Gitiles
Code Review Sign In
gerrit.openfyde.cn / android.googlesource.com / platform / system / keymaster / de4ffa99837df492faca1ded33b14446c4a5c9be / . / rsa_key.cpp
blob: 7518617fb5b185c56300a8b0a32216caec5ca6e2 [file] [log] [blame]
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]1/*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]17#include "rsa_key.h"
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame]18
19#include "openssl_err.h"
20#include "openssl_utils.h"
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]21#include "rsa_operation.h"
22#include "unencrypted_key_blob.h"
23
24namespace keymaster {
25
Shawn Willdena278f612014-12-23 11:22:21 -0700[diff] [blame]26static KeyFactoryRegistry::Registration<RsaKeyFactory> registration;
27
Shawn Willden13011cc2015-03-04 09:41:54 -0700[diff] [blame]28Key* RsaKeyFactory::LoadKey(const UnencryptedKeyBlob& blob, keymaster_error_t* error) {
29 return new RsaKey(blob, error);
30}
31
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame]32Key* RsaKeyFactory::GenerateKey(const AuthorizationSet& key_description, keymaster_error_t* error) {
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]33 if (!error)
34 return NULL;
35
36 AuthorizationSet authorizations(key_description);
37
Shawn Willden3b4e1652015-02-27 13:33:01 -0700[diff] [blame]38 uint64_t public_exponent;
39 if (!authorizations.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &public_exponent)) {
40 LOG_E("%s", "No public exponent specified for RSA key generation");
41 *error = KM_ERROR_INVALID_ARGUMENT;
42 return NULL;
43 }
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]44
Shawn Willden3b4e1652015-02-27 13:33:01 -0700[diff] [blame]45 uint32_t key_size;
46 if (!authorizations.GetTagValue(TAG_KEY_SIZE, &key_size)) {
47 LOG_E("%s", "No key size specified for RSA key generation");
48 *error = KM_ERROR_UNSUPPORTED_KEY_SIZE;
49 return NULL;
50 }
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]51
52 UniquePtr<BIGNUM, BIGNUM_Delete> exponent(BN_new());
Shawn Willdena278f612014-12-23 11:22:21 -0700[diff] [blame]53 UniquePtr<RSA, RsaKey::RSA_Delete> rsa_key(RSA_new());
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]54 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKEY_new());
Shawn Willden3b4e1652015-02-27 13:33:01 -0700[diff] [blame]55 if (exponent.get() == NULL || rsa_key.get() == NULL || pkey.get() == NULL) {
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]56 *error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
57 return NULL;
58 }
59
60 if (!BN_set_word(exponent.get(), public_exponent) ||
61 !RSA_generate_key_ex(rsa_key.get(), key_size, exponent.get(), NULL /* callback */)) {
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame]62 *error = TranslateLastOpenSslError();
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]63 return NULL;
64 }
65
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame]66 RsaKey* new_key = new RsaKey(rsa_key.release(), authorizations);
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]67 *error = new_key ? KM_ERROR_OK : KM_ERROR_MEMORY_ALLOCATION_FAILED;
68 return new_key;
69}
70
Shawn Willdena278f612014-12-23 11:22:21 -0700[diff] [blame]71Key* RsaKeyFactory::ImportKey(const AuthorizationSet& key_description,
72 keymaster_key_format_t key_format, const uint8_t* key_data,
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame]73 size_t key_data_length, keymaster_error_t* error) {
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]74 if (!error)
75 return NULL;
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]76
Shawn Willdena278f612014-12-23 11:22:21 -0700[diff] [blame]77 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(
78 ExtractEvpKey(key_format, KM_ALGORITHM_RSA, key_data, key_data_length, error));
79 if (*error != KM_ERROR_OK)
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]80 return NULL;
Shawn Willdena278f612014-12-23 11:22:21 -0700[diff] [blame]81 assert(pkey.get());
82
83 UniquePtr<RSA, RsaKey::RSA_Delete> rsa_key(EVP_PKEY_get1_RSA(pkey.get()));
84 if (!rsa_key.get()) {
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame]85 *error = TranslateLastOpenSslError();
Shawn Willdena278f612014-12-23 11:22:21 -0700[diff] [blame]86 return NULL;
87 }
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]88
89 AuthorizationSet authorizations(key_description);
90
91 uint64_t public_exponent;
92 if (authorizations.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &public_exponent)) {
93 // public_exponent specified, make sure it matches the key
94 UniquePtr<BIGNUM, BIGNUM_Delete> public_exponent_bn(BN_new());
95 if (!BN_set_word(public_exponent_bn.get(), public_exponent))
96 return NULL;
97 if (BN_cmp(public_exponent_bn.get(), rsa_key->e) != 0) {
98 *error = KM_ERROR_IMPORT_PARAMETER_MISMATCH;
99 return NULL;
100 }
101 } else {
102 // public_exponent not specified, use the one from the key.
103 public_exponent = BN_get_word(rsa_key->e);
104 if (public_exponent == 0xffffffffL) {
105 *error = KM_ERROR_IMPORT_PARAMETER_MISMATCH;
106 return NULL;
107 }
108 authorizations.push_back(TAG_RSA_PUBLIC_EXPONENT, public_exponent);
109 }
110
111 uint32_t key_size;
112 if (authorizations.GetTagValue(TAG_KEY_SIZE, &key_size)) {
113 // key_size specified, make sure it matches the key.
Shawn Willdende4ffa92015-05-05 07:15:24 -0600[diff] [blame^]114 if (RSA_size(rsa_key.get()) * 8 != key_size) {
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]115 *error = KM_ERROR_IMPORT_PARAMETER_MISMATCH;
116 return NULL;
117 }
118 } else {
119 key_size = RSA_size(rsa_key.get()) * 8;
120 authorizations.push_back(TAG_KEY_SIZE, key_size);
121 }
122
123 keymaster_algorithm_t algorithm;
124 if (authorizations.GetTagValue(TAG_ALGORITHM, &algorithm)) {
125 if (algorithm != KM_ALGORITHM_RSA) {
126 *error = KM_ERROR_IMPORT_PARAMETER_MISMATCH;
127 return NULL;
128 }
129 } else {
130 authorizations.push_back(TAG_ALGORITHM, KM_ALGORITHM_RSA);
131 }
132
133 // Don't bother with the other parameters. If the necessary padding, digest, purpose, etc. are
134 // missing, the error will be diagnosed when the key is used (when auth checking is
135 // implemented).
136 *error = KM_ERROR_OK;
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame]137 return new RsaKey(rsa_key.release(), authorizations);
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]138}
139
Shawn Willden5fad7852015-01-26 16:10:56 -0700[diff] [blame]140Key* RsaKeyFactory::RescopeKey(const UnencryptedKeyBlob& blob,
141 const AuthorizationSet& new_authorizations,
142 keymaster_error_t* error) {
143 if (!error)
144 return NULL;
145
146 RsaKey original_key(blob, error);
147 if (*error != KM_ERROR_OK)
148 return NULL;
149
150 RsaKey* new_key = new RsaKey(original_key.rsa_key_.release(), new_authorizations);
151 *error = new_key ? KM_ERROR_OK : KM_ERROR_MEMORY_ALLOCATION_FAILED;
152 return new_key;
153}
154
Shawn Willden567a4a02014-12-31 12:14:46 -0700[diff] [blame]155RsaKey::RsaKey(const UnencryptedKeyBlob& blob, keymaster_error_t* error) : AsymmetricKey(blob) {
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]156 if (error)
157 *error = LoadKey(blob);
158}
159
Shawn Willden63ac0432014-12-29 14:07:08 -0700[diff] [blame]160RSA* RsaKey::key() const {
161 return rsa_key_.get();
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]162}
163
164bool RsaKey::EvpToInternal(const EVP_PKEY* pkey) {
165 rsa_key_.reset(EVP_PKEY_get1_RSA(const_cast<EVP_PKEY*>(pkey)));
166 return rsa_key_.get() != NULL;
167}
168
169bool RsaKey::InternalToEvp(EVP_PKEY* pkey) const {
170 return EVP_PKEY_set1_RSA(pkey, rsa_key_.get()) == 1;
171}
172
Shawn Willden4200f212014-12-02 07:01:21 -0700[diff] [blame]173bool RsaKey::SupportedMode(keymaster_purpose_t purpose, keymaster_padding_t padding) {
174 switch (purpose) {
175 case KM_PURPOSE_SIGN:
176 case KM_PURPOSE_VERIFY:
Shawn Willdenf90f2352014-12-18 23:01:15 -0700[diff] [blame]177 return padding == KM_PAD_NONE || padding == KM_PAD_RSA_PSS ||
178 padding == KM_PAD_RSA_PKCS1_1_5_SIGN;
Shawn Willden4200f212014-12-02 07:01:21 -0700[diff] [blame]179 break;
180 case KM_PURPOSE_ENCRYPT:
181 case KM_PURPOSE_DECRYPT:
182 return padding == KM_PAD_RSA_OAEP || padding == KM_PAD_RSA_PKCS1_1_5_ENCRYPT;
183 break;
184 };
185 return false;
186}
187
188bool RsaKey::SupportedMode(keymaster_purpose_t purpose, keymaster_digest_t digest) {
189 switch (purpose) {
190 case KM_PURPOSE_SIGN:
191 case KM_PURPOSE_VERIFY:
Shawn Willden61902362014-12-18 10:33:24 -0700[diff] [blame]192 return digest == KM_DIGEST_NONE || digest == KM_DIGEST_SHA_2_256;
Shawn Willden4200f212014-12-02 07:01:21 -0700[diff] [blame]193 break;
194 case KM_PURPOSE_ENCRYPT:
195 case KM_PURPOSE_DECRYPT:
196 /* Don't care */
197 break;
198 };
199 return true;
200}
201
Shawn Willden2c8dd3e2014-09-18 15:16:31 -0600[diff] [blame]202} // namespace keymaster