170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root/* 270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * Copyright (C) 2012 The Android Open Source Project 370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * 470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * Redistribution and use in source and binary forms, with or without 570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * modification, are permitted provided that the following conditions 670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * are met: 770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * 1. Redistributions of source code must retain the above copyright 870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * notice, this list of conditions and the following disclaimer. 970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * 2. Redistributions in binary form must reproduce the above copyright 1070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * notice, this list of conditions and the following disclaimer in the 1170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * documentation and/or other materials provided with the distribution. 1270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * 1370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY 1470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 1570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 1670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY 1770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 1870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 1970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 2070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 2170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 2270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 2370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * 2470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root */ 2570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root#include <keystore.h> 2770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2898c2f8fcc1263a9d94adac66994fffc96c0df699Colin Cross#include <utils/UniquePtr.h> 2970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 3070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root#include <sys/socket.h> 3170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root#include <stdarg.h> 3270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root#include <string.h> 33bef8083783df4b06972f33b468eccf941e335864Kenny Root#include <unistd.h> 3470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 3570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root#include <openssl/objects.h> 3670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root#include <openssl/engine.h> 3770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root#include <openssl/evp.h> 3870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 390114bd9f9bbc2458ca77bf3508e7c15992a432b1Brian Carlstrom//#define LOG_NDEBUG 0 4070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root#define LOG_TAG "OpenSSL-keystore" 4170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root#include <cutils/log.h> 4270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 4370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root#include <keystore_client.h> 4470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 4570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 4670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root#define DYNAMIC_ENGINE 4770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root#define KEYSTORE_ENGINE_ID "keystore" 4870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root#define KEYSTORE_ENGINE_NAME "Android keystore engine" 4970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 5070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root/** 5170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * Many OpenSSL APIs take ownership of an argument on success but don't free the argument 5270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * on failure. This means we need to tell our scoped pointers when we've transferred ownership, 5370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * without triggering a warning by not using the result of release(). 5470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root */ 5570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root#define OWNERSHIP_TRANSFERRED(obj) \ 5670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root typeof (obj.release()) _dummy __attribute__((unused)) = obj.release() 5770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 5870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Rootstruct ENGINE_Delete { 5970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root void operator()(ENGINE* p) const { 6070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ENGINE_free(p); 6170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 6270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root}; 6370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Roottypedef UniquePtr<ENGINE, ENGINE_Delete> Unique_ENGINE; 6470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 6570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Rootstruct EVP_PKEY_Delete { 6670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root void operator()(EVP_PKEY* p) const { 6770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root EVP_PKEY_free(p); 6870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 6970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root}; 7070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Roottypedef UniquePtr<EVP_PKEY, EVP_PKEY_Delete> Unique_EVP_PKEY; 7170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 7270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Rootstruct RSA_Delete { 7370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root void operator()(RSA* p) const { 7470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root RSA_free(p); 7570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 7670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root}; 7770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Roottypedef UniquePtr<RSA, RSA_Delete> Unique_RSA; 7870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 7970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 8070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root/* 8170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * RSA ex_data index for keystore's key handle. 8270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root */ 8370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Rootstatic int rsa_key_handle; 8470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 85bef8083783df4b06972f33b468eccf941e335864Kenny Root/* 86bef8083783df4b06972f33b468eccf941e335864Kenny Root * Only initialize the rsa_key_handle once. 8770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root */ 88bef8083783df4b06972f33b468eccf941e335864Kenny Rootstatic pthread_once_t rsa_key_handle_control = PTHREAD_ONCE_INIT; 89bef8083783df4b06972f33b468eccf941e335864Kenny Root 9070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 9170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root/** 9270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * Makes sure the ex_data for the keyhandle is initially set to NULL. 9370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root */ 9470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Rootint keyhandle_new(void*, void*, CRYPTO_EX_DATA* ad, int idx, long, void*) { 9570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return CRYPTO_set_ex_data(ad, idx, NULL); 9670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root} 9770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 9870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root/** 9970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * Frees a previously allocated keyhandle stored in ex_data. 10070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root */ 10170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Rootvoid keyhandle_free(void *, void *ptr, CRYPTO_EX_DATA*, int, long, void*) { 10270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root char* keyhandle = reinterpret_cast<char*>(ptr); 10370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (keyhandle != NULL) { 10470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root free(keyhandle); 10570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 10670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root} 10770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 10870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root/** 10970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * Duplicates a keyhandle stored in ex_data in case we copy a key. 11070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root */ 11170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Rootint keyhandle_dup(CRYPTO_EX_DATA* to, CRYPTO_EX_DATA*, void *ptrRef, int idx, long, void *) { 11270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root // This appears to be a bug in OpenSSL. 11370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root void** ptr = reinterpret_cast<void**>(ptrRef); 11470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root char* keyhandle = reinterpret_cast<char*>(*ptr); 11570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (keyhandle != NULL) { 11670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root char* keyhandle_copy = strdup(keyhandle); 11770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root *ptr = keyhandle_copy; 11870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 11970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root // Call this in case OpenSSL is fixed in the future. 12070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root (void) CRYPTO_set_ex_data(to, idx, keyhandle_copy); 12170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 12270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 1; 12370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root} 12470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 12570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Rootint keystore_rsa_priv_enc(int flen, const unsigned char* from, unsigned char* to, RSA* rsa, 12670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root int padding) { 12770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGV("keystore_rsa_sign(%d, %p, %p, %p, %d)", flen, from, to, rsa, padding); 12870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 12970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root int num = RSA_size(rsa); 13070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root UniquePtr<uint8_t> padded(new uint8_t[num]); 13170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (padded.get() == NULL) { 13270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGE("could not allocate padded signature"); 13370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 0; 13470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 13570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 13670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root switch (padding) { 13770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root case RSA_PKCS1_PADDING: 13870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (!RSA_padding_add_PKCS1_type_1(padded.get(), num, from, flen)) { 13970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 0; 14070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 14170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root break; 14270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root case RSA_X931_PADDING: 14370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (!RSA_padding_add_X931(padded.get(), num, from, flen)) { 14470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 0; 14570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 14670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root break; 14770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root case RSA_NO_PADDING: 14870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (!RSA_padding_add_none(padded.get(), num, from, flen)) { 14970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 0; 15070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 15170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root break; 15270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root default: 15370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGE("Unknown padding type: %d", padding); 15470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 0; 15570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 15670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 15770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root uint8_t* key_id = reinterpret_cast<uint8_t*>(RSA_get_ex_data(rsa, rsa_key_handle)); 15870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (key_id == NULL) { 15970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGE("key had no key_id!"); 16070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 0; 16170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 16270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 16370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root Keystore_Reply reply; 16470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (keystore_cmd(CommandCodes[SIGN], &reply, 2, strlen(reinterpret_cast<const char*>(key_id)), 16570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root key_id, static_cast<size_t>(num), reinterpret_cast<const uint8_t*>(padded.get())) 16670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root != NO_ERROR) { 16770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGE("There was an error during rsa_mod_exp"); 16870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 0; 16970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 17070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 17170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root const size_t replyLen = reply.length(); 17270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (replyLen <= 0) { 17370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGW("No valid signature returned"); 17470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 0; 17570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 17670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 17770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root memcpy(to, reply.get(), replyLen); 17870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 17970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGV("rsa=%p keystore_rsa_sign => returning %p len %llu", rsa, to, 18070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root (unsigned long long) replyLen); 18170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return static_cast<int>(replyLen); 18270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root} 18370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 18470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Rootstatic RSA_METHOD keystore_rsa_meth = { 18570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root KEYSTORE_ENGINE_NAME, 18670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root NULL, /* rsa_pub_enc */ 18770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root NULL, /* rsa_pub_dec (verification) */ 18870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root keystore_rsa_priv_enc, /* rsa_priv_enc (signing) */ 18970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root NULL, /* rsa_priv_dec */ 19070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root NULL, /* rsa_mod_exp */ 19170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root NULL, /* bn_mod_exp */ 19270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root NULL, /* init */ 19370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root NULL, /* finish */ 19470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root RSA_FLAG_EXT_PKEY | RSA_FLAG_NO_BLINDING, /* flags */ 19570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root NULL, /* app_data */ 19670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root NULL, /* rsa_sign */ 19770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root NULL, /* rsa_verify */ 19870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root NULL, /* rsa_keygen */ 19970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root}; 20070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 20170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Rootstatic int register_rsa_methods() { 20270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root const RSA_METHOD* rsa_meth = RSA_PKCS1_SSLeay(); 20370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 20470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root keystore_rsa_meth.rsa_pub_enc = rsa_meth->rsa_pub_enc; 20570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root keystore_rsa_meth.rsa_pub_dec = rsa_meth->rsa_pub_dec; 20670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root keystore_rsa_meth.rsa_priv_dec = rsa_meth->rsa_priv_dec; 20770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root keystore_rsa_meth.rsa_mod_exp = rsa_meth->rsa_mod_exp; 20870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root keystore_rsa_meth.bn_mod_exp = rsa_meth->bn_mod_exp; 20970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 21070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 1; 21170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root} 21270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2130114bd9f9bbc2458ca77bf3508e7c15992a432b1Brian Carlstromstatic EVP_PKEY* keystore_loadkey(ENGINE* e, const char* key_id, UI_METHOD* ui_method, 2140114bd9f9bbc2458ca77bf3508e7c15992a432b1Brian Carlstrom void* callback_data) { 2150114bd9f9bbc2458ca77bf3508e7c15992a432b1Brian Carlstrom#if LOG_NDEBUG 2160114bd9f9bbc2458ca77bf3508e7c15992a432b1Brian Carlstrom (void)ui_method; 2170114bd9f9bbc2458ca77bf3508e7c15992a432b1Brian Carlstrom (void)callback_data; 2180114bd9f9bbc2458ca77bf3508e7c15992a432b1Brian Carlstrom#else 21970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGV("keystore_loadkey(%p, \"%s\", %p, %p)", e, key_id, ui_method, callback_data); 2200114bd9f9bbc2458ca77bf3508e7c15992a432b1Brian Carlstrom#endif 22170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 22270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root Keystore_Reply reply; 22370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (keystore_cmd(CommandCodes[GET_PUBKEY], &reply, 1, strlen(key_id), key_id) != NO_ERROR) { 22470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGV("Cannot get public key for %s", key_id); 22570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return NULL; 22670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 22770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 22870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root const unsigned char* tmp = reinterpret_cast<const unsigned char*>(reply.get()); 22970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root Unique_EVP_PKEY pkey(d2i_PUBKEY(NULL, &tmp, reply.length())); 23070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (pkey.get() == NULL) { 23170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGW("Cannot convert pubkey"); 23270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return NULL; 23370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 23470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 23570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root switch (EVP_PKEY_type(pkey->type)) { 23670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root case EVP_PKEY_RSA: { 23770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root Unique_RSA rsa(EVP_PKEY_get1_RSA(pkey.get())); 23870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (!RSA_set_ex_data(rsa.get(), rsa_key_handle, reinterpret_cast<void*>(strdup(key_id)))) { 23970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGW("Could not set ex_data for loaded RSA key"); 24070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return NULL; 24170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 24270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 24370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root RSA_set_method(rsa.get(), &keystore_rsa_meth); 24470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root RSA_blinding_off(rsa.get()); 24570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 24670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root /* 24770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * This should probably be an OpenSSL API, but EVP_PKEY_free calls 24870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root * ENGINE_finish(), so we need to call ENGINE_init() here. 24970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root */ 25070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ENGINE_init(e); 25170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root rsa->engine = e; 25270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root rsa->flags |= RSA_FLAG_EXT_PKEY; 25370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 25470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root break; 25570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 25670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root default: 25770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGE("Unsupported key type %d", EVP_PKEY_type(pkey->type)); 25870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return NULL; 25970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 26070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 26170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return pkey.release(); 26270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root} 26370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 26470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Rootstatic const ENGINE_CMD_DEFN keystore_cmd_defns[] = { 26570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root {0, NULL, NULL, 0} 26670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root}; 26770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 268bef8083783df4b06972f33b468eccf941e335864Kenny Root/** 269bef8083783df4b06972f33b468eccf941e335864Kenny Root * Called to initialize RSA's ex_data for the key_id handle. This should 270bef8083783df4b06972f33b468eccf941e335864Kenny Root * only be called when protected by a lock. 271bef8083783df4b06972f33b468eccf941e335864Kenny Root */ 272bef8083783df4b06972f33b468eccf941e335864Kenny Rootstatic void init_rsa_key_handle() { 273bef8083783df4b06972f33b468eccf941e335864Kenny Root rsa_key_handle = RSA_get_ex_new_index(0, NULL, keyhandle_new, keyhandle_dup, 274bef8083783df4b06972f33b468eccf941e335864Kenny Root keyhandle_free); 275bef8083783df4b06972f33b468eccf941e335864Kenny Root} 276bef8083783df4b06972f33b468eccf941e335864Kenny Root 27770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Rootstatic int keystore_engine_setup(ENGINE* e) { 27870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGV("keystore_engine_setup"); 27970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 28070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (!ENGINE_set_id(e, KEYSTORE_ENGINE_ID) 28170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root || !ENGINE_set_name(e, KEYSTORE_ENGINE_NAME) 28270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root || !ENGINE_set_load_privkey_function(e, keystore_loadkey) 28370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root || !ENGINE_set_load_pubkey_function(e, keystore_loadkey) 28470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root || !ENGINE_set_cmd_defns(e, keystore_cmd_defns)) { 28570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGE("Could not set up keystore engine"); 28670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 0; 28770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 28870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 28970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (!ENGINE_set_RSA(e, &keystore_rsa_meth) 29070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root || !register_rsa_methods()) { 29170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGE("Could not set up keystore RSA methods"); 29270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 0; 29370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 29470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 295bef8083783df4b06972f33b468eccf941e335864Kenny Root /* We need a handle in the RSA keys as well for keygen if it's not already initialized. */ 296bef8083783df4b06972f33b468eccf941e335864Kenny Root pthread_once(&rsa_key_handle_control, init_rsa_key_handle); 29770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (rsa_key_handle < 0) { 29870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGE("Could not set up RSA ex_data index"); 29970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 0; 30070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 30170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 30270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 1; 30370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root} 30470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 30570e3a86abd2c412d602a018967c01c177eb6cf4eKenny RootENGINE* ENGINE_keystore() { 30670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGV("ENGINE_keystore"); 30770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 30870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root Unique_ENGINE engine(ENGINE_new()); 30970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (engine.get() == NULL) { 31070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return NULL; 31170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 31270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 31370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (!keystore_engine_setup(engine.get())) { 31470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return NULL; 31570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 31670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 31770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return engine.release(); 31870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root} 31970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 32070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Rootstatic int keystore_bind_fn(ENGINE *e, const char *id) { 32170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGV("keystore_bind_fn"); 32270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 32370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (!id) { 32470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 0; 32570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 32670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 32770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (strcmp(id, KEYSTORE_ENGINE_ID)) { 32870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 0; 32970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 33070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 33170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (!keystore_engine_setup(e)) { 33270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 0; 33370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 33470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 33570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 1; 33670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root} 33770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 33870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Rootextern "C" { 33970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root#undef OPENSSL_EXPORT 34070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root#define OPENSSL_EXPORT extern __attribute__ ((visibility ("default"))) 34170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 34270e3a86abd2c412d602a018967c01c177eb6cf4eKenny RootIMPLEMENT_DYNAMIC_CHECK_FN() 34370e3a86abd2c412d602a018967c01c177eb6cf4eKenny RootIMPLEMENT_DYNAMIC_BIND_FN(keystore_bind_fn) 34470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root}; 345