1 /*
2 * Copyright (C) 2023 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 //! Local in-process implementation of the KeyMint TA. This is insecure and should
18 //! only be used for testing purposes.
19
20 // This crate is `std` using, but some of the code uses macros from a `no_std` world.
21 extern crate alloc;
22
23 use kmr_common::crypto;
24 use kmr_crypto_boring::{
25 aes::BoringAes, aes_cmac::BoringAesCmac, des::BoringDes, ec::BoringEc, eq::BoringEq,
26 hmac::BoringHmac, rng::BoringRng, rsa::BoringRsa, sha256::BoringSha256,
27 };
28 use kmr_ta::device::{
29 BootloaderDone, CsrSigningAlgorithm, Implementation, TrustedPresenceUnsupported,
30 };
31 use kmr_ta::{HardwareInfo, KeyMintTa, RpcInfo, RpcInfoV3};
32 use kmr_wire::keymint::SecurityLevel;
33 use kmr_wire::rpc::MINIMUM_SUPPORTED_KEYS_IN_CSR;
34 use log::info;
35
36 pub mod attest;
37 pub mod clock;
38 pub mod rpc;
39 pub mod soft;
40
41 /// Build a set of crypto trait implementations based around BoringSSL and the standard library
42 /// clock.
boringssl_crypto_impls() -> crypto::Implementation43 pub fn boringssl_crypto_impls() -> crypto::Implementation {
44 let rng = BoringRng;
45 let clock = clock::StdClock::new();
46 let rsa = BoringRsa::default();
47 let ec = BoringEc::default();
48 crypto::Implementation {
49 rng: Box::new(rng),
50 clock: Some(Box::new(clock)),
51 compare: Box::new(BoringEq),
52 aes: Box::new(BoringAes),
53 des: Box::new(BoringDes),
54 hmac: Box::new(BoringHmac),
55 rsa: Box::new(rsa),
56 ec: Box::new(ec),
57 ckdf: Box::new(BoringAesCmac),
58 hkdf: Box::new(BoringHmac),
59 sha256: Box::new(BoringSha256),
60 }
61 }
62
63 /// Build a [`kmr_ta::KeyMintTa`] instance for nonsecure use.
build_ta() -> kmr_ta::KeyMintTa64 pub fn build_ta() -> kmr_ta::KeyMintTa {
65 info!("Building NON-SECURE KeyMint Rust TA");
66 let hw_info = HardwareInfo {
67 version_number: 1,
68 security_level: SecurityLevel::TrustedEnvironment,
69 impl_name: "Rust reference implementation",
70 author_name: "Google",
71 unique_id: "NON-SECURE KeyMint TA",
72 };
73 let rpc_sign_algo = CsrSigningAlgorithm::EdDSA;
74 let rpc_info_v3 = RpcInfoV3 {
75 author_name: "Google",
76 unique_id: "NON-SECURE KeyMint TA",
77 fused: false,
78 supported_num_of_keys_in_csr: MINIMUM_SUPPORTED_KEYS_IN_CSR,
79 };
80
81 let sign_info = attest::CertSignInfo::new();
82 let keys: Box<dyn kmr_ta::device::RetrieveKeyMaterial> = Box::new(soft::Keys);
83 let rpc: Box<dyn kmr_ta::device::RetrieveRpcArtifacts> = Box::new(soft::RpcArtifacts::new(
84 soft::Derive::default(),
85 rpc_sign_algo,
86 ));
87 let dev = Implementation {
88 keys,
89 sign_info: Some(Box::new(sign_info)),
90 // HAL populates attestation IDs from properties.
91 attest_ids: None,
92 sdd_mgr: None,
93 // `BOOTLOADER_ONLY` keys not supported.
94 bootloader: Box::new(BootloaderDone),
95 // `STORAGE_KEY` keys not supported.
96 sk_wrapper: None,
97 // `TRUSTED_USER_PRESENCE_REQUIRED` keys not supported
98 tup: Box::new(TrustedPresenceUnsupported),
99 // No support for converting previous implementation's keyblobs.
100 legacy_key: None,
101 rpc,
102 };
103 KeyMintTa::new(
104 hw_info,
105 RpcInfo::V3(rpc_info_v3),
106 boringssl_crypto_impls(),
107 dev,
108 )
109 }
110