1 //
2 // Copyright (C) 2020 The Android Open Source Project
3 //
4 // Licensed under the Apache License, Version 2.0 (the "License");
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
7 //
8 //      http://www.apache.org/licenses/LICENSE-2.0
9 //
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
15 
16 #include "hmac_serializable.h"
17 
18 #include <android-base/logging.h>
19 
20 #include "host/commands/secure_env/tpm_auth.h"
21 #include "host/commands/secure_env/tpm_hmac.h"
22 
HmacSerializable(TpmResourceManager * resource_manager,std::function<TpmObjectSlot (TpmResourceManager *)> signing_key_fn,uint32_t digest_size,Serializable * wrapped)23 HmacSerializable::HmacSerializable(
24     TpmResourceManager* resource_manager,
25     std::function<TpmObjectSlot(TpmResourceManager*)> signing_key_fn,
26     uint32_t digest_size,
27     Serializable* wrapped) :
28     resource_manager_(resource_manager),
29     signing_key_fn_(signing_key_fn),
30     digest_size_(digest_size),
31     wrapped_(wrapped) {
32 }
33 
SerializedSize() const34 size_t HmacSerializable::SerializedSize() const {
35   auto digest_size = sizeof(uint32_t) + digest_size_;
36   auto data_size = sizeof(uint32_t) + wrapped_->SerializedSize();
37   return digest_size + data_size;
38 }
39 
Serialize(uint8_t * buf,const uint8_t * end) const40 uint8_t* HmacSerializable::Serialize(uint8_t* buf, const uint8_t* end) const {
41   auto wrapped_size = wrapped_->SerializedSize();
42   buf = keymaster::append_uint32_to_buf(buf, end, wrapped_size);
43   auto signed_data = buf;
44   buf = wrapped_->Serialize(buf, end);
45   if (buf - signed_data != wrapped_size) {
46     LOG(ERROR) << "Serialized wrapped data did not match expected size.";
47     return buf;
48   }
49   auto key = signing_key_fn_(resource_manager_);
50   if (!key) {
51     LOG(ERROR) << "Could not retrieve key";
52     return buf;
53   }
54   auto hmac_data =
55     TpmHmac(
56         resource_manager_,
57         key->get(),
58         TpmAuth(ESYS_TR_PASSWORD),
59         signed_data,
60         wrapped_size);
61   if (!hmac_data) {
62     LOG(ERROR) << "Failed to produce hmac";
63     return buf;
64   }
65   if (hmac_data->size != digest_size_) {
66     LOG(ERROR) << "Unexpected digest size. Wanted " << digest_size_
67                << ", TPM produced " << hmac_data->size;
68     return buf;
69   }
70   return keymaster::append_size_and_data_to_buf(
71       buf, end, hmac_data->buffer, digest_size_);
72 }
73 
Deserialize(const uint8_t ** buf_ptr,const uint8_t * end)74 bool HmacSerializable::Deserialize(const uint8_t** buf_ptr, const uint8_t* end) {
75   size_t signed_data_size;
76   keymaster::UniquePtr<uint8_t[]> signed_data;
77   bool success =
78       keymaster::copy_size_and_data_from_buf(
79           buf_ptr, end, &signed_data_size, &signed_data);
80   if (!success) {
81     LOG(ERROR) << "Failed to retrieve signed data";
82     return false;
83   }
84   size_t signature_size;
85   keymaster::UniquePtr<uint8_t[]> signature;
86   success =
87       keymaster::copy_size_and_data_from_buf(
88           buf_ptr, end, &signature_size, &signature);
89   if (!success) {
90     LOG(ERROR) << "Failed to retrieve signature";
91     return false;
92   }
93   if (signature_size != digest_size_) {
94     LOG(ERROR) << "Digest size did not match expected size.";
95     return false;
96   }
97   auto key = signing_key_fn_(resource_manager_);
98   if (!key) {
99     LOG(ERROR) << "Could not retrieve key";
100     return false;
101   }
102   auto hmac_check =
103     TpmHmac(
104         resource_manager_,
105         key->get(),
106         TpmAuth(ESYS_TR_PASSWORD),
107         signed_data.get(),
108         signed_data_size);
109   if (!hmac_check) {
110     LOG(ERROR) << "Unable to calculate signature check";
111     return false;
112   }
113   if (hmac_check->size != digest_size_) {
114     LOG(ERROR) << "Unexpected signature check size. Wanted " << digest_size_
115                << ", TPM produced " << hmac_check->size;
116     return false;
117   }
118   if (memcmp(signature.get(), hmac_check->buffer, digest_size_) != 0) {
119     LOG(ERROR) << "Signature check did not match original signature.";
120     return false;
121   }
122   // Now that we've validated integrity on the data, do the inner deserialization
123   auto inner_buf = signed_data.get();
124   auto inner_buf_end = inner_buf + signed_data_size;
125   return wrapped_->Deserialize(
126       const_cast<const uint8_t**>(&inner_buf), inner_buf_end);
127 }
128