Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / core / 27bbf8953d5a141912fe9325a4995da18ca86a6d / . / trusty / keymaster / trusty_keymaster_device.cpp
blob: 069b4fedb9ff96c702eb9895a54936f4ac726840 [file] [log] [blame]
Andres Moralesb33c9b82015-09-08 17:56:07 -0700[diff] [blame]1/*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include "trusty_keymaster_device.h"
18
19#include <assert.h>
20#include <stdio.h>
21#include <stdlib.h>
22#include <string.h>
23#include <time.h>
24#include <stddef.h>
25
26#include <type_traits>
27
28#include <openssl/evp.h>
29#include <openssl/x509.h>
30
31#define LOG_TAG "TrustyKeymaster"
32#include <cutils/log.h>
33#include <hardware/keymaster0.h>
34
35#include <keymaster/authorization_set.h>
36
37#include "trusty_keymaster_ipc.h"
38#include "keymaster_ipc.h"
39
40const uint32_t SEND_BUF_SIZE = 8192;
41const uint32_t RECV_BUF_SIZE = 8192;
42
43namespace keymaster {
44
45static keymaster_error_t translate_error(int err) {
46 switch (err) {
47 case 0:
48 return KM_ERROR_OK;
49 case -EPERM:
50 case -EACCES:
51 return KM_ERROR_SECURE_HW_ACCESS_DENIED;
52
53 case -ECANCELED:
54 return KM_ERROR_OPERATION_CANCELLED;
55
56 case -ENODEV:
57 return KM_ERROR_UNIMPLEMENTED;
58
59 case -ENOMEM:
60 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
61
62 case -EBUSY:
63 return KM_ERROR_SECURE_HW_BUSY;
64
65 case -EIO:
66 return KM_ERROR_SECURE_HW_COMMUNICATION_FAILED;
67
68 case -EOVERFLOW:
69 return KM_ERROR_INVALID_INPUT_LENGTH;
70
71 default:
72 return KM_ERROR_UNKNOWN_ERROR;
73 }
74}
75
76TrustyKeymasterDevice::TrustyKeymasterDevice(const hw_module_t* module) {
77 static_assert(std::is_standard_layout<TrustyKeymasterDevice>::value,
78 "TrustyKeymasterDevice must be standard layout");
79 static_assert(offsetof(TrustyKeymasterDevice, device_) == 0,
80 "device_ must be the first member of KeymasterOpenSsl");
81 static_assert(offsetof(TrustyKeymasterDevice, device_.common) == 0,
82 "common must be the first member of keymaster_device");
83
84 ALOGI("Creating device");
85 ALOGD("Device address: %p", this);
86
87 memset(&device_, 0, sizeof(device_));
88
89 device_.common.tag = HARDWARE_DEVICE_TAG;
90 device_.common.version = 1;
91 device_.common.module = const_cast<hw_module_t*>(module);
92 device_.common.close = close_device;
93
94 device_.flags = KEYMASTER_BLOBS_ARE_STANDALONE | KEYMASTER_SUPPORTS_EC;
95
96 device_.generate_keypair = generate_keypair;
97 device_.import_keypair = import_keypair;
98 device_.get_keypair_public = get_keypair_public;
99 device_.delete_keypair = NULL;
100 device_.delete_all = NULL;
101 device_.sign_data = sign_data;
102 device_.verify_data = verify_data;
103
104 device_.context = NULL;
105
106 int rc = trusty_keymaster_connect();
107 error_ = translate_error(rc);
108 if (rc < 0) {
109 ALOGE("failed to connect to keymaster (%d)", rc);
110 return;
111 }
112
113 GetVersionRequest version_request;
114 GetVersionResponse version_response;
115 error_ = Send(version_request, &version_response);
116 if (error_ == KM_ERROR_INVALID_ARGUMENT || error_ == KM_ERROR_UNIMPLEMENTED) {
117 ALOGI("\"Bad parameters\" error on GetVersion call. Assuming version 0.");
118 message_version_ = 0;
119 error_ = KM_ERROR_OK;
120 }
121 message_version_ = MessageVersion(version_response.major_ver, version_response.minor_ver,
122 version_response.subminor_ver);
123 if (message_version_ < 0) {
124 // Can't translate version? Keymaster implementation must be newer.
125 ALOGE("Keymaster version %d.%d.%d not supported.", version_response.major_ver,
126 version_response.minor_ver, version_response.subminor_ver);
127 error_ = KM_ERROR_VERSION_MISMATCH;
128 }
129}
130
131TrustyKeymasterDevice::~TrustyKeymasterDevice() {
132 trusty_keymaster_disconnect();
133}
134
135const uint64_t HUNDRED_YEARS = 1000LL * 60 * 60 * 24 * 365 * 100;
136
137int TrustyKeymasterDevice::generate_keypair(const keymaster_keypair_t key_type,
138 const void* key_params, uint8_t** key_blob,
139 size_t* key_blob_length) {
140 ALOGD("Device received generate_keypair");
141
142 if (error_ != KM_ERROR_OK)
143 return error_;
144
145 GenerateKeyRequest req(message_version_);
146 StoreNewKeyParams(&req.key_description);
147
148 switch (key_type) {
149 case TYPE_RSA: {
150 req.key_description.push_back(TAG_ALGORITHM, KM_ALGORITHM_RSA);
151 const keymaster_rsa_keygen_params_t* rsa_params =
152 static_cast<const keymaster_rsa_keygen_params_t*>(key_params);
153 ALOGD("Generating RSA pair, modulus size: %u, public exponent: %lu",
154 rsa_params->modulus_size, rsa_params->public_exponent);
155 req.key_description.push_back(TAG_KEY_SIZE, rsa_params->modulus_size);
156 req.key_description.push_back(TAG_RSA_PUBLIC_EXPONENT, rsa_params->public_exponent);
157 break;
158 }
159
160 case TYPE_EC: {
161 req.key_description.push_back(TAG_ALGORITHM, KM_ALGORITHM_EC);
162 const keymaster_ec_keygen_params_t* ec_params =
163 static_cast<const keymaster_ec_keygen_params_t*>(key_params);
164 ALOGD("Generating ECDSA pair, key size: %u", ec_params->field_size);
165 req.key_description.push_back(TAG_KEY_SIZE, ec_params->field_size);
166 break;
167 }
168 default:
169 ALOGD("Received request for unsuported key type %d", key_type);
170 return KM_ERROR_UNSUPPORTED_ALGORITHM;
171 }
172
173 GenerateKeyResponse rsp(message_version_);
174 ALOGD("Sending generate request");
175 keymaster_error_t err = Send(req, &rsp);
176 if (err != KM_ERROR_OK) {
177 ALOGE("Got error %d from send", err);
178 return err;
179 }
180
181 *key_blob_length = rsp.key_blob.key_material_size;
182 *key_blob = static_cast<uint8_t*>(malloc(*key_blob_length));
183 memcpy(*key_blob, rsp.key_blob.key_material, *key_blob_length);
184 ALOGD("Returning %d bytes in key blob\n", (int)*key_blob_length);
185
186 return KM_ERROR_OK;
187}
188
189struct EVP_PKEY_Delete {
190 void operator()(EVP_PKEY* p) const { EVP_PKEY_free(p); }
191};
192
193struct PKCS8_PRIV_KEY_INFO_Delete {
194 void operator()(PKCS8_PRIV_KEY_INFO* p) const { PKCS8_PRIV_KEY_INFO_free(p); }
195};
196
197int TrustyKeymasterDevice::import_keypair(const uint8_t* key, const size_t key_length,
198 uint8_t** key_blob, size_t* key_blob_length) {
199 ALOGD("Device received import_keypair");
200 if (error_ != KM_ERROR_OK)
201 return error_;
202
203 if (!key)
204 return KM_ERROR_UNEXPECTED_NULL_POINTER;
205
206 if (!key_blob || !key_blob_length)
207 return KM_ERROR_OUTPUT_PARAMETER_NULL;
208
209 ImportKeyRequest request(message_version_);
210 StoreNewKeyParams(&request.key_description);
211 keymaster_algorithm_t algorithm;
212 keymaster_error_t err = GetPkcs8KeyAlgorithm(key, key_length, &algorithm);
213 if (err != KM_ERROR_OK)
214 return err;
215 request.key_description.push_back(TAG_ALGORITHM, algorithm);
216
217 request.SetKeyMaterial(key, key_length);
218 request.key_format = KM_KEY_FORMAT_PKCS8;
219 ImportKeyResponse response(message_version_);
220 err = Send(request, &response);
221 if (err != KM_ERROR_OK)
222 return err;
223
224 *key_blob_length = response.key_blob.key_material_size;
225 *key_blob = static_cast<uint8_t*>(malloc(*key_blob_length));
226 memcpy(*key_blob, response.key_blob.key_material, *key_blob_length);
227 printf("Returning %d bytes in key blob\n", (int)*key_blob_length);
228
229 return KM_ERROR_OK;
230}
231
232keymaster_error_t TrustyKeymasterDevice::GetPkcs8KeyAlgorithm(const uint8_t* key, size_t key_length,
233 keymaster_algorithm_t* algorithm) {
234 if (key == NULL) {
235 ALOGE("No key specified for import");
236 return KM_ERROR_UNEXPECTED_NULL_POINTER;
237 }
238
239 UniquePtr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_Delete> pkcs8(
240 d2i_PKCS8_PRIV_KEY_INFO(NULL, &key, key_length));
241 if (pkcs8.get() == NULL) {
242 ALOGE("Could not parse PKCS8 key blob");
243 return KM_ERROR_INVALID_KEY_BLOB;
244 }
245
246 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKCS82PKEY(pkcs8.get()));
247 if (pkey.get() == NULL) {
248 ALOGE("Could not extract key from PKCS8 key blob");
249 return KM_ERROR_INVALID_KEY_BLOB;
250 }
251
252 switch (EVP_PKEY_type(pkey->type)) {
253 case EVP_PKEY_RSA:
254 *algorithm = KM_ALGORITHM_RSA;
255 break;
256 case EVP_PKEY_EC:
257 *algorithm = KM_ALGORITHM_EC;
258 break;
259 default:
260 ALOGE("Unsupported algorithm %d", EVP_PKEY_type(pkey->type));
261 return KM_ERROR_UNSUPPORTED_ALGORITHM;
262 }
263
264 return KM_ERROR_OK;
265}
266
267int TrustyKeymasterDevice::get_keypair_public(const uint8_t* key_blob, const size_t key_blob_length,
268 uint8_t** x509_data, size_t* x509_data_length) {
269 ALOGD("Device received get_keypair_public");
270 if (error_ != KM_ERROR_OK)
271 return error_;
272
273 ExportKeyRequest request(message_version_);
274 request.SetKeyMaterial(key_blob, key_blob_length);
275 request.key_format = KM_KEY_FORMAT_X509;
276 ExportKeyResponse response(message_version_);
277 keymaster_error_t err = Send(request, &response);
278 if (err != KM_ERROR_OK)
279 return err;
280
281 *x509_data_length = response.key_data_length;
282 *x509_data = static_cast<uint8_t*>(malloc(*x509_data_length));
283 memcpy(*x509_data, response.key_data, *x509_data_length);
284 printf("Returning %d bytes in x509 key\n", (int)*x509_data_length);
285
286 return KM_ERROR_OK;
287}
288
289int TrustyKeymasterDevice::sign_data(const void* signing_params, const uint8_t* key_blob,
290 const size_t key_blob_length, const uint8_t* data,
291 const size_t data_length, uint8_t** signed_data,
292 size_t* signed_data_length) {
293 ALOGD("Device received sign_data, %d", error_);
294 if (error_ != KM_ERROR_OK)
295 return error_;
296
297 BeginOperationRequest begin_request(message_version_);
298 begin_request.purpose = KM_PURPOSE_SIGN;
299 begin_request.SetKeyMaterial(key_blob, key_blob_length);
300 keymaster_error_t err = StoreSigningParams(signing_params, key_blob, key_blob_length,
301 &begin_request.additional_params);
302 if (err != KM_ERROR_OK) {
303 ALOGE("Error extracting signing params: %d", err);
304 return err;
305 }
306
307 BeginOperationResponse begin_response(message_version_);
308 ALOGD("Sending signing request begin");
309 err = Send(begin_request, &begin_response);
310 if (err != KM_ERROR_OK) {
311 ALOGE("Error sending sign begin: %d", err);
312 return err;
313 }
314
315 UpdateOperationRequest update_request(message_version_);
316 update_request.op_handle = begin_response.op_handle;
317 update_request.input.Reinitialize(data, data_length);
318 UpdateOperationResponse update_response(message_version_);
319 ALOGD("Sending signing request update");
320 err = Send(update_request, &update_response);
321 if (err != KM_ERROR_OK) {
322 ALOGE("Error sending sign update: %d", err);
323 return err;
324 }
325
326 FinishOperationRequest finish_request(message_version_);
327 finish_request.op_handle = begin_response.op_handle;
328 FinishOperationResponse finish_response(message_version_);
329 ALOGD("Sending signing request finish");
330 err = Send(finish_request, &finish_response);
331 if (err != KM_ERROR_OK) {
332 ALOGE("Error sending sign finish: %d", err);
333 return err;
334 }
335
336 *signed_data_length = finish_response.output.available_read();
337 *signed_data = static_cast<uint8_t*>(malloc(*signed_data_length));
338 if (!finish_response.output.read(*signed_data, *signed_data_length)) {
339 ALOGE("Error reading response data: %d", err);
340 return KM_ERROR_UNKNOWN_ERROR;
341 }
342 return KM_ERROR_OK;
343}
344
345int TrustyKeymasterDevice::verify_data(const void* signing_params, const uint8_t* key_blob,
346 const size_t key_blob_length, const uint8_t* signed_data,
347 const size_t signed_data_length, const uint8_t* signature,
348 const size_t signature_length) {
349 ALOGD("Device received verify_data");
350 if (error_ != KM_ERROR_OK)
351 return error_;
352
353 BeginOperationRequest begin_request(message_version_);
354 begin_request.purpose = KM_PURPOSE_VERIFY;
355 begin_request.SetKeyMaterial(key_blob, key_blob_length);
356 keymaster_error_t err = StoreSigningParams(signing_params, key_blob, key_blob_length,
357 &begin_request.additional_params);
358 if (err != KM_ERROR_OK)
359 return err;
360
361 BeginOperationResponse begin_response(message_version_);
362 err = Send(begin_request, &begin_response);
363 if (err != KM_ERROR_OK)
364 return err;
365
366 UpdateOperationRequest update_request(message_version_);
367 update_request.op_handle = begin_response.op_handle;
368 update_request.input.Reinitialize(signed_data, signed_data_length);
369 UpdateOperationResponse update_response(message_version_);
370 err = Send(update_request, &update_response);
371 if (err != KM_ERROR_OK)
372 return err;
373
374 FinishOperationRequest finish_request(message_version_);
375 finish_request.op_handle = begin_response.op_handle;
376 finish_request.signature.Reinitialize(signature, signature_length);
377 FinishOperationResponse finish_response(message_version_);
378 err = Send(finish_request, &finish_response);
379 if (err != KM_ERROR_OK)
380 return err;
381 return KM_ERROR_OK;
382}
383
384hw_device_t* TrustyKeymasterDevice::hw_device() {
385 return &device_.common;
386}
387
388static inline TrustyKeymasterDevice* convert_device(const keymaster0_device_t* dev) {
389 return reinterpret_cast<TrustyKeymasterDevice*>(const_cast<keymaster0_device_t*>(dev));
390}
391
392/* static */
393int TrustyKeymasterDevice::close_device(hw_device_t* dev) {
394 delete reinterpret_cast<TrustyKeymasterDevice*>(dev);
395 return 0;
396}
397
398/* static */
399int TrustyKeymasterDevice::generate_keypair(const keymaster0_device_t* dev,
400 const keymaster_keypair_t key_type,
401 const void* key_params, uint8_t** keyBlob,
402 size_t* keyBlobLength) {
403 ALOGD("Generate keypair, sending to device: %p", convert_device(dev));
404 return convert_device(dev)->generate_keypair(key_type, key_params, keyBlob, keyBlobLength);
405}
406
407/* static */
408int TrustyKeymasterDevice::import_keypair(const keymaster0_device_t* dev, const uint8_t* key,
409 const size_t key_length, uint8_t** key_blob,
410 size_t* key_blob_length) {
411 return convert_device(dev)->import_keypair(key, key_length, key_blob, key_blob_length);
412}
413
414/* static */
415int TrustyKeymasterDevice::get_keypair_public(const keymaster0_device_t* dev,
416 const uint8_t* key_blob, const size_t key_blob_length,
417 uint8_t** x509_data, size_t* x509_data_length) {
418 return convert_device(dev)
419 ->get_keypair_public(key_blob, key_blob_length, x509_data, x509_data_length);
420}
421
422/* static */
423int TrustyKeymasterDevice::sign_data(const keymaster0_device_t* dev, const void* params,
424 const uint8_t* keyBlob, const size_t keyBlobLength,
425 const uint8_t* data, const size_t dataLength,
426 uint8_t** signedData, size_t* signedDataLength) {
427 return convert_device(dev)
428 ->sign_data(params, keyBlob, keyBlobLength, data, dataLength, signedData, signedDataLength);
429}
430
431/* static */
432int TrustyKeymasterDevice::verify_data(const keymaster0_device_t* dev, const void* params,
433 const uint8_t* keyBlob, const size_t keyBlobLength,
434 const uint8_t* signedData, const size_t signedDataLength,
435 const uint8_t* signature, const size_t signatureLength) {
436 return convert_device(dev)->verify_data(params, keyBlob, keyBlobLength, signedData,
437 signedDataLength, signature, signatureLength);
438}
439
440keymaster_error_t TrustyKeymasterDevice::Send(uint32_t command, const Serializable& req,
441 KeymasterResponse* rsp) {
442 uint32_t req_size = req.SerializedSize();
443 if (req_size > SEND_BUF_SIZE)
444 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
445 uint8_t send_buf[SEND_BUF_SIZE];
446 Eraser send_buf_eraser(send_buf, SEND_BUF_SIZE);
447 req.Serialize(send_buf, send_buf + req_size);
448
449 // Send it
450 uint8_t recv_buf[RECV_BUF_SIZE];
451 Eraser recv_buf_eraser(recv_buf, RECV_BUF_SIZE);
452 uint32_t rsp_size = RECV_BUF_SIZE;
453 printf("Sending %d byte request\n", (int)req.SerializedSize());
454 int rc = trusty_keymaster_call(command, send_buf, req_size, recv_buf, &rsp_size);
455 if (rc < 0) {
456 ALOGE("tipc error: %d\n", rc);
457 // TODO(swillden): Distinguish permanent from transient errors and set error_ appropriately.
458 return translate_error(rc);
459 } else {
460 ALOGV("Received %d byte response\n", rsp_size);
461 }
462
463 const keymaster_message* msg = (keymaster_message *) recv_buf;
464 const uint8_t *p = msg->payload;
465 if (!rsp->Deserialize(&p, p + rsp_size)) {
466 ALOGE("Error deserializing response of size %d\n", (int)rsp_size);
467 return KM_ERROR_UNKNOWN_ERROR;
468 } else if (rsp->error != KM_ERROR_OK) {
469 ALOGE("Response of size %d contained error code %d\n", (int)rsp_size, (int)rsp->error);
470 return rsp->error;
471 }
472 return rsp->error;
473}
474
475keymaster_error_t TrustyKeymasterDevice::StoreSigningParams(const void* signing_params,
476 const uint8_t* key_blob,
477 size_t key_blob_length,
478 AuthorizationSet* auth_set) {
479 uint8_t* pub_key_data;
480 size_t pub_key_data_length;
481 int err = get_keypair_public(&device_, key_blob, key_blob_length, &pub_key_data,
482 &pub_key_data_length);
483 if (err < 0) {
484 ALOGE("Error %d extracting public key to determine algorithm", err);
485 return KM_ERROR_INVALID_KEY_BLOB;
486 }
487 UniquePtr<uint8_t, Malloc_Delete> pub_key(pub_key_data);
488
489 const uint8_t* p = pub_key_data;
490 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(
491 d2i_PUBKEY(nullptr /* allocate new struct */, &p, pub_key_data_length));
492
493 switch (EVP_PKEY_type(pkey->type)) {
494 case EVP_PKEY_RSA: {
495 const keymaster_rsa_sign_params_t* rsa_params =
496 reinterpret_cast<const keymaster_rsa_sign_params_t*>(signing_params);
497 if (rsa_params->digest_type != DIGEST_NONE)
498 return KM_ERROR_UNSUPPORTED_DIGEST;
499 if (rsa_params->padding_type != PADDING_NONE)
500 return KM_ERROR_UNSUPPORTED_PADDING_MODE;
501 if (!auth_set->push_back(TAG_DIGEST, KM_DIGEST_NONE) ||
502 !auth_set->push_back(TAG_PADDING, KM_PAD_NONE))
503 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
504 } break;
505 case EVP_PKEY_EC: {
506 const keymaster_ec_sign_params_t* ecdsa_params =
507 reinterpret_cast<const keymaster_ec_sign_params_t*>(signing_params);
508 if (ecdsa_params->digest_type != DIGEST_NONE)
509 return KM_ERROR_UNSUPPORTED_DIGEST;
510 if (!auth_set->push_back(TAG_DIGEST, KM_DIGEST_NONE))
511 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
512 } break;
513 default:
514 return KM_ERROR_UNSUPPORTED_ALGORITHM;
515 }
516 return KM_ERROR_OK;
517}
518
519void TrustyKeymasterDevice::StoreNewKeyParams(AuthorizationSet* auth_set) {
520 auth_set->push_back(TAG_PURPOSE, KM_PURPOSE_SIGN);
521 auth_set->push_back(TAG_PURPOSE, KM_PURPOSE_VERIFY);
522 auth_set->push_back(TAG_ALL_USERS);
523 auth_set->push_back(TAG_NO_AUTH_REQUIRED);
524 uint64_t now = java_time(time(NULL));
525 auth_set->push_back(TAG_CREATION_DATETIME, now);
526 auth_set->push_back(TAG_ORIGINATION_EXPIRE_DATETIME, now + HUNDRED_YEARS);
527 if (message_version_ == 0) {
528 auth_set->push_back(TAG_DIGEST_OLD, KM_DIGEST_NONE);
529 auth_set->push_back(TAG_PADDING_OLD, KM_PAD_NONE);
530 } else {
531 auth_set->push_back(TAG_DIGEST, KM_DIGEST_NONE);
532 auth_set->push_back(TAG_PADDING, KM_PAD_NONE);
533 }
534}
535
536} // namespace keymaster