1 /* 2 * Copyright 2018, Rockchip Electronics Co., Ltd 3 * qiujian, <qiujian@rock-chips.com> 4 * 5 * SPDX-License-Identifier: GPL-2.0+ 6 */ 7 8 #include "attestation_key.h" 9 10 #include <common.h> 11 #include <malloc.h> 12 13 #include <keymaster.h> 14 15 /* attestation data offset */ 16 #define ATTESTATION_DATA_OFFSET 65536 17 18 /* block size */ 19 #define ATTESTATION_DATA_BLOCK_SIZE 512 20 21 /* attestation data block offset */ 22 #define ATTESTATION_DATA_BLOCK_OFFSET (ATTESTATION_DATA_OFFSET / ATTESTATION_DATA_BLOCK_SIZE) 23 24 #define ATAP_BLOB_LEN_MAX 2048 25 #define ATAP_CERT_CHAIN_LEN_MAX 8192 26 #define ATAP_CERT_CHAIN_ENTRIES_MAX 8 27 #define CA_HEADER_LEN 16 28 29 /* 30 * Name of the attestation key file is 31 * ATTESTATION_KEY_PREFIX.%algorithm, 32 * which include PrivateKey and CertificateChain, 33 * where algorithm is either "EC" or "RSA" 34 */ 35 #define ATTESTATION_KEY_FILE "AttestationKey" 36 37 /* 38 * Name of the attestation key file is 39 * ATTESTATION_KEY_PREFIX.%algorithm, 40 * where algorithm is either "EC" or "RSA" 41 */ 42 #define ATTESTATION_KEY_PREFIX "PrivateKey" 43 44 /* 45 * Name of the attestation certificate file is 46 * ATTESTATION_CERT_PREFIX.%algorithm.%index, 47 * where index is the index within the certificate chain. 48 */ 49 #define ATTESTATION_CERT_PREFIX "CertificateChain" 50 51 /* Maximum file name size.*/ 52 #define STORAGE_ID_LENGTH_MAX 64 53 54 typedef enum{ 55 KM_ALGORITHM_RSA = 1, 56 KM_ALGORITHM_EC = 3, 57 } keymaster_algorithm_t; 58 59 typedef struct { 60 uint8_t *data; 61 uint32_t data_length; 62 } atap_blob; 63 64 typedef struct { 65 atap_blob entries[ATAP_CERT_CHAIN_ENTRIES_MAX]; 66 uint32_t entry_count; 67 } atap_certchain; 68 69 uint32_t write_to_keymaster(uint8_t *filename, uint32_t filename_size, 70 uint8_t *data, uint32_t data_size); 71 72 static const char *get_keyslot_str(keymaster_algorithm_t key_type) 73 { 74 switch (key_type) { 75 case KM_ALGORITHM_RSA: 76 return "RSA"; 77 case KM_ALGORITHM_EC: 78 return "EC"; 79 default: 80 return ""; 81 } 82 } 83 84 static void free_blob(atap_blob blob) 85 { 86 if (blob.data) 87 free(blob.data); 88 89 blob.data_length = 0; 90 } 91 92 static void free_cert_chain(atap_certchain cert_chain) 93 { 94 unsigned int i = 0; 95 96 for (i = 0; i < cert_chain.entry_count; ++i) { 97 if (cert_chain.entries[i].data) 98 free(cert_chain.entries[i].data); 99 cert_chain.entries[i].data_length = 0; 100 } 101 memset(&cert_chain, 0, sizeof(atap_certchain)); 102 } 103 104 static void copy_from_buf(uint8_t **buf_ptr, void *data, uint32_t data_size) 105 { 106 memcpy(data, *buf_ptr, data_size); 107 *buf_ptr += data_size; 108 } 109 110 static void copy_uint32_from_buf(uint8_t **buf_ptr, uint32_t *x) 111 { 112 copy_from_buf(buf_ptr, x, sizeof(uint32_t)); 113 } 114 115 static bool copy_blob_from_buf(uint8_t **buf_ptr, atap_blob *blob) 116 { 117 memset(blob, 0, sizeof(atap_blob)); 118 copy_uint32_from_buf(buf_ptr, &blob->data_length); 119 120 if (blob->data_length > ATAP_BLOB_LEN_MAX) 121 return false; 122 123 if (blob->data_length) { 124 blob->data = (uint8_t *) malloc(blob->data_length); 125 if (blob->data == NULL) 126 return false; 127 128 copy_from_buf(buf_ptr, blob->data, blob->data_length); 129 } 130 return true; 131 } 132 133 static bool copy_cert_chain_from_buf(uint8_t **buf_ptr, 134 atap_certchain *cert_chain) 135 { 136 uint32_t cert_chain_size = 0; 137 int32_t bytes_remaining = 0; 138 size_t i = 0; 139 bool retval = true; 140 141 memset(cert_chain, 0, sizeof(atap_certchain)); 142 143 /* Copy size of cert chain, as it is a Variable field. */ 144 copy_from_buf(buf_ptr, &cert_chain_size, sizeof(cert_chain_size)); 145 146 if (cert_chain_size > ATAP_CERT_CHAIN_LEN_MAX) 147 return false; 148 149 if (cert_chain_size == 0) 150 return true; 151 152 bytes_remaining = cert_chain_size; 153 for (i = 0; i < ATAP_CERT_CHAIN_ENTRIES_MAX; ++i) { 154 if (!copy_blob_from_buf(buf_ptr, &cert_chain->entries[i])) { 155 retval = false; 156 break; 157 } 158 159 ++cert_chain->entry_count; 160 bytes_remaining -= (sizeof(uint32_t) + 161 cert_chain->entries[i].data_length); 162 163 if (bytes_remaining <= 0) { 164 retval = (bytes_remaining == 0); 165 break; 166 } 167 } 168 if (retval == false) 169 free_cert_chain(*cert_chain); 170 171 return retval; 172 } 173 174 /* validate attestation data head. */ 175 static bool validate_ca_header(const uint8_t *buf, uint32_t buf_size) 176 { 177 178 if (buf[0] != 'C' || buf[1] != 'A' || buf[2] != 0) 179 return false; 180 181 uint32_t data_size; 182 183 memcpy(&data_size, buf + 3, sizeof(uint32_t)); 184 185 if (data_size <= 0 || data_size > ATTESTATION_DATA_OFFSET) { 186 printf("invalide data_size:%d\n", data_size); 187 return false; 188 } 189 190 uint32_t real_size; 191 192 memcpy(&real_size, buf + 3 + sizeof(uint32_t), sizeof(uint32_t)); 193 if (real_size <= 0 || real_size > data_size) { 194 printf("invalide real_size:%d\n", real_size); 195 return false; 196 } 197 return true; 198 } 199 200 /* write key to security storage. */ 201 static uint32_t write_key(keymaster_algorithm_t key_type, 202 const uint8_t *key, uint32_t key_size) 203 { 204 char key_file[STORAGE_ID_LENGTH_MAX] = {0}; 205 206 snprintf(key_file, STORAGE_ID_LENGTH_MAX, "%s.%s", ATTESTATION_KEY_FILE, 207 get_keyslot_str(key_type)); 208 write_to_keymaster((uint8_t *)key_file, strlen(key_file), 209 (uint8_t *)key, key_size); 210 return 0; 211 } 212 213 /* write cert to security storage. */ 214 static uint32_t write_cert(keymaster_algorithm_t key_type, const uint8_t *cert, 215 uint32_t cert_size, uint32_t index) 216 { 217 char cert_file[STORAGE_ID_LENGTH_MAX] = {0}; 218 219 snprintf(cert_file, STORAGE_ID_LENGTH_MAX, "%s.%s.%d", ATTESTATION_CERT_PREFIX, 220 get_keyslot_str(key_type), index); 221 write_to_keymaster((uint8_t *)cert_file, strlen(cert_file), 222 (uint8_t *)cert, cert_size); 223 return 0; 224 } 225 226 /* write cert chain length to security storage. */ 227 static uint32_t write_cert_chain_length(keymaster_algorithm_t key_type, 228 uint8_t chain_len) 229 { 230 char cert_chain_length_file[STORAGE_ID_LENGTH_MAX] = {0}; 231 uint8_t data = chain_len; 232 uint32_t len = 1; 233 234 snprintf(cert_chain_length_file, STORAGE_ID_LENGTH_MAX, "%s.%s.length", 235 ATTESTATION_CERT_PREFIX, get_keyslot_str(key_type)); 236 write_to_keymaster((uint8_t *)cert_chain_length_file, 237 strlen(cert_chain_length_file), &data, len); 238 239 return 0; 240 } 241 242 atap_result load_attestation_key(struct blk_desc *dev_desc, 243 disk_partition_t *misc_partition) 244 { 245 int ret; 246 247 if (!dev_desc) { 248 printf("%s: Could not find device\n", __func__); 249 return ATAP_RESULT_ERROR_DEVICE_NOT_FOUND; 250 } 251 252 if (misc_partition == NULL) { 253 printf("misc partition not found!\n"); 254 return ATAP_RESULT_ERROR_PARTITION_NOT_FOUND; 255 } 256 257 /* get attestation data offset from misc partition */ 258 lbaint_t key_offset = misc_partition->start + 259 misc_partition->size - ATTESTATION_DATA_BLOCK_OFFSET; 260 261 /* read ca head from attestation data offset */ 262 uint8_t ca_headr[ATTESTATION_DATA_BLOCK_SIZE]; 263 264 ret = blk_dread(dev_desc, key_offset, 1, ca_headr); 265 if (ret != 1) { 266 printf("failed to read ca head from misc\n"); 267 return ATAP_RESULT_ERROR_BLOCK_READ; 268 } 269 270 if (!validate_ca_header(ca_headr, sizeof(ca_headr))) { 271 debug("ca head not found\n"); 272 return ATAP_RESULT_ERROR_INVALID_HEAD; 273 } 274 275 /* get attestation data size from ca head */ 276 uint32_t real_size; 277 278 memcpy(&real_size, ca_headr + 3 + sizeof(uint32_t), sizeof(uint32_t)); 279 280 /* calculate real block size of attestation data */ 281 int real_block_num = real_size / ATTESTATION_DATA_BLOCK_SIZE; 282 283 if (real_size % ATTESTATION_DATA_BLOCK_SIZE != 0) 284 real_block_num++; 285 286 unsigned char keybuf[ATTESTATION_DATA_OFFSET] = {0}; 287 288 /* check block size */ 289 if (real_block_num <= 0 || real_block_num > ATTESTATION_DATA_BLOCK_OFFSET) { 290 printf("invalidate real_block_num:%d\n", real_block_num); 291 return ATAP_RESULT_ERROR_INVALID_BLOCK_NUM; 292 } 293 294 /* read all attestation data from misc */ 295 if (blk_dread(dev_desc, key_offset, real_block_num, keybuf) != real_block_num) { 296 printf("failed to read misc key\n"); 297 return ATAP_RESULT_ERROR_BLOCK_READ; 298 } 299 300 /* read device id from buf*/ 301 uint32_t device_id_size = 0; 302 uint8_t device_id[32] = {0}; 303 304 memcpy(&device_id_size, keybuf + 16, sizeof(uint32_t)); 305 if (device_id_size < 0 || device_id_size > sizeof(device_id)) { 306 printf("invalidate device_id_size:%d\n", device_id_size); 307 return ATAP_RESULT_ERROR_INVALID_DEVICE_ID; 308 } 309 310 memcpy(device_id, keybuf + 16 + sizeof(uint32_t), device_id_size); 311 debug("device_id:%s\n", device_id); 312 313 /* read algorithm from buf */ 314 uint8_t *key_buf = keybuf + 16 + sizeof(uint32_t) + device_id_size; 315 uint32_t algorithm; 316 317 copy_uint32_from_buf(&key_buf, &algorithm); 318 debug("\n algorithm:%d\n", algorithm); 319 320 /* read rsa private key */ 321 atap_blob key; 322 323 if (copy_blob_from_buf(&key_buf, &key) == false) { 324 printf("copy_blob_from_buf failed!\n"); 325 return ATAP_RESULT_ERROR_BUF_COPY; 326 } 327 /* write rsa private key to security storage*/ 328 write_key(KM_ALGORITHM_RSA, key.data, key.data_length); 329 330 /* read rsa cert chain */ 331 atap_certchain certchain; 332 333 if (copy_cert_chain_from_buf(&key_buf, &certchain) == false) { 334 printf("copy_cert_chain_from_buf failed!\n"); 335 return ATAP_RESULT_ERROR_BUF_COPY; 336 } 337 338 /* write rsa cert chain size to security storage*/ 339 write_cert_chain_length(KM_ALGORITHM_RSA, 340 (uint8_t) certchain.entry_count); 341 342 /* write rsa cert chain data to security storage*/ 343 int i = 0; 344 345 for (i = 0; i < certchain.entry_count; ++i) { 346 write_cert(KM_ALGORITHM_RSA, certchain.entries[i].data, 347 certchain.entries[i].data_length, i); 348 } 349 350 /* read ec algorithm */ 351 copy_uint32_from_buf(&key_buf, &algorithm); 352 debug("\n algorithm:%d\n", algorithm); 353 354 /* read ec private key */ 355 free_blob(key); 356 if (copy_blob_from_buf(&key_buf, &key) == false) { 357 printf("copy_blob_from_buf failed!\n"); 358 return ATAP_RESULT_ERROR_BUF_COPY; 359 } 360 361 /* write ec private key to security storage*/ 362 write_key(KM_ALGORITHM_EC, key.data, key.data_length); 363 364 /* read ec cert chain */ 365 free_cert_chain(certchain); 366 if (copy_cert_chain_from_buf(&key_buf, &certchain) == false) { 367 printf("copy_cert_chain_from_buf failed!\n"); 368 return ATAP_RESULT_ERROR_BUF_COPY; 369 } 370 /* write ec cert chain size to security storage*/ 371 write_cert_chain_length(KM_ALGORITHM_EC, 372 (uint8_t) certchain.entry_count); 373 374 /* write ec cert chain to security storage*/ 375 for (i = 0; i < certchain.entry_count; ++i) { 376 write_cert(KM_ALGORITHM_EC, certchain.entries[i].data, 377 certchain.entries[i].data_length, i); 378 } 379 380 memset(keybuf, 0, sizeof(keybuf)); 381 382 /* wipe attestation data from misc*/ 383 if (blk_dwrite(dev_desc, key_offset, real_block_num, keybuf) != real_block_num) { 384 printf("StorageWriteLba failed\n"); 385 return ATAP_RESULT_ERROR_BLOCK_WRITE; 386 } 387 388 return ATAP_RESULT_OK; 389 } 390 391 atap_result read_key_data(uint8_t **key_buf, uint8_t *key_data, 392 uint32_t *key_data_length) 393 { 394 atap_blob key; 395 atap_certchain certchain; 396 397 /* read private key */ 398 if (copy_blob_from_buf(key_buf, &key) == false) { 399 printf("copy_blob_from_buf failed!\n"); 400 return ATAP_RESULT_ERROR_BUF_COPY; 401 } 402 memcpy(key_data, &key.data_length, sizeof(uint32_t)); 403 memcpy(key_data + 4, key.data, key.data_length); 404 *key_data_length = 4 + key.data_length; 405 406 /* read certchain */ 407 if (copy_cert_chain_from_buf(key_buf, &certchain) == false) { 408 printf("copy_cert_chain_from_buf failed!\n"); 409 return ATAP_RESULT_ERROR_BUF_COPY; 410 } 411 memcpy(key_data + *key_data_length, 412 &certchain.entry_count, sizeof(uint32_t)); 413 *key_data_length += 4; 414 for (int i = 0; i < certchain.entry_count; ++i) { 415 memcpy(key_data + *key_data_length, 416 &certchain.entries[i].data_length, sizeof(uint32_t)); 417 *key_data_length += 4; 418 memcpy(key_data + *key_data_length, certchain.entries[i].data, 419 certchain.entries[i].data_length); 420 *key_data_length += certchain.entries[i].data_length; 421 } 422 423 free_blob(key); 424 free_cert_chain(certchain); 425 426 return 0; 427 } 428 429 atap_result write_attestation_key_to_secure_storage(uint8_t *received_data, 430 uint32_t len) 431 { 432 unsigned char keybuf[ATTESTATION_DATA_OFFSET] = {0}; 433 uint32_t device_id_size = 0; 434 uint8_t device_id[32] = {0}; 435 uint8_t *key_buf = NULL; 436 uint32_t algorithm; 437 uint8_t *key_data; 438 uint32_t key_data_length = 0; 439 /* skip the tag(4 byte) and the size of key(4 byte) */ 440 memcpy(keybuf, received_data + 8, ATTESTATION_DATA_OFFSET); 441 key_data = malloc(ATTESTATION_DATA_OFFSET); 442 /* read device id from keybuf */ 443 memcpy(&device_id_size, keybuf + CA_HEADER_LEN, sizeof(uint32_t)); 444 if (device_id_size < 0 || device_id_size > sizeof(device_id)) { 445 printf("invalidate device_id_size:%d\n", device_id_size); 446 return ATAP_RESULT_ERROR_INVALID_DEVICE_ID; 447 } 448 449 memcpy(device_id, keybuf + CA_HEADER_LEN + sizeof(uint32_t), 450 device_id_size); 451 printf("device_id:%s\n", device_id); 452 453 /* read algorithm(RSA) from keybuf */ 454 key_buf = keybuf + CA_HEADER_LEN + sizeof(uint32_t) + device_id_size; 455 copy_uint32_from_buf(&key_buf, &algorithm); 456 printf("\n algorithm: %d\n", algorithm); 457 /* read rsa key and certchain */ 458 read_key_data(&key_buf, key_data, &key_data_length); 459 printf("write attestation key: RSA\n"); 460 write_key(KM_ALGORITHM_RSA, key_data, key_data_length); 461 462 /* read algorithm(EC) from keybuf */ 463 copy_uint32_from_buf(&key_buf, &algorithm); 464 printf("\n algorithm: %d\n", algorithm); 465 /* read ec key and certchain */ 466 read_key_data(&key_buf, key_data, &key_data_length); 467 printf("write attestation key: EC\n"); 468 write_key(KM_ALGORITHM_EC, key_data, key_data_length); 469 470 memset(keybuf, 0, sizeof(keybuf)); 471 free(key_data); 472 473 return ATAP_RESULT_OK; 474 } 475