1 /*
2  * Copyright 2017, The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include "KeymasterDevice.h"
18 #include "buffer.h"
19 #include "export_key.h"
20 #include "certs.h"
21 #include "import_key.h"
22 #include "import_wrapped_key.h"
23 #include "proto_utils.h"
24 
25 #include <Keymaster.client.h>
26 #include <nos/debug.h>
27 #include <nos/NuggetClient.h>
28 
29 #include <keymasterV4_0/key_param_output.h>
30 
31 #include <openssl/sha.h>
32 
33 #include <android-base/logging.h>
34 #include <android-base/properties.h>
35 
36 #include <algorithm>
37 
38 #include <time.h>
39 
40 namespace android {
41 namespace hardware {
42 namespace keymaster {
43 
44 namespace {
45 
46 constexpr char PROPERTY_OS_VERSION[] = "ro.build.version.release";
47 constexpr char PROPERTY_OS_PATCHLEVEL[] = "ro.build.version.security_patch";
48 constexpr char PROPERTY_VENDOR_PATCHLEVEL[] = "ro.vendor.build.security_patch";
49 
DigitsOnly(const std::string & code)50 std::string DigitsOnly(const std::string& code) {
51     // Keep digits only.
52     std::string filtered_code;
53     std::copy_if(code.begin(), code.end(), std::back_inserter(filtered_code),
54                  isdigit);
55     return filtered_code;
56 }
57 
58 /** Get one version number from a string and move loc to the point after the
59  * next version delimiter.
60  */
ExtractVersion(const std::string & version,size_t * loc)61 uint32_t ExtractVersion(const std::string& version, size_t* loc) {
62     if (*loc == std::string::npos || *loc >= version.size()) {
63         return 0;
64     }
65 
66     uint32_t value = 0;
67     size_t new_loc = version.find('.', *loc);
68     if (new_loc == std::string::npos) {
69         auto sanitized = DigitsOnly(version.substr(*loc));
70         if (!sanitized.empty()) {
71             if (sanitized.size() < version.size() - *loc) {
72                 LOG(ERROR) << "Unexpected version format: \"" << version
73                            << "\"";
74             }
75             value = std::stoi(sanitized);
76         }
77         *loc = new_loc;
78     } else {
79         auto sanitized = DigitsOnly(version.substr(*loc, new_loc - *loc));
80         if (!sanitized.empty()) {
81             if (sanitized.size() < new_loc - *loc) {
82                 LOG(ERROR) << "Unexpected version format: \"" << version
83                            << "\"";
84             }
85             value = std::stoi(sanitized);
86         }
87         *loc = new_loc + 1;
88     }
89     return value;
90 }
91 
VersionToUint32(const std::string & version)92 uint32_t VersionToUint32(const std::string& version) {
93     size_t loc = 0;
94     uint32_t major = ExtractVersion(version, &loc);
95     uint32_t minor = ExtractVersion(version, &loc);
96     uint32_t subminor = ExtractVersion(version, &loc);
97     return major * 10000 + minor * 100 + subminor;
98 }
99 
DateCodeToUint32(const std::string & code,bool include_day)100 uint32_t DateCodeToUint32(const std::string& code, bool include_day) {
101     // Keep digits only.
102     std::string filtered_code = DigitsOnly(code);
103 
104     // Return 0 if the date string has an unexpected number of digits.
105     uint32_t return_value = 0;
106     if (filtered_code.size() == 8) {
107         return_value = std::stoi(filtered_code);
108         if (!include_day) {
109             return_value /= 100;
110         }
111     } else if (filtered_code.size() == 6) {
112         return_value = std::stoi(filtered_code);
113         if (include_day) {
114             return_value *= 100;
115         }
116     } else {
117         LOG(ERROR) << "Unexpected patchset format: \"" << code << "\"";
118     }
119     return return_value;
120 }
121 
122 // Helper class to call a finalizer on stack unwind.
123 class Finalize {
124  private:
125     std::function<void()> f_;
126 
127  public:
Finalize(std::function<void ()> f)128     Finalize(std::function<void()> f) : f_(f) {}
~Finalize()129     ~Finalize() { if (f_) f_(); }
release()130     void release() { f_ = {}; }
131 };
132 
hidlVec2String(const hidl_vec<uint8_t> & value)133 inline std::string hidlVec2String(const hidl_vec<uint8_t>& value) {
134     return std::string(
135         reinterpret_cast<const std::string::value_type*>(
136             &value[0]), value.size());
137 }
138 
139 }  // namespace
140 
141 // std
142 using std::string;
143 
144 // base
145 using ::android::base::GetProperty;
146 using ::android::base::WaitForPropertyCreation;
147 
148 // libhidl
149 using ::android::hardware::Void;
150 
151 // HAL
152 using ::android::hardware::keymaster::V4_0::Algorithm;
153 using ::android::hardware::keymaster::V4_0::KeyCharacteristics;
154 using ::android::hardware::keymaster::V4_0::KeyFormat;
155 using ::android::hardware::keymaster::V4_0::HardwareAuthToken;
156 using ::android::hardware::keymaster::V4_0::HardwareAuthenticatorType;
157 using ::android::hardware::keymaster::V4_0::SecurityLevel;
158 using ::android::hardware::keymaster::V4_0::Tag;
159 
160 // nos
161 using nos::NuggetClient;
162 
163 // Keymaster app
164 // KM 3.0 types
165 using ::nugget::app::keymaster::AddRngEntropyRequest;
166 using ::nugget::app::keymaster::AddRngEntropyResponse;
167 using ::nugget::app::keymaster::GenerateKeyRequest;
168 using ::nugget::app::keymaster::GenerateKeyResponse;
169 using ::nugget::app::keymaster::GetKeyCharacteristicsRequest;
170 using ::nugget::app::keymaster::GetKeyCharacteristicsResponse;
171 using ::nugget::app::keymaster::ImportKeyRequest;
172 using ::nugget::app::keymaster::ImportKeyResponse;
173 using ::nugget::app::keymaster::ExportKeyRequest;
174 using ::nugget::app::keymaster::ExportKeyResponse;
175 using ::nugget::app::keymaster::StartAttestKeyRequest;
176 using ::nugget::app::keymaster::StartAttestKeyResponse;
177 using ::nugget::app::keymaster::ContinueAttestKeyRequest;
178 using ::nugget::app::keymaster::ContinueAttestKeyResponse;
179 using ::nugget::app::keymaster::FinishAttestKeyRequest;
180 using ::nugget::app::keymaster::FinishAttestKeyResponse;
181 using ::nugget::app::keymaster::UpgradeKeyRequest;
182 using ::nugget::app::keymaster::UpgradeKeyResponse;
183 using ::nugget::app::keymaster::DeleteKeyRequest;
184 using ::nugget::app::keymaster::DeleteKeyResponse;
185 using ::nugget::app::keymaster::DeleteAllKeysRequest;
186 using ::nugget::app::keymaster::DeleteAllKeysResponse;
187 using ::nugget::app::keymaster::DestroyAttestationIdsRequest;
188 using ::nugget::app::keymaster::DestroyAttestationIdsResponse;
189 using ::nugget::app::keymaster::BeginOperationRequest;
190 using ::nugget::app::keymaster::BeginOperationResponse;
191 using ::nugget::app::keymaster::UpdateOperationRequest;
192 using ::nugget::app::keymaster::UpdateOperationResponse;
193 using ::nugget::app::keymaster::FinishOperationRequest;
194 using ::nugget::app::keymaster::FinishOperationResponse;
195 using ::nugget::app::keymaster::AbortOperationRequest;
196 using ::nugget::app::keymaster::AbortOperationResponse;
197 using ::nugget::app::keymaster::ComputeSharedHmacRequest;
198 using ::nugget::app::keymaster::ComputeSharedHmacResponse;
199 using ::nugget::app::keymaster::GetHmacSharingParametersRequest;
200 using ::nugget::app::keymaster::GetHmacSharingParametersResponse;
201 using ::nugget::app::keymaster::SetSystemVersionInfoRequest;
202 using ::nugget::app::keymaster::SetSystemVersionInfoResponse;
203 using ::nugget::app::keymaster::GetBootInfoRequest;
204 using ::nugget::app::keymaster::GetBootInfoResponse;
205 
206 // KM 4.0 types
207 using ::nugget::app::keymaster::ImportWrappedKeyRequest;
208 namespace nosapp = ::nugget::app::keymaster;
209 
210 // KM internal types
211 using ::nugget::app::keymaster::AttestationSelector;
212 
status_to_error_code(uint32_t status)213 static ErrorCode status_to_error_code(uint32_t status)
214 {
215     switch (status) {
216     case APP_SUCCESS:
217         return ErrorCode::OK;
218         break;
219     case APP_ERROR_BOGUS_ARGS:
220         return ErrorCode::INVALID_ARGUMENT;
221         break;
222     case APP_ERROR_INTERNAL:
223         return ErrorCode::UNKNOWN_ERROR;
224         break;
225     case APP_ERROR_TOO_MUCH:
226         return ErrorCode::INSUFFICIENT_BUFFER_SPACE;
227         break;
228     case APP_ERROR_RPC:
229         return ErrorCode::SECURE_HW_COMMUNICATION_FAILED;
230         break;
231     // TODO: app specific error codes go here.
232     default:
233         return ErrorCode::UNKNOWN_ERROR;
234         break;
235     }
236 }
237 
ms_since_epoch(void)238 static uint64_t ms_since_epoch(void)
239 {
240     uint64_t seconds;
241     uint64_t milli_seconds;
242     struct timespec spec;
243 
244     ::clock_gettime(CLOCK_REALTIME, &spec);
245 
246     seconds = spec.tv_sec;
247     milli_seconds = spec.tv_nsec / (1000 * 1000);
248 
249     return (seconds * 1000) + milli_seconds;
250 }
251 
252 #define KM_CALL(meth, request, response) {                                    \
253     const uint32_t status = _keymaster. meth (request, &response);            \
254     const ErrorCode error_code = translate_error_code(response.error_code()); \
255     if (status != APP_SUCCESS) {                                              \
256         LOG(ERROR) << #meth << " : request failed with status: "              \
257                    << nos::StatusCodeString(status);                          \
258         return status_to_error_code(status);                                  \
259     }                                                                         \
260     if (error_code != ErrorCode::OK) {                                        \
261         LOG(ERROR) << #meth << " : device response error code: "              \
262                    << error_code;                                             \
263         return error_code;                                                    \
264     }                                                                         \
265 }
266 
267 #define KM_CALLV(meth, request, response, ...) {                              \
268     const uint32_t status = _keymaster. meth (request, &response);            \
269     const ErrorCode error_code = translate_error_code(response.error_code()); \
270     if (status != APP_SUCCESS) {                                              \
271         LOG(ERROR) << #meth << " : request failed with status: "              \
272                    << nos::StatusCodeString(status);                          \
273         _hidl_cb(status_to_error_code(status), __VA_ARGS__);                  \
274         return Void();                                                        \
275     }                                                                         \
276     if (error_code != ErrorCode::OK) {                                        \
277         LOG(ERROR) << #meth << " : device response error code: "              \
278                    << error_code;                                             \
279         _hidl_cb(error_code, __VA_ARGS__);                                    \
280         return Void();                                                        \
281     }                                                                         \
282 }
283 
284 #define KM_CALLV_ABORT(meth, request, response, ...) {                        \
285     const uint32_t status = _keymaster. meth (request, &response);            \
286     const ErrorCode error_code = translate_error_code(response.error_code()); \
287     if (status != APP_SUCCESS) {                                              \
288         LOG(ERROR) << #meth << " : request failed with status: "              \
289                    << nos::StatusCodeString(status) << " aborting operation"; \
290         _hidl_cb(status_to_error_code(status), __VA_ARGS__);                  \
291         abort(request.handle().handle());                                     \
292         return Void();                                                        \
293     }                                                                         \
294     if (error_code != ErrorCode::OK) {                                        \
295         LOG(ERROR) << #meth << " : device response error code: "              \
296                    << error_code;                                             \
297         _hidl_cb(error_code, __VA_ARGS__);                                    \
298         return Void();                                                        \
299     }                                                                         \
300 }
301 
302 // Methods from ::android::hardware::keymaster::V3_0::IKeymasterDevice follow.
303 
KeymasterDevice(KeymasterClient & keymaster)304 KeymasterDevice::KeymasterDevice(KeymasterClient& keymaster) :
305         _keymaster{keymaster} {
306     // Block until all of the properties have been created
307     while (!(WaitForPropertyCreation(PROPERTY_OS_VERSION) &&
308              WaitForPropertyCreation(PROPERTY_OS_PATCHLEVEL) &&
309              WaitForPropertyCreation(PROPERTY_VENDOR_PATCHLEVEL))) {}
310 
311     _os_version = VersionToUint32(GetProperty(PROPERTY_OS_VERSION, ""));
312     _os_patchlevel = DateCodeToUint32(GetProperty(PROPERTY_OS_PATCHLEVEL, ""),
313                                      false /* include_day */);
314     _vendor_patchlevel = DateCodeToUint32(
315             GetProperty(PROPERTY_VENDOR_PATCHLEVEL, ""),
316             true /* include_day */);
317 
318     SendSystemVersionInfo();
319     GetBootInfo();
320 }
321 
getHardwareInfo(getHardwareInfo_cb _hidl_cb)322 Return<void> KeymasterDevice::getHardwareInfo(
323         getHardwareInfo_cb _hidl_cb)
324 {
325     LOG(VERBOSE) << "Running KeymasterDevice::getHardwareInfo";
326 
327     (void)_keymaster;
328     _hidl_cb(SecurityLevel::STRONGBOX,
329              string("CitadelKeymaster"), string("Google"));
330 
331     return Void();
332 }
333 
getHmacSharingParameters(getHmacSharingParameters_cb _hidl_cb)334 Return<void> KeymasterDevice::getHmacSharingParameters(
335     getHmacSharingParameters_cb _hidl_cb)
336 {
337     LOG(VERBOSE) << "Running KeymasterDevice::getHmacSharingParameters";
338 
339     GetHmacSharingParametersRequest request;
340     GetHmacSharingParametersResponse response;
341     HmacSharingParameters result;
342 
343     KM_CALLV(GetHmacSharingParameters, request, response, result);
344 
345     ErrorCode ec = translate_error_code(response.error_code());
346 
347     if (ec != ErrorCode::OK) {
348         _hidl_cb(ec, HmacSharingParameters());
349     }
350 
351     const std::string & nonce = response.hmac_sharing_params().nonce();
352     const std::string & seed = response.hmac_sharing_params().seed();
353 
354     if (seed.size() == 32) {
355         result.seed.setToExternal(reinterpret_cast<uint8_t*>(
356                 const_cast<char*>(seed.data())),
357                 seed.size(), false);
358     } else if (seed.size() != 0) {
359         LOG(ERROR) << "Citadel returned unexpected seed size: "
360                 << seed.size();
361         _hidl_cb(ErrorCode::UNKNOWN_ERROR, HmacSharingParameters());
362         return Void();
363     }
364 
365     if (nonce.size() == result.nonce.size()) {
366         std::copy(nonce.begin(), nonce.end(), result.nonce.data());
367     } else {
368         LOG(ERROR) << "Citadel returned unexpected nonce size: "
369                 << nonce.size();
370         _hidl_cb(ErrorCode::UNKNOWN_ERROR, HmacSharingParameters());
371         return Void();
372     }
373 
374     _hidl_cb(ec, result);
375 
376     return Void();
377 }
378 
computeSharedHmac(const hidl_vec<HmacSharingParameters> & params,computeSharedHmac_cb _hidl_cb)379 Return<void> KeymasterDevice::computeSharedHmac(
380     const hidl_vec<HmacSharingParameters>& params,
381     computeSharedHmac_cb _hidl_cb)
382 {
383     LOG(VERBOSE) << "Running KeymasterDevice::computeSharedHmac";
384 
385     ComputeSharedHmacRequest request;
386     ComputeSharedHmacResponse response;
387     hidl_vec<uint8_t> result;
388 
389     for (const HmacSharingParameters & param : params) {
390         // TODO respect max number of parameters defined in
391         // keymaster_types.proto
392         nosapp::HmacSharingParameters* req_param =
393                 request.add_hmac_sharing_params();
394         req_param->set_nonce(
395                 reinterpret_cast<const int8_t*>(
396                 param.nonce.data()), param.nonce.size());
397         req_param->set_seed(reinterpret_cast<const int8_t*>(param.seed.data()),
398                 param.seed.size());
399     }
400 
401     KM_CALLV(ComputeSharedHmac, request, response, result);
402 
403     ErrorCode ec = translate_error_code(response.error_code());
404 
405     if (ec != ErrorCode::OK) {
406         _hidl_cb(ec, result);
407         return Void();
408     }
409 
410     const std::string & share_check = response.sharing_check();
411 
412     result.setToExternal(reinterpret_cast<uint8_t*>(
413             const_cast<char*>(share_check.data())), share_check.size(), false);
414     _hidl_cb(ec, result);
415 
416     return Void();
417 }
418 
verifyAuthorization(uint64_t operationHandle,const hidl_vec<KeyParameter> & parametersToVerify,const HardwareAuthToken & authToken,verifyAuthorization_cb _hidl_cb)419 Return<void> KeymasterDevice::verifyAuthorization(
420     uint64_t operationHandle, const hidl_vec<KeyParameter>& parametersToVerify,
421     const HardwareAuthToken& authToken, verifyAuthorization_cb _hidl_cb)
422 {
423     LOG(VERBOSE) << "Running KeymasterDevice::verifyAuthorization";
424 
425     (void)operationHandle;
426     (void)parametersToVerify;
427     (void)authToken;
428 
429     (void)_keymaster;
430     _hidl_cb(ErrorCode::UNIMPLEMENTED, VerificationToken());
431 
432     return Void();
433 }
434 
addRngEntropy(const hidl_vec<uint8_t> & data)435 Return<ErrorCode> KeymasterDevice::addRngEntropy(const hidl_vec<uint8_t>& data)
436 {
437     LOG(VERBOSE) << "Running KeymasterDevice::addRngEntropy";
438 
439     if (!data.size()) return ErrorCode::OK;
440 
441     const size_t chunk_size = 1024;
442     for (size_t i = 0; i < data.size(); i += chunk_size) {
443         AddRngEntropyRequest request;
444         AddRngEntropyResponse response;
445 
446         request.set_data(&data[i], std::min(chunk_size, data.size() - i));
447 
448         // Call device.
449         KM_CALL(AddRngEntropy, request, response);
450     }
451 
452     return ErrorCode::OK;
453 }
454 
generateKey(const hidl_vec<KeyParameter> & keyParams,generateKey_cb _hidl_cb)455 Return<void> KeymasterDevice::generateKey(
456         const hidl_vec<KeyParameter>& keyParams,
457         generateKey_cb _hidl_cb)
458 {
459     LOG(VERBOSE) << "Running KeymasterDevice::generateKey";
460 
461     GenerateKeyRequest request;
462     GenerateKeyResponse response;
463 
464     hidl_vec<uint8_t> blob;
465     KeyCharacteristics characteristics;
466     if (hidl_params_to_pb(
467             keyParams, request.mutable_params()) != ErrorCode::OK) {
468       _hidl_cb(ErrorCode::INVALID_ARGUMENT, blob, characteristics);
469       return Void();
470     }
471     request.set_creation_time_ms(ms_since_epoch());
472 
473     // Call device.
474     KM_CALLV(GenerateKey, request, response,
475              hidl_vec<uint8_t>{}, KeyCharacteristics());
476 
477     blob.setToExternal(
478         reinterpret_cast<uint8_t*>(
479             const_cast<char*>(response.blob().blob().data())),
480         response.blob().blob().size(), false);
481     pb_to_hidl_params(response.characteristics().software_enforced(),
482                       &characteristics.softwareEnforced);
483     pb_to_hidl_params(response.characteristics().tee_enforced(),
484                       &characteristics.hardwareEnforced);
485 
486     _hidl_cb(translate_error_code(response.error_code()),
487              blob, characteristics);
488     return Void();
489 }
490 
getKeyCharacteristics(const hidl_vec<uint8_t> & keyBlob,const hidl_vec<uint8_t> & clientId,const hidl_vec<uint8_t> & appData,getKeyCharacteristics_cb _hidl_cb)491 Return<void> KeymasterDevice::getKeyCharacteristics(
492         const hidl_vec<uint8_t>& keyBlob,
493         const hidl_vec<uint8_t>& clientId,
494         const hidl_vec<uint8_t>& appData,
495         getKeyCharacteristics_cb _hidl_cb)
496 {
497     LOG(VERBOSE) << "Running KeymasterDevice::getKeyCharacteristics";
498 
499     GetKeyCharacteristicsRequest request;
500     GetKeyCharacteristicsResponse response;
501 
502     request.mutable_blob()->set_blob(&keyBlob[0], keyBlob.size());
503     request.set_client_id(&clientId[0], clientId.size());
504     request.set_app_data(&appData[0], appData.size());
505 
506     // Call device.
507     KM_CALLV(GetKeyCharacteristics, request, response, KeyCharacteristics());
508 
509     KeyCharacteristics characteristics;
510     pb_to_hidl_params(response.characteristics().software_enforced(),
511                       &characteristics.softwareEnforced);
512     pb_to_hidl_params(response.characteristics().tee_enforced(),
513                       &characteristics.hardwareEnforced);
514 
515     _hidl_cb(translate_error_code(response.error_code()), characteristics);
516     return Void();
517 }
518 
importKey(const hidl_vec<KeyParameter> & params,KeyFormat keyFormat,const hidl_vec<uint8_t> & keyData,importKey_cb _hidl_cb)519 Return<void> KeymasterDevice::importKey(
520         const hidl_vec<KeyParameter>& params, KeyFormat keyFormat,
521         const hidl_vec<uint8_t>& keyData, importKey_cb _hidl_cb)
522 {
523     LOG(VERBOSE) << "Running KeymasterDevice::importKey";
524 
525     ErrorCode error;
526     ImportKeyRequest request;
527     ImportKeyResponse response;
528 
529     error = import_key_request(params, keyFormat, keyData, &request);
530     if (error != ErrorCode::OK) {
531         LOG(ERROR) << "ImportKey request parsing failed with error "
532                    << error;
533         _hidl_cb(error, hidl_vec<uint8_t>{}, KeyCharacteristics{});
534         return Void();
535     }
536     request.set_creation_time_ms(ms_since_epoch());
537 
538     KM_CALLV(ImportKey, request, response,
539              hidl_vec<uint8_t>{}, KeyCharacteristics{});
540 
541     hidl_vec<uint8_t> blob;
542     blob.setToExternal(
543         reinterpret_cast<uint8_t*>(
544             const_cast<char*>(response.blob().blob().data())),
545         response.blob().blob().size(), false);
546 
547     KeyCharacteristics characteristics;
548     pb_to_hidl_params(response.characteristics().software_enforced(),
549                       &characteristics.softwareEnforced);
550     error = pb_to_hidl_params(response.characteristics().tee_enforced(),
551                               &characteristics.hardwareEnforced);
552     if (error != ErrorCode::OK) {
553         LOG(ERROR) << "KeymasterDevice::importKey: response tee_enforced :"
554                    << error;
555         _hidl_cb(error, hidl_vec<uint8_t>{}, KeyCharacteristics{});
556         return Void();
557     }
558 
559     _hidl_cb(ErrorCode::OK, blob, characteristics);
560     return Void();
561 }
562 
exportKey(KeyFormat exportFormat,const hidl_vec<uint8_t> & keyBlob,const hidl_vec<uint8_t> & clientId,const hidl_vec<uint8_t> & appData,exportKey_cb _hidl_cb)563 Return<void> KeymasterDevice::exportKey(
564         KeyFormat exportFormat, const hidl_vec<uint8_t>& keyBlob,
565         const hidl_vec<uint8_t>& clientId,
566         const hidl_vec<uint8_t>& appData, exportKey_cb _hidl_cb)
567 {
568     LOG(VERBOSE) << "Running KeymasterDevice::exportKey";
569 
570     ExportKeyRequest request;
571     ExportKeyResponse response;
572 
573     request.set_format((::nugget::app::keymaster::KeyFormat)exportFormat);
574     request.mutable_blob()->set_blob(&keyBlob[0], keyBlob.size());
575     request.set_client_id(&clientId[0], clientId.size());
576     request.set_app_data(&appData[0], appData.size());
577 
578     KM_CALLV(ExportKey, request, response, hidl_vec<uint8_t>{});
579 
580     hidl_vec<uint8_t> der;
581     ErrorCode error_code = export_key_der(response, &der);
582     if (error_code != ErrorCode::OK) {
583         LOG(ERROR) << "KeymasterDevice::exportKey: DER conversion failed: "
584                    << error_code;
585         _hidl_cb(error_code, hidl_vec<uint8_t>{});
586         return Void();
587     }
588 
589     _hidl_cb(error_code, der);
590     return Void();
591 }
592 
593 #define ATTESTATION_APPLICATION_ID_MAX_SIZE 1024
594 #define UTCTIME_STR_WITH_NUL_SIZE           14
integer_size(uint64_t value)595 static size_t integer_size(uint64_t value)
596 {
597         size_t octet_count = 1;
598         for (value >>= 8; value; value >>= 8) {
599                 octet_count++;
600         }
601         return octet_count;
602 }
encoded_length_size(size_t length)603 static size_t encoded_length_size(size_t length)
604 {
605         if (length < 0x80) {
606                 return 1;
607         }
608         return integer_size(length) + 1;
609 }
610 
asn1_encode_length(size_t length,const uint8_t * head,uint8_t * tail)611 static uint8_t *asn1_encode_length(size_t length, const uint8_t *head, uint8_t *tail)
612 {
613         if (!tail || tail < head + encoded_length_size(length)) {
614                 return NULL;
615         }
616 
617         if (length < 0x80) {
618                 // Short length case
619                 *(--tail) = length;
620         } else {
621                 // Encode length
622                 uint8_t length_len;
623                 uint8_t *orig_tail = tail;
624                 do {
625                         *(--tail) = length & 0xFF;
626                         length >>= 8;
627                 } while (length);
628 
629                 // Encode length of length.  Assumes length < pow(128, 127).
630                 // Should be good.
631                 length_len = (orig_tail - tail);
632                 *(--tail) = 0x80 | length_len;
633         }
634         return tail;
635 }
636 
attestKey(const hidl_vec<uint8_t> & keyToAttest,const hidl_vec<KeyParameter> & attestParams,attestKey_cb _hidl_cb)637 Return<void> KeymasterDevice::attestKey(
638         const hidl_vec<uint8_t>& keyToAttest,
639         const hidl_vec<KeyParameter>& attestParams,
640         attestKey_cb _hidl_cb)
641 {
642     LOG(VERBOSE) << "Running KeymasterDevice::attestKey";
643 
644     StartAttestKeyRequest startRequest;
645     StartAttestKeyResponse startResponse;
646 
647     // Ensure that required parameters are present.
648     tag_map_t attest_tag_map;
649     if (hidl_params_to_map(attestParams, &attest_tag_map) != ErrorCode::OK) {
650         _hidl_cb(ErrorCode::INVALID_ARGUMENT, hidl_vec<hidl_vec<uint8_t> >{});
651       return Void();
652     }
653     if (attest_tag_map.find(Tag::ATTESTATION_APPLICATION_ID) ==
654         attest_tag_map.end()) {
655         _hidl_cb(ErrorCode::ATTESTATION_APPLICATION_ID_MISSING,
656                  hidl_vec<hidl_vec<uint8_t> >{});
657       return Void();
658     }
659 
660     hidl_vec<uint8_t> client_id;
661     if (attest_tag_map.find(Tag::APPLICATION_ID) != attest_tag_map.end()) {
662         client_id = attest_tag_map.find(Tag::APPLICATION_ID)->second[0].blob;
663     }
664     hidl_vec<uint8_t> app_data;
665     if (attest_tag_map.find(Tag::APPLICATION_DATA) != attest_tag_map.end()) {
666         app_data = attest_tag_map.find(
667             Tag::APPLICATION_DATA)->second[0].blob;
668     }
669 
670     GetKeyCharacteristicsRequest charRequest;
671     GetKeyCharacteristicsResponse charResponse;
672 
673     charRequest.mutable_blob()->set_blob(&keyToAttest[0], keyToAttest.size());
674     charRequest.set_client_id(&client_id[0], client_id.size());
675     charRequest.set_app_data(&app_data[0], app_data.size());
676 
677     // Call device.
678     KM_CALLV(GetKeyCharacteristics, charRequest,
679              charResponse, hidl_vec<hidl_vec<uint8_t> >{});
680 
681     KeyCharacteristics characteristics;
682     pb_to_hidl_params(charResponse.characteristics().software_enforced(),
683                       &characteristics.softwareEnforced);
684     pb_to_hidl_params(charResponse.characteristics().tee_enforced(),
685                       &characteristics.hardwareEnforced);
686 
687     tag_map_t char_tag_map;
688     if (hidl_params_to_map(characteristics.softwareEnforced,
689                            &attest_tag_map) != ErrorCode::OK) {
690         _hidl_cb(ErrorCode::INVALID_ARGUMENT, hidl_vec<hidl_vec<uint8_t> >{});
691       return Void();
692     }
693 
694     time_t not_before = 0;
695     if (char_tag_map.find(Tag::ACTIVE_DATETIME) != char_tag_map.end()) {
696         not_before = char_tag_map.find(
697             Tag::ACTIVE_DATETIME)->second[0].f.dateTime;
698     } else if (char_tag_map.find(Tag::CREATION_DATETIME) !=
699                char_tag_map.end()) {
700         not_before = char_tag_map.find(
701             Tag::CREATION_DATETIME)->second[0].f.dateTime;
702     }
703     // TODO: else: both ACTIVE and CREATION datetime are absent, is
704     // this an error?
705     time_t not_after = 0;
706     if (char_tag_map.find(Tag::USAGE_EXPIRE_DATETIME) != char_tag_map.end()) {
707         not_after = char_tag_map.find(
708             Tag::USAGE_EXPIRE_DATETIME)->second[0].f.dateTime;
709     } else {
710         not_after = 1842739199; // Batch cert expiry date: 2028-05-23:23:59:59.
711     }
712 
713     char not_before_str[UTCTIME_STR_WITH_NUL_SIZE] = {};
714     char not_after_str[UTCTIME_STR_WITH_NUL_SIZE] = {};
715     if (::strftime(not_before_str, sizeof(not_before_str),
716                    "%y%m%d%H%M%SZ", gmtime(&not_before)) == 0 ||
717         ::strftime(not_after_str, sizeof(not_after_str),
718                    "%y%m%d%H%M%SZ", gmtime(&not_after)) == 0) {
719         _hidl_cb(ErrorCode::UNKNOWN_ERROR, hidl_vec<hidl_vec<uint8_t> >{});
720     }
721 
722     startRequest.mutable_blob()->set_blob(&keyToAttest[0], keyToAttest.size());
723     if (hidl_params_to_pb(
724             attestParams, startRequest.mutable_params()) != ErrorCode::OK) {
725       _hidl_cb(ErrorCode::INVALID_ARGUMENT, hidl_vec<hidl_vec<uint8_t> >{});
726       return Void();
727     }
728 
729     // Developer configs (i.e. nodelocked-RO), and PROTO devices will
730     // fall back to TEST certs here, since BATCH certs will be
731     // unavailable.  The selected certificate may be determined via
732     // info included in the response to FinishAttestKeyRequest().
733     startRequest.set_selector(AttestationSelector::ATTEST_BATCH);
734 
735     startRequest.set_not_before(not_before_str,
736                                 sizeof(not_before_str) - 1);
737     startRequest.set_not_after(not_after_str,
738                                 sizeof(not_after_str) - 1);
739 
740     // TODO: as an optimization, avoid sending the
741     // ATTESTATION_APPLICATION_ID to Start, since only the length of
742     // this field is needed at this stage.
743     // NOTE: citadel adds the AAID to the hash in the prologue for now. So if this
744     // is ever changes the HASH_update call needs to move in the citadel firmware.
745 
746     KM_CALLV(StartAttestKey, startRequest, startResponse,
747              hidl_vec<hidl_vec<uint8_t> >{});
748 
749     uint64_t operationHandle = startResponse.handle().handle();
750     ContinueAttestKeyRequest continueRequest;
751     ContinueAttestKeyResponse continueResponse;
752     // Prepare to abort the pending operation in event of an error.
753     Finalize finalize([&] () { abort(operationHandle); });
754 
755     continueRequest.mutable_handle()->set_handle(operationHandle);
756     if (hidl_params_to_pb(
757             attestParams, continueRequest.mutable_params()) != ErrorCode::OK) {
758         LOG(ERROR) << "Failed to parse attest params";
759         _hidl_cb(ErrorCode::INVALID_ARGUMENT, hidl_vec<hidl_vec<uint8_t> >{});
760         return Void();
761     }
762 
763     KM_CALLV(ContinueAttestKey, continueRequest, continueResponse,
764              hidl_vec<hidl_vec<uint8_t> >{});
765 
766     FinishAttestKeyRequest finishRequest;
767     FinishAttestKeyResponse finishResponse;
768 
769     finishRequest.mutable_handle()->set_handle(operationHandle);
770 
771     KM_CALLV(FinishAttestKey, finishRequest, finishResponse,
772              hidl_vec<hidl_vec<uint8_t> >{});
773 
774     hidl_vec<uint8_t>& attestation_application_id =
775             attest_tag_map[Tag::ATTESTATION_APPLICATION_ID].begin()->blob;
776     size_t cert_len = startResponse.certificate_prologue().size()
777                     + attestation_application_id.size()
778                     + continueResponse.certificate_body().size()
779                     + finishResponse.certificate_epilogue().size();
780 
781     std::stringstream ss;
782     {
783         char c = 0x30;
784         ss.write(&c, 1); // DER_SEQUENCE | DER_CONSTRUCTED
785 
786         uint8_t buffer[10];
787         auto * cert_header = asn1_encode_length(cert_len, buffer, buffer + sizeof(buffer));
788 
789         if (cert_header == nullptr) {
790             LOG(ERROR) << "Failed to generate attestation certificate sequence header";
791             _hidl_cb(ErrorCode::UNKNOWN_ERROR, hidl_vec<hidl_vec<uint8_t> >{});
792             return Void();
793         }
794         ss.write(reinterpret_cast<char*>(cert_header), buffer + sizeof(buffer) - cert_header);
795     }
796 
797     ss << startResponse.certificate_prologue();
798     ss.write(reinterpret_cast<const std::stringstream::char_type*>(
799             attestation_application_id.data()), attestation_application_id.size());
800     ss << continueResponse.certificate_body();
801     ss << finishResponse.certificate_epilogue();
802 
803     if (!ss) {
804         LOG(ERROR) << "Failed to generate attestation certificate";
805         _hidl_cb(ErrorCode::UNKNOWN_ERROR, hidl_vec<hidl_vec<uint8_t> >{});
806         return Void();
807     }
808 
809     vector<hidl_vec<uint8_t> > chain;
810     string attestation_str = ss.str();
811     {
812         hidl_vec<uint8_t> attestation_certificate;
813         attestation_certificate.setToExternal(
814                 reinterpret_cast<uint8_t*>(
815                         const_cast<char*>(attestation_str.data())),
816                 attestation_str.size(), false);
817 
818         chain.push_back(std::move(attestation_certificate));
819 
820         hidl_vec<uint8_t> batch_cert;
821         hidl_vec<uint8_t> intermediate_cert;
822         hidl_vec<uint8_t> root;
823 
824         for (const KeyParameter &param : characteristics.hardwareEnforced) {
825             if (param.tag != Tag::ALGORITHM) {
826                 continue;
827             }
828 
829             // Node-locked RO implies that factory provisioned certs
830             // (if any), are inaccessible, so fallback to the TEST
831             // certs.  Similarly, PROTO chips were not provisioned
832             // with certs, and hence will fallback to TEST certs.
833             if (finishResponse.nodelocked_ro() ||
834                 finishResponse.chip_fusing() == nosapp::FUSING_PROTO) {
835                 if (param.f.algorithm == Algorithm::RSA) {
836                     batch_cert.setToExternal(
837                         const_cast<uint8_t*>(
838                             TEST_BATCH_RSA_CERT),
839                                       sizeof(TEST_BATCH_RSA_CERT));
840                     intermediate_cert.setToExternal(
841                         const_cast<uint8_t*>(
842                             TEST_BATCH_RSA_INT_CERT),
843                         sizeof(TEST_BATCH_RSA_INT_CERT));
844                     root.setToExternal(
845                         const_cast<uint8_t*>(
846                             TEST_BATCH_ROOT_CERT),
847                         sizeof(TEST_BATCH_ROOT_CERT));
848                 } else {
849                     batch_cert.setToExternal(
850                         const_cast<uint8_t*>(
851                             TEST_BATCH_EC_CERT),
852                         sizeof(TEST_BATCH_EC_CERT));
853                     intermediate_cert.setToExternal(
854                         const_cast<uint8_t*>(
855                             TEST_BATCH_EC_INT_CERT),
856                         sizeof(TEST_BATCH_EC_INT_CERT));
857                     root.setToExternal(
858                         const_cast<uint8_t*>(
859                             TEST_BATCH_ROOT_CERT),
860                         sizeof(TEST_BATCH_ROOT_CERT));
861                 }
862             } else if (finishResponse.chip_fusing() == nosapp::FUSING_DVT) {
863                 if (param.f.algorithm == Algorithm::RSA) {
864                     batch_cert.setToExternal(
865                         const_cast<uint8_t*>(DEV_BATCH_RSA_CERT),
866                         sizeof(DEV_BATCH_RSA_CERT));
867                     intermediate_cert.setToExternal(
868                         const_cast<uint8_t*>(DEV_BATCH_RSA_INT_CERT),
869                         sizeof(DEV_BATCH_RSA_INT_CERT));
870                 } else {
871                     batch_cert.setToExternal(
872                         const_cast<uint8_t*>(DEV_BATCH_EC_CERT),
873                         sizeof(DEV_BATCH_EC_CERT));
874                     intermediate_cert.setToExternal(
875                         const_cast<uint8_t*>(DEV_BATCH_EC_INT_CERT),
876                         sizeof(DEV_BATCH_EC_INT_CERT));
877                 }
878                 root.setToExternal(
879                     const_cast<uint8_t*>(DEV_BATCH_ROOT_CERT),
880                     sizeof(DEV_BATCH_ROOT_CERT));
881             } else {  // PVT!
882                 if (param.f.algorithm == Algorithm::RSA) {
883                     batch_cert.setToExternal(
884                         const_cast<uint8_t*>(PROD_BATCH_RSA_CERT),
885                         sizeof(PROD_BATCH_RSA_CERT));
886                     intermediate_cert.setToExternal(
887                         const_cast<uint8_t*>(PROD_BATCH_RSA_INT_CERT),
888                         sizeof(PROD_BATCH_RSA_INT_CERT));
889                 } else {
890                     batch_cert.setToExternal(
891                         const_cast<uint8_t*>(PROD_BATCH_EC_CERT),
892                         sizeof(PROD_BATCH_EC_CERT));
893                     intermediate_cert.setToExternal(
894                         const_cast<uint8_t*>(PROD_BATCH_EC_INT_CERT),
895                         sizeof(PROD_BATCH_EC_INT_CERT));
896                 }
897                 root.setToExternal(
898                     const_cast<uint8_t*>(PROD_BATCH_ROOT_CERT),
899                     sizeof(PROD_BATCH_ROOT_CERT));
900             }
901             break; // we found the ALGORITM tag so we can break the loop
902         }
903 
904         chain.push_back(std::move(batch_cert));
905         chain.push_back(std::move(intermediate_cert));
906         chain.push_back(std::move(root));
907     }
908 
909     _hidl_cb(ErrorCode::OK, chain);
910     finalize.release();
911     return Void();
912 }
913 
upgradeKey(const hidl_vec<uint8_t> & keyBlobToUpgrade,const hidl_vec<KeyParameter> & upgradeParams,upgradeKey_cb _hidl_cb)914 Return<void> KeymasterDevice::upgradeKey(
915         const hidl_vec<uint8_t>& keyBlobToUpgrade,
916         const hidl_vec<KeyParameter>& upgradeParams,
917         upgradeKey_cb _hidl_cb)
918 {
919     LOG(VERBOSE) << "Running KeymasterDevice::upgradeKey";
920 
921     UpgradeKeyRequest request;
922     UpgradeKeyResponse response;
923 
924     request.mutable_blob()->set_blob(&keyBlobToUpgrade[0],
925                                      keyBlobToUpgrade.size());
926 
927     hidl_vec<uint8_t> blob;
928     if (hidl_params_to_pb(
929             upgradeParams, request.mutable_params()) != ErrorCode::OK) {
930       _hidl_cb(ErrorCode::INVALID_ARGUMENT, blob);
931       return Void();
932     }
933 
934     KM_CALLV(UpgradeKey, request, response, hidl_vec<uint8_t>{});
935 
936     blob.setToExternal(
937         reinterpret_cast<uint8_t*>(
938             const_cast<char*>(response.blob().blob().data())),
939         response.blob().blob().size(), false);
940 
941     _hidl_cb(translate_error_code(response.error_code()), blob);
942     return Void();
943 }
944 
deleteKey(const hidl_vec<uint8_t> & keyBlob)945 Return<ErrorCode> KeymasterDevice::deleteKey(const hidl_vec<uint8_t>& keyBlob)
946 {
947     LOG(VERBOSE) << "Running KeymasterDevice::deleteKey";
948 
949     DeleteKeyRequest request;
950     DeleteKeyResponse response;
951 
952     request.mutable_blob()->set_blob(&keyBlob[0], keyBlob.size());
953 
954     KM_CALL(DeleteKey, request, response);
955 
956     return translate_error_code(response.error_code());
957 }
958 
deleteAllKeys()959 Return<ErrorCode> KeymasterDevice::deleteAllKeys()
960 {
961     LOG(VERBOSE) << "Running KeymasterDevice::deleteAllKeys";
962 
963     DeleteAllKeysRequest request;
964     DeleteAllKeysResponse response;
965 
966     KM_CALL(DeleteAllKeys, request, response);
967 
968     return translate_error_code(response.error_code());
969 }
970 
destroyAttestationIds()971 Return<ErrorCode> KeymasterDevice::destroyAttestationIds()
972 {
973     LOG(VERBOSE) << "Running KeymasterDevice::destroyAttestationIds";
974 
975     DestroyAttestationIdsRequest request;
976     DestroyAttestationIdsResponse response;
977 
978     KM_CALL(DestroyAttestationIds, request, response);
979 
980     return translate_error_code(response.error_code());
981 }
982 
begin(KeyPurpose purpose,const hidl_vec<uint8_t> & key,const hidl_vec<KeyParameter> & inParams,const HardwareAuthToken & authToken,begin_cb _hidl_cb)983 Return<void> KeymasterDevice::begin(
984         KeyPurpose purpose, const hidl_vec<uint8_t>& key,
985         const hidl_vec<KeyParameter>& inParams,
986         const HardwareAuthToken& authToken,
987         begin_cb _hidl_cb)
988 {
989     LOG(VERBOSE) << "Running KeymasterDevice::begin";
990 
991     BeginOperationRequest request;
992     BeginOperationResponse response;
993 
994     request.set_purpose((::nugget::app::keymaster::KeyPurpose)purpose);
995     request.mutable_blob()->set_blob(&key[0], key.size());
996 
997     hidl_vec<KeyParameter> params;
998     if (translate_auth_token(
999             authToken, request.mutable_auth_token()) != ErrorCode::OK) {
1000         _hidl_cb(ErrorCode::INVALID_ARGUMENT, params,
1001                  response.handle().handle());
1002         return Void();
1003     }
1004     if (hidl_params_to_pb(
1005             inParams, request.mutable_params()) != ErrorCode::OK) {
1006       _hidl_cb(ErrorCode::INVALID_ARGUMENT, params,
1007                response.handle().handle());
1008       return Void();
1009     }
1010     tag_map_t tag_map;
1011     if (hidl_params_to_map(inParams, &tag_map) != ErrorCode::OK) {
1012         _hidl_cb(ErrorCode::INVALID_ARGUMENT, params,
1013                  response.handle().handle());
1014       return Void();
1015     }
1016 
1017     KM_CALLV(BeginOperation, request, response, hidl_vec<KeyParameter>{}, 0);
1018 
1019     // Setup HAL buffering for this operation's data.
1020     Algorithm algorithm;
1021     if (translate_algorithm(response.algorithm(), &algorithm) !=
1022         ErrorCode::OK) {
1023         if (this->abort(response.handle().handle()) != ErrorCode::OK) {
1024             LOG(ERROR) << "abort( " << response.handle().handle()
1025                        << ") failed";
1026         }
1027         _hidl_cb(ErrorCode::INVALID_ARGUMENT, params,
1028                  response.handle().handle());
1029         return Void();
1030     }
1031     ErrorCode error_code = buffer_begin(response.handle().handle(), algorithm);
1032     if (error_code != ErrorCode::OK) {
1033         if (this->abort(response.handle().handle()) != ErrorCode::OK) {
1034             LOG(ERROR) << "abort( " << response.handle().handle()
1035                        << ") failed";
1036         }
1037         _hidl_cb(ErrorCode::UNKNOWN_ERROR, params,
1038                  response.handle().handle());
1039         return Void();
1040     }
1041 
1042     pb_to_hidl_params(response.params(), &params);
1043 
1044     _hidl_cb(translate_error_code(response.error_code()), params,
1045              response.handle().handle());
1046     return Void();
1047 }
1048 
update(uint64_t operationHandle,const hidl_vec<KeyParameter> & inParams,const hidl_vec<uint8_t> & input,const HardwareAuthToken & authToken,const VerificationToken & verificationToken,update_cb _hidl_cb)1049 Return<void> KeymasterDevice::update(
1050         uint64_t operationHandle,
1051         const hidl_vec<KeyParameter>& inParams,
1052         const hidl_vec<uint8_t>& input,
1053         const HardwareAuthToken& authToken,
1054         const VerificationToken& verificationToken,
1055         update_cb _hidl_cb)
1056 {
1057     LOG(VERBOSE) << "Running KeymasterDevice::update";
1058 
1059     UpdateOperationRequest request;
1060     UpdateOperationResponse response;
1061 
1062     uint32_t consumed;
1063     hidl_vec<uint8_t> output;
1064     hidl_vec<KeyParameter> params;
1065     ErrorCode error_code;
1066     error_code = buffer_append(operationHandle, input, &consumed);
1067     if (error_code != ErrorCode::OK) {
1068         _hidl_cb(error_code, 0, params, output);
1069         return Void();
1070     }
1071 
1072     hidl_vec<uint8_t> blocks;
1073     error_code = buffer_peek(operationHandle, &blocks);
1074     if (error_code != ErrorCode::OK) {
1075         _hidl_cb(error_code, 0, params, output);
1076         return Void();
1077     }
1078 
1079     // blocks.size() may be zero, but do a round-trip none-the-less
1080     // since this may be GCM, there may be AAD data in params.
1081     // TODO: as an optimization, do some inspection apriori.
1082 
1083     request.mutable_handle()->set_handle(operationHandle);
1084 
1085     if (hidl_params_to_pb(
1086             inParams, request.mutable_params()) != ErrorCode::OK) {
1087       _hidl_cb(ErrorCode::INVALID_ARGUMENT, 0, params, output);
1088       return Void();
1089     }
1090 
1091     request.set_input(&blocks[0], blocks.size());
1092     if (translate_auth_token(
1093             authToken, request.mutable_auth_token()) != ErrorCode::OK) {
1094         _hidl_cb(ErrorCode::INVALID_ARGUMENT, 0, params, output);
1095         return Void();
1096     }
1097     translate_verification_token(verificationToken,
1098                                  request.mutable_verification_token());
1099 
1100     KM_CALLV_ABORT(UpdateOperation, request, response,
1101                    0, hidl_vec<KeyParameter>{}, hidl_vec<uint8_t>{});
1102 
1103     if (buffer_advance(operationHandle, response.consumed()) != ErrorCode::OK) {
1104         _hidl_cb(ErrorCode::UNKNOWN_ERROR, 0, params, output);
1105         return Void();
1106     }
1107 
1108     pb_to_hidl_params(response.params(), &params);
1109     output.setToExternal(
1110         reinterpret_cast<uint8_t*>(const_cast<char*>(response.output().data())),
1111         response.output().size(), false);
1112 
1113     // Special case ECDSA sign + Digest::NONE, which discards all but
1114     // the left-most len(SHA256) bytes.
1115     Algorithm algorithm;
1116     buffer_algorithm(operationHandle, &algorithm);
1117     if (algorithm == Algorithm::EC) {
1118         if (response.consumed() == 0 && // Implies Digest::NONE.
1119             buffer_remaining(operationHandle) >= SHA256_DIGEST_LENGTH) {
1120             consumed = input.size();    // Discard remaining input.
1121         }
1122     }
1123     _hidl_cb(ErrorCode::OK, consumed, params, output);
1124     return Void();
1125 }
1126 
finish(uint64_t operationHandle,const hidl_vec<KeyParameter> & inParams,const hidl_vec<uint8_t> & input,const hidl_vec<uint8_t> & signature,const HardwareAuthToken & authToken,const VerificationToken & verificationToken,finish_cb _hidl_cb)1127 Return<void> KeymasterDevice::finish(
1128         uint64_t operationHandle,
1129         const hidl_vec<KeyParameter>& inParams,
1130         const hidl_vec<uint8_t>& input,
1131         const hidl_vec<uint8_t>& signature,
1132         const HardwareAuthToken& authToken,
1133         const VerificationToken& verificationToken,
1134         finish_cb _hidl_cb)
1135 {
1136     LOG(VERBOSE) << "Running KeymasterDevice::finish";
1137 
1138     FinishOperationRequest request;
1139     FinishOperationResponse response;
1140 
1141     ErrorCode error_code;
1142     hidl_vec<uint8_t> output;
1143 
1144     // Consume any input data via update calls.
1145     size_t consumed = 0;
1146     hidl_vec<KeyParameter> input_params = inParams;
1147     string update_output_str;
1148     while (consumed < input.size()) {
1149         hidl_vec<KeyParameter> out_params;
1150         update_cb _update_hidl_cb =
1151             [&] (
1152                 ErrorCode error, uint32_t input_consumed,
1153                 const hidl_vec<KeyParameter>& params,
1154                 const hidl_vec<uint8_t>& update_output) {
1155                     error_code = error;
1156                     if (error == ErrorCode::OK) {
1157                         consumed += input_consumed;
1158                         input_params = params;  // Update the params.
1159                         update_output_str += hidlVec2String(update_output);
1160                     }
1161             };
1162 
1163         hidl_vec<uint8_t> input_data;
1164         input_data.setToExternal(const_cast<uint8_t*>(&input.data()[consumed]),
1165                                  input.size() - consumed);
1166         update(operationHandle, input_params, input_data, authToken,
1167                verificationToken, _update_hidl_cb);
1168         if (error_code != ErrorCode::OK) {
1169             _hidl_cb(error_code,
1170                      hidl_vec<KeyParameter>{}, hidl_vec<uint8_t>{});
1171             return Void();
1172         }
1173     }
1174 
1175     hidl_vec<uint8_t> data;
1176     error_code = buffer_final(operationHandle, &data);
1177     if (error_code != ErrorCode::OK) {
1178         _hidl_cb(error_code,
1179                  hidl_vec<KeyParameter>{}, hidl_vec<uint8_t>{});
1180         return Void();
1181     }
1182 
1183     request.mutable_handle()->set_handle(operationHandle);
1184 
1185     hidl_vec<KeyParameter> params;
1186     if (hidl_params_to_pb(
1187             input_params, request.mutable_params()) != ErrorCode::OK) {
1188       _hidl_cb(ErrorCode::INVALID_ARGUMENT, params, output);
1189       return Void();
1190     }
1191 
1192     request.set_input(&data[0], data.size());
1193     request.set_signature(&signature[0], signature.size());
1194 
1195     if (translate_auth_token(
1196             authToken, request.mutable_auth_token()) != ErrorCode::OK) {
1197         _hidl_cb(ErrorCode::INVALID_ARGUMENT, params, output);
1198         return Void();
1199     }
1200     translate_verification_token(verificationToken,
1201                                  request.mutable_verification_token());
1202 
1203     KM_CALLV_ABORT(FinishOperation, request, response,
1204                    hidl_vec<KeyParameter>{}, hidl_vec<uint8_t>{});
1205 
1206     pb_to_hidl_params(response.params(), &params);
1207     // Concatenate accumulated output from Update().
1208     update_output_str += string(
1209         response.output().data(), response.output().size());
1210     output.setToExternal(
1211         reinterpret_cast<uint8_t*>(const_cast<char*>(
1212                                        update_output_str.data())),
1213         update_output_str.size(), false);
1214 
1215     _hidl_cb(ErrorCode::OK, params, output);
1216     return Void();
1217 }
1218 
abort(uint64_t operationHandle)1219 Return<ErrorCode> KeymasterDevice::abort(uint64_t operationHandle)
1220 {
1221     LOG(VERBOSE) << "Running KeymasterDevice::abort";
1222 
1223     AbortOperationRequest request;
1224     AbortOperationResponse response;
1225 
1226     request.mutable_handle()->set_handle(operationHandle);
1227 
1228     KM_CALL(AbortOperation, request, response);
1229 
1230     return ErrorCode::OK;
1231 }
1232 
1233 // Methods from ::android::hardware::keymaster::V4_0::IKeymasterDevice follow.
importWrappedKey(const hidl_vec<uint8_t> & wrappedKeyData,const hidl_vec<uint8_t> & wrappingKeyBlob,const hidl_vec<uint8_t> & maskingKey,const hidl_vec<KeyParameter> &,uint64_t,uint64_t,importWrappedKey_cb _hidl_cb)1234 Return<void> KeymasterDevice::importWrappedKey(
1235     const hidl_vec<uint8_t>& wrappedKeyData,
1236     const hidl_vec<uint8_t>& wrappingKeyBlob,
1237     const hidl_vec<uint8_t>& maskingKey,
1238     const hidl_vec<KeyParameter>& /* unwrappingParams */,
1239     uint64_t /* passwordSid */, uint64_t /* biometricSid */,
1240     importWrappedKey_cb _hidl_cb)
1241 {
1242     LOG(VERBOSE) << "Running KeymasterDevice::importWrappedKey";
1243 
1244     ErrorCode error;
1245     ImportWrappedKeyRequest request;
1246     ImportKeyResponse response;
1247 
1248     if (maskingKey.size() != KM_WRAPPER_MASKING_KEY_SIZE) {
1249         _hidl_cb(ErrorCode::INVALID_ARGUMENT, hidl_vec<uint8_t>{},
1250                  KeyCharacteristics{});
1251         return Void();
1252     }
1253 
1254     error = import_wrapped_key_request(wrappedKeyData, wrappingKeyBlob,
1255                                        maskingKey, &request);
1256     if (error != ErrorCode::OK) {
1257         LOG(ERROR) << "ImportWrappedKey request parsing failed with error "
1258                    << error;
1259         _hidl_cb(error, hidl_vec<uint8_t>{}, KeyCharacteristics{});
1260         return Void();
1261     }
1262     request.set_creation_time_ms(ms_since_epoch());
1263 
1264     KM_CALLV(ImportWrappedKey, request, response,
1265              hidl_vec<uint8_t>{}, KeyCharacteristics{});
1266 
1267     hidl_vec<uint8_t> blob;
1268     blob.setToExternal(
1269         reinterpret_cast<uint8_t*>(
1270             const_cast<char*>(response.blob().blob().data())),
1271         response.blob().blob().size(), false);
1272 
1273     KeyCharacteristics characteristics;
1274     // TODO: anything to do here with softwareEnforced?
1275     pb_to_hidl_params(response.characteristics().software_enforced(),
1276                       &characteristics.softwareEnforced);
1277     error = pb_to_hidl_params(response.characteristics().tee_enforced(),
1278                               &characteristics.hardwareEnforced);
1279     if (error != ErrorCode::OK) {
1280         LOG(ERROR) <<
1281             "KeymasterDevice::importWrappedKey: response tee_enforced :"
1282                    << error;
1283         _hidl_cb(error, hidl_vec<uint8_t>{}, KeyCharacteristics{});
1284         return Void();
1285     }
1286 
1287     _hidl_cb(ErrorCode::OK, blob, characteristics);
1288     return Void();
1289 }
1290 
1291 // Private methods.
SendSystemVersionInfo() const1292 Return<ErrorCode> KeymasterDevice::SendSystemVersionInfo() const {
1293     SetSystemVersionInfoRequest request;
1294     SetSystemVersionInfoResponse response;
1295 
1296     request.set_system_version(_os_version);
1297     request.set_system_security_level(_os_patchlevel);
1298     request.set_vendor_security_level(_vendor_patchlevel);
1299 
1300     KM_CALL(SetSystemVersionInfo, request, response);
1301     return ErrorCode::OK;
1302 }
1303 
GetBootInfo()1304 Return<ErrorCode> KeymasterDevice::GetBootInfo() {
1305     GetBootInfoRequest request;
1306     GetBootInfoResponse response;
1307 
1308     KM_CALL(GetBootInfo, request, response);
1309 
1310     _is_unlocked = response.is_unlocked();
1311     _boot_color = response.boot_color();
1312     _boot_key.assign(response.boot_key().begin(), response.boot_key().end());
1313     _boot_hash.assign(response.boot_hash().begin(), response.boot_hash().end());
1314     return ErrorCode::OK;
1315 }
1316 
1317 }  // namespace keymaster
1318 }  // namespace hardware
1319 }  // namespace android
1320