1d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden/*
2d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * Copyright 2015 The Android Open Source Project
3d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden *
4d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * Licensed under the Apache License, Version 2.0 (the "License");
5d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * you may not use this file except in compliance with the License.
6d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * You may obtain a copy of the License at
7d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden *
8d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden *      http://www.apache.org/licenses/LICENSE-2.0
9d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden *
10d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * Unless required by applicable law or agreed to in writing, software
11d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * distributed under the License is distributed on an "AS IS" BASIS,
12d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * See the License for the specific language governing permissions and
14d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * limitations under the License.
15d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden */
16d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
17d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#include "rsa_keymaster1_key.h"
18d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
19d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#include <memory>
20d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
21d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#include <keymaster/logger.h>
22d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#include <keymaster/soft_keymaster_context.h>
23d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
24d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#include "rsa_keymaster1_operation.h"
25d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
26d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willdenusing std::unique_ptr;
27d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
28d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willdennamespace keymaster {
29d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
30d599b15c0693950bdc72fb867872044fdc484ef5Shawn WilldenRsaKeymaster1KeyFactory::RsaKeymaster1KeyFactory(const SoftKeymasterContext* context,
31d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                                                 const Keymaster1Engine* engine)
32d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    : RsaKeyFactory(context), engine_(engine),
33d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden      sign_factory_(new RsaKeymaster1OperationFactory(KM_PURPOSE_SIGN, engine)),
34d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden      decrypt_factory_(new RsaKeymaster1OperationFactory(KM_PURPOSE_DECRYPT, engine)),
35d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden      // For pubkey ops we can use the normal operation factories.
36d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden      verify_factory_(new RsaVerificationOperationFactory),
37d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden      encrypt_factory_(new RsaEncryptionOperationFactory) {}
38d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
39d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willdenstatic bool is_supported(uint32_t digest) {
40d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    return digest == KM_DIGEST_NONE || digest == KM_DIGEST_SHA_2_256;
41d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden}
42d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
43d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willdenstatic void UpdateToWorkAroundUnsupportedDigests(const AuthorizationSet& key_description,
44d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                                                 AuthorizationSet* new_description) {
45d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    bool have_unsupported_digests = false;
46d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    bool have_digest_none = false;
47d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    bool have_pad_none = false;
48d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    bool have_padding_requiring_digest = false;
49d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    for (const keymaster_key_param_t& entry : key_description) {
50d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        new_description->push_back(entry);
51d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
52d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        if (entry.tag == TAG_DIGEST) {
53d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden            if (entry.enumerated == KM_DIGEST_NONE) {
54d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                have_digest_none = true;
55d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden            } else if (!is_supported(entry.enumerated)) {
56d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                LOG_D("Found request for unsupported digest %u", entry.enumerated);
57d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                have_unsupported_digests = true;
58d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden            }
59d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        }
60d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
61d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        if (entry.tag == TAG_PADDING) {
62d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden            switch (entry.enumerated) {
63d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden            case KM_PAD_RSA_PSS:
64d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden            case KM_PAD_RSA_OAEP:
65d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                have_padding_requiring_digest = true;
66d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                break;
67d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden            case KM_PAD_NONE:
68d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                have_pad_none = true;
69d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                break;
70d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden            }
71d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        }
72d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    }
73d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
74d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    if (have_unsupported_digests && !have_digest_none) {
75d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        LOG_I("Adding KM_DIGEST_NONE to key authorization, to enable software digesting", 0);
76d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        new_description->push_back(TAG_DIGEST, KM_DIGEST_NONE);
77d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    }
78d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
79d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    if (have_unsupported_digests && have_padding_requiring_digest && !have_pad_none) {
80d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        LOG_I("Adding KM_PAD_NONE to key authorization, to enable PSS or OAEP software padding", 0);
81d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        new_description->push_back(TAG_PADDING, KM_PAD_NONE);
82d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    }
83d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden}
84d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
85d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willdenkeymaster_error_t RsaKeymaster1KeyFactory::GenerateKey(const AuthorizationSet& key_description,
86d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                                                       KeymasterKeyBlob* key_blob,
87d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                                                       AuthorizationSet* hw_enforced,
88d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                                                       AuthorizationSet* sw_enforced) const {
89d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    AuthorizationSet key_params_copy;
90d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    UpdateToWorkAroundUnsupportedDigests(key_description, &key_params_copy);
91d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    return engine_->GenerateKey(key_params_copy, key_blob, hw_enforced, sw_enforced);
92d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden}
93d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
94d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willdenkeymaster_error_t RsaKeymaster1KeyFactory::ImportKey(
95d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    const AuthorizationSet& key_description, keymaster_key_format_t input_key_material_format,
96d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    const KeymasterKeyBlob& input_key_material, KeymasterKeyBlob* output_key_blob,
97d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    AuthorizationSet* hw_enforced, AuthorizationSet* sw_enforced) const {
98d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    AuthorizationSet key_params_copy;
99d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    UpdateToWorkAroundUnsupportedDigests(key_description, &key_params_copy);
100d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    return engine_->ImportKey(key_params_copy, input_key_material_format, input_key_material,
101d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                              output_key_blob, hw_enforced, sw_enforced);
102d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden}
103d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
104d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willdenkeymaster_error_t RsaKeymaster1KeyFactory::LoadKey(const KeymasterKeyBlob& key_material,
105d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                                                   const AuthorizationSet& additional_params,
106d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                                                   const AuthorizationSet& hw_enforced,
107d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                                                   const AuthorizationSet& sw_enforced,
108d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden                                                   UniquePtr<Key>* key) const {
109d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    if (!key)
110d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        return KM_ERROR_OUTPUT_PARAMETER_NULL;
111d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
112d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    keymaster_error_t error;
113d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    unique_ptr<RSA, RSA_Delete> rsa(engine_->BuildRsaKey(key_material, additional_params, &error));
114d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    if (!rsa)
115d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        return error;
116d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
117d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    key->reset(new (std::nothrow)
1184fc15704d86aab977c2bdbb14345a2c417be2babShawn Willden                   RsaKeymaster1Key(rsa.release(), hw_enforced, sw_enforced, &error));
119d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    if (!key->get())
120d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
121d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
122d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    if (error != KM_ERROR_OK)
123d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        return error;
124d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
125d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    return KM_ERROR_OK;
126d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden}
127d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
128d599b15c0693950bdc72fb867872044fdc484ef5Shawn WilldenOperationFactory* RsaKeymaster1KeyFactory::GetOperationFactory(keymaster_purpose_t purpose) const {
129d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    switch (purpose) {
130d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    case KM_PURPOSE_SIGN:
131d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        return sign_factory_.get();
132d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    case KM_PURPOSE_VERIFY:
133d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        return verify_factory_.get();
134d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    case KM_PURPOSE_ENCRYPT:
135d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        return encrypt_factory_.get();
136d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    case KM_PURPOSE_DECRYPT:
137d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden        return decrypt_factory_.get();
138d4c83db6b3bbb83985715fa88fcec580594c1c9cShawn Willden    case KM_PURPOSE_DERIVE_KEY:
139d4c83db6b3bbb83985715fa88fcec580594c1c9cShawn Willden        break;
140d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    }
141d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden    return nullptr;
142d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden}
143d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden
144d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden}  // namespace keymaster
145