Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 251cb28132e456f81374c8f8a983a5a9ad9aaee8 / . / keystore / keystore_client_impl.cpp
blob: d4e784f2708328ed7d8278af3fbd5c0cd46f7f3b [file] [log] [blame]
Darren Krahn69a3dbc2015-09-22 16:21:04 -0700[diff] [blame]1// Copyright 2015 The Android Open Source Project
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
Darren Krahn251cb282015-09-28 08:51:18 -0700[diff] [blame^]15#define LOG_TAG "keystore_client"
16
Darren Krahn69a3dbc2015-09-22 16:21:04 -0700[diff] [blame]17#include "keystore/keystore_client_impl.h"
18
19#include <string>
20#include <vector>
21
22#include "binder/IBinder.h"
23#include "binder/IInterface.h"
24#include "binder/IServiceManager.h"
25#include "keystore/IKeystoreService.h"
26#include "keystore/keystore.h"
Darren Krahn251cb282015-09-28 08:51:18 -0700[diff] [blame^]27#include "log/log.h"
Darren Krahn69a3dbc2015-09-22 16:21:04 -0700[diff] [blame]28#include "utils/String16.h"
29#include "utils/String8.h"
30
Darren Krahn251cb282015-09-28 08:51:18 -0700[diff] [blame^]31#include "keystore_client.pb.h"
32
Darren Krahn69a3dbc2015-09-22 16:21:04 -0700[diff] [blame]33using android::ExportResult;
34using android::KeyCharacteristics;
35using android::KeymasterArguments;
36using android::OperationResult;
37using android::String16;
38using keymaster::AuthorizationSet;
Darren Krahn251cb282015-09-28 08:51:18 -0700[diff] [blame^]39using keymaster::AuthorizationSetBuilder;
Darren Krahn69a3dbc2015-09-22 16:21:04 -0700[diff] [blame]40
41namespace {
42
43// Use the UID of the current process.
44const int kDefaultUID = -1;
Darren Krahn251cb282015-09-28 08:51:18 -0700[diff] [blame^]45const char kEncryptSuffix[] = "_ENC";
46const char kAuthenticateSuffix[] = "_AUTH";
47const uint32_t kAESKeySize = 256; // bits
48const uint32_t kHMACKeySize = 256; // bits
49const uint32_t kHMACOutputSize = 256; // bits
Darren Krahn69a3dbc2015-09-22 16:21:04 -0700[diff] [blame]50
51const uint8_t* StringAsByteArray(const std::string& s) {
52 return reinterpret_cast<const uint8_t*>(s.data());
53}
54
55std::string ByteArrayAsString(const uint8_t* data, size_t data_size) {
56 return std::string(reinterpret_cast<const char*>(data), data_size);
57}
58
59} // namespace
60
61namespace keystore {
62
63KeystoreClientImpl::KeystoreClientImpl() {
64 service_manager_ = android::defaultServiceManager();
65 keystore_binder_ = service_manager_->getService(String16("android.security.keystore"));
66 keystore_ = android::interface_cast<android::IKeystoreService>(keystore_binder_);
67}
68
Darren Krahn251cb282015-09-28 08:51:18 -0700[diff] [blame^]69bool KeystoreClientImpl::encryptWithAuthentication(const std::string& key_name,
70 const std::string& data,
71 std::string* encrypted_data) {
72 // The encryption algorithm is AES-256-CBC with PKCS #7 padding and a random
73 // IV. The authentication algorithm is HMAC-SHA256 and is computed over the
74 // cipher-text (i.e. Encrypt-then-MAC approach). This was chosen over AES-GCM
75 // because hardware support for GCM is not mandatory for all Brillo devices.
76 std::string encryption_key_name = key_name + kEncryptSuffix;
77 if (!createOrVerifyEncryptionKey(encryption_key_name)) {
78 return false;
79 }
80 std::string authentication_key_name = key_name + kAuthenticateSuffix;
81 if (!createOrVerifyAuthenticationKey(authentication_key_name)) {
82 return false;
83 }
84 AuthorizationSetBuilder encrypt_params;
85 encrypt_params.Padding(KM_PAD_PKCS7);
86 encrypt_params.Authorization(keymaster::TAG_BLOCK_MODE, KM_MODE_CBC);
87 AuthorizationSet output_params;
88 std::string raw_encrypted_data;
89 if (!oneShotOperation(KM_PURPOSE_ENCRYPT, encryption_key_name, encrypt_params.build(), data,
90 std::string(), /* signature_to_verify */
91 &output_params, &raw_encrypted_data)) {
92 ALOGE("Encrypt: AES operation failed.");
93 return false;
94 }
95 keymaster_blob_t init_vector_blob;
96 if (!output_params.GetTagValue(keymaster::TAG_NONCE, &init_vector_blob)) {
97 ALOGE("Encrypt: Missing initialization vector.");
98 return false;
99 }
100 std::string init_vector =
101 ByteArrayAsString(init_vector_blob.data, init_vector_blob.data_length);
102
103 AuthorizationSetBuilder authenticate_params;
104 authenticate_params.Digest(KM_DIGEST_SHA_2_256);
105 authenticate_params.Authorization(keymaster::TAG_MAC_LENGTH, kHMACOutputSize);
106 std::string raw_authentication_data;
107 if (!oneShotOperation(KM_PURPOSE_SIGN, authentication_key_name, authenticate_params.build(),
108 init_vector + raw_encrypted_data, std::string(), /* signature_to_verify */
109 &output_params, &raw_authentication_data)) {
110 ALOGE("Encrypt: HMAC operation failed.");
111 return false;
112 }
113 EncryptedData protobuf;
114 protobuf.set_init_vector(init_vector);
115 protobuf.set_authentication_data(raw_authentication_data);
116 protobuf.set_encrypted_data(raw_encrypted_data);
117 if (!protobuf.SerializeToString(encrypted_data)) {
118 ALOGE("Encrypt: Failed to serialize EncryptedData protobuf.");
119 return false;
120 }
121 return true;
122}
123
124bool KeystoreClientImpl::decryptWithAuthentication(const std::string& key_name,
125 const std::string& encrypted_data,
126 std::string* data) {
127 EncryptedData protobuf;
128 if (!protobuf.ParseFromString(encrypted_data)) {
129 ALOGE("Decrypt: Failed to parse EncryptedData protobuf.");
130 }
131 // Verify authentication before attempting decryption.
132 std::string authentication_key_name = key_name + kAuthenticateSuffix;
133 AuthorizationSetBuilder authenticate_params;
134 authenticate_params.Digest(KM_DIGEST_SHA_2_256);
135 AuthorizationSet output_params;
136 std::string output_data;
137 if (!oneShotOperation(KM_PURPOSE_VERIFY, authentication_key_name, authenticate_params.build(),
138 protobuf.init_vector() + protobuf.encrypted_data(),
139 protobuf.authentication_data(), &output_params, &output_data)) {
140 ALOGE("Decrypt: HMAC operation failed.");
141 return false;
142 }
143 std::string encryption_key_name = key_name + kEncryptSuffix;
144 AuthorizationSetBuilder encrypt_params;
145 encrypt_params.Padding(KM_PAD_PKCS7);
146 encrypt_params.Authorization(keymaster::TAG_BLOCK_MODE, KM_MODE_CBC);
147 encrypt_params.Authorization(keymaster::TAG_NONCE, protobuf.init_vector().data(),
148 protobuf.init_vector().size());
149 if (!oneShotOperation(KM_PURPOSE_DECRYPT, encryption_key_name, encrypt_params.build(),
150 protobuf.encrypted_data(), std::string(), /* signature_to_verify */
151 &output_params, data)) {
152 ALOGE("Decrypt: AES operation failed.");
153 return false;
154 }
155 return true;
156}
157
158bool KeystoreClientImpl::oneShotOperation(keymaster_purpose_t purpose, const std::string& key_name,
159 const keymaster::AuthorizationSet& input_parameters,
160 const std::string& input_data,
161 const std::string& signature_to_verify,
162 keymaster::AuthorizationSet* output_parameters,
163 std::string* output_data) {
164 keymaster_operation_handle_t handle;
165 int32_t result =
166 beginOperation(purpose, key_name, input_parameters, output_parameters, &handle);
167 if (result != KM_ERROR_OK) {
168 ALOGE("BeginOperation failed: %d", result);
169 return false;
170 }
171 AuthorizationSet empty_params;
172 size_t num_input_bytes_consumed;
173 AuthorizationSet ignored_params;
174 result = updateOperation(handle, empty_params, input_data, &num_input_bytes_consumed,
175 &ignored_params, output_data);
176 if (result != KM_ERROR_OK) {
177 ALOGE("UpdateOperation failed: %d", result);
178 return false;
179 }
180 result =
181 finishOperation(handle, empty_params, signature_to_verify, &ignored_params, output_data);
182 if (result != KM_ERROR_OK) {
183 ALOGE("FinishOperation failed: %d", result);
184 return false;
185 }
186 return true;
187}
188
Darren Krahn69a3dbc2015-09-22 16:21:04 -0700[diff] [blame]189int32_t KeystoreClientImpl::addRandomNumberGeneratorEntropy(const std::string& entropy) {
190 return mapKeystoreError(keystore_->addRngEntropy(StringAsByteArray(entropy), entropy.size()));
191}
192
193int32_t KeystoreClientImpl::generateKey(const std::string& key_name,
194 const AuthorizationSet& key_parameters,
195 AuthorizationSet* hardware_enforced_characteristics,
196 AuthorizationSet* software_enforced_characteristics) {
197 String16 key_name16(key_name.data(), key_name.size());
198 KeymasterArguments key_arguments;
199 key_arguments.params.assign(key_parameters.begin(), key_parameters.end());
200 KeyCharacteristics characteristics;
201 int32_t result =
202 keystore_->generateKey(key_name16, key_arguments, NULL /*entropy*/, 0 /*entropyLength*/,
203 kDefaultUID, KEYSTORE_FLAG_NONE, &characteristics);
204 hardware_enforced_characteristics->Reinitialize(characteristics.characteristics.hw_enforced);
205 software_enforced_characteristics->Reinitialize(characteristics.characteristics.sw_enforced);
206 return mapKeystoreError(result);
207}
208
209int32_t
210KeystoreClientImpl::getKeyCharacteristics(const std::string& key_name,
211 AuthorizationSet* hardware_enforced_characteristics,
212 AuthorizationSet* software_enforced_characteristics) {
213 String16 key_name16(key_name.data(), key_name.size());
214 keymaster_blob_t client_id_blob = {nullptr, 0};
215 keymaster_blob_t app_data_blob = {nullptr, 0};
216 KeyCharacteristics characteristics;
217 int32_t result = keystore_->getKeyCharacteristics(key_name16, &client_id_blob, &app_data_blob,
218 &characteristics);
219 hardware_enforced_characteristics->Reinitialize(characteristics.characteristics.hw_enforced);
220 software_enforced_characteristics->Reinitialize(characteristics.characteristics.sw_enforced);
221 return mapKeystoreError(result);
222}
223
224int32_t KeystoreClientImpl::importKey(const std::string& key_name,
225 const AuthorizationSet& key_parameters,
226 keymaster_key_format_t key_format,
227 const std::string& key_data,
228 AuthorizationSet* hardware_enforced_characteristics,
229 AuthorizationSet* software_enforced_characteristics) {
230 String16 key_name16(key_name.data(), key_name.size());
231 KeymasterArguments key_arguments;
232 key_arguments.params.assign(key_parameters.begin(), key_parameters.end());
233 KeyCharacteristics characteristics;
234 int32_t result =
235 keystore_->importKey(key_name16, key_arguments, key_format, StringAsByteArray(key_data),
236 key_data.size(), kDefaultUID, KEYSTORE_FLAG_NONE, &characteristics);
237 hardware_enforced_characteristics->Reinitialize(characteristics.characteristics.hw_enforced);
238 software_enforced_characteristics->Reinitialize(characteristics.characteristics.sw_enforced);
239 return mapKeystoreError(result);
240}
241
242int32_t KeystoreClientImpl::exportKey(keymaster_key_format_t export_format,
243 const std::string& key_name, std::string* export_data) {
244 String16 key_name16(key_name.data(), key_name.size());
245 keymaster_blob_t client_id_blob = {nullptr, 0};
246 keymaster_blob_t app_data_blob = {nullptr, 0};
247 ExportResult export_result;
248 keystore_->exportKey(key_name16, export_format, &client_id_blob, &app_data_blob,
249 &export_result);
250 *export_data = ByteArrayAsString(export_result.exportData.get(), export_result.dataLength);
251 return mapKeystoreError(export_result.resultCode);
252}
253
254int32_t KeystoreClientImpl::deleteKey(const std::string& key_name) {
255 String16 key_name16(key_name.data(), key_name.size());
256 return mapKeystoreError(keystore_->del(key_name16, kDefaultUID));
257}
258
259int32_t KeystoreClientImpl::deleteAllKeys() {
260 return mapKeystoreError(keystore_->clear_uid(kDefaultUID));
261}
262
263int32_t KeystoreClientImpl::beginOperation(keymaster_purpose_t purpose, const std::string& key_name,
264 const AuthorizationSet& input_parameters,
265 AuthorizationSet* output_parameters,
266 keymaster_operation_handle_t* handle) {
267 android::sp<android::IBinder> token(new android::BBinder);
268 String16 key_name16(key_name.data(), key_name.size());
269 KeymasterArguments input_arguments;
270 input_arguments.params.assign(input_parameters.begin(), input_parameters.end());
271 OperationResult result;
272 keystore_->begin(token, key_name16, purpose, true /*pruneable*/, input_arguments,
273 NULL /*entropy*/, 0 /*entropyLength*/, &result);
274 int32_t error_code = mapKeystoreError(result.resultCode);
275 if (error_code == KM_ERROR_OK) {
276 *handle = getNextVirtualHandle();
277 active_operations_[*handle] = result.token;
278 if (!result.outParams.params.empty()) {
279 output_parameters->Reinitialize(&*result.outParams.params.begin(),
280 result.outParams.params.size());
281 }
282 }
283 return error_code;
284}
285
286int32_t KeystoreClientImpl::updateOperation(keymaster_operation_handle_t handle,
287 const AuthorizationSet& input_parameters,
288 const std::string& input_data,
289 size_t* num_input_bytes_consumed,
290 AuthorizationSet* output_parameters,
291 std::string* output_data) {
292 if (active_operations_.count(handle) == 0) {
293 return KM_ERROR_INVALID_OPERATION_HANDLE;
294 }
295 KeymasterArguments input_arguments;
296 input_arguments.params.assign(input_parameters.begin(), input_parameters.end());
297 OperationResult result;
298 keystore_->update(active_operations_[handle], input_arguments, StringAsByteArray(input_data),
299 input_data.size(), &result);
300 int32_t error_code = mapKeystoreError(result.resultCode);
301 if (error_code == KM_ERROR_OK) {
302 *num_input_bytes_consumed = result.inputConsumed;
303 if (!result.outParams.params.empty()) {
304 output_parameters->Reinitialize(&*result.outParams.params.begin(),
305 result.outParams.params.size());
306 }
Darren Krahn251cb282015-09-28 08:51:18 -0700[diff] [blame^]307 output_data->append(ByteArrayAsString(result.data.get(), result.dataLength));
Darren Krahn69a3dbc2015-09-22 16:21:04 -0700[diff] [blame]308 }
309 return error_code;
310}
311
312int32_t KeystoreClientImpl::finishOperation(keymaster_operation_handle_t handle,
313 const AuthorizationSet& input_parameters,
314 const std::string& signature_to_verify,
315 AuthorizationSet* output_parameters,
316 std::string* output_data) {
317 if (active_operations_.count(handle) == 0) {
318 return KM_ERROR_INVALID_OPERATION_HANDLE;
319 }
320 KeymasterArguments input_arguments;
321 input_arguments.params.assign(input_parameters.begin(), input_parameters.end());
322 OperationResult result;
323 keystore_->finish(active_operations_[handle], input_arguments,
324 StringAsByteArray(signature_to_verify), signature_to_verify.size(),
325 NULL /*entropy*/, 0 /*entropyLength*/, &result);
326 int32_t error_code = mapKeystoreError(result.resultCode);
327 if (error_code == KM_ERROR_OK) {
328 if (!result.outParams.params.empty()) {
329 output_parameters->Reinitialize(&*result.outParams.params.begin(),
330 result.outParams.params.size());
331 }
Darren Krahn251cb282015-09-28 08:51:18 -0700[diff] [blame^]332 output_data->append(ByteArrayAsString(result.data.get(), result.dataLength));
Darren Krahn69a3dbc2015-09-22 16:21:04 -0700[diff] [blame]333 active_operations_.erase(handle);
334 }
335 return error_code;
336}
337
338int32_t KeystoreClientImpl::abortOperation(keymaster_operation_handle_t handle) {
339 if (active_operations_.count(handle) == 0) {
340 return KM_ERROR_INVALID_OPERATION_HANDLE;
341 }
342 int32_t error_code = mapKeystoreError(keystore_->abort(active_operations_[handle]));
343 if (error_code == KM_ERROR_OK) {
344 active_operations_.erase(handle);
345 }
346 return error_code;
347}
348
349bool KeystoreClientImpl::doesKeyExist(const std::string& key_name) {
350 String16 key_name16(key_name.data(), key_name.size());
351 int32_t error_code = mapKeystoreError(keystore_->exist(key_name16, kDefaultUID));
352 return (error_code == KM_ERROR_OK);
353}
354
355bool KeystoreClientImpl::listKeys(const std::string& prefix,
356 std::vector<std::string>* key_name_list) {
357 String16 prefix16(prefix.data(), prefix.size());
358 android::Vector<String16> matches;
359 int32_t error_code = mapKeystoreError(keystore_->list(prefix16, kDefaultUID, &matches));
360 if (error_code == KM_ERROR_OK) {
361 for (const auto& match : matches) {
362 android::String8 key_name(match);
363 key_name_list->push_back(prefix + std::string(key_name.string(), key_name.size()));
364 }
365 return true;
366 }
367 return false;
368}
369
370keymaster_operation_handle_t KeystoreClientImpl::getNextVirtualHandle() {
371 return next_virtual_handle_++;
372}
373
374int32_t KeystoreClientImpl::mapKeystoreError(int32_t keystore_error) {
375 // See notes in keystore_client.h for rationale.
376 if (keystore_error == ::NO_ERROR) {
377 return KM_ERROR_OK;
378 }
379 return keystore_error;
380}
381
Darren Krahn251cb282015-09-28 08:51:18 -0700[diff] [blame^]382bool KeystoreClientImpl::createOrVerifyEncryptionKey(const std::string& key_name) {
383 bool key_exists = doesKeyExist(key_name);
384 if (key_exists) {
385 bool verified = false;
386 if (!verifyEncryptionKeyAttributes(key_name, &verified)) {
387 return false;
388 }
389 if (!verified) {
390 int32_t result = deleteKey(key_name);
391 if (result != KM_ERROR_OK) {
392 ALOGE("Failed to delete invalid encryption key: %d", result);
393 return false;
394 }
395 key_exists = false;
396 }
397 }
398 if (!key_exists) {
399 AuthorizationSetBuilder key_parameters;
400 key_parameters.AesEncryptionKey(kAESKeySize)
401 .Padding(KM_PAD_PKCS7)
402 .Authorization(keymaster::TAG_BLOCK_MODE, KM_MODE_CBC)
403 .Authorization(keymaster::TAG_NO_AUTH_REQUIRED);
404 AuthorizationSet hardware_enforced_characteristics;
405 AuthorizationSet software_enforced_characteristics;
406 int32_t result =
407 generateKey(key_name, key_parameters.build(), &hardware_enforced_characteristics,
408 &software_enforced_characteristics);
409 if (result != KM_ERROR_OK) {
410 ALOGE("Failed to generate encryption key: %d", result);
411 return false;
412 }
413 if (hardware_enforced_characteristics.size() == 0) {
414 ALOGW("WARNING: Encryption key is not hardware-backed.");
415 }
416 }
417 return true;
418}
419
420bool KeystoreClientImpl::createOrVerifyAuthenticationKey(const std::string& key_name) {
421 bool key_exists = doesKeyExist(key_name);
422 if (key_exists) {
423 bool verified = false;
424 if (!verifyAuthenticationKeyAttributes(key_name, &verified)) {
425 return false;
426 }
427 if (!verified) {
428 int32_t result = deleteKey(key_name);
429 if (result != KM_ERROR_OK) {
430 ALOGE("Failed to delete invalid authentication key: %d", result);
431 return false;
432 }
433 key_exists = false;
434 }
435 }
436 if (!key_exists) {
437 AuthorizationSetBuilder key_parameters;
438 key_parameters.HmacKey(kHMACKeySize)
439 .Digest(KM_DIGEST_SHA_2_256)
440 .Authorization(keymaster::TAG_MIN_MAC_LENGTH, kHMACOutputSize)
441 .Authorization(keymaster::TAG_NO_AUTH_REQUIRED);
442 AuthorizationSet hardware_enforced_characteristics;
443 AuthorizationSet software_enforced_characteristics;
444 int32_t result =
445 generateKey(key_name, key_parameters.build(), &hardware_enforced_characteristics,
446 &software_enforced_characteristics);
447 if (result != KM_ERROR_OK) {
448 ALOGE("Failed to generate authentication key: %d", result);
449 return false;
450 }
451 if (hardware_enforced_characteristics.size() == 0) {
452 ALOGW("WARNING: Authentication key is not hardware-backed.");
453 }
454 }
455 return true;
456}
457
458bool KeystoreClientImpl::verifyEncryptionKeyAttributes(const std::string& key_name,
459 bool* verified) {
460 AuthorizationSet hardware_enforced_characteristics;
461 AuthorizationSet software_enforced_characteristics;
462 int32_t result = getKeyCharacteristics(key_name, &hardware_enforced_characteristics,
463 &software_enforced_characteristics);
464 if (result != KM_ERROR_OK) {
465 ALOGE("Failed to query encryption key: %d", result);
466 return false;
467 }
468 *verified = true;
469 keymaster_algorithm_t algorithm = KM_ALGORITHM_RSA;
470 if ((!hardware_enforced_characteristics.GetTagValue(keymaster::TAG_ALGORITHM, &algorithm) &&
471 !software_enforced_characteristics.GetTagValue(keymaster::TAG_ALGORITHM, &algorithm)) ||
472 algorithm != KM_ALGORITHM_AES) {
473 ALOGW("Found encryption key with invalid algorithm.");
474 *verified = false;
475 }
476 uint32_t key_size = 0;
477 if ((!hardware_enforced_characteristics.GetTagValue(keymaster::TAG_KEY_SIZE, &key_size) &&
478 !software_enforced_characteristics.GetTagValue(keymaster::TAG_KEY_SIZE, &key_size)) ||
479 key_size != kAESKeySize) {
480 ALOGW("Found encryption key with invalid size.");
481 *verified = false;
482 }
483 keymaster_block_mode_t block_mode = KM_MODE_ECB;
484 if ((!hardware_enforced_characteristics.GetTagValue(keymaster::TAG_BLOCK_MODE, &block_mode) &&
485 !software_enforced_characteristics.GetTagValue(keymaster::TAG_BLOCK_MODE, &block_mode)) ||
486 block_mode != KM_MODE_CBC) {
487 ALOGW("Found encryption key with invalid block mode.");
488 *verified = false;
489 }
490 keymaster_padding_t padding_mode = KM_PAD_NONE;
491 if ((!hardware_enforced_characteristics.GetTagValue(keymaster::TAG_PADDING, &padding_mode) &&
492 !software_enforced_characteristics.GetTagValue(keymaster::TAG_PADDING, &padding_mode)) ||
493 padding_mode != KM_PAD_PKCS7) {
494 ALOGW("Found encryption key with invalid padding mode.");
495 *verified = false;
496 }
497 if (hardware_enforced_characteristics.size() == 0) {
498 ALOGW("WARNING: Encryption key is not hardware-backed.");
499 }
500 return true;
501}
502
503bool KeystoreClientImpl::verifyAuthenticationKeyAttributes(const std::string& key_name,
504 bool* verified) {
505 AuthorizationSet hardware_enforced_characteristics;
506 AuthorizationSet software_enforced_characteristics;
507 int32_t result = getKeyCharacteristics(key_name, &hardware_enforced_characteristics,
508 &software_enforced_characteristics);
509 if (result != KM_ERROR_OK) {
510 ALOGE("Failed to query authentication key: %d", result);
511 return false;
512 }
513 *verified = true;
514 keymaster_algorithm_t algorithm = KM_ALGORITHM_RSA;
515 if ((!hardware_enforced_characteristics.GetTagValue(keymaster::TAG_ALGORITHM, &algorithm) &&
516 !software_enforced_characteristics.GetTagValue(keymaster::TAG_ALGORITHM, &algorithm)) ||
517 algorithm != KM_ALGORITHM_HMAC) {
518 ALOGW("Found authentication key with invalid algorithm.");
519 *verified = false;
520 }
521 uint32_t key_size = 0;
522 if ((!hardware_enforced_characteristics.GetTagValue(keymaster::TAG_KEY_SIZE, &key_size) &&
523 !software_enforced_characteristics.GetTagValue(keymaster::TAG_KEY_SIZE, &key_size)) ||
524 key_size != kHMACKeySize) {
525 ALOGW("Found authentication key with invalid size.");
526 *verified = false;
527 }
528 uint32_t mac_size = 0;
529 if ((!hardware_enforced_characteristics.GetTagValue(keymaster::TAG_MIN_MAC_LENGTH, &mac_size) &&
530 !software_enforced_characteristics.GetTagValue(keymaster::TAG_MIN_MAC_LENGTH,
531 &mac_size)) ||
532 mac_size != kHMACOutputSize) {
533 ALOGW("Found authentication key with invalid minimum mac size.");
534 *verified = false;
535 }
536 keymaster_digest_t digest = KM_DIGEST_NONE;
537 if ((!hardware_enforced_characteristics.GetTagValue(keymaster::TAG_DIGEST, &digest) &&
538 !software_enforced_characteristics.GetTagValue(keymaster::TAG_DIGEST, &digest)) ||
539 digest != KM_DIGEST_SHA_2_256) {
540 ALOGW("Found authentication key with invalid digest list.");
541 *verified = false;
542 }
543 if (hardware_enforced_characteristics.size() == 0) {
544 ALOGW("WARNING: Authentication key is not hardware-backed.");
545 }
546 return true;
547}
548
Darren Krahn69a3dbc2015-09-22 16:21:04 -0700[diff] [blame]549} // namespace keystore