1 /*
2  * Copyright 2017 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include <keymaster/attestation_record.h>
18 #include <keymaster/logger.h>
19 #include <keymaster/wrapped_key.h>
20 
21 #include <openssl/asn1t.h>
22 
23 #include <keymaster/android_keymaster_utils.h>
24 #include <keymaster/km_openssl/openssl_err.h>
25 #include <keymaster/km_openssl/openssl_utils.h>
26 
27 namespace keymaster {
28 
29 IMPLEMENT_ASN1_FUNCTIONS(KM_WRAPPED_KEY_DESCRIPTION);
30 IMPLEMENT_ASN1_FUNCTIONS(KM_WRAPPED_KEY);
31 
32 struct KM_WRAPPED_KEY_Delete {
operator ()keymaster::KM_WRAPPED_KEY_Delete33     void operator()(KM_WRAPPED_KEY* p) { KM_WRAPPED_KEY_free(p); }
34 };
35 
36 struct KM_WRAPPED_KEY_DESCRIPTION_Delete {
operator ()keymaster::KM_WRAPPED_KEY_DESCRIPTION_Delete37     void operator()(KM_WRAPPED_KEY_DESCRIPTION* p) { KM_WRAPPED_KEY_DESCRIPTION_free(p); }
38 };
39 
40 // DER encode a wrapped key for secure import
build_wrapped_key(const KeymasterKeyBlob & transit_key,const KeymasterBlob & iv,keymaster_key_format_t key_format,const KeymasterKeyBlob & secure_key,const KeymasterBlob & tag,const AuthorizationSet & auth_set,KeymasterKeyBlob * der_wrapped_key)41 keymaster_error_t build_wrapped_key(const KeymasterKeyBlob& transit_key, const KeymasterBlob& iv,
42                                     keymaster_key_format_t key_format,
43                                     const KeymasterKeyBlob& secure_key, const KeymasterBlob& tag,
44                                     const AuthorizationSet& auth_set,
45                                     KeymasterKeyBlob* der_wrapped_key) {
46     UniquePtr<KM_WRAPPED_KEY, KM_WRAPPED_KEY_Delete> wrapped_key(KM_WRAPPED_KEY_new());
47     if (!wrapped_key.get()) return KM_ERROR_MEMORY_ALLOCATION_FAILED;
48 
49     if (!ASN1_OCTET_STRING_set(wrapped_key->transit_key, transit_key.key_material,
50                                transit_key.key_material_size) ||
51         !ASN1_OCTET_STRING_set(wrapped_key->iv, iv.data, iv.data_length) ||
52         !ASN1_OCTET_STRING_set(wrapped_key->secure_key, secure_key.key_material,
53                                secure_key.key_material_size) ||
54         !ASN1_OCTET_STRING_set(wrapped_key->tag, tag.data, tag.data_length) ||
55         !ASN1_INTEGER_set(wrapped_key->wrapped_key_description->key_format, key_format)) {
56         return TranslateLastOpenSslError();
57     }
58 
59     auto err = build_auth_list(auth_set, wrapped_key->wrapped_key_description->auth_list);
60     if (err != KM_ERROR_OK) {
61         return err;
62     }
63 
64     int len = i2d_KM_WRAPPED_KEY(wrapped_key.get(), nullptr);
65     if (len < 0) {
66         return TranslateLastOpenSslError();
67     }
68     if (!der_wrapped_key->Reset(len)) {
69         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
70     }
71 
72     uint8_t* p = der_wrapped_key->writable_data();
73     len = i2d_KM_WRAPPED_KEY(wrapped_key.get(), &p);
74     if (len < 0) {
75         return TranslateLastOpenSslError();
76     }
77 
78     return KM_ERROR_OK;
79 }
80 
81 // Parse the DER-encoded wrapped key format
parse_wrapped_key(const KeymasterKeyBlob & wrapped_key,KeymasterBlob * iv,KeymasterKeyBlob * transit_key,KeymasterKeyBlob * secure_key,KeymasterBlob * tag,AuthorizationSet * auth_list,keymaster_key_format_t * key_format,KeymasterBlob * wrapped_key_description)82 keymaster_error_t parse_wrapped_key(const KeymasterKeyBlob& wrapped_key, KeymasterBlob* iv,
83                                     KeymasterKeyBlob* transit_key, KeymasterKeyBlob* secure_key,
84                                     KeymasterBlob* tag, AuthorizationSet* auth_list,
85                                     keymaster_key_format_t* key_format,
86                                     KeymasterBlob* wrapped_key_description) {
87     if (!iv || !transit_key || !secure_key || !tag || !auth_list || !key_format ||
88         !wrapped_key_description) {
89         return KM_ERROR_UNEXPECTED_NULL_POINTER;
90     }
91 
92     const uint8_t* tmp = wrapped_key.key_material;
93     UniquePtr<KM_WRAPPED_KEY, KM_WRAPPED_KEY_Delete> record(
94         d2i_KM_WRAPPED_KEY(nullptr, &tmp, wrapped_key.key_material_size));
95     if (!record.get()) return TranslateLastOpenSslError();
96 
97     *iv = KeymasterBlob(record->iv->data, record->iv->length);
98     if (record->iv->data && !iv->data) {
99         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
100     }
101 
102     *transit_key = KeymasterKeyBlob(record->transit_key->data, record->transit_key->length);
103     if (record->transit_key->data && !transit_key->key_material) {
104         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
105     }
106 
107     *secure_key = KeymasterKeyBlob(record->secure_key->data, record->secure_key->length);
108     if (record->secure_key->data && !secure_key->key_material) {
109         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
110     }
111 
112     *tag = KeymasterBlob(record->tag->data, record->tag->length);
113     if (record->tag->data && !tag->data) {
114         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
115     }
116 
117     // Re-serialize the wrapped key description
118     int len = i2d_KM_WRAPPED_KEY_DESCRIPTION(record->wrapped_key_description, nullptr);
119     if (len < 0) {
120         return TranslateLastOpenSslError();
121     }
122     if (!wrapped_key_description->Reset(len)) {
123         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
124     }
125     uint8_t* p = wrapped_key_description->writable_data();
126     if (i2d_KM_WRAPPED_KEY_DESCRIPTION(record->wrapped_key_description, &p) < 0) {
127         return TranslateLastOpenSslError();
128     }
129 
130     *key_format = static_cast<keymaster_key_format_t>(
131         ASN1_INTEGER_get(record->wrapped_key_description->key_format));
132     return extract_auth_list(record->wrapped_key_description->auth_list, auth_list);
133 }
134 
135 }  // namespace keymaster
136