1 // 2 // Copyright (C) 2022 The Android Open Source Project 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // http://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 16 //! Software-only trait implementations using fake keys. 17 18 use kmr_common::{ 19 crypto, 20 crypto::{Hkdf, Rng}, 21 Error, 22 }; 23 use kmr_crypto_boring::{hmac::BoringHmac, rng::BoringRng}; 24 use kmr_ta::device::RetrieveKeyMaterial; 25 26 /// Root key retrieval using hard-coded fake keys. 27 pub struct Keys; 28 29 impl RetrieveKeyMaterial for Keys { root_kek(&self, _context: &[u8]) -> Result<crypto::OpaqueOr<crypto::hmac::Key>, Error>30 fn root_kek(&self, _context: &[u8]) -> Result<crypto::OpaqueOr<crypto::hmac::Key>, Error> { 31 // Matches `MASTER_KEY` in system/keymaster/key_blob_utils/software_keyblobs.cpp 32 Ok(crypto::hmac::Key::new([0; 16].to_vec()).into()) 33 } kak(&self) -> Result<crypto::OpaqueOr<crypto::aes::Key>, Error>34 fn kak(&self) -> Result<crypto::OpaqueOr<crypto::aes::Key>, Error> { 35 // Matches `kFakeKeyAgreementKey` in 36 // system/keymaster/km_openssl/soft_keymaster_enforcement.cpp. 37 Ok(crypto::aes::Key::Aes256([0; 32]).into()) 38 } unique_id_hbk(&self, _ckdf: &dyn crypto::Ckdf) -> Result<crypto::hmac::Key, Error>39 fn unique_id_hbk(&self, _ckdf: &dyn crypto::Ckdf) -> Result<crypto::hmac::Key, Error> { 40 // Matches value used in system/keymaster/contexts/pure_soft_keymaster_context.cpp. 41 crypto::hmac::Key::new_from(b"MustBeRandomBits") 42 } 43 } 44 45 /// Implementation of key derivation using a random fake key. 46 pub struct Derive { 47 hbk: Vec<u8>, 48 } 49 50 impl Default for Derive { default() -> Self51 fn default() -> Self { 52 // Use random data as an emulation of a hardware-backed key. 53 let mut hbk = vec![0; 32]; 54 let mut rng = BoringRng; 55 rng.fill_bytes(&mut hbk); 56 Self { hbk } 57 } 58 } 59 60 impl crate::rpc::DeriveBytes for Derive { derive_bytes(&self, context: &[u8], output_len: usize) -> Result<Vec<u8>, Error>61 fn derive_bytes(&self, context: &[u8], output_len: usize) -> Result<Vec<u8>, Error> { 62 BoringHmac.hkdf(&[], &self.hbk, context, output_len) 63 } 64 } 65 66 /// RPC artifact retrieval using software fake key. 67 pub type RpcArtifacts = crate::rpc::Artifacts<Derive>; 68