KeyMint: default to Rust reference implementation
Copy code that can be re-used from the Cuttlefish KeyMint
implementation, specifically from the following directories
under device/google/cuttlefish:
- HAL-side code from guest/hals/keymint/rust/
- TA-side code from host/commands/secure_env/rust/
Create a corresponding pair of libkmr_{hal,ta}_nonsecure libraries here.
The only changes to the copied code are:
- Convert `pub(crate)` to `pub` in `attest.rs`.
- Add some missing doc comments.
- Add comment noting need for SELinux permission to read ro.serialno.
- Add comment noting need for clock to be in sync with Gatekeeper.
(A subsequent CL aosp/2852598 adjusts Cuttlefish so that it uses the
copied modules here, and can remove the original copies.)
In addition to the moved code, the default implementation also needs
a new implementation of a monotonic clock, added here in clock.rs
using `std::time::Instant`.
With the new nonsecure HAL and TA libraries in place, implement the
default KeyMint HAL service using the former, and spin up a single
thread running a nonsecure TA using the latter. Communicate between
the two via a pair of mpsc::channel()s.
Test: VtsAidlKeyMintTargetTest with normal Cuttlefish (all pass)
Test: VtsAidlKeyMintTargetTest with default/nonsecure impl (auth
tests fail, but this is expected as Gatekeeper hasn't moved)
Bug: 314513765
Change-Id: Ia450e9a8f2dc530f79e8d74d7ce65f7d67ea129f
diff --git a/security/keymint/aidl/default/ta/lib.rs b/security/keymint/aidl/default/ta/lib.rs
new file mode 100644
index 0000000..fe8ad95
--- /dev/null
+++ b/security/keymint/aidl/default/ta/lib.rs
@@ -0,0 +1,109 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+//! Local in-process implementation of the KeyMint TA. This is insecure and should
+//! only be used for testing purposes.
+
+// This crate is `std` using, but some of the code uses macros from a `no_std` world.
+extern crate alloc;
+
+use kmr_common::crypto;
+use kmr_crypto_boring::{
+ aes::BoringAes, aes_cmac::BoringAesCmac, des::BoringDes, ec::BoringEc, eq::BoringEq,
+ hmac::BoringHmac, rng::BoringRng, rsa::BoringRsa, sha256::BoringSha256,
+};
+use kmr_ta::device::{
+ BootloaderDone, CsrSigningAlgorithm, Implementation, TrustedPresenceUnsupported,
+};
+use kmr_ta::{HardwareInfo, KeyMintTa, RpcInfo, RpcInfoV3};
+use kmr_wire::keymint::SecurityLevel;
+use kmr_wire::rpc::MINIMUM_SUPPORTED_KEYS_IN_CSR;
+use log::info;
+
+pub mod attest;
+pub mod clock;
+pub mod rpc;
+pub mod soft;
+
+/// Build a set of crypto trait implementations based around BoringSSL and the standard library
+/// clock.
+pub fn boringssl_crypto_impls() -> crypto::Implementation {
+ let rng = BoringRng;
+ let clock = clock::StdClock::new();
+ let rsa = BoringRsa::default();
+ let ec = BoringEc::default();
+ crypto::Implementation {
+ rng: Box::new(rng),
+ clock: Some(Box::new(clock)),
+ compare: Box::new(BoringEq),
+ aes: Box::new(BoringAes),
+ des: Box::new(BoringDes),
+ hmac: Box::new(BoringHmac),
+ rsa: Box::new(rsa),
+ ec: Box::new(ec),
+ ckdf: Box::new(BoringAesCmac),
+ hkdf: Box::new(BoringHmac),
+ sha256: Box::new(BoringSha256),
+ }
+}
+
+/// Build a [`kmr_ta::KeyMintTa`] instance for nonsecure use.
+pub fn build_ta() -> kmr_ta::KeyMintTa {
+ info!("Building NON-SECURE KeyMint Rust TA");
+ let hw_info = HardwareInfo {
+ version_number: 1,
+ security_level: SecurityLevel::TrustedEnvironment,
+ impl_name: "Rust reference implementation",
+ author_name: "Google",
+ unique_id: "NON-SECURE KeyMint TA",
+ };
+ let rpc_sign_algo = CsrSigningAlgorithm::EdDSA;
+ let rpc_info_v3 = RpcInfoV3 {
+ author_name: "Google",
+ unique_id: "NON-SECURE KeyMint TA",
+ fused: false,
+ supported_num_of_keys_in_csr: MINIMUM_SUPPORTED_KEYS_IN_CSR,
+ };
+
+ let sign_info = attest::CertSignInfo::new();
+ let keys: Box<dyn kmr_ta::device::RetrieveKeyMaterial> = Box::new(soft::Keys);
+ let rpc: Box<dyn kmr_ta::device::RetrieveRpcArtifacts> = Box::new(soft::RpcArtifacts::new(
+ soft::Derive::default(),
+ rpc_sign_algo,
+ ));
+ let dev = Implementation {
+ keys,
+ sign_info: Box::new(sign_info),
+ // HAL populates attestation IDs from properties.
+ attest_ids: None,
+ sdd_mgr: None,
+ // `BOOTLOADER_ONLY` keys not supported.
+ bootloader: Box::new(BootloaderDone),
+ // `STORAGE_KEY` keys not supported.
+ sk_wrapper: None,
+ // `TRUSTED_USER_PRESENCE_REQUIRED` keys not supported
+ tup: Box::new(TrustedPresenceUnsupported),
+ // No support for converting previous implementation's keyblobs.
+ legacy_key: None,
+ rpc,
+ };
+ KeyMintTa::new(
+ hw_info,
+ RpcInfo::V3(rpc_info_v3),
+ boringssl_crypto_impls(),
+ dev,
+ )
+}