Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 31e27468b6d822adbd2aec9219a68c206aa6957c / . / keystore / keystore.cpp
blob: 50e2ed4005690a6e2f9da8a952ab99f206b5a2b4 [file] [log] [blame]
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1/*
2 * Copyright (C) 2009 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]17//#define LOG_NDEBUG 0
18#define LOG_TAG "keystore"
19
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]20#include <stdio.h>
21#include <stdint.h>
22#include <string.h>
23#include <unistd.h>
24#include <signal.h>
25#include <errno.h>
26#include <dirent.h>
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]27#include <errno.h>
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]28#include <fcntl.h>
29#include <limits.h>
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]30#include <assert.h>
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]31#include <sys/types.h>
32#include <sys/socket.h>
33#include <sys/stat.h>
34#include <sys/time.h>
35#include <arpa/inet.h>
36
37#include <openssl/aes.h>
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]38#include <openssl/bio.h>
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]39#include <openssl/evp.h>
40#include <openssl/md5.h>
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]41#include <openssl/pem.h>
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]42
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]43#include <hardware/keymaster.h>
44
Kenny Root17208e02013-09-04 13:56:03 -0700[diff] [blame]45#include <keymaster/softkeymaster.h>
46
Kenny Root26cfc082013-09-11 14:38:56 -0700[diff] [blame]47#include <UniquePtr.h>
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]48#include <utils/String8.h>
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]49#include <utils/Vector.h>
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]50
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]51#include <keystore/IKeystoreService.h>
52#include <binder/IPCThreadState.h>
53#include <binder/IServiceManager.h>
54
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]55#include <cutils/log.h>
56#include <cutils/sockets.h>
57#include <private/android_filesystem_config.h>
58
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]59#include <keystore/keystore.h>
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]60
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]61#include <selinux/android.h>
62
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]63#include "defaults.h"
64
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]65/* KeyStore is a secured storage for key-value pairs. In this implementation,
66 * each file stores one key-value pair. Keys are encoded in file names, and
67 * values are encrypted with checksums. The encryption key is protected by a
68 * user-defined password. To keep things simple, buffers are always larger than
69 * the maximum space we needed, so boundary checks on buffers are omitted. */
70
71#define KEY_SIZE ((NAME_MAX - 15) / 2)
72#define VALUE_SIZE 32768
73#define PASSWORD_SIZE VALUE_SIZE
74
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]75
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]76struct BIGNUM_Delete {
77 void operator()(BIGNUM* p) const {
78 BN_free(p);
79 }
80};
81typedef UniquePtr<BIGNUM, BIGNUM_Delete> Unique_BIGNUM;
82
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]83struct BIO_Delete {
84 void operator()(BIO* p) const {
85 BIO_free(p);
86 }
87};
88typedef UniquePtr<BIO, BIO_Delete> Unique_BIO;
89
90struct EVP_PKEY_Delete {
91 void operator()(EVP_PKEY* p) const {
92 EVP_PKEY_free(p);
93 }
94};
95typedef UniquePtr<EVP_PKEY, EVP_PKEY_Delete> Unique_EVP_PKEY;
96
97struct PKCS8_PRIV_KEY_INFO_Delete {
98 void operator()(PKCS8_PRIV_KEY_INFO* p) const {
99 PKCS8_PRIV_KEY_INFO_free(p);
100 }
101};
102typedef UniquePtr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_Delete> Unique_PKCS8_PRIV_KEY_INFO;
103
104
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]105static int keymaster_device_initialize(keymaster_device_t** dev) {
106 int rc;
107
108 const hw_module_t* mod;
109 rc = hw_get_module_by_class(KEYSTORE_HARDWARE_MODULE_ID, NULL, &mod);
110 if (rc) {
111 ALOGE("could not find any keystore module");
112 goto out;
113 }
114
115 rc = keymaster_open(mod, dev);
116 if (rc) {
117 ALOGE("could not open keymaster device in %s (%s)",
118 KEYSTORE_HARDWARE_MODULE_ID, strerror(-rc));
119 goto out;
120 }
121
122 return 0;
123
124out:
125 *dev = NULL;
126 return rc;
127}
128
129static void keymaster_device_release(keymaster_device_t* dev) {
130 keymaster_close(dev);
131}
132
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]133/***************
134 * PERMISSIONS *
135 ***************/
136
137/* Here are the permissions, actions, users, and the main function. */
138typedef enum {
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]139 P_TEST = 1 << 0,
140 P_GET = 1 << 1,
141 P_INSERT = 1 << 2,
142 P_DELETE = 1 << 3,
143 P_EXIST = 1 << 4,
144 P_SAW = 1 << 5,
145 P_RESET = 1 << 6,
146 P_PASSWORD = 1 << 7,
147 P_LOCK = 1 << 8,
148 P_UNLOCK = 1 << 9,
149 P_ZERO = 1 << 10,
150 P_SIGN = 1 << 11,
151 P_VERIFY = 1 << 12,
152 P_GRANT = 1 << 13,
153 P_DUPLICATE = 1 << 14,
154 P_CLEAR_UID = 1 << 15,
155 P_RESET_UID = 1 << 16,
156 P_SYNC_UID = 1 << 17,
157 P_PASSWORD_UID = 1 << 18,
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]158} perm_t;
159
160static struct user_euid {
161 uid_t uid;
162 uid_t euid;
163} user_euids[] = {
164 {AID_VPN, AID_SYSTEM},
165 {AID_WIFI, AID_SYSTEM},
166 {AID_ROOT, AID_SYSTEM},
167};
168
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]169/* perm_labels associcated with keystore_key SELinux class verbs. */
170const char *perm_labels[] = {
171 "test",
172 "get",
173 "insert",
174 "delete",
175 "exist",
176 "saw",
177 "reset",
178 "password",
179 "lock",
180 "unlock",
181 "zero",
182 "sign",
183 "verify",
184 "grant",
185 "duplicate",
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]186 "clear_uid",
187 "reset_uid",
188 "sync_uid",
189 "password_uid",
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]190};
191
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]192static struct user_perm {
193 uid_t uid;
194 perm_t perms;
195} user_perms[] = {
196 {AID_SYSTEM, static_cast<perm_t>((uint32_t)(~0)) },
197 {AID_VPN, static_cast<perm_t>(P_GET | P_SIGN | P_VERIFY) },
198 {AID_WIFI, static_cast<perm_t>(P_GET | P_SIGN | P_VERIFY) },
199 {AID_ROOT, static_cast<perm_t>(P_GET) },
200};
201
202static const perm_t DEFAULT_PERMS = static_cast<perm_t>(P_TEST | P_GET | P_INSERT | P_DELETE | P_EXIST | P_SAW | P_SIGN
203 | P_VERIFY);
204
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]205static char *tctx;
206static int ks_is_selinux_enabled;
207
208static const char *get_perm_label(perm_t perm) {
209 unsigned int index = ffs(perm);
210 if (index > 0 && index <= (sizeof(perm_labels) / sizeof(perm_labels[0]))) {
211 return perm_labels[index - 1];
212 } else {
213 ALOGE("Keystore: Failed to retrieve permission label.\n");
214 abort();
215 }
216}
217
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]218/**
219 * Returns the app ID (in the Android multi-user sense) for the current
220 * UNIX UID.
221 */
222static uid_t get_app_id(uid_t uid) {
223 return uid % AID_USER;
224}
225
226/**
227 * Returns the user ID (in the Android multi-user sense) for the current
228 * UNIX UID.
229 */
230static uid_t get_user_id(uid_t uid) {
231 return uid / AID_USER;
232}
233
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]234static bool keystore_selinux_check_access(uid_t uid, perm_t perm, pid_t spid) {
235 if (!ks_is_selinux_enabled) {
236 return true;
237 }
Nick Kralevich66dbf672014-06-30 17:09:14 +0000[diff] [blame]238
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]239 char *sctx = NULL;
240 const char *selinux_class = "keystore_key";
241 const char *str_perm = get_perm_label(perm);
242
243 if (!str_perm) {
244 return false;
245 }
246
247 if (getpidcon(spid, &sctx) != 0) {
248 ALOGE("SELinux: Failed to get source pid context.\n");
249 return false;
250 }
251
252 bool allowed = selinux_check_access(sctx, tctx, selinux_class, str_perm,
253 NULL) == 0;
254 freecon(sctx);
255 return allowed;
256}
257
258static bool has_permission(uid_t uid, perm_t perm, pid_t spid) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]259 // All system users are equivalent for multi-user support.
260 if (get_app_id(uid) == AID_SYSTEM) {
261 uid = AID_SYSTEM;
262 }
263
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]264 for (size_t i = 0; i < sizeof(user_perms)/sizeof(user_perms[0]); i++) {
265 struct user_perm user = user_perms[i];
266 if (user.uid == uid) {
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]267 return (user.perms & perm) &&
268 keystore_selinux_check_access(uid, perm, spid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]269 }
270 }
271
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]272 return (DEFAULT_PERMS & perm) &&
273 keystore_selinux_check_access(uid, perm, spid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]274}
275
Kenny Root49468902013-03-19 13:41:33 -0700[diff] [blame]276/**
277 * Returns the UID that the callingUid should act as. This is here for
278 * legacy support of the WiFi and VPN systems and should be removed
279 * when WiFi can operate in its own namespace.
280 */
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]281static uid_t get_keystore_euid(uid_t uid) {
282 for (size_t i = 0; i < sizeof(user_euids)/sizeof(user_euids[0]); i++) {
283 struct user_euid user = user_euids[i];
284 if (user.uid == uid) {
285 return user.euid;
286 }
287 }
288
289 return uid;
290}
291
Kenny Root49468902013-03-19 13:41:33 -0700[diff] [blame]292/**
293 * Returns true if the callingUid is allowed to interact in the targetUid's
294 * namespace.
295 */
296static bool is_granted_to(uid_t callingUid, uid_t targetUid) {
297 for (size_t i = 0; i < sizeof(user_euids)/sizeof(user_euids[0]); i++) {
298 struct user_euid user = user_euids[i];
299 if (user.euid == callingUid && user.uid == targetUid) {
300 return true;
301 }
302 }
303
304 return false;
305}
306
Kenny Root007cb232014-07-30 16:59:42 -0700[diff] [blame]307/**
308 * Allow the system to perform some privileged tasks that have to do with
309 * system maintenance. This should not be used for any function that uses
310 * the keys in any way (e.g., signing).
311 */
312static bool is_self_or_system(uid_t callingUid, uid_t targetUid) {
313 return callingUid == targetUid || callingUid == AID_SYSTEM;
314}
315
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]316/* Here is the encoding of keys. This is necessary in order to allow arbitrary
317 * characters in keys. Characters in [0-~] are not encoded. Others are encoded
318 * into two bytes. The first byte is one of [+-.] which represents the first
319 * two bits of the character. The second byte encodes the rest of the bits into
320 * [0-o]. Therefore in the worst case the length of a key gets doubled. Note
321 * that Base64 cannot be used here due to the need of prefix match on keys. */
322
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]323static size_t encode_key_length(const android::String8& keyName) {
324 const uint8_t* in = reinterpret_cast<const uint8_t*>(keyName.string());
325 size_t length = keyName.length();
326 for (int i = length; i > 0; --i, ++in) {
327 if (*in < '0' || *in > '~') {
328 ++length;
329 }
330 }
331 return length;
332}
333
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]334static int encode_key(char* out, const android::String8& keyName) {
335 const uint8_t* in = reinterpret_cast<const uint8_t*>(keyName.string());
336 size_t length = keyName.length();
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]337 for (int i = length; i > 0; --i, ++in, ++out) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]338 if (*in < '0' || *in > '~') {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]339 *out = '+' + (*in >> 6);
340 *++out = '0' + (*in & 0x3F);
341 ++length;
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]342 } else {
343 *out = *in;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]344 }
345 }
346 *out = '\0';
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]347 return length;
348}
349
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]350/*
351 * Converts from the "escaped" format on disk to actual name.
352 * This will be smaller than the input string.
353 *
354 * Characters that should combine with the next at the end will be truncated.
355 */
356static size_t decode_key_length(const char* in, size_t length) {
357 size_t outLength = 0;
358
359 for (const char* end = in + length; in < end; in++) {
360 /* This combines with the next character. */
361 if (*in < '0' || *in > '~') {
362 continue;
363 }
364
365 outLength++;
366 }
367 return outLength;
368}
369
370static void decode_key(char* out, const char* in, size_t length) {
371 for (const char* end = in + length; in < end; in++) {
372 if (*in < '0' || *in > '~') {
373 /* Truncate combining characters at the end. */
374 if (in + 1 >= end) {
375 break;
376 }
377
378 *out = (*in++ - '+') << 6;
379 *out++ |= (*in - '0') & 0x3F;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]380 } else {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]381 *out++ = *in;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]382 }
383 }
384 *out = '\0';
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]385}
386
387static size_t readFully(int fd, uint8_t* data, size_t size) {
388 size_t remaining = size;
389 while (remaining > 0) {
Kenny Root150ca932012-11-14 14:29:02 -0800[diff] [blame]390 ssize_t n = TEMP_FAILURE_RETRY(read(fd, data, remaining));
Kenny Root5281edb2012-11-21 15:14:04 -0800[diff] [blame]391 if (n <= 0) {
Kenny Root150ca932012-11-14 14:29:02 -0800[diff] [blame]392 return size - remaining;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]393 }
394 data += n;
395 remaining -= n;
396 }
397 return size;
398}
399
400static size_t writeFully(int fd, uint8_t* data, size_t size) {
401 size_t remaining = size;
402 while (remaining > 0) {
Kenny Root150ca932012-11-14 14:29:02 -0800[diff] [blame]403 ssize_t n = TEMP_FAILURE_RETRY(write(fd, data, remaining));
404 if (n < 0) {
405 ALOGW("write failed: %s", strerror(errno));
406 return size - remaining;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]407 }
408 data += n;
409 remaining -= n;
410 }
411 return size;
412}
413
414class Entropy {
415public:
416 Entropy() : mRandom(-1) {}
417 ~Entropy() {
Kenny Root150ca932012-11-14 14:29:02 -0800[diff] [blame]418 if (mRandom >= 0) {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]419 close(mRandom);
420 }
421 }
422
423 bool open() {
424 const char* randomDevice = "/dev/urandom";
Kenny Root150ca932012-11-14 14:29:02 -0800[diff] [blame]425 mRandom = TEMP_FAILURE_RETRY(::open(randomDevice, O_RDONLY));
426 if (mRandom < 0) {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]427 ALOGE("open: %s: %s", randomDevice, strerror(errno));
428 return false;
429 }
430 return true;
431 }
432
Kenny Root51878182012-03-13 12:53:19 -0700[diff] [blame]433 bool generate_random_data(uint8_t* data, size_t size) const {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]434 return (readFully(mRandom, data, size) == size);
435 }
436
437private:
438 int mRandom;
439};
440
441/* Here is the file format. There are two parts in blob.value, the secret and
442 * the description. The secret is stored in ciphertext, and its original size
443 * can be found in blob.length. The description is stored after the secret in
444 * plaintext, and its size is specified in blob.info. The total size of the two
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]445 * parts must be no more than VALUE_SIZE bytes. The first field is the version,
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]446 * the second is the blob's type, and the third byte is flags. Fields other
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]447 * than blob.info, blob.length, and blob.value are modified by encryptBlob()
448 * and decryptBlob(). Thus they should not be accessed from outside. */
449
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]450/* ** Note to future implementors of encryption: **
451 * Currently this is the construction:
452 * metadata || Enc(MD5(data) || data)
453 *
454 * This should be the construction used for encrypting if re-implementing:
455 *
456 * Derive independent keys for encryption and MAC:
457 * Kenc = AES_encrypt(masterKey, "Encrypt")
458 * Kmac = AES_encrypt(masterKey, "MAC")
459 *
460 * Store this:
461 * metadata || AES_CTR_encrypt(Kenc, rand_IV, data) ||
462 * HMAC(Kmac, metadata || Enc(data))
463 */
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]464struct __attribute__((packed)) blob {
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]465 uint8_t version;
466 uint8_t type;
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]467 uint8_t flags;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]468 uint8_t info;
469 uint8_t vector[AES_BLOCK_SIZE];
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]470 uint8_t encrypted[0]; // Marks offset to encrypted data.
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]471 uint8_t digest[MD5_DIGEST_LENGTH];
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]472 uint8_t digested[0]; // Marks offset to digested data.
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]473 int32_t length; // in network byte order when encrypted
474 uint8_t value[VALUE_SIZE + AES_BLOCK_SIZE];
475};
476
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]477typedef enum {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]478 TYPE_ANY = 0, // meta type that matches anything
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]479 TYPE_GENERIC = 1,
480 TYPE_MASTER_KEY = 2,
481 TYPE_KEY_PAIR = 3,
482} BlobType;
483
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]484static const uint8_t CURRENT_BLOB_VERSION = 2;
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]485
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]486class Blob {
487public:
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]488 Blob(const uint8_t* value, int32_t valueLength, const uint8_t* info, uint8_t infoLength,
489 BlobType type) {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]490 mBlob.length = valueLength;
491 memcpy(mBlob.value, value, valueLength);
492
493 mBlob.info = infoLength;
494 memcpy(mBlob.value + valueLength, info, infoLength);
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]495
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]496 mBlob.version = CURRENT_BLOB_VERSION;
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]497 mBlob.type = uint8_t(type);
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]498
Kenny Rootee8068b2013-10-07 09:49:15 -0700[diff] [blame]499 if (type == TYPE_MASTER_KEY) {
500 mBlob.flags = KEYSTORE_FLAG_ENCRYPTED;
501 } else {
502 mBlob.flags = KEYSTORE_FLAG_NONE;
503 }
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]504 }
505
506 Blob(blob b) {
507 mBlob = b;
508 }
509
510 Blob() {}
511
Kenny Root51878182012-03-13 12:53:19 -0700[diff] [blame]512 const uint8_t* getValue() const {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]513 return mBlob.value;
514 }
515
Kenny Root51878182012-03-13 12:53:19 -0700[diff] [blame]516 int32_t getLength() const {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]517 return mBlob.length;
518 }
519
Kenny Root51878182012-03-13 12:53:19 -0700[diff] [blame]520 const uint8_t* getInfo() const {
521 return mBlob.value + mBlob.length;
522 }
523
524 uint8_t getInfoLength() const {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]525 return mBlob.info;
526 }
527
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]528 uint8_t getVersion() const {
529 return mBlob.version;
530 }
531
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]532 bool isEncrypted() const {
533 if (mBlob.version < 2) {
534 return true;
535 }
536
537 return mBlob.flags & KEYSTORE_FLAG_ENCRYPTED;
538 }
539
540 void setEncrypted(bool encrypted) {
541 if (encrypted) {
542 mBlob.flags |= KEYSTORE_FLAG_ENCRYPTED;
543 } else {
544 mBlob.flags &= ~KEYSTORE_FLAG_ENCRYPTED;
545 }
546 }
547
Kenny Root17208e02013-09-04 13:56:03 -0700[diff] [blame]548 bool isFallback() const {
549 return mBlob.flags & KEYSTORE_FLAG_FALLBACK;
550 }
551
552 void setFallback(bool fallback) {
553 if (fallback) {
554 mBlob.flags |= KEYSTORE_FLAG_FALLBACK;
555 } else {
556 mBlob.flags &= ~KEYSTORE_FLAG_FALLBACK;
557 }
558 }
559
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]560 void setVersion(uint8_t version) {
561 mBlob.version = version;
562 }
563
564 BlobType getType() const {
565 return BlobType(mBlob.type);
566 }
567
568 void setType(BlobType type) {
569 mBlob.type = uint8_t(type);
570 }
571
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]572 ResponseCode writeBlob(const char* filename, AES_KEY *aes_key, State state, Entropy* entropy) {
573 ALOGV("writing blob %s", filename);
574 if (isEncrypted()) {
575 if (state != STATE_NO_ERROR) {
576 ALOGD("couldn't insert encrypted blob while not unlocked");
577 return LOCKED;
578 }
579
580 if (!entropy->generate_random_data(mBlob.vector, AES_BLOCK_SIZE)) {
581 ALOGW("Could not read random data for: %s", filename);
582 return SYSTEM_ERROR;
583 }
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]584 }
585
586 // data includes the value and the value's length
587 size_t dataLength = mBlob.length + sizeof(mBlob.length);
588 // pad data to the AES_BLOCK_SIZE
589 size_t digestedLength = ((dataLength + AES_BLOCK_SIZE - 1)
590 / AES_BLOCK_SIZE * AES_BLOCK_SIZE);
591 // encrypted data includes the digest value
592 size_t encryptedLength = digestedLength + MD5_DIGEST_LENGTH;
593 // move info after space for padding
594 memmove(&mBlob.encrypted[encryptedLength], &mBlob.value[mBlob.length], mBlob.info);
595 // zero padding area
596 memset(mBlob.value + mBlob.length, 0, digestedLength - dataLength);
597
598 mBlob.length = htonl(mBlob.length);
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]599
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]600 if (isEncrypted()) {
601 MD5(mBlob.digested, digestedLength, mBlob.digest);
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]602
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]603 uint8_t vector[AES_BLOCK_SIZE];
604 memcpy(vector, mBlob.vector, AES_BLOCK_SIZE);
605 AES_cbc_encrypt(mBlob.encrypted, mBlob.encrypted, encryptedLength,
606 aes_key, vector, AES_ENCRYPT);
607 }
608
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]609 size_t headerLength = (mBlob.encrypted - (uint8_t*) &mBlob);
610 size_t fileLength = encryptedLength + headerLength + mBlob.info;
611
612 const char* tmpFileName = ".tmp";
Kenny Root150ca932012-11-14 14:29:02 -0800[diff] [blame]613 int out = TEMP_FAILURE_RETRY(open(tmpFileName,
614 O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR));
615 if (out < 0) {
616 ALOGW("could not open file: %s: %s", tmpFileName, strerror(errno));
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]617 return SYSTEM_ERROR;
618 }
619 size_t writtenBytes = writeFully(out, (uint8_t*) &mBlob, fileLength);
620 if (close(out) != 0) {
621 return SYSTEM_ERROR;
622 }
623 if (writtenBytes != fileLength) {
Kenny Root150ca932012-11-14 14:29:02 -0800[diff] [blame]624 ALOGW("blob not fully written %zu != %zu", writtenBytes, fileLength);
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]625 unlink(tmpFileName);
626 return SYSTEM_ERROR;
627 }
Kenny Root150ca932012-11-14 14:29:02 -0800[diff] [blame]628 if (rename(tmpFileName, filename) == -1) {
629 ALOGW("could not rename blob to %s: %s", filename, strerror(errno));
630 return SYSTEM_ERROR;
631 }
632 return NO_ERROR;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]633 }
634
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]635 ResponseCode readBlob(const char* filename, AES_KEY *aes_key, State state) {
636 ALOGV("reading blob %s", filename);
Kenny Root150ca932012-11-14 14:29:02 -0800[diff] [blame]637 int in = TEMP_FAILURE_RETRY(open(filename, O_RDONLY));
638 if (in < 0) {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]639 return (errno == ENOENT) ? KEY_NOT_FOUND : SYSTEM_ERROR;
640 }
641 // fileLength may be less than sizeof(mBlob) since the in
642 // memory version has extra padding to tolerate rounding up to
643 // the AES_BLOCK_SIZE
644 size_t fileLength = readFully(in, (uint8_t*) &mBlob, sizeof(mBlob));
645 if (close(in) != 0) {
646 return SYSTEM_ERROR;
647 }
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]648
649 if (isEncrypted() && (state != STATE_NO_ERROR)) {
650 return LOCKED;
651 }
652
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]653 size_t headerLength = (mBlob.encrypted - (uint8_t*) &mBlob);
654 if (fileLength < headerLength) {
655 return VALUE_CORRUPTED;
656 }
657
658 ssize_t encryptedLength = fileLength - (headerLength + mBlob.info);
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]659 if (encryptedLength < 0) {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]660 return VALUE_CORRUPTED;
661 }
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]662
663 ssize_t digestedLength;
664 if (isEncrypted()) {
665 if (encryptedLength % AES_BLOCK_SIZE != 0) {
666 return VALUE_CORRUPTED;
667 }
668
669 AES_cbc_encrypt(mBlob.encrypted, mBlob.encrypted, encryptedLength, aes_key,
670 mBlob.vector, AES_DECRYPT);
671 digestedLength = encryptedLength - MD5_DIGEST_LENGTH;
672 uint8_t computedDigest[MD5_DIGEST_LENGTH];
673 MD5(mBlob.digested, digestedLength, computedDigest);
674 if (memcmp(mBlob.digest, computedDigest, MD5_DIGEST_LENGTH) != 0) {
675 return VALUE_CORRUPTED;
676 }
677 } else {
678 digestedLength = encryptedLength;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]679 }
680
681 ssize_t maxValueLength = digestedLength - sizeof(mBlob.length);
682 mBlob.length = ntohl(mBlob.length);
683 if (mBlob.length < 0 || mBlob.length > maxValueLength) {
684 return VALUE_CORRUPTED;
685 }
686 if (mBlob.info != 0) {
687 // move info from after padding to after data
688 memmove(&mBlob.value[mBlob.length], &mBlob.value[maxValueLength], mBlob.info);
689 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]690 return ::NO_ERROR;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]691 }
692
693private:
694 struct blob mBlob;
695};
696
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]697class UserState {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]698public:
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]699 UserState(uid_t userId) : mUserId(userId), mRetry(MAX_RETRY) {
700 asprintf(&mUserDir, "user_%u", mUserId);
701 asprintf(&mMasterKeyFile, "%s/.masterkey", mUserDir);
702 }
703
704 ~UserState() {
705 free(mUserDir);
706 free(mMasterKeyFile);
707 }
708
709 bool initialize() {
710 if ((mkdir(mUserDir, S_IRUSR | S_IWUSR | S_IXUSR) < 0) && (errno != EEXIST)) {
711 ALOGE("Could not create directory '%s'", mUserDir);
712 return false;
713 }
714
715 if (access(mMasterKeyFile, R_OK) == 0) {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]716 setState(STATE_LOCKED);
717 } else {
718 setState(STATE_UNINITIALIZED);
719 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]720
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]721 return true;
722 }
723
724 uid_t getUserId() const {
725 return mUserId;
726 }
727
728 const char* getUserDirName() const {
729 return mUserDir;
730 }
731
732 const char* getMasterKeyFileName() const {
733 return mMasterKeyFile;
734 }
735
736 void setState(State state) {
737 mState = state;
738 if (mState == STATE_NO_ERROR || mState == STATE_UNINITIALIZED) {
739 mRetry = MAX_RETRY;
740 }
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]741 }
742
Kenny Root51878182012-03-13 12:53:19 -0700[diff] [blame]743 State getState() const {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]744 return mState;
745 }
746
Kenny Root51878182012-03-13 12:53:19 -0700[diff] [blame]747 int8_t getRetry() const {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]748 return mRetry;
749 }
750
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]751 void zeroizeMasterKeysInMemory() {
752 memset(mMasterKey, 0, sizeof(mMasterKey));
753 memset(mSalt, 0, sizeof(mSalt));
754 memset(&mMasterKeyEncryption, 0, sizeof(mMasterKeyEncryption));
755 memset(&mMasterKeyDecryption, 0, sizeof(mMasterKeyDecryption));
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]756 }
757
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]758 ResponseCode initialize(const android::String8& pw, Entropy* entropy) {
759 if (!generateMasterKey(entropy)) {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]760 return SYSTEM_ERROR;
761 }
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]762 ResponseCode response = writeMasterKey(pw, entropy);
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]763 if (response != NO_ERROR) {
764 return response;
765 }
766 setupMasterKeys();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]767 return ::NO_ERROR;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]768 }
769
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]770 ResponseCode copyMasterKey(UserState* src) {
771 if (mState != STATE_UNINITIALIZED) {
772 return ::SYSTEM_ERROR;
773 }
774 if (src->getState() != STATE_NO_ERROR) {
775 return ::SYSTEM_ERROR;
776 }
777 memcpy(mMasterKey, src->mMasterKey, MASTER_KEY_SIZE_BYTES);
778 setupMasterKeys();
779 return ::NO_ERROR;
780 }
781
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]782 ResponseCode writeMasterKey(const android::String8& pw, Entropy* entropy) {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]783 uint8_t passwordKey[MASTER_KEY_SIZE_BYTES];
784 generateKeyFromPassword(passwordKey, MASTER_KEY_SIZE_BYTES, pw, mSalt);
785 AES_KEY passwordAesKey;
786 AES_set_encrypt_key(passwordKey, MASTER_KEY_SIZE_BITS, &passwordAesKey);
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]787 Blob masterKeyBlob(mMasterKey, sizeof(mMasterKey), mSalt, sizeof(mSalt), TYPE_MASTER_KEY);
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]788 return masterKeyBlob.writeBlob(mMasterKeyFile, &passwordAesKey, STATE_NO_ERROR, entropy);
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]789 }
790
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]791 ResponseCode readMasterKey(const android::String8& pw, Entropy* entropy) {
792 int in = TEMP_FAILURE_RETRY(open(mMasterKeyFile, O_RDONLY));
Kenny Root150ca932012-11-14 14:29:02 -0800[diff] [blame]793 if (in < 0) {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]794 return SYSTEM_ERROR;
795 }
796
797 // we read the raw blob to just to get the salt to generate
798 // the AES key, then we create the Blob to use with decryptBlob
799 blob rawBlob;
800 size_t length = readFully(in, (uint8_t*) &rawBlob, sizeof(rawBlob));
801 if (close(in) != 0) {
802 return SYSTEM_ERROR;
803 }
804 // find salt at EOF if present, otherwise we have an old file
805 uint8_t* salt;
806 if (length > SALT_SIZE && rawBlob.info == SALT_SIZE) {
807 salt = (uint8_t*) &rawBlob + length - SALT_SIZE;
808 } else {
809 salt = NULL;
810 }
811 uint8_t passwordKey[MASTER_KEY_SIZE_BYTES];
812 generateKeyFromPassword(passwordKey, MASTER_KEY_SIZE_BYTES, pw, salt);
813 AES_KEY passwordAesKey;
814 AES_set_decrypt_key(passwordKey, MASTER_KEY_SIZE_BITS, &passwordAesKey);
815 Blob masterKeyBlob(rawBlob);
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]816 ResponseCode response = masterKeyBlob.readBlob(mMasterKeyFile, &passwordAesKey,
817 STATE_NO_ERROR);
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]818 if (response == SYSTEM_ERROR) {
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]819 return response;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]820 }
821 if (response == NO_ERROR && masterKeyBlob.getLength() == MASTER_KEY_SIZE_BYTES) {
822 // if salt was missing, generate one and write a new master key file with the salt.
823 if (salt == NULL) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]824 if (!generateSalt(entropy)) {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]825 return SYSTEM_ERROR;
826 }
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]827 response = writeMasterKey(pw, entropy);
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]828 }
829 if (response == NO_ERROR) {
830 memcpy(mMasterKey, masterKeyBlob.getValue(), MASTER_KEY_SIZE_BYTES);
831 setupMasterKeys();
832 }
833 return response;
834 }
835 if (mRetry <= 0) {
836 reset();
837 return UNINITIALIZED;
838 }
839 --mRetry;
840 switch (mRetry) {
841 case 0: return WRONG_PASSWORD_0;
842 case 1: return WRONG_PASSWORD_1;
843 case 2: return WRONG_PASSWORD_2;
844 case 3: return WRONG_PASSWORD_3;
845 default: return WRONG_PASSWORD_3;
846 }
847 }
848
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]849 AES_KEY* getEncryptionKey() {
850 return &mMasterKeyEncryption;
851 }
852
853 AES_KEY* getDecryptionKey() {
854 return &mMasterKeyDecryption;
855 }
856
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]857 bool reset() {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]858 DIR* dir = opendir(getUserDirName());
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]859 if (!dir) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]860 ALOGW("couldn't open user directory: %s", strerror(errno));
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]861 return false;
862 }
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]863
864 struct dirent* file;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]865 while ((file = readdir(dir)) != NULL) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]866 // We only care about files.
867 if (file->d_type != DT_REG) {
868 continue;
869 }
870
871 // Skip anything that starts with a "."
Kenny Root931fac02014-07-30 16:39:40 -0700[diff] [blame]872 if (file->d_name[0] == '.' && strcmp(".masterkey", file->d_name)) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]873 continue;
874 }
875
876 unlinkat(dirfd(dir), file->d_name, 0);
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]877 }
878 closedir(dir);
879 return true;
880 }
881
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]882private:
883 static const int MASTER_KEY_SIZE_BYTES = 16;
884 static const int MASTER_KEY_SIZE_BITS = MASTER_KEY_SIZE_BYTES * 8;
885
886 static const int MAX_RETRY = 4;
887 static const size_t SALT_SIZE = 16;
888
889 void generateKeyFromPassword(uint8_t* key, ssize_t keySize, const android::String8& pw,
890 uint8_t* salt) {
891 size_t saltSize;
892 if (salt != NULL) {
893 saltSize = SALT_SIZE;
894 } else {
895 // pre-gingerbread used this hardwired salt, readMasterKey will rewrite these when found
896 salt = (uint8_t*) "keystore";
897 // sizeof = 9, not strlen = 8
898 saltSize = sizeof("keystore");
899 }
900
901 PKCS5_PBKDF2_HMAC_SHA1(reinterpret_cast<const char*>(pw.string()), pw.length(), salt,
902 saltSize, 8192, keySize, key);
903 }
904
905 bool generateSalt(Entropy* entropy) {
906 return entropy->generate_random_data(mSalt, sizeof(mSalt));
907 }
908
909 bool generateMasterKey(Entropy* entropy) {
910 if (!entropy->generate_random_data(mMasterKey, sizeof(mMasterKey))) {
911 return false;
912 }
913 if (!generateSalt(entropy)) {
914 return false;
915 }
916 return true;
917 }
918
919 void setupMasterKeys() {
920 AES_set_encrypt_key(mMasterKey, MASTER_KEY_SIZE_BITS, &mMasterKeyEncryption);
921 AES_set_decrypt_key(mMasterKey, MASTER_KEY_SIZE_BITS, &mMasterKeyDecryption);
922 setState(STATE_NO_ERROR);
923 }
924
925 uid_t mUserId;
926
927 char* mUserDir;
928 char* mMasterKeyFile;
929
930 State mState;
931 int8_t mRetry;
932
933 uint8_t mMasterKey[MASTER_KEY_SIZE_BYTES];
934 uint8_t mSalt[SALT_SIZE];
935
936 AES_KEY mMasterKeyEncryption;
937 AES_KEY mMasterKeyDecryption;
938};
939
940typedef struct {
941 uint32_t uid;
942 const uint8_t* filename;
943} grant_t;
944
945class KeyStore {
946public:
947 KeyStore(Entropy* entropy, keymaster_device_t* device)
948 : mEntropy(entropy)
949 , mDevice(device)
950 {
951 memset(&mMetaData, '\0', sizeof(mMetaData));
952 }
953
954 ~KeyStore() {
955 for (android::Vector<grant_t*>::iterator it(mGrants.begin());
956 it != mGrants.end(); it++) {
957 delete *it;
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]958 }
haitao fangc35d4eb2013-12-06 11:34:49 +0800[diff] [blame]959 mGrants.clear();
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]960
961 for (android::Vector<UserState*>::iterator it(mMasterKeys.begin());
962 it != mMasterKeys.end(); it++) {
963 delete *it;
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]964 }
haitao fangc35d4eb2013-12-06 11:34:49 +0800[diff] [blame]965 mMasterKeys.clear();
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]966 }
967
968 keymaster_device_t* getDevice() const {
969 return mDevice;
970 }
971
972 ResponseCode initialize() {
973 readMetaData();
974 if (upgradeKeystore()) {
975 writeMetaData();
976 }
977
978 return ::NO_ERROR;
979 }
980
981 State getState(uid_t uid) {
982 return getUserState(uid)->getState();
983 }
984
985 ResponseCode initializeUser(const android::String8& pw, uid_t uid) {
986 UserState* userState = getUserState(uid);
987 return userState->initialize(pw, mEntropy);
988 }
989
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]990 ResponseCode copyMasterKey(uid_t src, uid_t uid) {
991 UserState *userState = getUserState(uid);
992 UserState *initState = getUserState(src);
993 return userState->copyMasterKey(initState);
994 }
995
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]996 ResponseCode writeMasterKey(const android::String8& pw, uid_t uid) {
Robin Lee50122db2014-08-12 17:31:40 +0100[diff] [blame]997 UserState* userState = getUserState(uid);
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]998 return userState->writeMasterKey(pw, mEntropy);
999 }
1000
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]1001
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1002 ResponseCode readMasterKey(const android::String8& pw, uid_t uid) {
Robin Lee50122db2014-08-12 17:31:40 +0100[diff] [blame]1003 UserState* userState = getUserState(uid);
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1004 return userState->readMasterKey(pw, mEntropy);
1005 }
1006
1007 android::String8 getKeyName(const android::String8& keyName) {
Douglas Leunga77e8092013-06-13 16:34:43 -0700[diff] [blame]1008 char encoded[encode_key_length(keyName) + 1]; // add 1 for null char
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1009 encode_key(encoded, keyName);
1010 return android::String8(encoded);
1011 }
1012
1013 android::String8 getKeyNameForUid(const android::String8& keyName, uid_t uid) {
Douglas Leunga77e8092013-06-13 16:34:43 -0700[diff] [blame]1014 char encoded[encode_key_length(keyName) + 1]; // add 1 for null char
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1015 encode_key(encoded, keyName);
1016 return android::String8::format("%u_%s", uid, encoded);
1017 }
1018
1019 android::String8 getKeyNameForUidWithDir(const android::String8& keyName, uid_t uid) {
Douglas Leunga77e8092013-06-13 16:34:43 -0700[diff] [blame]1020 char encoded[encode_key_length(keyName) + 1]; // add 1 for null char
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1021 encode_key(encoded, keyName);
1022 return android::String8::format("%s/%u_%s", getUserState(uid)->getUserDirName(), uid,
1023 encoded);
1024 }
1025
1026 bool reset(uid_t uid) {
1027 UserState* userState = getUserState(uid);
1028 userState->zeroizeMasterKeysInMemory();
1029 userState->setState(STATE_UNINITIALIZED);
1030 return userState->reset();
1031 }
1032
1033 bool isEmpty(uid_t uid) const {
1034 const UserState* userState = getUserState(uid);
Kenny Root31e27462014-09-10 11:28:03 -0700[diff] [blame^]1035 if (userState == NULL || userState->getState() == STATE_UNINITIALIZED) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1036 return true;
1037 }
1038
1039 DIR* dir = opendir(userState->getUserDirName());
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1040 if (!dir) {
1041 return true;
1042 }
Kenny Root31e27462014-09-10 11:28:03 -0700[diff] [blame^]1043
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1044 bool result = true;
Kenny Root31e27462014-09-10 11:28:03 -0700[diff] [blame^]1045 struct dirent* file;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1046 while ((file = readdir(dir)) != NULL) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1047 // We only care about files.
1048 if (file->d_type != DT_REG) {
1049 continue;
1050 }
1051
1052 // Skip anything that starts with a "."
1053 if (file->d_name[0] == '.') {
1054 continue;
1055 }
1056
Kenny Root31e27462014-09-10 11:28:03 -0700[diff] [blame^]1057 result = false;
1058 break;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1059 }
1060 closedir(dir);
1061 return result;
1062 }
1063
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1064 void lock(uid_t uid) {
1065 UserState* userState = getUserState(uid);
1066 userState->zeroizeMasterKeysInMemory();
1067 userState->setState(STATE_LOCKED);
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1068 }
1069
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1070 ResponseCode get(const char* filename, Blob* keyBlob, const BlobType type, uid_t uid) {
1071 UserState* userState = getUserState(uid);
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]1072 ResponseCode rc = keyBlob->readBlob(filename, userState->getDecryptionKey(),
1073 userState->getState());
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1074 if (rc != NO_ERROR) {
1075 return rc;
1076 }
1077
1078 const uint8_t version = keyBlob->getVersion();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1079 if (version < CURRENT_BLOB_VERSION) {
Kenny Rootcfeae072013-04-04 08:39:57 -0700[diff] [blame]1080 /* If we upgrade the key, we need to write it to disk again. Then
1081 * it must be read it again since the blob is encrypted each time
1082 * it's written.
1083 */
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1084 if (upgradeBlob(filename, keyBlob, version, type, uid)) {
1085 if ((rc = this->put(filename, keyBlob, uid)) != NO_ERROR
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]1086 || (rc = keyBlob->readBlob(filename, userState->getDecryptionKey(),
1087 userState->getState())) != NO_ERROR) {
Kenny Rootcfeae072013-04-04 08:39:57 -0700[diff] [blame]1088 return rc;
1089 }
1090 }
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1091 }
1092
Kenny Root17208e02013-09-04 13:56:03 -0700[diff] [blame]1093 /*
1094 * This will upgrade software-backed keys to hardware-backed keys when
1095 * the HAL for the device supports the newer key types.
1096 */
1097 if (rc == NO_ERROR && type == TYPE_KEY_PAIR
1098 && mDevice->common.module->module_api_version >= KEYMASTER_MODULE_API_VERSION_0_2
1099 && keyBlob->isFallback()) {
1100 ResponseCode imported = importKey(keyBlob->getValue(), keyBlob->getLength(), filename,
1101 uid, keyBlob->isEncrypted() ? KEYSTORE_FLAG_ENCRYPTED : KEYSTORE_FLAG_NONE);
1102
1103 // The HAL allowed the import, reget the key to have the "fresh"
1104 // version.
1105 if (imported == NO_ERROR) {
1106 rc = get(filename, keyBlob, TYPE_KEY_PAIR, uid);
1107 }
1108 }
1109
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]1110 if (type != TYPE_ANY && keyBlob->getType() != type) {
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1111 ALOGW("key found but type doesn't match: %d vs %d", keyBlob->getType(), type);
1112 return KEY_NOT_FOUND;
1113 }
1114
1115 return rc;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1116 }
1117
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1118 ResponseCode put(const char* filename, Blob* keyBlob, uid_t uid) {
1119 UserState* userState = getUserState(uid);
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]1120 return keyBlob->writeBlob(filename, userState->getEncryptionKey(), userState->getState(),
1121 mEntropy);
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1122 }
1123
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1124 void addGrant(const char* filename, uid_t granteeUid) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1125 const grant_t* existing = getGrant(filename, granteeUid);
1126 if (existing == NULL) {
1127 grant_t* grant = new grant_t;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1128 grant->uid = granteeUid;
Brian Carlstroma8c703d2012-07-17 14:43:46 -0700[diff] [blame]1129 grant->filename = reinterpret_cast<const uint8_t*>(strdup(filename));
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1130 mGrants.add(grant);
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1131 }
1132 }
1133
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1134 bool removeGrant(const char* filename, uid_t granteeUid) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1135 for (android::Vector<grant_t*>::iterator it(mGrants.begin());
1136 it != mGrants.end(); it++) {
1137 grant_t* grant = *it;
1138 if (grant->uid == granteeUid
1139 && !strcmp(reinterpret_cast<const char*>(grant->filename), filename)) {
1140 mGrants.erase(it);
1141 return true;
1142 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1143 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1144 return false;
1145 }
1146
Brian Carlstroma8c703d2012-07-17 14:43:46 -0700[diff] [blame]1147 bool hasGrant(const char* filename, const uid_t uid) const {
1148 return getGrant(filename, uid) != NULL;
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1149 }
1150
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]1151 ResponseCode importKey(const uint8_t* key, size_t keyLen, const char* filename, uid_t uid,
1152 int32_t flags) {
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1153 uint8_t* data;
1154 size_t dataLength;
1155 int rc;
1156
1157 if (mDevice->import_keypair == NULL) {
1158 ALOGE("Keymaster doesn't support import!");
1159 return SYSTEM_ERROR;
1160 }
1161
Kenny Root17208e02013-09-04 13:56:03 -0700[diff] [blame]1162 bool isFallback = false;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1163 rc = mDevice->import_keypair(mDevice, key, keyLen, &data, &dataLength);
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1164 if (rc) {
Kenny Root17208e02013-09-04 13:56:03 -0700[diff] [blame]1165 // If this is an old device HAL, try to fall back to an old version
1166 if (mDevice->common.module->module_api_version < KEYMASTER_MODULE_API_VERSION_0_2) {
1167 rc = openssl_import_keypair(mDevice, key, keyLen, &data, &dataLength);
1168 isFallback = true;
1169 }
1170
1171 if (rc) {
1172 ALOGE("Error while importing keypair: %d", rc);
1173 return SYSTEM_ERROR;
1174 }
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1175 }
1176
1177 Blob keyBlob(data, dataLength, NULL, 0, TYPE_KEY_PAIR);
1178 free(data);
1179
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]1180 keyBlob.setEncrypted(flags & KEYSTORE_FLAG_ENCRYPTED);
Kenny Root17208e02013-09-04 13:56:03 -0700[diff] [blame]1181 keyBlob.setFallback(isFallback);
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]1182
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1183 return put(filename, &keyBlob, uid);
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1184 }
1185
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]1186 bool isHardwareBacked(const android::String16& keyType) const {
1187 if (mDevice == NULL) {
1188 ALOGW("can't get keymaster device");
1189 return false;
1190 }
1191
1192 if (sRSAKeyType == keyType) {
1193 return (mDevice->flags & KEYMASTER_SOFTWARE_ONLY) == 0;
1194 } else {
1195 return (mDevice->flags & KEYMASTER_SOFTWARE_ONLY) == 0
1196 && (mDevice->common.module->module_api_version
1197 >= KEYMASTER_MODULE_API_VERSION_0_2);
1198 }
Kenny Root8ddf35a2013-03-29 11:15:50 -0700[diff] [blame]1199 }
1200
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1201 ResponseCode getKeyForName(Blob* keyBlob, const android::String8& keyName, const uid_t uid,
1202 const BlobType type) {
Kenny Root86b16e82013-09-09 11:15:54 -0700[diff] [blame]1203 android::String8 filepath8(getKeyNameForUidWithDir(keyName, uid));
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1204
1205 ResponseCode responseCode = get(filepath8.string(), keyBlob, type, uid);
1206 if (responseCode == NO_ERROR) {
1207 return responseCode;
1208 }
1209
1210 // If this is one of the legacy UID->UID mappings, use it.
1211 uid_t euid = get_keystore_euid(uid);
1212 if (euid != uid) {
Kenny Root86b16e82013-09-09 11:15:54 -0700[diff] [blame]1213 filepath8 = getKeyNameForUidWithDir(keyName, euid);
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1214 responseCode = get(filepath8.string(), keyBlob, type, uid);
1215 if (responseCode == NO_ERROR) {
1216 return responseCode;
1217 }
1218 }
1219
1220 // They might be using a granted key.
Kenny Root86b16e82013-09-09 11:15:54 -0700[diff] [blame]1221 android::String8 filename8 = getKeyName(keyName);
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1222 char* end;
Kenny Root86b16e82013-09-09 11:15:54 -0700[diff] [blame]1223 strtoul(filename8.string(), &end, 10);
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1224 if (end[0] != '_' || end[1] == 0) {
1225 return KEY_NOT_FOUND;
1226 }
Kenny Root86b16e82013-09-09 11:15:54 -0700[diff] [blame]1227 filepath8 = android::String8::format("%s/%s", getUserState(uid)->getUserDirName(),
1228 filename8.string());
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1229 if (!hasGrant(filepath8.string(), uid)) {
1230 return responseCode;
1231 }
1232
1233 // It is a granted key. Try to load it.
1234 return get(filepath8.string(), keyBlob, type, uid);
1235 }
1236
1237 /**
1238 * Returns any existing UserState or creates it if it doesn't exist.
1239 */
1240 UserState* getUserState(uid_t uid) {
1241 uid_t userId = get_user_id(uid);
1242
1243 for (android::Vector<UserState*>::iterator it(mMasterKeys.begin());
1244 it != mMasterKeys.end(); it++) {
1245 UserState* state = *it;
1246 if (state->getUserId() == userId) {
1247 return state;
1248 }
1249 }
1250
1251 UserState* userState = new UserState(userId);
1252 if (!userState->initialize()) {
1253 /* There's not much we can do if initialization fails. Trying to
1254 * unlock the keystore for that user will fail as well, so any
1255 * subsequent request for this user will just return SYSTEM_ERROR.
1256 */
1257 ALOGE("User initialization failed for %u; subsuquent operations will fail", userId);
1258 }
1259 mMasterKeys.add(userState);
1260 return userState;
1261 }
1262
1263 /**
1264 * Returns NULL if the UserState doesn't already exist.
1265 */
1266 const UserState* getUserState(uid_t uid) const {
1267 uid_t userId = get_user_id(uid);
1268
1269 for (android::Vector<UserState*>::const_iterator it(mMasterKeys.begin());
1270 it != mMasterKeys.end(); it++) {
1271 UserState* state = *it;
1272 if (state->getUserId() == userId) {
1273 return state;
1274 }
1275 }
1276
1277 return NULL;
1278 }
1279
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1280private:
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1281 static const char* sOldMasterKey;
1282 static const char* sMetaDataFile;
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]1283 static const android::String16 sRSAKeyType;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1284 Entropy* mEntropy;
1285
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1286 keymaster_device_t* mDevice;
1287
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1288 android::Vector<UserState*> mMasterKeys;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1289
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1290 android::Vector<grant_t*> mGrants;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1291
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1292 typedef struct {
1293 uint32_t version;
1294 } keystore_metadata_t;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1295
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1296 keystore_metadata_t mMetaData;
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1297
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1298 const grant_t* getGrant(const char* filename, uid_t uid) const {
1299 for (android::Vector<grant_t*>::const_iterator it(mGrants.begin());
1300 it != mGrants.end(); it++) {
1301 grant_t* grant = *it;
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1302 if (grant->uid == uid
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1303 && !strcmp(reinterpret_cast<const char*>(grant->filename), filename)) {
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1304 return grant;
1305 }
1306 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1307 return NULL;
1308 }
1309
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1310 /**
1311 * Upgrade code. This will upgrade the key from the current version
1312 * to whatever is newest.
1313 */
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1314 bool upgradeBlob(const char* filename, Blob* blob, const uint8_t oldVersion,
1315 const BlobType type, uid_t uid) {
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1316 bool updated = false;
1317 uint8_t version = oldVersion;
1318
1319 /* From V0 -> V1: All old types were unknown */
1320 if (version == 0) {
1321 ALOGV("upgrading to version 1 and setting type %d", type);
1322
1323 blob->setType(type);
1324 if (type == TYPE_KEY_PAIR) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1325 importBlobAsKey(blob, filename, uid);
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1326 }
1327 version = 1;
1328 updated = true;
1329 }
1330
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]1331 /* From V1 -> V2: All old keys were encrypted */
1332 if (version == 1) {
1333 ALOGV("upgrading to version 2");
1334
1335 blob->setEncrypted(true);
1336 version = 2;
1337 updated = true;
1338 }
1339
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1340 /*
1341 * If we've updated, set the key blob to the right version
1342 * and write it.
Kenny Rootcfeae072013-04-04 08:39:57 -0700[diff] [blame]1343 */
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1344 if (updated) {
1345 ALOGV("updated and writing file %s", filename);
1346 blob->setVersion(version);
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1347 }
Kenny Rootcfeae072013-04-04 08:39:57 -0700[diff] [blame]1348
1349 return updated;
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1350 }
1351
1352 /**
1353 * Takes a blob that is an PEM-encoded RSA key as a byte array and
1354 * converts it to a DER-encoded PKCS#8 for import into a keymaster.
1355 * Then it overwrites the original blob with the new blob
1356 * format that is returned from the keymaster.
1357 */
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1358 ResponseCode importBlobAsKey(Blob* blob, const char* filename, uid_t uid) {
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1359 // We won't even write to the blob directly with this BIO, so const_cast is okay.
1360 Unique_BIO b(BIO_new_mem_buf(const_cast<uint8_t*>(blob->getValue()), blob->getLength()));
1361 if (b.get() == NULL) {
1362 ALOGE("Problem instantiating BIO");
1363 return SYSTEM_ERROR;
1364 }
1365
1366 Unique_EVP_PKEY pkey(PEM_read_bio_PrivateKey(b.get(), NULL, NULL, NULL));
1367 if (pkey.get() == NULL) {
1368 ALOGE("Couldn't read old PEM file");
1369 return SYSTEM_ERROR;
1370 }
1371
1372 Unique_PKCS8_PRIV_KEY_INFO pkcs8(EVP_PKEY2PKCS8(pkey.get()));
1373 int len = i2d_PKCS8_PRIV_KEY_INFO(pkcs8.get(), NULL);
1374 if (len < 0) {
1375 ALOGE("Couldn't measure PKCS#8 length");
1376 return SYSTEM_ERROR;
1377 }
1378
Kenny Root70c98892013-02-07 09:10:36 -0800[diff] [blame]1379 UniquePtr<unsigned char[]> pkcs8key(new unsigned char[len]);
1380 uint8_t* tmp = pkcs8key.get();
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1381 if (i2d_PKCS8_PRIV_KEY_INFO(pkcs8.get(), &tmp) != len) {
1382 ALOGE("Couldn't convert to PKCS#8");
1383 return SYSTEM_ERROR;
1384 }
1385
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]1386 ResponseCode rc = importKey(pkcs8key.get(), len, filename, uid,
1387 blob->isEncrypted() ? KEYSTORE_FLAG_ENCRYPTED : KEYSTORE_FLAG_NONE);
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1388 if (rc != NO_ERROR) {
1389 return rc;
1390 }
1391
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1392 return get(filename, blob, TYPE_KEY_PAIR, uid);
1393 }
1394
1395 void readMetaData() {
1396 int in = TEMP_FAILURE_RETRY(open(sMetaDataFile, O_RDONLY));
1397 if (in < 0) {
1398 return;
1399 }
1400 size_t fileLength = readFully(in, (uint8_t*) &mMetaData, sizeof(mMetaData));
1401 if (fileLength != sizeof(mMetaData)) {
1402 ALOGI("Metadata file is %zd bytes (%zd experted); upgrade?", fileLength,
1403 sizeof(mMetaData));
1404 }
1405 close(in);
1406 }
1407
1408 void writeMetaData() {
1409 const char* tmpFileName = ".metadata.tmp";
1410 int out = TEMP_FAILURE_RETRY(open(tmpFileName,
1411 O_WRONLY | O_TRUNC | O_CREAT, S_IRUSR | S_IWUSR));
1412 if (out < 0) {
1413 ALOGE("couldn't write metadata file: %s", strerror(errno));
1414 return;
1415 }
1416 size_t fileLength = writeFully(out, (uint8_t*) &mMetaData, sizeof(mMetaData));
1417 if (fileLength != sizeof(mMetaData)) {
1418 ALOGI("Could only write %zd bytes to metadata file (%zd expected)", fileLength,
1419 sizeof(mMetaData));
1420 }
1421 close(out);
1422 rename(tmpFileName, sMetaDataFile);
1423 }
1424
1425 bool upgradeKeystore() {
1426 bool upgraded = false;
1427
1428 if (mMetaData.version == 0) {
1429 UserState* userState = getUserState(0);
1430
1431 // Initialize first so the directory is made.
1432 userState->initialize();
1433
1434 // Migrate the old .masterkey file to user 0.
1435 if (access(sOldMasterKey, R_OK) == 0) {
1436 if (rename(sOldMasterKey, userState->getMasterKeyFileName()) < 0) {
1437 ALOGE("couldn't migrate old masterkey: %s", strerror(errno));
1438 return false;
1439 }
1440 }
1441
1442 // Initialize again in case we had a key.
1443 userState->initialize();
1444
1445 // Try to migrate existing keys.
1446 DIR* dir = opendir(".");
1447 if (!dir) {
1448 // Give up now; maybe we can upgrade later.
1449 ALOGE("couldn't open keystore's directory; something is wrong");
1450 return false;
1451 }
1452
1453 struct dirent* file;
1454 while ((file = readdir(dir)) != NULL) {
1455 // We only care about files.
1456 if (file->d_type != DT_REG) {
1457 continue;
1458 }
1459
1460 // Skip anything that starts with a "."
1461 if (file->d_name[0] == '.') {
1462 continue;
1463 }
1464
1465 // Find the current file's user.
1466 char* end;
1467 unsigned long thisUid = strtoul(file->d_name, &end, 10);
1468 if (end[0] != '_' || end[1] == 0) {
1469 continue;
1470 }
1471 UserState* otherUser = getUserState(thisUid);
1472 if (otherUser->getUserId() != 0) {
1473 unlinkat(dirfd(dir), file->d_name, 0);
1474 }
1475
1476 // Rename the file into user directory.
1477 DIR* otherdir = opendir(otherUser->getUserDirName());
1478 if (otherdir == NULL) {
1479 ALOGW("couldn't open user directory for rename");
1480 continue;
1481 }
1482 if (renameat(dirfd(dir), file->d_name, dirfd(otherdir), file->d_name) < 0) {
1483 ALOGW("couldn't rename blob: %s: %s", file->d_name, strerror(errno));
1484 }
1485 closedir(otherdir);
1486 }
1487 closedir(dir);
1488
1489 mMetaData.version = 1;
1490 upgraded = true;
1491 }
1492
1493 return upgraded;
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1494 }
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1495};
1496
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1497const char* KeyStore::sOldMasterKey = ".masterkey";
1498const char* KeyStore::sMetaDataFile = ".metadata";
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1499
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]1500const android::String16 KeyStore::sRSAKeyType("RSA");
1501
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1502namespace android {
1503class KeyStoreProxy : public BnKeystoreService, public IBinder::DeathRecipient {
1504public:
1505 KeyStoreProxy(KeyStore* keyStore)
1506 : mKeyStore(keyStore)
1507 {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1508 }
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1509
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1510 void binderDied(const wp<IBinder>&) {
1511 ALOGE("binder death detected");
Kenny Root822c3a92012-03-23 16:34:39 -0700[diff] [blame]1512 }
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1513
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1514 int32_t test() {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1515 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]1516 pid_t spid = IPCThreadState::self()->getCallingPid();
1517 if (!has_permission(callingUid, P_TEST, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1518 ALOGW("permission denied for %d: test", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1519 return ::PERMISSION_DENIED;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1520 }
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1521
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1522 return mKeyStore->getState(callingUid);
Kenny Root298e7b12012-03-26 13:54:44 -0700[diff] [blame]1523 }
1524
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1525 int32_t get(const String16& name, uint8_t** item, size_t* itemLength) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1526 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]1527 pid_t spid = IPCThreadState::self()->getCallingPid();
1528 if (!has_permission(callingUid, P_GET, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1529 ALOGW("permission denied for %d: get", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1530 return ::PERMISSION_DENIED;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1531 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1532
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1533 String8 name8(name);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1534 Blob keyBlob;
Nick Kralevich66dbf672014-06-30 17:09:14 +0000[diff] [blame]1535
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1536 ResponseCode responseCode = mKeyStore->getKeyForName(&keyBlob, name8, callingUid,
Kenny Root49468902013-03-19 13:41:33 -0700[diff] [blame]1537 TYPE_GENERIC);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1538 if (responseCode != ::NO_ERROR) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1539 ALOGW("Could not read %s", name8.string());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1540 *item = NULL;
1541 *itemLength = 0;
1542 return responseCode;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1543 }
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1544
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1545 *item = (uint8_t*) malloc(keyBlob.getLength());
1546 memcpy(*item, keyBlob.getValue(), keyBlob.getLength());
1547 *itemLength = keyBlob.getLength();
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]1548
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1549 return ::NO_ERROR;
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1550 }
1551
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]1552 int32_t insert(const String16& name, const uint8_t* item, size_t itemLength, int targetUid,
1553 int32_t flags) {
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]1554 pid_t spid = IPCThreadState::self()->getCallingPid();
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1555 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]1556 if (!has_permission(callingUid, P_INSERT, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1557 ALOGW("permission denied for %d: insert", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1558 return ::PERMISSION_DENIED;
1559 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1560
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]1561 State state = mKeyStore->getState(callingUid);
1562 if ((flags & KEYSTORE_FLAG_ENCRYPTED) && !isKeystoreUnlocked(state)) {
1563 ALOGD("calling get in state: %d", state);
1564 return state;
1565 }
1566
Kenny Root49468902013-03-19 13:41:33 -0700[diff] [blame]1567 if (targetUid == -1) {
1568 targetUid = callingUid;
1569 } else if (!is_granted_to(callingUid, targetUid)) {
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1570 return ::PERMISSION_DENIED;
1571 }
1572
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1573 String8 name8(name);
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1574 String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, targetUid));
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1575
1576 Blob keyBlob(item, itemLength, NULL, 0, ::TYPE_GENERIC);
Kenny Rootee8068b2013-10-07 09:49:15 -0700[diff] [blame]1577 keyBlob.setEncrypted(flags & KEYSTORE_FLAG_ENCRYPTED);
1578
Kenny Rootfa27d5b2013-10-15 09:01:08 -0700[diff] [blame]1579 return mKeyStore->put(filename.string(), &keyBlob, targetUid);
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1580 }
1581
Kenny Root49468902013-03-19 13:41:33 -0700[diff] [blame]1582 int32_t del(const String16& name, int targetUid) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1583 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]1584 pid_t spid = IPCThreadState::self()->getCallingPid();
1585 if (!has_permission(callingUid, P_DELETE, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1586 ALOGW("permission denied for %d: del", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1587 return ::PERMISSION_DENIED;
1588 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1589
Kenny Root49468902013-03-19 13:41:33 -0700[diff] [blame]1590 if (targetUid == -1) {
1591 targetUid = callingUid;
1592 } else if (!is_granted_to(callingUid, targetUid)) {
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1593 return ::PERMISSION_DENIED;
1594 }
1595
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1596 String8 name8(name);
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1597 String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, targetUid));
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1598
1599 Blob keyBlob;
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1600 ResponseCode responseCode = mKeyStore->get(filename.string(), &keyBlob, TYPE_GENERIC,
Kenny Rootfa27d5b2013-10-15 09:01:08 -0700[diff] [blame]1601 targetUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1602 if (responseCode != ::NO_ERROR) {
1603 return responseCode;
1604 }
1605 return (unlink(filename) && errno != ENOENT) ? ::SYSTEM_ERROR : ::NO_ERROR;
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1606 }
1607
Kenny Root49468902013-03-19 13:41:33 -0700[diff] [blame]1608 int32_t exist(const String16& name, int targetUid) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1609 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]1610 pid_t spid = IPCThreadState::self()->getCallingPid();
1611 if (!has_permission(callingUid, P_EXIST, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1612 ALOGW("permission denied for %d: exist", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1613 return ::PERMISSION_DENIED;
1614 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1615
Kenny Root49468902013-03-19 13:41:33 -0700[diff] [blame]1616 if (targetUid == -1) {
1617 targetUid = callingUid;
1618 } else if (!is_granted_to(callingUid, targetUid)) {
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1619 return ::PERMISSION_DENIED;
1620 }
1621
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1622 String8 name8(name);
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1623 String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, targetUid));
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1624
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1625 if (access(filename.string(), R_OK) == -1) {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1626 return (errno != ENOENT) ? ::SYSTEM_ERROR : ::KEY_NOT_FOUND;
1627 }
1628 return ::NO_ERROR;
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1629 }
1630
Kenny Root49468902013-03-19 13:41:33 -0700[diff] [blame]1631 int32_t saw(const String16& prefix, int targetUid, Vector<String16>* matches) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1632 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]1633 pid_t spid = IPCThreadState::self()->getCallingPid();
1634 if (!has_permission(callingUid, P_SAW, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1635 ALOGW("permission denied for %d: saw", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1636 return ::PERMISSION_DENIED;
1637 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1638
Kenny Root49468902013-03-19 13:41:33 -0700[diff] [blame]1639 if (targetUid == -1) {
1640 targetUid = callingUid;
1641 } else if (!is_granted_to(callingUid, targetUid)) {
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1642 return ::PERMISSION_DENIED;
1643 }
1644
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1645 UserState* userState = mKeyStore->getUserState(targetUid);
1646 DIR* dir = opendir(userState->getUserDirName());
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1647 if (!dir) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1648 ALOGW("can't open directory for user: %s", strerror(errno));
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1649 return ::SYSTEM_ERROR;
1650 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1651
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1652 const String8 prefix8(prefix);
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1653 String8 filename(mKeyStore->getKeyNameForUid(prefix8, targetUid));
1654 size_t n = filename.length();
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1655
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1656 struct dirent* file;
1657 while ((file = readdir(dir)) != NULL) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1658 // We only care about files.
1659 if (file->d_type != DT_REG) {
1660 continue;
1661 }
1662
1663 // Skip anything that starts with a "."
1664 if (file->d_name[0] == '.') {
1665 continue;
1666 }
1667
1668 if (!strncmp(filename.string(), file->d_name, n)) {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1669 const char* p = &file->d_name[n];
1670 size_t plen = strlen(p);
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1671
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1672 size_t extra = decode_key_length(p, plen);
1673 char *match = (char*) malloc(extra + 1);
1674 if (match != NULL) {
1675 decode_key(match, p, plen);
1676 matches->push(String16(match, extra));
1677 free(match);
1678 } else {
1679 ALOGW("could not allocate match of size %zd", extra);
1680 }
Kenny Root9a53d3e2012-08-14 10:47:54 -0700[diff] [blame]1681 }
1682 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1683 closedir(dir);
1684
1685 return ::NO_ERROR;
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1686 }
1687
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1688 int32_t reset() {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1689 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]1690 pid_t spid = IPCThreadState::self()->getCallingPid();
1691 if (!has_permission(callingUid, P_RESET, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1692 ALOGW("permission denied for %d: reset", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1693 return ::PERMISSION_DENIED;
1694 }
1695
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1696 ResponseCode rc = mKeyStore->reset(callingUid) ? ::NO_ERROR : ::SYSTEM_ERROR;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1697
1698 const keymaster_device_t* device = mKeyStore->getDevice();
1699 if (device == NULL) {
1700 ALOGE("No keymaster device!");
1701 return ::SYSTEM_ERROR;
1702 }
1703
1704 if (device->delete_all == NULL) {
1705 ALOGV("keymaster device doesn't implement delete_all");
1706 return rc;
1707 }
1708
1709 if (device->delete_all(device)) {
1710 ALOGE("Problem calling keymaster's delete_all");
1711 return ::SYSTEM_ERROR;
1712 }
1713
Kenny Root9a53d3e2012-08-14 10:47:54 -0700[diff] [blame]1714 return rc;
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1715 }
1716
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1717 /*
1718 * Here is the history. To improve the security, the parameters to generate the
1719 * master key has been changed. To make a seamless transition, we update the
1720 * file using the same password when the user unlock it for the first time. If
1721 * any thing goes wrong during the transition, the new file will not overwrite
1722 * the old one. This avoids permanent damages of the existing data.
1723 */
1724 int32_t password(const String16& password) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1725 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]1726 pid_t spid = IPCThreadState::self()->getCallingPid();
1727 if (!has_permission(callingUid, P_PASSWORD, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1728 ALOGW("permission denied for %d: password", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1729 return ::PERMISSION_DENIED;
1730 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1731
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1732 const String8 password8(password);
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1733
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1734 switch (mKeyStore->getState(callingUid)) {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1735 case ::STATE_UNINITIALIZED: {
1736 // generate master key, encrypt with password, write to file, initialize mMasterKey*.
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1737 return mKeyStore->initializeUser(password8, callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1738 }
1739 case ::STATE_NO_ERROR: {
1740 // rewrite master key with new password.
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1741 return mKeyStore->writeMasterKey(password8, callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1742 }
1743 case ::STATE_LOCKED: {
1744 // read master key, decrypt with password, initialize mMasterKey*.
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1745 return mKeyStore->readMasterKey(password8, callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1746 }
1747 }
1748 return ::SYSTEM_ERROR;
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1749 }
1750
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1751 int32_t lock() {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1752 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]1753 pid_t spid = IPCThreadState::self()->getCallingPid();
1754 if (!has_permission(callingUid, P_LOCK, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1755 ALOGW("permission denied for %d: lock", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1756 return ::PERMISSION_DENIED;
1757 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1758
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1759 State state = mKeyStore->getState(callingUid);
Kenny Root9d45d1c2013-02-14 10:32:30 -0800[diff] [blame]1760 if (state != ::STATE_NO_ERROR) {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1761 ALOGD("calling lock in state: %d", state);
1762 return state;
1763 }
1764
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1765 mKeyStore->lock(callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1766 return ::NO_ERROR;
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1767 }
1768
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1769 int32_t unlock(const String16& pw) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1770 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]1771 pid_t spid = IPCThreadState::self()->getCallingPid();
1772 if (!has_permission(callingUid, P_UNLOCK, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1773 ALOGW("permission denied for %d: unlock", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1774 return ::PERMISSION_DENIED;
1775 }
1776
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1777 State state = mKeyStore->getState(callingUid);
Kenny Root9d45d1c2013-02-14 10:32:30 -0800[diff] [blame]1778 if (state != ::STATE_LOCKED) {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1779 ALOGD("calling unlock when not locked");
1780 return state;
1781 }
1782
1783 const String8 password8(pw);
1784 return password(pw);
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1785 }
1786
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1787 int32_t zero() {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1788 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]1789 pid_t spid = IPCThreadState::self()->getCallingPid();
1790 if (!has_permission(callingUid, P_ZERO, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1791 ALOGW("permission denied for %d: zero", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1792 return -1;
1793 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1794
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1795 return mKeyStore->isEmpty(callingUid) ? ::KEY_NOT_FOUND : ::NO_ERROR;
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1796 }
1797
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1798 int32_t generate(const String16& name, int32_t targetUid, int32_t keyType, int32_t keySize,
1799 int32_t flags, Vector<sp<KeystoreArg> >* args) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1800 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]1801 pid_t spid = IPCThreadState::self()->getCallingPid();
1802 if (!has_permission(callingUid, P_INSERT, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1803 ALOGW("permission denied for %d: generate", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1804 return ::PERMISSION_DENIED;
1805 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1806
Kenny Root49468902013-03-19 13:41:33 -0700[diff] [blame]1807 if (targetUid == -1) {
1808 targetUid = callingUid;
1809 } else if (!is_granted_to(callingUid, targetUid)) {
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1810 return ::PERMISSION_DENIED;
1811 }
1812
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1813 State state = mKeyStore->getState(callingUid);
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]1814 if ((flags & KEYSTORE_FLAG_ENCRYPTED) && !isKeystoreUnlocked(state)) {
1815 ALOGW("calling generate in state: %d", state);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1816 return state;
1817 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1818
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1819 uint8_t* data;
1820 size_t dataLength;
1821 int rc;
Kenny Root17208e02013-09-04 13:56:03 -0700[diff] [blame]1822 bool isFallback = false;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1823
1824 const keymaster_device_t* device = mKeyStore->getDevice();
1825 if (device == NULL) {
1826 return ::SYSTEM_ERROR;
1827 }
1828
1829 if (device->generate_keypair == NULL) {
1830 return ::SYSTEM_ERROR;
1831 }
1832
Kenny Root17208e02013-09-04 13:56:03 -0700[diff] [blame]1833 if (keyType == EVP_PKEY_DSA) {
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1834 keymaster_dsa_keygen_params_t dsa_params;
1835 memset(&dsa_params, '\0', sizeof(dsa_params));
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1836
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1837 if (keySize == -1) {
1838 keySize = DSA_DEFAULT_KEY_SIZE;
1839 } else if ((keySize % 64) != 0 || keySize < DSA_MIN_KEY_SIZE
1840 || keySize > DSA_MAX_KEY_SIZE) {
1841 ALOGI("invalid key size %d", keySize);
1842 return ::SYSTEM_ERROR;
1843 }
1844 dsa_params.key_size = keySize;
1845
1846 if (args->size() == 3) {
1847 sp<KeystoreArg> gArg = args->itemAt(0);
1848 sp<KeystoreArg> pArg = args->itemAt(1);
1849 sp<KeystoreArg> qArg = args->itemAt(2);
1850
1851 if (gArg != NULL && pArg != NULL && qArg != NULL) {
1852 dsa_params.generator = reinterpret_cast<const uint8_t*>(gArg->data());
1853 dsa_params.generator_len = gArg->size();
1854
1855 dsa_params.prime_p = reinterpret_cast<const uint8_t*>(pArg->data());
1856 dsa_params.prime_p_len = pArg->size();
1857
1858 dsa_params.prime_q = reinterpret_cast<const uint8_t*>(qArg->data());
1859 dsa_params.prime_q_len = qArg->size();
1860 } else {
1861 ALOGI("not all DSA parameters were read");
1862 return ::SYSTEM_ERROR;
1863 }
1864 } else if (args->size() != 0) {
1865 ALOGI("DSA args must be 3");
1866 return ::SYSTEM_ERROR;
1867 }
1868
Kenny Root1d448c02013-11-21 10:36:53 -0800[diff] [blame]1869 if (isKeyTypeSupported(device, TYPE_DSA)) {
Kenny Root17208e02013-09-04 13:56:03 -0700[diff] [blame]1870 rc = device->generate_keypair(device, TYPE_DSA, &dsa_params, &data, &dataLength);
1871 } else {
1872 isFallback = true;
1873 rc = openssl_generate_keypair(device, TYPE_DSA, &dsa_params, &data, &dataLength);
1874 }
1875 } else if (keyType == EVP_PKEY_EC) {
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1876 keymaster_ec_keygen_params_t ec_params;
1877 memset(&ec_params, '\0', sizeof(ec_params));
1878
1879 if (keySize == -1) {
1880 keySize = EC_DEFAULT_KEY_SIZE;
1881 } else if (keySize < EC_MIN_KEY_SIZE || keySize > EC_MAX_KEY_SIZE) {
1882 ALOGI("invalid key size %d", keySize);
1883 return ::SYSTEM_ERROR;
1884 }
1885 ec_params.field_size = keySize;
1886
Kenny Root1d448c02013-11-21 10:36:53 -0800[diff] [blame]1887 if (isKeyTypeSupported(device, TYPE_EC)) {
Kenny Root17208e02013-09-04 13:56:03 -0700[diff] [blame]1888 rc = device->generate_keypair(device, TYPE_EC, &ec_params, &data, &dataLength);
1889 } else {
1890 isFallback = true;
1891 rc = openssl_generate_keypair(device, TYPE_EC, &ec_params, &data, &dataLength);
1892 }
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1893 } else if (keyType == EVP_PKEY_RSA) {
1894 keymaster_rsa_keygen_params_t rsa_params;
1895 memset(&rsa_params, '\0', sizeof(rsa_params));
1896 rsa_params.public_exponent = RSA_DEFAULT_EXPONENT;
1897
1898 if (keySize == -1) {
1899 keySize = RSA_DEFAULT_KEY_SIZE;
1900 } else if (keySize < RSA_MIN_KEY_SIZE || keySize > RSA_MAX_KEY_SIZE) {
1901 ALOGI("invalid key size %d", keySize);
1902 return ::SYSTEM_ERROR;
1903 }
1904 rsa_params.modulus_size = keySize;
1905
1906 if (args->size() > 1) {
Matteo Franchin6489e022013-12-02 14:46:29 +0000[diff] [blame]1907 ALOGI("invalid number of arguments: %zu", args->size());
Kenny Root96427ba2013-08-16 14:02:41 -0700[diff] [blame]1908 return ::SYSTEM_ERROR;
1909 } else if (args->size() == 1) {
1910 sp<KeystoreArg> pubExpBlob = args->itemAt(0);
1911 if (pubExpBlob != NULL) {
1912 Unique_BIGNUM pubExpBn(
1913 BN_bin2bn(reinterpret_cast<const unsigned char*>(pubExpBlob->data()),
1914 pubExpBlob->size(), NULL));
1915 if (pubExpBn.get() == NULL) {
1916 ALOGI("Could not convert public exponent to BN");
1917 return ::SYSTEM_ERROR;
1918 }
1919 unsigned long pubExp = BN_get_word(pubExpBn.get());
1920 if (pubExp == 0xFFFFFFFFL) {
1921 ALOGI("cannot represent public exponent as a long value");
1922 return ::SYSTEM_ERROR;
1923 }
1924 rsa_params.public_exponent = pubExp;
1925 }
1926 }
1927
1928 rc = device->generate_keypair(device, TYPE_RSA, &rsa_params, &data, &dataLength);
1929 } else {
1930 ALOGW("Unsupported key type %d", keyType);
1931 rc = -1;
1932 }
1933
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1934 if (rc) {
1935 return ::SYSTEM_ERROR;
1936 }
1937
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1938 String8 name8(name);
1939 String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, callingUid));
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1940
1941 Blob keyBlob(data, dataLength, NULL, 0, TYPE_KEY_PAIR);
1942 free(data);
1943
Kenny Rootee8068b2013-10-07 09:49:15 -0700[diff] [blame]1944 keyBlob.setEncrypted(flags & KEYSTORE_FLAG_ENCRYPTED);
Kenny Root17208e02013-09-04 13:56:03 -0700[diff] [blame]1945 keyBlob.setFallback(isFallback);
1946
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1947 return mKeyStore->put(filename.string(), &keyBlob, callingUid);
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1948 }
1949
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]1950 int32_t import(const String16& name, const uint8_t* data, size_t length, int targetUid,
1951 int32_t flags) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1952 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]1953 pid_t spid = IPCThreadState::self()->getCallingPid();
1954 if (!has_permission(callingUid, P_INSERT, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1955 ALOGW("permission denied for %d: import", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1956 return ::PERMISSION_DENIED;
1957 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1958
Kenny Root49468902013-03-19 13:41:33 -0700[diff] [blame]1959 if (targetUid == -1) {
1960 targetUid = callingUid;
1961 } else if (!is_granted_to(callingUid, targetUid)) {
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]1962 return ::PERMISSION_DENIED;
1963 }
1964
Kenny Rootfa27d5b2013-10-15 09:01:08 -0700[diff] [blame]1965 State state = mKeyStore->getState(targetUid);
Kenny Rootf9119d62013-04-03 09:22:15 -0700[diff] [blame]1966 if ((flags & KEYSTORE_FLAG_ENCRYPTED) && !isKeystoreUnlocked(state)) {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1967 ALOGD("calling import in state: %d", state);
1968 return state;
1969 }
1970
1971 String8 name8(name);
Kenny Root60898892013-04-16 18:08:03 -0700[diff] [blame]1972 String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, targetUid));
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1973
Kenny Rootfa27d5b2013-10-15 09:01:08 -0700[diff] [blame]1974 return mKeyStore->importKey(data, length, filename.string(), targetUid, flags);
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]1975 }
1976
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1977 int32_t sign(const String16& name, const uint8_t* data, size_t length, uint8_t** out,
1978 size_t* outLength) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1979 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]1980 pid_t spid = IPCThreadState::self()->getCallingPid();
1981 if (!has_permission(callingUid, P_SIGN, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1982 ALOGW("permission denied for %d: saw", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1983 return ::PERMISSION_DENIED;
1984 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1985
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1986 Blob keyBlob;
1987 String8 name8(name);
1988
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1989 ALOGV("sign %s from uid %d", name8.string(), callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1990 int rc;
1991
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]1992 ResponseCode responseCode = mKeyStore->getKeyForName(&keyBlob, name8, callingUid,
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]1993 ::TYPE_KEY_PAIR);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]1994 if (responseCode != ::NO_ERROR) {
1995 return responseCode;
1996 }
1997
1998 const keymaster_device_t* device = mKeyStore->getDevice();
1999 if (device == NULL) {
2000 ALOGE("no keymaster device; cannot sign");
2001 return ::SYSTEM_ERROR;
2002 }
2003
2004 if (device->sign_data == NULL) {
2005 ALOGE("device doesn't implement signing");
2006 return ::SYSTEM_ERROR;
2007 }
2008
2009 keymaster_rsa_sign_params_t params;
2010 params.digest_type = DIGEST_NONE;
2011 params.padding_type = PADDING_NONE;
2012
Kenny Root17208e02013-09-04 13:56:03 -0700[diff] [blame]2013 if (keyBlob.isFallback()) {
2014 rc = openssl_sign_data(device, &params, keyBlob.getValue(), keyBlob.getLength(), data,
2015 length, out, outLength);
2016 } else {
2017 rc = device->sign_data(device, &params, keyBlob.getValue(), keyBlob.getLength(), data,
2018 length, out, outLength);
2019 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2020 if (rc) {
2021 ALOGW("device couldn't sign data");
2022 return ::SYSTEM_ERROR;
2023 }
2024
2025 return ::NO_ERROR;
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]2026 }
2027
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2028 int32_t verify(const String16& name, const uint8_t* data, size_t dataLength,
2029 const uint8_t* signature, size_t signatureLength) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]2030 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]2031 pid_t spid = IPCThreadState::self()->getCallingPid();
2032 if (!has_permission(callingUid, P_VERIFY, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]2033 ALOGW("permission denied for %d: verify", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2034 return ::PERMISSION_DENIED;
2035 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]2036
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2037 State state = mKeyStore->getState(callingUid);
Kenny Root9d45d1c2013-02-14 10:32:30 -0800[diff] [blame]2038 if (!isKeystoreUnlocked(state)) {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2039 ALOGD("calling verify in state: %d", state);
2040 return state;
2041 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]2042
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2043 Blob keyBlob;
2044 String8 name8(name);
2045 int rc;
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]2046
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2047 ResponseCode responseCode = mKeyStore->getKeyForName(&keyBlob, name8, callingUid,
Kenny Root49468902013-03-19 13:41:33 -0700[diff] [blame]2048 TYPE_KEY_PAIR);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2049 if (responseCode != ::NO_ERROR) {
2050 return responseCode;
2051 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]2052
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2053 const keymaster_device_t* device = mKeyStore->getDevice();
2054 if (device == NULL) {
2055 return ::SYSTEM_ERROR;
2056 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]2057
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2058 if (device->verify_data == NULL) {
2059 return ::SYSTEM_ERROR;
2060 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]2061
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2062 keymaster_rsa_sign_params_t params;
2063 params.digest_type = DIGEST_NONE;
2064 params.padding_type = PADDING_NONE;
Kenny Root344e0bc2012-08-15 10:44:03 -0700[diff] [blame]2065
Kenny Root17208e02013-09-04 13:56:03 -0700[diff] [blame]2066 if (keyBlob.isFallback()) {
2067 rc = openssl_verify_data(device, &params, keyBlob.getValue(), keyBlob.getLength(), data,
2068 dataLength, signature, signatureLength);
2069 } else {
2070 rc = device->verify_data(device, &params, keyBlob.getValue(), keyBlob.getLength(), data,
2071 dataLength, signature, signatureLength);
2072 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2073 if (rc) {
2074 return ::SYSTEM_ERROR;
2075 } else {
2076 return ::NO_ERROR;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]2077 }
2078 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2079
2080 /*
2081 * TODO: The abstraction between things stored in hardware and regular blobs
2082 * of data stored on the filesystem should be moved down to keystore itself.
2083 * Unfortunately the Java code that calls this has naming conventions that it
2084 * knows about. Ideally keystore shouldn't be used to store random blobs of
2085 * data.
2086 *
2087 * Until that happens, it's necessary to have a separate "get_pubkey" and
2088 * "del_key" since the Java code doesn't really communicate what it's
2089 * intentions are.
2090 */
2091 int32_t get_pubkey(const String16& name, uint8_t** pubkey, size_t* pubkeyLength) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]2092 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]2093 pid_t spid = IPCThreadState::self()->getCallingPid();
2094 if (!has_permission(callingUid, P_GET, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]2095 ALOGW("permission denied for %d: get_pubkey", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2096 return ::PERMISSION_DENIED;
2097 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2098
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2099 Blob keyBlob;
2100 String8 name8(name);
2101
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]2102 ALOGV("get_pubkey '%s' from uid %d", name8.string(), callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2103
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2104 ResponseCode responseCode = mKeyStore->getKeyForName(&keyBlob, name8, callingUid,
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2105 TYPE_KEY_PAIR);
2106 if (responseCode != ::NO_ERROR) {
2107 return responseCode;
2108 }
2109
2110 const keymaster_device_t* device = mKeyStore->getDevice();
2111 if (device == NULL) {
2112 return ::SYSTEM_ERROR;
2113 }
2114
2115 if (device->get_keypair_public == NULL) {
2116 ALOGE("device has no get_keypair_public implementation!");
2117 return ::SYSTEM_ERROR;
2118 }
2119
Kenny Root17208e02013-09-04 13:56:03 -0700[diff] [blame]2120 int rc;
2121 if (keyBlob.isFallback()) {
2122 rc = openssl_get_keypair_public(device, keyBlob.getValue(), keyBlob.getLength(), pubkey,
2123 pubkeyLength);
2124 } else {
2125 rc = device->get_keypair_public(device, keyBlob.getValue(), keyBlob.getLength(), pubkey,
2126 pubkeyLength);
2127 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2128 if (rc) {
2129 return ::SYSTEM_ERROR;
2130 }
2131
2132 return ::NO_ERROR;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]2133 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2134
Kenny Root49468902013-03-19 13:41:33 -0700[diff] [blame]2135 int32_t del_key(const String16& name, int targetUid) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]2136 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]2137 pid_t spid = IPCThreadState::self()->getCallingPid();
2138 if (!has_permission(callingUid, P_DELETE, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]2139 ALOGW("permission denied for %d: del_key", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2140 return ::PERMISSION_DENIED;
2141 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2142
Kenny Root49468902013-03-19 13:41:33 -0700[diff] [blame]2143 if (targetUid == -1) {
2144 targetUid = callingUid;
2145 } else if (!is_granted_to(callingUid, targetUid)) {
Kenny Rootb88c3eb2013-02-13 14:43:43 -0800[diff] [blame]2146 return ::PERMISSION_DENIED;
2147 }
2148
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2149 String8 name8(name);
Kenny Rootfa27d5b2013-10-15 09:01:08 -0700[diff] [blame]2150 String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, targetUid));
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2151
2152 Blob keyBlob;
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2153 ResponseCode responseCode = mKeyStore->get(filename.string(), &keyBlob, ::TYPE_KEY_PAIR,
Kenny Rootfa27d5b2013-10-15 09:01:08 -0700[diff] [blame]2154 targetUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2155 if (responseCode != ::NO_ERROR) {
2156 return responseCode;
2157 }
2158
2159 ResponseCode rc = ::NO_ERROR;
2160
2161 const keymaster_device_t* device = mKeyStore->getDevice();
2162 if (device == NULL) {
2163 rc = ::SYSTEM_ERROR;
2164 } else {
2165 // A device doesn't have to implement delete_keypair.
Kenny Root17208e02013-09-04 13:56:03 -0700[diff] [blame]2166 if (device->delete_keypair != NULL && !keyBlob.isFallback()) {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2167 if (device->delete_keypair(device, keyBlob.getValue(), keyBlob.getLength())) {
2168 rc = ::SYSTEM_ERROR;
2169 }
2170 }
2171 }
2172
2173 if (rc != ::NO_ERROR) {
2174 return rc;
2175 }
2176
2177 return (unlink(filename) && errno != ENOENT) ? ::SYSTEM_ERROR : ::NO_ERROR;
2178 }
2179
2180 int32_t grant(const String16& name, int32_t granteeUid) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]2181 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]2182 pid_t spid = IPCThreadState::self()->getCallingPid();
2183 if (!has_permission(callingUid, P_GRANT, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]2184 ALOGW("permission denied for %d: grant", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2185 return ::PERMISSION_DENIED;
2186 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2187
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2188 State state = mKeyStore->getState(callingUid);
Kenny Root9d45d1c2013-02-14 10:32:30 -0800[diff] [blame]2189 if (!isKeystoreUnlocked(state)) {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2190 ALOGD("calling grant in state: %d", state);
2191 return state;
2192 }
2193
2194 String8 name8(name);
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2195 String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, callingUid));
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2196
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2197 if (access(filename.string(), R_OK) == -1) {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2198 return (errno != ENOENT) ? ::SYSTEM_ERROR : ::KEY_NOT_FOUND;
2199 }
2200
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2201 mKeyStore->addGrant(filename.string(), granteeUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2202 return ::NO_ERROR;
2203 }
2204
2205 int32_t ungrant(const String16& name, int32_t granteeUid) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]2206 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]2207 pid_t spid = IPCThreadState::self()->getCallingPid();
2208 if (!has_permission(callingUid, P_GRANT, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]2209 ALOGW("permission denied for %d: ungrant", callingUid);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2210 return ::PERMISSION_DENIED;
2211 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2212
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2213 State state = mKeyStore->getState(callingUid);
Kenny Root9d45d1c2013-02-14 10:32:30 -0800[diff] [blame]2214 if (!isKeystoreUnlocked(state)) {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2215 ALOGD("calling ungrant in state: %d", state);
2216 return state;
2217 }
2218
2219 String8 name8(name);
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2220 String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, callingUid));
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2221
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2222 if (access(filename.string(), R_OK) == -1) {
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2223 return (errno != ENOENT) ? ::SYSTEM_ERROR : ::KEY_NOT_FOUND;
2224 }
2225
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2226 return mKeyStore->removeGrant(filename.string(), granteeUid) ? ::NO_ERROR : ::KEY_NOT_FOUND;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2227 }
2228
2229 int64_t getmtime(const String16& name) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]2230 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]2231 pid_t spid = IPCThreadState::self()->getCallingPid();
2232 if (!has_permission(callingUid, P_GET, spid)) {
Kenny Rootd38a0b02013-02-13 12:59:14 -0800[diff] [blame]2233 ALOGW("permission denied for %d: getmtime", callingUid);
Kenny Root36a9e232013-02-04 14:24:15 -0800[diff] [blame]2234 return -1L;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2235 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2236
2237 String8 name8(name);
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2238 String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, callingUid));
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2239
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2240 if (access(filename.string(), R_OK) == -1) {
2241 ALOGW("could not access %s for getmtime", filename.string());
Kenny Root36a9e232013-02-04 14:24:15 -0800[diff] [blame]2242 return -1L;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2243 }
2244
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2245 int fd = TEMP_FAILURE_RETRY(open(filename.string(), O_NOFOLLOW, O_RDONLY));
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2246 if (fd < 0) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2247 ALOGW("could not open %s for getmtime", filename.string());
Kenny Root36a9e232013-02-04 14:24:15 -0800[diff] [blame]2248 return -1L;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2249 }
2250
2251 struct stat s;
2252 int ret = fstat(fd, &s);
2253 close(fd);
2254 if (ret == -1) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2255 ALOGW("could not stat %s for getmtime", filename.string());
Kenny Root36a9e232013-02-04 14:24:15 -0800[diff] [blame]2256 return -1L;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2257 }
2258
Kenny Root36a9e232013-02-04 14:24:15 -0800[diff] [blame]2259 return static_cast<int64_t>(s.st_mtime);
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2260 }
2261
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]2262 int32_t duplicate(const String16& srcKey, int32_t srcUid, const String16& destKey,
2263 int32_t destUid) {
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]2264 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]2265 pid_t spid = IPCThreadState::self()->getCallingPid();
2266 if (!has_permission(callingUid, P_DUPLICATE, spid)) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]2267 ALOGW("permission denied for %d: duplicate", callingUid);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]2268 return -1L;
2269 }
2270
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2271 State state = mKeyStore->getState(callingUid);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]2272 if (!isKeystoreUnlocked(state)) {
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]2273 ALOGD("calling duplicate in state: %d", state);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]2274 return state;
2275 }
2276
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]2277 if (srcUid == -1 || static_cast<uid_t>(srcUid) == callingUid) {
2278 srcUid = callingUid;
2279 } else if (!is_granted_to(callingUid, srcUid)) {
2280 ALOGD("migrate not granted from source: %d -> %d", callingUid, srcUid);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]2281 return ::PERMISSION_DENIED;
2282 }
2283
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]2284 if (destUid == -1) {
2285 destUid = callingUid;
2286 }
2287
2288 if (srcUid != destUid) {
2289 if (static_cast<uid_t>(srcUid) != callingUid) {
2290 ALOGD("can only duplicate from caller to other or to same uid: "
2291 "calling=%d, srcUid=%d, destUid=%d", callingUid, srcUid, destUid);
2292 return ::PERMISSION_DENIED;
2293 }
2294
2295 if (!is_granted_to(callingUid, destUid)) {
2296 ALOGD("duplicate not granted to dest: %d -> %d", callingUid, destUid);
2297 return ::PERMISSION_DENIED;
2298 }
2299 }
2300
2301 String8 source8(srcKey);
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2302 String8 sourceFile(mKeyStore->getKeyNameForUidWithDir(source8, srcUid));
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]2303
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]2304 String8 target8(destKey);
Kenny Rootfa27d5b2013-10-15 09:01:08 -0700[diff] [blame]2305 String8 targetFile(mKeyStore->getKeyNameForUidWithDir(target8, destUid));
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]2306
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2307 if (access(targetFile.string(), W_OK) != -1 || errno != ENOENT) {
2308 ALOGD("destination already exists: %s", targetFile.string());
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]2309 return ::SYSTEM_ERROR;
2310 }
2311
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]2312 Blob keyBlob;
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2313 ResponseCode responseCode = mKeyStore->get(sourceFile.string(), &keyBlob, TYPE_ANY,
Kenny Rootfa27d5b2013-10-15 09:01:08 -0700[diff] [blame]2314 srcUid);
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]2315 if (responseCode != ::NO_ERROR) {
2316 return responseCode;
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]2317 }
Kenny Rootd53bc922013-03-21 14:10:15 -0700[diff] [blame]2318
Kenny Rootfa27d5b2013-10-15 09:01:08 -0700[diff] [blame]2319 return mKeyStore->put(targetFile.string(), &keyBlob, destUid);
Kenny Root02254072013-03-20 11:48:19 -0700[diff] [blame]2320 }
2321
Kenny Root1b0e3932013-09-05 13:06:32 -0700[diff] [blame]2322 int32_t is_hardware_backed(const String16& keyType) {
2323 return mKeyStore->isHardwareBacked(keyType) ? 1 : 0;
Kenny Root8ddf35a2013-03-29 11:15:50 -0700[diff] [blame]2324 }
2325
Kenny Rootfa27d5b2013-10-15 09:01:08 -0700[diff] [blame]2326 int32_t clear_uid(int64_t targetUid64) {
2327 uid_t targetUid = static_cast<uid_t>(targetUid64);
Kenny Roota9bb5492013-04-01 16:29:11 -0700[diff] [blame]2328 uid_t callingUid = IPCThreadState::self()->getCallingUid();
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]2329 pid_t spid = IPCThreadState::self()->getCallingPid();
2330 if (!has_permission(callingUid, P_CLEAR_UID, spid)) {
Kenny Roota9bb5492013-04-01 16:29:11 -0700[diff] [blame]2331 ALOGW("permission denied for %d: clear_uid", callingUid);
2332 return ::PERMISSION_DENIED;
2333 }
2334
Kenny Rootfa27d5b2013-10-15 09:01:08 -0700[diff] [blame]2335 if (targetUid64 == -1) {
2336 targetUid = callingUid;
Kenny Root007cb232014-07-30 16:59:42 -0700[diff] [blame]2337 } else if (!is_self_or_system(callingUid, targetUid)) {
2338 ALOGW("permission denied for %d: clear_uid %d", callingUid, targetUid);
Kenny Rootfa27d5b2013-10-15 09:01:08 -0700[diff] [blame]2339 return ::PERMISSION_DENIED;
2340 }
2341
Kenny Roota9bb5492013-04-01 16:29:11 -0700[diff] [blame]2342 const keymaster_device_t* device = mKeyStore->getDevice();
2343 if (device == NULL) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2344 ALOGW("can't get keymaster device");
Kenny Roota9bb5492013-04-01 16:29:11 -0700[diff] [blame]2345 return ::SYSTEM_ERROR;
2346 }
2347
Kenny Rootfa27d5b2013-10-15 09:01:08 -0700[diff] [blame]2348 UserState* userState = mKeyStore->getUserState(targetUid);
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2349 DIR* dir = opendir(userState->getUserDirName());
Kenny Roota9bb5492013-04-01 16:29:11 -0700[diff] [blame]2350 if (!dir) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2351 ALOGW("can't open user directory: %s", strerror(errno));
Kenny Roota9bb5492013-04-01 16:29:11 -0700[diff] [blame]2352 return ::SYSTEM_ERROR;
2353 }
2354
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2355 char prefix[NAME_MAX];
Kenny Rootfa27d5b2013-10-15 09:01:08 -0700[diff] [blame]2356 int n = snprintf(prefix, NAME_MAX, "%u_", targetUid);
Kenny Roota9bb5492013-04-01 16:29:11 -0700[diff] [blame]2357
2358 ResponseCode rc = ::NO_ERROR;
2359
2360 struct dirent* file;
2361 while ((file = readdir(dir)) != NULL) {
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2362 // We only care about files.
2363 if (file->d_type != DT_REG) {
Kenny Roota9bb5492013-04-01 16:29:11 -0700[diff] [blame]2364 continue;
2365 }
2366
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2367 // Skip anything that starts with a "."
2368 if (file->d_name[0] == '.') {
2369 continue;
2370 }
Kenny Roota9bb5492013-04-01 16:29:11 -0700[diff] [blame]2371
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2372 if (strncmp(prefix, file->d_name, n)) {
2373 continue;
2374 }
2375
2376 String8 filename(String8::format("%s/%s", userState->getUserDirName(), file->d_name));
Kenny Roota9bb5492013-04-01 16:29:11 -0700[diff] [blame]2377 Blob keyBlob;
Kenny Rootfa27d5b2013-10-15 09:01:08 -0700[diff] [blame]2378 if (mKeyStore->get(filename.string(), &keyBlob, ::TYPE_ANY, targetUid)
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2379 != ::NO_ERROR) {
2380 ALOGW("couldn't open %s", filename.string());
Kenny Roota9bb5492013-04-01 16:29:11 -0700[diff] [blame]2381 continue;
2382 }
2383
2384 if (keyBlob.getType() == ::TYPE_KEY_PAIR) {
2385 // A device doesn't have to implement delete_keypair.
Kenny Root17208e02013-09-04 13:56:03 -0700[diff] [blame]2386 if (device->delete_keypair != NULL && !keyBlob.isFallback()) {
Kenny Roota9bb5492013-04-01 16:29:11 -0700[diff] [blame]2387 if (device->delete_keypair(device, keyBlob.getValue(), keyBlob.getLength())) {
2388 rc = ::SYSTEM_ERROR;
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2389 ALOGW("device couldn't remove %s", filename.string());
Kenny Roota9bb5492013-04-01 16:29:11 -0700[diff] [blame]2390 }
2391 }
2392 }
2393
Kenny Root5f531242013-04-12 11:31:50 -0700[diff] [blame]2394 if (unlinkat(dirfd(dir), file->d_name, 0) && errno != ENOENT) {
Kenny Roota9bb5492013-04-01 16:29:11 -0700[diff] [blame]2395 rc = ::SYSTEM_ERROR;
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2396 ALOGW("couldn't unlink %s", filename.string());
Kenny Roota9bb5492013-04-01 16:29:11 -0700[diff] [blame]2397 }
2398 }
2399 closedir(dir);
2400
2401 return rc;
2402 }
2403
Robin Lee4e865752014-08-19 17:37:55 +0100[diff] [blame]2404 int32_t reset_uid(int32_t uid) {
2405 uid_t callingUid = IPCThreadState::self()->getCallingUid();
2406 pid_t spid = IPCThreadState::self()->getCallingPid();
2407 if (!has_permission(callingUid, P_RESET_UID, spid)) {
2408 ALOGW("permission denied for %d: reset_uid %d", callingUid, uid);
2409 return ::PERMISSION_DENIED;
2410 }
2411 if (callingUid != AID_SYSTEM) {
2412 ALOGW("permission denied for %d: reset_uid %d", callingUid, uid);
2413 return ::PERMISSION_DENIED;
2414 }
2415
2416 return mKeyStore->reset(uid) ? ::NO_ERROR : ::SYSTEM_ERROR;
2417 }
2418
2419 int32_t sync_uid(int32_t sourceUid, int32_t targetUid) {
2420 uid_t callingUid = IPCThreadState::self()->getCallingUid();
2421 pid_t spid = IPCThreadState::self()->getCallingPid();
2422 if (!has_permission(callingUid, P_SYNC_UID, spid)) {
2423 ALOGW("permission denied for %d: sync_uid %d -> %d", callingUid, sourceUid, targetUid);
2424 return ::PERMISSION_DENIED;
2425 }
2426 if (callingUid != AID_SYSTEM) {
2427 ALOGW("permission denied for %d: sync_uid %d -> %d", callingUid, sourceUid, targetUid);
2428 return ::PERMISSION_DENIED;
2429 }
2430 if (sourceUid == targetUid) {
2431 return ::SYSTEM_ERROR;
2432 }
2433
2434 // Initialise user keystore with existing master key held in-memory
2435 return mKeyStore->copyMasterKey(sourceUid, targetUid);
2436 }
2437
2438 int32_t password_uid(const String16& pw, int32_t targetUid) {
2439 uid_t callingUid = IPCThreadState::self()->getCallingUid();
2440 pid_t spid = IPCThreadState::self()->getCallingPid();
2441 if (!has_permission(callingUid, P_PASSWORD_UID, spid)) {
2442 ALOGW("permission denied for %d: password_uid %d", callingUid, targetUid);
2443 return ::PERMISSION_DENIED;
2444 }
2445 if (callingUid != AID_SYSTEM) {
2446 ALOGW("permission denied for %d: password_uid %d", callingUid, targetUid);
2447 return ::PERMISSION_DENIED;
2448 }
2449
2450 const String8 password8(pw);
2451
2452 switch (mKeyStore->getState(targetUid)) {
2453 case ::STATE_UNINITIALIZED: {
2454 // generate master key, encrypt with password, write to file, initialize mMasterKey*.
2455 return mKeyStore->initializeUser(password8, targetUid);
2456 }
2457 case ::STATE_NO_ERROR: {
2458 // rewrite master key with new password.
2459 return mKeyStore->writeMasterKey(password8, targetUid);
2460 }
2461 case ::STATE_LOCKED: {
2462 // read master key, decrypt with password, initialize mMasterKey*.
2463 return mKeyStore->readMasterKey(password8, targetUid);
2464 }
2465 }
2466 return ::SYSTEM_ERROR;
2467 }
2468
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2469private:
Kenny Root9d45d1c2013-02-14 10:32:30 -0800[diff] [blame]2470 inline bool isKeystoreUnlocked(State state) {
2471 switch (state) {
2472 case ::STATE_NO_ERROR:
2473 return true;
2474 case ::STATE_UNINITIALIZED:
2475 case ::STATE_LOCKED:
2476 return false;
2477 }
2478 return false;
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2479 }
2480
Kenny Root1d448c02013-11-21 10:36:53 -0800[diff] [blame]2481 bool isKeyTypeSupported(const keymaster_device_t* device, keymaster_keypair_t keyType) {
2482 const int32_t device_api = device->common.module->module_api_version;
2483 if (device_api == KEYMASTER_MODULE_API_VERSION_0_2) {
2484 switch (keyType) {
2485 case TYPE_RSA:
2486 case TYPE_DSA:
2487 case TYPE_EC:
2488 return true;
2489 default:
2490 return false;
2491 }
2492 } else if (device_api >= KEYMASTER_MODULE_API_VERSION_0_3) {
2493 switch (keyType) {
2494 case TYPE_RSA:
2495 return true;
2496 case TYPE_DSA:
2497 return device->flags & KEYMASTER_SUPPORTS_DSA;
2498 case TYPE_EC:
2499 return device->flags & KEYMASTER_SUPPORTS_EC;
2500 default:
2501 return false;
2502 }
2503 } else {
2504 return keyType == TYPE_RSA;
2505 }
2506 }
2507
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2508 ::KeyStore* mKeyStore;
2509};
2510
2511}; // namespace android
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]2512
2513int main(int argc, char* argv[]) {
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]2514 if (argc < 2) {
2515 ALOGE("A directory must be specified!");
2516 return 1;
2517 }
2518 if (chdir(argv[1]) == -1) {
2519 ALOGE("chdir: %s: %s", argv[1], strerror(errno));
2520 return 1;
2521 }
2522
2523 Entropy entropy;
2524 if (!entropy.open()) {
2525 return 1;
2526 }
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]2527
2528 keymaster_device_t* dev;
2529 if (keymaster_device_initialize(&dev)) {
2530 ALOGE("keystore keymaster could not be initialized; exiting");
2531 return 1;
2532 }
2533
Riley Spahneaabae92014-06-30 12:39:52 -0700[diff] [blame]2534 ks_is_selinux_enabled = is_selinux_enabled();
2535 if (ks_is_selinux_enabled) {
2536 union selinux_callback cb;
2537 cb.func_log = selinux_log_callback;
2538 selinux_set_callback(SELINUX_CB_LOG, cb);
2539 if (getcon(&tctx) != 0) {
2540 ALOGE("SELinux: Could not acquire target context. Aborting keystore.\n");
2541 return -1;
2542 }
2543 } else {
2544 ALOGI("SELinux: Keystore SELinux is disabled.\n");
2545 }
2546
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]2547 KeyStore keyStore(&entropy, dev);
Kenny Root655b9582013-04-04 08:37:42 -0700[diff] [blame]2548 keyStore.initialize();
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2549 android::sp<android::IServiceManager> sm = android::defaultServiceManager();
2550 android::sp<android::KeyStoreProxy> proxy = new android::KeyStoreProxy(&keyStore);
2551 android::status_t ret = sm->addService(android::String16("android.security.keystore"), proxy);
2552 if (ret != android::OK) {
2553 ALOGE("Couldn't register binder service!");
2554 return -1;
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]2555 }
Kenny Root07438c82012-11-02 15:41:02 -0700[diff] [blame]2556
2557 /*
2558 * We're the only thread in existence, so we're just going to process
2559 * Binder transaction as a single-threaded program.
2560 */
2561 android::IPCThreadState::self()->joinThreadPool();
Kenny Root70e3a862012-02-15 17:20:23 -0800[diff] [blame]2562
2563 keymaster_device_release(dev);
Kenny Roota91203b2012-02-15 15:00:46 -0800[diff] [blame]2564 return 1;
2565}