summaryrefslogtreecommitdiffstats
path: root/trusty
diff options
context:
space:
mode:
authorAndres Morales2015-09-08 19:56:07 -0500
committerMichael Ryleev2016-05-02 17:12:01 -0500
commit95989dbb0fbad1b1a49c8878645551828b4ceb6a (patch)
tree031c9c3c9a472ac358d6d56e3a3b087e5ef88b6f /trusty
parent1571f47f3c523be0cefc9dc341069085ad4deedd (diff)
downloadplatform-system-core-95989dbb0fbad1b1a49c8878645551828b4ceb6a.tar.gz
platform-system-core-95989dbb0fbad1b1a49c8878645551828b4ceb6a.tar.xz
platform-system-core-95989dbb0fbad1b1a49c8878645551828b4ceb6a.zip
trusty: add keymaster module
Change-Id: Id240b1b33e07d4cb3ea9d188014701e3d2b3c477
Diffstat (limited to 'trusty')
-rw-r--r--trusty/keymaster/Android.mk67
-rw-r--r--trusty/keymaster/Makefile199
-rw-r--r--trusty/keymaster/keymaster_ipc.h57
-rw-r--r--trusty/keymaster/module.cpp60
-rw-r--r--trusty/keymaster/trusty_keymaster_device.cpp536
-rw-r--r--trusty/keymaster/trusty_keymaster_device.h124
-rw-r--r--trusty/keymaster/trusty_keymaster_device_test.cpp562
-rw-r--r--trusty/keymaster/trusty_keymaster_ipc.c94
-rw-r--r--trusty/keymaster/trusty_keymaster_ipc.h24
-rw-r--r--trusty/keymaster/trusty_keymaster_main.cpp368
10 files changed, 2091 insertions, 0 deletions
diff --git a/trusty/keymaster/Android.mk b/trusty/keymaster/Android.mk
new file mode 100644
index 000000000..0ebf52d8a
--- /dev/null
+++ b/trusty/keymaster/Android.mk
@@ -0,0 +1,67 @@
1#
2# Copyright (C) 2015 The Android Open-Source Project
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16
17# WARNING: Everything listed here will be built on ALL platforms,
18# including x86, the emulator, and the SDK. Modules must be uniquely
19# named (liblights.panda), and must build everywhere, or limit themselves
20# to only building on ARM if they include assembly. Individual makefiles
21# are responsible for having their own logic, for fine-grained control.
22
23LOCAL_PATH:= $(call my-dir)
24
25include $(CLEAR_VARS)
26
27###
28# trusty_keymaster is a binary used only for on-device testing. It
29# runs Trusty Keymaster through a basic set of operations with RSA
30# and ECDSA keys.
31###
32LOCAL_MODULE := trusty_keymaster_tipc
33LOCAL_SRC_FILES := \
34 trusty_keymaster_device.cpp \
35 trusty_keymaster_ipc.c \
36 trusty_keymaster_main.cpp
37LOCAL_SHARED_LIBRARIES := \
38 libcrypto \
39 libcutils \
40 libkeymaster1 \
41 libtrusty \
42 libkeymaster_messages \
43 liblog
44
45include $(BUILD_EXECUTABLE)
46
47###
48# keystore.trusty is the HAL used by keystore on Trusty devices.
49##
50
51include $(CLEAR_VARS)
52
53LOCAL_MODULE := keystore.trusty
54LOCAL_MODULE_RELATIVE_PATH := hw
55LOCAL_SRC_FILES := module.cpp \
56 trusty_keymaster_ipc.c \
57 trusty_keymaster_device.cpp
58LOCAL_CLFAGS = -fvisibility=hidden -Wall -Werror
59LOCAL_SHARED_LIBRARIES := \
60 libcrypto \
61 libkeymaster_messages \
62 libtrusty \
63 liblog \
64 libcutils
65LOCAL_MODULE_TAGS := optional
66
67include $(BUILD_SHARED_LIBRARY)
diff --git a/trusty/keymaster/Makefile b/trusty/keymaster/Makefile
new file mode 100644
index 000000000..f57538189
--- /dev/null
+++ b/trusty/keymaster/Makefile
@@ -0,0 +1,199 @@
1#####
2# Local unit test Makefile
3#
4# This makefile builds and runs the trusty_keymaster unit tests locally on the development
5# machine, not on an Android device.
6#
7# To build and run these tests, one pre-requisite must be manually installed: BoringSSL.
8# This Makefile expects to find BoringSSL in a directory adjacent to $ANDROID_BUILD_TOP.
9# To get and build it, first install the Ninja build tool (e.g. apt-get install
10# ninja-build), then do:
11#
12# cd $ANDROID_BUILD_TOP/..
13# git clone https://boringssl.googlesource.com/boringssl
14# cd boringssl
15# mdkir build
16# cd build
17# cmake -GNinja ..
18# ninja
19#
20# Then return to $ANDROID_BUILD_TOP/system/keymaster and run "make".
21#####
22
23BASE=../../../..
24SUBS=system/core \
25 system/keymaster \
26 hardware/libhardware \
27 external/gtest
28GTEST=$(BASE)/external/gtest
29KM=$(BASE)/system/keymaster
30
31INCLUDES=$(foreach dir,$(SUBS),-I $(BASE)/$(dir)/include) \
32 -I $(BASE)/libnativehelper/include/nativehelper \
33 -I ../tipc/include \
34 -I $(BASE)/system/keymaster \
35 -I $(GTEST) \
36 -I$(BASE)/../boringssl/include
37
38ifdef USE_CLANG
39CC=/usr/bin/clang
40CXX=/usr/bin/clang
41CLANG_TEST_DEFINE=-DKEYMASTER_CLANG_TEST_BUILD
42COMPILER_SPECIFIC_ARGS=-std=c++11 $(CLANG_TEST_DEFINE)
43else
44COMPILER_SPECIFIC_ARGS=-std=c++0x -fprofile-arcs
45endif
46
47CPPFLAGS=$(INCLUDES) -g -O0 -MD
48CXXFLAGS=-Wall -Werror -Wno-unused -Winit-self -Wpointer-arith -Wunused-parameter \
49 -Wmissing-declarations -ftest-coverage \
50 -Wno-deprecated-declarations -fno-exceptions -DKEYMASTER_NAME_TAGS \
51 $(COMPILER_SPECIFIC_ARGS)
52LDLIBS=-L$(BASE)/../boringssl/build/crypto -lcrypto -lpthread -lstdc++
53
54CPPSRCS=\
55 $(KM)/aead_mode_operation.cpp \
56 $(KM)/aes_key.cpp \
57 $(KM)/aes_operation.cpp \
58 $(KM)/android_keymaster.cpp \
59 $(KM)/android_keymaster_messages.cpp \
60 $(KM)/android_keymaster_messages_test.cpp \
61 $(KM)/android_keymaster_test.cpp \
62 $(KM)/android_keymaster_test_utils.cpp \
63 $(KM)/android_keymaster_utils.cpp \
64 $(KM)/asymmetric_key.cpp \
65 $(KM)/auth_encrypted_key_blob.cpp \
66 $(KM)/auth_encrypted_key_blob.cpp \
67 $(KM)/authorization_set.cpp \
68 $(KM)/authorization_set_test.cpp \
69 $(KM)/ec_key.cpp \
70 $(KM)/ec_keymaster0_key.cpp \
71 $(KM)/ecdsa_operation.cpp \
72 $(KM)/hmac_key.cpp \
73 $(KM)/hmac_operation.cpp \
74 $(KM)/integrity_assured_key_blob.cpp \
75 $(KM)/key.cpp \
76 $(KM)/key_blob_test.cpp \
77 $(KM)/keymaster0_engine.cpp \
78 $(KM)/logger.cpp \
79 $(KM)/ocb_utils.cpp \
80 $(KM)/openssl_err.cpp \
81 $(KM)/openssl_utils.cpp \
82 $(KM)/operation.cpp \
83 $(KM)/operation_table.cpp \
84 $(KM)/rsa_key.cpp \
85 $(KM)/rsa_keymaster0_key.cpp \
86 $(KM)/rsa_operation.cpp \
87 $(KM)/serializable.cpp \
88 $(KM)/soft_keymaster_context.cpp \
89 $(KM)/symmetric_key.cpp \
90 $(KM)/unencrypted_key_blob.cpp \
91 trusty_keymaster_device.cpp \
92 trusty_keymaster_device_test.cpp
93CCSRCS=$(GTEST)/src/gtest-all.cc
94CSRCS=ocb.c
95
96OBJS=$(CPPSRCS:.cpp=.o) $(CCSRCS:.cc=.o) $(CSRCS:.c=.o)
97DEPS=$(CPPSRCS:.cpp=.d) $(CCSRCS:.cc=.d) $(CSRCS:.c=.d)
98GCDA=$(CPPSRCS:.cpp=.gcda) $(CCSRCS:.cc=.gcda) $(CSRCS:.c=.gcda)
99GCNO=$(CPPSRCS:.cpp=.gcno) $(CCSRCS:.cc=.gcno) $(CSRCS:.c=.gcno)
100
101LINK.o=$(LINK.cc)
102
103BINARIES=trusty_keymaster_device_test
104
105ifdef TRUSTY
106BINARIES += trusty_keymaster_device_test
107endif # TRUSTY
108
109.PHONY: coverage memcheck massif clean run
110
111%.run: %
112 ./$<
113 touch $@
114
115run: $(BINARIES:=.run)
116
117coverage: coverage.info
118 genhtml coverage.info --output-directory coverage
119
120coverage.info: run
121 lcov --capture --directory=. --output-file coverage.info
122
123%.coverage : %
124 $(MAKE) clean && $(MAKE) $<
125 ./$<
126 lcov --capture --directory=. --output-file coverage.info
127 genhtml coverage.info --output-directory coverage
128
129#UNINIT_OPTS=--track-origins=yes
130UNINIT_OPTS=--undef-value-errors=no
131
132MEMCHECK_OPTS=--leak-check=full \
133 --show-reachable=yes \
134 --vgdb=full \
135 $(UNINIT_OPTS) \
136 --error-exitcode=1
137
138MASSIF_OPTS=--tool=massif \
139 --stacks=yes
140
141%.memcheck : %
142 valgrind $(MEMCHECK_OPTS) ./$< && \
143 touch $@
144
145%.massif : %
146 valgrind $(MASSIF_OPTS) --massif-out-file=$@ ./$<
147
148memcheck: $(BINARIES:=.memcheck)
149
150massif: $(BINARIES:=.massif)
151
152trusty_keymaster_device_test: trusty_keymaster_device_test.o \
153 trusty_keymaster_device.o \
154 $(KM)/aead_mode_operation.o \
155 $(KM)/aes_key.o \
156 $(KM)/aes_operation.o \
157 $(KM)/android_keymaster.o \
158 $(KM)/android_keymaster_messages.o \
159 $(KM)/android_keymaster_test_utils.o \
160 $(KM)/android_keymaster_utils.o \
161 $(KM)/asymmetric_key.o \
162 $(KM)/auth_encrypted_key_blob.o \
163 $(KM)/auth_encrypted_key_blob.o \
164 $(KM)/authorization_set.o \
165 $(KM)/ec_key.o \
166 $(KM)/ec_keymaster0_key.cpp \
167 $(KM)/ecdsa_operation.o \
168 $(KM)/hmac_key.o \
169 $(KM)/hmac_operation.o \
170 $(KM)/integrity_assured_key_blob.o \
171 $(KM)/key.o \
172 $(KM)/keymaster0_engine.o \
173 $(KM)/logger.o \
174 $(KM)/ocb.o \
175 $(KM)/ocb_utils.o \
176 $(KM)/openssl_err.o \
177 $(KM)/openssl_utils.o \
178 $(KM)/operation.o \
179 $(KM)/operation_table.o \
180 $(KM)/rsa_key.o \
181 $(KM)/rsa_keymaster0_key.o \
182 $(KM)/rsa_operation.o \
183 $(KM)/serializable.o \
184 $(KM)/soft_keymaster_context.o \
185 $(KM)/symmetric_key.o \
186 $(GTEST)/src/gtest-all.o
187
188$(GTEST)/src/gtest-all.o: CXXFLAGS:=$(subst -Wmissing-declarations,,$(CXXFLAGS))
189ocb.o: CFLAGS=$(CLANG_TEST_DEFINE)
190
191clean:
192 rm -f $(OBJS) $(DEPS) $(GCDA) $(GCNO) $(BINARIES) \
193 $(BINARIES:=.run) $(BINARIES:=.memcheck) $(BINARIES:=.massif) \
194 coverage.info
195 rm -rf coverage
196
197-include $(CPPSRCS:.cpp=.d)
198-include $(CCSRCS:.cc=.d)
199
diff --git a/trusty/keymaster/keymaster_ipc.h b/trusty/keymaster/keymaster_ipc.h
new file mode 100644
index 000000000..48fa53d15
--- /dev/null
+++ b/trusty/keymaster/keymaster_ipc.h
@@ -0,0 +1,57 @@
1/*
2 * Copyright (C) 2012 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#pragma once
18
19#define KEYMASTER_PORT "com.android.trusty.keymaster"
20#define KEYMASTER_MAX_BUFFER_LENGTH 4096
21
22// Commands
23enum keymaster_command {
24 KEYMASTER_RESP_BIT = 1,
25 KEYMASTER_REQ_SHIFT = 1,
26
27 KM_GENERATE_KEY = (0 << KEYMASTER_REQ_SHIFT),
28 KM_BEGIN_OPERATION = (1 << KEYMASTER_REQ_SHIFT),
29 KM_UPDATE_OPERATION = (2 << KEYMASTER_REQ_SHIFT),
30 KM_FINISH_OPERATION = (3 << KEYMASTER_REQ_SHIFT),
31 KM_ABORT_OPERATION = (4 << KEYMASTER_REQ_SHIFT),
32 KM_IMPORT_KEY = (5 << KEYMASTER_REQ_SHIFT),
33 KM_EXPORT_KEY = (6 << KEYMASTER_REQ_SHIFT),
34 KM_GET_VERSION = (7 << KEYMASTER_REQ_SHIFT),
35 KM_ADD_RNG_ENTROPY = (8 << KEYMASTER_REQ_SHIFT),
36 KM_GET_SUPPORTED_ALGORITHMS = (9 << KEYMASTER_REQ_SHIFT),
37 KM_GET_SUPPORTED_BLOCK_MODES = (10 << KEYMASTER_REQ_SHIFT),
38 KM_GET_SUPPORTED_PADDING_MODES = (11 << KEYMASTER_REQ_SHIFT),
39 KM_GET_SUPPORTED_DIGESTS = (12 << KEYMASTER_REQ_SHIFT),
40 KM_GET_SUPPORTED_IMPORT_FORMATS = (13 << KEYMASTER_REQ_SHIFT),
41 KM_GET_SUPPORTED_EXPORT_FORMATS = (14 << KEYMASTER_REQ_SHIFT),
42 KM_GET_KEY_CHARACTERISTICS = (15 << KEYMASTER_REQ_SHIFT),
43};
44
45#ifdef __ANDROID__
46
47/**
48 * keymaster_message - Serial header for communicating with KM server
49 * @cmd: the command, one of keymaster_command.
50 * @payload: start of the serialized command specific payload
51 */
52struct keymaster_message {
53 uint32_t cmd;
54 uint8_t payload[0];
55};
56
57#endif
diff --git a/trusty/keymaster/module.cpp b/trusty/keymaster/module.cpp
new file mode 100644
index 000000000..81597d9b0
--- /dev/null
+++ b/trusty/keymaster/module.cpp
@@ -0,0 +1,60 @@
1/*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16#include <errno.h>
17#include <string.h>
18
19#include <hardware/hardware.h>
20#include <hardware/keymaster0.h>
21
22#include "trusty_keymaster_device.h"
23
24using keymaster::TrustyKeymasterDevice;
25
26/*
27 * Generic device handling
28 */
29static int trusty_keymaster_open(const hw_module_t* module, const char* name,
30 hw_device_t** device) {
31 if (strcmp(name, KEYSTORE_KEYMASTER) != 0)
32 return -EINVAL;
33
34 TrustyKeymasterDevice* dev = new TrustyKeymasterDevice(module);
35 if (dev == NULL)
36 return -ENOMEM;
37 *device = dev->hw_device();
38 // Do not delete dev; it will get cleaned up when the caller calls device->close(), and must
39 // exist until then.
40 return 0;
41}
42
43static struct hw_module_methods_t keystore_module_methods = {
44 .open = trusty_keymaster_open,
45};
46
47struct keystore_module HAL_MODULE_INFO_SYM __attribute__((visibility("default"))) = {
48 .common =
49 {
50 .tag = HARDWARE_MODULE_TAG,
51 .module_api_version = KEYMASTER_MODULE_API_VERSION_0_3,
52 .hal_api_version = HARDWARE_HAL_API_VERSION,
53 .id = KEYSTORE_HARDWARE_MODULE_ID,
54 .name = "Trusty Keymaster HAL",
55 .author = "The Android Open Source Project",
56 .methods = &keystore_module_methods,
57 .dso = 0,
58 .reserved = {},
59 },
60};
diff --git a/trusty/keymaster/trusty_keymaster_device.cpp b/trusty/keymaster/trusty_keymaster_device.cpp
new file mode 100644
index 000000000..069b4fedb
--- /dev/null
+++ b/trusty/keymaster/trusty_keymaster_device.cpp
@@ -0,0 +1,536 @@
1/*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include "trusty_keymaster_device.h"
18
19#include <assert.h>
20#include <stdio.h>
21#include <stdlib.h>
22#include <string.h>
23#include <time.h>
24#include <stddef.h>
25
26#include <type_traits>
27
28#include <openssl/evp.h>
29#include <openssl/x509.h>
30
31#define LOG_TAG "TrustyKeymaster"
32#include <cutils/log.h>
33#include <hardware/keymaster0.h>
34
35#include <keymaster/authorization_set.h>
36
37#include "trusty_keymaster_ipc.h"
38#include "keymaster_ipc.h"
39
40const uint32_t SEND_BUF_SIZE = 8192;
41const uint32_t RECV_BUF_SIZE = 8192;
42
43namespace keymaster {
44
45static keymaster_error_t translate_error(int err) {
46 switch (err) {
47 case 0:
48 return KM_ERROR_OK;
49 case -EPERM:
50 case -EACCES:
51 return KM_ERROR_SECURE_HW_ACCESS_DENIED;
52
53 case -ECANCELED:
54 return KM_ERROR_OPERATION_CANCELLED;
55
56 case -ENODEV:
57 return KM_ERROR_UNIMPLEMENTED;
58
59 case -ENOMEM:
60 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
61
62 case -EBUSY:
63 return KM_ERROR_SECURE_HW_BUSY;
64
65 case -EIO:
66 return KM_ERROR_SECURE_HW_COMMUNICATION_FAILED;
67
68 case -EOVERFLOW:
69 return KM_ERROR_INVALID_INPUT_LENGTH;
70
71 default:
72 return KM_ERROR_UNKNOWN_ERROR;
73 }
74}
75
76TrustyKeymasterDevice::TrustyKeymasterDevice(const hw_module_t* module) {
77 static_assert(std::is_standard_layout<TrustyKeymasterDevice>::value,
78 "TrustyKeymasterDevice must be standard layout");
79 static_assert(offsetof(TrustyKeymasterDevice, device_) == 0,
80 "device_ must be the first member of KeymasterOpenSsl");
81 static_assert(offsetof(TrustyKeymasterDevice, device_.common) == 0,
82 "common must be the first member of keymaster_device");
83
84 ALOGI("Creating device");
85 ALOGD("Device address: %p", this);
86
87 memset(&device_, 0, sizeof(device_));
88
89 device_.common.tag = HARDWARE_DEVICE_TAG;
90 device_.common.version = 1;
91 device_.common.module = const_cast<hw_module_t*>(module);
92 device_.common.close = close_device;
93
94 device_.flags = KEYMASTER_BLOBS_ARE_STANDALONE | KEYMASTER_SUPPORTS_EC;
95
96 device_.generate_keypair = generate_keypair;
97 device_.import_keypair = import_keypair;
98 device_.get_keypair_public = get_keypair_public;
99 device_.delete_keypair = NULL;
100 device_.delete_all = NULL;
101 device_.sign_data = sign_data;
102 device_.verify_data = verify_data;
103
104 device_.context = NULL;
105
106 int rc = trusty_keymaster_connect();
107 error_ = translate_error(rc);
108 if (rc < 0) {
109 ALOGE("failed to connect to keymaster (%d)", rc);
110 return;
111 }
112
113 GetVersionRequest version_request;
114 GetVersionResponse version_response;
115 error_ = Send(version_request, &version_response);
116 if (error_ == KM_ERROR_INVALID_ARGUMENT || error_ == KM_ERROR_UNIMPLEMENTED) {
117 ALOGI("\"Bad parameters\" error on GetVersion call. Assuming version 0.");
118 message_version_ = 0;
119 error_ = KM_ERROR_OK;
120 }
121 message_version_ = MessageVersion(version_response.major_ver, version_response.minor_ver,
122 version_response.subminor_ver);
123 if (message_version_ < 0) {
124 // Can't translate version? Keymaster implementation must be newer.
125 ALOGE("Keymaster version %d.%d.%d not supported.", version_response.major_ver,
126 version_response.minor_ver, version_response.subminor_ver);
127 error_ = KM_ERROR_VERSION_MISMATCH;
128 }
129}
130
131TrustyKeymasterDevice::~TrustyKeymasterDevice() {
132 trusty_keymaster_disconnect();
133}
134
135const uint64_t HUNDRED_YEARS = 1000LL * 60 * 60 * 24 * 365 * 100;
136
137int TrustyKeymasterDevice::generate_keypair(const keymaster_keypair_t key_type,
138 const void* key_params, uint8_t** key_blob,
139 size_t* key_blob_length) {
140 ALOGD("Device received generate_keypair");
141
142 if (error_ != KM_ERROR_OK)
143 return error_;
144
145 GenerateKeyRequest req(message_version_);
146 StoreNewKeyParams(&req.key_description);
147
148 switch (key_type) {
149 case TYPE_RSA: {
150 req.key_description.push_back(TAG_ALGORITHM, KM_ALGORITHM_RSA);
151 const keymaster_rsa_keygen_params_t* rsa_params =
152 static_cast<const keymaster_rsa_keygen_params_t*>(key_params);
153 ALOGD("Generating RSA pair, modulus size: %u, public exponent: %lu",
154 rsa_params->modulus_size, rsa_params->public_exponent);
155 req.key_description.push_back(TAG_KEY_SIZE, rsa_params->modulus_size);
156 req.key_description.push_back(TAG_RSA_PUBLIC_EXPONENT, rsa_params->public_exponent);
157 break;
158 }
159
160 case TYPE_EC: {
161 req.key_description.push_back(TAG_ALGORITHM, KM_ALGORITHM_EC);
162 const keymaster_ec_keygen_params_t* ec_params =
163 static_cast<const keymaster_ec_keygen_params_t*>(key_params);
164 ALOGD("Generating ECDSA pair, key size: %u", ec_params->field_size);
165 req.key_description.push_back(TAG_KEY_SIZE, ec_params->field_size);
166 break;
167 }
168 default:
169 ALOGD("Received request for unsuported key type %d", key_type);
170 return KM_ERROR_UNSUPPORTED_ALGORITHM;
171 }
172
173 GenerateKeyResponse rsp(message_version_);
174 ALOGD("Sending generate request");
175 keymaster_error_t err = Send(req, &rsp);
176 if (err != KM_ERROR_OK) {
177 ALOGE("Got error %d from send", err);
178 return err;
179 }
180
181 *key_blob_length = rsp.key_blob.key_material_size;
182 *key_blob = static_cast<uint8_t*>(malloc(*key_blob_length));
183 memcpy(*key_blob, rsp.key_blob.key_material, *key_blob_length);
184 ALOGD("Returning %d bytes in key blob\n", (int)*key_blob_length);
185
186 return KM_ERROR_OK;
187}
188
189struct EVP_PKEY_Delete {
190 void operator()(EVP_PKEY* p) const { EVP_PKEY_free(p); }
191};
192
193struct PKCS8_PRIV_KEY_INFO_Delete {
194 void operator()(PKCS8_PRIV_KEY_INFO* p) const { PKCS8_PRIV_KEY_INFO_free(p); }
195};
196
197int TrustyKeymasterDevice::import_keypair(const uint8_t* key, const size_t key_length,
198 uint8_t** key_blob, size_t* key_blob_length) {
199 ALOGD("Device received import_keypair");
200 if (error_ != KM_ERROR_OK)
201 return error_;
202
203 if (!key)
204 return KM_ERROR_UNEXPECTED_NULL_POINTER;
205
206 if (!key_blob || !key_blob_length)
207 return KM_ERROR_OUTPUT_PARAMETER_NULL;
208
209 ImportKeyRequest request(message_version_);
210 StoreNewKeyParams(&request.key_description);
211 keymaster_algorithm_t algorithm;
212 keymaster_error_t err = GetPkcs8KeyAlgorithm(key, key_length, &algorithm);
213 if (err != KM_ERROR_OK)
214 return err;
215 request.key_description.push_back(TAG_ALGORITHM, algorithm);
216
217 request.SetKeyMaterial(key, key_length);
218 request.key_format = KM_KEY_FORMAT_PKCS8;
219 ImportKeyResponse response(message_version_);
220 err = Send(request, &response);
221 if (err != KM_ERROR_OK)
222 return err;
223
224 *key_blob_length = response.key_blob.key_material_size;
225 *key_blob = static_cast<uint8_t*>(malloc(*key_blob_length));
226 memcpy(*key_blob, response.key_blob.key_material, *key_blob_length);
227 printf("Returning %d bytes in key blob\n", (int)*key_blob_length);
228
229 return KM_ERROR_OK;
230}
231
232keymaster_error_t TrustyKeymasterDevice::GetPkcs8KeyAlgorithm(const uint8_t* key, size_t key_length,
233 keymaster_algorithm_t* algorithm) {
234 if (key == NULL) {
235 ALOGE("No key specified for import");
236 return KM_ERROR_UNEXPECTED_NULL_POINTER;
237 }
238
239 UniquePtr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_Delete> pkcs8(
240 d2i_PKCS8_PRIV_KEY_INFO(NULL, &key, key_length));
241 if (pkcs8.get() == NULL) {
242 ALOGE("Could not parse PKCS8 key blob");
243 return KM_ERROR_INVALID_KEY_BLOB;
244 }
245
246 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKCS82PKEY(pkcs8.get()));
247 if (pkey.get() == NULL) {
248 ALOGE("Could not extract key from PKCS8 key blob");
249 return KM_ERROR_INVALID_KEY_BLOB;
250 }
251
252 switch (EVP_PKEY_type(pkey->type)) {
253 case EVP_PKEY_RSA:
254 *algorithm = KM_ALGORITHM_RSA;
255 break;
256 case EVP_PKEY_EC:
257 *algorithm = KM_ALGORITHM_EC;
258 break;
259 default:
260 ALOGE("Unsupported algorithm %d", EVP_PKEY_type(pkey->type));
261 return KM_ERROR_UNSUPPORTED_ALGORITHM;
262 }
263
264 return KM_ERROR_OK;
265}
266
267int TrustyKeymasterDevice::get_keypair_public(const uint8_t* key_blob, const size_t key_blob_length,
268 uint8_t** x509_data, size_t* x509_data_length) {
269 ALOGD("Device received get_keypair_public");
270 if (error_ != KM_ERROR_OK)
271 return error_;
272
273 ExportKeyRequest request(message_version_);
274 request.SetKeyMaterial(key_blob, key_blob_length);
275 request.key_format = KM_KEY_FORMAT_X509;
276 ExportKeyResponse response(message_version_);
277 keymaster_error_t err = Send(request, &response);
278 if (err != KM_ERROR_OK)
279 return err;
280
281 *x509_data_length = response.key_data_length;
282 *x509_data = static_cast<uint8_t*>(malloc(*x509_data_length));
283 memcpy(*x509_data, response.key_data, *x509_data_length);
284 printf("Returning %d bytes in x509 key\n", (int)*x509_data_length);
285
286 return KM_ERROR_OK;
287}
288
289int TrustyKeymasterDevice::sign_data(const void* signing_params, const uint8_t* key_blob,
290 const size_t key_blob_length, const uint8_t* data,
291 const size_t data_length, uint8_t** signed_data,
292 size_t* signed_data_length) {
293 ALOGD("Device received sign_data, %d", error_);
294 if (error_ != KM_ERROR_OK)
295 return error_;
296
297 BeginOperationRequest begin_request(message_version_);
298 begin_request.purpose = KM_PURPOSE_SIGN;
299 begin_request.SetKeyMaterial(key_blob, key_blob_length);
300 keymaster_error_t err = StoreSigningParams(signing_params, key_blob, key_blob_length,
301 &begin_request.additional_params);
302 if (err != KM_ERROR_OK) {
303 ALOGE("Error extracting signing params: %d", err);
304 return err;
305 }
306
307 BeginOperationResponse begin_response(message_version_);
308 ALOGD("Sending signing request begin");
309 err = Send(begin_request, &begin_response);
310 if (err != KM_ERROR_OK) {
311 ALOGE("Error sending sign begin: %d", err);
312 return err;
313 }
314
315 UpdateOperationRequest update_request(message_version_);
316 update_request.op_handle = begin_response.op_handle;
317 update_request.input.Reinitialize(data, data_length);
318 UpdateOperationResponse update_response(message_version_);
319 ALOGD("Sending signing request update");
320 err = Send(update_request, &update_response);
321 if (err != KM_ERROR_OK) {
322 ALOGE("Error sending sign update: %d", err);
323 return err;
324 }
325
326 FinishOperationRequest finish_request(message_version_);
327 finish_request.op_handle = begin_response.op_handle;
328 FinishOperationResponse finish_response(message_version_);
329 ALOGD("Sending signing request finish");
330 err = Send(finish_request, &finish_response);
331 if (err != KM_ERROR_OK) {
332 ALOGE("Error sending sign finish: %d", err);
333 return err;
334 }
335
336 *signed_data_length = finish_response.output.available_read();
337 *signed_data = static_cast<uint8_t*>(malloc(*signed_data_length));
338 if (!finish_response.output.read(*signed_data, *signed_data_length)) {
339 ALOGE("Error reading response data: %d", err);
340 return KM_ERROR_UNKNOWN_ERROR;
341 }
342 return KM_ERROR_OK;
343}
344
345int TrustyKeymasterDevice::verify_data(const void* signing_params, const uint8_t* key_blob,
346 const size_t key_blob_length, const uint8_t* signed_data,
347 const size_t signed_data_length, const uint8_t* signature,
348 const size_t signature_length) {
349 ALOGD("Device received verify_data");
350 if (error_ != KM_ERROR_OK)
351 return error_;
352
353 BeginOperationRequest begin_request(message_version_);
354 begin_request.purpose = KM_PURPOSE_VERIFY;
355 begin_request.SetKeyMaterial(key_blob, key_blob_length);
356 keymaster_error_t err = StoreSigningParams(signing_params, key_blob, key_blob_length,
357 &begin_request.additional_params);
358 if (err != KM_ERROR_OK)
359 return err;
360
361 BeginOperationResponse begin_response(message_version_);
362 err = Send(begin_request, &begin_response);
363 if (err != KM_ERROR_OK)
364 return err;
365
366 UpdateOperationRequest update_request(message_version_);
367 update_request.op_handle = begin_response.op_handle;
368 update_request.input.Reinitialize(signed_data, signed_data_length);
369 UpdateOperationResponse update_response(message_version_);
370 err = Send(update_request, &update_response);
371 if (err != KM_ERROR_OK)
372 return err;
373
374 FinishOperationRequest finish_request(message_version_);
375 finish_request.op_handle = begin_response.op_handle;
376 finish_request.signature.Reinitialize(signature, signature_length);
377 FinishOperationResponse finish_response(message_version_);
378 err = Send(finish_request, &finish_response);
379 if (err != KM_ERROR_OK)
380 return err;
381 return KM_ERROR_OK;
382}
383
384hw_device_t* TrustyKeymasterDevice::hw_device() {
385 return &device_.common;
386}
387
388static inline TrustyKeymasterDevice* convert_device(const keymaster0_device_t* dev) {
389 return reinterpret_cast<TrustyKeymasterDevice*>(const_cast<keymaster0_device_t*>(dev));
390}
391
392/* static */
393int TrustyKeymasterDevice::close_device(hw_device_t* dev) {
394 delete reinterpret_cast<TrustyKeymasterDevice*>(dev);
395 return 0;
396}
397
398/* static */
399int TrustyKeymasterDevice::generate_keypair(const keymaster0_device_t* dev,
400 const keymaster_keypair_t key_type,
401 const void* key_params, uint8_t** keyBlob,
402 size_t* keyBlobLength) {
403 ALOGD("Generate keypair, sending to device: %p", convert_device(dev));
404 return convert_device(dev)->generate_keypair(key_type, key_params, keyBlob, keyBlobLength);
405}
406
407/* static */
408int TrustyKeymasterDevice::import_keypair(const keymaster0_device_t* dev, const uint8_t* key,
409 const size_t key_length, uint8_t** key_blob,
410 size_t* key_blob_length) {
411 return convert_device(dev)->import_keypair(key, key_length, key_blob, key_blob_length);
412}
413
414/* static */
415int TrustyKeymasterDevice::get_keypair_public(const keymaster0_device_t* dev,
416 const uint8_t* key_blob, const size_t key_blob_length,
417 uint8_t** x509_data, size_t* x509_data_length) {
418 return convert_device(dev)
419 ->get_keypair_public(key_blob, key_blob_length, x509_data, x509_data_length);
420}
421
422/* static */
423int TrustyKeymasterDevice::sign_data(const keymaster0_device_t* dev, const void* params,
424 const uint8_t* keyBlob, const size_t keyBlobLength,
425 const uint8_t* data, const size_t dataLength,
426 uint8_t** signedData, size_t* signedDataLength) {
427 return convert_device(dev)
428 ->sign_data(params, keyBlob, keyBlobLength, data, dataLength, signedData, signedDataLength);
429}
430
431/* static */
432int TrustyKeymasterDevice::verify_data(const keymaster0_device_t* dev, const void* params,
433 const uint8_t* keyBlob, const size_t keyBlobLength,
434 const uint8_t* signedData, const size_t signedDataLength,
435 const uint8_t* signature, const size_t signatureLength) {
436 return convert_device(dev)->verify_data(params, keyBlob, keyBlobLength, signedData,
437 signedDataLength, signature, signatureLength);
438}
439
440keymaster_error_t TrustyKeymasterDevice::Send(uint32_t command, const Serializable& req,
441 KeymasterResponse* rsp) {
442 uint32_t req_size = req.SerializedSize();
443 if (req_size > SEND_BUF_SIZE)
444 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
445 uint8_t send_buf[SEND_BUF_SIZE];
446 Eraser send_buf_eraser(send_buf, SEND_BUF_SIZE);
447 req.Serialize(send_buf, send_buf + req_size);
448
449 // Send it
450 uint8_t recv_buf[RECV_BUF_SIZE];
451 Eraser recv_buf_eraser(recv_buf, RECV_BUF_SIZE);
452 uint32_t rsp_size = RECV_BUF_SIZE;
453 printf("Sending %d byte request\n", (int)req.SerializedSize());
454 int rc = trusty_keymaster_call(command, send_buf, req_size, recv_buf, &rsp_size);
455 if (rc < 0) {
456 ALOGE("tipc error: %d\n", rc);
457 // TODO(swillden): Distinguish permanent from transient errors and set error_ appropriately.
458 return translate_error(rc);
459 } else {
460 ALOGV("Received %d byte response\n", rsp_size);
461 }
462
463 const keymaster_message* msg = (keymaster_message *) recv_buf;
464 const uint8_t *p = msg->payload;
465 if (!rsp->Deserialize(&p, p + rsp_size)) {
466 ALOGE("Error deserializing response of size %d\n", (int)rsp_size);
467 return KM_ERROR_UNKNOWN_ERROR;
468 } else if (rsp->error != KM_ERROR_OK) {
469 ALOGE("Response of size %d contained error code %d\n", (int)rsp_size, (int)rsp->error);
470 return rsp->error;
471 }
472 return rsp->error;
473}
474
475keymaster_error_t TrustyKeymasterDevice::StoreSigningParams(const void* signing_params,
476 const uint8_t* key_blob,
477 size_t key_blob_length,
478 AuthorizationSet* auth_set) {
479 uint8_t* pub_key_data;
480 size_t pub_key_data_length;
481 int err = get_keypair_public(&device_, key_blob, key_blob_length, &pub_key_data,
482 &pub_key_data_length);
483 if (err < 0) {
484 ALOGE("Error %d extracting public key to determine algorithm", err);
485 return KM_ERROR_INVALID_KEY_BLOB;
486 }
487 UniquePtr<uint8_t, Malloc_Delete> pub_key(pub_key_data);
488
489 const uint8_t* p = pub_key_data;
490 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(
491 d2i_PUBKEY(nullptr /* allocate new struct */, &p, pub_key_data_length));
492
493 switch (EVP_PKEY_type(pkey->type)) {
494 case EVP_PKEY_RSA: {
495 const keymaster_rsa_sign_params_t* rsa_params =
496 reinterpret_cast<const keymaster_rsa_sign_params_t*>(signing_params);
497 if (rsa_params->digest_type != DIGEST_NONE)
498 return KM_ERROR_UNSUPPORTED_DIGEST;
499 if (rsa_params->padding_type != PADDING_NONE)
500 return KM_ERROR_UNSUPPORTED_PADDING_MODE;
501 if (!auth_set->push_back(TAG_DIGEST, KM_DIGEST_NONE) ||
502 !auth_set->push_back(TAG_PADDING, KM_PAD_NONE))
503 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
504 } break;
505 case EVP_PKEY_EC: {
506 const keymaster_ec_sign_params_t* ecdsa_params =
507 reinterpret_cast<const keymaster_ec_sign_params_t*>(signing_params);
508 if (ecdsa_params->digest_type != DIGEST_NONE)
509 return KM_ERROR_UNSUPPORTED_DIGEST;
510 if (!auth_set->push_back(TAG_DIGEST, KM_DIGEST_NONE))
511 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
512 } break;
513 default:
514 return KM_ERROR_UNSUPPORTED_ALGORITHM;
515 }
516 return KM_ERROR_OK;
517}
518
519void TrustyKeymasterDevice::StoreNewKeyParams(AuthorizationSet* auth_set) {
520 auth_set->push_back(TAG_PURPOSE, KM_PURPOSE_SIGN);
521 auth_set->push_back(TAG_PURPOSE, KM_PURPOSE_VERIFY);
522 auth_set->push_back(TAG_ALL_USERS);
523 auth_set->push_back(TAG_NO_AUTH_REQUIRED);
524 uint64_t now = java_time(time(NULL));
525 auth_set->push_back(TAG_CREATION_DATETIME, now);
526 auth_set->push_back(TAG_ORIGINATION_EXPIRE_DATETIME, now + HUNDRED_YEARS);
527 if (message_version_ == 0) {
528 auth_set->push_back(TAG_DIGEST_OLD, KM_DIGEST_NONE);
529 auth_set->push_back(TAG_PADDING_OLD, KM_PAD_NONE);
530 } else {
531 auth_set->push_back(TAG_DIGEST, KM_DIGEST_NONE);
532 auth_set->push_back(TAG_PADDING, KM_PAD_NONE);
533 }
534}
535
536} // namespace keymaster
diff --git a/trusty/keymaster/trusty_keymaster_device.h b/trusty/keymaster/trusty_keymaster_device.h
new file mode 100644
index 000000000..cb74386b9
--- /dev/null
+++ b/trusty/keymaster/trusty_keymaster_device.h
@@ -0,0 +1,124 @@
1/*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#ifndef EXTERNAL_KEYMASTER_TRUSTY_KEYMASTER_DEVICE_H_
18#define EXTERNAL_KEYMASTER_TRUSTY_KEYMASTER_DEVICE_H_
19
20#include <hardware/keymaster0.h>
21
22#include <keymaster/android_keymaster_messages.h>
23
24#include "keymaster_ipc.h"
25
26namespace keymaster {
27
28/**
29 * Software OpenSSL-based Keymaster device.
30 *
31 * IMPORTANT MAINTAINER NOTE: Pointers to instances of this class must be castable to hw_device_t
32 * and keymaster_device. This means it must remain a standard layout class (no virtual functions and
33 * no data members which aren't standard layout), and device_ must be the first data member.
34 * Assertions in the constructor validate compliance with those constraints.
35 */
36class TrustyKeymasterDevice {
37 public:
38 /*
39 * These are the only symbols that will be exported by libtrustykeymaster. All functionality
40 * can be reached via the function pointers in device_.
41 */
42 __attribute__((visibility("default"))) TrustyKeymasterDevice(const hw_module_t* module);
43 __attribute__((visibility("default"))) hw_device_t* hw_device();
44
45 ~TrustyKeymasterDevice();
46
47 keymaster_error_t session_error() { return error_; }
48
49 int generate_keypair(const keymaster_keypair_t key_type, const void* key_params,
50 uint8_t** key_blob, size_t* key_blob_length);
51 int import_keypair(const uint8_t* key, const size_t key_length, uint8_t** key_blob,
52 size_t* key_blob_length);
53 int get_keypair_public(const uint8_t* key_blob, const size_t key_blob_length,
54 uint8_t** x509_data, size_t* x509_data_length);
55 int sign_data(const void* signing_params, const uint8_t* key_blob, const size_t key_blob_length,
56 const uint8_t* data, const size_t data_length, uint8_t** signed_data,
57 size_t* signed_data_length);
58 int verify_data(const void* signing_params, const uint8_t* key_blob,
59 const size_t key_blob_length, const uint8_t* signed_data,
60 const size_t signed_data_length, const uint8_t* signature,
61 const size_t signature_length);
62
63 private:
64 keymaster_error_t Send(uint32_t command, const Serializable& request,
65 KeymasterResponse* response);
66 keymaster_error_t Send(const GenerateKeyRequest& request, GenerateKeyResponse* response) {
67 return Send(KM_GENERATE_KEY, request, response);
68 }
69 keymaster_error_t Send(const BeginOperationRequest& request, BeginOperationResponse* response) {
70 return Send(KM_BEGIN_OPERATION, request, response);
71 }
72 keymaster_error_t Send(const UpdateOperationRequest& request,
73 UpdateOperationResponse* response) {
74 return Send(KM_UPDATE_OPERATION, request, response);
75 }
76 keymaster_error_t Send(const FinishOperationRequest& request,
77 FinishOperationResponse* response) {
78 return Send(KM_FINISH_OPERATION, request, response);
79 }
80 keymaster_error_t Send(const ImportKeyRequest& request, ImportKeyResponse* response) {
81 return Send(KM_IMPORT_KEY, request, response);
82 }
83 keymaster_error_t Send(const ExportKeyRequest& request, ExportKeyResponse* response) {
84 return Send(KM_EXPORT_KEY, request, response);
85 }
86 keymaster_error_t Send(const GetVersionRequest& request, GetVersionResponse* response) {
87 return Send(KM_GET_VERSION, request, response);
88 }
89
90 keymaster_error_t StoreSigningParams(const void* signing_params, const uint8_t* key_blob,
91 size_t key_blob_length, AuthorizationSet* auth_set);
92 void StoreNewKeyParams(AuthorizationSet* auth_set);
93 keymaster_error_t GetPkcs8KeyAlgorithm(const uint8_t* key, size_t key_length,
94 keymaster_algorithm_t* algorithm);
95
96 /*
97 * These static methods are the functions referenced through the function pointers in
98 * keymaster_device. They're all trivial wrappers.
99 */
100 static int close_device(hw_device_t* dev);
101 static int generate_keypair(const keymaster0_device_t* dev, const keymaster_keypair_t key_type,
102 const void* key_params, uint8_t** keyBlob, size_t* keyBlobLength);
103 static int import_keypair(const keymaster0_device_t* dev, const uint8_t* key,
104 const size_t key_length, uint8_t** key_blob, size_t* key_blob_length);
105 static int get_keypair_public(const keymaster0_device_t* dev, const uint8_t* key_blob,
106 const size_t key_blob_length, uint8_t** x509_data,
107 size_t* x509_data_length);
108 static int sign_data(const keymaster0_device_t* dev, const void* signing_params,
109 const uint8_t* key_blob, const size_t key_blob_length, const uint8_t* data,
110 const size_t data_length, uint8_t** signed_data,
111 size_t* signed_data_length);
112 static int verify_data(const keymaster0_device_t* dev, const void* signing_params,
113 const uint8_t* key_blob, const size_t key_blob_length,
114 const uint8_t* signed_data, const size_t signed_data_length,
115 const uint8_t* signature, const size_t signature_length);
116
117 keymaster0_device_t device_;
118 keymaster_error_t error_;
119 int32_t message_version_;
120};
121
122} // namespace keymaster
123
124#endif // EXTERNAL_KEYMASTER_TRUSTY_KEYMASTER_DEVICE_H_
diff --git a/trusty/keymaster/trusty_keymaster_device_test.cpp b/trusty/keymaster/trusty_keymaster_device_test.cpp
new file mode 100644
index 000000000..3bb543015
--- /dev/null
+++ b/trusty/keymaster/trusty_keymaster_device_test.cpp
@@ -0,0 +1,562 @@
1/*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16#include <algorithm>
17#include <fstream>
18
19#include <UniquePtr.h>
20#include <gtest/gtest.h>
21#include <openssl/engine.h>
22
23#include <hardware/keymaster0.h>
24
25#include <keymaster/android_keymaster.h>
26#include <keymaster/android_keymaster_messages.h>
27#include <keymaster/android_keymaster_utils.h>
28#include <keymaster/keymaster_tags.h>
29#include <keymaster/soft_keymaster_context.h>
30
31#include "android_keymaster_test_utils.h"
32#include "trusty_keymaster_device.h"
33#include "openssl_utils.h"
34
35using std::string;
36using std::ifstream;
37using std::istreambuf_iterator;
38
39static keymaster::AndroidKeymaster *impl_ = nullptr;
40
41extern "C" {
42int __android_log_print();
43}
44
45int __android_log_print() {
46 return 0;
47}
48
49int main(int argc, char** argv) {
50 ::testing::InitGoogleTest(&argc, argv);
51 int result = RUN_ALL_TESTS();
52 // Clean up stuff OpenSSL leaves around, so Valgrind doesn't complain.
53 CRYPTO_cleanup_all_ex_data();
54 ERR_free_strings();
55 return result;
56}
57
58int trusty_keymaster_connect() {
59 impl_ = new keymaster::AndroidKeymaster(new keymaster::SoftKeymasterContext(nullptr), 16);
60}
61
62void trusty_keymaster_disconnect() {
63 delete static_cast<keymaster::AndroidKeymaster*>(priv_);
64}
65
66template <typename Req, typename Rsp>
67static int fake_call(keymaster::AndroidKeymaster* device,
68 void (keymaster::AndroidKeymaster::*method)(const Req&, Rsp*), void* in_buf,
69 uint32_t in_size, void* out_buf, uint32_t* out_size) {
70 Req req;
71 const uint8_t* in = static_cast<uint8_t*>(in_buf);
72 req.Deserialize(&in, in + in_size);
73 Rsp rsp;
74 (device->*method)(req, &rsp);
75
76 *out_size = rsp.SerializedSize();
77 uint8_t* out = static_cast<uint8_t*>(out_buf);
78 rsp.Serialize(out, out + *out_size);
79 return 0;
80}
81
82int trusty_keymaster_call(uint32_t cmd, void* in_buf, uint32_t in_size, void* out_buf,
83 uint32_t* out_size) {
84 switch (cmd) {
85 case KM_GENERATE_KEY:
86 return fake_call(impl_, &keymaster::AndroidKeymaster::GenerateKey, in_buf, in_size,
87 out_buf, out_size);
88 case KM_BEGIN_OPERATION:
89 return fake_call(impl_, &keymaster::AndroidKeymaster::BeginOperation, in_buf, in_size,
90 out_buf, out_size);
91 case KM_UPDATE_OPERATION:
92 return fake_call(impl_, &keymaster::AndroidKeymaster::UpdateOperation, in_buf, in_size,
93 out_buf, out_size);
94 case KM_FINISH_OPERATION:
95 return fake_call(impl_, &keymaster::AndroidKeymaster::FinishOperation, in_buf, in_size,
96 out_buf, out_size);
97 case KM_IMPORT_KEY:
98 return fake_call(impl_, &keymaster::AndroidKeymaster::ImportKey, in_buf, in_size, out_buf,
99 out_size);
100 case KM_EXPORT_KEY:
101 return fake_call(impl_, &keymaster::AndroidKeymaster::ExportKey, in_buf, in_size, out_buf,
102 out_size);
103 }
104 return -EINVAL;
105
106}
107
108namespace keymaster {
109namespace test {
110
111class TrustyKeymasterTest : public testing::Test {
112 protected:
113 TrustyKeymasterTest() : device(NULL) {}
114
115 keymaster_rsa_keygen_params_t build_rsa_params() {
116 keymaster_rsa_keygen_params_t rsa_params;
117 rsa_params.public_exponent = 65537;
118 rsa_params.modulus_size = 2048;
119 return rsa_params;
120 }
121
122 uint8_t* build_message(size_t length) {
123 uint8_t* msg = new uint8_t[length];
124 memset(msg, 'a', length);
125 return msg;
126 }
127
128 size_t dsa_message_len(const keymaster_dsa_keygen_params_t& params) {
129 switch (params.key_size) {
130 case 256:
131 case 1024:
132 return 48;
133 case 2048:
134 case 4096:
135 return 72;
136 default:
137 // Oops.
138 return 0;
139 }
140 }
141
142 TrustyKeymasterDevice device;
143};
144
145class Malloc_Delete {
146 public:
147 Malloc_Delete(void* p) : p_(p) {}
148 ~Malloc_Delete() { free(p_); }
149
150 private:
151 void* p_;
152};
153
154typedef TrustyKeymasterTest KeyGenTest;
155TEST_F(KeyGenTest, RsaSuccess) {
156 keymaster_rsa_keygen_params_t params = build_rsa_params();
157 uint8_t* ptr = NULL;
158 size_t size;
159 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
160 EXPECT_GT(size, 0U);
161 Malloc_Delete key_deleter(ptr);
162}
163
164TEST_F(KeyGenTest, EcdsaSuccess) {
165 keymaster_ec_keygen_params_t ec_params = {256};
166 uint8_t* ptr = NULL;
167 size_t size;
168 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &ec_params, &ptr, &size));
169 EXPECT_GT(size, 0U);
170 Malloc_Delete key_deleter(ptr);
171}
172
173typedef TrustyKeymasterTest SigningTest;
174TEST_F(SigningTest, RsaSuccess) {
175 keymaster_rsa_keygen_params_t params = build_rsa_params();
176 uint8_t* ptr = NULL;
177 size_t size;
178 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
179 EXPECT_GT(size, 0U);
180 Malloc_Delete key_deleter(ptr);
181
182 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
183 size_t message_len = params.modulus_size / 8;
184 UniquePtr<uint8_t[]> message(build_message(message_len));
185 uint8_t* signature;
186 size_t siglen;
187 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
188 &signature, &siglen));
189 Malloc_Delete sig_deleter(signature);
190 EXPECT_EQ(message_len, siglen);
191}
192
193TEST_F(SigningTest, RsaShortMessage) {
194 keymaster_rsa_keygen_params_t params = build_rsa_params();
195 uint8_t* ptr = NULL;
196 size_t size;
197 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
198 EXPECT_GT(size, 0U);
199 Malloc_Delete key_deleter(ptr);
200
201 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
202 size_t message_len = params.modulus_size / 8 - 1;
203 UniquePtr<uint8_t[]> message(build_message(message_len));
204 uint8_t* signature;
205 size_t siglen;
206 EXPECT_EQ(KM_ERROR_UNKNOWN_ERROR, device.sign_data(&sig_params, ptr, size, message.get(),
207 message_len, &signature, &siglen));
208}
209
210TEST_F(SigningTest, RsaLongMessage) {
211 keymaster_rsa_keygen_params_t params = build_rsa_params();
212 uint8_t* ptr = NULL;
213 size_t size;
214 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
215 EXPECT_GT(size, 0U);
216 Malloc_Delete key_deleter(ptr);
217
218 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
219 size_t message_len = params.modulus_size / 8 + 1;
220 UniquePtr<uint8_t[]> message(build_message(message_len));
221 uint8_t* signature;
222 size_t siglen;
223 EXPECT_EQ(KM_ERROR_UNKNOWN_ERROR, device.sign_data(&sig_params, ptr, size, message.get(),
224 message_len, &signature, &siglen));
225}
226
227TEST_F(SigningTest, EcdsaSuccess) {
228 keymaster_ec_keygen_params_t params = {256};
229 uint8_t* ptr = NULL;
230 size_t size;
231 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &params, &ptr, &size));
232 EXPECT_GT(size, 0U);
233 Malloc_Delete key_deleter(ptr);
234
235 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
236 uint8_t message[] = "12345678901234567890123456789012";
237 uint8_t* signature;
238 size_t siglen;
239 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message,
240 array_size(message) - 1, &signature, &siglen));
241 Malloc_Delete sig_deleter(signature);
242 EXPECT_GT(siglen, 69U);
243 EXPECT_LT(siglen, 73U);
244}
245
246TEST_F(SigningTest, EcdsaEmptyMessageSuccess) {
247 keymaster_ec_keygen_params_t params = {256};
248 uint8_t* ptr = NULL;
249 size_t size;
250 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &params, &ptr, &size));
251 EXPECT_GT(size, 0U);
252 Malloc_Delete key_deleter(ptr);
253
254 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
255 uint8_t message[] = "";
256 uint8_t* signature;
257 size_t siglen;
258 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message,
259 array_size(message) - 1, &signature, &siglen));
260 Malloc_Delete sig_deleter(signature);
261 EXPECT_GT(siglen, 69U);
262 EXPECT_LT(siglen, 73U);
263}
264
265TEST_F(SigningTest, EcdsaLargeMessageSuccess) {
266 keymaster_ec_keygen_params_t params = {256};
267 uint8_t* ptr = NULL;
268 size_t size;
269 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &params, &ptr, &size));
270 EXPECT_GT(size, 0U);
271 Malloc_Delete key_deleter(ptr);
272
273 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
274 size_t message_len = 1024 * 7;
275 UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
276 // contents of message don't matter.
277 uint8_t* signature;
278 size_t siglen;
279 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
280 &signature, &siglen));
281 Malloc_Delete sig_deleter(signature);
282 EXPECT_GT(siglen, 69U);
283 EXPECT_LT(siglen, 73U);
284}
285
286typedef TrustyKeymasterTest VerificationTest;
287TEST_F(VerificationTest, RsaSuccess) {
288 keymaster_rsa_keygen_params_t params = build_rsa_params();
289 uint8_t* ptr = NULL;
290 size_t size;
291 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
292 EXPECT_GT(size, 0U);
293 Malloc_Delete key_deleter(ptr);
294
295 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
296 size_t message_len = params.modulus_size / 8;
297 UniquePtr<uint8_t[]> message(build_message(message_len));
298 uint8_t* signature;
299 size_t siglen;
300 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
301 &signature, &siglen));
302 Malloc_Delete sig_deleter(signature);
303
304 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, ptr, size, message.get(), message_len,
305 signature, siglen));
306}
307
308TEST_F(VerificationTest, RsaBadSignature) {
309 keymaster_rsa_keygen_params_t params = build_rsa_params();
310 uint8_t* ptr = NULL;
311 size_t size;
312 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
313 EXPECT_GT(size, 0U);
314 Malloc_Delete key_deleter(ptr);
315
316 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
317 size_t message_len = params.modulus_size / 8;
318 UniquePtr<uint8_t[]> message(build_message(message_len));
319 uint8_t* signature;
320 size_t siglen;
321 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
322 &signature, &siglen));
323
324 Malloc_Delete sig_deleter(signature);
325 signature[siglen / 2]++;
326 EXPECT_EQ(
327 KM_ERROR_VERIFICATION_FAILED,
328 device.verify_data(&sig_params, ptr, size, message.get(), message_len, signature, siglen));
329}
330
331TEST_F(VerificationTest, RsaBadMessage) {
332 keymaster_rsa_keygen_params_t params = build_rsa_params();
333 uint8_t* ptr = NULL;
334 size_t size;
335 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
336 EXPECT_GT(size, 0U);
337 Malloc_Delete key_deleter(ptr);
338
339 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
340 size_t message_len = params.modulus_size / 8;
341 UniquePtr<uint8_t[]> message(build_message(message_len));
342 uint8_t* signature;
343 size_t siglen;
344 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
345 &signature, &siglen));
346 Malloc_Delete sig_deleter(signature);
347 message[0]++;
348 EXPECT_EQ(
349 KM_ERROR_VERIFICATION_FAILED,
350 device.verify_data(&sig_params, ptr, size, message.get(), message_len, signature, siglen));
351}
352
353TEST_F(VerificationTest, RsaShortMessage) {
354 keymaster_rsa_keygen_params_t params = build_rsa_params();
355 uint8_t* ptr = NULL;
356 size_t size;
357 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
358 EXPECT_GT(size, 0U);
359 Malloc_Delete key_deleter(ptr);
360
361 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
362 size_t message_len = params.modulus_size / 8;
363 UniquePtr<uint8_t[]> message(build_message(message_len));
364 uint8_t* signature;
365 size_t siglen;
366 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
367 &signature, &siglen));
368
369 Malloc_Delete sig_deleter(signature);
370 EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH,
371 device.verify_data(&sig_params, ptr, size, message.get(), message_len - 1, signature,
372 siglen));
373}
374
375TEST_F(VerificationTest, RsaLongMessage) {
376 keymaster_rsa_keygen_params_t params = build_rsa_params();
377 uint8_t* ptr = NULL;
378 size_t size;
379 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
380 EXPECT_GT(size, 0U);
381 Malloc_Delete key_deleter(ptr);
382
383 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
384 size_t message_len = params.modulus_size / 8;
385 UniquePtr<uint8_t[]> message(build_message(message_len + 1));
386 uint8_t* signature;
387 size_t siglen;
388 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
389 &signature, &siglen));
390 Malloc_Delete sig_deleter(signature);
391 EXPECT_EQ(KM_ERROR_INVALID_INPUT_LENGTH,
392 device.verify_data(&sig_params, ptr, size, message.get(), message_len + 1, signature,
393 siglen));
394}
395
396TEST_F(VerificationTest, EcdsaSuccess) {
397 keymaster_ec_keygen_params_t params = {256};
398 uint8_t* ptr = NULL;
399 size_t size;
400 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &params, &ptr, &size));
401 EXPECT_GT(size, 0U);
402 Malloc_Delete key_deleter(ptr);
403
404 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
405 uint8_t message[] = "12345678901234567890123456789012";
406 uint8_t* signature;
407 size_t siglen;
408 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message,
409 array_size(message) - 1, &signature, &siglen));
410 Malloc_Delete sig_deleter(signature);
411 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, ptr, size, message,
412 array_size(message) - 1, signature, siglen));
413}
414
415TEST_F(VerificationTest, EcdsaLargeMessageSuccess) {
416 keymaster_ec_keygen_params_t params = {256};
417 uint8_t* ptr = NULL;
418 size_t size;
419 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &params, &ptr, &size));
420 EXPECT_GT(size, 0U);
421 Malloc_Delete key_deleter(ptr);
422
423 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
424 size_t message_len = 1024 * 7;
425 UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
426 // contents of message don't matter.
427 uint8_t* signature;
428 size_t siglen;
429 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
430 &signature, &siglen));
431 Malloc_Delete sig_deleter(signature);
432 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, ptr, size, message.get(), message_len,
433 signature, siglen));
434}
435
436static string read_file(const string& file_name) {
437 ifstream file_stream(file_name, std::ios::binary);
438 istreambuf_iterator<char> file_begin(file_stream);
439 istreambuf_iterator<char> file_end;
440 return string(file_begin, file_end);
441}
442
443typedef TrustyKeymasterTest ImportKeyTest;
444TEST_F(ImportKeyTest, RsaSuccess) {
445 string pk8_key = read_file("../../../../system/keymaster/rsa_privkey_pk8.der");
446 ASSERT_EQ(633U, pk8_key.size());
447
448 uint8_t* key = NULL;
449 size_t size;
450 ASSERT_EQ(KM_ERROR_OK, device.import_keypair(reinterpret_cast<const uint8_t*>(pk8_key.data()),
451 pk8_key.size(), &key, &size));
452 Malloc_Delete key_deleter(key);
453
454 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
455 size_t message_size = 1024 /* key size */ / 8;
456 UniquePtr<uint8_t[]> message(new uint8_t[message_size]);
457 memset(message.get(), 'a', message_size);
458 uint8_t* signature;
459 size_t siglen;
460 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, key, size, message.get(), message_size,
461 &signature, &siglen));
462 Malloc_Delete sig_deleter(signature);
463 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, key, size, message.get(), message_size,
464 signature, siglen));
465}
466
467TEST_F(ImportKeyTest, EcdsaSuccess) {
468 string pk8_key = read_file("../../../../system/keymaster/ec_privkey_pk8.der");
469 ASSERT_EQ(138U, pk8_key.size());
470
471 uint8_t* key = NULL;
472 size_t size;
473 ASSERT_EQ(KM_ERROR_OK, device.import_keypair(reinterpret_cast<const uint8_t*>(pk8_key.data()),
474 pk8_key.size(), &key, &size));
475 Malloc_Delete key_deleter(key);
476
477 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
478 uint8_t message[] = "12345678901234567890123456789012";
479 uint8_t* signature;
480 size_t siglen;
481 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, key, size, message,
482 array_size(message) - 1, &signature, &siglen));
483 Malloc_Delete sig_deleter(signature);
484 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, key, size, message,
485 array_size(message) - 1, signature, siglen));
486}
487
488struct EVP_PKEY_CTX_Delete {
489 void operator()(EVP_PKEY_CTX* p) { EVP_PKEY_CTX_free(p); }
490};
491
492static void VerifySignature(const uint8_t* key, size_t key_len, const uint8_t* signature,
493 size_t signature_len, const uint8_t* message, size_t message_len) {
494 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(d2i_PUBKEY(NULL, &key, key_len));
495 ASSERT_TRUE(pkey.get() != NULL);
496 UniquePtr<EVP_PKEY_CTX, EVP_PKEY_CTX_Delete> ctx(EVP_PKEY_CTX_new(pkey.get(), NULL));
497 ASSERT_TRUE(ctx.get() != NULL);
498 ASSERT_EQ(1, EVP_PKEY_verify_init(ctx.get()));
499 if (EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA)
500 ASSERT_EQ(1, EVP_PKEY_CTX_set_rsa_padding(ctx.get(), RSA_NO_PADDING));
501 EXPECT_EQ(1, EVP_PKEY_verify(ctx.get(), signature, signature_len, message, message_len));
502}
503
504typedef TrustyKeymasterTest ExportKeyTest;
505TEST_F(ExportKeyTest, RsaSuccess) {
506 keymaster_rsa_keygen_params_t params = build_rsa_params();
507 uint8_t* ptr = NULL;
508 size_t size;
509 ASSERT_EQ(0, device.generate_keypair(TYPE_RSA, &params, &ptr, &size));
510 EXPECT_GT(size, 0U);
511 Malloc_Delete key_deleter(ptr);
512
513 uint8_t* exported;
514 size_t exported_size;
515 EXPECT_EQ(KM_ERROR_OK, device.get_keypair_public(ptr, size, &exported, &exported_size));
516 Malloc_Delete exported_deleter(exported);
517
518 // Sign a message so we can verify it with the exported pubkey.
519 keymaster_rsa_sign_params_t sig_params = {DIGEST_NONE, PADDING_NONE};
520 size_t message_len = params.modulus_size / 8;
521 UniquePtr<uint8_t[]> message(build_message(message_len));
522 uint8_t* signature;
523 size_t siglen;
524 EXPECT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, ptr, size, message.get(), message_len,
525 &signature, &siglen));
526 Malloc_Delete sig_deleter(signature);
527 EXPECT_EQ(message_len, siglen);
528 const uint8_t* tmp = exported;
529
530 VerifySignature(exported, exported_size, signature, siglen, message.get(), message_len);
531}
532
533typedef TrustyKeymasterTest ExportKeyTest;
534TEST_F(ExportKeyTest, EcdsaSuccess) {
535 keymaster_ec_keygen_params_t params = {256};
536 uint8_t* key = NULL;
537 size_t size;
538 ASSERT_EQ(0, device.generate_keypair(TYPE_EC, &params, &key, &size));
539 EXPECT_GT(size, 0U);
540 Malloc_Delete key_deleter(key);
541
542 uint8_t* exported;
543 size_t exported_size;
544 EXPECT_EQ(KM_ERROR_OK, device.get_keypair_public(key, size, &exported, &exported_size));
545 Malloc_Delete exported_deleter(exported);
546
547 // Sign a message so we can verify it with the exported pubkey.
548 keymaster_ec_sign_params_t sig_params = {DIGEST_NONE};
549 uint8_t message[] = "12345678901234567890123456789012";
550 uint8_t* signature;
551 size_t siglen;
552 ASSERT_EQ(KM_ERROR_OK, device.sign_data(&sig_params, key, size, message,
553 array_size(message) - 1, &signature, &siglen));
554 Malloc_Delete sig_deleter(signature);
555 EXPECT_EQ(KM_ERROR_OK, device.verify_data(&sig_params, key, size, message,
556 array_size(message) - 1, signature, siglen));
557
558 VerifySignature(exported, exported_size, signature, siglen, message, array_size(message) - 1);
559}
560
561} // namespace test
562} // namespace keymaster
diff --git a/trusty/keymaster/trusty_keymaster_ipc.c b/trusty/keymaster/trusty_keymaster_ipc.c
new file mode 100644
index 000000000..b68209ef3
--- /dev/null
+++ b/trusty/keymaster/trusty_keymaster_ipc.c
@@ -0,0 +1,94 @@
1/*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17// TODO: make this generic in libtrusty
18
19#include <errno.h>
20#include <stdlib.h>
21#include <string.h>
22
23#define LOG_TAG "TrustyKeymaster"
24#include <cutils/log.h>
25
26#include <trusty/tipc.h>
27
28#include "trusty_keymaster_ipc.h"
29#include "keymaster_ipc.h"
30
31#define TRUSTY_DEVICE_NAME "/dev/trusty-ipc-dev0"
32
33static int handle_ = 0;
34
35int trusty_keymaster_connect() {
36 int rc = tipc_connect(TRUSTY_DEVICE_NAME, KEYMASTER_PORT);
37 if (rc < 0) {
38 return rc;
39 }
40
41 handle_ = rc;
42 return 0;
43}
44
45int trusty_keymaster_call(uint32_t cmd, void *in, uint32_t in_size, uint8_t *out,
46 uint32_t *out_size) {
47 if (handle_ == 0) {
48 ALOGE("not connected\n");
49 return -EINVAL;
50 }
51
52 size_t msg_size = in_size + sizeof(struct keymaster_message);
53 struct keymaster_message *msg = malloc(msg_size);
54 msg->cmd = cmd;
55 memcpy(msg->payload, in, in_size);
56
57 ssize_t rc = write(handle_, msg, msg_size);
58 free(msg);
59
60 if (rc < 0) {
61 ALOGE("failed to send cmd (%d) to %s: %s\n", cmd,
62 KEYMASTER_PORT, strerror(errno));
63 return -errno;
64 }
65
66 rc = read(handle_, out, *out_size);
67 if (rc < 0) {
68 ALOGE("failed to retrieve response for cmd (%d) to %s: %s\n",
69 cmd, KEYMASTER_PORT, strerror(errno));
70 return -errno;
71 }
72
73 if ((size_t) rc < sizeof(struct keymaster_message)) {
74 ALOGE("invalid response size (%d)\n", (int) rc);
75 return -EINVAL;
76 }
77
78 msg = (struct keymaster_message *) out;
79
80 if ((cmd | KEYMASTER_RESP_BIT) != msg->cmd) {
81 ALOGE("invalid command (%d)", msg->cmd);
82 return -EINVAL;
83 }
84
85 *out_size = ((size_t) rc) - sizeof(struct keymaster_message);
86 return rc;
87}
88
89void trusty_keymaster_disconnect() {
90 if (handle_ != 0) {
91 tipc_close(handle_);
92 }
93}
94
diff --git a/trusty/keymaster/trusty_keymaster_ipc.h b/trusty/keymaster/trusty_keymaster_ipc.h
new file mode 100644
index 000000000..978524766
--- /dev/null
+++ b/trusty/keymaster/trusty_keymaster_ipc.h
@@ -0,0 +1,24 @@
1/*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17__BEGIN_DECLS
18
19int trusty_keymaster_connect(void);
20int trusty_keymaster_call(uint32_t cmd, void *in, uint32_t in_size, uint8_t *out,
21 uint32_t *out_size);
22void trusty_keymaster_disconnect(void);
23
24__END_DECLS
diff --git a/trusty/keymaster/trusty_keymaster_main.cpp b/trusty/keymaster/trusty_keymaster_main.cpp
new file mode 100644
index 000000000..7ed880e6d
--- /dev/null
+++ b/trusty/keymaster/trusty_keymaster_main.cpp
@@ -0,0 +1,368 @@
1/*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include <stdio.h>
18
19#include <openssl/evp.h>
20#include <openssl/x509.h>
21
22#include "trusty_keymaster_device.h"
23
24using keymaster::TrustyKeymasterDevice;
25
26unsigned char rsa_privkey_pk8_der[] = {
27 0x30, 0x82, 0x02, 0x75, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
28 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 0x02, 0x5f, 0x30, 0x82, 0x02, 0x5b, 0x02, 0x01,
29 0x00, 0x02, 0x81, 0x81, 0x00, 0xc6, 0x09, 0x54, 0x09, 0x04, 0x7d, 0x86, 0x34, 0x81, 0x2d, 0x5a,
30 0x21, 0x81, 0x76, 0xe4, 0x5c, 0x41, 0xd6, 0x0a, 0x75, 0xb1, 0x39, 0x01, 0xf2, 0x34, 0x22, 0x6c,
31 0xff, 0xe7, 0x76, 0x52, 0x1c, 0x5a, 0x77, 0xb9, 0xe3, 0x89, 0x41, 0x7b, 0x71, 0xc0, 0xb6, 0xa4,
32 0x4d, 0x13, 0xaf, 0xe4, 0xe4, 0xa2, 0x80, 0x5d, 0x46, 0xc9, 0xda, 0x29, 0x35, 0xad, 0xb1, 0xff,
33 0x0c, 0x1f, 0x24, 0xea, 0x06, 0xe6, 0x2b, 0x20, 0xd7, 0x76, 0x43, 0x0a, 0x4d, 0x43, 0x51, 0x57,
34 0x23, 0x3c, 0x6f, 0x91, 0x67, 0x83, 0xc3, 0x0e, 0x31, 0x0f, 0xcb, 0xd8, 0x9b, 0x85, 0xc2, 0xd5,
35 0x67, 0x71, 0x16, 0x97, 0x85, 0xac, 0x12, 0xbc, 0xa2, 0x44, 0xab, 0xda, 0x72, 0xbf, 0xb1, 0x9f,
36 0xc4, 0x4d, 0x27, 0xc8, 0x1e, 0x1d, 0x92, 0xde, 0x28, 0x4f, 0x40, 0x61, 0xed, 0xfd, 0x99, 0x28,
37 0x07, 0x45, 0xea, 0x6d, 0x25, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x1b, 0xe0, 0xf0,
38 0x4d, 0x9c, 0xae, 0x37, 0x18, 0x69, 0x1f, 0x03, 0x53, 0x38, 0x30, 0x8e, 0x91, 0x56, 0x4b, 0x55,
39 0x89, 0x9f, 0xfb, 0x50, 0x84, 0xd2, 0x46, 0x0e, 0x66, 0x30, 0x25, 0x7e, 0x05, 0xb3, 0xce, 0xab,
40 0x02, 0x97, 0x2d, 0xfa, 0xbc, 0xd6, 0xce, 0x5f, 0x6e, 0xe2, 0x58, 0x9e, 0xb6, 0x79, 0x11, 0xed,
41 0x0f, 0xac, 0x16, 0xe4, 0x3a, 0x44, 0x4b, 0x8c, 0x86, 0x1e, 0x54, 0x4a, 0x05, 0x93, 0x36, 0x57,
42 0x72, 0xf8, 0xba, 0xf6, 0xb2, 0x2f, 0xc9, 0xe3, 0xc5, 0xf1, 0x02, 0x4b, 0x06, 0x3a, 0xc0, 0x80,
43 0xa7, 0xb2, 0x23, 0x4c, 0xf8, 0xae, 0xe8, 0xf6, 0xc4, 0x7b, 0xbf, 0x4f, 0xd3, 0xac, 0xe7, 0x24,
44 0x02, 0x90, 0xbe, 0xf1, 0x6c, 0x0b, 0x3f, 0x7f, 0x3c, 0xdd, 0x64, 0xce, 0x3a, 0xb5, 0x91, 0x2c,
45 0xf6, 0xe3, 0x2f, 0x39, 0xab, 0x18, 0x83, 0x58, 0xaf, 0xcc, 0xcd, 0x80, 0x81, 0x02, 0x41, 0x00,
46 0xe4, 0xb4, 0x9e, 0xf5, 0x0f, 0x76, 0x5d, 0x3b, 0x24, 0xdd, 0xe0, 0x1a, 0xce, 0xaa, 0xf1, 0x30,
47 0xf2, 0xc7, 0x66, 0x70, 0xa9, 0x1a, 0x61, 0xae, 0x08, 0xaf, 0x49, 0x7b, 0x4a, 0x82, 0xbe, 0x6d,
48 0xee, 0x8f, 0xcd, 0xd5, 0xe3, 0xf7, 0xba, 0x1c, 0xfb, 0x1f, 0x0c, 0x92, 0x6b, 0x88, 0xf8, 0x8c,
49 0x92, 0xbf, 0xab, 0x13, 0x7f, 0xba, 0x22, 0x85, 0x22, 0x7b, 0x83, 0xc3, 0x42, 0xff, 0x7c, 0x55,
50 0x02, 0x41, 0x00, 0xdd, 0xab, 0xb5, 0x83, 0x9c, 0x4c, 0x7f, 0x6b, 0xf3, 0xd4, 0x18, 0x32, 0x31,
51 0xf0, 0x05, 0xb3, 0x1a, 0xa5, 0x8a, 0xff, 0xdd, 0xa5, 0xc7, 0x9e, 0x4c, 0xce, 0x21, 0x7f, 0x6b,
52 0xc9, 0x30, 0xdb, 0xe5, 0x63, 0xd4, 0x80, 0x70, 0x6c, 0x24, 0xe9, 0xeb, 0xfc, 0xab, 0x28, 0xa6,
53 0xcd, 0xef, 0xd3, 0x24, 0xb7, 0x7e, 0x1b, 0xf7, 0x25, 0x1b, 0x70, 0x90, 0x92, 0xc2, 0x4f, 0xf5,
54 0x01, 0xfd, 0x91, 0x02, 0x40, 0x23, 0xd4, 0x34, 0x0e, 0xda, 0x34, 0x45, 0xd8, 0xcd, 0x26, 0xc1,
55 0x44, 0x11, 0xda, 0x6f, 0xdc, 0xa6, 0x3c, 0x1c, 0xcd, 0x4b, 0x80, 0xa9, 0x8a, 0xd5, 0x2b, 0x78,
56 0xcc, 0x8a, 0xd8, 0xbe, 0xb2, 0x84, 0x2c, 0x1d, 0x28, 0x04, 0x05, 0xbc, 0x2f, 0x6c, 0x1b, 0xea,
57 0x21, 0x4a, 0x1d, 0x74, 0x2a, 0xb9, 0x96, 0xb3, 0x5b, 0x63, 0xa8, 0x2a, 0x5e, 0x47, 0x0f, 0xa8,
58 0x8d, 0xbf, 0x82, 0x3c, 0xdd, 0x02, 0x40, 0x1b, 0x7b, 0x57, 0x44, 0x9a, 0xd3, 0x0d, 0x15, 0x18,
59 0x24, 0x9a, 0x5f, 0x56, 0xbb, 0x98, 0x29, 0x4d, 0x4b, 0x6a, 0xc1, 0x2f, 0xfc, 0x86, 0x94, 0x04,
60 0x97, 0xa5, 0xa5, 0x83, 0x7a, 0x6c, 0xf9, 0x46, 0x26, 0x2b, 0x49, 0x45, 0x26, 0xd3, 0x28, 0xc1,
61 0x1e, 0x11, 0x26, 0x38, 0x0f, 0xde, 0x04, 0xc2, 0x4f, 0x91, 0x6d, 0xec, 0x25, 0x08, 0x92, 0xdb,
62 0x09, 0xa6, 0xd7, 0x7c, 0xdb, 0xa3, 0x51, 0x02, 0x40, 0x77, 0x62, 0xcd, 0x8f, 0x4d, 0x05, 0x0d,
63 0xa5, 0x6b, 0xd5, 0x91, 0xad, 0xb5, 0x15, 0xd2, 0x4d, 0x7c, 0xcd, 0x32, 0xcc, 0xa0, 0xd0, 0x5f,
64 0x86, 0x6d, 0x58, 0x35, 0x14, 0xbd, 0x73, 0x24, 0xd5, 0xf3, 0x36, 0x45, 0xe8, 0xed, 0x8b, 0x4a,
65 0x1c, 0xb3, 0xcc, 0x4a, 0x1d, 0x67, 0x98, 0x73, 0x99, 0xf2, 0xa0, 0x9f, 0x5b, 0x3f, 0xb6, 0x8c,
66 0x88, 0xd5, 0xe5, 0xd9, 0x0a, 0xc3, 0x34, 0x92, 0xd6};
67unsigned int rsa_privkey_pk8_der_len = 633;
68
69unsigned char dsa_privkey_pk8_der[] = {
70 0x30, 0x82, 0x01, 0x4b, 0x02, 0x01, 0x00, 0x30, 0x82, 0x01, 0x2b, 0x06, 0x07, 0x2a, 0x86, 0x48,
71 0xce, 0x38, 0x04, 0x01, 0x30, 0x82, 0x01, 0x1e, 0x02, 0x81, 0x81, 0x00, 0xa3, 0xf3, 0xe9, 0xb6,
72 0x7e, 0x7d, 0x88, 0xf6, 0xb7, 0xe5, 0xf5, 0x1f, 0x3b, 0xee, 0xac, 0xd7, 0xad, 0xbc, 0xc9, 0xd1,
73 0x5a, 0xf8, 0x88, 0xc4, 0xef, 0x6e, 0x3d, 0x74, 0x19, 0x74, 0xe7, 0xd8, 0xe0, 0x26, 0x44, 0x19,
74 0x86, 0xaf, 0x19, 0xdb, 0x05, 0xe9, 0x3b, 0x8b, 0x58, 0x58, 0xde, 0xe5, 0x4f, 0x48, 0x15, 0x01,
75 0xea, 0xe6, 0x83, 0x52, 0xd7, 0xc1, 0x21, 0xdf, 0xb9, 0xb8, 0x07, 0x66, 0x50, 0xfb, 0x3a, 0x0c,
76 0xb3, 0x85, 0xee, 0xbb, 0x04, 0x5f, 0xc2, 0x6d, 0x6d, 0x95, 0xfa, 0x11, 0x93, 0x1e, 0x59, 0x5b,
77 0xb1, 0x45, 0x8d, 0xe0, 0x3d, 0x73, 0xaa, 0xf2, 0x41, 0x14, 0x51, 0x07, 0x72, 0x3d, 0xa2, 0xf7,
78 0x58, 0xcd, 0x11, 0xa1, 0x32, 0xcf, 0xda, 0x42, 0xb7, 0xcc, 0x32, 0x80, 0xdb, 0x87, 0x82, 0xec,
79 0x42, 0xdb, 0x5a, 0x55, 0x24, 0x24, 0xa2, 0xd1, 0x55, 0x29, 0xad, 0xeb, 0x02, 0x15, 0x00, 0xeb,
80 0xea, 0x17, 0xd2, 0x09, 0xb3, 0xd7, 0x21, 0x9a, 0x21, 0x07, 0x82, 0x8f, 0xab, 0xfe, 0x88, 0x71,
81 0x68, 0xf7, 0xe3, 0x02, 0x81, 0x80, 0x19, 0x1c, 0x71, 0xfd, 0xe0, 0x03, 0x0c, 0x43, 0xd9, 0x0b,
82 0xf6, 0xcd, 0xd6, 0xa9, 0x70, 0xe7, 0x37, 0x86, 0x3a, 0x78, 0xe9, 0xa7, 0x47, 0xa7, 0x47, 0x06,
83 0x88, 0xb1, 0xaf, 0xd7, 0xf3, 0xf1, 0xa1, 0xd7, 0x00, 0x61, 0x28, 0x88, 0x31, 0x48, 0x60, 0xd8,
84 0x11, 0xef, 0xa5, 0x24, 0x1a, 0x81, 0xc4, 0x2a, 0xe2, 0xea, 0x0e, 0x36, 0xd2, 0xd2, 0x05, 0x84,
85 0x37, 0xcf, 0x32, 0x7d, 0x09, 0xe6, 0x0f, 0x8b, 0x0c, 0xc8, 0xc2, 0xa4, 0xb1, 0xdc, 0x80, 0xca,
86 0x68, 0xdf, 0xaf, 0xd2, 0x90, 0xc0, 0x37, 0x58, 0x54, 0x36, 0x8f, 0x49, 0xb8, 0x62, 0x75, 0x8b,
87 0x48, 0x47, 0xc0, 0xbe, 0xf7, 0x9a, 0x92, 0xa6, 0x68, 0x05, 0xda, 0x9d, 0xaf, 0x72, 0x9a, 0x67,
88 0xb3, 0xb4, 0x14, 0x03, 0xae, 0x4f, 0x4c, 0x76, 0xb9, 0xd8, 0x64, 0x0a, 0xba, 0x3b, 0xa8, 0x00,
89 0x60, 0x4d, 0xae, 0x81, 0xc3, 0xc5, 0x04, 0x17, 0x02, 0x15, 0x00, 0x81, 0x9d, 0xfd, 0x53, 0x0c,
90 0xc1, 0x8f, 0xbe, 0x8b, 0xea, 0x00, 0x26, 0x19, 0x29, 0x33, 0x91, 0x84, 0xbe, 0xad, 0x81};
91unsigned int dsa_privkey_pk8_der_len = 335;
92
93unsigned char ec_privkey_pk8_der[] = {
94 0x30, 0x81, 0x87, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
95 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x04, 0x6d, 0x30, 0x6b, 0x02,
96 0x01, 0x01, 0x04, 0x20, 0x73, 0x7c, 0x2e, 0xcd, 0x7b, 0x8d, 0x19, 0x40, 0xbf, 0x29, 0x30, 0xaa,
97 0x9b, 0x4e, 0xd3, 0xff, 0x94, 0x1e, 0xed, 0x09, 0x36, 0x6b, 0xc0, 0x32, 0x99, 0x98, 0x64, 0x81,
98 0xf3, 0xa4, 0xd8, 0x59, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xbf, 0x85, 0xd7, 0x72, 0x0d, 0x07,
99 0xc2, 0x54, 0x61, 0x68, 0x3b, 0xc6, 0x48, 0xb4, 0x77, 0x8a, 0x9a, 0x14, 0xdd, 0x8a, 0x02, 0x4e,
100 0x3b, 0xdd, 0x8c, 0x7d, 0xdd, 0x9a, 0xb2, 0xb5, 0x28, 0xbb, 0xc7, 0xaa, 0x1b, 0x51, 0xf1, 0x4e,
101 0xbb, 0xbb, 0x0b, 0xd0, 0xce, 0x21, 0xbc, 0xc4, 0x1c, 0x6e, 0xb0, 0x00, 0x83, 0xcf, 0x33, 0x76,
102 0xd1, 0x1f, 0xd4, 0x49, 0x49, 0xe0, 0xb2, 0x18, 0x3b, 0xfe};
103unsigned int ec_privkey_pk8_der_len = 138;
104
105struct EVP_PKEY_Delete {
106 void operator()(EVP_PKEY* p) const { EVP_PKEY_free(p); }
107};
108
109struct EVP_PKEY_CTX_Delete {
110 void operator()(EVP_PKEY_CTX* p) { EVP_PKEY_CTX_free(p); }
111};
112
113static bool test_import_rsa(TrustyKeymasterDevice* device) {
114 printf("===================\n");
115 printf("= RSA Import Test =\n");
116 printf("===================\n\n");
117
118 printf("=== Importing RSA keypair === \n");
119 uint8_t* key;
120 size_t size;
121 int error = device->import_keypair(rsa_privkey_pk8_der, rsa_privkey_pk8_der_len, &key, &size);
122 if (error != KM_ERROR_OK) {
123 printf("Error importing key pair: %d\n\n", error);
124 return false;
125 }
126 UniquePtr<uint8_t[]> key_deleter(key);
127
128 printf("=== Signing with imported RSA key ===\n");
129 keymaster_rsa_sign_params_t sign_params = {DIGEST_NONE, PADDING_NONE};
130 size_t message_len = 1024 / 8;
131 UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
132 memset(message.get(), 'a', message_len);
133 uint8_t* signature;
134 size_t signature_len;
135 error = device->sign_data(&sign_params, key, size, message.get(), message_len, &signature,
136 &signature_len);
137 if (error != KM_ERROR_OK) {
138 printf("Error signing data with imported RSA key: %d\n\n", error);
139 return false;
140 }
141 UniquePtr<uint8_t[]> signature_deleter(signature);
142
143 printf("=== Verifying with imported RSA key === \n");
144 error = device->verify_data(&sign_params, key, size, message.get(), message_len, signature,
145 signature_len);
146 if (error != KM_ERROR_OK) {
147 printf("Error verifying data with imported RSA key: %d\n\n", error);
148 return false;
149 }
150
151 printf("\n");
152 return true;
153}
154
155static bool test_rsa(TrustyKeymasterDevice* device) {
156 printf("============\n");
157 printf("= RSA Test =\n");
158 printf("============\n\n");
159
160 printf("=== Generating RSA key pair ===\n");
161 keymaster_rsa_keygen_params_t params;
162 params.public_exponent = 65537;
163 params.modulus_size = 2048;
164
165 uint8_t* key;
166 size_t size;
167 int error = device->generate_keypair(TYPE_RSA, &params, &key, &size);
168 if (error != KM_ERROR_OK) {
169 printf("Error generating RSA key pair: %d\n\n", error);
170 return false;
171 }
172 UniquePtr<uint8_t[]> deleter(key);
173
174 printf("=== Signing with RSA key === \n");
175 keymaster_rsa_sign_params_t sign_params = {DIGEST_NONE, PADDING_NONE};
176 size_t message_len = params.modulus_size / 8;
177 UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
178 memset(message.get(), 'a', message_len);
179 uint8_t* signature;
180 size_t signature_len;
181 error = device->sign_data(&sign_params, key, size, message.get(), message_len, &signature,
182 &signature_len);
183 if (error != KM_ERROR_OK) {
184 printf("Error signing data with RSA key: %d\n\n", error);
185 return false;
186 }
187 UniquePtr<uint8_t[]> signature_deleter(signature);
188
189 printf("=== Verifying with RSA key === \n");
190 error = device->verify_data(&sign_params, key, size, message.get(), message_len, signature,
191 signature_len);
192 if (error != KM_ERROR_OK) {
193 printf("Error verifying data with RSA key: %d\n\n", error);
194 return false;
195 }
196
197 printf("=== Exporting RSA public key ===\n");
198 uint8_t* exported_key;
199 size_t exported_size;
200 error = device->get_keypair_public(key, size, &exported_key, &exported_size);
201 if (error != KM_ERROR_OK) {
202 printf("Error exporting RSA public key: %d\n\n", error);
203 return false;
204 }
205
206 printf("=== Verifying with exported key ===\n");
207 const uint8_t* tmp = exported_key;
208 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(d2i_PUBKEY(NULL, &tmp, exported_size));
209 UniquePtr<EVP_PKEY_CTX, EVP_PKEY_CTX_Delete> ctx(EVP_PKEY_CTX_new(pkey.get(), NULL));
210 if (EVP_PKEY_verify_init(ctx.get()) != 1) {
211 printf("Error initializing openss EVP context\n");
212 return false;
213 }
214 if (EVP_PKEY_type(pkey->type) != EVP_PKEY_RSA) {
215 printf("Exported key was the wrong type?!?\n");
216 return false;
217 }
218
219 EVP_PKEY_CTX_set_rsa_padding(ctx.get(), RSA_NO_PADDING);
220 if (EVP_PKEY_verify(ctx.get(), signature, signature_len, message.get(), message_len) != 1) {
221 printf("Verification with exported pubkey failed.\n");
222 return false;
223 } else {
224 printf("Verification succeeded\n");
225 }
226
227 printf("\n");
228 return true;
229}
230
231static bool test_import_ecdsa(TrustyKeymasterDevice* device) {
232 printf("=====================\n");
233 printf("= ECDSA Import Test =\n");
234 printf("=====================\n\n");
235
236 printf("=== Importing ECDSA keypair === \n");
237 uint8_t* key;
238 size_t size;
239 int error = device->import_keypair(ec_privkey_pk8_der, ec_privkey_pk8_der_len, &key, &size);
240 if (error != KM_ERROR_OK) {
241 printf("Error importing key pair: %d\n\n", error);
242 return false;
243 }
244 UniquePtr<uint8_t[]> deleter(key);
245
246 printf("=== Signing with imported ECDSA key ===\n");
247 keymaster_ec_sign_params_t sign_params = {DIGEST_NONE};
248 size_t message_len = 30 /* arbitrary */;
249 UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
250 memset(message.get(), 'a', message_len);
251 uint8_t* signature;
252 size_t signature_len;
253 error = device->sign_data(&sign_params, key, size, message.get(), message_len, &signature,
254 &signature_len);
255 if (error != KM_ERROR_OK) {
256 printf("Error signing data with imported ECDSA key: %d\n\n", error);
257 return false;
258 }
259 UniquePtr<uint8_t[]> signature_deleter(signature);
260
261 printf("=== Verifying with imported ECDSA key === \n");
262 error = device->verify_data(&sign_params, key, size, message.get(), message_len, signature,
263 signature_len);
264 if (error != KM_ERROR_OK) {
265 printf("Error verifying data with imported ECDSA key: %d\n\n", error);
266 return false;
267 }
268
269 printf("\n");
270 return true;
271}
272
273static bool test_ecdsa(TrustyKeymasterDevice* device) {
274 printf("==============\n");
275 printf("= ECDSA Test =\n");
276 printf("==============\n\n");
277
278 printf("=== Generating ECDSA key pair ===\n");
279 keymaster_ec_keygen_params_t params;
280 params.field_size = 521;
281 uint8_t* key;
282 size_t size;
283 int error = device->generate_keypair(TYPE_EC, &params, &key, &size);
284 if (error != 0) {
285 printf("Error generating ECDSA key pair: %d\n\n", error);
286 return false;
287 }
288 UniquePtr<uint8_t[]> deleter(key);
289
290 printf("=== Signing with ECDSA key === \n");
291 keymaster_ec_sign_params_t sign_params = {DIGEST_NONE};
292 size_t message_len = 30 /* arbitrary */;
293 UniquePtr<uint8_t[]> message(new uint8_t[message_len]);
294 memset(message.get(), 'a', message_len);
295 uint8_t* signature;
296 size_t signature_len;
297 error = device->sign_data(&sign_params, key, size, message.get(), message_len, &signature,
298 &signature_len);
299 if (error != KM_ERROR_OK) {
300 printf("Error signing data with ECDSA key: %d\n\n", error);
301 return false;
302 }
303 UniquePtr<uint8_t[]> signature_deleter(signature);
304
305 printf("=== Verifying with ECDSA key === \n");
306 error = device->verify_data(&sign_params, key, size, message.get(), message_len, signature,
307 signature_len);
308 if (error != KM_ERROR_OK) {
309 printf("Error verifying data with ECDSA key: %d\n\n", error);
310 return false;
311 }
312
313 printf("=== Exporting ECDSA public key ===\n");
314 uint8_t* exported_key;
315 size_t exported_size;
316 error = device->get_keypair_public(key, size, &exported_key, &exported_size);
317 if (error != KM_ERROR_OK) {
318 printf("Error exporting ECDSA public key: %d\n\n", error);
319 return false;
320 }
321
322 printf("=== Verifying with exported key ===\n");
323 const uint8_t* tmp = exported_key;
324 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(d2i_PUBKEY(NULL, &tmp, exported_size));
325 UniquePtr<EVP_PKEY_CTX, EVP_PKEY_CTX_Delete> ctx(EVP_PKEY_CTX_new(pkey.get(), NULL));
326 if (EVP_PKEY_verify_init(ctx.get()) != 1) {
327 printf("Error initializing openss EVP context\n");
328 return false;
329 }
330 if (EVP_PKEY_type(pkey->type) != EVP_PKEY_EC) {
331 printf("Exported key was the wrong type?!?\n");
332 return false;
333 }
334
335 if (EVP_PKEY_verify(ctx.get(), signature, signature_len, message.get(), message_len) != 1) {
336 printf("Verification with exported pubkey failed.\n");
337 return false;
338 } else {
339 printf("Verification succeeded\n");
340 }
341
342 printf("\n");
343 return true;
344}
345
346int main(void) {
347
348 TrustyKeymasterDevice device(NULL);
349 if (device.session_error() != KM_ERROR_OK) {
350 printf("Failed to initialize Trusty session: %d\n", device.session_error());
351 return 1;
352 }
353 printf("Trusty session initialized\n");
354
355 bool success = true;
356 success &= test_rsa(&device);
357 success &= test_import_rsa(&device);
358 success &= test_ecdsa(&device);
359 success &= test_import_ecdsa(&device);
360
361 if (success) {
362 printf("\nTESTS PASSED!\n");
363 } else {
364 printf("\n!!!!TESTS FAILED!!!\n");
365 }
366
367 return success ? 0 : 1;
368}
generated by cgit v1.2.3 (git 2.39.2)