1 /*
2 * Copyright 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <keymaster/contexts/soft_keymaster_context.h>
18
19 #include <memory>
20
21 #include <openssl/rand.h>
22
23 #include <keymaster/android_keymaster_utils.h>
24 #include <keymaster/key_blob_utils/auth_encrypted_key_blob.h>
25 #include <keymaster/key_blob_utils/integrity_assured_key_blob.h>
26 #include <keymaster/key_blob_utils/ocb_utils.h>
27 #include <keymaster/key_blob_utils/software_keyblobs.h>
28 #include <keymaster/km_openssl/aes_key.h>
29 #include <keymaster/km_openssl/asymmetric_key.h>
30 #include <keymaster/km_openssl/attestation_utils.h>
31 #include <keymaster/km_openssl/hmac_key.h>
32 #include <keymaster/km_openssl/openssl_err.h>
33 #include <keymaster/km_openssl/triple_des_key.h>
34 #include <keymaster/legacy_support/ec_keymaster0_key.h>
35 #include <keymaster/legacy_support/ec_keymaster1_key.h>
36 #include <keymaster/legacy_support/keymaster0_engine.h>
37 #include <keymaster/legacy_support/rsa_keymaster0_key.h>
38 #include <keymaster/legacy_support/rsa_keymaster1_key.h>
39 #include <keymaster/logger.h>
40
41 #include <keymaster/contexts/soft_attestation_cert.h>
42
43 using std::unique_ptr;
44
45 namespace keymaster {
46
47 namespace {
48
string2Blob(const std::string & str)49 KeymasterBlob string2Blob(const std::string& str) {
50 return KeymasterBlob(reinterpret_cast<const uint8_t*>(str.data()), str.size());
51 }
52
53 } // anonymous namespace
54
SoftKeymasterContext(const std::string & root_of_trust)55 SoftKeymasterContext::SoftKeymasterContext(const std::string& root_of_trust)
56 : rsa_factory_(new RsaKeyFactory(this)), ec_factory_(new EcKeyFactory(this)),
57 aes_factory_(new AesKeyFactory(this, this)),
58 tdes_factory_(new TripleDesKeyFactory(this, this)),
59 hmac_factory_(new HmacKeyFactory(this, this)), km1_dev_(nullptr),
60 root_of_trust_(string2Blob(root_of_trust)), os_version_(0), os_patchlevel_(0) {}
61
~SoftKeymasterContext()62 SoftKeymasterContext::~SoftKeymasterContext() {}
63
SetHardwareDevice(keymaster0_device_t * keymaster0_device)64 keymaster_error_t SoftKeymasterContext::SetHardwareDevice(keymaster0_device_t* keymaster0_device) {
65 if (!keymaster0_device)
66 return KM_ERROR_UNEXPECTED_NULL_POINTER;
67
68 if ((keymaster0_device->flags & KEYMASTER_SOFTWARE_ONLY) != 0) {
69 LOG_E("SoftKeymasterContext only wraps hardware keymaster0 devices", 0);
70 return KM_ERROR_INVALID_ARGUMENT;
71 }
72
73 km0_engine_.reset(new Keymaster0Engine(keymaster0_device));
74 rsa_factory_.reset(new RsaKeymaster0KeyFactory(this, km0_engine_.get()));
75 ec_factory_.reset(new EcdsaKeymaster0KeyFactory(this, km0_engine_.get()));
76 // Keep AES and HMAC factories.
77
78 return KM_ERROR_OK;
79 }
80
SetHardwareDevice(keymaster1_device_t * keymaster1_device)81 keymaster_error_t SoftKeymasterContext::SetHardwareDevice(keymaster1_device_t* keymaster1_device) {
82 if (!keymaster1_device)
83 return KM_ERROR_UNEXPECTED_NULL_POINTER;
84
85 km1_dev_ = keymaster1_device;
86
87 km1_engine_.reset(new Keymaster1Engine(keymaster1_device));
88 rsa_factory_.reset(new RsaKeymaster1KeyFactory(this, km1_engine_.get()));
89 ec_factory_.reset(new EcdsaKeymaster1KeyFactory(this, km1_engine_.get()));
90
91 // Use default HMAC and AES key factories. Higher layers will pass HMAC/AES keys/ops that are
92 // supported by the hardware to it and other ones to the software-only factory.
93
94 return KM_ERROR_OK;
95 }
96
SetSystemVersion(uint32_t os_version,uint32_t os_patchlevel)97 keymaster_error_t SoftKeymasterContext::SetSystemVersion(uint32_t os_version,
98 uint32_t os_patchlevel) {
99 os_version_ = os_version;
100 os_patchlevel_ = os_patchlevel;
101 return KM_ERROR_OK;
102 }
103
GetSystemVersion(uint32_t * os_version,uint32_t * os_patchlevel) const104 void SoftKeymasterContext::GetSystemVersion(uint32_t* os_version, uint32_t* os_patchlevel) const {
105 *os_version = os_version_;
106 *os_patchlevel = os_patchlevel_;
107 }
108
GetKeyFactory(keymaster_algorithm_t algorithm) const109 KeyFactory* SoftKeymasterContext::GetKeyFactory(keymaster_algorithm_t algorithm) const {
110 switch (algorithm) {
111 case KM_ALGORITHM_RSA:
112 return rsa_factory_.get();
113 case KM_ALGORITHM_EC:
114 return ec_factory_.get();
115 case KM_ALGORITHM_AES:
116 return aes_factory_.get();
117 case KM_ALGORITHM_TRIPLE_DES:
118 return tdes_factory_.get();
119 case KM_ALGORITHM_HMAC:
120 return hmac_factory_.get();
121 default:
122 return nullptr;
123 }
124 }
125
126 static keymaster_algorithm_t supported_algorithms[] = {KM_ALGORITHM_RSA, KM_ALGORITHM_EC,
127 KM_ALGORITHM_AES, KM_ALGORITHM_HMAC};
128
129 keymaster_algorithm_t*
GetSupportedAlgorithms(size_t * algorithms_count) const130 SoftKeymasterContext::GetSupportedAlgorithms(size_t* algorithms_count) const {
131 *algorithms_count = array_length(supported_algorithms);
132 return supported_algorithms;
133 }
134
GetOperationFactory(keymaster_algorithm_t algorithm,keymaster_purpose_t purpose) const135 OperationFactory* SoftKeymasterContext::GetOperationFactory(keymaster_algorithm_t algorithm,
136 keymaster_purpose_t purpose) const {
137 KeyFactory* key_factory = GetKeyFactory(algorithm);
138 if (!key_factory)
139 return nullptr;
140 return key_factory->GetOperationFactory(purpose);
141 }
142
TranslateAuthorizationSetError(AuthorizationSet::Error err)143 static keymaster_error_t TranslateAuthorizationSetError(AuthorizationSet::Error err) {
144 switch (err) {
145 case AuthorizationSet::OK:
146 return KM_ERROR_OK;
147 case AuthorizationSet::ALLOCATION_FAILURE:
148 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
149 case AuthorizationSet::MALFORMED_DATA:
150 return KM_ERROR_UNKNOWN_ERROR;
151 }
152 return KM_ERROR_OK;
153 }
154
SetAuthorizations(const AuthorizationSet & key_description,keymaster_key_origin_t origin,uint32_t os_version,uint32_t os_patchlevel,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced)155 static keymaster_error_t SetAuthorizations(const AuthorizationSet& key_description,
156 keymaster_key_origin_t origin, uint32_t os_version,
157 uint32_t os_patchlevel, AuthorizationSet* hw_enforced,
158 AuthorizationSet* sw_enforced) {
159 sw_enforced->Clear();
160
161 for (auto& entry : key_description) {
162 switch (entry.tag) {
163 // These cannot be specified by the client.
164 case KM_TAG_ROOT_OF_TRUST:
165 case KM_TAG_ORIGIN:
166 LOG_E("Root of trust and origin tags may not be specified", 0);
167 return KM_ERROR_INVALID_TAG;
168
169 // These don't work.
170 case KM_TAG_ROLLBACK_RESISTANT:
171 LOG_E("KM_TAG_ROLLBACK_RESISTANT not supported", 0);
172 return KM_ERROR_UNSUPPORTED_TAG;
173
174 // These are hidden.
175 case KM_TAG_APPLICATION_ID:
176 case KM_TAG_APPLICATION_DATA:
177 break;
178
179 // Everything else we just copy into sw_enforced, unless the KeyFactory has placed it in
180 // hw_enforced, in which case we defer to its decision.
181 default:
182 if (hw_enforced->GetTagCount(entry.tag) == 0)
183 sw_enforced->push_back(entry);
184 break;
185 }
186 }
187
188 sw_enforced->push_back(TAG_CREATION_DATETIME, java_time(time(nullptr)));
189 sw_enforced->push_back(TAG_ORIGIN, origin);
190 sw_enforced->push_back(TAG_OS_VERSION, os_version);
191 sw_enforced->push_back(TAG_OS_PATCHLEVEL, os_patchlevel);
192
193 return TranslateAuthorizationSetError(sw_enforced->is_valid());
194 }
195
CreateKeyBlob(const AuthorizationSet & key_description,const keymaster_key_origin_t origin,const KeymasterKeyBlob & key_material,KeymasterKeyBlob * blob,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced) const196 keymaster_error_t SoftKeymasterContext::CreateKeyBlob(const AuthorizationSet& key_description,
197 const keymaster_key_origin_t origin,
198 const KeymasterKeyBlob& key_material,
199 KeymasterKeyBlob* blob,
200 AuthorizationSet* hw_enforced,
201 AuthorizationSet* sw_enforced) const {
202 keymaster_error_t error = SetAuthorizations(key_description, origin, os_version_,
203 os_patchlevel_, hw_enforced, sw_enforced);
204 if (error != KM_ERROR_OK)
205 return error;
206
207 AuthorizationSet hidden;
208 error = BuildHiddenAuthorizations(key_description, &hidden, root_of_trust_);
209 if (error != KM_ERROR_OK)
210 return error;
211
212 return SerializeIntegrityAssuredBlob(key_material, hidden, *hw_enforced, *sw_enforced, blob);
213 }
214
UpgradeKeyBlob(const KeymasterKeyBlob & key_to_upgrade,const AuthorizationSet & upgrade_params,KeymasterKeyBlob * upgraded_key) const215 keymaster_error_t SoftKeymasterContext::UpgradeKeyBlob(const KeymasterKeyBlob& key_to_upgrade,
216 const AuthorizationSet& upgrade_params,
217 KeymasterKeyBlob* upgraded_key) const {
218 UniquePtr<Key> key;
219 keymaster_error_t error = ParseKeyBlob(key_to_upgrade, upgrade_params, &key);
220 if (error != KM_ERROR_OK)
221 return error;
222
223 // Three cases here:
224 //
225 // 1. Software key blob. Version info, if present, is in sw_enforced. If not present, we
226 // should add it.
227 //
228 // 2. Keymaster0 hardware key blob. Version info, if present, is in sw_enforced. If not
229 // present we should add it.
230 //
231 // 3. Keymaster1 hardware key blob. Version info is not present and we shouldn't have been
232 // asked to upgrade.
233
234 // Handle case 3.
235 if (km1_dev_ && key->hw_enforced().Contains(TAG_PURPOSE) &&
236 !key->hw_enforced().Contains(TAG_OS_PATCHLEVEL))
237 return KM_ERROR_INVALID_ARGUMENT;
238
239 // Handle case 1 and 2
240 return UpgradeSoftKeyBlob(key, os_version_, os_patchlevel_, upgrade_params, upgraded_key);
241 }
242
ParseKeyBlob(const KeymasterKeyBlob & blob,const AuthorizationSet & additional_params,UniquePtr<Key> * key) const243 keymaster_error_t SoftKeymasterContext::ParseKeyBlob(const KeymasterKeyBlob& blob,
244 const AuthorizationSet& additional_params,
245 UniquePtr<Key>* key) const {
246 // This is a little bit complicated.
247 //
248 // The SoftKeymasterContext has to handle a lot of different kinds of key blobs.
249 //
250 // 1. New keymaster1 software key blobs. These are integrity-assured but not encrypted. The
251 // raw key material and auth sets should be extracted and returned. This is the kind
252 // produced by this context when the KeyFactory doesn't use keymaster0 to back the keys.
253 //
254 // 2. Old keymaster1 software key blobs. These are OCB-encrypted with an all-zero master key.
255 // They should be decrypted and the key material and auth sets extracted and returned.
256 //
257 // 3. Old keymaster0 software key blobs. These are raw key material with a small header tacked
258 // on the front. They don't have auth sets, so reasonable defaults are generated and
259 // returned along with the raw key material.
260 //
261 // 4. New keymaster0 hardware key blobs. These are integrity-assured but not encrypted (though
262 // they're protected by the keymaster0 hardware implementation). The keymaster0 key blob
263 // and auth sets should be extracted and returned.
264 //
265 // 5. Keymaster1 hardware key blobs. These are raw hardware key blobs. They contain auth
266 // sets, which we retrieve from the hardware module.
267 //
268 // 6. Old keymaster0 hardware key blobs. These are raw hardware key blobs. They don't have
269 // auth sets so reasonable defaults are generated and returned along with the key blob.
270 //
271 // Determining what kind of blob has arrived is somewhat tricky. What helps is that
272 // integrity-assured and OCB-encrypted blobs are self-consistent and effectively impossible to
273 // parse as anything else. Old keymaster0 software key blobs have a header. It's reasonably
274 // unlikely that hardware keys would have the same header. So anything that is neither
275 // integrity-assured nor OCB-encrypted and lacks the old software key header is assumed to be
276 // keymaster0 hardware.
277
278 AuthorizationSet hw_enforced;
279 AuthorizationSet sw_enforced;
280 KeymasterKeyBlob key_material;
281 AuthorizationSet hidden;
282 keymaster_error_t error;
283
284 auto constructKey = [&, this] () mutable -> keymaster_error_t {
285 // GetKeyFactory
286 if (error != KM_ERROR_OK) return error;
287 keymaster_algorithm_t algorithm;
288 if (!hw_enforced.GetTagValue(TAG_ALGORITHM, &algorithm) &&
289 !sw_enforced.GetTagValue(TAG_ALGORITHM, &algorithm)) {
290 return KM_ERROR_INVALID_ARGUMENT;
291 }
292 auto factory = GetKeyFactory(algorithm);
293 return factory->LoadKey(move(key_material), additional_params, move(hw_enforced),
294 move(sw_enforced), key);
295 };
296
297 error = BuildHiddenAuthorizations(additional_params, &hidden, root_of_trust_);
298 if (error != KM_ERROR_OK)
299 return error;
300
301 // Assume it's an integrity-assured blob (new software-only blob, or new keymaster0-backed
302 // blob).
303 error = DeserializeIntegrityAssuredBlob(blob, hidden, &key_material, &hw_enforced, &sw_enforced);
304 if (error != KM_ERROR_INVALID_KEY_BLOB)
305 return constructKey();
306
307 // Wasn't an integrity-assured blob. Maybe it's an OCB-encrypted blob.
308 error = ParseOcbAuthEncryptedBlob(blob, hidden, &key_material, &hw_enforced, &sw_enforced);
309 if (error == KM_ERROR_OK)
310 LOG_D("Parsed an old keymaster1 software key", 0);
311 if (error != KM_ERROR_INVALID_KEY_BLOB)
312 return constructKey();
313
314 // Wasn't an OCB-encrypted blob. Maybe it's an old softkeymaster blob.
315 error = ParseOldSoftkeymasterBlob(blob, &key_material, &hw_enforced, &sw_enforced);
316 if (error == KM_ERROR_OK)
317 LOG_D("Parsed an old sofkeymaster key", 0);
318 if (error != KM_ERROR_INVALID_KEY_BLOB)
319 return constructKey();
320
321 if (km1_dev_) {
322 error = ParseKeymaster1HwBlob(blob, additional_params, &key_material, &hw_enforced,
323 &sw_enforced);
324 } else if (km0_engine_) {
325 error = ParseKeymaster0HwBlob(blob, &key_material, &hw_enforced, &sw_enforced);
326 } else {
327 return KM_ERROR_INVALID_KEY_BLOB;
328 }
329 return constructKey();
330 }
331
DeleteKey(const KeymasterKeyBlob & blob) const332 keymaster_error_t SoftKeymasterContext::DeleteKey(const KeymasterKeyBlob& blob) const {
333 if (km1_engine_) {
334 // HACK. Due to a bug with Qualcomm's Keymaster implementation, which causes the device to
335 // reboot if we pass it a key blob it doesn't understand, we need to check for software
336 // keys. If it looks like a software key there's nothing to do so we just return.
337 KeymasterKeyBlob key_material;
338 AuthorizationSet hw_enforced, sw_enforced;
339 keymaster_error_t error = DeserializeIntegrityAssuredBlob_NoHmacCheck(
340 blob, &key_material, &hw_enforced, &sw_enforced);
341 if (error == KM_ERROR_OK) {
342 return KM_ERROR_OK;
343 }
344
345 return km1_engine_->DeleteKey(blob);
346 }
347
348 if (km0_engine_) {
349 // This could be a keymaster0 hardware key, and it could be either raw or encapsulated in an
350 // integrity-assured blob. If it's integrity-assured, we can't validate it strongly,
351 // because we don't have the necessary additional_params data. However, the probability
352 // that anything other than an integrity-assured blob would have all of the structure
353 // required to decode as a valid blob is low -- unless it's maliciously-constructed, but the
354 // deserializer should be proof against bad data, as should the keymaster0 hardware.
355 //
356 // Thus, we first try to parse it as integrity-assured. If that works, we pass the result
357 // to the underlying hardware. If not, we pass blob unmodified to the underlying hardware.
358 KeymasterKeyBlob key_material;
359 AuthorizationSet hw_enforced, sw_enforced;
360 keymaster_error_t error = DeserializeIntegrityAssuredBlob_NoHmacCheck(
361 blob, &key_material, &hw_enforced, &sw_enforced);
362 if (error == KM_ERROR_OK && km0_engine_->DeleteKey(key_material))
363 return KM_ERROR_OK;
364
365 km0_engine_->DeleteKey(blob);
366
367 // We succeed unconditionally at this point, even if delete failed. Failure indicates that
368 // either the blob is a software blob (which we can't distinguish with certainty without
369 // additional_params) or because it is a hardware blob and the hardware failed. In the
370 // first case, there is no error. In the second case, the client can't do anything to fix
371 // it anyway, so it's not too harmful to simply swallow the error. This is not ideal, but
372 // it's the least-bad alternative.
373 return KM_ERROR_OK;
374 }
375
376 // Nothing to do for software-only contexts.
377 return KM_ERROR_OK;
378 }
379
DeleteAllKeys() const380 keymaster_error_t SoftKeymasterContext::DeleteAllKeys() const {
381 if (km1_engine_)
382 return km1_engine_->DeleteAllKeys();
383
384 if (km0_engine_ && !km0_engine_->DeleteAllKeys())
385 return KM_ERROR_UNKNOWN_ERROR;
386
387 return KM_ERROR_OK;
388 }
389
AddRngEntropy(const uint8_t * buf,size_t length) const390 keymaster_error_t SoftKeymasterContext::AddRngEntropy(const uint8_t* buf, size_t length) const {
391 RAND_add(buf, length, 0 /* Don't assume any entropy is added to the pool. */);
392 return KM_ERROR_OK;
393 }
394
ParseKeymaster1HwBlob(const KeymasterKeyBlob & blob,const AuthorizationSet & additional_params,KeymasterKeyBlob * key_material,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced) const395 keymaster_error_t SoftKeymasterContext::ParseKeymaster1HwBlob(
396 const KeymasterKeyBlob& blob, const AuthorizationSet& additional_params,
397 KeymasterKeyBlob* key_material, AuthorizationSet* hw_enforced,
398 AuthorizationSet* sw_enforced) const {
399 assert(km1_dev_);
400
401 keymaster_blob_t client_id = {nullptr, 0};
402 keymaster_blob_t app_data = {nullptr, 0};
403 keymaster_blob_t* client_id_ptr = nullptr;
404 keymaster_blob_t* app_data_ptr = nullptr;
405 if (additional_params.GetTagValue(TAG_APPLICATION_ID, &client_id))
406 client_id_ptr = &client_id;
407 if (additional_params.GetTagValue(TAG_APPLICATION_DATA, &app_data))
408 app_data_ptr = &app_data;
409
410 // Get key characteristics, which incidentally verifies that the HW recognizes the key.
411 keymaster_key_characteristics_t* characteristics;
412 keymaster_error_t error = km1_dev_->get_key_characteristics(km1_dev_, &blob, client_id_ptr,
413 app_data_ptr, &characteristics);
414 if (error != KM_ERROR_OK)
415 return error;
416 unique_ptr<keymaster_key_characteristics_t, Characteristics_Delete> characteristics_deleter(
417 characteristics);
418
419 LOG_D("Module \"%s\" accepted key", km1_dev_->common.module->name);
420
421 hw_enforced->Reinitialize(characteristics->hw_enforced);
422 sw_enforced->Reinitialize(characteristics->sw_enforced);
423 *key_material = blob;
424 return KM_ERROR_OK;
425 }
426
ParseKeymaster0HwBlob(const KeymasterKeyBlob & blob,KeymasterKeyBlob * key_material,AuthorizationSet * hw_enforced,AuthorizationSet * sw_enforced) const427 keymaster_error_t SoftKeymasterContext::ParseKeymaster0HwBlob(const KeymasterKeyBlob& blob,
428 KeymasterKeyBlob* key_material,
429 AuthorizationSet* hw_enforced,
430 AuthorizationSet* sw_enforced) const {
431 assert(km0_engine_);
432
433 unique_ptr<EVP_PKEY, EVP_PKEY_Delete> tmp_key(km0_engine_->GetKeymaster0PublicKey(blob));
434
435 if (!tmp_key)
436 return KM_ERROR_INVALID_KEY_BLOB;
437
438 LOG_D("Module \"%s\" accepted key", km0_engine_->device()->common.module->name);
439 keymaster_error_t error = FakeKeyAuthorizations(tmp_key.get(), hw_enforced, sw_enforced);
440 if (error == KM_ERROR_OK)
441 *key_material = blob;
442
443 return error;
444 }
445
GenerateAttestation(const Key & key,const AuthorizationSet & attest_params,CertChainPtr * cert_chain) const446 keymaster_error_t SoftKeymasterContext::GenerateAttestation(const Key& key,
447 const AuthorizationSet& attest_params, CertChainPtr* cert_chain) const {
448
449 keymaster_error_t error = KM_ERROR_OK;
450 keymaster_algorithm_t key_algorithm;
451 if (!key.authorizations().GetTagValue(TAG_ALGORITHM, &key_algorithm)) {
452 return KM_ERROR_UNKNOWN_ERROR;
453 }
454
455 if ((key_algorithm != KM_ALGORITHM_RSA && key_algorithm != KM_ALGORITHM_EC))
456 return KM_ERROR_INCOMPATIBLE_ALGORITHM;
457
458 // We have established that the given key has the correct algorithm, and because this is the
459 // SoftKeymasterContext we can assume that the Key is an AsymmetricKey. So we can downcast.
460 const AsymmetricKey& asymmetric_key = static_cast<const AsymmetricKey&>(key);
461
462 auto attestation_chain = getAttestationChain(key_algorithm, &error);
463 if (error != KM_ERROR_OK) return error;
464
465 auto attestation_key = getAttestationKey(key_algorithm, &error);
466 if (error != KM_ERROR_OK) return error;
467
468 return generate_attestation(asymmetric_key, attest_params,
469 *attestation_chain, *attestation_key, *this, cert_chain);
470 }
471
UnwrapKey(const KeymasterKeyBlob &,const KeymasterKeyBlob &,const AuthorizationSet &,const KeymasterKeyBlob &,AuthorizationSet *,keymaster_key_format_t *,KeymasterKeyBlob *) const472 keymaster_error_t SoftKeymasterContext::UnwrapKey(const KeymasterKeyBlob&, const KeymasterKeyBlob&,
473 const AuthorizationSet&, const KeymasterKeyBlob&,
474 AuthorizationSet*, keymaster_key_format_t*,
475 KeymasterKeyBlob*) const {
476 return KM_ERROR_UNIMPLEMENTED;
477 }
478
GetVerifiedBootParams(keymaster_blob_t * verified_boot_key,keymaster_blob_t * verified_boot_hash,keymaster_verified_boot_t * verified_boot_state,bool * device_locked) const479 keymaster_error_t SoftKeymasterContext::GetVerifiedBootParams(
480 keymaster_blob_t* verified_boot_key, keymaster_blob_t* verified_boot_hash,
481 keymaster_verified_boot_t* verified_boot_state, bool* device_locked) const {
482 // TODO(swillden): See if there might be some sort of vbmeta data in goldfish/cuttlefish.
483 static std::string fake_vb_key(32, 0);
484 *verified_boot_key = {reinterpret_cast<uint8_t*>(fake_vb_key.data()), fake_vb_key.size()};
485 *verified_boot_hash = {reinterpret_cast<uint8_t*>(fake_vb_key.data()), fake_vb_key.size()};
486 *verified_boot_state = KM_VERIFIED_BOOT_UNVERIFIED;
487 *device_locked = false;
488 return KM_ERROR_OK;
489 }
490
491 } // namespace keymaster
492