10a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden/* 20a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * Copyright 2014 The Android Open Source Project 30a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * 40a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * Licensed under the Apache License, Version 2.0 (the "License"); 50a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * you may not use this file except in compliance with the License. 60a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * You may obtain a copy of the License at 70a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * 80a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * http://www.apache.org/licenses/LICENSE-2.0 90a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * 100a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * Unless required by applicable law or agreed to in writing, software 110a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * distributed under the License is distributed on an "AS IS" BASIS, 120a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 130a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * See the License for the specific language governing permissions and 140a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * limitations under the License. 150a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden */ 160a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 170a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden#ifndef SYSTEM_KEYMASTER_GOOGLE_KEYMASTER_H_ 180a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden#define SYSTEM_KEYMASTER_GOOGLE_KEYMASTER_H_ 190a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 200a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden#include <keymaster/authorization_set.h> 210a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden#include <keymaster/google_keymaster_messages.h> 220a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden#include <keymaster/logger.h> 230a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 240a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willdennamespace keymaster { 250a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 260a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willdenclass Key; 270a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willdenclass KeyBlob; 280a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willdenclass Operation; 290a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 300a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden/** 310a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * OpenSSL-based Keymaster backing implementation, for use as a pure software implmentation 320a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * (softkeymaster) and in a trusted execution environment (TEE), like ARM TrustZone. This class 330a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * doesn't actually implement the Keymaster HAL interface, instead it implements an alternative API 340a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * which is similar to and based upon the HAL, but uses C++ "message" classes which support 350a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * serialization. 360a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * 370a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * For non-secure, pure software implementation there is a HAL translation layer that converts the 380a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * HAL's parameters to and from the message representations, which are then passed in to this 390a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * API. 400a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * 410a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * For secure implementation there is another HAL translation layer that serializes the messages to 420a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * the TEE. In the TEE implementation there's another component which deserializes the messages, 430a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden * extracts the relevant parameters and calls this API. 440a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden */ 450a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willdenclass GoogleKeymaster { 460a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden public: 470a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden GoogleKeymaster(size_t operation_table_size, Logger* logger); 480a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden virtual ~GoogleKeymaster(); 490a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 500a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden void SupportedAlgorithms(SupportedResponse<keymaster_algorithm_t>* response) const; 510a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden void SupportedBlockModes(keymaster_algorithm_t algorithm, 520a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden SupportedResponse<keymaster_block_mode_t>* response) const; 530a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden void SupportedPaddingModes(keymaster_algorithm_t algorithm, 540a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden SupportedResponse<keymaster_padding_t>* response) const; 550a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden void SupportedDigests(keymaster_algorithm_t algorithm, 560a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden SupportedResponse<keymaster_digest_t>* response) const; 570a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden void SupportedImportFormats(keymaster_algorithm_t algorithm, 580a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden SupportedResponse<keymaster_key_format_t>* response) const; 590a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden void SupportedExportFormats(keymaster_algorithm_t algorithm, 600a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden SupportedResponse<keymaster_key_format_t>* response) const; 610a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 620a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden virtual keymaster_error_t AddRngEntropy(AddEntropyRequest& /* request */) { 630a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden // Not going to implement until post-L. 640a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden return KM_ERROR_UNIMPLEMENTED; 650a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden } 660a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden void GenerateKey(const GenerateKeyRequest& request, GenerateKeyResponse* response); 670a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden void GetKeyCharacteristics(const GetKeyCharacteristicsRequest& request, 680a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden GetKeyCharacteristicsResponse* response); 690a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden void Rescope(const RescopeRequest& /* request */, RescopeResponse* response) { 700a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden // Not going to implement until post-L. 710a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden response->error = KM_ERROR_UNIMPLEMENTED; 720a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden } 730a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden void ImportKey(const ImportKeyRequest& request, ImportKeyResponse* response); 740a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden void ExportKey(const ExportKeyRequest& request, ExportKeyResponse* response); 750a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden void BeginOperation(const BeginOperationRequest& request, BeginOperationResponse* response); 760a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden void UpdateOperation(const UpdateOperationRequest& request, UpdateOperationResponse* response); 770a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden void FinishOperation(const FinishOperationRequest& request, FinishOperationResponse* response); 780a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden keymaster_error_t AbortOperation(const keymaster_operation_handle_t op_handle); 790a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 800a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden const Logger& logger() const { return *logger_; } 810a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 820a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden private: 830a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden virtual bool is_enforced(keymaster_tag_t tag) = 0; 840a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden virtual keymaster_key_origin_t origin() = 0; 850a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden virtual keymaster_key_param_t RootOfTrustTag() = 0; 860a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden virtual keymaster_key_blob_t MasterKey() = 0; 870a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden virtual void GenerateNonce(uint8_t* nonce, size_t length) = 0; 880a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 890a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden keymaster_error_t SerializeKey(const Key* key, keymaster_key_origin_t origin, 900a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden keymaster_key_blob_t* keymaster_blob, AuthorizationSet* enforced, 910a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden AuthorizationSet* unenforced); 920a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden Key* LoadKey(const keymaster_key_blob_t& key, const AuthorizationSet& client_params, 930a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden keymaster_error_t* error); 940a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden KeyBlob* LoadKeyBlob(const keymaster_key_blob_t& key, const AuthorizationSet& client_params, 950a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden keymaster_error_t* error); 960a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 970a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden keymaster_error_t SetAuthorizations(const AuthorizationSet& key_description, 980a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden keymaster_key_origin_t origin, AuthorizationSet* enforced, 990a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden AuthorizationSet* unenforced); 1000a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden keymaster_error_t BuildHiddenAuthorizations(const AuthorizationSet& input_set, 1010a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden AuthorizationSet* hidden); 1020a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 1030a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden void AddAuthorization(const keymaster_key_param_t& auth, AuthorizationSet* enforced, 1040a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden AuthorizationSet* unenforced); 1050a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden bool GenerateRsa(const AuthorizationSet& key_auths, GenerateKeyResponse* response, 1060a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden AuthorizationSet* hidden_auths); 1070a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden bool GenerateDsa(const AuthorizationSet& key_auths, GenerateKeyResponse* response, 1080a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden AuthorizationSet* hidden_auths); 1090a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden bool GenerateEcdsa(const AuthorizationSet& key_auths, GenerateKeyResponse* response, 1100a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden AuthorizationSet* hidden_auths); 1110a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden keymaster_error_t WrapKey(const uint8_t* key_material, size_t key_material_length, 1120a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden KeyBlob* blob); 1130a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden keymaster_error_t UnwrapKey(const KeyBlob* blob, uint8_t* key, size_t key_length); 1140a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 1150a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden struct OpTableEntry { 1160a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden OpTableEntry() { 1170a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden handle = 0; 1180a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden operation = NULL; 1190a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden } 1200a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden keymaster_operation_handle_t handle; 1210a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden Operation* operation; 1220a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden }; 1230a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 1240a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden keymaster_error_t AddOperation(Operation* operation, keymaster_operation_handle_t* op_handle); 1250a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden OpTableEntry* FindOperation(keymaster_operation_handle_t op_handle); 1260a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden void DeleteOperation(OpTableEntry* entry); 1270a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden bool is_supported_export_format(keymaster_key_format_t test_format); 1280a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden bool is_supported_import_format(keymaster_key_format_t test_format); 1290a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 1300a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden UniquePtr<OpTableEntry[]> operation_table_; 1310a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden size_t operation_table_size_; 1320a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden UniquePtr<Logger> logger_; 1330a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden}; 1340a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 1350a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden} // namespace keymaster 1360a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden 1370a4df7e3a83a59e4a5abc3f605d7d7e9f636c682Shawn Willden#endif // SYSTEM_KEYMASTER_GOOGLE_KEYMASTER_H_ 138