Use vector to pass around keys
In the future the key size for new master keys will increase.
To maintain backwards compatibility the size of the key
can no longer be assumed. To help communicate the actual
size of the key, it will be passed around in a vector.
Bug: 121272336
Test: Ran Keystore CTS tests against Walleye,
no new test failures observed
Change-Id: Ie74eaf5226398e2300eb266ddda269473593e9d4
Merged-In: I4c05acb15b77959f2bf89abbdc325904fffb497a
diff --git a/keystore/blob.cpp b/keystore/blob.cpp
index ca5cb74..c8a9cbf 100644
--- a/keystore/blob.cpp
+++ b/keystore/blob.cpp
@@ -64,12 +64,12 @@
* Encrypt 'len' data at 'in' with AES-GCM, using 128-bit key at 'key', 96-bit IV at 'iv' and write
* output to 'out' (which may be the same location as 'in') and 128-bit tag to 'tag'.
*/
-ResponseCode AES_gcm_encrypt(const uint8_t* in, uint8_t* out, size_t len, const uint8_t* key,
- const uint8_t* iv, uint8_t* tag) {
+ResponseCode AES_gcm_encrypt(const uint8_t* in, uint8_t* out, size_t len,
+ const std::vector<uint8_t>& key, const uint8_t* iv, uint8_t* tag) {
const EVP_CIPHER* cipher = EVP_aes_128_gcm();
EVP_CIPHER_CTX_Ptr ctx(EVP_CIPHER_CTX_new());
- EVP_EncryptInit_ex(ctx.get(), cipher, nullptr /* engine */, key, iv);
+ EVP_EncryptInit_ex(ctx.get(), cipher, nullptr /* engine */, key.data(), iv);
EVP_CIPHER_CTX_set_padding(ctx.get(), 0 /* no padding needed with GCM */);
std::unique_ptr<uint8_t[]> out_tmp(new uint8_t[len]);
@@ -96,12 +96,13 @@
* Decrypt 'len' data at 'in' with AES-GCM, using 128-bit key at 'key', 96-bit IV at 'iv', checking
* 128-bit tag at 'tag' and writing plaintext to 'out' (which may be the same location as 'in').
*/
-ResponseCode AES_gcm_decrypt(const uint8_t* in, uint8_t* out, size_t len, const uint8_t* key,
- const uint8_t* iv, const uint8_t* tag) {
+ResponseCode AES_gcm_decrypt(const uint8_t* in, uint8_t* out, size_t len,
+ const std::vector<uint8_t> key, const uint8_t* iv,
+ const uint8_t* tag) {
const EVP_CIPHER* cipher = EVP_aes_128_gcm();
EVP_CIPHER_CTX_Ptr ctx(EVP_CIPHER_CTX_new());
- EVP_DecryptInit_ex(ctx.get(), cipher, nullptr /* engine */, key, iv);
+ EVP_DecryptInit_ex(ctx.get(), cipher, nullptr /* engine */, key.data(), iv);
EVP_CIPHER_CTX_set_padding(ctx.get(), 0 /* no padding needed with GCM */);
EVP_CIPHER_CTX_ctrl(ctx.get(), EVP_CTRL_GCM_SET_TAG, kGcmTagLength, const_cast<uint8_t*>(tag));
@@ -205,7 +206,8 @@
}
}
-ResponseCode Blob::writeBlob(const std::string& filename, const uint8_t* aes_key, State state) {
+ResponseCode Blob::writeBlob(const std::string& filename, const std::vector<uint8_t>& aes_key,
+ State state) {
ALOGV("writing blob %s", filename.c_str());
const size_t dataLength = mBlob.length;
@@ -254,7 +256,8 @@
return ResponseCode::NO_ERROR;
}
-ResponseCode Blob::readBlob(const std::string& filename, const uint8_t* aes_key, State state) {
+ResponseCode Blob::readBlob(const std::string& filename, const std::vector<uint8_t>& aes_key,
+ State state) {
ALOGV("reading blob %s", filename.c_str());
const int in = TEMP_FAILURE_RETRY(open(filename.c_str(), O_RDONLY));
if (in < 0) {
@@ -298,7 +301,7 @@
}
AES_KEY key;
- AES_set_decrypt_key(aes_key, kAesKeySize * 8, &key);
+ AES_set_decrypt_key(aes_key.data(), kAesKeySize * 8, &key);
AES_cbc_encrypt(blob.encrypted, blob.encrypted, encryptedLength, &key, blob.vector,
AES_DECRYPT);
key = {}; // clear key
diff --git a/keystore/blob.h b/keystore/blob.h
index 6a52ca4..4a35842 100644
--- a/keystore/blob.h
+++ b/keystore/blob.h
@@ -24,6 +24,7 @@
#include <keystore/keymaster_types.h>
#include <keystore/keystore.h>
+#include <vector>
constexpr size_t kValueSize = 32768;
constexpr size_t kAesKeySize = 128 / 8;
@@ -120,8 +121,10 @@
keystore::SecurityLevel getSecurityLevel() const;
void setSecurityLevel(keystore::SecurityLevel);
- ResponseCode writeBlob(const std::string& filename, const uint8_t* aes_key, State state);
- ResponseCode readBlob(const std::string& filename, const uint8_t* aes_key, State state);
+ ResponseCode writeBlob(const std::string& filename, const std::vector<uint8_t>& aes_key,
+ State state);
+ ResponseCode readBlob(const std::string& filename, const std::vector<uint8_t>& aes_key,
+ State state);
private:
blobv3 mBlob;
diff --git a/keystore/user_state.cpp b/keystore/user_state.cpp
index ff0ea10..b482efd 100644
--- a/keystore/user_state.cpp
+++ b/keystore/user_state.cpp
@@ -68,7 +68,7 @@
}
void UserState::zeroizeMasterKeysInMemory() {
- memset(mMasterKey, 0, sizeof(mMasterKey));
+ memset(mMasterKey.data(), 0, mMasterKey.size());
memset(mSalt, 0, sizeof(mSalt));
}
@@ -97,7 +97,7 @@
if (src->getState() != STATE_NO_ERROR) {
return ResponseCode::SYSTEM_ERROR;
}
- memcpy(mMasterKey, src->mMasterKey, MASTER_KEY_SIZE_BYTES);
+ mMasterKey = src->mMasterKey;
setupMasterKeys();
return copyMasterKeyFile(src);
}
@@ -133,9 +133,9 @@
}
ResponseCode UserState::writeMasterKey(const android::String8& pw) {
- uint8_t passwordKey[MASTER_KEY_SIZE_BYTES];
- generateKeyFromPassword(passwordKey, MASTER_KEY_SIZE_BYTES, pw, mSalt);
- Blob masterKeyBlob(mMasterKey, sizeof(mMasterKey), mSalt, sizeof(mSalt), TYPE_MASTER_KEY);
+ std::vector<uint8_t> passwordKey(MASTER_KEY_SIZE_BYTES);
+ generateKeyFromPassword(passwordKey, pw, mSalt);
+ Blob masterKeyBlob(mMasterKey.data(), mMasterKey.size(), mSalt, sizeof(mSalt), TYPE_MASTER_KEY);
return masterKeyBlob.writeBlob(mMasterKeyFile, passwordKey, STATE_NO_ERROR);
}
@@ -159,8 +159,8 @@
} else {
salt = NULL;
}
- uint8_t passwordKey[MASTER_KEY_SIZE_BYTES];
- generateKeyFromPassword(passwordKey, MASTER_KEY_SIZE_BYTES, pw, salt);
+ std::vector<uint8_t> passwordKey(MASTER_KEY_SIZE_BYTES);
+ generateKeyFromPassword(passwordKey, pw, salt);
Blob masterKeyBlob(rawBlob);
ResponseCode response = masterKeyBlob.readBlob(mMasterKeyFile, passwordKey, STATE_NO_ERROR);
if (response == ResponseCode::SYSTEM_ERROR) {
@@ -175,7 +175,8 @@
response = writeMasterKey(pw);
}
if (response == ResponseCode::NO_ERROR) {
- memcpy(mMasterKey, masterKeyBlob.getValue(), MASTER_KEY_SIZE_BYTES);
+ mMasterKey = std::vector<uint8_t>(masterKeyBlob.getValue(),
+ masterKeyBlob.getValue() + masterKeyBlob.getLength());
setupMasterKeys();
}
return response;
@@ -223,7 +224,7 @@
return true;
}
-void UserState::generateKeyFromPassword(uint8_t* key, ssize_t keySize, const android::String8& pw,
+void UserState::generateKeyFromPassword(std::vector<uint8_t>& key, const android::String8& pw,
uint8_t* salt) {
size_t saltSize;
if (salt != NULL) {
@@ -238,12 +239,12 @@
const EVP_MD* digest = EVP_sha256();
// SHA1 was used prior to increasing the key size
- if (keySize == SHA1_DIGEST_SIZE_BYTES) {
+ if (key.size() == SHA1_DIGEST_SIZE_BYTES) {
digest = EVP_sha1();
}
PKCS5_PBKDF2_HMAC(reinterpret_cast<const char*>(pw.string()), pw.length(), salt, saltSize, 8192,
- digest, keySize, key);
+ digest, key.size(), key.data());
}
bool UserState::generateSalt() {
@@ -251,7 +252,8 @@
}
bool UserState::generateMasterKey() {
- if (!RAND_bytes(mMasterKey, sizeof(mMasterKey))) {
+ mMasterKey.resize(MASTER_KEY_SIZE_BYTES);
+ if (!RAND_bytes(mMasterKey.data(), mMasterKey.size())) {
return false;
}
if (!generateSalt()) {
diff --git a/keystore/user_state.h b/keystore/user_state.h
index fcfc895..424dbf2 100644
--- a/keystore/user_state.h
+++ b/keystore/user_state.h
@@ -24,7 +24,7 @@
#include <utils/String8.h>
#include <keystore/keystore.h>
-
+#include <vector>
class UserState {
public:
@@ -53,7 +53,7 @@
ResponseCode writeMasterKey(const android::String8& pw);
ResponseCode readMasterKey(const android::String8& pw);
- auto& getEncryptionKey() const { return mMasterKey; }
+ const std::vector<uint8_t>& getEncryptionKey() const { return mMasterKey; }
bool reset();
@@ -67,7 +67,7 @@
static const int MAX_RETRY = 4;
static const size_t SALT_SIZE = 16;
- void generateKeyFromPassword(uint8_t* key, ssize_t keySize, const android::String8& pw,
+ void generateKeyFromPassword(std::vector<uint8_t>& key, const android::String8& pw,
uint8_t* salt);
bool generateSalt();
bool generateMasterKey();
@@ -81,7 +81,7 @@
State mState;
int8_t mRetry;
- uint8_t mMasterKey[MASTER_KEY_SIZE_BYTES];
+ std::vector<uint8_t> mMasterKey;
uint8_t mSalt[SALT_SIZE];
};