128e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden/*
228e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden * Copyright 2014 The Android Open Source Project
328e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden *
428e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden * Licensed under the Apache License, Version 2.0 (the "License");
528e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden * you may not use this file except in compliance with the License.
628e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden * You may obtain a copy of the License at
728e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden *
828e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden *      http://www.apache.org/licenses/LICENSE-2.0
928e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden *
1028e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden * Unless required by applicable law or agreed to in writing, software
1128e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden * distributed under the License is distributed on an "AS IS" BASIS,
1228e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1328e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden * See the License for the specific language governing permissions and
1428e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden * limitations under the License.
1528e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden */
1628e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden
1728e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden#ifndef SYSTEM_KEYMASTER_OPENSSL_UTILS_H_
1828e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden#define SYSTEM_KEYMASTER_OPENSSL_UTILS_H_
1928e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden
2028e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden#include <openssl/bn.h>
212beb628bfefae72fa6bb84a6235da7e3de532823Shawn Willden#include <openssl/ec.h>
22d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#include <openssl/engine.h>
23f7538e0127ec2cb5202b0cbc64ad8305aae6243bQuan Nguyen#include <openssl/evp.h>
242beb628bfefae72fa6bb84a6235da7e3de532823Shawn Willden#include <openssl/rsa.h>
254d306ec792b4348253aa77dff965bff5def1dccbShawn Willden#include <openssl/x509.h>
2628e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden
27f38a002624126ca837865826f948edc9100d6e8aJanis Danisevskis#include <keymaster/UniquePtr.h>
282c8dd3e93d66fed41561933105e6050ff0655d76Shawn Willden
29b9d584d3dacc8041e5502cd0d036e21895eb6dc6Shawn Willden#include <hardware/keymaster_defs.h>
302c8dd3e93d66fed41561933105e6050ff0655d76Shawn Willden
314d306ec792b4348253aa77dff965bff5def1dccbShawn Willdennamespace keymaster {
324d306ec792b4348253aa77dff965bff5def1dccbShawn Willden
33398c158a0206217025f327c2d26bb6c86659f5a0Shawn Willdenstruct KeymasterKeyBlob;
34398c158a0206217025f327c2d26bb6c86659f5a0Shawn Willden
35f7538e0127ec2cb5202b0cbc64ad8305aae6243bQuan Nguyenclass EvpMdCtxCleaner {
36f7538e0127ec2cb5202b0cbc64ad8305aae6243bQuan Nguyen  public:
375d5e42b081646208e134a96d0cb500e6b6e8f043Chih-Hung Hsieh    explicit EvpMdCtxCleaner(EVP_MD_CTX* ctx) : ctx_(ctx) {}
38f7538e0127ec2cb5202b0cbc64ad8305aae6243bQuan Nguyen    ~EvpMdCtxCleaner() { EVP_MD_CTX_cleanup(ctx_); }
39f7538e0127ec2cb5202b0cbc64ad8305aae6243bQuan Nguyen
40f7538e0127ec2cb5202b0cbc64ad8305aae6243bQuan Nguyen  private:
41f7538e0127ec2cb5202b0cbc64ad8305aae6243bQuan Nguyen    EVP_MD_CTX* ctx_;
42f7538e0127ec2cb5202b0cbc64ad8305aae6243bQuan Nguyen};
43f7538e0127ec2cb5202b0cbc64ad8305aae6243bQuan Nguyen
44aa58329b5bc3b30c6a01221b2a89808ebf347650Shawn Willdentemplate <typename T, void (*FreeFunc)(T*)> struct OpenSslObjectDeleter {
45aa58329b5bc3b30c6a01221b2a89808ebf347650Shawn Willden    void operator()(T* p) { FreeFunc(p); }
46fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong};
47fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong
48aa58329b5bc3b30c6a01221b2a89808ebf347650Shawn Willden#define DEFINE_OPENSSL_OBJECT_POINTER(name)                                                        \
49aa58329b5bc3b30c6a01221b2a89808ebf347650Shawn Willden    typedef OpenSslObjectDeleter<name, name##_free> name##_Delete;                                 \
50aa58329b5bc3b30c6a01221b2a89808ebf347650Shawn Willden    typedef UniquePtr<name, name##_Delete> name##_Ptr;
51aa58329b5bc3b30c6a01221b2a89808ebf347650Shawn Willden
52d487dc9e95162f249048bd31d4191a0d50b77496Shawn WilldenDEFINE_OPENSSL_OBJECT_POINTER(ASN1_BIT_STRING)
53aa58329b5bc3b30c6a01221b2a89808ebf347650Shawn WilldenDEFINE_OPENSSL_OBJECT_POINTER(ASN1_INTEGER)
54aa58329b5bc3b30c6a01221b2a89808ebf347650Shawn WilldenDEFINE_OPENSSL_OBJECT_POINTER(ASN1_OBJECT)
55aa58329b5bc3b30c6a01221b2a89808ebf347650Shawn WilldenDEFINE_OPENSSL_OBJECT_POINTER(ASN1_OCTET_STRING)
56aa58329b5bc3b30c6a01221b2a89808ebf347650Shawn WilldenDEFINE_OPENSSL_OBJECT_POINTER(ASN1_TIME)
57d487dc9e95162f249048bd31d4191a0d50b77496Shawn WilldenDEFINE_OPENSSL_OBJECT_POINTER(BN_CTX)
58d487dc9e95162f249048bd31d4191a0d50b77496Shawn WilldenDEFINE_OPENSSL_OBJECT_POINTER(EC_GROUP)
59d487dc9e95162f249048bd31d4191a0d50b77496Shawn WilldenDEFINE_OPENSSL_OBJECT_POINTER(EC_KEY)
60d487dc9e95162f249048bd31d4191a0d50b77496Shawn WilldenDEFINE_OPENSSL_OBJECT_POINTER(EC_POINT)
61d487dc9e95162f249048bd31d4191a0d50b77496Shawn WilldenDEFINE_OPENSSL_OBJECT_POINTER(ENGINE)
62d487dc9e95162f249048bd31d4191a0d50b77496Shawn WilldenDEFINE_OPENSSL_OBJECT_POINTER(EVP_PKEY)
63d487dc9e95162f249048bd31d4191a0d50b77496Shawn WilldenDEFINE_OPENSSL_OBJECT_POINTER(PKCS8_PRIV_KEY_INFO)
64d487dc9e95162f249048bd31d4191a0d50b77496Shawn WilldenDEFINE_OPENSSL_OBJECT_POINTER(RSA)
65aa58329b5bc3b30c6a01221b2a89808ebf347650Shawn WilldenDEFINE_OPENSSL_OBJECT_POINTER(X509)
66aa58329b5bc3b30c6a01221b2a89808ebf347650Shawn WilldenDEFINE_OPENSSL_OBJECT_POINTER(X509_EXTENSION)
67aa58329b5bc3b30c6a01221b2a89808ebf347650Shawn WilldenDEFINE_OPENSSL_OBJECT_POINTER(X509_NAME)
68aa58329b5bc3b30c6a01221b2a89808ebf347650Shawn Willden
69aa58329b5bc3b30c6a01221b2a89808ebf347650Shawn Willdentypedef OpenSslObjectDeleter<BIGNUM, BN_free> BIGNUM_Delete;
70aa58329b5bc3b30c6a01221b2a89808ebf347650Shawn Willdentypedef UniquePtr<BIGNUM, BIGNUM_Delete> BIGNUM_Ptr;
71d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
72fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duongkeymaster_error_t ec_get_group_size(const EC_GROUP* group, size_t* key_size_bits);
73fabacaf3e6019804cc8a98a2b8296be1d0125519Thai DuongEC_GROUP* ec_get_group(keymaster_ec_curve_t curve);
74fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong
7528e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden/**
7628e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden * Many OpenSSL APIs take ownership of an argument on success but don't free the argument on
7728e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden * failure. This means we need to tell our scoped pointers when we've transferred ownership, without
7828e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden * triggering a warning by not using the result of release().
7928e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden */
8028e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willdentemplate <typename T, typename Delete_T>
8128e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willdeninline void release_because_ownership_transferred(UniquePtr<T, Delete_T>& p) {
8228e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden    T* val __attribute__((unused)) = p.release();
8328e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden}
8428e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden
854d306ec792b4348253aa77dff965bff5def1dccbShawn Willdenkeymaster_error_t convert_pkcs8_blob_to_evp(const uint8_t* key_data, size_t key_length,
864d306ec792b4348253aa77dff965bff5def1dccbShawn Willden                                            keymaster_algorithm_t expected_algorithm,
874d306ec792b4348253aa77dff965bff5def1dccbShawn Willden                                            UniquePtr<EVP_PKEY, EVP_PKEY_Delete>* pkey);
884d306ec792b4348253aa77dff965bff5def1dccbShawn Willden
89398c158a0206217025f327c2d26bb6c86659f5a0Shawn Willdenkeymaster_error_t KeyMaterialToEvpKey(keymaster_key_format_t key_format,
90398c158a0206217025f327c2d26bb6c86659f5a0Shawn Willden                                      const KeymasterKeyBlob& key_material,
91398c158a0206217025f327c2d26bb6c86659f5a0Shawn Willden                                      keymaster_algorithm_t expected_algorithm,
92398c158a0206217025f327c2d26bb6c86659f5a0Shawn Willden                                      UniquePtr<EVP_PKEY, EVP_PKEY_Delete>* evp_pkey);
93398c158a0206217025f327c2d26bb6c86659f5a0Shawn Willden
94398c158a0206217025f327c2d26bb6c86659f5a0Shawn Willdenkeymaster_error_t EvpKeyToKeyMaterial(const EVP_PKEY* evp_pkey, KeymasterKeyBlob* key_blob);
95398c158a0206217025f327c2d26bb6c86659f5a0Shawn Willden
96d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willdensize_t ec_group_size_bits(EC_KEY* ec_key);
97d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
984d306ec792b4348253aa77dff965bff5def1dccbShawn Willden}  // namespace keymaster
9928e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden
10028e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden#endif  // SYSTEM_KEYMASTER_OPENSSL_UTILS_H_
101