keystore.cpp revision 154d7699cc30ef5156d6497258c4dd350fcb1286
1a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root/* 2a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * Copyright (C) 2009 The Android Open Source Project 3a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * 4a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * Licensed under the Apache License, Version 2.0 (the "License"); 5a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * you may not use this file except in compliance with the License. 6a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * You may obtain a copy of the License at 7a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * 8a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * http://www.apache.org/licenses/LICENSE-2.0 9a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * 10a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * Unless required by applicable law or agreed to in writing, software 11a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * distributed under the License is distributed on an "AS IS" BASIS, 12a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * See the License for the specific language governing permissions and 14a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * limitations under the License. 15a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root */ 16a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 1707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root//#define LOG_NDEBUG 0 1807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root#define LOG_TAG "keystore" 1907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 20a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <stdio.h> 21a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <stdint.h> 22a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <string.h> 23aaf9802da6cea710e0777abb852724e1825cad63Elliott Hughes#include <strings.h> 24a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <unistd.h> 25a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <signal.h> 26a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <errno.h> 27a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <dirent.h> 28655b958eb2180c7c06889f83f606d23421bf038cKenny Root#include <errno.h> 29a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <fcntl.h> 30a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <limits.h> 31822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root#include <assert.h> 32a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <sys/types.h> 33a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <sys/socket.h> 34a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <sys/stat.h> 35a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <sys/time.h> 36a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <arpa/inet.h> 37a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 38a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <openssl/aes.h> 39822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root#include <openssl/bio.h> 40a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <openssl/evp.h> 41a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <openssl/md5.h> 42822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root#include <openssl/pem.h> 43a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 44a5bbf2fb2a4853ecf6ae77ffee3efeb7a862498aShawn Willden#include <hardware/keymaster0.h> 4570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 4617208e0de5a42722901d803118745cca25fd10c1Kenny Root#include <keymaster/softkeymaster.h> 47919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker#include <keymaster/soft_keymaster_device.h> 4817208e0de5a42722901d803118745cca25fd10c1Kenny Root 4926cfc08add3966eca5892e3387cf5ed6dc3068fbKenny Root#include <UniquePtr.h> 50655b958eb2180c7c06889f83f606d23421bf038cKenny Root#include <utils/String8.h> 51655b958eb2180c7c06889f83f606d23421bf038cKenny Root#include <utils/Vector.h> 5270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 5307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root#include <keystore/IKeystoreService.h> 5407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root#include <binder/IPCThreadState.h> 5507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root#include <binder/IServiceManager.h> 5607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 57a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <cutils/log.h> 58a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <cutils/sockets.h> 59a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#include <private/android_filesystem_config.h> 60a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 6107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root#include <keystore/keystore.h> 62a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 63eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn#include <selinux/android.h> 64eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn 6596427baf0094d50047049d329b0779c3c910402cKenny Root#include "defaults.h" 6640a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker#include "operation.h" 6796427baf0094d50047049d329b0779c3c910402cKenny Root 68a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root/* KeyStore is a secured storage for key-value pairs. In this implementation, 69a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * each file stores one key-value pair. Keys are encoded in file names, and 70a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * values are encrypted with checksums. The encryption key is protected by a 71a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * user-defined password. To keep things simple, buffers are always larger than 72a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * the maximum space we needed, so boundary checks on buffers are omitted. */ 73a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 74a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#define KEY_SIZE ((NAME_MAX - 15) / 2) 75a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#define VALUE_SIZE 32768 76a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root#define PASSWORD_SIZE VALUE_SIZE 77a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 78822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 7996427baf0094d50047049d329b0779c3c910402cKenny Rootstruct BIGNUM_Delete { 8096427baf0094d50047049d329b0779c3c910402cKenny Root void operator()(BIGNUM* p) const { 8196427baf0094d50047049d329b0779c3c910402cKenny Root BN_free(p); 8296427baf0094d50047049d329b0779c3c910402cKenny Root } 8396427baf0094d50047049d329b0779c3c910402cKenny Root}; 8496427baf0094d50047049d329b0779c3c910402cKenny Roottypedef UniquePtr<BIGNUM, BIGNUM_Delete> Unique_BIGNUM; 8596427baf0094d50047049d329b0779c3c910402cKenny Root 86822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Rootstruct BIO_Delete { 87822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root void operator()(BIO* p) const { 88822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root BIO_free(p); 89822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 90822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root}; 91822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Roottypedef UniquePtr<BIO, BIO_Delete> Unique_BIO; 92822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 93822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Rootstruct EVP_PKEY_Delete { 94822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root void operator()(EVP_PKEY* p) const { 95822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root EVP_PKEY_free(p); 96822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 97822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root}; 98822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Roottypedef UniquePtr<EVP_PKEY, EVP_PKEY_Delete> Unique_EVP_PKEY; 99822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 100822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Rootstruct PKCS8_PRIV_KEY_INFO_Delete { 101822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root void operator()(PKCS8_PRIV_KEY_INFO* p) const { 102822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root PKCS8_PRIV_KEY_INFO_free(p); 103822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 104822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root}; 105822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Roottypedef UniquePtr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_Delete> Unique_PKCS8_PRIV_KEY_INFO; 106822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 107822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 108a5bbf2fb2a4853ecf6ae77ffee3efeb7a862498aShawn Willdenstatic int keymaster_device_initialize(keymaster0_device_t** dev) { 10970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root int rc; 11070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 11170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root const hw_module_t* mod; 11270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root rc = hw_get_module_by_class(KEYSTORE_HARDWARE_MODULE_ID, NULL, &mod); 11370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (rc) { 11470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGE("could not find any keystore module"); 11570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root goto out; 11670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 11770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 118a5bbf2fb2a4853ecf6ae77ffee3efeb7a862498aShawn Willden rc = keymaster0_open(mod, dev); 11970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (rc) { 12070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGE("could not open keymaster device in %s (%s)", 12170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root KEYSTORE_HARDWARE_MODULE_ID, strerror(-rc)); 12270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root goto out; 12370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 12470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 12570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 0; 12670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 12770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Rootout: 12870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root *dev = NULL; 12970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return rc; 13070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root} 13170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 132919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubakerstatic int fallback_keymaster_device_initialize(keymaster1_device_t** dev) { 133919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker keymaster::SoftKeymasterDevice* softkeymaster = 134919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker new keymaster::SoftKeymasterDevice(); 135919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker // SoftKeymasterDevice is designed to make this cast safe. 136919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker *dev = reinterpret_cast<keymaster1_device_t*>(softkeymaster); 137fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker return 0; 138fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker} 139fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker 140a5bbf2fb2a4853ecf6ae77ffee3efeb7a862498aShawn Willdenstatic void keymaster_device_release(keymaster0_device_t* dev) { 141a5bbf2fb2a4853ecf6ae77ffee3efeb7a862498aShawn Willden keymaster0_close(dev); 14270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root} 14370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 14407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root/*************** 14507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * PERMISSIONS * 14607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root ***************/ 14707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 14807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root/* Here are the permissions, actions, users, and the main function. */ 14907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Roottypedef enum { 1504e865753346fc6a075966972a7a98051818859dbRobin Lee P_TEST = 1 << 0, 1514e865753346fc6a075966972a7a98051818859dbRobin Lee P_GET = 1 << 1, 1524e865753346fc6a075966972a7a98051818859dbRobin Lee P_INSERT = 1 << 2, 1534e865753346fc6a075966972a7a98051818859dbRobin Lee P_DELETE = 1 << 3, 1544e865753346fc6a075966972a7a98051818859dbRobin Lee P_EXIST = 1 << 4, 1554e865753346fc6a075966972a7a98051818859dbRobin Lee P_SAW = 1 << 5, 1564e865753346fc6a075966972a7a98051818859dbRobin Lee P_RESET = 1 << 6, 1574e865753346fc6a075966972a7a98051818859dbRobin Lee P_PASSWORD = 1 << 7, 1584e865753346fc6a075966972a7a98051818859dbRobin Lee P_LOCK = 1 << 8, 1594e865753346fc6a075966972a7a98051818859dbRobin Lee P_UNLOCK = 1 << 9, 1604e865753346fc6a075966972a7a98051818859dbRobin Lee P_ZERO = 1 << 10, 1614e865753346fc6a075966972a7a98051818859dbRobin Lee P_SIGN = 1 << 11, 1624e865753346fc6a075966972a7a98051818859dbRobin Lee P_VERIFY = 1 << 12, 1634e865753346fc6a075966972a7a98051818859dbRobin Lee P_GRANT = 1 << 13, 1644e865753346fc6a075966972a7a98051818859dbRobin Lee P_DUPLICATE = 1 << 14, 1654e865753346fc6a075966972a7a98051818859dbRobin Lee P_CLEAR_UID = 1 << 15, 1664e865753346fc6a075966972a7a98051818859dbRobin Lee P_RESET_UID = 1 << 16, 1674e865753346fc6a075966972a7a98051818859dbRobin Lee P_SYNC_UID = 1 << 17, 1684e865753346fc6a075966972a7a98051818859dbRobin Lee P_PASSWORD_UID = 1 << 18, 16907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root} perm_t; 17007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 17107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Rootstatic struct user_euid { 17207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root uid_t uid; 17307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root uid_t euid; 17407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root} user_euids[] = { 17507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root {AID_VPN, AID_SYSTEM}, 17607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root {AID_WIFI, AID_SYSTEM}, 17707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root {AID_ROOT, AID_SYSTEM}, 17807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root}; 17907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 180eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn/* perm_labels associcated with keystore_key SELinux class verbs. */ 181eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahnconst char *perm_labels[] = { 182eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn "test", 183eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn "get", 184eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn "insert", 185eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn "delete", 186eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn "exist", 187eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn "saw", 188eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn "reset", 189eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn "password", 190eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn "lock", 191eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn "unlock", 192eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn "zero", 193eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn "sign", 194eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn "verify", 195eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn "grant", 196eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn "duplicate", 1974e865753346fc6a075966972a7a98051818859dbRobin Lee "clear_uid", 1984e865753346fc6a075966972a7a98051818859dbRobin Lee "reset_uid", 1994e865753346fc6a075966972a7a98051818859dbRobin Lee "sync_uid", 2004e865753346fc6a075966972a7a98051818859dbRobin Lee "password_uid", 201eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn}; 202eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn 20307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Rootstatic struct user_perm { 20407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root uid_t uid; 20507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root perm_t perms; 20607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root} user_perms[] = { 20707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root {AID_SYSTEM, static_cast<perm_t>((uint32_t)(~0)) }, 20807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root {AID_VPN, static_cast<perm_t>(P_GET | P_SIGN | P_VERIFY) }, 20907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root {AID_WIFI, static_cast<perm_t>(P_GET | P_SIGN | P_VERIFY) }, 21007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root {AID_ROOT, static_cast<perm_t>(P_GET) }, 21107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root}; 21207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 21307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Rootstatic const perm_t DEFAULT_PERMS = static_cast<perm_t>(P_TEST | P_GET | P_INSERT | P_DELETE | P_EXIST | P_SAW | P_SIGN 21407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root | P_VERIFY); 21507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 216eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahnstatic char *tctx; 217eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahnstatic int ks_is_selinux_enabled; 218eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn 219eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahnstatic const char *get_perm_label(perm_t perm) { 220eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn unsigned int index = ffs(perm); 221eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (index > 0 && index <= (sizeof(perm_labels) / sizeof(perm_labels[0]))) { 222eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn return perm_labels[index - 1]; 223eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn } else { 224eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn ALOGE("Keystore: Failed to retrieve permission label.\n"); 225eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn abort(); 226eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn } 227eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn} 228eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn 229655b958eb2180c7c06889f83f606d23421bf038cKenny Root/** 230655b958eb2180c7c06889f83f606d23421bf038cKenny Root * Returns the app ID (in the Android multi-user sense) for the current 231655b958eb2180c7c06889f83f606d23421bf038cKenny Root * UNIX UID. 232655b958eb2180c7c06889f83f606d23421bf038cKenny Root */ 233655b958eb2180c7c06889f83f606d23421bf038cKenny Rootstatic uid_t get_app_id(uid_t uid) { 234655b958eb2180c7c06889f83f606d23421bf038cKenny Root return uid % AID_USER; 235655b958eb2180c7c06889f83f606d23421bf038cKenny Root} 236655b958eb2180c7c06889f83f606d23421bf038cKenny Root 237655b958eb2180c7c06889f83f606d23421bf038cKenny Root/** 238655b958eb2180c7c06889f83f606d23421bf038cKenny Root * Returns the user ID (in the Android multi-user sense) for the current 239655b958eb2180c7c06889f83f606d23421bf038cKenny Root * UNIX UID. 240655b958eb2180c7c06889f83f606d23421bf038cKenny Root */ 241655b958eb2180c7c06889f83f606d23421bf038cKenny Rootstatic uid_t get_user_id(uid_t uid) { 242655b958eb2180c7c06889f83f606d23421bf038cKenny Root return uid / AID_USER; 243655b958eb2180c7c06889f83f606d23421bf038cKenny Root} 244655b958eb2180c7c06889f83f606d23421bf038cKenny Root 245a25b2a397fff48dea7bce16af2065e6f5f043956Chih-Hung Hsiehstatic bool keystore_selinux_check_access(uid_t /*uid*/, perm_t perm, pid_t spid) { 246eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!ks_is_selinux_enabled) { 247eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn return true; 248eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn } 249eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn 250eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn char *sctx = NULL; 251eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn const char *selinux_class = "keystore_key"; 252eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn const char *str_perm = get_perm_label(perm); 253eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn 254eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!str_perm) { 255eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn return false; 256eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn } 257eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn 258eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (getpidcon(spid, &sctx) != 0) { 259eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn ALOGE("SELinux: Failed to get source pid context.\n"); 260eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn return false; 261eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn } 26266dbf67dd65b4808a15ef64f0ffde1275bdd58a9Nick Kralevich 263eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn bool allowed = selinux_check_access(sctx, tctx, selinux_class, str_perm, 264eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn NULL) == 0; 265eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn freecon(sctx); 266eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn return allowed; 267eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn} 268eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn 269eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahnstatic bool has_permission(uid_t uid, perm_t perm, pid_t spid) { 270655b958eb2180c7c06889f83f606d23421bf038cKenny Root // All system users are equivalent for multi-user support. 271655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (get_app_id(uid) == AID_SYSTEM) { 272655b958eb2180c7c06889f83f606d23421bf038cKenny Root uid = AID_SYSTEM; 273655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 274655b958eb2180c7c06889f83f606d23421bf038cKenny Root 27507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root for (size_t i = 0; i < sizeof(user_perms)/sizeof(user_perms[0]); i++) { 27607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root struct user_perm user = user_perms[i]; 27707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (user.uid == uid) { 278eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn return (user.perms & perm) && 279eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn keystore_selinux_check_access(uid, perm, spid); 28007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 28107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 28207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 283eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn return (DEFAULT_PERMS & perm) && 284eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn keystore_selinux_check_access(uid, perm, spid); 28507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root} 28607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 287494689083467ec372a58f094f041c8f102f39393Kenny Root/** 288494689083467ec372a58f094f041c8f102f39393Kenny Root * Returns the UID that the callingUid should act as. This is here for 289494689083467ec372a58f094f041c8f102f39393Kenny Root * legacy support of the WiFi and VPN systems and should be removed 290494689083467ec372a58f094f041c8f102f39393Kenny Root * when WiFi can operate in its own namespace. 291494689083467ec372a58f094f041c8f102f39393Kenny Root */ 29207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Rootstatic uid_t get_keystore_euid(uid_t uid) { 29307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root for (size_t i = 0; i < sizeof(user_euids)/sizeof(user_euids[0]); i++) { 29407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root struct user_euid user = user_euids[i]; 29507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (user.uid == uid) { 29607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return user.euid; 29707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 29807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 29907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 30007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return uid; 30107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root} 30207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 303494689083467ec372a58f094f041c8f102f39393Kenny Root/** 304494689083467ec372a58f094f041c8f102f39393Kenny Root * Returns true if the callingUid is allowed to interact in the targetUid's 305494689083467ec372a58f094f041c8f102f39393Kenny Root * namespace. 306494689083467ec372a58f094f041c8f102f39393Kenny Root */ 307494689083467ec372a58f094f041c8f102f39393Kenny Rootstatic bool is_granted_to(uid_t callingUid, uid_t targetUid) { 308494689083467ec372a58f094f041c8f102f39393Kenny Root for (size_t i = 0; i < sizeof(user_euids)/sizeof(user_euids[0]); i++) { 309494689083467ec372a58f094f041c8f102f39393Kenny Root struct user_euid user = user_euids[i]; 310494689083467ec372a58f094f041c8f102f39393Kenny Root if (user.euid == callingUid && user.uid == targetUid) { 311494689083467ec372a58f094f041c8f102f39393Kenny Root return true; 312494689083467ec372a58f094f041c8f102f39393Kenny Root } 313494689083467ec372a58f094f041c8f102f39393Kenny Root } 314494689083467ec372a58f094f041c8f102f39393Kenny Root 315494689083467ec372a58f094f041c8f102f39393Kenny Root return false; 316494689083467ec372a58f094f041c8f102f39393Kenny Root} 317494689083467ec372a58f094f041c8f102f39393Kenny Root 318007cb236ada4b3d70815f03dd07116a5e187f4ddKenny Root/** 319007cb236ada4b3d70815f03dd07116a5e187f4ddKenny Root * Allow the system to perform some privileged tasks that have to do with 320007cb236ada4b3d70815f03dd07116a5e187f4ddKenny Root * system maintenance. This should not be used for any function that uses 321007cb236ada4b3d70815f03dd07116a5e187f4ddKenny Root * the keys in any way (e.g., signing). 322007cb236ada4b3d70815f03dd07116a5e187f4ddKenny Root */ 323007cb236ada4b3d70815f03dd07116a5e187f4ddKenny Rootstatic bool is_self_or_system(uid_t callingUid, uid_t targetUid) { 324007cb236ada4b3d70815f03dd07116a5e187f4ddKenny Root return callingUid == targetUid || callingUid == AID_SYSTEM; 325007cb236ada4b3d70815f03dd07116a5e187f4ddKenny Root} 326007cb236ada4b3d70815f03dd07116a5e187f4ddKenny Root 327a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root/* Here is the encoding of keys. This is necessary in order to allow arbitrary 328a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * characters in keys. Characters in [0-~] are not encoded. Others are encoded 329a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * into two bytes. The first byte is one of [+-.] which represents the first 330a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * two bits of the character. The second byte encodes the rest of the bits into 331a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * [0-o]. Therefore in the worst case the length of a key gets doubled. Note 332a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * that Base64 cannot be used here due to the need of prefix match on keys. */ 333a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 334655b958eb2180c7c06889f83f606d23421bf038cKenny Rootstatic size_t encode_key_length(const android::String8& keyName) { 335655b958eb2180c7c06889f83f606d23421bf038cKenny Root const uint8_t* in = reinterpret_cast<const uint8_t*>(keyName.string()); 336655b958eb2180c7c06889f83f606d23421bf038cKenny Root size_t length = keyName.length(); 337655b958eb2180c7c06889f83f606d23421bf038cKenny Root for (int i = length; i > 0; --i, ++in) { 338655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (*in < '0' || *in > '~') { 339655b958eb2180c7c06889f83f606d23421bf038cKenny Root ++length; 340655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 341655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 342655b958eb2180c7c06889f83f606d23421bf038cKenny Root return length; 343655b958eb2180c7c06889f83f606d23421bf038cKenny Root} 344655b958eb2180c7c06889f83f606d23421bf038cKenny Root 34507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Rootstatic int encode_key(char* out, const android::String8& keyName) { 34607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root const uint8_t* in = reinterpret_cast<const uint8_t*>(keyName.string()); 34707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root size_t length = keyName.length(); 348a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root for (int i = length; i > 0; --i, ++in, ++out) { 349655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (*in < '0' || *in > '~') { 350a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root *out = '+' + (*in >> 6); 351a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root *++out = '0' + (*in & 0x3F); 352a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root ++length; 353655b958eb2180c7c06889f83f606d23421bf038cKenny Root } else { 354655b958eb2180c7c06889f83f606d23421bf038cKenny Root *out = *in; 355a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 356a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 357a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root *out = '\0'; 35870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return length; 35970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root} 36070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 36107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root/* 36207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * Converts from the "escaped" format on disk to actual name. 36307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * This will be smaller than the input string. 36407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * 36507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * Characters that should combine with the next at the end will be truncated. 36607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root */ 36707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Rootstatic size_t decode_key_length(const char* in, size_t length) { 36807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root size_t outLength = 0; 36907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 37007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root for (const char* end = in + length; in < end; in++) { 37107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root /* This combines with the next character. */ 37207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (*in < '0' || *in > '~') { 37307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root continue; 37407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 37507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 37607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root outLength++; 37707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 37807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return outLength; 37907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root} 38007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 38107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Rootstatic void decode_key(char* out, const char* in, size_t length) { 38207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root for (const char* end = in + length; in < end; in++) { 38307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (*in < '0' || *in > '~') { 38407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root /* Truncate combining characters at the end. */ 38507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (in + 1 >= end) { 38607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root break; 38707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 38807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 38907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root *out = (*in++ - '+') << 6; 39007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root *out++ |= (*in - '0') & 0x3F; 391a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } else { 39207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root *out++ = *in; 393a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 394a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 395a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root *out = '\0'; 396a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root} 397a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 398a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Rootstatic size_t readFully(int fd, uint8_t* data, size_t size) { 399a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root size_t remaining = size; 400a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root while (remaining > 0) { 401150ca934edb745de3666a6492b039900df228ff0Kenny Root ssize_t n = TEMP_FAILURE_RETRY(read(fd, data, remaining)); 4025281edbc9445065479e92a6c86da462f3943c2caKenny Root if (n <= 0) { 403150ca934edb745de3666a6492b039900df228ff0Kenny Root return size - remaining; 404a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 405a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root data += n; 406a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root remaining -= n; 407a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 408a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return size; 409a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root} 410a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 411a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Rootstatic size_t writeFully(int fd, uint8_t* data, size_t size) { 412a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root size_t remaining = size; 413a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root while (remaining > 0) { 414150ca934edb745de3666a6492b039900df228ff0Kenny Root ssize_t n = TEMP_FAILURE_RETRY(write(fd, data, remaining)); 415150ca934edb745de3666a6492b039900df228ff0Kenny Root if (n < 0) { 416150ca934edb745de3666a6492b039900df228ff0Kenny Root ALOGW("write failed: %s", strerror(errno)); 417150ca934edb745de3666a6492b039900df228ff0Kenny Root return size - remaining; 418a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 419a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root data += n; 420a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root remaining -= n; 421a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 422a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return size; 423a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root} 424a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 425a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Rootclass Entropy { 426a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Rootpublic: 427a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root Entropy() : mRandom(-1) {} 428a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root ~Entropy() { 429150ca934edb745de3666a6492b039900df228ff0Kenny Root if (mRandom >= 0) { 430a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root close(mRandom); 431a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 432a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 433a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 434a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root bool open() { 435a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root const char* randomDevice = "/dev/urandom"; 436150ca934edb745de3666a6492b039900df228ff0Kenny Root mRandom = TEMP_FAILURE_RETRY(::open(randomDevice, O_RDONLY)); 437150ca934edb745de3666a6492b039900df228ff0Kenny Root if (mRandom < 0) { 438a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root ALOGE("open: %s: %s", randomDevice, strerror(errno)); 439a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return false; 440a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 441a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return true; 442a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 443a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 4445187818895c4c5f650a611c40531b1dff7764c18Kenny Root bool generate_random_data(uint8_t* data, size_t size) const { 445a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return (readFully(mRandom, data, size) == size); 446a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 447a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 448a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Rootprivate: 449a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root int mRandom; 450a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root}; 451a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 452a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root/* Here is the file format. There are two parts in blob.value, the secret and 453a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * the description. The secret is stored in ciphertext, and its original size 454a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * can be found in blob.length. The description is stored after the secret in 455a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * plaintext, and its size is specified in blob.info. The total size of the two 456822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * parts must be no more than VALUE_SIZE bytes. The first field is the version, 457f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root * the second is the blob's type, and the third byte is flags. Fields other 458a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * than blob.info, blob.length, and blob.value are modified by encryptBlob() 459a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root * and decryptBlob(). Thus they should not be accessed from outside. */ 460a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 461822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root/* ** Note to future implementors of encryption: ** 462822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * Currently this is the construction: 463822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * metadata || Enc(MD5(data) || data) 464822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * 465822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * This should be the construction used for encrypting if re-implementing: 466822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * 467822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * Derive independent keys for encryption and MAC: 468822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * Kenc = AES_encrypt(masterKey, "Encrypt") 469822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * Kmac = AES_encrypt(masterKey, "MAC") 470822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * 471822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * Store this: 472822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * metadata || AES_CTR_encrypt(Kenc, rand_IV, data) || 473822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * HMAC(Kmac, metadata || Enc(data)) 474822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root */ 475a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Rootstruct __attribute__((packed)) blob { 476822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root uint8_t version; 477822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root uint8_t type; 478f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root uint8_t flags; 479a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root uint8_t info; 480a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root uint8_t vector[AES_BLOCK_SIZE]; 481822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root uint8_t encrypted[0]; // Marks offset to encrypted data. 482a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root uint8_t digest[MD5_DIGEST_LENGTH]; 483822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root uint8_t digested[0]; // Marks offset to digested data. 484a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root int32_t length; // in network byte order when encrypted 485a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root uint8_t value[VALUE_SIZE + AES_BLOCK_SIZE]; 486a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root}; 487a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 488822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Roottypedef enum { 489d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root TYPE_ANY = 0, // meta type that matches anything 490822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root TYPE_GENERIC = 1, 491822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root TYPE_MASTER_KEY = 2, 492822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root TYPE_KEY_PAIR = 3, 49317d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker TYPE_KEYMASTER_10 = 4, 494822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root} BlobType; 495822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 496f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Rootstatic const uint8_t CURRENT_BLOB_VERSION = 2; 497822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 498a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Rootclass Blob { 499a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Rootpublic: 50007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root Blob(const uint8_t* value, int32_t valueLength, const uint8_t* info, uint8_t infoLength, 50107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root BlobType type) { 502a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root mBlob.length = valueLength; 503a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root memcpy(mBlob.value, value, valueLength); 504a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 505a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root mBlob.info = infoLength; 506a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root memcpy(mBlob.value + valueLength, info, infoLength); 507822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 50807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root mBlob.version = CURRENT_BLOB_VERSION; 509822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root mBlob.type = uint8_t(type); 510f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root 511ee8068b9e7bfb2770635062fc9c2035be2142bd8Kenny Root if (type == TYPE_MASTER_KEY) { 512ee8068b9e7bfb2770635062fc9c2035be2142bd8Kenny Root mBlob.flags = KEYSTORE_FLAG_ENCRYPTED; 513ee8068b9e7bfb2770635062fc9c2035be2142bd8Kenny Root } else { 514ee8068b9e7bfb2770635062fc9c2035be2142bd8Kenny Root mBlob.flags = KEYSTORE_FLAG_NONE; 515ee8068b9e7bfb2770635062fc9c2035be2142bd8Kenny Root } 516a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 517a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 518a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root Blob(blob b) { 519a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root mBlob = b; 520a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 521a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 522a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root Blob() {} 523a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 5245187818895c4c5f650a611c40531b1dff7764c18Kenny Root const uint8_t* getValue() const { 525a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return mBlob.value; 526a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 527a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 5285187818895c4c5f650a611c40531b1dff7764c18Kenny Root int32_t getLength() const { 529a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return mBlob.length; 530a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 531a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 5325187818895c4c5f650a611c40531b1dff7764c18Kenny Root const uint8_t* getInfo() const { 5335187818895c4c5f650a611c40531b1dff7764c18Kenny Root return mBlob.value + mBlob.length; 5345187818895c4c5f650a611c40531b1dff7764c18Kenny Root } 5355187818895c4c5f650a611c40531b1dff7764c18Kenny Root 5365187818895c4c5f650a611c40531b1dff7764c18Kenny Root uint8_t getInfoLength() const { 537a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return mBlob.info; 538a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 539a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 540822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root uint8_t getVersion() const { 541822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root return mBlob.version; 542822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 543822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 544f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root bool isEncrypted() const { 545f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root if (mBlob.version < 2) { 546f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root return true; 547f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root } 548f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root 549f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root return mBlob.flags & KEYSTORE_FLAG_ENCRYPTED; 550f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root } 551f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root 552f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root void setEncrypted(bool encrypted) { 553f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root if (encrypted) { 554f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root mBlob.flags |= KEYSTORE_FLAG_ENCRYPTED; 555f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root } else { 556f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root mBlob.flags &= ~KEYSTORE_FLAG_ENCRYPTED; 557f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root } 558f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root } 559f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root 56017208e0de5a42722901d803118745cca25fd10c1Kenny Root bool isFallback() const { 56117208e0de5a42722901d803118745cca25fd10c1Kenny Root return mBlob.flags & KEYSTORE_FLAG_FALLBACK; 56217208e0de5a42722901d803118745cca25fd10c1Kenny Root } 56317208e0de5a42722901d803118745cca25fd10c1Kenny Root 56417208e0de5a42722901d803118745cca25fd10c1Kenny Root void setFallback(bool fallback) { 56517208e0de5a42722901d803118745cca25fd10c1Kenny Root if (fallback) { 56617208e0de5a42722901d803118745cca25fd10c1Kenny Root mBlob.flags |= KEYSTORE_FLAG_FALLBACK; 56717208e0de5a42722901d803118745cca25fd10c1Kenny Root } else { 56817208e0de5a42722901d803118745cca25fd10c1Kenny Root mBlob.flags &= ~KEYSTORE_FLAG_FALLBACK; 56917208e0de5a42722901d803118745cca25fd10c1Kenny Root } 57017208e0de5a42722901d803118745cca25fd10c1Kenny Root } 57117208e0de5a42722901d803118745cca25fd10c1Kenny Root 572822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root void setVersion(uint8_t version) { 573822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root mBlob.version = version; 574822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 575822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 576822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root BlobType getType() const { 577822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root return BlobType(mBlob.type); 578822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 579822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 580822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root void setType(BlobType type) { 581822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root mBlob.type = uint8_t(type); 582822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 583822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 584f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root ResponseCode writeBlob(const char* filename, AES_KEY *aes_key, State state, Entropy* entropy) { 585f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root ALOGV("writing blob %s", filename); 586f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root if (isEncrypted()) { 587f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root if (state != STATE_NO_ERROR) { 588f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root ALOGD("couldn't insert encrypted blob while not unlocked"); 589f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root return LOCKED; 590f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root } 591f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root 592f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root if (!entropy->generate_random_data(mBlob.vector, AES_BLOCK_SIZE)) { 593f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root ALOGW("Could not read random data for: %s", filename); 594f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root return SYSTEM_ERROR; 595f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root } 596a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 597a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 598a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root // data includes the value and the value's length 599a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root size_t dataLength = mBlob.length + sizeof(mBlob.length); 600a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root // pad data to the AES_BLOCK_SIZE 601a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root size_t digestedLength = ((dataLength + AES_BLOCK_SIZE - 1) 602a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root / AES_BLOCK_SIZE * AES_BLOCK_SIZE); 603a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root // encrypted data includes the digest value 604a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root size_t encryptedLength = digestedLength + MD5_DIGEST_LENGTH; 605a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root // move info after space for padding 606a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root memmove(&mBlob.encrypted[encryptedLength], &mBlob.value[mBlob.length], mBlob.info); 607a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root // zero padding area 608a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root memset(mBlob.value + mBlob.length, 0, digestedLength - dataLength); 609a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 610a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root mBlob.length = htonl(mBlob.length); 611a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 612f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root if (isEncrypted()) { 613f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root MD5(mBlob.digested, digestedLength, mBlob.digest); 614f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root 615f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root uint8_t vector[AES_BLOCK_SIZE]; 616f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root memcpy(vector, mBlob.vector, AES_BLOCK_SIZE); 617f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root AES_cbc_encrypt(mBlob.encrypted, mBlob.encrypted, encryptedLength, 618f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root aes_key, vector, AES_ENCRYPT); 619f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root } 620a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 621a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root size_t headerLength = (mBlob.encrypted - (uint8_t*) &mBlob); 622a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root size_t fileLength = encryptedLength + headerLength + mBlob.info; 623a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 624a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root const char* tmpFileName = ".tmp"; 625150ca934edb745de3666a6492b039900df228ff0Kenny Root int out = TEMP_FAILURE_RETRY(open(tmpFileName, 626150ca934edb745de3666a6492b039900df228ff0Kenny Root O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR)); 627150ca934edb745de3666a6492b039900df228ff0Kenny Root if (out < 0) { 628150ca934edb745de3666a6492b039900df228ff0Kenny Root ALOGW("could not open file: %s: %s", tmpFileName, strerror(errno)); 629a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return SYSTEM_ERROR; 630a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 631a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root size_t writtenBytes = writeFully(out, (uint8_t*) &mBlob, fileLength); 632a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (close(out) != 0) { 633a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return SYSTEM_ERROR; 634a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 635a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (writtenBytes != fileLength) { 636150ca934edb745de3666a6492b039900df228ff0Kenny Root ALOGW("blob not fully written %zu != %zu", writtenBytes, fileLength); 637a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root unlink(tmpFileName); 638a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return SYSTEM_ERROR; 639a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 640150ca934edb745de3666a6492b039900df228ff0Kenny Root if (rename(tmpFileName, filename) == -1) { 641150ca934edb745de3666a6492b039900df228ff0Kenny Root ALOGW("could not rename blob to %s: %s", filename, strerror(errno)); 642150ca934edb745de3666a6492b039900df228ff0Kenny Root return SYSTEM_ERROR; 643150ca934edb745de3666a6492b039900df228ff0Kenny Root } 644150ca934edb745de3666a6492b039900df228ff0Kenny Root return NO_ERROR; 645a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 646a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 647f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root ResponseCode readBlob(const char* filename, AES_KEY *aes_key, State state) { 648f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root ALOGV("reading blob %s", filename); 649150ca934edb745de3666a6492b039900df228ff0Kenny Root int in = TEMP_FAILURE_RETRY(open(filename, O_RDONLY)); 650150ca934edb745de3666a6492b039900df228ff0Kenny Root if (in < 0) { 651a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return (errno == ENOENT) ? KEY_NOT_FOUND : SYSTEM_ERROR; 652a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 653a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root // fileLength may be less than sizeof(mBlob) since the in 654a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root // memory version has extra padding to tolerate rounding up to 655a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root // the AES_BLOCK_SIZE 656a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root size_t fileLength = readFully(in, (uint8_t*) &mBlob, sizeof(mBlob)); 657a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (close(in) != 0) { 658a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return SYSTEM_ERROR; 659a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 660f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root 661f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root if (isEncrypted() && (state != STATE_NO_ERROR)) { 662f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root return LOCKED; 663f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root } 664f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root 665a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root size_t headerLength = (mBlob.encrypted - (uint8_t*) &mBlob); 666a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (fileLength < headerLength) { 667a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return VALUE_CORRUPTED; 668a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 669a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 670a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root ssize_t encryptedLength = fileLength - (headerLength + mBlob.info); 671f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root if (encryptedLength < 0) { 672a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return VALUE_CORRUPTED; 673a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 674f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root 675f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root ssize_t digestedLength; 676f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root if (isEncrypted()) { 677f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root if (encryptedLength % AES_BLOCK_SIZE != 0) { 678f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root return VALUE_CORRUPTED; 679f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root } 680f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root 681f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root AES_cbc_encrypt(mBlob.encrypted, mBlob.encrypted, encryptedLength, aes_key, 682f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root mBlob.vector, AES_DECRYPT); 683f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root digestedLength = encryptedLength - MD5_DIGEST_LENGTH; 684f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root uint8_t computedDigest[MD5_DIGEST_LENGTH]; 685f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root MD5(mBlob.digested, digestedLength, computedDigest); 686f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root if (memcmp(mBlob.digest, computedDigest, MD5_DIGEST_LENGTH) != 0) { 687f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root return VALUE_CORRUPTED; 688f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root } 689f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root } else { 690f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root digestedLength = encryptedLength; 691a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 692a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 693a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root ssize_t maxValueLength = digestedLength - sizeof(mBlob.length); 694a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root mBlob.length = ntohl(mBlob.length); 695a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (mBlob.length < 0 || mBlob.length > maxValueLength) { 696a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return VALUE_CORRUPTED; 697a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 698a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (mBlob.info != 0) { 699a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root // move info from after padding to after data 700a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root memmove(&mBlob.value[mBlob.length], &mBlob.value[maxValueLength], mBlob.info); 701a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 70207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::NO_ERROR; 703a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 704a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 705a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Rootprivate: 706a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root struct blob mBlob; 707a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root}; 708a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 709655b958eb2180c7c06889f83f606d23421bf038cKenny Rootclass UserState { 710655b958eb2180c7c06889f83f606d23421bf038cKenny Rootpublic: 711655b958eb2180c7c06889f83f606d23421bf038cKenny Root UserState(uid_t userId) : mUserId(userId), mRetry(MAX_RETRY) { 712655b958eb2180c7c06889f83f606d23421bf038cKenny Root asprintf(&mUserDir, "user_%u", mUserId); 713655b958eb2180c7c06889f83f606d23421bf038cKenny Root asprintf(&mMasterKeyFile, "%s/.masterkey", mUserDir); 714655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 71570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 716655b958eb2180c7c06889f83f606d23421bf038cKenny Root ~UserState() { 717655b958eb2180c7c06889f83f606d23421bf038cKenny Root free(mUserDir); 718655b958eb2180c7c06889f83f606d23421bf038cKenny Root free(mMasterKeyFile); 719655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 72070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 721655b958eb2180c7c06889f83f606d23421bf038cKenny Root bool initialize() { 722655b958eb2180c7c06889f83f606d23421bf038cKenny Root if ((mkdir(mUserDir, S_IRUSR | S_IWUSR | S_IXUSR) < 0) && (errno != EEXIST)) { 723655b958eb2180c7c06889f83f606d23421bf038cKenny Root ALOGE("Could not create directory '%s'", mUserDir); 724655b958eb2180c7c06889f83f606d23421bf038cKenny Root return false; 725655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 726655b958eb2180c7c06889f83f606d23421bf038cKenny Root 727655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (access(mMasterKeyFile, R_OK) == 0) { 728a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root setState(STATE_LOCKED); 729a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } else { 730a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root setState(STATE_UNINITIALIZED); 731a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 73270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 733655b958eb2180c7c06889f83f606d23421bf038cKenny Root return true; 734655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 735655b958eb2180c7c06889f83f606d23421bf038cKenny Root 736655b958eb2180c7c06889f83f606d23421bf038cKenny Root uid_t getUserId() const { 737655b958eb2180c7c06889f83f606d23421bf038cKenny Root return mUserId; 738655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 739655b958eb2180c7c06889f83f606d23421bf038cKenny Root 740655b958eb2180c7c06889f83f606d23421bf038cKenny Root const char* getUserDirName() const { 741655b958eb2180c7c06889f83f606d23421bf038cKenny Root return mUserDir; 742655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 743655b958eb2180c7c06889f83f606d23421bf038cKenny Root 744655b958eb2180c7c06889f83f606d23421bf038cKenny Root const char* getMasterKeyFileName() const { 745655b958eb2180c7c06889f83f606d23421bf038cKenny Root return mMasterKeyFile; 746655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 747655b958eb2180c7c06889f83f606d23421bf038cKenny Root 748655b958eb2180c7c06889f83f606d23421bf038cKenny Root void setState(State state) { 749655b958eb2180c7c06889f83f606d23421bf038cKenny Root mState = state; 750655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (mState == STATE_NO_ERROR || mState == STATE_UNINITIALIZED) { 751655b958eb2180c7c06889f83f606d23421bf038cKenny Root mRetry = MAX_RETRY; 752655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 753a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 754a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 7555187818895c4c5f650a611c40531b1dff7764c18Kenny Root State getState() const { 756a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return mState; 757a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 758a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 7595187818895c4c5f650a611c40531b1dff7764c18Kenny Root int8_t getRetry() const { 760a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return mRetry; 761a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 762a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 763655b958eb2180c7c06889f83f606d23421bf038cKenny Root void zeroizeMasterKeysInMemory() { 764655b958eb2180c7c06889f83f606d23421bf038cKenny Root memset(mMasterKey, 0, sizeof(mMasterKey)); 765655b958eb2180c7c06889f83f606d23421bf038cKenny Root memset(mSalt, 0, sizeof(mSalt)); 766655b958eb2180c7c06889f83f606d23421bf038cKenny Root memset(&mMasterKeyEncryption, 0, sizeof(mMasterKeyEncryption)); 767655b958eb2180c7c06889f83f606d23421bf038cKenny Root memset(&mMasterKeyDecryption, 0, sizeof(mMasterKeyDecryption)); 76870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 76970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 770655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode initialize(const android::String8& pw, Entropy* entropy) { 771655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (!generateMasterKey(entropy)) { 772a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return SYSTEM_ERROR; 773a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 774655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode response = writeMasterKey(pw, entropy); 775a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (response != NO_ERROR) { 776a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return response; 777a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 778a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root setupMasterKeys(); 77907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::NO_ERROR; 780a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 781a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 7824e865753346fc6a075966972a7a98051818859dbRobin Lee ResponseCode copyMasterKey(UserState* src) { 7834e865753346fc6a075966972a7a98051818859dbRobin Lee if (mState != STATE_UNINITIALIZED) { 7844e865753346fc6a075966972a7a98051818859dbRobin Lee return ::SYSTEM_ERROR; 7854e865753346fc6a075966972a7a98051818859dbRobin Lee } 7864e865753346fc6a075966972a7a98051818859dbRobin Lee if (src->getState() != STATE_NO_ERROR) { 7874e865753346fc6a075966972a7a98051818859dbRobin Lee return ::SYSTEM_ERROR; 7884e865753346fc6a075966972a7a98051818859dbRobin Lee } 7894e865753346fc6a075966972a7a98051818859dbRobin Lee memcpy(mMasterKey, src->mMasterKey, MASTER_KEY_SIZE_BYTES); 7904e865753346fc6a075966972a7a98051818859dbRobin Lee setupMasterKeys(); 7914e865753346fc6a075966972a7a98051818859dbRobin Lee return ::NO_ERROR; 7924e865753346fc6a075966972a7a98051818859dbRobin Lee } 7934e865753346fc6a075966972a7a98051818859dbRobin Lee 794655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode writeMasterKey(const android::String8& pw, Entropy* entropy) { 795a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root uint8_t passwordKey[MASTER_KEY_SIZE_BYTES]; 796a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root generateKeyFromPassword(passwordKey, MASTER_KEY_SIZE_BYTES, pw, mSalt); 797a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root AES_KEY passwordAesKey; 798a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root AES_set_encrypt_key(passwordKey, MASTER_KEY_SIZE_BITS, &passwordAesKey); 799822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root Blob masterKeyBlob(mMasterKey, sizeof(mMasterKey), mSalt, sizeof(mSalt), TYPE_MASTER_KEY); 800f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root return masterKeyBlob.writeBlob(mMasterKeyFile, &passwordAesKey, STATE_NO_ERROR, entropy); 801a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 802a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 803655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode readMasterKey(const android::String8& pw, Entropy* entropy) { 804655b958eb2180c7c06889f83f606d23421bf038cKenny Root int in = TEMP_FAILURE_RETRY(open(mMasterKeyFile, O_RDONLY)); 805150ca934edb745de3666a6492b039900df228ff0Kenny Root if (in < 0) { 806a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return SYSTEM_ERROR; 807a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 808a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 809a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root // we read the raw blob to just to get the salt to generate 810a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root // the AES key, then we create the Blob to use with decryptBlob 811a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root blob rawBlob; 812a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root size_t length = readFully(in, (uint8_t*) &rawBlob, sizeof(rawBlob)); 813a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (close(in) != 0) { 814a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return SYSTEM_ERROR; 815a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 816a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root // find salt at EOF if present, otherwise we have an old file 817a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root uint8_t* salt; 818a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (length > SALT_SIZE && rawBlob.info == SALT_SIZE) { 819a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root salt = (uint8_t*) &rawBlob + length - SALT_SIZE; 820a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } else { 821a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root salt = NULL; 822a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 823a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root uint8_t passwordKey[MASTER_KEY_SIZE_BYTES]; 824a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root generateKeyFromPassword(passwordKey, MASTER_KEY_SIZE_BYTES, pw, salt); 825a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root AES_KEY passwordAesKey; 826a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root AES_set_decrypt_key(passwordKey, MASTER_KEY_SIZE_BITS, &passwordAesKey); 827a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root Blob masterKeyBlob(rawBlob); 828f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root ResponseCode response = masterKeyBlob.readBlob(mMasterKeyFile, &passwordAesKey, 829f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root STATE_NO_ERROR); 830a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (response == SYSTEM_ERROR) { 831f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root return response; 832a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 833a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (response == NO_ERROR && masterKeyBlob.getLength() == MASTER_KEY_SIZE_BYTES) { 834a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root // if salt was missing, generate one and write a new master key file with the salt. 835a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (salt == NULL) { 836655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (!generateSalt(entropy)) { 837a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return SYSTEM_ERROR; 838a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 839655b958eb2180c7c06889f83f606d23421bf038cKenny Root response = writeMasterKey(pw, entropy); 840a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 841a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (response == NO_ERROR) { 842a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root memcpy(mMasterKey, masterKeyBlob.getValue(), MASTER_KEY_SIZE_BYTES); 843a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root setupMasterKeys(); 844a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 845a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return response; 846a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 847a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (mRetry <= 0) { 848a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root reset(); 849a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return UNINITIALIZED; 850a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 851a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root --mRetry; 852a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root switch (mRetry) { 853a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root case 0: return WRONG_PASSWORD_0; 854a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root case 1: return WRONG_PASSWORD_1; 855a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root case 2: return WRONG_PASSWORD_2; 856a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root case 3: return WRONG_PASSWORD_3; 857a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root default: return WRONG_PASSWORD_3; 858a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 859a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 860a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 861655b958eb2180c7c06889f83f606d23421bf038cKenny Root AES_KEY* getEncryptionKey() { 862655b958eb2180c7c06889f83f606d23421bf038cKenny Root return &mMasterKeyEncryption; 863655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 864a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 865655b958eb2180c7c06889f83f606d23421bf038cKenny Root AES_KEY* getDecryptionKey() { 866655b958eb2180c7c06889f83f606d23421bf038cKenny Root return &mMasterKeyDecryption; 867655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 868a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 869655b958eb2180c7c06889f83f606d23421bf038cKenny Root bool reset() { 870655b958eb2180c7c06889f83f606d23421bf038cKenny Root DIR* dir = opendir(getUserDirName()); 871a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (!dir) { 872655b958eb2180c7c06889f83f606d23421bf038cKenny Root ALOGW("couldn't open user directory: %s", strerror(errno)); 873a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return false; 874a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 875655b958eb2180c7c06889f83f606d23421bf038cKenny Root 876655b958eb2180c7c06889f83f606d23421bf038cKenny Root struct dirent* file; 877a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root while ((file = readdir(dir)) != NULL) { 878655b958eb2180c7c06889f83f606d23421bf038cKenny Root // We only care about files. 879655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (file->d_type != DT_REG) { 880655b958eb2180c7c06889f83f606d23421bf038cKenny Root continue; 881655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 882655b958eb2180c7c06889f83f606d23421bf038cKenny Root 883655b958eb2180c7c06889f83f606d23421bf038cKenny Root // Skip anything that starts with a "." 884931fac098f2ae35aa1da26ced57962c9a21f95cfKenny Root if (file->d_name[0] == '.' && strcmp(".masterkey", file->d_name)) { 885655b958eb2180c7c06889f83f606d23421bf038cKenny Root continue; 886655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 887655b958eb2180c7c06889f83f606d23421bf038cKenny Root 888655b958eb2180c7c06889f83f606d23421bf038cKenny Root unlinkat(dirfd(dir), file->d_name, 0); 889a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 890a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root closedir(dir); 891a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return true; 892a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 893a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 894655b958eb2180c7c06889f83f606d23421bf038cKenny Rootprivate: 895655b958eb2180c7c06889f83f606d23421bf038cKenny Root static const int MASTER_KEY_SIZE_BYTES = 16; 896655b958eb2180c7c06889f83f606d23421bf038cKenny Root static const int MASTER_KEY_SIZE_BITS = MASTER_KEY_SIZE_BYTES * 8; 897655b958eb2180c7c06889f83f606d23421bf038cKenny Root 898655b958eb2180c7c06889f83f606d23421bf038cKenny Root static const int MAX_RETRY = 4; 899655b958eb2180c7c06889f83f606d23421bf038cKenny Root static const size_t SALT_SIZE = 16; 900655b958eb2180c7c06889f83f606d23421bf038cKenny Root 901655b958eb2180c7c06889f83f606d23421bf038cKenny Root void generateKeyFromPassword(uint8_t* key, ssize_t keySize, const android::String8& pw, 902655b958eb2180c7c06889f83f606d23421bf038cKenny Root uint8_t* salt) { 903655b958eb2180c7c06889f83f606d23421bf038cKenny Root size_t saltSize; 904655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (salt != NULL) { 905655b958eb2180c7c06889f83f606d23421bf038cKenny Root saltSize = SALT_SIZE; 906655b958eb2180c7c06889f83f606d23421bf038cKenny Root } else { 907655b958eb2180c7c06889f83f606d23421bf038cKenny Root // pre-gingerbread used this hardwired salt, readMasterKey will rewrite these when found 908655b958eb2180c7c06889f83f606d23421bf038cKenny Root salt = (uint8_t*) "keystore"; 909655b958eb2180c7c06889f83f606d23421bf038cKenny Root // sizeof = 9, not strlen = 8 910655b958eb2180c7c06889f83f606d23421bf038cKenny Root saltSize = sizeof("keystore"); 911655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 912655b958eb2180c7c06889f83f606d23421bf038cKenny Root 913655b958eb2180c7c06889f83f606d23421bf038cKenny Root PKCS5_PBKDF2_HMAC_SHA1(reinterpret_cast<const char*>(pw.string()), pw.length(), salt, 914655b958eb2180c7c06889f83f606d23421bf038cKenny Root saltSize, 8192, keySize, key); 915655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 916655b958eb2180c7c06889f83f606d23421bf038cKenny Root 917655b958eb2180c7c06889f83f606d23421bf038cKenny Root bool generateSalt(Entropy* entropy) { 918655b958eb2180c7c06889f83f606d23421bf038cKenny Root return entropy->generate_random_data(mSalt, sizeof(mSalt)); 919655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 920655b958eb2180c7c06889f83f606d23421bf038cKenny Root 921655b958eb2180c7c06889f83f606d23421bf038cKenny Root bool generateMasterKey(Entropy* entropy) { 922655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (!entropy->generate_random_data(mMasterKey, sizeof(mMasterKey))) { 923655b958eb2180c7c06889f83f606d23421bf038cKenny Root return false; 924655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 925655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (!generateSalt(entropy)) { 926655b958eb2180c7c06889f83f606d23421bf038cKenny Root return false; 927655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 928655b958eb2180c7c06889f83f606d23421bf038cKenny Root return true; 929655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 930655b958eb2180c7c06889f83f606d23421bf038cKenny Root 931655b958eb2180c7c06889f83f606d23421bf038cKenny Root void setupMasterKeys() { 932655b958eb2180c7c06889f83f606d23421bf038cKenny Root AES_set_encrypt_key(mMasterKey, MASTER_KEY_SIZE_BITS, &mMasterKeyEncryption); 933655b958eb2180c7c06889f83f606d23421bf038cKenny Root AES_set_decrypt_key(mMasterKey, MASTER_KEY_SIZE_BITS, &mMasterKeyDecryption); 934655b958eb2180c7c06889f83f606d23421bf038cKenny Root setState(STATE_NO_ERROR); 935655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 936655b958eb2180c7c06889f83f606d23421bf038cKenny Root 937655b958eb2180c7c06889f83f606d23421bf038cKenny Root uid_t mUserId; 938655b958eb2180c7c06889f83f606d23421bf038cKenny Root 939655b958eb2180c7c06889f83f606d23421bf038cKenny Root char* mUserDir; 940655b958eb2180c7c06889f83f606d23421bf038cKenny Root char* mMasterKeyFile; 941655b958eb2180c7c06889f83f606d23421bf038cKenny Root 942655b958eb2180c7c06889f83f606d23421bf038cKenny Root State mState; 943655b958eb2180c7c06889f83f606d23421bf038cKenny Root int8_t mRetry; 944655b958eb2180c7c06889f83f606d23421bf038cKenny Root 945655b958eb2180c7c06889f83f606d23421bf038cKenny Root uint8_t mMasterKey[MASTER_KEY_SIZE_BYTES]; 946655b958eb2180c7c06889f83f606d23421bf038cKenny Root uint8_t mSalt[SALT_SIZE]; 947655b958eb2180c7c06889f83f606d23421bf038cKenny Root 948655b958eb2180c7c06889f83f606d23421bf038cKenny Root AES_KEY mMasterKeyEncryption; 949655b958eb2180c7c06889f83f606d23421bf038cKenny Root AES_KEY mMasterKeyDecryption; 950655b958eb2180c7c06889f83f606d23421bf038cKenny Root}; 951655b958eb2180c7c06889f83f606d23421bf038cKenny Root 952655b958eb2180c7c06889f83f606d23421bf038cKenny Roottypedef struct { 953655b958eb2180c7c06889f83f606d23421bf038cKenny Root uint32_t uid; 954655b958eb2180c7c06889f83f606d23421bf038cKenny Root const uint8_t* filename; 955655b958eb2180c7c06889f83f606d23421bf038cKenny Root} grant_t; 956655b958eb2180c7c06889f83f606d23421bf038cKenny Root 957655b958eb2180c7c06889f83f606d23421bf038cKenny Rootclass KeyStore { 958655b958eb2180c7c06889f83f606d23421bf038cKenny Rootpublic: 959919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker KeyStore(Entropy* entropy, keymaster1_device_t* device, keymaster1_device_t* fallback) 960655b958eb2180c7c06889f83f606d23421bf038cKenny Root : mEntropy(entropy) 961655b958eb2180c7c06889f83f606d23421bf038cKenny Root , mDevice(device) 962fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker , mFallbackDevice(fallback) 963655b958eb2180c7c06889f83f606d23421bf038cKenny Root { 964655b958eb2180c7c06889f83f606d23421bf038cKenny Root memset(&mMetaData, '\0', sizeof(mMetaData)); 965655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 966655b958eb2180c7c06889f83f606d23421bf038cKenny Root 967655b958eb2180c7c06889f83f606d23421bf038cKenny Root ~KeyStore() { 968655b958eb2180c7c06889f83f606d23421bf038cKenny Root for (android::Vector<grant_t*>::iterator it(mGrants.begin()); 969655b958eb2180c7c06889f83f606d23421bf038cKenny Root it != mGrants.end(); it++) { 970655b958eb2180c7c06889f83f606d23421bf038cKenny Root delete *it; 971655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 972c35d4eb3e66aa69ca17dd83b1bcdcc19276bf8e5haitao fang mGrants.clear(); 973655b958eb2180c7c06889f83f606d23421bf038cKenny Root 974655b958eb2180c7c06889f83f606d23421bf038cKenny Root for (android::Vector<UserState*>::iterator it(mMasterKeys.begin()); 975655b958eb2180c7c06889f83f606d23421bf038cKenny Root it != mMasterKeys.end(); it++) { 976655b958eb2180c7c06889f83f606d23421bf038cKenny Root delete *it; 977655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 978c35d4eb3e66aa69ca17dd83b1bcdcc19276bf8e5haitao fang mMasterKeys.clear(); 979655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 980655b958eb2180c7c06889f83f606d23421bf038cKenny Root 981919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker /** 982919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker * Depending on the hardware keymaster version is this may return a 983919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker * keymaster0_device_t* cast to a keymaster1_device_t*. All methods from 984919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker * keymaster0 are safe to call, calls to keymaster1_device_t methods should 985919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker * be guarded by a check on the device's version. 986919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker */ 987919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker keymaster1_device_t *getDevice() const { 988655b958eb2180c7c06889f83f606d23421bf038cKenny Root return mDevice; 989655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 990655b958eb2180c7c06889f83f606d23421bf038cKenny Root 991919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker keymaster1_device_t *getFallbackDevice() const { 992fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker return mFallbackDevice; 993fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker } 994fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker 995919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker keymaster1_device_t *getDeviceForBlob(const Blob& blob) const { 996fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker return blob.isFallback() ? mFallbackDevice: mDevice; 997fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker } 998fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker 999655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode initialize() { 1000655b958eb2180c7c06889f83f606d23421bf038cKenny Root readMetaData(); 1001655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (upgradeKeystore()) { 1002655b958eb2180c7c06889f83f606d23421bf038cKenny Root writeMetaData(); 1003655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1004655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1005655b958eb2180c7c06889f83f606d23421bf038cKenny Root return ::NO_ERROR; 1006655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1007655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1008655b958eb2180c7c06889f83f606d23421bf038cKenny Root State getState(uid_t uid) { 1009655b958eb2180c7c06889f83f606d23421bf038cKenny Root return getUserState(uid)->getState(); 1010655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1011655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1012655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode initializeUser(const android::String8& pw, uid_t uid) { 1013655b958eb2180c7c06889f83f606d23421bf038cKenny Root UserState* userState = getUserState(uid); 1014655b958eb2180c7c06889f83f606d23421bf038cKenny Root return userState->initialize(pw, mEntropy); 1015655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1016655b958eb2180c7c06889f83f606d23421bf038cKenny Root 10174e865753346fc6a075966972a7a98051818859dbRobin Lee ResponseCode copyMasterKey(uid_t src, uid_t uid) { 10184e865753346fc6a075966972a7a98051818859dbRobin Lee UserState *userState = getUserState(uid); 10194e865753346fc6a075966972a7a98051818859dbRobin Lee UserState *initState = getUserState(src); 10204e865753346fc6a075966972a7a98051818859dbRobin Lee return userState->copyMasterKey(initState); 10214e865753346fc6a075966972a7a98051818859dbRobin Lee } 10224e865753346fc6a075966972a7a98051818859dbRobin Lee 1023655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode writeMasterKey(const android::String8& pw, uid_t uid) { 102450122db50bcb6c1aab50ef235c8f9d264b50e97aRobin Lee UserState* userState = getUserState(uid); 1025655b958eb2180c7c06889f83f606d23421bf038cKenny Root return userState->writeMasterKey(pw, mEntropy); 1026655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1027655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1028655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode readMasterKey(const android::String8& pw, uid_t uid) { 102950122db50bcb6c1aab50ef235c8f9d264b50e97aRobin Lee UserState* userState = getUserState(uid); 1030655b958eb2180c7c06889f83f606d23421bf038cKenny Root return userState->readMasterKey(pw, mEntropy); 1031655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1032655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1033655b958eb2180c7c06889f83f606d23421bf038cKenny Root android::String8 getKeyName(const android::String8& keyName) { 1034a77e809ecff5190790906fb7a3c527259c735071Douglas Leung char encoded[encode_key_length(keyName) + 1]; // add 1 for null char 1035655b958eb2180c7c06889f83f606d23421bf038cKenny Root encode_key(encoded, keyName); 1036655b958eb2180c7c06889f83f606d23421bf038cKenny Root return android::String8(encoded); 1037655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1038655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1039655b958eb2180c7c06889f83f606d23421bf038cKenny Root android::String8 getKeyNameForUid(const android::String8& keyName, uid_t uid) { 1040a77e809ecff5190790906fb7a3c527259c735071Douglas Leung char encoded[encode_key_length(keyName) + 1]; // add 1 for null char 1041655b958eb2180c7c06889f83f606d23421bf038cKenny Root encode_key(encoded, keyName); 1042655b958eb2180c7c06889f83f606d23421bf038cKenny Root return android::String8::format("%u_%s", uid, encoded); 1043655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1044655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1045655b958eb2180c7c06889f83f606d23421bf038cKenny Root android::String8 getKeyNameForUidWithDir(const android::String8& keyName, uid_t uid) { 1046a77e809ecff5190790906fb7a3c527259c735071Douglas Leung char encoded[encode_key_length(keyName) + 1]; // add 1 for null char 1047655b958eb2180c7c06889f83f606d23421bf038cKenny Root encode_key(encoded, keyName); 1048655b958eb2180c7c06889f83f606d23421bf038cKenny Root return android::String8::format("%s/%u_%s", getUserState(uid)->getUserDirName(), uid, 1049655b958eb2180c7c06889f83f606d23421bf038cKenny Root encoded); 1050655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1051655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1052655b958eb2180c7c06889f83f606d23421bf038cKenny Root bool reset(uid_t uid) { 10534b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee android::String8 prefix(""); 10544b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee android::Vector<android::String16> aliases; 10554b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee if (saw(prefix, &aliases, uid) != ::NO_ERROR) { 10564b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee return ::SYSTEM_ERROR; 10574b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee } 10584b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee 1059655b958eb2180c7c06889f83f606d23421bf038cKenny Root UserState* userState = getUserState(uid); 10604b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee for (uint32_t i = 0; i < aliases.size(); i++) { 10614b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee android::String8 filename(aliases[i]); 10624b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee filename = android::String8::format("%s/%s", userState->getUserDirName(), 10634b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee getKeyName(filename).string()); 10644b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee del(filename, ::TYPE_ANY, uid); 10654b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee } 10664b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee 1067655b958eb2180c7c06889f83f606d23421bf038cKenny Root userState->zeroizeMasterKeysInMemory(); 1068655b958eb2180c7c06889f83f606d23421bf038cKenny Root userState->setState(STATE_UNINITIALIZED); 1069655b958eb2180c7c06889f83f606d23421bf038cKenny Root return userState->reset(); 1070655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1071655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1072655b958eb2180c7c06889f83f606d23421bf038cKenny Root bool isEmpty(uid_t uid) const { 1073655b958eb2180c7c06889f83f606d23421bf038cKenny Root const UserState* userState = getUserState(uid); 107431e27468b6d822adbd2aec9219a68c206aa6957cKenny Root if (userState == NULL || userState->getState() == STATE_UNINITIALIZED) { 1075655b958eb2180c7c06889f83f606d23421bf038cKenny Root return true; 1076655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1077655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1078655b958eb2180c7c06889f83f606d23421bf038cKenny Root DIR* dir = opendir(userState->getUserDirName()); 1079a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (!dir) { 1080a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return true; 1081a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 1082655b958eb2180c7c06889f83f606d23421bf038cKenny Root 108331e27468b6d822adbd2aec9219a68c206aa6957cKenny Root bool result = true; 108431e27468b6d822adbd2aec9219a68c206aa6957cKenny Root struct dirent* file; 1085a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root while ((file = readdir(dir)) != NULL) { 1086655b958eb2180c7c06889f83f606d23421bf038cKenny Root // We only care about files. 1087655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (file->d_type != DT_REG) { 1088655b958eb2180c7c06889f83f606d23421bf038cKenny Root continue; 1089655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1090655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1091655b958eb2180c7c06889f83f606d23421bf038cKenny Root // Skip anything that starts with a "." 1092655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (file->d_name[0] == '.') { 1093655b958eb2180c7c06889f83f606d23421bf038cKenny Root continue; 1094655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1095655b958eb2180c7c06889f83f606d23421bf038cKenny Root 109631e27468b6d822adbd2aec9219a68c206aa6957cKenny Root result = false; 109731e27468b6d822adbd2aec9219a68c206aa6957cKenny Root break; 1098a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 1099a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root closedir(dir); 1100a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return result; 1101a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 1102a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 1103655b958eb2180c7c06889f83f606d23421bf038cKenny Root void lock(uid_t uid) { 1104655b958eb2180c7c06889f83f606d23421bf038cKenny Root UserState* userState = getUserState(uid); 1105655b958eb2180c7c06889f83f606d23421bf038cKenny Root userState->zeroizeMasterKeysInMemory(); 1106655b958eb2180c7c06889f83f606d23421bf038cKenny Root userState->setState(STATE_LOCKED); 1107a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 1108a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 1109655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode get(const char* filename, Blob* keyBlob, const BlobType type, uid_t uid) { 1110655b958eb2180c7c06889f83f606d23421bf038cKenny Root UserState* userState = getUserState(uid); 1111f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root ResponseCode rc = keyBlob->readBlob(filename, userState->getDecryptionKey(), 1112f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root userState->getState()); 1113822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root if (rc != NO_ERROR) { 1114822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root return rc; 1115822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 1116822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 1117822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root const uint8_t version = keyBlob->getVersion(); 111807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (version < CURRENT_BLOB_VERSION) { 1119cfeae072c96d84f286ddbf0aff8055c12c7c4f15Kenny Root /* If we upgrade the key, we need to write it to disk again. Then 1120cfeae072c96d84f286ddbf0aff8055c12c7c4f15Kenny Root * it must be read it again since the blob is encrypted each time 1121cfeae072c96d84f286ddbf0aff8055c12c7c4f15Kenny Root * it's written. 1122cfeae072c96d84f286ddbf0aff8055c12c7c4f15Kenny Root */ 1123655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (upgradeBlob(filename, keyBlob, version, type, uid)) { 1124655b958eb2180c7c06889f83f606d23421bf038cKenny Root if ((rc = this->put(filename, keyBlob, uid)) != NO_ERROR 1125f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root || (rc = keyBlob->readBlob(filename, userState->getDecryptionKey(), 1126f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root userState->getState())) != NO_ERROR) { 1127cfeae072c96d84f286ddbf0aff8055c12c7c4f15Kenny Root return rc; 1128cfeae072c96d84f286ddbf0aff8055c12c7c4f15Kenny Root } 1129cfeae072c96d84f286ddbf0aff8055c12c7c4f15Kenny Root } 1130822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 1131822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 113217208e0de5a42722901d803118745cca25fd10c1Kenny Root /* 113317208e0de5a42722901d803118745cca25fd10c1Kenny Root * This will upgrade software-backed keys to hardware-backed keys when 113417208e0de5a42722901d803118745cca25fd10c1Kenny Root * the HAL for the device supports the newer key types. 113517208e0de5a42722901d803118745cca25fd10c1Kenny Root */ 113617208e0de5a42722901d803118745cca25fd10c1Kenny Root if (rc == NO_ERROR && type == TYPE_KEY_PAIR 113717208e0de5a42722901d803118745cca25fd10c1Kenny Root && mDevice->common.module->module_api_version >= KEYMASTER_MODULE_API_VERSION_0_2 113817208e0de5a42722901d803118745cca25fd10c1Kenny Root && keyBlob->isFallback()) { 113917208e0de5a42722901d803118745cca25fd10c1Kenny Root ResponseCode imported = importKey(keyBlob->getValue(), keyBlob->getLength(), filename, 114017208e0de5a42722901d803118745cca25fd10c1Kenny Root uid, keyBlob->isEncrypted() ? KEYSTORE_FLAG_ENCRYPTED : KEYSTORE_FLAG_NONE); 114117208e0de5a42722901d803118745cca25fd10c1Kenny Root 114217208e0de5a42722901d803118745cca25fd10c1Kenny Root // The HAL allowed the import, reget the key to have the "fresh" 114317208e0de5a42722901d803118745cca25fd10c1Kenny Root // version. 114417208e0de5a42722901d803118745cca25fd10c1Kenny Root if (imported == NO_ERROR) { 114517208e0de5a42722901d803118745cca25fd10c1Kenny Root rc = get(filename, keyBlob, TYPE_KEY_PAIR, uid); 114617208e0de5a42722901d803118745cca25fd10c1Kenny Root } 114717208e0de5a42722901d803118745cca25fd10c1Kenny Root } 114817208e0de5a42722901d803118745cca25fd10c1Kenny Root 1149d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root if (type != TYPE_ANY && keyBlob->getType() != type) { 1150822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root ALOGW("key found but type doesn't match: %d vs %d", keyBlob->getType(), type); 1151822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root return KEY_NOT_FOUND; 1152822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 1153822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 1154822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root return rc; 1155a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 1156a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 1157655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode put(const char* filename, Blob* keyBlob, uid_t uid) { 1158655b958eb2180c7c06889f83f606d23421bf038cKenny Root UserState* userState = getUserState(uid); 1159f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root return keyBlob->writeBlob(filename, userState->getEncryptionKey(), userState->getState(), 1160f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root mEntropy); 1161a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 1162a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 11634b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee ResponseCode del(const char *filename, const BlobType type, uid_t uid) { 11644b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee Blob keyBlob; 11654b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee ResponseCode rc = get(filename, &keyBlob, type, uid); 11664b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee if (rc != ::NO_ERROR) { 11674b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee return rc; 11684b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee } 11694b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee 11704b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee if (keyBlob.getType() == ::TYPE_KEY_PAIR) { 11714b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee // A device doesn't have to implement delete_keypair. 11724b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee if (mDevice->delete_keypair != NULL && !keyBlob.isFallback()) { 11734b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee if (mDevice->delete_keypair(mDevice, keyBlob.getValue(), keyBlob.getLength())) { 11744b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee rc = ::SYSTEM_ERROR; 11754b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee } 11764b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee } 11774b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee } 117817d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker if (keyBlob.getType() == ::TYPE_KEYMASTER_10) { 117917d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker keymaster1_device_t* dev = getDeviceForBlob(keyBlob); 118017d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker if (dev->delete_key) { 118117d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker keymaster_key_blob_t blob; 118217d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker blob.key_material = keyBlob.getValue(); 118317d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker blob.key_material_size = keyBlob.getLength(); 118417d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker dev->delete_key(dev, &blob); 118517d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker } 118617d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker } 11874b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee if (rc != ::NO_ERROR) { 11884b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee return rc; 11894b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee } 11904b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee 11914b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee return (unlink(filename) && errno != ENOENT) ? ::SYSTEM_ERROR : ::NO_ERROR; 11924b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee } 11934b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee 11944b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee ResponseCode saw(const android::String8& prefix, android::Vector<android::String16> *matches, 11954b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee uid_t uid) { 11964b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee 11974b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee UserState* userState = getUserState(uid); 11984b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee size_t n = prefix.length(); 11994b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee 12004b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee DIR* dir = opendir(userState->getUserDirName()); 12014b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee if (!dir) { 12024b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee ALOGW("can't open directory for user: %s", strerror(errno)); 12034b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee return ::SYSTEM_ERROR; 12044b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee } 12054b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee 12064b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee struct dirent* file; 12074b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee while ((file = readdir(dir)) != NULL) { 12084b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee // We only care about files. 12094b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee if (file->d_type != DT_REG) { 12104b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee continue; 12114b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee } 12124b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee 12134b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee // Skip anything that starts with a "." 12144b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee if (file->d_name[0] == '.') { 12154b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee continue; 12164b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee } 12174b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee 12184b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee if (!strncmp(prefix.string(), file->d_name, n)) { 12194b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee const char* p = &file->d_name[n]; 12204b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee size_t plen = strlen(p); 12214b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee 12224b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee size_t extra = decode_key_length(p, plen); 12234b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee char *match = (char*) malloc(extra + 1); 12244b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee if (match != NULL) { 12254b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee decode_key(match, p, plen); 12264b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee matches->push(android::String16(match, extra)); 12274b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee free(match); 12284b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee } else { 12294b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee ALOGW("could not allocate match of size %zd", extra); 12304b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee } 12314b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee } 12324b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee } 12334b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee closedir(dir); 12344b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee return ::NO_ERROR; 12354b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee } 12364b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee 123707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root void addGrant(const char* filename, uid_t granteeUid) { 1238655b958eb2180c7c06889f83f606d23421bf038cKenny Root const grant_t* existing = getGrant(filename, granteeUid); 1239655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (existing == NULL) { 1240655b958eb2180c7c06889f83f606d23421bf038cKenny Root grant_t* grant = new grant_t; 124107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root grant->uid = granteeUid; 1242a8c703d9fdd98e3caefb6e74cd03c2878cecd0a1Brian Carlstrom grant->filename = reinterpret_cast<const uint8_t*>(strdup(filename)); 1243655b958eb2180c7c06889f83f606d23421bf038cKenny Root mGrants.add(grant); 124470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 124570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 124670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 124707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root bool removeGrant(const char* filename, uid_t granteeUid) { 1248655b958eb2180c7c06889f83f606d23421bf038cKenny Root for (android::Vector<grant_t*>::iterator it(mGrants.begin()); 1249655b958eb2180c7c06889f83f606d23421bf038cKenny Root it != mGrants.end(); it++) { 1250655b958eb2180c7c06889f83f606d23421bf038cKenny Root grant_t* grant = *it; 1251655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (grant->uid == granteeUid 1252655b958eb2180c7c06889f83f606d23421bf038cKenny Root && !strcmp(reinterpret_cast<const char*>(grant->filename), filename)) { 1253655b958eb2180c7c06889f83f606d23421bf038cKenny Root mGrants.erase(it); 1254655b958eb2180c7c06889f83f606d23421bf038cKenny Root return true; 1255655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 125670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 125770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return false; 125870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 125970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 1260a8c703d9fdd98e3caefb6e74cd03c2878cecd0a1Brian Carlstrom bool hasGrant(const char* filename, const uid_t uid) const { 1261a8c703d9fdd98e3caefb6e74cd03c2878cecd0a1Brian Carlstrom return getGrant(filename, uid) != NULL; 126270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 126370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 1264f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root ResponseCode importKey(const uint8_t* key, size_t keyLen, const char* filename, uid_t uid, 1265f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root int32_t flags) { 1266822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root uint8_t* data; 1267822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root size_t dataLength; 1268822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root int rc; 1269822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 1270822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root if (mDevice->import_keypair == NULL) { 1271822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root ALOGE("Keymaster doesn't support import!"); 1272822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root return SYSTEM_ERROR; 1273822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 1274822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 127517208e0de5a42722901d803118745cca25fd10c1Kenny Root bool isFallback = false; 127607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root rc = mDevice->import_keypair(mDevice, key, keyLen, &data, &dataLength); 1277822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root if (rc) { 1278a39da5a226975f8b75f93de255a21d526ae8d334Kenny Root /* 1279a39da5a226975f8b75f93de255a21d526ae8d334Kenny Root * Maybe the device doesn't support this type of key. Try to use the 1280a39da5a226975f8b75f93de255a21d526ae8d334Kenny Root * software fallback keymaster implementation. This is a little bit 1281a39da5a226975f8b75f93de255a21d526ae8d334Kenny Root * lazier than checking the PKCS#8 key type, but the software 1282a39da5a226975f8b75f93de255a21d526ae8d334Kenny Root * implementation will do that anyway. 1283a39da5a226975f8b75f93de255a21d526ae8d334Kenny Root */ 12847c1eb75a6898452867ca28a4d7fad2d91edca615Chad Brubaker rc = mFallbackDevice->import_keypair(mFallbackDevice, key, keyLen, &data, &dataLength); 1285a39da5a226975f8b75f93de255a21d526ae8d334Kenny Root isFallback = true; 128617208e0de5a42722901d803118745cca25fd10c1Kenny Root 128717208e0de5a42722901d803118745cca25fd10c1Kenny Root if (rc) { 128817208e0de5a42722901d803118745cca25fd10c1Kenny Root ALOGE("Error while importing keypair: %d", rc); 128917208e0de5a42722901d803118745cca25fd10c1Kenny Root return SYSTEM_ERROR; 129017208e0de5a42722901d803118745cca25fd10c1Kenny Root } 1291822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 1292822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 1293822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root Blob keyBlob(data, dataLength, NULL, 0, TYPE_KEY_PAIR); 1294822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root free(data); 1295822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 1296f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root keyBlob.setEncrypted(flags & KEYSTORE_FLAG_ENCRYPTED); 129717208e0de5a42722901d803118745cca25fd10c1Kenny Root keyBlob.setFallback(isFallback); 1298f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root 1299655b958eb2180c7c06889f83f606d23421bf038cKenny Root return put(filename, &keyBlob, uid); 1300822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 1301822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 13021b0e3933900c7ea21189704d5db64e7346aee7afKenny Root bool isHardwareBacked(const android::String16& keyType) const { 13031b0e3933900c7ea21189704d5db64e7346aee7afKenny Root if (mDevice == NULL) { 13041b0e3933900c7ea21189704d5db64e7346aee7afKenny Root ALOGW("can't get keymaster device"); 13051b0e3933900c7ea21189704d5db64e7346aee7afKenny Root return false; 13061b0e3933900c7ea21189704d5db64e7346aee7afKenny Root } 13071b0e3933900c7ea21189704d5db64e7346aee7afKenny Root 13081b0e3933900c7ea21189704d5db64e7346aee7afKenny Root if (sRSAKeyType == keyType) { 13091b0e3933900c7ea21189704d5db64e7346aee7afKenny Root return (mDevice->flags & KEYMASTER_SOFTWARE_ONLY) == 0; 13101b0e3933900c7ea21189704d5db64e7346aee7afKenny Root } else { 13111b0e3933900c7ea21189704d5db64e7346aee7afKenny Root return (mDevice->flags & KEYMASTER_SOFTWARE_ONLY) == 0 13121b0e3933900c7ea21189704d5db64e7346aee7afKenny Root && (mDevice->common.module->module_api_version 13131b0e3933900c7ea21189704d5db64e7346aee7afKenny Root >= KEYMASTER_MODULE_API_VERSION_0_2); 13141b0e3933900c7ea21189704d5db64e7346aee7afKenny Root } 13158ddf35a6e1fd80a7d0685041d2bfc77078277c9dKenny Root } 13168ddf35a6e1fd80a7d0685041d2bfc77078277c9dKenny Root 1317655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode getKeyForName(Blob* keyBlob, const android::String8& keyName, const uid_t uid, 1318655b958eb2180c7c06889f83f606d23421bf038cKenny Root const BlobType type) { 131986b16e8c0d353af97f0411917789308dba417295Kenny Root android::String8 filepath8(getKeyNameForUidWithDir(keyName, uid)); 1320a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 1321655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode responseCode = get(filepath8.string(), keyBlob, type, uid); 1322655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (responseCode == NO_ERROR) { 1323655b958eb2180c7c06889f83f606d23421bf038cKenny Root return responseCode; 1324655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1325a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 1326655b958eb2180c7c06889f83f606d23421bf038cKenny Root // If this is one of the legacy UID->UID mappings, use it. 1327655b958eb2180c7c06889f83f606d23421bf038cKenny Root uid_t euid = get_keystore_euid(uid); 1328655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (euid != uid) { 132986b16e8c0d353af97f0411917789308dba417295Kenny Root filepath8 = getKeyNameForUidWithDir(keyName, euid); 1330655b958eb2180c7c06889f83f606d23421bf038cKenny Root responseCode = get(filepath8.string(), keyBlob, type, uid); 1331655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (responseCode == NO_ERROR) { 1332655b958eb2180c7c06889f83f606d23421bf038cKenny Root return responseCode; 1333655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1334655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 133570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 1336655b958eb2180c7c06889f83f606d23421bf038cKenny Root // They might be using a granted key. 133786b16e8c0d353af97f0411917789308dba417295Kenny Root android::String8 filename8 = getKeyName(keyName); 1338655b958eb2180c7c06889f83f606d23421bf038cKenny Root char* end; 133986b16e8c0d353af97f0411917789308dba417295Kenny Root strtoul(filename8.string(), &end, 10); 1340655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (end[0] != '_' || end[1] == 0) { 1341655b958eb2180c7c06889f83f606d23421bf038cKenny Root return KEY_NOT_FOUND; 1342655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 134386b16e8c0d353af97f0411917789308dba417295Kenny Root filepath8 = android::String8::format("%s/%s", getUserState(uid)->getUserDirName(), 134486b16e8c0d353af97f0411917789308dba417295Kenny Root filename8.string()); 1345655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (!hasGrant(filepath8.string(), uid)) { 1346655b958eb2180c7c06889f83f606d23421bf038cKenny Root return responseCode; 1347a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 1348a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 1349655b958eb2180c7c06889f83f606d23421bf038cKenny Root // It is a granted key. Try to load it. 1350655b958eb2180c7c06889f83f606d23421bf038cKenny Root return get(filepath8.string(), keyBlob, type, uid); 1351a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 1352a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 1353655b958eb2180c7c06889f83f606d23421bf038cKenny Root /** 1354655b958eb2180c7c06889f83f606d23421bf038cKenny Root * Returns any existing UserState or creates it if it doesn't exist. 1355655b958eb2180c7c06889f83f606d23421bf038cKenny Root */ 1356655b958eb2180c7c06889f83f606d23421bf038cKenny Root UserState* getUserState(uid_t uid) { 1357655b958eb2180c7c06889f83f606d23421bf038cKenny Root uid_t userId = get_user_id(uid); 1358655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1359655b958eb2180c7c06889f83f606d23421bf038cKenny Root for (android::Vector<UserState*>::iterator it(mMasterKeys.begin()); 1360655b958eb2180c7c06889f83f606d23421bf038cKenny Root it != mMasterKeys.end(); it++) { 1361655b958eb2180c7c06889f83f606d23421bf038cKenny Root UserState* state = *it; 1362655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (state->getUserId() == userId) { 1363655b958eb2180c7c06889f83f606d23421bf038cKenny Root return state; 1364655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1365a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 1366655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1367655b958eb2180c7c06889f83f606d23421bf038cKenny Root UserState* userState = new UserState(userId); 1368655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (!userState->initialize()) { 1369655b958eb2180c7c06889f83f606d23421bf038cKenny Root /* There's not much we can do if initialization fails. Trying to 1370655b958eb2180c7c06889f83f606d23421bf038cKenny Root * unlock the keystore for that user will fail as well, so any 1371655b958eb2180c7c06889f83f606d23421bf038cKenny Root * subsequent request for this user will just return SYSTEM_ERROR. 1372655b958eb2180c7c06889f83f606d23421bf038cKenny Root */ 1373655b958eb2180c7c06889f83f606d23421bf038cKenny Root ALOGE("User initialization failed for %u; subsuquent operations will fail", userId); 1374a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 1375655b958eb2180c7c06889f83f606d23421bf038cKenny Root mMasterKeys.add(userState); 1376655b958eb2180c7c06889f83f606d23421bf038cKenny Root return userState; 1377a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 1378a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 1379655b958eb2180c7c06889f83f606d23421bf038cKenny Root /** 1380655b958eb2180c7c06889f83f606d23421bf038cKenny Root * Returns NULL if the UserState doesn't already exist. 1381655b958eb2180c7c06889f83f606d23421bf038cKenny Root */ 1382655b958eb2180c7c06889f83f606d23421bf038cKenny Root const UserState* getUserState(uid_t uid) const { 1383655b958eb2180c7c06889f83f606d23421bf038cKenny Root uid_t userId = get_user_id(uid); 1384655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1385655b958eb2180c7c06889f83f606d23421bf038cKenny Root for (android::Vector<UserState*>::const_iterator it(mMasterKeys.begin()); 1386655b958eb2180c7c06889f83f606d23421bf038cKenny Root it != mMasterKeys.end(); it++) { 1387655b958eb2180c7c06889f83f606d23421bf038cKenny Root UserState* state = *it; 1388655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (state->getUserId() == userId) { 1389655b958eb2180c7c06889f83f606d23421bf038cKenny Root return state; 1390655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1391655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1392a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 1393655b958eb2180c7c06889f83f606d23421bf038cKenny Root return NULL; 1394a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 1395a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 1396655b958eb2180c7c06889f83f606d23421bf038cKenny Rootprivate: 1397655b958eb2180c7c06889f83f606d23421bf038cKenny Root static const char* sOldMasterKey; 1398655b958eb2180c7c06889f83f606d23421bf038cKenny Root static const char* sMetaDataFile; 13991b0e3933900c7ea21189704d5db64e7346aee7afKenny Root static const android::String16 sRSAKeyType; 1400655b958eb2180c7c06889f83f606d23421bf038cKenny Root Entropy* mEntropy; 140107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 1402919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker keymaster1_device_t* mDevice; 1403919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker keymaster1_device_t* mFallbackDevice; 1404a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 1405655b958eb2180c7c06889f83f606d23421bf038cKenny Root android::Vector<UserState*> mMasterKeys; 1406655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1407655b958eb2180c7c06889f83f606d23421bf038cKenny Root android::Vector<grant_t*> mGrants; 140870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 1409655b958eb2180c7c06889f83f606d23421bf038cKenny Root typedef struct { 1410655b958eb2180c7c06889f83f606d23421bf038cKenny Root uint32_t version; 1411655b958eb2180c7c06889f83f606d23421bf038cKenny Root } keystore_metadata_t; 141270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 1413655b958eb2180c7c06889f83f606d23421bf038cKenny Root keystore_metadata_t mMetaData; 1414655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1415655b958eb2180c7c06889f83f606d23421bf038cKenny Root const grant_t* getGrant(const char* filename, uid_t uid) const { 1416655b958eb2180c7c06889f83f606d23421bf038cKenny Root for (android::Vector<grant_t*>::const_iterator it(mGrants.begin()); 1417655b958eb2180c7c06889f83f606d23421bf038cKenny Root it != mGrants.end(); it++) { 1418655b958eb2180c7c06889f83f606d23421bf038cKenny Root grant_t* grant = *it; 141970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (grant->uid == uid 1420655b958eb2180c7c06889f83f606d23421bf038cKenny Root && !strcmp(reinterpret_cast<const char*>(grant->filename), filename)) { 142170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return grant; 142270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 142370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 142470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return NULL; 142570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 142670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 1427822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root /** 1428822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * Upgrade code. This will upgrade the key from the current version 1429822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * to whatever is newest. 1430822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root */ 1431655b958eb2180c7c06889f83f606d23421bf038cKenny Root bool upgradeBlob(const char* filename, Blob* blob, const uint8_t oldVersion, 1432655b958eb2180c7c06889f83f606d23421bf038cKenny Root const BlobType type, uid_t uid) { 1433822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root bool updated = false; 1434822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root uint8_t version = oldVersion; 1435822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 1436822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root /* From V0 -> V1: All old types were unknown */ 1437822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root if (version == 0) { 1438822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root ALOGV("upgrading to version 1 and setting type %d", type); 1439822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 1440822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root blob->setType(type); 1441822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root if (type == TYPE_KEY_PAIR) { 1442655b958eb2180c7c06889f83f606d23421bf038cKenny Root importBlobAsKey(blob, filename, uid); 1443822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 1444822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root version = 1; 1445822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root updated = true; 1446822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 1447822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 1448f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root /* From V1 -> V2: All old keys were encrypted */ 1449f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root if (version == 1) { 1450f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root ALOGV("upgrading to version 2"); 1451f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root 1452f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root blob->setEncrypted(true); 1453f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root version = 2; 1454f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root updated = true; 1455f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root } 1456f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root 1457822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root /* 1458822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * If we've updated, set the key blob to the right version 1459822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * and write it. 1460cfeae072c96d84f286ddbf0aff8055c12c7c4f15Kenny Root */ 1461822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root if (updated) { 1462822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root ALOGV("updated and writing file %s", filename); 1463822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root blob->setVersion(version); 1464822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 1465cfeae072c96d84f286ddbf0aff8055c12c7c4f15Kenny Root 1466cfeae072c96d84f286ddbf0aff8055c12c7c4f15Kenny Root return updated; 1467822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 1468822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 1469822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root /** 1470822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * Takes a blob that is an PEM-encoded RSA key as a byte array and 1471822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * converts it to a DER-encoded PKCS#8 for import into a keymaster. 1472822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * Then it overwrites the original blob with the new blob 1473822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root * format that is returned from the keymaster. 1474822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root */ 1475655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode importBlobAsKey(Blob* blob, const char* filename, uid_t uid) { 1476822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root // We won't even write to the blob directly with this BIO, so const_cast is okay. 1477822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root Unique_BIO b(BIO_new_mem_buf(const_cast<uint8_t*>(blob->getValue()), blob->getLength())); 1478822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root if (b.get() == NULL) { 1479822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root ALOGE("Problem instantiating BIO"); 1480822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root return SYSTEM_ERROR; 1481822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 1482822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 1483822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root Unique_EVP_PKEY pkey(PEM_read_bio_PrivateKey(b.get(), NULL, NULL, NULL)); 1484822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root if (pkey.get() == NULL) { 1485822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root ALOGE("Couldn't read old PEM file"); 1486822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root return SYSTEM_ERROR; 1487822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 1488822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 1489822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root Unique_PKCS8_PRIV_KEY_INFO pkcs8(EVP_PKEY2PKCS8(pkey.get())); 1490822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root int len = i2d_PKCS8_PRIV_KEY_INFO(pkcs8.get(), NULL); 1491822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root if (len < 0) { 1492822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root ALOGE("Couldn't measure PKCS#8 length"); 1493822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root return SYSTEM_ERROR; 1494822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 1495822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 149670c9889c5ca912e7c492580e1999f18ab65b267bKenny Root UniquePtr<unsigned char[]> pkcs8key(new unsigned char[len]); 149770c9889c5ca912e7c492580e1999f18ab65b267bKenny Root uint8_t* tmp = pkcs8key.get(); 1498822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root if (i2d_PKCS8_PRIV_KEY_INFO(pkcs8.get(), &tmp) != len) { 1499822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root ALOGE("Couldn't convert to PKCS#8"); 1500822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root return SYSTEM_ERROR; 1501822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 1502822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 1503f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root ResponseCode rc = importKey(pkcs8key.get(), len, filename, uid, 1504f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root blob->isEncrypted() ? KEYSTORE_FLAG_ENCRYPTED : KEYSTORE_FLAG_NONE); 1505822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root if (rc != NO_ERROR) { 1506822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root return rc; 1507822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 1508822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root 1509655b958eb2180c7c06889f83f606d23421bf038cKenny Root return get(filename, blob, TYPE_KEY_PAIR, uid); 1510822c3a99d930e9299e2fad2fb3e0ff91b119b95aKenny Root } 151170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 1512655b958eb2180c7c06889f83f606d23421bf038cKenny Root void readMetaData() { 1513655b958eb2180c7c06889f83f606d23421bf038cKenny Root int in = TEMP_FAILURE_RETRY(open(sMetaDataFile, O_RDONLY)); 1514655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (in < 0) { 1515655b958eb2180c7c06889f83f606d23421bf038cKenny Root return; 1516655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1517655b958eb2180c7c06889f83f606d23421bf038cKenny Root size_t fileLength = readFully(in, (uint8_t*) &mMetaData, sizeof(mMetaData)); 1518655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (fileLength != sizeof(mMetaData)) { 1519655b958eb2180c7c06889f83f606d23421bf038cKenny Root ALOGI("Metadata file is %zd bytes (%zd experted); upgrade?", fileLength, 1520655b958eb2180c7c06889f83f606d23421bf038cKenny Root sizeof(mMetaData)); 1521655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1522655b958eb2180c7c06889f83f606d23421bf038cKenny Root close(in); 152370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 152470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 1525655b958eb2180c7c06889f83f606d23421bf038cKenny Root void writeMetaData() { 1526655b958eb2180c7c06889f83f606d23421bf038cKenny Root const char* tmpFileName = ".metadata.tmp"; 1527655b958eb2180c7c06889f83f606d23421bf038cKenny Root int out = TEMP_FAILURE_RETRY(open(tmpFileName, 1528655b958eb2180c7c06889f83f606d23421bf038cKenny Root O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR)); 1529655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (out < 0) { 1530655b958eb2180c7c06889f83f606d23421bf038cKenny Root ALOGE("couldn't write metadata file: %s", strerror(errno)); 1531655b958eb2180c7c06889f83f606d23421bf038cKenny Root return; 1532655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1533655b958eb2180c7c06889f83f606d23421bf038cKenny Root size_t fileLength = writeFully(out, (uint8_t*) &mMetaData, sizeof(mMetaData)); 1534655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (fileLength != sizeof(mMetaData)) { 1535655b958eb2180c7c06889f83f606d23421bf038cKenny Root ALOGI("Could only write %zd bytes to metadata file (%zd expected)", fileLength, 1536655b958eb2180c7c06889f83f606d23421bf038cKenny Root sizeof(mMetaData)); 153770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 1538655b958eb2180c7c06889f83f606d23421bf038cKenny Root close(out); 1539655b958eb2180c7c06889f83f606d23421bf038cKenny Root rename(tmpFileName, sMetaDataFile); 154070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 154170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 1542655b958eb2180c7c06889f83f606d23421bf038cKenny Root bool upgradeKeystore() { 1543655b958eb2180c7c06889f83f606d23421bf038cKenny Root bool upgraded = false; 1544655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1545655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (mMetaData.version == 0) { 1546655b958eb2180c7c06889f83f606d23421bf038cKenny Root UserState* userState = getUserState(0); 1547655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1548655b958eb2180c7c06889f83f606d23421bf038cKenny Root // Initialize first so the directory is made. 1549655b958eb2180c7c06889f83f606d23421bf038cKenny Root userState->initialize(); 1550655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1551655b958eb2180c7c06889f83f606d23421bf038cKenny Root // Migrate the old .masterkey file to user 0. 1552655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (access(sOldMasterKey, R_OK) == 0) { 1553655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (rename(sOldMasterKey, userState->getMasterKeyFileName()) < 0) { 1554655b958eb2180c7c06889f83f606d23421bf038cKenny Root ALOGE("couldn't migrate old masterkey: %s", strerror(errno)); 1555655b958eb2180c7c06889f83f606d23421bf038cKenny Root return false; 1556655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1557655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1558655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1559655b958eb2180c7c06889f83f606d23421bf038cKenny Root // Initialize again in case we had a key. 1560655b958eb2180c7c06889f83f606d23421bf038cKenny Root userState->initialize(); 1561655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1562655b958eb2180c7c06889f83f606d23421bf038cKenny Root // Try to migrate existing keys. 1563655b958eb2180c7c06889f83f606d23421bf038cKenny Root DIR* dir = opendir("."); 1564655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (!dir) { 1565655b958eb2180c7c06889f83f606d23421bf038cKenny Root // Give up now; maybe we can upgrade later. 1566655b958eb2180c7c06889f83f606d23421bf038cKenny Root ALOGE("couldn't open keystore's directory; something is wrong"); 1567655b958eb2180c7c06889f83f606d23421bf038cKenny Root return false; 1568655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1569655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1570655b958eb2180c7c06889f83f606d23421bf038cKenny Root struct dirent* file; 1571655b958eb2180c7c06889f83f606d23421bf038cKenny Root while ((file = readdir(dir)) != NULL) { 1572655b958eb2180c7c06889f83f606d23421bf038cKenny Root // We only care about files. 1573655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (file->d_type != DT_REG) { 1574655b958eb2180c7c06889f83f606d23421bf038cKenny Root continue; 1575655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1576655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1577655b958eb2180c7c06889f83f606d23421bf038cKenny Root // Skip anything that starts with a "." 1578655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (file->d_name[0] == '.') { 1579655b958eb2180c7c06889f83f606d23421bf038cKenny Root continue; 1580655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1581655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1582655b958eb2180c7c06889f83f606d23421bf038cKenny Root // Find the current file's user. 1583655b958eb2180c7c06889f83f606d23421bf038cKenny Root char* end; 1584655b958eb2180c7c06889f83f606d23421bf038cKenny Root unsigned long thisUid = strtoul(file->d_name, &end, 10); 1585655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (end[0] != '_' || end[1] == 0) { 1586655b958eb2180c7c06889f83f606d23421bf038cKenny Root continue; 1587655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1588655b958eb2180c7c06889f83f606d23421bf038cKenny Root UserState* otherUser = getUserState(thisUid); 1589655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (otherUser->getUserId() != 0) { 1590655b958eb2180c7c06889f83f606d23421bf038cKenny Root unlinkat(dirfd(dir), file->d_name, 0); 1591655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1592655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1593655b958eb2180c7c06889f83f606d23421bf038cKenny Root // Rename the file into user directory. 1594655b958eb2180c7c06889f83f606d23421bf038cKenny Root DIR* otherdir = opendir(otherUser->getUserDirName()); 1595655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (otherdir == NULL) { 1596655b958eb2180c7c06889f83f606d23421bf038cKenny Root ALOGW("couldn't open user directory for rename"); 1597655b958eb2180c7c06889f83f606d23421bf038cKenny Root continue; 1598655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1599655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (renameat(dirfd(dir), file->d_name, dirfd(otherdir), file->d_name) < 0) { 1600655b958eb2180c7c06889f83f606d23421bf038cKenny Root ALOGW("couldn't rename blob: %s: %s", file->d_name, strerror(errno)); 1601655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1602655b958eb2180c7c06889f83f606d23421bf038cKenny Root closedir(otherdir); 1603655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1604655b958eb2180c7c06889f83f606d23421bf038cKenny Root closedir(dir); 1605655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1606655b958eb2180c7c06889f83f606d23421bf038cKenny Root mMetaData.version = 1; 1607655b958eb2180c7c06889f83f606d23421bf038cKenny Root upgraded = true; 1608655b958eb2180c7c06889f83f606d23421bf038cKenny Root } 1609655b958eb2180c7c06889f83f606d23421bf038cKenny Root 1610655b958eb2180c7c06889f83f606d23421bf038cKenny Root return upgraded; 161170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 1612655b958eb2180c7c06889f83f606d23421bf038cKenny Root}; 161370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 1614655b958eb2180c7c06889f83f606d23421bf038cKenny Rootconst char* KeyStore::sOldMasterKey = ".masterkey"; 1615655b958eb2180c7c06889f83f606d23421bf038cKenny Rootconst char* KeyStore::sMetaDataFile = ".metadata"; 161670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 16171b0e3933900c7ea21189704d5db64e7346aee7afKenny Rootconst android::String16 KeyStore::sRSAKeyType("RSA"); 16181b0e3933900c7ea21189704d5db64e7346aee7afKenny Root 161907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Rootnamespace android { 162007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Rootclass KeyStoreProxy : public BnKeystoreService, public IBinder::DeathRecipient { 162107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Rootpublic: 162207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root KeyStoreProxy(KeyStore* keyStore) 162340a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker : mKeyStore(keyStore), 162440a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker mOperationMap(this) 162507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root { 162607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 1627a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 162840a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker void binderDied(const wp<IBinder>& who) { 162940a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker auto operations = mOperationMap.getOperationsForToken(who.unsafe_get()); 163040a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker for (auto token: operations) { 163140a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker abort(token); 163240a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker } 163307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 1634a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 163507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int32_t test() { 1636d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 1637eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 1638eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_TEST, spid)) { 1639d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: test", callingUid); 164007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 164107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 1642a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 1643655b958eb2180c7c06889f83f606d23421bf038cKenny Root return mKeyStore->getState(callingUid); 1644a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 1645a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 164607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int32_t get(const String16& name, uint8_t** item, size_t* itemLength) { 1647d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 1648eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 1649eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_GET, spid)) { 1650d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: get", callingUid); 165107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 165207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 1653a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 165407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root String8 name8(name); 165507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root Blob keyBlob; 165666dbf67dd65b4808a15ef64f0ffde1275bdd58a9Nick Kralevich 1657655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode responseCode = mKeyStore->getKeyForName(&keyBlob, name8, callingUid, 1658494689083467ec372a58f094f041c8f102f39393Kenny Root TYPE_GENERIC); 165907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (responseCode != ::NO_ERROR) { 1660655b958eb2180c7c06889f83f606d23421bf038cKenny Root ALOGW("Could not read %s", name8.string()); 166107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root *item = NULL; 166207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root *itemLength = 0; 166307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return responseCode; 166407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 166507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 166607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root *item = (uint8_t*) malloc(keyBlob.getLength()); 166707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root memcpy(*item, keyBlob.getValue(), keyBlob.getLength()); 166807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root *itemLength = keyBlob.getLength(); 166907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 167007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::NO_ERROR; 1671a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 1672a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 1673f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root int32_t insert(const String16& name, const uint8_t* item, size_t itemLength, int targetUid, 1674f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root int32_t flags) { 1675eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 1676d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 1677eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_INSERT, spid)) { 1678d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: insert", callingUid); 167907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 168007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 168107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 1682f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root State state = mKeyStore->getState(callingUid); 1683f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root if ((flags & KEYSTORE_FLAG_ENCRYPTED) && !isKeystoreUnlocked(state)) { 1684f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root ALOGD("calling get in state: %d", state); 1685f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root return state; 1686f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root } 1687f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root 1688494689083467ec372a58f094f041c8f102f39393Kenny Root if (targetUid == -1) { 1689494689083467ec372a58f094f041c8f102f39393Kenny Root targetUid = callingUid; 1690494689083467ec372a58f094f041c8f102f39393Kenny Root } else if (!is_granted_to(callingUid, targetUid)) { 1691b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root return ::PERMISSION_DENIED; 1692b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root } 1693b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root 169407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root String8 name8(name); 1695655b958eb2180c7c06889f83f606d23421bf038cKenny Root String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, targetUid)); 169607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 169707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root Blob keyBlob(item, itemLength, NULL, 0, ::TYPE_GENERIC); 1698ee8068b9e7bfb2770635062fc9c2035be2142bd8Kenny Root keyBlob.setEncrypted(flags & KEYSTORE_FLAG_ENCRYPTED); 1699ee8068b9e7bfb2770635062fc9c2035be2142bd8Kenny Root 1700fa27d5bbc366e4ecb45aee5ae08565ab3ad3dcbcKenny Root return mKeyStore->put(filename.string(), &keyBlob, targetUid); 1701a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 1702a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 1703494689083467ec372a58f094f041c8f102f39393Kenny Root int32_t del(const String16& name, int targetUid) { 1704d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 1705eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 1706eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_DELETE, spid)) { 1707d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: del", callingUid); 170807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 170907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 171007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 1711494689083467ec372a58f094f041c8f102f39393Kenny Root if (targetUid == -1) { 1712494689083467ec372a58f094f041c8f102f39393Kenny Root targetUid = callingUid; 1713494689083467ec372a58f094f041c8f102f39393Kenny Root } else if (!is_granted_to(callingUid, targetUid)) { 1714b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root return ::PERMISSION_DENIED; 1715b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root } 1716b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root 171707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root String8 name8(name); 1718655b958eb2180c7c06889f83f606d23421bf038cKenny Root String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, targetUid)); 171917d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker return mKeyStore->del(filename.string(), ::TYPE_ANY, targetUid); 1720298e7b1b0f9116e2054d594d7538379d86585035Kenny Root } 1721298e7b1b0f9116e2054d594d7538379d86585035Kenny Root 1722494689083467ec372a58f094f041c8f102f39393Kenny Root int32_t exist(const String16& name, int targetUid) { 1723d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 1724eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 1725eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_EXIST, spid)) { 1726d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: exist", callingUid); 172707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 172807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 172907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 1730494689083467ec372a58f094f041c8f102f39393Kenny Root if (targetUid == -1) { 1731494689083467ec372a58f094f041c8f102f39393Kenny Root targetUid = callingUid; 1732494689083467ec372a58f094f041c8f102f39393Kenny Root } else if (!is_granted_to(callingUid, targetUid)) { 1733b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root return ::PERMISSION_DENIED; 1734b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root } 1735b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root 173607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root String8 name8(name); 1737655b958eb2180c7c06889f83f606d23421bf038cKenny Root String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, targetUid)); 173807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 1739655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (access(filename.string(), R_OK) == -1) { 174007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return (errno != ENOENT) ? ::SYSTEM_ERROR : ::KEY_NOT_FOUND; 174107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 174207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::NO_ERROR; 1743298e7b1b0f9116e2054d594d7538379d86585035Kenny Root } 1744298e7b1b0f9116e2054d594d7538379d86585035Kenny Root 1745494689083467ec372a58f094f041c8f102f39393Kenny Root int32_t saw(const String16& prefix, int targetUid, Vector<String16>* matches) { 1746d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 1747eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 1748eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_SAW, spid)) { 1749d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: saw", callingUid); 175007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 175107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 175207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 1753494689083467ec372a58f094f041c8f102f39393Kenny Root if (targetUid == -1) { 1754494689083467ec372a58f094f041c8f102f39393Kenny Root targetUid = callingUid; 1755494689083467ec372a58f094f041c8f102f39393Kenny Root } else if (!is_granted_to(callingUid, targetUid)) { 1756b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root return ::PERMISSION_DENIED; 1757b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root } 1758b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root 175907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root const String8 prefix8(prefix); 1760655b958eb2180c7c06889f83f606d23421bf038cKenny Root String8 filename(mKeyStore->getKeyNameForUid(prefix8, targetUid)); 176107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 17624b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee if (mKeyStore->saw(filename, matches, targetUid) != ::NO_ERROR) { 17634b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee return ::SYSTEM_ERROR; 176407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 176507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::NO_ERROR; 1766298e7b1b0f9116e2054d594d7538379d86585035Kenny Root } 1767298e7b1b0f9116e2054d594d7538379d86585035Kenny Root 176807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int32_t reset() { 1769d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 1770eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 1771eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_RESET, spid)) { 1772d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: reset", callingUid); 177307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 177407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 1775a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 17764b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee return mKeyStore->reset(callingUid) ? ::NO_ERROR : ::SYSTEM_ERROR; 1777a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 1778a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 177907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root /* 178007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * Here is the history. To improve the security, the parameters to generate the 178107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * master key has been changed. To make a seamless transition, we update the 178207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * file using the same password when the user unlock it for the first time. If 178307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * any thing goes wrong during the transition, the new file will not overwrite 178407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * the old one. This avoids permanent damages of the existing data. 178507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root */ 178607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int32_t password(const String16& password) { 1787d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 1788eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 1789eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_PASSWORD, spid)) { 1790d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: password", callingUid); 179107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 179207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 1793a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 179407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root const String8 password8(password); 1795a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 1796655b958eb2180c7c06889f83f606d23421bf038cKenny Root switch (mKeyStore->getState(callingUid)) { 179707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root case ::STATE_UNINITIALIZED: { 179807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root // generate master key, encrypt with password, write to file, initialize mMasterKey*. 1799655b958eb2180c7c06889f83f606d23421bf038cKenny Root return mKeyStore->initializeUser(password8, callingUid); 180007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 180107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root case ::STATE_NO_ERROR: { 180207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root // rewrite master key with new password. 1803655b958eb2180c7c06889f83f606d23421bf038cKenny Root return mKeyStore->writeMasterKey(password8, callingUid); 180407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 180507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root case ::STATE_LOCKED: { 180607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root // read master key, decrypt with password, initialize mMasterKey*. 1807655b958eb2180c7c06889f83f606d23421bf038cKenny Root return mKeyStore->readMasterKey(password8, callingUid); 180807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 180907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 181007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::SYSTEM_ERROR; 181107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 1812a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 181307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int32_t lock() { 1814d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 1815eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 1816eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_LOCK, spid)) { 1817d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: lock", callingUid); 181807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 181907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 182007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 1821655b958eb2180c7c06889f83f606d23421bf038cKenny Root State state = mKeyStore->getState(callingUid); 18229d45d1caba5135e6b8bd6d05d449e8dcf52b6802Kenny Root if (state != ::STATE_NO_ERROR) { 182307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root ALOGD("calling lock in state: %d", state); 182407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return state; 182507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 182670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 1827655b958eb2180c7c06889f83f606d23421bf038cKenny Root mKeyStore->lock(callingUid); 182807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::NO_ERROR; 182970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 1830a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 183107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int32_t unlock(const String16& pw) { 1832d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 1833eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 1834eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_UNLOCK, spid)) { 1835d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: unlock", callingUid); 183607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 183707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 183807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 1839655b958eb2180c7c06889f83f606d23421bf038cKenny Root State state = mKeyStore->getState(callingUid); 18409d45d1caba5135e6b8bd6d05d449e8dcf52b6802Kenny Root if (state != ::STATE_LOCKED) { 184107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root ALOGD("calling unlock when not locked"); 184207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return state; 184307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 184407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 184507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root const String8 password8(pw); 184607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return password(pw); 184770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 184870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 184907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int32_t zero() { 1850d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 1851eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 1852eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_ZERO, spid)) { 1853d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: zero", callingUid); 185407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return -1; 185507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 185670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 1857655b958eb2180c7c06889f83f606d23421bf038cKenny Root return mKeyStore->isEmpty(callingUid) ? ::KEY_NOT_FOUND : ::NO_ERROR; 185870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 185970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 186096427baf0094d50047049d329b0779c3c910402cKenny Root int32_t generate(const String16& name, int32_t targetUid, int32_t keyType, int32_t keySize, 186196427baf0094d50047049d329b0779c3c910402cKenny Root int32_t flags, Vector<sp<KeystoreArg> >* args) { 1862d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 1863eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 1864eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_INSERT, spid)) { 1865d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: generate", callingUid); 186607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 186707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 186870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 1869494689083467ec372a58f094f041c8f102f39393Kenny Root if (targetUid == -1) { 1870494689083467ec372a58f094f041c8f102f39393Kenny Root targetUid = callingUid; 1871494689083467ec372a58f094f041c8f102f39393Kenny Root } else if (!is_granted_to(callingUid, targetUid)) { 1872b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root return ::PERMISSION_DENIED; 1873b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root } 1874b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root 1875655b958eb2180c7c06889f83f606d23421bf038cKenny Root State state = mKeyStore->getState(callingUid); 1876f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root if ((flags & KEYSTORE_FLAG_ENCRYPTED) && !isKeystoreUnlocked(state)) { 1877f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root ALOGW("calling generate in state: %d", state); 187807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return state; 187907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 188070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 188107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root uint8_t* data; 188207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root size_t dataLength; 188307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int rc; 188417208e0de5a42722901d803118745cca25fd10c1Kenny Root bool isFallback = false; 188570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 1886919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker const keymaster1_device_t* device = mKeyStore->getDevice(); 1887919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker const keymaster1_device_t* fallback = mKeyStore->getFallbackDevice(); 188807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (device == NULL) { 188907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::SYSTEM_ERROR; 189007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 189170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 189207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (device->generate_keypair == NULL) { 189307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::SYSTEM_ERROR; 189407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 189570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 189617208e0de5a42722901d803118745cca25fd10c1Kenny Root if (keyType == EVP_PKEY_DSA) { 189796427baf0094d50047049d329b0779c3c910402cKenny Root keymaster_dsa_keygen_params_t dsa_params; 189896427baf0094d50047049d329b0779c3c910402cKenny Root memset(&dsa_params, '\0', sizeof(dsa_params)); 189996427baf0094d50047049d329b0779c3c910402cKenny Root 190096427baf0094d50047049d329b0779c3c910402cKenny Root if (keySize == -1) { 190196427baf0094d50047049d329b0779c3c910402cKenny Root keySize = DSA_DEFAULT_KEY_SIZE; 190296427baf0094d50047049d329b0779c3c910402cKenny Root } else if ((keySize % 64) != 0 || keySize < DSA_MIN_KEY_SIZE 190396427baf0094d50047049d329b0779c3c910402cKenny Root || keySize > DSA_MAX_KEY_SIZE) { 190496427baf0094d50047049d329b0779c3c910402cKenny Root ALOGI("invalid key size %d", keySize); 190596427baf0094d50047049d329b0779c3c910402cKenny Root return ::SYSTEM_ERROR; 190696427baf0094d50047049d329b0779c3c910402cKenny Root } 190796427baf0094d50047049d329b0779c3c910402cKenny Root dsa_params.key_size = keySize; 190896427baf0094d50047049d329b0779c3c910402cKenny Root 190996427baf0094d50047049d329b0779c3c910402cKenny Root if (args->size() == 3) { 191096427baf0094d50047049d329b0779c3c910402cKenny Root sp<KeystoreArg> gArg = args->itemAt(0); 191196427baf0094d50047049d329b0779c3c910402cKenny Root sp<KeystoreArg> pArg = args->itemAt(1); 191296427baf0094d50047049d329b0779c3c910402cKenny Root sp<KeystoreArg> qArg = args->itemAt(2); 191396427baf0094d50047049d329b0779c3c910402cKenny Root 191496427baf0094d50047049d329b0779c3c910402cKenny Root if (gArg != NULL && pArg != NULL && qArg != NULL) { 191596427baf0094d50047049d329b0779c3c910402cKenny Root dsa_params.generator = reinterpret_cast<const uint8_t*>(gArg->data()); 191696427baf0094d50047049d329b0779c3c910402cKenny Root dsa_params.generator_len = gArg->size(); 191796427baf0094d50047049d329b0779c3c910402cKenny Root 191896427baf0094d50047049d329b0779c3c910402cKenny Root dsa_params.prime_p = reinterpret_cast<const uint8_t*>(pArg->data()); 191996427baf0094d50047049d329b0779c3c910402cKenny Root dsa_params.prime_p_len = pArg->size(); 192096427baf0094d50047049d329b0779c3c910402cKenny Root 192196427baf0094d50047049d329b0779c3c910402cKenny Root dsa_params.prime_q = reinterpret_cast<const uint8_t*>(qArg->data()); 192296427baf0094d50047049d329b0779c3c910402cKenny Root dsa_params.prime_q_len = qArg->size(); 192396427baf0094d50047049d329b0779c3c910402cKenny Root } else { 192496427baf0094d50047049d329b0779c3c910402cKenny Root ALOGI("not all DSA parameters were read"); 192596427baf0094d50047049d329b0779c3c910402cKenny Root return ::SYSTEM_ERROR; 192696427baf0094d50047049d329b0779c3c910402cKenny Root } 192796427baf0094d50047049d329b0779c3c910402cKenny Root } else if (args->size() != 0) { 192896427baf0094d50047049d329b0779c3c910402cKenny Root ALOGI("DSA args must be 3"); 192996427baf0094d50047049d329b0779c3c910402cKenny Root return ::SYSTEM_ERROR; 193096427baf0094d50047049d329b0779c3c910402cKenny Root } 193196427baf0094d50047049d329b0779c3c910402cKenny Root 19321d448c074a86ef5d05a22fdf1358718976628a86Kenny Root if (isKeyTypeSupported(device, TYPE_DSA)) { 193317208e0de5a42722901d803118745cca25fd10c1Kenny Root rc = device->generate_keypair(device, TYPE_DSA, &dsa_params, &data, &dataLength); 193417208e0de5a42722901d803118745cca25fd10c1Kenny Root } else { 193517208e0de5a42722901d803118745cca25fd10c1Kenny Root isFallback = true; 1936fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker rc = fallback->generate_keypair(fallback, TYPE_DSA, &dsa_params, &data, 1937fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker &dataLength); 193817208e0de5a42722901d803118745cca25fd10c1Kenny Root } 193917208e0de5a42722901d803118745cca25fd10c1Kenny Root } else if (keyType == EVP_PKEY_EC) { 194096427baf0094d50047049d329b0779c3c910402cKenny Root keymaster_ec_keygen_params_t ec_params; 194196427baf0094d50047049d329b0779c3c910402cKenny Root memset(&ec_params, '\0', sizeof(ec_params)); 194296427baf0094d50047049d329b0779c3c910402cKenny Root 194396427baf0094d50047049d329b0779c3c910402cKenny Root if (keySize == -1) { 194496427baf0094d50047049d329b0779c3c910402cKenny Root keySize = EC_DEFAULT_KEY_SIZE; 194596427baf0094d50047049d329b0779c3c910402cKenny Root } else if (keySize < EC_MIN_KEY_SIZE || keySize > EC_MAX_KEY_SIZE) { 194696427baf0094d50047049d329b0779c3c910402cKenny Root ALOGI("invalid key size %d", keySize); 194796427baf0094d50047049d329b0779c3c910402cKenny Root return ::SYSTEM_ERROR; 194896427baf0094d50047049d329b0779c3c910402cKenny Root } 194996427baf0094d50047049d329b0779c3c910402cKenny Root ec_params.field_size = keySize; 195096427baf0094d50047049d329b0779c3c910402cKenny Root 19511d448c074a86ef5d05a22fdf1358718976628a86Kenny Root if (isKeyTypeSupported(device, TYPE_EC)) { 195217208e0de5a42722901d803118745cca25fd10c1Kenny Root rc = device->generate_keypair(device, TYPE_EC, &ec_params, &data, &dataLength); 195317208e0de5a42722901d803118745cca25fd10c1Kenny Root } else { 195417208e0de5a42722901d803118745cca25fd10c1Kenny Root isFallback = true; 1955fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker rc = fallback->generate_keypair(fallback, TYPE_EC, &ec_params, &data, &dataLength); 195617208e0de5a42722901d803118745cca25fd10c1Kenny Root } 195796427baf0094d50047049d329b0779c3c910402cKenny Root } else if (keyType == EVP_PKEY_RSA) { 195896427baf0094d50047049d329b0779c3c910402cKenny Root keymaster_rsa_keygen_params_t rsa_params; 195996427baf0094d50047049d329b0779c3c910402cKenny Root memset(&rsa_params, '\0', sizeof(rsa_params)); 196096427baf0094d50047049d329b0779c3c910402cKenny Root rsa_params.public_exponent = RSA_DEFAULT_EXPONENT; 196196427baf0094d50047049d329b0779c3c910402cKenny Root 196296427baf0094d50047049d329b0779c3c910402cKenny Root if (keySize == -1) { 196396427baf0094d50047049d329b0779c3c910402cKenny Root keySize = RSA_DEFAULT_KEY_SIZE; 196496427baf0094d50047049d329b0779c3c910402cKenny Root } else if (keySize < RSA_MIN_KEY_SIZE || keySize > RSA_MAX_KEY_SIZE) { 196596427baf0094d50047049d329b0779c3c910402cKenny Root ALOGI("invalid key size %d", keySize); 196696427baf0094d50047049d329b0779c3c910402cKenny Root return ::SYSTEM_ERROR; 196796427baf0094d50047049d329b0779c3c910402cKenny Root } 196896427baf0094d50047049d329b0779c3c910402cKenny Root rsa_params.modulus_size = keySize; 196996427baf0094d50047049d329b0779c3c910402cKenny Root 197096427baf0094d50047049d329b0779c3c910402cKenny Root if (args->size() > 1) { 19716489e02e134e4779d35c4a340ff68ad445fde133Matteo Franchin ALOGI("invalid number of arguments: %zu", args->size()); 197296427baf0094d50047049d329b0779c3c910402cKenny Root return ::SYSTEM_ERROR; 197396427baf0094d50047049d329b0779c3c910402cKenny Root } else if (args->size() == 1) { 197496427baf0094d50047049d329b0779c3c910402cKenny Root sp<KeystoreArg> pubExpBlob = args->itemAt(0); 197596427baf0094d50047049d329b0779c3c910402cKenny Root if (pubExpBlob != NULL) { 197696427baf0094d50047049d329b0779c3c910402cKenny Root Unique_BIGNUM pubExpBn( 197796427baf0094d50047049d329b0779c3c910402cKenny Root BN_bin2bn(reinterpret_cast<const unsigned char*>(pubExpBlob->data()), 197896427baf0094d50047049d329b0779c3c910402cKenny Root pubExpBlob->size(), NULL)); 197996427baf0094d50047049d329b0779c3c910402cKenny Root if (pubExpBn.get() == NULL) { 198096427baf0094d50047049d329b0779c3c910402cKenny Root ALOGI("Could not convert public exponent to BN"); 198196427baf0094d50047049d329b0779c3c910402cKenny Root return ::SYSTEM_ERROR; 198296427baf0094d50047049d329b0779c3c910402cKenny Root } 198396427baf0094d50047049d329b0779c3c910402cKenny Root unsigned long pubExp = BN_get_word(pubExpBn.get()); 198496427baf0094d50047049d329b0779c3c910402cKenny Root if (pubExp == 0xFFFFFFFFL) { 198596427baf0094d50047049d329b0779c3c910402cKenny Root ALOGI("cannot represent public exponent as a long value"); 198696427baf0094d50047049d329b0779c3c910402cKenny Root return ::SYSTEM_ERROR; 198796427baf0094d50047049d329b0779c3c910402cKenny Root } 198896427baf0094d50047049d329b0779c3c910402cKenny Root rsa_params.public_exponent = pubExp; 198996427baf0094d50047049d329b0779c3c910402cKenny Root } 199096427baf0094d50047049d329b0779c3c910402cKenny Root } 199196427baf0094d50047049d329b0779c3c910402cKenny Root 199296427baf0094d50047049d329b0779c3c910402cKenny Root rc = device->generate_keypair(device, TYPE_RSA, &rsa_params, &data, &dataLength); 199396427baf0094d50047049d329b0779c3c910402cKenny Root } else { 199496427baf0094d50047049d329b0779c3c910402cKenny Root ALOGW("Unsupported key type %d", keyType); 199596427baf0094d50047049d329b0779c3c910402cKenny Root rc = -1; 199696427baf0094d50047049d329b0779c3c910402cKenny Root } 199770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 199807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (rc) { 199907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::SYSTEM_ERROR; 200007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 200170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2002655b958eb2180c7c06889f83f606d23421bf038cKenny Root String8 name8(name); 2003655b958eb2180c7c06889f83f606d23421bf038cKenny Root String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, callingUid)); 200470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 200507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root Blob keyBlob(data, dataLength, NULL, 0, TYPE_KEY_PAIR); 200607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root free(data); 200707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 2008ee8068b9e7bfb2770635062fc9c2035be2142bd8Kenny Root keyBlob.setEncrypted(flags & KEYSTORE_FLAG_ENCRYPTED); 200917208e0de5a42722901d803118745cca25fd10c1Kenny Root keyBlob.setFallback(isFallback); 201017208e0de5a42722901d803118745cca25fd10c1Kenny Root 2011655b958eb2180c7c06889f83f606d23421bf038cKenny Root return mKeyStore->put(filename.string(), &keyBlob, callingUid); 201270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 201370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2014f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root int32_t import(const String16& name, const uint8_t* data, size_t length, int targetUid, 2015f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root int32_t flags) { 2016d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 2017eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 2018eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_INSERT, spid)) { 2019d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: import", callingUid); 202007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 202107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 202270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2023494689083467ec372a58f094f041c8f102f39393Kenny Root if (targetUid == -1) { 2024494689083467ec372a58f094f041c8f102f39393Kenny Root targetUid = callingUid; 2025494689083467ec372a58f094f041c8f102f39393Kenny Root } else if (!is_granted_to(callingUid, targetUid)) { 2026b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root return ::PERMISSION_DENIED; 2027b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root } 2028b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root 2029fa27d5bbc366e4ecb45aee5ae08565ab3ad3dcbcKenny Root State state = mKeyStore->getState(targetUid); 2030f9119d6414f43ef669d64e9e53feb043eda49cf3Kenny Root if ((flags & KEYSTORE_FLAG_ENCRYPTED) && !isKeystoreUnlocked(state)) { 203107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root ALOGD("calling import in state: %d", state); 203207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return state; 203307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 203470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 203507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root String8 name8(name); 203660898896c3f3b2245d10076cac64346c956dbaa5Kenny Root String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, targetUid)); 203770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2038fa27d5bbc366e4ecb45aee5ae08565ab3ad3dcbcKenny Root return mKeyStore->importKey(data, length, filename.string(), targetUid, flags); 203970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 204070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 204107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int32_t sign(const String16& name, const uint8_t* data, size_t length, uint8_t** out, 204207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root size_t* outLength) { 2043d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 2044eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 2045eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_SIGN, spid)) { 2046d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: saw", callingUid); 204707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 204807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 20499a53d3eaf42104ddf02feeccec3cf7f5c1a34baeKenny Root 205007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root Blob keyBlob; 205107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root String8 name8(name); 205270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2053d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGV("sign %s from uid %d", name8.string(), callingUid); 205407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int rc; 205570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2056655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode responseCode = mKeyStore->getKeyForName(&keyBlob, name8, callingUid, 2057d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ::TYPE_KEY_PAIR); 205807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (responseCode != ::NO_ERROR) { 205907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return responseCode; 206007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 206170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2062919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker const keymaster1_device_t* device = mKeyStore->getDeviceForBlob(keyBlob); 206307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (device == NULL) { 206407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root ALOGE("no keymaster device; cannot sign"); 206507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::SYSTEM_ERROR; 206607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 206770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 206807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (device->sign_data == NULL) { 206907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root ALOGE("device doesn't implement signing"); 207007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::SYSTEM_ERROR; 207107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 207270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 207307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root keymaster_rsa_sign_params_t params; 207407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root params.digest_type = DIGEST_NONE; 207507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root params.padding_type = PADDING_NONE; 2076fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker rc = device->sign_data(device, ¶ms, keyBlob.getValue(), keyBlob.getLength(), data, 2077fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker length, out, outLength); 207807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (rc) { 207907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root ALOGW("device couldn't sign data"); 208007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::SYSTEM_ERROR; 208107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 208270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 208307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::NO_ERROR; 208470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 208570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 208607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int32_t verify(const String16& name, const uint8_t* data, size_t dataLength, 208707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root const uint8_t* signature, size_t signatureLength) { 2088d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 2089eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 2090eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_VERIFY, spid)) { 2091d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: verify", callingUid); 209207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 209307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 209470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2095655b958eb2180c7c06889f83f606d23421bf038cKenny Root State state = mKeyStore->getState(callingUid); 20969d45d1caba5135e6b8bd6d05d449e8dcf52b6802Kenny Root if (!isKeystoreUnlocked(state)) { 209707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root ALOGD("calling verify in state: %d", state); 209807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return state; 209907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 210070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 210107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root Blob keyBlob; 210207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root String8 name8(name); 210307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int rc; 210470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2105655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode responseCode = mKeyStore->getKeyForName(&keyBlob, name8, callingUid, 2106494689083467ec372a58f094f041c8f102f39393Kenny Root TYPE_KEY_PAIR); 210707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (responseCode != ::NO_ERROR) { 210807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return responseCode; 210907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 211070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2111919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker const keymaster1_device_t* device = mKeyStore->getDeviceForBlob(keyBlob); 211207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (device == NULL) { 211307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::SYSTEM_ERROR; 211407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 211570e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 211607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (device->verify_data == NULL) { 211707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::SYSTEM_ERROR; 211807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 211907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 212007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root keymaster_rsa_sign_params_t params; 212107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root params.digest_type = DIGEST_NONE; 212207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root params.padding_type = PADDING_NONE; 212370e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2124fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker rc = device->verify_data(device, ¶ms, keyBlob.getValue(), keyBlob.getLength(), data, 2125fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker dataLength, signature, signatureLength); 212607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (rc) { 212707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::SYSTEM_ERROR; 212807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } else { 212907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::NO_ERROR; 213007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 213170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 213270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 213307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root /* 213407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * TODO: The abstraction between things stored in hardware and regular blobs 213507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * of data stored on the filesystem should be moved down to keystore itself. 213607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * Unfortunately the Java code that calls this has naming conventions that it 213707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * knows about. Ideally keystore shouldn't be used to store random blobs of 213807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * data. 213907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * 214007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * Until that happens, it's necessary to have a separate "get_pubkey" and 214107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * "del_key" since the Java code doesn't really communicate what it's 214207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * intentions are. 214307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root */ 214407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int32_t get_pubkey(const String16& name, uint8_t** pubkey, size_t* pubkeyLength) { 2145d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 2146eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 2147eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_GET, spid)) { 2148d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: get_pubkey", callingUid); 214907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 215007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 215170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 215207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root Blob keyBlob; 215307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root String8 name8(name); 215470e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2155d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGV("get_pubkey '%s' from uid %d", name8.string(), callingUid); 215670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2157655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode responseCode = mKeyStore->getKeyForName(&keyBlob, name8, callingUid, 215807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root TYPE_KEY_PAIR); 215907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (responseCode != ::NO_ERROR) { 216007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return responseCode; 216107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 216270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2163919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker const keymaster1_device_t* device = mKeyStore->getDeviceForBlob(keyBlob); 216407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (device == NULL) { 216507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::SYSTEM_ERROR; 216607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 216770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 216807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (device->get_keypair_public == NULL) { 216907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root ALOGE("device has no get_keypair_public implementation!"); 217007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::SYSTEM_ERROR; 217107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 2172344e0bc23ca46b9acec97ac8bcd87949bde0ccabKenny Root 217317208e0de5a42722901d803118745cca25fd10c1Kenny Root int rc; 2174fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker rc = device->get_keypair_public(device, keyBlob.getValue(), keyBlob.getLength(), pubkey, 2175fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker pubkeyLength); 217607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (rc) { 217707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::SYSTEM_ERROR; 217807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 2179344e0bc23ca46b9acec97ac8bcd87949bde0ccabKenny Root 218007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::NO_ERROR; 2181344e0bc23ca46b9acec97ac8bcd87949bde0ccabKenny Root } 2182344e0bc23ca46b9acec97ac8bcd87949bde0ccabKenny Root 2183494689083467ec372a58f094f041c8f102f39393Kenny Root int32_t del_key(const String16& name, int targetUid) { 2184d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 2185eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 2186eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_DELETE, spid)) { 2187d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: del_key", callingUid); 218807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 218907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 2190344e0bc23ca46b9acec97ac8bcd87949bde0ccabKenny Root 2191494689083467ec372a58f094f041c8f102f39393Kenny Root if (targetUid == -1) { 2192494689083467ec372a58f094f041c8f102f39393Kenny Root targetUid = callingUid; 2193494689083467ec372a58f094f041c8f102f39393Kenny Root } else if (!is_granted_to(callingUid, targetUid)) { 2194b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root return ::PERMISSION_DENIED; 2195b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root } 2196b88c3eb96625513df4cc998d739d17266ebaf89fKenny Root 219707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root String8 name8(name); 2198fa27d5bbc366e4ecb45aee5ae08565ab3ad3dcbcKenny Root String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, targetUid)); 21994b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee return mKeyStore->del(filename.string(), ::TYPE_KEY_PAIR, targetUid); 2200a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 220107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 220207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int32_t grant(const String16& name, int32_t granteeUid) { 2203d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 2204eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 2205eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_GRANT, spid)) { 2206d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: grant", callingUid); 220707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 220807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 220907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 2210655b958eb2180c7c06889f83f606d23421bf038cKenny Root State state = mKeyStore->getState(callingUid); 22119d45d1caba5135e6b8bd6d05d449e8dcf52b6802Kenny Root if (!isKeystoreUnlocked(state)) { 221207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root ALOGD("calling grant in state: %d", state); 221307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return state; 221407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 221507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 221607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root String8 name8(name); 2217655b958eb2180c7c06889f83f606d23421bf038cKenny Root String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, callingUid)); 221807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 2219655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (access(filename.string(), R_OK) == -1) { 222007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return (errno != ENOENT) ? ::SYSTEM_ERROR : ::KEY_NOT_FOUND; 222107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 222207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 2223655b958eb2180c7c06889f83f606d23421bf038cKenny Root mKeyStore->addGrant(filename.string(), granteeUid); 222407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::NO_ERROR; 2225a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 222607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 222707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int32_t ungrant(const String16& name, int32_t granteeUid) { 2228d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 2229eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 2230eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_GRANT, spid)) { 2231d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: ungrant", callingUid); 223207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return ::PERMISSION_DENIED; 223307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 223407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 2235655b958eb2180c7c06889f83f606d23421bf038cKenny Root State state = mKeyStore->getState(callingUid); 22369d45d1caba5135e6b8bd6d05d449e8dcf52b6802Kenny Root if (!isKeystoreUnlocked(state)) { 223707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root ALOGD("calling ungrant in state: %d", state); 223807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return state; 223907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 224007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 224107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root String8 name8(name); 2242655b958eb2180c7c06889f83f606d23421bf038cKenny Root String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, callingUid)); 224307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 2244655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (access(filename.string(), R_OK) == -1) { 224507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return (errno != ENOENT) ? ::SYSTEM_ERROR : ::KEY_NOT_FOUND; 224607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 224707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 2248655b958eb2180c7c06889f83f606d23421bf038cKenny Root return mKeyStore->removeGrant(filename.string(), granteeUid) ? ::NO_ERROR : ::KEY_NOT_FOUND; 2249a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 225007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 225107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int64_t getmtime(const String16& name) { 2252d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 2253eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 2254eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_GET, spid)) { 2255d38a0b07a3104fcb1e747a0fa06641dee8fc058fKenny Root ALOGW("permission denied for %d: getmtime", callingUid); 225636a9e231e03734cd2143383d26388455c1764e17Kenny Root return -1L; 225707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 225807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 225907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root String8 name8(name); 2260655b958eb2180c7c06889f83f606d23421bf038cKenny Root String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, callingUid)); 226107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 2262655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (access(filename.string(), R_OK) == -1) { 2263655b958eb2180c7c06889f83f606d23421bf038cKenny Root ALOGW("could not access %s for getmtime", filename.string()); 226436a9e231e03734cd2143383d26388455c1764e17Kenny Root return -1L; 2265a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 226607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 2267655b958eb2180c7c06889f83f606d23421bf038cKenny Root int fd = TEMP_FAILURE_RETRY(open(filename.string(), O_NOFOLLOW, O_RDONLY)); 226807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (fd < 0) { 2269655b958eb2180c7c06889f83f606d23421bf038cKenny Root ALOGW("could not open %s for getmtime", filename.string()); 227036a9e231e03734cd2143383d26388455c1764e17Kenny Root return -1L; 227107438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 227207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 227307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root struct stat s; 227407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root int ret = fstat(fd, &s); 227507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root close(fd); 227607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (ret == -1) { 2277655b958eb2180c7c06889f83f606d23421bf038cKenny Root ALOGW("could not stat %s for getmtime", filename.string()); 227836a9e231e03734cd2143383d26388455c1764e17Kenny Root return -1L; 227907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root } 228007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 228136a9e231e03734cd2143383d26388455c1764e17Kenny Root return static_cast<int64_t>(s.st_mtime); 2282a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 228307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 2284d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root int32_t duplicate(const String16& srcKey, int32_t srcUid, const String16& destKey, 2285d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root int32_t destUid) { 22860225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 2287eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 2288eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_DUPLICATE, spid)) { 2289d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root ALOGW("permission denied for %d: duplicate", callingUid); 22900225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root return -1L; 22910225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root } 22920225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root 2293655b958eb2180c7c06889f83f606d23421bf038cKenny Root State state = mKeyStore->getState(callingUid); 22940225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root if (!isKeystoreUnlocked(state)) { 2295d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root ALOGD("calling duplicate in state: %d", state); 22960225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root return state; 22970225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root } 22980225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root 2299d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root if (srcUid == -1 || static_cast<uid_t>(srcUid) == callingUid) { 2300d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root srcUid = callingUid; 2301d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root } else if (!is_granted_to(callingUid, srcUid)) { 2302d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root ALOGD("migrate not granted from source: %d -> %d", callingUid, srcUid); 23030225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root return ::PERMISSION_DENIED; 23040225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root } 23050225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root 2306d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root if (destUid == -1) { 2307d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root destUid = callingUid; 2308d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root } 23090225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root 2310d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root if (srcUid != destUid) { 2311d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root if (static_cast<uid_t>(srcUid) != callingUid) { 2312d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root ALOGD("can only duplicate from caller to other or to same uid: " 2313d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root "calling=%d, srcUid=%d, destUid=%d", callingUid, srcUid, destUid); 2314d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root return ::PERMISSION_DENIED; 2315d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root } 23160225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root 2317d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root if (!is_granted_to(callingUid, destUid)) { 2318d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root ALOGD("duplicate not granted to dest: %d -> %d", callingUid, destUid); 2319d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root return ::PERMISSION_DENIED; 2320d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root } 23210225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root } 23220225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root 2323d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root String8 source8(srcKey); 2324655b958eb2180c7c06889f83f606d23421bf038cKenny Root String8 sourceFile(mKeyStore->getKeyNameForUidWithDir(source8, srcUid)); 2325d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root 2326d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root String8 target8(destKey); 2327fa27d5bbc366e4ecb45aee5ae08565ab3ad3dcbcKenny Root String8 targetFile(mKeyStore->getKeyNameForUidWithDir(target8, destUid)); 23280225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root 2329655b958eb2180c7c06889f83f606d23421bf038cKenny Root if (access(targetFile.string(), W_OK) != -1 || errno != ENOENT) { 2330655b958eb2180c7c06889f83f606d23421bf038cKenny Root ALOGD("destination already exists: %s", targetFile.string()); 23310225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root return ::SYSTEM_ERROR; 23320225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root } 23330225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root 2334d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root Blob keyBlob; 2335655b958eb2180c7c06889f83f606d23421bf038cKenny Root ResponseCode responseCode = mKeyStore->get(sourceFile.string(), &keyBlob, TYPE_ANY, 2336fa27d5bbc366e4ecb45aee5ae08565ab3ad3dcbcKenny Root srcUid); 2337d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root if (responseCode != ::NO_ERROR) { 2338d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root return responseCode; 23390225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root } 2340d53bc92f1cc4eb669ec015480cebe5ae7aaaf7cfKenny Root 2341fa27d5bbc366e4ecb45aee5ae08565ab3ad3dcbcKenny Root return mKeyStore->put(targetFile.string(), &keyBlob, destUid); 23420225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root } 23430225407783ee339164a0cd8ca5ef04c99d27c59aKenny Root 23441b0e3933900c7ea21189704d5db64e7346aee7afKenny Root int32_t is_hardware_backed(const String16& keyType) { 23451b0e3933900c7ea21189704d5db64e7346aee7afKenny Root return mKeyStore->isHardwareBacked(keyType) ? 1 : 0; 23468ddf35a6e1fd80a7d0685041d2bfc77078277c9dKenny Root } 23478ddf35a6e1fd80a7d0685041d2bfc77078277c9dKenny Root 2348fa27d5bbc366e4ecb45aee5ae08565ab3ad3dcbcKenny Root int32_t clear_uid(int64_t targetUid64) { 2349fa27d5bbc366e4ecb45aee5ae08565ab3ad3dcbcKenny Root uid_t targetUid = static_cast<uid_t>(targetUid64); 2350a9bb549868035e05450a9b918f8d7de9deca5343Kenny Root uid_t callingUid = IPCThreadState::self()->getCallingUid(); 2351eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn pid_t spid = IPCThreadState::self()->getCallingPid(); 2352eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (!has_permission(callingUid, P_CLEAR_UID, spid)) { 2353a9bb549868035e05450a9b918f8d7de9deca5343Kenny Root ALOGW("permission denied for %d: clear_uid", callingUid); 2354a9bb549868035e05450a9b918f8d7de9deca5343Kenny Root return ::PERMISSION_DENIED; 2355a9bb549868035e05450a9b918f8d7de9deca5343Kenny Root } 2356a9bb549868035e05450a9b918f8d7de9deca5343Kenny Root 2357fa27d5bbc366e4ecb45aee5ae08565ab3ad3dcbcKenny Root if (targetUid64 == -1) { 2358fa27d5bbc366e4ecb45aee5ae08565ab3ad3dcbcKenny Root targetUid = callingUid; 2359007cb236ada4b3d70815f03dd07116a5e187f4ddKenny Root } else if (!is_self_or_system(callingUid, targetUid)) { 2360007cb236ada4b3d70815f03dd07116a5e187f4ddKenny Root ALOGW("permission denied for %d: clear_uid %d", callingUid, targetUid); 2361fa27d5bbc366e4ecb45aee5ae08565ab3ad3dcbcKenny Root return ::PERMISSION_DENIED; 2362fa27d5bbc366e4ecb45aee5ae08565ab3ad3dcbcKenny Root } 2363fa27d5bbc366e4ecb45aee5ae08565ab3ad3dcbcKenny Root 2364919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker const keymaster1_device_t* device = mKeyStore->getDevice(); 2365a9bb549868035e05450a9b918f8d7de9deca5343Kenny Root if (device == NULL) { 2366655b958eb2180c7c06889f83f606d23421bf038cKenny Root ALOGW("can't get keymaster device"); 2367a9bb549868035e05450a9b918f8d7de9deca5343Kenny Root return ::SYSTEM_ERROR; 2368a9bb549868035e05450a9b918f8d7de9deca5343Kenny Root } 2369a9bb549868035e05450a9b918f8d7de9deca5343Kenny Root 23704b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee String8 prefix = String8::format("%u_", targetUid); 23714b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee Vector<String16> aliases; 23724b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee if (mKeyStore->saw(prefix, &aliases, targetUid) != ::NO_ERROR) { 2373a9bb549868035e05450a9b918f8d7de9deca5343Kenny Root return ::SYSTEM_ERROR; 2374a9bb549868035e05450a9b918f8d7de9deca5343Kenny Root } 2375a9bb549868035e05450a9b918f8d7de9deca5343Kenny Root 23764b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee for (uint32_t i = 0; i < aliases.size(); i++) { 23774b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee String8 name8(aliases[i]); 23784b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, targetUid)); 23794b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee mKeyStore->del(filename.string(), ::TYPE_ANY, targetUid); 2380a9bb549868035e05450a9b918f8d7de9deca5343Kenny Root } 23814b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee return ::NO_ERROR; 2382a9bb549868035e05450a9b918f8d7de9deca5343Kenny Root } 2383a9bb549868035e05450a9b918f8d7de9deca5343Kenny Root 23844b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee int32_t reset_uid(int32_t targetUid) { 23854e865753346fc6a075966972a7a98051818859dbRobin Lee uid_t callingUid = IPCThreadState::self()->getCallingUid(); 23864e865753346fc6a075966972a7a98051818859dbRobin Lee pid_t spid = IPCThreadState::self()->getCallingPid(); 23874b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee 23884e865753346fc6a075966972a7a98051818859dbRobin Lee if (!has_permission(callingUid, P_RESET_UID, spid)) { 23894b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee ALOGW("permission denied for %d: reset_uid %d", callingUid, targetUid); 23904e865753346fc6a075966972a7a98051818859dbRobin Lee return ::PERMISSION_DENIED; 23914e865753346fc6a075966972a7a98051818859dbRobin Lee } 23924b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee if (!is_self_or_system(callingUid, targetUid)) { 23934b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee ALOGW("permission denied for %d: reset_uid %d", callingUid, targetUid); 23944e865753346fc6a075966972a7a98051818859dbRobin Lee return ::PERMISSION_DENIED; 23954e865753346fc6a075966972a7a98051818859dbRobin Lee } 23964e865753346fc6a075966972a7a98051818859dbRobin Lee 23974b84fdc21457e16b08dc2738f4744c9ca7f7cc46Robin Lee return mKeyStore->reset(targetUid) ? ::NO_ERROR : ::SYSTEM_ERROR; 23984e865753346fc6a075966972a7a98051818859dbRobin Lee } 23994e865753346fc6a075966972a7a98051818859dbRobin Lee 24004e865753346fc6a075966972a7a98051818859dbRobin Lee int32_t sync_uid(int32_t sourceUid, int32_t targetUid) { 24014e865753346fc6a075966972a7a98051818859dbRobin Lee uid_t callingUid = IPCThreadState::self()->getCallingUid(); 24024e865753346fc6a075966972a7a98051818859dbRobin Lee pid_t spid = IPCThreadState::self()->getCallingPid(); 24034e865753346fc6a075966972a7a98051818859dbRobin Lee if (!has_permission(callingUid, P_SYNC_UID, spid)) { 24044e865753346fc6a075966972a7a98051818859dbRobin Lee ALOGW("permission denied for %d: sync_uid %d -> %d", callingUid, sourceUid, targetUid); 24054e865753346fc6a075966972a7a98051818859dbRobin Lee return ::PERMISSION_DENIED; 24064e865753346fc6a075966972a7a98051818859dbRobin Lee } 24074e865753346fc6a075966972a7a98051818859dbRobin Lee if (callingUid != AID_SYSTEM) { 24084e865753346fc6a075966972a7a98051818859dbRobin Lee ALOGW("permission denied for %d: sync_uid %d -> %d", callingUid, sourceUid, targetUid); 24094e865753346fc6a075966972a7a98051818859dbRobin Lee return ::PERMISSION_DENIED; 24104e865753346fc6a075966972a7a98051818859dbRobin Lee } 24114e865753346fc6a075966972a7a98051818859dbRobin Lee if (sourceUid == targetUid) { 24124e865753346fc6a075966972a7a98051818859dbRobin Lee return ::SYSTEM_ERROR; 24134e865753346fc6a075966972a7a98051818859dbRobin Lee } 24144e865753346fc6a075966972a7a98051818859dbRobin Lee 24154e865753346fc6a075966972a7a98051818859dbRobin Lee // Initialise user keystore with existing master key held in-memory 24164e865753346fc6a075966972a7a98051818859dbRobin Lee return mKeyStore->copyMasterKey(sourceUid, targetUid); 24174e865753346fc6a075966972a7a98051818859dbRobin Lee } 24184e865753346fc6a075966972a7a98051818859dbRobin Lee 24194e865753346fc6a075966972a7a98051818859dbRobin Lee int32_t password_uid(const String16& pw, int32_t targetUid) { 24204e865753346fc6a075966972a7a98051818859dbRobin Lee uid_t callingUid = IPCThreadState::self()->getCallingUid(); 24214e865753346fc6a075966972a7a98051818859dbRobin Lee pid_t spid = IPCThreadState::self()->getCallingPid(); 24224e865753346fc6a075966972a7a98051818859dbRobin Lee if (!has_permission(callingUid, P_PASSWORD_UID, spid)) { 24234e865753346fc6a075966972a7a98051818859dbRobin Lee ALOGW("permission denied for %d: password_uid %d", callingUid, targetUid); 24244e865753346fc6a075966972a7a98051818859dbRobin Lee return ::PERMISSION_DENIED; 24254e865753346fc6a075966972a7a98051818859dbRobin Lee } 24264e865753346fc6a075966972a7a98051818859dbRobin Lee if (callingUid != AID_SYSTEM) { 24274e865753346fc6a075966972a7a98051818859dbRobin Lee ALOGW("permission denied for %d: password_uid %d", callingUid, targetUid); 24284e865753346fc6a075966972a7a98051818859dbRobin Lee return ::PERMISSION_DENIED; 24294e865753346fc6a075966972a7a98051818859dbRobin Lee } 24304e865753346fc6a075966972a7a98051818859dbRobin Lee 24314e865753346fc6a075966972a7a98051818859dbRobin Lee const String8 password8(pw); 24324e865753346fc6a075966972a7a98051818859dbRobin Lee 24334e865753346fc6a075966972a7a98051818859dbRobin Lee switch (mKeyStore->getState(targetUid)) { 24344e865753346fc6a075966972a7a98051818859dbRobin Lee case ::STATE_UNINITIALIZED: { 24354e865753346fc6a075966972a7a98051818859dbRobin Lee // generate master key, encrypt with password, write to file, initialize mMasterKey*. 24364e865753346fc6a075966972a7a98051818859dbRobin Lee return mKeyStore->initializeUser(password8, targetUid); 24374e865753346fc6a075966972a7a98051818859dbRobin Lee } 24384e865753346fc6a075966972a7a98051818859dbRobin Lee case ::STATE_NO_ERROR: { 24394e865753346fc6a075966972a7a98051818859dbRobin Lee // rewrite master key with new password. 24404e865753346fc6a075966972a7a98051818859dbRobin Lee return mKeyStore->writeMasterKey(password8, targetUid); 24414e865753346fc6a075966972a7a98051818859dbRobin Lee } 24424e865753346fc6a075966972a7a98051818859dbRobin Lee case ::STATE_LOCKED: { 24434e865753346fc6a075966972a7a98051818859dbRobin Lee // read master key, decrypt with password, initialize mMasterKey*. 24444e865753346fc6a075966972a7a98051818859dbRobin Lee return mKeyStore->readMasterKey(password8, targetUid); 24454e865753346fc6a075966972a7a98051818859dbRobin Lee } 24464e865753346fc6a075966972a7a98051818859dbRobin Lee } 24474e865753346fc6a075966972a7a98051818859dbRobin Lee return ::SYSTEM_ERROR; 24484e865753346fc6a075966972a7a98051818859dbRobin Lee } 24494e865753346fc6a075966972a7a98051818859dbRobin Lee 24509c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker int32_t addRngEntropy(const uint8_t* data, size_t dataLength) { 24519c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker const keymaster1_device_t* device = mKeyStore->getDevice(); 24529c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker const keymaster1_device_t* fallback = mKeyStore->getFallbackDevice(); 24539c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker int32_t devResult = KM_ERROR_UNIMPLEMENTED; 24549c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker int32_t fallbackResult = KM_ERROR_UNIMPLEMENTED; 24559c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker if (device->common.module->module_api_version >= KEYMASTER_MODULE_API_VERSION_1_0 && 24569c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker device->add_rng_entropy != NULL) { 24579c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker devResult = device->add_rng_entropy(device, data, dataLength); 24589c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker } 24599c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker if (fallback->add_rng_entropy) { 24609c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker fallbackResult = fallback->add_rng_entropy(fallback, data, dataLength); 24619c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker } 24629c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker if (devResult) { 24639c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker return devResult; 24649c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker } 24659c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker if (fallbackResult) { 24669c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker return fallbackResult; 24679c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker } 24689c8612c88dc03dc52d85e7a482453e04e7e3e2a2Chad Brubaker return ::NO_ERROR; 24699899d6b392e8223c3c00bfccadd43b18cdc96b4fChad Brubaker } 24709899d6b392e8223c3c00bfccadd43b18cdc96b4fChad Brubaker 247117d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker int32_t generateKey(const String16& name, const KeymasterArguments& params, 2472154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker const uint8_t* entropy, size_t entropyLength, int uid, int flags, 2473154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker KeyCharacteristics* outCharacteristics) { 247417d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker uid_t callingUid = IPCThreadState::self()->getCallingUid(); 247517d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker pid_t callingPid = IPCThreadState::self()->getCallingPid(); 247617d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker if (!has_permission(callingUid, P_INSERT, callingPid)) { 247717d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker ALOGW("permission denied for %d: generateKey", callingUid); 247817d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker return ::PERMISSION_DENIED; 247917d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker } 248017d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker 248117d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker State state = mKeyStore->getState(callingUid); 248217d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker if ((flags & KEYSTORE_FLAG_ENCRYPTED) && !isKeystoreUnlocked(state)) { 248317d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker ALOGW("calling generate in state: %d", state); 248417d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker return state; 248517d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker } 248617d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker 248717d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker if (uid == -1) { 248817d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker uid = callingUid; 248917d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker } else if (!is_granted_to(callingUid, uid)) { 249017d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker return ::PERMISSION_DENIED; 249117d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker } 249217d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker 249317d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker int rc = KM_ERROR_UNIMPLEMENTED; 249417d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker bool isFallback = false; 249517d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker keymaster_key_blob_t blob; 249617d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker keymaster_key_characteristics_t *out = NULL; 249717d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker 249817d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker const keymaster1_device_t* device = mKeyStore->getDevice(); 249917d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker const keymaster1_device_t* fallback = mKeyStore->getFallbackDevice(); 250017d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker if (device == NULL) { 250117d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker return ::SYSTEM_ERROR; 250217d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker } 2503154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker // TODO: Seed from Linux RNG before this. 250417d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker if (device->common.module->module_api_version >= KEYMASTER_MODULE_API_VERSION_1_0 && 250517d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker device->generate_key != NULL) { 2506154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker if (!entropy) { 2507154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker rc = KM_ERROR_OK; 2508154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker } else if (device->add_rng_entropy) { 2509154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker rc = device->add_rng_entropy(device, entropy, entropyLength); 2510154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker } else { 2511154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker rc = KM_ERROR_UNIMPLEMENTED; 2512154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker } 2513154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker if (rc == KM_ERROR_OK) { 2514154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker rc = device->generate_key(device, params.params.data(), params.params.size(), 2515154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker &blob, &out); 2516154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker } 251717d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker } 251817d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker // If the HW device didn't support generate_key or generate_key failed 251917d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker // fall back to the software implementation. 252017d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker if (rc && fallback->generate_key != NULL) { 252117d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker isFallback = true; 2522154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker if (!entropy) { 2523154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker rc = KM_ERROR_OK; 2524154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker } else if (fallback->add_rng_entropy) { 2525154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker rc = fallback->add_rng_entropy(fallback, entropy, entropyLength); 2526154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker } else { 2527154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker rc = KM_ERROR_UNIMPLEMENTED; 2528154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker } 2529154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker if (rc == KM_ERROR_OK) { 2530154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker rc = fallback->generate_key(fallback, params.params.data(), params.params.size(), 2531154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker &blob, 2532154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker &out); 2533154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker } 253417d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker } 253517d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker 253617d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker if (out) { 253717d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker if (outCharacteristics) { 253817d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker outCharacteristics->characteristics = *out; 253917d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker } else { 254017d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker keymaster_free_characteristics(out); 254117d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker } 254217d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker free(out); 254317d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker } 254417d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker 254517d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker if (rc) { 254617d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker return rc; 254717d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker } 254817d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker 254917d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker String8 name8(name); 255017d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, uid)); 255117d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker 255217d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker Blob keyBlob(blob.key_material, blob.key_material_size, NULL, 0, ::TYPE_KEYMASTER_10); 255317d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker keyBlob.setFallback(isFallback); 255417d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker keyBlob.setEncrypted(flags & KEYSTORE_FLAG_ENCRYPTED); 255517d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker 255617d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker free(const_cast<uint8_t*>(blob.key_material)); 255717d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker 255817d68b9520e66226f1c7b2e1b3bd183ac80ca58bChad Brubaker return mKeyStore->put(filename.string(), &keyBlob, uid); 25599899d6b392e8223c3c00bfccadd43b18cdc96b4fChad Brubaker } 25609899d6b392e8223c3c00bfccadd43b18cdc96b4fChad Brubaker 2561f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker int32_t getKeyCharacteristics(const String16& name, 2562d663442b590b59250062335cc057478001b8e439Chad Brubaker const keymaster_blob_t* clientId, 2563d663442b590b59250062335cc057478001b8e439Chad Brubaker const keymaster_blob_t* appData, 2564f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker KeyCharacteristics* outCharacteristics) { 2565f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker 2566f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker if (!outCharacteristics) { 2567f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker return KM_ERROR_UNEXPECTED_NULL_POINTER; 2568f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker } 2569f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker 2570f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker uid_t callingUid = IPCThreadState::self()->getCallingUid(); 2571f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker 2572f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker Blob keyBlob; 2573f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker String8 name8(name); 2574f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker int rc; 2575f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker 2576f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker ResponseCode responseCode = mKeyStore->getKeyForName(&keyBlob, name8, callingUid, 2577f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker TYPE_KEYMASTER_10); 2578f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker if (responseCode != ::NO_ERROR) { 2579f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker return responseCode; 2580f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker } 2581f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker keymaster_key_blob_t key; 2582f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker key.key_material_size = keyBlob.getLength(); 2583f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker key.key_material = keyBlob.getValue(); 2584f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker keymaster1_device_t* dev = mKeyStore->getDeviceForBlob(keyBlob); 2585f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker keymaster_key_characteristics_t *out = NULL; 2586f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker if (!dev->get_key_characteristics) { 2587f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker ALOGW("device does not implement get_key_characteristics"); 2588f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker return KM_ERROR_UNIMPLEMENTED; 2589f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker } 2590d663442b590b59250062335cc057478001b8e439Chad Brubaker rc = dev->get_key_characteristics(dev, &key, clientId, appData, &out); 2591f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker if (out) { 2592f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker outCharacteristics->characteristics = *out; 2593f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker free(out); 2594f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker } 2595f3f071fc5020fa5255f49e898a7c4a1cbf824a99Chad Brubaker return rc ? rc : ::NO_ERROR; 25969899d6b392e8223c3c00bfccadd43b18cdc96b4fChad Brubaker } 25979899d6b392e8223c3c00bfccadd43b18cdc96b4fChad Brubaker 25984c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker int32_t importKey(const String16& name, const KeymasterArguments& params, 25994c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker keymaster_key_format_t format, const uint8_t *keyData, 26004c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker size_t keyLength, int uid, int flags, 26014c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker KeyCharacteristics* outCharacteristics) { 26024c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker uid_t callingUid = IPCThreadState::self()->getCallingUid(); 26034c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker pid_t spid = IPCThreadState::self()->getCallingPid(); 26044c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker if (!has_permission(callingUid, P_INSERT, spid)) { 26054c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker ALOGW("permission denied for %d: importKey", callingUid); 26064c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker return ::PERMISSION_DENIED; 26074c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker } 26084c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker 26094c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker State state = mKeyStore->getState(callingUid); 26104c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker if ((flags & KEYSTORE_FLAG_ENCRYPTED) && !isKeystoreUnlocked(state)) { 26114c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker ALOGW("calling importKey in state: %d", state); 26124c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker return state; 26134c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker } 26144c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker 26154c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker if (uid == -1) { 26164c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker uid = callingUid; 26174c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker } else if (!is_granted_to(callingUid, uid)) { 26184c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker ALOGW("not granted to %d %d", callingUid, uid); 26194c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker return ::PERMISSION_DENIED; 26204c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker } 26214c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker 26224c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker int rc = KM_ERROR_UNIMPLEMENTED; 26234c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker bool isFallback = false; 26244c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker keymaster_key_blob_t blob; 26254c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker keymaster_key_characteristics_t *out = NULL; 26264c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker 26274c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker const keymaster1_device_t* device = mKeyStore->getDevice(); 26284c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker const keymaster1_device_t* fallback = mKeyStore->getFallbackDevice(); 26294c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker if (device == NULL) { 26304c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker return ::SYSTEM_ERROR; 26314c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker } 26324c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker if (device->common.module->module_api_version >= KEYMASTER_MODULE_API_VERSION_1_0 && 26334c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker device->import_key != NULL) { 26344c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker rc = device->import_key(device, params.params.data(), params.params.size(), 26354c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker format, keyData, keyLength, &blob, &out); 26364c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker } 26374c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker if (rc && fallback->import_key != NULL) { 26384c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker isFallback = true; 26394c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker rc = fallback->import_key(fallback, params.params.data(), params.params.size(), 26404c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker format, keyData, keyLength, &blob, &out); 26414c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker } 26424c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker if (out) { 26434c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker if (outCharacteristics) { 26444c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker outCharacteristics->characteristics = *out; 26454c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker } else { 26464c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker keymaster_free_characteristics(out); 26474c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker } 26484c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker free(out); 26494c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker } 26504c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker if (rc) { 26514c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker return rc; 26524c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker } 26534c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker 26544c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker String8 name8(name); 26554c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, uid)); 26564c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker 26574c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker Blob keyBlob(blob.key_material, blob.key_material_size, NULL, 0, ::TYPE_KEYMASTER_10); 26584c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker keyBlob.setFallback(isFallback); 26594c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker keyBlob.setEncrypted(flags & KEYSTORE_FLAG_ENCRYPTED); 26604c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker 26614c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker free((void*) blob.key_material); 26624c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker 26634c353cb98e52e2ea8f051b517fec064f1d3fa99fChad Brubaker return mKeyStore->put(filename.string(), &keyBlob, uid); 26649899d6b392e8223c3c00bfccadd43b18cdc96b4fChad Brubaker } 26659899d6b392e8223c3c00bfccadd43b18cdc96b4fChad Brubaker 266607b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker void exportKey(const String16& name, keymaster_key_format_t format, 2667d663442b590b59250062335cc057478001b8e439Chad Brubaker const keymaster_blob_t* clientId, 2668d663442b590b59250062335cc057478001b8e439Chad Brubaker const keymaster_blob_t* appData, ExportResult* result) { 266907b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker 267007b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker uid_t callingUid = IPCThreadState::self()->getCallingUid(); 267107b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker 267207b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker Blob keyBlob; 267307b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker String8 name8(name); 267407b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker int rc; 267507b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker 267607b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker ResponseCode responseCode = mKeyStore->getKeyForName(&keyBlob, name8, callingUid, 267707b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker TYPE_KEYMASTER_10); 267807b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker if (responseCode != ::NO_ERROR) { 267907b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker result->resultCode = responseCode; 268007b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker return; 268107b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker } 268207b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker keymaster_key_blob_t key; 268307b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker key.key_material_size = keyBlob.getLength(); 268407b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker key.key_material = keyBlob.getValue(); 268507b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker keymaster1_device_t* dev = mKeyStore->getDeviceForBlob(keyBlob); 268607b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker if (!dev->export_key) { 268707b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker result->resultCode = KM_ERROR_UNIMPLEMENTED; 268807b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker return; 268907b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker } 269007b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker uint8_t* ptr = NULL; 2691d663442b590b59250062335cc057478001b8e439Chad Brubaker rc = dev->export_key(dev, format, &key, clientId, appData, 269207b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker &ptr, &result->dataLength); 269307b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker result->exportData.reset(ptr); 269407b0cda3b14d16205ce3040d00bc18d15eda5fdcChad Brubaker result->resultCode = rc ? rc : ::NO_ERROR; 26959899d6b392e8223c3c00bfccadd43b18cdc96b4fChad Brubaker } 26969899d6b392e8223c3c00bfccadd43b18cdc96b4fChad Brubaker 269740a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker void begin(const sp<IBinder>& appToken, const String16& name, keymaster_purpose_t purpose, 2698154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker bool pruneable, const KeymasterArguments& params, const uint8_t* entropy, 2699154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker size_t entropyLength, KeymasterArguments* outParams, OperationResult* result) { 270040a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker if (!result || !outParams) { 270140a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker ALOGE("Unexpected null arguments to begin()"); 270240a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker return; 270340a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker } 270440a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker uid_t callingUid = IPCThreadState::self()->getCallingUid(); 270540a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker if (!pruneable && get_app_id(callingUid) != AID_SYSTEM) { 270640a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker ALOGE("Non-system uid %d trying to start non-pruneable operation", callingUid); 270740a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker result->resultCode = ::PERMISSION_DENIED; 270840a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker return; 270940a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker } 271040a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker Blob keyBlob; 271140a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker String8 name8(name); 271240a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker ResponseCode responseCode = mKeyStore->getKeyForName(&keyBlob, name8, callingUid, 271340a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker TYPE_KEYMASTER_10); 271440a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker if (responseCode != ::NO_ERROR) { 271540a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker result->resultCode = responseCode; 271640a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker return; 271740a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker } 271840a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker keymaster_key_blob_t key; 271940a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker key.key_material_size = keyBlob.getLength(); 272040a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker key.key_material = keyBlob.getValue(); 272140a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker keymaster_key_param_t* out; 272240a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker size_t outSize; 272340a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker keymaster_operation_handle_t handle; 272440a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker keymaster1_device_t* dev = mKeyStore->getDeviceForBlob(keyBlob); 2725154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker keymaster_error_t err = KM_ERROR_UNIMPLEMENTED; 2726154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker // Add entropy to the device first. 2727154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker if (entropy) { 2728154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker if (dev->add_rng_entropy) { 2729154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker err = dev->add_rng_entropy(dev, entropy, entropyLength); 2730154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker } else { 2731154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker err = KM_ERROR_UNIMPLEMENTED; 2732154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker } 2733154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker if (err) { 2734154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker result->resultCode = err; 2735154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker return; 2736154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker } 2737154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker } 273840a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker // TODO: Check authorization. 2739154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker err = dev->begin(dev, purpose, &key, params.params.data(), params.params.size(), &out, 2740154d7699cc30ef5156d6497258c4dd350fcb1286Chad Brubaker &outSize, &handle); 274140a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker 274240a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker // If there are too many operations abort the oldest operation that was 274340a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker // started as pruneable and try again. 274440a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker while (err == KM_ERROR_TOO_MANY_OPERATIONS && mOperationMap.hasPruneableOperation()) { 274540a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker sp<IBinder> oldest = mOperationMap.getOldestPruneableOperation(); 274640a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker ALOGD("Ran out of operation handles, trying to prune %p", oldest.get()); 274740a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker if (abort(oldest) != ::NO_ERROR) { 274840a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker break; 274940a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker } 275040a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker err = dev->begin(dev, purpose, &key, params.params.data(), 275140a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker params.params.size(), &out, &outSize, 275240a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker &handle); 275340a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker } 275440a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker if (err) { 275540a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker result->resultCode = err; 275640a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker return; 275740a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker } 275840a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker if (out) { 275940a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker outParams->params.assign(out, out + outSize); 276040a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker free(out); 276140a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker } 27629899d6b392e8223c3c00bfccadd43b18cdc96b4fChad Brubaker 276340a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker sp<IBinder> operationToken = mOperationMap.addOperation(handle, dev, appToken, pruneable); 276440a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker result->resultCode = ::NO_ERROR; 276540a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker result->token = operationToken; 27669899d6b392e8223c3c00bfccadd43b18cdc96b4fChad Brubaker } 27679899d6b392e8223c3c00bfccadd43b18cdc96b4fChad Brubaker 276840a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker void update(const sp<IBinder>& token, const KeymasterArguments& params, const uint8_t* data, 276940a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker size_t dataLength, OperationResult* result) { 277040a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker const keymaster1_device_t* dev; 277140a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker keymaster_operation_handle_t handle; 277240a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker if (!mOperationMap.getOperation(token, &handle, &dev)) { 277340a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker result->resultCode = KM_ERROR_INVALID_OPERATION_HANDLE; 277440a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker return; 277540a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker } 277640a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker uint8_t* output_buf = NULL; 277740a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker size_t output_length = 0; 277840a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker size_t consumed = 0; 277940a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker // TODO: Check authorization. 278040a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker keymaster_error_t err = dev->update(dev, handle, params.params.data(), 278140a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker params.params.size(), data, dataLength, 278240a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker &consumed, &output_buf, &output_length); 278340a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker result->data.reset(output_buf); 278440a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker result->dataLength = output_length; 278540a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker result->inputConsumed = consumed; 278640a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker result->resultCode = err ? (int32_t) err : ::NO_ERROR; 278740a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker } 278840a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker 278940a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker void finish(const sp<IBinder>& token, const KeymasterArguments& params, 279040a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker const uint8_t* signature, size_t signatureLength, OperationResult* result) { 279140a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker const keymaster1_device_t* dev; 279240a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker keymaster_operation_handle_t handle; 279340a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker if (!mOperationMap.getOperation(token, &handle, &dev)) { 279440a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker result->resultCode = KM_ERROR_INVALID_OPERATION_HANDLE; 279540a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker return; 279640a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker } 279740a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker uint8_t* output_buf = NULL; 279840a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker size_t output_length = 0; 279940a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker // TODO: Check authorization. 280040a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker keymaster_error_t err = dev->finish(dev, handle, params.params.data(), 280140a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker params.params.size(), signature, signatureLength, 280240a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker &output_buf, &output_length); 280340a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker // Remove the operation regardless of the result 280440a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker mOperationMap.removeOperation(token); 280540a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker result->data.reset(output_buf); 280640a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker result->dataLength = output_length; 280740a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker result->resultCode = err ? (int32_t) err : ::NO_ERROR; 280840a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker } 280940a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker 281040a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker int32_t abort(const sp<IBinder>& token) { 281140a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker const keymaster1_device_t* dev; 281240a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker keymaster_operation_handle_t handle; 281340a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker if (!mOperationMap.getOperation(token, &handle, &dev)) { 281440a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker return KM_ERROR_INVALID_OPERATION_HANDLE; 281540a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker } 281640a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker mOperationMap.removeOperation(token); 281740a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker if (!dev->abort) { 281840a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker return KM_ERROR_UNIMPLEMENTED; 281940a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker } 282040a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker int32_t rc = dev->abort(dev, handle); 282140a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker if (rc) { 282240a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker return rc; 282340a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker } 282440a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker return ::NO_ERROR; 28259899d6b392e8223c3c00bfccadd43b18cdc96b4fChad Brubaker } 28269899d6b392e8223c3c00bfccadd43b18cdc96b4fChad Brubaker 282707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Rootprivate: 28289d45d1caba5135e6b8bd6d05d449e8dcf52b6802Kenny Root inline bool isKeystoreUnlocked(State state) { 28299d45d1caba5135e6b8bd6d05d449e8dcf52b6802Kenny Root switch (state) { 28309d45d1caba5135e6b8bd6d05d449e8dcf52b6802Kenny Root case ::STATE_NO_ERROR: 28319d45d1caba5135e6b8bd6d05d449e8dcf52b6802Kenny Root return true; 28329d45d1caba5135e6b8bd6d05d449e8dcf52b6802Kenny Root case ::STATE_UNINITIALIZED: 28339d45d1caba5135e6b8bd6d05d449e8dcf52b6802Kenny Root case ::STATE_LOCKED: 28349d45d1caba5135e6b8bd6d05d449e8dcf52b6802Kenny Root return false; 28359d45d1caba5135e6b8bd6d05d449e8dcf52b6802Kenny Root } 28369d45d1caba5135e6b8bd6d05d449e8dcf52b6802Kenny Root return false; 2837a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 283807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 2839919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker bool isKeyTypeSupported(const keymaster1_device_t* device, keymaster_keypair_t keyType) { 28401d448c074a86ef5d05a22fdf1358718976628a86Kenny Root const int32_t device_api = device->common.module->module_api_version; 28411d448c074a86ef5d05a22fdf1358718976628a86Kenny Root if (device_api == KEYMASTER_MODULE_API_VERSION_0_2) { 28421d448c074a86ef5d05a22fdf1358718976628a86Kenny Root switch (keyType) { 28431d448c074a86ef5d05a22fdf1358718976628a86Kenny Root case TYPE_RSA: 28441d448c074a86ef5d05a22fdf1358718976628a86Kenny Root case TYPE_DSA: 28451d448c074a86ef5d05a22fdf1358718976628a86Kenny Root case TYPE_EC: 28461d448c074a86ef5d05a22fdf1358718976628a86Kenny Root return true; 28471d448c074a86ef5d05a22fdf1358718976628a86Kenny Root default: 28481d448c074a86ef5d05a22fdf1358718976628a86Kenny Root return false; 28491d448c074a86ef5d05a22fdf1358718976628a86Kenny Root } 28501d448c074a86ef5d05a22fdf1358718976628a86Kenny Root } else if (device_api >= KEYMASTER_MODULE_API_VERSION_0_3) { 28511d448c074a86ef5d05a22fdf1358718976628a86Kenny Root switch (keyType) { 28521d448c074a86ef5d05a22fdf1358718976628a86Kenny Root case TYPE_RSA: 28531d448c074a86ef5d05a22fdf1358718976628a86Kenny Root return true; 28541d448c074a86ef5d05a22fdf1358718976628a86Kenny Root case TYPE_DSA: 28551d448c074a86ef5d05a22fdf1358718976628a86Kenny Root return device->flags & KEYMASTER_SUPPORTS_DSA; 28561d448c074a86ef5d05a22fdf1358718976628a86Kenny Root case TYPE_EC: 28571d448c074a86ef5d05a22fdf1358718976628a86Kenny Root return device->flags & KEYMASTER_SUPPORTS_EC; 28581d448c074a86ef5d05a22fdf1358718976628a86Kenny Root default: 28591d448c074a86ef5d05a22fdf1358718976628a86Kenny Root return false; 28601d448c074a86ef5d05a22fdf1358718976628a86Kenny Root } 28611d448c074a86ef5d05a22fdf1358718976628a86Kenny Root } else { 28621d448c074a86ef5d05a22fdf1358718976628a86Kenny Root return keyType == TYPE_RSA; 28631d448c074a86ef5d05a22fdf1358718976628a86Kenny Root } 28641d448c074a86ef5d05a22fdf1358718976628a86Kenny Root } 28651d448c074a86ef5d05a22fdf1358718976628a86Kenny Root 286607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root ::KeyStore* mKeyStore; 286740a1a9b306d4e3c85b24f80ff39841507cf42357Chad Brubaker OperationMap mOperationMap; 286807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root}; 286907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root 287007438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root}; // namespace android 2871a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 2872a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Rootint main(int argc, char* argv[]) { 2873a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (argc < 2) { 2874a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root ALOGE("A directory must be specified!"); 2875a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return 1; 2876a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 2877a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (chdir(argv[1]) == -1) { 2878a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root ALOGE("chdir: %s: %s", argv[1], strerror(errno)); 2879a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return 1; 2880a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 2881a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root 2882a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root Entropy entropy; 2883a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root if (!entropy.open()) { 2884a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return 1; 2885a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 288670e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2887a5bbf2fb2a4853ecf6ae77ffee3efeb7a862498aShawn Willden keymaster0_device_t* dev; 288870e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root if (keymaster_device_initialize(&dev)) { 288970e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root ALOGE("keystore keymaster could not be initialized; exiting"); 289070e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root return 1; 289170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root } 289270e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 2893919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker keymaster1_device_t* fallback; 2894fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker if (fallback_keymaster_device_initialize(&fallback)) { 2895fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker ALOGE("software keymaster could not be initialized; exiting"); 2896fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker return 1; 2897fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker } 2898fc18edcdfe2f7774e621030d51338f3216170b97Chad Brubaker 2899eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn ks_is_selinux_enabled = is_selinux_enabled(); 2900eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (ks_is_selinux_enabled) { 2901eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn union selinux_callback cb; 2902eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn cb.func_log = selinux_log_callback; 2903eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn selinux_set_callback(SELINUX_CB_LOG, cb); 2904eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn if (getcon(&tctx) != 0) { 2905eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn ALOGE("SELinux: Could not acquire target context. Aborting keystore.\n"); 2906eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn return -1; 2907eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn } 2908eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn } else { 2909eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn ALOGI("SELinux: Keystore SELinux is disabled.\n"); 2910eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn } 2911eaabae9bf8ff0873b0ece2a835f71ee6c6b49437Riley Spahn 2912919cb2a5a9dabd61cb02eff7a589f9f1f0f793eeChad Brubaker KeyStore keyStore(&entropy, reinterpret_cast<keymaster1_device_t*>(dev), fallback); 2913655b958eb2180c7c06889f83f606d23421bf038cKenny Root keyStore.initialize(); 291407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root android::sp<android::IServiceManager> sm = android::defaultServiceManager(); 291507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root android::sp<android::KeyStoreProxy> proxy = new android::KeyStoreProxy(&keyStore); 291607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root android::status_t ret = sm->addService(android::String16("android.security.keystore"), proxy); 291707438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root if (ret != android::OK) { 291807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root ALOGE("Couldn't register binder service!"); 291907438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root return -1; 2920a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root } 292170e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 292207438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root /* 292307438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * We're the only thread in existence, so we're just going to process 292407438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root * Binder transaction as a single-threaded program. 292507438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root */ 292607438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root android::IPCThreadState::self()->joinThreadPool(); 292770e3a86abd2c412d602a018967c01c177eb6cf4eKenny Root 292807438c8d7256d3788dac323b4d0055f201e0bec9Kenny Root keymaster_device_release(dev); 2929a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root return 1; 2930a91203b08350b2fc7efda5b1eab39e7541476b3aKenny Root} 2931