1 /* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef KEYSTORE_KEYSTORE_KEYMASTER_ENFORCEMENT_H_ 18 #define KEYSTORE_KEYSTORE_KEYMASTER_ENFORCEMENT_H_ 19 20 #include <time.h> 21 22 #include "keymaster_enforcement.h" 23 24 namespace keystore { 25 /** 26 * This is a specialization of the KeymasterEnforcement class to be used by Keystore to enforce 27 * keymaster requirements on all key operation. 28 */ 29 class KeystoreKeymasterEnforcement : public KeymasterEnforcement { 30 public: 31 KeystoreKeymasterEnforcement() : KeymasterEnforcement(64, 64) {} 32 33 uint32_t get_current_time() const override { 34 struct timespec tp; 35 int err = clock_gettime(CLOCK_MONOTONIC, &tp); 36 if (err || tp.tv_sec < 0) 37 return 0; 38 return static_cast<uint32_t>(tp.tv_sec); 39 } 40 41 bool activation_date_valid(uint64_t activation_date) const override { 42 time_t now = time(NULL); 43 if (now == static_cast<time_t>(-1)) { 44 // Failed to obtain current time -- fail safe: activation_date hasn't yet occurred. 45 return false; 46 } else if (now < 0) { 47 // Current time is prior to start of the epoch -- activation_date hasn't yet occurred. 48 return false; 49 } 50 51 // time(NULL) returns seconds since epoch and "loses" milliseconds information. We thus add 52 // 999 ms to now_date to avoid a situation where an activation_date of up to 999ms in the 53 // past may still be considered to still be in the future. This can be removed once 54 // time(NULL) is replaced by a millisecond-precise source of time. 55 uint64_t now_date = static_cast<uint64_t>(now) * 1000 + 999; 56 return now_date >= activation_date; 57 } 58 59 bool expiration_date_passed(uint64_t expiration_date) const override { 60 time_t now = time(NULL); 61 if (now == static_cast<time_t>(-1)) { 62 // Failed to obtain current time -- fail safe: expiration_date has passed. 63 return true; 64 } else if (now < 0) { 65 // Current time is prior to start of the epoch: expiration_date hasn't yet occurred. 66 return false; 67 } 68 69 // time(NULL) returns seconds since epoch and "loses" milliseconds information. As a result, 70 // expiration_date of up to 999 ms in the past may still be considered in the future. This 71 // is OK. 72 uint64_t now_date = static_cast<uint64_t>(now) * 1000; 73 return now_date > expiration_date; 74 } 75 76 bool auth_token_timed_out(const HardwareAuthToken&, uint32_t) const { 77 // Assume the token has not timed out, because AuthTokenTable would not have returned it if 78 // the timeout were past. Secure hardware will also check timeouts if it supports them. 79 return false; 80 } 81 82 bool ValidateTokenSignature(const HardwareAuthToken&) const override { 83 // Non-secure world cannot validate token signatures because it doesn't have access to the 84 // signing key. Assume the token is good. 85 return true; 86 } 87 88 bool is_device_locked(int32_t userId) const override { 89 // If we haven't had a set call for this user yet, assume the device is locked. 90 if (mIsDeviceLockedForUser.count(userId) == 0) return true; 91 return mIsDeviceLockedForUser.find(userId)->second; 92 } 93 94 void set_device_locked(bool isLocked, int32_t userId) { 95 mIsDeviceLockedForUser[userId] = isLocked; 96 } 97 98 private: 99 std::map<int32_t, bool> mIsDeviceLockedForUser; 100 }; 101 102 } // namespace keystore 103 104 #endif // KEYSTORE_KEYSTORE_KEYMASTER_ENFORCEMENT_H_ 105