13daa5a0d71ba8facd8be9370df54c20c23be6d8dUtkarsh Sanghi// 23daa5a0d71ba8facd8be9370df54c20c23be6d8dUtkarsh Sanghi// Copyright (C) 2015 The Android Open Source Project 33daa5a0d71ba8facd8be9370df54c20c23be6d8dUtkarsh Sanghi// 43daa5a0d71ba8facd8be9370df54c20c23be6d8dUtkarsh Sanghi// Licensed under the Apache License, Version 2.0 (the "License"); 53daa5a0d71ba8facd8be9370df54c20c23be6d8dUtkarsh Sanghi// you may not use this file except in compliance with the License. 63daa5a0d71ba8facd8be9370df54c20c23be6d8dUtkarsh Sanghi// You may obtain a copy of the License at 73daa5a0d71ba8facd8be9370df54c20c23be6d8dUtkarsh Sanghi// 83daa5a0d71ba8facd8be9370df54c20c23be6d8dUtkarsh Sanghi// http://www.apache.org/licenses/LICENSE-2.0 93daa5a0d71ba8facd8be9370df54c20c23be6d8dUtkarsh Sanghi// 103daa5a0d71ba8facd8be9370df54c20c23be6d8dUtkarsh Sanghi// Unless required by applicable law or agreed to in writing, software 113daa5a0d71ba8facd8be9370df54c20c23be6d8dUtkarsh Sanghi// distributed under the License is distributed on an "AS IS" BASIS, 123daa5a0d71ba8facd8be9370df54c20c23be6d8dUtkarsh Sanghi// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 133daa5a0d71ba8facd8be9370df54c20c23be6d8dUtkarsh Sanghi// See the License for the specific language governing permissions and 143daa5a0d71ba8facd8be9370df54c20c23be6d8dUtkarsh Sanghi// limitations under the License. 153daa5a0d71ba8facd8be9370df54c20c23be6d8dUtkarsh Sanghi// 16d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 17d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn#ifndef ATTESTATION_SERVER_PKCS11_KEY_STORE_H_ 18d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn#define ATTESTATION_SERVER_PKCS11_KEY_STORE_H_ 19d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 20d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn#include "attestation/server/key_store.h" 21d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 22d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn#include <string> 23d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 24d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn#include <base/callback_forward.h> 25d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn#include <base/macros.h> 26d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn#include <chaps/pkcs11/cryptoki.h> 27d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn#include <chaps/token_manager_client.h> 28d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 29d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahnnamespace attestation { 30d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 31d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn// This class uses a PKCS #11 token as storage for key data. The key data is 32d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn// stored in data objects with the following attributes: 33d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn// CKA_CLASS - CKO_DATA 34d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn// CKA_LABEL - A key name. 35d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn// CKA_VALUE - Binary key data (opaque to this class and the PKCS #11 token). 36d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn// CKA_APPLICATION - A constant value associated with this class. 37d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn// CKA_TOKEN - True 38d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn// CKA_PRIVATE - True 39d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn// CKA_MODIFIABLE - False 40d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn// There is no barrier between the objects created by this class and any other 41d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn// objects residing in the same token. In practice, this means that any 42d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn// component with access to the PKCS #11 token also has access to read or delete 43d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn// key data. 44d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahnclass Pkcs11KeyStore : public KeyStore { 45d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn public: 46d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn // Does not take ownership of pointers. 47d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn explicit Pkcs11KeyStore(chaps::TokenManagerClient* token_manager); 48d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn ~Pkcs11KeyStore() override; 49d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 50d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn // KeyStore interface. 51d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn bool Read(const std::string& username, 52d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn const std::string& key_name, 53d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn std::string* key_data) override; 54d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn bool Write(const std::string& username, 55d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn const std::string& key_name, 56d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn const std::string& key_data) override; 57d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn bool Delete(const std::string& username, 58d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn const std::string& key_name) override; 59d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn bool DeleteByPrefix(const std::string& username, 60d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn const std::string& key_prefix) override; 61d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn bool Register(const std::string& username, 62d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn const std::string& label, 63594849c7cf872d055575277b930f4f596bef1988Darren Krahn KeyType key_type, 64594849c7cf872d055575277b930f4f596bef1988Darren Krahn KeyUsage key_usage, 65d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn const std::string& private_key_blob, 66d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn const std::string& public_key_der, 67d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn const std::string& certificate) override; 68d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn bool RegisterCertificate(const std::string& username, 69d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn const std::string& certificate) override; 70d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 71d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn private: 72d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn using EnumObjectsCallback = 73d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn base::Callback<bool(const std::string& key_name, 74d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn CK_OBJECT_HANDLE object_handle)>; 75d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 76d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn // Searches for a PKCS #11 object for a given key name. If one exists, the 77d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn // object handle is returned, otherwise CK_INVALID_HANDLE is returned. 78d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn CK_OBJECT_HANDLE FindObject(CK_SESSION_HANDLE session_handle, 79d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn const std::string& key_name); 80d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 81d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn // Gets a slot for the given |username| if |is_user_specific| or the system 82d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn // slot otherwise. Returns false if no appropriate slot is found. 834dc4629c415e7ca90ff146d7bb75b5646ecd8b17Darren Krahn bool GetUserSlot(const std::string& username, CK_SLOT_ID_PTR slot); 84d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 85d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn // Enumerates all PKCS #11 objects associated with keys. The |callback| is 86d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn // called once for each object. 87d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn bool EnumObjects(CK_SESSION_HANDLE session_handle, 88d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn const EnumObjectsCallback& callback); 89d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 90d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn // Looks up the key name for the given |object_handle| which is associated 91d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn // with a key. Returns true on success. 92d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn bool GetKeyName(CK_SESSION_HANDLE session_handle, 93d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn CK_OBJECT_HANDLE object_handle, 94d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn std::string* key_name); 95d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 96d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn // An EnumObjectsCallback for use with DeleteByPrefix. Destroys the key 97d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn // object identified by |object_handle| if |key_name| matches |key_prefix|. 98d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn // Returns true on success. 99d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn bool DeleteIfMatchesPrefix(CK_SESSION_HANDLE session_handle, 100d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn const std::string& key_prefix, 101d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn const std::string& key_name, 102d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn CK_OBJECT_HANDLE object_handle); 103d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 104594849c7cf872d055575277b930f4f596bef1988Darren Krahn // Extracts the |subject|, |issuer|, and |serial_number| information from an 105594849c7cf872d055575277b930f4f596bef1988Darren Krahn // X.509 |certificate|. Returns false if the value cannot be determined. 106594849c7cf872d055575277b930f4f596bef1988Darren Krahn bool GetCertificateFields(const std::string& certificate, 107594849c7cf872d055575277b930f4f596bef1988Darren Krahn std::string* subject, 108594849c7cf872d055575277b930f4f596bef1988Darren Krahn std::string* issuer, 109594849c7cf872d055575277b930f4f596bef1988Darren Krahn std::string* serial_number); 110d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 111d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn // Returns true iff the given certificate already exists in the token. 112d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn bool DoesCertificateExist(CK_SESSION_HANDLE session_handle, 113d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn const std::string& certificate); 114d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 115d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn chaps::TokenManagerClient* token_manager_; 116d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 117d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn DISALLOW_COPY_AND_ASSIGN(Pkcs11KeyStore); 118d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn}; 119d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 120d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn} // namespace attestation 121d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn 122d7ae21ca48a717fec15836b62701da26d9ec519dDarren Krahn#endif // ATTESTATION_SERVER_PKCS11_KEY_STORE_H_ 123