1/*
2 * Copyright (C) 2016 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#ifndef KEYSTORE_KEYSTORE_H_
18#define KEYSTORE_KEYSTORE_H_
19
20#include "user_state.h"
21
22#include <android/hardware/keymaster/3.0/IKeymasterDevice.h>
23
24#include <utils/Vector.h>
25
26#include "blob.h"
27#include "include/keystore/keymaster_tags.h"
28#include "grant_store.h"
29
30using ::keystore::NullOr;
31
32class KeyStore {
33    typedef ::android::sp<::android::hardware::keymaster::V3_0::IKeymasterDevice> km_device_t;
34
35  public:
36    KeyStore(Entropy* entropy, const km_device_t& device, const km_device_t& fallback,
37             bool allowNewFallback);
38    ~KeyStore();
39
40    km_device_t& getDevice() { return mDevice; }
41
42    NullOr<km_device_t&> getFallbackDevice() {
43        // we only return the fallback device if the creation of new fallback key blobs is
44        // allowed. (also see getDevice below)
45        if (mAllowNewFallback) {
46            return mFallbackDevice;
47        } else {
48            return {};
49        }
50    }
51
52    km_device_t& getDevice(const Blob& blob) {
53        // We return a device, based on the nature of the blob to provide backward
54        // compatibility with old key blobs generated using the fallback device.
55        return blob.isFallback() ? mFallbackDevice : mDevice;
56    }
57
58    ResponseCode initialize();
59
60    State getState(uid_t userId) { return getUserState(userId)->getState(); }
61
62    ResponseCode initializeUser(const android::String8& pw, uid_t userId);
63
64    ResponseCode copyMasterKey(uid_t srcUser, uid_t dstUser);
65    ResponseCode writeMasterKey(const android::String8& pw, uid_t userId);
66    ResponseCode readMasterKey(const android::String8& pw, uid_t userId);
67
68    android::String8 getKeyName(const android::String8& keyName, const BlobType type);
69    android::String8 getKeyNameForUid(const android::String8& keyName, uid_t uid,
70                                      const BlobType type);
71    android::String8 getKeyNameForUidWithDir(const android::String8& keyName, uid_t uid,
72                                             const BlobType type);
73    NullOr<android::String8> getBlobFileNameIfExists(const android::String8& alias, uid_t uid,
74                                                    const BlobType type);
75
76    /*
77     * Delete entries owned by userId. If keepUnencryptedEntries is true
78     * then only encrypted entries will be removed, otherwise all entries will
79     * be removed.
80     */
81    void resetUser(uid_t userId, bool keepUnenryptedEntries);
82    bool isEmpty(uid_t userId) const;
83
84    void lock(uid_t userId);
85
86    ResponseCode get(const char* filename, Blob* keyBlob, const BlobType type, uid_t userId);
87    ResponseCode put(const char* filename, Blob* keyBlob, uid_t userId);
88    ResponseCode del(const char* filename, const BlobType type, uid_t userId);
89    ResponseCode list(const android::String8& prefix, android::Vector<android::String16>* matches,
90                      uid_t userId);
91
92    std::string addGrant(const char* alias, uid_t granterUid, uid_t granteeUid);
93    bool removeGrant(const char* alias, const uid_t granterUid, const uid_t granteeUid);
94    void removeAllGrantsToUid(const uid_t granteeUid);
95
96    ResponseCode importKey(const uint8_t* key, size_t keyLen, const char* filename, uid_t userId,
97                           int32_t flags);
98
99    bool isHardwareBacked(const android::String16& keyType) const;
100
101    ResponseCode getKeyForName(Blob* keyBlob, const android::String8& keyName, const uid_t uid,
102                               const BlobType type);
103
104    /**
105     * Returns any existing UserState or creates it if it doesn't exist.
106     */
107    UserState* getUserState(uid_t userId);
108
109    /**
110     * Returns any existing UserState or creates it if it doesn't exist.
111     */
112    UserState* getUserStateByUid(uid_t uid);
113
114    /**
115     * Returns NULL if the UserState doesn't already exist.
116     */
117    const UserState* getUserState(uid_t userId) const;
118
119    /**
120     * Returns NULL if the UserState doesn't already exist.
121     */
122    const UserState* getUserStateByUid(uid_t uid) const;
123
124  private:
125    static const char* sOldMasterKey;
126    static const char* sMetaDataFile;
127    static const android::String16 sRSAKeyType;
128    Entropy* mEntropy;
129
130    km_device_t mDevice;
131    km_device_t mFallbackDevice;
132    bool mAllowNewFallback;
133
134    android::Vector<UserState*> mMasterKeys;
135
136    ::keystore::GrantStore mGrants;
137
138    typedef struct { uint32_t version; } keystore_metadata_t;
139
140    keystore_metadata_t mMetaData;
141
142    /**
143     * Upgrade the key from the current version to whatever is newest.
144     */
145    bool upgradeBlob(const char* filename, Blob* blob, const uint8_t oldVersion,
146                     const BlobType type, uid_t uid);
147
148    /**
149     * Takes a blob that is an PEM-encoded RSA key as a byte array and converts it to a DER-encoded
150     * PKCS#8 for import into a keymaster.  Then it overwrites the original blob with the new blob
151     * format that is returned from the keymaster.
152     */
153    ResponseCode importBlobAsKey(Blob* blob, const char* filename, uid_t uid);
154
155    void readMetaData();
156    void writeMetaData();
157
158    bool upgradeKeystore();
159};
160
161#endif  // KEYSTORE_KEYSTORE_H_
162