Google Git
Sign in
android / trusty / app / keymint / 5e5b3b193001d98d40223ce2404dff6c6b1bdd05 / . / keybox.rs
blob: e58ba84ba2b02cf9eb2825223b43be91c40e82a0 [file] [log] [blame]
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
//! Client used to connect to the keybox service.
use crate::ffi_bindings::{KeyboxUnwrapReq, KeyboxUnwrapResp, KEYBOX_PORT, KEYBOX_RESP_HDR_SIZE};
use core::ffi::CStr;
use kmr_common::{km_err, vec_try, Error};
use tipc::{Handle, TipcError};
/// A `KeyboxSession` is a `Handle`.
type KeyboxSession = Handle;
/// Connection to the keybox service.
#[derive(Debug, Eq, PartialEq)]
struct Keybox(KeyboxSession);
impl Keybox {
/// Attempt to open a keybox session.
///
/// # Examples
///
/// ```
/// let keybox = keybox::open().expect("could not open hwkey session");
/// ```
///
fn new() -> Result<Self, TipcError> {
let port =
CStr::from_bytes_with_nul(KEYBOX_PORT).expect("KEYBOX_PORT was not null terminated");
KeyboxSession::connect(port).map(Self)
}
pub(crate) fn keybox_unwrap(&self, wrapped_keybox: &[u8]) -> Result<Vec<u8>, Error> {
let req = KeyboxUnwrapReq::new(wrapped_keybox);
self.0
.send(&req)
.map_err(|e| km_err!(SecureHwCommunicationFailed, "send unwrap cmd failed: {:?}", e))?;
// This uses the same assumption as SetWrappedAttestationKey on the c++ code; which is that
// the size of the unwrapped key won't be bigger than the size of the wrapped one.
let mut buffer = vec_try![0; wrapped_keybox.len() + KEYBOX_RESP_HDR_SIZE]?;
let response: KeyboxUnwrapResp = self
.0
.recv(&mut buffer)
.map_err(|e| km_err!(SecureHwCommunicationFailed, "unwrap response error: {:?}", e))?;
Ok(response.get_unwrapped_keybox())
}
}
pub(crate) fn keybox_unwrap(wrapped_keybox: &[u8]) -> Result<Vec<u8>, Error> {
let keybox = Keybox::new().map_err(|e| {
km_err!(SecureHwCommunicationFailed, "error opening keybox service: {:?}", e)
})?;
keybox.keybox_unwrap(wrapped_keybox)
}
#[cfg(test)]
mod tests {
use super::*;
use test::{expect, expect_eq, skip};
// AOSP keybox test server just XORs data with a constant and checksum it, it is not intended to
// be secure; just to be used to check the IPC commands.
fn create_fake_wrapped_data(data: &[u8]) -> Vec<u8> {
let mut wrapped_data = Vec::<u8>::new();
let mut checksum: u8 = 0;
for &element in data {
let wrapped_element = element ^ 0x42;
wrapped_data.push(wrapped_element);
checksum ^= wrapped_element;
}
wrapped_data.push(checksum);
wrapped_data
}
#[test]
fn unwrap_fake_keybox_data() {
if true {
skip!("TODO: reinstate test");
}
let original_data = b"test_data_to_wrap".as_slice();
let wrapped_data = create_fake_wrapped_data(original_data);
let result = keybox_unwrap(&wrapped_data);
expect!(result.is_ok(), "Failed to unwrap data: {:?}", result);
let unwrapped_data = result.expect("Couldn't unwrap data");
expect_eq!(original_data, unwrapped_data, "Unwrapped data do not match original one");
}
}