64eae5381d14ca1779f8dee6df67e05d693763ff |
|
25-Apr-2017 |
Dan Stoza <stoza@google.com> |
Revert "Attest device IDs in default keymaster implementation" This reverts commit 16869b93004868b4ae87486357d2b8af793eeaab. Reason for revert: Breaks Ryu build Change-Id: I99d376975077ea731d47454247c97ad1dcccfbc0
/system/keymaster/soft_keymaster_context.cpp
|
16869b93004868b4ae87486357d2b8af793eeaab |
|
20-Apr-2017 |
Bartosz Fabianowski <bartfab@google.com> |
Attest device IDs in default keymaster implementation Check with the KeymasterContext whether the IDs provided to build_attestation_record() in attestation_params are the device's actual IDs. If so, copy them to the AuthorizationSet that will be used to populate the attestation extension of the generated cert. Bug: 37522655 Test: GTS com.google.android.gts.security.DeviceIdAttestationHostTest Change-Id: I3b1116a705112e977faf4748462540cd7cf1b3c4
/system/keymaster/soft_keymaster_context.cpp
|
f72742b87addb025e415d8ec34ca8802b4f146c8 |
|
23-Mar-2017 |
Shawn Willden <swillden@google.com> |
Allow softkeymaster to use default AES key factory. This is needed so that attempts to attest to an AES key fail correctly when softkeymaster is wrapping a keymaster1 implementation. The idea of not having an AES factory at all to provoke errors if it's inadvertently used was nice, but we have adequate testing in place to verify that nothing like that happens without us noticing that AES keys are in software when they should be in hardware (by checking key characteristics). Test: Tested by VTS and CTS Change-Id: If3d340c3c462f559f5463129838a6673fe78286d
/system/keymaster/soft_keymaster_context.cpp
|
3560f7be392fa7f59844b8c5c54c2d75a62aad7b |
|
01-Dec-2016 |
Shawn Willden <swillden@google.com> |
Fully support input to finish() in SoftKeymasterDevice. SoftKeymasterDevice did not support sending input data to finish() when wrapping keymaster1 hardware. Test: CL includes unit tests Change-Id: Ia1e30295904e93093e1ef7b0514304fbb424bbb7
/system/keymaster/soft_keymaster_context.cpp
|
2c3769c267c3fbbfb4edafad0d2518670914aac8 |
|
13-Oct-2016 |
Shawn Willden <swillden@google.com> |
Modify SoftKeymasterDevice to fully handle keymaster1 devices When SoftKeymasterDevice is wrapping a keymaster1 device that does not implement all of the required digests, it simply rejects creation or import of HMAC keys that use an unsupported digest. This works only because keystore has a "fallback" software-only device which will be used to handle the issue. Treblization makes that fallback device rather weird. To allow removal of the fallback device, SoftKeymasterDevice needs to allow creation and import of HMAC keys that cannot be supported by the underlying hardware, creating a software-based key and using the software implementation for operations. This CL makes it do that. Test: Tested by running dev machine unit tests. Bug: 32020919 Change-Id: I6cdb5d57dc3360c279bf94a402c3b8fe3d673950
/system/keymaster/soft_keymaster_context.cpp
|
a23b44c8a5ba14b86d79813f66586774044b0576 |
|
01-Sep-2016 |
Shawn Willden <swillden@google.com> |
Don't reject OS version "upgrades" to zero. b/31208182 Change-Id: I737156aa09345389777ae22b9a8614dfcf8439a5
/system/keymaster/soft_keymaster_context.cpp
|
4c2e0398ccca396478a1e1ed56eb13d971a13f6b |
|
31-Mar-2016 |
Shawn Willden <swillden@google.com> |
Implement Unique ID support. am: 676da6d * commit '676da6ddbf0ca27b63b92bfbd1341ff2e0f76f08': Implement Unique ID support. Change-Id: Icf09a3d8e9988925d24e2aa6041a6141dd2c191d
|
c636e187cb4cb6c5b07fab9bb5d27878690376de |
|
10-Mar-2016 |
Shawn Willden <swillden@google.com> |
Implement key version binding. Change-Id: If0f3bc12380b8b65bf1e60d5d8d039eb972c8a15 (cherry picked from commit cddf3a443abf64f3d77c48886693179c0b8a35bb)
/system/keymaster/soft_keymaster_context.cpp
|
676da6ddbf0ca27b63b92bfbd1341ff2e0f76f08 |
|
10-Mar-2016 |
Shawn Willden <swillden@google.com> |
Implement Unique ID support. Change-Id: Ie1ee2e701a7f10da31a9b448987953dd025f8a11
/system/keymaster/soft_keymaster_context.cpp
|
c15af1910d8f451341d0068b5533816ace5defec |
|
10-Mar-2016 |
Shawn Willden <swillden@google.com> |
Implement key version binding. Change-Id: If0f3bc12380b8b65bf1e60d5d8d039eb972c8a15
/system/keymaster/soft_keymaster_context.cpp
|
4263b591c4cc33d16cdbfb8b11d9cf5373ec89ba |
|
14-Jan-2016 |
Adam Langley <agl@chromium.org> |
system/keymaster: don't pass a structure into |d2i_PrivateKey|. Some OpenSSL parsing functions have, historically, allowed a structure to be passed in to reuse that memory. There have been many bugs arising from this corner case and it's generally best to avoid it. This change just passes in NULL because a new structure was being allocated anyway. Also, the API didn't guarantee that the memory would always be reused – code had to check the updated pointer, which this didn't do. So it might have broken in the future. (This change mirrors https://android-review.googlesource.com/#/c/196590/1) Change-Id: I5fed1020997cb8708706bbeb37a1e9bb1e6f71d3
/system/keymaster/soft_keymaster_context.cpp
|
c9b02d1746655627217715767b0d4fd13815114b |
|
28-Jan-2016 |
Shawn Willden <swillden@google.com> |
Revert "Revert "Add attestation support to KeymasterContext"" This reverts commit 7f67762712863e33931d75bf5e442ab59b2ee43d. Change-Id: Ia2e9b1b1ee5a070a343d8866adb7cd479abb4366
/system/keymaster/soft_keymaster_context.cpp
|
7f67762712863e33931d75bf5e442ab59b2ee43d |
|
28-Jan-2016 |
Shawn Willden <swillden@google.com> |
Revert "Add attestation support to KeymasterContext" This reverts commit 7989c2bf8ad56518465b96bba61432de1a66bbf1. Change-Id: Ia7f1aef880187c3ef7c399121edb11cf7d16b654
/system/keymaster/soft_keymaster_context.cpp
|
fc3cafd487e69c84d83444e1d129d0ab131c4e3d |
|
11-Jan-2016 |
Shawn Willden <swillden@google.com> |
Add attestation support to SoftKeymaster. Bug: 22914603 Change-Id: I7650f1b691665bce3024556c2ea38e122c9cb2cf
/system/keymaster/soft_keymaster_context.cpp
|
7989c2bf8ad56518465b96bba61432de1a66bbf1 |
|
06-Jan-2016 |
Shawn Willden <swillden@google.com> |
Add attestation support to KeymasterContext This CL also implements the necessary context bits for SoftKeymasterContext, in a necessarily completely insecure way. The software attestation intermediate key and intermediate and root certificates are hardcoded. Software attestation is meaningless, but needed to make the APIs work the same for both software and hardware. Bug: 22914603 Change-Id: I1c3439409829c0991db2f0b54e11fb59b5e9bd87
/system/keymaster/soft_keymaster_context.cpp
|
01d8f24c45067bc3d909e3aae9a72582f3c985a1 |
|
16-Nov-2015 |
Shawn Willden <swillden@google.com> |
Fix pass-through of deletion on wrapped KM0 and KM1. SoftKeymasterDevice was incorrectly directly sending deletion requests to wrapped hardware. In some cases the key blob passed in by SoftKeymasterDevice is a hardware blob encapsulated by a wrapper, and we need to remove the encapsulation before passing it on. Bug: 25676862 Change-Id: Ic315c6b08d9ec15aa0be8f28f485a221bc7f1135
/system/keymaster/soft_keymaster_context.cpp
|
fabacaf3e6019804cc8a98a2b8296be1d0125519 |
|
26-Mar-2015 |
Thai Duong <thaidn@google.com> |
ECIES: add ECIES-KEM. This version supports HKDF and ECDH with NIST curves. Change-Id: I5af3215e96bb015049574aa18327cd7f7499dbd3
/system/keymaster/soft_keymaster_context.cpp
|
1181779c5e6c8627b94067d86db6a2f7d5309674 |
|
23-Nov-2015 |
Shawn Willden <swillden@google.com> |
Revert "ECIES: add ECIES-KEM. This version supports HKDF and ECDH with NIST curves." This reverts commit 41998988331ff38e922a59ef008896beb3145ba0. Change-Id: Ifed6b4e5a69310770373a396271f02da5c9d8934
/system/keymaster/soft_keymaster_context.cpp
|
41998988331ff38e922a59ef008896beb3145ba0 |
|
26-Mar-2015 |
Thai Duong <thaidn@google.com> |
ECIES: add ECIES-KEM. This version supports HKDF and ECDH with NIST curves. Change-Id: Iea5877eba0a9b13610d3d1b33d04b5657edc3550
/system/keymaster/soft_keymaster_context.cpp
|
4fc15704d86aab977c2bdbb14345a2c417be2bab |
|
23-Oct-2015 |
Shawn Willden <swillden@google.com> |
Remove unused variables. Change-Id: Ib6adb9242ed8060d6182501784c249c2cd4926f6
/system/keymaster/soft_keymaster_context.cpp
|
d599b15c0693950bdc72fb867872044fdc484ef5 |
|
28-Jul-2015 |
Shawn Willden <swillden@google.com> |
Do digesting, and sometimes padding, in SW when HW doesnt. The keymaster1 specification only requires HW modules to implement SHA256 out of the list of keymaster1 digest modes. That would force many keys to be software only, and would break legacy scenarios. This change uses SoftKeymasterDevice to front keymaster modules that don't implement the full suite of digests, quietly inserting KM_DIGEST_NONE and KM_PAD_NONE into key generation/import requests when necessary, then performing the digesting, and sometimes padding, in software, then delegating crypto operations to the hardware. This is only done for RSA and EC keys. Software digesting isn't possible for HMAC or AES-GCM keys. Note that this is not the complete fix for the bug. Some changes in keystore are also required, coming in another CL. Bug: 22529223 Change-Id: I740572eb11341fb0659085309da01d5cbcd3854d
/system/keymaster/soft_keymaster_context.cpp
|
5cf45028751471f79d9f8a390f64fe9412acd53a |
|
20-Jul-2015 |
Shawn Willden <swillden@google.com> |
Make NONE mean NONE only (not ANY) KM_DIGEST_NONE and KM_PAD_NONE have implicit meanings of "any digest" and "any padding", respectively, as well as the expected meanings of "no digest" and "no padding". This CL changes that so they mean only "no digest" and "no padding". Bug: 22556114 Change-Id: I7b0b4c079067d85ba1aa39ae7edf0c6b17a9a500
/system/keymaster/soft_keymaster_context.cpp
|
ccb84e9118c6a89fedbb2be68bb629a0063eeda5 |
|
03-Jun-2015 |
Shawn Willden <swillden@google.com> |
Fix support of HW keymaster0 keys. Bug: 21593823 Change-Id: Id9ed06b1c6805b1cff36577910715eda7727eef4
/system/keymaster/soft_keymaster_context.cpp
|
0629810b145187575bc26c910dded0d24c64569d |
|
26-May-2015 |
Shawn Willden <swillden@google.com> |
Another refactor, deleting AbstractFactoryRegistry. I should have known better than to make these singletons to begin with. Globals create problems. This undoes that mistake. Change-Id: Idf61d5f72e3c34b5c4ddb27cc94b05f506561743
/system/keymaster/soft_keymaster_context.cpp
|
6270aca8571399aca8ea538acd7386ddecdcc112 |
|
26-May-2015 |
Shawn Willden <swillden@google.com> |
Delegate ECDSA keys to keymaster0 in SoftKeymasterDevice. Bug: 20912868 Change-Id: If63899e3244aed45d939d0165e6d94a1caa9d220
/system/keymaster/soft_keymaster_context.cpp
|
2beb628bfefae72fa6bb84a6235da7e3de532823 |
|
21-May-2015 |
Shawn Willden <swillden@google.com> |
Delegate RSA keys to keymaster0 in SoftKeymasterDevice. Bug: 20912868 Change-Id: I515a125f1247357d2cd9b4633c3b223590848093
/system/keymaster/soft_keymaster_context.cpp
|
0cb6942d3efb6c056f96321c82a4b3d86af601d6 |
|
26-May-2015 |
Shawn Willden <swillden@google.com> |
Revert "Revert "Large refactor to move context out of AndroidKeymaster."" This reverts commit 13fbe3e93247943c26e7ca2ed27b6d650282b8bf. Bug: 20912868, 19799085 Change-Id: Iadd6ce5cbe94956c2a2fe277f1bf5b108e4bcf57
/system/keymaster/soft_keymaster_context.cpp
|
13fbe3e93247943c26e7ca2ed27b6d650282b8bf |
|
23-May-2015 |
Shawn Willden <swillden@google.com> |
Revert "Large refactor to move context out of AndroidKeymaster." This reverts commit 8ba2a043f0d44ad3f58d4af518f9391c03eca9c3. I need to update the Volantis non-secure code in sync. Reverting while I get that done. Change-Id: I0fb9f928e7e624ad678050a04bb873b43b1c9a48
/system/keymaster/soft_keymaster_context.cpp
|
8ba2a043f0d44ad3f58d4af518f9391c03eca9c3 |
|
18-May-2015 |
Shawn Willden <swillden@google.com> |
Large refactor to move context out of AndroidKeymaster. AndroidKeymaster made a number of assumptions about its context that are really only valid for TEE-based usage. In addition, KeyFactory made some similarly TEE-focused assumptions about key blob creation and parsing. Both concerns have been moved to a new KeymasterContext class, which is responsible for building and parsing key blobs in a manner appropriate for the context in which AndroidKeymaster is running, as well as providing other context-specific services, such as random number generation. In addition, the refactor reduces the need for the KeyBlob and UnencryptedKeyBlob classes, which encode too many assumptions about blob formatting and encryption, to the point that they can be removed and replaced by a handful of utility functions which are much cleaner and more flexible. How to review this CL: I looked hard at breaking this up into smaller CLs, but it's mostly not feasible. However, it's probably easier to approach it by starting with the fundamental changes, and then looking at the cascade effects. 1. Look at keymaster_context.h. The core of the change was pulling this set of features out of AndroidKeymaster. Note that the revised approach to key blob creation does not involve the KeyBlob and UnencryptedKeyBlob classes, but instead goes directly from raw key material plus ancillary data (e.g. auth sets) to a serialized buffer ready to return to keystore. The same is true in reverse direction for parsing key blobs. 2. Look at key.h. The revised KeyFactory GenerateKey, ImportKey and LoadKey methods are essential. GenerateKey and ImportKey no longer produce a Key object, because all that's needed is a returnable blob. LoadKey produces a Key object, but it starts with raw key material, rather than an UnencryptedKeyBlob. Also note the change to the Key class; because Key objects are only created by LoadKey, when there's a need to use a key, there's only one constructor. 3. Look at asymmetric_key.h, rsa_key.h and rsa_key.cpp. rsa_key.cpp provides a good example of how the new structure works. GenerateKey and ImportKey do all of the work necessary to produce an OpenSSL RSA key and extract the internal representation (using EvpToKeyMaterial; defined in asymmetric_key.h because it's the same for EC keys). Then, with the raw key data in hand, they call KeymasterContext::CreateKeyBlob to wrap the key data in a key blob that can be returned to the caller -- whatever that wrapping means in the current context. There's a subtlety not apparent here which is crucial to the rationale for the refactoring: RsaKeyFactory uses KeymasterContext::get_instance to retrieve the context, but key factories which depend on operating in a particular context can use a different way to get their context object, which may have a larger interface. RsaKeymaster0KeyFactory will do this. 4. Look at soft_keymaster_context. In particular, SoftKeymasterContext::CreateKeyBlob and ParseKeyBlob. CreateKeyBlob allocates authorization tags from key_description to hw_enforced and sw_enforced, then encrypts the key material and serializes it to a blob. This approach is compatible with the keys softkeymaster has been producing, but I'm going to change it (post M), because there's no reason to bother encrypting SW keys with a SW key. ParseKeyBlob reverses the process to recover the unencrypted key material and the auth lists. One debatable point was the decision to implement BuildHiddenAuthorizations and SetAuthorizations here, since all contexts will need something similar, and they really should all do it the same. I may refactor later to pull that functionality up to KeymasterContext; it will depend on what I learn implementing TrustyKeymasterContext and HybridKeymasterContext (used for the keymaster0 adapter). 5. Look at ocb_utils and auth_encrypted_key_blob. These contain the key encryption and key blob serialization code which was formerly split between AndroidKeymaster::SerializeKeyBlob, UnencryptedKeyBlob and KeyBlob, now divided into separate encryption and serialization utilities. Note the refactored key_blob_test.cpp, updated to use the new utilities rather than UnencryptedKeyBlob. 6. Look at soft_keymaster_device.cpp. Since KeyBlob no longer exists to provide a nice way to peer into a blob to extract the algorithm, for use in determining how to parse the keymaster0 signing key params (which come in as a void*, yuck), we now have to use get_key_characteristics to recover the params. This was the right way all along; the device layer should not depend on being able to parse key blobs. 7. The rest. Bug: 20912868, 19799085 Change-Id: Ieb74b8da39974f674eb8baa959bde75011fdd2e8
/system/keymaster/soft_keymaster_context.cpp
|