1d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden/* 2d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * Copyright 2015 The Android Open Source Project 3d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * 4d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * Licensed under the Apache License, Version 2.0 (the "License"); 5d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * you may not use this file except in compliance with the License. 6d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * You may obtain a copy of the License at 7d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * 8d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * http://www.apache.org/licenses/LICENSE-2.0 9d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * 10d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * Unless required by applicable law or agreed to in writing, software 11d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * distributed under the License is distributed on an "AS IS" BASIS, 12d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * See the License for the specific language governing permissions and 14d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * limitations under the License. 15d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden */ 16d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 17d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#ifndef SYSTEM_KEYMASTER_RSA_KEYMASTER1_OPERATION_H_ 18d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#define SYSTEM_KEYMASTER_RSA_KEYMASTER1_OPERATION_H_ 19d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 20d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#include <openssl/evp.h> 21d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 22d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#include <hardware/keymaster1.h> 23d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 24f54cc93ccf57a94f9a2c660dbf3e06494adf178dJanis Danisevskis#include <keymaster/android_keymaster_utils.h> 25f54cc93ccf57a94f9a2c660dbf3e06494adf178dJanis Danisevskis#include <keymaster/km_openssl/rsa_operation.h> 26f54cc93ccf57a94f9a2c660dbf3e06494adf178dJanis Danisevskis#include <keymaster/legacy_support/keymaster1_engine.h> 27d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 28d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willdennamespace keymaster { 29d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 30d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willdenclass RsaKeymaster1WrappedOperation { 31d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden public: 32d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden RsaKeymaster1WrappedOperation(keymaster_purpose_t purpose, const Keymaster1Engine* engine) 33d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden : purpose_(purpose), operation_handle_(0), engine_(engine) {} 34d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden ~RsaKeymaster1WrappedOperation() { 35d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden if (operation_handle_) 36d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden Abort(); 37d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden } 38d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 39d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden keymaster_error_t Begin(EVP_PKEY* rsa_key, const AuthorizationSet& input_params); 40d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden keymaster_error_t PrepareFinish(EVP_PKEY* rsa_key, const AuthorizationSet& input_params); 41d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden keymaster_error_t Abort(); 42d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 43d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden keymaster_error_t GetError(EVP_PKEY* rsa_key); 44d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 45f3dc0b841da2c8938e4a8081ef6c6199ed92c876Janis Danisevskis keymaster_operation_handle_t GetOperationHandle() const { return operation_handle_; } 465fa466187ffd1dc56e967e98333b77c69e1e1453Janis Danisevskis protected: 47d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden keymaster_purpose_t purpose_; 48d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden keymaster_operation_handle_t operation_handle_; 49d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden const Keymaster1Engine* engine_; 50d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden}; 51d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 52d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willdentemplate <typename BaseOperation> class RsaKeymaster1Operation : public BaseOperation { 53d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden typedef BaseOperation super; 54d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 55d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden public: 56deffcb7efaac94b2c674247cb9888a0af3d7e256Shawn Willden RsaKeymaster1Operation(AuthorizationSet&& hw_enforced, AuthorizationSet&& sw_enforced, 57deffcb7efaac94b2c674247cb9888a0af3d7e256Shawn Willden keymaster_digest_t digest, keymaster_padding_t padding, EVP_PKEY* key, 58d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden const Keymaster1Engine* engine) 59deffcb7efaac94b2c674247cb9888a0af3d7e256Shawn Willden : BaseOperation(move(hw_enforced), move(sw_enforced), digest, padding, key), 60deffcb7efaac94b2c674247cb9888a0af3d7e256Shawn Willden wrapped_operation_(super::purpose(), engine) { 61d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden // Shouldn't be instantiated for public key operations. 62d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden assert(super::purpose() != KM_PURPOSE_VERIFY); 63d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden assert(super::purpose() != KM_PURPOSE_ENCRYPT); 64d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden } 65d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 66d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden keymaster_error_t Begin(const AuthorizationSet& input_params, 67d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden AuthorizationSet* output_params) override { 68d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden keymaster_error_t error = wrapped_operation_.Begin(super::rsa_key_, input_params); 69d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden if (error != KM_ERROR_OK) 70d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden return error; 71d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden return super::Begin(input_params, output_params); 72d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden } 73d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 74cb647fec03f71929fd316d2b8f0750f7b24824f3Shawn Willden keymaster_error_t Finish(const AuthorizationSet& input_params, const Buffer& input, 75cb647fec03f71929fd316d2b8f0750f7b24824f3Shawn Willden const Buffer& signature, AuthorizationSet* output_params, 76cb647fec03f71929fd316d2b8f0750f7b24824f3Shawn Willden Buffer* output) override { 77d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden keymaster_error_t error = wrapped_operation_.PrepareFinish(super::rsa_key_, input_params); 78d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden if (error != KM_ERROR_OK) 79d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden return error; 80cb647fec03f71929fd316d2b8f0750f7b24824f3Shawn Willden error = super::Finish(input_params, input, signature, output_params, output); 81d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden if (wrapped_operation_.GetError(super::rsa_key_) != KM_ERROR_OK) 82d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden error = wrapped_operation_.GetError(super::rsa_key_); 83d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden return error; 84d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden } 85d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 86d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden keymaster_error_t Abort() override { 87d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden keymaster_error_t error = wrapped_operation_.Abort(); 88d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden if (error != KM_ERROR_OK) 89d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden return error; 90d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden return super::Abort(); 91d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden } 92d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 93f3dc0b841da2c8938e4a8081ef6c6199ed92c876Janis Danisevskis keymaster_operation_handle_t operation_handle() const override { 94f3dc0b841da2c8938e4a8081ef6c6199ed92c876Janis Danisevskis return wrapped_operation_.GetOperationHandle(); 95f3dc0b841da2c8938e4a8081ef6c6199ed92c876Janis Danisevskis } 96d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden private: 97d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden RsaKeymaster1WrappedOperation wrapped_operation_; 98d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden}; 99d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 100d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden/** 101d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * Factory that produces RsaKeymaster1Operations. This is instantiated and 102d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * provided by RsaKeymaster1KeyFactory. 103d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden */ 104d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willdenclass RsaKeymaster1OperationFactory : public OperationFactory { 105d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden public: 106d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden RsaKeymaster1OperationFactory(keymaster_purpose_t purpose, const Keymaster1Engine* engine) 107d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden : purpose_(purpose), engine_(engine) {} 108d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden KeyType registry_key() const override { return KeyType(KM_ALGORITHM_RSA, purpose_); } 109d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 110deffcb7efaac94b2c674247cb9888a0af3d7e256Shawn Willden OperationPtr CreateOperation(Key&& key, const AuthorizationSet& begin_params, 111dc877aea40979bb5a18206cd9cec7bb4f31442e2Janis Danisevskis keymaster_error_t* error) override; 112d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 113d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden const keymaster_digest_t* SupportedDigests(size_t* digest_count) const override; 114d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden const keymaster_padding_t* SupportedPaddingModes(size_t* padding_mode_count) const override; 115d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 116d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden private: 117d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden keymaster_purpose_t purpose_; 118d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden const Keymaster1Engine* engine_; 119d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden}; 120d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 121d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden} // namespace keymaster 122d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 123d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#endif // SYSTEM_KEYMASTER_RSA_KEYMASTER1_OPERATION_H_ 124