Gitiles
Code Review Sign In
gerrit.openfyde.cn / android.googlesource.com / platform / system / keymaster / 13fbe3e93247943c26e7ca2ed27b6d650282b8bf / . / rsa_key.cpp
blob: 5150588f8815c90cd1cafa8e8bddf3b626be6c97 [file] [log] [blame]
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]1/*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]17#include "rsa_key.h"
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame]18
19#include "openssl_err.h"
20#include "openssl_utils.h"
Shawn Willden13fbe3e2015-05-23 03:36:30 +0000[diff] [blame^]21#include "rsa_operation.h"
22#include "unencrypted_key_blob.h"
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]23
Shawn Willdend79791b2015-05-09 12:48:36 +0000[diff] [blame]24#if defined(OPENSSL_IS_BORINGSSL)
25typedef size_t openssl_size_t;
26#else
27typedef int openssl_size_t;
28#endif
29
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]30namespace keymaster {
31
Shawn Willden13fbe3e2015-05-23 03:36:30 +0000[diff] [blame^]32Key* RsaKeyFactory::LoadKey(const UnencryptedKeyBlob& blob, keymaster_error_t* error) {
33 return new RsaKey(blob, error);
34}
35
36Key* RsaKeyFactory::GenerateKey(const AuthorizationSet& key_description, keymaster_error_t* error) {
37 if (!error)
38 return NULL;
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]39
40 AuthorizationSet authorizations(key_description);
41
Shawn Willden3b4e1652015-02-27 13:33:01 -0700[diff] [blame]42 uint64_t public_exponent;
43 if (!authorizations.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &public_exponent)) {
44 LOG_E("%s", "No public exponent specified for RSA key generation");
Shawn Willden13fbe3e2015-05-23 03:36:30 +0000[diff] [blame^]45 *error = KM_ERROR_INVALID_ARGUMENT;
46 return NULL;
Shawn Willden3b4e1652015-02-27 13:33:01 -0700[diff] [blame]47 }
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]48
Shawn Willden3b4e1652015-02-27 13:33:01 -0700[diff] [blame]49 uint32_t key_size;
50 if (!authorizations.GetTagValue(TAG_KEY_SIZE, &key_size)) {
51 LOG_E("%s", "No key size specified for RSA key generation");
Shawn Willden13fbe3e2015-05-23 03:36:30 +0000[diff] [blame^]52 *error = KM_ERROR_UNSUPPORTED_KEY_SIZE;
53 return NULL;
Shawn Willden3b4e1652015-02-27 13:33:01 -0700[diff] [blame]54 }
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]55
56 UniquePtr<BIGNUM, BIGNUM_Delete> exponent(BN_new());
Shawn Willdena278f612014-12-23 11:22:21 -0700[diff] [blame]57 UniquePtr<RSA, RsaKey::RSA_Delete> rsa_key(RSA_new());
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]58 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKEY_new());
Shawn Willden13fbe3e2015-05-23 03:36:30 +0000[diff] [blame^]59 if (exponent.get() == NULL || rsa_key.get() == NULL || pkey.get() == NULL) {
60 *error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
61 return NULL;
62 }
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]63
64 if (!BN_set_word(exponent.get(), public_exponent) ||
Shawn Willden13fbe3e2015-05-23 03:36:30 +0000[diff] [blame^]65 !RSA_generate_key_ex(rsa_key.get(), key_size, exponent.get(), NULL /* callback */)) {
66 *error = TranslateLastOpenSslError();
67 return NULL;
68 }
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]69
Shawn Willden13fbe3e2015-05-23 03:36:30 +0000[diff] [blame^]70 RsaKey* new_key = new RsaKey(rsa_key.release(), authorizations);
71 *error = new_key ? KM_ERROR_OK : KM_ERROR_MEMORY_ALLOCATION_FAILED;
72 return new_key;
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]73}
74
Shawn Willden13fbe3e2015-05-23 03:36:30 +0000[diff] [blame^]75Key* RsaKeyFactory::ImportKey(const AuthorizationSet& key_description,
76 keymaster_key_format_t key_format, const uint8_t* key_data,
77 size_t key_data_length, keymaster_error_t* error) {
78 if (!error)
79 return NULL;
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]80
Shawn Willden13fbe3e2015-05-23 03:36:30 +0000[diff] [blame^]81 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(
82 ExtractEvpKey(key_format, KM_ALGORITHM_RSA, key_data, key_data_length, error));
83 if (*error != KM_ERROR_OK)
84 return NULL;
85 assert(pkey.get());
Shawn Willdena278f612014-12-23 11:22:21 -0700[diff] [blame]86
87 UniquePtr<RSA, RsaKey::RSA_Delete> rsa_key(EVP_PKEY_get1_RSA(pkey.get()));
Shawn Willden13fbe3e2015-05-23 03:36:30 +0000[diff] [blame^]88 if (!rsa_key.get()) {
89 *error = TranslateLastOpenSslError();
90 return NULL;
91 }
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]92
93 AuthorizationSet authorizations(key_description);
94
95 uint64_t public_exponent;
96 if (authorizations.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &public_exponent)) {
97 // public_exponent specified, make sure it matches the key
98 UniquePtr<BIGNUM, BIGNUM_Delete> public_exponent_bn(BN_new());
99 if (!BN_set_word(public_exponent_bn.get(), public_exponent))
Shawn Willden13fbe3e2015-05-23 03:36:30 +0000[diff] [blame^]100 return NULL;
101 if (BN_cmp(public_exponent_bn.get(), rsa_key->e) != 0) {
102 *error = KM_ERROR_IMPORT_PARAMETER_MISMATCH;
103 return NULL;
104 }
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]105 } else {
106 // public_exponent not specified, use the one from the key.
107 public_exponent = BN_get_word(rsa_key->e);
Shawn Willden13fbe3e2015-05-23 03:36:30 +0000[diff] [blame^]108 if (public_exponent == 0xffffffffL) {
109 *error = KM_ERROR_IMPORT_PARAMETER_MISMATCH;
110 return NULL;
111 }
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]112 authorizations.push_back(TAG_RSA_PUBLIC_EXPONENT, public_exponent);
113 }
114
115 uint32_t key_size;
116 if (authorizations.GetTagValue(TAG_KEY_SIZE, &key_size)) {
117 // key_size specified, make sure it matches the key.
Shawn Willden13fbe3e2015-05-23 03:36:30 +0000[diff] [blame^]118 if (RSA_size(rsa_key.get()) * 8 != (openssl_size_t)key_size) {
119 *error = KM_ERROR_IMPORT_PARAMETER_MISMATCH;
120 return NULL;
121 }
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]122 } else {
123 key_size = RSA_size(rsa_key.get()) * 8;
124 authorizations.push_back(TAG_KEY_SIZE, key_size);
125 }
126
127 keymaster_algorithm_t algorithm;
128 if (authorizations.GetTagValue(TAG_ALGORITHM, &algorithm)) {
Shawn Willden13fbe3e2015-05-23 03:36:30 +0000[diff] [blame^]129 if (algorithm != KM_ALGORITHM_RSA) {
130 *error = KM_ERROR_IMPORT_PARAMETER_MISMATCH;
131 return NULL;
132 }
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]133 } else {
134 authorizations.push_back(TAG_ALGORITHM, KM_ALGORITHM_RSA);
135 }
136
Shawn Willden13fbe3e2015-05-23 03:36:30 +0000[diff] [blame^]137 // Don't bother with the other parameters. If the necessary padding, digest, purpose, etc. are
138 // missing, the error will be diagnosed when the key is used (when auth checking is
139 // implemented).
140 *error = KM_ERROR_OK;
141 return new RsaKey(rsa_key.release(), authorizations);
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]142}
143
Shawn Willden13fbe3e2015-05-23 03:36:30 +0000[diff] [blame^]144RsaKey::RsaKey(const UnencryptedKeyBlob& blob, keymaster_error_t* error) : AsymmetricKey(blob) {
145 if (error)
146 *error = LoadKey(blob);
147}
148
149RSA* RsaKey::key() const {
150 return rsa_key_.get();
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]151}
152
153bool RsaKey::EvpToInternal(const EVP_PKEY* pkey) {
154 rsa_key_.reset(EVP_PKEY_get1_RSA(const_cast<EVP_PKEY*>(pkey)));
155 return rsa_key_.get() != NULL;
156}
157
158bool RsaKey::InternalToEvp(EVP_PKEY* pkey) const {
159 return EVP_PKEY_set1_RSA(pkey, rsa_key_.get()) == 1;
160}
161
Shawn Willden4200f212014-12-02 07:01:21 -0700[diff] [blame]162bool RsaKey::SupportedMode(keymaster_purpose_t purpose, keymaster_padding_t padding) {
163 switch (purpose) {
164 case KM_PURPOSE_SIGN:
165 case KM_PURPOSE_VERIFY:
Shawn Willdenf90f2352014-12-18 23:01:15 -0700[diff] [blame]166 return padding == KM_PAD_NONE || padding == KM_PAD_RSA_PSS ||
167 padding == KM_PAD_RSA_PKCS1_1_5_SIGN;
Shawn Willden4200f212014-12-02 07:01:21 -0700[diff] [blame]168 break;
169 case KM_PURPOSE_ENCRYPT:
170 case KM_PURPOSE_DECRYPT:
171 return padding == KM_PAD_RSA_OAEP || padding == KM_PAD_RSA_PKCS1_1_5_ENCRYPT;
172 break;
173 };
174 return false;
175}
176
177bool RsaKey::SupportedMode(keymaster_purpose_t purpose, keymaster_digest_t digest) {
178 switch (purpose) {
179 case KM_PURPOSE_SIGN:
180 case KM_PURPOSE_VERIFY:
Shawn Willden61902362014-12-18 10:33:24 -0700[diff] [blame]181 return digest == KM_DIGEST_NONE || digest == KM_DIGEST_SHA_2_256;
Shawn Willden4200f212014-12-02 07:01:21 -0700[diff] [blame]182 break;
183 case KM_PURPOSE_ENCRYPT:
184 case KM_PURPOSE_DECRYPT:
185 /* Don't care */
186 break;
187 };
188 return true;
189}
190
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]191} // namespace keymaster