Blame - keystore2/src/database.rs - android_system_security

2020-07-17 14:57:21 -0700

[diff] [blame]

1

2

//

3

// Licensed under the Apache License, Version 2.0 (the "License");

4

// you may not use this file except in compliance with the License.

5

// You may obtain a copy of the License at

6

//

7

// http://www.apache.org/licenses/LICENSE-2.0

8

//

9

// Unless required by applicable law or agreed to in writing, software

10

// distributed under the License is distributed on an "AS IS" BASIS,

11

// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

12

// See the License for the specific language governing permissions and

13

// limitations under the License.

14

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

15

//! This is the Keystore 2.0 database module.

16

//! The database module provides a connection to the backing SQLite store.

17

//! We have two databases one for persistent key blob storage and one for

18

//! items that have a per boot life cycle.

19

//!

20

//! ## Persistent database

21

//! The persistent database has tables for key blobs. They are organized

22

//! as follows:

23

//! The `keyentry` table is the primary table for key entries. It is

24

//! accompanied by two tables for blobs and parameters.

25

//! Each key entry occupies exactly one row in the `keyentry` table and

26

//! zero or more rows in the tables `blobentry` and `keyparameter`.

27

//!

28

//! ## Per boot database

29

//! The per boot database stores items with a per boot lifecycle.

30

//! Currently, there is only the `grant` table in this database.

31

//! Grants are references to a key that can be used to access a key by

32

//! clients that don't own that key. Grants can only be created by the

33

//! owner of a key. And only certain components can create grants.

34

//! This is governed by SEPolicy.

35

//!

36

//! ## Access control

37

//! Some database functions that load keys or create grants perform

38

//! access control. This is because in some cases access control

39

//! can only be performed after some information about the designated

40

//! key was loaded from the database. To decouple the permission checks

41

//! from the database module these functions take permission check

42

//! callbacks.

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

43

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

44

mod perboot;

Janis Danisevskis

030ba02

2021-05-26 11:15:30 -0700

[diff] [blame]

45

pub(crate) mod utils;

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

46

mod versioning;

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

47

Janis Danisevskis

2022-01-04 19:59:26 -0800

[diff] [blame]

48

use crate::gc::Gc;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

49

use crate::impl_metadata; // This is in db_utils.rs

Eric Biggers

b0478cf

2023-10-27 03:55:29 +0000

[diff] [blame]

50

use crate::key_parameter::{KeyParameter, KeyParameterValue, Tag};

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

51

use crate::ks_err;

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

52

use crate::permission::KeyPermSet;

Hasini Gunasinghe

2021-05-12 19:03:12 +0000

[diff] [blame]

53

use crate::utils::{get_current_time_in_milliseconds, watchdog as wd, AID_USER_OFFSET};

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

54

use crate::{

Paul Crowley

2021-03-18 17:08:20 -0700

[diff] [blame]

55

error::{Error as KsError, ErrorCode, ResponseCode},

56

super_key::SuperKeyType,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

57

};

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

58

use android_hardware_security_keymint::aidl::android::hardware::security::keymint::{

Tri Vo

a1634bb

2022-12-01 15:54:19 -0800

[diff] [blame]

59

HardwareAuthToken::HardwareAuthToken, HardwareAuthenticatorType::HardwareAuthenticatorType,

60

SecurityLevel::SecurityLevel,

61

};

62

use android_security_metrics::aidl::android::security::metrics::{

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

63

Storage::Storage as MetricsStorage, StorageStats::StorageStats,

Janis Danisevskis

c3a496b

2021-01-05 10:37:22 -0800

[diff] [blame]

64

};

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

65

use android_system_keystore2::aidl::android::system::keystore2::{

Janis Danisevskis

04b0283

2020-10-26 09:21:40 -0700

[diff] [blame]

66

Domain::Domain, KeyDescriptor::KeyDescriptor,

Janis Danisevskis

60400fe

2020-08-26 15:24:42 -0700

[diff] [blame]

67

};

Shaquille Johnson

7f5a815

2023-09-27 18:46:27 +0100

[diff] [blame]

68

use anyhow::{anyhow, Context, Result};

69

use keystore2_flags;

70

use std::{convert::TryFrom, convert::TryInto, ops::Deref, time::SystemTimeError};

71

use utils as db_utils;

72

use utils::SqlField;

Max Bires

2020-09-22 11:22:36 -0700

[diff] [blame]

73

74

use keystore2_crypto::ZVec;

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

75

use lazy_static::lazy_static;

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

76

use log::error;

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

77

#[cfg(not(test))]

78

use rand::prelude::random;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

79

use rusqlite::{

Joel Galenson

ff79e36

2021-05-25 16:30:17 -0700

[diff] [blame]

80

params, params_from_iter,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

81

types::FromSql,

82

types::FromSqlResult,

83

types::ToSqlOutput,

84

types::{FromSqlError, Value, ValueRef},

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

85

Connection, OptionalExtension, ToSql, Transaction, TransactionBehavior,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

86

};

Max Bires

2020-09-22 11:22:36 -0700

[diff] [blame]

87

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

88

use std::{

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

89

collections::{HashMap, HashSet},

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

90

path::Path,

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

91

sync::{Arc, Condvar, Mutex},

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

92

time::{Duration, SystemTime},

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

93

};

Max Bires

2020-09-22 11:22:36 -0700

[diff] [blame]

94

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

95

#[cfg(test)]

96

use tests::random;

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

97

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

98

impl_metadata!(

99

/// A set of metadata for key entries.

100

#[derive(Debug, Default, Eq, PartialEq)]

101

pub struct KeyMetaData;

102

/// A metadata entry for key entries.

103

#[derive(Debug, Eq, PartialEq, Ord, PartialOrd)]

104

pub enum KeyMetaEntry {

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

105

/// Date of the creation of the key entry.

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

106

CreationDate(DateTime) with accessor creation_date,

107

/// Expiration date for attestation keys.

108

AttestationExpirationDate(DateTime) with accessor attestation_expiration_date,

Max Bires

2020-09-22 11:22:36 -0700

[diff] [blame]

109

/// CBOR Blob that represents a COSE_Key and associated metadata needed for remote

110

/// provisioning

111

AttestationMacedPublicKey(Vec<u8>) with accessor attestation_maced_public_key,

112

/// Vector representing the raw public key so results from the server can be matched

113

/// to the right entry

114

AttestationRawPubKey(Vec<u8>) with accessor attestation_raw_pub_key,

Paul Crowley

2021-03-19 10:53:07 -0700

[diff] [blame]

115

/// SEC1 public key for ECDH encryption

116

Sec1PublicKey(Vec<u8>) with accessor sec1_public_key,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

117

// --- ADD NEW META DATA FIELDS HERE ---

118

// For backwards compatibility add new entries only to

119

// end of this list and above this comment.

};

);

impl KeyMetaData {

fn load_from_db(key_id: i64, tx: &Transaction) -> Result<Self> {

125

let mut stmt = tx

126

.prepare(

127

"SELECT tag, data from persistent.keymetadata

128

WHERE keyentryid = ?;",

129

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

130

.context(ks_err!("KeyMetaData::load_from_db: prepare statement failed."))?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

131

132

let mut metadata: HashMap<i64, KeyMetaEntry> = Default::default();

133

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

134

let mut rows = stmt

135

.query(params![key_id])

136

.context(ks_err!("KeyMetaData::load_from_db: query failed."))?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

137

db_utils::with_rows_extract_all(&mut rows, |row| {

138

let db_tag: i64 = row.get(0).context("Failed to read tag.")?;

139

metadata.insert(

140

db_tag,

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

141

KeyMetaEntry::new_from_sql(db_tag, &SqlField::new(1, row))

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

142

.context("Failed to read KeyMetaEntry.")?,

143

);

144

Ok(())

145

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

146

.context(ks_err!("KeyMetaData::load_from_db."))?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

147

148

Ok(Self { data: metadata })

149

}

150

151

fn store_in_db(&self, key_id: i64, tx: &Transaction) -> Result<()> {

152

let mut stmt = tx

153

.prepare(

Hasini Gunasinghe

2021-02-01 21:10:02 +0000

[diff] [blame]

154

"INSERT or REPLACE INTO persistent.keymetadata (keyentryid, tag, data)

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

155

VALUES (?, ?, ?);",

156

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

157

.context(ks_err!("KeyMetaData::store_in_db: Failed to prepare statement."))?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

158

159

let iter = self.data.iter();

160

for (tag, entry) in iter {

161

stmt.insert(params![key_id, tag, entry,]).with_context(|| {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

162

ks_err!("KeyMetaData::store_in_db: Failed to insert {:?}", entry)

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

})?;

}

Ok(())

}

}

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

169

impl_metadata!(

170

/// A set of metadata for key blobs.

171

#[derive(Debug, Default, Eq, PartialEq)]

172

pub struct BlobMetaData;

173

/// A metadata entry for key blobs.

174

#[derive(Debug, Eq, PartialEq, Ord, PartialOrd)]

175

pub enum BlobMetaEntry {

176

/// If present, indicates that the blob is encrypted with another key or a key derived

177

/// from a password.

178

EncryptedBy(EncryptedBy) with accessor encrypted_by,

179

/// If the blob is password encrypted this field is set to the

180

/// salt used for the key derivation.

181

Salt(Vec<u8>) with accessor salt,

182

/// If the blob is encrypted, this field is set to the initialization vector.

183

Iv(Vec<u8>) with accessor iv,

184

/// If the blob is encrypted, this field holds the AEAD TAG.

185

AeadTag(Vec<u8>) with accessor aead_tag,

186

/// The uuid of the owning KeyMint instance.

187

KmUuid(Uuid) with accessor km_uuid,

Paul Crowley

2021-03-19 10:53:07 -0700

[diff] [blame]

188

/// If the key is ECDH encrypted, this is the ephemeral public key

189

PublicKey(Vec<u8>) with accessor public_key,

Paul Crowley

44c02da

2021-04-08 17:04:43 +0000

[diff] [blame]

190

/// If the key is encrypted with a MaxBootLevel key, this is the boot level

191

/// of that key

192

MaxBootLevel(i32) with accessor max_boot_level,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

193

// --- ADD NEW META DATA FIELDS HERE ---

194

// For backwards compatibility add new entries only to

195

// end of this list and above this comment.

};

);

impl BlobMetaData {

fn load_from_db(blob_id: i64, tx: &Transaction) -> Result<Self> {

201

let mut stmt = tx

202

.prepare(

203

"SELECT tag, data from persistent.blobmetadata

204

WHERE blobentryid = ?;",

205

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

206

.context(ks_err!("BlobMetaData::load_from_db: prepare statement failed."))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

207

208

let mut metadata: HashMap<i64, BlobMetaEntry> = Default::default();

209

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

210

let mut rows = stmt.query(params![blob_id]).context(ks_err!("query failed."))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

211

db_utils::with_rows_extract_all(&mut rows, |row| {

212

let db_tag: i64 = row.get(0).context("Failed to read tag.")?;

213

metadata.insert(

214

db_tag,

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

215

BlobMetaEntry::new_from_sql(db_tag, &SqlField::new(1, row))

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

216

.context("Failed to read BlobMetaEntry.")?,

217

);

218

Ok(())

219

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

220

.context(ks_err!("BlobMetaData::load_from_db"))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

221

222

Ok(Self { data: metadata })

223

}

224

225

fn store_in_db(&self, blob_id: i64, tx: &Transaction) -> Result<()> {

226

let mut stmt = tx

227

.prepare(

228

"INSERT or REPLACE INTO persistent.blobmetadata (blobentryid, tag, data)

229

VALUES (?, ?, ?);",

230

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

231

.context(ks_err!("BlobMetaData::store_in_db: Failed to prepare statement.",))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

232

233

let iter = self.data.iter();

234

for (tag, entry) in iter {

235

stmt.insert(params![blob_id, tag, entry,]).with_context(|| {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

236

ks_err!("BlobMetaData::store_in_db: Failed to insert {:?}", entry)

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

})?;

}

Ok(())

}

}

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

243

/// Indicates the type of the keyentry.

244

#[derive(Debug, Copy, Clone, Eq, PartialEq, Ord, PartialOrd)]

245

pub enum KeyType {

246

/// This is a client key type. These keys are created or imported through the Keystore 2.0

247

/// AIDL interface android.system.keystore2.

248

Client,

249

/// This is a super key type. These keys are created by keystore itself and used to encrypt

250

/// other key blobs to provide LSKF binding.

251

Super,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

252

}

253

254

impl ToSql for KeyType {

255

fn to_sql(&self) -> rusqlite::Result<ToSqlOutput> {

256

Ok(ToSqlOutput::Owned(Value::Integer(match self {

257

KeyType::Client => 0,

258

KeyType::Super => 1,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

})))

}

}

impl FromSql for KeyType {

264

fn column_result(value: ValueRef) -> FromSqlResult<Self> {

265

match i64::column_result(value)? {

266

0 => Ok(KeyType::Client),

267

1 => Ok(KeyType::Super),

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

268

v => Err(FromSqlError::OutOfRange(v)),

}

}

}

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

273

/// Uuid representation that can be stored in the database.

274

/// Right now it can only be initialized from SecurityLevel.

275

/// Once KeyMint provides a UUID type a corresponding From impl shall be added.

276

#[derive(Debug, Clone, Copy, Default, PartialEq, Eq, PartialOrd, Ord, Hash)]

277

pub struct Uuid([u8; 16]);

278

279

impl Deref for Uuid {

280

type Target = [u8; 16];

281

282

fn deref(&self) -> &Self::Target {

&self.0

}

}

impl From<SecurityLevel> for Uuid {

288

fn from(sec_level: SecurityLevel) -> Self {

289

Self((sec_level.0 as u128).to_be_bytes())

}

}

impl ToSql for Uuid {

294

fn to_sql(&self) -> rusqlite::Result<ToSqlOutput> {

self.0.to_sql()

}

}

impl FromSql for Uuid {

300

fn column_result(value: ValueRef<'_>) -> FromSqlResult<Self> {

301

let blob = Vec::<u8>::column_result(value)?;

302

if blob.len() != 16 {

303

return Err(FromSqlError::OutOfRange(blob.len() as i64));

304

}

305

let mut arr = [0u8; 16];

306

arr.copy_from_slice(&blob);

Ok(Self(arr))

}

}

/// Key entries that are not associated with any KeyMint instance, such as pure certificate

312

/// entries are associated with this UUID.

313

pub static KEYSTORE_UUID: Uuid = Uuid([

314

0x41, 0xe3, 0xb9, 0xce, 0x27, 0x58, 0x4e, 0x91, 0xbc, 0xfd, 0xa5, 0x5d, 0x91, 0x85, 0xab, 0x11,

315

]);

316

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

317

/// Indicates how the sensitive part of this key blob is encrypted.

318

#[derive(Debug, Eq, PartialEq, Ord, PartialOrd)]

319

pub enum EncryptedBy {

320

/// The keyblob is encrypted by a user password.

321

/// In the database this variant is represented as NULL.

322

Password,

323

/// The keyblob is encrypted by another key with wrapped key id.

324

/// In the database this variant is represented as non NULL value

325

/// that is convertible to i64, typically NUMERIC.

KeyId(i64),

}

impl ToSql for EncryptedBy {

330

fn to_sql(&self) -> rusqlite::Result<ToSqlOutput> {

331

match self {

332

Self::Password => Ok(ToSqlOutput::Owned(Value::Null)),

333

Self::KeyId(id) => id.to_sql(),

}

}

}

impl FromSql for EncryptedBy {

339

fn column_result(value: ValueRef) -> FromSqlResult<Self> {

340

match value {

341

ValueRef::Null => Ok(Self::Password),

342

_ => Ok(Self::KeyId(i64::column_result(value)?)),

}

}

}

/// A database representation of wall clock time. DateTime stores unix epoch time as

348

/// i64 in milliseconds.

349

#[derive(Debug, Copy, Clone, Default, Eq, PartialEq, Ord, PartialOrd)]

350

pub struct DateTime(i64);

351

352

/// Error type returned when creating DateTime or converting it from and to

353

/// SystemTime.

354

#[derive(thiserror::Error, Debug)]

355

pub enum DateTimeError {

356

/// This is returned when SystemTime and Duration computations fail.

357

#[error(transparent)]

358

SystemTimeError(#[from] SystemTimeError),

359

360

/// This is returned when type conversions fail.

361

#[error(transparent)]

362

TypeConversion(#[from] std::num::TryFromIntError),

363

364

/// This is returned when checked time arithmetic failed.

365

#[error("Time arithmetic failed.")]

TimeArithmetic,

}

impl DateTime {

/// Constructs a new DateTime object denoting the current time. This may fail during

371

/// conversion to unix epoch time and during conversion to the internal i64 representation.

372

pub fn now() -> Result<Self, DateTimeError> {

373

Ok(Self(SystemTime::now().duration_since(SystemTime::UNIX_EPOCH)?.as_millis().try_into()?))

374

}

375

376

/// Constructs a new DateTime object from milliseconds.

377

pub fn from_millis_epoch(millis: i64) -> Self {

Self(millis)

}

/// Returns unix epoch time in milliseconds.

Chris Wailes

3877f29

2021-07-26 19:24:18 -0700

[diff] [blame]

382

pub fn to_millis_epoch(self) -> i64 {

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

self.0

}

/// Returns unix epoch time in seconds.

Chris Wailes

3877f29

2021-07-26 19:24:18 -0700

[diff] [blame]

387

pub fn to_secs_epoch(self) -> i64 {

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

self.0 / 1000

}

}

impl ToSql for DateTime {

393

fn to_sql(&self) -> rusqlite::Result<ToSqlOutput> {

394

Ok(ToSqlOutput::Owned(Value::Integer(self.0)))

}

}

impl FromSql for DateTime {

399

fn column_result(value: ValueRef) -> FromSqlResult<Self> {

400

Ok(Self(i64::column_result(value)?))

}

}

impl TryInto<SystemTime> for DateTime {

405

type Error = DateTimeError;

406

407

fn try_into(self) -> Result<SystemTime, Self::Error> {

408

// We want to construct a SystemTime representation equivalent to self, denoting

409

// a point in time THEN, but we cannot set the time directly. We can only construct

410

// a SystemTime denoting NOW, and we can get the duration between EPOCH and NOW,

411

// and between EPOCH and THEN. With this common reference we can construct the

412

// duration between NOW and THEN which we can add to our SystemTime representation

413

// of NOW to get a SystemTime representation of THEN.

414

// Durations can only be positive, thus the if statement below.

415

let now = SystemTime::now();

416

let now_epoch = now.duration_since(SystemTime::UNIX_EPOCH)?;

417

let then_epoch = Duration::from_millis(self.0.try_into()?);

418

Ok(if now_epoch > then_epoch {

419

// then = now - (now_epoch - then_epoch)

420

now_epoch

421

.checked_sub(then_epoch)

422

.and_then(|d| now.checked_sub(d))

423

.ok_or(DateTimeError::TimeArithmetic)?

424

} else {

425

// then = now + (then_epoch - now_epoch)

426

then_epoch

427

.checked_sub(now_epoch)

428

.and_then(|d| now.checked_add(d))

429

.ok_or(DateTimeError::TimeArithmetic)?

})

}

}

impl TryFrom<SystemTime> for DateTime {

435

type Error = DateTimeError;

436

437

fn try_from(t: SystemTime) -> Result<Self, Self::Error> {

438

Ok(Self(t.duration_since(SystemTime::UNIX_EPOCH)?.as_millis().try_into()?))

}

}

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

442

#[derive(Debug, PartialEq, Eq, PartialOrd, Ord, Copy, Clone)]

443

enum KeyLifeCycle {

444

/// Existing keys have a key ID but are not fully populated yet.

445

/// This is a transient state. If Keystore finds any such keys when it starts up, it must move

446

/// them to Unreferenced for garbage collection.

447

Existing,

448

/// A live key is fully populated and usable by clients.

449

Live,

450

/// An unreferenced key is scheduled for garbage collection.

Unreferenced,

}

impl ToSql for KeyLifeCycle {

455

fn to_sql(&self) -> rusqlite::Result<ToSqlOutput> {

456

match self {

457

Self::Existing => Ok(ToSqlOutput::Owned(Value::Integer(0))),

458

Self::Live => Ok(ToSqlOutput::Owned(Value::Integer(1))),

459

Self::Unreferenced => Ok(ToSqlOutput::Owned(Value::Integer(2))),

}

}

}

impl FromSql for KeyLifeCycle {

465

fn column_result(value: ValueRef) -> FromSqlResult<Self> {

466

match i64::column_result(value)? {

467

0 => Ok(KeyLifeCycle::Existing),

468

1 => Ok(KeyLifeCycle::Live),

469

2 => Ok(KeyLifeCycle::Unreferenced),

470

v => Err(FromSqlError::OutOfRange(v)),

}

}

}

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

475

/// Keys have a KeyMint blob component and optional public certificate and

476

/// certificate chain components.

477

/// KeyEntryLoadBits is a bitmap that indicates to `KeystoreDB::load_key_entry`

478

/// which components shall be loaded from the database if present.

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

479

#[derive(Debug, Clone, Copy, Eq, PartialEq, Ord, PartialOrd)]

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

480

pub struct KeyEntryLoadBits(u32);

481

482

impl KeyEntryLoadBits {

483

/// Indicate to `KeystoreDB::load_key_entry` that no component shall be loaded.

484

pub const NONE: KeyEntryLoadBits = Self(0);

485

/// Indicate to `KeystoreDB::load_key_entry` that the KeyMint component shall be loaded.

486

pub const KM: KeyEntryLoadBits = Self(1);

487

/// Indicate to `KeystoreDB::load_key_entry` that the Public components shall be loaded.

488

pub const PUBLIC: KeyEntryLoadBits = Self(2);

489

/// Indicate to `KeystoreDB::load_key_entry` that both components shall be loaded.

490

pub const BOTH: KeyEntryLoadBits = Self(3);

491

492

/// Returns true if this object indicates that the public components shall be loaded.

493

pub const fn load_public(&self) -> bool {

494

self.0 & Self::PUBLIC.0 != 0

495

}

496

497

/// Returns true if the object indicates that the KeyMint component shall be loaded.

498

pub const fn load_km(&self) -> bool {

499

self.0 & Self::KM.0 != 0

}

}

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

503

lazy_static! {

504

static ref KEY_ID_LOCK: KeyIdLockDb = KeyIdLockDb::new();

}

struct KeyIdLockDb {

locked_keys: Mutex<HashSet<i64>>,

cond_var: Condvar,

}

/// A locked key. While a guard exists for a given key id, the same key cannot be loaded

513

/// from the database a second time. Most functions manipulating the key blob database

514

/// require a KeyIdGuard.

515

#[derive(Debug)]

516

pub struct KeyIdGuard(i64);

impl KeyIdLockDb {

fn new() -> Self {

Self { locked_keys: Mutex::new(HashSet::new()), cond_var: Condvar::new() }

521

}

522

523

/// This function blocks until an exclusive lock for the given key entry id can

524

/// be acquired. It returns a guard object, that represents the lifecycle of the

525

/// acquired lock.

526

pub fn get(&self, key_id: i64) -> KeyIdGuard {

527

let mut locked_keys = self.locked_keys.lock().unwrap();

528

while locked_keys.contains(&key_id) {

529

locked_keys = self.cond_var.wait(locked_keys).unwrap();

530

}

531

locked_keys.insert(key_id);

KeyIdGuard(key_id)

}

/// This function attempts to acquire an exclusive lock on a given key id. If the

536

/// given key id is already taken the function returns None immediately. If a lock

537

/// can be acquired this function returns a guard object, that represents the

538

/// lifecycle of the acquired lock.

539

pub fn try_get(&self, key_id: i64) -> Option<KeyIdGuard> {

540

let mut locked_keys = self.locked_keys.lock().unwrap();

541

if locked_keys.insert(key_id) {

542

Some(KeyIdGuard(key_id))

} else {

None

}

}

}

impl KeyIdGuard {

/// Get the numeric key id of the locked key.

551

pub fn id(&self) -> i64 {

self.0

}

}

impl Drop for KeyIdGuard {

557

fn drop(&mut self) {

558

let mut locked_keys = KEY_ID_LOCK.locked_keys.lock().unwrap();

559

locked_keys.remove(&self.0);

Janis Danisevskis

7fd5358

2020-11-23 13:40:34 -0800

[diff] [blame]

560

drop(locked_keys);

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

561

KEY_ID_LOCK.cond_var.notify_all();

}

}

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

565

/// This type represents a certificate and certificate chain entry for a key.

Max Bires

2020-09-22 11:22:36 -0700

[diff] [blame]

566

#[derive(Debug, Default)]

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

567

pub struct CertificateInfo {

568

cert: Option<Vec<u8>>,

569

cert_chain: Option<Vec<u8>>,

570

}

571

Janis Danisevskis

2022-01-26 14:11:14 -0800

[diff] [blame]

572

/// This type represents a Blob with its metadata and an optional superseded blob.

573

#[derive(Debug)]

574

pub struct BlobInfo<'a> {

575

blob: &'a [u8],

576

metadata: &'a BlobMetaData,

577

/// Superseded blobs are an artifact of legacy import. In some rare occasions

578

/// the key blob needs to be upgraded during import. In that case two

579

/// blob are imported, the superseded one will have to be imported first,

580

/// so that the garbage collector can reap it.

581

superseded_blob: Option<(&'a [u8], &'a BlobMetaData)>,

582

}

583

584

impl<'a> BlobInfo<'a> {

585

/// Create a new instance of blob info with blob and corresponding metadata

586

/// and no superseded blob info.

587

pub fn new(blob: &'a [u8], metadata: &'a BlobMetaData) -> Self {

588

Self { blob, metadata, superseded_blob: None }

589

}

590

591

/// Create a new instance of blob info with blob and corresponding metadata

592

/// as well as superseded blob info.

593

pub fn new_with_superseded(

594

blob: &'a [u8],

595

metadata: &'a BlobMetaData,

596

superseded_blob: Option<(&'a [u8], &'a BlobMetaData)>,

597

) -> Self {

598

Self { blob, metadata, superseded_blob }

}

}

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

602

impl CertificateInfo {

603

/// Constructs a new CertificateInfo object from `cert` and `cert_chain`

604

pub fn new(cert: Option<Vec<u8>>, cert_chain: Option<Vec<u8>>) -> Self {

605

Self { cert, cert_chain }

}

/// Take the cert

pub fn take_cert(&mut self) -> Option<Vec<u8>> {

self.cert.take()

}

/// Take the cert chain

614

pub fn take_cert_chain(&mut self) -> Option<Vec<u8>> {

615

self.cert_chain.take()

}

}

Max Bires

2020-09-22 11:22:36 -0700

[diff] [blame]

619

/// This type represents a certificate chain with a private key corresponding to the leaf

620

/// certificate. TODO(jbires): This will be used in a follow-on CL, for now it's used in the tests.

Max Bires

2020-09-22 11:22:36 -0700

[diff] [blame]

621

pub struct CertificateChain {

Max Bires

97f9681

2021-02-23 23:44:57 -0800

[diff] [blame]

622

/// A KM key blob

623

pub private_key: ZVec,

624

/// A batch cert for private_key

625

pub batch_cert: Vec<u8>,

626

/// A full certificate chain from root signing authority to private_key, including batch_cert

627

/// for convenience.

628

pub cert_chain: Vec<u8>,

Max Bires

2020-09-22 11:22:36 -0700

[diff] [blame]

629

}

630

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

631

/// This type represents a Keystore 2.0 key entry.

632

/// An entry has a unique `id` by which it can be found in the database.

633

/// It has a security level field, key parameters, and three optional fields

634

/// for the KeyMint blob, public certificate and a public certificate chain.

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

635

#[derive(Debug, Default, Eq, PartialEq)]

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

636

pub struct KeyEntry {

637

id: i64,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

638

key_blob_info: Option<(Vec<u8>, BlobMetaData)>,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

639

cert: Option<Vec<u8>>,

640

cert_chain: Option<Vec<u8>>,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

641

km_uuid: Uuid,

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

642

parameters: Vec<KeyParameter>,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

643

metadata: KeyMetaData,

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

644

pure_cert: bool,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

}

impl KeyEntry {

/// Returns the unique id of the Key entry.

649

pub fn id(&self) -> i64 {

650

self.id

651

}

652

/// Exposes the optional KeyMint blob.

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

653

pub fn key_blob_info(&self) -> &Option<(Vec<u8>, BlobMetaData)> {

654

&self.key_blob_info

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

655

}

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

656

/// Extracts the Optional KeyMint blob including its metadata.

657

pub fn take_key_blob_info(&mut self) -> Option<(Vec<u8>, BlobMetaData)> {

658

self.key_blob_info.take()

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

659

}

660

/// Exposes the optional public certificate.

661

pub fn cert(&self) -> &Option<Vec<u8>> {

662

&self.cert

663

}

664

/// Extracts the optional public certificate.

665

pub fn take_cert(&mut self) -> Option<Vec<u8>> {

666

self.cert.take()

667

}

668

/// Exposes the optional public certificate chain.

669

pub fn cert_chain(&self) -> &Option<Vec<u8>> {

670

&self.cert_chain

671

}

672

/// Extracts the optional public certificate_chain.

673

pub fn take_cert_chain(&mut self) -> Option<Vec<u8>> {

674

self.cert_chain.take()

675

}

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

676

/// Returns the uuid of the owning KeyMint instance.

677

pub fn km_uuid(&self) -> &Uuid {

678

&self.km_uuid

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

679

}

Janis Danisevskis

04b0283

2020-10-26 09:21:40 -0700

[diff] [blame]

680

/// Exposes the key parameters of this key entry.

681

pub fn key_parameters(&self) -> &Vec<KeyParameter> {

682

&self.parameters

683

}

684

/// Consumes this key entry and extracts the keyparameters from it.

685

pub fn into_key_parameters(self) -> Vec<KeyParameter> {

686

self.parameters

687

}

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

688

/// Exposes the key metadata of this key entry.

689

pub fn metadata(&self) -> &KeyMetaData {

690

&self.metadata

691

}

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

692

/// This returns true if the entry is a pure certificate entry with no

693

/// private key component.

694

pub fn pure_cert(&self) -> bool {

695

self.pure_cert

696

}

Hasini Gunasinghe

2021-02-01 21:10:02 +0000

[diff] [blame]

697

/// Consumes this key entry and extracts the keyparameters and metadata from it.

698

pub fn into_key_parameters_and_metadata(self) -> (Vec<KeyParameter>, KeyMetaData) {

699

(self.parameters, self.metadata)

700

}

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

701

}

702

703

/// Indicates the sub component of a key entry for persistent storage.

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

704

#[derive(Debug, Clone, Copy, Eq, PartialEq, Ord, PartialOrd)]

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

705

pub struct SubComponentType(u32);

706

impl SubComponentType {

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

707

/// Persistent identifier for a key blob.

708

pub const KEY_BLOB: SubComponentType = Self(0);

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

709

/// Persistent identifier for a certificate blob.

710

pub const CERT: SubComponentType = Self(1);

711

/// Persistent identifier for a certificate chain blob.

712

pub const CERT_CHAIN: SubComponentType = Self(2);

713

}

714

715

impl ToSql for SubComponentType {

716

fn to_sql(&self) -> rusqlite::Result<ToSqlOutput> {

self.0.to_sql()

}

}

impl FromSql for SubComponentType {

722

fn column_result(value: ValueRef) -> FromSqlResult<Self> {

723

Ok(Self(u32::column_result(value)?))

}

}

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

727

/// This trait is private to the database module. It is used to convey whether or not the garbage

728

/// collector shall be invoked after a database access. All closures passed to

729

/// `KeystoreDB::with_transaction` return a tuple (bool, T) where the bool indicates if the

730

/// gc needs to be triggered. This convenience function allows to turn any anyhow::Result<T>

731

/// into anyhow::Result<(bool, T)> by simply appending one of `.do_gc(bool)`, `.no_gc()`, or

732

/// `.need_gc()`.

733

trait DoGc<T> {

734

fn do_gc(self, need_gc: bool) -> Result<(bool, T)>;

735

736

fn no_gc(self) -> Result<(bool, T)>;

737

738

fn need_gc(self) -> Result<(bool, T)>;

739

}

740

741

impl<T> DoGc<T> for Result<T> {

742

fn do_gc(self, need_gc: bool) -> Result<(bool, T)> {

743

self.map(|r| (need_gc, r))

744

}

745

746

fn no_gc(self) -> Result<(bool, T)> {

self.do_gc(false)

}

fn need_gc(self) -> Result<(bool, T)> {

self.do_gc(true)

}

}

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

755

/// KeystoreDB wraps a connection to an SQLite database and tracks its

756

/// ownership. It also implements all of Keystore 2.0's database functionality.

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

757

pub struct KeystoreDB {

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

758

conn: Connection,

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

759

gc: Option<Arc<Gc>>,

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

760

perboot: Arc<perboot::PerbootDB>,

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

761

}

762

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

763

/// Database representation of the monotonic time retrieved from the system call clock_gettime with

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

764

/// CLOCK_BOOTTIME. Stores monotonic time as i64 in milliseconds.

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

765

#[derive(Debug, Copy, Clone, Default, Eq, PartialEq, Ord, PartialOrd)]

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

766

pub struct BootTime(i64);

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

767

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

768

impl BootTime {

769

/// Constructs a new BootTime

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

770

pub fn now() -> Self {

Hasini Gunasinghe

2021-05-12 19:03:12 +0000

[diff] [blame]

771

Self(get_current_time_in_milliseconds())

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

772

}

773

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

774

/// Returns the value of BootTime in milliseconds as i64

Hasini Gunasinghe

2021-05-12 19:03:12 +0000

[diff] [blame]

775

pub fn milliseconds(&self) -> i64 {

776

self.0

David Drysdale

0e45a61

2021-02-25 17:24:36 +0000

[diff] [blame]

777

}

778

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

779

/// Returns the integer value of BootTime as i64

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

780

pub fn seconds(&self) -> i64 {

Hasini Gunasinghe

2021-05-12 19:03:12 +0000

[diff] [blame]

781

self.0 / 1000

Hasini Gunasinghe

b3715fb

2021-02-26 20:34:45 +0000

[diff] [blame]

782

}

783

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

784

/// Like i64::checked_sub.

785

pub fn checked_sub(&self, other: &Self) -> Option<Self> {

786

self.0.checked_sub(other.0).map(Self)

787

}

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

788

}

789

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

790

impl ToSql for BootTime {

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

791

fn to_sql(&self) -> rusqlite::Result<ToSqlOutput> {

792

Ok(ToSqlOutput::Owned(Value::Integer(self.0)))

}

}

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

796

impl FromSql for BootTime {

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

797

fn column_result(value: ValueRef) -> FromSqlResult<Self> {

798

Ok(Self(i64::column_result(value)?))

}

}

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

802

/// This struct encapsulates the information to be stored in the database about the auth tokens

803

/// received by keystore.

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

804

#[derive(Clone)]

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

805

pub struct AuthTokenEntry {

806

auth_token: HardwareAuthToken,

Hasini Gunasinghe

2021-05-12 19:03:12 +0000

[diff] [blame]

807

// Time received in milliseconds

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

808

time_received: BootTime,

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

809

}

810

811

impl AuthTokenEntry {

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

812

fn new(auth_token: HardwareAuthToken, time_received: BootTime) -> Self {

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

813

AuthTokenEntry { auth_token, time_received }

814

}

815

816

/// Checks if this auth token satisfies the given authentication information.

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

817

pub fn satisfies(&self, user_secure_ids: &[i64], auth_type: HardwareAuthenticatorType) -> bool {

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

818

user_secure_ids.iter().any(|&sid| {

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

819

(sid == self.auth_token.userId || sid == self.auth_token.authenticatorId)

Charisee

03e0084

2023-01-25 01:41:23 +0000

[diff] [blame]

820

&& ((auth_type.0 & self.auth_token.authenticatorType.0) != 0)

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

})

}

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

824

/// Returns the auth token wrapped by the AuthTokenEntry

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

825

pub fn auth_token(&self) -> &HardwareAuthToken {

&self.auth_token

}

/// Returns the auth token wrapped by the AuthTokenEntry

830

pub fn take_auth_token(self) -> HardwareAuthToken {

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

831

self.auth_token

832

}

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

833

834

/// Returns the time that this auth token was received.

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

835

pub fn time_received(&self) -> BootTime {

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

836

self.time_received

837

}

Hasini Gunasinghe

b3715fb

2021-02-26 20:34:45 +0000

[diff] [blame]

838

839

/// Returns the challenge value of the auth token.

840

pub fn challenge(&self) -> i64 {

841

self.auth_token.challenge

842

}

Hasini Gunasinghe

2020-11-06 01:24:16 +0000

[diff] [blame]

843

}

844

Janis Danisevskis

b00ebd0

2021-02-02 21:52:24 -0800

[diff] [blame]

845

/// Shared in-memory databases get destroyed as soon as the last connection to them gets closed.

846

/// This object does not allow access to the database connection. But it keeps a database

847

/// connection alive in order to keep the in memory per boot database alive.

848

pub struct PerBootDbKeepAlive(Connection);

849

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

850

impl KeystoreDB {

Janis Danisevskis

2021-02-18 20:04:10 -0800

[diff] [blame]

851

const UNASSIGNED_KEY_ID: i64 = -1i64;

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

852

const CURRENT_DB_VERSION: u32 = 1;

853

const UPGRADERS: &'static [fn(&Transaction) -> Result<u32>] = &[Self::from_0_to_1];

Janis Danisevskis

b00ebd0

2021-02-02 21:52:24 -0800

[diff] [blame]

854

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

855

/// Name of the file that holds the cross-boot persistent database.

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

856

pub const PERSISTENT_DB_FILENAME: &'static str = "persistent.sqlite";

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

857

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

858

/// This will create a new database connection connecting the two

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

859

/// files persistent.sqlite and perboot.sqlite in the given directory.

860

/// It also attempts to initialize all of the tables.

861

/// KeystoreDB cannot be used by multiple threads.

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

862

/// Each thread should open their own connection using `thread_local!`.

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

863

pub fn new(db_root: &Path, gc: Option<Arc<Gc>>) -> Result<Self> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

864

let _wp = wd::watch_millis("KeystoreDB::new", 500);

865

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

866

let persistent_path = Self::make_persistent_path(db_root)?;

Seth Moore

472fcbb

2021-05-12 10:07:51 -0700

[diff] [blame]

867

let conn = Self::make_connection(&persistent_path)?;

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

868

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

869

let mut db = Self { conn, gc, perboot: perboot::PERBOOT_DB.clone() };

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

870

db.with_transaction(TransactionBehavior::Immediate, |tx| {

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

871

versioning::upgrade_database(tx, Self::CURRENT_DB_VERSION, Self::UPGRADERS)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

872

.context(ks_err!("KeystoreDB::new: trying to upgrade database."))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

873

Self::init_tables(tx).context("Trying to initialize tables.").no_gc()

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

874

})?;

875

Ok(db)

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

876

}

877

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

878

// This upgrade function deletes all MAX_BOOT_LEVEL keys, that were generated before

879

// cryptographic binding to the boot level keys was implemented.

880

fn from_0_to_1(tx: &Transaction) -> Result<u32> {

881

tx.execute(

882

"UPDATE persistent.keyentry SET state = ?

883

WHERE

884

id IN (SELECT keyentryid FROM persistent.keyparameter WHERE tag = ?)

885

AND

886

id NOT IN (

887

SELECT keyentryid FROM persistent.blobentry

888

WHERE id IN (

889

SELECT blobentryid FROM persistent.blobmetadata WHERE tag = ?

890

)

891

);",

892

params![KeyLifeCycle::Unreferenced, Tag::MAX_BOOT_LEVEL.0, BlobMetaData::MaxBootLevel],

893

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

894

.context(ks_err!("Failed to delete logical boot level keys."))?;

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

Ok(1)

}

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

898

fn init_tables(tx: &Transaction) -> Result<()> {

899

tx.execute(

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

900

"CREATE TABLE IF NOT EXISTS persistent.keyentry (

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

901

id INTEGER UNIQUE,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

902

key_type INTEGER,

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

903

domain INTEGER,

904

namespace INTEGER,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

905

alias BLOB,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

906

state INTEGER,

907

km_uuid BLOB);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

908

[],

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

909

)

910

.context("Failed to initialize \"keyentry\" table.")?;

911

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

912

tx.execute(

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

913

"CREATE INDEX IF NOT EXISTS persistent.keyentry_id_index

914

ON keyentry(id);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

915

[],

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

916

)

917

.context("Failed to create index keyentry_id_index.")?;

918

919

tx.execute(

920

"CREATE INDEX IF NOT EXISTS persistent.keyentry_domain_namespace_index

921

ON keyentry(domain, namespace, alias);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

922

[],

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

923

)

924

.context("Failed to create index keyentry_domain_namespace_index.")?;

925

926

tx.execute(

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

927

"CREATE TABLE IF NOT EXISTS persistent.blobentry (

928

id INTEGER PRIMARY KEY,

929

subcomponent_type INTEGER,

930

keyentryid INTEGER,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

931

blob BLOB);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

932

[],

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

933

)

934

.context("Failed to initialize \"blobentry\" table.")?;

935

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

936

tx.execute(

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

937

"CREATE INDEX IF NOT EXISTS persistent.blobentry_keyentryid_index

938

ON blobentry(keyentryid);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

939

[],

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

940

)

941

.context("Failed to create index blobentry_keyentryid_index.")?;

942

943

tx.execute(

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

944

"CREATE TABLE IF NOT EXISTS persistent.blobmetadata (

945

id INTEGER PRIMARY KEY,

blobentryid INTEGER,

tag INTEGER,

data ANY,

UNIQUE (blobentryid, tag));",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

950

[],

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

951

)

952

.context("Failed to initialize \"blobmetadata\" table.")?;

953

954

tx.execute(

955

"CREATE INDEX IF NOT EXISTS persistent.blobmetadata_blobentryid_index

956

ON blobmetadata(blobentryid);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

957

[],

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

958

)

959

.context("Failed to create index blobmetadata_blobentryid_index.")?;

960

961

tx.execute(

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

962

"CREATE TABLE IF NOT EXISTS persistent.keyparameter (

Hasini Gunasinghe

af99366

2020-07-24 18:40:20 +0000

[diff] [blame]

keyentryid INTEGER,

tag INTEGER,

data ANY,

security_level INTEGER);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

967

[],

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

968

)

969

.context("Failed to initialize \"keyparameter\" table.")?;

970

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

971

tx.execute(

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

972

"CREATE INDEX IF NOT EXISTS persistent.keyparameter_keyentryid_index

973

ON keyparameter(keyentryid);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

974

[],

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

975

)

976

.context("Failed to create index keyparameter_keyentryid_index.")?;

977

978

tx.execute(

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

979

"CREATE TABLE IF NOT EXISTS persistent.keymetadata (

980

keyentryid INTEGER,

981

tag INTEGER,

Hasini Gunasinghe

2021-02-01 21:10:02 +0000

[diff] [blame]

982

data ANY,

983

UNIQUE (keyentryid, tag));",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

984

[],

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

985

)

986

.context("Failed to initialize \"keymetadata\" table.")?;

987

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

988

tx.execute(

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

989

"CREATE INDEX IF NOT EXISTS persistent.keymetadata_keyentryid_index

990

ON keymetadata(keyentryid);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

991

[],

Janis Danisevskis

2021-02-02 14:22:59 -0800

[diff] [blame]

992

)

993

.context("Failed to create index keymetadata_keyentryid_index.")?;

994

995

tx.execute(

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

996

"CREATE TABLE IF NOT EXISTS persistent.grant (

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

id INTEGER UNIQUE,

grantee INTEGER,

keyentryid INTEGER,

access_vector INTEGER);",

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

1001

[],

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1002

)

1003

.context("Failed to initialize \"grant\" table.")?;

1004

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

Ok(())

}

Seth Moore

2021-05-12 10:07:51 -0700

[diff] [blame]

1008

fn make_persistent_path(db_root: &Path) -> Result<String> {

1009

// Build the path to the sqlite file.

1010

let mut persistent_path = db_root.to_path_buf();

1011

persistent_path.push(Self::PERSISTENT_DB_FILENAME);

1012

1013

// Now convert them to strings prefixed with "file:"

1014

let mut persistent_path_str = "file:".to_owned();

1015

persistent_path_str.push_str(&persistent_path.to_string_lossy());

1016

Shaquille Johnson

52b8c93

2023-12-19 19:45:32 +0000

[diff] [blame]

1017

// Connect to database in specific mode

1018

let persistent_path_mode = if keystore2_flags::wal_db_journalmode_v3() {

1019

"?journal_mode=WAL".to_owned()

1020

} else {

1021

"?journal_mode=DELETE".to_owned()

1022

};

1023

persistent_path_str.push_str(&persistent_path_mode);

1024

Seth Moore

472fcbb

2021-05-12 10:07:51 -0700

[diff] [blame]

1025

Ok(persistent_path_str)

1026

}

1027

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

1028

fn make_connection(persistent_file: &str) -> Result<Connection> {

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

1029

let conn =

1030

Connection::open_in_memory().context("Failed to initialize SQLite connection.")?;

1031

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1032

loop {

1033

if let Err(e) = conn

1034

.execute("ATTACH DATABASE ? as persistent;", params![persistent_file])

1035

.context("Failed to attach database persistent.")

1036

{

1037

if Self::is_locked_error(&e) {

1038

std::thread::sleep(std::time::Duration::from_micros(500));

continue;

} else {

return Err(e);

}

}

break;

}

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

1046

Matthew Maurer

4fb1911

2021-05-06 15:40:44 -0700

[diff] [blame]

1047

// Drop the cache size from default (2M) to 0.5M

1048

conn.execute("PRAGMA persistent.cache_size = -500;", params![])

1049

.context("Failed to decrease cache size for persistent db")?;

Matthew Maurer

4fb1911

2021-05-06 15:40:44 -0700

[diff] [blame]

1050

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

Ok(conn)

}

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1054

fn do_table_size_query(

1055

&mut self,

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1056

storage_type: MetricsStorage,

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1057

query: &str,

1058

params: &[&str],

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1059

) -> Result<StorageStats> {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1060

let (total, unused) = self.with_transaction(TransactionBehavior::Deferred, |tx| {

Joel Galenson

ff79e36

2021-05-25 16:30:17 -0700

[diff] [blame]

1061

tx.query_row(query, params_from_iter(params), |row| Ok((row.get(0)?, row.get(1)?)))

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1062

.with_context(|| {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1063

ks_err!("get_storage_stat: Error size of storage type {}", storage_type.0)

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1064

})

1065

.no_gc()

1066

})?;

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1067

Ok(StorageStats { storage_type, size: total, unused_size: unused })

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1068

}

1069

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1070

fn get_total_size(&mut self) -> Result<StorageStats> {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1071

self.do_table_size_query(

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1072

MetricsStorage::DATABASE,

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1073

"SELECT page_count * page_size, freelist_count * page_size

1074

FROM pragma_page_count('persistent'),

1075

pragma_page_size('persistent'),

1076

persistent.pragma_freelist_count();",

&[],

)

}

fn get_table_size(

&mut self,

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1083

storage_type: MetricsStorage,

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1084

schema: &str,

1085

table: &str,

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1086

) -> Result<StorageStats> {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1087

self.do_table_size_query(

1088

storage_type,

1089

"SELECT pgsize,unused FROM dbstat(?1)

1090

WHERE name=?2 AND aggregate=TRUE;",

&[schema, table],

)

}

/// Fetches a storage statisitics atom for a given storage type. For storage

1096

/// types that map to a table, information about the table's storage is

1097

/// returned. Requests for storage types that are not DB tables return None.

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1098

pub fn get_storage_stat(&mut self, storage_type: MetricsStorage) -> Result<StorageStats> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1099

let _wp = wd::watch_millis("KeystoreDB::get_storage_stat", 500);

1100

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1101

match storage_type {

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1102

MetricsStorage::DATABASE => self.get_total_size(),

1103

MetricsStorage::KEY_ENTRY => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1104

self.get_table_size(storage_type, "persistent", "keyentry")

1105

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1106

MetricsStorage::KEY_ENTRY_ID_INDEX => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1107

self.get_table_size(storage_type, "persistent", "keyentry_id_index")

1108

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1109

MetricsStorage::KEY_ENTRY_DOMAIN_NAMESPACE_INDEX => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1110

self.get_table_size(storage_type, "persistent", "keyentry_domain_namespace_index")

1111

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1112

MetricsStorage::BLOB_ENTRY => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1113

self.get_table_size(storage_type, "persistent", "blobentry")

1114

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1115

MetricsStorage::BLOB_ENTRY_KEY_ENTRY_ID_INDEX => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1116

self.get_table_size(storage_type, "persistent", "blobentry_keyentryid_index")

1117

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1118

MetricsStorage::KEY_PARAMETER => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1119

self.get_table_size(storage_type, "persistent", "keyparameter")

1120

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1121

MetricsStorage::KEY_PARAMETER_KEY_ENTRY_ID_INDEX => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1122

self.get_table_size(storage_type, "persistent", "keyparameter_keyentryid_index")

1123

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1124

MetricsStorage::KEY_METADATA => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1125

self.get_table_size(storage_type, "persistent", "keymetadata")

1126

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1127

MetricsStorage::KEY_METADATA_KEY_ENTRY_ID_INDEX => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1128

self.get_table_size(storage_type, "persistent", "keymetadata_keyentryid_index")

1129

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1130

MetricsStorage::GRANT => self.get_table_size(storage_type, "persistent", "grant"),

1131

MetricsStorage::AUTH_TOKEN => {

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

1132

// Since the table is actually a BTreeMap now, unused_size is not meaningfully

1133

// reportable

1134

// Size provided is only an approximation

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1135

Ok(StorageStats {

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

1136

storage_type,

1137

size: (self.perboot.auth_tokens_len() * std::mem::size_of::<AuthTokenEntry>())

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1138

as i32,

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

1139

unused_size: 0,

1140

})

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1141

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1142

MetricsStorage::BLOB_METADATA => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1143

self.get_table_size(storage_type, "persistent", "blobmetadata")

1144

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1145

MetricsStorage::BLOB_METADATA_BLOB_ENTRY_ID_INDEX => {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

1146

self.get_table_size(storage_type, "persistent", "blobmetadata_blobentryid_index")

1147

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

1148

_ => Err(anyhow::Error::msg(format!("Unsupported storage type: {}", storage_type.0))),

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

}

}

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1152

/// This function is intended to be used by the garbage collector.

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

1153

/// It deletes the blobs given by `blob_ids_to_delete`. It then tries to find up to `max_blobs`

1154

/// superseded key blobs that might need special handling by the garbage collector.

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1155

/// If no further superseded blobs can be found it deletes all other superseded blobs that don't

1156

/// need special handling and returns None.

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

1157

pub fn handle_next_superseded_blobs(

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1158

&mut self,

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

1159

blob_ids_to_delete: &[i64],

1160

max_blobs: usize,

1161

) -> Result<Vec<(i64, Vec<u8>, BlobMetaData)>> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1162

let _wp = wd::watch_millis("KeystoreDB::handle_next_superseded_blob", 500);

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1163

self.with_transaction(TransactionBehavior::Immediate, |tx| {

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

1164

// Delete the given blobs.

1165

for blob_id in blob_ids_to_delete {

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1166

tx.execute(

1167

"DELETE FROM persistent.blobmetadata WHERE blobentryid = ?;",

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

1168

params![blob_id],

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1169

)

Shaquille Johnson

f23fc94

2024-02-13 17:01:29 +0000

[diff] [blame]

1170

.context(ks_err!("Trying to delete blob metadata: {:?}", blob_id))?;

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

1171

tx.execute("DELETE FROM persistent.blobentry WHERE id = ?;", params![blob_id])

Shaquille Johnson

f23fc94

2024-02-13 17:01:29 +0000

[diff] [blame]

1172

.context(ks_err!("Trying to delete blob: {:?}", blob_id))?;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1173

}

Janis Danisevskis

3cba10d

2021-05-06 17:02:19 -0700

[diff] [blame]

1174

1175

Self::cleanup_unreferenced(tx).context("Trying to cleanup unreferenced.")?;

1176

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

1177

// Find up to max_blobx more superseded key blobs, load their metadata and return it.

1178

let result: Vec<(i64, Vec<u8>)> = {

1179

let mut stmt = tx

1180

.prepare(

1181

"SELECT id, blob FROM persistent.blobentry

1182

WHERE subcomponent_type = ?

1183

AND (

1184

id NOT IN (

1185

SELECT MAX(id) FROM persistent.blobentry

1186

WHERE subcomponent_type = ?

1187

GROUP BY keyentryid, subcomponent_type

1188

)

1189

OR keyentryid NOT IN (SELECT id FROM persistent.keyentry)

1190

) LIMIT ?;",

1191

)

1192

.context("Trying to prepare query for superseded blobs.")?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1193

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

let rows = stmt

.query_map(

params![

SubComponentType::KEY_BLOB,

1198

SubComponentType::KEY_BLOB,

1199

max_blobs as i64,

1200

],

1201

|row| Ok((row.get(0)?, row.get(1)?)),

1202

)

1203

.context("Trying to query superseded blob.")?;

1204

1205

rows.collect::<Result<Vec<(i64, Vec<u8>)>, rusqlite::Error>>()

1206

.context("Trying to extract superseded blobs.")?

};

let result = result

.into_iter()

.map(|(blob_id, blob)| {

1212

Ok((blob_id, blob, BlobMetaData::load_from_db(blob_id, tx)?))

1213

})

1214

.collect::<Result<Vec<(i64, Vec<u8>, BlobMetaData)>>>()

1215

.context("Trying to load blob metadata.")?;

1216

if !result.is_empty() {

1217

return Ok(result).no_gc();

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1218

}

1219

1220

// We did not find any superseded key blob, so let's remove other superseded blob in

1221

// one transaction.

1222

tx.execute(

1223

"DELETE FROM persistent.blobentry

1224

WHERE NOT subcomponent_type = ?

1225

AND (

1226

id NOT IN (

1227

SELECT MAX(id) FROM persistent.blobentry

1228

WHERE NOT subcomponent_type = ?

1229

GROUP BY keyentryid, subcomponent_type

1230

) OR keyentryid NOT IN (SELECT id FROM persistent.keyentry)

1231

);",

1232

params![SubComponentType::KEY_BLOB, SubComponentType::KEY_BLOB],

1233

)

1234

.context("Trying to purge superseded blobs.")?;

1235

Janis Danisevskis

2021-05-06 10:54:17 -0700

[diff] [blame]

1236

Ok(vec![]).no_gc()

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1237

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1238

.context(ks_err!())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1239

}

1240

1241

/// This maintenance function should be called only once before the database is used for the

1242

/// first time. It restores the invariant that `KeyLifeCycle::Existing` is a transient state.

1243

/// The function transitions all key entries from Existing to Unreferenced unconditionally and

1244

/// returns the number of rows affected. If this returns a value greater than 0, it means that

1245

/// Keystore crashed at some point during key generation. Callers may want to log such

1246

/// occurrences.

1247

/// Unlike with `mark_unreferenced`, we don't need to purge grants, because only keys that made

1248

/// it to `KeyLifeCycle::Live` may have grants.

1249

pub fn cleanup_leftovers(&mut self) -> Result<usize> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1250

let _wp = wd::watch_millis("KeystoreDB::cleanup_leftovers", 500);

1251

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1252

self.with_transaction(TransactionBehavior::Immediate, |tx| {

1253

tx.execute(

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1254

"UPDATE persistent.keyentry SET state = ? WHERE state = ?;",

1255

params![KeyLifeCycle::Unreferenced, KeyLifeCycle::Existing],

1256

)

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1257

.context("Failed to execute query.")

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1258

.need_gc()

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1259

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1260

.context(ks_err!())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1261

}

1262

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1263

/// Checks if a key exists with given key type and key descriptor properties.

pub fn key_exists(

&mut self,

domain: Domain,

nspace: i64,

alias: &str,

key_type: KeyType,

) -> Result<bool> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1271

let _wp = wd::watch_millis("KeystoreDB::key_exists", 500);

1272

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1273

self.with_transaction(TransactionBehavior::Immediate, |tx| {

1274

let key_descriptor =

1275

KeyDescriptor { domain, nspace, alias: Some(alias.to_string()), blob: None };

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1276

let result = Self::load_key_entry_id(tx, &key_descriptor, key_type);

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1277

match result {

1278

Ok(_) => Ok(true),

1279

Err(error) => match error.root_cause().downcast_ref::<KsError>() {

1280

Some(KsError::Rc(ResponseCode::KEY_NOT_FOUND)) => Ok(false),

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1281

_ => Err(error).context(ks_err!("Failed to find if the key exists.")),

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

},

}

.no_gc()

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1286

.context(ks_err!())

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1287

}

1288

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1289

/// Stores a super key in the database.

1290

pub fn store_super_key(

1291

&mut self,

Hasini Gunasinghe

3ed5da7

2021-02-04 15:18:54 +0000

[diff] [blame]

1292

user_id: u32,

Paul Crowley

2021-03-18 17:08:20 -0700

[diff] [blame]

1293

key_type: &SuperKeyType,

1294

blob: &[u8],

1295

blob_metadata: &BlobMetaData,

Paul Crowley

2021-03-19 10:53:07 -0700

[diff] [blame]

1296

key_metadata: &KeyMetaData,

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1297

) -> Result<KeyEntry> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1298

let _wp = wd::watch_millis("KeystoreDB::store_super_key", 500);

1299

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1300

self.with_transaction(TransactionBehavior::Immediate, |tx| {

1301

let key_id = Self::insert_with_retry(|id| {

1302

tx.execute(

1303

"INSERT into persistent.keyentry

1304

(id, key_type, domain, namespace, alias, state, km_uuid)

Hasini Gunasinghe

2021-02-01 21:10:02 +0000

[diff] [blame]

1305

VALUES(?, ?, ?, ?, ?, ?, ?);",

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1306

params![

1307

id,

1308

KeyType::Super,

Hasini Gunasinghe

2021-02-01 21:10:02 +0000

[diff] [blame]

1309

Domain::APP.0,

Hasini Gunasinghe

3ed5da7

2021-02-04 15:18:54 +0000

[diff] [blame]

1310

user_id as i64,

Paul Crowley

2021-03-18 17:08:20 -0700

[diff] [blame]

1311

key_type.alias,

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

KeyLifeCycle::Live,

&KEYSTORE_UUID,

],

)

})

.context("Failed to insert into keyentry table.")?;

1318

Paul Crowley

2021-03-19 10:53:07 -0700

[diff] [blame]

1319

key_metadata.store_in_db(key_id, tx).context("KeyMetaData::store_in_db failed")?;

1320

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1321

Self::set_blob_internal(

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1322

tx,

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1323

key_id,

1324

SubComponentType::KEY_BLOB,

Some(blob),

Some(blob_metadata),

)

.context("Failed to store key blob.")?;

1329

1330

Self::load_key_components(tx, KeyEntryLoadBits::KM, key_id)

1331

.context("Trying to load key components.")

1332

.no_gc()

1333

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1334

.context(ks_err!())

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

1335

}

1336

Hasini Gunasinghe

2021-02-06 00:56:28 +0000

[diff] [blame]

1337

/// Loads super key of a given user, if exists

Paul Crowley

2021-03-18 17:08:20 -0700

[diff] [blame]

1338

pub fn load_super_key(

1339

&mut self,

1340

key_type: &SuperKeyType,

1341

user_id: u32,

1342

) -> Result<Option<(KeyIdGuard, KeyEntry)>> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1343

let _wp = wd::watch_millis("KeystoreDB::load_super_key", 500);

1344

Hasini Gunasinghe

2021-02-06 00:56:28 +0000

[diff] [blame]

1345

self.with_transaction(TransactionBehavior::Immediate, |tx| {

1346

let key_descriptor = KeyDescriptor {

1347

domain: Domain::APP,

Hasini Gunasinghe

3ed5da7

2021-02-04 15:18:54 +0000

[diff] [blame]

1348

nspace: user_id as i64,

Paul Crowley

2021-03-18 17:08:20 -0700

[diff] [blame]

1349

alias: Some(key_type.alias.into()),

Hasini Gunasinghe

2021-02-06 00:56:28 +0000

[diff] [blame]

1350

blob: None,

1351

};

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1352

let id = Self::load_key_entry_id(tx, &key_descriptor, KeyType::Super);

Hasini Gunasinghe

2021-02-06 00:56:28 +0000

[diff] [blame]

1353

match id {

1354

Ok(id) => {

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1355

let key_entry = Self::load_key_components(tx, KeyEntryLoadBits::KM, id)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1356

.context(ks_err!("Failed to load key entry."))?;

Hasini Gunasinghe

2021-02-06 00:56:28 +0000

[diff] [blame]

1357

Ok(Some((KEY_ID_LOCK.get(id), key_entry)))

1358

}

1359

Err(error) => match error.root_cause().downcast_ref::<KsError>() {

1360

Some(KsError::Rc(ResponseCode::KEY_NOT_FOUND)) => Ok(None),

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1361

_ => Err(error).context(ks_err!()),

Hasini Gunasinghe

2021-02-06 00:56:28 +0000

[diff] [blame]

},

}

.no_gc()

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1366

.context(ks_err!())

Hasini Gunasinghe

2021-02-06 00:56:28 +0000

[diff] [blame]

1367

}

1368

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1369

/// Atomically loads a key entry and associated metadata or creates it using the

1370

/// callback create_new_key callback. The callback is called during a database

1371

/// transaction. This means that implementers should be mindful about using

1372

/// blocking operations such as IPC or grabbing mutexes.

1373

pub fn get_or_create_key_with<F>(

&mut self,

domain: Domain,

namespace: i64,

alias: &str,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1378

km_uuid: Uuid,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1379

create_new_key: F,

1380

) -> Result<(KeyIdGuard, KeyEntry)>

1381

where

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1382

F: Fn() -> Result<(Vec<u8>, BlobMetaData)>,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1383

{

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1384

let _wp = wd::watch_millis("KeystoreDB::get_or_create_key_with", 500);

1385

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1386

self.with_transaction(TransactionBehavior::Immediate, |tx| {

let id = {

let mut stmt = tx

.prepare(

"SELECT id FROM persistent.keyentry

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

WHERE

key_type = ?

AND domain = ?

AND namespace = ?

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1395

AND alias = ?

1396

AND state = ?;",

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1397

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1398

.context(ks_err!("Failed to select from keyentry table."))?;

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1399

let mut rows = stmt

1400

.query(params![KeyType::Super, domain.0, namespace, alias, KeyLifeCycle::Live])

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1401

.context(ks_err!("Failed to query from keyentry table."))?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1402

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1403

db_utils::with_rows_extract_one(&mut rows, |row| {

1404

Ok(match row {

1405

Some(r) => r.get(0).context("Failed to unpack id.")?,

1406

None => None,

1407

})

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1408

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1409

.context(ks_err!())?

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1410

};

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1411

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1412

let (id, entry) = match id {

1413

Some(id) => (

1414

id,

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1415

Self::load_key_components(tx, KeyEntryLoadBits::KM, id).context(ks_err!())?,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1416

),

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1417

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1418

None => {

1419

let id = Self::insert_with_retry(|id| {

1420

tx.execute(

1421

"INSERT into persistent.keyentry

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1422

(id, key_type, domain, namespace, alias, state, km_uuid)

1423

VALUES(?, ?, ?, ?, ?, ?, ?);",

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

params![

id,

KeyType::Super,

domain.0,

namespace,

alias,

KeyLifeCycle::Live,

km_uuid,

],

)

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1435

.context(ks_err!())?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1436

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1437

let (blob, metadata) = create_new_key().context(ks_err!())?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1438

Self::set_blob_internal(

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1439

tx,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1440

id,

1441

SubComponentType::KEY_BLOB,

1442

Some(&blob),

1443

Some(&metadata),

1444

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1445

.context(ks_err!())?;

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1446

(

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1447

id,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1448

KeyEntry {

1449

id,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1450

key_blob_info: Some((blob, metadata)),

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

pure_cert: false,

..Default::default()

},

)

}

};

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1457

Ok((KEY_ID_LOCK.get(id), entry)).no_gc()

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1458

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1459

.context(ks_err!())

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1460

}

1461

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1462

/// Creates a transaction with the given behavior and executes f with the new transaction.

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1463

/// The transaction is committed only if f returns Ok and retried if DatabaseBusy

1464

/// or DatabaseLocked is encountered.

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1465

fn with_transaction<T, F>(&mut self, behavior: TransactionBehavior, f: F) -> Result<T>

1466

where

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1467

F: Fn(&Transaction) -> Result<(bool, T)>,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1468

{

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1469

loop {

James Farrell

efe1a2f

2024-02-28 21:36:47 +0000

[diff] [blame^]

1470

let result = self

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1471

.conn

1472

.transaction_with_behavior(behavior)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1473

.context(ks_err!())

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1474

.and_then(|tx| f(&tx).map(|result| (result, tx)))

1475

.and_then(|(result, tx)| {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1476

tx.commit().context(ks_err!("Failed to commit transaction."))?;

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1477

Ok(result)

James Farrell

efe1a2f

2024-02-28 21:36:47 +0000

[diff] [blame^]

1478

});

1479

match result {

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1480

Ok(result) => break Ok(result),

1481

Err(e) => {

1482

if Self::is_locked_error(&e) {

1483

std::thread::sleep(std::time::Duration::from_micros(500));

1484

continue;

1485

} else {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1486

return Err(e).context(ks_err!());

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

}

}

}

}

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1491

.map(|(need_gc, result)| {

1492

if need_gc {

1493

if let Some(ref gc) = self.gc {

gc.notify_gc();

}

}

result

})

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1499

}

1500

1501

fn is_locked_error(e: &anyhow::Error) -> bool {

Paul Crowley

f61fee7

2021-03-17 14:38:44 -0700

[diff] [blame]

1502

matches!(

1503

e.root_cause().downcast_ref::<rusqlite::ffi::Error>(),

1504

Some(rusqlite::ffi::Error { code: rusqlite::ErrorCode::DatabaseBusy, .. })

1505

| Some(rusqlite::ffi::Error { code: rusqlite::ErrorCode::DatabaseLocked, .. })

1506

)

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1507

}

1508

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1509

/// Creates a new key entry and allocates a new randomized id for the new key.

1510

/// The key id gets associated with a domain and namespace but not with an alias.

1511

/// To complete key generation `rebind_alias` should be called after all of the

1512

/// key artifacts, i.e., blobs and parameters have been associated with the new

1513

/// key id. Finalizing with `rebind_alias` makes the creation of a new key entry

1514

/// atomic even if key generation is not.

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1515

pub fn create_key_entry(

1516

&mut self,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1517

domain: &Domain,

1518

namespace: &i64,

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1519

key_type: KeyType,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1520

km_uuid: &Uuid,

1521

) -> Result<KeyIdGuard> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1522

let _wp = wd::watch_millis("KeystoreDB::create_key_entry", 500);

1523

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1524

self.with_transaction(TransactionBehavior::Immediate, |tx| {

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1525

Self::create_key_entry_internal(tx, domain, namespace, key_type, km_uuid).no_gc()

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1526

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1527

.context(ks_err!())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1528

}

1529

1530

fn create_key_entry_internal(

1531

tx: &Transaction,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1532

domain: &Domain,

1533

namespace: &i64,

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1534

key_type: KeyType,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1535

km_uuid: &Uuid,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1536

) -> Result<KeyIdGuard> {

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1537

match *domain {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

1538

Domain::APP | Domain::SELINUX => {}

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

1539

_ => {

1540

return Err(KsError::sys())

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1541

.context(ks_err!("Domain {:?} must be either App or SELinux.", domain));

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

1542

}

1543

}

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

1544

Ok(KEY_ID_LOCK.get(

1545

Self::insert_with_retry(|id| {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1546

tx.execute(

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1547

"INSERT into persistent.keyentry

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1548

(id, key_type, domain, namespace, alias, state, km_uuid)

1549

VALUES(?, ?, ?, ?, NULL, ?, ?);",

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1550

params![

1551

id,

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1552

key_type,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1553

domain.0 as u32,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1554

*namespace,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1555

KeyLifeCycle::Existing,

1556

km_uuid,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1557

],

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

1558

)

1559

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1560

.context(ks_err!())?,

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

1561

))

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

1562

}

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

1563

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1564

/// Set a new blob and associates it with the given key id. Each blob

1565

/// has a sub component type.

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1566

/// Each key can have one of each sub component type associated. If more

1567

/// are added only the most recent can be retrieved, and superseded blobs

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1568

/// will get garbage collected.

1569

/// Components SubComponentType::CERT and SubComponentType::CERT_CHAIN can be

1570

/// removed by setting blob to None.

1571

pub fn set_blob(

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1572

&mut self,

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

1573

key_id: &KeyIdGuard,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1574

sc_type: SubComponentType,

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1575

blob: Option<&[u8]>,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1576

blob_metadata: Option<&BlobMetaData>,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1577

) -> Result<()> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1578

let _wp = wd::watch_millis("KeystoreDB::set_blob", 500);

1579

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1580

self.with_transaction(TransactionBehavior::Immediate, |tx| {

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1581

Self::set_blob_internal(tx, key_id.0, sc_type, blob, blob_metadata).need_gc()

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1582

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1583

.context(ks_err!())

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1584

}

1585

Janis Danisevskis

2021-02-18 20:04:10 -0800

[diff] [blame]

1586

/// Why would we insert a deleted blob? This weird function is for the purpose of legacy

1587

/// key migration in the case where we bulk delete all the keys of an app or even a user.

1588

/// We use this to insert key blobs into the database which can then be garbage collected

1589

/// lazily by the key garbage collector.

1590

pub fn set_deleted_blob(&mut self, blob: &[u8], blob_metadata: &BlobMetaData) -> Result<()> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1591

let _wp = wd::watch_millis("KeystoreDB::set_deleted_blob", 500);

1592

Janis Danisevskis

2021-02-18 20:04:10 -0800

[diff] [blame]

1593

self.with_transaction(TransactionBehavior::Immediate, |tx| {

1594

Self::set_blob_internal(

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1595

tx,

Janis Danisevskis

2021-02-18 20:04:10 -0800

[diff] [blame]

1596

Self::UNASSIGNED_KEY_ID,

1597

SubComponentType::KEY_BLOB,

Some(blob),

Some(blob_metadata),

)

.need_gc()

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1603

.context(ks_err!())

Janis Danisevskis

2021-02-18 20:04:10 -0800

[diff] [blame]

1604

}

1605

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1606

fn set_blob_internal(

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1607

tx: &Transaction,

1608

key_id: i64,

1609

sc_type: SubComponentType,

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1610

blob: Option<&[u8]>,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1611

blob_metadata: Option<&BlobMetaData>,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1612

) -> Result<()> {

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1613

match (blob, sc_type) {

1614

(Some(blob), _) => {

1615

tx.execute(

1616

"INSERT INTO persistent.blobentry

1617

(subcomponent_type, keyentryid, blob) VALUES (?, ?, ?);",

1618

params![sc_type, key_id, blob],

1619

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1620

.context(ks_err!("Failed to insert blob."))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1621

if let Some(blob_metadata) = blob_metadata {

1622

let blob_id = tx

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

1623

.query_row("SELECT MAX(id) FROM persistent.blobentry;", [], |row| {

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1624

row.get(0)

1625

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1626

.context(ks_err!("Failed to get new blob id."))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1627

blob_metadata

1628

.store_in_db(blob_id, tx)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1629

.context(ks_err!("Trying to store blob metadata."))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1630

}

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1631

}

1632

(None, SubComponentType::CERT) | (None, SubComponentType::CERT_CHAIN) => {

1633

tx.execute(

1634

"DELETE FROM persistent.blobentry

1635

WHERE subcomponent_type = ? AND keyentryid = ?;",

1636

params![sc_type, key_id],

1637

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1638

.context(ks_err!("Failed to delete blob."))?;

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1639

}

1640

(None, _) => {

1641

return Err(KsError::sys())

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1642

.context(ks_err!("Other blobs cannot be deleted in this way."));

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1643

}

1644

}

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

Ok(())

}

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

1648

/// Inserts a collection of key parameters into the `persistent.keyparameter` table

1649

/// and associates them with the given `key_id`.

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1650

#[cfg(test)]

1651

fn insert_keyparameter(&mut self, key_id: &KeyIdGuard, params: &[KeyParameter]) -> Result<()> {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1652

self.with_transaction(TransactionBehavior::Immediate, |tx| {

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1653

Self::insert_keyparameter_internal(tx, key_id, params).no_gc()

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1654

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1655

.context(ks_err!())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1656

}

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

1657

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1658

fn insert_keyparameter_internal(

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1659

tx: &Transaction,

1660

key_id: &KeyIdGuard,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1661

params: &[KeyParameter],

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

) -> Result<()> {

let mut stmt = tx

.prepare(

"INSERT into persistent.keyparameter (keyentryid, tag, data, security_level)

1666

VALUES (?, ?, ?, ?);",

1667

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1668

.context(ks_err!("Failed to prepare statement."))?;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1669

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1670

for p in params.iter() {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

stmt.insert(params![

key_id.0,

p.get_tag().0,

p.key_parameter_value(),

1675

p.security_level().0

1676

])

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1677

.with_context(|| ks_err!("Failed to insert {:?}", p))?;

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

}

Ok(())

}

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1682

/// Insert a set of key entry specific metadata into the database.

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1683

#[cfg(test)]

1684

fn insert_key_metadata(&mut self, key_id: &KeyIdGuard, metadata: &KeyMetaData) -> Result<()> {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1685

self.with_transaction(TransactionBehavior::Immediate, |tx| {

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1686

metadata.store_in_db(key_id.0, tx).no_gc()

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1687

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1688

.context(ks_err!())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1689

}

1690

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1691

/// Updates the alias column of the given key id `newid` with the given alias,

1692

/// and atomically, removes the alias, domain, and namespace from another row

1693

/// with the same alias-domain-namespace tuple if such row exits.

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

1694

/// Returns Ok(true) if an old key was marked unreferenced as a hint to the garbage

1695

/// collector.

1696

fn rebind_alias(

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1697

tx: &Transaction,

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

1698

newid: &KeyIdGuard,

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

1699

alias: &str,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1700

domain: &Domain,

1701

namespace: &i64,

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1702

key_type: KeyType,

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

1703

) -> Result<bool> {

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1704

match *domain {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

1705

Domain::APP | Domain::SELINUX => {}

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

1706

_ => {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1707

return Err(KsError::sys())

1708

.context(ks_err!("Domain {:?} must be either App or SELinux.", domain));

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

1709

}

1710

}

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1711

let updated = tx

1712

.execute(

1713

"UPDATE persistent.keyentry

1714

SET alias = NULL, domain = NULL, namespace = NULL, state = ?

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1715

WHERE alias = ? AND domain = ? AND namespace = ? AND key_type = ?;",

1716

params![KeyLifeCycle::Unreferenced, alias, domain.0 as u32, namespace, key_type],

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1717

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1718

.context(ks_err!("Failed to rebind existing entry."))?;

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

1719

let result = tx

1720

.execute(

1721

"UPDATE persistent.keyentry

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1722

SET alias = ?, state = ?

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1723

WHERE id = ? AND domain = ? AND namespace = ? AND state = ? AND key_type = ?;",

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

params![

alias,

KeyLifeCycle::Live,

newid.0,

domain.0 as u32,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1729

*namespace,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1730

KeyLifeCycle::Existing,

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1731

key_type,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1732

],

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

1733

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1734

.context(ks_err!("Failed to set alias."))?;

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

1735

if result != 1 {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1736

return Err(KsError::sys()).context(ks_err!(

1737

"Expected to update a single entry but instead updated {}.",

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

1738

result

1739

));

1740

}

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

1741

Ok(updated != 0)

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1742

}

1743

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

1744

/// Moves the key given by KeyIdGuard to the new location at `destination`. If the destination

1745

/// is already occupied by a key, this function fails with `ResponseCode::INVALID_ARGUMENT`.

1746

pub fn migrate_key_namespace(

1747

&mut self,

1748

key_id_guard: KeyIdGuard,

1749

destination: &KeyDescriptor,

1750

caller_uid: u32,

1751

check_permission: impl Fn(&KeyDescriptor) -> Result<()>,

1752

) -> Result<()> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1753

let _wp = wd::watch_millis("KeystoreDB::migrate_key_namespace", 500);

1754

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

1755

let destination = match destination.domain {

1756

Domain::APP => KeyDescriptor { nspace: caller_uid as i64, ..(*destination).clone() },

1757

Domain::SELINUX => (*destination).clone(),

1758

domain => {

1759

return Err(KsError::Rc(ResponseCode::INVALID_ARGUMENT))

1760

.context(format!("Domain {:?} must be either APP or SELINUX.", domain));

}

};

// Security critical: Must return immediately on failure. Do not remove the '?';

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1765

check_permission(&destination).context(ks_err!("Trying to check permission."))?;

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

1766

1767

let alias = destination

1768

.alias

1769

.as_ref()

1770

.ok_or(KsError::Rc(ResponseCode::INVALID_ARGUMENT))

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1771

.context(ks_err!("Alias must be specified."))?;

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

1772

1773

self.with_transaction(TransactionBehavior::Immediate, |tx| {

1774

// Query the destination location. If there is a key, the migration request fails.

1775

if tx

1776

.query_row(

1777

"SELECT id FROM persistent.keyentry

1778

WHERE alias = ? AND domain = ? AND namespace = ?;",

1779

params![alias, destination.domain.0, destination.nspace],

|_| Ok(()),

)

.optional()

.context("Failed to query destination.")?

1784

.is_some()

1785

{

1786

return Err(KsError::Rc(ResponseCode::INVALID_ARGUMENT))

1787

.context("Target already exists.");

}

let updated = tx

.execute(

"UPDATE persistent.keyentry

1793

SET alias = ?, domain = ?, namespace = ?

1794

WHERE id = ?;",

1795

params![alias, destination.domain.0, destination.nspace, key_id_guard.id()],

1796

)

1797

.context("Failed to update key entry.")?;

1798

1799

if updated != 1 {

1800

return Err(KsError::sys())

1801

.context(format!("Update succeeded, but {} rows were updated.", updated));

1802

}

1803

Ok(()).no_gc()

1804

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1805

.context(ks_err!())

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

1806

}

1807

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1808

/// Store a new key in a single transaction.

1809

/// The function creates a new key entry, populates the blob, key parameter, and metadata

1810

/// fields, and rebinds the given alias to the new key.

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

1811

/// The boolean returned is a hint for the garbage collector. If true, a key was replaced,

1812

/// is now unreferenced and needs to be collected.

Chris Wailes

3877f29

2021-07-26 19:24:18 -0700

[diff] [blame]

1813

#[allow(clippy::too_many_arguments)]

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1814

pub fn store_new_key(

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1815

&mut self,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1816

key: &KeyDescriptor,

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1817

key_type: KeyType,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1818

params: &[KeyParameter],

Janis Danisevskis

2022-01-26 14:11:14 -0800

[diff] [blame]

1819

blob_info: &BlobInfo,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1820

cert_info: &CertificateInfo,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1821

metadata: &KeyMetaData,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1822

km_uuid: &Uuid,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1823

) -> Result<KeyIdGuard> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1824

let _wp = wd::watch_millis("KeystoreDB::store_new_key", 500);

1825

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1826

let (alias, domain, namespace) = match key {

1827

KeyDescriptor { alias: Some(alias), domain: Domain::APP, nspace, blob: None }

1828

| KeyDescriptor { alias: Some(alias), domain: Domain::SELINUX, nspace, blob: None } => {

1829

(alias, key.domain, nspace)

1830

}

1831

_ => {

1832

return Err(KsError::Rc(ResponseCode::INVALID_ARGUMENT))

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1833

.context(ks_err!("Need alias and domain must be APP or SELINUX."));

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1834

}

1835

};

1836

self.with_transaction(TransactionBehavior::Immediate, |tx| {

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1837

let key_id = Self::create_key_entry_internal(tx, &domain, namespace, key_type, km_uuid)

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1838

.context("Trying to create new key entry.")?;

Janis Danisevskis

2022-01-26 14:11:14 -0800

[diff] [blame]

1839

let BlobInfo { blob, metadata: blob_metadata, superseded_blob } = *blob_info;

1840

1841

// In some occasions the key blob is already upgraded during the import.

1842

// In order to make sure it gets properly deleted it is inserted into the

1843

// database here and then immediately replaced by the superseding blob.

1844

// The garbage collector will then subject the blob to deleteKey of the

1845

// KM back end to permanently invalidate the key.

1846

let need_gc = if let Some((blob, blob_metadata)) = superseded_blob {

1847

Self::set_blob_internal(

1848

tx,

1849

key_id.id(),

1850

SubComponentType::KEY_BLOB,

Some(blob),

Some(blob_metadata),

)

.context("Trying to insert superseded key blob.")?;

true

} else {

false

};

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1860

Self::set_blob_internal(

1861

tx,

1862

key_id.id(),

1863

SubComponentType::KEY_BLOB,

1864

Some(blob),

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1865

Some(blob_metadata),

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1866

)

1867

.context("Trying to insert the key blob.")?;

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1868

if let Some(cert) = &cert_info.cert {

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1869

Self::set_blob_internal(tx, key_id.id(), SubComponentType::CERT, Some(cert), None)

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1870

.context("Trying to insert the certificate.")?;

1871

}

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1872

if let Some(cert_chain) = &cert_info.cert_chain {

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1873

Self::set_blob_internal(

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1874

tx,

1875

key_id.id(),

1876

SubComponentType::CERT_CHAIN,

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1877

Some(cert_chain),

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1878

None,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1879

)

1880

.context("Trying to insert the certificate chain.")?;

1881

}

1882

Self::insert_keyparameter_internal(tx, &key_id, params)

1883

.context("Trying to insert key parameters.")?;

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1884

metadata.store_in_db(key_id.id(), tx).context("Trying to insert key metadata.")?;

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1885

let need_gc = Self::rebind_alias(tx, &key_id, alias, &domain, namespace, key_type)

Janis Danisevskis

2022-01-26 14:11:14 -0800

[diff] [blame]

1886

.context("Trying to rebind alias.")?

1887

|| need_gc;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1888

Ok(key_id).do_gc(need_gc)

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1889

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1890

.context(ks_err!())

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1891

}

1892

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1893

/// Store a new certificate

1894

/// The function creates a new key entry, populates the blob field and metadata, and rebinds

1895

/// the given alias to the new cert.

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1896

pub fn store_new_certificate(

1897

&mut self,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1898

key: &KeyDescriptor,

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1899

key_type: KeyType,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

1900

cert: &[u8],

1901

km_uuid: &Uuid,

1902

) -> Result<KeyIdGuard> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

1903

let _wp = wd::watch_millis("KeystoreDB::store_new_certificate", 500);

1904

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1905

let (alias, domain, namespace) = match key {

1906

KeyDescriptor { alias: Some(alias), domain: Domain::APP, nspace, blob: None }

1907

| KeyDescriptor { alias: Some(alias), domain: Domain::SELINUX, nspace, blob: None } => {

1908

(alias, key.domain, nspace)

1909

}

1910

_ => {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1911

return Err(KsError::Rc(ResponseCode::INVALID_ARGUMENT))

1912

.context(ks_err!("Need alias and domain must be APP or SELINUX."));

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1913

}

1914

};

1915

self.with_transaction(TransactionBehavior::Immediate, |tx| {

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

1916

let key_id = Self::create_key_entry_internal(tx, &domain, namespace, key_type, km_uuid)

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1917

.context("Trying to create new key entry.")?;

1918

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1919

Self::set_blob_internal(

1920

tx,

1921

key_id.id(),

1922

SubComponentType::CERT_CHAIN,

Some(cert),

None,

)

.context("Trying to insert certificate.")?;

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1927

1928

let mut metadata = KeyMetaData::new();

1929

metadata.add(KeyMetaEntry::CreationDate(

1930

DateTime::now().context("Trying to make creation time.")?,

1931

));

1932

1933

metadata.store_in_db(key_id.id(), tx).context("Trying to insert key metadata.")?;

1934

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

1935

let need_gc = Self::rebind_alias(tx, &key_id, alias, &domain, namespace, key_type)

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1936

.context("Trying to rebind alias.")?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

1937

Ok(key_id).do_gc(need_gc)

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1938

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1939

.context(ks_err!())

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

1940

}

1941

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1942

// Helper function loading the key_id given the key descriptor

1943

// tuple comprising domain, namespace, and alias.

1944

// Requires a valid transaction.

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1945

fn load_key_entry_id(tx: &Transaction, key: &KeyDescriptor, key_type: KeyType) -> Result<i64> {

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

let alias = key

.alias

.as_ref()

.map_or_else(|| Err(KsError::sys()), Ok)

1950

.context("In load_key_entry_id: Alias must be specified.")?;

1951

let mut stmt = tx

1952

.prepare(

1953

"SELECT id FROM persistent.keyentry

1954

WHERE

Hasini Gunasinghe

2021-02-01 21:10:02 +0000

[diff] [blame]

1955

key_type = ?

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1956

AND domain = ?

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1957

AND namespace = ?

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1958

AND alias = ?

1959

AND state = ?;",

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1960

)

1961

.context("In load_key_entry_id: Failed to select from keyentry table.")?;

1962

let mut rows = stmt

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

1963

.query(params![key_type, key.domain.0 as u32, key.nspace, alias, KeyLifeCycle::Live])

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1964

.context("In load_key_entry_id: Failed to read from keyentry table.")?;

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

1965

db_utils::with_rows_extract_one(&mut rows, |row| {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

1966

row.map_or_else(|| Err(KsError::Rc(ResponseCode::KEY_NOT_FOUND)), Ok)?

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1967

.get(0)

1968

.context("Failed to unpack id.")

1969

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

1970

.context(ks_err!())

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1971

}

1972

1973

/// This helper function completes the access tuple of a key, which is required

1974

/// to perform access control. The strategy depends on the `domain` field in the

1975

/// key descriptor.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

1976

/// * Domain::SELINUX: The access tuple is complete and this function only loads

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1977

/// the key_id for further processing.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

1978

/// * Domain::APP: Like Domain::SELINUX, but the tuple is completed by `caller_uid`

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1979

/// which serves as the namespace.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

1980

/// * Domain::GRANT: The grant table is queried for the `key_id` and the

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1981

/// `access_vector`.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

1982

/// * Domain::KEY_ID: The keyentry table is queried for the owning `domain` and

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1983

/// `namespace`.

1984

/// In each case the information returned is sufficient to perform the access

1985

/// check and the key id can be used to load further key artifacts.

1986

fn load_access_tuple(

1987

tx: &Transaction,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

1988

key: &KeyDescriptor,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

1989

key_type: KeyType,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

1990

caller_uid: u32,

1991

) -> Result<(i64, KeyDescriptor, Option<KeyPermSet>)> {

1992

match key.domain {

1993

// Domain App or SELinux. In this case we load the key_id from

1994

// the keyentry database for further loading of key components.

1995

// We already have the full access tuple to perform access control.

1996

// The only distinction is that we use the caller_uid instead

1997

// of the caller supplied namespace if the domain field is

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

1998

// Domain::APP.

1999

Domain::APP | Domain::SELINUX => {

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2000

let mut access_key = key.clone();

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2001

if access_key.domain == Domain::APP {

2002

access_key.nspace = caller_uid as i64;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2003

}

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

2004

let key_id = Self::load_key_entry_id(tx, &access_key, key_type)

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2005

.with_context(|| format!("With key.domain = {:?}.", access_key.domain))?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2006

2007

Ok((key_id, access_key, None))

2008

}

2009

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2010

// Domain::GRANT. In this case we load the key_id and the access_vector

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2011

// from the grant table.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2012

Domain::GRANT => {

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2013

let mut stmt = tx

2014

.prepare(

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

2015

"SELECT keyentryid, access_vector FROM persistent.grant

Hasini Gunasinghe

e70a0ec

2021-05-10 21:12:34 +0000

[diff] [blame]

2016

WHERE grantee = ? AND id = ? AND

2017

(SELECT state FROM persistent.keyentry WHERE id = keyentryid) = ?;",

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2018

)

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2019

.context("Domain::GRANT prepare statement failed")?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2020

let mut rows = stmt

Hasini Gunasinghe

e70a0ec

2021-05-10 21:12:34 +0000

[diff] [blame]

2021

.query(params![caller_uid as i64, key.nspace, KeyLifeCycle::Live])

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2022

.context("Domain:Grant: query failed.")?;

2023

let (key_id, access_vector): (i64, i32) =

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

2024

db_utils::with_rows_extract_one(&mut rows, |row| {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2025

let r =

2026

row.map_or_else(|| Err(KsError::Rc(ResponseCode::KEY_NOT_FOUND)), Ok)?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2027

Ok((

2028

r.get(0).context("Failed to unpack key_id.")?,

2029

r.get(1).context("Failed to unpack access_vector.")?,

2030

))

2031

})

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2032

.context("Domain::GRANT.")?;

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2033

Ok((key_id, key.clone(), Some(access_vector.into())))

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2034

}

2035

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2036

// Domain::KEY_ID. In this case we load the domain and namespace from the

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2037

// keyentry database because we need them for access control.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2038

Domain::KEY_ID => {

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

2039

let (domain, namespace): (Domain, i64) = {

2040

let mut stmt = tx

2041

.prepare(

2042

"SELECT domain, namespace FROM persistent.keyentry

WHERE

id = ?

AND state = ?;",

)

.context("Domain::KEY_ID: prepare statement failed")?;

2048

let mut rows = stmt

2049

.query(params![key.nspace, KeyLifeCycle::Live])

2050

.context("Domain::KEY_ID: query failed.")?;

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

2051

db_utils::with_rows_extract_one(&mut rows, |row| {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2052

let r =

2053

row.map_or_else(|| Err(KsError::Rc(ResponseCode::KEY_NOT_FOUND)), Ok)?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2054

Ok((

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2055

Domain(r.get(0).context("Failed to unpack domain.")?),

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2056

r.get(1).context("Failed to unpack namespace.")?,

2057

))

2058

})

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

2059

.context("Domain::KEY_ID.")?

2060

};

2061

2062

// We may use a key by id after loading it by grant.

2063

// In this case we have to check if the caller has a grant for this particular

2064

// key. We can skip this if we already know that the caller is the owner.

2065

// But we cannot know this if domain is anything but App. E.g. in the case

2066

// of Domain::SELINUX we have to speculatively check for grants because we have to

2067

// consult the SEPolicy before we know if the caller is the owner.

2068

let access_vector: Option<KeyPermSet> =

2069

if domain != Domain::APP || namespace != caller_uid as i64 {

2070

let access_vector: Option<i32> = tx

2071

.query_row(

2072

"SELECT access_vector FROM persistent.grant

2073

WHERE grantee = ? AND keyentryid = ?;",

2074

params![caller_uid as i64, key.nspace],

|row| row.get(0),

)

.optional()

.context("Domain::KEY_ID: query grant failed.")?;

2079

access_vector.map(|p| p.into())

} else {

None

};

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2084

let key_id = key.nspace;

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2085

let mut access_key: KeyDescriptor = key.clone();

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2086

access_key.domain = domain;

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2087

access_key.nspace = namespace;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2088

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

2089

Ok((key_id, access_key, access_vector))

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2090

}

Rajesh Nyamagoud

625e589

2022-05-18 01:31:26 +0000

[diff] [blame]

2091

_ => Err(anyhow!(KsError::Rc(ResponseCode::INVALID_ARGUMENT))),

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

}

}

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2095

fn load_blob_components(

2096

key_id: i64,

2097

load_bits: KeyEntryLoadBits,

2098

tx: &Transaction,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2099

) -> Result<(bool, Option<(Vec<u8>, BlobMetaData)>, Option<Vec<u8>>, Option<Vec<u8>>)> {

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2100

let mut stmt = tx

2101

.prepare(

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2102

"SELECT MAX(id), subcomponent_type, blob FROM persistent.blobentry

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2103

WHERE keyentryid = ? GROUP BY subcomponent_type;",

2104

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2105

.context(ks_err!("prepare statement failed."))?;

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2106

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2107

let mut rows = stmt.query(params![key_id]).context(ks_err!("query failed."))?;

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2108

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2109

let mut key_blob: Option<(i64, Vec<u8>)> = None;

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2110

let mut cert_blob: Option<Vec<u8>> = None;

2111

let mut cert_chain_blob: Option<Vec<u8>> = None;

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

2112

let mut has_km_blob: bool = false;

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

2113

db_utils::with_rows_extract_all(&mut rows, |row| {

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2114

let sub_type: SubComponentType =

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2115

row.get(1).context("Failed to extract subcomponent_type.")?;

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

2116

has_km_blob = has_km_blob || sub_type == SubComponentType::KEY_BLOB;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2117

match (sub_type, load_bits.load_public(), load_bits.load_km()) {

2118

(SubComponentType::KEY_BLOB, _, true) => {

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2119

key_blob = Some((

2120

row.get(0).context("Failed to extract key blob id.")?,

2121

row.get(2).context("Failed to extract key blob.")?,

2122

));

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2123

}

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2124

(SubComponentType::CERT, true, _) => {

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2125

cert_blob =

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2126

Some(row.get(2).context("Failed to extract public certificate blob.")?);

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2127

}

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2128

(SubComponentType::CERT_CHAIN, true, _) => {

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2129

cert_chain_blob =

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2130

Some(row.get(2).context("Failed to extract certificate chain blob.")?);

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2131

}

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2132

(SubComponentType::CERT, _, _)

2133

| (SubComponentType::CERT_CHAIN, _, _)

2134

| (SubComponentType::KEY_BLOB, _, _) => {}

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2135

_ => Err(KsError::sys()).context("Unknown subcomponent type.")?,

2136

}

2137

Ok(())

2138

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2139

.context(ks_err!())?;

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2140

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2141

let blob_info = key_blob.map_or::<Result<_>, _>(Ok(None), |(blob_id, blob)| {

2142

Ok(Some((

2143

blob,

2144

BlobMetaData::load_from_db(blob_id, tx)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2145

.context(ks_err!("Trying to load blob_metadata."))?,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

)))

})?;

Ok((has_km_blob, blob_info, cert_blob, cert_chain_blob))

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2150

}

2151

2152

fn load_key_parameters(key_id: i64, tx: &Transaction) -> Result<Vec<KeyParameter>> {

2153

let mut stmt = tx

2154

.prepare(

2155

"SELECT tag, data, security_level from persistent.keyparameter

2156

WHERE keyentryid = ?;",

2157

)

2158

.context("In load_key_parameters: prepare statement failed.")?;

2159

2160

let mut parameters: Vec<KeyParameter> = Vec::new();

2161

2162

let mut rows =

2163

stmt.query(params![key_id]).context("In load_key_parameters: query failed.")?;

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

2164

db_utils::with_rows_extract_all(&mut rows, |row| {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

2165

let tag = Tag(row.get(0).context("Failed to read tag.")?);

2166

let sec_level = SecurityLevel(row.get(2).context("Failed to read sec_level.")?);

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2167

parameters.push(

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

2168

KeyParameter::new_from_sql(tag, &SqlField::new(1, row), sec_level)

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2169

.context("Failed to read KeyParameter.")?,

2170

);

2171

Ok(())

2172

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2173

.context(ks_err!())?;

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

Ok(parameters)

}

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

2178

/// Decrements the usage count of a limited use key. This function first checks whether the

2179

/// usage has been exhausted, if not, decreases the usage count. If the usage count reaches

2180

/// zero, the key also gets marked unreferenced and scheduled for deletion.

2181

/// Returns Ok(true) if the key was marked unreferenced as a hint to the garbage collector.

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2182

pub fn check_and_update_key_usage_count(&mut self, key_id: i64) -> Result<()> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2183

let _wp = wd::watch_millis("KeystoreDB::check_and_update_key_usage_count", 500);

2184

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

2185

self.with_transaction(TransactionBehavior::Immediate, |tx| {

2186

let limit: Option<i32> = tx

2187

.query_row(

2188

"SELECT data FROM persistent.keyparameter WHERE keyentryid = ? AND tag = ?;",

2189

params![key_id, Tag::USAGE_COUNT_LIMIT.0],

|row| row.get(0),

)

.optional()

.context("Trying to load usage count")?;

2194

2195

let limit = limit

2196

.ok_or(KsError::Km(ErrorCode::INVALID_KEY_BLOB))

2197

.context("The Key no longer exists. Key is exhausted.")?;

2198

2199

tx.execute(

2200

"UPDATE persistent.keyparameter

2201

SET data = data - 1

2202

WHERE keyentryid = ? AND tag = ? AND data > 0;",

2203

params![key_id, Tag::USAGE_COUNT_LIMIT.0],

2204

)

2205

.context("Failed to update key usage count.")?;

2206

2207

match limit {

2208

1 => Self::mark_unreferenced(tx, key_id)

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2209

.map(|need_gc| (need_gc, ()))

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

2210

.context("Trying to mark limited use key for deletion."),

2211

0 => Err(KsError::Km(ErrorCode::INVALID_KEY_BLOB)).context("Key is exhausted."),

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2212

_ => Ok(()).no_gc(),

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

2213

}

2214

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2215

.context(ks_err!())

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

2216

}

2217

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2218

/// Load a key entry by the given key descriptor.

2219

/// It uses the `check_permission` callback to verify if the access is allowed

2220

/// given the key access tuple read from the database using `load_access_tuple`.

2221

/// With `load_bits` the caller may specify which blobs shall be loaded from

2222

/// the blob database.

2223

pub fn load_key_entry(

2224

&mut self,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2225

key: &KeyDescriptor,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2226

key_type: KeyType,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2227

load_bits: KeyEntryLoadBits,

2228

caller_uid: u32,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2229

check_permission: impl Fn(&KeyDescriptor, Option<KeyPermSet>) -> Result<()>,

2230

) -> Result<(KeyIdGuard, KeyEntry)> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2231

let _wp = wd::watch_millis("KeystoreDB::load_key_entry", 500);

2232

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2233

loop {

2234

match self.load_key_entry_internal(

key,

key_type,

load_bits,

caller_uid,

&check_permission,

) {

Ok(result) => break Ok(result),

2242

Err(e) => {

2243

if Self::is_locked_error(&e) {

2244

std::thread::sleep(std::time::Duration::from_micros(500));

2245

continue;

2246

} else {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2247

return Err(e).context(ks_err!());

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

}

}

}

}

}

fn load_key_entry_internal(

&mut self,

key: &KeyDescriptor,

key_type: KeyType,

load_bits: KeyEntryLoadBits,

2259

caller_uid: u32,

2260

check_permission: &impl Fn(&KeyDescriptor, Option<KeyPermSet>) -> Result<()>,

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

2261

) -> Result<(KeyIdGuard, KeyEntry)> {

2262

// KEY ID LOCK 1/2

2263

// If we got a key descriptor with a key id we can get the lock right away.

2264

// Otherwise we have to defer it until we know the key id.

2265

let key_id_guard = match key.domain {

2266

Domain::KEY_ID => Some(KEY_ID_LOCK.get(key.nspace)),

_ => None,

};

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2270

let tx = self

2271

.conn

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

2272

.unchecked_transaction()

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2273

.context(ks_err!("Failed to initialize transaction."))?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2274

2275

// Load the key_id and complete the access control tuple.

2276

let (key_id, access_key_descriptor, access_vector) =

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2277

Self::load_access_tuple(&tx, key, key_type, caller_uid).context(ks_err!())?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2278

2279

// Perform access control. It is vital that we return here if the permission is denied.

2280

// So do not touch that '?' at the end.

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2281

check_permission(&access_key_descriptor, access_vector).context(ks_err!())?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2282

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

2283

// KEY ID LOCK 2/2

2284

// If we did not get a key id lock by now, it was because we got a key descriptor

2285

// without a key id. At this point we got the key id, so we can try and get a lock.

2286

// However, we cannot block here, because we are in the middle of the transaction.

2287

// So first we try to get the lock non blocking. If that fails, we roll back the

2288

// transaction and block until we get the lock. After we successfully got the lock,

2289

// we start a new transaction and load the access tuple again.

2290

//

2291

// We don't need to perform access control again, because we already established

2292

// that the caller had access to the given key. But we need to make sure that the

2293

// key id still exists. So we have to load the key entry by key id this time.

2294

let (key_id_guard, tx) = match key_id_guard {

2295

None => match KEY_ID_LOCK.try_get(key_id) {

2296

None => {

2297

// Roll back the transaction.

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2298

tx.rollback().context(ks_err!("Failed to roll back transaction."))?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2299

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

2300

// Block until we have a key id lock.

2301

let key_id_guard = KEY_ID_LOCK.get(key_id);

2302

2303

// Create a new transaction.

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2304

let tx = self

2305

.conn

2306

.unchecked_transaction()

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2307

.context(ks_err!("Failed to initialize transaction."))?;

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

2308

2309

Self::load_access_tuple(

2310

&tx,

2311

// This time we have to load the key by the retrieved key id, because the

2312

// alias may have been rebound after we rolled back the transaction.

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2313

&KeyDescriptor {

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

2314

domain: Domain::KEY_ID,

2315

nspace: key_id,

2316

..Default::default()

2317

},

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2318

key_type,

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

2319

caller_uid,

2320

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2321

.context(ks_err!("(deferred key lock)"))?;

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

(key_id_guard, tx)

}

Some(l) => (l, tx),

},

Some(key_id_guard) => (key_id_guard, tx),

2327

};

2328

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2329

let key_entry =

2330

Self::load_key_components(&tx, load_bits, key_id_guard.id()).context(ks_err!())?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2331

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2332

tx.commit().context(ks_err!("Failed to commit transaction."))?;

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2333

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2334

Ok((key_id_guard, key_entry))

2335

}

2336

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

2337

fn mark_unreferenced(tx: &Transaction, key_id: i64) -> Result<bool> {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2338

let updated = tx

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2339

.execute("DELETE FROM persistent.keyentry WHERE id = ?;", params![key_id])

2340

.context("Trying to delete keyentry.")?;

2341

tx.execute("DELETE FROM persistent.keymetadata WHERE keyentryid = ?;", params![key_id])

2342

.context("Trying to delete keymetadata.")?;

2343

tx.execute("DELETE FROM persistent.keyparameter WHERE keyentryid = ?;", params![key_id])

2344

.context("Trying to delete keyparameters.")?;

2345

tx.execute("DELETE FROM persistent.grant WHERE keyentryid = ?;", params![key_id])

2346

.context("Trying to delete grants.")?;

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

2347

Ok(updated != 0)

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2348

}

2349

2350

/// Marks the given key as unreferenced and removes all of the grants to this key.

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

2351

/// Returns Ok(true) if a key was marked unreferenced as a hint for the garbage collector.

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2352

pub fn unbind_key(

2353

&mut self,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2354

key: &KeyDescriptor,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2355

key_type: KeyType,

2356

caller_uid: u32,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2357

check_permission: impl Fn(&KeyDescriptor, Option<KeyPermSet>) -> Result<()>,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2358

) -> Result<()> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2359

let _wp = wd::watch_millis("KeystoreDB::unbind_key", 500);

2360

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2361

self.with_transaction(TransactionBehavior::Immediate, |tx| {

2362

let (key_id, access_key_descriptor, access_vector) =

2363

Self::load_access_tuple(tx, key, key_type, caller_uid)

2364

.context("Trying to get access tuple.")?;

2365

2366

// Perform access control. It is vital that we return here if the permission is denied.

2367

// So do not touch that '?' at the end.

2368

check_permission(&access_key_descriptor, access_vector)

2369

.context("While checking permission.")?;

2370

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2371

Self::mark_unreferenced(tx, key_id)

2372

.map(|need_gc| (need_gc, ()))

2373

.context("Trying to mark the key unreferenced.")

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2374

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2375

.context(ks_err!())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2376

}

2377

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

2378

fn get_key_km_uuid(tx: &Transaction, key_id: i64) -> Result<Uuid> {

2379

tx.query_row(

2380

"SELECT km_uuid FROM persistent.keyentry WHERE id = ?",

2381

params![key_id],

2382

|row| row.get(0),

2383

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2384

.context(ks_err!())

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

2385

}

2386

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2387

/// Delete all artifacts belonging to the namespace given by the domain-namespace tuple.

2388

/// This leaves all of the blob entries orphaned for subsequent garbage collection.

2389

pub fn unbind_keys_for_namespace(&mut self, domain: Domain, namespace: i64) -> Result<()> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2390

let _wp = wd::watch_millis("KeystoreDB::unbind_keys_for_namespace", 500);

2391

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2392

if !(domain == Domain::APP || domain == Domain::SELINUX) {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2393

return Err(KsError::Rc(ResponseCode::INVALID_ARGUMENT)).context(ks_err!());

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2394

}

2395

self.with_transaction(TransactionBehavior::Immediate, |tx| {

2396

tx.execute(

2397

"DELETE FROM persistent.keymetadata

2398

WHERE keyentryid IN (

2399

SELECT id FROM persistent.keyentry

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

2400

WHERE domain = ? AND namespace = ? AND key_type = ?

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2401

);",

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

2402

params![domain.0, namespace, KeyType::Client],

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2403

)

2404

.context("Trying to delete keymetadata.")?;

2405

tx.execute(

2406

"DELETE FROM persistent.keyparameter

2407

WHERE keyentryid IN (

2408

SELECT id FROM persistent.keyentry

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

2409

WHERE domain = ? AND namespace = ? AND key_type = ?

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2410

);",

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

2411

params![domain.0, namespace, KeyType::Client],

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2412

)

2413

.context("Trying to delete keyparameters.")?;

2414

tx.execute(

2415

"DELETE FROM persistent.grant

2416

WHERE keyentryid IN (

2417

SELECT id FROM persistent.keyentry

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

2418

WHERE domain = ? AND namespace = ? AND key_type = ?

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2419

);",

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

2420

params![domain.0, namespace, KeyType::Client],

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2421

)

2422

.context("Trying to delete grants.")?;

2423

tx.execute(

Janis Danisevskis

b146f31

2021-05-06 15:05:45 -0700

[diff] [blame]

2424

"DELETE FROM persistent.keyentry

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

2425

WHERE domain = ? AND namespace = ? AND key_type = ?;",

2426

params![domain.0, namespace, KeyType::Client],

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2427

)

2428

.context("Trying to delete keyentry.")?;

2429

Ok(()).need_gc()

2430

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2431

.context(ks_err!())

Janis Danisevskis

2021-02-22 18:46:55 -0800

[diff] [blame]

2432

}

2433

Janis Danisevskis

3cba10d

2021-05-06 17:02:19 -0700

[diff] [blame]

2434

fn cleanup_unreferenced(tx: &Transaction) -> Result<()> {

2435

let _wp = wd::watch_millis("KeystoreDB::cleanup_unreferenced", 500);

2436

{

2437

tx.execute(

2438

"DELETE FROM persistent.keymetadata

2439

WHERE keyentryid IN (

2440

SELECT id FROM persistent.keyentry

2441

WHERE state = ?

2442

);",

2443

params![KeyLifeCycle::Unreferenced],

2444

)

2445

.context("Trying to delete keymetadata.")?;

2446

tx.execute(

2447

"DELETE FROM persistent.keyparameter

2448

WHERE keyentryid IN (

2449

SELECT id FROM persistent.keyentry

2450

WHERE state = ?

2451

);",

2452

params![KeyLifeCycle::Unreferenced],

2453

)

2454

.context("Trying to delete keyparameters.")?;

2455

tx.execute(

2456

"DELETE FROM persistent.grant

2457

WHERE keyentryid IN (

2458

SELECT id FROM persistent.keyentry

2459

WHERE state = ?

2460

);",

2461

params![KeyLifeCycle::Unreferenced],

2462

)

2463

.context("Trying to delete grants.")?;

2464

tx.execute(

2465

"DELETE FROM persistent.keyentry

2466

WHERE state = ?;",

2467

params![KeyLifeCycle::Unreferenced],

2468

)

2469

.context("Trying to delete keyentry.")?;

2470

Result::<()>::Ok(())

2471

}

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2472

.context(ks_err!())

Janis Danisevskis

3cba10d

2021-05-06 17:02:19 -0700

[diff] [blame]

2473

}

2474

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2475

/// Delete the keys created on behalf of the user, denoted by the user id.

2476

/// Delete all the keys unless 'keep_non_super_encrypted_keys' set to true.

2477

/// Returned boolean is to hint the garbage collector to delete the unbound keys.

2478

/// The caller of this function should notify the gc if the returned value is true.

2479

pub fn unbind_keys_for_user(

2480

&mut self,

2481

user_id: u32,

2482

keep_non_super_encrypted_keys: bool,

2483

) -> Result<()> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2484

let _wp = wd::watch_millis("KeystoreDB::unbind_keys_for_user", 500);

2485

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2486

self.with_transaction(TransactionBehavior::Immediate, |tx| {

2487

let mut stmt = tx

2488

.prepare(&format!(

2489

"SELECT id from persistent.keyentry

WHERE (

key_type = ?

AND domain = ?

AND cast ( (namespace/{aid_user_offset}) as int) = ?

AND state = ?

) OR (

key_type = ?

AND namespace = ?

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2498

AND state = ?

2499

);",

2500

aid_user_offset = AID_USER_OFFSET

2501

))

2502

.context(concat!(

2503

"In unbind_keys_for_user. ",

2504

"Failed to prepare the query to find the keys created by apps."

))?;

let mut rows = stmt

.query(params![

// WHERE client key:

KeyType::Client,

Domain::APP.0 as u32,

user_id,

KeyLifeCycle::Live,

// OR super key:

KeyType::Super,

user_id,

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2517

KeyLifeCycle::Live

2518

])

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2519

.context(ks_err!("Failed to query the keys created by apps."))?;

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2520

2521

let mut key_ids: Vec<i64> = Vec::new();

2522

db_utils::with_rows_extract_all(&mut rows, |row| {

2523

key_ids

2524

.push(row.get(0).context("Failed to read key id of a key created by an app.")?);

2525

Ok(())

2526

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2527

.context(ks_err!())?;

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2528

2529

let mut notify_gc = false;

2530

for key_id in key_ids {

2531

if keep_non_super_encrypted_keys {

2532

// Load metadata and filter out non-super-encrypted keys.

2533

if let (_, Some((_, blob_metadata)), _, _) =

2534

Self::load_blob_components(key_id, KeyEntryLoadBits::KM, tx)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2535

.context(ks_err!("Trying to load blob info."))?

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2536

{

2537

if blob_metadata.encrypted_by().is_none() {

continue;

}

}

}

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

2542

notify_gc = Self::mark_unreferenced(tx, key_id)

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2543

.context("In unbind_keys_for_user.")?

2544

|| notify_gc;

2545

}

2546

Ok(()).do_gc(notify_gc)

2547

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2548

.context(ks_err!())

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

2549

}

2550

Eric Biggers

b0478cf

2023-10-27 03:55:29 +0000

[diff] [blame]

2551

/// Deletes all auth-bound keys, i.e. keys that require user authentication, for the given user.

2552

/// This runs when the user's lock screen is being changed to Swipe or None.

2553

///

2554

/// This intentionally does *not* delete keys that require that the device be unlocked, unless

2555

/// such keys also require user authentication. Keystore's concept of user authentication is

2556

/// fairly strong, and it requires that keys that require authentication be deleted as soon as

2557

/// authentication is no longer possible. In contrast, keys that just require that the device

2558

/// be unlocked should remain usable when the lock screen is set to Swipe or None, as the device

2559

/// is always considered "unlocked" in that case.

2560

pub fn unbind_auth_bound_keys_for_user(&mut self, user_id: u32) -> Result<()> {

2561

let _wp = wd::watch_millis("KeystoreDB::unbind_auth_bound_keys_for_user", 500);

2562

2563

self.with_transaction(TransactionBehavior::Immediate, |tx| {

2564

let mut stmt = tx

2565

.prepare(&format!(

2566

"SELECT id from persistent.keyentry

2567

WHERE key_type = ?

2568

AND domain = ?

2569

AND cast ( (namespace/{aid_user_offset}) as int) = ?

2570

AND state = ?;",

2571

aid_user_offset = AID_USER_OFFSET

2572

))

2573

.context(concat!(

2574

"In unbind_auth_bound_keys_for_user. ",

2575

"Failed to prepare the query to find the keys created by apps."

))?;

let mut rows = stmt

.query(params![KeyType::Client, Domain::APP.0 as u32, user_id, KeyLifeCycle::Live,])

2580

.context(ks_err!("Failed to query the keys created by apps."))?;

2581

2582

let mut key_ids: Vec<i64> = Vec::new();

2583

db_utils::with_rows_extract_all(&mut rows, |row| {

2584

key_ids

2585

.push(row.get(0).context("Failed to read key id of a key created by an app.")?);

2586

Ok(())

2587

})

2588

.context(ks_err!())?;

2589

2590

let mut notify_gc = false;

2591

let mut num_unbound = 0;

2592

for key_id in key_ids {

2593

// Load the key parameters and filter out non-auth-bound keys. To identify

2594

// auth-bound keys, use the presence of UserSecureID. The absence of NoAuthRequired

2595

// could also be used, but UserSecureID is what Keystore treats as authoritative

2596

// when actually enforcing the key parameters (it might not matter, though).

2597

let params = Self::load_key_parameters(key_id, tx)

2598

.context("Failed to load key parameters.")?;

2599

let is_auth_bound_key = params.iter().any(|kp| {

2600

matches!(kp.key_parameter_value(), KeyParameterValue::UserSecureID(_))

2601

});

2602

if is_auth_bound_key {

2603

notify_gc = Self::mark_unreferenced(tx, key_id)

2604

.context("In unbind_auth_bound_keys_for_user.")?

|| notify_gc;

num_unbound += 1;

}

}

log::info!("Deleting {num_unbound} auth-bound keys for user {user_id}");

2610

Ok(()).do_gc(notify_gc)

})

.context(ks_err!())

}

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2615

fn load_key_components(

2616

tx: &Transaction,

2617

load_bits: KeyEntryLoadBits,

2618

key_id: i64,

2619

) -> Result<KeyEntry> {

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

2620

let metadata = KeyMetaData::load_from_db(key_id, tx).context("In load_key_components.")?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2621

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2622

let (has_km_blob, key_blob_info, cert_blob, cert_chain_blob) =

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

2623

Self::load_blob_components(key_id, load_bits, tx).context("In load_key_components.")?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2624

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

2625

let parameters = Self::load_key_parameters(key_id, tx)

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

2626

.context("In load_key_components: Trying to load key parameters.")?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2627

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

2628

let km_uuid = Self::get_key_km_uuid(tx, key_id)

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

2629

.context("In load_key_components: Trying to get KM uuid.")?;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

2630

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2631

Ok(KeyEntry {

2632

id: key_id,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2633

key_blob_info,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2634

cert: cert_blob,

2635

cert_chain: cert_chain_blob,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

2636

km_uuid,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2637

parameters,

2638

metadata,

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

2639

pure_cert: !has_km_blob,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

2640

})

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2641

}

2642

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2643

/// Returns a list of KeyDescriptors in the selected domain/namespace whose

2644

/// aliases are greater than the specified 'start_past_alias'. If no value

2645

/// is provided, returns all KeyDescriptors.

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

2646

/// The key descriptors will have the domain, nspace, and alias field set.

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2647

/// The returned list will be sorted by alias.

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

2648

/// Domain must be APP or SELINUX, the caller must make sure of that.

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2649

pub fn list_past_alias(

Janis Danisevskis

1831383

2021-05-17 13:30:32 -0700

[diff] [blame]

&mut self,

domain: Domain,

namespace: i64,

key_type: KeyType,

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2654

start_past_alias: Option<&str>,

Janis Danisevskis

1831383

2021-05-17 13:30:32 -0700

[diff] [blame]

2655

) -> Result<Vec<KeyDescriptor>> {

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2656

let _wp = wd::watch_millis("KeystoreDB::list_past_alias", 500);

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2657

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2658

let query = format!(

2659

"SELECT DISTINCT alias FROM persistent.keyentry

Janis Danisevskis

1831383

2021-05-17 13:30:32 -0700

[diff] [blame]

2660

WHERE domain = ?

2661

AND namespace = ?

2662

AND alias IS NOT NULL

2663

AND state = ?

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2664

AND key_type = ?

2665

{}

2666

ORDER BY alias ASC;",

2667

if start_past_alias.is_some() { " AND alias > ?" } else { "" }

2668

);

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

2669

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2670

self.with_transaction(TransactionBehavior::Deferred, |tx| {

2671

let mut stmt = tx.prepare(&query).context(ks_err!("Failed to prepare."))?;

2672

2673

let mut rows = match start_past_alias {

2674

Some(past_alias) => stmt

.query(params![

domain.0 as u32,

namespace,

KeyLifeCycle::Live,

key_type,

past_alias

])

.context(ks_err!("Failed to query."))?,

2683

None => stmt

2684

.query(params![domain.0 as u32, namespace, KeyLifeCycle::Live, key_type,])

2685

.context(ks_err!("Failed to query."))?,

2686

};

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

2687

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2688

let mut descriptors: Vec<KeyDescriptor> = Vec::new();

2689

db_utils::with_rows_extract_all(&mut rows, |row| {

2690

descriptors.push(KeyDescriptor {

2691

domain,

2692

nspace: namespace,

2693

alias: Some(row.get(0).context("Trying to extract alias.")?),

blob: None,

});

Ok(())

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2698

.context(ks_err!("Failed to extract rows."))?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2699

Ok(descriptors).no_gc()

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

2700

})

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

2701

}

2702

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

2703

/// Returns a number of KeyDescriptors in the selected domain/namespace.

2704

/// Domain must be APP or SELINUX, the caller must make sure of that.

pub fn count_keys(

&mut self,

domain: Domain,

namespace: i64,

key_type: KeyType,

) -> Result<usize> {

let _wp = wd::watch_millis("KeystoreDB::countKeys", 500);

2712

2713

let num_keys = self.with_transaction(TransactionBehavior::Deferred, |tx| {

2714

tx.query_row(

2715

"SELECT COUNT(alias) FROM persistent.keyentry

2716

WHERE domain = ?

2717

AND namespace = ?

2718

AND alias IS NOT NULL

2719

AND state = ?

2720

AND key_type = ?;",

2721

params![domain.0 as u32, namespace, KeyLifeCycle::Live, key_type],

2722

|row| row.get(0),

2723

)

2724

.context(ks_err!("Failed to count number of keys."))

.no_gc()

})?;

Ok(num_keys)

}

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2730

/// Adds a grant to the grant table.

2731

/// Like `load_key_entry` this function loads the access tuple before

2732

/// it uses the callback for a permission check. Upon success,

2733

/// it inserts the `grantee_uid`, `key_id`, and `access_vector` into the

2734

/// grant table. The new row will have a randomized id, which is used as

2735

/// grant id in the namespace field of the resulting KeyDescriptor.

2736

pub fn grant(

2737

&mut self,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2738

key: &KeyDescriptor,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2739

caller_uid: u32,

2740

grantee_uid: u32,

2741

access_vector: KeyPermSet,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2742

check_permission: impl Fn(&KeyDescriptor, &KeyPermSet) -> Result<()>,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2743

) -> Result<KeyDescriptor> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2744

let _wp = wd::watch_millis("KeystoreDB::grant", 500);

2745

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2746

self.with_transaction(TransactionBehavior::Immediate, |tx| {

2747

// Load the key_id and complete the access control tuple.

2748

// We ignore the access vector here because grants cannot be granted.

2749

// The access vector returned here expresses the permissions the

2750

// grantee has if key.domain == Domain::GRANT. But this vector

2751

// cannot include the grant permission by design, so there is no way the

2752

// subsequent permission check can pass.

2753

// We could check key.domain == Domain::GRANT and fail early.

2754

// But even if we load the access tuple by grant here, the permission

2755

// check denies the attempt to create a grant by grant descriptor.

2756

let (key_id, access_key_descriptor, _) =

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2757

Self::load_access_tuple(tx, key, KeyType::Client, caller_uid).context(ks_err!())?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2758

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2759

// Perform access control. It is vital that we return here if the permission

2760

// was denied. So do not touch that '?' at the end of the line.

2761

// This permission check checks if the caller has the grant permission

2762

// for the given key and in addition to all of the permissions

2763

// expressed in `access_vector`.

2764

check_permission(&access_key_descriptor, &access_vector)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2765

.context(ks_err!("check_permission failed"))?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2766

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2767

let grant_id = if let Some(grant_id) = tx

2768

.query_row(

2769

"SELECT id FROM persistent.grant

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2770

WHERE keyentryid = ? AND grantee = ?;",

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2771

params![key_id, grantee_uid],

2772

|row| row.get(0),

2773

)

2774

.optional()

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2775

.context(ks_err!("Failed get optional existing grant id."))?

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2776

{

2777

tx.execute(

2778

"UPDATE persistent.grant

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2779

SET access_vector = ?

2780

WHERE id = ?;",

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2781

params![i32::from(access_vector), grant_id],

Joel Galenson

2020-09-09 14:11:55 -0700

[diff] [blame]

2782

)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2783

.context(ks_err!("Failed to update existing grant."))?;

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2784

grant_id

2785

} else {

2786

Self::insert_with_retry(|id| {

2787

tx.execute(

2788

"INSERT INTO persistent.grant (id, grantee, keyentryid, access_vector)

2789

VALUES (?, ?, ?, ?);",

2790

params![id, grantee_uid, key_id, i32::from(access_vector)],

2791

)

2792

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2793

.context(ks_err!())?

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2794

};

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2795

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2796

Ok(KeyDescriptor { domain: Domain::GRANT, nspace: grant_id, alias: None, blob: None })

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2797

.no_gc()

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2798

})

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2799

}

2800

2801

/// This function checks permissions like `grant` and `load_key_entry`

2802

/// before removing a grant from the grant table.

2803

pub fn ungrant(

2804

&mut self,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2805

key: &KeyDescriptor,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2806

caller_uid: u32,

2807

grantee_uid: u32,

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2808

check_permission: impl Fn(&KeyDescriptor) -> Result<()>,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2809

) -> Result<()> {

Janis Danisevskis

2021-05-05 08:41:14 -0700

[diff] [blame]

2810

let _wp = wd::watch_millis("KeystoreDB::ungrant", 500);

2811

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2812

self.with_transaction(TransactionBehavior::Immediate, |tx| {

2813

// Load the key_id and complete the access control tuple.

2814

// We ignore the access vector here because grants cannot be granted.

2815

let (key_id, access_key_descriptor, _) =

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2816

Self::load_access_tuple(tx, key, KeyType::Client, caller_uid).context(ks_err!())?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2817

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2818

// Perform access control. We must return here if the permission

2819

// was denied. So do not touch the '?' at the end of this line.

2820

check_permission(&access_key_descriptor)

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2821

.context(ks_err!("check_permission failed."))?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2822

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2823

tx.execute(

2824

"DELETE FROM persistent.grant

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2825

WHERE keyentryid = ? AND grantee = ?;",

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2826

params![key_id, grantee_uid],

2827

)

2828

.context("Failed to delete grant.")?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2829

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

2830

Ok(()).no_gc()

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

2831

})

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2832

}

2833

Joel Galenson

2020-09-09 14:11:55 -0700

[diff] [blame]

2834

// Generates a random id and passes it to the given function, which will

2835

// try to insert it into a database. If that insertion fails, retry;

2836

// otherwise return the id.

2837

fn insert_with_retry(inserter: impl Fn(i64) -> rusqlite::Result<usize>) -> Result<i64> {

2838

loop {

Janis Danisevskis

2021-02-18 20:04:10 -0800

[diff] [blame]

2839

let newid: i64 = match random() {

2840

Self::UNASSIGNED_KEY_ID => continue, // UNASSIGNED_KEY_ID cannot be assigned.

2841

i => i,

2842

};

Joel Galenson

2020-09-09 14:11:55 -0700

[diff] [blame]

2843

match inserter(newid) {

2844

// If the id already existed, try again.

2845

Err(rusqlite::Error::SqliteFailure(

2846

libsqlite3_sys::Error {

2847

code: libsqlite3_sys::ErrorCode::ConstraintViolation,

2848

extended_code: libsqlite3_sys::SQLITE_CONSTRAINT_UNIQUE,

},

_,

)) => (),

Err(e) => {

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2853

return Err(e).context(ks_err!("failed to insert into database."));

Joel Galenson

2020-09-09 14:11:55 -0700

[diff] [blame]

2854

}

2855

_ => return Ok(newid),

2856

}

2857

}

2858

}

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

2859

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

2860

/// Insert or replace the auth token based on (user_id, auth_id, auth_type)

2861

pub fn insert_auth_token(&mut self, auth_token: &HardwareAuthToken) {

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

2862

self.perboot

2863

.insert_auth_token_entry(AuthTokenEntry::new(auth_token.clone(), BootTime::now()))

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

2864

}

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

2865

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

2866

/// Find the newest auth token matching the given predicate.

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

2867

pub fn find_auth_token_entry<F>(&self, p: F) -> Option<(AuthTokenEntry, BootTime)>

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

2868

where

2869

F: Fn(&AuthTokenEntry) -> bool,

2870

{

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

2871

self.perboot.find_auth_token_entry(p).map(|entry| (entry, self.get_last_off_body()))

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

2872

}

2873

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

2874

/// Insert last_off_body into the metadata table at the initialization of auth token table

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

2875

pub fn insert_last_off_body(&self, last_off_body: BootTime) {

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

2876

self.perboot.set_last_off_body(last_off_body)

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

2877

}

2878

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

2879

/// Update last_off_body when on_device_off_body is called

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

2880

pub fn update_last_off_body(&self, last_off_body: BootTime) {

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

2881

self.perboot.set_last_off_body(last_off_body)

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

2882

}

2883

Janis Danisevskis

2021-01-11 14:19:42 -0800

[diff] [blame]

2884

/// Get last_off_body time when finding auth tokens

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

2885

fn get_last_off_body(&self) -> BootTime {

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

2886

self.perboot.get_last_off_body()

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

2887

}

Pavel Grafov

f45034a

2021-05-12 22:35:45 +0100

[diff] [blame]

2888

2889

/// Load descriptor of a key by key id

2890

pub fn load_key_descriptor(&mut self, key_id: i64) -> Result<Option<KeyDescriptor>> {

2891

let _wp = wd::watch_millis("KeystoreDB::load_key_descriptor", 500);

2892

2893

self.with_transaction(TransactionBehavior::Deferred, |tx| {

2894

tx.query_row(

2895

"SELECT domain, namespace, alias FROM persistent.keyentry WHERE id = ?;",

params![key_id],

|row| {

Ok(KeyDescriptor {

domain: Domain(row.get(0)?),

nspace: row.get(1)?,

alias: row.get(2)?,

blob: None,

})

},

)

.optional()

.context("Trying to load key descriptor")

2908

.no_gc()

2909

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

2910

.context(ks_err!())

Pavel Grafov

f45034a

2021-05-12 22:35:45 +0100

[diff] [blame]

2911

}

Eran Messeri

2024-01-09 12:43:31 +0000

[diff] [blame]

2912

2913

/// Returns a list of app UIDs that have keys authenticated by the given secure_user_id

2914

/// (for the given user_id).

2915

/// This is helpful for finding out which apps will have their keys invalidated when

2916

/// the user changes biometrics enrollment or removes their LSKF.

2917

pub fn get_app_uids_affected_by_sid(

&mut self,

user_id: i32,

secure_user_id: i64,

) -> Result<Vec<i64>> {

2922

let _wp = wd::watch_millis("KeystoreDB::get_app_uids_affected_by_sid", 500);

2923

2924

let key_ids_and_app_uids = self.with_transaction(TransactionBehavior::Immediate, |tx| {

2925

let mut stmt = tx

2926

.prepare(&format!(

2927

"SELECT id, namespace from persistent.keyentry

2928

WHERE key_type = ?

2929

AND domain = ?

2930

AND cast ( (namespace/{AID_USER_OFFSET}) as int) = ?

AND state = ?;",

))

.context(concat!(

"In get_app_uids_affected_by_sid, ",

2935

"failed to prepare the query to find the keys created by apps."

))?;

let mut rows = stmt

.query(params![KeyType::Client, Domain::APP.0 as u32, user_id, KeyLifeCycle::Live,])

2940

.context(ks_err!("Failed to query the keys created by apps."))?;

2941

2942

let mut key_ids_and_app_uids: HashMap<i64, i64> = Default::default();

2943

db_utils::with_rows_extract_all(&mut rows, |row| {

2944

key_ids_and_app_uids.insert(

2945

row.get(0).context("Failed to read key id of a key created by an app.")?,

2946

row.get(1).context("Failed to read the app uid")?,

);

Ok(())

})?;

Ok(key_ids_and_app_uids).no_gc()

2951

})?;

2952

let mut app_uids_affected_by_sid: HashSet<i64> = Default::default();

2953

for (key_id, app_uid) in key_ids_and_app_uids {

2954

// Read the key parameters for each key in its own transaction. It is OK to ignore

2955

// an error to get the properties of a particular key since it might have been deleted

2956

// under our feet after the previous transaction concluded. If the key was deleted

2957

// then it is no longer applicable if it was auth-bound or not.

2958

if let Ok(is_key_bound_to_sid) =

2959

self.with_transaction(TransactionBehavior::Immediate, |tx| {

2960

let params = Self::load_key_parameters(key_id, tx)

2961

.context("Failed to load key parameters.")?;

2962

// Check if the key is bound to this secure user ID.

2963

let is_key_bound_to_sid = params.iter().any(|kp| {

2964

matches!(

2965

kp.key_parameter_value(),

2966

KeyParameterValue::UserSecureID(sid) if *sid == secure_user_id

2967

)

2968

});

2969

Ok(is_key_bound_to_sid).no_gc()

2970

})

2971

{

2972

if is_key_bound_to_sid {

2973

app_uids_affected_by_sid.insert(app_uid);

}

}

}

let app_uids_vec: Vec<i64> = app_uids_affected_by_sid.into_iter().collect();

2979

Ok(app_uids_vec)

2980

}

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

2981

}

2982

2983

#[cfg(test)]

Seth Moore

7ee79f9

2021-12-07 11:42:49 -0800

[diff] [blame]

2984

pub mod tests {

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

2985

2986

use super::*;

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

2987

use crate::key_parameter::{

2988

Algorithm, BlockMode, Digest, EcCurve, HardwareAuthenticatorType, KeyOrigin, KeyParameter,

2989

KeyParameterValue, KeyPurpose, PaddingMode, SecurityLevel,

2990

};

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

2991

use crate::key_perm_set;

2992

use crate::permission::{KeyPerm, KeyPermSet};

Eric Biggers

2023-10-18 01:54:18 +0000

[diff] [blame]

2993

use crate::super_key::{SuperKeyManager, USER_AFTER_FIRST_UNLOCK_SUPER_KEY, SuperEncryptionAlgorithm, SuperKeyType};

Janis Danisevskis

2a8330a

2021-01-20 15:34:26 -0800

[diff] [blame]

2994

use keystore2_test_utils::TempDir;

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

2995

use android_hardware_security_keymint::aidl::android::hardware::security::keymint::{

2996

HardwareAuthToken::HardwareAuthToken,

2997

HardwareAuthenticatorType::HardwareAuthenticatorType as kmhw_authenticator_type,

Janis Danisevskis

c3a496b

2021-01-05 10:37:22 -0800

[diff] [blame]

2998

};

2999

use android_hardware_security_secureclock::aidl::android::hardware::security::secureclock::{

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

3000

Timestamp::Timestamp,

3001

};

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

3002

use rusqlite::TransactionBehavior;

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3003

use std::cell::RefCell;

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

3004

use std::collections::BTreeMap;

3005

use std::fmt::Write;

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

3006

use std::sync::atomic::{AtomicU8, Ordering};

Tri Vo

2023-05-12 14:16:31 -0400

[diff] [blame]

3007

use std::sync::Arc;

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

3008

use std::thread;

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

3009

use std::time::{Duration, SystemTime};

Janis Danisevskis

2022-01-26 14:11:14 -0800

[diff] [blame]

3010

use crate::utils::AesGcm;

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3011

#[cfg(disabled)]

3012

use std::time::Instant;

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3013

Seth Moore

7ee79f9

2021-12-07 11:42:49 -0800

[diff] [blame]

3014

pub fn new_test_db() -> Result<KeystoreDB> {

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

3015

let conn = KeystoreDB::make_connection("file::memory:")?;

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

3016

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

3017

let mut db = KeystoreDB { conn, gc: None, perboot: Arc::new(perboot::PerbootDB::new()) };

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3018

db.with_transaction(TransactionBehavior::Immediate, |tx| {

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3019

KeystoreDB::init_tables(tx).context("Failed to initialize tables.").no_gc()

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3020

})?;

3021

Ok(db)

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

3022

}

3023

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

fn rebind_alias(

db: &mut KeystoreDB,

newid: &KeyIdGuard,

alias: &str,

domain: Domain,

namespace: i64,

) -> Result<bool> {

db.with_transaction(TransactionBehavior::Immediate, |tx| {

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

3032

KeystoreDB::rebind_alias(tx, newid, alias, &domain, &namespace, KeyType::Client).no_gc()

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

3033

})

Shaquille Johnson

2022-09-19 12:39:01 +0000

[diff] [blame]

3034

.context(ks_err!())

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

3035

}

3036

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

3037

#[test]

3038

fn datetime() -> Result<()> {

3039

let conn = Connection::open_in_memory()?;

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

3040

conn.execute("CREATE TABLE test (ts DATETIME);", [])?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

3041

let now = SystemTime::now();

3042

let duration = Duration::from_secs(1000);

3043

let then = now.checked_sub(duration).unwrap();

3044

let soon = now.checked_add(duration).unwrap();

3045

conn.execute(

3046

"INSERT INTO test (ts) VALUES (?), (?), (?);",

3047

params![DateTime::try_from(now)?, DateTime::try_from(then)?, DateTime::try_from(soon)?],

3048

)?;

3049

let mut stmt = conn.prepare("SELECT ts FROM test ORDER BY ts ASC;")?;

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

3050

let mut rows = stmt.query([])?;

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

3051

assert_eq!(DateTime::try_from(then)?, rows.next()?.unwrap().get(0)?);

3052

assert_eq!(DateTime::try_from(now)?, rows.next()?.unwrap().get(0)?);

3053

assert_eq!(DateTime::try_from(soon)?, rows.next()?.unwrap().get(0)?);

3054

assert!(rows.next()?.is_none());

3055

assert!(DateTime::try_from(then)? < DateTime::try_from(now)?);

3056

assert!(DateTime::try_from(then)? < DateTime::try_from(soon)?);

3057

assert!(DateTime::try_from(now)? < DateTime::try_from(soon)?);

Ok(())

}

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3061

// Ensure that we're using the "injected" random function, not the real one.

3062

#[test]

3063

fn test_mocked_random() {

3064

let rand1 = random();

3065

let rand2 = random();

3066

let rand3 = random();

3067

if rand1 == rand2 {

3068

assert_eq!(rand2 + 1, rand3);

3069

} else {

3070

assert_eq!(rand1 + 1, rand2);

3071

assert_eq!(rand2, rand3);

3072

}

3073

}

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

3074

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

3075

// Test that we have the correct tables.

3076

#[test]

3077

fn test_tables() -> Result<()> {

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

3078

let db = new_test_db()?;

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

3079

let tables = db

3080

.conn

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

3081

.prepare("SELECT name from persistent.sqlite_master WHERE type='table' ORDER BY name;")?

Joel Galenson

2020-07-17 14:57:21 -0700

[diff] [blame]

3082

.query_map(params![], |row| row.get(0))?

3083

.collect::<rusqlite::Result<Vec<String>>>()?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3084

assert_eq!(tables.len(), 6);

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3085

assert_eq!(tables[0], "blobentry");

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3086

assert_eq!(tables[1], "blobmetadata");

3087

assert_eq!(tables[2], "grant");

3088

assert_eq!(tables[3], "keyentry");

3089

assert_eq!(tables[4], "keymetadata");

3090

assert_eq!(tables[5], "keyparameter");

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

Ok(())

}

#[test]

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

3095

fn test_auth_token_table_invariant() -> Result<()> {

3096

let mut db = new_test_db()?;

3097

let auth_token1 = HardwareAuthToken {

3098

challenge: i64::MAX,

3099

userId: 200,

3100

authenticatorId: 200,

3101

authenticatorType: kmhw_authenticator_type(kmhw_authenticator_type::PASSWORD.0),

3102

timestamp: Timestamp { milliSeconds: 500 },

3103

mac: String::from("mac").into_bytes(),

3104

};

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

3105

db.insert_auth_token(&auth_token1);

3106

let auth_tokens_returned = get_auth_tokens(&db);

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

3107

assert_eq!(auth_tokens_returned.len(), 1);

3108

3109

// insert another auth token with the same values for the columns in the UNIQUE constraint

3110

// of the auth token table and different value for timestamp

3111

let auth_token2 = HardwareAuthToken {

3112

challenge: i64::MAX,

3113

userId: 200,

3114

authenticatorId: 200,

3115

authenticatorType: kmhw_authenticator_type(kmhw_authenticator_type::PASSWORD.0),

3116

timestamp: Timestamp { milliSeconds: 600 },

3117

mac: String::from("mac").into_bytes(),

3118

};

3119

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

3120

db.insert_auth_token(&auth_token2);

3121

let mut auth_tokens_returned = get_auth_tokens(&db);

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

3122

assert_eq!(auth_tokens_returned.len(), 1);

3123

3124

if let Some(auth_token) = auth_tokens_returned.pop() {

3125

assert_eq!(auth_token.auth_token.timestamp.milliSeconds, 600);

3126

}

3127

3128

// insert another auth token with the different values for the columns in the UNIQUE

3129

// constraint of the auth token table

3130

let auth_token3 = HardwareAuthToken {

3131

challenge: i64::MAX,

3132

userId: 201,

3133

authenticatorId: 200,

3134

authenticatorType: kmhw_authenticator_type(kmhw_authenticator_type::PASSWORD.0),

3135

timestamp: Timestamp { milliSeconds: 600 },

3136

mac: String::from("mac").into_bytes(),

3137

};

3138

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

3139

db.insert_auth_token(&auth_token3);

3140

let auth_tokens_returned = get_auth_tokens(&db);

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

3141

assert_eq!(auth_tokens_returned.len(), 2);

Ok(())

}

// utility function for test_auth_token_table_invariant()

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

3147

fn get_auth_tokens(db: &KeystoreDB) -> Vec<AuthTokenEntry> {

3148

db.perboot.get_all_auth_token_entries()

Hasini Gunasinghe

2020-11-10 01:35:30 +0000

[diff] [blame]

3149

}

3150

3151

#[test]

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

3152

fn test_persistence_for_files() -> Result<()> {

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

3153

let temp_dir = TempDir::new("persistent_db_test")?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3154

let mut db = KeystoreDB::new(temp_dir.path(), None)?;

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

3155

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

3156

db.create_key_entry(&Domain::APP, &100, KeyType::Client, &KEYSTORE_UUID)?;

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

3157

let entries = get_keyentry(&db)?;

3158

assert_eq!(entries.len(), 1);

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

3159

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3160

let db = KeystoreDB::new(temp_dir.path(), None)?;

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

3161

3162

let entries_new = get_keyentry(&db)?;

3163

assert_eq!(entries, entries_new);

Ok(())

}

#[test]

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3168

fn test_create_key_entry() -> Result<()> {

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3169

fn extractor(ke: &KeyEntryRow) -> (Domain, i64, Option<&str>, Uuid) {

3170

(ke.domain.unwrap(), ke.namespace.unwrap(), ke.alias.as_deref(), ke.km_uuid.unwrap())

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3171

}

3172

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3173

let mut db = new_test_db()?;

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3174

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

3175

db.create_key_entry(&Domain::APP, &100, KeyType::Client, &KEYSTORE_UUID)?;

3176

db.create_key_entry(&Domain::SELINUX, &101, KeyType::Client, &KEYSTORE_UUID)?;

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3177

3178

let entries = get_keyentry(&db)?;

3179

assert_eq!(entries.len(), 2);

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3180

assert_eq!(extractor(&entries[0]), (Domain::APP, 100, None, KEYSTORE_UUID));

3181

assert_eq!(extractor(&entries[1]), (Domain::SELINUX, 101, None, KEYSTORE_UUID));

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3182

3183

// Test that we must pass in a valid Domain.

3184

check_result_is_error_containing_string(

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

3185

db.create_key_entry(&Domain::GRANT, &102, KeyType::Client, &KEYSTORE_UUID),

Shaquille Johnson

2022-10-11 13:29:43 +0100

[diff] [blame]

3186

&format!("Domain {:?} must be either App or SELinux.", Domain::GRANT),

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3187

);

3188

check_result_is_error_containing_string(

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

3189

db.create_key_entry(&Domain::BLOB, &103, KeyType::Client, &KEYSTORE_UUID),

Shaquille Johnson

2022-10-11 13:29:43 +0100

[diff] [blame]

3190

&format!("Domain {:?} must be either App or SELinux.", Domain::BLOB),

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

3191

);

3192

check_result_is_error_containing_string(

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

3193

db.create_key_entry(&Domain::KEY_ID, &104, KeyType::Client, &KEYSTORE_UUID),

Shaquille Johnson

2022-10-11 13:29:43 +0100

[diff] [blame]

3194

&format!("Domain {:?} must be either App or SELinux.", Domain::KEY_ID),

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

);

Ok(())

}

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3200

#[test]

3201

fn test_rebind_alias() -> Result<()> {

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3202

fn extractor(

3203

ke: &KeyEntryRow,

3204

) -> (Option<Domain>, Option<i64>, Option<&str>, Option<Uuid>) {

3205

(ke.domain, ke.namespace, ke.alias.as_deref(), ke.km_uuid)

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3206

}

3207

Janis Danisevskis

2020-08-26 14:40:03 -0700

[diff] [blame]

3208

let mut db = new_test_db()?;

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

3209

db.create_key_entry(&Domain::APP, &42, KeyType::Client, &KEYSTORE_UUID)?;

3210

db.create_key_entry(&Domain::APP, &42, KeyType::Client, &KEYSTORE_UUID)?;

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3211

let entries = get_keyentry(&db)?;

3212

assert_eq!(entries.len(), 2);

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3213

assert_eq!(

3214

extractor(&entries[0]),

3215

(Some(Domain::APP), Some(42), None, Some(KEYSTORE_UUID))

3216

);

3217

assert_eq!(

3218

extractor(&entries[1]),

3219

(Some(Domain::APP), Some(42), None, Some(KEYSTORE_UUID))

3220

);

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3221

3222

// Test that the first call to rebind_alias sets the alias.

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

3223

rebind_alias(&mut db, &KEY_ID_LOCK.get(entries[0].id), "foo", Domain::APP, 42)?;

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3224

let entries = get_keyentry(&db)?;

3225

assert_eq!(entries.len(), 2);

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3226

assert_eq!(

3227

extractor(&entries[0]),

3228

(Some(Domain::APP), Some(42), Some("foo"), Some(KEYSTORE_UUID))

3229

);

3230

assert_eq!(

3231

extractor(&entries[1]),

3232

(Some(Domain::APP), Some(42), None, Some(KEYSTORE_UUID))

3233

);

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3234

3235

// Test that the second call to rebind_alias also empties the old one.

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

3236

rebind_alias(&mut db, &KEY_ID_LOCK.get(entries[1].id), "foo", Domain::APP, 42)?;

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3237

let entries = get_keyentry(&db)?;

3238

assert_eq!(entries.len(), 2);

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3239

assert_eq!(extractor(&entries[0]), (None, None, None, Some(KEYSTORE_UUID)));

3240

assert_eq!(

3241

extractor(&entries[1]),

3242

(Some(Domain::APP), Some(42), Some("foo"), Some(KEYSTORE_UUID))

3243

);

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3244

3245

// Test that we must pass in a valid Domain.

3246

check_result_is_error_containing_string(

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

3247

rebind_alias(&mut db, &KEY_ID_LOCK.get(0), "foo", Domain::GRANT, 42),

Shaquille Johnson

2022-10-11 13:29:43 +0100

[diff] [blame]

3248

&format!("Domain {:?} must be either App or SELinux.", Domain::GRANT),

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3249

);

3250

check_result_is_error_containing_string(

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

3251

rebind_alias(&mut db, &KEY_ID_LOCK.get(0), "foo", Domain::BLOB, 42),

Shaquille Johnson

2022-10-11 13:29:43 +0100

[diff] [blame]

3252

&format!("Domain {:?} must be either App or SELinux.", Domain::BLOB),

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3253

);

3254

check_result_is_error_containing_string(

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

3255

rebind_alias(&mut db, &KEY_ID_LOCK.get(0), "foo", Domain::KEY_ID, 42),

Shaquille Johnson

2022-10-11 13:29:43 +0100

[diff] [blame]

3256

&format!("Domain {:?} must be either App or SELinux.", Domain::KEY_ID),

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3257

);

3258

3259

// Test that we correctly handle setting an alias for something that does not exist.

3260

check_result_is_error_containing_string(

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

3261

rebind_alias(&mut db, &KEY_ID_LOCK.get(0), "foo", Domain::SELINUX, 42),

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

3262

"Expected to update a single entry but instead updated 0",

3263

);

3264

// Test that we correctly abort the transaction in this case.

3265

let entries = get_keyentry(&db)?;

3266

assert_eq!(entries.len(), 2);

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3267

assert_eq!(extractor(&entries[0]), (None, None, None, Some(KEYSTORE_UUID)));

3268

assert_eq!(

3269

extractor(&entries[1]),

3270

(Some(Domain::APP), Some(42), Some("foo"), Some(KEYSTORE_UUID))

3271

);

Joel Galenson

2020-08-03 11:04:38 -0700

[diff] [blame]

Ok(())

}

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3276

#[test]

3277

fn test_grant_ungrant() -> Result<()> {

3278

const CALLER_UID: u32 = 15;

3279

const GRANTEE_UID: u32 = 12;

3280

const SELINUX_NAMESPACE: i64 = 7;

3281

3282

let mut db = new_test_db()?;

3283

db.conn.execute(

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3284

"INSERT INTO persistent.keyentry (id, key_type, domain, namespace, alias, state, km_uuid)

3285

VALUES (1, 0, 0, 15, 'key', 1, ?), (2, 0, 2, 7, 'yek', 1, ?);",

3286

params![KEYSTORE_UUID, KEYSTORE_UUID],

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3287

)?;

3288

let app_key = KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3289

domain: super::Domain::APP,

3290

nspace: 0,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3291

alias: Some("key".to_string()),

3292

blob: None,

3293

};

Janis Danisevskis

2021-10-19 16:56:20 -0700

[diff] [blame]

3294

const PVEC1: KeyPermSet = key_perm_set![KeyPerm::Use, KeyPerm::GetInfo];

3295

const PVEC2: KeyPermSet = key_perm_set![KeyPerm::Use];

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3296

3297

// Reset totally predictable random number generator in case we

3298

// are not the first test running on this thread.

3299

reset_random();

3300

let next_random = 0i64;

3301

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3302

let app_granted_key = db

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3303

.grant(&app_key, CALLER_UID, GRANTEE_UID, PVEC1, |k, a| {

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3304

assert_eq!(*a, PVEC1);

3305

assert_eq!(

3306

*k,

3307

KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3308

domain: super::Domain::APP,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3309

// namespace must be set to the caller_uid.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3310

nspace: CALLER_UID as i64,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3311

alias: Some("key".to_string()),

blob: None,

}

);

Ok(())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3316

})

3317

.unwrap();

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

assert_eq!(

app_granted_key,

KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3322

domain: super::Domain::GRANT,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3323

// The grantid is next_random due to the mock random number generator.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3324

nspace: next_random,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

alias: None,

blob: None,

}

);

let selinux_key = KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3331

domain: super::Domain::SELINUX,

3332

nspace: SELINUX_NAMESPACE,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3333

alias: Some("yek".to_string()),

blob: None,

};

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3337

let selinux_granted_key = db

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3338

.grant(&selinux_key, CALLER_UID, 12, PVEC1, |k, a| {

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3339

assert_eq!(*a, PVEC1);

3340

assert_eq!(

3341

*k,

3342

KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3343

domain: super::Domain::SELINUX,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3344

// namespace must be the supplied SELinux

3345

// namespace.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3346

nspace: SELINUX_NAMESPACE,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3347

alias: Some("yek".to_string()),

blob: None,

}

);

Ok(())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3352

})

3353

.unwrap();

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

assert_eq!(

selinux_granted_key,

KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3358

domain: super::Domain::GRANT,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3359

// The grantid is next_random + 1 due to the mock random number generator.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3360

nspace: next_random + 1,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

alias: None,

blob: None,

}

);

// This should update the existing grant with PVEC2.

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3367

let selinux_granted_key = db

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3368

.grant(&selinux_key, CALLER_UID, 12, PVEC2, |k, a| {

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3369

assert_eq!(*a, PVEC2);

3370

assert_eq!(

3371

*k,

3372

KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3373

domain: super::Domain::SELINUX,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3374

// namespace must be the supplied SELinux

3375

// namespace.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3376

nspace: SELINUX_NAMESPACE,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3377

alias: Some("yek".to_string()),

blob: None,

}

);

Ok(())

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3382

})

3383

.unwrap();

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

assert_eq!(

selinux_granted_key,

KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3388

domain: super::Domain::GRANT,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3389

// Same grant id as before. The entry was only updated.

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3390

nspace: next_random + 1,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

alias: None,

blob: None,

}

);

{

// Limiting scope of stmt, because it borrows db.

3398

let mut stmt = db

3399

.conn

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

3400

.prepare("SELECT id, grantee, keyentryid, access_vector FROM persistent.grant;")?;

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

3401

let mut rows = stmt.query_map::<(i64, u32, i64, KeyPermSet), _, _>([], |row| {

3402

Ok((row.get(0)?, row.get(1)?, row.get(2)?, KeyPermSet::from(row.get::<_, i32>(3)?)))

3403

})?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3404

3405

let r = rows.next().unwrap().unwrap();

Janis Danisevskis

ee10b5f

2020-09-22 16:42:35 -0700

[diff] [blame]

3406

assert_eq!(r, (next_random, GRANTEE_UID, 1, PVEC1));

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3407

let r = rows.next().unwrap().unwrap();

Janis Danisevskis

ee10b5f

2020-09-22 16:42:35 -0700

[diff] [blame]

3408

assert_eq!(r, (next_random + 1, GRANTEE_UID, 2, PVEC2));

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3409

assert!(rows.next().is_none());

3410

}

3411

3412

debug_dump_keyentry_table(&mut db)?;

3413

println!("app_key {:?}", app_key);

3414

println!("selinux_key {:?}", selinux_key);

3415

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3416

db.ungrant(&app_key, CALLER_UID, GRANTEE_UID, |_| Ok(()))?;

3417

db.ungrant(&selinux_key, CALLER_UID, GRANTEE_UID, |_| Ok(()))?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

Ok(())

}

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

3422

static TEST_KEY_BLOB: &[u8] = b"my test blob";

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3423

static TEST_CERT_BLOB: &[u8] = b"my test cert";

3424

static TEST_CERT_CHAIN_BLOB: &[u8] = b"my test cert_chain";

3425

3426

#[test]

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

3427

fn test_set_blob() -> Result<()> {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3428

let key_id = KEY_ID_LOCK.get(3000);

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3429

let mut db = new_test_db()?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3430

let mut blob_metadata = BlobMetaData::new();

3431

blob_metadata.add(BlobMetaEntry::KmUuid(KEYSTORE_UUID));

3432

db.set_blob(

3433

&key_id,

3434

SubComponentType::KEY_BLOB,

3435

Some(TEST_KEY_BLOB),

3436

Some(&blob_metadata),

3437

)?;

3438

db.set_blob(&key_id, SubComponentType::CERT, Some(TEST_CERT_BLOB), None)?;

3439

db.set_blob(&key_id, SubComponentType::CERT_CHAIN, Some(TEST_CERT_CHAIN_BLOB), None)?;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3440

drop(key_id);

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3441

3442

let mut stmt = db.conn.prepare(

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3443

"SELECT subcomponent_type, keyentryid, blob, id FROM persistent.blobentry

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3444

ORDER BY subcomponent_type ASC;",

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3445

)?;

3446

let mut rows = stmt

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

3447

.query_map::<((SubComponentType, i64, Vec<u8>), i64), _, _>([], |row| {

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3448

Ok(((row.get(0)?, row.get(1)?, row.get(2)?), row.get(3)?))

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3449

})?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3450

let (r, id) = rows.next().unwrap().unwrap();

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3451

assert_eq!(r, (SubComponentType::KEY_BLOB, 3000, TEST_KEY_BLOB.to_vec()));

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3452

let (r, _) = rows.next().unwrap().unwrap();

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3453

assert_eq!(r, (SubComponentType::CERT, 3000, TEST_CERT_BLOB.to_vec()));

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

3454

let (r, _) = rows.next().unwrap().unwrap();

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3455

assert_eq!(r, (SubComponentType::CERT_CHAIN, 3000, TEST_CERT_CHAIN_BLOB.to_vec()));

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3456

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

drop(rows);

drop(stmt);

assert_eq!(

db.with_transaction(TransactionBehavior::Immediate, |tx| {

3462

BlobMetaData::load_from_db(id, tx).no_gc()

3463

})

3464

.expect("Should find blob metadata."),

3465

blob_metadata

3466

);

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

Ok(())

}

static TEST_ALIAS: &str = "my super duper key";

3471

3472

#[test]

3473

fn test_insert_and_load_full_keyentry_domain_app() -> Result<()> {

3474

let mut db = new_test_db()?;

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3475

let key_id = make_test_key_entry(&mut db, Domain::APP, 1, TEST_ALIAS, None)

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

3476

.context("test_insert_and_load_full_keyentry_domain_app")?

3477

.0;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3478

let (_key_guard, key_entry) = db

3479

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3480

&KeyDescriptor {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3481

domain: Domain::APP,

3482

nspace: 0,

3483

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

1,

|_k, _av| Ok(()),

)

.unwrap();

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3492

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3493

3494

db.unbind_key(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3495

&KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3496

domain: Domain::APP,

3497

nspace: 0,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3498

alias: Some(TEST_ALIAS.to_string()),

3499

blob: None,

3500

},

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

3501

KeyType::Client,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3502

1,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

|_, _| Ok(()),

)

.unwrap();

assert_eq!(

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

3509

db.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3510

&KeyDescriptor {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3511

domain: Domain::APP,

3512

nspace: 0,

3513

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::NONE,

1,

|_k, _av| Ok(()),

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

3524

);

3525

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

Ok(())

}

#[test]

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

3530

fn test_insert_and_load_certificate_entry_domain_app() -> Result<()> {

3531

let mut db = new_test_db()?;

3532

3533

db.store_new_certificate(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3534

&KeyDescriptor {

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

3535

domain: Domain::APP,

3536

nspace: 1,

3537

alias: Some(TEST_ALIAS.to_string()),

3538

blob: None,

3539

},

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

3540

KeyType::Client,

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

3541

TEST_CERT_BLOB,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

3542

&KEYSTORE_UUID,

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

3543

)

3544

.expect("Trying to insert cert.");

3545

3546

let (_key_guard, mut key_entry) = db

3547

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3548

&KeyDescriptor {

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

3549

domain: Domain::APP,

3550

nspace: 1,

3551

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::PUBLIC,

1,

|_k, _av| Ok(()),

)

.expect("Trying to read certificate entry.");

3560

3561

assert!(key_entry.pure_cert());

3562

assert!(key_entry.cert().is_none());

3563

assert_eq!(key_entry.take_cert_chain(), Some(TEST_CERT_BLOB.to_vec()));

3564

3565

db.unbind_key(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3566

&KeyDescriptor {

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

3567

domain: Domain::APP,

3568

nspace: 1,

3569

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

KeyType::Client,

1,

|_, _| Ok(()),

)

.unwrap();

assert_eq!(

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

3580

db.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3581

&KeyDescriptor {

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

3582

domain: Domain::APP,

3583

nspace: 1,

3584

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::NONE,

1,

|_k, _av| Ok(()),

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

);

Ok(())

}

#[test]

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3601

fn test_insert_and_load_full_keyentry_domain_selinux() -> Result<()> {

3602

let mut db = new_test_db()?;

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3603

let key_id = make_test_key_entry(&mut db, Domain::SELINUX, 1, TEST_ALIAS, None)

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

3604

.context("test_insert_and_load_full_keyentry_domain_selinux")?

3605

.0;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3606

let (_key_guard, key_entry) = db

3607

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3608

&KeyDescriptor {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3609

domain: Domain::SELINUX,

3610

nspace: 1,

3611

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

1,

|_k, _av| Ok(()),

)

.unwrap();

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3620

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3621

3622

db.unbind_key(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3623

&KeyDescriptor {

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

3624

domain: Domain::SELINUX,

3625

nspace: 1,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3626

alias: Some(TEST_ALIAS.to_string()),

3627

blob: None,

3628

},

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

3629

KeyType::Client,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3630

1,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

|_, _| Ok(()),

)

.unwrap();

assert_eq!(

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

3637

db.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3638

&KeyDescriptor {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3639

domain: Domain::SELINUX,

3640

nspace: 1,

3641

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::NONE,

1,

|_k, _av| Ok(()),

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

3652

);

3653

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

Ok(())

}

#[test]

fn test_insert_and_load_full_keyentry_domain_key_id() -> Result<()> {

3659

let mut db = new_test_db()?;

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3660

let key_id = make_test_key_entry(&mut db, Domain::SELINUX, 1, TEST_ALIAS, None)

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

3661

.context("test_insert_and_load_full_keyentry_domain_key_id")?

3662

.0;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3663

let (_, key_entry) = db

3664

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3665

&KeyDescriptor { domain: Domain::KEY_ID, nspace: key_id, alias: None, blob: None },

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3666

KeyType::Client,

3667

KeyEntryLoadBits::BOTH,

1,

|_k, _av| Ok(()),

)

.unwrap();

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3673

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3674

3675

db.unbind_key(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3676

&KeyDescriptor { domain: Domain::KEY_ID, nspace: key_id, alias: None, blob: None },

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

3677

KeyType::Client,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3678

1,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

|_, _| Ok(()),

)

.unwrap();

assert_eq!(

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

3685

db.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3686

&KeyDescriptor { domain: Domain::KEY_ID, nspace: key_id, alias: None, blob: None },

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3687

KeyType::Client,

3688

KeyEntryLoadBits::NONE,

1,

|_k, _av| Ok(()),

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

3695

);

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

Ok(())

}

#[test]

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3701

fn test_check_and_update_key_usage_count_with_limited_use_key() -> Result<()> {

3702

let mut db = new_test_db()?;

3703

let key_id = make_test_key_entry(&mut db, Domain::SELINUX, 1, TEST_ALIAS, Some(123))

3704

.context("test_check_and_update_key_usage_count_with_limited_use_key")?

3705

.0;

3706

// Update the usage count of the limited use key.

3707

db.check_and_update_key_usage_count(key_id)?;

3708

3709

let (_key_guard, key_entry) = db.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3710

&KeyDescriptor { domain: Domain::KEY_ID, nspace: key_id, alias: None, blob: None },

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3711

KeyType::Client,

3712

KeyEntryLoadBits::BOTH,

1,

|_k, _av| Ok(()),

)?;

// The usage count is decremented now.

3718

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, Some(122)));

Ok(())

}

#[test]

fn test_check_and_update_key_usage_count_with_exhausted_limited_use_key() -> Result<()> {

3725

let mut db = new_test_db()?;

3726

let key_id = make_test_key_entry(&mut db, Domain::SELINUX, 1, TEST_ALIAS, Some(1))

3727

.context("test_check_and_update_key_usage_count_with_exhausted_limited_use_key")?

3728

.0;

3729

// Update the usage count of the limited use key.

3730

db.check_and_update_key_usage_count(key_id).expect(concat!(

3731

"In test_check_and_update_key_usage_count_with_exhausted_limited_use_key: ",

3732

"This should succeed."

3733

));

3734

3735

// Try to update the exhausted limited use key.

3736

let e = db.check_and_update_key_usage_count(key_id).expect_err(concat!(

3737

"In test_check_and_update_key_usage_count_with_exhausted_limited_use_key: ",

"This should fail."

));

assert_eq!(

&KsError::Km(ErrorCode::INVALID_KEY_BLOB),

3742

e.root_cause().downcast_ref::<KsError>().unwrap()

);

Ok(())

}

#[test]

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3749

fn test_insert_and_load_full_keyentry_from_grant() -> Result<()> {

3750

let mut db = new_test_db()?;

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3751

let key_id = make_test_key_entry(&mut db, Domain::APP, 1, TEST_ALIAS, None)

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

3752

.context("test_insert_and_load_full_keyentry_from_grant")?

3753

.0;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3754

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3755

let granted_key = db

3756

.grant(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3757

&KeyDescriptor {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3758

domain: Domain::APP,

3759

nspace: 0,

3760

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

1,

2,

Janis Danisevskis

2021-10-19 16:56:20 -0700

[diff] [blame]

3765

key_perm_set![KeyPerm::Use],

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3766

|_k, _av| Ok(()),

3767

)

3768

.unwrap();

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3769

3770

debug_dump_grant_table(&mut db)?;

3771

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3772

let (_key_guard, key_entry) = db

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3773

.load_key_entry(&granted_key, KeyType::Client, KeyEntryLoadBits::BOTH, 2, |k, av| {

3774

assert_eq!(Domain::GRANT, k.domain);

Janis Danisevskis

2021-10-19 16:56:20 -0700

[diff] [blame]

3775

assert!(av.unwrap().includes(KeyPerm::Use));

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3776

Ok(())

3777

})

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3778

.unwrap();

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

3779

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

3780

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3781

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3782

db.unbind_key(&granted_key, KeyType::Client, 2, |_, _| Ok(())).unwrap();

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3783

3784

assert_eq!(

3785

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

3786

db.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3787

&granted_key,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

3788

KeyType::Client,

3789

KeyEntryLoadBits::NONE,

2,

|_k, _av| Ok(()),

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

3796

);

3797

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

Ok(())

}

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

3801

// This test attempts to load a key by key id while the caller is not the owner

3802

// but a grant exists for the given key and the caller.

3803

#[test]

3804

fn test_insert_and_load_full_keyentry_from_grant_by_key_id() -> Result<()> {

3805

let mut db = new_test_db()?;

3806

const OWNER_UID: u32 = 1u32;

3807

const GRANTEE_UID: u32 = 2u32;

3808

const SOMEONE_ELSE_UID: u32 = 3u32;

3809

let key_id = make_test_key_entry(&mut db, Domain::APP, OWNER_UID as i64, TEST_ALIAS, None)

3810

.context("test_insert_and_load_full_keyentry_from_grant_by_key_id")?

3811

.0;

3812

3813

db.grant(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3814

&KeyDescriptor {

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

3815

domain: Domain::APP,

3816

nspace: 0,

3817

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

OWNER_UID,

GRANTEE_UID,

Janis Danisevskis

2021-10-19 16:56:20 -0700

[diff] [blame]

3822

key_perm_set![KeyPerm::Use],

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

|_k, _av| Ok(()),

)

.unwrap();

debug_dump_grant_table(&mut db)?;

3828

3829

let id_descriptor =

3830

KeyDescriptor { domain: Domain::KEY_ID, nspace: key_id, ..Default::default() };

3831

3832

let (_, key_entry) = db

3833

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3834

&id_descriptor,

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

3835

KeyType::Client,

3836

KeyEntryLoadBits::BOTH,

3837

GRANTEE_UID,

3838

|k, av| {

3839

assert_eq!(Domain::APP, k.domain);

3840

assert_eq!(OWNER_UID as i64, k.nspace);

Janis Danisevskis

2021-10-19 16:56:20 -0700

[diff] [blame]

3841

assert!(av.unwrap().includes(KeyPerm::Use));

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

3848

3849

let (_, key_entry) = db

3850

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3851

&id_descriptor,

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

3852

KeyType::Client,

3853

KeyEntryLoadBits::BOTH,

3854

SOMEONE_ELSE_UID,

3855

|k, av| {

3856

assert_eq!(Domain::APP, k.domain);

3857

assert_eq!(OWNER_UID as i64, k.nspace);

3858

assert!(av.is_none());

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

3865

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3866

db.unbind_key(&id_descriptor, KeyType::Client, OWNER_UID, |_, _| Ok(())).unwrap();

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

3867

3868

assert_eq!(

3869

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

3870

db.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

3871

&id_descriptor,

Janis Danisevskis

2021-01-19 16:34:10 -0800

[diff] [blame]

3872

KeyType::Client,

3873

KeyEntryLoadBits::NONE,

GRANTEE_UID,

|_k, _av| Ok(()),

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

);

Ok(())

}

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

3885

// Creates a key migrates it to a different location and then tries to access it by the old

3886

// and new location.

3887

#[test]

3888

fn test_migrate_key_app_to_app() -> Result<()> {

3889

let mut db = new_test_db()?;

3890

const SOURCE_UID: u32 = 1u32;

3891

const DESTINATION_UID: u32 = 2u32;

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

3892

static SOURCE_ALIAS: &str = "SOURCE_ALIAS";

3893

static DESTINATION_ALIAS: &str = "DESTINATION_ALIAS";

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

3894

let key_id_guard =

3895

make_test_key_entry(&mut db, Domain::APP, SOURCE_UID as i64, SOURCE_ALIAS, None)

3896

.context("test_insert_and_load_full_keyentry_from_grant_by_key_id")?;

3897

3898

let source_descriptor: KeyDescriptor = KeyDescriptor {

3899

domain: Domain::APP,

3900

nspace: -1,

3901

alias: Some(SOURCE_ALIAS.to_string()),

blob: None,

};

let destination_descriptor: KeyDescriptor = KeyDescriptor {

3906

domain: Domain::APP,

3907

nspace: -1,

3908

alias: Some(DESTINATION_ALIAS.to_string()),

blob: None,

};

let key_id = key_id_guard.id();

3913

3914

db.migrate_key_namespace(key_id_guard, &destination_descriptor, DESTINATION_UID, |_k| {

Ok(())

})

.unwrap();

let (_, key_entry) = db

3920

.load_key_entry(

3921

&destination_descriptor,

3922

KeyType::Client,

3923

KeyEntryLoadBits::BOTH,

3924

DESTINATION_UID,

3925

|k, av| {

3926

assert_eq!(Domain::APP, k.domain);

3927

assert_eq!(DESTINATION_UID as i64, k.nspace);

3928

assert!(av.is_none());

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

3935

3936

assert_eq!(

3937

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

db.load_key_entry(

&source_descriptor,

KeyType::Client,

KeyEntryLoadBits::NONE,

SOURCE_UID,

|_k, _av| Ok(()),

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

);

Ok(())

}

// Creates a key migrates it to a different location and then tries to access it by the old

3954

// and new location.

3955

#[test]

3956

fn test_migrate_key_app_to_selinux() -> Result<()> {

3957

let mut db = new_test_db()?;

3958

const SOURCE_UID: u32 = 1u32;

3959

const DESTINATION_UID: u32 = 2u32;

3960

const DESTINATION_NAMESPACE: i64 = 1000i64;

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

3961

static SOURCE_ALIAS: &str = "SOURCE_ALIAS";

3962

static DESTINATION_ALIAS: &str = "DESTINATION_ALIAS";

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

3963

let key_id_guard =

3964

make_test_key_entry(&mut db, Domain::APP, SOURCE_UID as i64, SOURCE_ALIAS, None)

3965

.context("test_insert_and_load_full_keyentry_from_grant_by_key_id")?;

3966

3967

let source_descriptor: KeyDescriptor = KeyDescriptor {

3968

domain: Domain::APP,

3969

nspace: -1,

3970

alias: Some(SOURCE_ALIAS.to_string()),

blob: None,

};

let destination_descriptor: KeyDescriptor = KeyDescriptor {

3975

domain: Domain::SELINUX,

3976

nspace: DESTINATION_NAMESPACE,

3977

alias: Some(DESTINATION_ALIAS.to_string()),

blob: None,

};

let key_id = key_id_guard.id();

3982

3983

db.migrate_key_namespace(key_id_guard, &destination_descriptor, DESTINATION_UID, |_k| {

Ok(())

})

.unwrap();

let (_, key_entry) = db

3989

.load_key_entry(

3990

&destination_descriptor,

3991

KeyType::Client,

3992

KeyEntryLoadBits::BOTH,

3993

DESTINATION_UID,

3994

|k, av| {

3995

assert_eq!(Domain::SELINUX, k.domain);

Charisee

03e0084

2023-01-25 01:41:23 +0000

[diff] [blame]

3996

assert_eq!(DESTINATION_NAMESPACE, k.nspace);

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

3997

assert!(av.is_none());

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

4004

4005

assert_eq!(

4006

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

db.load_key_entry(

&source_descriptor,

KeyType::Client,

KeyEntryLoadBits::NONE,

SOURCE_UID,

|_k, _av| Ok(()),

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

);

Ok(())

}

// Creates two keys and tries to migrate the first to the location of the second which

4023

// is expected to fail.

4024

#[test]

4025

fn test_migrate_key_destination_occupied() -> Result<()> {

4026

let mut db = new_test_db()?;

4027

const SOURCE_UID: u32 = 1u32;

4028

const DESTINATION_UID: u32 = 2u32;

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

4029

static SOURCE_ALIAS: &str = "SOURCE_ALIAS";

4030

static DESTINATION_ALIAS: &str = "DESTINATION_ALIAS";

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

4031

let key_id_guard =

4032

make_test_key_entry(&mut db, Domain::APP, SOURCE_UID as i64, SOURCE_ALIAS, None)

4033

.context("test_insert_and_load_full_keyentry_from_grant_by_key_id")?;

4034

make_test_key_entry(&mut db, Domain::APP, DESTINATION_UID as i64, DESTINATION_ALIAS, None)

4035

.context("test_insert_and_load_full_keyentry_from_grant_by_key_id")?;

4036

4037

let destination_descriptor: KeyDescriptor = KeyDescriptor {

4038

domain: Domain::APP,

4039

nspace: -1,

4040

alias: Some(DESTINATION_ALIAS.to_string()),

blob: None,

};

assert_eq!(

Some(&KsError::Rc(ResponseCode::INVALID_ARGUMENT)),

4046

db.migrate_key_namespace(

4047

key_id_guard,

4048

&destination_descriptor,

DESTINATION_UID,

|_k| Ok(())

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

);

Ok(())

}

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

4060

#[test]

4061

fn test_upgrade_0_to_1() {

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

4062

const ALIAS1: &str = "test_upgrade_0_to_1_1";

4063

const ALIAS2: &str = "test_upgrade_0_to_1_2";

4064

const ALIAS3: &str = "test_upgrade_0_to_1_3";

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

4065

const UID: u32 = 33;

4066

let temp_dir = Arc::new(TempDir::new("test_upgrade_0_to_1").unwrap());

4067

let mut db = KeystoreDB::new(temp_dir.path(), None).unwrap();

4068

let key_id_untouched1 =

4069

make_test_key_entry(&mut db, Domain::APP, UID as i64, ALIAS1, None).unwrap().id();

4070

let key_id_untouched2 =

4071

make_bootlevel_key_entry(&mut db, Domain::APP, UID as i64, ALIAS2, false).unwrap().id();

4072

let key_id_deleted =

4073

make_bootlevel_key_entry(&mut db, Domain::APP, UID as i64, ALIAS3, true).unwrap().id();

4074

4075

let (_, key_entry) = db

.load_key_entry(

&KeyDescriptor {

domain: Domain::APP,

nspace: -1,

alias: Some(ALIAS1.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

4085

UID,

4086

|k, av| {

4087

assert_eq!(Domain::APP, k.domain);

4088

assert_eq!(UID as i64, k.nspace);

4089

assert!(av.is_none());

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id_untouched1, None));

4095

let (_, key_entry) = db

.load_key_entry(

&KeyDescriptor {

domain: Domain::APP,

nspace: -1,

alias: Some(ALIAS2.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

4105

UID,

4106

|k, av| {

4107

assert_eq!(Domain::APP, k.domain);

4108

assert_eq!(UID as i64, k.nspace);

4109

assert!(av.is_none());

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_bootlevel_test_key_entry_test_vector(key_id_untouched2, false));

4115

let (_, key_entry) = db

.load_key_entry(

&KeyDescriptor {

domain: Domain::APP,

nspace: -1,

alias: Some(ALIAS3.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

4125

UID,

4126

|k, av| {

4127

assert_eq!(Domain::APP, k.domain);

4128

assert_eq!(UID as i64, k.nspace);

4129

assert!(av.is_none());

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_bootlevel_test_key_entry_test_vector(key_id_deleted, true));

4135

4136

db.with_transaction(TransactionBehavior::Immediate, |tx| {

4137

KeystoreDB::from_0_to_1(tx).no_gc()

})

.unwrap();

let (_, key_entry) = db

.load_key_entry(

&KeyDescriptor {

domain: Domain::APP,

nspace: -1,

alias: Some(ALIAS1.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

4151

UID,

4152

|k, av| {

4153

assert_eq!(Domain::APP, k.domain);

4154

assert_eq!(UID as i64, k.nspace);

4155

assert!(av.is_none());

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id_untouched1, None));

4161

let (_, key_entry) = db

.load_key_entry(

&KeyDescriptor {

domain: Domain::APP,

nspace: -1,

alias: Some(ALIAS2.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

4171

UID,

4172

|k, av| {

4173

assert_eq!(Domain::APP, k.domain);

4174

assert_eq!(UID as i64, k.nspace);

4175

assert!(av.is_none());

Ok(())

},

)

.unwrap();

assert_eq!(key_entry, make_bootlevel_test_key_entry_test_vector(key_id_untouched2, false));

4181

assert_eq!(

4182

Some(&KsError::Rc(ResponseCode::KEY_NOT_FOUND)),

db.load_key_entry(

&KeyDescriptor {

domain: Domain::APP,

nspace: -1,

alias: Some(ALIAS3.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

4192

UID,

4193

|k, av| {

4194

assert_eq!(Domain::APP, k.domain);

4195

assert_eq!(UID as i64, k.nspace);

4196

assert!(av.is_none());

Ok(())

},

)

.unwrap_err()

.root_cause()

.downcast_ref::<KsError>()

);

}

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

4206

static KEY_LOCK_TEST_ALIAS: &str = "my super duper locked key";

4207

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

4208

#[test]

4209

fn test_insert_and_load_full_keyentry_domain_app_concurrently() -> Result<()> {

4210

let handle = {

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

4211

let temp_dir = Arc::new(TempDir::new("id_lock_test")?);

4212

let temp_dir_clone = temp_dir.clone();

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4213

let mut db = KeystoreDB::new(temp_dir.path(), None)?;

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4214

let key_id = make_test_key_entry(&mut db, Domain::APP, 33, KEY_LOCK_TEST_ALIAS, None)

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

4215

.context("test_insert_and_load_full_keyentry_domain_app")?

4216

.0;

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

4217

let (_key_guard, key_entry) = db

4218

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4219

&KeyDescriptor {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

4220

domain: Domain::APP,

4221

nspace: 0,

4222

alias: Some(KEY_LOCK_TEST_ALIAS.to_string()),

blob: None,

},

KeyType::Client,

KeyEntryLoadBits::BOTH,

33,

|_k, _av| Ok(()),

)

.unwrap();

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4231

assert_eq!(key_entry, make_test_key_entry_test_vector(key_id, None));

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

4232

let state = Arc::new(AtomicU8::new(1));

4233

let state2 = state.clone();

4234

4235

// Spawning a second thread that attempts to acquire the key id lock

4236

// for the same key as the primary thread. The primary thread then

4237

// waits, thereby forcing the secondary thread into the second stage

4238

// of acquiring the lock (see KEY ID LOCK 2/2 above).

4239

// The test succeeds if the secondary thread observes the transition

4240

// of `state` from 1 to 2, despite having a whole second to overtake

4241

// the primary thread.

4242

let handle = thread::spawn(move || {

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

4243

let temp_dir = temp_dir_clone;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4244

let mut db = KeystoreDB::new(temp_dir.path(), None).unwrap();

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

4245

assert!(db

4246

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4247

&KeyDescriptor {

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

4248

domain: Domain::APP,

4249

nspace: 0,

4250

alias: Some(KEY_LOCK_TEST_ALIAS.to_string()),

4251

blob: None,

4252

},

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4253

KeyType::Client,

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

4254

KeyEntryLoadBits::BOTH,

33,

|_k, _av| Ok(()),

)

.is_ok());

// We should only see a 2 here because we can only return

4260

// from load_key_entry when the `_key_guard` expires,

4261

// which happens at the end of the scope.

4262

assert_eq!(2, state2.load(Ordering::Relaxed));

4263

});

4264

4265

thread::sleep(std::time::Duration::from_millis(1000));

4266

4267

assert_eq!(Ok(1), state.compare_exchange(1, 2, Ordering::Relaxed, Ordering::Relaxed));

4268

4269

// Return the handle from this scope so we can join with the

4270

// secondary thread after the key id lock has expired.

4271

handle

4272

// This is where the `_key_guard` goes out of scope,

4273

// which is the reason for concurrent load_key_entry on the same key

4274

// to unblock.

4275

};

4276

// Join with the secondary thread and unwrap, to propagate failing asserts to the

4277

// main test thread. We will not see failing asserts in secondary threads otherwise.

4278

handle.join().unwrap();

Ok(())

}

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

4282

#[test]

Janis Danisevskis

2021-04-14 15:44:36 -0700

[diff] [blame]

4283

fn test_database_busy_error_code() {

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4284

let temp_dir =

4285

TempDir::new("test_database_busy_error_code_").expect("Failed to create temp dir.");

4286

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4287

let mut db1 = KeystoreDB::new(temp_dir.path(), None).expect("Failed to open database1.");

4288

let mut db2 = KeystoreDB::new(temp_dir.path(), None).expect("Failed to open database2.");

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

let _tx1 = db1

.conn

.transaction_with_behavior(TransactionBehavior::Immediate)

4293

.expect("Failed to create first transaction.");

let error = db2

.conn

.transaction_with_behavior(TransactionBehavior::Immediate)

4298

.context("Transaction begin failed.")

4299

.expect_err("This should fail.");

4300

let root_cause = error.root_cause();

4301

if let Some(rusqlite::ffi::Error { code: rusqlite::ErrorCode::DatabaseBusy, .. }) =

4302

root_cause.downcast_ref::<rusqlite::ffi::Error>()

{

return;

}

panic!(

"Unexpected error {:?} \n{:?} \n{:?}",

4308

error,

4309

root_cause,

4310

root_cause.downcast_ref::<rusqlite::ffi::Error>()

)

}

#[cfg(disabled)]

#[test]

fn test_large_number_of_concurrent_db_manipulations() -> Result<()> {

4317

let temp_dir = Arc::new(

4318

TempDir::new("test_large_number_of_concurrent_db_manipulations_")

4319

.expect("Failed to create temp dir."),

4320

);

4321

4322

let test_begin = Instant::now();

4323

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4324

const KEY_COUNT: u32 = 500u32;

Seth Moore

2021-06-11 09:49:49 -0700

[diff] [blame]

4325

let mut db =

4326

new_test_db_with_gc(temp_dir.path(), |_, _| Ok(())).expect("Failed to open database.");

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4327

const OPEN_DB_COUNT: u32 = 50u32;

4328

4329

let mut actual_key_count = KEY_COUNT;

4330

// First insert KEY_COUNT keys.

4331

for count in 0..KEY_COUNT {

4332

if Instant::now().duration_since(test_begin) >= Duration::from_secs(15) {

4333

actual_key_count = count;

4334

break;

4335

}

4336

let alias = format!("test_alias_{}", count);

4337

make_test_key_entry(&mut db, Domain::APP, 1, &alias, None)

4338

.expect("Failed to make key entry.");

4339

}

4340

4341

// Insert more keys from a different thread and into a different namespace.

4342

let temp_dir1 = temp_dir.clone();

4343

let handle1 = thread::spawn(move || {

Seth Moore

2021-06-11 09:49:49 -0700

[diff] [blame]

4344

let mut db = new_test_db_with_gc(temp_dir1.path(), |_, _| Ok(()))

4345

.expect("Failed to open database.");

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4346

4347

for count in 0..actual_key_count {

4348

if Instant::now().duration_since(test_begin) >= Duration::from_secs(40) {

4349

return;

4350

}

4351

let alias = format!("test_alias_{}", count);

4352

make_test_key_entry(&mut db, Domain::APP, 2, &alias, None)

4353

.expect("Failed to make key entry.");

4354

}

4355

4356

// then unbind them again.

4357

for count in 0..actual_key_count {

4358

if Instant::now().duration_since(test_begin) >= Duration::from_secs(40) {

4359

return;

4360

}

4361

let key = KeyDescriptor {

4362

domain: Domain::APP,

4363

nspace: -1,

4364

alias: Some(format!("test_alias_{}", count)),

4365

blob: None,

4366

};

4367

db.unbind_key(&key, KeyType::Client, 2, |_, _| Ok(())).expect("Unbind Failed.");

}

});

// And start unbinding the first set of keys.

4372

let temp_dir2 = temp_dir.clone();

4373

let handle2 = thread::spawn(move || {

Seth Moore

2021-06-11 09:49:49 -0700

[diff] [blame]

4374

let mut db = new_test_db_with_gc(temp_dir2.path(), |_, _| Ok(()))

4375

.expect("Failed to open database.");

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4376

4377

for count in 0..actual_key_count {

4378

if Instant::now().duration_since(test_begin) >= Duration::from_secs(40) {

4379

return;

4380

}

4381

let key = KeyDescriptor {

4382

domain: Domain::APP,

4383

nspace: -1,

4384

alias: Some(format!("test_alias_{}", count)),

4385

blob: None,

4386

};

4387

db.unbind_key(&key, KeyType::Client, 1, |_, _| Ok(())).expect("Unbind Failed.");

}

});

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4391

// While a lot of inserting and deleting is going on we have to open database connections

4392

// successfully and use them.

4393

// This clone is not redundant, because temp_dir needs to be kept alive until db goes

4394

// out of scope.

4395

#[allow(clippy::redundant_clone)]

4396

let temp_dir4 = temp_dir.clone();

4397

let handle4 = thread::spawn(move || {

4398

for count in 0..OPEN_DB_COUNT {

4399

if Instant::now().duration_since(test_begin) >= Duration::from_secs(40) {

4400

return;

4401

}

Seth Moore

2021-06-11 09:49:49 -0700

[diff] [blame]

4402

let mut db = new_test_db_with_gc(temp_dir4.path(), |_, _| Ok(()))

4403

.expect("Failed to open database.");

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4404

4405

let alias = format!("test_alias_{}", count);

4406

make_test_key_entry(&mut db, Domain::APP, 3, &alias, None)

4407

.expect("Failed to make key entry.");

4408

let key = KeyDescriptor {

domain: Domain::APP,

nspace: -1,

alias: Some(alias),

blob: None,

};

db.unbind_key(&key, KeyType::Client, 3, |_, _| Ok(())).expect("Unbind Failed.");

}

});

handle1.join().expect("Thread 1 panicked.");

4419

handle2.join().expect("Thread 2 panicked.");

4420

handle4.join().expect("Thread 4 panicked.");

4421

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

Ok(())

}

#[test]

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

4426

fn list() -> Result<()> {

4427

let temp_dir = TempDir::new("list_test")?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4428

let mut db = KeystoreDB::new(temp_dir.path(), None)?;

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

4429

static LIST_O_ENTRIES: &[(Domain, i64, &str)] = &[

4430

(Domain::APP, 1, "test1"),

4431

(Domain::APP, 1, "test2"),

4432

(Domain::APP, 1, "test3"),

4433

(Domain::APP, 1, "test4"),

4434

(Domain::APP, 1, "test5"),

4435

(Domain::APP, 1, "test6"),

4436

(Domain::APP, 1, "test7"),

4437

(Domain::APP, 2, "test1"),

4438

(Domain::APP, 2, "test2"),

4439

(Domain::APP, 2, "test3"),

4440

(Domain::APP, 2, "test4"),

4441

(Domain::APP, 2, "test5"),

4442

(Domain::APP, 2, "test6"),

4443

(Domain::APP, 2, "test8"),

4444

(Domain::SELINUX, 100, "test1"),

4445

(Domain::SELINUX, 100, "test2"),

4446

(Domain::SELINUX, 100, "test3"),

4447

(Domain::SELINUX, 100, "test4"),

4448

(Domain::SELINUX, 100, "test5"),

4449

(Domain::SELINUX, 100, "test6"),

4450

(Domain::SELINUX, 100, "test9"),

4451

];

4452

4453

let list_o_keys: Vec<(i64, i64)> = LIST_O_ENTRIES

4454

.iter()

4455

.map(|(domain, ns, alias)| {

Chris Wailes

dabb6fe

2022-11-16 15:56:19 -0800

[diff] [blame]

4456

let entry =

4457

make_test_key_entry(&mut db, *domain, *ns, alias, None).unwrap_or_else(|e| {

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

4458

panic!("Failed to insert {:?} {} {}. Error {:?}", domain, ns, alias, e)

});

(entry.id(), *ns)

})

.collect();

for (domain, namespace) in

4465

&[(Domain::APP, 1i64), (Domain::APP, 2i64), (Domain::SELINUX, 100i64)]

4466

{

4467

let mut list_o_descriptors: Vec<KeyDescriptor> = LIST_O_ENTRIES

4468

.iter()

4469

.filter_map(|(domain, ns, alias)| match ns {

4470

ns if *ns == *namespace => Some(KeyDescriptor {

4471

domain: *domain,

4472

nspace: *ns,

4473

alias: Some(alias.to_string()),

blob: None,

}),

_ => None,

})

.collect();

list_o_descriptors.sort();

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

4480

let mut list_result = db.list_past_alias(*domain, *namespace, KeyType::Client, None)?;

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

4481

list_result.sort();

4482

assert_eq!(list_o_descriptors, list_result);

4483

4484

let mut list_o_ids: Vec<i64> = list_o_descriptors

4485

.into_iter()

4486

.map(|d| {

4487

let (_, entry) = db

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4488

.load_key_entry(

Janis Danisevskis

2021-01-27 08:40:25 -0800

[diff] [blame]

4489

&d,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4490

KeyType::Client,

4491

KeyEntryLoadBits::NONE,

4492

*namespace as u32,

4493

|_, _| Ok(()),

4494

)

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

.unwrap();

entry.id()

})

.collect();

list_o_ids.sort_unstable();

4500

let mut loaded_entries: Vec<i64> = list_o_keys

4501

.iter()

4502

.filter_map(|(id, ns)| match ns {

4503

ns if *ns == *namespace => Some(*id),

_ => None,

})

.collect();

loaded_entries.sort_unstable();

4508

assert_eq!(list_o_ids, loaded_entries);

4509

}

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

4510

assert_eq!(

4511

Vec::<KeyDescriptor>::new(),

4512

db.list_past_alias(Domain::SELINUX, 101, KeyType::Client, None)?

4513

);

Janis Danisevskis

2020-12-02 12:57:41 -0800

[diff] [blame]

Ok(())

}

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

4518

// Helpers

4519

4520

// Checks that the given result is an error containing the given string.

4521

fn check_result_is_error_containing_string<T>(result: Result<T>, target: &str) {

4522

let error_str = format!(

4523

"{:#?}",

4524

result.err().unwrap_or_else(|| panic!("Expected the error: {}", target))

4525

);

4526

assert!(

4527

error_str.contains(target),

4528

"The string \"{}\" should contain \"{}\"",

error_str,

target

);

}

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

4534

#[derive(Debug, PartialEq)]

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

4535

struct KeyEntryRow {

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

4536

id: i64,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4537

key_type: KeyType,

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

4538

domain: Option<Domain>,

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

4539

namespace: Option<i64>,

4540

alias: Option<String>,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

4541

state: KeyLifeCycle,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

4542

km_uuid: Option<Uuid>,

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

4543

}

4544

4545

fn get_keyentry(db: &KeystoreDB) -> Result<Vec<KeyEntryRow>> {

4546

db.conn

Joel Galenson

2020-07-22 15:27:57 -0700

[diff] [blame]

4547

.prepare("SELECT * FROM persistent.keyentry;")?

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

4548

.query_map([], |row| {

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

4549

Ok(KeyEntryRow {

4550

id: row.get(0)?,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4551

key_type: row.get(1)?,

Chris Wailes

3583a51

2021-07-22 16:22:51 -0700

[diff] [blame]

4552

domain: row.get::<_, Option<_>>(2)?.map(Domain),

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

4553

namespace: row.get(3)?,

4554

alias: row.get(4)?,

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

4555

state: row.get(5)?,

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

4556

km_uuid: row.get(6)?,

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

4557

})

4558

})?

4559

.map(|r| r.context("Could not read keyentry row."))

4560

.collect::<Result<Vec<_>>>()

4561

}

4562

Eran Messeri

2024-01-09 12:43:31 +0000

[diff] [blame]

4563

fn make_test_params(max_usage_count: Option<i32>) -> Vec<KeyParameter> {

4564

make_test_params_with_sids(max_usage_count, &[42])

4565

}

4566

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

4567

// Note: The parameters and SecurityLevel associations are nonsensical. This

4568

// collection is only used to check if the parameters are preserved as expected by the

4569

// database.

Eran Messeri

2024-01-09 12:43:31 +0000

[diff] [blame]

4570

fn make_test_params_with_sids(

4571

max_usage_count: Option<i32>,

4572

user_secure_ids: &[i64],

4573

) -> Vec<KeyParameter> {

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4574

let mut params = vec![

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

4575

KeyParameter::new(KeyParameterValue::Invalid, SecurityLevel::TRUSTED_ENVIRONMENT),

4576

KeyParameter::new(

4577

KeyParameterValue::KeyPurpose(KeyPurpose::SIGN),

4578

SecurityLevel::TRUSTED_ENVIRONMENT,

4579

),

4580

KeyParameter::new(

4581

KeyParameterValue::KeyPurpose(KeyPurpose::DECRYPT),

4582

SecurityLevel::TRUSTED_ENVIRONMENT,

4583

),

4584

KeyParameter::new(

4585

KeyParameterValue::Algorithm(Algorithm::RSA),

4586

SecurityLevel::TRUSTED_ENVIRONMENT,

4587

),

4588

KeyParameter::new(KeyParameterValue::KeySize(1024), SecurityLevel::TRUSTED_ENVIRONMENT),

4589

KeyParameter::new(

4590

KeyParameterValue::BlockMode(BlockMode::ECB),

4591

SecurityLevel::TRUSTED_ENVIRONMENT,

4592

),

4593

KeyParameter::new(

4594

KeyParameterValue::BlockMode(BlockMode::GCM),

4595

SecurityLevel::TRUSTED_ENVIRONMENT,

4596

),

4597

KeyParameter::new(KeyParameterValue::Digest(Digest::NONE), SecurityLevel::STRONGBOX),

4598

KeyParameter::new(

4599

KeyParameterValue::Digest(Digest::MD5),

4600

SecurityLevel::TRUSTED_ENVIRONMENT,

4601

),

4602

KeyParameter::new(

4603

KeyParameterValue::Digest(Digest::SHA_2_224),

4604

SecurityLevel::TRUSTED_ENVIRONMENT,

4605

),

4606

KeyParameter::new(

4607

KeyParameterValue::Digest(Digest::SHA_2_256),

4608

SecurityLevel::STRONGBOX,

4609

),

4610

KeyParameter::new(

4611

KeyParameterValue::PaddingMode(PaddingMode::NONE),

4612

SecurityLevel::TRUSTED_ENVIRONMENT,

4613

),

4614

KeyParameter::new(

4615

KeyParameterValue::PaddingMode(PaddingMode::RSA_OAEP),

4616

SecurityLevel::TRUSTED_ENVIRONMENT,

4617

),

4618

KeyParameter::new(

4619

KeyParameterValue::PaddingMode(PaddingMode::RSA_PSS),

4620

SecurityLevel::STRONGBOX,

4621

),

4622

KeyParameter::new(

4623

KeyParameterValue::PaddingMode(PaddingMode::RSA_PKCS1_1_5_SIGN),

4624

SecurityLevel::TRUSTED_ENVIRONMENT,

4625

),

4626

KeyParameter::new(KeyParameterValue::CallerNonce, SecurityLevel::TRUSTED_ENVIRONMENT),

4627

KeyParameter::new(KeyParameterValue::MinMacLength(256), SecurityLevel::STRONGBOX),

4628

KeyParameter::new(

4629

KeyParameterValue::EcCurve(EcCurve::P_224),

4630

SecurityLevel::TRUSTED_ENVIRONMENT,

4631

),

4632

KeyParameter::new(KeyParameterValue::EcCurve(EcCurve::P_256), SecurityLevel::STRONGBOX),

4633

KeyParameter::new(

4634

KeyParameterValue::EcCurve(EcCurve::P_384),

4635

SecurityLevel::TRUSTED_ENVIRONMENT,

4636

),

4637

KeyParameter::new(

4638

KeyParameterValue::EcCurve(EcCurve::P_521),

4639

SecurityLevel::TRUSTED_ENVIRONMENT,

4640

),

4641

KeyParameter::new(

4642

KeyParameterValue::RSAPublicExponent(3),

4643

SecurityLevel::TRUSTED_ENVIRONMENT,

4644

),

4645

KeyParameter::new(

4646

KeyParameterValue::IncludeUniqueID,

4647

SecurityLevel::TRUSTED_ENVIRONMENT,

4648

),

4649

KeyParameter::new(KeyParameterValue::BootLoaderOnly, SecurityLevel::STRONGBOX),

4650

KeyParameter::new(KeyParameterValue::RollbackResistance, SecurityLevel::STRONGBOX),

4651

KeyParameter::new(

4652

KeyParameterValue::ActiveDateTime(1234567890),

4653

SecurityLevel::STRONGBOX,

4654

),

4655

KeyParameter::new(

4656

KeyParameterValue::OriginationExpireDateTime(1234567890),

4657

SecurityLevel::TRUSTED_ENVIRONMENT,

4658

),

4659

KeyParameter::new(

4660

KeyParameterValue::UsageExpireDateTime(1234567890),

4661

SecurityLevel::TRUSTED_ENVIRONMENT,

4662

),

4663

KeyParameter::new(

4664

KeyParameterValue::MinSecondsBetweenOps(1234567890),

4665

SecurityLevel::TRUSTED_ENVIRONMENT,

4666

),

4667

KeyParameter::new(

4668

KeyParameterValue::MaxUsesPerBoot(1234567890),

4669

SecurityLevel::TRUSTED_ENVIRONMENT,

4670

),

4671

KeyParameter::new(KeyParameterValue::UserID(1), SecurityLevel::STRONGBOX),

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

4672

KeyParameter::new(

4673

KeyParameterValue::NoAuthRequired,

4674

SecurityLevel::TRUSTED_ENVIRONMENT,

4675

),

4676

KeyParameter::new(

4677

KeyParameterValue::HardwareAuthenticatorType(HardwareAuthenticatorType::PASSWORD),

4678

SecurityLevel::TRUSTED_ENVIRONMENT,

4679

),

4680

KeyParameter::new(KeyParameterValue::AuthTimeout(1234567890), SecurityLevel::SOFTWARE),

4681

KeyParameter::new(KeyParameterValue::AllowWhileOnBody, SecurityLevel::SOFTWARE),

4682

KeyParameter::new(

4683

KeyParameterValue::TrustedUserPresenceRequired,

4684

SecurityLevel::TRUSTED_ENVIRONMENT,

4685

),

4686

KeyParameter::new(

4687

KeyParameterValue::TrustedConfirmationRequired,

4688

SecurityLevel::TRUSTED_ENVIRONMENT,

4689

),

4690

KeyParameter::new(

4691

KeyParameterValue::UnlockedDeviceRequired,

4692

SecurityLevel::TRUSTED_ENVIRONMENT,

4693

),

4694

KeyParameter::new(

4695

KeyParameterValue::ApplicationID(vec![1u8, 2u8, 3u8, 4u8]),

4696

SecurityLevel::SOFTWARE,

4697

),

4698

KeyParameter::new(

4699

KeyParameterValue::ApplicationData(vec![4u8, 3u8, 2u8, 1u8]),

4700

SecurityLevel::SOFTWARE,

4701

),

4702

KeyParameter::new(

4703

KeyParameterValue::CreationDateTime(12345677890),

4704

SecurityLevel::SOFTWARE,

4705

),

4706

KeyParameter::new(

4707

KeyParameterValue::KeyOrigin(KeyOrigin::GENERATED),

4708

SecurityLevel::TRUSTED_ENVIRONMENT,

4709

),

4710

KeyParameter::new(

4711

KeyParameterValue::RootOfTrust(vec![3u8, 2u8, 1u8, 4u8]),

4712

SecurityLevel::TRUSTED_ENVIRONMENT,

4713

),

4714

KeyParameter::new(KeyParameterValue::OSVersion(1), SecurityLevel::TRUSTED_ENVIRONMENT),

4715

KeyParameter::new(KeyParameterValue::OSPatchLevel(2), SecurityLevel::SOFTWARE),

4716

KeyParameter::new(

4717

KeyParameterValue::UniqueID(vec![4u8, 3u8, 1u8, 2u8]),

4718

SecurityLevel::SOFTWARE,

4719

),

4720

KeyParameter::new(

4721

KeyParameterValue::AttestationChallenge(vec![4u8, 3u8, 1u8, 2u8]),

4722

SecurityLevel::TRUSTED_ENVIRONMENT,

4723

),

4724

KeyParameter::new(

4725

KeyParameterValue::AttestationApplicationID(vec![4u8, 3u8, 1u8, 2u8]),

4726

SecurityLevel::TRUSTED_ENVIRONMENT,

4727

),

4728

KeyParameter::new(

4729

KeyParameterValue::AttestationIdBrand(vec![4u8, 3u8, 1u8, 2u8]),

4730

SecurityLevel::TRUSTED_ENVIRONMENT,

4731

),

4732

KeyParameter::new(

4733

KeyParameterValue::AttestationIdDevice(vec![4u8, 3u8, 1u8, 2u8]),

4734

SecurityLevel::TRUSTED_ENVIRONMENT,

4735

),

4736

KeyParameter::new(

4737

KeyParameterValue::AttestationIdProduct(vec![4u8, 3u8, 1u8, 2u8]),

4738

SecurityLevel::TRUSTED_ENVIRONMENT,

4739

),

4740

KeyParameter::new(

4741

KeyParameterValue::AttestationIdSerial(vec![4u8, 3u8, 1u8, 2u8]),

4742

SecurityLevel::TRUSTED_ENVIRONMENT,

4743

),

4744

KeyParameter::new(

4745

KeyParameterValue::AttestationIdIMEI(vec![4u8, 3u8, 1u8, 2u8]),

4746

SecurityLevel::TRUSTED_ENVIRONMENT,

4747

),

4748

KeyParameter::new(

Eran Messeri

637259c

2022-10-31 12:23:36 +0000

[diff] [blame]

4749

KeyParameterValue::AttestationIdSecondIMEI(vec![4u8, 3u8, 1u8, 2u8]),

4750

SecurityLevel::TRUSTED_ENVIRONMENT,

4751

),

4752

KeyParameter::new(

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

4753

KeyParameterValue::AttestationIdMEID(vec![4u8, 3u8, 1u8, 2u8]),

4754

SecurityLevel::TRUSTED_ENVIRONMENT,

4755

),

4756

KeyParameter::new(

4757

KeyParameterValue::AttestationIdManufacturer(vec![4u8, 3u8, 1u8, 2u8]),

4758

SecurityLevel::TRUSTED_ENVIRONMENT,

4759

),

4760

KeyParameter::new(

4761

KeyParameterValue::AttestationIdModel(vec![4u8, 3u8, 1u8, 2u8]),

4762

SecurityLevel::TRUSTED_ENVIRONMENT,

4763

),

4764

KeyParameter::new(

4765

KeyParameterValue::VendorPatchLevel(3),

4766

SecurityLevel::TRUSTED_ENVIRONMENT,

4767

),

4768

KeyParameter::new(

4769

KeyParameterValue::BootPatchLevel(4),

4770

SecurityLevel::TRUSTED_ENVIRONMENT,

4771

),

4772

KeyParameter::new(

4773

KeyParameterValue::AssociatedData(vec![4u8, 3u8, 1u8, 2u8]),

4774

SecurityLevel::TRUSTED_ENVIRONMENT,

4775

),

4776

KeyParameter::new(

4777

KeyParameterValue::Nonce(vec![4u8, 3u8, 1u8, 2u8]),

4778

SecurityLevel::TRUSTED_ENVIRONMENT,

4779

),

4780

KeyParameter::new(

4781

KeyParameterValue::MacLength(256),

4782

SecurityLevel::TRUSTED_ENVIRONMENT,

4783

),

4784

KeyParameter::new(

4785

KeyParameterValue::ResetSinceIdRotation,

4786

SecurityLevel::TRUSTED_ENVIRONMENT,

4787

),

4788

KeyParameter::new(

4789

KeyParameterValue::ConfirmationToken(vec![5u8, 5u8, 5u8, 5u8]),

4790

SecurityLevel::TRUSTED_ENVIRONMENT,

4791

),

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4792

];

4793

if let Some(value) = max_usage_count {

4794

params.push(KeyParameter::new(

4795

KeyParameterValue::UsageCountLimit(value),

4796

SecurityLevel::SOFTWARE,

4797

));

4798

}

Eran Messeri

2024-01-09 12:43:31 +0000

[diff] [blame]

4799

4800

for sid in user_secure_ids.iter() {

4801

params.push(KeyParameter::new(

4802

KeyParameterValue::UserSecureID(*sid),

4803

SecurityLevel::STRONGBOX,

4804

));

4805

}

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4806

params

Janis Danisevskis

2020-09-03 14:46:22 -0700

[diff] [blame]

4807

}

4808

Nathan Huckleberry

95dca01

2023-05-10 18:02:11 +0000

[diff] [blame]

4809

pub fn make_test_key_entry(

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

4810

db: &mut KeystoreDB,

Janis Danisevskis

2020-09-11 13:27:37 -0700

[diff] [blame]

4811

domain: Domain,

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

4812

namespace: i64,

4813

alias: &str,

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4814

max_usage_count: Option<i32>,

Janis Danisevskis

2020-11-12 09:41:49 -0800

[diff] [blame]

4815

) -> Result<KeyIdGuard> {

Eran Messeri

2024-01-09 12:43:31 +0000

[diff] [blame]

4816

make_test_key_entry_with_sids(db, domain, namespace, alias, max_usage_count, &[42])

4817

}

4818

4819

pub fn make_test_key_entry_with_sids(

db: &mut KeystoreDB,

domain: Domain,

namespace: i64,

alias: &str,

max_usage_count: Option<i32>,

4825

sids: &[i64],

4826

) -> Result<KeyIdGuard> {

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

4827

let key_id = db.create_key_entry(&domain, &namespace, KeyType::Client, &KEYSTORE_UUID)?;

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4828

let mut blob_metadata = BlobMetaData::new();

4829

blob_metadata.add(BlobMetaEntry::EncryptedBy(EncryptedBy::Password));

4830

blob_metadata.add(BlobMetaEntry::Salt(vec![1, 2, 3]));

4831

blob_metadata.add(BlobMetaEntry::Iv(vec![2, 3, 1]));

4832

blob_metadata.add(BlobMetaEntry::AeadTag(vec![3, 1, 2]));

4833

blob_metadata.add(BlobMetaEntry::KmUuid(KEYSTORE_UUID));

db.set_blob(

&key_id,

SubComponentType::KEY_BLOB,

4838

Some(TEST_KEY_BLOB),

4839

Some(&blob_metadata),

4840

)?;

4841

db.set_blob(&key_id, SubComponentType::CERT, Some(TEST_CERT_BLOB), None)?;

4842

db.set_blob(&key_id, SubComponentType::CERT_CHAIN, Some(TEST_CERT_CHAIN_BLOB), None)?;

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4843

Eran Messeri

2024-01-09 12:43:31 +0000

[diff] [blame]

4844

let params = make_test_params_with_sids(max_usage_count, sids);

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4845

db.insert_keyparameter(&key_id, &params)?;

4846

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4847

let mut metadata = KeyMetaData::new();

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4848

metadata.add(KeyMetaEntry::CreationDate(DateTime::from_millis_epoch(123456789)));

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4849

db.insert_key_metadata(&key_id, &metadata)?;

Janis Danisevskis

2021-01-13 16:34:39 -0800

[diff] [blame]

4850

rebind_alias(db, &key_id, alias, domain, namespace)?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

Ok(key_id)

}

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4854

fn make_test_key_entry_test_vector(key_id: i64, max_usage_count: Option<i32>) -> KeyEntry {

4855

let params = make_test_params(max_usage_count);

4856

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4857

let mut blob_metadata = BlobMetaData::new();

4858

blob_metadata.add(BlobMetaEntry::EncryptedBy(EncryptedBy::Password));

4859

blob_metadata.add(BlobMetaEntry::Salt(vec![1, 2, 3]));

4860

blob_metadata.add(BlobMetaEntry::Iv(vec![2, 3, 1]));

4861

blob_metadata.add(BlobMetaEntry::AeadTag(vec![3, 1, 2]));

4862

blob_metadata.add(BlobMetaEntry::KmUuid(KEYSTORE_UUID));

4863

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4864

let mut metadata = KeyMetaData::new();

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4865

metadata.add(KeyMetaEntry::CreationDate(DateTime::from_millis_epoch(123456789)));

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4866

4867

KeyEntry {

4868

id: key_id,

Janis Danisevskis

2021-02-13 10:01:59 -0800

[diff] [blame]

4869

key_blob_info: Some((TEST_KEY_BLOB.to_vec(), blob_metadata)),

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4870

cert: Some(TEST_CERT_BLOB.to_vec()),

4871

cert_chain: Some(TEST_CERT_CHAIN_BLOB.to_vec()),

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

4872

km_uuid: KEYSTORE_UUID,

Qi Wu

2020-12-01 14:52:46 +0800

[diff] [blame]

4873

parameters: params,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

4874

metadata,

Janis Danisevskis

2021-01-27 19:07:48 -0800

[diff] [blame]

4875

pure_cert: false,

Janis Danisevskis

2020-12-15 08:41:27 -0800

[diff] [blame]

}

}

Nathan Huckleberry

2023-05-10 18:02:11 +0000

[diff] [blame]

4879

pub fn make_bootlevel_key_entry(

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

db: &mut KeystoreDB,

domain: Domain,

namespace: i64,

alias: &str,

logical_only: bool,

) -> Result<KeyIdGuard> {

4886

let key_id = db.create_key_entry(&domain, &namespace, KeyType::Client, &KEYSTORE_UUID)?;

4887

let mut blob_metadata = BlobMetaData::new();

4888

if !logical_only {

4889

blob_metadata.add(BlobMetaEntry::MaxBootLevel(3));

4890

}

4891

blob_metadata.add(BlobMetaEntry::KmUuid(KEYSTORE_UUID));

db.set_blob(

&key_id,

SubComponentType::KEY_BLOB,

4896

Some(TEST_KEY_BLOB),

4897

Some(&blob_metadata),

4898

)?;

4899

db.set_blob(&key_id, SubComponentType::CERT, Some(TEST_CERT_BLOB), None)?;

4900

db.set_blob(&key_id, SubComponentType::CERT_CHAIN, Some(TEST_CERT_CHAIN_BLOB), None)?;

4901

4902

let mut params = make_test_params(None);

4903

params.push(KeyParameter::new(KeyParameterValue::MaxBootLevel(3), SecurityLevel::KEYSTORE));

4904

4905

db.insert_keyparameter(&key_id, &params)?;

4906

4907

let mut metadata = KeyMetaData::new();

4908

metadata.add(KeyMetaEntry::CreationDate(DateTime::from_millis_epoch(123456789)));

4909

db.insert_key_metadata(&key_id, &metadata)?;

4910

rebind_alias(db, &key_id, alias, domain, namespace)?;

Ok(key_id)

}

Eric Biggers

2023-10-27 03:55:29 +0000

[diff] [blame]

4914

// Creates an app key that is marked as being superencrypted by the given

4915

// super key ID and that has the given authentication and unlocked device

4916

// parameters. This does not actually superencrypt the key blob.

4917

fn make_superencrypted_key_entry(

db: &mut KeystoreDB,

namespace: i64,

alias: &str,

requires_authentication: bool,

4922

requires_unlocked_device: bool,

4923

super_key_id: i64,

4924

) -> Result<KeyIdGuard> {

4925

let domain = Domain::APP;

4926

let key_id = db.create_key_entry(&domain, &namespace, KeyType::Client, &KEYSTORE_UUID)?;

4927

4928

let mut blob_metadata = BlobMetaData::new();

4929

blob_metadata.add(BlobMetaEntry::KmUuid(KEYSTORE_UUID));

4930

blob_metadata.add(BlobMetaEntry::EncryptedBy(EncryptedBy::KeyId(super_key_id)));

4931

db.set_blob(

4932

&key_id,

4933

SubComponentType::KEY_BLOB,

4934

Some(TEST_KEY_BLOB),

4935

Some(&blob_metadata),

4936

)?;

4937

4938

let mut params = vec![];

4939

if requires_unlocked_device {

4940

params.push(KeyParameter::new(

4941

KeyParameterValue::UnlockedDeviceRequired,

4942

SecurityLevel::TRUSTED_ENVIRONMENT,

4943

));

4944

}

4945

if requires_authentication {

4946

params.push(KeyParameter::new(

4947

KeyParameterValue::UserSecureID(42),

4948

SecurityLevel::TRUSTED_ENVIRONMENT,

4949

));

4950

}

4951

db.insert_keyparameter(&key_id, &params)?;

4952

4953

let mut metadata = KeyMetaData::new();

4954

metadata.add(KeyMetaEntry::CreationDate(DateTime::from_millis_epoch(123456789)));

4955

db.insert_key_metadata(&key_id, &metadata)?;

4956

4957

rebind_alias(db, &key_id, alias, domain, namespace)?;

Ok(key_id)

}

Janis Danisevskis

2021-05-26 16:31:02 -0700

[diff] [blame]

4961

fn make_bootlevel_test_key_entry_test_vector(key_id: i64, logical_only: bool) -> KeyEntry {

4962

let mut params = make_test_params(None);

4963

params.push(KeyParameter::new(KeyParameterValue::MaxBootLevel(3), SecurityLevel::KEYSTORE));

4964

4965

let mut blob_metadata = BlobMetaData::new();

4966

if !logical_only {

4967

blob_metadata.add(BlobMetaEntry::MaxBootLevel(3));

4968

}

4969

blob_metadata.add(BlobMetaEntry::KmUuid(KEYSTORE_UUID));

4970

4971

let mut metadata = KeyMetaData::new();

4972

metadata.add(KeyMetaEntry::CreationDate(DateTime::from_millis_epoch(123456789)));

KeyEntry {

id: key_id,

key_blob_info: Some((TEST_KEY_BLOB.to_vec(), blob_metadata)),

4977

cert: Some(TEST_CERT_BLOB.to_vec()),

4978

cert_chain: Some(TEST_CERT_CHAIN_BLOB.to_vec()),

4979

km_uuid: KEYSTORE_UUID,

parameters: params,

metadata,

pure_cert: false,

}

}

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

4986

fn debug_dump_keyentry_table(db: &mut KeystoreDB) -> Result<()> {

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

4987

let mut stmt = db.conn.prepare(

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

4988

"SELECT id, key_type, domain, namespace, alias, state, km_uuid FROM persistent.keyentry;",

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

4989

)?;

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

4990

let rows = stmt.query_map::<(i64, KeyType, i32, i64, String, KeyLifeCycle, Uuid), _, _>(

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

4991

[],

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

4992

|row| {

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

Ok((

row.get(0)?,

row.get(1)?,

row.get(2)?,

row.get(3)?,

row.get(4)?,

row.get(5)?,

row.get(6)?,

))

Janis Danisevskis

2020-12-23 12:23:08 -0800

[diff] [blame]

5002

},

5003

)?;

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

5004

5005

println!("Key entry table rows:");

5006

for r in rows {

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

5007

let (id, key_type, domain, namespace, alias, state, km_uuid) = r.unwrap();

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

5008

println!(

Max Bires

2021-01-14 13:17:59 -0800

[diff] [blame]

5009

" id: {} KeyType: {:?} Domain: {} Namespace: {} Alias: {} State: {:?} KmUuid: {:?}",

5010

id, key_type, domain, namespace, alias, state, km_uuid

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

);

}

Ok(())

}

fn debug_dump_grant_table(db: &mut KeystoreDB) -> Result<()> {

Janis Danisevskis

2020-12-08 10:35:26 -0800

[diff] [blame]

5017

let mut stmt = db

5018

.conn

5019

.prepare("SELECT id, grantee, keyentryid, access_vector FROM persistent.grant;")?;

Andrew Walbran

2023-05-30 16:20:56 +0000

[diff] [blame]

5020

let rows = stmt.query_map::<(i64, i64, i64, i64), _, _>([], |row| {

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

5021

Ok((row.get(0)?, row.get(1)?, row.get(2)?, row.get(3)?))

5022

})?;

5023

5024

println!("Grant table rows:");

5025

for r in rows {

5026

let (id, gt, ki, av) = r.unwrap();

5027

println!(" id: {} grantee: {} key_id: {} access_vector: {}", id, gt, ki, av);

}

Ok(())

}

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

5032

// Use a custom random number generator that repeats each number once.

5033

// This allows us to test repeated elements.

5034

5035

thread_local! {

5036

static RANDOM_COUNTER: RefCell<i64> = RefCell::new(0);

5037

}

5038

Janis Danisevskis

2020-09-03 10:12:56 -0700

[diff] [blame]

5039

fn reset_random() {

5040

RANDOM_COUNTER.with(|counter| {

5041

*counter.borrow_mut() = 0;

})

}

Joel Galenson

2020-07-20 10:37:03 -0700

[diff] [blame]

5045

pub fn random() -> i64 {

5046

RANDOM_COUNTER.with(|counter| {

5047

let result = *counter.borrow() / 2;

5048

*counter.borrow_mut() += 1;

5049

result

5050

})

5051

}

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

5052

5053

#[test]

5054

fn test_last_off_body() -> Result<()> {

5055

let mut db = new_test_db()?;

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

5056

db.insert_last_off_body(BootTime::now());

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

5057

let tx = db.conn.transaction_with_behavior(TransactionBehavior::Immediate)?;

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

5058

tx.commit()?;

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

5059

let last_off_body_1 = db.get_last_off_body();

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

5060

let one_second = Duration::from_secs(1);

5061

thread::sleep(one_second);

Eric Biggers

2024-01-31 22:46:47 +0000

[diff] [blame]

5062

db.update_last_off_body(BootTime::now());

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

5063

let tx2 = db.conn.transaction_with_behavior(TransactionBehavior::Immediate)?;

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

5064

tx2.commit()?;

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

5065

let last_off_body_2 = db.get_last_off_body();

Hasini Gunasinghe

2021-05-12 19:03:12 +0000

[diff] [blame]

5066

assert!(last_off_body_1 < last_off_body_2);

Hasini Gunasinghe

2020-11-11 01:02:41 +0000

[diff] [blame]

5067

Ok(())

5068

}

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5069

5070

#[test]

5071

fn test_unbind_keys_for_user() -> Result<()> {

5072

let mut db = new_test_db()?;

5073

db.unbind_keys_for_user(1, false)?;

5074

5075

make_test_key_entry(&mut db, Domain::APP, 210000, TEST_ALIAS, None)?;

5076

make_test_key_entry(&mut db, Domain::APP, 110000, TEST_ALIAS, None)?;

5077

db.unbind_keys_for_user(2, false)?;

5078

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

5079

assert_eq!(1, db.list_past_alias(Domain::APP, 110000, KeyType::Client, None)?.len());

5080

assert_eq!(0, db.list_past_alias(Domain::APP, 210000, KeyType::Client, None)?.len());

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5081

5082

db.unbind_keys_for_user(1, true)?;

Eran Messeri

2023-01-25 17:00:33 +0000

[diff] [blame]

5083

assert_eq!(0, db.list_past_alias(Domain::APP, 110000, KeyType::Client, None)?.len());

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

Ok(())

}

#[test]

Janis Danisevskis

2022-01-04 19:59:26 -0800

[diff] [blame]

5089

fn test_unbind_keys_for_user_removes_superkeys() -> Result<()> {

5090

let mut db = new_test_db()?;

5091

let super_key = keystore2_crypto::generate_aes256_key()?;

5092

let pw: keystore2_crypto::Password = (&b"xyzabc"[..]).into();

5093

let (encrypted_super_key, metadata) =

5094

SuperKeyManager::encrypt_with_password(&super_key, &pw)?;

5095

5096

let key_name_enc = SuperKeyType {

5097

alias: "test_super_key_1",

5098

algorithm: SuperEncryptionAlgorithm::Aes256Gcm,

Eric Biggers

6745f53

2023-10-27 03:55:28 +0000

[diff] [blame]

5099

name: "test_super_key_1",

Janis Danisevskis

2022-01-04 19:59:26 -0800

[diff] [blame]

5100

};

5101

5102

let key_name_nonenc = SuperKeyType {

5103

alias: "test_super_key_2",

5104

algorithm: SuperEncryptionAlgorithm::Aes256Gcm,

Eric Biggers

6745f53

2023-10-27 03:55:28 +0000

[diff] [blame]

5105

name: "test_super_key_2",

Janis Danisevskis

2022-01-04 19:59:26 -0800

[diff] [blame]

5106

};

5107

5108

// Install two super keys.

db.store_super_key(

1,

&key_name_nonenc,

&super_key,

&BlobMetaData::new(),

5114

&KeyMetaData::new(),

5115

)?;

5116

db.store_super_key(1, &key_name_enc, &encrypted_super_key, &metadata, &KeyMetaData::new())?;

5117

5118

// Check that both can be found in the database.

5119

assert!(db.load_super_key(&key_name_enc, 1)?.is_some());

5120

assert!(db.load_super_key(&key_name_nonenc, 1)?.is_some());

5121

5122

// Install the same keys for a different user.

db.store_super_key(

2,

&key_name_nonenc,

&super_key,

&BlobMetaData::new(),

5128

&KeyMetaData::new(),

5129

)?;

5130

db.store_super_key(2, &key_name_enc, &encrypted_super_key, &metadata, &KeyMetaData::new())?;

5131

5132

// Check that the second pair of keys can be found in the database.

5133

assert!(db.load_super_key(&key_name_enc, 2)?.is_some());

5134

assert!(db.load_super_key(&key_name_nonenc, 2)?.is_some());

5135

5136

// Delete only encrypted keys.

5137

db.unbind_keys_for_user(1, true)?;

5138

5139

// The encrypted superkey should be gone now.

5140

assert!(db.load_super_key(&key_name_enc, 1)?.is_none());

5141

assert!(db.load_super_key(&key_name_nonenc, 1)?.is_some());

5142

5143

// Reinsert the encrypted key.

5144

db.store_super_key(1, &key_name_enc, &encrypted_super_key, &metadata, &KeyMetaData::new())?;

5145

5146

// Check that both can be found in the database, again..

5147

assert!(db.load_super_key(&key_name_enc, 1)?.is_some());

5148

assert!(db.load_super_key(&key_name_nonenc, 1)?.is_some());

5149

5150

// Delete all even unencrypted keys.

5151

db.unbind_keys_for_user(1, false)?;

5152

5153

// Both should be gone now.

5154

assert!(db.load_super_key(&key_name_enc, 1)?.is_none());

5155

assert!(db.load_super_key(&key_name_nonenc, 1)?.is_none());

5156

5157

// Check that the second pair of keys was untouched.

5158

assert!(db.load_super_key(&key_name_enc, 2)?.is_some());

5159

assert!(db.load_super_key(&key_name_nonenc, 2)?.is_some());

Ok(())

}

Eric Biggers

2023-10-27 03:55:29 +0000

[diff] [blame]

5164

fn app_key_exists(db: &mut KeystoreDB, nspace: i64, alias: &str) -> Result<bool> {

5165

db.key_exists(Domain::APP, nspace, alias, KeyType::Client)

5166

}

5167

5168

// Tests the unbind_auth_bound_keys_for_user() function.

5169

#[test]

5170

fn test_unbind_auth_bound_keys_for_user() -> Result<()> {

5171

let mut db = new_test_db()?;

5172

let user_id = 1;

5173

let nspace: i64 = (user_id * AID_USER_OFFSET).into();

5174

let other_user_id = 2;

5175

let other_user_nspace: i64 = (other_user_id * AID_USER_OFFSET).into();

5176

let super_key_type = &USER_AFTER_FIRST_UNLOCK_SUPER_KEY;

5177

5178

// Create a superencryption key.

5179

let super_key = keystore2_crypto::generate_aes256_key()?;

5180

let pw: keystore2_crypto::Password = (&b"xyzabc"[..]).into();

5181

let (encrypted_super_key, blob_metadata) =

5182

SuperKeyManager::encrypt_with_password(&super_key, &pw)?;

db.store_super_key(

user_id,

super_key_type,

&encrypted_super_key,

&blob_metadata,

&KeyMetaData::new(),

)?;

let super_key_id = db.load_super_key(super_key_type, user_id)?.unwrap().0 .0;

5191

5192

// Store 4 superencrypted app keys, one for each possible combination of

5193

// (authentication required, unlocked device required).

5194

make_superencrypted_key_entry(&mut db, nspace, "noauth_noud", false, false, super_key_id)?;

5195

make_superencrypted_key_entry(&mut db, nspace, "noauth_ud", false, true, super_key_id)?;

5196

make_superencrypted_key_entry(&mut db, nspace, "auth_noud", true, false, super_key_id)?;

5197

make_superencrypted_key_entry(&mut db, nspace, "auth_ud", true, true, super_key_id)?;

5198

assert!(app_key_exists(&mut db, nspace, "noauth_noud")?);

5199

assert!(app_key_exists(&mut db, nspace, "noauth_ud")?);

5200

assert!(app_key_exists(&mut db, nspace, "auth_noud")?);

5201

assert!(app_key_exists(&mut db, nspace, "auth_ud")?);

5202

5203

// Also store a key for a different user that requires authentication.

5204

make_superencrypted_key_entry(

&mut db,

other_user_nspace,

"auth_ud",

true,

true,

super_key_id,

)?;

db.unbind_auth_bound_keys_for_user(user_id)?;

5214

5215

// Verify that only the user's app keys that require authentication were

5216

// deleted. Keys that require an unlocked device but not authentication

5217

// should *not* have been deleted, nor should the super key have been

5218

// deleted, nor should other users' keys have been deleted.

5219

assert!(db.load_super_key(super_key_type, user_id)?.is_some());

5220

assert!(app_key_exists(&mut db, nspace, "noauth_noud")?);

5221

assert!(app_key_exists(&mut db, nspace, "noauth_ud")?);

5222

assert!(!app_key_exists(&mut db, nspace, "auth_noud")?);

5223

assert!(!app_key_exists(&mut db, nspace, "auth_ud")?);

5224

assert!(app_key_exists(&mut db, other_user_nspace, "auth_ud")?);

Ok(())

}

Janis Danisevskis

2022-01-04 19:59:26 -0800

[diff] [blame]

5229

#[test]

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5230

fn test_store_super_key() -> Result<()> {

5231

let mut db = new_test_db()?;

Paul Crowley

f61fee7

2021-03-17 14:38:44 -0700

[diff] [blame]

5232

let pw: keystore2_crypto::Password = (&b"xyzabc"[..]).into();

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5233

let super_key = keystore2_crypto::generate_aes256_key()?;

Paul Crowley

2021-03-18 17:08:20 -0700

[diff] [blame]

5234

let secret_bytes = b"keystore2 is great.";

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5235

let (encrypted_secret, iv, tag) =

Paul Crowley

2021-03-18 17:08:20 -0700

[diff] [blame]

5236

keystore2_crypto::aes_gcm_encrypt(secret_bytes, &super_key)?;

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5237

5238

let (encrypted_super_key, metadata) =

5239

SuperKeyManager::encrypt_with_password(&super_key, &pw)?;

Paul Crowley

2021-03-19 10:53:07 -0700

[diff] [blame]

5240

db.store_super_key(

5241

1,

Eric Biggers

2023-10-18 01:54:18 +0000

[diff] [blame]

5242

&USER_AFTER_FIRST_UNLOCK_SUPER_KEY,

Paul Crowley

2021-03-19 10:53:07 -0700

[diff] [blame]

5243

&encrypted_super_key,

5244

&metadata,

5245

&KeyMetaData::new(),

5246

)?;

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5247

Janis Danisevskis

2022-01-04 19:59:26 -0800

[diff] [blame]

5248

// Check if super key exists.

Eric Biggers

2023-10-18 01:54:18 +0000

[diff] [blame]

5249

assert!(db.key_exists(

5250

Domain::APP,

5251

1,

5252

USER_AFTER_FIRST_UNLOCK_SUPER_KEY.alias,

5253

KeyType::Super

5254

)?);

Hasini Gunasinghe

2021-02-01 21:10:02 +0000

[diff] [blame]

5255

Eric Biggers

2023-10-18 01:54:18 +0000

[diff] [blame]

5256

let (_, key_entry) = db.load_super_key(&USER_AFTER_FIRST_UNLOCK_SUPER_KEY, 1)?.unwrap();

Paul Crowley

2021-03-19 10:53:07 -0700

[diff] [blame]

5257

let loaded_super_key = SuperKeyManager::extract_super_key_from_key_entry(

Eric Biggers

2023-10-18 01:54:18 +0000

[diff] [blame]

5258

USER_AFTER_FIRST_UNLOCK_SUPER_KEY.algorithm,

Paul Crowley

2021-03-19 10:53:07 -0700

[diff] [blame]

key_entry,

&pw,

None,

)?;

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5263

Janis Danisevskis

2022-01-26 14:11:14 -0800

[diff] [blame]

5264

let decrypted_secret_bytes = loaded_super_key.decrypt(&encrypted_secret, &iv, &tag)?;

Paul Crowley

2021-03-18 17:08:20 -0700

[diff] [blame]

5265

assert_eq!(secret_bytes, &*decrypted_secret_bytes);

Janis Danisevskis

2022-01-04 19:59:26 -0800

[diff] [blame]

5266

Hasini Gunasinghe

2021-01-27 19:34:37 +0000

[diff] [blame]

5267

Ok(())

5268

}

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5269

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5270

fn get_valid_statsd_storage_types() -> Vec<MetricsStorage> {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5271

vec![

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5272

MetricsStorage::KEY_ENTRY,

5273

MetricsStorage::KEY_ENTRY_ID_INDEX,

5274

MetricsStorage::KEY_ENTRY_DOMAIN_NAMESPACE_INDEX,

5275

MetricsStorage::BLOB_ENTRY,

5276

MetricsStorage::BLOB_ENTRY_KEY_ENTRY_ID_INDEX,

5277

MetricsStorage::KEY_PARAMETER,

5278

MetricsStorage::KEY_PARAMETER_KEY_ENTRY_ID_INDEX,

5279

MetricsStorage::KEY_METADATA,

5280

MetricsStorage::KEY_METADATA_KEY_ENTRY_ID_INDEX,

5281

MetricsStorage::GRANT,

5282

MetricsStorage::AUTH_TOKEN,

5283

MetricsStorage::BLOB_METADATA,

5284

MetricsStorage::BLOB_METADATA_BLOB_ENTRY_ID_INDEX,

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

]

}

/// Perform a simple check to ensure that we can query all the storage types

5289

/// that are supported by the DB. Check for reasonable values.

5290

#[test]

5291

fn test_query_all_valid_table_sizes() -> Result<()> {

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5292

const PAGE_SIZE: i32 = 4096;

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5293

5294

let mut db = new_test_db()?;

5295

5296

for t in get_valid_statsd_storage_types() {

5297

let stat = db.get_storage_stat(t)?;

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

5298

// AuthToken can be less than a page since it's in a btree, not sqlite

5299

// TODO(b/187474736) stop using if-let here

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5300

if let MetricsStorage::AUTH_TOKEN = t {

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

5301

} else {

5302

assert!(stat.size >= PAGE_SIZE);

5303

}

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5304

assert!(stat.size >= stat.unused_size);

}

Ok(())

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5310

fn get_storage_stats_map(db: &mut KeystoreDB) -> BTreeMap<i32, StorageStats> {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5311

get_valid_statsd_storage_types()

5312

.into_iter()

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5313

.map(|t| (t.0, db.get_storage_stat(t).unwrap()))

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

.collect()

}

fn assert_storage_increased(

5318

db: &mut KeystoreDB,

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5319

increased_storage_types: Vec<MetricsStorage>,

5320

baseline: &mut BTreeMap<i32, StorageStats>,

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5321

) {

5322

for storage in increased_storage_types {

5323

// Verify the expected storage increased.

5324

let new = db.get_storage_stat(storage).unwrap();

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5325

let old = &baseline[&storage.0];

5326

assert!(new.size >= old.size, "{}: {} >= {}", storage.0, new.size, old.size);

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5327

assert!(

5328

new.unused_size <= old.unused_size,

5329

"{}: {} <= {}",

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5330

storage.0,

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

new.unused_size,

old.unused_size

);

// Update the baseline with the new value so that it succeeds in the

5336

// later comparison.

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5337

baseline.insert(storage.0, new);

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5338

}

5339

5340

// Get an updated map of the storage and verify there were no unexpected changes.

5341

let updated_stats = get_storage_stats_map(db);

5342

assert_eq!(updated_stats.len(), baseline.len());

5343

5344

for &k in baseline.keys() {

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5345

let stringify = |map: &BTreeMap<i32, StorageStats>| -> String {

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5346

let mut s = String::new();

5347

for &k in map.keys() {

5348

writeln!(&mut s, " {}: {}, {}", &k, map[&k].size, map[&k].unused_size)

5349

.expect("string concat failed");

}

s

};

assert!(

updated_stats[&k].size == baseline[&k].size

5356

&& updated_stats[&k].unused_size == baseline[&k].unused_size,

5357

"updated_stats:\n{}\nbaseline:\n{}",

5358

stringify(&updated_stats),

Chris Wailes

2021-07-27 16:04:33 -0700

[diff] [blame]

5359

stringify(baseline)

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

);

}

}

#[test]

fn test_verify_key_table_size_reporting() -> Result<()> {

5366

let mut db = new_test_db()?;

5367

let mut working_stats = get_storage_stats_map(&mut db);

5368

Janis Danisevskis

2021-05-25 11:07:10 -0700

[diff] [blame]

5369

let key_id = db.create_key_entry(&Domain::APP, &42, KeyType::Client, &KEYSTORE_UUID)?;

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5370

assert_storage_increased(

5371

&mut db,

5372

vec![

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5373

MetricsStorage::KEY_ENTRY,

5374

MetricsStorage::KEY_ENTRY_ID_INDEX,

5375

MetricsStorage::KEY_ENTRY_DOMAIN_NAMESPACE_INDEX,

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

],

&mut working_stats,

);

let mut blob_metadata = BlobMetaData::new();

5381

blob_metadata.add(BlobMetaEntry::EncryptedBy(EncryptedBy::Password));

5382

db.set_blob(&key_id, SubComponentType::KEY_BLOB, Some(TEST_KEY_BLOB), None)?;

5383

assert_storage_increased(

5384

&mut db,

5385

vec![

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5386

MetricsStorage::BLOB_ENTRY,

5387

MetricsStorage::BLOB_ENTRY_KEY_ENTRY_ID_INDEX,

5388

MetricsStorage::BLOB_METADATA,

5389

MetricsStorage::BLOB_METADATA_BLOB_ENTRY_ID_INDEX,

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

],

&mut working_stats,

);

let params = make_test_params(None);

5395

db.insert_keyparameter(&key_id, &params)?;

5396

assert_storage_increased(

5397

&mut db,

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5398

vec![MetricsStorage::KEY_PARAMETER, MetricsStorage::KEY_PARAMETER_KEY_ENTRY_ID_INDEX],

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

&mut working_stats,

);

let mut metadata = KeyMetaData::new();

5403

metadata.add(KeyMetaEntry::CreationDate(DateTime::from_millis_epoch(123456789)));

5404

db.insert_key_metadata(&key_id, &metadata)?;

5405

assert_storage_increased(

5406

&mut db,

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5407

vec![MetricsStorage::KEY_METADATA, MetricsStorage::KEY_METADATA_KEY_ENTRY_ID_INDEX],

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

&mut working_stats,

);

let mut sum = 0;

for stat in working_stats.values() {

5413

sum += stat.size;

5414

}

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5415

let total = db.get_storage_stat(MetricsStorage::DATABASE)?.size;

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5416

assert!(sum <= total, "Expected sum <= total. sum: {}, total: {}", sum, total);

Ok(())

}

#[test]

fn test_verify_auth_table_size_reporting() -> Result<()> {

5423

let mut db = new_test_db()?;

5424

let mut working_stats = get_storage_stats_map(&mut db);

5425

db.insert_auth_token(&HardwareAuthToken {

5426

challenge: 123,

5427

userId: 456,

5428

authenticatorId: 789,

5429

authenticatorType: kmhw_authenticator_type::ANY,

5430

timestamp: Timestamp { milliSeconds: 10 },

5431

mac: b"mac".to_vec(),

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

5432

});

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5433

assert_storage_increased(&mut db, vec![MetricsStorage::AUTH_TOKEN], &mut working_stats);

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

Ok(())

}

#[test]

fn test_verify_grant_table_size_reporting() -> Result<()> {

5439

const OWNER: i64 = 1;

5440

let mut db = new_test_db()?;

5441

make_test_key_entry(&mut db, Domain::APP, OWNER, TEST_ALIAS, None)?;

5442

5443

let mut working_stats = get_storage_stats_map(&mut db);

db.grant(

&KeyDescriptor {

domain: Domain::APP,

nspace: 0,

alias: Some(TEST_ALIAS.to_string()),

blob: None,

},

OWNER as u32,

123,

Janis Danisevskis

2021-10-19 16:56:20 -0700

[diff] [blame]

5453

key_perm_set![KeyPerm::Use],

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

|_, _| Ok(()),

)?;

Hasini Gunasinghe

2021-06-10 16:23:27 +0000

[diff] [blame]

5457

assert_storage_increased(&mut db, vec![MetricsStorage::GRANT], &mut working_stats);

Seth Moore

2021-04-09 21:38:30 +0000

[diff] [blame]

5458

5459

Ok(())

5460

}

Matthew Maurer

2021-05-06 21:58:45 -0700

[diff] [blame]

5461

5462

#[test]

5463

fn find_auth_token_entry_returns_latest() -> Result<()> {

5464

let mut db = new_test_db()?;

5465

db.insert_auth_token(&HardwareAuthToken {

5466

challenge: 123,

5467

userId: 456,

5468

authenticatorId: 789,

5469

authenticatorType: kmhw_authenticator_type::ANY,

5470

timestamp: Timestamp { milliSeconds: 10 },

5471

mac: b"mac0".to_vec(),

5472

});

5473

std::thread::sleep(std::time::Duration::from_millis(1));

5474

db.insert_auth_token(&HardwareAuthToken {

5475

challenge: 123,

5476

userId: 457,

5477

authenticatorId: 789,

5478

authenticatorType: kmhw_authenticator_type::ANY,

5479

timestamp: Timestamp { milliSeconds: 12 },

5480

mac: b"mac1".to_vec(),

5481

});

5482

std::thread::sleep(std::time::Duration::from_millis(1));

5483

db.insert_auth_token(&HardwareAuthToken {

5484

challenge: 123,

5485

userId: 458,

5486

authenticatorId: 789,

5487

authenticatorType: kmhw_authenticator_type::ANY,

5488

timestamp: Timestamp { milliSeconds: 3 },

5489

mac: b"mac2".to_vec(),

5490

});

5491

// All three entries are in the database

5492

assert_eq!(db.perboot.auth_tokens_len(), 3);

5493

// It selected the most recent timestamp

5494

assert_eq!(db.find_auth_token_entry(|_| true).unwrap().0.auth_token.mac, b"mac2".to_vec());

5495

Ok(())

5496

}

Seth Moore

472fcbb

2021-05-12 10:07:51 -0700

[diff] [blame]

5497

5498

#[test]

Pavel Grafov

f45034a

2021-05-12 22:35:45 +0100

[diff] [blame]

5499

fn test_load_key_descriptor() -> Result<()> {

5500

let mut db = new_test_db()?;

5501

let key_id = make_test_key_entry(&mut db, Domain::APP, 1, TEST_ALIAS, None)?.0;

5502

5503

let key = db.load_key_descriptor(key_id)?.unwrap();

5504

5505

assert_eq!(key.domain, Domain::APP);

5506

assert_eq!(key.nspace, 1);

5507

assert_eq!(key.alias, Some(TEST_ALIAS.to_string()));

5508

5509

// No such id

5510

assert_eq!(db.load_key_descriptor(key_id + 1)?, None);

5511

Ok(())

5512

}

Eran Messeri

2024-01-09 12:43:31 +0000

[diff] [blame]

5513

5514

#[test]

5515

fn test_get_list_app_uids_for_sid() -> Result<()> {

5516

let uid: i32 = 1;

5517

let uid_offset: i64 = (uid as i64) * (AID_USER_OFFSET as i64);

5518

let first_sid = 667;

5519

let second_sid = 669;

5520

let first_app_id: i64 = 123 + uid_offset;

5521

let second_app_id: i64 = 456 + uid_offset;

5522

let third_app_id: i64 = 789 + uid_offset;

5523

let unrelated_app_id: i64 = 1011 + uid_offset;

5524

let mut db = new_test_db()?;

5525

make_test_key_entry_with_sids(

&mut db,

Domain::APP,

first_app_id,

TEST_ALIAS,

None,

&[first_sid],

)

.context("test_get_list_app_uids_for_sid")?;

5534

make_test_key_entry_with_sids(

&mut db,

Domain::APP,

second_app_id,

"alias2",

None,

&[first_sid],

)

.context("test_get_list_app_uids_for_sid")?;

5543

make_test_key_entry_with_sids(

&mut db,

Domain::APP,

second_app_id,

TEST_ALIAS,

None,

&[second_sid],

)

.context("test_get_list_app_uids_for_sid")?;

5552

make_test_key_entry_with_sids(

&mut db,

Domain::APP,

third_app_id,

"alias3",

None,

&[second_sid],

)

.context("test_get_list_app_uids_for_sid")?;

5561

make_test_key_entry_with_sids(

&mut db,

Domain::APP,

unrelated_app_id,

TEST_ALIAS,

None,

&[],

)

.context("test_get_list_app_uids_for_sid")?;

5570

5571

let mut first_sid_apps = db.get_app_uids_affected_by_sid(uid, first_sid)?;

5572

first_sid_apps.sort();

5573

assert_eq!(first_sid_apps, vec![first_app_id, second_app_id]);

5574

let mut second_sid_apps = db.get_app_uids_affected_by_sid(uid, second_sid)?;

5575

second_sid_apps.sort();

5576

assert_eq!(second_sid_apps, vec![second_app_id, third_app_id]);

Ok(())

}

#[test]

fn test_get_list_app_uids_with_multiple_sids() -> Result<()> {

5582

let uid: i32 = 1;

5583

let uid_offset: i64 = (uid as i64) * (AID_USER_OFFSET as i64);

5584

let first_sid = 667;

5585

let second_sid = 669;

5586

let third_sid = 772;

5587

let first_app_id: i64 = 123 + uid_offset;

5588

let second_app_id: i64 = 456 + uid_offset;

5589

let mut db = new_test_db()?;

5590

make_test_key_entry_with_sids(

&mut db,

Domain::APP,

first_app_id,

TEST_ALIAS,

None,

&[first_sid, second_sid],

5597

)

5598

.context("test_get_list_app_uids_for_sid")?;

5599

make_test_key_entry_with_sids(

&mut db,

Domain::APP,

second_app_id,

"alias2",

None,

&[second_sid, third_sid],

5606

)

5607

.context("test_get_list_app_uids_for_sid")?;

5608

5609

let first_sid_apps = db.get_app_uids_affected_by_sid(uid, first_sid)?;

5610

assert_eq!(first_sid_apps, vec![first_app_id]);

5611

5612

let mut second_sid_apps = db.get_app_uids_affected_by_sid(uid, second_sid)?;

5613

second_sid_apps.sort();

5614

assert_eq!(second_sid_apps, vec![first_app_id, second_app_id]);

5615

5616

let third_sid_apps = db.get_app_uids_affected_by_sid(uid, third_sid)?;

5617

assert_eq!(third_sid_apps, vec![second_app_id]);

5618

Ok(())

5619

}

Joel Galenson