoreException | UnrecoverableKeyException e) {

Robert Berry

2018-01-17 14:43:09 +0000

[diff] [blame]

426

throw new ServiceSpecificException(ERROR_SERVICE_INTERNAL_ERROR, e.getMessage());

Robert Berry

2017-12-22 15:54:30 +0000

[diff] [blame]

427

} catch (InsecureUserException e) {

428

throw new ServiceSpecificException(ERROR_INSECURE_USER, e.getMessage());

}

try {

return mRecoverableKeyGenerator.generateAndStoreKey(encryptionKey, userId, uid, alias);

Robert Berry

2018-01-17 14:43:09 +0000

[diff] [blame]

433

} catch (KeyStoreException | InvalidKeyException | RecoverableKeyStorageException e) {

434

throw new ServiceSpecificException(ERROR_SERVICE_INTERNAL_ERROR, e.getMessage());

Robert Berry

2017-12-22 15:54:30 +0000

[diff] [blame]

}

}

Robert Berry

2018-01-18 12:53:29 +0000

[diff] [blame]

438

/**

439

* Destroys the session with the given {@code sessionId}.

440

*/

441

public void closeSession(@NonNull String sessionId) throws RemoteException {

442

mRecoverySessionStorage.remove(Binder.getCallingUid(), sessionId);

443

}

444

Robert Berry

5daccec

2018-01-06 19:16:25 +0000

[diff] [blame]

445

public void removeKey(@NonNull String alias) throws RemoteException {

Dmitry Dementyev

2018-01-05 15:46:00 -0800

[diff] [blame]

446

int uid = Binder.getCallingUid();

447

int userId = UserHandle.getCallingUserId();

448

449

boolean wasRemoved = mDatabase.removeKey(uid, alias);

450

if (wasRemoved) {

451

mDatabase.setShouldCreateSnapshot(userId, uid, true);

452

}

Robert Berry

5daccec

2018-01-06 19:16:25 +0000

[diff] [blame]

453

}

454

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

455

private byte[] decryptRecoveryKey(

456

RecoverySessionStorage.Entry sessionEntry, byte[] encryptedClaimResponse)

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

457

throws RemoteException, ServiceSpecificException {

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

458

try {

459

byte[] locallyEncryptedKey = KeySyncUtils.decryptRecoveryClaimResponse(

460

sessionEntry.getKeyClaimant(),

461

sessionEntry.getVaultParams(),

462

encryptedClaimResponse);

463

return KeySyncUtils.decryptRecoveryKey(sessionEntry.getLskfHash(), locallyEncryptedKey);

464

} catch (InvalidKeyException | AEADBadTagException e) {

Robert Berry

2018-01-17 14:43:09 +0000

[diff] [blame]

465

throw new ServiceSpecificException(ERROR_DECRYPTION_FAILED,

Dmitry Dementyev

2018-01-04 15:19:19 -0800

[diff] [blame]

466

"Failed to decrypt recovery key " + e.getMessage());

467

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

468

} catch (NoSuchAlgorithmException e) {

469

// Should never happen: all the algorithms used are required by AOSP implementations

Robert Berry

2018-01-17 14:43:09 +0000

[diff] [blame]

470

throw new ServiceSpecificException(ERROR_SERVICE_INTERNAL_ERROR, e.getMessage());

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

}

}

/**

* Uses {@code recoveryKey} to decrypt {@code applicationKeys}.

476

*

Robert Berry

2017-12-22 11:35:14 +0000

[diff] [blame]

477

* @return Map from alias to raw key material.

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

478

* @throws RemoteException if an error occurred decrypting the keys.

479

*/

Robert Berry

2017-12-22 11:35:14 +0000

[diff] [blame]

480

private Map<String, byte[]> recoverApplicationKeys(

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

481

@NonNull byte[] recoveryKey,

Robert Berry

2018-01-17 15:18:05 +0000

[diff] [blame]

482

@NonNull List<WrappedApplicationKey> applicationKeys) throws RemoteException {

Robert Berry

2017-12-22 11:35:14 +0000

[diff] [blame]

483

HashMap<String, byte[]> keyMaterialByAlias = new HashMap<>();

Robert Berry

2018-01-17 15:18:05 +0000

[diff] [blame]

484

for (WrappedApplicationKey applicationKey : applicationKeys) {

Dmitry Dementyev

07c76555

2018-01-08 17:31:59 -0800

[diff] [blame]

485

String alias = applicationKey.getAlias();

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

486

byte[] encryptedKeyMaterial = applicationKey.getEncryptedKeyMaterial();

487

488

try {

Robert Berry

2017-12-22 11:35:14 +0000

[diff] [blame]

489

byte[] keyMaterial =

490

KeySyncUtils.decryptApplicationKey(recoveryKey, encryptedKeyMaterial);

491

keyMaterialByAlias.put(alias, keyMaterial);

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

492

} catch (NoSuchAlgorithmException e) {

Robert Berry

2018-01-05 12:43:13 +0000

[diff] [blame]

493

Log.wtf(TAG, "Missing SecureBox algorithm. AOSP required to support this.", e);

494

throw new ServiceSpecificException(

Robert Berry

2018-01-17 14:43:09 +0000

[diff] [blame]

495

ERROR_SERVICE_INTERNAL_ERROR, e.getMessage());

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

496

} catch (InvalidKeyException | AEADBadTagException e) {

Robert Berry

2018-01-05 12:43:13 +0000

[diff] [blame]

497

throw new ServiceSpecificException(ERROR_DECRYPTION_FAILED,

498

"Failed to recover key with alias '" + alias + "': " + e.getMessage());

Robert Berry

2017-12-21 12:41:01 +0000

[diff] [blame]

499

}

500

}

Robert Berry

2017-12-22 11:35:14 +0000

[diff] [blame]

501

return keyMaterialByAlias;

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

502

}

503

Dmitry Dementyev

2017-12-19 14:47:26 -0800

[diff] [blame]

504

/**

505

* This function can only be used inside LockSettingsService.

506

*

Robert Berry

2017-12-27 12:05:58 +0000

[diff] [blame]

507

* @param storedHashType from {@code CredentialHash}

Dmitry Dementyev

2017-12-19 14:47:26 -0800

[diff] [blame]

508

* @param credential - unencrypted String. Password length should be at most 16 symbols {@code

509

* mPasswordMaxLength}

510

* @param userId for user who just unlocked the device.

511

* @hide

512

*/

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

513

public void lockScreenSecretAvailable(

Dmitry Dementyev

2017-12-19 14:47:26 -0800

[diff] [blame]

514

int storedHashType, @NonNull String credential, int userId) {

Robert Berry

2017-12-21 15:44:02 +0000

[diff] [blame]

515

// So as not to block the critical path unlocking the phone, defer to another thread.

516

try {

517

mExecutorService.execute(KeySyncTask.newInstance(

Robert Berry

2017-12-27 12:05:58 +0000

[diff] [blame]

mContext,

mDatabase,

mSnapshotStorage,

mListenersStorage,

userId,

storedHashType,

Dmitry Dementyev

2018-01-05 15:46:00 -0800

[diff] [blame]

524

credential,

525

/*credentialUpdated=*/ false));

Robert Berry

2017-12-21 15:44:02 +0000

[diff] [blame]

526

} catch (NoSuchAlgorithmException e) {

527

Log.wtf(TAG, "Should never happen - algorithm unavailable for KeySync", e);

528

} catch (KeyStoreException e) {

529

Log.e(TAG, "Key store error encountered during recoverable key sync", e);

530

} catch (InsecureUserException e) {

531

Log.wtf(TAG, "Impossible - insecure user, but user just entered lock screen", e);

Dmitry Dementyev

2017-12-19 14:47:26 -0800

[diff] [blame]

532

}

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

533

}

534

Dmitry Dementyev

2018-01-05 15:46:00 -0800

[diff] [blame]

535

/**

536

* This function can only be used inside LockSettingsService.

537

* @param storedHashType from {@code CredentialHash}

538

* @param credential - unencrypted String

539

* @param userId for the user whose lock screen credentials were changed.

540

* @hide

541

*/

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

542

public void lockScreenSecretChanged(

Dmitry Dementyev

2018-01-05 15:46:00 -0800

[diff] [blame]

543

int storedHashType,

Dmitry Dementyev

2017-12-19 14:47:26 -0800

[diff] [blame]

544

@Nullable String credential,

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

545

int userId) {

Dmitry Dementyev

2018-01-05 15:46:00 -0800

[diff] [blame]

546

// So as not to block the critical path unlocking the phone, defer to another thread.

547

try {

548

mExecutorService.execute(KeySyncTask.newInstance(

mContext,

mDatabase,

mSnapshotStorage,

mListenersStorage,

userId,

storedHashType,

credential,

/*credentialUpdated=*/ true));

557

} catch (NoSuchAlgorithmException e) {

558

Log.wtf(TAG, "Should never happen - algorithm unavailable for KeySync", e);

559

} catch (KeyStoreException e) {

560

Log.e(TAG, "Key store error encountered during recoverable key sync", e);

561

} catch (InsecureUserException e) {

562

Log.wtf(TAG, "Impossible - insecure user, but user just entered lock screen", e);

563

}

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

564

}

565

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

566

private void checkRecoverKeyStorePermission() {

567

mContext.enforceCallingOrSelfPermission(

Dmitry Dementyev

ed89ea0

2018-01-11 13:53:52 -0800

[diff] [blame]

568

Manifest.permission.RECOVER_KEYSTORE,

Dmitry Dementyev

2017-12-11 11:33:12 -0800

[diff] [blame]

569

"Caller " + Binder.getCallingUid() + " doesn't have RecoverKeyStore permission.");

570

}

Bo Zhu

2018-01-05 14:50:52 -0800

[diff] [blame]

571

572

private boolean publicKeysMatch(PublicKey publicKey, byte[] vaultParams) {

573

byte[] encodedPublicKey = SecureBox.encodePublicKey(publicKey);

574

return Arrays.equals(encodedPublicKey, Arrays.copyOf(vaultParams, encodedPublicKey.length));

575

}

Dmitry Dementyev