1c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden/* 2c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Copyright (C) 2016 The Android Open Source Project 3c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * 4c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Licensed under the Apache License, Version 2.0 (the "License"); 5c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * you may not use this file except in compliance with the License. 6c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * You may obtain a copy of the License at 7c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * 8c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * http://www.apache.org/licenses/LICENSE-2.0 9c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * 10c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Unless required by applicable law or agreed to in writing, software 11c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * distributed under the License is distributed on an "AS IS" BASIS, 12c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * See the License for the specific language governing permissions and 14c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * limitations under the License. 15c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden */ 16c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 17c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden#ifndef KEYSTORE_KEYSTORE_H_ 18c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden#define KEYSTORE_KEYSTORE_H_ 19c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 20c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden#include "user_state.h" 21c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 22715d023c9294cf4860f73c8d83e82c5aa699add6Shawn Willden#include <hardware/keymaster2.h> 23c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 24c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden#include <utils/Vector.h> 25c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 26c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden#include "blob.h" 27c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 28c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willdentypedef struct { 29c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden uint32_t uid; 30c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden const uint8_t* filename; 31c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden} grant_t; 32c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 33c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willdenclass KeyStore { 34c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden public: 35715d023c9294cf4860f73c8d83e82c5aa699add6Shawn Willden KeyStore(Entropy* entropy, keymaster2_device_t* device, keymaster2_device_t* fallback); 36c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ~KeyStore(); 37c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 38715d023c9294cf4860f73c8d83e82c5aa699add6Shawn Willden keymaster2_device_t* getDevice() const { return mDevice; } 39c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 40715d023c9294cf4860f73c8d83e82c5aa699add6Shawn Willden keymaster2_device_t* getFallbackDevice() const { return mFallbackDevice; } 41c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 42715d023c9294cf4860f73c8d83e82c5aa699add6Shawn Willden keymaster2_device_t* getDeviceForBlob(const Blob& blob) const { 43c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden return blob.isFallback() ? mFallbackDevice : mDevice; 44c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden } 45c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 46c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode initialize(); 47c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 48c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden State getState(uid_t userId) { return getUserState(userId)->getState(); } 49c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 50c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode initializeUser(const android::String8& pw, uid_t userId); 51c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 52c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode copyMasterKey(uid_t srcUser, uid_t dstUser); 53c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode writeMasterKey(const android::String8& pw, uid_t userId); 54c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode readMasterKey(const android::String8& pw, uid_t userId); 55c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 560ab28b78bd06a06a0ffa150cef5876d56212902aTucker Sylvestro android::String8 getKeyName(const android::String8& keyName, const BlobType type); 570ab28b78bd06a06a0ffa150cef5876d56212902aTucker Sylvestro android::String8 getKeyNameForUid(const android::String8& keyName, uid_t uid, 580ab28b78bd06a06a0ffa150cef5876d56212902aTucker Sylvestro const BlobType type); 590ab28b78bd06a06a0ffa150cef5876d56212902aTucker Sylvestro android::String8 getKeyNameForUidWithDir(const android::String8& keyName, uid_t uid, 600ab28b78bd06a06a0ffa150cef5876d56212902aTucker Sylvestro const BlobType type); 61c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 62c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden /* 63c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Delete entries owned by userId. If keepUnencryptedEntries is true 64c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * then only encrypted entries will be removed, otherwise all entries will 65c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * be removed. 66c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden */ 67c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden void resetUser(uid_t userId, bool keepUnenryptedEntries); 68c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden bool isEmpty(uid_t userId) const; 69c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 70c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden void lock(uid_t userId); 71c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 72c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode get(const char* filename, Blob* keyBlob, const BlobType type, uid_t userId); 73c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode put(const char* filename, Blob* keyBlob, uid_t userId); 74c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode del(const char* filename, const BlobType type, uid_t userId); 75c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode list(const android::String8& prefix, android::Vector<android::String16>* matches, 76c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden uid_t userId); 77c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 78c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden void addGrant(const char* filename, uid_t granteeUid); 79c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden bool removeGrant(const char* filename, uid_t granteeUid); 80c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden bool hasGrant(const char* filename, const uid_t uid) const { 81c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden return getGrant(filename, uid) != NULL; 82c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden } 83c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 84c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode importKey(const uint8_t* key, size_t keyLen, const char* filename, uid_t userId, 85c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden int32_t flags); 86c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 87c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden bool isHardwareBacked(const android::String16& keyType) const; 88c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 89c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode getKeyForName(Blob* keyBlob, const android::String8& keyName, const uid_t uid, 90c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden const BlobType type); 91c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 92c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden /** 93c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Returns any existing UserState or creates it if it doesn't exist. 94c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden */ 95c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden UserState* getUserState(uid_t userId); 96c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 97c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden /** 98c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Returns any existing UserState or creates it if it doesn't exist. 99c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden */ 100c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden UserState* getUserStateByUid(uid_t uid); 101c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 102c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden /** 103c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Returns NULL if the UserState doesn't already exist. 104c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden */ 105c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden const UserState* getUserState(uid_t userId) const; 106c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 107c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden /** 108c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Returns NULL if the UserState doesn't already exist. 109c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden */ 110c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden const UserState* getUserStateByUid(uid_t uid) const; 111c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 112c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden private: 113c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden static const char* sOldMasterKey; 114c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden static const char* sMetaDataFile; 115c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden static const android::String16 sRSAKeyType; 116c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden Entropy* mEntropy; 117c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 118715d023c9294cf4860f73c8d83e82c5aa699add6Shawn Willden keymaster2_device_t* mDevice; 119715d023c9294cf4860f73c8d83e82c5aa699add6Shawn Willden keymaster2_device_t* mFallbackDevice; 120c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 121c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden android::Vector<UserState*> mMasterKeys; 122c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 123c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden android::Vector<grant_t*> mGrants; 124c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 125c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden typedef struct { uint32_t version; } keystore_metadata_t; 126c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 127c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden keystore_metadata_t mMetaData; 128c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 129c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden const grant_t* getGrant(const char* filename, uid_t uid) const; 130c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 131c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden /** 132c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Upgrade the key from the current version to whatever is newest. 133c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden */ 134c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden bool upgradeBlob(const char* filename, Blob* blob, const uint8_t oldVersion, 135c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden const BlobType type, uid_t uid); 136c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 137c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden /** 138c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * Takes a blob that is an PEM-encoded RSA key as a byte array and converts it to a DER-encoded 139c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * PKCS#8 for import into a keymaster. Then it overwrites the original blob with the new blob 140c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden * format that is returned from the keymaster. 141c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden */ 142c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden ResponseCode importBlobAsKey(Blob* blob, const char* filename, uid_t uid); 143c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 144c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden void readMetaData(); 145c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden void writeMetaData(); 146c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 147c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden bool upgradeKeystore(); 148c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden}; 149c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden 150c1d1feee514e6138e1ed8ff924f5453ba8e1408aShawn Willden#endif // KEYSTORE_KEYSTORE_H_ 151