| // |
| // Copyright (C) 2020 The Android Open Source Project |
| // |
| // Licensed under the Apache License, Version 2.0 (the "License"); |
| // you may not use this file except in compliance with the License. |
| // You may obtain a copy of the License at |
| // |
| // http://www.apache.org/licenses/LICENSE-2.0 |
| // |
| // Unless required by applicable law or agreed to in writing, software |
| // distributed under the License is distributed on an "AS IS" BASIS, |
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| // See the License for the specific language governing permissions and |
| // limitations under the License. |
| |
| #include "encrypted_serializable.h" |
| |
| #include <vector> |
| |
| #include <android-base/logging.h> |
| |
| #include "host/commands/secure_env/tpm_auth.h" |
| #include "host/commands/secure_env/tpm_encrypt_decrypt.h" |
| #include "host/commands/secure_env/tpm_serialize.h" |
| |
| EncryptedSerializable::EncryptedSerializable( |
| TpmResourceManager& resource_manager, |
| std::function<TpmObjectSlot(TpmResourceManager&)> parent_key_fn, |
| Serializable& wrapped) : |
| resource_manager_(resource_manager), |
| parent_key_fn_(parent_key_fn), |
| wrapped_(wrapped) { |
| } |
| |
| static bool CreateKey( |
| TpmResourceManager& resource_manager, // in |
| ESYS_TR parent_key, // in |
| TPM2B_PUBLIC* key_public_out, // out |
| TPM2B_PRIVATE* key_private_out, // out |
| TpmObjectSlot* key_slot_out) { // out |
| TPM2B_AUTH authValue = {}; |
| auto rc = Esys_TR_SetAuth(resource_manager.Esys(), parent_key, &authValue); |
| if (rc != TSS2_RC_SUCCESS) { |
| LOG(ERROR) << "Esys_TR_SetAuth failed with return code " << rc |
| << " (" << Tss2_RC_Decode(rc) << ")"; |
| return false; |
| } |
| |
| TPMT_PUBLIC public_area = { |
| .type = TPM2_ALG_SYMCIPHER, |
| .nameAlg = TPM2_ALG_SHA256, |
| .objectAttributes = (TPMA_OBJECT_USERWITHAUTH | |
| TPMA_OBJECT_DECRYPT | |
| TPMA_OBJECT_SIGN_ENCRYPT | |
| TPMA_OBJECT_FIXEDTPM | |
| TPMA_OBJECT_FIXEDPARENT | |
| TPMA_OBJECT_SENSITIVEDATAORIGIN), |
| .authPolicy.size = 0, |
| .parameters.symDetail.sym = { |
| .algorithm = TPM2_ALG_AES, |
| .keyBits.aes = 128, // The default maximum AES key size in the simulator. |
| .mode.aes = TPM2_ALG_CFB, |
| }, |
| }; |
| |
| TPM2B_TEMPLATE public_template = {}; |
| size_t offset = 0; |
| rc = Tss2_MU_TPMT_PUBLIC_Marshal(&public_area, &public_template.buffer[0], |
| sizeof(public_template.buffer), &offset); |
| if (rc != TSS2_RC_SUCCESS) { |
| LOG(ERROR) << "Tss2_MU_TPMT_PUBLIC_Marshal failed with return code " << rc |
| << " (" << Tss2_RC_Decode(rc) << ")"; |
| return false; |
| } |
| public_template.size = offset; |
| |
| TPM2B_SENSITIVE_CREATE in_sensitive = {}; |
| |
| auto key_slot = resource_manager.ReserveSlot(); |
| if (!key_slot) { |
| LOG(ERROR) << "No slots available"; |
| return false; |
| } |
| ESYS_TR raw_handle; |
| // TODO(b/154956668): Define better ACLs on these keys. |
| TPM2B_PUBLIC* key_public = nullptr; |
| TPM2B_PRIVATE* key_private = nullptr; |
| // TODO(schuffelen): Use Esys_Create when key_slot is NULL |
| rc = Esys_CreateLoaded( |
| /* esysContext */ resource_manager.Esys(), |
| /* primaryHandle */ parent_key, |
| /* shandle1 */ ESYS_TR_PASSWORD, |
| /* shandle2 */ ESYS_TR_NONE, |
| /* shandle3 */ ESYS_TR_NONE, |
| /* inSensitive */ &in_sensitive, |
| /* inPublic */ &public_template, |
| /* objectHandle */ &raw_handle, |
| /* outPrivate */ &key_private, |
| /* outPublic */ &key_public); |
| if (rc != TSS2_RC_SUCCESS) { |
| LOG(ERROR) << "Esys_CreateLoaded failed with return code " << rc |
| << " (" << Tss2_RC_Decode(rc) << ")"; |
| return false; |
| } |
| CHECK(key_public != nullptr) << "key_public was not assigned."; |
| CHECK(key_private != nullptr) << "key_private was not assigned."; |
| *key_public_out = *key_public; |
| *key_private_out = *key_private; |
| key_slot->set(raw_handle); |
| Esys_Free(key_public); |
| Esys_Free(key_private); |
| if (key_slot_out) { |
| rc = Esys_TR_SetAuth(resource_manager.Esys(), raw_handle, &authValue); |
| if (rc != TSS2_RC_SUCCESS) { |
| LOG(ERROR) << "Esys_TR_SetAuth failed with return code " << rc |
| << " (" << Tss2_RC_Decode(rc) << ")"; |
| return false; |
| } |
| } |
| if (key_slot_out) { |
| *key_slot_out = key_slot; |
| } |
| return true; |
| } |
| |
| static TpmObjectSlot LoadKey( |
| TpmResourceManager& resource_manager, |
| ESYS_TR parent_key, |
| const TPM2B_PUBLIC* key_public, |
| const TPM2B_PRIVATE* key_private) { |
| // TODO |
| ESYS_TR raw_handle; |
| auto key_slot = resource_manager.ReserveSlot(); |
| if (!key_slot) { |
| LOG(ERROR) << "No slots available"; |
| return {}; |
| } |
| auto rc = Esys_Load( |
| resource_manager.Esys(), |
| parent_key, |
| ESYS_TR_PASSWORD, |
| ESYS_TR_NONE, |
| ESYS_TR_NONE, |
| key_private, |
| key_public, |
| &raw_handle); |
| if (rc != TSS2_RC_SUCCESS) { |
| LOG(ERROR) << "Esys_Load failed with return code " << rc |
| << " (" << Tss2_RC_Decode(rc) << ")"; |
| return {}; |
| } |
| key_slot->set(raw_handle); |
| return key_slot; |
| } |
| |
| static constexpr uint32_t BLOCK_SIZE = 16; |
| |
| static uint32_t RoundUpToBlockSize(uint32_t num) { |
| return num % BLOCK_SIZE == 0 ? num : num + (BLOCK_SIZE - (num % BLOCK_SIZE)); |
| } |
| |
| size_t EncryptedSerializable::SerializedSize() const { |
| TPM2B_PUBLIC key_public; |
| TPM2B_PRIVATE key_private; |
| auto parent = parent_key_fn_(resource_manager_); |
| if (!CreateKey( |
| resource_manager_, parent->get(), &key_public, &key_private, nullptr)) { |
| LOG(ERROR) << "Unable to create key"; |
| return 0; |
| } |
| // Assumes all created keys will have the same size. |
| SerializeTpmKeyPublic serialize_public(&key_public); |
| SerializeTpmKeyPrivate serialize_private(&key_private); |
| auto encrypted_size = RoundUpToBlockSize(wrapped_.SerializedSize()); |
| return serialize_public.SerializedSize() |
| + serialize_private.SerializedSize() |
| + sizeof(uint32_t) |
| + sizeof(uint32_t) |
| + encrypted_size; |
| } |
| |
| uint8_t* EncryptedSerializable::Serialize( |
| uint8_t* buf, const uint8_t* end) const { |
| TPM2B_PUBLIC key_public; |
| TPM2B_PRIVATE key_private; |
| auto parent = parent_key_fn_(resource_manager_); |
| if (!parent) { |
| LOG(ERROR) << "Unable to load encryption parent key"; |
| return buf; |
| } |
| TpmObjectSlot key_slot; |
| if (!CreateKey( |
| resource_manager_, parent->get(), &key_public, &key_private, &key_slot)) { |
| LOG(ERROR) << "Unable to create key"; |
| return buf; |
| } |
| |
| auto wrapped_size = wrapped_.SerializedSize(); |
| auto encrypted_size = RoundUpToBlockSize(wrapped_size); |
| std::vector<uint8_t> unencrypted(encrypted_size + 1, 0); |
| auto unencrypted_buf = unencrypted.data(); |
| auto unencrypted_buf_end = unencrypted_buf + unencrypted.size(); |
| auto next_buf = wrapped_.Serialize(unencrypted_buf, unencrypted_buf_end); |
| if (next_buf - unencrypted_buf != wrapped_size) { |
| LOG(ERROR) << "Size mismatch on wrapped data"; |
| return buf; |
| } |
| std::vector<uint8_t> encrypted(encrypted_size, 0); |
| if (!TpmEncrypt( |
| resource_manager_.Esys(), |
| key_slot->get(), |
| TpmAuth(ESYS_TR_PASSWORD), |
| unencrypted.data(), |
| encrypted.data(), |
| encrypted_size)) { |
| LOG(ERROR) << "Encryption failed"; |
| return buf; |
| } |
| SerializeTpmKeyPublic serialize_public(&key_public); |
| SerializeTpmKeyPrivate serialize_private(&key_private); |
| |
| buf = serialize_public.Serialize(buf, end); |
| buf = serialize_private.Serialize(buf, end); |
| buf = keymaster::append_uint32_to_buf(buf, end, BLOCK_SIZE); |
| buf = keymaster::append_uint32_to_buf(buf, end, wrapped_size); |
| buf = keymaster::append_to_buf(buf, end, encrypted.data(), encrypted_size); |
| return buf; |
| } |
| |
| bool EncryptedSerializable::Deserialize( |
| const uint8_t** buf_ptr, const uint8_t* end) { |
| auto parent_key = parent_key_fn_(resource_manager_); |
| if (!parent_key) { |
| LOG(ERROR) << "Unable to load encryption parent key"; |
| return false; |
| } |
| TPM2B_PUBLIC key_public; |
| SerializeTpmKeyPublic serialize_public(&key_public); |
| if (!serialize_public.Deserialize(buf_ptr, end)) { |
| LOG(ERROR) << "Unable to deserialize key public part"; |
| return false; |
| } |
| TPM2B_PRIVATE key_private; |
| SerializeTpmKeyPrivate serialize_private(&key_private); |
| if (!serialize_private.Deserialize(buf_ptr, end)) { |
| LOG(ERROR) << "Unable to deserialize key private part"; |
| return false; |
| } |
| auto key_slot = |
| LoadKey(resource_manager_, parent_key->get(), &key_public, &key_private); |
| if (!key_slot) { |
| LOG(ERROR) << "Failed to load key into TPM"; |
| return false; |
| } |
| uint32_t block_size = 0; |
| if (!keymaster::copy_uint32_from_buf(buf_ptr, end, &block_size)) { |
| LOG(ERROR) << "Failed to read block size"; |
| return false; |
| } |
| if (block_size != BLOCK_SIZE) { |
| LOG(ERROR) << "Unexpected block size: was " << block_size |
| << ", expected " << BLOCK_SIZE; |
| return false; |
| } |
| uint32_t wrapped_size = 0; |
| if (!keymaster::copy_uint32_from_buf(buf_ptr, end, &wrapped_size)) { |
| LOG(ERROR) << "Failed to read wrapped size"; |
| return false; |
| } |
| uint32_t encrypted_size = RoundUpToBlockSize(wrapped_size); |
| std::vector<uint8_t> encrypted_data(encrypted_size, 0); |
| if (!keymaster::copy_from_buf( |
| buf_ptr, end, encrypted_data.data(), encrypted_size)) { |
| LOG(ERROR) << "Failed to read encrypted data"; |
| return false; |
| } |
| std::vector<uint8_t> decrypted_data(encrypted_size, 0); |
| if (!TpmDecrypt( |
| resource_manager_.Esys(), |
| key_slot->get(), |
| TpmAuth(ESYS_TR_PASSWORD), |
| encrypted_data.data(), |
| decrypted_data.data(), |
| encrypted_size)) { |
| LOG(ERROR) << "Failed to decrypt encrypted data"; |
| return false; |
| } |
| auto decrypted_buf = decrypted_data.data(); |
| auto decrypted_buf_end = decrypted_data.data() + wrapped_size; |
| if (!wrapped_.Deserialize( |
| const_cast<const uint8_t **>(&decrypted_buf), decrypted_buf_end)) { |
| LOG(ERROR) << "Failed to deserialize wrapped type"; |
| return false; |
| } |
| if (decrypted_buf != decrypted_buf_end) { |
| LOG(ERROR) << "Inner type did not use all data"; |
| return false; |
| } |
| return true; |
| } |
