identity: Add support for ECDSA auth and don't require session encryption.
This adds a new method which allows applications to use mdoc ECDSA
authentication instead of mdoc MAC authentication. Additionally, also
relax requirements on SessionTranscript so the APIs can be used even
when mdoc session encryption isn't being used.
Also add new VTS test to check for this.
Since this is new API, bump API version to 5 and the Identity
Credential feature version to 202301.
Bug: 241912421
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Change-Id: I4085a89be0382c10f5449e13c6a92a46c74c225d
diff --git a/identity/aidl/default/FakeSecureHardwareProxy.cpp b/identity/aidl/default/FakeSecureHardwareProxy.cpp
index 9b9a749..8551ab7 100644
--- a/identity/aidl/default/FakeSecureHardwareProxy.cpp
+++ b/identity/aidl/default/FakeSecureHardwareProxy.cpp
@@ -596,10 +596,10 @@
return eicPresentationStartRetrieveEntries(&ctx_);
}
-bool FakeSecureHardwarePresentationProxy::calcMacKey(
+bool FakeSecureHardwarePresentationProxy::prepareDeviceAuthentication(
const vector<uint8_t>& sessionTranscript, const vector<uint8_t>& readerEphemeralPublicKey,
const vector<uint8_t>& signingKeyBlob, const string& docType,
- unsigned int numNamespacesWithValues, size_t expectedProofOfProvisioningSize) {
+ unsigned int numNamespacesWithValues, size_t expectedDeviceNamespacesSize) {
if (!validateId(__func__)) {
return false;
}
@@ -608,10 +608,10 @@
eicDebug("Unexpected size %zd of signingKeyBlob, expected 60", signingKeyBlob.size());
return false;
}
- return eicPresentationCalcMacKey(&ctx_, sessionTranscript.data(), sessionTranscript.size(),
- readerEphemeralPublicKey.data(), signingKeyBlob.data(),
- docType.c_str(), docType.size(), numNamespacesWithValues,
- expectedProofOfProvisioningSize);
+ return eicPresentationPrepareDeviceAuthentication(
+ &ctx_, sessionTranscript.data(), sessionTranscript.size(),
+ readerEphemeralPublicKey.data(), readerEphemeralPublicKey.size(), signingKeyBlob.data(),
+ docType.c_str(), docType.size(), numNamespacesWithValues, expectedDeviceNamespacesSize);
}
AccessCheckResult FakeSecureHardwarePresentationProxy::startRetrieveEntryValue(
@@ -673,6 +673,25 @@
return content;
}
+optional<pair<vector<uint8_t>, vector<uint8_t>>>
+FakeSecureHardwarePresentationProxy::finishRetrievalWithSignature() {
+ if (!validateId(__func__)) {
+ return std::nullopt;
+ }
+
+ vector<uint8_t> mac(32);
+ size_t macSize = 32;
+ vector<uint8_t> ecdsaSignature(EIC_ECDSA_P256_SIGNATURE_SIZE);
+ size_t ecdsaSignatureSize = EIC_ECDSA_P256_SIGNATURE_SIZE;
+ if (!eicPresentationFinishRetrievalWithSignature(&ctx_, mac.data(), &macSize,
+ ecdsaSignature.data(), &ecdsaSignatureSize)) {
+ return std::nullopt;
+ }
+ mac.resize(macSize);
+ ecdsaSignature.resize(ecdsaSignatureSize);
+ return std::make_pair(mac, ecdsaSignature);
+}
+
optional<vector<uint8_t>> FakeSecureHardwarePresentationProxy::finishRetrieval() {
if (!validateId(__func__)) {
return std::nullopt;
diff --git a/identity/aidl/default/FakeSecureHardwareProxy.h b/identity/aidl/default/FakeSecureHardwareProxy.h
index 2512074..b56ab93 100644
--- a/identity/aidl/default/FakeSecureHardwareProxy.h
+++ b/identity/aidl/default/FakeSecureHardwareProxy.h
@@ -175,11 +175,11 @@
const vector<uint8_t>& requestMessage, int coseSignAlg,
const vector<uint8_t>& readerSignatureOfToBeSigned) override;
- bool calcMacKey(const vector<uint8_t>& sessionTranscript,
- const vector<uint8_t>& readerEphemeralPublicKey,
- const vector<uint8_t>& signingKeyBlob, const string& docType,
- unsigned int numNamespacesWithValues,
- size_t expectedProofOfProvisioningSize) override;
+ bool prepareDeviceAuthentication(const vector<uint8_t>& sessionTranscript,
+ const vector<uint8_t>& readerEphemeralPublicKey,
+ const vector<uint8_t>& signingKeyBlob, const string& docType,
+ unsigned int numNamespacesWithValues,
+ size_t expectedDeviceNamespacesSize) override;
AccessCheckResult startRetrieveEntryValue(
const string& nameSpace, const string& name, unsigned int newNamespaceNumEntries,
@@ -191,6 +191,8 @@
optional<vector<uint8_t>> finishRetrieval() override;
+ optional<pair<vector<uint8_t>, vector<uint8_t>>> finishRetrievalWithSignature() override;
+
optional<vector<uint8_t>> deleteCredential(const string& docType,
const vector<uint8_t>& challenge,
bool includeChallenge,
diff --git a/identity/aidl/default/common/IdentityCredential.cpp b/identity/aidl/default/common/IdentityCredential.cpp
index ff80752..4c3b7b2 100644
--- a/identity/aidl/default/common/IdentityCredential.cpp
+++ b/identity/aidl/default/common/IdentityCredential.cpp
@@ -457,17 +457,16 @@
}
if (session_) {
- // If presenting in a session, the TA has already done this check.
-
+ // If presenting in a session, the TA has already done the check for (X, Y) as done
+ // below, see eicSessionSetSessionTranscript().
} else {
- // To prevent replay-attacks, we check that the public part of the ephemeral
- // key we previously created, is present in the DeviceEngagement part of
- // SessionTranscript as a COSE_Key, in uncompressed form.
+ // If mdoc session encryption is in use, check that the
+ // public part of the ephemeral key we previously created, is
+ // present in the DeviceEngagement part of SessionTranscript
+ // as a COSE_Key, in uncompressed form.
//
// We do this by just searching for the X and Y coordinates.
- //
- // Would be nice to move this check to the TA.
- if (sessionTranscript.size() > 0) {
+ if (sessionTranscript.size() > 0 && ephemeralPublicKey_.size() > 0) {
auto [getXYSuccess, ePubX, ePubY] = support::ecPublicKeyGetXandY(ephemeralPublicKey_);
if (!getXYSuccess) {
return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
@@ -608,33 +607,36 @@
// Finally, pass info so the HMAC key can be derived and the TA can start
// creating the DeviceNameSpaces CBOR...
if (!session_) {
- if (sessionTranscript_.size() > 0 && readerPublicKey_.size() > 0 &&
- signingKeyBlob.size() > 0) {
- // We expect the reader ephemeral public key to be same size and curve
- // as the ephemeral key we generated (e.g. P-256 key), otherwise ECDH
- // won't work. So its length should be 65 bytes and it should be
- // starting with 0x04.
- if (readerPublicKey_.size() != 65 || readerPublicKey_[0] != 0x04) {
- return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
- IIdentityCredentialStore::STATUS_FAILED,
- "Reader public key is not in expected format"));
+ if (sessionTranscript_.size() > 0 && signingKeyBlob.size() > 0) {
+ vector<uint8_t> eReaderKeyP256;
+ if (readerPublicKey_.size() > 0) {
+ // If set, we expect the reader ephemeral public key to be same size and curve
+ // as the ephemeral key we generated (e.g. P-256 key), otherwise ECDH won't
+ // work. So its length should be 65 bytes and it should be starting with 0x04.
+ if (readerPublicKey_.size() != 65 || readerPublicKey_[0] != 0x04) {
+ return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
+ IIdentityCredentialStore::STATUS_FAILED,
+ "Reader public key is not in expected format"));
+ }
+ eReaderKeyP256 =
+ vector<uint8_t>(readerPublicKey_.begin() + 1, readerPublicKey_.end());
}
- vector<uint8_t> pubKeyP256(readerPublicKey_.begin() + 1, readerPublicKey_.end());
- if (!hwProxy_->calcMacKey(sessionTranscript_, pubKeyP256, signingKeyBlob, docType_,
- numNamespacesWithValues, expectedDeviceNameSpacesSize_)) {
+ if (!hwProxy_->prepareDeviceAuthentication(
+ sessionTranscript_, eReaderKeyP256, signingKeyBlob, docType_,
+ numNamespacesWithValues, expectedDeviceNameSpacesSize_)) {
return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
IIdentityCredentialStore::STATUS_FAILED,
"Error starting retrieving entries"));
}
}
} else {
- if (session_->getSessionTranscript().size() > 0 &&
- session_->getReaderEphemeralPublicKey().size() > 0 && signingKeyBlob.size() > 0) {
+ if (session_->getSessionTranscript().size() > 0 && signingKeyBlob.size() > 0) {
// Don't actually pass the reader ephemeral public key in, the TA will get
// it from the session object.
//
- if (!hwProxy_->calcMacKey(sessionTranscript_, {}, signingKeyBlob, docType_,
- numNamespacesWithValues, expectedDeviceNameSpacesSize_)) {
+ if (!hwProxy_->prepareDeviceAuthentication(sessionTranscript_, {}, signingKeyBlob,
+ docType_, numNamespacesWithValues,
+ expectedDeviceNameSpacesSize_)) {
return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
IIdentityCredentialStore::STATUS_FAILED,
"Error starting retrieving entries"));
@@ -924,8 +926,9 @@
return ndk::ScopedAStatus::ok();
}
-ndk::ScopedAStatus IdentityCredential::finishRetrieval(vector<uint8_t>* outMac,
- vector<uint8_t>* outDeviceNameSpaces) {
+ndk::ScopedAStatus IdentityCredential::finishRetrievalWithSignature(
+ vector<uint8_t>* outMac, vector<uint8_t>* outDeviceNameSpaces,
+ vector<uint8_t>* outEcdsaSignature) {
ndk::ScopedAStatus status = ensureHwProxy();
if (!status.isOk()) {
return status;
@@ -948,17 +951,34 @@
.c_str()));
}
+ optional<vector<uint8_t>> digestToBeMaced;
+ optional<vector<uint8_t>> signatureToBeSigned;
+
+ // This relies on the fact that binder calls never pass a nullptr
+ // for out parameters. Hence if it's null here we know this was
+ // called from finishRetrieval() below.
+ if (outEcdsaSignature == nullptr) {
+ digestToBeMaced = hwProxy_->finishRetrieval();
+ if (!digestToBeMaced) {
+ return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
+ IIdentityCredentialStore::STATUS_INVALID_DATA,
+ "Error generating digestToBeMaced"));
+ }
+ } else {
+ auto macAndSignature = hwProxy_->finishRetrievalWithSignature();
+ if (!macAndSignature) {
+ return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
+ IIdentityCredentialStore::STATUS_INVALID_DATA,
+ "Error generating digestToBeMaced and signatureToBeSigned"));
+ }
+ digestToBeMaced = macAndSignature->first;
+ signatureToBeSigned = macAndSignature->second;
+ }
+
// If the TA calculated a MAC (it might not have), format it as a COSE_Mac0
//
- optional<vector<uint8_t>> mac;
- optional<vector<uint8_t>> digestToBeMaced = hwProxy_->finishRetrieval();
-
- // The MAC not being set means an error occurred.
- if (!digestToBeMaced) {
- return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
- IIdentityCredentialStore::STATUS_INVALID_DATA, "Error generating digestToBeMaced"));
- }
// Size 0 means that the MAC isn't set. If it's set, it has to be 32 bytes.
+ optional<vector<uint8_t>> mac;
if (digestToBeMaced.value().size() != 0) {
if (digestToBeMaced.value().size() != 32) {
return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
@@ -967,12 +987,27 @@
}
mac = support::coseMacWithDigest(digestToBeMaced.value(), {} /* data */);
}
-
*outMac = mac.value_or(vector<uint8_t>({}));
+
+ optional<vector<uint8_t>> signature;
+ if (signatureToBeSigned && signatureToBeSigned.value().size() != 0) {
+ signature = support::coseSignEcDsaWithSignature(signatureToBeSigned.value(), {}, // data
+ {}); // certificateChain
+ }
+ if (outEcdsaSignature != nullptr) {
+ *outEcdsaSignature = signature.value_or(vector<uint8_t>({}));
+ }
+
*outDeviceNameSpaces = encodedDeviceNameSpaces;
+
return ndk::ScopedAStatus::ok();
}
+ndk::ScopedAStatus IdentityCredential::finishRetrieval(vector<uint8_t>* outMac,
+ vector<uint8_t>* outDeviceNameSpaces) {
+ return finishRetrievalWithSignature(outMac, outDeviceNameSpaces, nullptr);
+}
+
ndk::ScopedAStatus IdentityCredential::generateSigningKeyPair(
vector<uint8_t>* outSigningKeyBlob, Certificate* outSigningKeyCertificate) {
if (session_) {
diff --git a/identity/aidl/default/common/IdentityCredential.h b/identity/aidl/default/common/IdentityCredential.h
index 5929829..1e0cd64 100644
--- a/identity/aidl/default/common/IdentityCredential.h
+++ b/identity/aidl/default/common/IdentityCredential.h
@@ -92,6 +92,10 @@
ndk::ScopedAStatus updateCredential(
shared_ptr<IWritableIdentityCredential>* outWritableCredential) override;
+ ndk::ScopedAStatus finishRetrievalWithSignature(vector<uint8_t>* outMac,
+ vector<uint8_t>* outDeviceNameSpaces,
+ vector<uint8_t>* outEcdsaSignature) override;
+
private:
ndk::ScopedAStatus deleteCredentialCommon(const vector<uint8_t>& challenge,
bool includeChallenge,
diff --git a/identity/aidl/default/common/PresentationSession.cpp b/identity/aidl/default/common/PresentationSession.cpp
index 2eb7f2e..cf5b066 100644
--- a/identity/aidl/default/common/PresentationSession.cpp
+++ b/identity/aidl/default/common/PresentationSession.cpp
@@ -54,19 +54,6 @@
}
id_ = id.value();
- optional<vector<uint8_t>> ephemeralKeyPriv = hwProxy_->getEphemeralKeyPair();
- if (!ephemeralKeyPriv) {
- LOG(ERROR) << "Error getting ephemeral private key for session";
- return IIdentityCredentialStore::STATUS_FAILED;
- }
- optional<vector<uint8_t>> ephemeralKeyPair =
- support::ecPrivateKeyToKeyPair(ephemeralKeyPriv.value());
- if (!ephemeralKeyPair) {
- LOG(ERROR) << "Error creating ephemeral key-pair";
- return IIdentityCredentialStore::STATUS_FAILED;
- }
- ephemeralKeyPair_ = ephemeralKeyPair.value();
-
optional<uint64_t> authChallenge = hwProxy_->getAuthChallenge();
if (!authChallenge) {
LOG(ERROR) << "Error getting authChallenge for session";
@@ -78,6 +65,23 @@
}
ndk::ScopedAStatus PresentationSession::getEphemeralKeyPair(vector<uint8_t>* outKeyPair) {
+ if (ephemeralKeyPair_.size() == 0) {
+ optional<vector<uint8_t>> ephemeralKeyPriv = hwProxy_->getEphemeralKeyPair();
+ if (!ephemeralKeyPriv) {
+ LOG(ERROR) << "Error getting ephemeral private key for session";
+ return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
+ IIdentityCredentialStore::STATUS_FAILED,
+ "Error getting ephemeral private key for session"));
+ }
+ optional<vector<uint8_t>> ephemeralKeyPair =
+ support::ecPrivateKeyToKeyPair(ephemeralKeyPriv.value());
+ if (!ephemeralKeyPair) {
+ LOG(ERROR) << "Error creating ephemeral key-pair";
+ return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
+ IIdentityCredentialStore::STATUS_FAILED, "Error creating ephemeral key-pair"));
+ }
+ ephemeralKeyPair_ = ephemeralKeyPair.value();
+ }
*outKeyPair = ephemeralKeyPair_;
return ndk::ScopedAStatus::ok();
}
diff --git a/identity/aidl/default/common/PresentationSession.h b/identity/aidl/default/common/PresentationSession.h
index 4cb174a..b3d46f9 100644
--- a/identity/aidl/default/common/PresentationSession.h
+++ b/identity/aidl/default/common/PresentationSession.h
@@ -72,9 +72,11 @@
// Set by initialize()
uint64_t id_;
- vector<uint8_t> ephemeralKeyPair_;
uint64_t authChallenge_;
+ // Set by getEphemeralKeyPair()
+ vector<uint8_t> ephemeralKeyPair_;
+
// Set by setReaderEphemeralPublicKey()
vector<uint8_t> readerPublicKey_;
diff --git a/identity/aidl/default/common/SecureHardwareProxy.h b/identity/aidl/default/common/SecureHardwareProxy.h
index 9f63ad8..6463318 100644
--- a/identity/aidl/default/common/SecureHardwareProxy.h
+++ b/identity/aidl/default/common/SecureHardwareProxy.h
@@ -194,11 +194,12 @@
const vector<uint8_t>& requestMessage, int coseSignAlg,
const vector<uint8_t>& readerSignatureOfToBeSigned) = 0;
- virtual bool calcMacKey(const vector<uint8_t>& sessionTranscript,
- const vector<uint8_t>& readerEphemeralPublicKey,
- const vector<uint8_t>& signingKeyBlob, const string& docType,
- unsigned int numNamespacesWithValues,
- size_t expectedProofOfProvisioningSize) = 0;
+ virtual bool prepareDeviceAuthentication(const vector<uint8_t>& sessionTranscript,
+ const vector<uint8_t>& readerEphemeralPublicKey,
+ const vector<uint8_t>& signingKeyBlob,
+ const string& docType,
+ unsigned int numNamespacesWithValues,
+ size_t expectedDeviceNamespacesSize) = 0;
virtual AccessCheckResult startRetrieveEntryValue(
const string& nameSpace, const string& name, unsigned int newNamespaceNumEntries,
@@ -209,6 +210,7 @@
const vector<int32_t>& accessControlProfileIds) = 0;
virtual optional<vector<uint8_t>> finishRetrieval();
+ virtual optional<pair<vector<uint8_t>, vector<uint8_t>>> finishRetrievalWithSignature();
virtual optional<vector<uint8_t>> deleteCredential(const string& docType,
const vector<uint8_t>& challenge,
diff --git a/identity/aidl/default/identity-default.xml b/identity/aidl/default/identity-default.xml
index cc0ddc7..d0d43af 100644
--- a/identity/aidl/default/identity-default.xml
+++ b/identity/aidl/default/identity-default.xml
@@ -1,7 +1,7 @@
<manifest version="1.0" type="device">
<hal format="aidl">
<name>android.hardware.identity</name>
- <version>4</version>
+ <version>5</version>
<interface>
<name>IIdentityCredentialStore</name>
<instance>default</instance>
diff --git a/identity/aidl/default/libeic/EicPresentation.c b/identity/aidl/default/libeic/EicPresentation.c
index 104a559..23fd0b3 100644
--- a/identity/aidl/default/libeic/EicPresentation.c
+++ b/identity/aidl/default/libeic/EicPresentation.c
@@ -557,87 +557,11 @@
return true;
}
-bool eicPresentationCalcMacKey(EicPresentation* ctx, const uint8_t* sessionTranscript,
- size_t sessionTranscriptSize,
- const uint8_t readerEphemeralPublicKey[EIC_P256_PUB_KEY_SIZE],
- const uint8_t signingKeyBlob[60], const char* docType,
- size_t docTypeLength, unsigned int numNamespacesWithValues,
- size_t expectedDeviceNamespacesSize) {
- if (ctx->sessionId != 0) {
- EicSession* session = eicSessionGetForId(ctx->sessionId);
- if (session == NULL) {
- eicDebug("Error looking up session for sessionId %" PRIu32, ctx->sessionId);
- return false;
- }
- EicSha256Ctx sha256;
- uint8_t sessionTranscriptSha256[EIC_SHA256_DIGEST_SIZE];
- eicOpsSha256Init(&sha256);
- eicOpsSha256Update(&sha256, sessionTranscript, sessionTranscriptSize);
- eicOpsSha256Final(&sha256, sessionTranscriptSha256);
- if (eicCryptoMemCmp(sessionTranscriptSha256, session->sessionTranscriptSha256,
- EIC_SHA256_DIGEST_SIZE) != 0) {
- eicDebug("SessionTranscript mismatch");
- return false;
- }
- readerEphemeralPublicKey = session->readerEphemeralPublicKey;
- }
-
- uint8_t signingKeyPriv[EIC_P256_PRIV_KEY_SIZE];
- if (!eicOpsDecryptAes128Gcm(ctx->storageKey, signingKeyBlob, 60, (const uint8_t*)docType,
- docTypeLength, signingKeyPriv)) {
- eicDebug("Error decrypting signingKeyBlob");
- return false;
- }
-
- uint8_t sharedSecret[EIC_P256_COORDINATE_SIZE];
- if (!eicOpsEcdh(readerEphemeralPublicKey, signingKeyPriv, sharedSecret)) {
- eicDebug("ECDH failed");
- return false;
- }
-
- EicCbor cbor;
- eicCborInit(&cbor, NULL, 0);
- eicCborAppendSemantic(&cbor, EIC_CBOR_SEMANTIC_TAG_ENCODED_CBOR);
- eicCborAppendByteString(&cbor, sessionTranscript, sessionTranscriptSize);
- uint8_t salt[EIC_SHA256_DIGEST_SIZE];
- eicCborFinal(&cbor, salt);
-
- const uint8_t info[7] = {'E', 'M', 'a', 'c', 'K', 'e', 'y'};
- uint8_t derivedKey[32];
- if (!eicOpsHkdf(sharedSecret, EIC_P256_COORDINATE_SIZE, salt, sizeof(salt), info, sizeof(info),
- derivedKey, sizeof(derivedKey))) {
- eicDebug("HKDF failed");
- return false;
- }
-
- eicCborInitHmacSha256(&ctx->cbor, NULL, 0, derivedKey, sizeof(derivedKey));
- ctx->buildCbor = true;
-
- // What we're going to calculate the HMAC-SHA256 is the COSE ToBeMaced
- // structure which looks like the following:
- //
- // MAC_structure = [
- // context : "MAC" / "MAC0",
- // protected : empty_or_serialized_map,
- // external_aad : bstr,
- // payload : bstr
- // ]
- //
- eicCborAppendArray(&ctx->cbor, 4);
- eicCborAppendStringZ(&ctx->cbor, "MAC0");
-
- // The COSE Encoded protected headers is just a single field with
- // COSE_LABEL_ALG (1) -> COSE_ALG_HMAC_256_256 (5). For simplicitly we just
- // hard-code the CBOR encoding:
- static const uint8_t coseEncodedProtectedHeaders[] = {0xa1, 0x01, 0x05};
- eicCborAppendByteString(&ctx->cbor, coseEncodedProtectedHeaders,
- sizeof(coseEncodedProtectedHeaders));
-
- // We currently don't support Externally Supplied Data (RFC 8152 section 4.3)
- // so external_aad is the empty bstr
- static const uint8_t externalAad[0] = {};
- eicCborAppendByteString(&ctx->cbor, externalAad, sizeof(externalAad));
-
+// Helper used to append the DeviceAuthencation prelude, used for both MACing and ECDSA signing.
+static size_t appendDeviceAuthentication(EicCbor* cbor, const uint8_t* sessionTranscript,
+ size_t sessionTranscriptSize, const char* docType,
+ size_t docTypeLength,
+ size_t expectedDeviceNamespacesSize) {
// For the payload, the _encoded_ form follows here. We handle this by simply
// opening a bstr, and then writing the CBOR. This requires us to know the
// size of said bstr, ahead of time... the CBOR to be written is
@@ -674,26 +598,148 @@
dabCalculatedSize += calculatedSize;
// Begin the bytestring for DeviceAuthenticationBytes;
- eicCborBegin(&ctx->cbor, EIC_CBOR_MAJOR_TYPE_BYTE_STRING, dabCalculatedSize);
+ eicCborBegin(cbor, EIC_CBOR_MAJOR_TYPE_BYTE_STRING, dabCalculatedSize);
- eicCborAppendSemantic(&ctx->cbor, EIC_CBOR_SEMANTIC_TAG_ENCODED_CBOR);
+ eicCborAppendSemantic(cbor, EIC_CBOR_SEMANTIC_TAG_ENCODED_CBOR);
// Begins the bytestring for DeviceAuthentication;
- eicCborBegin(&ctx->cbor, EIC_CBOR_MAJOR_TYPE_BYTE_STRING, calculatedSize);
+ eicCborBegin(cbor, EIC_CBOR_MAJOR_TYPE_BYTE_STRING, calculatedSize);
- eicCborAppendArray(&ctx->cbor, 4);
- eicCborAppendStringZ(&ctx->cbor, "DeviceAuthentication");
- eicCborAppend(&ctx->cbor, sessionTranscript, sessionTranscriptSize);
- eicCborAppendString(&ctx->cbor, docType, docTypeLength);
+ eicCborAppendArray(cbor, 4);
+ eicCborAppendStringZ(cbor, "DeviceAuthentication");
+ eicCborAppend(cbor, sessionTranscript, sessionTranscriptSize);
+ eicCborAppendString(cbor, docType, docTypeLength);
// For the payload, the _encoded_ form follows here. We handle this by simply
// opening a bstr, and then writing the CBOR. This requires us to know the
// size of said bstr, ahead of time.
- eicCborAppendSemantic(&ctx->cbor, EIC_CBOR_SEMANTIC_TAG_ENCODED_CBOR);
- eicCborBegin(&ctx->cbor, EIC_CBOR_MAJOR_TYPE_BYTE_STRING, expectedDeviceNamespacesSize);
- ctx->expectedCborSizeAtEnd = expectedDeviceNamespacesSize + ctx->cbor.size;
+ eicCborAppendSemantic(cbor, EIC_CBOR_SEMANTIC_TAG_ENCODED_CBOR);
+ eicCborBegin(cbor, EIC_CBOR_MAJOR_TYPE_BYTE_STRING, expectedDeviceNamespacesSize);
+ size_t expectedCborSizeAtEnd = expectedDeviceNamespacesSize + cbor->size;
- eicCborAppendMap(&ctx->cbor, numNamespacesWithValues);
+ return expectedCborSizeAtEnd;
+}
+
+bool eicPresentationPrepareDeviceAuthentication(
+ EicPresentation* ctx, const uint8_t* sessionTranscript, size_t sessionTranscriptSize,
+ const uint8_t* readerEphemeralPublicKey, size_t readerEphemeralPublicKeySize,
+ const uint8_t signingKeyBlob[60], const char* docType, size_t docTypeLength,
+ unsigned int numNamespacesWithValues, size_t expectedDeviceNamespacesSize) {
+ if (ctx->sessionId != 0) {
+ if (readerEphemeralPublicKeySize != 0) {
+ eicDebug("In a session but readerEphemeralPublicKeySize is non-zero");
+ return false;
+ }
+ EicSession* session = eicSessionGetForId(ctx->sessionId);
+ if (session == NULL) {
+ eicDebug("Error looking up session for sessionId %" PRIu32, ctx->sessionId);
+ return false;
+ }
+ EicSha256Ctx sha256;
+ uint8_t sessionTranscriptSha256[EIC_SHA256_DIGEST_SIZE];
+ eicOpsSha256Init(&sha256);
+ eicOpsSha256Update(&sha256, sessionTranscript, sessionTranscriptSize);
+ eicOpsSha256Final(&sha256, sessionTranscriptSha256);
+ if (eicCryptoMemCmp(sessionTranscriptSha256, session->sessionTranscriptSha256,
+ EIC_SHA256_DIGEST_SIZE) != 0) {
+ eicDebug("SessionTranscript mismatch");
+ return false;
+ }
+ readerEphemeralPublicKey = session->readerEphemeralPublicKey;
+ readerEphemeralPublicKeySize = session->readerEphemeralPublicKeySize;
+ }
+
+ // Stash the decrypted DeviceKey in context since we'll need it later in
+ // eicPresentationFinishRetrievalWithSignature()
+ if (!eicOpsDecryptAes128Gcm(ctx->storageKey, signingKeyBlob, 60, (const uint8_t*)docType,
+ docTypeLength, ctx->deviceKeyPriv)) {
+ eicDebug("Error decrypting signingKeyBlob");
+ return false;
+ }
+
+ // We can only do MACing if EReaderKey has been set... it might not have been set if for
+ // example mdoc session encryption isn't in use. In that case we can still do ECDSA
+ if (readerEphemeralPublicKeySize > 0) {
+ if (readerEphemeralPublicKeySize != EIC_P256_PUB_KEY_SIZE) {
+ eicDebug("Unexpected size %zd for readerEphemeralPublicKeySize",
+ readerEphemeralPublicKeySize);
+ return false;
+ }
+
+ uint8_t sharedSecret[EIC_P256_COORDINATE_SIZE];
+ if (!eicOpsEcdh(readerEphemeralPublicKey, ctx->deviceKeyPriv, sharedSecret)) {
+ eicDebug("ECDH failed");
+ return false;
+ }
+
+ EicCbor cbor;
+ eicCborInit(&cbor, NULL, 0);
+ eicCborAppendSemantic(&cbor, EIC_CBOR_SEMANTIC_TAG_ENCODED_CBOR);
+ eicCborAppendByteString(&cbor, sessionTranscript, sessionTranscriptSize);
+ uint8_t salt[EIC_SHA256_DIGEST_SIZE];
+ eicCborFinal(&cbor, salt);
+
+ const uint8_t info[7] = {'E', 'M', 'a', 'c', 'K', 'e', 'y'};
+ uint8_t derivedKey[32];
+ if (!eicOpsHkdf(sharedSecret, EIC_P256_COORDINATE_SIZE, salt, sizeof(salt), info,
+ sizeof(info), derivedKey, sizeof(derivedKey))) {
+ eicDebug("HKDF failed");
+ return false;
+ }
+
+ eicCborInitHmacSha256(&ctx->cbor, NULL, 0, derivedKey, sizeof(derivedKey));
+
+ // What we're going to calculate the HMAC-SHA256 is the COSE ToBeMaced
+ // structure which looks like the following:
+ //
+ // MAC_structure = [
+ // context : "MAC" / "MAC0",
+ // protected : empty_or_serialized_map,
+ // external_aad : bstr,
+ // payload : bstr
+ // ]
+ //
+ eicCborAppendArray(&ctx->cbor, 4);
+ eicCborAppendStringZ(&ctx->cbor, "MAC0");
+
+ // The COSE Encoded protected headers is just a single field with
+ // COSE_LABEL_ALG (1) -> COSE_ALG_HMAC_256_256 (5). For simplicitly we just
+ // hard-code the CBOR encoding:
+ static const uint8_t coseEncodedProtectedHeaders[] = {0xa1, 0x01, 0x05};
+ eicCborAppendByteString(&ctx->cbor, coseEncodedProtectedHeaders,
+ sizeof(coseEncodedProtectedHeaders));
+
+ // We currently don't support Externally Supplied Data (RFC 8152 section 4.3)
+ // so external_aad is the empty bstr
+ static const uint8_t externalAad[0] = {};
+ eicCborAppendByteString(&ctx->cbor, externalAad, sizeof(externalAad));
+
+ // Append DeviceAuthentication prelude and open the DeviceSigned map...
+ ctx->expectedCborSizeAtEnd =
+ appendDeviceAuthentication(&ctx->cbor, sessionTranscript, sessionTranscriptSize,
+ docType, docTypeLength, expectedDeviceNamespacesSize);
+ eicCborAppendMap(&ctx->cbor, numNamespacesWithValues);
+ ctx->buildCbor = true;
+ }
+
+ // Now do the same for ECDSA signatures...
+ //
+ eicCborInit(&ctx->cborEcdsa, NULL, 0);
+ eicCborAppendArray(&ctx->cborEcdsa, 4);
+ eicCborAppendStringZ(&ctx->cborEcdsa, "Signature1");
+ static const uint8_t coseEncodedProtectedHeadersEcdsa[] = {0xa1, 0x01, 0x26};
+ eicCborAppendByteString(&ctx->cborEcdsa, coseEncodedProtectedHeadersEcdsa,
+ sizeof(coseEncodedProtectedHeadersEcdsa));
+ static const uint8_t externalAadEcdsa[0] = {};
+ eicCborAppendByteString(&ctx->cborEcdsa, externalAadEcdsa, sizeof(externalAadEcdsa));
+
+ // Append DeviceAuthentication prelude and open the DeviceSigned map...
+ ctx->expectedCborEcdsaSizeAtEnd =
+ appendDeviceAuthentication(&ctx->cborEcdsa, sessionTranscript, sessionTranscriptSize,
+ docType, docTypeLength, expectedDeviceNamespacesSize);
+ eicCborAppendMap(&ctx->cborEcdsa, numNamespacesWithValues);
+ ctx->buildCborEcdsa = true;
+
return true;
}
@@ -702,6 +748,7 @@
// state objects here.
ctx->requestMessageValidated = false;
ctx->buildCbor = false;
+ ctx->buildCborEcdsa = false;
ctx->accessControlProfileMaskValidated = 0;
ctx->accessControlProfileMaskUsesReaderAuth = 0;
ctx->accessControlProfileMaskFailedReaderAuth = 0;
@@ -724,6 +771,9 @@
if (newNamespaceNumEntries > 0) {
eicCborAppendString(&ctx->cbor, nameSpace, nameSpaceLength);
eicCborAppendMap(&ctx->cbor, newNamespaceNumEntries);
+
+ eicCborAppendString(&ctx->cborEcdsa, nameSpace, nameSpaceLength);
+ eicCborAppendMap(&ctx->cborEcdsa, newNamespaceNumEntries);
}
// We'll need to calc and store a digest of additionalData to check that it's the same
@@ -778,6 +828,7 @@
if (result == EIC_ACCESS_CHECK_RESULT_OK) {
eicCborAppendString(&ctx->cbor, name, nameLength);
+ eicCborAppendString(&ctx->cborEcdsa, name, nameLength);
ctx->accessCheckOk = true;
}
return result;
@@ -821,6 +872,7 @@
}
eicCborAppend(&ctx->cbor, content, encryptedContentSize - 28);
+ eicCborAppend(&ctx->cborEcdsa, content, encryptedContentSize - 28);
return true;
}
@@ -842,6 +894,40 @@
return false;
}
eicCborFinal(&ctx->cbor, digestToBeMaced);
+
+ return true;
+}
+
+bool eicPresentationFinishRetrievalWithSignature(EicPresentation* ctx, uint8_t* digestToBeMaced,
+ size_t* digestToBeMacedSize,
+ uint8_t* signatureOfToBeSigned,
+ size_t* signatureOfToBeSignedSize) {
+ if (!eicPresentationFinishRetrieval(ctx, digestToBeMaced, digestToBeMacedSize)) {
+ return false;
+ }
+
+ if (!ctx->buildCborEcdsa) {
+ *signatureOfToBeSignedSize = 0;
+ return true;
+ }
+ if (*signatureOfToBeSignedSize != EIC_ECDSA_P256_SIGNATURE_SIZE) {
+ return false;
+ }
+
+ // This verifies that the correct expectedDeviceNamespacesSize value was
+ // passed in at eicPresentationCalcMacKey() time.
+ if (ctx->cborEcdsa.size != ctx->expectedCborEcdsaSizeAtEnd) {
+ eicDebug("CBOR ECDSA size is %zd, was expecting %zd", ctx->cborEcdsa.size,
+ ctx->expectedCborEcdsaSizeAtEnd);
+ return false;
+ }
+ uint8_t cborSha256[EIC_SHA256_DIGEST_SIZE];
+ eicCborFinal(&ctx->cborEcdsa, cborSha256);
+ if (!eicOpsEcDsa(ctx->deviceKeyPriv, cborSha256, signatureOfToBeSigned)) {
+ eicDebug("Error signing DeviceAuthentication");
+ return false;
+ }
+ eicDebug("set the signature");
return true;
}
diff --git a/identity/aidl/default/libeic/EicPresentation.h b/identity/aidl/default/libeic/EicPresentation.h
index a031890..cd3162a 100644
--- a/identity/aidl/default/libeic/EicPresentation.h
+++ b/identity/aidl/default/libeic/EicPresentation.h
@@ -76,6 +76,7 @@
// aren't.
bool requestMessageValidated;
bool buildCbor;
+ bool buildCborEcdsa;
// Set to true initialized as a test credential.
bool testCredential;
@@ -101,6 +102,12 @@
size_t expectedCborSizeAtEnd;
EicCbor cbor;
+
+ // The selected DeviceKey / AuthKey
+ uint8_t deviceKeyPriv[EIC_P256_PRIV_KEY_SIZE];
+
+ EicCbor cborEcdsa;
+ size_t expectedCborEcdsaSizeAtEnd;
} EicPresentation;
// If sessionId is zero (EIC_PRESENTATION_ID_UNSET), the presentation object is not associated
@@ -214,14 +221,13 @@
EIC_ACCESS_CHECK_RESULT_READER_AUTHENTICATION_FAILED,
} EicAccessCheckResult;
-// Passes enough information to calculate the MACing key
+// Passes enough information to calculate the MACing key and/or prepare ECDSA signing
//
-bool eicPresentationCalcMacKey(EicPresentation* ctx, const uint8_t* sessionTranscript,
- size_t sessionTranscriptSize,
- const uint8_t readerEphemeralPublicKey[EIC_P256_PUB_KEY_SIZE],
- const uint8_t signingKeyBlob[60], const char* docType,
- size_t docTypeLength, unsigned int numNamespacesWithValues,
- size_t expectedDeviceNamespacesSize);
+bool eicPresentationPrepareDeviceAuthentication(
+ EicPresentation* ctx, const uint8_t* sessionTranscript, size_t sessionTranscriptSize,
+ const uint8_t* readerEphemeralPublicKey, size_t readerEphemeralPublicKeySize,
+ const uint8_t signingKeyBlob[60], const char* docType, size_t docTypeLength,
+ unsigned int numNamespacesWithValues, size_t expectedDeviceNamespacesSize);
// The scratchSpace should be set to a buffer at least 512 bytes (ideally 1024
// bytes, the bigger the better). It's done this way to avoid allocating stack
@@ -253,6 +259,13 @@
bool eicPresentationFinishRetrieval(EicPresentation* ctx, uint8_t* digestToBeMaced,
size_t* digestToBeMacedSize);
+// Like eicPresentationFinishRetrieval() but also returns an ECDSA signature.
+//
+bool eicPresentationFinishRetrievalWithSignature(EicPresentation* ctx, uint8_t* digestToBeMaced,
+ size_t* digestToBeMacedSize,
+ uint8_t* signatureOfToBeSigned,
+ size_t* signatureOfToBeSignedSize);
+
// The data returned in |signatureOfToBeSigned| contains the ECDSA signature of
// the ToBeSigned CBOR from RFC 8051 "4.4. Signing and Verification Process"
// where content is set to the ProofOfDeletion CBOR.
diff --git a/identity/aidl/default/libeic/EicSession.c b/identity/aidl/default/libeic/EicSession.c
index d0c7a0d..e44fa68 100644
--- a/identity/aidl/default/libeic/EicSession.c
+++ b/identity/aidl/default/libeic/EicSession.c
@@ -84,30 +84,35 @@
bool eicSessionGetEphemeralKeyPair(EicSession* ctx,
uint8_t ephemeralPrivateKey[EIC_P256_PRIV_KEY_SIZE]) {
eicMemCpy(ephemeralPrivateKey, ctx->ephemeralPrivateKey, EIC_P256_PRIV_KEY_SIZE);
+ ctx->getEphemeralKeyPairCalled = true;
return true;
}
bool eicSessionSetReaderEphemeralPublicKey(
EicSession* ctx, const uint8_t readerEphemeralPublicKey[EIC_P256_PUB_KEY_SIZE]) {
eicMemCpy(ctx->readerEphemeralPublicKey, readerEphemeralPublicKey, EIC_P256_PUB_KEY_SIZE);
+ ctx->readerEphemeralPublicKeySize = EIC_P256_PUB_KEY_SIZE;
return true;
}
bool eicSessionSetSessionTranscript(EicSession* ctx, const uint8_t* sessionTranscript,
size_t sessionTranscriptSize) {
- // Only accept the SessionTranscript if X and Y from the ephemeral key
- // we created is somewhere in SessionTranscript...
+ // If mdoc session encryption is in use, only accept the
+ // SessionTranscript if X and Y from the ephemeral key we created
+ // is somewhere in SessionTranscript...
//
- if (eicMemMem(sessionTranscript, sessionTranscriptSize, ctx->ephemeralPublicKey,
- EIC_P256_PUB_KEY_SIZE / 2) == NULL) {
- eicDebug("Error finding X from ephemeralPublicKey in sessionTranscript");
- return false;
- }
- if (eicMemMem(sessionTranscript, sessionTranscriptSize,
- ctx->ephemeralPublicKey + EIC_P256_PUB_KEY_SIZE / 2,
- EIC_P256_PUB_KEY_SIZE / 2) == NULL) {
- eicDebug("Error finding Y from ephemeralPublicKey in sessionTranscript");
- return false;
+ if (ctx->getEphemeralKeyPairCalled) {
+ if (eicMemMem(sessionTranscript, sessionTranscriptSize, ctx->ephemeralPublicKey,
+ EIC_P256_PUB_KEY_SIZE / 2) == NULL) {
+ eicDebug("Error finding X from ephemeralPublicKey in sessionTranscript");
+ return false;
+ }
+ if (eicMemMem(sessionTranscript, sessionTranscriptSize,
+ ctx->ephemeralPublicKey + EIC_P256_PUB_KEY_SIZE / 2,
+ EIC_P256_PUB_KEY_SIZE / 2) == NULL) {
+ eicDebug("Error finding Y from ephemeralPublicKey in sessionTranscript");
+ return false;
+ }
}
// To save space we only store the SHA-256 of SessionTranscript
diff --git a/identity/aidl/default/libeic/EicSession.h b/identity/aidl/default/libeic/EicSession.h
index 0303dae..ae9babf 100644
--- a/identity/aidl/default/libeic/EicSession.h
+++ b/identity/aidl/default/libeic/EicSession.h
@@ -31,6 +31,9 @@
// A non-zero number unique for this EicSession instance
uint32_t id;
+ // Set to true iff eicSessionGetEphemeralKeyPair() has been called.
+ bool getEphemeralKeyPairCalled;
+
// The challenge generated at construction time by eicSessionInit().
uint64_t authChallenge;
@@ -41,6 +44,7 @@
uint8_t sessionTranscriptSha256[EIC_SHA256_DIGEST_SIZE];
+ size_t readerEphemeralPublicKeySize;
} EicSession;
bool eicSessionInit(EicSession* ctx);