Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 1 | /* |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 2 | * Copyright (C) 2016 The Android Open Source Project |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
Janis Danisevskis | c7a9fa2 | 2016-10-13 18:43:45 +0100 | [diff] [blame] | 17 | #define LOG_TAG "keystore" |
| 18 | |
Shawn Willden | fa5702f | 2017-12-03 15:14:58 -0700 | [diff] [blame] | 19 | #include "KeyStore.h" |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 20 | |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 21 | #include <dirent.h> |
| 22 | #include <fcntl.h> |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 23 | |
Kenny Root | 822c3a9 | 2012-03-23 16:34:39 -0700 | [diff] [blame] | 24 | #include <openssl/bio.h> |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 25 | |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 26 | #include <utils/String16.h> |
Janis Danisevskis | 6905c33 | 2017-09-01 13:24:23 -0700 | [diff] [blame] | 27 | #include <utils/String8.h> |
Kenny Root | 70e3a86 | 2012-02-15 17:20:23 -0800 | [diff] [blame] | 28 | |
Pavel Grafov | cef3947 | 2018-02-12 18:45:02 +0000 | [diff] [blame] | 29 | #include <android-base/scopeguard.h> |
Janis Danisevskis | c7a9fa2 | 2016-10-13 18:43:45 +0100 | [diff] [blame] | 30 | #include <android/hardware/keymaster/3.0/IKeymasterDevice.h> |
Rob Barnes | bb6cabd | 2018-10-04 17:10:37 -0600 | [diff] [blame^] | 31 | #include <android/security/keystore/IKeystoreService.h> |
Pavel Grafov | ff311b4 | 2018-01-24 20:34:37 +0000 | [diff] [blame] | 32 | #include <log/log_event_list.h> |
| 33 | |
| 34 | #include <private/android_logger.h> |
Janis Danisevskis | c7a9fa2 | 2016-10-13 18:43:45 +0100 | [diff] [blame] | 35 | |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 36 | #include "keystore_utils.h" |
| 37 | #include "permissions.h" |
Janis Danisevskis | c7a9fa2 | 2016-10-13 18:43:45 +0100 | [diff] [blame] | 38 | #include <keystore/keystore_hidl_support.h> |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 39 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 40 | #include "keymaster_worker.h" |
| 41 | |
Shawn Willden | c67a8aa | 2017-12-03 17:51:29 -0700 | [diff] [blame] | 42 | namespace keystore { |
| 43 | |
Shawn Willden | 0329a82 | 2017-12-04 13:55:14 -0700 | [diff] [blame] | 44 | const char* KeyStore::kOldMasterKey = ".masterkey"; |
| 45 | const char* KeyStore::kMetaDataFile = ".metadata"; |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 46 | |
Shawn Willden | 0329a82 | 2017-12-04 13:55:14 -0700 | [diff] [blame] | 47 | const android::String16 KeyStore::kRsaKeyType("RSA"); |
| 48 | const android::String16 KeyStore::kEcKeyType("EC"); |
Riley Spahn | eaabae9 | 2014-06-30 12:39:52 -0700 | [diff] [blame] | 49 | |
Janis Danisevskis | 6905c33 | 2017-09-01 13:24:23 -0700 | [diff] [blame] | 50 | using android::String8; |
Janis Danisevskis | c7a9fa2 | 2016-10-13 18:43:45 +0100 | [diff] [blame] | 51 | |
Janis Danisevskis | c146014 | 2017-12-18 16:48:46 -0800 | [diff] [blame] | 52 | KeyStore::KeyStore(Entropy* entropy, const KeymasterDevices& kmDevices, |
| 53 | SecurityLevel minimalAllowedSecurityLevelForNewKeys) |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 54 | : mEntropy(entropy), |
| 55 | mAllowNewFallback(minimalAllowedSecurityLevelForNewKeys == SecurityLevel::SOFTWARE), |
| 56 | mConfirmationManager(new ConfirmationManager(this)) { |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 57 | memset(&mMetaData, '\0', sizeof(mMetaData)); |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 58 | |
| 59 | static_assert(std::tuple_size<std::decay_t<decltype(kmDevices)>>::value == |
| 60 | std::tuple_size<decltype(mKmDevices)>::value, |
| 61 | "KmasterDevices and KeymasterWorkers must have the same size"); |
| 62 | for (size_t i = 0; i < kmDevices.size(); ++i) { |
| 63 | if (kmDevices[SecurityLevel(i)]) { |
| 64 | mKmDevices[SecurityLevel(i)] = |
| 65 | std::make_shared<KeymasterWorker>(kmDevices[SecurityLevel(i)], this); |
| 66 | } |
| 67 | } |
Kenny Root | 70e3a86 | 2012-02-15 17:20:23 -0800 | [diff] [blame] | 68 | } |
| 69 | |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 70 | KeyStore::~KeyStore() { |
Shawn Willden | 55268b5 | 2015-07-28 11:06:00 -0600 | [diff] [blame] | 71 | } |
| 72 | |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 73 | ResponseCode KeyStore::initialize() { |
| 74 | readMetaData(); |
| 75 | if (upgradeKeystore()) { |
| 76 | writeMetaData(); |
Shawn Willden | 55268b5 | 2015-07-28 11:06:00 -0600 | [diff] [blame] | 77 | } |
| 78 | |
Janis Danisevskis | c7a9fa2 | 2016-10-13 18:43:45 +0100 | [diff] [blame] | 79 | return ResponseCode::NO_ERROR; |
Shawn Willden | 55268b5 | 2015-07-28 11:06:00 -0600 | [diff] [blame] | 80 | } |
| 81 | |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 82 | ResponseCode KeyStore::initializeUser(const android::String8& pw, uid_t userId) { |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 83 | auto userState = mUserStateDB.getUserState(userId); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 84 | return userState->initialize(pw, mEntropy); |
Chad Brubaker | fc18edc | 2015-01-12 15:17:18 -0800 | [diff] [blame] | 85 | } |
| 86 | |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 87 | ResponseCode KeyStore::copyMasterKey(uid_t srcUser, uid_t dstUser) { |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 88 | auto userState = mUserStateDB.getUserState(dstUser); |
| 89 | auto initState = mUserStateDB.getUserState(srcUser); |
| 90 | return userState->copyMasterKey(&initState); |
Kenny Root | 70e3a86 | 2012-02-15 17:20:23 -0800 | [diff] [blame] | 91 | } |
| 92 | |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 93 | ResponseCode KeyStore::writeMasterKey(const android::String8& pw, uid_t userId) { |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 94 | auto userState = mUserStateDB.getUserState(userId); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 95 | return userState->writeMasterKey(pw, mEntropy); |
Shawn Willden | 55268b5 | 2015-07-28 11:06:00 -0600 | [diff] [blame] | 96 | } |
| 97 | |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 98 | ResponseCode KeyStore::readMasterKey(const android::String8& pw, uid_t userId) { |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 99 | auto userState = mUserStateDB.getUserState(userId); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 100 | return userState->readMasterKey(pw, mEntropy); |
Kenny Root | 4946890 | 2013-03-19 13:41:33 -0700 | [diff] [blame] | 101 | } |
| 102 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 103 | LockedKeyBlobEntry KeyStore::getLockedBlobEntryIfNotExists(const std::string& alias, uid_t uid) { |
| 104 | KeyBlobEntry kbe(alias, mUserStateDB.getUserStateByUid(uid)->getUserDirName(), uid); |
| 105 | auto result = LockedKeyBlobEntry::get(std::move(kbe)); |
| 106 | if (result->hasKeyBlob()) return {}; |
| 107 | return result; |
Kenny Root | 655b958 | 2013-04-04 08:37:42 -0700 | [diff] [blame] | 108 | } |
| 109 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 110 | std::optional<KeyBlobEntry> KeyStore::getBlobEntryIfExists(const std::string& alias, uid_t uid) { |
| 111 | KeyBlobEntry kbe(alias, mUserStateDB.getUserStateByUid(uid)->getUserDirName(), uid); |
| 112 | if (kbe.hasKeyBlob()) return kbe; |
Janis Danisevskis | 31b44f2 | 2017-09-21 11:29:47 -0700 | [diff] [blame] | 113 | |
| 114 | // If this is one of the legacy UID->UID mappings, use it. |
| 115 | uid_t euid = get_keystore_euid(uid); |
| 116 | if (euid != uid) { |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 117 | kbe = KeyBlobEntry(alias, mUserStateDB.getUserStateByUid(euid)->getUserDirName(), euid); |
| 118 | if (kbe.hasKeyBlob()) return kbe; |
Janis Danisevskis | 31b44f2 | 2017-09-21 11:29:47 -0700 | [diff] [blame] | 119 | } |
| 120 | |
| 121 | // They might be using a granted key. |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 122 | auto grant = mGrants.get(uid, alias); |
Janis Danisevskis | 31b44f2 | 2017-09-21 11:29:47 -0700 | [diff] [blame] | 123 | if (grant) { |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 124 | kbe = grant->entry_; |
| 125 | if (kbe.hasKeyBlob()) return kbe; |
Janis Danisevskis | 31b44f2 | 2017-09-21 11:29:47 -0700 | [diff] [blame] | 126 | } |
| 127 | return {}; |
| 128 | } |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 129 | LockedKeyBlobEntry KeyStore::getLockedBlobEntryIfExists(const std::string& alias, uid_t uid) { |
| 130 | auto blobentry = getBlobEntryIfExists(alias, uid); |
| 131 | if (!blobentry) return {}; |
| 132 | LockedKeyBlobEntry lockedentry = LockedKeyBlobEntry::get(std::move(*blobentry)); |
| 133 | if (!lockedentry || !lockedentry->hasKeyBlob()) return {}; |
| 134 | return lockedentry; |
| 135 | } |
Janis Danisevskis | 31b44f2 | 2017-09-21 11:29:47 -0700 | [diff] [blame] | 136 | |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 137 | void KeyStore::resetUser(uid_t userId, bool keepUnenryptedEntries) { |
| 138 | android::String8 prefix(""); |
| 139 | android::Vector<android::String16> aliases; |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 140 | |
| 141 | // DO NOT |
| 142 | // move |
| 143 | // auto userState = userStateDB_.getUserState(userId); |
| 144 | // here, in an attempt to replace userStateDB_.getUserState(userId) with userState. |
| 145 | // userState is a proxy that holds a lock which may required by a worker. |
| 146 | // LockedKeyBlobEntry::list has a fence that waits until all workers have finished which may |
| 147 | // not happen if a user state lock is held. The following line only briefly grabs the lock. |
| 148 | // Grabbing the user state lock after the list call is also save since workers cannot grab |
| 149 | // blob entry locks. |
| 150 | |
| 151 | auto userState = mUserStateDB.getUserState(userId); |
| 152 | std::string userDirName = userState->getUserDirName(); |
| 153 | auto encryptionKey = userState->getEncryptionKey(); |
| 154 | auto state = userState->getState(); |
| 155 | // unlock the user state |
| 156 | userState = {}; |
| 157 | |
| 158 | ResponseCode rc; |
| 159 | std::list<LockedKeyBlobEntry> matches; |
| 160 | |
| 161 | // must not be called by a keymaster worker. List waits for workers to relinquish all access |
| 162 | // to blob entries |
| 163 | std::tie(rc, matches) = LockedKeyBlobEntry::list(userDirName); |
| 164 | if (rc != ResponseCode::NO_ERROR) { |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 165 | return; |
| 166 | } |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 167 | |
| 168 | for (LockedKeyBlobEntry& lockedEntry : matches) { |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 169 | bool shouldDelete = true; |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 170 | |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 171 | if (keepUnenryptedEntries) { |
| 172 | Blob blob; |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 173 | Blob charBlob; |
| 174 | ResponseCode rc; |
| 175 | |
| 176 | std::tie(rc, blob, charBlob) = lockedEntry.readBlobs(encryptionKey, state); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 177 | |
Shawn Willden | 07aebe7 | 2017-02-28 13:53:24 -0700 | [diff] [blame] | 178 | switch (rc) { |
| 179 | case ResponseCode::SYSTEM_ERROR: |
| 180 | case ResponseCode::VALUE_CORRUPTED: |
| 181 | // If we can't read blobs, delete them. |
| 182 | shouldDelete = true; |
| 183 | break; |
| 184 | |
| 185 | case ResponseCode::NO_ERROR: |
| 186 | case ResponseCode::LOCKED: |
| 187 | // Delete encrypted blobs but keep unencrypted blobs and super-encrypted blobs. We |
| 188 | // need to keep super-encrypted blobs so we can report that the user is |
| 189 | // unauthenticated if a caller tries to use them, rather than reporting that they |
| 190 | // don't exist. |
| 191 | shouldDelete = blob.isEncrypted(); |
| 192 | break; |
| 193 | |
| 194 | default: |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 195 | ALOGE("Got unexpected return code %d from readBlobs", rc); |
Shawn Willden | 07aebe7 | 2017-02-28 13:53:24 -0700 | [diff] [blame] | 196 | // This shouldn't happen. To be on the safe side, delete it. |
| 197 | shouldDelete = true; |
| 198 | break; |
| 199 | } |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 200 | } |
| 201 | if (shouldDelete) { |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 202 | del(lockedEntry); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 203 | } |
| 204 | } |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 205 | |
| 206 | userState = mUserStateDB.getUserState(userId); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 207 | if (!userState->deleteMasterKey()) { |
| 208 | ALOGE("Failed to delete user %d's master key", userId); |
| 209 | } |
| 210 | if (!keepUnenryptedEntries) { |
| 211 | if (!userState->reset()) { |
| 212 | ALOGE("Failed to remove user %d's directory", userId); |
| 213 | } |
| 214 | } |
| 215 | } |
| 216 | |
| 217 | bool KeyStore::isEmpty(uid_t userId) const { |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 218 | std::string userDirName; |
| 219 | { |
| 220 | // userState hold a lock which must be relinqhished before list is called. This scope |
| 221 | // prevents deadlocks. |
| 222 | auto userState = mUserStateDB.getUserState(userId); |
| 223 | if (!userState) { |
| 224 | return true; |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 225 | } |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 226 | userDirName = userState->getUserDirName(); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 227 | } |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 228 | |
| 229 | ResponseCode rc; |
| 230 | std::list<LockedKeyBlobEntry> matches; |
| 231 | |
| 232 | // must not be called by a keymaster worker. List waits for workers to relinquish all access |
| 233 | // to blob entries |
| 234 | std::tie(rc, matches) = LockedKeyBlobEntry::list(userDirName); |
| 235 | |
| 236 | return rc == ResponseCode::SYSTEM_ERROR || matches.size() == 0; |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 237 | } |
| 238 | |
| 239 | void KeyStore::lock(uid_t userId) { |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 240 | auto userState = mUserStateDB.getUserState(userId); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 241 | userState->zeroizeMasterKeysInMemory(); |
| 242 | userState->setState(STATE_LOCKED); |
| 243 | } |
| 244 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 245 | static void maybeLogKeyIntegrityViolation(const LockedKeyBlobEntry& lockedEntry, |
| 246 | const BlobType type) { |
| 247 | if (!__android_log_security() || (type != TYPE_KEY_PAIR && type != TYPE_KEYMASTER_10)) return; |
| 248 | log_key_integrity_violation(lockedEntry->alias().c_str(), lockedEntry->uid()); |
| 249 | } |
Pavel Grafov | cef3947 | 2018-02-12 18:45:02 +0000 | [diff] [blame] | 250 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 251 | std::tuple<ResponseCode, Blob, Blob> KeyStore::get(const LockedKeyBlobEntry& blobfile) { |
| 252 | std::tuple<ResponseCode, Blob, Blob> result; |
Pavel Grafov | cef3947 | 2018-02-12 18:45:02 +0000 | [diff] [blame] | 253 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 254 | uid_t userId = get_user_id(blobfile->uid()); |
| 255 | Blob& keyBlob = std::get<1>(result); |
| 256 | ResponseCode& rc = std::get<0>(result); |
| 257 | |
| 258 | auto userState = mUserStateDB.getUserState(userId); |
| 259 | BlobType type = BlobType::TYPE_ANY; |
Pavel Grafov | cef3947 | 2018-02-12 18:45:02 +0000 | [diff] [blame] | 260 | auto logOnScopeExit = android::base::make_scope_guard([&] { |
| 261 | if (rc == ResponseCode::VALUE_CORRUPTED) { |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 262 | maybeLogKeyIntegrityViolation(blobfile, type); |
Pavel Grafov | cef3947 | 2018-02-12 18:45:02 +0000 | [diff] [blame] | 263 | } |
| 264 | }); |
| 265 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 266 | result = blobfile.readBlobs(userState->getEncryptionKey(), userState->getState()); |
Janis Danisevskis | c7a9fa2 | 2016-10-13 18:43:45 +0100 | [diff] [blame] | 267 | if (rc != ResponseCode::NO_ERROR) { |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 268 | return result; |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 269 | } |
| 270 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 271 | // update the type for logging (see scope_guard above) |
| 272 | type = keyBlob.getType(); |
| 273 | |
| 274 | const uint8_t version = keyBlob.getVersion(); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 275 | if (version < CURRENT_BLOB_VERSION) { |
| 276 | /* If we upgrade the key, we need to write it to disk again. Then |
| 277 | * it must be read it again since the blob is encrypted each time |
| 278 | * it's written. |
| 279 | */ |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 280 | if (upgradeBlob(&keyBlob, version)) { |
| 281 | if ((rc = this->put(blobfile, keyBlob, {})) != ResponseCode::NO_ERROR || |
| 282 | (result = blobfile.readBlobs(userState->getEncryptionKey(), userState->getState()), |
| 283 | rc) != ResponseCode::NO_ERROR) { |
| 284 | return result; |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 285 | } |
| 286 | } |
| 287 | } |
| 288 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 289 | return result; |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 290 | } |
| 291 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 292 | ResponseCode KeyStore::put(const LockedKeyBlobEntry& blobfile, Blob keyBlob, |
| 293 | Blob characteristicsBlob) { |
| 294 | auto userState = mUserStateDB.getUserStateByUid(blobfile->uid()); |
| 295 | return blobfile.writeBlobs(std::move(keyBlob), std::move(characteristicsBlob), |
| 296 | userState->getEncryptionKey(), userState->getState(), mEntropy); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 297 | } |
| 298 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 299 | ResponseCode KeyStore::del(const LockedKeyBlobEntry& blobfile) { |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 300 | Blob keyBlob; |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 301 | Blob charactaristicsBlob; |
| 302 | ResponseCode rc; |
| 303 | uid_t uid = blobfile->uid(); |
| 304 | std::string alias = blobfile->alias(); |
| 305 | |
| 306 | std::tie(rc, keyBlob, charactaristicsBlob) = get(blobfile); |
| 307 | |
| 308 | // after getting the blob from the file system we scrub the filesystem. |
| 309 | mGrants.removeAllGrantsToKey(uid, alias); |
| 310 | auto result = blobfile.deleteBlobs(); |
| 311 | |
Janis Danisevskis | c7a9fa2 | 2016-10-13 18:43:45 +0100 | [diff] [blame] | 312 | if (rc != ResponseCode::NO_ERROR) { |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 313 | LOG(ERROR) << "get keyblob failed " << int(rc); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 314 | return rc; |
| 315 | } |
| 316 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 317 | // if we got the blob successfully, we try and delete it from the keymaster device |
Janis Danisevskis | c146014 | 2017-12-18 16:48:46 -0800 | [diff] [blame] | 318 | auto dev = getDevice(keyBlob); |
Janis Danisevskis | 69c434a | 2017-01-30 10:27:10 +0000 | [diff] [blame] | 319 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 320 | if (keyBlob.getType() == ::TYPE_KEYMASTER_10) { |
| 321 | dev->deleteKey(blob2hidlVec(keyBlob), [alias, uid](Return<ErrorCode> rc) { |
| 322 | auto ret = KS_HANDLE_HIDL_ERROR(rc); |
| 323 | // A device doesn't have to implement delete_key. |
| 324 | bool success = ret == ErrorCode::OK || ret == ErrorCode::UNIMPLEMENTED; |
| 325 | if (__android_log_security()) { |
| 326 | android_log_event_list(SEC_TAG_KEY_DESTROYED) |
| 327 | << int32_t(success) << alias << int32_t(uid) << LOG_ID_SECURITY; |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 328 | } |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 329 | if (!success) { |
| 330 | LOG(ERROR) << "Keymaster delete for key " << alias << " of uid " << uid |
| 331 | << " failed"; |
Chad Brubaker | df70517 | 2015-06-17 20:17:51 -0700 | [diff] [blame] | 332 | } |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 333 | }); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 334 | } |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 335 | |
| 336 | return result; |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 337 | } |
Chad Brubaker | 3a7d9e6 | 2015-06-04 15:01:46 -0700 | [diff] [blame] | 338 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 339 | std::string KeyStore::addGrant(const LockedKeyBlobEntry& blobfile, uid_t granteeUid) { |
| 340 | return mGrants.put(granteeUid, blobfile); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 341 | } |
Chad Brubaker | 3a7d9e6 | 2015-06-04 15:01:46 -0700 | [diff] [blame] | 342 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 343 | bool KeyStore::removeGrant(const LockedKeyBlobEntry& blobfile, const uid_t granteeUid) { |
| 344 | return mGrants.removeByFileAlias(granteeUid, blobfile); |
Janis Danisevskis | 31b44f2 | 2017-09-21 11:29:47 -0700 | [diff] [blame] | 345 | } |
| 346 | void KeyStore::removeAllGrantsToUid(const uid_t granteeUid) { |
| 347 | mGrants.removeAllGrantsToUid(granteeUid); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 348 | } |
Chad Brubaker | 3a7d9e6 | 2015-06-04 15:01:46 -0700 | [diff] [blame] | 349 | |
Shawn Willden | 0329a82 | 2017-12-04 13:55:14 -0700 | [diff] [blame] | 350 | bool KeyStore::isHardwareBacked(const android::String16& keyType) const { |
Janis Danisevskis | c146014 | 2017-12-18 16:48:46 -0800 | [diff] [blame] | 351 | // if strongbox device is present TEE must also be present and of sufficiently high version |
| 352 | // to support all keys in hardware |
| 353 | if (getDevice(SecurityLevel::STRONGBOX)) return true; |
| 354 | if (!getDevice(SecurityLevel::TRUSTED_ENVIRONMENT)) { |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 355 | ALOGW("can't get keymaster device"); |
| 356 | return false; |
| 357 | } |
Janis Danisevskis | e2b6caf | 2017-03-02 16:37:10 -0800 | [diff] [blame] | 358 | |
Janis Danisevskis | c146014 | 2017-12-18 16:48:46 -0800 | [diff] [blame] | 359 | auto version = getDevice(SecurityLevel::TRUSTED_ENVIRONMENT)->halVersion(); |
Shawn Willden | 0329a82 | 2017-12-04 13:55:14 -0700 | [diff] [blame] | 360 | if (keyType == kRsaKeyType) return true; // All versions support RSA |
| 361 | return keyType == kEcKeyType && version.supportsEc; |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 362 | } |
| 363 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 364 | std::tuple<ResponseCode, Blob, Blob, LockedKeyBlobEntry> |
| 365 | KeyStore::getKeyForName(const android::String8& keyName, const uid_t uid, const BlobType type) { |
| 366 | std::tuple<ResponseCode, Blob, Blob, LockedKeyBlobEntry> result; |
| 367 | auto& [rc, keyBlob, charBlob, lockedEntry] = result; |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 368 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 369 | lockedEntry = getLockedBlobEntryIfExists(keyName.string(), uid); |
Riley Spahn | eaabae9 | 2014-06-30 12:39:52 -0700 | [diff] [blame] | 370 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 371 | if (!lockedEntry) return rc = ResponseCode::KEY_NOT_FOUND, std::move(result); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 372 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 373 | std::tie(rc, keyBlob, charBlob) = get(lockedEntry); |
| 374 | |
| 375 | if (rc == ResponseCode::NO_ERROR) { |
| 376 | if (keyBlob.getType() != type) return rc = ResponseCode::KEY_NOT_FOUND, std::move(result); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 377 | } |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 378 | return result; |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 379 | } |
| 380 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 381 | bool KeyStore::upgradeBlob(Blob* blob, const uint8_t oldVersion) { |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 382 | bool updated = false; |
| 383 | uint8_t version = oldVersion; |
| 384 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 385 | if (!blob || !(*blob)) return false; |
| 386 | |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 387 | /* From V0 -> V1: All old types were unknown */ |
| 388 | if (version == 0) { |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 389 | ALOGE("Failed to upgrade key blob. Ancient blob version 0 is no longer supported"); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 390 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 391 | return false; |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 392 | } |
| 393 | |
| 394 | /* From V1 -> V2: All old keys were encrypted */ |
| 395 | if (version == 1) { |
| 396 | ALOGV("upgrading to version 2"); |
| 397 | |
| 398 | blob->setEncrypted(true); |
| 399 | version = 2; |
| 400 | updated = true; |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 401 | } |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 402 | |
| 403 | /* |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 404 | * If we've updated, set the key blob to the right version |
| 405 | * and write it. |
Kenny Root | 07438c8 | 2012-11-02 15:41:02 -0700 | [diff] [blame] | 406 | */ |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 407 | if (updated) { |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 408 | blob->setVersion(version); |
| 409 | } |
Kenny Root | 70e3a86 | 2012-02-15 17:20:23 -0800 | [diff] [blame] | 410 | |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 411 | return updated; |
| 412 | } |
| 413 | |
| 414 | struct BIO_Delete { |
| 415 | void operator()(BIO* p) const { BIO_free(p); } |
| 416 | }; |
Janis Danisevskis | ccfff10 | 2017-05-01 11:02:51 -0700 | [diff] [blame] | 417 | typedef std::unique_ptr<BIO, BIO_Delete> Unique_BIO; |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 418 | |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 419 | void KeyStore::readMetaData() { |
Shawn Willden | 0329a82 | 2017-12-04 13:55:14 -0700 | [diff] [blame] | 420 | int in = TEMP_FAILURE_RETRY(open(kMetaDataFile, O_RDONLY)); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 421 | if (in < 0) { |
| 422 | return; |
| 423 | } |
| 424 | size_t fileLength = readFully(in, (uint8_t*)&mMetaData, sizeof(mMetaData)); |
| 425 | if (fileLength != sizeof(mMetaData)) { |
| 426 | ALOGI("Metadata file is %zd bytes (%zd experted); upgrade?", fileLength, sizeof(mMetaData)); |
| 427 | } |
| 428 | close(in); |
| 429 | } |
| 430 | |
| 431 | void KeyStore::writeMetaData() { |
| 432 | const char* tmpFileName = ".metadata.tmp"; |
| 433 | int out = |
| 434 | TEMP_FAILURE_RETRY(open(tmpFileName, O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR)); |
| 435 | if (out < 0) { |
| 436 | ALOGE("couldn't write metadata file: %s", strerror(errno)); |
| 437 | return; |
| 438 | } |
| 439 | size_t fileLength = writeFully(out, (uint8_t*)&mMetaData, sizeof(mMetaData)); |
| 440 | if (fileLength != sizeof(mMetaData)) { |
| 441 | ALOGI("Could only write %zd bytes to metadata file (%zd expected)", fileLength, |
| 442 | sizeof(mMetaData)); |
| 443 | } |
| 444 | close(out); |
Shawn Willden | 0329a82 | 2017-12-04 13:55:14 -0700 | [diff] [blame] | 445 | rename(tmpFileName, kMetaDataFile); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 446 | } |
| 447 | |
| 448 | bool KeyStore::upgradeKeystore() { |
| 449 | bool upgraded = false; |
| 450 | |
| 451 | if (mMetaData.version == 0) { |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 452 | auto userState = getUserStateDB().getUserStateByUid(0); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 453 | |
| 454 | // Initialize first so the directory is made. |
| 455 | userState->initialize(); |
| 456 | |
| 457 | // Migrate the old .masterkey file to user 0. |
Shawn Willden | 0329a82 | 2017-12-04 13:55:14 -0700 | [diff] [blame] | 458 | if (access(kOldMasterKey, R_OK) == 0) { |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 459 | if (rename(kOldMasterKey, userState->getMasterKeyFileName().c_str()) < 0) { |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 460 | ALOGE("couldn't migrate old masterkey: %s", strerror(errno)); |
| 461 | return false; |
| 462 | } |
| 463 | } |
| 464 | |
| 465 | // Initialize again in case we had a key. |
| 466 | userState->initialize(); |
| 467 | |
| 468 | // Try to migrate existing keys. |
| 469 | DIR* dir = opendir("."); |
| 470 | if (!dir) { |
| 471 | // Give up now; maybe we can upgrade later. |
| 472 | ALOGE("couldn't open keystore's directory; something is wrong"); |
| 473 | return false; |
| 474 | } |
| 475 | |
| 476 | struct dirent* file; |
Yi Kong | e353f25 | 2018-07-30 01:38:39 -0700 | [diff] [blame] | 477 | while ((file = readdir(dir)) != nullptr) { |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 478 | // We only care about files. |
| 479 | if (file->d_type != DT_REG) { |
| 480 | continue; |
| 481 | } |
| 482 | |
| 483 | // Skip anything that starts with a "." |
| 484 | if (file->d_name[0] == '.') { |
| 485 | continue; |
| 486 | } |
| 487 | |
| 488 | // Find the current file's user. |
| 489 | char* end; |
| 490 | unsigned long thisUid = strtoul(file->d_name, &end, 10); |
| 491 | if (end[0] != '_' || end[1] == 0) { |
| 492 | continue; |
| 493 | } |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 494 | auto otherUser = getUserStateDB().getUserStateByUid(thisUid); |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 495 | if (otherUser->getUserId() != 0) { |
| 496 | unlinkat(dirfd(dir), file->d_name, 0); |
| 497 | } |
| 498 | |
| 499 | // Rename the file into user directory. |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 500 | DIR* otherdir = opendir(otherUser->getUserDirName().c_str()); |
Yi Kong | e353f25 | 2018-07-30 01:38:39 -0700 | [diff] [blame] | 501 | if (otherdir == nullptr) { |
Shawn Willden | c1d1fee | 2016-01-26 22:44:56 -0700 | [diff] [blame] | 502 | ALOGW("couldn't open user directory for rename"); |
| 503 | continue; |
| 504 | } |
| 505 | if (renameat(dirfd(dir), file->d_name, dirfd(otherdir), file->d_name) < 0) { |
| 506 | ALOGW("couldn't rename blob: %s: %s", file->d_name, strerror(errno)); |
| 507 | } |
| 508 | closedir(otherdir); |
| 509 | } |
| 510 | closedir(dir); |
| 511 | |
| 512 | mMetaData.version = 1; |
| 513 | upgraded = true; |
| 514 | } |
| 515 | |
| 516 | return upgraded; |
Kenny Root | a91203b | 2012-02-15 15:00:46 -0800 | [diff] [blame] | 517 | } |
Shawn Willden | c67a8aa | 2017-12-03 17:51:29 -0700 | [diff] [blame] | 518 | |
Janis Danisevskis | ff3d7f4 | 2018-10-08 07:15:09 -0700 | [diff] [blame] | 519 | void KeyStore::binderDied(const ::android::wp<IBinder>& who) { |
| 520 | for (unsigned i = 0; i < mKmDevices.size(); ++i) { |
| 521 | if (mKmDevices[SecurityLevel(i)]) mKmDevices[SecurityLevel(i)]->binderDied(who); |
| 522 | } |
| 523 | getConfirmationManager().binderDied(who); |
Pavel Grafov | cef3947 | 2018-02-12 18:45:02 +0000 | [diff] [blame] | 524 | } |
| 525 | |
Shawn Willden | c67a8aa | 2017-12-03 17:51:29 -0700 | [diff] [blame] | 526 | } // namespace keystore |