Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / security / 3b3599385a88ae26fce0484c20a34cc911fed000 / . / keystore / keystore_main.cpp
blob: 91ebd12fbd772373b709c3950226d5ba05b3134e [file] [log] [blame]
Shawn Willden6507c272016-01-05 22:51:48 -0700[diff] [blame]1/*
2 * Copyright (C) 2009 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Janis Danisevskisc1460142017-12-18 16:48:46 -0800[diff] [blame]17#define LOG_TAG "keystore"
18
Shawn Willden0329a822017-12-04 13:55:14 -0700[diff] [blame]19#include <android-base/logging.h>
Steven Moreland13e5a2c2019-05-13 12:55:54 -0700[diff] [blame]20#include <android/hidl/manager/1.2/IServiceManager.h>
Rob Barnesbb6cabd2018-10-04 17:10:37 -0600[diff] [blame]21#include <android/security/keystore/IKeystoreService.h>
Shawn Willden6507c272016-01-05 22:51:48 -0700[diff] [blame]22#include <binder/IPCThreadState.h>
23#include <binder/IServiceManager.h>
Shawn Willdeneedcfe92018-01-18 15:35:46 -0700[diff] [blame]24#include <keymasterV4_0/Keymaster3.h>
25#include <keymasterV4_0/Keymaster4.h>
Shawn Willdenc67a8aa2017-12-03 17:51:29 -0700[diff] [blame]26#include <utils/StrongPointer.h>
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]27
Shawn Willdenbb22a6c2017-12-06 19:35:28 -0700[diff] [blame]28#include <keystore/keystore_hidl_support.h>
29#include <keystore/keystore_return_types.h>
30
Shawn Willdenfa5702f2017-12-03 15:14:58 -0700[diff] [blame]31#include "KeyStore.h"
Shawn Willdenfa5702f2017-12-03 15:14:58 -0700[diff] [blame]32#include "key_store_service.h"
33#include "legacy_keymaster_device_wrapper.h"
34#include "permissions.h"
Shawn Willden6507c272016-01-05 22:51:48 -0700[diff] [blame]35
36/* KeyStore is a secured storage for key-value pairs. In this implementation,
37 * each file stores one key-value pair. Keys are encoded in file names, and
38 * values are encrypted with checksums. The encryption key is protected by a
39 * user-defined password. To keep things simple, buffers are always larger than
40 * the maximum space we needed, so boundary checks on buffers are omitted. */
41
Shawn Willdenc67a8aa2017-12-03 17:51:29 -0700[diff] [blame]42using ::android::sp;
Janis Danisevskisc1460142017-12-18 16:48:46 -0800[diff] [blame]43using ::android::hardware::hidl_string;
44using ::android::hardware::hidl_vec;
Janis Danisevskis3506d332017-12-19 16:27:28 -0800[diff] [blame]45using ::android::hardware::keymaster::V4_0::ErrorCode;
Steven Moreland13e5a2c2019-05-13 12:55:54 -0700[diff] [blame]46using ::android::hardware::keymaster::V4_0::HmacSharingParameters;
47using ::android::hardware::keymaster::V4_0::SecurityLevel;
48using ::android::hidl::manager::V1_2::IServiceManager;
Roshan Piuse653c932017-03-29 10:08:47 -0700[diff] [blame]49
Shawn Willdeneedcfe92018-01-18 15:35:46 -0700[diff] [blame]50using ::keystore::keymaster::support::Keymaster;
51using ::keystore::keymaster::support::Keymaster3;
52using ::keystore::keymaster::support::Keymaster4;
Shawn Willdenc67a8aa2017-12-03 17:51:29 -0700[diff] [blame]53
Janis Danisevskisc1460142017-12-18 16:48:46 -0800[diff] [blame]54using keystore::KeymasterDevices;
55
56template <typename Wrapper>
57KeymasterDevices enumerateKeymasterDevices(IServiceManager* serviceManager) {
58 KeymasterDevices result;
Steven Moreland13e5a2c2019-05-13 12:55:54 -0700[diff] [blame]59 serviceManager->listManifestByInterface(
Janis Danisevskisc1460142017-12-18 16:48:46 -0800[diff] [blame]60 Wrapper::WrappedIKeymasterDevice::descriptor, [&](const hidl_vec<hidl_string>& names) {
61 auto try_get_device = [&](const auto& name, bool fail_silent) {
62 auto device = Wrapper::WrappedIKeymasterDevice::getService(name);
63 if (fail_silent && !device) return;
64 CHECK(device) << "Failed to get service for \""
65 << Wrapper::WrappedIKeymasterDevice::descriptor
66 << "\" with interface name \"" << name << "\"";
67
Shawn Willdencd416c52018-01-22 09:37:43 -0700[diff] [blame]68 sp<Keymaster> kmDevice(new Wrapper(device, name));
Janis Danisevskisc1460142017-12-18 16:48:46 -0800[diff] [blame]69 auto halVersion = kmDevice->halVersion();
70 SecurityLevel securityLevel = halVersion.securityLevel;
71 LOG(INFO) << "found " << Wrapper::WrappedIKeymasterDevice::descriptor
72 << " with interface name " << name << " and seclevel "
73 << toString(securityLevel);
74 CHECK(static_cast<uint32_t>(securityLevel) < result.size())
75 << "Security level of \"" << Wrapper::WrappedIKeymasterDevice::descriptor
76 << "\" with interface name \"" << name << "\" out of range";
77 auto& deviceSlot = result[securityLevel];
78 if (deviceSlot) {
79 if (!fail_silent) {
80 LOG(WARNING) << "Implementation of \""
81 << Wrapper::WrappedIKeymasterDevice::descriptor
82 << "\" with interface name \"" << name
83 << "\" and security level: " << toString(securityLevel)
84 << " Masked by other implementation of Keymaster";
85 }
86 } else {
87 deviceSlot = kmDevice;
88 }
89 };
90 bool has_default = false;
91 for (auto& n : names) {
92 try_get_device(n, false);
93 if (n == "default") has_default = true;
94 }
95 // Make sure that we always check the default device. If we enumerate only what is
96 // known to hwservicemanager, we miss a possible passthrough HAL.
97 if (!has_default) {
98 try_get_device("default", true /* fail_silent */);
99 }
100 });
101 return result;
102}
103
104KeymasterDevices initializeKeymasters() {
Steven Moreland13e5a2c2019-05-13 12:55:54 -0700[diff] [blame]105 auto serviceManager = IServiceManager::getService();
Janis Danisevskisc1460142017-12-18 16:48:46 -0800[diff] [blame]106 CHECK(serviceManager.get()) << "Failed to get ServiceManager";
107 auto result = enumerateKeymasterDevices<Keymaster4>(serviceManager.get());
Janis Danisevskisc1460142017-12-18 16:48:46 -0800[diff] [blame]108 auto softKeymaster = result[SecurityLevel::SOFTWARE];
Shawn Willden5a6afd02018-05-09 15:47:15 -0600[diff] [blame]109 if (!result[SecurityLevel::TRUSTED_ENVIRONMENT]) {
Janis Danisevskisc1460142017-12-18 16:48:46 -0800[diff] [blame]110 result = enumerateKeymasterDevices<Keymaster3>(serviceManager.get());
111 }
112 if (softKeymaster) result[SecurityLevel::SOFTWARE] = softKeymaster;
113 if (result[SecurityLevel::SOFTWARE] && !result[SecurityLevel::TRUSTED_ENVIRONMENT]) {
114 LOG(WARNING) << "No secure Keymaster implementation found, but device offers insecure"
115 " Keymaster HAL. Using as default.";
116 result[SecurityLevel::TRUSTED_ENVIRONMENT] = result[SecurityLevel::SOFTWARE];
117 result[SecurityLevel::SOFTWARE] = nullptr;
118 }
119 if (!result[SecurityLevel::SOFTWARE]) {
120 auto fbdev = android::keystore::makeSoftwareKeymasterDevice();
121 CHECK(fbdev.get()) << "Unable to create Software Keymaster Device";
Shawn Willdencd416c52018-01-22 09:37:43 -0700[diff] [blame]122 result[SecurityLevel::SOFTWARE] = new Keymaster3(fbdev, "Software");
Janis Danisevskisc1460142017-12-18 16:48:46 -0800[diff] [blame]123 }
124 return result;
125}
Shawn Willden6507c272016-01-05 22:51:48 -0700[diff] [blame]126
127int main(int argc, char* argv[]) {
Shawn Willdenb8550a02017-02-23 11:06:05 -0700[diff] [blame]128 using android::hardware::hidl_string;
Shawn Willden0329a822017-12-04 13:55:14 -0700[diff] [blame]129 CHECK(argc >= 2) << "A directory must be specified!";
130 CHECK(chdir(argv[1]) != -1) << "chdir: " << argv[1] << ": " << strerror(errno);
Shawn Willden6507c272016-01-05 22:51:48 -0700[diff] [blame]131
Janis Danisevskisc1460142017-12-18 16:48:46 -0800[diff] [blame]132 auto kmDevices = initializeKeymasters();
Shawn Willdenc67a8aa2017-12-03 17:51:29 -0700[diff] [blame]133
Janis Danisevskisc1460142017-12-18 16:48:46 -0800[diff] [blame]134 CHECK(kmDevices[SecurityLevel::SOFTWARE]) << "Missing software Keymaster device";
135 CHECK(kmDevices[SecurityLevel::TRUSTED_ENVIRONMENT])
136 << "Error no viable keymaster device found";
Shawn Willden814a6e72016-03-15 08:37:29 -0600[diff] [blame]137
Shawn Willden0329a822017-12-04 13:55:14 -0700[diff] [blame]138 CHECK(configure_selinux() != -1) << "Failed to configure SELinux.";
Shawn Willden6507c272016-01-05 22:51:48 -0700[diff] [blame]139
Janis Danisevskisc1460142017-12-18 16:48:46 -0800[diff] [blame]140 auto halVersion = kmDevices[SecurityLevel::TRUSTED_ENVIRONMENT]->halVersion();
Janis Danisevskise8ba1802017-01-30 10:49:51 +0000[diff] [blame]141
Shawn Willden0329a822017-12-04 13:55:14 -0700[diff] [blame]142 // If the hardware is keymaster 2.0 or higher we will not allow the fallback device for import
143 // or generation of keys. The fallback device is only used for legacy keys present on the
144 // device.
Janis Danisevskisc1460142017-12-18 16:48:46 -0800[diff] [blame]145 SecurityLevel minimalAllowedSecurityLevelForNewKeys =
146 halVersion.majorVersion >= 2 ? SecurityLevel::TRUSTED_ENVIRONMENT : SecurityLevel::SOFTWARE;
Janis Danisevskise8ba1802017-01-30 10:49:51 +0000[diff] [blame]147
Janis Danisevskisff3d7f42018-10-08 07:15:09 -0700[diff] [blame]148 android::sp<keystore::KeyStore> keyStore(
Branden Archer44d1afa2018-12-28 09:10:49 -0800[diff] [blame]149 new keystore::KeyStore(kmDevices, minimalAllowedSecurityLevelForNewKeys));
Janis Danisevskisff3d7f42018-10-08 07:15:09 -0700[diff] [blame]150 keyStore->initialize();
Shawn Willden6507c272016-01-05 22:51:48 -0700[diff] [blame]151 android::sp<android::IServiceManager> sm = android::defaultServiceManager();
Janis Danisevskisff3d7f42018-10-08 07:15:09 -0700[diff] [blame]152 android::sp<keystore::KeyStoreService> service = new keystore::KeyStoreService(keyStore);
Steven Moreland23115b02019-01-10 16:20:20 -0800[diff] [blame]153 service->setRequestingSid(true);
Shawn Willden6507c272016-01-05 22:51:48 -0700[diff] [blame]154 android::status_t ret = sm->addService(android::String16("android.security.keystore"), service);
Shawn Willden0329a822017-12-04 13:55:14 -0700[diff] [blame]155 CHECK(ret == android::OK) << "Couldn't register binder service!";
Shawn Willden6507c272016-01-05 22:51:48 -0700[diff] [blame]156
157 /*
Roshan Piuse653c932017-03-29 10:08:47 -0700[diff] [blame]158 * This thread is just going to process Binder transactions.
Shawn Willden6507c272016-01-05 22:51:48 -0700[diff] [blame]159 */
160 android::IPCThreadState::self()->joinThreadPool();
Shawn Willden6507c272016-01-05 22:51:48 -0700[diff] [blame]161 return 1;
162}