1c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden/* 2c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Copyright (C) 2016 The Android Open Source Project 3c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * 4c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Licensed under the Apache License, Version 2.0 (the "License"); 5c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * you may not use this file except in compliance with the License. 6c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * You may obtain a copy of the License at 7c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * 8c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * http://www.apache.org/licenses/LICENSE-2.0 9c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * 10c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Unless required by applicable law or agreed to in writing, software 11c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * distributed under the License is distributed on an "AS IS" BASIS, 12c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * See the License for the specific language governing permissions and 14c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * limitations under the License. 15c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden */ 16c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 17c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden#ifndef KEYSTORE_KEYSTORE_H_ 18c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden#define KEYSTORE_KEYSTORE_H_ 19c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 20c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden#include "user_state.h" 21c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 22715d023c9294cf4860f73c8d83e82c5aa699add6Shawn Willden#include <hardware/keymaster2.h> 23c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 24c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden#include <utils/Vector.h> 25c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 26c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden#include "blob.h" 27c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 28c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willdentypedef struct { 29c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden uint32_t uid; 30c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden const uint8_t* filename; 31c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden} grant_t; 32c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 33c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willdenclass KeyStore { 34c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden public: 35715d023c9294cf4860f73c8d83e82c5aa699add6Shawn Willden KeyStore(Entropy* entropy, keymaster2_device_t* device, keymaster2_device_t* fallback); 36c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ~KeyStore(); 37c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 38715d023c9294cf4860f73c8d83e82c5aa699add6Shawn Willden keymaster2_device_t* getDevice() const { return mDevice; } 39c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 40715d023c9294cf4860f73c8d83e82c5aa699add6Shawn Willden keymaster2_device_t* getFallbackDevice() const { return mFallbackDevice; } 41c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 42715d023c9294cf4860f73c8d83e82c5aa699add6Shawn Willden keymaster2_device_t* getDeviceForBlob(const Blob& blob) const { 43c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden return blob.isFallback() ? mFallbackDevice : mDevice; 44c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden } 45c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 46c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode initialize(); 47c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 48c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden State getState(uid_t userId) { return getUserState(userId)->getState(); } 49c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 50c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode initializeUser(const android::String8& pw, uid_t userId); 51c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 52c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode copyMasterKey(uid_t srcUser, uid_t dstUser); 53c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode writeMasterKey(const android::String8& pw, uid_t userId); 54c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode readMasterKey(const android::String8& pw, uid_t userId); 55c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 56c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden android::String8 getKeyName(const android::String8& keyName); 57c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden android::String8 getKeyNameForUid(const android::String8& keyName, uid_t uid); 58c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden android::String8 getKeyNameForUidWithDir(const android::String8& keyName, uid_t uid); 59c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 60c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden /* 61c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Delete entries owned by userId. If keepUnencryptedEntries is true 62c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * then only encrypted entries will be removed, otherwise all entries will 63c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * be removed. 64c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden */ 65c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden void resetUser(uid_t userId, bool keepUnenryptedEntries); 66c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden bool isEmpty(uid_t userId) const; 67c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 68c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden void lock(uid_t userId); 69c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 70c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode get(const char* filename, Blob* keyBlob, const BlobType type, uid_t userId); 71c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode put(const char* filename, Blob* keyBlob, uid_t userId); 72c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode del(const char* filename, const BlobType type, uid_t userId); 73c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode list(const android::String8& prefix, android::Vector<android::String16>* matches, 74c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden uid_t userId); 75c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 76c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden void addGrant(const char* filename, uid_t granteeUid); 77c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden bool removeGrant(const char* filename, uid_t granteeUid); 78c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden bool hasGrant(const char* filename, const uid_t uid) const { 79c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden return getGrant(filename, uid) != NULL; 80c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden } 81c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 82c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode importKey(const uint8_t* key, size_t keyLen, const char* filename, uid_t userId, 83c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden int32_t flags); 84c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 85c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden bool isHardwareBacked(const android::String16& keyType) const; 86c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 87c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode getKeyForName(Blob* keyBlob, const android::String8& keyName, const uid_t uid, 88c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden const BlobType type); 89c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 90c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden /** 91c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Returns any existing UserState or creates it if it doesn't exist. 92c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden */ 93c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden UserState* getUserState(uid_t userId); 94c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 95c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden /** 96c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Returns any existing UserState or creates it if it doesn't exist. 97c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden */ 98c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden UserState* getUserStateByUid(uid_t uid); 99c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 100c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden /** 101c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Returns NULL if the UserState doesn't already exist. 102c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden */ 103c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden const UserState* getUserState(uid_t userId) const; 104c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 105c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden /** 106c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Returns NULL if the UserState doesn't already exist. 107c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden */ 108c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden const UserState* getUserStateByUid(uid_t uid) const; 109c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 110c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden private: 111c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden static const char* sOldMasterKey; 112c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden static const char* sMetaDataFile; 113c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden static const android::String16 sRSAKeyType; 114c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden Entropy* mEntropy; 115c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 116715d023c9294cf4860f73c8d83e82c5aa699add6Shawn Willden keymaster2_device_t* mDevice; 117715d023c9294cf4860f73c8d83e82c5aa699add6Shawn Willden keymaster2_device_t* mFallbackDevice; 118c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 119c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden android::Vector<UserState*> mMasterKeys; 120c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 121c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden android::Vector<grant_t*> mGrants; 122c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 123c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden typedef struct { uint32_t version; } keystore_metadata_t; 124c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 125c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden keystore_metadata_t mMetaData; 126c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 127c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden const grant_t* getGrant(const char* filename, uid_t uid) const; 128c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 129c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden /** 130c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Upgrade the key from the current version to whatever is newest. 131c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden */ 132c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden bool upgradeBlob(const char* filename, Blob* blob, const uint8_t oldVersion, 133c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden const BlobType type, uid_t uid); 134c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 135c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden /** 136c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Takes a blob that is an PEM-encoded RSA key as a byte array and converts it to a DER-encoded 137c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * PKCS#8 for import into a keymaster. Then it overwrites the original blob with the new blob 138c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * format that is returned from the keymaster. 139c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden */ 140c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode importBlobAsKey(Blob* blob, const char* filename, uid_t uid); 141c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 142c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden void readMetaData(); 143c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden void writeMetaData(); 144c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 145c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden bool upgradeKeystore(); 146c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden}; 147c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 148c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden#endif // KEYSTORE_KEYSTORE_H_ 149