Blame - keystore2/src/database.rs - android_system_security

2020-07-17 14:57:21 -0700

[diff] [blame]

1

2

//

3

// Licensed under the Apache License, Version 2.0 (the "License");

4

// you may not use this file except in compliance with the License.

5

// You may obtain a copy of the License at

6

//

7

// http://www.apache.org/licenses/LICENSE-2.0

8

//

9

// Unless required by applicable law or agreed to in writing, software

10

// distributed under the License is distributed on an "AS IS" BASIS,

11

// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

12

// See the License for the specific language governing permissions and

13

// limitations under the License.

14

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

15

//! This is the Keystore 2.0 database module.

16

//! The database module provides a connection to the backing SQLite store.

17

//! We have two databases one for persistent key blob storage and one for

18

//! items that have a per boot life cycle.

19

//!

20

//! ## Persistent database

21

//! The persistent database has tables for key blobs. They are organized

22

//! as follows:

23

//! The `keyentry` table is the primary table for key entries. It is

24

//! accompanied by two tables for blobs and parameters.

25

//! Each key entry occupies exactly one row in the `keyentry` table and

26

//! zero or more rows in the tables `blobentry` and `keyparameter`.

27

//!

28

//! ## Per boot database

29

//! The per boot database stores items with a per boot lifecycle.

30

//! Currently, there is only the `grant` table in this database.

31

//! Grants are references to a key that can be used to access a key by

32

//! clients that don't own that key. Grants can only be created by the

33

//! owner of a key. And only certain components can create grants.

34

//! This is governed by SEPolicy.

35

//!

36

//! ## Access control

37

//! Some database functions that load keys or create grants perform

38

//! access control. This is because in some cases access control

39

//! can only be performed after some information about the designated

40

//! key was loaded from the database. To decouple the permission checks

41

//! from the database module these functions take permission check

42

//! callbacks.

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

43

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

44

mod perboot;

Janis Danisevskis

030ba02

2021-05-26 11:15:30 -0700

[diff] [blame]

45

pub(crate) mod utils;

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

46

mod versioning;

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

47

Janis Danisevskis

2022-01-04 19:59:26 -0800

[diff] [blame]

48

use crate::gc::Gc;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

49

use crate::impl_metadata; // This is in db_utils.rs

Eric Biggers

b0478cf

2023-10-27 03:55:29 +0000

[diff] [blame]

50

use crate::key_parameter::{KeyParameter, KeyParameterValue, Tag};

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

51

use crate::ks_err;

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

52

use crate::permission::KeyPermSet;

Hasini Gunasinghe

2021-05-12 19:03:12 +0000

[diff] [blame]

53

use crate::utils::{get_current_time_in_milliseconds, watchdog as wd, AID_USER_OFFSET};

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

54

use crate::{

Paul Crowley

2021-03-18 17:08:20 -0700

[diff] [blame]

55

error::{Error as KsError, ErrorCode, ResponseCode},

56

super_key::SuperKeyType,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

57

};

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

58

use android_hardware_security_keymint::aidl::android::hardware::security::keymint::{

Tri Vo

a1634bb

2022-12-01 15:54:19 -0800

[diff] [blame]

59

HardwareAuthToken::HardwareAuthToken, HardwareAuthenticatorType::HardwareAuthenticatorType,

60

SecurityLevel::SecurityLevel,

61

};

62

use android_security_metrics::aidl::android::security::metrics::{

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

63

Storage::Storage as MetricsStorage, StorageStats::StorageStats,

Janis Danisevskis

c3a496b

2021-01-05 10:37:22 -0800

[diff] [blame]

64

};

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

65

use android_system_keystore2::aidl::android::system::keystore2::{

Janis Danisevskis

04b0283

2020-10-26 09:21:40 -0700

[diff] [blame]

66

Domain::Domain, KeyDescriptor::KeyDescriptor,

Janis Danisevskis

60400fe

2020-08-26 15:24:42 -0700

[diff] [blame]

67

};

Shaquille Johnson

7f5a815

2023-09-27 18:46:27 +0100

[diff] [blame]

68

use anyhow::{anyhow, Context, Result};

69

use keystore2_flags;

70

use std::{convert::TryFrom, convert::TryInto, ops::Deref, time::SystemTimeError};

71

use utils as db_utils;

72

use utils::SqlField;

Max Bires

2020-09-22 11:22:36 -0700

[diff] [blame]

73

74

use keystore2_crypto::ZVec;

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

75

use lazy_static::lazy_static;

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

76

use log::error;

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

77

#[cfg(not(test))]

78

use rand::prelude::random;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

79

use rusqlite::{

Joel Galenson

ff79e36

2021-05-25 16:30:17 -0700

[diff] [blame]

80

params, params_from_iter,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

81

types::FromSql,

82

types::FromSqlResult,

83

types::ToSqlOutput,

84

types::{FromSqlError, Value, ValueRef},

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

85

Connection, OptionalExtension, ToSql, Transaction, TransactionBehavior,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

86

};

Max Bires

2020-09-22 11:22:36 -0700

[diff] [blame]

87

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

88

use std::{

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

89

collections::{HashMap, HashSet},

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

90

path::Path,

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

91

sync::{Arc, Condvar, Mutex},

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

92

time::{Duration, SystemTime},

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

93

};

Max Bires

2020-09-22 11:22:36 -0700

[diff] [blame]

94

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

95

#[cfg(test)]

96

use tests::random;

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

97

David Drysdale

2024-04-15 14:11:52 +0100

[diff] [blame^]

98

/// If the database returns a busy error code, retry after this interval.

99

const DB_BUSY_RETRY_INTERVAL: Duration = Duration::from_micros(500);

100

/// If the database returns a busy error code, keep retrying for this long.

101

const MAX_DB_BUSY_RETRY_PERIOD: Duration = Duration::from_secs(15);

102

103

/// Check whether a database lock has timed out.

104

fn check_lock_timeout(start: &std::time::Instant, timeout: Duration) -> Result<()> {

105

if keystore2_flags::database_loop_timeout() {

106

let elapsed = start.elapsed();

107

if elapsed >= timeout {

108

error!("Abandon locked DB after {elapsed:?}");

109

return Err(&KsError::Rc(ResponseCode::BACKEND_BUSY))

110

.context(ks_err!("Abandon locked DB after {elapsed:?}",));

}

}

Ok(())

}

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

116

impl_metadata!(

117

/// A set of metadata for key entries.

118

#[derive(Debug, Default, Eq, PartialEq)]

119

pub struct KeyMetaData;

120

/// A metadata entry for key entries.

121

#[derive(Debug, Eq, PartialEq, Ord, PartialOrd)]

122

pub enum KeyMetaEntry {

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

123

/// Date of the creation of the key entry.

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

124

CreationDate(DateTime) with accessor creation_date,

125

/// Expiration date for attestation keys.

126

AttestationExpirationDate(DateTime) with accessor attestation_expiration_date,

Max Bires

2020-09-22 11:22:36 -0700

[diff] [blame]

127

/// CBOR Blob that represents a COSE_Key and associated metadata needed for remote

128

/// provisioning

129

AttestationMacedPublicKey(Vec<u8>) with accessor attestation_maced_public_key,

130

/// Vector representing the raw public key so results from the server can be matched

131

/// to the right entry

132

AttestationRawPubKey(Vec<u8>) with accessor attestation_raw_pub_key,

Paul Crowley

2021-03-19 10:53:07 -0700

[diff] [blame]

133

/// SEC1 public key for ECDH encryption

134

Sec1PublicKey(Vec<u8>) with accessor sec1_public_key,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

135

// --- ADD NEW META DATA FIELDS HERE ---

136

// For backwards compatibility add new entries only to

137

// end of this list and above this comment.

};

);

impl KeyMetaData {

fn load_from_db(key_id: i64, tx: &Transaction) -> Result<Self> {

143

let mut stmt = tx

144

.prepare(

145

"SELECT tag, data from persistent.keymetadata

146

WHERE keyentryid = ?;",

147

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

148

.context(ks_err!("KeyMetaData::load_from_db: prepare statement failed."))?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

149

150

let mut metadata: HashMap<i64, KeyMetaEntry> = Default::default();

151

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

152

let mut rows = stmt

153

.query(params![key_id])

154

.context(ks_err!("KeyMetaData::load_from_db: query failed."))?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

155

db_utils::with_rows_extract_all(&mut rows, |row| {

156

let db_tag: i64 = row.get(0).context("Failed to read tag.")?;

157

metadata.insert(

158

db_tag,

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

159

KeyMetaEntry::new_from_sql(db_tag, &SqlField::new(1, row))

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

160

.context("Failed to read KeyMetaEntry.")?,

161

);

162

Ok(())

163

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

164

.context(ks_err!("KeyMetaData::load_from_db."))?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

165

166

Ok(Self { data: metadata })

167

}

168

169

fn store_in_db(&self, key_id: i64, tx: &Transaction) -> Result<()> {

170

let mut stmt = tx

171

.prepare(

Hasini Gunasinghe

2021-02-01 21:10:02 +0000

[diff] [blame]

172

"INSERT or REPLACE INTO persistent.keymetadata (keyentryid, tag, data)

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

173

VALUES (?, ?, ?);",

174

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

175

.context(ks_err!("KeyMetaData::store_in_db: Failed to prepare statement."))?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

176

177

let iter = self.data.iter();

178

for (tag, entry) in iter {

179

stmt.insert(params![key_id, tag, entry,]).with_context(|| {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

180

ks_err!("KeyMetaData::store_in_db: Failed to insert {:?}", entry)

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

})?;

}

Ok(())

}

}

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

187

impl_metadata!(

188

/// A set of metadata for key blobs.

189

#[derive(Debug, Default, Eq, PartialEq)]

190

pub struct BlobMetaData;

191

/// A metadata entry for key blobs.

192

#[derive(Debug, Eq, PartialEq, Ord, PartialOrd)]

193

pub enum BlobMetaEntry {

194

/// If present, indicates that the blob is encrypted with another key or a key derived

195

/// from a password.

196

EncryptedBy(EncryptedBy) with accessor encrypted_by,

197

/// If the blob is password encrypted this field is set to the

198

/// salt used for the key derivation.

199

Salt(Vec<u8>) with accessor salt,

200

/// If the blob is encrypted, this field is set to the initialization vector.

201

Iv(Vec<u8>) with accessor iv,

202

/// If the blob is encrypted, this field holds the AEAD TAG.

203

AeadTag(Vec<u8>) with accessor aead_tag,

204

/// The uuid of the owning KeyMint instance.

205

KmUuid(Uuid) with accessor km_uuid,

Paul Crowley

2021-03-19 10:53:07 -0700

[diff] [blame]

206

/// If the key is ECDH encrypted, this is the ephemeral public key

207

PublicKey(Vec<u8>) with accessor public_key,

Paul Crowley

44c02da

2021-04-08 17:04:43 +0000

[diff] [blame]

208

/// If the key is encrypted with a MaxBootLevel key, this is the boot level

209

/// of that key

210

MaxBootLevel(i32) with accessor max_boot_level,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

211

// --- ADD NEW META DATA FIELDS HERE ---

212

// For backwards compatibility add new entries only to

213

// end of this list and above this comment.

};

);

impl BlobMetaData {

fn load_from_db(blob_id: i64, tx: &Transaction) -> Result<Self> {

219

let mut stmt = tx

220

.prepare(

221

"SELECT tag, data from persistent.blobmetadata

222

WHERE blobentryid = ?;",

223

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

224

.context(ks_err!("BlobMetaData::load_from_db: prepare statement failed."))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

225

226

let mut metadata: HashMap<i64, BlobMetaEntry> = Default::default();

227

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

228

let mut rows = stmt.query(params![blob_id]).context(ks_err!("query failed."))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

229

db_utils::with_rows_extract_all(&mut rows, |row| {

230

let db_tag: i64 = row.get(0).context("Failed to read tag.")?;

231

metadata.insert(

232

db_tag,

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

233

BlobMetaEntry::new_from_sql(db_tag, &SqlField::new(1, row))

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

234

.context("Failed to read BlobMetaEntry.")?,

235

);

236

Ok(())

237

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

238

.context(ks_err!("BlobMetaData::load_from_db"))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

239

240

Ok(Self { data: metadata })

241

}

242

243

fn store_in_db(&self, blob_id: i64, tx: &Transaction) -> Result<()> {

244

let mut stmt = tx

245

.prepare(

246

"INSERT or REPLACE INTO persistent.blobmetadata (blobentryid, tag, data)

247

VALUES (?, ?, ?);",

248

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

249

.context(ks_err!("BlobMetaData::store_in_db: Failed to prepare statement.",))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

250

251

let iter = self.data.iter();

252

for (tag, entry) in iter {

253

stmt.insert(params![blob_id, tag, entry,]).with_context(|| {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

254

ks_err!("BlobMetaData::store_in_db: Failed to insert {:?}", entry)

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

})?;

}

Ok(())

}

}

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

261

/// Indicates the type of the keyentry.

262

#[derive(Debug, Copy, Clone, Eq, PartialEq, Ord, PartialOrd)]

263

pub enum KeyType {

264

/// This is a client key type. These keys are created or imported through the Keystore 2.0

265

/// AIDL interface android.system.keystore2.

266

Client,

267

/// This is a super key type. These keys are created by keystore itself and used to encrypt

268

/// other key blobs to provide LSKF binding.

269

Super,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

270

}

271

272

impl ToSql for KeyType {

273

fn to_sql(&self) -> rusqlite::Result<ToSqlOutput> {

274

Ok(ToSqlOutput::Owned(Value::Integer(match self {

275

KeyType::Client => 0,

276

KeyType::Super => 1,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

})))

}

}

impl FromSql for KeyType {

282

fn column_result(value: ValueRef) -> FromSqlResult<Self> {

283

match i64::column_result(value)? {

284

0 => Ok(KeyType::Client),

285

1 => Ok(KeyType::Super),

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

286

v => Err(FromSqlError::OutOfRange(v)),

}

}

}

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

291

/// Uuid representation that can be stored in the database.

292

/// Right now it can only be initialized from SecurityLevel.

293

/// Once KeyMint provides a UUID type a corresponding From impl shall be added.

294

#[derive(Debug, Clone, Copy, Default, PartialEq, Eq, PartialOrd, Ord, Hash)]

295

pub struct Uuid([u8; 16]);

296

297

impl Deref for Uuid {

298

type Target = [u8; 16];

299

300

fn deref(&self) -> &Self::Target {

&self.0

}

}

impl From<SecurityLevel> for Uuid {

306

fn from(sec_level: SecurityLevel) -> Self {

307

Self((sec_level.0 as u128).to_be_bytes())

}

}

impl ToSql for Uuid {

312

fn to_sql(&self) -> rusqlite::Result<ToSqlOutput> {

self.0.to_sql()

}

}

impl FromSql for Uuid {

318

fn column_result(value: ValueRef<'_>) -> FromSqlResult<Self> {

319

let blob = Vec::<u8>::column_result(value)?;

320

if blob.len() != 16 {

321

return Err(FromSqlError::OutOfRange(blob.len() as i64));

322

}

323

let mut arr = [0u8; 16];

324

arr.copy_from_slice(&blob);

Ok(Self(arr))

}

}

/// Key entries that are not associated with any KeyMint instance, such as pure certificate

330

/// entries are associated with this UUID.

331

pub static KEYSTORE_UUID: Uuid = Uuid([

332

0x41, 0xe3, 0xb9, 0xce, 0x27, 0x58, 0x4e, 0x91, 0xbc, 0xfd, 0xa5, 0x5d, 0x91, 0x85, 0xab, 0x11,

333

]);

334

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

335

/// Indicates how the sensitive part of this key blob is encrypted.

336

#[derive(Debug, Eq, PartialEq, Ord, PartialOrd)]

337

pub enum EncryptedBy {

338

/// The keyblob is encrypted by a user password.

339

/// In the database this variant is represented as NULL.

340

Password,

341

/// The keyblob is encrypted by another key with wrapped key id.

342

/// In the database this variant is represented as non NULL value

343

/// that is convertible to i64, typically NUMERIC.

KeyId(i64),

}

impl ToSql for EncryptedBy {

348

fn to_sql(&self) -> rusqlite::Result<ToSqlOutput> {

349

match self {

350

Self::Password => Ok(ToSqlOutput::Owned(Value::Null)),

351

Self::KeyId(id) => id.to_sql(),

}

}

}

impl FromSql for EncryptedBy {

357

fn column_result(value: ValueRef) -> FromSqlResult<Self> {

358

match value {

359

ValueRef::Null => Ok(Self::Password),

360

_ => Ok(Self::KeyId(i64::column_result(value)?)),

}

}

}

/// A database representation of wall clock time. DateTime stores unix epoch time as

366

/// i64 in milliseconds.

367

#[derive(Debug, Copy, Clone, Default, Eq, PartialEq, Ord, PartialOrd)]

368

pub struct DateTime(i64);

369

370

/// Error type returned when creating DateTime or converting it from and to

371

/// SystemTime.

372

#[derive(thiserror::Error, Debug)]

373

pub enum DateTimeError {

374

/// This is returned when SystemTime and Duration computations fail.

375

#[error(transparent)]

376

SystemTimeError(#[from] SystemTimeError),

377

378

/// This is returned when type conversions fail.

379

#[error(transparent)]

380

TypeConversion(#[from] std::num::TryFromIntError),

381

382

/// This is returned when checked time arithmetic failed.

383

#[error("Time arithmetic failed.")]

TimeArithmetic,

}

impl DateTime {

/// Constructs a new DateTime object denoting the current time. This may fail during

389

/// conversion to unix epoch time and during conversion to the internal i64 representation.

390

pub fn now() -> Result<Self, DateTimeError> {

391

Ok(Self(SystemTime::now().duration_since(SystemTime::UNIX_EPOCH)?.as_millis().try_into()?))

392

}

393

394

/// Constructs a new DateTime object from milliseconds.

395

pub fn from_millis_epoch(millis: i64) -> Self {

Self(millis)

}

/// Returns unix epoch time in milliseconds.

Chris Wailes

3877f29

2021-07-26 19:24:18 -0700

[diff] [blame]

400

pub fn to_millis_epoch(self) -> i64 {

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

self.0

}

/// Returns unix epoch time in seconds.

Chris Wailes

3877f29

2021-07-26 19:24:18 -0700

[diff] [blame]

405

pub fn to_secs_epoch(self) -> i64 {

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

self.0 / 1000

}

}

impl ToSql for DateTime {

411

fn to_sql(&self) -> rusqlite::Result<ToSqlOutput> {

412

Ok(ToSqlOutput::Owned(Value::Integer(self.0)))

}

}

impl FromSql for DateTime {

417

fn column_result(value: ValueRef) -> FromSqlResult<Self> {

418

Ok(Self(i64::column_result(value)?))

}

}

impl TryInto<SystemTime> for DateTime {

423

type Error = DateTimeError;

424

425

fn try_into(self) -> Result<SystemTime, Self::Error> {

426

// We want to construct a SystemTime representation equivalent to self, denoting

427

// a point in time THEN, but we cannot set the time directly. We can only construct

428

// a SystemTime denoting NOW, and we can get the duration between EPOCH and NOW,

429

// and between EPOCH and THEN. With this common reference we can construct the

430

// duration between NOW and THEN which we can add to our SystemTime representation

431

// of NOW to get a SystemTime representation of THEN.

432

// Durations can only be positive, thus the if statement below.

433

let now = SystemTime::now();

434

let now_epoch = now.duration_since(SystemTime::UNIX_EPOCH)?;

435

let then_epoch = Duration::from_millis(self.0.try_into()?);

436

Ok(if now_epoch > then_epoch {

437

// then = now - (now_epoch - then_epoch)

438

now_epoch

439

.checked_sub(then_epoch)

440

.and_then(|d| now.checked_sub(d))

441

.ok_or(DateTimeError::TimeArithmetic)?

442

} else {

443

// then = now + (then_epoch - now_epoch)

444

then_epoch

445

.checked_sub(now_epoch)

446

.and_then(|d| now.checked_add(d))

447

.ok_or(DateTimeError::TimeArithmetic)?

})

}

}

impl TryFrom<SystemTime> for DateTime {

453

type Error = DateTimeError;

454

455

fn try_from(t: SystemTime) -> Result<Self, Self::Error> {

456

Ok(Self(t.duration_since(SystemTime::UNIX_EPOCH)?.as_millis().try_into()?))

}

}

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

460

#[derive(Debug, PartialEq, Eq, PartialOrd, Ord, Copy, Clone)]

461

enum KeyLifeCycle {

462

/// Existing keys have a key ID but are not fully populated yet.

463

/// This is a transient state. If Keystore finds any such keys when it starts up, it must move

464

/// them to Unreferenced for garbage collection.

465

Existing,

466

/// A live key is fully populated and usable by clients.

467

Live,

468

/// An unreferenced key is scheduled for garbage collection.

Unreferenced,

}

impl ToSql for KeyLifeCycle {

473

fn to_sql(&self) -> rusqlite::Result<ToSqlOutput> {

474

match self {

475

Self::Existing => Ok(ToSqlOutput::Owned(Value::Integer(0))),

476

Self::Live => Ok(ToSqlOutput::Owned(Value::Integer(1))),

477

Self::Unreferenced => Ok(ToSqlOutput::Owned(Value::Integer(2))),

}

}

}

impl FromSql for KeyLifeCycle {

483

fn column_result(value: ValueRef) -> FromSqlResult<Self> {

484

match i64::column_result(value)? {

485

0 => Ok(KeyLifeCycle::Existing),

486

1 => Ok(KeyLifeCycle::Live),

487

2 => Ok(KeyLifeCycle::Unreferenced),

488

v => Err(FromSqlError::OutOfRange(v)),

}

}

}

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

493

/// Keys have a KeyMint blob component and optional public certificate and

494

/// certificate chain components.

495

/// KeyEntryLoadBits is a bitmap that indicates to `KeystoreDB::load_key_entry`

496

/// which components shall be loaded from the database if present.

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

497

#[derive(Debug, Clone, Copy, Eq, PartialEq, Ord, PartialOrd)]

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

498

pub struct KeyEntryLoadBits(u32);

499

500

impl KeyEntryLoadBits {

501

/// Indicate to `KeystoreDB::load_key_entry` that no component shall be loaded.

502

pub const NONE: KeyEntryLoadBits = Self(0);

503

/// Indicate to `KeystoreDB::load_key_entry` that the KeyMint component shall be loaded.

504

pub const KM: KeyEntryLoadBits = Self(1);

505

/// Indicate to `KeystoreDB::load_key_entry` that the Public components shall be loaded.

506

pub const PUBLIC: KeyEntryLoadBits = Self(2);

507

/// Indicate to `KeystoreDB::load_key_entry` that both components shall be loaded.

508

pub const BOTH: KeyEntryLoadBits = Self(3);

509

510

/// Returns true if this object indicates that the public components shall be loaded.

511

pub const fn load_public(&self) -> bool {

512

self.0 & Self::PUBLIC.0 != 0

513

}

514

515

/// Returns true if the object indicates that the KeyMint component shall be loaded.

516

pub const fn load_km(&self) -> bool {

517

self.0 & Self::KM.0 != 0

}

}

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

521

lazy_static! {

522

static ref KEY_ID_LOCK: KeyIdLockDb = KeyIdLockDb::new();

}

struct KeyIdLockDb {

locked_keys: Mutex<HashSet<i64>>,

cond_var: Condvar,

}

/// A locked key. While a guard exists for a given key id, the same key cannot be loaded

531

/// from the database a second time. Most functions manipulating the key blob database

532

/// require a KeyIdGuard.

533

#[derive(Debug)]

534

pub struct KeyIdGuard(i64);

impl KeyIdLockDb {

fn new() -> Self {

Self { locked_keys: Mutex::new(HashSet::new()), cond_var: Condvar::new() }

539

}

540

541

/// This function blocks until an exclusive lock for the given key entry id can

542

/// be acquired. It returns a guard object, that represents the lifecycle of the

543

/// acquired lock.

544

pub fn get(&self, key_id: i64) -> KeyIdGuard {

545

let mut locked_keys = self.locked_keys.lock().unwrap();

546

while locked_keys.contains(&key_id) {

547

locked_keys = self.cond_var.wait(locked_keys).unwrap();

548

}

549

locked_keys.insert(key_id);

KeyIdGuard(key_id)

}

/// This function attempts to acquire an exclusive lock on a given key id. If the

554

/// given key id is already taken the function returns None immediately. If a lock

555

/// can be acquired this function returns a guard object, that represents the

556

/// lifecycle of the acquired lock.

557

pub fn try_get(&self, key_id: i64) -> Option<KeyIdGuard> {

558

let mut locked_keys = self.locked_keys.lock().unwrap();

559

if locked_keys.insert(key_id) {

560

Some(KeyIdGuard(key_id))

} else {

None

}

}

}

impl KeyIdGuard {

/// Get the numeric key id of the locked key.

569

pub fn id(&self) -> i64 {

self.0

}

}

impl Drop for KeyIdGuard {

575

fn drop(&mut self) {

576

let mut locked_keys = KEY_ID_LOCK.locked_keys.lock().unwrap();

577

locked_keys.remove(&self.0);

Janis Danisevskis

7fd5358

2020-11-23 13:40:34 -0800

[diff] [blame]

578

drop(locked_keys);

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

579

KEY_ID_LOCK.cond_var.notify_all();

}

}

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

583

/// This type represents a certificate and certificate chain entry for a key.

Max Bires

2020-09-22 11:22:36 -0700

[diff] [blame]

584

#[derive(Debug, Default)]

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

585

pub struct CertificateInfo {

586

cert: Option<Vec<u8>>,

587

cert_chain: Option<Vec<u8>>,

588

}

589

Janis Danisevskis

2022-01-26 14:11:14 -0800

[diff] [blame]

590

/// This type represents a Blob with its metadata and an optional superseded blob.

591

#[derive(Debug)]

592

pub struct BlobInfo<'a> {

593

blob: &'a [u8],

594

metadata: &'a BlobMetaData,

595

/// Superseded blobs are an artifact of legacy import. In some rare occasions

596

/// the key blob needs to be upgraded during import. In that case two

597

/// blob are imported, the superseded one will have to be imported first,

598

/// so that the garbage collector can reap it.

599

superseded_blob: Option<(&'a [u8], &'a BlobMetaData)>,

600

}

601

602

impl<'a> BlobInfo<'a> {

603

/// Create a new instance of blob info with blob and corresponding metadata

604

/// and no superseded blob info.

605

pub fn new(blob: &'a [u8], metadata: &'a BlobMetaData) -> Self {

606

Self { blob, metadata, superseded_blob: None }

607

}

608

609

/// Create a new instance of blob info with blob and corresponding metadata

610

/// as well as superseded blob info.

611

pub fn new_with_superseded(

612

blob: &'a [u8],

613

metadata: &'a BlobMetaData,

614

superseded_blob: Option<(&'a [u8], &'a BlobMetaData)>,

615

) -> Self {

616

Self { blob, metadata, superseded_blob }

}

}

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

620

impl CertificateInfo {

621

/// Constructs a new CertificateInfo object from `cert` and `cert_chain`

622

pub fn new(cert: Option<Vec<u8>>, cert_chain: Option<Vec<u8>>) -> Self {

623

Self { cert, cert_chain }

}

/// Take the cert

pub fn take_cert(&mut self) -> Option<Vec<u8>> {

self.cert.take()

}

/// Take the cert chain

632

pub fn take_cert_chain(&mut self) -> Option<Vec<u8>> {

633

self.cert_chain.take()

}

}

Max Bires

2020-09-22 11:22:36 -0700

[diff] [blame]

637

/// This type represents a certificate chain with a private key corresponding to the leaf

638

/// certificate. TODO(jbires): This will be used in a follow-on CL, for now it's used in the tests.

Max Bires

2020-09-22 11:22:36 -0700

[diff] [blame]

639

pub struct CertificateChain {

Max Bires

97f9681

2021-02-23 23:44:57 -0800

[diff] [blame]

640

/// A KM key blob

641

pub private_key: ZVec,

642

/// A batch cert for private_key

643

pub batch_cert: Vec<u8>,

644

/// A full certificate chain from root signing authority to private_key, including batch_cert

645

/// for convenience.

646

pub cert_chain: Vec<u8>,

Max Bires

2020-09-22 11:22:36 -0700

[diff] [blame]

647

}

648

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

649

/// This type represents a Keystore 2.0 key entry.

650

/// An entry has a unique `id` by which it can be found in the database.

651

/// It has a security level field, key parameters, and three optional fields

652

/// for the KeyMint blob, public certificate and a public certificate chain.

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

653

#[derive(Debug, Default, Eq, PartialEq)]

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

654

pub struct KeyEntry {

655

id: i64,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

656

key_blob_info: Option<(Vec<u8>, BlobMetaData)>,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

657

cert: Option<Vec<u8>>,

658

cert_chain: Option<Vec<u8>>,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

659

km_uuid: Uuid,

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

660

parameters: Vec<KeyParameter>,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

661

metadata: KeyMetaData,

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

662

pure_cert: bool,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

}

impl KeyEntry {

/// Returns the unique id of the Key entry.

667

pub fn id(&self) -> i64 {

668

self.id

669

}

670

/// Exposes the optional KeyMint blob.

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

671

pub fn key_blob_info(&self) -> &Option<(Vec<u8>, BlobMetaData)> {

672

&self.key_blob_info

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

673

}

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

674

/// Extracts the Optional KeyMint blob including its metadata.

675

pub fn take_key_blob_info(&mut self) -> Option<(Vec<u8>, BlobMetaData)> {

676

self.key_blob_info.take()

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

677

}

678

/// Exposes the optional public certificate.

679

pub fn cert(&self) -> &Option<Vec<u8>> {

680

&self.cert

681

}

682

/// Extracts the optional public certificate.

683

pub fn take_cert(&mut self) -> Option<Vec<u8>> {

684

self.cert.take()

685

}

686

/// Exposes the optional public certificate chain.

687

pub fn cert_chain(&self) -> &Option<Vec<u8>> {

688

&self.cert_chain

689

}

690

/// Extracts the optional public certificate_chain.

691

pub fn take_cert_chain(&mut self) -> Option<Vec<u8>> {

692

self.cert_chain.take()

693

}

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

694

/// Returns the uuid of the owning KeyMint instance.

695

pub fn km_uuid(&self) -> &Uuid {

696

&self.km_uuid

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

697

}

Janis Danisevskis

04b0283

2020-10-26 09:21:40 -0700

[diff] [blame]

698

/// Exposes the key parameters of this key entry.

699

pub fn key_parameters(&self) -> &Vec<KeyParameter> {

700

&self.parameters

701

}

702

/// Consumes this key entry and extracts the keyparameters from it.

703

pub fn into_key_parameters(self) -> Vec<KeyParameter> {

704

self.parameters

705

}

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

706

/// Exposes the key metadata of this key entry.

707

pub fn metadata(&self) -> &KeyMetaData {

708

&self.metadata

709

}

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

710

/// This returns true if the entry is a pure certificate entry with no

711

/// private key component.

712

pub fn pure_cert(&self) -> bool {

713

self.pure_cert

714

}

Hasini Gunasinghe

2021-02-01 21:10:02 +0000

[diff] [blame]

715

/// Consumes this key entry and extracts the keyparameters and metadata from it.

716

pub fn into_key_parameters_and_metadata(self) -> (Vec<KeyParameter>, KeyMetaData) {

717

(self.parameters, self.metadata)

718

}

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

719

}

720

721

/// Indicates the sub component of a key entry for persistent storage.

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

722

#[derive(Debug, Clone, Copy, Eq, PartialEq, Ord, PartialOrd)]

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

723

pub struct SubComponentType(u32);

724

impl SubComponentType {

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

725

/// Persistent identifier for a key blob.

726

pub const KEY_BLOB: SubComponentType = Self(0);

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

727

/// Persistent identifier for a certificate blob.

728

pub const CERT: SubComponentType = Self(1);

729

/// Persistent identifier for a certificate chain blob.

730

pub const CERT_CHAIN: SubComponentType = Self(2);

731

}

732

733

impl ToSql for SubComponentType {

734

fn to_sql(&self) -> rusqlite::Result<ToSqlOutput> {

self.0.to_sql()

}

}

impl FromSql for SubComponentType {

740

fn column_result(value: ValueRef) -> FromSqlResult<Self> {

741

Ok(Self(u32::column_result(value)?))

}

}

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

745

/// This trait is private to the database module. It is used to convey whether or not the garbage

746

/// collector shall be invoked after a database access. All closures passed to

747

/// `KeystoreDB::with_transaction` return a tuple (bool, T) where the bool indicates if the

748

/// gc needs to be triggered. This convenience function allows to turn any anyhow::Result<T>

749

/// into anyhow::Result<(bool, T)> by simply appending one of `.do_gc(bool)`, `.no_gc()`, or

750

/// `.need_gc()`.

751

trait DoGc<T> {

752

fn do_gc(self, need_gc: bool) -> Result<(bool, T)>;

753

754

fn no_gc(self) -> Result<(bool, T)>;

755

756

fn need_gc(self) -> Result<(bool, T)>;

757

}

758

759

impl<T> DoGc<T> for Result<T> {

760

fn do_gc(self, need_gc: bool) -> Result<(bool, T)> {

761

self.map(|r| (need_gc, r))

762

}

763

764

fn no_gc(self) -> Result<(bool, T)> {

self.do_gc(false)

}

fn need_gc(self) -> Result<(bool, T)> {

self.do_gc(true)

}

}

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

773

/// KeystoreDB wraps a connection to an SQLite database and tracks its

774

/// ownership. It also implements all of Keystore 2.0's database functionality.

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

775

pub struct KeystoreDB {

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

776

conn: Connection,

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

777

gc: Option<Arc<Gc>>,

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

778

perboot: Arc<perboot::PerbootDB>,

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

779

}

780

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

781

/// Database representation of the monotonic time retrieved from the system call clock_gettime with

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

782

/// CLOCK_BOOTTIME. Stores monotonic time as i64 in milliseconds.

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

783

#[derive(Debug, Copy, Clone, Default, Eq, PartialEq, Ord, PartialOrd)]

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

784

pub struct BootTime(i64);

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

785

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

786

impl BootTime {

787

/// Constructs a new BootTime

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

788

pub fn now() -> Self {

Hasini Gunasinghe

2021-05-12 19:03:12 +0000

[diff] [blame]

789

Self(get_current_time_in_milliseconds())

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

790

}

791

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

792

/// Returns the value of BootTime in milliseconds as i64

Hasini Gunasinghe

2021-05-12 19:03:12 +0000

[diff] [blame]

793

pub fn milliseconds(&self) -> i64 {

794

self.0

David Drysdale

0e45a61

2021-02-25 17:24:36 +0000

[diff] [blame]

795

}

796

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

797

/// Returns the integer value of BootTime as i64

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

798

pub fn seconds(&self) -> i64 {

Hasini Gunasinghe

2021-05-12 19:03:12 +0000

[diff] [blame]

799

self.0 / 1000

Hasini Gunasinghe

b3715fb

2021-02-26 20:34:45 +0000

[diff] [blame]

800

}

801

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

802

/// Like i64::checked_sub.

803

pub fn checked_sub(&self, other: &Self) -> Option<Self> {

804

self.0.checked_sub(other.0).map(Self)

805

}

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

806

}

807

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

808

impl ToSql for BootTime {

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

809

fn to_sql(&self) -> rusqlite::Result<ToSqlOutput> {

810

Ok(ToSqlOutput::Owned(Value::Integer(self.0)))

}

}

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

814

impl FromSql for BootTime {

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

815

fn column_result(value: ValueRef) -> FromSqlResult<Self> {

816

Ok(Self(i64::column_result(value)?))

}

}

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

820

/// This struct encapsulates the information to be stored in the database about the auth tokens

821

/// received by keystore.

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

822

#[derive(Clone)]

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

823

pub struct AuthTokenEntry {

824

auth_token: HardwareAuthToken,

Hasini Gunasinghe

2021-05-12 19:03:12 +0000

[diff] [blame]

825

// Time received in milliseconds

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

826

time_received: BootTime,

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

827

}

828

829

impl AuthTokenEntry {

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

830

fn new(auth_token: HardwareAuthToken, time_received: BootTime) -> Self {

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

831

AuthTokenEntry { auth_token, time_received }

832

}

833

834

/// Checks if this auth token satisfies the given authentication information.

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

835

pub fn satisfies(&self, user_secure_ids: &[i64], auth_type: HardwareAuthenticatorType) -> bool {

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

836

user_secure_ids.iter().any(|&sid| {

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

837

(sid == self.auth_token.userId || sid == self.auth_token.authenticatorId)

Charisee

03e0084

2023-01-25 01:41:23 +0000

[diff] [blame]

838

&& ((auth_type.0 & self.auth_token.authenticatorType.0) != 0)

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

})

}

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

842

/// Returns the auth token wrapped by the AuthTokenEntry

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

843

pub fn auth_token(&self) -> &HardwareAuthToken {

&self.auth_token

}

/// Returns the auth token wrapped by the AuthTokenEntry

848

pub fn take_auth_token(self) -> HardwareAuthToken {

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

849

self.auth_token

850

}

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

851

852

/// Returns the time that this auth token was received.

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

853

pub fn time_received(&self) -> BootTime {

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

854

self.time_received

855

}

Hasini Gunasinghe

b3715fb

2021-02-26 20:34:45 +0000

[diff] [blame]

856

857

/// Returns the challenge value of the auth token.

858

pub fn challenge(&self) -> i64 {

859

self.auth_token.challenge

860

}

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

861

}

862

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

863

impl KeystoreDB {

Janis Danisevskis

2021-02-18 20:04:10 -0800

[diff] [blame]

864

const UNASSIGNED_KEY_ID: i64 = -1i64;

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

865

const CURRENT_DB_VERSION: u32 = 1;

866

const UPGRADERS: &'static [fn(&Transaction) -> Result<u32>] = &[Self::from_0_to_1];

Janis Danisevskis

b00ebd0

2021-02-02 21:52:24 -0800

[diff] [blame]

867

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

868

/// Name of the file that holds the cross-boot persistent database.

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

869

pub const PERSISTENT_DB_FILENAME: &'static str = "persistent.sqlite";

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

870

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

871

/// This will create a new database connection connecting the two

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

872

/// files persistent.sqlite and perboot.sqlite in the given directory.

873

/// It also attempts to initialize all of the tables.

874

/// KeystoreDB cannot be used by multiple threads.

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

875

/// Each thread should open their own connection using `thread_local!`.

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

876

pub fn new(db_root: &Path, gc: Option<Arc<Gc>>) -> Result<Self> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

877

let _wp = wd::watch_millis("KeystoreDB::new", 500);

878

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

879

let persistent_path = Self::make_persistent_path(db_root)?;

Seth Moore

472fcbb

2021-05-12 10:07:51 -0700

[diff] [blame]

880

let conn = Self::make_connection(&persistent_path)?;

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

881

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

882

let mut db = Self { conn, gc, perboot: perboot::PERBOOT_DB.clone() };

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

883

db.with_transaction(TransactionBehavior::Immediate, |tx| {

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

884

versioning::upgrade_database(tx, Self::CURRENT_DB_VERSION, Self::UPGRADERS)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

885

.context(ks_err!("KeystoreDB::new: trying to upgrade database."))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

886

Self::init_tables(tx).context("Trying to initialize tables.").no_gc()

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

887

})?;

888

Ok(db)

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

889

}

890

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

891

// This upgrade function deletes all MAX_BOOT_LEVEL keys, that were generated before

892

// cryptographic binding to the boot level keys was implemented.

893

fn from_0_to_1(tx: &Transaction) -> Result<u32> {

894

tx.execute(

895

"UPDATE persistent.keyentry SET state = ?

896

WHERE

897

id IN (SELECT keyentryid FROM persistent.keyparameter WHERE tag = ?)

898

AND

899

id NOT IN (

900

SELECT keyentryid FROM persistent.blobentry

901

WHERE id IN (

902

SELECT blobentryid FROM persistent.blobmetadata WHERE tag = ?

903

)

904

);",

905

params![KeyLifeCycle::Unreferenced, Tag::MAX_BOOT_LEVEL.0, BlobMetaData::MaxBootLevel],

906

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

907

.context(ks_err!("Failed to delete logical boot level keys."))?;

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

Ok(1)

}

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

911

fn init_tables(tx: &Transaction) -> Result<()> {

912

tx.execute(

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

913

"CREATE TABLE IF NOT EXISTS persistent.keyentry (

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

914

id INTEGER UNIQUE,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

915

key_type INTEGER,

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

916

domain INTEGER,

917

namespace INTEGER,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

918

alias BLOB,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

919

state INTEGER,

920

km_uuid BLOB);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

921

[],

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

922

)

923

.context("Failed to initialize \"keyentry\" table.")?;

924

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

925

tx.execute(

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

926

"CREATE INDEX IF NOT EXISTS persistent.keyentry_id_index

927

ON keyentry(id);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

928

[],

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

929

)

930

.context("Failed to create index keyentry_id_index.")?;

931

932

tx.execute(

933

"CREATE INDEX IF NOT EXISTS persistent.keyentry_domain_namespace_index

934

ON keyentry(domain, namespace, alias);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

935

[],

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

936

)

937

.context("Failed to create index keyentry_domain_namespace_index.")?;

938

939

tx.execute(

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

940

"CREATE TABLE IF NOT EXISTS persistent.blobentry (

941

id INTEGER PRIMARY KEY,

942

subcomponent_type INTEGER,

943

keyentryid INTEGER,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

944

blob BLOB);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

945

[],

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

946

)

947

.context("Failed to initialize \"blobentry\" table.")?;

948

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

949

tx.execute(

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

950

"CREATE INDEX IF NOT EXISTS persistent.blobentry_keyentryid_index

951

ON blobentry(keyentryid);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

952

[],

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

953

)

954

.context("Failed to create index blobentry_keyentryid_index.")?;

955

956

tx.execute(

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

957

"CREATE TABLE IF NOT EXISTS persistent.blobmetadata (

958

id INTEGER PRIMARY KEY,

blobentryid INTEGER,

tag INTEGER,

data ANY,

UNIQUE (blobentryid, tag));",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

963

[],

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

964

)

965

.context("Failed to initialize \"blobmetadata\" table.")?;

966

967

tx.execute(

968

"CREATE INDEX IF NOT EXISTS persistent.blobmetadata_blobentryid_index

969

ON blobmetadata(blobentryid);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

970

[],

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

971

)

972

.context("Failed to create index blobmetadata_blobentryid_index.")?;

973

974

tx.execute(

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

975

"CREATE TABLE IF NOT EXISTS persistent.keyparameter (

Hasini Gunasinghe

af99366

2020-07-24 18:40:20 +0000

[diff] [blame]

keyentryid INTEGER,

tag INTEGER,

data ANY,

security_level INTEGER);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

980

[],

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

981

)

982

.context("Failed to initialize \"keyparameter\" table.")?;

983

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

984

tx.execute(

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

985

"CREATE INDEX IF NOT EXISTS persistent.keyparameter_keyentryid_index

986

ON keyparameter(keyentryid);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

987

[],

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

988

)

989

.context("Failed to create index keyparameter_keyentryid_index.")?;

990

991

tx.execute(

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

992

"CREATE TABLE IF NOT EXISTS persistent.keymetadata (

993

keyentryid INTEGER,

994

tag INTEGER,

Hasini Gunasinghe

2021-02-01 21:10:02 +0000

[diff] [blame]

995

data ANY,

996

UNIQUE (keyentryid, tag));",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

997

[],

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

998

)

999

.context("Failed to initialize \"keymetadata\" table.")?;

1000

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1001

tx.execute(

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

1002

"CREATE INDEX IF NOT EXISTS persistent.keymetadata_keyentryid_index

1003

ON keymetadata(keyentryid);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

1004

[],

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

1005

)

1006

.context("Failed to create index keymetadata_keyentryid_index.")?;

1007

1008

tx.execute(

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

1009

"CREATE TABLE IF NOT EXISTS persistent.grant (

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

id INTEGER UNIQUE,

grantee INTEGER,

keyentryid INTEGER,

access_vector INTEGER);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

1014

[],

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1015

)

1016

.context("Failed to initialize \"grant\" table.")?;

1017

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

Ok(())

}

Seth Moore

2021-05-12 10:07:51 -0700

[diff] [blame]

1021

fn make_persistent_path(db_root: &Path) -> Result<String> {

1022

// Build the path to the sqlite file.

1023

let mut persistent_path = db_root.to_path_buf();

1024

persistent_path.push(Self::PERSISTENT_DB_FILENAME);

1025

1026

// Now convert them to strings prefixed with "file:"

1027

let mut persistent_path_str = "file:".to_owned();

1028

persistent_path_str.push_str(&persistent_path.to_string_lossy());

1029

Shaquille Johnson

52b8c93

2023-12-19 19:45:32 +0000

[diff] [blame]

1030

// Connect to database in specific mode

1031

let persistent_path_mode = if keystore2_flags::wal_db_journalmode_v3() {

1032

"?journal_mode=WAL".to_owned()

1033

} else {

1034

"?journal_mode=DELETE".to_owned()

1035

};

1036

persistent_path_str.push_str(&persistent_path_mode);

1037

Seth Moore

472fcbb

2021-05-12 10:07:51 -0700

[diff] [blame]

1038

Ok(persistent_path_str)

1039

}

1040

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

1041

fn make_connection(persistent_file: &str) -> Result<Connection> {

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

1042

let conn =

1043

Connection::open_in_memory().context("Failed to initialize SQLite connection.")?;

1044

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1045

loop {

1046

if let Err(e) = conn

1047

.execute("ATTACH DATABASE ? as persistent;", params![persistent_file])

1048

.context("Failed to attach database persistent.")

1049

{

1050

if Self::is_locked_error(&e) {

David Drysdale

2024-04-15 14:11:52 +0100

[diff] [blame^]

1051

std::thread::sleep(DB_BUSY_RETRY_INTERVAL);

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

continue;

} else {

return Err(e);

}

}

break;

}

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

1059

Matthew Maurer

4fb1911

2021-05-06 15:40:44 -0700

[diff] [blame]

1060

// Drop the cache size from default (2M) to 0.5M

1061

conn.execute("PRAGMA persistent.cache_size = -500;", params![])

1062

.context("Failed to decrease cache size for persistent db")?;

Matthew Maurer

4fb1911

2021-05-06 15:40:44 -0700

[diff] [blame]

1063

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

Ok(conn)

}

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1067

fn do_table_size_query(

1068

&mut self,

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1069

storage_type: MetricsStorage,

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1070

query: &str,

1071

params: &[&str],

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1072

) -> Result<StorageStats> {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1073

let (total, unused) = self.with_transaction(TransactionBehavior::Deferred, |tx| {

Joel Galenson

ff79e36

2021-05-25 16:30:17 -0700

[diff] [blame]

1074

tx.query_row(query, params_from_iter(params), |row| Ok((row.get(0)?, row.get(1)?)))

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1075

.with_context(|| {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1076

ks_err!("get_storage_stat: Error size of storage type {}", storage_type.0)

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1077

})

1078

.no_gc()

1079

})?;

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1080

Ok(StorageStats { storage_type, size: total, unused_size: unused })

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1081

}

1082

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1083

fn get_total_size(&mut self) -> Result<StorageStats> {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1084

self.do_table_size_query(

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1085

MetricsStorage::DATABASE,

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1086

"SELECT page_count * page_size, freelist_count * page_size

1087

FROM pragma_page_count('persistent'),

1088

pragma_page_size('persistent'),

1089

persistent.pragma_freelist_count();",

&[],

)

}

fn get_table_size(

&mut self,

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1096

storage_type: MetricsStorage,

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1097

schema: &str,

1098

table: &str,

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1099

) -> Result<StorageStats> {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1100

self.do_table_size_query(

1101

storage_type,

1102

"SELECT pgsize,unused FROM dbstat(?1)

1103

WHERE name=?2 AND aggregate=TRUE;",

&[schema, table],

)

}

/// Fetches a storage statisitics atom for a given storage type. For storage

1109

/// types that map to a table, information about the table's storage is

1110

/// returned. Requests for storage types that are not DB tables return None.

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1111

pub fn get_storage_stat(&mut self, storage_type: MetricsStorage) -> Result<StorageStats> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1112

let _wp = wd::watch_millis("KeystoreDB::get_storage_stat", 500);

1113

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1114

match storage_type {

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1115

MetricsStorage::DATABASE => self.get_total_size(),

1116

MetricsStorage::KEY_ENTRY => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1117

self.get_table_size(storage_type, "persistent", "keyentry")

1118

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1119

MetricsStorage::KEY_ENTRY_ID_INDEX => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1120

self.get_table_size(storage_type, "persistent", "keyentry_id_index")

1121

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1122

MetricsStorage::KEY_ENTRY_DOMAIN_NAMESPACE_INDEX => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1123

self.get_table_size(storage_type, "persistent", "keyentry_domain_namespace_index")

1124

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1125

MetricsStorage::BLOB_ENTRY => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1126

self.get_table_size(storage_type, "persistent", "blobentry")

1127

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1128

MetricsStorage::BLOB_ENTRY_KEY_ENTRY_ID_INDEX => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1129

self.get_table_size(storage_type, "persistent", "blobentry_keyentryid_index")

1130

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1131

MetricsStorage::KEY_PARAMETER => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1132

self.get_table_size(storage_type, "persistent", "keyparameter")

1133

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1134

MetricsStorage::KEY_PARAMETER_KEY_ENTRY_ID_INDEX => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1135

self.get_table_size(storage_type, "persistent", "keyparameter_keyentryid_index")

1136

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1137

MetricsStorage::KEY_METADATA => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1138

self.get_table_size(storage_type, "persistent", "keymetadata")

1139

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1140

MetricsStorage::KEY_METADATA_KEY_ENTRY_ID_INDEX => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1141

self.get_table_size(storage_type, "persistent", "keymetadata_keyentryid_index")

1142

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1143

MetricsStorage::GRANT => self.get_table_size(storage_type, "persistent", "grant"),

1144

MetricsStorage::AUTH_TOKEN => {

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

1145

// Since the table is actually a BTreeMap now, unused_size is not meaningfully

1146

// reportable

1147

// Size provided is only an approximation

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1148

Ok(StorageStats {

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

1149

storage_type,

1150

size: (self.perboot.auth_tokens_len() * std::mem::size_of::<AuthTokenEntry>())

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1151

as i32,

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

1152

unused_size: 0,

1153

})

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1154

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1155

MetricsStorage::BLOB_METADATA => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1156

self.get_table_size(storage_type, "persistent", "blobmetadata")

1157

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1158

MetricsStorage::BLOB_METADATA_BLOB_ENTRY_ID_INDEX => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1159

self.get_table_size(storage_type, "persistent", "blobmetadata_blobentryid_index")

1160

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1161

_ => Err(anyhow::Error::msg(format!("Unsupported storage type: {}", storage_type.0))),

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

}

}

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1165

/// This function is intended to be used by the garbage collector.

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

1166

/// It deletes the blobs given by `blob_ids_to_delete`. It then tries to find up to `max_blobs`

1167

/// superseded key blobs that might need special handling by the garbage collector.

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1168

/// If no further superseded blobs can be found it deletes all other superseded blobs that don't

1169

/// need special handling and returns None.

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

1170

pub fn handle_next_superseded_blobs(

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1171

&mut self,

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

1172

blob_ids_to_delete: &[i64],

1173

max_blobs: usize,

1174

) -> Result<Vec<(i64, Vec<u8>, BlobMetaData)>> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1175

let _wp = wd::watch_millis("KeystoreDB::handle_next_superseded_blob", 500);

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1176

self.with_transaction(TransactionBehavior::Immediate, |tx| {

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

1177

// Delete the given blobs.

1178

for blob_id in blob_ids_to_delete {

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1179

tx.execute(

1180

"DELETE FROM persistent.blobmetadata WHERE blobentryid = ?;",

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

1181

params![blob_id],

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1182

)

Shaquille Johnson

f23fc94

2024-02-13 17:01:29 +0000

[diff] [blame]

1183

.context(ks_err!("Trying to delete blob metadata: {:?}", blob_id))?;

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

1184

tx.execute("DELETE FROM persistent.blobentry WHERE id = ?;", params![blob_id])

Shaquille Johnson

f23fc94

2024-02-13 17:01:29 +0000

[diff] [blame]

1185

.context(ks_err!("Trying to delete blob: {:?}", blob_id))?;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1186

}

Janis Danisevskis

3cba10d

2021-05-06 17:02:19 -0700

[diff] [blame]

1187

1188

Self::cleanup_unreferenced(tx).context("Trying to cleanup unreferenced.")?;

1189

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

1190

// Find up to max_blobx more superseded key blobs, load their metadata and return it.

1191

let result: Vec<(i64, Vec<u8>)> = {

1192

let mut stmt = tx

1193

.prepare(

1194

"SELECT id, blob FROM persistent.blobentry

1195

WHERE subcomponent_type = ?

1196

AND (

1197

id NOT IN (

1198

SELECT MAX(id) FROM persistent.blobentry

1199

WHERE subcomponent_type = ?

1200

GROUP BY keyentryid, subcomponent_type

1201

)

1202

OR keyentryid NOT IN (SELECT id FROM persistent.keyentry)

1203

) LIMIT ?;",

1204

)

1205

.context("Trying to prepare query for superseded blobs.")?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1206

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

let rows = stmt

.query_map(

params![

SubComponentType::KEY_BLOB,

1211

SubComponentType::KEY_BLOB,

1212

max_blobs as i64,

1213

],

1214

|row| Ok((row.get(0)?, row.get(1)?)),

1215

)

1216

.context("Trying to query superseded blob.")?;

1217

1218

rows.collect::<Result<Vec<(i64, Vec<u8>)>, rusqlite::Error>>()

1219

.context("Trying to extract superseded blobs.")?

};

let result = result

.into_iter()

.map(|(blob_id, blob)| {

1225

Ok((blob_id, blob, BlobMetaData::load_from_db(blob_id, tx)?))

1226

})

1227

.collect::<Result<Vec<(i64, Vec<u8>, BlobMetaData)>>>()

1228

.context("Trying to load blob metadata.")?;

1229

if !result.is_empty() {

1230

return Ok(result).no_gc();

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1231

}

1232

1233

// We did not find any superseded key blob, so let's remove other superseded blob in

1234

// one transaction.

1235

tx.execute(

1236

"DELETE FROM persistent.blobentry

1237

WHERE NOT subcomponent_type = ?

1238

AND (

1239

id NOT IN (

1240

SELECT MAX(id) FROM persistent.blobentry

1241

WHERE NOT subcomponent_type = ?

1242

GROUP BY keyentryid, subcomponent_type

1243

) OR keyentryid NOT IN (SELECT id FROM persistent.keyentry)

1244

);",

1245

params![SubComponentType::KEY_BLOB, SubComponentType::KEY_BLOB],

1246

)

1247

.context("Trying to purge superseded blobs.")?;

1248

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

1249

Ok(vec![]).no_gc()

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1250

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1251

.context(ks_err!())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1252

}

1253

1254

/// This maintenance function should be called only once before the database is used for the

1255

/// first time. It restores the invariant that `KeyLifeCycle::Existing` is a transient state.

1256

/// The function transitions all key entries from Existing to Unreferenced unconditionally and

1257

/// returns the number of rows affected. If this returns a value greater than 0, it means that

1258

/// Keystore crashed at some point during key generation. Callers may want to log such

1259

/// occurrences.

1260

/// Unlike with `mark_unreferenced`, we don't need to purge grants, because only keys that made

1261

/// it to `KeyLifeCycle::Live` may have grants.

1262

pub fn cleanup_leftovers(&mut self) -> Result<usize> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1263

let _wp = wd::watch_millis("KeystoreDB::cleanup_leftovers", 500);

1264

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1265

self.with_transaction(TransactionBehavior::Immediate, |tx| {

1266

tx.execute(

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1267

"UPDATE persistent.keyentry SET state = ? WHERE state = ?;",

1268

params![KeyLifeCycle::Unreferenced, KeyLifeCycle::Existing],

1269

)

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1270

.context("Failed to execute query.")

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1271

.need_gc()

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1272

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1273

.context(ks_err!())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1274

}

1275

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1276

/// Checks if a key exists with given key type and key descriptor properties.

pub fn key_exists(

&mut self,

domain: Domain,

nspace: i64,

alias: &str,

key_type: KeyType,

) -> Result<bool> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1284

let _wp = wd::watch_millis("KeystoreDB::key_exists", 500);

1285

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1286

self.with_transaction(TransactionBehavior::Immediate, |tx| {

1287

let key_descriptor =

1288

KeyDescriptor { domain, nspace, alias: Some(alias.to_string()), blob: None };

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1289

let result = Self::load_key_entry_id(tx, &key_descriptor, key_type);

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1290

match result {

1291

Ok(_) => Ok(true),

1292

Err(error) => match error.root_cause().downcast_ref::<KsError>() {

1293

Some(KsError::Rc(ResponseCode::KEY_NOT_FOUND)) => Ok(false),

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1294

_ => Err(error).context(ks_err!("Failed to find if the key exists.")),

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

},

}

.no_gc()

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1299

.context(ks_err!())

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1300

}

1301

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1302

/// Stores a super key in the database.

1303

pub fn store_super_key(

1304

&mut self,

Hasini Gunasinghe

3ed5da7

2021-02-04 15:18:54 +0000

[diff] [blame]

1305

user_id: u32,

Paul Crowley

2021-03-18 17:08:20 -0700

[diff] [blame]

1306

key_type: &SuperKeyType,

1307

blob: &[u8],

1308

blob_metadata: &BlobMetaData,

Paul Crowley

2021-03-19 10:53:07 -0700

[diff] [blame]

1309

key_metadata: &KeyMetaData,

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1310

) -> Result<KeyEntry> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1311

let _wp = wd::watch_millis("KeystoreDB::store_super_key", 500);

1312

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1313

self.with_transaction(TransactionBehavior::Immediate, |tx| {

1314

let key_id = Self::insert_with_retry(|id| {

1315

tx.execute(

1316

"INSERT into persistent.keyentry

1317

(id, key_type, domain, namespace, alias, state, km_uuid)

Hasini Gunasinghe

2021-02-01 21:10:02 +0000

[diff] [blame]

1318

VALUES(?, ?, ?, ?, ?, ?, ?);",

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1319

params![

1320

id,

1321

KeyType::Super,

Hasini Gunasinghe

2021-02-01 21:10:02 +0000

[diff] [blame]

1322

Domain::APP.0,

Hasini Gunasinghe

3ed5da7

2021-02-04 15:18:54 +0000

[diff] [blame]

1323

user_id as i64,

Paul Crowley

2021-03-18 17:08:20 -0700

[diff] [blame]

1324

key_type.alias,

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

KeyLifeCycle::Live,

&KEYSTORE_UUID,

],

)

})

.context("Failed to insert into keyentry table.")?;

1331

Paul Crowley

2021-03-19 10:53:07 -0700

[diff] [blame]

1332

key_metadata.store_in_db(key_id, tx).context("KeyMetaData::store_in_db failed")?;

1333

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1334

Self::set_blob_internal(

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1335

tx,

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1336

key_id,

1337

SubComponentType::KEY_BLOB,

Some(blob),

Some(blob_metadata),

)

.context("Failed to store key blob.")?;

1342

1343

Self::load_key_components(tx, KeyEntryLoadBits::KM, key_id)

1344

.context("Trying to load key components.")

1345

.no_gc()

1346

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1347

.context(ks_err!())

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1348

}

1349

Hasini Gunasinghe

2021-02-06 00:56:28 +0000

[diff] [blame]

1350

/// Loads super key of a given user, if exists

Paul Crowley

2021-03-18 17:08:20 -0700

[diff] [blame]

1351

pub fn load_super_key(

1352

&mut self,

1353

key_type: &SuperKeyType,

1354

user_id: u32,

1355

) -> Result<Option<(KeyIdGuard, KeyEntry)>> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1356

let _wp = wd::watch_millis("KeystoreDB::load_super_key", 500);

1357

Hasini Gunasinghe

2021-02-06 00:56:28 +0000

[diff] [blame]

1358

self.with_transaction(TransactionBehavior::Immediate, |tx| {

1359

let key_descriptor = KeyDescriptor {

1360

domain: Domain::APP,

Hasini Gunasinghe

3ed5da7

2021-02-04 15:18:54 +0000

[diff] [blame]

1361

nspace: user_id as i64,

Paul Crowley

2021-03-18 17:08:20 -0700

[diff] [blame]

1362

alias: Some(key_type.alias.into()),

Hasini Gunasinghe

2021-02-06 00:56:28 +0000

[diff] [blame]

1363

blob: None,

1364

};

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1365

let id = Self::load_key_entry_id(tx, &key_descriptor, KeyType::Super);

Hasini Gunasinghe

2021-02-06 00:56:28 +0000

[diff] [blame]

1366

match id {

1367

Ok(id) => {

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1368

let key_entry = Self::load_key_components(tx, KeyEntryLoadBits::KM, id)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1369

.context(ks_err!("Failed to load key entry."))?;

Hasini Gunasinghe

2021-02-06 00:56:28 +0000

[diff] [blame]

1370

Ok(Some((KEY_ID_LOCK.get(id), key_entry)))

1371

}

1372

Err(error) => match error.root_cause().downcast_ref::<KsError>() {

1373

Some(KsError::Rc(ResponseCode::KEY_NOT_FOUND)) => Ok(None),

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1374

_ => Err(error).context(ks_err!()),

Hasini Gunasinghe

2021-02-06 00:56:28 +0000

[diff] [blame]

},

}

.no_gc()

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1379

.context(ks_err!())

Hasini Gunasinghe

2021-02-06 00:56:28 +0000

[diff] [blame]

1380

}

1381

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1382

/// Atomically loads a key entry and associated metadata or creates it using the

1383

/// callback create_new_key callback. The callback is called during a database

1384

/// transaction. This means that implementers should be mindful about using

1385

/// blocking operations such as IPC or grabbing mutexes.

1386

pub fn get_or_create_key_with<F>(

&mut self,

domain: Domain,

namespace: i64,

alias: &str,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1391

km_uuid: Uuid,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1392

create_new_key: F,

1393

) -> Result<(KeyIdGuard, KeyEntry)>

1394

where

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1395

F: Fn() -> Result<(Vec<u8>, BlobMetaData)>,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1396

{

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1397

let _wp = wd::watch_millis("KeystoreDB::get_or_create_key_with", 500);

1398

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1399

self.with_transaction(TransactionBehavior::Immediate, |tx| {

let id = {

let mut stmt = tx

.prepare(

"SELECT id FROM persistent.keyentry

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

WHERE

key_type = ?

AND domain = ?

AND namespace = ?

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1408

AND alias = ?

1409

AND state = ?;",

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1410

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1411

.context(ks_err!("Failed to select from keyentry table."))?;

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1412

let mut rows = stmt

1413

.query(params![KeyType::Super, domain.0, namespace, alias, KeyLifeCycle::Live])

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1414

.context(ks_err!("Failed to query from keyentry table."))?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1415

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1416

db_utils::with_rows_extract_one(&mut rows, |row| {

1417

Ok(match row {

1418

Some(r) => r.get(0).context("Failed to unpack id.")?,

1419

None => None,

1420

})

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1421

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1422

.context(ks_err!())?

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1423

};

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1424

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1425

let (id, entry) = match id {

1426

Some(id) => (

1427

id,

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1428

Self::load_key_components(tx, KeyEntryLoadBits::KM, id).context(ks_err!())?,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1429

),

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1430

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1431

None => {

1432

let id = Self::insert_with_retry(|id| {

1433

tx.execute(

1434

"INSERT into persistent.keyentry

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1435

(id, key_type, domain, namespace, alias, state, km_uuid)

1436

VALUES(?, ?, ?, ?, ?, ?, ?);",

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

params![

id,

KeyType::Super,

domain.0,

namespace,

alias,

KeyLifeCycle::Live,

km_uuid,

],

)

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1448

.context(ks_err!())?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1449

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1450

let (blob, metadata) = create_new_key().context(ks_err!())?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1451

Self::set_blob_internal(

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1452

tx,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1453

id,

1454

SubComponentType::KEY_BLOB,

1455

Some(&blob),

1456

Some(&metadata),

1457

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1458

.context(ks_err!())?;

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1459

(

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1460

id,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1461

KeyEntry {

1462

id,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1463

key_blob_info: Some((blob, metadata)),

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

pure_cert: false,

..Default::default()

},

)

}

};

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1470

Ok((KEY_ID_LOCK.get(id), entry)).no_gc()

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1471

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1472

.context(ks_err!())

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1473

}

1474

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1475

/// Creates a transaction with the given behavior and executes f with the new transaction.

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1476

/// The transaction is committed only if f returns Ok and retried if DatabaseBusy

1477

/// or DatabaseLocked is encountered.

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1478

fn with_transaction<T, F>(&mut self, behavior: TransactionBehavior, f: F) -> Result<T>

1479

where

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1480

F: Fn(&Transaction) -> Result<(bool, T)>,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1481

{

David Drysdale

2024-04-15 14:11:52 +0100

[diff] [blame^]

1482

self.with_transaction_timeout(behavior, MAX_DB_BUSY_RETRY_PERIOD, f)

1483

}

1484

fn with_transaction_timeout<T, F>(

1485

&mut self,

1486

behavior: TransactionBehavior,

timeout: Duration,

f: F,

) -> Result<T>

where

F: Fn(&Transaction) -> Result<(bool, T)>,

1492

{

1493

let start = std::time::Instant::now();

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1494

loop {

James Farrell

efe1a2f

2024-02-28 21:36:47 +0000

[diff] [blame]

1495

let result = self

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1496

.conn

1497

.transaction_with_behavior(behavior)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1498

.context(ks_err!())

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1499

.and_then(|tx| f(&tx).map(|result| (result, tx)))

1500

.and_then(|(result, tx)| {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1501

tx.commit().context(ks_err!("Failed to commit transaction."))?;

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1502

Ok(result)

James Farrell

efe1a2f

2024-02-28 21:36:47 +0000

[diff] [blame]

1503

});

1504

match result {

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1505

Ok(result) => break Ok(result),

1506

Err(e) => {

1507

if Self::is_locked_error(&e) {

David Drysdale

2024-04-15 14:11:52 +0100

[diff] [blame^]

1508

check_lock_timeout(&start, timeout)?;

1509

std::thread::sleep(DB_BUSY_RETRY_INTERVAL);

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1510

continue;

1511

} else {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1512

return Err(e).context(ks_err!());

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

}

}

}

}

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1517

.map(|(need_gc, result)| {

1518

if need_gc {

1519

if let Some(ref gc) = self.gc {

gc.notify_gc();

}

}

result

})

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1525

}

1526

1527

fn is_locked_error(e: &anyhow::Error) -> bool {

Paul Crowley

f61fee7

2021-03-17 14:38:44 -0700

[diff] [blame]

1528

matches!(

1529

e.root_cause().downcast_ref::<rusqlite::ffi::Error>(),

1530

Some(rusqlite::ffi::Error { code: rusqlite::ErrorCode::DatabaseBusy, .. })

1531

| Some(rusqlite::ffi::Error { code: rusqlite::ErrorCode::DatabaseLocked, .. })

1532

)

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1533

}

1534

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1535

/// Creates a new key entry and allocates a new randomized id for the new key.

1536

/// The key id gets associated with a domain and namespace but not with an alias.

1537

/// To complete key generation `rebind_alias` should be called after all of the

1538

/// key artifacts, i.e., blobs and parameters have been associated with the new

1539

/// key id. Finalizing with `rebind_alias` makes the creation of a new key entry

1540

/// atomic even if key generation is not.

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1541

pub fn create_key_entry(

1542

&mut self,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1543

domain: &Domain,

1544

namespace: &i64,

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1545

key_type: KeyType,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1546

km_uuid: &Uuid,

1547

) -> Result<KeyIdGuard> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1548

let _wp = wd::watch_millis("KeystoreDB::create_key_entry", 500);

1549

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1550

self.with_transaction(TransactionBehavior::Immediate, |tx| {

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1551

Self::create_key_entry_internal(tx, domain, namespace, key_type, km_uuid).no_gc()

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1552

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1553

.context(ks_err!())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1554

}

1555

1556

fn create_key_entry_internal(

1557

tx: &Transaction,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1558

domain: &Domain,

1559

namespace: &i64,

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1560

key_type: KeyType,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1561

km_uuid: &Uuid,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1562

) -> Result<KeyIdGuard> {

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1563

match *domain {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

1564

Domain::APP | Domain::SELINUX => {}

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

1565

_ => {

1566

return Err(KsError::sys())

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1567

.context(ks_err!("Domain {:?} must be either App or SELinux.", domain));

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

1568

}

1569

}

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

1570

Ok(KEY_ID_LOCK.get(

1571

Self::insert_with_retry(|id| {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1572

tx.execute(

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1573

"INSERT into persistent.keyentry

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1574

(id, key_type, domain, namespace, alias, state, km_uuid)

1575

VALUES(?, ?, ?, ?, NULL, ?, ?);",

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1576

params![

1577

id,

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1578

key_type,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1579

domain.0 as u32,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1580

*namespace,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1581

KeyLifeCycle::Existing,

1582

km_uuid,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1583

],

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

1584

)

1585

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1586

.context(ks_err!())?,

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

1587

))

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

1588

}

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

1589

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1590

/// Set a new blob and associates it with the given key id. Each blob

1591

/// has a sub component type.

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1592

/// Each key can have one of each sub component type associated. If more

1593

/// are added only the most recent can be retrieved, and superseded blobs

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1594

/// will get garbage collected.

1595

/// Components SubComponentType::CERT and SubComponentType::CERT_CHAIN can be

1596

/// removed by setting blob to None.

1597

pub fn set_blob(

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1598

&mut self,

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

1599

key_id: &KeyIdGuard,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1600

sc_type: SubComponentType,

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1601

blob: Option<&[u8]>,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1602

blob_metadata: Option<&BlobMetaData>,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1603

) -> Result<()> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1604

let _wp = wd::watch_millis("KeystoreDB::set_blob", 500);

1605

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1606

self.with_transaction(TransactionBehavior::Immediate, |tx| {

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1607

Self::set_blob_internal(tx, key_id.0, sc_type, blob, blob_metadata).need_gc()

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1608

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1609

.context(ks_err!())

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1610

}

1611

Janis Danisevskis

2021-02-18 20:04:10 -0800

[diff] [blame]

1612

/// Why would we insert a deleted blob? This weird function is for the purpose of legacy

1613

/// key migration in the case where we bulk delete all the keys of an app or even a user.

1614

/// We use this to insert key blobs into the database which can then be garbage collected

1615

/// lazily by the key garbage collector.

1616

pub fn set_deleted_blob(&mut self, blob: &[u8], blob_metadata: &BlobMetaData) -> Result<()> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1617

let _wp = wd::watch_millis("KeystoreDB::set_deleted_blob", 500);

1618

Janis Danisevskis

2021-02-18 20:04:10 -0800

[diff] [blame]

1619

self.with_transaction(TransactionBehavior::Immediate, |tx| {

1620

Self::set_blob_internal(

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1621

tx,

Janis Danisevskis

2021-02-18 20:04:10 -0800

[diff] [blame]

1622

Self::UNASSIGNED_KEY_ID,

1623

SubComponentType::KEY_BLOB,

Some(blob),

Some(blob_metadata),

)

.need_gc()

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1629

.context(ks_err!())

Janis Danisevskis

2021-02-18 20:04:10 -0800

[diff] [blame]

1630

}

1631

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1632

fn set_blob_internal(

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1633

tx: &Transaction,

1634

key_id: i64,

1635

sc_type: SubComponentType,

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1636

blob: Option<&[u8]>,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1637

blob_metadata: Option<&BlobMetaData>,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1638

) -> Result<()> {

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1639

match (blob, sc_type) {

1640

(Some(blob), _) => {

1641

tx.execute(

1642

"INSERT INTO persistent.blobentry

1643

(subcomponent_type, keyentryid, blob) VALUES (?, ?, ?);",

1644

params![sc_type, key_id, blob],

1645

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1646

.context(ks_err!("Failed to insert blob."))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1647

if let Some(blob_metadata) = blob_metadata {

1648

let blob_id = tx

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

1649

.query_row("SELECT MAX(id) FROM persistent.blobentry;", [], |row| {

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1650

row.get(0)

1651

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1652

.context(ks_err!("Failed to get new blob id."))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1653

blob_metadata

1654

.store_in_db(blob_id, tx)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1655

.context(ks_err!("Trying to store blob metadata."))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1656

}

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1657

}

1658

(None, SubComponentType::CERT) | (None, SubComponentType::CERT_CHAIN) => {

1659

tx.execute(

1660

"DELETE FROM persistent.blobentry

1661

WHERE subcomponent_type = ? AND keyentryid = ?;",

1662

params![sc_type, key_id],

1663

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1664

.context(ks_err!("Failed to delete blob."))?;

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1665

}

1666

(None, _) => {

1667

return Err(KsError::sys())

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1668

.context(ks_err!("Other blobs cannot be deleted in this way."));

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1669

}

1670

}

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

Ok(())

}

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

1674

/// Inserts a collection of key parameters into the `persistent.keyparameter` table

1675

/// and associates them with the given `key_id`.

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1676

#[cfg(test)]

1677

fn insert_keyparameter(&mut self, key_id: &KeyIdGuard, params: &[KeyParameter]) -> Result<()> {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1678

self.with_transaction(TransactionBehavior::Immediate, |tx| {

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1679

Self::insert_keyparameter_internal(tx, key_id, params).no_gc()

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1680

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1681

.context(ks_err!())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1682

}

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

1683

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1684

fn insert_keyparameter_internal(

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1685

tx: &Transaction,

1686

key_id: &KeyIdGuard,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1687

params: &[KeyParameter],

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

) -> Result<()> {

let mut stmt = tx

.prepare(

"INSERT into persistent.keyparameter (keyentryid, tag, data, security_level)

1692

VALUES (?, ?, ?, ?);",

1693

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1694

.context(ks_err!("Failed to prepare statement."))?;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1695

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1696

for p in params.iter() {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

stmt.insert(params![

key_id.0,

p.get_tag().0,

p.key_parameter_value(),

1701

p.security_level().0

1702

])

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1703

.with_context(|| ks_err!("Failed to insert {:?}", p))?;

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

}

Ok(())

}

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1708

/// Insert a set of key entry specific metadata into the database.

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1709

#[cfg(test)]

1710

fn insert_key_metadata(&mut self, key_id: &KeyIdGuard, metadata: &KeyMetaData) -> Result<()> {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1711

self.with_transaction(TransactionBehavior::Immediate, |tx| {

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1712

metadata.store_in_db(key_id.0, tx).no_gc()

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1713

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1714

.context(ks_err!())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1715

}

1716

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1717

/// Updates the alias column of the given key id `newid` with the given alias,

1718

/// and atomically, removes the alias, domain, and namespace from another row

1719

/// with the same alias-domain-namespace tuple if such row exits.

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

1720

/// Returns Ok(true) if an old key was marked unreferenced as a hint to the garbage

1721

/// collector.

1722

fn rebind_alias(

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1723

tx: &Transaction,

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

1724

newid: &KeyIdGuard,

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

1725

alias: &str,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1726

domain: &Domain,

1727

namespace: &i64,

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1728

key_type: KeyType,

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

1729

) -> Result<bool> {

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1730

match *domain {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

1731

Domain::APP | Domain::SELINUX => {}

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

1732

_ => {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1733

return Err(KsError::sys())

1734

.context(ks_err!("Domain {:?} must be either App or SELinux.", domain));

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

1735

}

1736

}

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1737

let updated = tx

1738

.execute(

1739

"UPDATE persistent.keyentry

1740

SET alias = NULL, domain = NULL, namespace = NULL, state = ?

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1741

WHERE alias = ? AND domain = ? AND namespace = ? AND key_type = ?;",

1742

params![KeyLifeCycle::Unreferenced, alias, domain.0 as u32, namespace, key_type],

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1743

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1744

.context(ks_err!("Failed to rebind existing entry."))?;

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

1745

let result = tx

1746

.execute(

1747

"UPDATE persistent.keyentry

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1748

SET alias = ?, state = ?

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1749

WHERE id = ? AND domain = ? AND namespace = ? AND state = ? AND key_type = ?;",

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

params![

alias,

KeyLifeCycle::Live,

newid.0,

domain.0 as u32,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1755

*namespace,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1756

KeyLifeCycle::Existing,

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1757

key_type,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1758

],

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

1759

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1760

.context(ks_err!("Failed to set alias."))?;

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

1761

if result != 1 {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1762

return Err(KsError::sys()).context(ks_err!(

1763

"Expected to update a single entry but instead updated {}.",

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

1764

result

1765

));

1766

}

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

1767

Ok(updated != 0)

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1768

}

1769

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

1770

/// Moves the key given by KeyIdGuard to the new location at `destination`. If the destination

1771

/// is already occupied by a key, this function fails with `ResponseCode::INVALID_ARGUMENT`.

1772

pub fn migrate_key_namespace(

1773

&mut self,

1774

key_id_guard: KeyIdGuard,

1775

destination: &KeyDescriptor,

1776

caller_uid: u32,

1777

check_permission: impl Fn(&KeyDescriptor) -> Result<()>,

1778

) -> Result<()> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1779

let _wp = wd::watch_millis("KeystoreDB::migrate_key_namespace", 500);

1780

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

1781

let destination = match destination.domain {

1782

Domain::APP => KeyDescriptor { nspace: caller_uid as i64, ..(*destination).clone() },

1783

Domain::SELINUX => (*destination).clone(),

1784

domain => {

1785

return Err(KsError::Rc(ResponseCode::INVALID_ARGUMENT))

1786

.context(format!("Domain {:?} must be either APP or SELINUX.", domain));

}

};

// Security critical: Must return immediately on failure. Do not remove the '?';

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1791

check_permission(&destination).context(ks_err!("Trying to check permission."))?;

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

1792

1793

let alias = destination

1794

.alias

1795

.as_ref()

1796

.ok_or(KsError::Rc(ResponseCode::INVALID_ARGUMENT))

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1797

.context(ks_err!("Alias must be specified."))?;

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

1798

1799

self.with_transaction(TransactionBehavior::Immediate, |tx| {

1800

// Query the destination location. If there is a key, the migration request fails.

1801

if tx

1802

.query_row(

1803

"SELECT id FROM persistent.keyentry

1804

WHERE alias = ? AND domain = ? AND namespace = ?;",

1805

params![alias, destination.domain.0, destination.nspace],

|_| Ok(()),

)

.optional()

.context("Failed to query destination.")?

1810

.is_some()

1811

{

1812

return Err(KsError::Rc(ResponseCode::INVALID_ARGUMENT))

1813

.context("Target already exists.");

}

let updated = tx

.execute(

"UPDATE persistent.keyentry

1819

SET alias = ?, domain = ?, namespace = ?

1820

WHERE id = ?;",

1821

params![alias, destination.domain.0, destination.nspace, key_id_guard.id()],

1822

)

1823

.context("Failed to update key entry.")?;

1824

1825

if updated != 1 {

1826

return Err(KsError::sys())

1827

.context(format!("Update succeeded, but {} rows were updated.", updated));

1828

}

1829

Ok(()).no_gc()

1830

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1831

.context(ks_err!())

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

1832

}

1833

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1834

/// Store a new key in a single transaction.

1835

/// The function creates a new key entry, populates the blob, key parameter, and metadata

1836

/// fields, and rebinds the given alias to the new key.

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

1837

/// The boolean returned is a hint for the garbage collector. If true, a key was replaced,

1838

/// is now unreferenced and needs to be collected.

Chris Wailes

3877f29

2021-07-26 19:24:18 -0700

[diff] [blame]

1839

#[allow(clippy::too_many_arguments)]

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1840

pub fn store_new_key(

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1841

&mut self,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1842

key: &KeyDescriptor,

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1843

key_type: KeyType,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1844

params: &[KeyParameter],

Janis Danisevskis

2022-01-26 14:11:14 -0800

[diff] [blame]

1845

blob_info: &BlobInfo,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1846

cert_info: &CertificateInfo,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1847

metadata: &KeyMetaData,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1848

km_uuid: &Uuid,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1849

) -> Result<KeyIdGuard> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1850

let _wp = wd::watch_millis("KeystoreDB::store_new_key", 500);

1851

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1852

let (alias, domain, namespace) = match key {

1853

KeyDescriptor { alias: Some(alias), domain: Domain::APP, nspace, blob: None }

1854

| KeyDescriptor { alias: Some(alias), domain: Domain::SELINUX, nspace, blob: None } => {

1855

(alias, key.domain, nspace)

1856

}

1857

_ => {

1858

return Err(KsError::Rc(ResponseCode::INVALID_ARGUMENT))

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1859

.context(ks_err!("Need alias and domain must be APP or SELINUX."));

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1860

}

1861

};

1862

self.with_transaction(TransactionBehavior::Immediate, |tx| {

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1863

let key_id = Self::create_key_entry_internal(tx, &domain, namespace, key_type, km_uuid)

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1864

.context("Trying to create new key entry.")?;

Janis Danisevskis

2022-01-26 14:11:14 -0800

[diff] [blame]

1865

let BlobInfo { blob, metadata: blob_metadata, superseded_blob } = *blob_info;

1866

1867

// In some occasions the key blob is already upgraded during the import.

1868

// In order to make sure it gets properly deleted it is inserted into the

1869

// database here and then immediately replaced by the superseding blob.

1870

// The garbage collector will then subject the blob to deleteKey of the

1871

// KM back end to permanently invalidate the key.

1872

let need_gc = if let Some((blob, blob_metadata)) = superseded_blob {

1873

Self::set_blob_internal(

1874

tx,

1875

key_id.id(),

1876

SubComponentType::KEY_BLOB,

Some(blob),

Some(blob_metadata),

)

.context("Trying to insert superseded key blob.")?;

true

} else {

false

};

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1886

Self::set_blob_internal(

1887

tx,

1888

key_id.id(),

1889

SubComponentType::KEY_BLOB,

1890

Some(blob),

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1891

Some(blob_metadata),

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1892

)

1893

.context("Trying to insert the key blob.")?;

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1894

if let Some(cert) = &cert_info.cert {

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1895

Self::set_blob_internal(tx, key_id.id(), SubComponentType::CERT, Some(cert), None)

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1896

.context("Trying to insert the certificate.")?;

1897

}

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1898

if let Some(cert_chain) = &cert_info.cert_chain {

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1899

Self::set_blob_internal(

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1900

tx,

1901

key_id.id(),

1902

SubComponentType::CERT_CHAIN,

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1903

Some(cert_chain),

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1904

None,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1905

)

1906

.context("Trying to insert the certificate chain.")?;

1907

}

1908

Self::insert_keyparameter_internal(tx, &key_id, params)

1909

.context("Trying to insert key parameters.")?;

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1910

metadata.store_in_db(key_id.id(), tx).context("Trying to insert key metadata.")?;

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1911

let need_gc = Self::rebind_alias(tx, &key_id, alias, &domain, namespace, key_type)

Janis Danisevskis

2022-01-26 14:11:14 -0800

[diff] [blame]

1912

.context("Trying to rebind alias.")?

1913

|| need_gc;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1914

Ok(key_id).do_gc(need_gc)

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1915

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1916

.context(ks_err!())

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1917

}

1918

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1919

/// Store a new certificate

1920

/// The function creates a new key entry, populates the blob field and metadata, and rebinds

1921

/// the given alias to the new cert.

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1922

pub fn store_new_certificate(

1923

&mut self,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1924

key: &KeyDescriptor,

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1925

key_type: KeyType,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1926

cert: &[u8],

1927

km_uuid: &Uuid,

1928

) -> Result<KeyIdGuard> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1929

let _wp = wd::watch_millis("KeystoreDB::store_new_certificate", 500);

1930

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1931

let (alias, domain, namespace) = match key {

1932

KeyDescriptor { alias: Some(alias), domain: Domain::APP, nspace, blob: None }

1933

| KeyDescriptor { alias: Some(alias), domain: Domain::SELINUX, nspace, blob: None } => {

1934

(alias, key.domain, nspace)

1935

}

1936

_ => {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1937

return Err(KsError::Rc(ResponseCode::INVALID_ARGUMENT))

1938

.context(ks_err!("Need alias and domain must be APP or SELINUX."));

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1939

}

1940

};

1941

self.with_transaction(TransactionBehavior::Immediate, |tx| {

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1942

let key_id = Self::create_key_entry_internal(tx, &domain, namespace, key_type, km_uuid)

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1943

.context("Trying to create new key entry.")?;

1944

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1945

Self::set_blob_internal(

1946

tx,

1947

key_id.id(),

1948

SubComponentType::CERT_CHAIN,

Some(cert),

None,

)

.context("Trying to insert certificate.")?;

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1953

1954

let mut metadata = KeyMetaData::new();

1955

metadata.add(KeyMetaEntry::CreationDate(

1956

DateTime::now().context("Trying to make creation time.")?,

1957

));

1958

1959

metadata.store_in_db(key_id.id(), tx).context("Trying to insert key metadata.")?;

1960

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1961

let need_gc = Self::rebind_alias(tx, &key_id, alias, &domain, namespace, key_type)

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1962

.context("Trying to rebind alias.")?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1963

Ok(key_id).do_gc(need_gc)

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1964

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1965

.context(ks_err!())

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1966

}

1967

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1968

// Helper function loading the key_id given the key descriptor

1969

// tuple comprising domain, namespace, and alias.

1970

// Requires a valid transaction.

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1971

fn load_key_entry_id(tx: &Transaction, key: &KeyDescriptor, key_type: KeyType) -> Result<i64> {

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

let alias = key

.alias

.as_ref()

.map_or_else(|| Err(KsError::sys()), Ok)

1976

.context("In load_key_entry_id: Alias must be specified.")?;

1977

let mut stmt = tx

1978

.prepare(

1979

"SELECT id FROM persistent.keyentry

1980

WHERE

Hasini Gunasinghe

2021-02-01 21:10:02 +0000

[diff] [blame]

1981

key_type = ?

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1982

AND domain = ?

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1983

AND namespace = ?

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1984

AND alias = ?

1985

AND state = ?;",

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1986

)

1987

.context("In load_key_entry_id: Failed to select from keyentry table.")?;

1988

let mut rows = stmt

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1989

.query(params![key_type, key.domain.0 as u32, key.nspace, alias, KeyLifeCycle::Live])

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1990

.context("In load_key_entry_id: Failed to read from keyentry table.")?;

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

1991

db_utils::with_rows_extract_one(&mut rows, |row| {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

1992

row.map_or_else(|| Err(KsError::Rc(ResponseCode::KEY_NOT_FOUND)), Ok)?

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1993

.get(0)

1994

.context("Failed to unpack id.")

1995

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1996

.context(ks_err!())

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1997

}

1998

1999

/// This helper function completes the access tuple of a key, which is required

2000

/// to perform access control. The strategy depends on the `domain` field in the

2001

/// key descriptor.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2002

/// * Domain::SELINUX: The access tuple is complete and this function only loads

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2003

/// the key_id for further processing.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2004

/// * Domain::APP: Like Domain::SELINUX, but the tuple is completed by `caller_uid`

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2005

/// which serves as the namespace.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2006

/// * Domain::GRANT: The grant table is queried for the `key_id` and the

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2007

/// `access_vector`.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2008

/// * Domain::KEY_ID: The keyentry table is queried for the owning `domain` and

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2009

/// `namespace`.

2010

/// In each case the information returned is sufficient to perform the access

2011

/// check and the key id can be used to load further key artifacts.

2012

fn load_access_tuple(

2013

tx: &Transaction,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2014

key: &KeyDescriptor,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2015

key_type: KeyType,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2016

caller_uid: u32,

2017

) -> Result<(i64, KeyDescriptor, Option<KeyPermSet>)> {

2018

match key.domain {

2019

// Domain App or SELinux. In this case we load the key_id from

2020

// the keyentry database for further loading of key components.

2021

// We already have the full access tuple to perform access control.

2022

// The only distinction is that we use the caller_uid instead

2023

// of the caller supplied namespace if the domain field is

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2024

// Domain::APP.

2025

Domain::APP | Domain::SELINUX => {

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2026

let mut access_key = key.clone();

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2027

if access_key.domain == Domain::APP {

2028

access_key.nspace = caller_uid as i64;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2029

}

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

2030

let key_id = Self::load_key_entry_id(tx, &access_key, key_type)

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2031

.with_context(|| format!("With key.domain = {:?}.", access_key.domain))?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2032

2033

Ok((key_id, access_key, None))

2034

}

2035

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2036

// Domain::GRANT. In this case we load the key_id and the access_vector

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2037

// from the grant table.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2038

Domain::GRANT => {

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2039

let mut stmt = tx

2040

.prepare(

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

2041

"SELECT keyentryid, access_vector FROM persistent.grant

Hasini Gunasinghe

e70a0ec

2021-05-10 21:12:34 +0000

[diff] [blame]

2042

WHERE grantee = ? AND id = ? AND

2043

(SELECT state FROM persistent.keyentry WHERE id = keyentryid) = ?;",

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2044

)

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2045

.context("Domain::GRANT prepare statement failed")?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2046

let mut rows = stmt

Hasini Gunasinghe

e70a0ec

2021-05-10 21:12:34 +0000

[diff] [blame]

2047

.query(params![caller_uid as i64, key.nspace, KeyLifeCycle::Live])

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2048

.context("Domain:Grant: query failed.")?;

2049

let (key_id, access_vector): (i64, i32) =

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

2050

db_utils::with_rows_extract_one(&mut rows, |row| {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2051

let r =

2052

row.map_or_else(|| Err(KsError::Rc(ResponseCode::KEY_NOT_FOUND)), Ok)?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2053

Ok((

2054

r.get(0).context("Failed to unpack key_id.")?,

2055

r.get(1).context("Failed to unpack access_vector.")?,

2056

))

2057

})

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2058

.context("Domain::GRANT.")?;

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2059

Ok((key_id, key.clone(), Some(access_vector.into())))

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2060

}

2061

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2062

// Domain::KEY_ID. In this case we load the domain and namespace from the

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2063

// keyentry database because we need them for access control.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2064

Domain::KEY_ID => {

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

2065

let (domain, namespace): (Domain, i64) = {

2066

let mut stmt = tx

2067

.prepare(

2068

"SELECT domain, namespace FROM persistent.keyentry

WHERE

id = ?

AND state = ?;",

)

.context("Domain::KEY_ID: prepare statement failed")?;

2074

let mut rows = stmt

2075

.query(params![key.nspace, KeyLifeCycle::Live])

2076

.context("Domain::KEY_ID: query failed.")?;

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

2077

db_utils::with_rows_extract_one(&mut rows, |row| {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2078

let r =

2079

row.map_or_else(|| Err(KsError::Rc(ResponseCode::KEY_NOT_FOUND)), Ok)?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2080

Ok((

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2081

Domain(r.get(0).context("Failed to unpack domain.")?),

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2082

r.get(1).context("Failed to unpack namespace.")?,

2083

))

2084

})

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

2085

.context("Domain::KEY_ID.")?

2086

};

2087

2088

// We may use a key by id after loading it by grant.

2089

// In this case we have to check if the caller has a grant for this particular

2090

// key. We can skip this if we already know that the caller is the owner.

2091

// But we cannot know this if domain is anything but App. E.g. in the case

2092

// of Domain::SELINUX we have to speculatively check for grants because we have to

2093

// consult the SEPolicy before we know if the caller is the owner.

2094

let access_vector: Option<KeyPermSet> =

2095

if domain != Domain::APP || namespace != caller_uid as i64 {

2096

let access_vector: Option<i32> = tx

2097

.query_row(

2098

"SELECT access_vector FROM persistent.grant

2099

WHERE grantee = ? AND keyentryid = ?;",

2100

params![caller_uid as i64, key.nspace],

|row| row.get(0),

)

.optional()

.context("Domain::KEY_ID: query grant failed.")?;

2105

access_vector.map(|p| p.into())

} else {

None

};

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2110

let key_id = key.nspace;

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2111

let mut access_key: KeyDescriptor = key.clone();

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2112

access_key.domain = domain;

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2113

access_key.nspace = namespace;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2114

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

2115

Ok((key_id, access_key, access_vector))

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2116

}

Rajesh Nyamagoud

625e589

2022-05-18 01:31:26 +0000

[diff] [blame]

2117

_ => Err(anyhow!(KsError::Rc(ResponseCode::INVALID_ARGUMENT))),

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

}

}

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2121

fn load_blob_components(

2122

key_id: i64,

2123

load_bits: KeyEntryLoadBits,

2124

tx: &Transaction,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2125

) -> Result<(bool, Option<(Vec<u8>, BlobMetaData)>, Option<Vec<u8>>, Option<Vec<u8>>)> {

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2126

let mut stmt = tx

2127

.prepare(

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2128

"SELECT MAX(id), subcomponent_type, blob FROM persistent.blobentry

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2129

WHERE keyentryid = ? GROUP BY subcomponent_type;",

2130

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2131

.context(ks_err!("prepare statement failed."))?;

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2132

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2133

let mut rows = stmt.query(params![key_id]).context(ks_err!("query failed."))?;

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2134

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2135

let mut key_blob: Option<(i64, Vec<u8>)> = None;

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2136

let mut cert_blob: Option<Vec<u8>> = None;

2137

let mut cert_chain_blob: Option<Vec<u8>> = None;

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

2138

let mut has_km_blob: bool = false;

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

2139

db_utils::with_rows_extract_all(&mut rows, |row| {

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2140

let sub_type: SubComponentType =

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2141

row.get(1).context("Failed to extract subcomponent_type.")?;

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

2142

has_km_blob = has_km_blob || sub_type == SubComponentType::KEY_BLOB;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2143

match (sub_type, load_bits.load_public(), load_bits.load_km()) {

2144

(SubComponentType::KEY_BLOB, _, true) => {

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2145

key_blob = Some((

2146

row.get(0).context("Failed to extract key blob id.")?,

2147

row.get(2).context("Failed to extract key blob.")?,

2148

));

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2149

}

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2150

(SubComponentType::CERT, true, _) => {

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2151

cert_blob =

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2152

Some(row.get(2).context("Failed to extract public certificate blob.")?);

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2153

}

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2154

(SubComponentType::CERT_CHAIN, true, _) => {

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2155

cert_chain_blob =

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2156

Some(row.get(2).context("Failed to extract certificate chain blob.")?);

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2157

}

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2158

(SubComponentType::CERT, _, _)

2159

| (SubComponentType::CERT_CHAIN, _, _)

2160

| (SubComponentType::KEY_BLOB, _, _) => {}

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2161

_ => Err(KsError::sys()).context("Unknown subcomponent type.")?,

2162

}

2163

Ok(())

2164

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2165

.context(ks_err!())?;

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2166

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2167

let blob_info = key_blob.map_or::<Result<_>, _>(Ok(None), |(blob_id, blob)| {

2168

Ok(Some((

2169

blob,

2170

BlobMetaData::load_from_db(blob_id, tx)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2171

.context(ks_err!("Trying to load blob_metadata."))?,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

)))

})?;

Ok((has_km_blob, blob_info, cert_blob, cert_chain_blob))

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2176

}

2177

2178

fn load_key_parameters(key_id: i64, tx: &Transaction) -> Result<Vec<KeyParameter>> {

2179

let mut stmt = tx

2180

.prepare(

2181

"SELECT tag, data, security_level from persistent.keyparameter

2182

WHERE keyentryid = ?;",

2183

)

2184

.context("In load_key_parameters: prepare statement failed.")?;

2185

2186

let mut parameters: Vec<KeyParameter> = Vec::new();

2187

2188

let mut rows =

2189

stmt.query(params![key_id]).context("In load_key_parameters: query failed.")?;

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

2190

db_utils::with_rows_extract_all(&mut rows, |row| {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2191

let tag = Tag(row.get(0).context("Failed to read tag.")?);

2192

let sec_level = SecurityLevel(row.get(2).context("Failed to read sec_level.")?);

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2193

parameters.push(

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

2194

KeyParameter::new_from_sql(tag, &SqlField::new(1, row), sec_level)

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2195

.context("Failed to read KeyParameter.")?,

2196

);

2197

Ok(())

2198

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2199

.context(ks_err!())?;

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

Ok(parameters)

}

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

2204

/// Decrements the usage count of a limited use key. This function first checks whether the

2205

/// usage has been exhausted, if not, decreases the usage count. If the usage count reaches

2206

/// zero, the key also gets marked unreferenced and scheduled for deletion.

2207

/// Returns Ok(true) if the key was marked unreferenced as a hint to the garbage collector.

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2208

pub fn check_and_update_key_usage_count(&mut self, key_id: i64) -> Result<()> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2209

let _wp = wd::watch_millis("KeystoreDB::check_and_update_key_usage_count", 500);

2210

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

2211

self.with_transaction(TransactionBehavior::Immediate, |tx| {

2212

let limit: Option<i32> = tx

2213

.query_row(

2214

"SELECT data FROM persistent.keyparameter WHERE keyentryid = ? AND tag = ?;",

2215

params![key_id, Tag::USAGE_COUNT_LIMIT.0],

|row| row.get(0),

)

.optional()

.context("Trying to load usage count")?;

2220

2221

let limit = limit

2222

.ok_or(KsError::Km(ErrorCode::INVALID_KEY_BLOB))

2223

.context("The Key no longer exists. Key is exhausted.")?;

2224

2225

tx.execute(

2226

"UPDATE persistent.keyparameter

2227

SET data = data - 1

2228

WHERE keyentryid = ? AND tag = ? AND data > 0;",

2229

params![key_id, Tag::USAGE_COUNT_LIMIT.0],

2230

)

2231

.context("Failed to update key usage count.")?;

2232

2233

match limit {

2234

1 => Self::mark_unreferenced(tx, key_id)

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2235

.map(|need_gc| (need_gc, ()))

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

2236

.context("Trying to mark limited use key for deletion."),

2237

0 => Err(KsError::Km(ErrorCode::INVALID_KEY_BLOB)).context("Key is exhausted."),

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2238

_ => Ok(()).no_gc(),

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

2239

}

2240

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2241

.context(ks_err!())

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

2242

}

2243

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2244

/// Load a key entry by the given key descriptor.

2245

/// It uses the `check_permission` callback to verify if the access is allowed

2246

/// given the key access tuple read from the database using `load_access_tuple`.

2247

/// With `load_bits` the caller may specify which blobs shall be loaded from

2248

/// the blob database.

2249

pub fn load_key_entry(

2250

&mut self,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2251

key: &KeyDescriptor,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2252

key_type: KeyType,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2253

load_bits: KeyEntryLoadBits,

2254

caller_uid: u32,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2255

check_permission: impl Fn(&KeyDescriptor, Option<KeyPermSet>) -> Result<()>,

2256

) -> Result<(KeyIdGuard, KeyEntry)> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2257

let _wp = wd::watch_millis("KeystoreDB::load_key_entry", 500);

David Drysdale

2024-04-15 14:11:52 +0100

[diff] [blame^]

2258

let start = std::time::Instant::now();

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2259

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2260

loop {

2261

match self.load_key_entry_internal(

key,

key_type,

load_bits,

caller_uid,

&check_permission,

) {

Ok(result) => break Ok(result),

2269

Err(e) => {

2270

if Self::is_locked_error(&e) {

David Drysdale

2024-04-15 14:11:52 +0100

[diff] [blame^]

2271

check_lock_timeout(&start, MAX_DB_BUSY_RETRY_PERIOD)?;

2272

std::thread::sleep(DB_BUSY_RETRY_INTERVAL);

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2273

continue;

2274

} else {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2275

return Err(e).context(ks_err!());

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

}

}

}

}

}

fn load_key_entry_internal(

&mut self,

key: &KeyDescriptor,

key_type: KeyType,

load_bits: KeyEntryLoadBits,

2287

caller_uid: u32,

2288

check_permission: &impl Fn(&KeyDescriptor, Option<KeyPermSet>) -> Result<()>,

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

2289

) -> Result<(KeyIdGuard, KeyEntry)> {

2290

// KEY ID LOCK 1/2

2291

// If we got a key descriptor with a key id we can get the lock right away.

2292

// Otherwise we have to defer it until we know the key id.

2293

let key_id_guard = match key.domain {

2294

Domain::KEY_ID => Some(KEY_ID_LOCK.get(key.nspace)),

_ => None,

};

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2298

let tx = self

2299

.conn

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

2300

.unchecked_transaction()

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2301

.context(ks_err!("Failed to initialize transaction."))?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2302

2303

// Load the key_id and complete the access control tuple.

2304

let (key_id, access_key_descriptor, access_vector) =

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2305

Self::load_access_tuple(&tx, key, key_type, caller_uid).context(ks_err!())?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2306

2307

// Perform access control. It is vital that we return here if the permission is denied.

2308

// So do not touch that '?' at the end.

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2309

check_permission(&access_key_descriptor, access_vector).context(ks_err!())?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2310

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

2311

// KEY ID LOCK 2/2

2312

// If we did not get a key id lock by now, it was because we got a key descriptor

2313

// without a key id. At this point we got the key id, so we can try and get a lock.

2314

// However, we cannot block here, because we are in the middle of the transaction.

2315

// So first we try to get the lock non blocking. If that fails, we roll back the

2316

// transaction and block until we get the lock. After we successfully got the lock,

2317

// we start a new transaction and load the access tuple again.

2318

//

2319

// We don't need to perform access control again, because we already established

2320

// that the caller had access to the given key. But we need to make sure that the

2321

// key id still exists. So we have to load the key entry by key id this time.

2322

let (key_id_guard, tx) = match key_id_guard {

2323

None => match KEY_ID_LOCK.try_get(key_id) {

2324

None => {

2325

// Roll back the transaction.

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2326

tx.rollback().context(ks_err!("Failed to roll back transaction."))?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2327

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

2328

// Block until we have a key id lock.

2329

let key_id_guard = KEY_ID_LOCK.get(key_id);

2330

2331

// Create a new transaction.

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2332

let tx = self

2333

.conn

2334

.unchecked_transaction()

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2335

.context(ks_err!("Failed to initialize transaction."))?;

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

2336

2337

Self::load_access_tuple(

2338

&tx,

2339

// This time we have to load the key by the retrieved key id, because the

2340

// alias may have been rebound after we rolled back the transaction.

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2341

&KeyDescriptor {

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

2342

domain: Domain::KEY_ID,

2343

nspace: key_id,

2344

..Default::default()

2345

},

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2346

key_type,

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

2347

caller_uid,

2348

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2349

.context(ks_err!("(deferred key lock)"))?;

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

(key_id_guard, tx)

}

Some(l) => (l, tx),

},

Some(key_id_guard) => (key_id_guard, tx),

2355

};

2356

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2357

let key_entry =

2358

Self::load_key_components(&tx, load_bits, key_id_guard.id()).context(ks_err!())?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2359

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2360

tx.commit().context(ks_err!("Failed to commit transaction."))?;

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2361

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2362

Ok((key_id_guard, key_entry))

2363

}

2364

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

2365

fn mark_unreferenced(tx: &Transaction, key_id: i64) -> Result<bool> {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2366

let updated = tx

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2367

.execute("DELETE FROM persistent.keyentry WHERE id = ?;", params![key_id])

2368

.context("Trying to delete keyentry.")?;

2369

tx.execute("DELETE FROM persistent.keymetadata WHERE keyentryid = ?;", params![key_id])

2370

.context("Trying to delete keymetadata.")?;

2371

tx.execute("DELETE FROM persistent.keyparameter WHERE keyentryid = ?;", params![key_id])

2372

.context("Trying to delete keyparameters.")?;

2373

tx.execute("DELETE FROM persistent.grant WHERE keyentryid = ?;", params![key_id])

2374

.context("Trying to delete grants.")?;

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

2375

Ok(updated != 0)

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2376

}

2377

2378

/// Marks the given key as unreferenced and removes all of the grants to this key.

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

2379

/// Returns Ok(true) if a key was marked unreferenced as a hint for the garbage collector.

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2380

pub fn unbind_key(

2381

&mut self,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2382

key: &KeyDescriptor,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2383

key_type: KeyType,

2384

caller_uid: u32,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2385

check_permission: impl Fn(&KeyDescriptor, Option<KeyPermSet>) -> Result<()>,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2386

) -> Result<()> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2387

let _wp = wd::watch_millis("KeystoreDB::unbind_key", 500);

2388

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2389

self.with_transaction(TransactionBehavior::Immediate, |tx| {

2390

let (key_id, access_key_descriptor, access_vector) =

2391

Self::load_access_tuple(tx, key, key_type, caller_uid)

2392

.context("Trying to get access tuple.")?;

2393

2394

// Perform access control. It is vital that we return here if the permission is denied.

2395

// So do not touch that '?' at the end.

2396

check_permission(&access_key_descriptor, access_vector)

2397

.context("While checking permission.")?;

2398

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2399

Self::mark_unreferenced(tx, key_id)

2400

.map(|need_gc| (need_gc, ()))

2401

.context("Trying to mark the key unreferenced.")

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2402

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2403

.context(ks_err!())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2404

}

2405

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

2406

fn get_key_km_uuid(tx: &Transaction, key_id: i64) -> Result<Uuid> {

2407

tx.query_row(

2408

"SELECT km_uuid FROM persistent.keyentry WHERE id = ?",

2409

params![key_id],

2410

|row| row.get(0),

2411

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2412

.context(ks_err!())

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

2413

}

2414

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2415

/// Delete all artifacts belonging to the namespace given by the domain-namespace tuple.

2416

/// This leaves all of the blob entries orphaned for subsequent garbage collection.

2417

pub fn unbind_keys_for_namespace(&mut self, domain: Domain, namespace: i64) -> Result<()> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2418

let _wp = wd::watch_millis("KeystoreDB::unbind_keys_for_namespace", 500);

2419

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2420

if !(domain == Domain::APP || domain == Domain::SELINUX) {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2421

return Err(KsError::Rc(ResponseCode::INVALID_ARGUMENT)).context(ks_err!());

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2422

}

2423

self.with_transaction(TransactionBehavior::Immediate, |tx| {

2424

tx.execute(

2425

"DELETE FROM persistent.keymetadata

2426

WHERE keyentryid IN (

2427

SELECT id FROM persistent.keyentry

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

2428

WHERE domain = ? AND namespace = ? AND key_type = ?

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2429

);",

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

2430

params![domain.0, namespace, KeyType::Client],

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2431

)

2432

.context("Trying to delete keymetadata.")?;

2433

tx.execute(

2434

"DELETE FROM persistent.keyparameter

2435

WHERE keyentryid IN (

2436

SELECT id FROM persistent.keyentry

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

2437

WHERE domain = ? AND namespace = ? AND key_type = ?

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2438

);",

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

2439

params![domain.0, namespace, KeyType::Client],

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2440

)

2441

.context("Trying to delete keyparameters.")?;

2442

tx.execute(

2443

"DELETE FROM persistent.grant

2444

WHERE keyentryid IN (

2445

SELECT id FROM persistent.keyentry

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

2446

WHERE domain = ? AND namespace = ? AND key_type = ?

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2447

);",

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

2448

params![domain.0, namespace, KeyType::Client],

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2449

)

2450

.context("Trying to delete grants.")?;

2451

tx.execute(

Janis Danisevskis

b146f31

2021-05-06 15:05:45 -0700

[diff] [blame]

2452

"DELETE FROM persistent.keyentry

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

2453

WHERE domain = ? AND namespace = ? AND key_type = ?;",

2454

params![domain.0, namespace, KeyType::Client],

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2455

)

2456

.context("Trying to delete keyentry.")?;

2457

Ok(()).need_gc()

2458

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2459

.context(ks_err!())

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2460

}

2461

Janis Danisevskis

3cba10d

2021-05-06 17:02:19 -0700

[diff] [blame]

2462

fn cleanup_unreferenced(tx: &Transaction) -> Result<()> {

2463

let _wp = wd::watch_millis("KeystoreDB::cleanup_unreferenced", 500);

2464

{

2465

tx.execute(

2466

"DELETE FROM persistent.keymetadata

2467

WHERE keyentryid IN (

2468

SELECT id FROM persistent.keyentry

2469

WHERE state = ?

2470

);",

2471

params![KeyLifeCycle::Unreferenced],

2472

)

2473

.context("Trying to delete keymetadata.")?;

2474

tx.execute(

2475

"DELETE FROM persistent.keyparameter

2476

WHERE keyentryid IN (

2477

SELECT id FROM persistent.keyentry

2478

WHERE state = ?

2479

);",

2480

params![KeyLifeCycle::Unreferenced],

2481

)

2482

.context("Trying to delete keyparameters.")?;

2483

tx.execute(

2484

"DELETE FROM persistent.grant

2485

WHERE keyentryid IN (

2486

SELECT id FROM persistent.keyentry

2487

WHERE state = ?

2488

);",

2489

params![KeyLifeCycle::Unreferenced],

2490

)

2491

.context("Trying to delete grants.")?;

2492

tx.execute(

2493

"DELETE FROM persistent.keyentry

2494

WHERE state = ?;",

2495

params![KeyLifeCycle::Unreferenced],

2496

)

2497

.context("Trying to delete keyentry.")?;

2498

Result::<()>::Ok(())

2499

}

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2500

.context(ks_err!())

Janis Danisevskis

3cba10d

2021-05-06 17:02:19 -0700

[diff] [blame]

2501

}

2502

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2503

/// Delete the keys created on behalf of the user, denoted by the user id.

2504

/// Delete all the keys unless 'keep_non_super_encrypted_keys' set to true.

2505

/// Returned boolean is to hint the garbage collector to delete the unbound keys.

2506

/// The caller of this function should notify the gc if the returned value is true.

2507

pub fn unbind_keys_for_user(

2508

&mut self,

2509

user_id: u32,

2510

keep_non_super_encrypted_keys: bool,

2511

) -> Result<()> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2512

let _wp = wd::watch_millis("KeystoreDB::unbind_keys_for_user", 500);

2513

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2514

self.with_transaction(TransactionBehavior::Immediate, |tx| {

2515

let mut stmt = tx

2516

.prepare(&format!(

2517

"SELECT id from persistent.keyentry

WHERE (

key_type = ?

AND domain = ?

AND cast ( (namespace/{aid_user_offset}) as int) = ?

AND state = ?

) OR (

key_type = ?

AND namespace = ?

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2526

AND state = ?

2527

);",

2528

aid_user_offset = AID_USER_OFFSET

2529

))

2530

.context(concat!(

2531

"In unbind_keys_for_user. ",

2532

"Failed to prepare the query to find the keys created by apps."

))?;

let mut rows = stmt

.query(params![

// WHERE client key:

KeyType::Client,

Domain::APP.0 as u32,

user_id,

KeyLifeCycle::Live,

// OR super key:

KeyType::Super,

user_id,

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2545

KeyLifeCycle::Live

2546

])

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2547

.context(ks_err!("Failed to query the keys created by apps."))?;

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2548

2549

let mut key_ids: Vec<i64> = Vec::new();

2550

db_utils::with_rows_extract_all(&mut rows, |row| {

2551

key_ids

2552

.push(row.get(0).context("Failed to read key id of a key created by an app.")?);

2553

Ok(())

2554

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2555

.context(ks_err!())?;

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2556

2557

let mut notify_gc = false;

2558

for key_id in key_ids {

2559

if keep_non_super_encrypted_keys {

2560

// Load metadata and filter out non-super-encrypted keys.

2561

if let (_, Some((_, blob_metadata)), _, _) =

2562

Self::load_blob_components(key_id, KeyEntryLoadBits::KM, tx)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2563

.context(ks_err!("Trying to load blob info."))?

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2564

{

2565

if blob_metadata.encrypted_by().is_none() {

continue;

}

}

}

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

2570

notify_gc = Self::mark_unreferenced(tx, key_id)

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2571

.context("In unbind_keys_for_user.")?

2572

|| notify_gc;

2573

}

2574

Ok(()).do_gc(notify_gc)

2575

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2576

.context(ks_err!())

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2577

}

2578

Eric Biggers

b0478cf

2023-10-27 03:55:29 +0000

[diff] [blame]

2579

/// Deletes all auth-bound keys, i.e. keys that require user authentication, for the given user.

2580

/// This runs when the user's lock screen is being changed to Swipe or None.

2581

///

2582

/// This intentionally does *not* delete keys that require that the device be unlocked, unless

2583

/// such keys also require user authentication. Keystore's concept of user authentication is

2584

/// fairly strong, and it requires that keys that require authentication be deleted as soon as

2585

/// authentication is no longer possible. In contrast, keys that just require that the device

2586

/// be unlocked should remain usable when the lock screen is set to Swipe or None, as the device

2587

/// is always considered "unlocked" in that case.

2588

pub fn unbind_auth_bound_keys_for_user(&mut self, user_id: u32) -> Result<()> {

2589

let _wp = wd::watch_millis("KeystoreDB::unbind_auth_bound_keys_for_user", 500);

2590

2591

self.with_transaction(TransactionBehavior::Immediate, |tx| {

2592

let mut stmt = tx

2593

.prepare(&format!(

2594

"SELECT id from persistent.keyentry

2595

WHERE key_type = ?

2596

AND domain = ?

2597

AND cast ( (namespace/{aid_user_offset}) as int) = ?

2598

AND state = ?;",

2599

aid_user_offset = AID_USER_OFFSET

2600

))

2601

.context(concat!(

2602

"In unbind_auth_bound_keys_for_user. ",

2603

"Failed to prepare the query to find the keys created by apps."

))?;

let mut rows = stmt

.query(params![KeyType::Client, Domain::APP.0 as u32, user_id, KeyLifeCycle::Live,])

2608

.context(ks_err!("Failed to query the keys created by apps."))?;

2609

2610

let mut key_ids: Vec<i64> = Vec::new();

2611

db_utils::with_rows_extract_all(&mut rows, |row| {

2612

key_ids

2613

.push(row.get(0).context("Failed to read key id of a key created by an app.")?);

2614

Ok(())

2615

})

2616

.context(ks_err!())?;

2617

2618

let mut notify_gc = false;

2619

let mut num_unbound = 0;

2620

for key_id in key_ids {

2621

// Load the key parameters and filter out non-auth-bound keys. To identify

2622

// auth-bound keys, use the presence of UserSecureID. The absence of NoAuthRequired

2623

// could also be used, but UserSecureID is what Keystore treats as authoritative

2624

// when actually enforcing the key parameters (it might not matter, though).

2625

let params = Self::load_key_parameters(key_id, tx)

2626

.context("Failed to load key parameters.")?;

2627

let is_auth_bound_key = params.iter().any(|kp| {

2628

matches!(kp.key_parameter_value(), KeyParameterValue::UserSecureID(_))

2629

});

2630

if is_auth_bound_key {

2631

notify_gc = Self::mark_unreferenced(tx, key_id)

2632

.context("In unbind_auth_bound_keys_for_user.")?

|| notify_gc;

num_unbound += 1;

}

}

log::info!("Deleting {num_unbound} auth-bound keys for user {user_id}");

2638

Ok(()).do_gc(notify_gc)

})

.context(ks_err!())

}

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2643

fn load_key_components(

2644

tx: &Transaction,

2645

load_bits: KeyEntryLoadBits,

2646

key_id: i64,

2647

) -> Result<KeyEntry> {

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

2648

let metadata = KeyMetaData::load_from_db(key_id, tx).context("In load_key_components.")?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2649

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2650

let (has_km_blob, key_blob_info, cert_blob, cert_chain_blob) =

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

2651

Self::load_blob_components(key_id, load_bits, tx).context("In load_key_components.")?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2652

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

2653

let parameters = Self::load_key_parameters(key_id, tx)

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

2654

.context("In load_key_components: Trying to load key parameters.")?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2655

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

2656

let km_uuid = Self::get_key_km_uuid(tx, key_id)

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

2657

.context("In load_key_components: Trying to get KM uuid.")?;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2658

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2659

Ok(KeyEntry {

2660

id: key_id,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2661

key_blob_info,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2662

cert: cert_blob,

2663

cert_chain: cert_chain_blob,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

2664

km_uuid,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2665

parameters,

2666

metadata,

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

2667

pure_cert: !has_km_blob,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2668

})

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2669

}

2670

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2671

/// Returns a list of KeyDescriptors in the selected domain/namespace whose

2672

/// aliases are greater than the specified 'start_past_alias'. If no value

2673

/// is provided, returns all KeyDescriptors.

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

2674

/// The key descriptors will have the domain, nspace, and alias field set.

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2675

/// The returned list will be sorted by alias.

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

2676

/// Domain must be APP or SELINUX, the caller must make sure of that.

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2677

pub fn list_past_alias(

Janis Danisevskis

1831383

2021-05-17 13:30:32 -0700

[diff] [blame]

&mut self,

domain: Domain,

namespace: i64,

key_type: KeyType,

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2682

start_past_alias: Option<&str>,

Janis Danisevskis

1831383

2021-05-17 13:30:32 -0700

[diff] [blame]

2683

) -> Result<Vec<KeyDescriptor>> {

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2684

let _wp = wd::watch_millis("KeystoreDB::list_past_alias", 500);

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2685

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2686

let query = format!(

2687

"SELECT DISTINCT alias FROM persistent.keyentry

Janis Danisevskis

1831383

2021-05-17 13:30:32 -0700

[diff] [blame]

2688

WHERE domain = ?

2689

AND namespace = ?

2690

AND alias IS NOT NULL

2691

AND state = ?

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2692

AND key_type = ?

2693

{}

2694

ORDER BY alias ASC;",

2695

if start_past_alias.is_some() { " AND alias > ?" } else { "" }

2696

);

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

2697

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2698

self.with_transaction(TransactionBehavior::Deferred, |tx| {

2699

let mut stmt = tx.prepare(&query).context(ks_err!("Failed to prepare."))?;

2700

2701

let mut rows = match start_past_alias {

2702

Some(past_alias) => stmt

.query(params![

domain.0 as u32,

namespace,

KeyLifeCycle::Live,

key_type,

past_alias

])

.context(ks_err!("Failed to query."))?,

2711

None => stmt

2712

.query(params![domain.0 as u32, namespace, KeyLifeCycle::Live, key_type,])

2713

.context(ks_err!("Failed to query."))?,

2714

};

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

2715

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2716

let mut descriptors: Vec<KeyDescriptor> = Vec::new();

2717

db_utils::with_rows_extract_all(&mut rows, |row| {

2718

descriptors.push(KeyDescriptor {

2719

domain,

2720

nspace: namespace,

2721

alias: Some(row.get(0).context("Trying to extract alias.")?),

blob: None,

});

Ok(())

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2726

.context(ks_err!("Failed to extract rows."))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2727

Ok(descriptors).no_gc()

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

2728

})

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

2729

}

2730

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2731

/// Returns a number of KeyDescriptors in the selected domain/namespace.

2732

/// Domain must be APP or SELINUX, the caller must make sure of that.

pub fn count_keys(

&mut self,

domain: Domain,

namespace: i64,

key_type: KeyType,

) -> Result<usize> {

let _wp = wd::watch_millis("KeystoreDB::countKeys", 500);

2740

2741

let num_keys = self.with_transaction(TransactionBehavior::Deferred, |tx| {

2742

tx.query_row(

2743

"SELECT COUNT(alias) FROM persistent.keyentry

2744

WHERE domain = ?

2745

AND namespace = ?

2746

AND alias IS NOT NULL

2747

AND state = ?

2748

AND key_type = ?;",

2749

params![domain.0 as u32, namespace, KeyLifeCycle::Live, key_type],

2750

|row| row.get(0),

2751

)

2752

.context(ks_err!("Failed to count number of keys."))

.no_gc()

})?;

Ok(num_keys)

}

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2758

/// Adds a grant to the grant table.

2759

/// Like `load_key_entry` this function loads the access tuple before

2760

/// it uses the callback for a permission check. Upon success,

2761

/// it inserts the `grantee_uid`, `key_id`, and `access_vector` into the

2762

/// grant table. The new row will have a randomized id, which is used as

2763

/// grant id in the namespace field of the resulting KeyDescriptor.

2764

pub fn grant(

2765

&mut self,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2766

key: &KeyDescriptor,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2767

caller_uid: u32,

2768

grantee_uid: u32,

2769

access_vector: KeyPermSet,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2770

check_permission: impl Fn(&KeyDescriptor, &KeyPermSet) -> Result<()>,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2771

) -> Result<KeyDescriptor> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2772

let _wp = wd::watch_millis("KeystoreDB::grant", 500);

2773

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2774

self.with_transaction(TransactionBehavior::Immediate, |tx| {

2775

// Load the key_id and complete the access control tuple.

2776

// We ignore the access vector here because grants cannot be granted.

2777

// The access vector returned here expresses the permissions the

2778

// grantee has if key.domain == Domain::GRANT. But this vector

2779

// cannot include the grant permission by design, so there is no way the

2780

// subsequent permission check can pass.

2781

// We could check key.domain == Domain::GRANT and fail early.

2782

// But even if we load the access tuple by grant here, the permission

2783

// check denies the attempt to create a grant by grant descriptor.

2784

let (key_id, access_key_descriptor, _) =

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2785

Self::load_access_tuple(tx, key, KeyType::Client, caller_uid).context(ks_err!())?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2786

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2787

// Perform access control. It is vital that we return here if the permission

2788

// was denied. So do not touch that '?' at the end of the line.

2789

// This permission check checks if the caller has the grant permission

2790

// for the given key and in addition to all of the permissions

2791

// expressed in `access_vector`.

2792

check_permission(&access_key_descriptor, &access_vector)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2793

.context(ks_err!("check_permission failed"))?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2794

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2795

let grant_id = if let Some(grant_id) = tx

2796

.query_row(

2797

"SELECT id FROM persistent.grant

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2798

WHERE keyentryid = ? AND grantee = ?;",

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2799

params![key_id, grantee_uid],

2800

|row| row.get(0),

2801

)

2802

.optional()

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2803

.context(ks_err!("Failed get optional existing grant id."))?

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2804

{

2805

tx.execute(

2806

"UPDATE persistent.grant

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2807

SET access_vector = ?

2808

WHERE id = ?;",

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2809

params![i32::from(access_vector), grant_id],

Joel Galenson

2020-09-09 14:11:55 -0700

[diff] [blame]

2810

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2811

.context(ks_err!("Failed to update existing grant."))?;

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2812

grant_id

2813

} else {

2814

Self::insert_with_retry(|id| {

2815

tx.execute(

2816

"INSERT INTO persistent.grant (id, grantee, keyentryid, access_vector)

2817

VALUES (?, ?, ?, ?);",

2818

params![id, grantee_uid, key_id, i32::from(access_vector)],

2819

)

2820

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2821

.context(ks_err!())?

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2822

};

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2823

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2824

Ok(KeyDescriptor { domain: Domain::GRANT, nspace: grant_id, alias: None, blob: None })

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2825

.no_gc()

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2826

})

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2827

}

2828

2829

/// This function checks permissions like `grant` and `load_key_entry`

2830

/// before removing a grant from the grant table.

2831

pub fn ungrant(

2832

&mut self,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2833

key: &KeyDescriptor,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2834

caller_uid: u32,

2835

grantee_uid: u32,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2836

check_permission: impl Fn(&KeyDescriptor) -> Result<()>,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2837

) -> Result<()> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2838

let _wp = wd::watch_millis("KeystoreDB::ungrant", 500);

2839

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2840

self.with_transaction(TransactionBehavior::Immediate, |tx| {

2841

// Load the key_id and complete the access control tuple.

2842

// We ignore the access vector here because grants cannot be granted.

2843

let (key_id, access_key_descriptor, _) =

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2844

Self::load_access_tuple(tx, key, KeyType::Client, caller_uid).context(ks_err!())?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2845

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2846

// Perform access control. We must return here if the permission

2847

// was denied. So do not touch the '?' at the end of this line.

2848

check_permission(&access_key_descriptor)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2849

.context(ks_err!("check_permission failed."))?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2850

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2851

tx.execute(

2852

"DELETE FROM persistent.grant

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2853

WHERE keyentryid = ? AND grantee = ?;",

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2854

params![key_id, grantee_uid],

2855

)

2856

.context("Failed to delete grant.")?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2857

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2858

Ok(()).no_gc()

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2859

})

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2860

}

2861

Joel Galenson

2020-09-09 14:11:55 -0700

[diff] [blame]

2862

// Generates a random id and passes it to the given function, which will

2863

// try to insert it into a database. If that insertion fails, retry;

2864

// otherwise return the id.

2865

fn insert_with_retry(inserter: impl Fn(i64) -> rusqlite::Result<usize>) -> Result<i64> {

2866

loop {

Janis Danisevskis

2021-02-18 20:04:10 -0800

[diff] [blame]

2867

let newid: i64 = match random() {

2868

Self::UNASSIGNED_KEY_ID => continue, // UNASSIGNED_KEY_ID cannot be assigned.

2869

i => i,

2870

};

Joel Galenson

2020-09-09 14:11:55 -0700

[diff] [blame]

2871

match inserter(newid) {

2872

// If the id already existed, try again.

2873

Err(rusqlite::Error::SqliteFailure(

2874

libsqlite3_sys::Error {

2875

code: libsqlite3_sys::ErrorCode::ConstraintViolation,

2876

extended_code: libsqlite3_sys::SQLITE_CONSTRAINT_UNIQUE,

},

_,

)) => (),

Err(e) => {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2881

return Err(e).context(ks_err!("failed to insert into database."));

Joel Galenson

2020-09-09 14:11:55 -0700

[diff] [blame]

2882

}

2883

_ => return Ok(newid),

2884

}

2885

}

2886

}

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

2887

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

2888

/// Insert or replace the auth token based on (user_id, auth_id, auth_type)

2889

pub fn insert_auth_token(&mut self, auth_token: &HardwareAuthToken) {

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

2890

self.perboot

2891

.insert_auth_token_entry(AuthTokenEntry::new(auth_token.clone(), BootTime::now()))

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

2892

}

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

2893

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

2894

/// Find the newest auth token matching the given predicate.

Eric Biggers

b5613da

2024-03-13 19:31:42 +0000

[diff] [blame]

2895

pub fn find_auth_token_entry<F>(&self, p: F) -> Option<AuthTokenEntry>

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

2896

where

2897

F: Fn(&AuthTokenEntry) -> bool,

2898

{

Eric Biggers

b5613da

2024-03-13 19:31:42 +0000

[diff] [blame]

2899

self.perboot.find_auth_token_entry(p)

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

2900

}

Pavel Grafov

f45034a

2021-05-12 22:35:45 +0100

[diff] [blame]

2901

2902

/// Load descriptor of a key by key id

2903

pub fn load_key_descriptor(&mut self, key_id: i64) -> Result<Option<KeyDescriptor>> {

2904

let _wp = wd::watch_millis("KeystoreDB::load_key_descriptor", 500);

2905

2906

self.with_transaction(TransactionBehavior::Deferred, |tx| {

2907

tx.query_row(

2908

"SELECT domain, namespace, alias FROM persistent.keyentry WHERE id = ?;",

params![key_id],

|row| {

Ok(KeyDescriptor {

domain: Domain(row.get(0)?),

nspace: row.get(1)?,

alias: row.get(2)?,

blob: None,

})

},

)

.optional()

.context("Trying to load key descriptor")

2921

.no_gc()

2922

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2923

.context(ks_err!())

Pavel Grafov

f45034a

2021-05-12 22:35:45 +0100

[diff] [blame]

2924

}

Eran Messeri

2024-01-09 12:43:31 +0000

[diff] [blame]

2925

2926

/// Returns a list of app UIDs that have keys authenticated by the given secure_user_id

2927

/// (for the given user_id).

2928

/// This is helpful for finding out which apps will have their keys invalidated when

2929

/// the user changes biometrics enrollment or removes their LSKF.

2930

pub fn get_app_uids_affected_by_sid(

&mut self,

user_id: i32,

secure_user_id: i64,

) -> Result<Vec<i64>> {

2935

let _wp = wd::watch_millis("KeystoreDB::get_app_uids_affected_by_sid", 500);

2936

2937

let key_ids_and_app_uids = self.with_transaction(TransactionBehavior::Immediate, |tx| {

2938

let mut stmt = tx

2939

.prepare(&format!(

2940

"SELECT id, namespace from persistent.keyentry

2941

WHERE key_type = ?

2942

AND domain = ?

2943

AND cast ( (namespace/{AID_USER_OFFSET}) as int) = ?

AND state = ?;",

))

.context(concat!(

"In get_app_uids_affected_by_sid, ",

2948

"failed to prepare the query to find the keys created by apps."

))?;

let mut rows = stmt

.query(params![KeyType::Client, Domain::APP.0 as u32, user_id, KeyLifeCycle::Live,])

2953

.context(ks_err!("Failed to query the keys created by apps."))?;

2954

2955

let mut key_ids_and_app_uids: HashMap<i64, i64> = Default::default();

2956

db_utils::with_rows_extract_all(&mut rows, |row| {

2957

key_ids_and_app_uids.insert(

2958

row.get(0).context("Failed to read key id of a key created by an app.")?,

2959

row.get(1).context("Failed to read the app uid")?,

);

Ok(())

})?;

Ok(key_ids_and_app_uids).no_gc()

2964

})?;

2965

let mut app_uids_affected_by_sid: HashSet<i64> = Default::default();

2966

for (key_id, app_uid) in key_ids_and_app_uids {

2967

// Read the key parameters for each key in its own transaction. It is OK to ignore

2968

// an error to get the properties of a particular key since it might have been deleted

2969

// under our feet after the previous transaction concluded. If the key was deleted

2970

// then it is no longer applicable if it was auth-bound or not.

2971

if let Ok(is_key_bound_to_sid) =

2972

self.with_transaction(TransactionBehavior::Immediate, |tx| {

2973

let params = Self::load_key_parameters(key_id, tx)

2974

.context("Failed to load key parameters.")?;

2975

// Check if the key is bound to this secure user ID.

2976

let is_key_bound_to_sid = params.iter().any(|kp| {

2977

matches!(

2978

kp.key_parameter_value(),

2979

KeyParameterValue::UserSecureID(sid) if *sid == secure_user_id

2980

)

2981

});

2982

Ok(is_key_bound_to_sid).no_gc()

2983

})

2984

{

2985

if is_key_bound_to_sid {

2986

app_uids_affected_by_sid.insert(app_uid);

}

}

}

let app_uids_vec: Vec<i64> = app_uids_affected_by_sid.into_iter().collect();

2992

Ok(app_uids_vec)

2993

}

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

2994

}

2995

2996

#[cfg(test)]

Seth Moore

7ee79f9

2021-12-07 11:42:49 -0800

[diff] [blame]

2997

pub mod tests {

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

2998

2999

use super::*;

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

3000

use crate::key_parameter::{

3001

Algorithm, BlockMode, Digest, EcCurve, HardwareAuthenticatorType, KeyOrigin, KeyParameter,

3002

KeyParameterValue, KeyPurpose, PaddingMode, SecurityLevel,

3003

};

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3004

use crate::key_perm_set;

3005

use crate::permission::{KeyPerm, KeyPermSet};

Eric Biggers

2023-10-18 01:54:18 +0000

[diff] [blame]

3006

use crate::super_key::{SuperKeyManager, USER_AFTER_FIRST_UNLOCK_SUPER_KEY, SuperEncryptionAlgorithm, SuperKeyType};

Janis Danisevskis

2a8330a

2021-01-20 15:34:26 -0800

[diff] [blame]

3007

use keystore2_test_utils::TempDir;

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

3008

use android_hardware_security_keymint::aidl::android::hardware::security::keymint::{

3009

HardwareAuthToken::HardwareAuthToken,

3010

HardwareAuthenticatorType::HardwareAuthenticatorType as kmhw_authenticator_type,

Janis Danisevskis

c3a496b

2021-01-05 10:37:22 -0800

[diff] [blame]

3011

};

3012

use android_hardware_security_secureclock::aidl::android::hardware::security::secureclock::{

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

3013

Timestamp::Timestamp,

3014

};

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

3015

use rusqlite::TransactionBehavior;

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3016

use std::cell::RefCell;

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

3017

use std::collections::BTreeMap;

3018

use std::fmt::Write;

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

3019

use std::sync::atomic::{AtomicU8, Ordering};

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

3020

use std::sync::Arc;

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

3021

use std::thread;

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

3022

use std::time::{Duration, SystemTime};

Janis Danisevskis

2022-01-26 14:11:14 -0800

[diff] [blame]

3023

use crate::utils::AesGcm;

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3024

#[cfg(disabled)]

3025

use std::time::Instant;

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3026

Seth Moore

7ee79f9

2021-12-07 11:42:49 -0800

[diff] [blame]

3027

pub fn new_test_db() -> Result<KeystoreDB> {

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

3028

let conn = KeystoreDB::make_connection("file::memory:")?;

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

3029

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

3030

let mut db = KeystoreDB { conn, gc: None, perboot: Arc::new(perboot::PerbootDB::new()) };

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3031

db.with_transaction(TransactionBehavior::Immediate, |tx| {

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3032

KeystoreDB::init_tables(tx).context("Failed to initialize tables.").no_gc()

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3033

})?;

3034

Ok(db)

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

3035

}

3036

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

fn rebind_alias(

db: &mut KeystoreDB,

newid: &KeyIdGuard,

alias: &str,

domain: Domain,

namespace: i64,

) -> Result<bool> {

db.with_transaction(TransactionBehavior::Immediate, |tx| {

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

3045

KeystoreDB::rebind_alias(tx, newid, alias, &domain, &namespace, KeyType::Client).no_gc()

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

3046

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

3047

.context(ks_err!())

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

3048

}

3049

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

3050

#[test]

3051

fn datetime() -> Result<()> {

3052

let conn = Connection::open_in_memory()?;

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

3053

conn.execute("CREATE TABLE test (ts DATETIME);", [])?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

3054

let now = SystemTime::now();

3055

let duration = Duration::from_secs(1000);

3056

let then = now.checked_sub(duration).unwrap();

3057

let soon = now.checked_add(duration).unwrap();

3058

conn.execute(

3059

"INSERT INTO test (ts) VALUES (?), (?), (?);",

3060

params![DateTime::try_from(now)?, DateTime::try_from(then)?, DateTime::try_from(soon)?],

3061

)?;

3062

let mut stmt = conn.prepare("SELECT ts FROM test ORDER BY ts ASC;")?;

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

3063

let mut rows = stmt.query([])?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

3064

assert_eq!(DateTime::try_from(then)?, rows.next()?.unwrap().get(0)?);

3065

assert_eq!(DateTime::try_from(now)?, rows.next()?.unwrap().get(0)?);

3066

assert_eq!(DateTime::try_from(soon)?, rows.next()?.unwrap().get(0)?);

3067

assert!(rows.next()?.is_none());

3068

assert!(DateTime::try_from(then)? < DateTime::try_from(now)?);

3069

assert!(DateTime::try_from(then)? < DateTime::try_from(soon)?);

3070

assert!(DateTime::try_from(now)? < DateTime::try_from(soon)?);

Ok(())

}

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3074

// Ensure that we're using the "injected" random function, not the real one.

3075

#[test]

3076

fn test_mocked_random() {

3077

let rand1 = random();

3078

let rand2 = random();

3079

let rand3 = random();

3080

if rand1 == rand2 {

3081

assert_eq!(rand2 + 1, rand3);

3082

} else {

3083

assert_eq!(rand1 + 1, rand2);

3084

assert_eq!(rand2, rand3);

3085

}

3086

}

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

3087

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

3088

// Test that we have the correct tables.

3089

#[test]

3090

fn test_tables() -> Result<()> {

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

3091

let db = new_test_db()?;

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

3092

let tables = db

3093

.conn

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

3094

.prepare("SELECT name from persistent.sqlite_master WHERE type='table' ORDER BY name;")?

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

3095

.query_map(params![], |row| row.get(0))?

3096

.collect::<rusqlite::Result<Vec<String>>>()?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3097

assert_eq!(tables.len(), 6);

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3098

assert_eq!(tables[0], "blobentry");

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3099

assert_eq!(tables[1], "blobmetadata");

3100

assert_eq!(tables[2], "grant");

3101

assert_eq!(tables[3], "keyentry");

3102

assert_eq!(tables[4], "keymetadata");

3103

assert_eq!(tables[5], "keyparameter");

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

Ok(())

}

#[test]

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

3108

fn test_auth_token_table_invariant() -> Result<()> {

3109

let mut db = new_test_db()?;

3110

let auth_token1 = HardwareAuthToken {

3111

challenge: i64::MAX,

3112

userId: 200,

3113

authenticatorId: 200,

3114

authenticatorType: kmhw_authenticator_type(kmhw_authenticator_type::PASSWORD.0),

3115

timestamp: Timestamp { milliSeconds: 500 },

3116

mac: String::from("mac").into_bytes(),

3117

};

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

3118

db.insert_auth_token(&auth_token1);

3119

let auth_tokens_returned = get_auth_tokens(&db);

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

3120

assert_eq!(auth_tokens_returned.len(), 1);

3121

3122

// insert another auth token with the same values for the columns in the UNIQUE constraint

3123

// of the auth token table and different value for timestamp

3124

let auth_token2 = HardwareAuthToken {

3125

challenge: i64::MAX,

3126

userId: 200,

3127

authenticatorId: 200,

3128

authenticatorType: kmhw_authenticator_type(kmhw_authenticator_type::PASSWORD.0),

3129

timestamp: Timestamp { milliSeconds: 600 },

3130

mac: String::from("mac").into_bytes(),

3131

};

3132

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

3133

db.insert_auth_token(&auth_token2);

3134

let mut auth_tokens_returned = get_auth_tokens(&db);

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

3135

assert_eq!(auth_tokens_returned.len(), 1);

3136

3137

if let Some(auth_token) = auth_tokens_returned.pop() {

3138

assert_eq!(auth_token.auth_token.timestamp.milliSeconds, 600);

3139

}

3140

3141

// insert another auth token with the different values for the columns in the UNIQUE

3142

// constraint of the auth token table

3143

let auth_token3 = HardwareAuthToken {

3144

challenge: i64::MAX,

3145

userId: 201,

3146

authenticatorId: 200,

3147

authenticatorType: kmhw_authenticator_type(kmhw_authenticator_type::PASSWORD.0),

3148

timestamp: Timestamp { milliSeconds: 600 },

3149

mac: String::from("mac").into_bytes(),

3150

};

3151

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

3152

db.insert_auth_token(&auth_token3);

3153

let auth_tokens_returned = get_auth_tokens(&db);

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

3154

assert_eq!(auth_tokens_returned.len(), 2);

Ok(())

}

// utility function for test_auth_token_table_invariant()

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

3160

fn get_auth_tokens(db: &KeystoreDB) -> Vec<AuthTokenEntry> {

3161

db.perboot.get_all_auth_token_entries()

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

3162

}

3163

3164

#[test]

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

3165

fn test_persistence_for_files() -> Result<()> {

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

3166

let temp_dir = TempDir::new("persistent_db_test")?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3167

let mut db = KeystoreDB::new(temp_dir.path(), None)?;

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

3168

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

3169

db.create_key_entry(&Domain::APP, &100, KeyType::Client, &KEYSTORE_UUID)?;

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

3170

let entries = get_keyentry(&db)?;

3171

assert_eq!(entries.len(), 1);

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

3172

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3173

let db = KeystoreDB::new(temp_dir.path(), None)?;

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

3174

3175

let entries_new = get_keyentry(&db)?;

3176

assert_eq!(entries, entries_new);

Ok(())

}

#[test]

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3181

fn test_create_key_entry() -> Result<()> {

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3182

fn extractor(ke: &KeyEntryRow) -> (Domain, i64, Option<&str>, Uuid) {

3183

(ke.domain.unwrap(), ke.namespace.unwrap(), ke.alias.as_deref(), ke.km_uuid.unwrap())

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3184

}

3185

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3186

let mut db = new_test_db()?;

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3187

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

3188

db.create_key_entry(&Domain::APP, &100, KeyType::Client, &KEYSTORE_UUID)?;

3189

db.create_key_entry(&Domain::SELINUX, &101, KeyType::Client, &KEYSTORE_UUID)?;

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3190

3191

let entries = get_keyentry(&db)?;

3192

assert_eq!(entries.len(), 2);

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3193

assert_eq!(extractor(&entries[0]), (Domain::APP, 100, None, KEYSTORE_UUID));

3194

assert_eq!(extractor(&entries[1]), (Domain::SELINUX, 101, None, KEYSTORE_UUID));

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3195

3196

// Test that we must pass in a valid Domain.

3197

check_result_is_error_containing_string(

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

3198

db.create_key_entry(&Domain::GRANT, &102, KeyType::Client, &KEYSTORE_UUID),

Shaquille Johnson

2022-10-11 13:29:43 +0100

[diff] [blame]

3199

&format!("Domain {:?} must be either App or SELinux.", Domain::GRANT),

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3200

);

3201

check_result_is_error_containing_string(

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

3202

db.create_key_entry(&Domain::BLOB, &103, KeyType::Client, &KEYSTORE_UUID),

Shaquille Johnson

2022-10-11 13:29:43 +0100

[diff] [blame]

3203

&format!("Domain {:?} must be either App or SELinux.", Domain::BLOB),

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3204

);

3205

check_result_is_error_containing_string(

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

3206

db.create_key_entry(&Domain::KEY_ID, &104, KeyType::Client, &KEYSTORE_UUID),

Shaquille Johnson

2022-10-11 13:29:43 +0100

[diff] [blame]

3207

&format!("Domain {:?} must be either App or SELinux.", Domain::KEY_ID),

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

);

Ok(())

}

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3213

#[test]

3214

fn test_rebind_alias() -> Result<()> {

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3215

fn extractor(

3216

ke: &KeyEntryRow,

3217

) -> (Option<Domain>, Option<i64>, Option<&str>, Option<Uuid>) {

3218

(ke.domain, ke.namespace, ke.alias.as_deref(), ke.km_uuid)

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3219

}

3220

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

3221

let mut db = new_test_db()?;

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

3222

db.create_key_entry(&Domain::APP, &42, KeyType::Client, &KEYSTORE_UUID)?;

3223

db.create_key_entry(&Domain::APP, &42, KeyType::Client, &KEYSTORE_UUID)?;

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3224

let entries = get_keyentry(&db)?;

3225

assert_eq!(entries.len(), 2);

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3226

assert_eq!(

3227

extractor(&entries[0]),

3228

(Some(Domain::APP), Some(42), None, Some(KEYSTORE_UUID))

3229

);

3230

assert_eq!(

3231

extractor(&entries[1]),

3232

(Some(Domain::APP), Some(42), None, Some(KEYSTORE_UUID))

3233

);

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3234

3235

// Test that the first call to rebind_alias sets the alias.

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

3236

rebind_alias(&mut db, &KEY_ID_LOCK.get(entries[0].id), "foo", Domain::APP, 42)?;

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3237

let entries = get_keyentry(&db)?;

3238

assert_eq!(entries.len(), 2);

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3239

assert_eq!(

3240

extractor(&entries[0]),

3241

(Some(Domain::APP), Some(42), Some("foo"), Some(KEYSTORE_UUID))

3242

);

3243

assert_eq!(

3244

extractor(&entries[1]),

3245

(Some(Domain::APP), Some(42), None, Some(KEYSTORE_UUID))

3246

);

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3247

3248

// Test that the second call to rebind_alias also empties the old one.

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

3249

rebind_alias(&mut db, &KEY_ID_LOCK.get(entries[1].id), "foo", Domain::APP, 42)?;

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3250

let entries = get_keyentry(&db)?;

3251

assert_eq!(entries.len(), 2);

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3252

assert_eq!(extractor(&entries[0]), (None, None, None, Some(KEYSTORE_UUID)));

3253

assert_eq!(

3254

extractor(&entries[1]),

3255

(Some(Domain::APP), Some(42), Some("foo"), Some(KEYSTORE_UUID))

3256

);

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3257

3258

// Test that we must pass in a valid Domain.

3259

check_result_is_error_containing_string(

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

3260

rebind_alias(&mut db, &KEY_ID_LOCK.get(0), "foo", Domain::GRANT, 42),

Shaquille Johnson

2022-10-11 13:29:43 +0100

[diff] [blame]

3261

&format!("Domain {:?} must be either App or SELinux.", Domain::GRANT),

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3262

);

3263

check_result_is_error_containing_string(

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

3264

rebind_alias(&mut db, &KEY_ID_LOCK.get(0), "foo", Domain::BLOB, 42),

Shaquille Johnson

2022-10-11 13:29:43 +0100

[diff] [blame]

3265

&format!("Domain {:?} must be either App or SELinux.", Domain::BLOB),

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3266

);

3267

check_result_is_error_containing_string(

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

3268

rebind_alias(&mut db, &KEY_ID_LOCK.get(0), "foo", Domain::KEY_ID, 42),

Shaquille Johnson

2022-10-11 13:29:43 +0100

[diff] [blame]

3269

&format!("Domain {:?} must be either App or SELinux.", Domain::KEY_ID),

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3270

);

3271

3272

// Test that we correctly handle setting an alias for something that does not exist.

3273

check_result_is_error_containing_string(

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

3274

rebind_alias(&mut db, &KEY_ID_LOCK.get(0), "foo", Domain::SELINUX, 42),

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3275

"Expected to update a single entry but instead updated 0",

3276

);

3277

// Test that we correctly abort the transaction in this case.

3278

let entries = get_keyentry(&db)?;

3279

assert_eq!(entries.len(), 2);

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3280

assert_eq!(extractor(&entries[0]), (None, None, None, Some(KEYSTORE_UUID)));

3281

assert_eq!(

3282

extractor(&entries[1]),

3283

(Some(Domain::APP), Some(42), Some("foo"), Some(KEYSTORE_UUID))

3284

);

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

Ok(())

}

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3289

#[test]

3290

fn test_grant_ungrant() -> Result<()> {

3291

const CALLER_UID: u32 = 15;

3292

const GRANTEE_UID: u32 = 12;

3293

const SELINUX_NAMESPACE: i64 = 7;

3294

3295

let mut db = new_test_db()?;

3296

db.conn.execute(

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3297

"INSERT INTO persistent.keyentry (id, key_type, domain, namespace, alias, state, km_uuid)

3298

VALUES (1, 0, 0, 15, 'key', 1, ?), (2, 0, 2, 7, 'yek', 1, ?);",

3299

params![KEYSTORE_UUID, KEYSTORE_UUID],

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3300

)?;

3301

let app_key = KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3302

domain: super::Domain::APP,

3303

nspace: 0,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3304

alias: Some("key".to_string()),

3305

blob: None,

3306

};

Janis Danisevskis

2021-10-19 16:56:20 -0700

[diff] [blame]

3307

const PVEC1: KeyPermSet = key_perm_set![KeyPerm::Use, KeyPerm::GetInfo];

3308

const PVEC2: KeyPermSet = key_perm_set![KeyPerm::Use];

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3309

3310

// Reset totally predictable random number generator in case we

3311

// are not the first test running on this thread.

3312

reset_random();

3313

let next_random = 0i64;

3314

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3315

let app_granted_key = db

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3316

.grant(&app_key, CALLER_UID, GRANTEE_UID, PVEC1, |k, a| {

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3317

assert_eq!(*a, PVEC1);

3318

assert_eq!(

3319

*k,

3320

KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3321

domain: super::Domain::APP,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3322

// namespace must be set to the caller_uid.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3323

nspace: CALLER_UID as i64,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3324

alias: Some("key".to_string()),

blob: None,

}

);

Ok(())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3329

})

3330

.unwrap();

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

assert_eq!(

app_granted_key,

KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3335

domain: super::Domain::GRANT,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3336

// The grantid is next_random due to the mock random number generator.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3337

nspace: next_random,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

alias: None,

blob: None,

}

);

let selinux_key = KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3344

domain: super::Domain::SELINUX,

3345

nspace: SELINUX_NAMESPACE,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3346

alias: Some("yek".to_string()),

blob: None,

};

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3350

let selinux_granted_key = db

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3351

.grant(&selinux_key, CALLER_UID, 12, PVEC1, |k, a| {

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3352

assert_eq!(*a, PVEC1);

3353

assert_eq!(

3354

*k,

3355

KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3356

domain: super::Domain::SELINUX,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3357

// namespace must be the supplied SELinux

3358

// namespace.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3359

nspace: SELINUX_NAMESPACE,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3360

alias: Some("yek".to_string()),

blob: None,

}

);

Ok(())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3365

})

3366

.unwrap();

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

assert_eq!(

selinux_granted_key,

KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3371

domain: super::Domain::GRANT,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3372

// The grantid is next_random + 1 due to the mock random number generator.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3373

nspace: next_random + 1,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

alias: None,

blob: None,

}

);

// This should update the existing grant with PVEC2.

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3380

let selinux_granted_key = db

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3381

.grant(&selinux_key, CALLER_UID, 12, PVEC2, |k, a| {

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3382

assert_eq!(*a, PVEC2);

3383

assert_eq!(

3384

*k,

3385

KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3386

domain: super::Domain::SELINUX,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3387

// namespace must be the supplied SELinux

3388

// namespace.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3389

nspace: SELINUX_NAMESPACE,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3390

alias: Some("yek".to_string()),

blob: None,

}

);

Ok(())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3395

})

3396

.unwrap();

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

assert_eq!(

selinux_granted_key,

KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3401

domain: super::Domain::GRANT,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3402

// Same grant id as before. The entry was only updated.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3403

nspace: next_random + 1,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

alias: None,

blob: None,

}

);

{

// Limiting scope of stmt, because it borrows db.

3411

let mut stmt = db

3412

.conn

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

3413

.prepare("SELECT id, grantee, keyentryid, access_vector FROM persistent.grant;")?;

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

3414

let mut rows = stmt.query_map::<(i64, u32, i64, KeyPermSet), _, _>([], |row| {

3415

Ok((row.get(0)?, row.get(1)?, row.get(2)?, KeyPermSet::from(row.get::<_, i32>(3)?)))

3416

})?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3417

3418

let r = rows.next().unwrap().unwrap();

Janis Danisevskis

ee10b5f

2020-09-22 16:42:35 -0700

[diff] [blame]

3419

assert_eq!(r, (next_random, GRANTEE_UID, 1, PVEC1));

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3420

let r = rows.next().unwrap().unwrap();

Janis Danisevskis

ee10b5f

2020-09-22 16:42:35 -0700

[diff] [blame]

3421

assert_eq!(r, (next_random + 1, GRANTEE_UID, 2, PVEC2));

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3422

assert!(rows.next().is_none());

3423

}

3424

3425

debug_dump_keyentry_table(&mut db)?;

3426

println!("app_key {:?}", app_key);

3427

println!("selinux_key {:?}", selinux_key);

3428

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3429

db.ungrant(&app_key, CALLER_UID, GRANTEE_UID, |_| Ok(()))?;

3430

db.ungrant(&selinux_key, CALLER_UID, GRANTEE_UID, |_| Ok(()))?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

Ok(())

}

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

3435

static TEST_KEY_BLOB: &[u8] = b"my test blob";

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3436

static TEST_CERT_BLOB: &[u8] = b"my test cert";

3437

static TEST_CERT_CHAIN_BLOB: &[u8] = b"my test cert_chain";

3438

3439

#[test]

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

3440

fn test_set_blob() -> Result<()> {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3441

let key_id = KEY_ID_LOCK.get(3000);

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3442

let mut db = new_test_db()?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3443

let mut blob_metadata = BlobMetaData::new();

3444

blob_metadata.add(BlobMetaEntry::KmUuid(KEYSTORE_UUID));

3445

db.set_blob(

3446

&key_id,

3447

SubComponentType::KEY_BLOB,

3448

Some(TEST_KEY_BLOB),

3449

Some(&blob_metadata),

3450

)?;

3451

db.set_blob(&key_id, SubComponentType::CERT, Some(TEST_CERT_BLOB), None)?;

3452

db.set_blob(&key_id, SubComponentType::CERT_CHAIN, Some(TEST_CERT_CHAIN_BLOB), None)?;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3453

drop(key_id);

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3454

3455

let mut stmt = db.conn.prepare(

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3456

"SELECT subcomponent_type, keyentryid, blob, id FROM persistent.blobentry

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3457

ORDER BY subcomponent_type ASC;",

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3458

)?;

3459

let mut rows = stmt

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

3460

.query_map::<((SubComponentType, i64, Vec<u8>), i64), _, _>([], |row| {

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3461

Ok(((row.get(0)?, row.get(1)?, row.get(2)?), row.get(3)?))

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3462

})?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3463

let (r, id) = rows.next().unwrap().unwrap();

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3464

assert_eq!(r, (SubComponentType::KEY_BLOB, 3000, TEST_KEY_BLOB.to_vec()));

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3465

let (r, _) = rows.next().unwrap().unwrap();

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3466

assert_eq!(r, (SubComponentType::CERT, 3000, TEST_CERT_BLOB.to_vec()));

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3467

let (r, _) = rows.next().unwrap().unwrap();

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3468

assert_eq!(r, (SubComponentType::CERT_CHAIN, 3000, TEST_CERT_CHAIN_BLOB.to_vec()));

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3469

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

drop(rows);

drop(stmt);

assert_eq!(

db.with_transaction(TransactionBehavior::Immediate, |tx| {

3475

BlobMetaData::load_from_db(id, tx).no_gc()

3476

})

3477

.expect("Should find blob metadata."),

3478

blob_metadata

3479

);

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

Ok(())

}

static TEST_ALIAS: &str = "my super duper key";

3484

3485

#[test]

3486

fn test_insert_and_load_full_keyentry_domain_app() -> Result<()> {

3487

let mut db = new_test_db()?;

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3488

let key_id = make_test_key_entry(&mut db, Domain::APP, 1, TEST_ALIAS, None)

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

3489

.context("test_insert_and_load_full_keyentry_domain_app")?

3490

.0;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3491

let (_key_guard, key_entry) = db

3492

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3493

&KeyDescriptor {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3494

domain: Domain::APP,

3495

nspace: 0,

3496

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

1,

|_k, _av| Ok(()),

)

.unwrap();

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3505

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3506

3507

db.unbind_key(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3508

&KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3509

domain: Domain::APP,

3510

nspace: 0,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3511

alias: Some(TEST_ALIAS.to_string()),

3512

blob: None,

3513

},

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

3514

KeyType::Client,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3515

1,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

|_, _| Ok(()),

)

.unwrap();

assert_eq!(

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

3522

db.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3523

&KeyDescriptor {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3524

domain: Domain::APP,

3525

nspace: 0,

3526

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::NONE,

1,

|_k, _av| Ok(()),

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

3537

);

3538

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

Ok(())

}

#[test]

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

3543

fn test_insert_and_load_certificate_entry_domain_app() -> Result<()> {

3544

let mut db = new_test_db()?;

3545

3546

db.store_new_certificate(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3547

&KeyDescriptor {

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

3548

domain: Domain::APP,

3549

nspace: 1,

3550

alias: Some(TEST_ALIAS.to_string()),

3551

blob: None,

3552

},

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

3553

KeyType::Client,

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

3554

TEST_CERT_BLOB,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3555

&KEYSTORE_UUID,

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

3556

)

3557

.expect("Trying to insert cert.");

3558

3559

let (_key_guard, mut key_entry) = db

3560

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3561

&KeyDescriptor {

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

3562

domain: Domain::APP,

3563

nspace: 1,

3564

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::PUBLIC,

1,

|_k, _av| Ok(()),

)

.expect("Trying to read certificate entry.");

3573

3574

assert!(key_entry.pure_cert());

3575

assert!(key_entry.cert().is_none());

3576

assert_eq!(key_entry.take_cert_chain(), Some(TEST_CERT_BLOB.to_vec()));

3577

3578

db.unbind_key(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3579

&KeyDescriptor {

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

3580

domain: Domain::APP,

3581

nspace: 1,

3582

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

KeyType::Client,

1,

|_, _| Ok(()),

)

.unwrap();

assert_eq!(

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

3593

db.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3594

&KeyDescriptor {

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

3595

domain: Domain::APP,

3596

nspace: 1,

3597

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::NONE,

1,

|_k, _av| Ok(()),

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

);

Ok(())

}

#[test]

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3614

fn test_insert_and_load_full_keyentry_domain_selinux() -> Result<()> {

3615

let mut db = new_test_db()?;

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3616

let key_id = make_test_key_entry(&mut db, Domain::SELINUX, 1, TEST_ALIAS, None)

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

3617

.context("test_insert_and_load_full_keyentry_domain_selinux")?

3618

.0;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3619

let (_key_guard, key_entry) = db

3620

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3621

&KeyDescriptor {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3622

domain: Domain::SELINUX,

3623

nspace: 1,

3624

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

1,

|_k, _av| Ok(()),

)

.unwrap();

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3633

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3634

3635

db.unbind_key(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3636

&KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3637

domain: Domain::SELINUX,

3638

nspace: 1,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3639

alias: Some(TEST_ALIAS.to_string()),

3640

blob: None,

3641

},

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

3642

KeyType::Client,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3643

1,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

|_, _| Ok(()),

)

.unwrap();

assert_eq!(

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

3650

db.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3651

&KeyDescriptor {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3652

domain: Domain::SELINUX,

3653

nspace: 1,

3654

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::NONE,

1,

|_k, _av| Ok(()),

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

3665

);

3666

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

Ok(())

}

#[test]

fn test_insert_and_load_full_keyentry_domain_key_id() -> Result<()> {

3672

let mut db = new_test_db()?;

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3673

let key_id = make_test_key_entry(&mut db, Domain::SELINUX, 1, TEST_ALIAS, None)

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

3674

.context("test_insert_and_load_full_keyentry_domain_key_id")?

3675

.0;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3676

let (_, key_entry) = db

3677

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3678

&KeyDescriptor { domain: Domain::KEY_ID, nspace: key_id, alias: None, blob: None },

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3679

KeyType::Client,

3680

KeyEntryLoadBits::BOTH,

1,

|_k, _av| Ok(()),

)

.unwrap();

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3686

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3687

3688

db.unbind_key(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3689

&KeyDescriptor { domain: Domain::KEY_ID, nspace: key_id, alias: None, blob: None },

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

3690

KeyType::Client,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3691

1,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

|_, _| Ok(()),

)

.unwrap();

assert_eq!(

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

3698

db.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3699

&KeyDescriptor { domain: Domain::KEY_ID, nspace: key_id, alias: None, blob: None },

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3700

KeyType::Client,

3701

KeyEntryLoadBits::NONE,

1,

|_k, _av| Ok(()),

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

3708

);

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

Ok(())

}

#[test]

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3714

fn test_check_and_update_key_usage_count_with_limited_use_key() -> Result<()> {

3715

let mut db = new_test_db()?;

3716

let key_id = make_test_key_entry(&mut db, Domain::SELINUX, 1, TEST_ALIAS, Some(123))

3717

.context("test_check_and_update_key_usage_count_with_limited_use_key")?

3718

.0;

3719

// Update the usage count of the limited use key.

3720

db.check_and_update_key_usage_count(key_id)?;

3721

3722

let (_key_guard, key_entry) = db.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3723

&KeyDescriptor { domain: Domain::KEY_ID, nspace: key_id, alias: None, blob: None },

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3724

KeyType::Client,

3725

KeyEntryLoadBits::BOTH,

1,

|_k, _av| Ok(()),

)?;

// The usage count is decremented now.

3731

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, Some(122)));

Ok(())

}

#[test]

fn test_check_and_update_key_usage_count_with_exhausted_limited_use_key() -> Result<()> {

3738

let mut db = new_test_db()?;

3739

let key_id = make_test_key_entry(&mut db, Domain::SELINUX, 1, TEST_ALIAS, Some(1))

3740

.context("test_check_and_update_key_usage_count_with_exhausted_limited_use_key")?

3741

.0;

3742

// Update the usage count of the limited use key.

3743

db.check_and_update_key_usage_count(key_id).expect(concat!(

3744

"In test_check_and_update_key_usage_count_with_exhausted_limited_use_key: ",

3745

"This should succeed."

3746

));

3747

3748

// Try to update the exhausted limited use key.

3749

let e = db.check_and_update_key_usage_count(key_id).expect_err(concat!(

3750

"In test_check_and_update_key_usage_count_with_exhausted_limited_use_key: ",

"This should fail."

));

assert_eq!(

&KsError::Km(ErrorCode::INVALID_KEY_BLOB),

3755

e.root_cause().downcast_ref::<KsError>().unwrap()

);

Ok(())

}

#[test]

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3762

fn test_insert_and_load_full_keyentry_from_grant() -> Result<()> {

3763

let mut db = new_test_db()?;

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3764

let key_id = make_test_key_entry(&mut db, Domain::APP, 1, TEST_ALIAS, None)

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

3765

.context("test_insert_and_load_full_keyentry_from_grant")?

3766

.0;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3767

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3768

let granted_key = db

3769

.grant(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3770

&KeyDescriptor {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3771

domain: Domain::APP,

3772

nspace: 0,

3773

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

1,

2,

Janis Danisevskis

2021-10-19 16:56:20 -0700

[diff] [blame]

3778

key_perm_set![KeyPerm::Use],

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3779

|_k, _av| Ok(()),

3780

)

3781

.unwrap();

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3782

3783

debug_dump_grant_table(&mut db)?;

3784

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3785

let (_key_guard, key_entry) = db

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3786

.load_key_entry(&granted_key, KeyType::Client, KeyEntryLoadBits::BOTH, 2, |k, av| {

3787

assert_eq!(Domain::GRANT, k.domain);

Janis Danisevskis

2021-10-19 16:56:20 -0700

[diff] [blame]

3788

assert!(av.unwrap().includes(KeyPerm::Use));

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3789

Ok(())

3790

})

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3791

.unwrap();

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3792

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3793

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3794

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3795

db.unbind_key(&granted_key, KeyType::Client, 2, |_, _| Ok(())).unwrap();

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3796

3797

assert_eq!(

3798

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

3799

db.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3800

&granted_key,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3801

KeyType::Client,

3802

KeyEntryLoadBits::NONE,

2,

|_k, _av| Ok(()),

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

3809

);

3810

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

Ok(())

}

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

3814

// This test attempts to load a key by key id while the caller is not the owner

3815

// but a grant exists for the given key and the caller.

3816

#[test]

3817

fn test_insert_and_load_full_keyentry_from_grant_by_key_id() -> Result<()> {

3818

let mut db = new_test_db()?;

3819

const OWNER_UID: u32 = 1u32;

3820

const GRANTEE_UID: u32 = 2u32;

3821

const SOMEONE_ELSE_UID: u32 = 3u32;

3822

let key_id = make_test_key_entry(&mut db, Domain::APP, OWNER_UID as i64, TEST_ALIAS, None)

3823

.context("test_insert_and_load_full_keyentry_from_grant_by_key_id")?

3824

.0;

3825

3826

db.grant(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3827

&KeyDescriptor {

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

3828

domain: Domain::APP,

3829

nspace: 0,

3830

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

OWNER_UID,

GRANTEE_UID,

Janis Danisevskis

2021-10-19 16:56:20 -0700

[diff] [blame]

3835

key_perm_set![KeyPerm::Use],

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

|_k, _av| Ok(()),

)

.unwrap();

debug_dump_grant_table(&mut db)?;

3841

3842

let id_descriptor =

3843

KeyDescriptor { domain: Domain::KEY_ID, nspace: key_id, ..Default::default() };

3844

3845

let (_, key_entry) = db

3846

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3847

&id_descriptor,

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

3848

KeyType::Client,

3849

KeyEntryLoadBits::BOTH,

3850

GRANTEE_UID,

3851

|k, av| {

3852

assert_eq!(Domain::APP, k.domain);

3853

assert_eq!(OWNER_UID as i64, k.nspace);

Janis Danisevskis

2021-10-19 16:56:20 -0700

[diff] [blame]

3854

assert!(av.unwrap().includes(KeyPerm::Use));

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

3861

3862

let (_, key_entry) = db

3863

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3864

&id_descriptor,

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

3865

KeyType::Client,

3866

KeyEntryLoadBits::BOTH,

3867

SOMEONE_ELSE_UID,

3868

|k, av| {

3869

assert_eq!(Domain::APP, k.domain);

3870

assert_eq!(OWNER_UID as i64, k.nspace);

3871

assert!(av.is_none());

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

3878

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3879

db.unbind_key(&id_descriptor, KeyType::Client, OWNER_UID, |_, _| Ok(())).unwrap();

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

3880

3881

assert_eq!(

3882

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

3883

db.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3884

&id_descriptor,

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

3885

KeyType::Client,

3886

KeyEntryLoadBits::NONE,

GRANTEE_UID,

|_k, _av| Ok(()),

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

);

Ok(())

}

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

3898

// Creates a key migrates it to a different location and then tries to access it by the old

3899

// and new location.

3900

#[test]

3901

fn test_migrate_key_app_to_app() -> Result<()> {

3902

let mut db = new_test_db()?;

3903

const SOURCE_UID: u32 = 1u32;

3904

const DESTINATION_UID: u32 = 2u32;

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

3905

static SOURCE_ALIAS: &str = "SOURCE_ALIAS";

3906

static DESTINATION_ALIAS: &str = "DESTINATION_ALIAS";

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

3907

let key_id_guard =

3908

make_test_key_entry(&mut db, Domain::APP, SOURCE_UID as i64, SOURCE_ALIAS, None)

3909

.context("test_insert_and_load_full_keyentry_from_grant_by_key_id")?;

3910

3911

let source_descriptor: KeyDescriptor = KeyDescriptor {

3912

domain: Domain::APP,

3913

nspace: -1,

3914

alias: Some(SOURCE_ALIAS.to_string()),

blob: None,

};

let destination_descriptor: KeyDescriptor = KeyDescriptor {

3919

domain: Domain::APP,

3920

nspace: -1,

3921

alias: Some(DESTINATION_ALIAS.to_string()),

blob: None,

};

let key_id = key_id_guard.id();

3926

3927

db.migrate_key_namespace(key_id_guard, &destination_descriptor, DESTINATION_UID, |_k| {

Ok(())

})

.unwrap();

let (_, key_entry) = db

3933

.load_key_entry(

3934

&destination_descriptor,

3935

KeyType::Client,

3936

KeyEntryLoadBits::BOTH,

3937

DESTINATION_UID,

3938

|k, av| {

3939

assert_eq!(Domain::APP, k.domain);

3940

assert_eq!(DESTINATION_UID as i64, k.nspace);

3941

assert!(av.is_none());

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

3948

3949

assert_eq!(

3950

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

db.load_key_entry(

&source_descriptor,

KeyType::Client,

KeyEntryLoadBits::NONE,

SOURCE_UID,

|_k, _av| Ok(()),

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

);

Ok(())

}

// Creates a key migrates it to a different location and then tries to access it by the old

3967

// and new location.

3968

#[test]

3969

fn test_migrate_key_app_to_selinux() -> Result<()> {

3970

let mut db = new_test_db()?;

3971

const SOURCE_UID: u32 = 1u32;

3972

const DESTINATION_UID: u32 = 2u32;

3973

const DESTINATION_NAMESPACE: i64 = 1000i64;

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

3974

static SOURCE_ALIAS: &str = "SOURCE_ALIAS";

3975

static DESTINATION_ALIAS: &str = "DESTINATION_ALIAS";

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

3976

let key_id_guard =

3977

make_test_key_entry(&mut db, Domain::APP, SOURCE_UID as i64, SOURCE_ALIAS, None)

3978

.context("test_insert_and_load_full_keyentry_from_grant_by_key_id")?;

3979

3980

let source_descriptor: KeyDescriptor = KeyDescriptor {

3981

domain: Domain::APP,

3982

nspace: -1,

3983

alias: Some(SOURCE_ALIAS.to_string()),

blob: None,

};

let destination_descriptor: KeyDescriptor = KeyDescriptor {

3988

domain: Domain::SELINUX,

3989

nspace: DESTINATION_NAMESPACE,

3990

alias: Some(DESTINATION_ALIAS.to_string()),

blob: None,

};

let key_id = key_id_guard.id();

3995

3996

db.migrate_key_namespace(key_id_guard, &destination_descriptor, DESTINATION_UID, |_k| {

Ok(())

})

.unwrap();

let (_, key_entry) = db

4002

.load_key_entry(

4003

&destination_descriptor,

4004

KeyType::Client,

4005

KeyEntryLoadBits::BOTH,

4006

DESTINATION_UID,

4007

|k, av| {

4008

assert_eq!(Domain::SELINUX, k.domain);

Charisee

03e0084

2023-01-25 01:41:23 +0000

[diff] [blame]

4009

assert_eq!(DESTINATION_NAMESPACE, k.nspace);

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

4010

assert!(av.is_none());

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

4017

4018

assert_eq!(

4019

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

db.load_key_entry(

&source_descriptor,

KeyType::Client,

KeyEntryLoadBits::NONE,

SOURCE_UID,

|_k, _av| Ok(()),

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

);

Ok(())

}

// Creates two keys and tries to migrate the first to the location of the second which

4036

// is expected to fail.

4037

#[test]

4038

fn test_migrate_key_destination_occupied() -> Result<()> {

4039

let mut db = new_test_db()?;

4040

const SOURCE_UID: u32 = 1u32;

4041

const DESTINATION_UID: u32 = 2u32;

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

4042

static SOURCE_ALIAS: &str = "SOURCE_ALIAS";

4043

static DESTINATION_ALIAS: &str = "DESTINATION_ALIAS";

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

4044

let key_id_guard =

4045

make_test_key_entry(&mut db, Domain::APP, SOURCE_UID as i64, SOURCE_ALIAS, None)

4046

.context("test_insert_and_load_full_keyentry_from_grant_by_key_id")?;

4047

make_test_key_entry(&mut db, Domain::APP, DESTINATION_UID as i64, DESTINATION_ALIAS, None)

4048

.context("test_insert_and_load_full_keyentry_from_grant_by_key_id")?;

4049

4050

let destination_descriptor: KeyDescriptor = KeyDescriptor {

4051

domain: Domain::APP,

4052

nspace: -1,

4053

alias: Some(DESTINATION_ALIAS.to_string()),

blob: None,

};

assert_eq!(

Some(&KsError::Rc(ResponseCode::INVALID_ARGUMENT)),

4059

db.migrate_key_namespace(

4060

key_id_guard,

4061

&destination_descriptor,

DESTINATION_UID,

|_k| Ok(())

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

);

Ok(())

}

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

4073

#[test]

4074

fn test_upgrade_0_to_1() {

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

4075

const ALIAS1: &str = "test_upgrade_0_to_1_1";

4076

const ALIAS2: &str = "test_upgrade_0_to_1_2";

4077

const ALIAS3: &str = "test_upgrade_0_to_1_3";

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

4078

const UID: u32 = 33;

4079

let temp_dir = Arc::new(TempDir::new("test_upgrade_0_to_1").unwrap());

4080

let mut db = KeystoreDB::new(temp_dir.path(), None).unwrap();

4081

let key_id_untouched1 =

4082

make_test_key_entry(&mut db, Domain::APP, UID as i64, ALIAS1, None).unwrap().id();

4083

let key_id_untouched2 =

4084

make_bootlevel_key_entry(&mut db, Domain::APP, UID as i64, ALIAS2, false).unwrap().id();

4085

let key_id_deleted =

4086

make_bootlevel_key_entry(&mut db, Domain::APP, UID as i64, ALIAS3, true).unwrap().id();

4087

4088

let (_, key_entry) = db

.load_key_entry(

&KeyDescriptor {

domain: Domain::APP,

nspace: -1,

alias: Some(ALIAS1.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

4098

UID,

4099

|k, av| {

4100

assert_eq!(Domain::APP, k.domain);

4101

assert_eq!(UID as i64, k.nspace);

4102

assert!(av.is_none());

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id_untouched1, None));

4108

let (_, key_entry) = db

.load_key_entry(

&KeyDescriptor {

domain: Domain::APP,

nspace: -1,

alias: Some(ALIAS2.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

4118

UID,

4119

|k, av| {

4120

assert_eq!(Domain::APP, k.domain);

4121

assert_eq!(UID as i64, k.nspace);

4122

assert!(av.is_none());

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_bootlevel_test_key_entry_test_vector(key_id_untouched2, false));

4128

let (_, key_entry) = db

.load_key_entry(

&KeyDescriptor {

domain: Domain::APP,

nspace: -1,

alias: Some(ALIAS3.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

4138

UID,

4139

|k, av| {

4140

assert_eq!(Domain::APP, k.domain);

4141

assert_eq!(UID as i64, k.nspace);

4142

assert!(av.is_none());

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_bootlevel_test_key_entry_test_vector(key_id_deleted, true));

4148

4149

db.with_transaction(TransactionBehavior::Immediate, |tx| {

4150

KeystoreDB::from_0_to_1(tx).no_gc()

})

.unwrap();

let (_, key_entry) = db

.load_key_entry(

&KeyDescriptor {

domain: Domain::APP,

nspace: -1,

alias: Some(ALIAS1.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

4164

UID,

4165

|k, av| {

4166

assert_eq!(Domain::APP, k.domain);

4167

assert_eq!(UID as i64, k.nspace);

4168

assert!(av.is_none());

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id_untouched1, None));

4174

let (_, key_entry) = db

.load_key_entry(

&KeyDescriptor {

domain: Domain::APP,

nspace: -1,

alias: Some(ALIAS2.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

4184

UID,

4185

|k, av| {

4186

assert_eq!(Domain::APP, k.domain);

4187

assert_eq!(UID as i64, k.nspace);

4188

assert!(av.is_none());

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_bootlevel_test_key_entry_test_vector(key_id_untouched2, false));

4194

assert_eq!(

4195

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

db.load_key_entry(

&KeyDescriptor {

domain: Domain::APP,

nspace: -1,

alias: Some(ALIAS3.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

4205

UID,

4206

|k, av| {

4207

assert_eq!(Domain::APP, k.domain);

4208

assert_eq!(UID as i64, k.nspace);

4209

assert!(av.is_none());

Ok(())

},

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

);

}

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

4219

static KEY_LOCK_TEST_ALIAS: &str = "my super duper locked key";

4220

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

4221

#[test]

4222

fn test_insert_and_load_full_keyentry_domain_app_concurrently() -> Result<()> {

4223

let handle = {

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

4224

let temp_dir = Arc::new(TempDir::new("id_lock_test")?);

4225

let temp_dir_clone = temp_dir.clone();

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4226

let mut db = KeystoreDB::new(temp_dir.path(), None)?;

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4227

let key_id = make_test_key_entry(&mut db, Domain::APP, 33, KEY_LOCK_TEST_ALIAS, None)

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

4228

.context("test_insert_and_load_full_keyentry_domain_app")?

4229

.0;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

4230

let (_key_guard, key_entry) = db

4231

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4232

&KeyDescriptor {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

4233

domain: Domain::APP,

4234

nspace: 0,

4235

alias: Some(KEY_LOCK_TEST_ALIAS.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

33,

|_k, _av| Ok(()),

)

.unwrap();

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4244

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

4245

let state = Arc::new(AtomicU8::new(1));

4246

let state2 = state.clone();

4247

4248

// Spawning a second thread that attempts to acquire the key id lock

4249

// for the same key as the primary thread. The primary thread then

4250

// waits, thereby forcing the secondary thread into the second stage

4251

// of acquiring the lock (see KEY ID LOCK 2/2 above).

4252

// The test succeeds if the secondary thread observes the transition

4253

// of `state` from 1 to 2, despite having a whole second to overtake

4254

// the primary thread.

4255

let handle = thread::spawn(move || {

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

4256

let temp_dir = temp_dir_clone;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4257

let mut db = KeystoreDB::new(temp_dir.path(), None).unwrap();

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

4258

assert!(db

4259

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4260

&KeyDescriptor {

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

4261

domain: Domain::APP,

4262

nspace: 0,

4263

alias: Some(KEY_LOCK_TEST_ALIAS.to_string()),

4264

blob: None,

4265

},

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4266

KeyType::Client,

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

4267

KeyEntryLoadBits::BOTH,

33,

|_k, _av| Ok(()),

)

.is_ok());

// We should only see a 2 here because we can only return

4273

// from load_key_entry when the `_key_guard` expires,

4274

// which happens at the end of the scope.

4275

assert_eq!(2, state2.load(Ordering::Relaxed));

4276

});

4277

4278

thread::sleep(std::time::Duration::from_millis(1000));

4279

4280

assert_eq!(Ok(1), state.compare_exchange(1, 2, Ordering::Relaxed, Ordering::Relaxed));

4281

4282

// Return the handle from this scope so we can join with the

4283

// secondary thread after the key id lock has expired.

4284

handle

4285

// This is where the `_key_guard` goes out of scope,

4286

// which is the reason for concurrent load_key_entry on the same key

4287

// to unblock.

4288

};

4289

// Join with the secondary thread and unwrap, to propagate failing asserts to the

4290

// main test thread. We will not see failing asserts in secondary threads otherwise.

4291

handle.join().unwrap();

Ok(())

}

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

4295

#[test]

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

4296

fn test_database_busy_error_code() {

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4297

let temp_dir =

4298

TempDir::new("test_database_busy_error_code_").expect("Failed to create temp dir.");

4299

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4300

let mut db1 = KeystoreDB::new(temp_dir.path(), None).expect("Failed to open database1.");

4301

let mut db2 = KeystoreDB::new(temp_dir.path(), None).expect("Failed to open database2.");

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

let _tx1 = db1

.conn

.transaction_with_behavior(TransactionBehavior::Immediate)

4306

.expect("Failed to create first transaction.");

let error = db2

.conn

.transaction_with_behavior(TransactionBehavior::Immediate)

4311

.context("Transaction begin failed.")

4312

.expect_err("This should fail.");

4313

let root_cause = error.root_cause();

4314

if let Some(rusqlite::ffi::Error { code: rusqlite::ErrorCode::DatabaseBusy, .. }) =

4315

root_cause.downcast_ref::<rusqlite::ffi::Error>()

{

return;

}

panic!(

"Unexpected error {:?} \n{:?} \n{:?}",

4321

error,

4322

root_cause,

4323

root_cause.downcast_ref::<rusqlite::ffi::Error>()

)

}

#[cfg(disabled)]

#[test]

fn test_large_number_of_concurrent_db_manipulations() -> Result<()> {

4330

let temp_dir = Arc::new(

4331

TempDir::new("test_large_number_of_concurrent_db_manipulations_")

4332

.expect("Failed to create temp dir."),

4333

);

4334

4335

let test_begin = Instant::now();

4336

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4337

const KEY_COUNT: u32 = 500u32;

Seth Moore

2021-06-11 09:49:49 -0700

[diff] [blame]

4338

let mut db =

4339

new_test_db_with_gc(temp_dir.path(), |_, _| Ok(())).expect("Failed to open database.");

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4340

const OPEN_DB_COUNT: u32 = 50u32;

4341

4342

let mut actual_key_count = KEY_COUNT;

4343

// First insert KEY_COUNT keys.

4344

for count in 0..KEY_COUNT {

4345

if Instant::now().duration_since(test_begin) >= Duration::from_secs(15) {

4346

actual_key_count = count;

4347

break;

4348

}

4349

let alias = format!("test_alias_{}", count);

4350

make_test_key_entry(&mut db, Domain::APP, 1, &alias, None)

4351

.expect("Failed to make key entry.");

4352

}

4353

4354

// Insert more keys from a different thread and into a different namespace.

4355

let temp_dir1 = temp_dir.clone();

4356

let handle1 = thread::spawn(move || {

Seth Moore

2021-06-11 09:49:49 -0700

[diff] [blame]

4357

let mut db = new_test_db_with_gc(temp_dir1.path(), |_, _| Ok(()))

4358

.expect("Failed to open database.");

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4359

4360

for count in 0..actual_key_count {

4361

if Instant::now().duration_since(test_begin) >= Duration::from_secs(40) {

4362

return;

4363

}

4364

let alias = format!("test_alias_{}", count);

4365

make_test_key_entry(&mut db, Domain::APP, 2, &alias, None)

4366

.expect("Failed to make key entry.");

4367

}

4368

4369

// then unbind them again.

4370

for count in 0..actual_key_count {

4371

if Instant::now().duration_since(test_begin) >= Duration::from_secs(40) {

4372

return;

4373

}

4374

let key = KeyDescriptor {

4375

domain: Domain::APP,

4376

nspace: -1,

4377

alias: Some(format!("test_alias_{}", count)),

4378

blob: None,

4379

};

4380

db.unbind_key(&key, KeyType::Client, 2, |_, _| Ok(())).expect("Unbind Failed.");

}

});

// And start unbinding the first set of keys.

4385

let temp_dir2 = temp_dir.clone();

4386

let handle2 = thread::spawn(move || {

Seth Moore

2021-06-11 09:49:49 -0700

[diff] [blame]

4387

let mut db = new_test_db_with_gc(temp_dir2.path(), |_, _| Ok(()))

4388

.expect("Failed to open database.");

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4389

4390

for count in 0..actual_key_count {

4391

if Instant::now().duration_since(test_begin) >= Duration::from_secs(40) {

4392

return;

4393

}

4394

let key = KeyDescriptor {

4395

domain: Domain::APP,

4396

nspace: -1,

4397

alias: Some(format!("test_alias_{}", count)),

4398

blob: None,

4399

};

4400

db.unbind_key(&key, KeyType::Client, 1, |_, _| Ok(())).expect("Unbind Failed.");

}

});

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4404

// While a lot of inserting and deleting is going on we have to open database connections

4405

// successfully and use them.

4406

// This clone is not redundant, because temp_dir needs to be kept alive until db goes

4407

// out of scope.

4408

#[allow(clippy::redundant_clone)]

4409

let temp_dir4 = temp_dir.clone();

4410

let handle4 = thread::spawn(move || {

4411

for count in 0..OPEN_DB_COUNT {

4412

if Instant::now().duration_since(test_begin) >= Duration::from_secs(40) {

4413

return;

4414

}

Seth Moore

2021-06-11 09:49:49 -0700

[diff] [blame]

4415

let mut db = new_test_db_with_gc(temp_dir4.path(), |_, _| Ok(()))

4416

.expect("Failed to open database.");

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4417

4418

let alias = format!("test_alias_{}", count);

4419

make_test_key_entry(&mut db, Domain::APP, 3, &alias, None)

4420

.expect("Failed to make key entry.");

4421

let key = KeyDescriptor {

domain: Domain::APP,

nspace: -1,

alias: Some(alias),

blob: None,

};

db.unbind_key(&key, KeyType::Client, 3, |_, _| Ok(())).expect("Unbind Failed.");

}

});

handle1.join().expect("Thread 1 panicked.");

4432

handle2.join().expect("Thread 2 panicked.");

4433

handle4.join().expect("Thread 4 panicked.");

4434

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

Ok(())

}

#[test]

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

4439

fn list() -> Result<()> {

4440

let temp_dir = TempDir::new("list_test")?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4441

let mut db = KeystoreDB::new(temp_dir.path(), None)?;

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

4442

static LIST_O_ENTRIES: &[(Domain, i64, &str)] = &[

4443

(Domain::APP, 1, "test1"),

4444

(Domain::APP, 1, "test2"),

4445

(Domain::APP, 1, "test3"),

4446

(Domain::APP, 1, "test4"),

4447

(Domain::APP, 1, "test5"),

4448

(Domain::APP, 1, "test6"),

4449

(Domain::APP, 1, "test7"),

4450

(Domain::APP, 2, "test1"),

4451

(Domain::APP, 2, "test2"),

4452

(Domain::APP, 2, "test3"),

4453

(Domain::APP, 2, "test4"),

4454

(Domain::APP, 2, "test5"),

4455

(Domain::APP, 2, "test6"),

4456

(Domain::APP, 2, "test8"),

4457

(Domain::SELINUX, 100, "test1"),

4458

(Domain::SELINUX, 100, "test2"),

4459

(Domain::SELINUX, 100, "test3"),

4460

(Domain::SELINUX, 100, "test4"),

4461

(Domain::SELINUX, 100, "test5"),

4462

(Domain::SELINUX, 100, "test6"),

4463

(Domain::SELINUX, 100, "test9"),

4464

];

4465

4466

let list_o_keys: Vec<(i64, i64)> = LIST_O_ENTRIES

4467

.iter()

4468

.map(|(domain, ns, alias)| {

Chris Wailes

dabb6fe

2022-11-16 15:56:19 -0800

[diff] [blame]

4469

let entry =

4470

make_test_key_entry(&mut db, *domain, *ns, alias, None).unwrap_or_else(|e| {

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

4471

panic!("Failed to insert {:?} {} {}. Error {:?}", domain, ns, alias, e)

});

(entry.id(), *ns)

})

.collect();

for (domain, namespace) in

4478

&[(Domain::APP, 1i64), (Domain::APP, 2i64), (Domain::SELINUX, 100i64)]

4479

{

4480

let mut list_o_descriptors: Vec<KeyDescriptor> = LIST_O_ENTRIES

4481

.iter()

4482

.filter_map(|(domain, ns, alias)| match ns {

4483

ns if *ns == *namespace => Some(KeyDescriptor {

4484

domain: *domain,

4485

nspace: *ns,

4486

alias: Some(alias.to_string()),

blob: None,

}),

_ => None,

})

.collect();

list_o_descriptors.sort();

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

4493

let mut list_result = db.list_past_alias(*domain, *namespace, KeyType::Client, None)?;

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

4494

list_result.sort();

4495

assert_eq!(list_o_descriptors, list_result);

4496

4497

let mut list_o_ids: Vec<i64> = list_o_descriptors

4498

.into_iter()

4499

.map(|d| {

4500

let (_, entry) = db

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4501

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4502

&d,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4503

KeyType::Client,

4504

KeyEntryLoadBits::NONE,

4505

*namespace as u32,

4506

|_, _| Ok(()),

4507

)

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

.unwrap();

entry.id()

})

.collect();

list_o_ids.sort_unstable();

4513

let mut loaded_entries: Vec<i64> = list_o_keys

4514

.iter()

4515

.filter_map(|(id, ns)| match ns {

4516

ns if *ns == *namespace => Some(*id),

_ => None,

})

.collect();

loaded_entries.sort_unstable();

4521

assert_eq!(list_o_ids, loaded_entries);

4522

}

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

4523

assert_eq!(

4524

Vec::<KeyDescriptor>::new(),

4525

db.list_past_alias(Domain::SELINUX, 101, KeyType::Client, None)?

4526

);

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

Ok(())

}

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

4531

// Helpers

4532

4533

// Checks that the given result is an error containing the given string.

4534

fn check_result_is_error_containing_string<T>(result: Result<T>, target: &str) {

4535

let error_str = format!(

4536

"{:#?}",

4537

result.err().unwrap_or_else(|| panic!("Expected the error: {}", target))

4538

);

4539

assert!(

4540

error_str.contains(target),

4541

"The string \"{}\" should contain \"{}\"",

error_str,

target

);

}

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

4547

#[derive(Debug, PartialEq)]

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

4548

struct KeyEntryRow {

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

4549

id: i64,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4550

key_type: KeyType,

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

4551

domain: Option<Domain>,

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

4552

namespace: Option<i64>,

4553

alias: Option<String>,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

4554

state: KeyLifeCycle,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

4555

km_uuid: Option<Uuid>,

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

4556

}

4557

4558

fn get_keyentry(db: &KeystoreDB) -> Result<Vec<KeyEntryRow>> {

4559

db.conn

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

4560

.prepare("SELECT * FROM persistent.keyentry;")?

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

4561

.query_map([], |row| {

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

4562

Ok(KeyEntryRow {

4563

id: row.get(0)?,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4564

key_type: row.get(1)?,

Chris Wailes

3583a51

2021-07-22 16:22:51 -0700

[diff] [blame]

4565

domain: row.get::<_, Option<_>>(2)?.map(Domain),

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

4566

namespace: row.get(3)?,

4567

alias: row.get(4)?,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

4568

state: row.get(5)?,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

4569

km_uuid: row.get(6)?,

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

4570

})

4571

})?

4572

.map(|r| r.context("Could not read keyentry row."))

4573

.collect::<Result<Vec<_>>>()

4574

}

4575

Eran Messeri

2024-01-09 12:43:31 +0000

[diff] [blame]

4576

fn make_test_params(max_usage_count: Option<i32>) -> Vec<KeyParameter> {

4577

make_test_params_with_sids(max_usage_count, &[42])

4578

}

4579

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

4580

// Note: The parameters and SecurityLevel associations are nonsensical. This

4581

// collection is only used to check if the parameters are preserved as expected by the

4582

// database.

Eran Messeri

2024-01-09 12:43:31 +0000

[diff] [blame]

4583

fn make_test_params_with_sids(

4584

max_usage_count: Option<i32>,

4585

user_secure_ids: &[i64],

4586

) -> Vec<KeyParameter> {

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4587

let mut params = vec![

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

4588

KeyParameter::new(KeyParameterValue::Invalid, SecurityLevel::TRUSTED_ENVIRONMENT),

4589

KeyParameter::new(

4590

KeyParameterValue::KeyPurpose(KeyPurpose::SIGN),

4591

SecurityLevel::TRUSTED_ENVIRONMENT,

4592

),

4593

KeyParameter::new(

4594

KeyParameterValue::KeyPurpose(KeyPurpose::DECRYPT),

4595

SecurityLevel::TRUSTED_ENVIRONMENT,

4596

),

4597

KeyParameter::new(

4598

KeyParameterValue::Algorithm(Algorithm::RSA),

4599

SecurityLevel::TRUSTED_ENVIRONMENT,

4600

),

4601

KeyParameter::new(KeyParameterValue::KeySize(1024), SecurityLevel::TRUSTED_ENVIRONMENT),

4602

KeyParameter::new(

4603

KeyParameterValue::BlockMode(BlockMode::ECB),

4604

SecurityLevel::TRUSTED_ENVIRONMENT,

4605

),

4606

KeyParameter::new(

4607

KeyParameterValue::BlockMode(BlockMode::GCM),

4608

SecurityLevel::TRUSTED_ENVIRONMENT,

4609

),

4610

KeyParameter::new(KeyParameterValue::Digest(Digest::NONE), SecurityLevel::STRONGBOX),

4611

KeyParameter::new(

4612

KeyParameterValue::Digest(Digest::MD5),

4613

SecurityLevel::TRUSTED_ENVIRONMENT,

4614

),

4615

KeyParameter::new(

4616

KeyParameterValue::Digest(Digest::SHA_2_224),

4617

SecurityLevel::TRUSTED_ENVIRONMENT,

4618

),

4619

KeyParameter::new(

4620

KeyParameterValue::Digest(Digest::SHA_2_256),

4621

SecurityLevel::STRONGBOX,

4622

),

4623

KeyParameter::new(

4624

KeyParameterValue::PaddingMode(PaddingMode::NONE),

4625

SecurityLevel::TRUSTED_ENVIRONMENT,

4626

),

4627

KeyParameter::new(

4628

KeyParameterValue::PaddingMode(PaddingMode::RSA_OAEP),

4629

SecurityLevel::TRUSTED_ENVIRONMENT,

4630

),

4631

KeyParameter::new(

4632

KeyParameterValue::PaddingMode(PaddingMode::RSA_PSS),

4633

SecurityLevel::STRONGBOX,

4634

),

4635

KeyParameter::new(

4636

KeyParameterValue::PaddingMode(PaddingMode::RSA_PKCS1_1_5_SIGN),

4637

SecurityLevel::TRUSTED_ENVIRONMENT,

4638

),

4639

KeyParameter::new(KeyParameterValue::CallerNonce, SecurityLevel::TRUSTED_ENVIRONMENT),

4640

KeyParameter::new(KeyParameterValue::MinMacLength(256), SecurityLevel::STRONGBOX),

4641

KeyParameter::new(

4642

KeyParameterValue::EcCurve(EcCurve::P_224),

4643

SecurityLevel::TRUSTED_ENVIRONMENT,

4644

),

4645

KeyParameter::new(KeyParameterValue::EcCurve(EcCurve::P_256), SecurityLevel::STRONGBOX),

4646

KeyParameter::new(

4647

KeyParameterValue::EcCurve(EcCurve::P_384),

4648

SecurityLevel::TRUSTED_ENVIRONMENT,

4649

),

4650

KeyParameter::new(

4651

KeyParameterValue::EcCurve(EcCurve::P_521),

4652

SecurityLevel::TRUSTED_ENVIRONMENT,

4653

),

4654

KeyParameter::new(

4655

KeyParameterValue::RSAPublicExponent(3),

4656

SecurityLevel::TRUSTED_ENVIRONMENT,

4657

),

4658

KeyParameter::new(

4659

KeyParameterValue::IncludeUniqueID,

4660

SecurityLevel::TRUSTED_ENVIRONMENT,

4661

),

4662

KeyParameter::new(KeyParameterValue::BootLoaderOnly, SecurityLevel::STRONGBOX),

4663

KeyParameter::new(KeyParameterValue::RollbackResistance, SecurityLevel::STRONGBOX),

4664

KeyParameter::new(

4665

KeyParameterValue::ActiveDateTime(1234567890),

4666

SecurityLevel::STRONGBOX,

4667

),

4668

KeyParameter::new(

4669

KeyParameterValue::OriginationExpireDateTime(1234567890),

4670

SecurityLevel::TRUSTED_ENVIRONMENT,

4671

),

4672

KeyParameter::new(

4673

KeyParameterValue::UsageExpireDateTime(1234567890),

4674

SecurityLevel::TRUSTED_ENVIRONMENT,

4675

),

4676

KeyParameter::new(

4677

KeyParameterValue::MinSecondsBetweenOps(1234567890),

4678

SecurityLevel::TRUSTED_ENVIRONMENT,

4679

),

4680

KeyParameter::new(

4681

KeyParameterValue::MaxUsesPerBoot(1234567890),

4682

SecurityLevel::TRUSTED_ENVIRONMENT,

4683

),

4684

KeyParameter::new(KeyParameterValue::UserID(1), SecurityLevel::STRONGBOX),

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

4685

KeyParameter::new(

4686

KeyParameterValue::NoAuthRequired,

4687

SecurityLevel::TRUSTED_ENVIRONMENT,

4688

),

4689

KeyParameter::new(

4690

KeyParameterValue::HardwareAuthenticatorType(HardwareAuthenticatorType::PASSWORD),

4691

SecurityLevel::TRUSTED_ENVIRONMENT,

4692

),

4693

KeyParameter::new(KeyParameterValue::AuthTimeout(1234567890), SecurityLevel::SOFTWARE),

4694

KeyParameter::new(KeyParameterValue::AllowWhileOnBody, SecurityLevel::SOFTWARE),

4695

KeyParameter::new(

4696

KeyParameterValue::TrustedUserPresenceRequired,

4697

SecurityLevel::TRUSTED_ENVIRONMENT,

4698

),

4699

KeyParameter::new(

4700

KeyParameterValue::TrustedConfirmationRequired,

4701

SecurityLevel::TRUSTED_ENVIRONMENT,

4702

),

4703

KeyParameter::new(

4704

KeyParameterValue::UnlockedDeviceRequired,

4705

SecurityLevel::TRUSTED_ENVIRONMENT,

4706

),

4707

KeyParameter::new(

4708

KeyParameterValue::ApplicationID(vec![1u8, 2u8, 3u8, 4u8]),

4709

SecurityLevel::SOFTWARE,

4710

),

4711

KeyParameter::new(

4712

KeyParameterValue::ApplicationData(vec![4u8, 3u8, 2u8, 1u8]),

4713

SecurityLevel::SOFTWARE,

4714

),

4715

KeyParameter::new(

4716

KeyParameterValue::CreationDateTime(12345677890),

4717

SecurityLevel::SOFTWARE,

4718

),

4719

KeyParameter::new(

4720

KeyParameterValue::KeyOrigin(KeyOrigin::GENERATED),

4721

SecurityLevel::TRUSTED_ENVIRONMENT,

4722

),

4723

KeyParameter::new(

4724

KeyParameterValue::RootOfTrust(vec![3u8, 2u8, 1u8, 4u8]),

4725

SecurityLevel::TRUSTED_ENVIRONMENT,

4726

),

4727

KeyParameter::new(KeyParameterValue::OSVersion(1), SecurityLevel::TRUSTED_ENVIRONMENT),

4728

KeyParameter::new(KeyParameterValue::OSPatchLevel(2), SecurityLevel::SOFTWARE),

4729

KeyParameter::new(

4730

KeyParameterValue::UniqueID(vec![4u8, 3u8, 1u8, 2u8]),

4731

SecurityLevel::SOFTWARE,

4732

),

4733

KeyParameter::new(

4734

KeyParameterValue::AttestationChallenge(vec![4u8, 3u8, 1u8, 2u8]),

4735

SecurityLevel::TRUSTED_ENVIRONMENT,

4736

),

4737

KeyParameter::new(

4738

KeyParameterValue::AttestationApplicationID(vec![4u8, 3u8, 1u8, 2u8]),

4739

SecurityLevel::TRUSTED_ENVIRONMENT,

4740

),

4741

KeyParameter::new(

4742

KeyParameterValue::AttestationIdBrand(vec![4u8, 3u8, 1u8, 2u8]),

4743

SecurityLevel::TRUSTED_ENVIRONMENT,

4744

),

4745

KeyParameter::new(

4746

KeyParameterValue::AttestationIdDevice(vec![4u8, 3u8, 1u8, 2u8]),

4747

SecurityLevel::TRUSTED_ENVIRONMENT,

4748

),

4749

KeyParameter::new(

4750

KeyParameterValue::AttestationIdProduct(vec![4u8, 3u8, 1u8, 2u8]),

4751

SecurityLevel::TRUSTED_ENVIRONMENT,

4752

),

4753

KeyParameter::new(

4754

KeyParameterValue::AttestationIdSerial(vec![4u8, 3u8, 1u8, 2u8]),

4755

SecurityLevel::TRUSTED_ENVIRONMENT,

4756

),

4757

KeyParameter::new(

4758

KeyParameterValue::AttestationIdIMEI(vec![4u8, 3u8, 1u8, 2u8]),

4759

SecurityLevel::TRUSTED_ENVIRONMENT,

4760

),

4761

KeyParameter::new(

Eran Messeri

637259c

2022-10-31 12:23:36 +0000

[diff] [blame]

4762

KeyParameterValue::AttestationIdSecondIMEI(vec![4u8, 3u8, 1u8, 2u8]),

4763

SecurityLevel::TRUSTED_ENVIRONMENT,

4764

),

4765

KeyParameter::new(

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

4766

KeyParameterValue::AttestationIdMEID(vec![4u8, 3u8, 1u8, 2u8]),

4767

SecurityLevel::TRUSTED_ENVIRONMENT,

4768

),

4769

KeyParameter::new(

4770

KeyParameterValue::AttestationIdManufacturer(vec![4u8, 3u8, 1u8, 2u8]),

4771

SecurityLevel::TRUSTED_ENVIRONMENT,

4772

),

4773

KeyParameter::new(

4774

KeyParameterValue::AttestationIdModel(vec![4u8, 3u8, 1u8, 2u8]),

4775

SecurityLevel::TRUSTED_ENVIRONMENT,

4776

),

4777

KeyParameter::new(

4778

KeyParameterValue::VendorPatchLevel(3),

4779

SecurityLevel::TRUSTED_ENVIRONMENT,

4780

),

4781

KeyParameter::new(

4782

KeyParameterValue::BootPatchLevel(4),

4783

SecurityLevel::TRUSTED_ENVIRONMENT,

4784

),

4785

KeyParameter::new(

4786

KeyParameterValue::AssociatedData(vec![4u8, 3u8, 1u8, 2u8]),

4787

SecurityLevel::TRUSTED_ENVIRONMENT,

4788

),

4789

KeyParameter::new(

4790

KeyParameterValue::Nonce(vec![4u8, 3u8, 1u8, 2u8]),

4791

SecurityLevel::TRUSTED_ENVIRONMENT,

4792

),

4793

KeyParameter::new(

4794

KeyParameterValue::MacLength(256),

4795

SecurityLevel::TRUSTED_ENVIRONMENT,

4796

),

4797

KeyParameter::new(

4798

KeyParameterValue::ResetSinceIdRotation,

4799

SecurityLevel::TRUSTED_ENVIRONMENT,

4800

),

4801

KeyParameter::new(

4802

KeyParameterValue::ConfirmationToken(vec![5u8, 5u8, 5u8, 5u8]),

4803

SecurityLevel::TRUSTED_ENVIRONMENT,

4804

),

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4805

];

4806

if let Some(value) = max_usage_count {

4807

params.push(KeyParameter::new(

4808

KeyParameterValue::UsageCountLimit(value),

4809

SecurityLevel::SOFTWARE,

4810

));

4811

}

Eran Messeri

2024-01-09 12:43:31 +0000

[diff] [blame]

4812

4813

for sid in user_secure_ids.iter() {

4814

params.push(KeyParameter::new(

4815

KeyParameterValue::UserSecureID(*sid),

4816

SecurityLevel::STRONGBOX,

4817

));

4818

}

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4819

params

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

4820

}

4821

Nathan Huckleberry

95dca01

2023-05-10 18:02:11 +0000

[diff] [blame]

4822

pub fn make_test_key_entry(

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

4823

db: &mut KeystoreDB,

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

4824

domain: Domain,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

4825

namespace: i64,

4826

alias: &str,

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4827

max_usage_count: Option<i32>,

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

4828

) -> Result<KeyIdGuard> {

Eran Messeri

2024-01-09 12:43:31 +0000

[diff] [blame]

4829

make_test_key_entry_with_sids(db, domain, namespace, alias, max_usage_count, &[42])

4830

}

4831

4832

pub fn make_test_key_entry_with_sids(

db: &mut KeystoreDB,

domain: Domain,

namespace: i64,

alias: &str,

max_usage_count: Option<i32>,

4838

sids: &[i64],

4839

) -> Result<KeyIdGuard> {

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

4840

let key_id = db.create_key_entry(&domain, &namespace, KeyType::Client, &KEYSTORE_UUID)?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4841

let mut blob_metadata = BlobMetaData::new();

4842

blob_metadata.add(BlobMetaEntry::EncryptedBy(EncryptedBy::Password));

4843

blob_metadata.add(BlobMetaEntry::Salt(vec![1, 2, 3]));

4844

blob_metadata.add(BlobMetaEntry::Iv(vec![2, 3, 1]));

4845

blob_metadata.add(BlobMetaEntry::AeadTag(vec![3, 1, 2]));

4846

blob_metadata.add(BlobMetaEntry::KmUuid(KEYSTORE_UUID));

db.set_blob(

&key_id,

SubComponentType::KEY_BLOB,

4851

Some(TEST_KEY_BLOB),

4852

Some(&blob_metadata),

4853

)?;

4854

db.set_blob(&key_id, SubComponentType::CERT, Some(TEST_CERT_BLOB), None)?;

4855

db.set_blob(&key_id, SubComponentType::CERT_CHAIN, Some(TEST_CERT_CHAIN_BLOB), None)?;

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4856

Eran Messeri

2024-01-09 12:43:31 +0000

[diff] [blame]

4857

let params = make_test_params_with_sids(max_usage_count, sids);

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4858

db.insert_keyparameter(&key_id, &params)?;

4859

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4860

let mut metadata = KeyMetaData::new();

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4861

metadata.add(KeyMetaEntry::CreationDate(DateTime::from_millis_epoch(123456789)));

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4862

db.insert_key_metadata(&key_id, &metadata)?;

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

4863

rebind_alias(db, &key_id, alias, domain, namespace)?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

Ok(key_id)

}

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4867

fn make_test_key_entry_test_vector(key_id: i64, max_usage_count: Option<i32>) -> KeyEntry {

4868

let params = make_test_params(max_usage_count);

4869

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4870

let mut blob_metadata = BlobMetaData::new();

4871

blob_metadata.add(BlobMetaEntry::EncryptedBy(EncryptedBy::Password));

4872

blob_metadata.add(BlobMetaEntry::Salt(vec![1, 2, 3]));

4873

blob_metadata.add(BlobMetaEntry::Iv(vec![2, 3, 1]));

4874

blob_metadata.add(BlobMetaEntry::AeadTag(vec![3, 1, 2]));

4875

blob_metadata.add(BlobMetaEntry::KmUuid(KEYSTORE_UUID));

4876

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4877

let mut metadata = KeyMetaData::new();

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4878

metadata.add(KeyMetaEntry::CreationDate(DateTime::from_millis_epoch(123456789)));

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4879

4880

KeyEntry {

4881

id: key_id,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4882

key_blob_info: Some((TEST_KEY_BLOB.to_vec(), blob_metadata)),

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4883

cert: Some(TEST_CERT_BLOB.to_vec()),

4884

cert_chain: Some(TEST_CERT_CHAIN_BLOB.to_vec()),

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

4885

km_uuid: KEYSTORE_UUID,

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4886

parameters: params,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4887

metadata,

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

4888

pure_cert: false,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

}

}

Nathan Huckleberry

2023-05-10 18:02:11 +0000

[diff] [blame]

4892

pub fn make_bootlevel_key_entry(

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

db: &mut KeystoreDB,

domain: Domain,

namespace: i64,

alias: &str,

logical_only: bool,

) -> Result<KeyIdGuard> {

4899

let key_id = db.create_key_entry(&domain, &namespace, KeyType::Client, &KEYSTORE_UUID)?;

4900

let mut blob_metadata = BlobMetaData::new();

4901

if !logical_only {

4902

blob_metadata.add(BlobMetaEntry::MaxBootLevel(3));

4903

}

4904

blob_metadata.add(BlobMetaEntry::KmUuid(KEYSTORE_UUID));

db.set_blob(

&key_id,

SubComponentType::KEY_BLOB,

4909

Some(TEST_KEY_BLOB),

4910

Some(&blob_metadata),

4911

)?;

4912

db.set_blob(&key_id, SubComponentType::CERT, Some(TEST_CERT_BLOB), None)?;

4913

db.set_blob(&key_id, SubComponentType::CERT_CHAIN, Some(TEST_CERT_CHAIN_BLOB), None)?;

4914

4915

let mut params = make_test_params(None);

4916

params.push(KeyParameter::new(KeyParameterValue::MaxBootLevel(3), SecurityLevel::KEYSTORE));

4917

4918

db.insert_keyparameter(&key_id, &params)?;

4919

4920

let mut metadata = KeyMetaData::new();

4921

metadata.add(KeyMetaEntry::CreationDate(DateTime::from_millis_epoch(123456789)));

4922

db.insert_key_metadata(&key_id, &metadata)?;

4923

rebind_alias(db, &key_id, alias, domain, namespace)?;

Ok(key_id)

}

Eric Biggers

2023-10-27 03:55:29 +0000

[diff] [blame]

4927

// Creates an app key that is marked as being superencrypted by the given

4928

// super key ID and that has the given authentication and unlocked device

4929

// parameters. This does not actually superencrypt the key blob.

4930

fn make_superencrypted_key_entry(

db: &mut KeystoreDB,

namespace: i64,

alias: &str,

requires_authentication: bool,

4935

requires_unlocked_device: bool,

4936

super_key_id: i64,

4937

) -> Result<KeyIdGuard> {

4938

let domain = Domain::APP;

4939

let key_id = db.create_key_entry(&domain, &namespace, KeyType::Client, &KEYSTORE_UUID)?;

4940

4941

let mut blob_metadata = BlobMetaData::new();

4942

blob_metadata.add(BlobMetaEntry::KmUuid(KEYSTORE_UUID));

4943

blob_metadata.add(BlobMetaEntry::EncryptedBy(EncryptedBy::KeyId(super_key_id)));

4944

db.set_blob(

4945

&key_id,

4946

SubComponentType::KEY_BLOB,

4947

Some(TEST_KEY_BLOB),

4948

Some(&blob_metadata),

4949

)?;

4950

4951

let mut params = vec![];

4952

if requires_unlocked_device {

4953

params.push(KeyParameter::new(

4954

KeyParameterValue::UnlockedDeviceRequired,

4955

SecurityLevel::TRUSTED_ENVIRONMENT,

4956

));

4957

}

4958

if requires_authentication {

4959

params.push(KeyParameter::new(

4960

KeyParameterValue::UserSecureID(42),

4961

SecurityLevel::TRUSTED_ENVIRONMENT,

4962

));

4963

}

4964

db.insert_keyparameter(&key_id, &params)?;

4965

4966

let mut metadata = KeyMetaData::new();

4967

metadata.add(KeyMetaEntry::CreationDate(DateTime::from_millis_epoch(123456789)));

4968

db.insert_key_metadata(&key_id, &metadata)?;

4969

4970

rebind_alias(db, &key_id, alias, domain, namespace)?;

Ok(key_id)

}

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

4974

fn make_bootlevel_test_key_entry_test_vector(key_id: i64, logical_only: bool) -> KeyEntry {

4975

let mut params = make_test_params(None);

4976

params.push(KeyParameter::new(KeyParameterValue::MaxBootLevel(3), SecurityLevel::KEYSTORE));

4977

4978

let mut blob_metadata = BlobMetaData::new();

4979

if !logical_only {

4980

blob_metadata.add(BlobMetaEntry::MaxBootLevel(3));

4981

}

4982

blob_metadata.add(BlobMetaEntry::KmUuid(KEYSTORE_UUID));

4983

4984

let mut metadata = KeyMetaData::new();

4985

metadata.add(KeyMetaEntry::CreationDate(DateTime::from_millis_epoch(123456789)));

KeyEntry {

id: key_id,

key_blob_info: Some((TEST_KEY_BLOB.to_vec(), blob_metadata)),

4990

cert: Some(TEST_CERT_BLOB.to_vec()),

4991

cert_chain: Some(TEST_CERT_CHAIN_BLOB.to_vec()),

4992

km_uuid: KEYSTORE_UUID,

parameters: params,

metadata,

pure_cert: false,

}

}

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

4999

fn debug_dump_keyentry_table(db: &mut KeystoreDB) -> Result<()> {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

5000

let mut stmt = db.conn.prepare(

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

5001

"SELECT id, key_type, domain, namespace, alias, state, km_uuid FROM persistent.keyentry;",

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

5002

)?;

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

5003

let rows = stmt.query_map::<(i64, KeyType, i32, i64, String, KeyLifeCycle, Uuid), _, _>(

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

5004

[],

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

5005

|row| {

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

Ok((

row.get(0)?,

row.get(1)?,

row.get(2)?,

row.get(3)?,

row.get(4)?,

row.get(5)?,

row.get(6)?,

))

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

5015

},

5016

)?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

5017

5018

println!("Key entry table rows:");

5019

for r in rows {

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

5020

let (id, key_type, domain, namespace, alias, state, km_uuid) = r.unwrap();

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

5021

println!(

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

5022

" id: {} KeyType: {:?} Domain: {} Namespace: {} Alias: {} State: {:?} KmUuid: {:?}",

5023

id, key_type, domain, namespace, alias, state, km_uuid

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

);

}

Ok(())

}

fn debug_dump_grant_table(db: &mut KeystoreDB) -> Result<()> {

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

5030

let mut stmt = db

5031

.conn

5032

.prepare("SELECT id, grantee, keyentryid, access_vector FROM persistent.grant;")?;

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

5033

let rows = stmt.query_map::<(i64, i64, i64, i64), _, _>([], |row| {

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

5034

Ok((row.get(0)?, row.get(1)?, row.get(2)?, row.get(3)?))

5035

})?;

5036

5037

println!("Grant table rows:");

5038

for r in rows {

5039

let (id, gt, ki, av) = r.unwrap();

5040

println!(" id: {} grantee: {} key_id: {} access_vector: {}", id, gt, ki, av);

}

Ok(())

}

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

5045

// Use a custom random number generator that repeats each number once.

5046

// This allows us to test repeated elements.

5047

5048

thread_local! {

Charisee

4339115

2024-04-02 16:16:30 +0000

[diff] [blame]

5049

static RANDOM_COUNTER: RefCell<i64> = const { RefCell::new(0) };

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

5050

}

5051

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

5052

fn reset_random() {

5053

RANDOM_COUNTER.with(|counter| {

5054

*counter.borrow_mut() = 0;

})

}

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

5058

pub fn random() -> i64 {

5059

RANDOM_COUNTER.with(|counter| {

5060

let result = *counter.borrow() / 2;

5061

*counter.borrow_mut() += 1;

5062

result

5063

})

5064

}

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

5065

5066

#[test]

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5067

fn test_unbind_keys_for_user() -> Result<()> {

5068

let mut db = new_test_db()?;

5069

db.unbind_keys_for_user(1, false)?;

5070

5071

make_test_key_entry(&mut db, Domain::APP, 210000, TEST_ALIAS, None)?;

5072

make_test_key_entry(&mut db, Domain::APP, 110000, TEST_ALIAS, None)?;

5073

db.unbind_keys_for_user(2, false)?;

5074

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

5075

assert_eq!(1, db.list_past_alias(Domain::APP, 110000, KeyType::Client, None)?.len());

5076

assert_eq!(0, db.list_past_alias(Domain::APP, 210000, KeyType::Client, None)?.len());

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5077

5078

db.unbind_keys_for_user(1, true)?;

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

5079

assert_eq!(0, db.list_past_alias(Domain::APP, 110000, KeyType::Client, None)?.len());

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

Ok(())

}

#[test]

Janis Danisevskis

2022-01-04 19:59:26 -0800

[diff] [blame]

5085

fn test_unbind_keys_for_user_removes_superkeys() -> Result<()> {

5086

let mut db = new_test_db()?;

5087

let super_key = keystore2_crypto::generate_aes256_key()?;

5088

let pw: keystore2_crypto::Password = (&b"xyzabc"[..]).into();

5089

let (encrypted_super_key, metadata) =

5090

SuperKeyManager::encrypt_with_password(&super_key, &pw)?;

5091

5092

let key_name_enc = SuperKeyType {

5093

alias: "test_super_key_1",

5094

algorithm: SuperEncryptionAlgorithm::Aes256Gcm,

Eric Biggers

6745f53

2023-10-27 03:55:28 +0000

[diff] [blame]

5095

name: "test_super_key_1",

Janis Danisevskis

2022-01-04 19:59:26 -0800

[diff] [blame]

5096

};

5097

5098

let key_name_nonenc = SuperKeyType {

5099

alias: "test_super_key_2",

5100

algorithm: SuperEncryptionAlgorithm::Aes256Gcm,

Eric Biggers

6745f53

2023-10-27 03:55:28 +0000

[diff] [blame]

5101

name: "test_super_key_2",

Janis Danisevskis

2022-01-04 19:59:26 -0800

[diff] [blame]

5102

};

5103

5104

// Install two super keys.

db.store_super_key(

1,

&key_name_nonenc,

&super_key,

&BlobMetaData::new(),

5110

&KeyMetaData::new(),

5111

)?;

5112

db.store_super_key(1, &key_name_enc, &encrypted_super_key, &metadata, &KeyMetaData::new())?;

5113

5114

// Check that both can be found in the database.

5115

assert!(db.load_super_key(&key_name_enc, 1)?.is_some());

5116

assert!(db.load_super_key(&key_name_nonenc, 1)?.is_some());

5117

5118

// Install the same keys for a different user.

db.store_super_key(

2,

&key_name_nonenc,

&super_key,

&BlobMetaData::new(),

5124

&KeyMetaData::new(),

5125

)?;

5126

db.store_super_key(2, &key_name_enc, &encrypted_super_key, &metadata, &KeyMetaData::new())?;

5127

5128

// Check that the second pair of keys can be found in the database.

5129

assert!(db.load_super_key(&key_name_enc, 2)?.is_some());

5130

assert!(db.load_super_key(&key_name_nonenc, 2)?.is_some());

5131

5132

// Delete only encrypted keys.

5133

db.unbind_keys_for_user(1, true)?;

5134

5135

// The encrypted superkey should be gone now.

5136

assert!(db.load_super_key(&key_name_enc, 1)?.is_none());

5137

assert!(db.load_super_key(&key_name_nonenc, 1)?.is_some());

5138

5139

// Reinsert the encrypted key.

5140

db.store_super_key(1, &key_name_enc, &encrypted_super_key, &metadata, &KeyMetaData::new())?;

5141

5142

// Check that both can be found in the database, again..

5143

assert!(db.load_super_key(&key_name_enc, 1)?.is_some());

5144

assert!(db.load_super_key(&key_name_nonenc, 1)?.is_some());

5145

5146

// Delete all even unencrypted keys.

5147

db.unbind_keys_for_user(1, false)?;

5148

5149

// Both should be gone now.

5150

assert!(db.load_super_key(&key_name_enc, 1)?.is_none());

5151

assert!(db.load_super_key(&key_name_nonenc, 1)?.is_none());

5152

5153

// Check that the second pair of keys was untouched.

5154

assert!(db.load_super_key(&key_name_enc, 2)?.is_some());

5155

assert!(db.load_super_key(&key_name_nonenc, 2)?.is_some());

Ok(())

}

Eric Biggers

2023-10-27 03:55:29 +0000

[diff] [blame]

5160

fn app_key_exists(db: &mut KeystoreDB, nspace: i64, alias: &str) -> Result<bool> {

5161

db.key_exists(Domain::APP, nspace, alias, KeyType::Client)

5162

}

5163

5164

// Tests the unbind_auth_bound_keys_for_user() function.

5165

#[test]

5166

fn test_unbind_auth_bound_keys_for_user() -> Result<()> {

5167

let mut db = new_test_db()?;

5168

let user_id = 1;

5169

let nspace: i64 = (user_id * AID_USER_OFFSET).into();

5170

let other_user_id = 2;

5171

let other_user_nspace: i64 = (other_user_id * AID_USER_OFFSET).into();

5172

let super_key_type = &USER_AFTER_FIRST_UNLOCK_SUPER_KEY;

5173

5174

// Create a superencryption key.

5175

let super_key = keystore2_crypto::generate_aes256_key()?;

5176

let pw: keystore2_crypto::Password = (&b"xyzabc"[..]).into();

5177

let (encrypted_super_key, blob_metadata) =

5178

SuperKeyManager::encrypt_with_password(&super_key, &pw)?;

db.store_super_key(

user_id,

super_key_type,

&encrypted_super_key,

&blob_metadata,

&KeyMetaData::new(),

)?;

let super_key_id = db.load_super_key(super_key_type, user_id)?.unwrap().0 .0;

5187

5188

// Store 4 superencrypted app keys, one for each possible combination of

5189

// (authentication required, unlocked device required).

5190

make_superencrypted_key_entry(&mut db, nspace, "noauth_noud", false, false, super_key_id)?;

5191

make_superencrypted_key_entry(&mut db, nspace, "noauth_ud", false, true, super_key_id)?;

5192

make_superencrypted_key_entry(&mut db, nspace, "auth_noud", true, false, super_key_id)?;

5193

make_superencrypted_key_entry(&mut db, nspace, "auth_ud", true, true, super_key_id)?;

5194

assert!(app_key_exists(&mut db, nspace, "noauth_noud")?);

5195

assert!(app_key_exists(&mut db, nspace, "noauth_ud")?);

5196

assert!(app_key_exists(&mut db, nspace, "auth_noud")?);

5197

assert!(app_key_exists(&mut db, nspace, "auth_ud")?);

5198

5199

// Also store a key for a different user that requires authentication.

5200

make_superencrypted_key_entry(

&mut db,

other_user_nspace,

"auth_ud",

true,

true,

super_key_id,

)?;

db.unbind_auth_bound_keys_for_user(user_id)?;

5210

5211

// Verify that only the user's app keys that require authentication were

5212

// deleted. Keys that require an unlocked device but not authentication

5213

// should *not* have been deleted, nor should the super key have been

5214

// deleted, nor should other users' keys have been deleted.

5215

assert!(db.load_super_key(super_key_type, user_id)?.is_some());

5216

assert!(app_key_exists(&mut db, nspace, "noauth_noud")?);

5217

assert!(app_key_exists(&mut db, nspace, "noauth_ud")?);

5218

assert!(!app_key_exists(&mut db, nspace, "auth_noud")?);

5219

assert!(!app_key_exists(&mut db, nspace, "auth_ud")?);

5220

assert!(app_key_exists(&mut db, other_user_nspace, "auth_ud")?);

Ok(())

}

Janis Danisevskis

2022-01-04 19:59:26 -0800

[diff] [blame]

5225

#[test]

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5226

fn test_store_super_key() -> Result<()> {

5227

let mut db = new_test_db()?;

Paul Crowley

f61fee7

2021-03-17 14:38:44 -0700

[diff] [blame]

5228

let pw: keystore2_crypto::Password = (&b"xyzabc"[..]).into();

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5229

let super_key = keystore2_crypto::generate_aes256_key()?;

Paul Crowley

2021-03-18 17:08:20 -0700

[diff] [blame]

5230

let secret_bytes = b"keystore2 is great.";

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5231

let (encrypted_secret, iv, tag) =

Paul Crowley

2021-03-18 17:08:20 -0700

[diff] [blame]

5232

keystore2_crypto::aes_gcm_encrypt(secret_bytes, &super_key)?;

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5233

5234

let (encrypted_super_key, metadata) =

5235

SuperKeyManager::encrypt_with_password(&super_key, &pw)?;

Paul Crowley

2021-03-19 10:53:07 -0700

[diff] [blame]

5236

db.store_super_key(

5237

1,

Eric Biggers

2023-10-18 01:54:18 +0000

[diff] [blame]

5238

&USER_AFTER_FIRST_UNLOCK_SUPER_KEY,

Paul Crowley

2021-03-19 10:53:07 -0700

[diff] [blame]

5239

&encrypted_super_key,

5240

&metadata,

5241

&KeyMetaData::new(),

5242

)?;

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5243

Janis Danisevskis

2022-01-04 19:59:26 -0800

[diff] [blame]

5244

// Check if super key exists.

Eric Biggers

2023-10-18 01:54:18 +0000

[diff] [blame]

5245

assert!(db.key_exists(

5246

Domain::APP,

5247

1,

5248

USER_AFTER_FIRST_UNLOCK_SUPER_KEY.alias,

5249

KeyType::Super

5250

)?);

Hasini Gunasinghe

2021-02-01 21:10:02 +0000

[diff] [blame]

5251

Eric Biggers

2023-10-18 01:54:18 +0000

[diff] [blame]

5252

let (_, key_entry) = db.load_super_key(&USER_AFTER_FIRST_UNLOCK_SUPER_KEY, 1)?.unwrap();

Paul Crowley

2021-03-19 10:53:07 -0700

[diff] [blame]

5253

let loaded_super_key = SuperKeyManager::extract_super_key_from_key_entry(

Eric Biggers

2023-10-18 01:54:18 +0000

[diff] [blame]

5254

USER_AFTER_FIRST_UNLOCK_SUPER_KEY.algorithm,

Paul Crowley

2021-03-19 10:53:07 -0700

[diff] [blame]

key_entry,

&pw,

None,

)?;

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5259

Janis Danisevskis

2022-01-26 14:11:14 -0800

[diff] [blame]

5260

let decrypted_secret_bytes = loaded_super_key.decrypt(&encrypted_secret, &iv, &tag)?;

Paul Crowley

2021-03-18 17:08:20 -0700

[diff] [blame]

5261

assert_eq!(secret_bytes, &*decrypted_secret_bytes);

Janis Danisevskis

2022-01-04 19:59:26 -0800

[diff] [blame]

5262

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5263

Ok(())

5264

}

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5265

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5266

fn get_valid_statsd_storage_types() -> Vec<MetricsStorage> {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5267

vec![

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5268

MetricsStorage::KEY_ENTRY,

5269

MetricsStorage::KEY_ENTRY_ID_INDEX,

5270

MetricsStorage::KEY_ENTRY_DOMAIN_NAMESPACE_INDEX,

5271

MetricsStorage::BLOB_ENTRY,

5272

MetricsStorage::BLOB_ENTRY_KEY_ENTRY_ID_INDEX,

5273

MetricsStorage::KEY_PARAMETER,

5274

MetricsStorage::KEY_PARAMETER_KEY_ENTRY_ID_INDEX,

5275

MetricsStorage::KEY_METADATA,

5276

MetricsStorage::KEY_METADATA_KEY_ENTRY_ID_INDEX,

5277

MetricsStorage::GRANT,

5278

MetricsStorage::AUTH_TOKEN,

5279

MetricsStorage::BLOB_METADATA,

5280

MetricsStorage::BLOB_METADATA_BLOB_ENTRY_ID_INDEX,

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

]

}

/// Perform a simple check to ensure that we can query all the storage types

5285

/// that are supported by the DB. Check for reasonable values.

5286

#[test]

5287

fn test_query_all_valid_table_sizes() -> Result<()> {

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5288

const PAGE_SIZE: i32 = 4096;

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5289

5290

let mut db = new_test_db()?;

5291

5292

for t in get_valid_statsd_storage_types() {

5293

let stat = db.get_storage_stat(t)?;

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

5294

// AuthToken can be less than a page since it's in a btree, not sqlite

5295

// TODO(b/187474736) stop using if-let here

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5296

if let MetricsStorage::AUTH_TOKEN = t {

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

5297

} else {

5298

assert!(stat.size >= PAGE_SIZE);

5299

}

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5300

assert!(stat.size >= stat.unused_size);

}

Ok(())

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5306

fn get_storage_stats_map(db: &mut KeystoreDB) -> BTreeMap<i32, StorageStats> {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5307

get_valid_statsd_storage_types()

5308

.into_iter()

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5309

.map(|t| (t.0, db.get_storage_stat(t).unwrap()))

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

.collect()

}

fn assert_storage_increased(

5314

db: &mut KeystoreDB,

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5315

increased_storage_types: Vec<MetricsStorage>,

5316

baseline: &mut BTreeMap<i32, StorageStats>,

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5317

) {

5318

for storage in increased_storage_types {

5319

// Verify the expected storage increased.

5320

let new = db.get_storage_stat(storage).unwrap();

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5321

let old = &baseline[&storage.0];

5322

assert!(new.size >= old.size, "{}: {} >= {}", storage.0, new.size, old.size);

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5323

assert!(

5324

new.unused_size <= old.unused_size,

5325

"{}: {} <= {}",

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5326

storage.0,

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

new.unused_size,

old.unused_size

);

// Update the baseline with the new value so that it succeeds in the

5332

// later comparison.

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5333

baseline.insert(storage.0, new);

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5334

}

5335

5336

// Get an updated map of the storage and verify there were no unexpected changes.

5337

let updated_stats = get_storage_stats_map(db);

5338

assert_eq!(updated_stats.len(), baseline.len());

5339

5340

for &k in baseline.keys() {

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5341

let stringify = |map: &BTreeMap<i32, StorageStats>| -> String {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5342

let mut s = String::new();

5343

for &k in map.keys() {

5344

writeln!(&mut s, " {}: {}, {}", &k, map[&k].size, map[&k].unused_size)

5345

.expect("string concat failed");

}

s

};

assert!(

updated_stats[&k].size == baseline[&k].size

5352

&& updated_stats[&k].unused_size == baseline[&k].unused_size,

5353

"updated_stats:\n{}\nbaseline:\n{}",

5354

stringify(&updated_stats),

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

5355

stringify(baseline)

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

);

}

}

#[test]

fn test_verify_key_table_size_reporting() -> Result<()> {

5362

let mut db = new_test_db()?;

5363

let mut working_stats = get_storage_stats_map(&mut db);

5364

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

5365

let key_id = db.create_key_entry(&Domain::APP, &42, KeyType::Client, &KEYSTORE_UUID)?;

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5366

assert_storage_increased(

5367

&mut db,

5368

vec![

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5369

MetricsStorage::KEY_ENTRY,

5370

MetricsStorage::KEY_ENTRY_ID_INDEX,

5371

MetricsStorage::KEY_ENTRY_DOMAIN_NAMESPACE_INDEX,

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

],

&mut working_stats,

);

let mut blob_metadata = BlobMetaData::new();

5377

blob_metadata.add(BlobMetaEntry::EncryptedBy(EncryptedBy::Password));

5378

db.set_blob(&key_id, SubComponentType::KEY_BLOB, Some(TEST_KEY_BLOB), None)?;

5379

assert_storage_increased(

5380

&mut db,

5381

vec![

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5382

MetricsStorage::BLOB_ENTRY,

5383

MetricsStorage::BLOB_ENTRY_KEY_ENTRY_ID_INDEX,

5384

MetricsStorage::BLOB_METADATA,

5385

MetricsStorage::BLOB_METADATA_BLOB_ENTRY_ID_INDEX,

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

],

&mut working_stats,

);

let params = make_test_params(None);

5391

db.insert_keyparameter(&key_id, &params)?;

5392

assert_storage_increased(

5393

&mut db,

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5394

vec![MetricsStorage::KEY_PARAMETER, MetricsStorage::KEY_PARAMETER_KEY_ENTRY_ID_INDEX],

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

&mut working_stats,

);

let mut metadata = KeyMetaData::new();

5399

metadata.add(KeyMetaEntry::CreationDate(DateTime::from_millis_epoch(123456789)));

5400

db.insert_key_metadata(&key_id, &metadata)?;

5401

assert_storage_increased(

5402

&mut db,

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5403

vec![MetricsStorage::KEY_METADATA, MetricsStorage::KEY_METADATA_KEY_ENTRY_ID_INDEX],

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

&mut working_stats,

);

let mut sum = 0;

for stat in working_stats.values() {

5409

sum += stat.size;

5410

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5411

let total = db.get_storage_stat(MetricsStorage::DATABASE)?.size;

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5412

assert!(sum <= total, "Expected sum <= total. sum: {}, total: {}", sum, total);

Ok(())

}

#[test]

fn test_verify_auth_table_size_reporting() -> Result<()> {

5419

let mut db = new_test_db()?;

5420

let mut working_stats = get_storage_stats_map(&mut db);

5421

db.insert_auth_token(&HardwareAuthToken {

5422

challenge: 123,

5423

userId: 456,

5424

authenticatorId: 789,

5425

authenticatorType: kmhw_authenticator_type::ANY,

5426

timestamp: Timestamp { milliSeconds: 10 },

5427

mac: b"mac".to_vec(),

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

5428

});

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5429

assert_storage_increased(&mut db, vec![MetricsStorage::AUTH_TOKEN], &mut working_stats);

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

Ok(())

}

#[test]

fn test_verify_grant_table_size_reporting() -> Result<()> {

5435

const OWNER: i64 = 1;

5436

let mut db = new_test_db()?;

5437

make_test_key_entry(&mut db, Domain::APP, OWNER, TEST_ALIAS, None)?;

5438

5439

let mut working_stats = get_storage_stats_map(&mut db);

db.grant(

&KeyDescriptor {

domain: Domain::APP,

nspace: 0,

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

OWNER as u32,

123,

Janis Danisevskis

2021-10-19 16:56:20 -0700

[diff] [blame]

5449

key_perm_set![KeyPerm::Use],

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

|_, _| Ok(()),

)?;

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5453

assert_storage_increased(&mut db, vec![MetricsStorage::GRANT], &mut working_stats);

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5454

5455

Ok(())

5456

}

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

5457

5458

#[test]

5459

fn find_auth_token_entry_returns_latest() -> Result<()> {

5460

let mut db = new_test_db()?;

5461

db.insert_auth_token(&HardwareAuthToken {

5462

challenge: 123,

5463

userId: 456,

5464

authenticatorId: 789,

5465

authenticatorType: kmhw_authenticator_type::ANY,

5466

timestamp: Timestamp { milliSeconds: 10 },

5467

mac: b"mac0".to_vec(),

5468

});

5469

std::thread::sleep(std::time::Duration::from_millis(1));

5470

db.insert_auth_token(&HardwareAuthToken {

5471

challenge: 123,

5472

userId: 457,

5473

authenticatorId: 789,

5474

authenticatorType: kmhw_authenticator_type::ANY,

5475

timestamp: Timestamp { milliSeconds: 12 },

5476

mac: b"mac1".to_vec(),

5477

});

5478

std::thread::sleep(std::time::Duration::from_millis(1));

5479

db.insert_auth_token(&HardwareAuthToken {

5480

challenge: 123,

5481

userId: 458,

5482

authenticatorId: 789,

5483

authenticatorType: kmhw_authenticator_type::ANY,

5484

timestamp: Timestamp { milliSeconds: 3 },

5485

mac: b"mac2".to_vec(),

5486

});

5487

// All three entries are in the database

5488

assert_eq!(db.perboot.auth_tokens_len(), 3);

5489

// It selected the most recent timestamp

Eric Biggers

b5613da

2024-03-13 19:31:42 +0000

[diff] [blame]

5490

assert_eq!(db.find_auth_token_entry(|_| true).unwrap().auth_token.mac, b"mac2".to_vec());

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

5491

Ok(())

5492

}

Seth Moore

472fcbb

2021-05-12 10:07:51 -0700

[diff] [blame]

5493

5494

#[test]

Pavel Grafov

f45034a

2021-05-12 22:35:45 +0100

[diff] [blame]

5495

fn test_load_key_descriptor() -> Result<()> {

5496

let mut db = new_test_db()?;

5497

let key_id = make_test_key_entry(&mut db, Domain::APP, 1, TEST_ALIAS, None)?.0;

5498

5499

let key = db.load_key_descriptor(key_id)?.unwrap();

5500

5501

assert_eq!(key.domain, Domain::APP);

5502

assert_eq!(key.nspace, 1);

5503

assert_eq!(key.alias, Some(TEST_ALIAS.to_string()));

5504

5505

// No such id

5506

assert_eq!(db.load_key_descriptor(key_id + 1)?, None);

5507

Ok(())

5508

}

Eran Messeri

2024-01-09 12:43:31 +0000

[diff] [blame]

5509

5510

#[test]

5511

fn test_get_list_app_uids_for_sid() -> Result<()> {

5512

let uid: i32 = 1;

5513

let uid_offset: i64 = (uid as i64) * (AID_USER_OFFSET as i64);

5514

let first_sid = 667;

5515

let second_sid = 669;

5516

let first_app_id: i64 = 123 + uid_offset;

5517

let second_app_id: i64 = 456 + uid_offset;

5518

let third_app_id: i64 = 789 + uid_offset;

5519

let unrelated_app_id: i64 = 1011 + uid_offset;

5520

let mut db = new_test_db()?;

5521

make_test_key_entry_with_sids(

&mut db,

Domain::APP,

first_app_id,

TEST_ALIAS,

None,

&[first_sid],

)

.context("test_get_list_app_uids_for_sid")?;

5530

make_test_key_entry_with_sids(

&mut db,

Domain::APP,

second_app_id,

"alias2",

None,

&[first_sid],

)

.context("test_get_list_app_uids_for_sid")?;

5539

make_test_key_entry_with_sids(

&mut db,

Domain::APP,

second_app_id,

TEST_ALIAS,

None,

&[second_sid],

)

.context("test_get_list_app_uids_for_sid")?;

5548

make_test_key_entry_with_sids(

&mut db,

Domain::APP,

third_app_id,

"alias3",

None,

&[second_sid],

)

.context("test_get_list_app_uids_for_sid")?;

5557

make_test_key_entry_with_sids(

&mut db,

Domain::APP,

unrelated_app_id,

TEST_ALIAS,

None,

&[],

)

.context("test_get_list_app_uids_for_sid")?;

5566

5567

let mut first_sid_apps = db.get_app_uids_affected_by_sid(uid, first_sid)?;

5568

first_sid_apps.sort();

5569

assert_eq!(first_sid_apps, vec![first_app_id, second_app_id]);

5570

let mut second_sid_apps = db.get_app_uids_affected_by_sid(uid, second_sid)?;

5571

second_sid_apps.sort();

5572

assert_eq!(second_sid_apps, vec![second_app_id, third_app_id]);

Ok(())

}

#[test]

fn test_get_list_app_uids_with_multiple_sids() -> Result<()> {

5578

let uid: i32 = 1;

5579

let uid_offset: i64 = (uid as i64) * (AID_USER_OFFSET as i64);

5580

let first_sid = 667;

5581

let second_sid = 669;

5582

let third_sid = 772;

5583

let first_app_id: i64 = 123 + uid_offset;

5584

let second_app_id: i64 = 456 + uid_offset;

5585

let mut db = new_test_db()?;

5586

make_test_key_entry_with_sids(

&mut db,

Domain::APP,

first_app_id,

TEST_ALIAS,

None,

&[first_sid, second_sid],

5593

)

5594

.context("test_get_list_app_uids_for_sid")?;

5595

make_test_key_entry_with_sids(

&mut db,

Domain::APP,

second_app_id,

"alias2",

None,

&[second_sid, third_sid],

5602

)

5603

.context("test_get_list_app_uids_for_sid")?;

5604

5605

let first_sid_apps = db.get_app_uids_affected_by_sid(uid, first_sid)?;

5606

assert_eq!(first_sid_apps, vec![first_app_id]);

5607

5608

let mut second_sid_apps = db.get_app_uids_affected_by_sid(uid, second_sid)?;

5609

second_sid_apps.sort();

5610

assert_eq!(second_sid_apps, vec![first_app_id, second_app_id]);

5611

5612

let third_sid_apps = db.get_app_uids_affected_by_sid(uid, third_sid)?;

5613

assert_eq!(third_sid_apps, vec![second_app_id]);

5614

Ok(())

5615

}

David Drysdale

2024-04-15 14:11:52 +0100

[diff] [blame^]

5616

5617

#[test]

5618

fn test_key_id_guard_immediate() -> Result<()> {

5619

if !keystore2_flags::database_loop_timeout() {

5620

eprintln!("Skipping test as loop timeout flag disabled");

5621

return Ok(());

5622

}

5623

// Emit logging from test.

5624

android_logger::init_once(

5625

android_logger::Config::default()

5626

.with_tag("keystore_database_tests")

5627

.with_max_level(log::LevelFilter::Debug),

5628

);

5629

5630

// Preparation: put a single entry into a test DB.

5631

let temp_dir = Arc::new(TempDir::new("key_id_guard_immediate")?);

5632

let temp_dir_clone_a = temp_dir.clone();

5633

let temp_dir_clone_b = temp_dir.clone();

5634

let mut db = KeystoreDB::new(temp_dir.path(), None)?;

5635

let key_id = make_test_key_entry(&mut db, Domain::APP, 1, TEST_ALIAS, None)?.0;

5636

5637

let (a_sender, b_receiver) = std::sync::mpsc::channel();

5638

let (b_sender, a_receiver) = std::sync::mpsc::channel();

5639

5640

// First thread starts an immediate transaction, then waits on a synchronization channel

5641

// before trying to get the `KeyIdGuard`.

5642

let handle_a = thread::spawn(move || {

5643

let temp_dir = temp_dir_clone_a;

5644

let mut db = KeystoreDB::new(temp_dir.path(), None).unwrap();

5645

5646

// Make sure the other thread has initialized its database access before we lock it out.

5647

a_receiver.recv().unwrap();

5648

5649

let _result = db.with_transaction_timeout(

5650

TransactionBehavior::Immediate,

5651

Duration::from_secs(3),

5652

|_tx| {

5653

// Notify the other thread that we're inside the immediate transaction...

5654

a_sender.send(()).unwrap();

5655

// ...then wait to be sure that the other thread has the `KeyIdGuard` before

5656

// this thread also tries to get it.

5657

a_receiver.recv().unwrap();

5658

5659

let _guard = KEY_ID_LOCK.get(key_id);

Ok(()).no_gc()

},

);

});

// Second thread gets the `KeyIdGuard`, then waits before trying to perform an immediate

5666

// transaction.

5667

let handle_b = thread::spawn(move || {

5668

let temp_dir = temp_dir_clone_b;

5669

let mut db = KeystoreDB::new(temp_dir.path(), None).unwrap();

5670

// Notify the other thread that we are initialized (so it can lock the immediate

5671

// transaction).

5672

b_sender.send(()).unwrap();

5673

5674

let _guard = KEY_ID_LOCK.get(key_id);

5675

// Notify the other thread that we have the `KeyIdGuard`...

5676

b_sender.send(()).unwrap();

5677

// ...then wait to be sure that the other thread is in the immediate transaction before

5678

// this thread also tries to do one.

5679

b_receiver.recv().unwrap();

5680

5681

let result = db.with_transaction_timeout(

5682

TransactionBehavior::Immediate,

5683

Duration::from_secs(3),

5684

|_tx| Ok(()).no_gc(),

5685

);

5686

// Expect the attempt to get an immediate transaction to fail, and then this thread will

5687

// exit and release the `KeyIdGuard`, allowing the other thread to complete.

5688

assert!(result.is_err());

5689

check_result_is_error_containing_string(result, "BACKEND_BUSY");

5690

});

5691

5692

let _ = handle_a.join();

5693

let _ = handle_b.join();

5694

5695

Ok(())

5696

}

Joel Galenson