Gitiles
Code Review Sign In
gerrit.openfyde.cn / android.googlesource.com / platform / system / keymaster / 834d4130bab134a83b52bc66e25c3a57b202e0e2 / . / rsa_key.cpp
blob: c904c196592d510021d7ed7562c51463a6dc6e0f [file] [log] [blame]
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]1/*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include "openssl_utils.h"
18#include "rsa_key.h"
19#include "rsa_operation.h"
20#include "unencrypted_key_blob.h"
21
22namespace keymaster {
23
24const uint32_t RSA_DEFAULT_KEY_SIZE = 2048;
25const uint64_t RSA_DEFAULT_EXPONENT = 65537;
26
27/* static */
28RsaKey* RsaKey::GenerateKey(const AuthorizationSet& key_description, const Logger& logger,
29 keymaster_error_t* error) {
30 if (!error)
31 return NULL;
32
33 AuthorizationSet authorizations(key_description);
34
35 uint64_t public_exponent = RSA_DEFAULT_EXPONENT;
36 if (!authorizations.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &public_exponent))
37 authorizations.push_back(Authorization(TAG_RSA_PUBLIC_EXPONENT, public_exponent));
38
39 uint32_t key_size = RSA_DEFAULT_KEY_SIZE;
40 if (!authorizations.GetTagValue(TAG_KEY_SIZE, &key_size))
41 authorizations.push_back(Authorization(TAG_KEY_SIZE, key_size));
42
43 UniquePtr<BIGNUM, BIGNUM_Delete> exponent(BN_new());
44 UniquePtr<RSA, RSA_Delete> rsa_key(RSA_new());
45 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKEY_new());
46 if (rsa_key.get() == NULL || pkey.get() == NULL) {
47 *error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
48 return NULL;
49 }
50
51 if (!BN_set_word(exponent.get(), public_exponent) ||
52 !RSA_generate_key_ex(rsa_key.get(), key_size, exponent.get(), NULL /* callback */)) {
53 *error = KM_ERROR_UNKNOWN_ERROR;
54 return NULL;
55 }
56
57 RsaKey* new_key = new RsaKey(rsa_key.release(), authorizations, logger);
58 *error = new_key ? KM_ERROR_OK : KM_ERROR_MEMORY_ALLOCATION_FAILED;
59 return new_key;
60}
61
62/* static */
63RsaKey* RsaKey::ImportKey(const AuthorizationSet& key_description, EVP_PKEY* pkey,
64 const Logger& logger, keymaster_error_t* error) {
65 if (!error)
66 return NULL;
67 *error = KM_ERROR_UNKNOWN_ERROR;
68
69 UniquePtr<RSA, RSA_Delete> rsa_key(EVP_PKEY_get1_RSA(pkey));
70 if (!rsa_key.get())
71 return NULL;
72
73 AuthorizationSet authorizations(key_description);
74
75 uint64_t public_exponent;
76 if (authorizations.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &public_exponent)) {
77 // public_exponent specified, make sure it matches the key
78 UniquePtr<BIGNUM, BIGNUM_Delete> public_exponent_bn(BN_new());
79 if (!BN_set_word(public_exponent_bn.get(), public_exponent))
80 return NULL;
81 if (BN_cmp(public_exponent_bn.get(), rsa_key->e) != 0) {
82 *error = KM_ERROR_IMPORT_PARAMETER_MISMATCH;
83 return NULL;
84 }
85 } else {
86 // public_exponent not specified, use the one from the key.
87 public_exponent = BN_get_word(rsa_key->e);
88 if (public_exponent == 0xffffffffL) {
89 *error = KM_ERROR_IMPORT_PARAMETER_MISMATCH;
90 return NULL;
91 }
92 authorizations.push_back(TAG_RSA_PUBLIC_EXPONENT, public_exponent);
93 }
94
95 uint32_t key_size;
96 if (authorizations.GetTagValue(TAG_KEY_SIZE, &key_size)) {
97 // key_size specified, make sure it matches the key.
98 if (RSA_size(rsa_key.get()) != (int)key_size) {
99 *error = KM_ERROR_IMPORT_PARAMETER_MISMATCH;
100 return NULL;
101 }
102 } else {
103 key_size = RSA_size(rsa_key.get()) * 8;
104 authorizations.push_back(TAG_KEY_SIZE, key_size);
105 }
106
107 keymaster_algorithm_t algorithm;
108 if (authorizations.GetTagValue(TAG_ALGORITHM, &algorithm)) {
109 if (algorithm != KM_ALGORITHM_RSA) {
110 *error = KM_ERROR_IMPORT_PARAMETER_MISMATCH;
111 return NULL;
112 }
113 } else {
114 authorizations.push_back(TAG_ALGORITHM, KM_ALGORITHM_RSA);
115 }
116
117 // Don't bother with the other parameters. If the necessary padding, digest, purpose, etc. are
118 // missing, the error will be diagnosed when the key is used (when auth checking is
119 // implemented).
120 *error = KM_ERROR_OK;
121 return new RsaKey(rsa_key.release(), authorizations, logger);
122}
123
124RsaKey::RsaKey(const UnencryptedKeyBlob& blob, const Logger& logger, keymaster_error_t* error)
125 : AsymmetricKey(blob, logger) {
126 if (error)
127 *error = LoadKey(blob);
128}
129
Shawn Willden96599212014-09-26 12:07:44 -0600[diff] [blame]130Operation* RsaKey::CreateOperation(keymaster_purpose_t purpose, keymaster_error_t* error) {
Shawn Willden4200f212014-12-02 07:01:21 -0700[diff] [blame]131 *error = KM_ERROR_OK;
132
133 keymaster_padding_t padding = static_cast<keymaster_padding_t>(-1);
134 authorizations().GetTagValue(TAG_PADDING, &padding);
135 if (!SupportedMode(purpose, padding)) {
Shawn Willden96599212014-09-26 12:07:44 -0600[diff] [blame]136 *error = KM_ERROR_UNSUPPORTED_PADDING_MODE;
137 return NULL;
138 }
139
Shawn Willden4200f212014-12-02 07:01:21 -0700[diff] [blame]140 keymaster_digest_t digest = static_cast<keymaster_digest_t>(-1);
141 authorizations().GetTagValue(TAG_DIGEST, &digest);
142 if (!SupportedMode(purpose, digest)) {
143 *error = KM_ERROR_UNSUPPORTED_DIGEST;
Shawn Willden46a420d2014-12-02 07:01:21 -0700[diff] [blame]144 return NULL;
145 }
Shawn Willden4200f212014-12-02 07:01:21 -0700[diff] [blame]146
147 Operation* op = NULL;
148 switch (purpose) {
149 case KM_PURPOSE_SIGN:
150 op = new RsaSignOperation(logger_, digest, padding, rsa_key_.release());
151 break;
152 case KM_PURPOSE_VERIFY:
153 op = new RsaVerifyOperation(logger_, digest, padding, rsa_key_.release());
154 break;
155 case KM_PURPOSE_ENCRYPT:
156 op = new RsaEncryptOperation(logger_, padding, rsa_key_.release());
157 break;
158 case KM_PURPOSE_DECRYPT:
159 op = new RsaDecryptOperation(logger_, padding, rsa_key_.release());
160 break;
161 default:
162 *error = KM_ERROR_UNSUPPORTED_PURPOSE;
163 return NULL;
164 }
165
166 if (!op)
167 *error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
168
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]169 return op;
170}
171
172bool RsaKey::EvpToInternal(const EVP_PKEY* pkey) {
173 rsa_key_.reset(EVP_PKEY_get1_RSA(const_cast<EVP_PKEY*>(pkey)));
174 return rsa_key_.get() != NULL;
175}
176
177bool RsaKey::InternalToEvp(EVP_PKEY* pkey) const {
178 return EVP_PKEY_set1_RSA(pkey, rsa_key_.get()) == 1;
179}
180
Shawn Willden4200f212014-12-02 07:01:21 -0700[diff] [blame]181bool RsaKey::SupportedMode(keymaster_purpose_t purpose, keymaster_padding_t padding) {
182 switch (purpose) {
183 case KM_PURPOSE_SIGN:
184 case KM_PURPOSE_VERIFY:
185 return padding == KM_PAD_NONE;
186 break;
187 case KM_PURPOSE_ENCRYPT:
188 case KM_PURPOSE_DECRYPT:
189 return padding == KM_PAD_RSA_OAEP || padding == KM_PAD_RSA_PKCS1_1_5_ENCRYPT;
190 break;
191 };
192 return false;
193}
194
195bool RsaKey::SupportedMode(keymaster_purpose_t purpose, keymaster_digest_t digest) {
196 switch (purpose) {
197 case KM_PURPOSE_SIGN:
198 case KM_PURPOSE_VERIFY:
199 return digest == KM_DIGEST_NONE;
200 break;
201 case KM_PURPOSE_ENCRYPT:
202 case KM_PURPOSE_DECRYPT:
203 /* Don't care */
204 break;
205 };
206 return true;
207}
208
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]209} // namespace keymaster