Merge "Keystore 2.0: Fix wrong check on wrapped key import."
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..99cf5ff
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+*.*~
diff --git a/keystore2/Android.bp b/keystore2/Android.bp
index 2ed2a60..f9295ca 100644
--- a/keystore2/Android.bp
+++ b/keystore2/Android.bp
@@ -26,6 +26,7 @@
"android.system.keystore2-V1-rust",
"libanyhow",
"libbinder_rs",
+ "libkeystore2_aaid-rust",
"libkeystore2_apc_compat-rust",
"libkeystore2_crypto_rust",
"libkeystore2_km_compat",
@@ -40,6 +41,16 @@
],
}
+rust_library {
+ name: "libkeystore2_test_utils",
+ crate_name: "keystore2_test_utils",
+ srcs: ["test_utils/lib.rs"],
+ rustlibs: [
+ "liblog_rust",
+ "librand",
+ ]
+}
+
rust_test {
name: "keystore2_test",
crate_name: "keystore2",
@@ -56,10 +67,12 @@
"libandroid_logger",
"libanyhow",
"libbinder_rs",
+ "libkeystore2_aaid-rust",
"libkeystore2_apc_compat-rust",
"libkeystore2_crypto_rust",
"libkeystore2_km_compat",
"libkeystore2_selinux",
+ "libkeystore2_test_utils",
"liblazy_static",
"liblibc",
"liblibsqlite3_sys",
diff --git a/keystore2/aaid/Android.bp b/keystore2/aaid/Android.bp
new file mode 100644
index 0000000..2329400
--- /dev/null
+++ b/keystore2/aaid/Android.bp
@@ -0,0 +1,50 @@
+// Copyright 2020, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+cc_library {
+ name: "libkeystore2_aaid",
+ srcs: [
+ "aaid.cpp",
+ ],
+ shared_libs: [
+ "libkeystore-attestation-application-id"
+ ],
+}
+
+rust_bindgen {
+ name: "libkeystore2_aaid_bindgen",
+ wrapper_src: "aaid.hpp",
+ crate_name: "keystore2_aaid_bindgen",
+ source_stem: "bindings",
+
+ bindgen_flags: [
+ "--size_t-is-usize",
+ "--whitelist-function=aaid_keystore_attestation_id",
+ "--whitelist-var=KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE",
+ ],
+}
+
+rust_library {
+ name: "libkeystore2_aaid-rust",
+ crate_name: "keystore2_aaid",
+ srcs: [
+ "lib.rs",
+ ],
+ rustlibs: [
+ "libkeystore2_aaid_bindgen",
+ ],
+ shared_libs: [
+ "libkeystore2_aaid",
+ ],
+}
diff --git a/keystore2/aaid/aaid.cpp b/keystore2/aaid/aaid.cpp
new file mode 100644
index 0000000..fd3faf6
--- /dev/null
+++ b/keystore2/aaid/aaid.cpp
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "aaid.hpp"
+
+#include <keystore/keystore_attestation_id.h>
+
+using android::security::gather_attestation_application_id;
+
+uint32_t aaid_keystore_attestation_id(uint32_t uid, uint8_t* aaid, size_t* aaid_size) {
+ static_assert(sizeof(uint32_t) == sizeof(uid_t), "uid_t has unexpected size");
+ static_assert(sizeof(uint32_t) == sizeof(android::status_t), "status_t has unexpected size");
+ static_assert(KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE ==
+ android::security::KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE,
+ "KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE sizes don't match.");
+ auto result = gather_attestation_application_id(uid);
+ if (!result.isOk()) {
+ return result.status();
+ }
+ if (result.value().size() > KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE) {
+ return ::android::NO_MEMORY;
+ }
+ if (*aaid_size != KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE) {
+ return ::android::BAD_VALUE;
+ }
+ std::copy(result.value().begin(), result.value().end(), aaid);
+ *aaid_size = result.value().size();
+ return ::android::OK;
+}
diff --git a/keystore2/aaid/aaid.hpp b/keystore2/aaid/aaid.hpp
new file mode 100644
index 0000000..9e2c148
--- /dev/null
+++ b/keystore2/aaid/aaid.hpp
@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#pragma once
+
+#include <stdint.h>
+#include <stddef.h>
+
+/**
+ * This is a redefinition of KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE in
+ * system/security/keystore/keystore_attestation_id.h and must be kept in sync.
+ * There is a static assert in aaid.cpp to assure that they are in sync.
+ * We redefine this here to avoid unnecessary build dependencies for
+ * the rust bindgen target.
+ */
+constexpr const size_t KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE = 1024;
+
+extern "C" {
+ /**
+ * Fills the buffer at aaid with the attestation application id of the app uid.
+ * The buffer must be exactly KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE bytes in size.
+ * *aaid_size is set to the number of bytes written to aaid.
+ *
+ * @param uid the uid of the app to retrieve the aaid for.
+ * @param aaid output buffer for the attestation id.
+ * @param aaid_size must be set to the size of the output buffer, which must be exactly
+ * KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE bytes in size, by the caller. On success
+ * it is set to the number of bytes written.
+ * @return OK on success.
+ */
+ uint32_t aaid_keystore_attestation_id(uint32_t uid, uint8_t* aaid, size_t* aaid_size);
+}
diff --git a/keystore2/aaid/lib.rs b/keystore2/aaid/lib.rs
new file mode 100644
index 0000000..3187198
--- /dev/null
+++ b/keystore2/aaid/lib.rs
@@ -0,0 +1,35 @@
+// Copyright 2020, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! Rust binding for getting the attestation application id.
+
+use keystore2_aaid_bindgen::{
+ aaid_keystore_attestation_id, KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE,
+};
+
+/// Returns the attestation application id for the given uid or an error code
+/// corresponding to ::android::status_t.
+pub fn get_aaid(uid: u32) -> Result<Vec<u8>, u32> {
+ let mut buffer = [0u8; KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE];
+ let mut size = KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE;
+ // Safety:
+ // aaid_keystore_attestation_id expects a buffer of exactly
+ // KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE bytes and returns the number of bytes written
+ // in the second pointer argument.
+ let status = unsafe { aaid_keystore_attestation_id(uid, buffer.as_mut_ptr(), &mut size) };
+ match status {
+ 0 => Ok(buffer[0..size as usize].to_vec()),
+ status => Err(status),
+ }
+}
diff --git a/keystore2/src/database.rs b/keystore2/src/database.rs
index 344fe2f..225378f 100644
--- a/keystore2/src/database.rs
+++ b/keystore2/src/database.rs
@@ -1792,7 +1792,7 @@
};
use crate::key_perm_set;
use crate::permission::{KeyPerm, KeyPermSet};
- use crate::test::utils::TempDir;
+ use keystore2_test_utils::TempDir;
use android_hardware_security_keymint::aidl::android::hardware::security::keymint::{
HardwareAuthToken::HardwareAuthToken,
HardwareAuthenticatorType::HardwareAuthenticatorType as kmhw_authenticator_type,
diff --git a/keystore2/src/legacy_blob.rs b/keystore2/src/legacy_blob.rs
index 34a0eca..230a82c 100644
--- a/keystore2/src/legacy_blob.rs
+++ b/keystore2/src/legacy_blob.rs
@@ -775,7 +775,7 @@
mod legacy_blob_test_vectors;
use crate::error;
use crate::legacy_blob::test::legacy_blob_test_vectors::*;
- use crate::test::utils::TempDir;
+ use keystore2_test_utils::TempDir;
#[test]
fn decode_encode_alias_test() {
diff --git a/keystore2/src/lib.rs b/keystore2/src/lib.rs
index 0475d6f..811db91 100644
--- a/keystore2/src/lib.rs
+++ b/keystore2/src/lib.rs
@@ -34,8 +34,3 @@
mod db_utils;
mod gc;
mod super_key;
-
-#[cfg(test)]
-mod test {
- pub mod utils;
-}
diff --git a/keystore2/src/security_level.rs b/keystore2/src/security_level.rs
index 7eb53c6..12b75bf 100644
--- a/keystore2/src/security_level.rs
+++ b/keystore2/src/security_level.rs
@@ -49,7 +49,7 @@
error::{self, map_km_error, map_or_log_err, Error, ErrorCode},
utils::key_characteristics_to_internal,
};
-use anyhow::{Context, Result};
+use anyhow::{anyhow, Context, Result};
use binder::{IBinder, Interface, ThreadState};
/// Implementation of the IKeystoreSecurityLevel Interface.
@@ -296,6 +296,20 @@
})
}
+ fn add_attestation_parameters(uid: u32, params: &[KeyParameter]) -> Result<Vec<KeyParameter>> {
+ let mut result = params.to_vec();
+ if params.iter().any(|kp| kp.tag == Tag::ATTESTATION_CHALLENGE) {
+ let aaid = keystore2_aaid::get_aaid(uid).map_err(|e| {
+ anyhow!(format!("In add_attestation_parameters: get_aaid returned status {}.", e))
+ })?;
+ result.push(KeyParameter {
+ tag: Tag::ATTESTATION_APPLICATION_ID,
+ value: KeyParameterValue::Blob(aaid),
+ });
+ }
+ Ok(result)
+ }
+
fn generate_key(
&self,
key: &KeyDescriptor,
@@ -323,6 +337,9 @@
// generate_key requires the rebind permission.
check_key_permission(KeyPerm::rebind(), &key, &None).context("In generate_key.")?;
+ let params = Self::add_attestation_parameters(caller_uid, params)
+ .context("In generate_key: Trying to get aaid.")?;
+
let km_dev: Box<dyn IKeyMintDevice> = self.keymint.get_interface()?;
map_km_error(km_dev.addRngEntropy(entropy))
.context("In generate_key: Trying to add entropy.")?;
@@ -360,6 +377,9 @@
// import_key requires the rebind permission.
check_key_permission(KeyPerm::rebind(), &key, &None).context("In import_key.")?;
+ let params = Self::add_attestation_parameters(caller_uid, params)
+ .context("In import_key: Trying to get aaid.")?;
+
let format = params
.iter()
.find(|p| p.tag == Tag::ALGORITHM)
diff --git a/keystore2/src/test/utils.rs b/keystore2/test_utils/lib.rs
similarity index 67%
rename from keystore2/src/test/utils.rs
rename to keystore2/test_utils/lib.rs
index 8c93859..627af20 100644
--- a/keystore2/src/test/utils.rs
+++ b/keystore2/test_utils/lib.rs
@@ -12,11 +12,14 @@
// See the License for the specific language governing permissions and
// limitations under the License.
+//! Implements TempDir which aids in creating an cleaning up temporary directories for testing.
+
use std::fs::{create_dir, remove_dir_all};
use std::io::ErrorKind;
use std::path::{Path, PathBuf};
use std::{env::temp_dir, ops::Deref};
+/// Represents the lifecycle of a temporary directory for testing.
#[derive(Debug)]
pub struct TempDir {
path: std::path::PathBuf,
@@ -24,6 +27,11 @@
}
impl TempDir {
+ /// Creates a temporary directory with a name of the form <prefix>_NNNNN where NNNNN is a zero
+ /// padded random number with 5 figures. The prefix must not contain file system separators.
+ /// The location of the directory cannot be chosen.
+ /// The directory with all of its content is removed from the file system when the resulting
+ /// object gets dropped.
pub fn new(prefix: &str) -> std::io::Result<Self> {
let tmp = loop {
let mut tmp = temp_dir();
@@ -40,10 +48,20 @@
Ok(Self { path: tmp, do_drop: true })
}
+ /// Returns the absolute path of the temporary directory.
pub fn path(&self) -> &Path {
&self.path
}
+ /// Returns a path builder for convenient extension of the path.
+ ///
+ /// ## Example:
+ ///
+ /// ```
+ /// let tdir = TempDir::new("my_test")?;
+ /// let temp_foo_bar = tdir.build().push("foo").push("bar");
+ /// ```
+ /// `temp_foo_bar` derefs to a Path that represents "<tdir.path()>/foo/bar"
pub fn build(&self) -> PathBuilder {
PathBuilder(self.path.clone())
}
@@ -66,9 +84,11 @@
}
}
+/// Allows for convenient building of paths from a TempDir. See TempDir.build() for more details.
pub struct PathBuilder(PathBuf);
impl PathBuilder {
+ /// Adds another segment to the end of the path. Consumes, modifies and returns self.
pub fn push(mut self, segment: &str) -> Self {
self.0.push(segment);
self