/* * Copyright 2015 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #ifndef TRUSTY_APP_KEYMASTER_TRUSTY_KEYMASTER_CONTEXT_H_ #define TRUSTY_APP_KEYMASTER_TRUSTY_KEYMASTER_CONTEXT_H_ #include #include #include #include #include #include #include "trusty_keymaster_enforcement.h" #include "trusty_remote_provisioning_context.h" #include "trusty_secure_deletion_secret_storage.h" namespace keymaster { class KeyFactory; static const int kAuthTokenKeySize = 32; class TrustyKeymasterContext : public KeymasterContext, AttestationContext, SoftwareKeyBlobMaker, SoftwareRandomSource { public: TrustyKeymasterContext(); KmVersion GetKmVersion() const override { return AttestationContext::version_; } void SetKmVersion(KmVersion version) { AttestationContext::version_ = version; } keymaster_security_level_t GetSecurityLevel() const override { return KM_SECURITY_LEVEL_TRUSTED_ENVIRONMENT; } keymaster_error_t SetSystemVersion(uint32_t os_version, uint32_t os_patchlevel) override; void GetSystemVersion(uint32_t* os_version, uint32_t* os_patchlevel) const override; const KeyFactory* GetKeyFactory( keymaster_algorithm_t algorithm) const override; OperationFactory* GetOperationFactory( keymaster_algorithm_t algorithm, keymaster_purpose_t purpose) const override; const keymaster_algorithm_t* GetSupportedAlgorithms( size_t* algorithms_count) const override; const VerifiedBootParams* GetVerifiedBootParams( keymaster_error_t* error) const override; keymaster_error_t CreateKeyBlob( const AuthorizationSet& key_description, keymaster_key_origin_t origin, const KeymasterKeyBlob& key_material, KeymasterKeyBlob* blob, AuthorizationSet* hw_enforced, AuthorizationSet* sw_enforced) const override; keymaster_error_t UpgradeKeyBlob( const KeymasterKeyBlob& key_to_upgrade, const AuthorizationSet& upgrade_params, KeymasterKeyBlob* upgraded_key) const override; keymaster_error_t ParseKeyBlob(const KeymasterKeyBlob& blob, const AuthorizationSet& additional_params, UniquePtr* key) const override; keymaster_error_t DeleteKey(const KeymasterKeyBlob& blob) const override; keymaster_error_t DeleteAllKeys() const override; keymaster_error_t AddRngEntropy(const uint8_t* buf, size_t length) const override; keymaster_error_t GetAuthTokenKey(keymaster_key_blob_t* key) const; std::unique_ptr GetDeviceIds() const; KeymasterEnforcement* enforcement_policy() override { return &enforcement_policy_; } AttestationContext* attestation_context() override { return this; } SecureDeletionSecretStorage* secure_deletion_secret_storage() override { return &secure_deletion_secret_storage_; } keymaster_error_t VerifyAndCopyDeviceIds( const AuthorizationSet& attestation_params, AuthorizationSet* values_to_attest) const override; Buffer GenerateUniqueId(uint64_t creation_date_time, const keymaster_blob_t& application_id, bool reset_since_rotation, keymaster_error_t* error) const override; KeymasterKeyBlob GetAttestationKey(keymaster_algorithm_t algorithm, keymaster_error_t* error) const override; CertificateChain GetAttestationChain( keymaster_algorithm_t algorithm, keymaster_error_t* error) const override; CertificateChain GenerateAttestation( const Key& key, const AuthorizationSet& attest_params, UniquePtr attest_key, const KeymasterBlob& issuer_subject, keymaster_error_t* error) const override; CertificateChain GenerateSelfSignedCertificate( const Key& key, const AuthorizationSet& cert_params, bool fake_signature, keymaster_error_t* error) const override; keymaster_error_t SetBootParams( uint32_t /* os_version */, uint32_t /* os_patchlevel */, const Buffer& verified_boot_key, keymaster_verified_boot_t verified_boot_state, bool device_locked, const Buffer& verified_boot_hash); virtual keymaster_error_t UnwrapKey( const KeymasterKeyBlob& wrapped_key_blob, const KeymasterKeyBlob& wrapping_key_blob, const AuthorizationSet& wrapping_key_params, const KeymasterKeyBlob& masking_key, AuthorizationSet* wrapped_key_params, keymaster_key_format_t* wrapped_key_format, KeymasterKeyBlob* wrapped_key_material) const override; keymaster_error_t CheckConfirmationToken( const uint8_t* input_data, size_t input_data_size, const uint8_t confirmation_token[kConfirmationTokenSize]) const override; RemoteProvisioningContext* GetRemoteProvisioningContext() const override { return trusty_remote_provisioning_context_.get(); } keymaster_error_t SetVendorPatchlevel(uint32_t vendor_patchlevel) override { if (vendor_patchlevel_.has_value() && vendor_patchlevel != vendor_patchlevel_.value()) { // Can't set patchlevel to a different value. return KM_ERROR_INVALID_ARGUMENT; } vendor_patchlevel_ = vendor_patchlevel; trusty_remote_provisioning_context_->SetVendorPatchlevel( vendor_patchlevel); return KM_ERROR_OK; } keymaster_error_t SetBootPatchlevel(uint32_t boot_patchlevel) override { if (boot_patchlevel_.has_value() && boot_patchlevel != boot_patchlevel_.value()) { // Can't set patchlevel to a different value. return KM_ERROR_INVALID_ARGUMENT; } boot_patchlevel_ = boot_patchlevel; trusty_remote_provisioning_context_->SetBootPatchlevel(boot_patchlevel); return KM_ERROR_OK; } std::optional GetVendorPatchlevel() const override { return vendor_patchlevel_; } std::optional GetBootPatchlevel() const override { return boot_patchlevel_; } private: bool SeedRngIfNeeded() const; bool ShouldReseedRng() const; bool ReseedRng(); bool InitializeAuthTokenKey(); keymaster_error_t SetAuthorizations(const AuthorizationSet& key_description, keymaster_key_origin_t origin, AuthorizationSet* hw_enforced, AuthorizationSet* sw_enforced, bool has_secure_deletion) const; keymaster_error_t BuildHiddenAuthorizations( const AuthorizationSet& input_set, AuthorizationSet* hidden) const; keymaster_error_t DeriveMasterKey(KeymasterKeyBlob* master_key, const EncryptedKey& enc_key) const; keymaster_error_t GetKdfState(EncryptedKey* info) const; KmErrorOr DeserializeKmCompatKeyBlob( const KeymasterKeyBlob& blob) const; KmErrorOr DeserializeKeyBlob( const KeymasterKeyBlob& blob) const; /* * CreateAuthEncryptedKeyBlob takes a key description authorization set, key * material, and hardware and software authorization sets and produces an * encrypted and integrity-checked key blob. * * This method is called by CreateKeyBlob and UpgradeKeyBlob. */ keymaster_error_t CreateAuthEncryptedKeyBlob( const AuthorizationSet& key_description, const KeymasterKeyBlob& key_material, const AuthorizationSet& hw_enforced, const AuthorizationSet& sw_enforced, const std::optional& secure_deletion_data, KeymasterKeyBlob* blob) const; TrustyKeymasterEnforcement enforcement_policy_; TrustySecureDeletionSecretStorage secure_deletion_secret_storage_; UniquePtr aes_factory_; UniquePtr ec_factory_; UniquePtr hmac_factory_; UniquePtr rsa_factory_; UniquePtr tdes_factory_; bool rng_initialized_; mutable int calls_since_reseed_; uint8_t auth_token_key_[kAuthTokenKeySize]; bool auth_token_key_initialized_; bool root_of_trust_set_ = false; bool version_info_set_ = false; BootParams boot_params_; VerifiedBootParams verified_boot_params_ = { .verified_boot_key = {}, .verified_boot_hash = {}, .verified_boot_state = KM_VERIFIED_BOOT_UNVERIFIED, .device_locked = false}; UniquePtr trusty_remote_provisioning_context_; std::optional vendor_patchlevel_; std::optional boot_patchlevel_; mutable std::vector unique_id_hbk_; }; } // namespace keymaster #endif // TRUSTY_APP_KEYMASTER_TRUSTY_KEYMASTER_CONTEXT_H_