Home | History | Annotate | Download | only in keymaster 
      1 /*
      2  * Copyright 2015 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 
     17 #include <keymaster/ec_key_factory.h>
     18 
     19 #include <openssl/evp.h>
     20 
     21 #include <keymaster/keymaster_context.h>
     22 
     23 #include "ec_key.h"
     24 #include "ecdsa_operation.h"
     25 #include "openssl_err.h"
     26 
     27 namespace keymaster {
     28 
     29 static EcdsaSignOperationFactory sign_factory;
     30 static EcdsaVerifyOperationFactory verify_factory;
     31 
     32 OperationFactory* EcKeyFactory::GetOperationFactory(keymaster_purpose_t purpose) const {
     33     switch (purpose) {
     34     case KM_PURPOSE_SIGN:
     35         return &sign_factory;
     36     case KM_PURPOSE_VERIFY:
     37         return &verify_factory;
     38     default:
     39         return nullptr;
     40     }
     41 }
     42 
     43 /* static */
     44 keymaster_error_t EcKeyFactory::GetCurveAndSize(const AuthorizationSet& key_description,
     45                                                 keymaster_ec_curve_t* curve,
     46                                                 uint32_t* key_size_bits) {
     47     if (!key_description.GetTagValue(TAG_EC_CURVE, curve)) {
     48         // Curve not specified. Fall back to deducing curve from key size.
     49         if (!key_description.GetTagValue(TAG_KEY_SIZE, key_size_bits)) {
     50             LOG_E("%s", "No curve or key size specified for EC key generation");
     51             return KM_ERROR_UNSUPPORTED_KEY_SIZE;
     52         }
     53         keymaster_error_t error = EcKeySizeToCurve(*key_size_bits, curve);
     54         if (error != KM_ERROR_OK) {
     55             return KM_ERROR_UNSUPPORTED_KEY_SIZE;
     56         }
     57     } else {
     58         keymaster_error_t error = EcCurveToKeySize(*curve, key_size_bits);
     59         if (error != KM_ERROR_OK) {
     60             return error;
     61         }
     62         uint32_t tag_key_size_bits;
     63         if (key_description.GetTagValue(TAG_KEY_SIZE, &tag_key_size_bits) &&
     64             *key_size_bits != tag_key_size_bits) {
     65             LOG_E("Curve key size %d and specified key size %d don't match", key_size_bits,
     66                   tag_key_size_bits);
     67             return KM_ERROR_INVALID_ARGUMENT;
     68         }
     69     }
     70 
     71     return KM_ERROR_OK;
     72 }
     73 
     74 keymaster_error_t EcKeyFactory::GenerateKey(const AuthorizationSet& key_description,
     75                                             KeymasterKeyBlob* key_blob,
     76                                             AuthorizationSet* hw_enforced,
     77                                             AuthorizationSet* sw_enforced) const {
     78     if (!key_blob || !hw_enforced || !sw_enforced)
     79         return KM_ERROR_OUTPUT_PARAMETER_NULL;
     80 
     81     AuthorizationSet authorizations(key_description);
     82 
     83     keymaster_ec_curve_t ec_curve;
     84     uint32_t key_size;
     85     keymaster_error_t error = GetCurveAndSize(authorizations, &ec_curve, &key_size);
     86     if (error != KM_ERROR_OK) {
     87         return error;
     88     } else if (!authorizations.Contains(TAG_KEY_SIZE, key_size)) {
     89         authorizations.push_back(TAG_KEY_SIZE, key_size);
     90     } else if (!authorizations.Contains(TAG_EC_CURVE, ec_curve)) {
     91         authorizations.push_back(TAG_EC_CURVE, ec_curve);
     92     }
     93 
     94     UniquePtr<EC_KEY, EC_KEY_Delete> ec_key(EC_KEY_new());
     95     UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKEY_new());
     96     if (ec_key.get() == NULL || pkey.get() == NULL)
     97         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
     98 
     99     UniquePtr<EC_GROUP, EC_GROUP_Delete> group(ChooseGroup(ec_curve));
    100     if (group.get() == NULL) {
    101         LOG_E("Unable to get EC group for curve %d", ec_curve);
    102         return KM_ERROR_UNSUPPORTED_KEY_SIZE;
    103     }
    104 
    105 #if !defined(OPENSSL_IS_BORINGSSL)
    106     EC_GROUP_set_point_conversion_form(group.get(), POINT_CONVERSION_UNCOMPRESSED);
    107     EC_GROUP_set_asn1_flag(group.get(), OPENSSL_EC_NAMED_CURVE);
    108 #endif
    109 
    110     if (EC_KEY_set_group(ec_key.get(), group.get()) != 1 ||
    111         EC_KEY_generate_key(ec_key.get()) != 1 || EC_KEY_check_key(ec_key.get()) < 0) {
    112         return TranslateLastOpenSslError();
    113     }
    114 
    115     if (EVP_PKEY_set1_EC_KEY(pkey.get(), ec_key.get()) != 1)
    116         return TranslateLastOpenSslError();
    117 
    118     KeymasterKeyBlob key_material;
    119     error = EvpKeyToKeyMaterial(pkey.get(), &key_material);
    120     if (error != KM_ERROR_OK)
    121         return error;
    122 
    123     return context_->CreateKeyBlob(authorizations, KM_ORIGIN_GENERATED, key_material, key_blob,
    124                                    hw_enforced, sw_enforced);
    125 }
    126 
    127 keymaster_error_t EcKeyFactory::ImportKey(const AuthorizationSet& key_description,
    128                                           keymaster_key_format_t input_key_material_format,
    129                                           const KeymasterKeyBlob& input_key_material,
    130                                           KeymasterKeyBlob* output_key_blob,
    131                                           AuthorizationSet* hw_enforced,
    132                                           AuthorizationSet* sw_enforced) const {
    133     if (!output_key_blob || !hw_enforced || !sw_enforced)
    134         return KM_ERROR_OUTPUT_PARAMETER_NULL;
    135 
    136     AuthorizationSet authorizations;
    137     uint32_t key_size;
    138     keymaster_error_t error = UpdateImportKeyDescription(
    139         key_description, input_key_material_format, input_key_material, &authorizations, &key_size);
    140     if (error != KM_ERROR_OK)
    141         return error;
    142 
    143     return context_->CreateKeyBlob(authorizations, KM_ORIGIN_IMPORTED, input_key_material,
    144                                    output_key_blob, hw_enforced, sw_enforced);
    145 }
    146 
    147 keymaster_error_t EcKeyFactory::UpdateImportKeyDescription(const AuthorizationSet& key_description,
    148                                                            keymaster_key_format_t key_format,
    149                                                            const KeymasterKeyBlob& key_material,
    150                                                            AuthorizationSet* updated_description,
    151                                                            uint32_t* key_size_bits) const {
    152     if (!updated_description || !key_size_bits)
    153         return KM_ERROR_OUTPUT_PARAMETER_NULL;
    154 
    155     UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey;
    156     keymaster_error_t error =
    157         KeyMaterialToEvpKey(key_format, key_material, keymaster_key_type(), &pkey);
    158     if (error != KM_ERROR_OK)
    159         return error;
    160 
    161     UniquePtr<EC_KEY, EC_KEY_Delete> ec_key(EVP_PKEY_get1_EC_KEY(pkey.get()));
    162     if (!ec_key.get())
    163         return TranslateLastOpenSslError();
    164 
    165     updated_description->Reinitialize(key_description);
    166 
    167     size_t extracted_key_size_bits;
    168     error = ec_get_group_size(EC_KEY_get0_group(ec_key.get()), &extracted_key_size_bits);
    169     if (error != KM_ERROR_OK)
    170         return error;
    171 
    172     *key_size_bits = extracted_key_size_bits;
    173     if (!updated_description->GetTagValue(TAG_KEY_SIZE, key_size_bits)) {
    174         updated_description->push_back(TAG_KEY_SIZE, extracted_key_size_bits);
    175     } else if (*key_size_bits != extracted_key_size_bits) {
    176         return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
    177     }
    178 
    179     keymaster_ec_curve_t curve_from_size;
    180     error = EcKeySizeToCurve(*key_size_bits, &curve_from_size);
    181     if (error != KM_ERROR_OK)
    182         return error;
    183     keymaster_ec_curve_t curve;
    184     if (!updated_description->GetTagValue(TAG_EC_CURVE, &curve)) {
    185         updated_description->push_back(TAG_EC_CURVE, curve_from_size);
    186     } else if (curve_from_size != curve) {
    187         return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
    188     }
    189 
    190     keymaster_algorithm_t algorithm = KM_ALGORITHM_EC;
    191     if (!updated_description->GetTagValue(TAG_ALGORITHM, &algorithm)) {
    192         updated_description->push_back(TAG_ALGORITHM, KM_ALGORITHM_EC);
    193     } else if (algorithm != KM_ALGORITHM_EC) {
    194         return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
    195     }
    196 
    197     return KM_ERROR_OK;
    198 }
    199 
    200 /* static */
    201 EC_GROUP* EcKeyFactory::ChooseGroup(size_t key_size_bits) {
    202     switch (key_size_bits) {
    203     case 224:
    204         return EC_GROUP_new_by_curve_name(NID_secp224r1);
    205         break;
    206     case 256:
    207         return EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
    208         break;
    209     case 384:
    210         return EC_GROUP_new_by_curve_name(NID_secp384r1);
    211         break;
    212     case 521:
    213         return EC_GROUP_new_by_curve_name(NID_secp521r1);
    214         break;
    215     default:
    216         return NULL;
    217         break;
    218     }
    219 }
    220 
    221 /* static */
    222 EC_GROUP* EcKeyFactory::ChooseGroup(keymaster_ec_curve_t ec_curve) {
    223     switch (ec_curve) {
    224     case KM_EC_CURVE_P_224:
    225         return EC_GROUP_new_by_curve_name(NID_secp224r1);
    226         break;
    227     case KM_EC_CURVE_P_256:
    228         return EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
    229         break;
    230     case KM_EC_CURVE_P_384:
    231         return EC_GROUP_new_by_curve_name(NID_secp384r1);
    232         break;
    233     case KM_EC_CURVE_P_521:
    234         return EC_GROUP_new_by_curve_name(NID_secp521r1);
    235         break;
    236     default:
    237         return nullptr;
    238         break;
    239     }
    240 }
    241 
    242 keymaster_error_t EcKeyFactory::CreateEmptyKey(const AuthorizationSet& hw_enforced,
    243                                                const AuthorizationSet& sw_enforced,
    244                                                UniquePtr<AsymmetricKey>* key) const {
    245     keymaster_error_t error;
    246     key->reset(new (std::nothrow) EcKey(hw_enforced, sw_enforced, &error));
    247     if (!key->get())
    248         error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
    249     return error;
    250 }
    251 
    252 }  // namespace keymaster
    253