platform/hardware/amlogic/keymaster.git - Unnamed repository; edit this file 'description' to name the repository.

1 /*
2  * Copyright 2014 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16
17 #ifndef SYSTEM_KEYMASTER_OPENSSL_UTILS_H_
18 #define SYSTEM_KEYMASTER_OPENSSL_UTILS_H_
19
20 #include <openssl/bn.h>
21 #include <openssl/ec.h>
22 #include <openssl/engine.h>
23 #include <openssl/evp.h>
24 #include <openssl/rsa.h>
25 #include <openssl/x509.h>
26
27 #include <UniquePtr.h>
28
29 #include <hardware/keymaster_defs.h>
30
31 namespace keymaster {
32
33 struct KeymasterKeyBlob;
34
35 class EvpMdCtxCleaner {
36   public:
37     explicit EvpMdCtxCleaner(EVP_MD_CTX* ctx) : ctx_(ctx) {}
38     ~EvpMdCtxCleaner() { EVP_MD_CTX_cleanup(ctx_); }
39
40   private:
41     EVP_MD_CTX* ctx_;
42 };
43
44 template <typename T, void (*FreeFunc)(T*)> struct OpenSslObjectDeleter {
45     void operator()(T* p) { FreeFunc(p); }
46 };
47
48 #define DEFINE_OPENSSL_OBJECT_POINTER(name)                                                        \
49     typedef OpenSslObjectDeleter<name, name##_free> name##_Delete;                                 \
50     typedef UniquePtr<name, name##_Delete> name##_Ptr;
51
52 DEFINE_OPENSSL_OBJECT_POINTER(ASN1_BIT_STRING)
53 DEFINE_OPENSSL_OBJECT_POINTER(ASN1_INTEGER)
54 DEFINE_OPENSSL_OBJECT_POINTER(ASN1_OBJECT)
55 DEFINE_OPENSSL_OBJECT_POINTER(ASN1_OCTET_STRING)
56 DEFINE_OPENSSL_OBJECT_POINTER(ASN1_TIME)
57 DEFINE_OPENSSL_OBJECT_POINTER(BN_CTX)
58 DEFINE_OPENSSL_OBJECT_POINTER(EC_GROUP)
59 DEFINE_OPENSSL_OBJECT_POINTER(EC_KEY)
60 DEFINE_OPENSSL_OBJECT_POINTER(EC_POINT)
61 DEFINE_OPENSSL_OBJECT_POINTER(ENGINE)
62 DEFINE_OPENSSL_OBJECT_POINTER(EVP_PKEY)
63 DEFINE_OPENSSL_OBJECT_POINTER(PKCS8_PRIV_KEY_INFO)
64 DEFINE_OPENSSL_OBJECT_POINTER(RSA)
65 DEFINE_OPENSSL_OBJECT_POINTER(X509)
66 DEFINE_OPENSSL_OBJECT_POINTER(X509_EXTENSION)
67 DEFINE_OPENSSL_OBJECT_POINTER(X509_NAME)
68
69 typedef OpenSslObjectDeleter<BIGNUM, BN_free> BIGNUM_Delete;
70 typedef UniquePtr<BIGNUM, BIGNUM_Delete> BIGNUM_Ptr;
71
72 keymaster_error_t ec_get_group_size(const EC_GROUP* group, size_t* key_size_bits);
73 EC_GROUP* ec_get_group(keymaster_ec_curve_t curve);
74
75 /**
76  * Many OpenSSL APIs take ownership of an argument on success but don't free the argument on
77  * failure. This means we need to tell our scoped pointers when we've transferred ownership, without
78  * triggering a warning by not using the result of release().
79  */
80 template <typename T, typename Delete_T>
81 inline void release_because_ownership_transferred(UniquePtr<T, Delete_T>& p) {
82     T* val __attribute__((unused)) = p.release();
83 }
84
85 keymaster_error_t convert_pkcs8_blob_to_evp(const uint8_t* key_data, size_t key_length,
86                                             keymaster_algorithm_t expected_algorithm,
87                                             UniquePtr<EVP_PKEY, EVP_PKEY_Delete>* pkey);
88
89 keymaster_error_t KeyMaterialToEvpKey(keymaster_key_format_t key_format,
90                                       const KeymasterKeyBlob& key_material,
91                                       keymaster_algorithm_t expected_algorithm,
92                                       UniquePtr<EVP_PKEY, EVP_PKEY_Delete>* evp_pkey);
93
94 keymaster_error_t EvpKeyToKeyMaterial(const EVP_PKEY* evp_pkey, KeymasterKeyBlob* key_blob);
95
96 size_t ec_group_size_bits(EC_KEY* ec_key);
97
98 }  // namespace keymaster
99
100 #endif  // SYSTEM_KEYMASTER_OPENSSL_UTILS_H_
101
1	/*
2	* Copyright 2014 The Android Open Source Project
3	*
4	* Licensed under the Apache License, Version 2.0 (the "License");
5	* you may not use this file except in compliance with the License.
6	* You may obtain a copy of the License at
7	*
8	* http://www.apache.org/licenses/LICENSE-2.0
9	*
10	* Unless required by applicable law or agreed to in writing, software
11	* distributed under the License is distributed on an "AS IS" BASIS,
12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13	* See the License for the specific language governing permissions and
14	* limitations under the License.
15	*/
16
17	#ifndef SYSTEM_KEYMASTER_OPENSSL_UTILS_H_
18	#define SYSTEM_KEYMASTER_OPENSSL_UTILS_H_
19
20	#include <openssl/bn.h>
21	#include <openssl/ec.h>
22	#include <openssl/engine.h>
23	#include <openssl/evp.h>
24	#include <openssl/rsa.h>
25	#include <openssl/x509.h>
26
27	#include <UniquePtr.h>
28
29	#include <hardware/keymaster_defs.h>
30
31	namespace keymaster {
32
33	struct KeymasterKeyBlob;
34
35	class EvpMdCtxCleaner {
36	public:
37	explicit EvpMdCtxCleaner(EVP_MD_CTX* ctx) : ctx_(ctx) {}
38	~EvpMdCtxCleaner() { EVP_MD_CTX_cleanup(ctx_); }
39
40	private:
41	EVP_MD_CTX* ctx_;
42	};
43
44	template <typename T, void (FreeFunc)(T)> struct OpenSslObjectDeleter {
45	void operator()(T* p) { FreeFunc(p); }
46	};
47
48	#define DEFINE_OPENSSL_OBJECT_POINTER(name) \
49	typedef OpenSslObjectDeleter<name, name##_free> name##_Delete; \
50	typedef UniquePtr<name, name##_Delete> name##_Ptr;
51
52	DEFINE_OPENSSL_OBJECT_POINTER(ASN1_BIT_STRING)
53	DEFINE_OPENSSL_OBJECT_POINTER(ASN1_INTEGER)
54	DEFINE_OPENSSL_OBJECT_POINTER(ASN1_OBJECT)
55	DEFINE_OPENSSL_OBJECT_POINTER(ASN1_OCTET_STRING)
56	DEFINE_OPENSSL_OBJECT_POINTER(ASN1_TIME)
57	DEFINE_OPENSSL_OBJECT_POINTER(BN_CTX)
58	DEFINE_OPENSSL_OBJECT_POINTER(EC_GROUP)
59	DEFINE_OPENSSL_OBJECT_POINTER(EC_KEY)
60	DEFINE_OPENSSL_OBJECT_POINTER(EC_POINT)
61	DEFINE_OPENSSL_OBJECT_POINTER(ENGINE)
62	DEFINE_OPENSSL_OBJECT_POINTER(EVP_PKEY)
63	DEFINE_OPENSSL_OBJECT_POINTER(PKCS8_PRIV_KEY_INFO)
64	DEFINE_OPENSSL_OBJECT_POINTER(RSA)
65	DEFINE_OPENSSL_OBJECT_POINTER(X509)
66	DEFINE_OPENSSL_OBJECT_POINTER(X509_EXTENSION)
67	DEFINE_OPENSSL_OBJECT_POINTER(X509_NAME)
68
69	typedef OpenSslObjectDeleter<BIGNUM, BN_free> BIGNUM_Delete;
70	typedef UniquePtr<BIGNUM, BIGNUM_Delete> BIGNUM_Ptr;
71
72	keymaster_error_t ec_get_group_size(const EC_GROUP* group, size_t* key_size_bits);
73	EC_GROUP* ec_get_group(keymaster_ec_curve_t curve);
74
75	/**
76	* Many OpenSSL APIs take ownership of an argument on success but don't free the argument on
77	* failure. This means we need to tell our scoped pointers when we've transferred ownership, without
78	* triggering a warning by not using the result of release().
79	*/
80	template <typename T, typename Delete_T>
81	inline void release_because_ownership_transferred(UniquePtr<T, Delete_T>& p) {
82	T* val __attribute__((unused)) = p.release();
83	}
84
85	keymaster_error_t convert_pkcs8_blob_to_evp(const uint8_t* key_data, size_t key_length,
86	keymaster_algorithm_t expected_algorithm,
87	UniquePtr<EVP_PKEY, EVP_PKEY_Delete>* pkey);
88
89	keymaster_error_t KeyMaterialToEvpKey(keymaster_key_format_t key_format,
90	const KeymasterKeyBlob& key_material,
91	keymaster_algorithm_t expected_algorithm,
92	UniquePtr<EVP_PKEY, EVP_PKEY_Delete>* evp_pkey);
93
94	keymaster_error_t EvpKeyToKeyMaterial(const EVP_PKEY* evp_pkey, KeymasterKeyBlob* key_blob);
95
96	size_t ec_group_size_bits(EC_KEY* ec_key);
97
98	} // namespace keymaster
99
100	#endif // SYSTEM_KEYMASTER_OPENSSL_UTILS_H_
101