/*
* Copyright 2014 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef SYSTEM_KEYMASTER_RSA_OPERATION_H_
#define SYSTEM_KEYMASTER_RSA_OPERATION_H_
#include <UniquePtr.h>
#include <openssl/evp.h>
#include <openssl/rsa.h>
#include "operation.h"
namespace keymaster {
/**
* Base class for all RSA operations.
*
* This class provides RSA key management, plus buffering of data for non-digesting modes.
*/
class RsaOperation : public Operation {
public:
RsaOperation(keymaster_purpose_t purpose, keymaster_digest_t digest,
keymaster_padding_t padding, EVP_PKEY* key)
: Operation(purpose), rsa_key_(key), padding_(padding), digest_(digest),
digest_algorithm_(nullptr) {}
~RsaOperation();
keymaster_error_t Begin(const AuthorizationSet& input_params,
AuthorizationSet* output_params) override;
keymaster_error_t Update(const AuthorizationSet& additional_params, const Buffer& input,
AuthorizationSet* output_params, Buffer* output,
size_t* input_consumed) override;
keymaster_error_t Abort() override { return KM_ERROR_OK; }
keymaster_padding_t padding() const { return padding_; }
keymaster_digest_t digest() const { return digest_; }
protected:
virtual int GetOpensslPadding(keymaster_error_t* error) = 0;
virtual bool require_digest() const = 0;
keymaster_error_t StoreData(const Buffer& input, size_t* input_consumed);
keymaster_error_t SetRsaPaddingInEvpContext(EVP_PKEY_CTX* pkey_ctx, bool signing);
keymaster_error_t InitDigest();
EVP_PKEY* rsa_key_;
const keymaster_padding_t padding_;
Buffer data_;
const keymaster_digest_t digest_;
const EVP_MD* digest_algorithm_;
};
/**
* Base class for all digesting RSA operations.
*
* This class adds digesting support, for digesting modes. For non-digesting modes, it falls back
* on the RsaOperation input buffering.
*/
class RsaDigestingOperation : public RsaOperation {
public:
RsaDigestingOperation(keymaster_purpose_t purpose, keymaster_digest_t digest,
keymaster_padding_t padding, EVP_PKEY* key);
~RsaDigestingOperation();
protected:
int GetOpensslPadding(keymaster_error_t* error) override;
bool require_digest() const override { return padding_ == KM_PAD_RSA_PSS; }
EVP_MD_CTX digest_ctx_;
};
/**
* RSA private key signing operation.
*/
class RsaSignOperation : public RsaDigestingOperation {
public:
RsaSignOperation(keymaster_digest_t digest, keymaster_padding_t padding, EVP_PKEY* key)
: RsaDigestingOperation(KM_PURPOSE_SIGN, digest, padding, key) {}
keymaster_error_t Begin(const AuthorizationSet& input_params,
AuthorizationSet* output_params) override;
keymaster_error_t Update(const AuthorizationSet& additional_params, const Buffer& input,
AuthorizationSet* output_params, Buffer* output,
size_t* input_consumed) override;
keymaster_error_t Finish(const AuthorizationSet& additional_params, const Buffer& input,
const Buffer& signature, AuthorizationSet* output_params,
Buffer* output) override;
private:
keymaster_error_t SignUndigested(Buffer* output);
keymaster_error_t SignDigested(Buffer* output);
};
/**
* RSA public key verification operation.
*/
class RsaVerifyOperation : public RsaDigestingOperation {
public:
RsaVerifyOperation(keymaster_digest_t digest, keymaster_padding_t padding, EVP_PKEY* key)
: RsaDigestingOperation(KM_PURPOSE_VERIFY, digest, padding, key) {}
keymaster_error_t Begin(const AuthorizationSet& input_params,
AuthorizationSet* output_params) override;
keymaster_error_t Update(const AuthorizationSet& additional_params, const Buffer& input,
AuthorizationSet* output_params, Buffer* output,
size_t* input_consumed) override;
keymaster_error_t Finish(const AuthorizationSet& additional_params, const Buffer& input,
const Buffer& signature, AuthorizationSet* output_params,
Buffer* output) override;
private:
keymaster_error_t VerifyUndigested(const Buffer& signature);
keymaster_error_t VerifyDigested(const Buffer& signature);
};
/**
* Base class for RSA crypting operations.
*/
class RsaCryptOperation : public RsaOperation {
public:
RsaCryptOperation(keymaster_purpose_t purpose, keymaster_digest_t digest,
keymaster_padding_t padding, EVP_PKEY* key)
: RsaOperation(purpose, digest, padding, key) {}
protected:
keymaster_error_t SetOaepDigestIfRequired(EVP_PKEY_CTX* pkey_ctx);
private:
int GetOpensslPadding(keymaster_error_t* error) override;
bool require_digest() const override { return padding_ == KM_PAD_RSA_OAEP; }
};
/**
* RSA public key encryption operation.
*/
class RsaEncryptOperation : public RsaCryptOperation {
public:
RsaEncryptOperation(keymaster_digest_t digest, keymaster_padding_t padding, EVP_PKEY* key)
: RsaCryptOperation(KM_PURPOSE_ENCRYPT, digest, padding, key) {}
keymaster_error_t Finish(const AuthorizationSet& additional_params, const Buffer& input,
const Buffer& signature, AuthorizationSet* output_params,
Buffer* output) override;
};
/**
* RSA private key decryption operation.
*/
class RsaDecryptOperation : public RsaCryptOperation {
public:
RsaDecryptOperation(keymaster_digest_t digest, keymaster_padding_t padding, EVP_PKEY* key)
: RsaCryptOperation(KM_PURPOSE_DECRYPT, digest, padding, key) {}
keymaster_error_t Finish(const AuthorizationSet& additional_params, const Buffer& input,
const Buffer& signature, AuthorizationSet* output_params,
Buffer* output) override;
};
/**
* Abstract base for all RSA operation factories. This class exists mainly to centralize some code
* common to all RSA operation factories.
*/
class RsaOperationFactory : public OperationFactory {
public:
KeyType registry_key() const override { return KeyType(KM_ALGORITHM_RSA, purpose()); }
virtual keymaster_purpose_t purpose() const = 0;
Operation* CreateOperation(const Key& key, const AuthorizationSet& begin_params,
keymaster_error_t* error) override {
return CreateRsaOperation(key, begin_params, error);
}
const keymaster_digest_t* SupportedDigests(size_t* digest_count) const override;
protected:
static EVP_PKEY* GetRsaKey(const Key& key, keymaster_error_t* error);
virtual RsaOperation* CreateRsaOperation(const Key& key, const AuthorizationSet& begin_params,
keymaster_error_t* error);
private:
virtual RsaOperation* InstantiateOperation(keymaster_digest_t digest,
keymaster_padding_t padding, EVP_PKEY* key) = 0;
};
/**
* Abstract base for RSA operations that digest their input (signing and verification).
*/
class RsaDigestingOperationFactory : public RsaOperationFactory {
public:
const keymaster_padding_t* SupportedPaddingModes(size_t* padding_mode_count) const override;
};
/**
* Abstract base for en/de-crypting RSA operation factories. This class does most of the work of
* creating such operations, delegating only the actual operation instantiation.
*/
class RsaCryptingOperationFactory : public RsaOperationFactory {
public:
RsaOperation* CreateRsaOperation(const Key& key, const AuthorizationSet& begin_params,
keymaster_error_t* error) override;
const keymaster_padding_t* SupportedPaddingModes(size_t* padding_mode_count) const override;
};
/**
* Concrete factory for RSA signing operations.
*/
class RsaSigningOperationFactory : public RsaDigestingOperationFactory {
public:
keymaster_purpose_t purpose() const override { return KM_PURPOSE_SIGN; }
RsaOperation* InstantiateOperation(keymaster_digest_t digest, keymaster_padding_t padding,
EVP_PKEY* key) override {
return new (std::nothrow) RsaSignOperation(digest, padding, key);
}
};
/**
* Concrete factory for RSA signing operations.
*/
class RsaVerificationOperationFactory : public RsaDigestingOperationFactory {
keymaster_purpose_t purpose() const override { return KM_PURPOSE_VERIFY; }
RsaOperation* InstantiateOperation(keymaster_digest_t digest, keymaster_padding_t padding,
EVP_PKEY* key) override {
return new (std::nothrow) RsaVerifyOperation(digest, padding, key);
}
};
/**
* Concrete factory for RSA signing operations.
*/
class RsaEncryptionOperationFactory : public RsaCryptingOperationFactory {
keymaster_purpose_t purpose() const override { return KM_PURPOSE_ENCRYPT; }
RsaOperation* InstantiateOperation(keymaster_digest_t digest, keymaster_padding_t padding,
EVP_PKEY* key) override {
return new (std::nothrow) RsaEncryptOperation(digest, padding, key);
}
};
/**
* Concrete factory for RSA signing operations.
*/
class RsaDecryptionOperationFactory : public RsaCryptingOperationFactory {
keymaster_purpose_t purpose() const override { return KM_PURPOSE_DECRYPT; }
RsaOperation* InstantiateOperation(keymaster_digest_t digest, keymaster_padding_t padding,
EVP_PKEY* key) override {
return new (std::nothrow) RsaDecryptOperation(digest, padding, key);
}
};
} // namespace keymaster
#endif // SYSTEM_KEYMASTER_RSA_OPERATION_H_