1 /*
2 * Copyright 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <keymaster/km_openssl/ec_key_factory.h>
18
19 #include <inttypes.h>
20 #include <utility>
21
22 #include <openssl/curve25519.h>
23 #include <openssl/evp.h>
24
25 #include <keymaster/keymaster_context.h>
26 #include <keymaster/km_openssl/curve25519_key.h>
27 #include <keymaster/km_openssl/ec_key.h>
28 #include <keymaster/km_openssl/ecdh_operation.h>
29 #include <keymaster/km_openssl/ecdsa_operation.h>
30 #include <keymaster/km_openssl/openssl_err.h>
31
32 #include <keymaster/operation.h>
33
34 namespace keymaster {
35
36 static EcdsaSignOperationFactory sign_factory;
37 static EcdsaVerifyOperationFactory verify_factory;
38 static EcdhOperationFactory agree_key_factory;
39
GetOperationFactory(keymaster_purpose_t purpose) const40 OperationFactory* EcKeyFactory::GetOperationFactory(keymaster_purpose_t purpose) const {
41 switch (purpose) {
42 case KM_PURPOSE_SIGN:
43 return &sign_factory;
44 case KM_PURPOSE_VERIFY:
45 return &verify_factory;
46 case KM_PURPOSE_AGREE_KEY:
47 return &agree_key_factory;
48 default:
49 return nullptr;
50 }
51 }
52
53 /* static */
GetCurveAndSize(const AuthorizationSet & key_description,keymaster_ec_curve_t * curve,uint32_t * key_size_bits)54 keymaster_error_t EcKeyFactory::GetCurveAndSize(const AuthorizationSet& key_description,
55 keymaster_ec_curve_t* curve,
56 uint32_t* key_size_bits) {
57 if (!key_description.GetTagValue(TAG_EC_CURVE, curve)) {
58 // Curve not specified. Fall back to deducing curve from key size.
59 if (!key_description.GetTagValue(TAG_KEY_SIZE, key_size_bits)) {
60 LOG_E("%s", "No curve or key size specified for EC key generation");
61 return KM_ERROR_UNSUPPORTED_KEY_SIZE;
62 }
63 keymaster_error_t error = EllipticKeySizeToCurve(*key_size_bits, curve);
64 if (error != KM_ERROR_OK) {
65 return KM_ERROR_UNSUPPORTED_KEY_SIZE;
66 }
67 } else {
68 keymaster_error_t error = EcCurveToKeySize(*curve, key_size_bits);
69 if (error != KM_ERROR_OK) {
70 return error;
71 }
72 uint32_t tag_key_size_bits;
73 if (key_description.GetTagValue(TAG_KEY_SIZE, &tag_key_size_bits) &&
74 *key_size_bits != tag_key_size_bits) {
75 LOG_E("Curve key size %" PRIu32 " and specified key size %" PRIu32 " don't match",
76 *key_size_bits, tag_key_size_bits);
77 return KM_ERROR_INVALID_ARGUMENT;
78 }
79 }
80
81 return KM_ERROR_OK;
82 }
83
GenerateKey(const AuthorizationSet & key_description,UniquePtr<Key> attest_key,const KeymasterBlob & issuer_subject,KeymasterKeyBlob * key_blob,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced,CertificateChain * cert_chain) const84 keymaster_error_t EcKeyFactory::GenerateKey(const AuthorizationSet& key_description,
85 UniquePtr<Key> attest_key, //
86 const KeymasterBlob& issuer_subject,
87 KeymasterKeyBlob* key_blob,
88 AuthorizationSet* hw_enforced,
89 AuthorizationSet* sw_enforced,
90 CertificateChain* cert_chain) const {
91 if (!key_blob || !hw_enforced || !sw_enforced) return KM_ERROR_OUTPUT_PARAMETER_NULL;
92
93 AuthorizationSet authorizations(key_description);
94
95 keymaster_ec_curve_t ec_curve;
96 uint32_t key_size;
97 keymaster_error_t error = GetCurveAndSize(authorizations, &ec_curve, &key_size);
98 if (error != KM_ERROR_OK) {
99 return error;
100 } else if (!authorizations.Contains(TAG_KEY_SIZE, key_size)) {
101 authorizations.push_back(TAG_KEY_SIZE, key_size);
102 } else if (!authorizations.Contains(TAG_EC_CURVE, ec_curve)) {
103 authorizations.push_back(TAG_EC_CURVE, ec_curve);
104 }
105
106 bool is_ed25519 = false;
107 bool is_x25519 = false;
108 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey;
109 UniquePtr<EC_KEY, EC_KEY_Delete> ec_key(EC_KEY_new());
110 KeymasterKeyBlob key_material;
111 if (ec_curve == KM_EC_CURVE_CURVE_25519) {
112 // Curve 25519 keys do not fall under OpenSSL's EC_KEY category.
113 is_ed25519 = (key_description.Contains(TAG_PURPOSE, KM_PURPOSE_SIGN) ||
114 key_description.Contains(TAG_PURPOSE, KM_PURPOSE_ATTEST_KEY));
115 is_x25519 = key_description.Contains(TAG_PURPOSE, KM_PURPOSE_AGREE_KEY);
116 if (is_ed25519 && is_x25519) {
117 // Cannot have both SIGN (Ed25519) and AGREE_KEY (X25519).
118 return KM_ERROR_INCOMPATIBLE_PURPOSE;
119 }
120
121 if (is_ed25519) {
122 uint8_t priv_key[ED25519_PRIVATE_KEY_LEN];
123 uint8_t pub_key[ED25519_PUBLIC_KEY_LEN];
124 ED25519_keypair(pub_key, priv_key);
125
126 // Only feed in the first 32 bytes of the generated private key.
127 pkey.reset(EVP_PKEY_new_raw_private_key(EVP_PKEY_ED25519, nullptr, priv_key,
128 ED25519_SEED_LEN));
129 } else if (is_x25519) {
130 uint8_t priv_key[X25519_PRIVATE_KEY_LEN];
131 uint8_t pub_key[X25519_PUBLIC_VALUE_LEN];
132 X25519_keypair(pub_key, priv_key);
133
134 pkey.reset(EVP_PKEY_new_raw_private_key(EVP_PKEY_X25519, nullptr, priv_key,
135 X25519_PRIVATE_KEY_LEN));
136 } else {
137 return KM_ERROR_UNSUPPORTED_PURPOSE;
138 }
139 if (pkey.get() == nullptr) {
140 return KM_ERROR_UNKNOWN_ERROR;
141 }
142 } else {
143 pkey.reset(EVP_PKEY_new());
144 if (ec_key.get() == nullptr || pkey.get() == nullptr)
145 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
146
147 UniquePtr<EC_GROUP, EC_GROUP_Delete> group(ChooseGroup(ec_curve));
148 if (group.get() == nullptr) {
149 LOG_E("Unable to get EC group for curve %d", ec_curve);
150 return KM_ERROR_UNSUPPORTED_KEY_SIZE;
151 }
152
153 #if !defined(OPENSSL_IS_BORINGSSL)
154 EC_GROUP_set_point_conversion_form(group.get(), POINT_CONVERSION_UNCOMPRESSED);
155 EC_GROUP_set_asn1_flag(group.get(), OPENSSL_EC_NAMED_CURVE);
156 #endif
157
158 if (EC_KEY_set_group(ec_key.get(), group.get()) != 1 ||
159 EC_KEY_generate_key(ec_key.get()) != 1 || EC_KEY_check_key(ec_key.get()) < 0) {
160 return TranslateLastOpenSslError();
161 }
162
163 if (EVP_PKEY_set1_EC_KEY(pkey.get(), ec_key.get()) != 1) return TranslateLastOpenSslError();
164 }
165
166 error = EvpKeyToKeyMaterial(pkey.get(), &key_material);
167 if (error != KM_ERROR_OK) return error;
168
169 error = blob_maker_.CreateKeyBlob(authorizations, KM_ORIGIN_GENERATED, key_material, key_blob,
170 hw_enforced, sw_enforced);
171 if (error != KM_ERROR_OK) return error;
172
173 // Only generate attestation certificates for KeyMint (KeyMaster uses an attestKey()
174 // entrypoint that is separate from generateKey()).
175 if (context_.GetKmVersion() < KmVersion::KEYMINT_1) return KM_ERROR_OK;
176 if (!cert_chain) return KM_ERROR_UNEXPECTED_NULL_POINTER;
177
178 std::unique_ptr<AsymmetricKey> key;
179 if (is_ed25519) {
180 key.reset(new (std::nothrow) Ed25519Key(*hw_enforced, *sw_enforced, this, key_material));
181 } else if (is_x25519) {
182 key.reset(new (std::nothrow) X25519Key(*hw_enforced, *sw_enforced, this, key_material));
183 } else {
184 key.reset(new (std::nothrow) EcKey(*hw_enforced, *sw_enforced, this, std::move(ec_key)));
185 }
186 if (key == nullptr) {
187 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
188 }
189
190 if (key_description.Contains(TAG_ATTESTATION_CHALLENGE)) {
191 *cert_chain = context_.GenerateAttestation(*key, key_description, std::move(attest_key),
192 issuer_subject, &error);
193 } else if (attest_key.get() != nullptr) {
194 return KM_ERROR_ATTESTATION_CHALLENGE_MISSING;
195 } else {
196 *cert_chain = context_.GenerateSelfSignedCertificate(
197 *key, key_description, !IsCertSigningKey(key_description) /* fake_signature */, &error);
198 }
199
200 return error;
201 }
202
ImportKey(const AuthorizationSet & key_description,keymaster_key_format_t input_key_material_format,const KeymasterKeyBlob & input_key_material,UniquePtr<Key> attest_key,const KeymasterBlob & issuer_subject,KeymasterKeyBlob * output_key_blob,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced,CertificateChain * cert_chain) const203 keymaster_error_t EcKeyFactory::ImportKey(const AuthorizationSet& key_description, //
204 keymaster_key_format_t input_key_material_format,
205 const KeymasterKeyBlob& input_key_material,
206 UniquePtr<Key> attest_key, //
207 const KeymasterBlob& issuer_subject,
208 KeymasterKeyBlob* output_key_blob,
209 AuthorizationSet* hw_enforced,
210 AuthorizationSet* sw_enforced,
211 CertificateChain* cert_chain) const {
212 if (input_key_material_format == KM_KEY_FORMAT_RAW) {
213 return ImportRawKey(key_description, input_key_material, std::move(attest_key),
214 issuer_subject, output_key_blob, hw_enforced, sw_enforced, cert_chain);
215 }
216
217 if (!output_key_blob || !hw_enforced || !sw_enforced) return KM_ERROR_OUTPUT_PARAMETER_NULL;
218
219 AuthorizationSet authorizations;
220 uint32_t key_size;
221 keymaster_error_t error = UpdateImportKeyDescription(
222 key_description, input_key_material_format, input_key_material, &authorizations, &key_size);
223 if (error != KM_ERROR_OK) return error;
224
225 error = blob_maker_.CreateKeyBlob(authorizations, KM_ORIGIN_IMPORTED, input_key_material,
226 output_key_blob, hw_enforced, sw_enforced);
227 if (error != KM_ERROR_OK) return error;
228
229 if (context_.GetKmVersion() < KmVersion::KEYMINT_1) return KM_ERROR_OK;
230 if (!cert_chain) return KM_ERROR_UNEXPECTED_NULL_POINTER;
231
232 EVP_PKEY_Ptr pkey;
233 error = KeyMaterialToEvpKey(KM_KEY_FORMAT_PKCS8, input_key_material, KM_ALGORITHM_EC, &pkey);
234 if (error != KM_ERROR_OK) return error;
235
236 std::unique_ptr<AsymmetricKey> key;
237 switch (EVP_PKEY_id(pkey.get())) {
238 case EVP_PKEY_ED25519:
239 key.reset(new (std::nothrow) Ed25519Key(*hw_enforced, *sw_enforced, this));
240 if (key.get() == nullptr) {
241 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
242 }
243 if (!key->EvpToInternal(pkey.get())) {
244 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
245 }
246 break;
247 case EVP_PKEY_X25519:
248 key.reset(new (std::nothrow) X25519Key(*hw_enforced, *sw_enforced, this));
249 if (key.get() == nullptr) {
250 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
251 }
252 if (!key->EvpToInternal(pkey.get())) {
253 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
254 }
255 break;
256 case EVP_PKEY_EC: {
257 EC_KEY_Ptr ec_key(EVP_PKEY_get1_EC_KEY(pkey.get()));
258 if (!ec_key.get()) return KM_ERROR_INVALID_ARGUMENT;
259
260 key.reset(new (std::nothrow) EcKey(*hw_enforced, *sw_enforced, this, std::move(ec_key)));
261 if (key.get() == nullptr) {
262 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
263 }
264 break;
265 }
266 default:
267 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
268 }
269 if (key == nullptr) {
270 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
271 }
272
273 if (key_description.Contains(KM_TAG_ATTESTATION_CHALLENGE)) {
274 *cert_chain = context_.GenerateAttestation(*key, key_description, std::move(attest_key),
275 issuer_subject, &error);
276 } else if (attest_key.get() != nullptr) {
277 return KM_ERROR_ATTESTATION_CHALLENGE_MISSING;
278 } else {
279 *cert_chain = context_.GenerateSelfSignedCertificate(
280 *key, key_description, !IsCertSigningKey(key_description) /* fake_signature */, &error);
281 }
282
283 return error;
284 }
285
ImportRawKey(const AuthorizationSet & key_description,const KeymasterKeyBlob & input_key_material,UniquePtr<Key> attest_key,const KeymasterBlob & issuer_subject,KeymasterKeyBlob * output_key_blob,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced,CertificateChain * cert_chain) const286 keymaster_error_t EcKeyFactory::ImportRawKey(const AuthorizationSet& key_description, //
287 const KeymasterKeyBlob& input_key_material,
288 UniquePtr<Key> attest_key, //
289 const KeymasterBlob& issuer_subject,
290 KeymasterKeyBlob* output_key_blob,
291 AuthorizationSet* hw_enforced,
292 AuthorizationSet* sw_enforced,
293 CertificateChain* cert_chain) const {
294 if (!output_key_blob || !hw_enforced || !sw_enforced) return KM_ERROR_OUTPUT_PARAMETER_NULL;
295
296 // Curve 25519 keys may arrive in raw form, but if they do the key_description must include
297 // enough information to allow the key material to be identified. This means that the
298 // following tags must already be present in key_description:
299 // - TAG_ALGORITHM: KM_ALGORITHM_EC
300 // - TAG_EC_CURVE: KM_EC_CURVE_CURVE_25519
301 // - TAG_PURPOSE: exactly one of:
302 // - KM_SIGN (Ed25519)
303 // - KM_ATTEST_KEY (Ed25519)
304 // - KM_AGREE (X25519)
305 keymaster_ec_curve_t curve;
306 if (!key_description.GetTagValue(TAG_EC_CURVE, &curve) || curve != KM_EC_CURVE_CURVE_25519) {
307 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
308 }
309 bool is_ed25519 = (key_description.Contains(TAG_PURPOSE, KM_PURPOSE_SIGN) ||
310 key_description.Contains(TAG_PURPOSE, KM_PURPOSE_ATTEST_KEY));
311 bool is_x25519 = key_description.Contains(TAG_PURPOSE, KM_PURPOSE_AGREE_KEY);
312 if (is_ed25519 && is_x25519) {
313 // Cannot have both SIGN (Ed25519) and AGREE_KEY (X25519).
314 return KM_ERROR_INCOMPATIBLE_PURPOSE;
315 }
316 if (key_description.Contains(TAG_PURPOSE, KM_PURPOSE_ATTEST_KEY) &&
317 key_description.GetTagCount(TAG_PURPOSE) > 1) {
318 // ATTEST_KEY cannot be combined with another purpose.
319 return KM_ERROR_INCOMPATIBLE_PURPOSE;
320 }
321
322 // First convert the raw key data into an EVP_PKEY.
323 EVP_PKEY_Ptr pkey;
324 if (is_ed25519) {
325 pkey.reset(EVP_PKEY_new_raw_private_key(EVP_PKEY_ED25519, /* unused*/ nullptr,
326 input_key_material.key_material,
327 input_key_material.key_material_size));
328 } else if (is_x25519) {
329 pkey.reset(EVP_PKEY_new_raw_private_key(EVP_PKEY_X25519, /* unused*/ nullptr,
330 input_key_material.key_material,
331 input_key_material.key_material_size));
332 } else {
333 return KM_ERROR_UNSUPPORTED_KEY_FORMAT;
334 }
335 if (pkey.get() == nullptr) {
336 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
337 }
338
339 // Now extract PKCS#8 formatted private key material from the EVP_PKEY.
340 KeymasterKeyBlob pkcs8_key_material;
341 keymaster_error_t error = EvpKeyToKeyMaterial(pkey.get(), &pkcs8_key_material);
342 if (error != KM_ERROR_OK) return error;
343
344 // Store the PKCS#8 private key material in the key blob.
345 error = blob_maker_.CreateKeyBlob(key_description, KM_ORIGIN_IMPORTED, pkcs8_key_material,
346 output_key_blob, hw_enforced, sw_enforced);
347 if (error != KM_ERROR_OK) return error;
348
349 if (context_.GetKmVersion() < KmVersion::KEYMINT_1) return KM_ERROR_OK;
350 if (!cert_chain) return KM_ERROR_UNEXPECTED_NULL_POINTER;
351
352 std::unique_ptr<AsymmetricKey> key;
353 if (is_ed25519) {
354 key.reset(new (std::nothrow)
355 Ed25519Key(*hw_enforced, *sw_enforced, this, pkcs8_key_material));
356 } else /* is_x25519 */ {
357 key.reset(new (std::nothrow)
358 X25519Key(*hw_enforced, *sw_enforced, this, pkcs8_key_material));
359 }
360 if (key == nullptr) {
361 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
362 }
363
364 if (key_description.Contains(KM_TAG_ATTESTATION_CHALLENGE)) {
365 *cert_chain = context_.GenerateAttestation(*key, key_description, std::move(attest_key),
366 issuer_subject, &error);
367 } else if (attest_key.get() != nullptr) {
368 return KM_ERROR_ATTESTATION_CHALLENGE_MISSING;
369 } else {
370 *cert_chain = context_.GenerateSelfSignedCertificate(
371 *key, key_description, !IsCertSigningKey(key_description) /* fake_signature */, &error);
372 }
373
374 return error;
375 }
376
UpdateImportKeyDescription(const AuthorizationSet & key_description,keymaster_key_format_t key_format,const KeymasterKeyBlob & key_material,AuthorizationSet * updated_description,uint32_t * key_size_bits) const377 keymaster_error_t EcKeyFactory::UpdateImportKeyDescription(const AuthorizationSet& key_description,
378 keymaster_key_format_t key_format,
379 const KeymasterKeyBlob& key_material,
380 AuthorizationSet* updated_description,
381 uint32_t* key_size_bits) const {
382 if (!updated_description || !key_size_bits) return KM_ERROR_OUTPUT_PARAMETER_NULL;
383
384 UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey;
385 keymaster_error_t error =
386 KeyMaterialToEvpKey(key_format, key_material, keymaster_key_type(), &pkey);
387 if (error != KM_ERROR_OK) return error;
388
389 updated_description->Reinitialize(key_description);
390
391 keymaster_algorithm_t algorithm = KM_ALGORITHM_EC;
392 if (!updated_description->GetTagValue(TAG_ALGORITHM, &algorithm)) {
393 updated_description->push_back(TAG_ALGORITHM, KM_ALGORITHM_EC);
394 } else if (algorithm != KM_ALGORITHM_EC) {
395 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
396 }
397
398 switch (EVP_PKEY_id(pkey.get())) {
399 case EVP_PKEY_EC: {
400 UniquePtr<EC_KEY, EC_KEY_Delete> ec_key(EVP_PKEY_get1_EC_KEY(pkey.get()));
401 if (!ec_key.get()) return TranslateLastOpenSslError();
402
403 size_t extracted_key_size_bits;
404 error = ec_get_group_size(EC_KEY_get0_group(ec_key.get()), &extracted_key_size_bits);
405 if (error != KM_ERROR_OK) return error;
406
407 *key_size_bits = extracted_key_size_bits;
408 if (!updated_description->GetTagValue(TAG_KEY_SIZE, key_size_bits)) {
409 updated_description->push_back(TAG_KEY_SIZE, extracted_key_size_bits);
410 } else if (*key_size_bits != extracted_key_size_bits) {
411 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
412 }
413
414 keymaster_ec_curve_t curve_from_size;
415 error = EcKeySizeToCurve(*key_size_bits, &curve_from_size);
416 if (error != KM_ERROR_OK) return error;
417 keymaster_ec_curve_t curve;
418 if (!updated_description->GetTagValue(TAG_EC_CURVE, &curve)) {
419 updated_description->push_back(TAG_EC_CURVE, curve_from_size);
420 } else if (curve_from_size != curve) {
421 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
422 }
423 break;
424 }
425 case EVP_PKEY_ED25519: {
426 keymaster_ec_curve_t curve;
427 if (!updated_description->GetTagValue(TAG_EC_CURVE, &curve)) {
428 updated_description->push_back(TAG_EC_CURVE, KM_EC_CURVE_CURVE_25519);
429 } else if (curve != KM_EC_CURVE_CURVE_25519) {
430 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
431 }
432 if (updated_description->Contains(TAG_PURPOSE, KM_PURPOSE_AGREE_KEY)) {
433 // Purpose is for X25519, key is Ed25519.
434 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
435 }
436 if (updated_description->Contains(TAG_PURPOSE, KM_PURPOSE_ATTEST_KEY) &&
437 updated_description->GetTagCount(TAG_PURPOSE) > 1) {
438 // ATTEST_KEY cannot be combined with another purpose.
439 return KM_ERROR_INCOMPATIBLE_PURPOSE;
440 }
441 break;
442 }
443 case EVP_PKEY_X25519: {
444 keymaster_ec_curve_t curve;
445 if (!updated_description->GetTagValue(TAG_EC_CURVE, &curve)) {
446 updated_description->push_back(TAG_EC_CURVE, KM_EC_CURVE_CURVE_25519);
447 } else if (curve != KM_EC_CURVE_CURVE_25519) {
448 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
449 }
450 if (updated_description->Contains(TAG_PURPOSE, KM_PURPOSE_SIGN) ||
451 updated_description->Contains(TAG_PURPOSE, KM_PURPOSE_ATTEST_KEY)) {
452 // Purpose is for Ed25519, key is X25519.
453 return KM_ERROR_IMPORT_PARAMETER_MISMATCH;
454 }
455 break;
456 }
457 default:
458 return KM_ERROR_INVALID_KEY_BLOB;
459 }
460
461 return KM_ERROR_OK;
462 }
463
464 /* static */
ChooseGroup(size_t key_size_bits)465 EC_GROUP* EcKeyFactory::ChooseGroup(size_t key_size_bits) {
466 switch (key_size_bits) {
467 case 224:
468 return EC_GROUP_new_by_curve_name(NID_secp224r1);
469 break;
470 case 256:
471 return EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
472 break;
473 case 384:
474 return EC_GROUP_new_by_curve_name(NID_secp384r1);
475 break;
476 case 521:
477 return EC_GROUP_new_by_curve_name(NID_secp521r1);
478 break;
479 default:
480 return nullptr;
481 break;
482 }
483 }
484
485 /* static */
ChooseGroup(keymaster_ec_curve_t ec_curve)486 EC_GROUP* EcKeyFactory::ChooseGroup(keymaster_ec_curve_t ec_curve) {
487 switch (ec_curve) {
488 case KM_EC_CURVE_P_224:
489 return EC_GROUP_new_by_curve_name(NID_secp224r1);
490 break;
491 case KM_EC_CURVE_P_256:
492 return EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
493 break;
494 case KM_EC_CURVE_P_384:
495 return EC_GROUP_new_by_curve_name(NID_secp384r1);
496 break;
497 case KM_EC_CURVE_P_521:
498 return EC_GROUP_new_by_curve_name(NID_secp521r1);
499 break;
500 default:
501 return nullptr;
502 break;
503 }
504 }
505
CreateEmptyKey(AuthorizationSet && hw_enforced,AuthorizationSet && sw_enforced,UniquePtr<AsymmetricKey> * key) const506 keymaster_error_t EcKeyFactory::CreateEmptyKey(AuthorizationSet&& hw_enforced,
507 AuthorizationSet&& sw_enforced,
508 UniquePtr<AsymmetricKey>* key) const {
509 bool is_ed25519 = IsEd25519Key(hw_enforced, sw_enforced);
510 bool is_x25519 = IsX25519Key(hw_enforced, sw_enforced);
511 if (is_ed25519) {
512 if (is_x25519) {
513 return KM_ERROR_INCOMPATIBLE_PURPOSE;
514 }
515 key->reset(new (std::nothrow) Ed25519Key(std::move(hw_enforced), std::move(sw_enforced),
516 this));
517 } else if (is_x25519) {
518 key->reset(new (std::nothrow) X25519Key(std::move(hw_enforced), std::move(sw_enforced),
519 this));
520 } else {
521 key->reset(new (std::nothrow) EcKey(std::move(hw_enforced), std::move(sw_enforced), this));
522 }
523 if (!(*key)) return KM_ERROR_MEMORY_ALLOCATION_FAILED;
524 return KM_ERROR_OK;
525 }
526
527 } // namespace keymaster
528