projects / GitHub / LineageOS / android_hardware_samsung_slsi_exynos5.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
import exynos 7570 bsp
[GitHub/LineageOS/android_hardware_samsung_slsi_exynos5.git] / libkeymaster / keymaster_mobicore.cpp
1 /*
2 * Copyright (C) 2012 Samsung Electronics Co., LTD
3 * Copyright (C) 2012 The Android Open Source Project
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17
18 #include <errno.h>
19 #include <string.h>
20 #include <stdint.h>
21
22 #include <hardware/hardware.h>
23 #include <hardware/keymaster0.h>
24
25 #include <openssl/evp.h>
26 #include <openssl/bio.h>
27 #include <openssl/rsa.h>
28 #include <openssl/err.h>
29 #include <openssl/x509.h>
30
31 #include <UniquePtr.h>
32
33 #define LOG_TAG "ExynosKeyMaster"
34 #include <cutils/log.h>
35
36 #include <tlcTeeKeymaster_if.h>
37
38 #define RSA_KEY_BUFFER_SIZE 1536
39 #define RSA_KEY_MAX_SIZE (2048 >> 3)
40
41 struct BIGNUM_Delete {
42 void operator()(BIGNUM* p) const {
43 BN_free(p);
44 }
45 };
46 typedef UniquePtr<BIGNUM, BIGNUM_Delete> Unique_BIGNUM;
47
48 struct EVP_PKEY_Delete {
49 void operator()(EVP_PKEY* p) const {
50 EVP_PKEY_free(p);
51 }
52 };
53 typedef UniquePtr<EVP_PKEY, EVP_PKEY_Delete> Unique_EVP_PKEY;
54
55 struct PKCS8_PRIV_KEY_INFO_Delete {
56 void operator()(PKCS8_PRIV_KEY_INFO* p) const {
57 PKCS8_PRIV_KEY_INFO_free(p);
58 }
59 };
60 typedef UniquePtr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_Delete> Unique_PKCS8_PRIV_KEY_INFO;
61
62 struct RSA_Delete {
63 void operator()(RSA* p) const {
64 RSA_free(p);
65 }
66 };
67 typedef UniquePtr<RSA, RSA_Delete> Unique_RSA;
68
69 typedef UniquePtr<keymaster0_device_t> Unique_keymaster0_device_t;
70
71 /**
72 * Many OpenSSL APIs take ownership of an argument on success but don't free the argument
73 * on failure. This means we need to tell our scoped pointers when we've transferred ownership,
74 * without triggering a warning by not using the result of release().
75 */
76 #define OWNERSHIP_TRANSFERRED(obj) \
77 typeof (obj.release()) _dummy __attribute__((unused)) = obj.release()
78
79 /*
80 * Checks this thread's error queue and logs if necessary.
81 */
82 static void logOpenSSLError(const char* location) {
83 int error = ERR_get_error();
84
85 if (error != 0) {
86 char message[256];
87 ERR_error_string_n(error, message, sizeof(message));
88 ALOGE("OpenSSL error in %s %d: %s", location, error, message);
89 }
90
91 ERR_clear_error();
92 ERR_remove_state(0);
93 }
94
95 static int exynos_km_generate_keypair(const keymaster0_device_t*,
96 const keymaster_keypair_t key_type, const void* key_params,
97 uint8_t** keyBlob, size_t* keyBlobLength) {
98 teeResult_t ret = TEE_ERR_NONE;
99
100 if (key_type != TYPE_RSA) {
101 ALOGE("Unsupported key type %d", key_type);
102 return -1;
103 } else if (key_params == NULL) {
104 ALOGE("key_params == null");
105 return -1;
106 }
107
108 keymaster_rsa_keygen_params_t* rsa_params = (keymaster_rsa_keygen_params_t*) key_params;
109
110 if ((rsa_params->modulus_size != 512) &&
111 (rsa_params->modulus_size != 1024) &&
112 (rsa_params->modulus_size != 2048)) {
113 ALOGE("key size(%d) is not supported\n", rsa_params->modulus_size);
114 return -1;
115 }
116
117 UniquePtr<uint8_t> keyDataPtr(reinterpret_cast<uint8_t*>(malloc(RSA_KEY_BUFFER_SIZE)));
118 if (keyDataPtr.get() == NULL) {
119 ALOGE("memory allocation is failed");
120 return -1;
121 }
122
123 ret = TEE_RSAGenerateKeyPair(TEE_KEYPAIR_RSACRT, keyDataPtr.get(), RSA_KEY_BUFFER_SIZE,
124 rsa_params->modulus_size, (uint32_t)rsa_params->public_exponent,
125 (uint32_t *)keyBlobLength);
126 if (ret != TEE_ERR_NONE) {
127 ALOGE("TEE_RSAGenerateKeyPair() is failed: %d", ret);
128 return -1;
129 }
130
131 *keyBlob = keyDataPtr.release();
132
133 return 0;
134 }
135
136 static int exynos_km_import_keypair(const keymaster0_device_t*,
137 const uint8_t* key, const size_t key_length,
138 uint8_t** key_blob, size_t* key_blob_length) {
139 uint8_t kbuf[RSA_KEY_BUFFER_SIZE];
140 teeRsaKeyMeta_t metadata;
141 uint32_t key_len = 0;
142 BIGNUM *tmp = NULL;
143 BN_CTX *ctx = NULL;
144 teeResult_t ret = TEE_ERR_NONE;
145
146 if (key == NULL) {
147 ALOGE("input key == NULL");
148 return -1;
149 } else if (key_blob == NULL || key_blob_length == NULL) {
150 ALOGE("output key blob or length == NULL");
151 return -1;
152 }
153
154 /* decoding */
155 Unique_PKCS8_PRIV_KEY_INFO pkcs8(d2i_PKCS8_PRIV_KEY_INFO(NULL, &key, key_length));
156 if (pkcs8.get() == NULL) {
157 logOpenSSLError("pkcs4.get");
158 return -1;
159 }
160
161 /* assign to EVP */
162 Unique_EVP_PKEY pkey(EVP_PKCS82PKEY(pkcs8.get()));
163 if (pkey.get() == NULL) {
164 logOpenSSLError("pkey.get");
165 return -1;
166 }
167 OWNERSHIP_TRANSFERRED(pkcs8);
168
169 /* change key format */
170 Unique_RSA rsa(EVP_PKEY_get1_RSA(pkey.get()));
171 if (rsa.get() == NULL) {
172 logOpenSSLError("get rsa key format");
173 return -1;
174 }
175
176 if (BN_cmp(rsa->p, rsa->q) < 0) {
177 /* p <-> q */
178 tmp = rsa->p;
179 rsa->p = rsa->q;
180 rsa->q = tmp;
181 /* dp <-> dq */
182 tmp = rsa->dmp1;
183 rsa->dmp1 = rsa->dmq1;
184 rsa->dmq1 = tmp;
185 /* calulate inverse of q mod p */
186 ctx = BN_CTX_new();
187 if (!BN_mod_inverse(rsa->iqmp, rsa->q, rsa->p, ctx)) {
188 ALOGE("Calculating inverse of q mod p is failed\n");
189 BN_CTX_free(ctx);
190 return -1;
191 }
192 BN_CTX_free(ctx);
193 }
194
195 key_len += sizeof(metadata);
196
197 metadata.lenpubmod = BN_bn2bin(rsa->n, kbuf + key_len);
198 key_len += metadata.lenpubmod;
199 if (metadata.lenpubmod == (512 >> 3))
200 metadata.keysize = TEE_RSA_KEY_SIZE_512;
201 else if (metadata.lenpubmod == (1024 >> 3))
202 metadata.keysize = TEE_RSA_KEY_SIZE_1024;
203 else if (metadata.lenpubmod == (2048 >> 3))
204 metadata.keysize = TEE_RSA_KEY_SIZE_2048;
205 else {
206 ALOGE("key size(%d) is not supported\n", metadata.lenpubmod << 3);
207 return -1;
208 }
209
210 metadata.lenpubexp = BN_bn2bin(rsa->e, kbuf + key_len);
211 key_len += metadata.lenpubexp;
212
213 if ((rsa->p != NULL) && (rsa->q != NULL) && (rsa->dmp1 != NULL) &&
214 (rsa->dmq1 != NULL) && (rsa->iqmp != NULL))
215 {
216 metadata.keytype = TEE_KEYPAIR_RSACRT;
217 metadata.rsacrtpriv.lenp = BN_bn2bin(rsa->p, kbuf + key_len);
218 key_len += metadata.rsacrtpriv.lenp;
219 metadata.rsacrtpriv.lenq = BN_bn2bin(rsa->q, kbuf + key_len);
220 key_len += metadata.rsacrtpriv.lenq;
221 metadata.rsacrtpriv.lendp = BN_bn2bin(rsa->dmp1, kbuf + key_len);
222 key_len += metadata.rsacrtpriv.lendp;
223 metadata.rsacrtpriv.lendq = BN_bn2bin(rsa->dmq1, kbuf + key_len);
224 key_len += metadata.rsacrtpriv.lendq;
225 metadata.rsacrtpriv.lenqinv = BN_bn2bin(rsa->iqmp, kbuf + key_len);
226 key_len += metadata.rsacrtpriv.lenqinv;
227 } else {
228 metadata.keytype = TEE_KEYPAIR_RSA;
229 metadata.rsapriv.lenpriexp = BN_bn2bin(rsa->d, kbuf + key_len);
230 key_len += metadata.rsapriv.lenpriexp;
231 }
232
233 metadata.rfu = 0;
234 metadata.rfulen = 0;
235
236 memcpy(kbuf, &metadata, sizeof(metadata));
237
238 UniquePtr<uint8_t> outPtr(reinterpret_cast<uint8_t*>(malloc(RSA_KEY_BUFFER_SIZE)));
239 if (outPtr.get() == NULL) {
240 ALOGE("memory allocation is failed");
241 return -1;
242 }
243
244 *key_blob_length = RSA_KEY_BUFFER_SIZE;
245
246 ret = TEE_KeyImport(kbuf, key_len, outPtr.get(), (uint32_t *)key_blob_length);
247 if (ret != TEE_ERR_NONE) {
248 ALOGE("TEE_KeyImport() is failed: %d", ret);
249 return -1;
250 }
251
252 *key_blob = outPtr.release();
253
254 return 0;
255 }
256
257 static int exynos_km_get_keypair_public(const struct keymaster0_device*,
258 const uint8_t* key_blob, const size_t key_blob_length,
259 uint8_t** x509_data, size_t* x509_data_length) {
260 uint32_t bin_mod_len;
261 uint32_t bin_exp_len;
262 teeResult_t ret = TEE_ERR_NONE;
263
264 if (x509_data == NULL || x509_data_length == NULL) {
265 ALOGE("output public key buffer == NULL");
266 return -1;
267 }
268
269 UniquePtr<uint8_t> binModPtr(reinterpret_cast<uint8_t*>(malloc(RSA_KEY_MAX_SIZE)));
270 if (binModPtr.get() == NULL) {
271 ALOGE("memory allocation is failed");
272 return -1;
273 }
274
275 UniquePtr<uint8_t> binExpPtr(reinterpret_cast<uint8_t*>(malloc(sizeof(uint32_t))));
276 if (binExpPtr.get() == NULL) {
277 ALOGE("memory allocation is failed");
278 return -1;
279 }
280
281 bin_mod_len = RSA_KEY_MAX_SIZE;
282 bin_exp_len = sizeof(uint32_t);
283
284 ret = TEE_GetPubKey(key_blob, key_blob_length, binModPtr.get(), &bin_mod_len, binExpPtr.get(),
285 &bin_exp_len);
286 if (ret != TEE_ERR_NONE) {
287 ALOGE("TEE_GetPubKey() is failed: %d", ret);
288 return -1;
289 }
290
291 Unique_BIGNUM bn_mod(BN_new());
292 if (bn_mod.get() == NULL) {
293 ALOGE("memory allocation is failed");
294 return -1;
295 }
296
297 Unique_BIGNUM bn_exp(BN_new());
298 if (bn_exp.get() == NULL) {
299 ALOGE("memory allocation is failed");
300 return -1;
301 }
302
303 BN_bin2bn(binModPtr.get(), bin_mod_len, bn_mod.get());
304 BN_bin2bn(binExpPtr.get(), bin_exp_len, bn_exp.get());
305
306 /* assign to RSA */
307 Unique_RSA rsa(RSA_new());
308 if (rsa.get() == NULL) {
309 logOpenSSLError("rsa.get");
310 return -1;
311 }
312
313 RSA* rsa_tmp = rsa.get();
314
315 rsa_tmp->n = bn_mod.release();
316 rsa_tmp->e = bn_exp.release();
317
318 /* assign to EVP */
319 Unique_EVP_PKEY pkey(EVP_PKEY_new());
320 if (pkey.get() == NULL) {
321 logOpenSSLError("allocate EVP_PKEY");
322 return -1;
323 }
324
325 if (EVP_PKEY_assign_RSA(pkey.get(), rsa.get()) == 0) {
326 logOpenSSLError("assing RSA to EVP_PKEY");
327 return -1;
328 }
329 OWNERSHIP_TRANSFERRED(rsa);
330
331 /* change to x.509 format */
332 int len = i2d_PUBKEY(pkey.get(), NULL);
333 if (len <= 0) {
334 logOpenSSLError("i2d_PUBKEY");
335 return -1;
336 }
337
338 UniquePtr<uint8_t> key(static_cast<uint8_t*>(malloc(len)));
339 if (key.get() == NULL) {
340 ALOGE("Could not allocate memory for public key data");
341 return -1;
342 }
343
344 unsigned char* tmp = reinterpret_cast<unsigned char*>(key.get());
345 if (i2d_PUBKEY(pkey.get(), &tmp) != len) {
346 logOpenSSLError("Compare results");
347 return -1;
348 }
349
350 *x509_data_length = len;
351 *x509_data = key.release();
352
353 return 0;
354 }
355
356 static int exynos_km_sign_data(const keymaster0_device_t*,
357 const void* params,
358 const uint8_t* keyBlob, const size_t keyBlobLength,
359 const uint8_t* data, const size_t dataLength,
360 uint8_t** signedData, size_t* signedDataLength) {
361 teeResult_t ret = TEE_ERR_NONE;
362
363 if (data == NULL) {
364 ALOGE("input data to sign == NULL");
365 return -1;
366 } else if (signedData == NULL || signedDataLength == NULL) {
367 ALOGE("output signature buffer == NULL");
368 return -1;
369 }
370
371 keymaster_rsa_sign_params_t* sign_params = (keymaster_rsa_sign_params_t*) params;
372 if (sign_params->digest_type != DIGEST_NONE) {
373 ALOGE("Cannot handle digest type %d", sign_params->digest_type);
374 return -1;
375 } else if (sign_params->padding_type != PADDING_NONE) {
376 ALOGE("Cannot handle padding type %d", sign_params->padding_type);
377 return -1;
378 }
379
380 UniquePtr<uint8_t> signedDataPtr(reinterpret_cast<uint8_t*>(malloc(RSA_KEY_MAX_SIZE)));
381 if (signedDataPtr.get() == NULL) {
382 ALOGE("memory allocation is failed");
383 return -1;
384 }
385
386 *signedDataLength = RSA_KEY_MAX_SIZE;
387
388 /* binder gives us read-only mappings we can't use with mobicore */
389 void *tmpData = malloc(dataLength);
390 memcpy(tmpData, data, dataLength);
391 ret = TEE_RSASign(keyBlob, keyBlobLength, (const uint8_t *)tmpData, dataLength, signedDataPtr.get(),
392 (uint32_t *)signedDataLength, TEE_RSA_NODIGEST_NOPADDING);
393 free(tmpData);
394 if (ret != TEE_ERR_NONE) {
395 ALOGE("TEE_RSASign() is failed: %d", ret);
396 return -1;
397 }
398
399 *signedData = signedDataPtr.release();
400
401 return 0;
402 }
403
404 static int exynos_km_verify_data(const keymaster0_device_t*,
405 const void* params,
406 const uint8_t* keyBlob, const size_t keyBlobLength,
407 const uint8_t* signedData, const size_t signedDataLength,
408 const uint8_t* signature, const size_t signatureLength) {
409 bool result;
410 teeResult_t ret = TEE_ERR_NONE;
411
412 if (signedData == NULL || signature == NULL) {
413 ALOGE("data or signature buffers == NULL");
414 return -1;
415 }
416
417 keymaster_rsa_sign_params_t* sign_params = (keymaster_rsa_sign_params_t*) params;
418 if (sign_params->digest_type != DIGEST_NONE) {
419 ALOGE("Cannot handle digest type %d", sign_params->digest_type);
420 return -1;
421 } else if (sign_params->padding_type != PADDING_NONE) {
422 ALOGE("Cannot handle padding type %d", sign_params->padding_type);
423 return -1;
424 } else if (signatureLength != signedDataLength) {
425 ALOGE("signed data length must be signature length");
426 return -1;
427 }
428
429 void *tmpSignedData = malloc(signedDataLength);
430 memcpy(tmpSignedData, signedData, signedDataLength);
431 void *tmpSig = malloc(signatureLength);
432 memcpy(tmpSig, signature, signatureLength);
433 ret = TEE_RSAVerify(keyBlob, keyBlobLength, (const uint8_t*)tmpSignedData, signedDataLength, (const uint8_t *)tmpSig,
434 signatureLength, TEE_RSA_NODIGEST_NOPADDING, &result);
435 free(tmpSignedData);
436 free(tmpSig);
437 if (ret != TEE_ERR_NONE) {
438 ALOGE("TEE_RSAVerify() is failed: %d", ret);
439 return -1;
440 }
441
442 return (result == true) ? 0 : -1;
443 }
444
445 /* Close an opened Exynos KM instance */
446 static int exynos_km_close(hw_device_t *dev) {
447 free(dev);
448 return 0;
449 }
450
451 /*
452 * Generic device handling
453 */
454 static int exynos_km_open(const hw_module_t* module, const char* name,
455 hw_device_t** device) {
456 if (strcmp(name, KEYSTORE_KEYMASTER) != 0)
457 return -EINVAL;
458
459 Unique_keymaster0_device_t dev(new keymaster0_device_t);
460 if (dev.get() == NULL)
461 return -ENOMEM;
462
463 dev->common.tag = HARDWARE_DEVICE_TAG;
464 dev->common.version = 1;
465 dev->common.module = (struct hw_module_t*) module;
466 dev->common.close = exynos_km_close;
467
468 dev->flags = 0;
469
470 dev->generate_keypair = exynos_km_generate_keypair;
471 dev->import_keypair = exynos_km_import_keypair;
472 dev->get_keypair_public = exynos_km_get_keypair_public;
473 dev->delete_keypair = NULL;
474 dev->delete_all = NULL;
475 dev->sign_data = exynos_km_sign_data;
476 dev->verify_data = exynos_km_verify_data;
477
478 ERR_load_crypto_strings();
479 ERR_load_BIO_strings();
480
481 *device = reinterpret_cast<hw_device_t*>(dev.release());
482
483 return 0;
484 }
485
486 static struct hw_module_methods_t keystore_module_methods = {
487 open: exynos_km_open,
488 };
489
490 struct keystore_module HAL_MODULE_INFO_SYM
491 __attribute__ ((visibility ("default"))) = {
492 common: {
493 tag: HARDWARE_MODULE_TAG,
494 version_major: 1,
495 version_minor: 0,
496 id: KEYSTORE_HARDWARE_MODULE_ID,
497 name: "Keymaster Exynos HAL",
498 author: "Samsung S.LSI",
499 methods: &keystore_module_methods,
500 dso: 0,
501 reserved: {},
502 },
503 };