11ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley/* 21ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley * Copyright (C) 2016 The Android Open Source Project 31ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley * 41ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley * Licensed under the Apache License, Version 2.0 (the "License"); 51ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley * you may not use this file except in compliance with the License. 61ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley * You may obtain a copy of the License at 71ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley * 81ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley * http://www.apache.org/licenses/LICENSE-2.0 91ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley * 101ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley * Unless required by applicable law or agreed to in writing, software 111ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley * distributed under the License is distributed on an "AS IS" BASIS, 121ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 131ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley * See the License for the specific language governing permissions and 141ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley * limitations under the License. 151ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley */ 161ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley 170323afd69d82ce900d520f4611f56e6c06fc08a1Paul Crowley#ifndef ANDROID_VOLD_KEYMASTER_H 180323afd69d82ce900d520f4611f56e6c06fc08a1Paul Crowley#define ANDROID_VOLD_KEYMASTER_H 191ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley 20015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis#ifdef __cplusplus 21015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis 22e2e2d308df2da26838de32852318bc2cb690d052Pavel Grafov#include "KeyBuffer.h" 23e2e2d308df2da26838de32852318bc2cb690d052Pavel Grafov 240323afd69d82ce900d520f4611f56e6c06fc08a1Paul Crowley#include <memory> 251ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley#include <string> 260323afd69d82ce900d520f4611f56e6c06fc08a1Paul Crowley#include <utility> 271ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley 288e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis#include <android/hardware/keymaster/3.0/IKeymasterDevice.h> 2925e8b4b4f67f62a98c440f8323eaeb956d99f0cdSteven Moreland#include <android-base/macros.h> 308e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis#include <keystore/authorization_set.h> 311ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley 321ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowleynamespace android { 331ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowleynamespace vold { 348e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskisusing ::android::hardware::keymaster::V3_0::IKeymasterDevice; 358e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskisusing ::keystore::ErrorCode; 368e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskisusing ::keystore::KeyPurpose; 378e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskisusing ::keystore::AuthorizationSet; 381ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley 398e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis// C++ wrappers to the Keymaster hidl interface. 401ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley// This is tailored to the needs of KeyStorage, but could be extended to be 411ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley// a more general interface. 421ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley 438e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis// Wrapper for a Keymaster operation handle representing an 441ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley// ongoing Keymaster operation. Aborts the operation 451ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley// in the destructor if it is unfinished. Methods log failures 461ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley// to LOG(ERROR). 471ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowleyclass KeymasterOperation { 48df528a7011b302c91579898c4a37361214ab05bbPaul Crowley public: 490323afd69d82ce900d520f4611f56e6c06fc08a1Paul Crowley ~KeymasterOperation(); 501ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley // Is this instance valid? This is false if creation fails, and becomes 511ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley // false on finish or if an update fails. 528e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis explicit operator bool() { return mError == ErrorCode::OK; } 534375f1be4ccdbf78ef4c5ab926d3316503a7b146Wei Wang ErrorCode errorCode() { return mError; } 5413ffd8ef7a02a1b4b4d9a74f45d4a5bb6b814313Paul Crowley // Call "update" repeatedly until all of the input is consumed, and 551ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley // concatenate the output. Return true on success. 56e2e2d308df2da26838de32852318bc2cb690d052Pavel Grafov template <class TI, class TO> 57e2e2d308df2da26838de32852318bc2cb690d052Pavel Grafov bool updateCompletely(TI& input, TO* output) { 58e2e2d308df2da26838de32852318bc2cb690d052Pavel Grafov if (output) output->clear(); 59e2e2d308df2da26838de32852318bc2cb690d052Pavel Grafov return updateCompletely(input.data(), input.size(), [&](const char* b, size_t n) { 60e2e2d308df2da26838de32852318bc2cb690d052Pavel Grafov if (output) std::copy(b, b+n, std::back_inserter(*output)); 61e2e2d308df2da26838de32852318bc2cb690d052Pavel Grafov }); 62e2e2d308df2da26838de32852318bc2cb690d052Pavel Grafov } 63e2e2d308df2da26838de32852318bc2cb690d052Pavel Grafov 64dff8c727c15cbe795e518e9116dfa271e67755b5Paul Crowley // Finish and write the output to this string, unless pointer is null. 65dff8c727c15cbe795e518e9116dfa271e67755b5Paul Crowley bool finish(std::string* output); 661ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley // Move constructor 671ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley KeymasterOperation(KeymasterOperation&& rhs) { 680323afd69d82ce900d520f4611f56e6c06fc08a1Paul Crowley mDevice = std::move(rhs.mDevice); 69dff8c727c15cbe795e518e9116dfa271e67755b5Paul Crowley mOpHandle = std::move(rhs.mOpHandle); 70dff8c727c15cbe795e518e9116dfa271e67755b5Paul Crowley mError = std::move(rhs.mError); 711ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley } 72dff8c727c15cbe795e518e9116dfa271e67755b5Paul Crowley // Construct an object in an error state for error returns 738e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis KeymasterOperation() 74015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis : mDevice{nullptr}, mOpHandle{0}, 758e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis mError {ErrorCode::UNKNOWN_ERROR} {} 76015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis // Move Assignment 77015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis KeymasterOperation& operator= (KeymasterOperation&& rhs) { 78015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis mDevice = std::move(rhs.mDevice); 79015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis mOpHandle = std::move(rhs.mOpHandle); 80015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis mError = std::move(rhs.mError); 81015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis rhs.mError = ErrorCode::UNKNOWN_ERROR; 82015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis rhs.mOpHandle = 0; 83015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis return *this; 84015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis } 85df528a7011b302c91579898c4a37361214ab05bbPaul Crowley 86df528a7011b302c91579898c4a37361214ab05bbPaul Crowley private: 878e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis KeymasterOperation(const sp<IKeymasterDevice>& d, uint64_t h) 888e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis : mDevice{d}, mOpHandle{h}, mError {ErrorCode::OK} {} 898e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis KeymasterOperation(ErrorCode error) 908e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis : mDevice{nullptr}, mOpHandle{0}, 91dff8c727c15cbe795e518e9116dfa271e67755b5Paul Crowley mError {error} {} 92e2e2d308df2da26838de32852318bc2cb690d052Pavel Grafov 93e2e2d308df2da26838de32852318bc2cb690d052Pavel Grafov bool updateCompletely(const char* input, size_t inputLen, 94e2e2d308df2da26838de32852318bc2cb690d052Pavel Grafov const std::function<void(const char*, size_t)> consumer); 95e2e2d308df2da26838de32852318bc2cb690d052Pavel Grafov 968e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis sp<IKeymasterDevice> mDevice; 978e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis uint64_t mOpHandle; 988e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis ErrorCode mError; 991ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley DISALLOW_COPY_AND_ASSIGN(KeymasterOperation); 1001ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley friend class Keymaster; 1011ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley}; 1021ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley 1030323afd69d82ce900d520f4611f56e6c06fc08a1Paul Crowley// Wrapper for a Keymaster device for methods that start a KeymasterOperation or are not 1040323afd69d82ce900d520f4611f56e6c06fc08a1Paul Crowley// part of one. 1051ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowleyclass Keymaster { 106df528a7011b302c91579898c4a37361214ab05bbPaul Crowley public: 1071ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley Keymaster(); 1081ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley // false if we failed to open the keymaster device. 1098e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis explicit operator bool() { return mDevice.get() != nullptr; } 1101ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley // Generate a key in the keymaster from the given params. 111df528a7011b302c91579898c4a37361214ab05bbPaul Crowley bool generateKey(const AuthorizationSet& inParams, std::string* key); 1121ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley // If the keymaster supports it, permanently delete a key. 113df528a7011b302c91579898c4a37361214ab05bbPaul Crowley bool deleteKey(const std::string& key); 114dff8c727c15cbe795e518e9116dfa271e67755b5Paul Crowley // Replace stored key blob in response to KM_ERROR_KEY_REQUIRES_UPGRADE. 115dff8c727c15cbe795e518e9116dfa271e67755b5Paul Crowley bool upgradeKey(const std::string& oldKey, const AuthorizationSet& inParams, 116dff8c727c15cbe795e518e9116dfa271e67755b5Paul Crowley std::string* newKey); 117dff8c727c15cbe795e518e9116dfa271e67755b5Paul Crowley // Begin a new cryptographic operation, collecting output parameters if pointer is non-null 1188e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis KeymasterOperation begin(KeyPurpose purpose, const std::string& key, 119df528a7011b302c91579898c4a37361214ab05bbPaul Crowley const AuthorizationSet& inParams, AuthorizationSet* outParams); 120015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis bool isSecure(); 121df528a7011b302c91579898c4a37361214ab05bbPaul Crowley 122df528a7011b302c91579898c4a37361214ab05bbPaul Crowley private: 1238e537b80028d11ac1f3810e959636028e77b2025Janis Danisevskis sp<hardware::keymaster::V3_0::IKeymasterDevice> mDevice; 1241ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley DISALLOW_COPY_AND_ASSIGN(Keymaster); 1251ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley}; 1261ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley 1271ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley} // namespace vold 1281ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley} // namespace android 1291ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley 130015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis#endif // __cplusplus 131015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis 132015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis 133015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis/* 134015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis * The following functions provide C bindings to keymaster services 135015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis * needed by cryptfs scrypt. The compatibility check checks whether 136015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis * the keymaster implementation is considered secure, i.e., TEE backed. 137015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis * The create_key function generates an RSA key for signing. 138015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis * The sign_object function signes an object with the given keymaster 139015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis * key. 140015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis */ 141015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis__BEGIN_DECLS 142015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis 143015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskisint keymaster_compatibility_cryptfs_scrypt(); 144015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskisint keymaster_create_key_for_cryptfs_scrypt(uint32_t rsa_key_size, 145015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis uint64_t rsa_exponent, 146015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis uint32_t ratelimit, 147015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis uint8_t* key_buffer, 148015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis uint32_t key_buffer_size, 149015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis uint32_t* key_out_size); 150015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis 151015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskisint keymaster_sign_object_for_cryptfs_scrypt(const uint8_t* key_blob, 152015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis size_t key_blob_size, 153015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis uint32_t ratelimit, 154015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis const uint8_t* object, 155015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis const size_t object_size, 156015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis uint8_t** signature_buffer, 157015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis size_t* signature_buffer_size); 158015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis 159015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis__END_DECLS 160015ec30b36713308db9f0051e8f97338419d7fbfJanis Danisevskis 1611ef255816c50e462acc23383a9ff747c5f55c4ffPaul Crowley#endif 162