PawletOS/android_bootable_recovery
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fscrypt: Wrapped key support for FBE

Browse Source 
Commit imported from:

https: //github.com/LineageOS/android_system_vold/commit/ce024f07c23d0649635a336fff389332b9806f48
Change-Id: I924a9fcbac7d790609fbafcf8c12654fdb267e32
This commit is contained in:
mauronofrio matarrese
2020-05-25 19:48:56 +02:00
committed by bigbiff
parent 86fabbe4d0
commit 7982032fcd
8 changed files with 262 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

161
crypto/fscrypt/FsCrypt.cpp
View File

@@ -16,6 +16,7 @@
#include "FsCrypt.h"
#include "Keymaster.h"
#include "KeyStorage.h"
#include "KeyUtil.h"
#include "Utils.h"
@@ -65,6 +66,8 @@ using android::base::StringPrintf;
using android::fs_mgr::GetEntryForMountPoint;
using android::vold::kEmptyAuthentication;
using android::vold::KeyBuffer;
using android::vold::Keymaster;
using android::hardware::keymaster::V4_0::KeyFormat;
// using android::vold::writeStringToFile;
// Store main DE raw ref / policy
@@ -207,12 +210,45 @@ static bool read_and_fixate_user_ce_key(userid_t user_id,
return false;
}
static bool is_wrapped_key_supported_common(const std::string& mount_point) {
struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab_default, mount_point);
char const* contents_mode = NULL;
char const* filenames_mode = NULL;
fs_mgr_get_file_encryption_modes(rec, &contents_mode, &filenames_mode);
if (!contents_mode || !filenames_mode) {
LOG(ERROR) << "Couldn't read file or contents mode, returning false";
return false;
}
if (strcmp(contents_mode, "ice_wrapped_key_supported") == 0)
return true;
else
return false;
}
bool is_wrapped_key_supported() {
return is_wrapped_key_supported_common(DATA_MNT_POINT);
}
bool is_wrapped_key_supported_external() {
return false;
}
static bool read_and_install_user_ce_key(userid_t user_id,
const android::vold::KeyAuthentication& auth) {
if (s_ce_key_raw_refs.count(user_id) != 0) return true;
KeyBuffer ce_key;
if (!read_and_fixate_user_ce_key(user_id, auth, &ce_key)) return false;
std::string ce_raw_ref;
if (is_wrapped_key_supported()) {
KeyBuffer ephemeral_wrapped_key;
if (!getEphemeralWrappedKey(KeyFormat::RAW, ce_key, &ephemeral_wrapped_key)) {
LOG(ERROR) << "Failed to export ce key";
return false;
}
ce_key = std::move(ephemeral_wrapped_key);
}
if (!android::vold::installKey(ce_key, &ce_raw_ref)) return false;
s_ce_keys[user_id] = std::move(ce_key);
s_ce_key_raw_refs[user_id] = ce_raw_ref;
@@ -242,8 +278,15 @@ static bool destroy_dir(const std::string& dir) {
// it creates keys in a fixed location.
static bool create_and_install_user_keys(userid_t user_id, bool create_ephemeral) {
KeyBuffer de_key, ce_key;
if (!android::vold::randomKey(&de_key)) return false;
if (!android::vold::randomKey(&ce_key)) return false;
if(is_wrapped_key_supported()) {
if (!generateWrappedKey(user_id, android::vold::KeyType::DE_USER, &de_key)) return false;
if (!generateWrappedKey(user_id, android::vold::KeyType::CE_USER, &ce_key)) return false;
} else {
if (!android::vold::randomKey(&de_key)) return false;
if (!android::vold::randomKey(&ce_key)) return false;
}
if (create_ephemeral) {
// If the key should be created as ephemeral, don't store it.
s_ephemeral_users.insert(user_id);
@@ -262,12 +305,33 @@ static bool create_and_install_user_keys(userid_t user_id, bool create_ephemeral
kEmptyAuthentication, de_key))
return false;
}
if (!android::vold::installKey(de_key, &de_raw_ref)) return false;
s_de_key_raw_refs[user_id] = de_raw_ref;
std::string ce_raw_ref;
if (is_wrapped_key_supported()) {
KeyBuffer ephemeral_wrapped_de_key;
KeyBuffer ephemeral_wrapped_ce_key;
/* Export and install the DE keys */
if (!getEphemeralWrappedKey(KeyFormat::RAW, de_key, &ephemeral_wrapped_de_key)) {
LOG(ERROR) << "Failed to export de_key";
return false;
}
/* Export and install the CE keys */
if (!getEphemeralWrappedKey(KeyFormat::RAW, ce_key, &ephemeral_wrapped_ce_key)) {
LOG(ERROR) << "Failed to export de_key";
return false;
}
de_key = std::move(ephemeral_wrapped_de_key);
ce_key = std::move(ephemeral_wrapped_ce_key);
}
if (!android::vold::installKey(de_key, &de_raw_ref)) return false;
if (!android::vold::installKey(ce_key, &ce_raw_ref)) return false;
s_ce_keys[user_id] = ce_key;
s_ce_keys[user_id] = std::move(ce_key);
s_de_key_raw_refs[user_id] = de_raw_ref;
s_ce_key_raw_refs[user_id] = ce_raw_ref;
LOG(DEBUG) << "Created keys for user " << user_id;
return true;
}
@@ -337,6 +401,14 @@ static bool load_all_de_keys() {
KeyBuffer key;
if (!android::vold::retrieveKey(key_path, kEmptyAuthentication, &key)) return false;
std::string raw_ref;
if (is_wrapped_key_supported()) {
KeyBuffer ephemeral_wrapped_key;
if (!getEphemeralWrappedKey(KeyFormat::RAW, key, &ephemeral_wrapped_key)) {
LOG(ERROR) << "Failed to export de_key in create_and_install_user_keys";
return false;
}
key = std::move(ephemeral_wrapped_key);
}
if (!android::vold::installKey(key, &raw_ref)) return false;
s_de_key_raw_refs[user_id] = raw_ref;
LOG(DEBUG) << "Installed de key for user " << user_id;
@@ -349,6 +421,7 @@ static bool load_all_de_keys() {
bool fscrypt_initialize_systemwide_keys() {
LOG(INFO) << "fscrypt_initialize_systemwide_keys";
bool wrapped_key_supported = false;
if (s_systemwide_keys_initialized) {
LOG(INFO) << "Already initialized";
@@ -356,8 +429,11 @@ bool fscrypt_initialize_systemwide_keys() {
}
PolicyKeyRef device_ref;
if (!android::vold::retrieveAndInstallKey(true, kEmptyAuthentication, device_key_path,
device_key_temp, &device_ref.key_raw_ref))
wrapped_key_supported = is_wrapped_key_supported();
if (!android::vold::retrieveAndInstallKey(true, kEmptyAuthentication,
device_key_path, device_key_temp,
&device_ref.key_raw_ref, wrapped_key_supported))
return false;
get_data_file_encryption_modes(&device_ref);
@@ -537,6 +613,7 @@ static bool read_or_create_volkey(const std::string& misc_path, const std::strin
PolicyKeyRef* key_ref) {
auto secdiscardable_path = volume_secdiscardable_path(volume_uuid);
std::string secdiscardable_hash;
bool wrapped_key_supported = false;
if (android::vold::pathExists(secdiscardable_path)) {
if (!android::vold::readSecdiscardable(secdiscardable_path, &secdiscardable_hash))
return false;
@@ -554,8 +631,10 @@ static bool read_or_create_volkey(const std::string& misc_path, const std::strin
return false;
}
android::vold::KeyAuthentication auth("", secdiscardable_hash);
wrapped_key_supported = is_wrapped_key_supported_external();
if (!android::vold::retrieveAndInstallKey(true, auth, key_path, key_path + "_tmp",
&key_ref->key_raw_ref))
&key_ref->key_raw_ref, wrapped_key_supported))
return false;
key_ref->contents_mode =
android::base::GetProperty("ro.crypto.volume.contents_mode", "aes-256-xts");
@@ -581,14 +660,28 @@ bool fscrypt_add_user_key_auth(userid_t user_id, int serial, const std::string&
if (!parse_hex(secret_hex, &secret)) return false;
auto auth =
secret.empty() ? kEmptyAuthentication : android::vold::KeyAuthentication(token, secret);
auto it = s_ce_keys.find(user_id);
if (it == s_ce_keys.end()) {
LOG(ERROR) << "Key not loaded into memory, can't change for user " << user_id;
return false;
}
const auto& ce_key = it->second;
auto const directory_path = get_ce_key_directory_path(user_id);
auto const paths = get_ce_key_paths(directory_path);
KeyBuffer ce_key;
if(is_wrapped_key_supported()) {
std::string ce_key_current_path = get_ce_key_current_path(directory_path);
if (android::vold::retrieveKey(ce_key_current_path, kEmptyAuthentication, &ce_key)) {
LOG(DEBUG) << "Successfully retrieved key";
} else {
if (android::vold::retrieveKey(ce_key_current_path, auth, &ce_key)) {
LOG(DEBUG) << "Successfully retrieved key";
}
}
} else {
auto it = s_ce_keys.find(user_id);
if (it == s_ce_keys.end()) {
LOG(ERROR) << "Key not loaded into memory, can't change for user " << user_id;
return false;
}
ce_key = it->second;
}
std::string ce_key_path;
if (!get_ce_key_new_path(directory_path, paths, &ce_key_path)) return false;
if (!android::vold::storeKeyAtomically(ce_key_path, user_key_temp, auth, ce_key)) return false;
@@ -596,6 +689,46 @@ bool fscrypt_add_user_key_auth(userid_t user_id, int serial, const std::string&
return true;
}
bool fscrypt_clear_user_key_auth(userid_t user_id, int serial, const std::string& token_hex,
const std::string& secret_hex) {
LOG(DEBUG) << "fscrypt_clear_user_key_auth " << user_id << " serial=" << serial
<< " token_present=" << (token_hex != "!");
if (!fscrypt_is_native()) return true;
if (s_ephemeral_users.count(user_id) != 0) return true;
std::string token, secret;
if (!parse_hex(token_hex, &token)) return false;
if (!parse_hex(secret_hex, &secret)) return false;
if (is_wrapped_key_supported()) {
auto const directory_path = get_ce_key_directory_path(user_id);
auto const paths = get_ce_key_paths(directory_path);
KeyBuffer ce_key;
std::string ce_key_current_path = get_ce_key_current_path(directory_path);
auto auth = android::vold::KeyAuthentication(token, secret);
/* Retrieve key while removing a pin. A secret is needed */
if (android::vold::retrieveKey(ce_key_current_path, auth, &ce_key)) {
LOG(DEBUG) << "Successfully retrieved key";
} else {
/* Retrieve key when going None to swipe and vice versa when a
synthetic password is present */
if (android::vold::retrieveKey(ce_key_current_path, kEmptyAuthentication, &ce_key)) {
LOG(DEBUG) << "Successfully retrieved key";
}
}
std::string ce_key_path;
if (!get_ce_key_new_path(directory_path, paths, &ce_key_path)) return false;
if (!android::vold::storeKeyAtomically(ce_key_path, user_key_temp, kEmptyAuthentication, ce_key))
return false;
} else {
if(!fscrypt_add_user_key_auth(user_id, serial, "!", "!")) return false;
}
return true;
}
bool fscrypt_fixate_newest_user_key_auth(userid_t user_id) {
LOG(DEBUG) << "fscrypt_fixate_newest_user_key_auth " << user_id;
if (!fscrypt_is_native()) return true;

5
crypto/fscrypt/FsCrypt.h
View File

@@ -27,6 +27,8 @@ bool fscrypt_vold_create_user_key(userid_t user_id, int serial, bool ephemeral);
bool fscrypt_destroy_user_key(userid_t user_id);
bool fscrypt_add_user_key_auth(userid_t user_id, int serial, const std::string& token,
const std::string& secret);
bool fscrypt_clear_user_key_auth(userid_t user_id, int serial, const std::string& token_hex,
const std::string& secret_hex);
bool fscrypt_fixate_newest_user_key_auth(userid_t user_id);
bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& token,
@@ -38,6 +40,7 @@ bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_
bool fscrypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_id, int flags);
bool fscrypt_destroy_volume_keys(const std::string& volume_uuid);
bool is_wrapped_key_supported();
bool is_wrapped_key_supported_external();
bool lookup_key_ref(const std::map<userid_t, std::string>& key_map, userid_t user_id,
std::string* raw_ref);

42
crypto/fscrypt/KeyStorage.cpp
View File

@@ -64,6 +64,7 @@ static constexpr size_t SECDISCARDABLE_BYTES = 1 << 14;
static constexpr size_t STRETCHED_BYTES = 1 << 6;
static constexpr uint32_t AUTH_TIMEOUT = 30; // Seconds
constexpr int EXT4_AES_256_XTS_KEY_SIZE = 64;
static const char* kCurrentVersion = "1";
static const char* kRmPath = "/system/bin/rm";
@@ -129,6 +130,47 @@ static bool generateKeymasterKey(Keymaster& keymaster, const KeyAuthentication&
return keymaster.generateKey(paramBuilder, key);
}
bool generateWrappedKey(userid_t user_id, KeyType key_type,
KeyBuffer* key) {
Keymaster keymaster;
if (!keymaster) return false;
*key = KeyBuffer(EXT4_AES_256_XTS_KEY_SIZE);
std::string key_temp;
auto paramBuilder = km::AuthorizationSetBuilder()
.AesEncryptionKey(AES_KEY_BYTES * 8)
.GcmModeMinMacLen(GCM_MAC_BYTES * 8)
.Authorization(km::TAG_USER_ID, user_id);
km::KeyParameter param1;
param1.tag = (km::Tag) (android::hardware::keymaster::V4_0::KM_TAG_FBE_ICE);
param1.f.boolValue = true;
paramBuilder.push_back(param1);
km::KeyParameter param2;
if ((key_type == KeyType::DE_USER) || (key_type == KeyType::DE_SYS)) {
param2.tag = (km::Tag) (android::hardware::keymaster::V4_0::KM_TAG_KEY_TYPE);
param2.f.integer = 0;
} else if (key_type == KeyType::CE_USER) {
param2.tag = (km::Tag) (android::hardware::keymaster::V4_0::KM_TAG_KEY_TYPE);
param2.f.integer = 1;
}
paramBuilder.push_back(param2);
if (!keymaster.generateKey(paramBuilder, &key_temp)) return false;
*key = KeyBuffer(key_temp.size());
memcpy(reinterpret_cast<void*>(key->data()), key_temp.c_str(), key->size());
return true;
}
bool getEphemeralWrappedKey(km::KeyFormat format, KeyBuffer& kmKey, KeyBuffer* key) {
std::string key_temp;
Keymaster keymaster;
if (!keymaster) return false;
if (!keymaster.exportKey(format, kmKey, "!", "!", &key_temp)) return false;
*key = KeyBuffer(key_temp.size());
memcpy(reinterpret_cast<void*>(key->data()), key_temp.c_str(), key->size());
return true;
}
static std::pair<km::AuthorizationSet, km::HardwareAuthToken> beginParams(
const KeyAuthentication& auth, const std::string& appId) {
auto paramBuilder = km::AuthorizationSetBuilder()

11
crypto/fscrypt/KeyStorage.h
View File

@@ -17,8 +17,9 @@
#ifndef ANDROID_VOLD_KEYSTORAGE_H
#define ANDROID_VOLD_KEYSTORAGE_H
#include "Keymaster.h"
#include "KeyBuffer.h"
#include <cutils/multiuser.h>
#include <string>
namespace android {
@@ -39,6 +40,12 @@ class KeyAuthentication {
const std::string secret;
};
enum class KeyType {
DE_SYS,
DE_USER,
CE_USER
};
extern const KeyAuthentication kEmptyAuthentication;
// Checks if path "path" exists.
@@ -68,6 +75,8 @@ bool retrieveKey(const std::string& dir, const KeyAuthentication& auth, KeyBuffe
bool destroyKey(const std::string& dir);
bool runSecdiscardSingle(const std::string& file);
bool generateWrappedKey(userid_t user_id, KeyType key_type, KeyBuffer* key);
bool getEphemeralWrappedKey(km::KeyFormat format, KeyBuffer& kmKey, KeyBuffer* key);
} // namespace vold
} // namespace android

31
crypto/fscrypt/KeyUtil.cpp
View File

@@ -27,9 +27,14 @@
#include <android-base/logging.h>
#include <keyutils.h>
#include "FsCrypt.h"
#include "KeyStorage.h"
#include "Utils.h"
#define MAX_USER_ID 0xFFFFFFFF
using android::hardware::keymaster::V4_0::KeyFormat;
using android::vold::KeyType;
namespace android {
namespace vold {
@@ -105,7 +110,14 @@ bool installKey(const KeyBuffer& key, std::string* raw_ref) {
fscrypt_key& fs_key = *reinterpret_cast<fscrypt_key*>(fsKeyBuffer.data());
if (!fillKey(key, &fs_key)) return false;
*raw_ref = generateKeyRef(fs_key.raw, fs_key.size);
if (is_wrapped_key_supported()) {
/* When wrapped key is supported, only the first 32 bytes are
the same per boot. The second 32 bytes can change as the ephemeral
key is different. */
*raw_ref = generateKeyRef(fs_key.raw, (fs_key.size)/2);
} else {
*raw_ref = generateKeyRef(fs_key.raw, fs_key.size);
}
key_serial_t device_keyring;
if (!fscryptKeyring(&device_keyring)) return false;
for (char const* const* name_prefix = NAME_PREFIXES; *name_prefix != nullptr; name_prefix++) {
@@ -146,7 +158,7 @@ bool evictKey(const std::string& raw_ref) {
bool retrieveAndInstallKey(bool create_if_absent, const KeyAuthentication& key_authentication,
const std::string& key_path, const std::string& tmp_path,
std::string* key_ref) {
std::string* key_ref, bool wrapped_key_supported) {
KeyBuffer key;
if (pathExists(key_path)) {
LOG(DEBUG) << "Key exists, using: " << key_path;
@@ -157,10 +169,23 @@ bool retrieveAndInstallKey(bool create_if_absent, const KeyAuthentication& key_a
return false;
}
LOG(INFO) << "Creating new key in " << key_path;
if (!randomKey(&key)) return false;
if (wrapped_key_supported) {
if(!generateWrappedKey(MAX_USER_ID, KeyType::DE_SYS, &key)) return false;
} else {
if (!randomKey(&key)) return false;
}
if (!storeKeyAtomically(key_path, tmp_path, key_authentication, key)) return false;
}
if (wrapped_key_supported) {
KeyBuffer ephemeral_wrapped_key;
if (!getEphemeralWrappedKey(KeyFormat::RAW, key, &ephemeral_wrapped_key)) {
LOG(ERROR) << "Failed to export key in retrieveAndInstallKey";
return false;
}
key = std::move(ephemeral_wrapped_key);
}
if (!installKey(key, key_ref)) {
LOG(ERROR) << "Failed to install key in " << key_path;
return false;

3
crypto/fscrypt/KeyUtil.h
View File

@@ -19,6 +19,7 @@
#include "KeyBuffer.h"
#include "KeyStorage.h"
#include "Keymaster.h"
#include <memory>
#include <string>
@@ -31,7 +32,7 @@ bool installKey(const KeyBuffer& key, std::string* raw_ref);
bool evictKey(const std::string& raw_ref);
bool retrieveAndInstallKey(bool create_if_absent, const KeyAuthentication& key_authentication,
const std::string& key_path, const std::string& tmp_path,
std::string* key_ref);
std::string* key_ref, bool wrapped_key_supported);
bool retrieveKey(bool create_if_absent, const std::string& key_path, const std::string& tmp_path,
KeyBuffer* key, bool keepOld = true);

26
crypto/fscrypt/Keymaster.cpp
View File

@@ -138,6 +138,32 @@ bool Keymaster::generateKey(const km::AuthorizationSet& inParams, std::string* k
return true;
}
bool Keymaster::exportKey(km::KeyFormat format, KeyBuffer& kmKey, const std::string& clientId,
const std::string& appData, std::string* key) {
auto kmKeyBlob = km::support::blob2hidlVec(std::string(kmKey.data(), kmKey.size()));
auto emptyAssign = NULL;
auto kmClientId = (clientId == "!") ? emptyAssign: km::support::blob2hidlVec(clientId);
auto kmAppData = (appData == "!") ? emptyAssign: km::support::blob2hidlVec(appData);
km::ErrorCode km_error;
auto hidlCb = [&](km::ErrorCode ret, const hidl_vec<uint8_t>& exportedKeyBlob) {
km_error = ret;
if (km_error != km::ErrorCode::OK) return;
if(key)
key->assign(reinterpret_cast<const char*>(&exportedKeyBlob[0]),
exportedKeyBlob.size());
};
auto error = mDevice->exportKey(format, kmKeyBlob, kmClientId, kmAppData, hidlCb);
if (!error.isOk()) {
LOG(ERROR) << "export_key failed: " << error.description();
return false;
}
if (km_error != km::ErrorCode::OK) {
LOG(ERROR) << "export_key failed, code " << int32_t(km_error);
return false;
}
return true;
}
bool Keymaster::deleteKey(const std::string& key) {
auto keyBlob = km::support::blob2hidlVec(key);
auto error = mDevice->deleteKey(keyBlob);

3
crypto/fscrypt/Keymaster.h
View File

@@ -102,6 +102,9 @@ class Keymaster {
explicit operator bool() { return mDevice.get() != nullptr; }
// Generate a key in the keymaster from the given params.
bool generateKey(const km::AuthorizationSet& inParams, std::string* key);
// Export a key from keymaster.
bool exportKey(km::KeyFormat format, KeyBuffer& kmKey, const std::string& clientId,
const std::string& appData, std::string* key);
// If the keymaster supports it, permanently delete a key.
bool deleteKey(const std::string& key);
// Replace stored key blob in response to KM_ERROR_KEY_REQUIRES_UPGRADE.