1 /*
2  * Copyright 2014 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #pragma once
18 
19 #include <keymaster/android_keymaster.h>
20 #include <keymaster/logger.h>
21 
22 #include "trusty_keymaster_context.h"
23 #include "trusty_keymaster_messages.h"
24 
25 namespace keymaster {
26 
27 // TrustyKeymaster implements handlers for IPC operations. Most operations are
28 // implemented by AndroidKeymaster but some operations which are not part of the
29 // interface with Android are implemented here. These operations are expected to
30 // be called from a bootloader or another Trusty application.
31 class TrustyKeymaster : public AndroidKeymaster {
32 public:
TrustyKeymaster(TrustyKeymasterContext * context,size_t operation_table_size)33     TrustyKeymaster(TrustyKeymasterContext* context,
34                     size_t operation_table_size)
35             : AndroidKeymaster(context, operation_table_size),
36               context_(context) {
37         LOG_D("Creating TrustyKeymaster");
38     }
39 
40     // Replace GetVersion2 handler from AndroidKeymaster.  It's not virtual, but
41     // that's okay because it's only called non-polymorphically.
42     GetVersion2Response GetVersion2(const GetVersion2Request& req);
43 
44     // The GetAuthTokenKey IPC call is accepted only from Gatekeeper.
45     long GetAuthTokenKey(keymaster_key_blob_t* key);
46 
47     // Retrieve the device information needed for remote key provisioning.
48     std::unique_ptr<cppbor::Map> GetDeviceInfo();
49 
50     // SetBootParams can only be called once. If it is never called then
51     // Keymaster will fail to configure. The intention is that it is called from
52     // the bootloader.
53     void SetBootParams(const SetBootParamsRequest& request,
54                        SetBootParamsResponse* response);
55 
56     // SetAttestastionKey sets a single attestation key. There should be one
57     // call for each supported algorithm.
58     void SetAttestationKey(const SetAttestationKeyRequest& request,
59                            SetAttestationKeyResponse* response);
60 
61     // SetWrappedAttestationKey sets a single attestation key. There should be
62     // one call for each supported algorithm.
63     void SetWrappedAttestationKey(const SetAttestationKeyRequest& request,
64                                   SetAttestationKeyResponse* response);
65 
66     // DestroyAttestationIds clears the device IDs.
67     void DestroyAttestationIds(const DestroyAttestationIdsRequest& request,
68                                DestroyAttestationIdsResponse* response);
69 
70     // SetDeviceIds sets all device IDs in the KM spec under ATTESTATION_ID_*
71     // This is a factory provisioning step that should not be callable after
72     // provisioning.
73     void SetAttestationIds(const SetAttestationIdsRequest& request,
74                            EmptyKeymasterResponse* response);
75 
76     // SetAttestationIdsKM3 sets the device IDs added to the spec under KM3
77     // This is a factory provisioning step that should not be callable after
78     // provisioning.
79     void SetAttestationIdsKM3(const SetAttestationIdsKM3Request& request,
80                               EmptyKeymasterResponse* response);
81 
82     // ClearAttestationCertChain clears the attestation certificate chain for
83     // the specified algorithm.
84     void ClearAttestationCertChain(
85             const ClearAttestationCertChainRequest& request,
86             ClearAttestationCertChainResponse* response);
87 
88     // AppendAttestationCertChain sets a single certificate in an attestation
89     // certificate chain. The bootloader should push certificates into Trusty,
90     // one certificate per request, starting with the attestation certificate.
91     // Multiple AppendAttestationCertChain requests are expected.
92     void AppendAttestationCertChain(
93             const AppendAttestationCertChainRequest& request,
94             AppendAttestationCertChainResponse* response);
95 
96     // AtapGetCaRequest is the first of two calls that are part of the the
97     // Android Things Attestation Provisioning (ATAP) protocol. This protocol is
98     // used instead of SetAttestationKey and AppendAttestationCertChain.
99     void AtapGetCaRequest(const AtapGetCaRequestRequest& request,
100                           AtapGetCaRequestResponse* response);
101 
102     // AtapSetCaResponse is the second of two calls that are part of the the
103     // Android Things Attestation Provisioning (ATAP) protocol. This protocol is
104     // used instead of SetAttestationKey and AppendAttestationCertChain. The CA
105     // Response message is larger than 4k, so the call is split into Begin,
106     // Update, and Finish messages.
107     void AtapSetCaResponseBegin(const AtapSetCaResponseBeginRequest& request,
108                                 AtapSetCaResponseBeginResponse* response);
109 
110     void AtapSetCaResponseUpdate(const AtapSetCaResponseUpdateRequest& request,
111                                  AtapSetCaResponseUpdateResponse* response);
112     void AtapSetCaResponseFinish(const AtapSetCaResponseFinishRequest& request,
113                                  AtapSetCaResponseFinishResponse* response);
114 
115     // Reads the UUID from the certificate of the last provisioned attestation
116     // credentials.
117     void AtapReadUuid(const AtapReadUuidRequest& request,
118                       AtapReadUuidResponse* response);
119 
120     // SetProductId is only called once to set the secure product id. Caller
121     // should read the product id from permanent attributes structure and set
122     // the product id while fusing the permanent attributes.
123     void AtapSetProductId(const AtapSetProductIdRequest& request,
124                           AtapSetProductIdResponse* response);
125 
ConfigureCalled()126     bool ConfigureCalled() {
127         return configure_error_ != KM_ERROR_KEYMASTER_NOT_CONFIGURED;
128     }
get_configure_error()129     keymaster_error_t get_configure_error() { return configure_error_; }
set_configure_error(keymaster_error_t err)130     void set_configure_error(keymaster_error_t err) { configure_error_ = err; }
131 
132 private:
133     TrustyKeymasterContext* context_;
134     keymaster_error_t configure_error_ = KM_ERROR_KEYMASTER_NOT_CONFIGURED;
135     Buffer ca_response_;
136 };
137 
138 }  // namespace keymaster
139