Home | History | Annotate | Download | only in keymaster 
      1 /*
      2  * Copyright 2015 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 
     17 #include <keymaster/rsa_key_factory.h>
     18 
     19 #include <new>
     20 
     21 #include <keymaster/keymaster_context.h>
     22 
     23 #include "openssl_err.h"
     24 #include "openssl_utils.h"
     25 #include "rsa_key.h"
     26 #include "rsa_operation.h"
     27 
     28 namespace keymaster {
     29 
     30 const int kMaximumRsaKeySize = 4096;  // OpenSSL fails above 4096.
     31 const int kMinimumRsaKeySize = 16;    // OpenSSL goes into an infinite loop if key size < 10
     32 const int kMinimumRsaExponent = 3;
     33 
     34 static RsaSigningOperationFactory sign_factory;
     35 static RsaVerificationOperationFactory verify_factory;
     36 static RsaEncryptionOperationFactory encrypt_factory;
     37 static RsaDecryptionOperationFactory decrypt_factory;
     38 
     39 OperationFactory* RsaKeyFactory::GetOperationFactory(keymaster_purpose_t purpose) const {
     40     switch (purpose) {
     41     case KM_PURPOSE_SIGN:
     42         return &sign_factory;
     43     case KM_PURPOSE_VERIFY:
     44         return &verify_factory;
     45     case KM_PURPOSE_ENCRYPT:
     46         return &encrypt_factory;
     47     case KM_PURPOSE_DECRYPT:
     48         return &decrypt_factory;
     49     default:
     50         return nullptr;
     51     }
     52 }
     53 
     54 keymaster_error_t RsaKeyFactory::GenerateKey(const AuthorizationSet& key_description,
     55                                              KeymasterKeyBlob* key_blob,
     56                                              AuthorizationSet* hw_enforced,
     57                                              AuthorizationSet* sw_enforced) const {
     58     if (!key_blob || !hw_enforced || !sw_enforced)
     59         return KM_ERROR_OUTPUT_PARAMETER_NULL;
     60 
     61     const AuthorizationSet& authorizations(key_description);
     62 
     63     uint64_t public_exponent;
     64     if (!authorizations.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &public_exponent)) {
     65         LOG_E("No public exponent specified for RSA key generation", 0);
     66         return KM_ERROR_INVALID_ARGUMENT;
     67     }
     68     if (public_exponent < kMinimumRsaExponent || public_exponent % 2 != 1) {
     69         LOG_E("Invalid public exponent specified for RSA key generation", 0);
     70         return KM_ERROR_INVALID_ARGUMENT;
     71     }
     72 
     73     uint32_t key_size;
     74     if (!authorizations.GetTagValue(TAG_KEY_SIZE, &key_size)) {
     75         LOG_E("No key size specified for RSA key generation", 0);
     76         return KM_ERROR_UNSUPPORTED_KEY_SIZE;
     77     }
     78     if (key_size % 8 != 0 || key_size > kMaximumRsaKeySize || key_size < kMinimumRsaKeySize) {
     79         LOG_E("Invalid key size of %u bits specified for RSA key generation", key_size);
     80         return KM_ERROR_UNSUPPORTED_KEY_SIZE;
     81     }
     82 
     83     UniquePtr<BIGNUM, BIGNUM_Delete> exponent(BN_new());
     84     UniquePtr<RSA, RsaKey::RSA_Delete> rsa_key(RSA_new());
     85     UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKEY_new());
     86     if (exponent.get() == NULL || rsa_key.get() == NULL || pkey.get() == NULL)
     87         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
     88 
     89     if (!BN_set_word(exponent.get(), public_exponent) ||
     90         !RSA_generate_key_ex(rsa_key.get(), key_size, exponent.get(), NULL /* callback */))
     91         return TranslateLastOpenSslError();
     92 
     93     if (EVP_PKEY_set1_RSA(pkey.get(), rsa_key.get()) != 1)
     94         return TranslateLastOpenSslError();
     95 
     96     KeymasterKeyBlob key_material;
     97     keymaster_error_t error = EvpKeyToKeyMaterial(pkey.get(), &key_material);
     98     if (error != KM_ERROR_OK)
     99         return error;
    100 
    101     return context_->CreateKeyBlob(authorizations, KM_ORIGIN_GENERATED, key_material, key_blob,
    102                                    hw_enforced, sw_enforced);
    103 }
    104 
    105 keymaster_error_t RsaKeyFactory::ImportKey(const AuthorizationSet& key_description,
    106                                            keymaster_key_format_t input_key_material_format,
    107                                            const KeymasterKeyBlob& input_key_material,
    108                                            KeymasterKeyBlob* output_key_blob,
    109                                            AuthorizationSet* hw_enforced,
    110                                            AuthorizationSet* sw_enforced) const {
    111     if (!output_key_blob || !hw_enforced || !sw_enforced)
    112         return KM_ERROR_OUTPUT_PARAMETER_NULL;
    113 
    114     AuthorizationSet authorizations;
    115     uint64_t public_exponent;
    116     uint32_t key_size;
    117     keymaster_error_t error =
    118         UpdateImportKeyDescription(key_description, input_key_material_format, input_key_material,
    119                                    &authorizations, &public_exponent, &key_size);
    120     if (error != KM_ERROR_OK)
    121         return error;
    122     return context_->CreateKeyBlob(authorizations, KM_ORIGIN_IMPORTED, input_key_material,
    123                                    output_key_blob, hw_enforced, sw_enforced);
    124 }
    125 
    126 keymaster_error_t RsaKeyFactory::UpdateImportKeyDescription(const AuthorizationSet& key_description,
    127                                                             keymaster_key_format_t key_format,
    128                                                             const KeymasterKeyBlob& key_material,
    129                                                             AuthorizationSet* updated_description,
    130                                                             uint64_t* public_exponent,
    131                                                             uint32_t* key_size) const {
    132     if (!updated_description || !public_exponent || !key_size)
    133         return KM_ERROR_OUTPUT_PARAMETER_NULL;
    134 
    135     UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey;
    136     keymaster_error_t error =
    137         KeyMaterialToEvpKey(key_format, key_material, keymaster_key_type(), &pkey);
    138     if (error != KM_ERROR_OK)
    139         return error;
    140 
    141     UniquePtr<RSA, RsaKey::RSA_Delete> rsa_key(EVP_PKEY_get1_RSA(pkey.get()));
    142     if (!rsa_key.get())
    143         return TranslateLastOpenSslError();
    144 
    145     updated_description->Reinitialize(key_description);
    146 
    147     *public_exponent = BN_get_word(rsa_key->e);
    148     if (*public_exponent == 0xffffffffL)
    149         return KM_ERROR_INVALID_KEY_BLOB;
    150     if (!updated_description->GetTagValue(TAG_RSA_PUBLIC_EXPONENT, public_exponent))
    151         updated_description->push_back(TAG_RSA_PUBLIC_EXPONENT, *public_exponent);
    152     if (*public_exponent != BN_get_word(rsa_key->e)) {
    153         LOG_E("Imported public exponent (%u) does not match specified public exponent (%u)",
    154               *public_exponent, BN_get_word(rsa_key->e));
    155         return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
    156     }
    157 
    158     *key_size = RSA_size(rsa_key.get()) * 8;
    159     if (!updated_description->GetTagValue(TAG_KEY_SIZE, key_size))
    160         updated_description->push_back(TAG_KEY_SIZE, *key_size);
    161     if (RSA_size(rsa_key.get()) * 8 != *key_size) {
    162         LOG_E("Imported key size (%u bits) does not match specified key size (%u bits)",
    163               RSA_size(rsa_key.get()) * 8, *key_size);
    164         return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
    165     }
    166 
    167     keymaster_algorithm_t algorithm = KM_ALGORITHM_RSA;
    168     if (!updated_description->GetTagValue(TAG_ALGORITHM, &algorithm))
    169         updated_description->push_back(TAG_ALGORITHM, KM_ALGORITHM_RSA);
    170     if (algorithm != KM_ALGORITHM_RSA)
    171         return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
    172 
    173     return KM_ERROR_OK;
    174 }
    175 
    176 keymaster_error_t RsaKeyFactory::CreateEmptyKey(const AuthorizationSet& hw_enforced,
    177                                                 const AuthorizationSet& sw_enforced,
    178                                                 UniquePtr<AsymmetricKey>* key) const {
    179     keymaster_error_t error;
    180     key->reset(new (std::nothrow) RsaKey(hw_enforced, sw_enforced, &error));
    181     if (!key->get())
    182         error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
    183     return error;
    184 }
    185 
    186 }  // namespace keymaster
    187