Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / security / 69c434aee7a02f66e9a7bcf8ce014f8c48066eb6 / . / keystore / keystore.cpp
blob: 2d9de5d6b6033d9c2dae52234058fe3ac94c1a5b [file] [log] [blame]
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1/*
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]2 * Copyright (C) 2016 The Android Open Source Project
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]17#define LOG_TAG "keystore"
18
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]19#include "keystore.h"
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]20
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]21#include <dirent.h>
22#include <fcntl.h>
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]23
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]24#include <openssl/bio.h>
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]25
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]26#include <utils/String16.h>
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]27
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]28#include <keystore/IKeystoreService.h>
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]29
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]30#include <android/hardware/keymaster/3.0/IKeymasterDevice.h>
31
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]32#include "keystore_utils.h"
33#include "permissions.h"
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]34#include <keystore/keystore_hidl_support.h>
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]35
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]36const char* KeyStore::sOldMasterKey = ".masterkey";
37const char* KeyStore::sMetaDataFile = ".metadata";
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]38
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]39const android::String16 KeyStore::sRSAKeyType("RSA");
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]40
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]41using namespace keystore;
42
43KeyStore::KeyStore(Entropy* entropy, const km_device_t& device, const km_device_t& fallback)
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]44 : mEntropy(entropy), mDevice(device), mFallbackDevice(fallback) {
45 memset(&mMetaData, '\0', sizeof(mMetaData));
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]46}
47
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]48KeyStore::~KeyStore() {
49 for (android::Vector<grant_t*>::iterator it(mGrants.begin()); it != mGrants.end(); it++) {
50 delete *it;
Shawn Willden55268b52015-07-28 11:06:00 -0600[diff] [blame]51 }
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]52 mGrants.clear();
Shawn Willden55268b52015-07-28 11:06:00 -0600[diff] [blame]53
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]54 for (android::Vector<UserState*>::iterator it(mMasterKeys.begin()); it != mMasterKeys.end();
55 it++) {
56 delete *it;
Shawn Willden55268b52015-07-28 11:06:00 -0600[diff] [blame]57 }
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]58 mMasterKeys.clear();
Shawn Willden55268b52015-07-28 11:06:00 -0600[diff] [blame]59}
60
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]61ResponseCode KeyStore::initialize() {
62 readMetaData();
63 if (upgradeKeystore()) {
64 writeMetaData();
Shawn Willden55268b52015-07-28 11:06:00 -0600[diff] [blame]65 }
66
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]67 return ResponseCode::NO_ERROR;
Shawn Willden55268b52015-07-28 11:06:00 -0600[diff] [blame]68}
69
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]70ResponseCode KeyStore::initializeUser(const android::String8& pw, uid_t userId) {
71 UserState* userState = getUserState(userId);
72 return userState->initialize(pw, mEntropy);
Chad Brubakerfc18edc2015-01-12 15:17:18 -0800[diff] [blame]73}
74
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]75ResponseCode KeyStore::copyMasterKey(uid_t srcUser, uid_t dstUser) {
76 UserState* userState = getUserState(dstUser);
77 UserState* initState = getUserState(srcUser);
78 return userState->copyMasterKey(initState);
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]79}
80
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]81ResponseCode KeyStore::writeMasterKey(const android::String8& pw, uid_t userId) {
82 UserState* userState = getUserState(userId);
83 return userState->writeMasterKey(pw, mEntropy);
Shawn Willden55268b52015-07-28 11:06:00 -0600[diff] [blame]84}
85
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]86ResponseCode KeyStore::readMasterKey(const android::String8& pw, uid_t userId) {
87 UserState* userState = getUserState(userId);
88 return userState->readMasterKey(pw, mEntropy);
Kenny Root49468902013-03-19 13:41:33 -0700[diff] [blame]89}
90
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]91/* Here is the encoding of keys. This is necessary in order to allow arbitrary
92 * characters in keys. Characters in [0-~] are not encoded. Others are encoded
93 * into two bytes. The first byte is one of [+-.] which represents the first
94 * two bits of the character. The second byte encodes the rest of the bits into
95 * [0-o]. Therefore in the worst case the length of a key gets doubled. Note
96 * that Base64 cannot be used here due to the need of prefix match on keys. */
97
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]98static size_t encode_key_length(const android::String8& keyName) {
99 const uint8_t* in = reinterpret_cast<const uint8_t*>(keyName.string());
100 size_t length = keyName.length();
101 for (int i = length; i > 0; --i, ++in) {
102 if (*in < '0' || *in > '~') {
103 ++length;
104 }
105 }
106 return length;
107}
108
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]109static int encode_key(char* out, const android::String8& keyName) {
110 const uint8_t* in = reinterpret_cast<const uint8_t*>(keyName.string());
111 size_t length = keyName.length();
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]112 for (int i = length; i > 0; --i, ++in, ++out) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]113 if (*in < '0' || *in > '~') {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]114 *out = '+' + (*in >> 6);
115 *++out = '0' + (*in & 0x3F);
116 ++length;
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]117 } else {
118 *out = *in;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]119 }
120 }
121 *out = '\0';
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]122 return length;
123}
124
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]125android::String8 KeyStore::getKeyName(const android::String8& keyName, const BlobType type) {
Bin Chencfd95ae2016-08-22 12:16:09 +1000[diff] [blame]126 std::vector<char> encoded(encode_key_length(keyName) + 1); // add 1 for null char
127 encode_key(encoded.data(), keyName);
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]128 if (type == TYPE_KEY_CHARACTERISTICS) {
Tucker Sylvestro9c28dd52016-10-06 15:09:48 -0400[diff] [blame]129 return android::String8::format(".chr_%s", encoded.data());
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]130 } else {
Tucker Sylvestro9c28dd52016-10-06 15:09:48 -0400[diff] [blame]131 return android::String8(encoded.data());
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]132 }
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]133}
134
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]135android::String8 KeyStore::getKeyNameForUid(
136 const android::String8& keyName, uid_t uid, const BlobType type) {
Bin Chencfd95ae2016-08-22 12:16:09 +1000[diff] [blame]137 std::vector<char> encoded(encode_key_length(keyName) + 1); // add 1 for null char
138 encode_key(encoded.data(), keyName);
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]139 if (type == TYPE_KEY_CHARACTERISTICS) {
Tucker Sylvestro9c28dd52016-10-06 15:09:48 -0400[diff] [blame]140 return android::String8::format(".%u_chr_%s", uid, encoded.data());
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]141 } else {
Tucker Sylvestro9c28dd52016-10-06 15:09:48 -0400[diff] [blame]142 return android::String8::format("%u_%s", uid, encoded.data());
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]143 }
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]144}
145
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]146android::String8 KeyStore::getKeyNameForUidWithDir(
147 const android::String8& keyName, uid_t uid, const BlobType type) {
Bin Chencfd95ae2016-08-22 12:16:09 +1000[diff] [blame]148 std::vector<char> encoded(encode_key_length(keyName) + 1); // add 1 for null char
149 encode_key(encoded.data(), keyName);
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]150
151 if (type == TYPE_KEY_CHARACTERISTICS) {
152 return android::String8::format("%s/.%u_chr_%s", getUserStateByUid(uid)->getUserDirName(),
Tucker Sylvestro9c28dd52016-10-06 15:09:48 -0400[diff] [blame]153 uid, encoded.data());
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]154 } else {
155 return android::String8::format("%s/%u_%s", getUserStateByUid(uid)->getUserDirName(), uid,
Tucker Sylvestro9c28dd52016-10-06 15:09:48 -0400[diff] [blame]156 encoded.data());
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]157 }
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]158}
159
160void KeyStore::resetUser(uid_t userId, bool keepUnenryptedEntries) {
161 android::String8 prefix("");
162 android::Vector<android::String16> aliases;
163 UserState* userState = getUserState(userId);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]164 if (list(prefix, &aliases, userId) != ResponseCode::NO_ERROR) {
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]165 return;
166 }
167 for (uint32_t i = 0; i < aliases.size(); i++) {
168 android::String8 filename(aliases[i]);
169 filename = android::String8::format("%s/%s", userState->getUserDirName(),
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]170 getKeyName(filename, TYPE_ANY).string());
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]171 bool shouldDelete = true;
172 if (keepUnenryptedEntries) {
173 Blob blob;
174 ResponseCode rc = get(filename, &blob, ::TYPE_ANY, userId);
175
176 /* get can fail if the blob is encrypted and the state is
177 * not unlocked, only skip deleting blobs that were loaded and
178 * who are not encrypted. If there are blobs we fail to read for
179 * other reasons err on the safe side and delete them since we
180 * can't tell if they're encrypted.
181 */
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]182 shouldDelete = !(rc == ResponseCode::NO_ERROR && !blob.isEncrypted());
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]183 }
184 if (shouldDelete) {
185 del(filename, ::TYPE_ANY, userId);
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]186
187 // del() will fail silently if no cached characteristics are present for this alias.
188 android::String8 chr_filename(aliases[i]);
189 chr_filename = android::String8::format("%s/%s", userState->getUserDirName(),
190 getKeyName(chr_filename,
191 TYPE_KEY_CHARACTERISTICS).string());
192 del(chr_filename, ::TYPE_KEY_CHARACTERISTICS, userId);
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]193 }
194 }
195 if (!userState->deleteMasterKey()) {
196 ALOGE("Failed to delete user %d's master key", userId);
197 }
198 if (!keepUnenryptedEntries) {
199 if (!userState->reset()) {
200 ALOGE("Failed to remove user %d's directory", userId);
201 }
202 }
203}
204
205bool KeyStore::isEmpty(uid_t userId) const {
206 const UserState* userState = getUserState(userId);
207 if (userState == NULL) {
208 return true;
209 }
210
211 DIR* dir = opendir(userState->getUserDirName());
212 if (!dir) {
213 return true;
214 }
215
216 bool result = true;
217 struct dirent* file;
218 while ((file = readdir(dir)) != NULL) {
219 // We only care about files.
220 if (file->d_type != DT_REG) {
221 continue;
222 }
223
224 // Skip anything that starts with a "."
225 if (file->d_name[0] == '.') {
226 continue;
227 }
228
229 result = false;
230 break;
231 }
232 closedir(dir);
233 return result;
234}
235
236void KeyStore::lock(uid_t userId) {
237 UserState* userState = getUserState(userId);
238 userState->zeroizeMasterKeysInMemory();
239 userState->setState(STATE_LOCKED);
240}
241
242ResponseCode KeyStore::get(const char* filename, Blob* keyBlob, const BlobType type, uid_t userId) {
243 UserState* userState = getUserState(userId);
244 ResponseCode rc =
245 keyBlob->readBlob(filename, userState->getDecryptionKey(), userState->getState());
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]246 if (rc != ResponseCode::NO_ERROR) {
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]247 return rc;
248 }
249
250 const uint8_t version = keyBlob->getVersion();
251 if (version < CURRENT_BLOB_VERSION) {
252 /* If we upgrade the key, we need to write it to disk again. Then
253 * it must be read it again since the blob is encrypted each time
254 * it's written.
255 */
256 if (upgradeBlob(filename, keyBlob, version, type, userId)) {
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]257 if ((rc = this->put(filename, keyBlob, userId)) != ResponseCode::NO_ERROR ||
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]258 (rc = keyBlob->readBlob(filename, userState->getDecryptionKey(),
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]259 userState->getState())) != ResponseCode::NO_ERROR) {
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]260 return rc;
261 }
262 }
263 }
264
265 /*
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]266 * This will upgrade software-backed keys to hardware-backed keys.
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]267 */
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]268 if (rc == ResponseCode::NO_ERROR && type == TYPE_KEY_PAIR && keyBlob->isFallback()) {
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]269 ResponseCode imported =
270 importKey(keyBlob->getValue(), keyBlob->getLength(), filename, userId,
271 keyBlob->isEncrypted() ? KEYSTORE_FLAG_ENCRYPTED : KEYSTORE_FLAG_NONE);
272
273 // The HAL allowed the import, reget the key to have the "fresh"
274 // version.
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]275 if (imported == ResponseCode::NO_ERROR) {
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]276 rc = get(filename, keyBlob, TYPE_KEY_PAIR, userId);
277 }
278 }
279
280 // Keymaster 0.3 keys are valid keymaster 1.0 keys, so silently upgrade.
281 if (keyBlob->getType() == TYPE_KEY_PAIR) {
282 keyBlob->setType(TYPE_KEYMASTER_10);
283 rc = this->put(filename, keyBlob, userId);
284 }
285
286 if (type != TYPE_ANY && keyBlob->getType() != type) {
287 ALOGW("key found but type doesn't match: %d vs %d", keyBlob->getType(), type);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]288 return ResponseCode::KEY_NOT_FOUND;
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]289 }
290
291 return rc;
292}
293
294ResponseCode KeyStore::put(const char* filename, Blob* keyBlob, uid_t userId) {
295 UserState* userState = getUserState(userId);
296 return keyBlob->writeBlob(filename, userState->getEncryptionKey(), userState->getState(),
297 mEntropy);
298}
299
300ResponseCode KeyStore::del(const char* filename, const BlobType type, uid_t userId) {
301 Blob keyBlob;
302 ResponseCode rc = get(filename, &keyBlob, type, userId);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]303 if (rc == ResponseCode::VALUE_CORRUPTED) {
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]304 // The file is corrupt, the best we can do is rm it.
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]305 return (unlink(filename) && errno != ENOENT) ?
306 ResponseCode::SYSTEM_ERROR : ResponseCode::NO_ERROR;
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]307 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]308 if (rc != ResponseCode::NO_ERROR) {
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]309 return rc;
310 }
311
Janis Danisevskis69c434a2017-01-30 10:27:10 +0000[diff] [blame^]312 auto& dev = getDevice(keyBlob);
313
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]314 if (keyBlob.getType() == ::TYPE_KEY_PAIR || keyBlob.getType() == ::TYPE_KEYMASTER_10) {
Janis Danisevskis69c434a2017-01-30 10:27:10 +0000[diff] [blame^]315 auto ret = KS_HANDLE_HIDL_ERROR(dev->deleteKey(blob2hidlVec(keyBlob)));
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]316
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]317 // A device doesn't have to implement delete_key.
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]318 if (ret != ErrorCode::OK && ret != ErrorCode::UNIMPLEMENTED)
319 return ResponseCode::SYSTEM_ERROR;
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]320 }
321
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]322 return (unlink(filename) && errno != ENOENT) ?
323 ResponseCode::SYSTEM_ERROR : ResponseCode::NO_ERROR;
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]324}
325
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]326/*
327 * Converts from the "escaped" format on disk to actual name.
328 * This will be smaller than the input string.
329 *
330 * Characters that should combine with the next at the end will be truncated.
331 */
332static size_t decode_key_length(const char* in, size_t length) {
333 size_t outLength = 0;
334
335 for (const char* end = in + length; in < end; in++) {
336 /* This combines with the next character. */
337 if (*in < '0' || *in > '~') {
338 continue;
339 }
340
341 outLength++;
342 }
343 return outLength;
344}
345
346static void decode_key(char* out, const char* in, size_t length) {
347 for (const char* end = in + length; in < end; in++) {
348 if (*in < '0' || *in > '~') {
349 /* Truncate combining characters at the end. */
350 if (in + 1 >= end) {
351 break;
352 }
353
354 *out = (*in++ - '+') << 6;
355 *out++ |= (*in - '0') & 0x3F;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]356 } else {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]357 *out++ = *in;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]358 }
359 }
360 *out = '\0';
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]361}
362
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]363ResponseCode KeyStore::list(const android::String8& prefix,
364 android::Vector<android::String16>* matches, uid_t userId) {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]365
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]366 UserState* userState = getUserState(userId);
367 size_t n = prefix.length();
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]368
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]369 DIR* dir = opendir(userState->getUserDirName());
370 if (!dir) {
371 ALOGW("can't open directory for user: %s", strerror(errno));
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]372 return ResponseCode::SYSTEM_ERROR;
Chad Brubaker3a7d9e62015-06-04 15:01:46 -0700[diff] [blame]373 }
374
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]375 struct dirent* file;
376 while ((file = readdir(dir)) != NULL) {
377 // We only care about files.
378 if (file->d_type != DT_REG) {
379 continue;
Chad Brubaker3a7d9e62015-06-04 15:01:46 -0700[diff] [blame]380 }
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]381
382 // Skip anything that starts with a "."
383 if (file->d_name[0] == '.') {
384 continue;
Chad Brubaker3a7d9e62015-06-04 15:01:46 -0700[diff] [blame]385 }
Chad Brubaker3a7d9e62015-06-04 15:01:46 -0700[diff] [blame]386
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]387 if (!strncmp(prefix.string(), file->d_name, n)) {
388 const char* p = &file->d_name[n];
389 size_t plen = strlen(p);
Chad Brubaker3a7d9e62015-06-04 15:01:46 -0700[diff] [blame]390
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]391 size_t extra = decode_key_length(p, plen);
392 char* match = (char*)malloc(extra + 1);
393 if (match != NULL) {
394 decode_key(match, p, plen);
395 matches->push(android::String16(match, extra));
396 free(match);
Chad Brubakerdf705172015-06-17 20:17:51 -0700[diff] [blame]397 } else {
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]398 ALOGW("could not allocate match of size %zd", extra);
Chad Brubakerdf705172015-06-17 20:17:51 -0700[diff] [blame]399 }
Chad Brubaker3a7d9e62015-06-04 15:01:46 -0700[diff] [blame]400 }
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]401 }
402 closedir(dir);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]403 return ResponseCode::NO_ERROR;
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]404}
Chad Brubaker3a7d9e62015-06-04 15:01:46 -0700[diff] [blame]405
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]406void KeyStore::addGrant(const char* filename, uid_t granteeUid) {
407 const grant_t* existing = getGrant(filename, granteeUid);
408 if (existing == NULL) {
409 grant_t* grant = new grant_t;
410 grant->uid = granteeUid;
411 grant->filename = reinterpret_cast<const uint8_t*>(strdup(filename));
412 mGrants.add(grant);
413 }
414}
Chad Brubaker3a7d9e62015-06-04 15:01:46 -0700[diff] [blame]415
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]416bool KeyStore::removeGrant(const char* filename, uid_t granteeUid) {
417 for (android::Vector<grant_t*>::iterator it(mGrants.begin()); it != mGrants.end(); it++) {
418 grant_t* grant = *it;
419 if (grant->uid == granteeUid &&
420 !strcmp(reinterpret_cast<const char*>(grant->filename), filename)) {
421 mGrants.erase(it);
422 return true;
Chad Brubaker3a7d9e62015-06-04 15:01:46 -0700[diff] [blame]423 }
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]424 }
425 return false;
426}
Chad Brubaker3a7d9e62015-06-04 15:01:46 -0700[diff] [blame]427
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]428ResponseCode KeyStore::importKey(const uint8_t* key, size_t keyLen, const char* filename,
429 uid_t userId, int32_t flags) {
430 Unique_PKCS8_PRIV_KEY_INFO pkcs8(d2i_PKCS8_PRIV_KEY_INFO(NULL, &key, keyLen));
431 if (!pkcs8.get()) {
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]432 return ResponseCode::SYSTEM_ERROR;
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]433 }
434 Unique_EVP_PKEY pkey(EVP_PKCS82PKEY(pkcs8.get()));
435 if (!pkey.get()) {
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]436 return ResponseCode::SYSTEM_ERROR;
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]437 }
438 int type = EVP_PKEY_type(pkey->type);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]439 AuthorizationSet params;
440 add_legacy_key_authorizations(type, &params);
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]441 switch (type) {
442 case EVP_PKEY_RSA:
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]443 params.push_back(TAG_ALGORITHM, Algorithm::RSA);
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]444 break;
445 case EVP_PKEY_EC:
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]446 params.push_back(TAG_ALGORITHM, Algorithm::EC);
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]447 break;
448 default:
449 ALOGW("Unsupported key type %d", type);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]450 return ResponseCode::SYSTEM_ERROR;
Chad Brubaker3a7d9e62015-06-04 15:01:46 -0700[diff] [blame]451 }
452
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]453 AuthorizationSet opParams(params);
454 hidl_vec<uint8_t> blob;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]455
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]456 ErrorCode error;
457 auto hidlCb = [&] (ErrorCode ret, const hidl_vec<uint8_t>& keyBlob,
458 const KeyCharacteristics& /* ignored */) {
459 error = ret;
460 if (error != ErrorCode::OK) return;
461 blob = keyBlob;
462 };
463 auto input = blob2hidlVec(key, keyLen);
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]464
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]465 ErrorCode rc = KS_HANDLE_HIDL_ERROR(
466 mDevice->importKey(params.hidl_data(), KeyFormat::PKCS8, input, hidlCb));
467 if (rc != ErrorCode::OK) return ResponseCode::SYSTEM_ERROR;
468 if (error != ErrorCode::OK) {
469 ALOGE("Keymaster error %d importing key pair", error);
470 return ResponseCode::SYSTEM_ERROR;
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]471 }
472
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]473 Blob keyBlob(&blob[0], blob.size(), NULL, 0, TYPE_KEYMASTER_10);
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]474
475 keyBlob.setEncrypted(flags & KEYSTORE_FLAG_ENCRYPTED);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]476 keyBlob.setFallback(false);
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]477
478 return put(filename, &keyBlob, userId);
479}
480
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]481bool KeyStore::isHardwareBacked(const android::String16& /*keyType*/) const {
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]482 if (mDevice == NULL) {
483 ALOGW("can't get keymaster device");
484 return false;
485 }
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]486// TODO: This information seems not to be available here
487// if (sRSAKeyType == keyType) {
488// return (mDevice->flags & KEYMASTER_SOFTWARE_ONLY) == 0;
489// } else {
490// return (mDevice->flags & KEYMASTER_SOFTWARE_ONLY) == 0 &&
491// (mDevice->common.module->module_api_version >= KEYMASTER_MODULE_API_VERSION_0_2);
492// }
493 return true;
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]494}
495
496ResponseCode KeyStore::getKeyForName(Blob* keyBlob, const android::String8& keyName,
497 const uid_t uid, const BlobType type) {
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]498 android::String8 filepath8(getKeyNameForUidWithDir(keyName, uid, type));
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]499 uid_t userId = get_user_id(uid);
500
501 ResponseCode responseCode = get(filepath8.string(), keyBlob, type, userId);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]502 if (responseCode == ResponseCode::NO_ERROR) {
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]503 return responseCode;
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]504 }
505
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]506 // If this is one of the legacy UID->UID mappings, use it.
507 uid_t euid = get_keystore_euid(uid);
508 if (euid != uid) {
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]509 filepath8 = getKeyNameForUidWithDir(keyName, euid, type);
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]510 responseCode = get(filepath8.string(), keyBlob, type, userId);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]511 if (responseCode == ResponseCode::NO_ERROR) {
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]512 return responseCode;
513 }
514 }
515
516 // They might be using a granted key.
Tucker Sylvestro0ab28b72016-08-05 18:02:47 -0400[diff] [blame]517 android::String8 filename8 = getKeyName(keyName, type);
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]518 char* end;
519 strtoul(filename8.string(), &end, 10);
520 if (end[0] != '_' || end[1] == 0) {
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]521 return ResponseCode::KEY_NOT_FOUND;
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]522 }
523 filepath8 = android::String8::format("%s/%s", getUserState(userId)->getUserDirName(),
524 filename8.string());
525 if (!hasGrant(filepath8.string(), uid)) {
526 return responseCode;
527 }
528
529 // It is a granted key. Try to load it.
530 return get(filepath8.string(), keyBlob, type, userId);
531}
532
533UserState* KeyStore::getUserState(uid_t userId) {
534 for (android::Vector<UserState*>::iterator it(mMasterKeys.begin()); it != mMasterKeys.end();
535 it++) {
536 UserState* state = *it;
537 if (state->getUserId() == userId) {
538 return state;
539 }
540 }
541
542 UserState* userState = new UserState(userId);
543 if (!userState->initialize()) {
544 /* There's not much we can do if initialization fails. Trying to
545 * unlock the keystore for that user will fail as well, so any
546 * subsequent request for this user will just return SYSTEM_ERROR.
547 */
548 ALOGE("User initialization failed for %u; subsuquent operations will fail", userId);
549 }
550 mMasterKeys.add(userState);
551 return userState;
552}
553
554UserState* KeyStore::getUserStateByUid(uid_t uid) {
555 uid_t userId = get_user_id(uid);
556 return getUserState(userId);
557}
558
559const UserState* KeyStore::getUserState(uid_t userId) const {
560 for (android::Vector<UserState*>::const_iterator it(mMasterKeys.begin());
561 it != mMasterKeys.end(); it++) {
562 UserState* state = *it;
563 if (state->getUserId() == userId) {
564 return state;
565 }
566 }
567
568 return NULL;
569}
570
571const UserState* KeyStore::getUserStateByUid(uid_t uid) const {
572 uid_t userId = get_user_id(uid);
573 return getUserState(userId);
574}
575
576const grant_t* KeyStore::getGrant(const char* filename, uid_t uid) const {
577 for (android::Vector<grant_t*>::const_iterator it(mGrants.begin()); it != mGrants.end(); it++) {
578 grant_t* grant = *it;
579 if (grant->uid == uid &&
580 !strcmp(reinterpret_cast<const char*>(grant->filename), filename)) {
581 return grant;
582 }
583 }
584 return NULL;
585}
586
587bool KeyStore::upgradeBlob(const char* filename, Blob* blob, const uint8_t oldVersion,
588 const BlobType type, uid_t uid) {
589 bool updated = false;
590 uint8_t version = oldVersion;
591
592 /* From V0 -> V1: All old types were unknown */
593 if (version == 0) {
594 ALOGV("upgrading to version 1 and setting type %d", type);
595
596 blob->setType(type);
597 if (type == TYPE_KEY_PAIR) {
598 importBlobAsKey(blob, filename, uid);
599 }
600 version = 1;
601 updated = true;
602 }
603
604 /* From V1 -> V2: All old keys were encrypted */
605 if (version == 1) {
606 ALOGV("upgrading to version 2");
607
608 blob->setEncrypted(true);
609 version = 2;
610 updated = true;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]611 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]612
613 /*
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]614 * If we've updated, set the key blob to the right version
615 * and write it.
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]616 */
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]617 if (updated) {
618 ALOGV("updated and writing file %s", filename);
619 blob->setVersion(version);
620 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]621
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]622 return updated;
623}
624
625struct BIO_Delete {
626 void operator()(BIO* p) const { BIO_free(p); }
627};
628typedef UniquePtr<BIO, BIO_Delete> Unique_BIO;
629
630ResponseCode KeyStore::importBlobAsKey(Blob* blob, const char* filename, uid_t uid) {
631 // We won't even write to the blob directly with this BIO, so const_cast is okay.
632 Unique_BIO b(BIO_new_mem_buf(const_cast<uint8_t*>(blob->getValue()), blob->getLength()));
633 if (b.get() == NULL) {
634 ALOGE("Problem instantiating BIO");
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]635 return ResponseCode::SYSTEM_ERROR;
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]636 }
637
638 Unique_EVP_PKEY pkey(PEM_read_bio_PrivateKey(b.get(), NULL, NULL, NULL));
639 if (pkey.get() == NULL) {
640 ALOGE("Couldn't read old PEM file");
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]641 return ResponseCode::SYSTEM_ERROR;
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]642 }
643
644 Unique_PKCS8_PRIV_KEY_INFO pkcs8(EVP_PKEY2PKCS8(pkey.get()));
645 int len = i2d_PKCS8_PRIV_KEY_INFO(pkcs8.get(), NULL);
646 if (len < 0) {
647 ALOGE("Couldn't measure PKCS#8 length");
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]648 return ResponseCode::SYSTEM_ERROR;
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]649 }
650
651 UniquePtr<unsigned char[]> pkcs8key(new unsigned char[len]);
652 uint8_t* tmp = pkcs8key.get();
653 if (i2d_PKCS8_PRIV_KEY_INFO(pkcs8.get(), &tmp) != len) {
654 ALOGE("Couldn't convert to PKCS#8");
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]655 return ResponseCode::SYSTEM_ERROR;
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]656 }
657
658 ResponseCode rc = importKey(pkcs8key.get(), len, filename, get_user_id(uid),
659 blob->isEncrypted() ? KEYSTORE_FLAG_ENCRYPTED : KEYSTORE_FLAG_NONE);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]660 if (rc != ResponseCode::NO_ERROR) {
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]661 return rc;
662 }
663
664 return get(filename, blob, TYPE_KEY_PAIR, uid);
665}
666
667void KeyStore::readMetaData() {
668 int in = TEMP_FAILURE_RETRY(open(sMetaDataFile, O_RDONLY));
669 if (in < 0) {
670 return;
671 }
672 size_t fileLength = readFully(in, (uint8_t*)&mMetaData, sizeof(mMetaData));
673 if (fileLength != sizeof(mMetaData)) {
674 ALOGI("Metadata file is %zd bytes (%zd experted); upgrade?", fileLength, sizeof(mMetaData));
675 }
676 close(in);
677}
678
679void KeyStore::writeMetaData() {
680 const char* tmpFileName = ".metadata.tmp";
681 int out =
682 TEMP_FAILURE_RETRY(open(tmpFileName, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR));
683 if (out < 0) {
684 ALOGE("couldn't write metadata file: %s", strerror(errno));
685 return;
686 }
687 size_t fileLength = writeFully(out, (uint8_t*)&mMetaData, sizeof(mMetaData));
688 if (fileLength != sizeof(mMetaData)) {
689 ALOGI("Could only write %zd bytes to metadata file (%zd expected)", fileLength,
690 sizeof(mMetaData));
691 }
692 close(out);
693 rename(tmpFileName, sMetaDataFile);
694}
695
696bool KeyStore::upgradeKeystore() {
697 bool upgraded = false;
698
699 if (mMetaData.version == 0) {
700 UserState* userState = getUserStateByUid(0);
701
702 // Initialize first so the directory is made.
703 userState->initialize();
704
705 // Migrate the old .masterkey file to user 0.
706 if (access(sOldMasterKey, R_OK) == 0) {
707 if (rename(sOldMasterKey, userState->getMasterKeyFileName()) < 0) {
708 ALOGE("couldn't migrate old masterkey: %s", strerror(errno));
709 return false;
710 }
711 }
712
713 // Initialize again in case we had a key.
714 userState->initialize();
715
716 // Try to migrate existing keys.
717 DIR* dir = opendir(".");
718 if (!dir) {
719 // Give up now; maybe we can upgrade later.
720 ALOGE("couldn't open keystore's directory; something is wrong");
721 return false;
722 }
723
724 struct dirent* file;
725 while ((file = readdir(dir)) != NULL) {
726 // We only care about files.
727 if (file->d_type != DT_REG) {
728 continue;
729 }
730
731 // Skip anything that starts with a "."
732 if (file->d_name[0] == '.') {
733 continue;
734 }
735
736 // Find the current file's user.
737 char* end;
738 unsigned long thisUid = strtoul(file->d_name, &end, 10);
739 if (end[0] != '_' || end[1] == 0) {
740 continue;
741 }
742 UserState* otherUser = getUserStateByUid(thisUid);
743 if (otherUser->getUserId() != 0) {
744 unlinkat(dirfd(dir), file->d_name, 0);
745 }
746
747 // Rename the file into user directory.
748 DIR* otherdir = opendir(otherUser->getUserDirName());
749 if (otherdir == NULL) {
750 ALOGW("couldn't open user directory for rename");
751 continue;
752 }
753 if (renameat(dirfd(dir), file->d_name, dirfd(otherdir), file->d_name) < 0) {
754 ALOGW("couldn't rename blob: %s: %s", file->d_name, strerror(errno));
755 }
756 closedir(otherdir);
757 }
758 closedir(dir);
759
760 mMetaData.version = 1;
761 upgraded = true;
762 }
763
764 return upgraded;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]765}