From 90edd2e867b238e71ee198e3460e289cd7dee54c Mon Sep 17 00:00:00 2001
From: Peter Cai <peter@typeblog.net>
Date: Thu, 23 May 2019 16:32:22 +0800
Subject: ext4crypt: support wrappedkey for FBE

Qualcomm devices use a special `wrappedkey` mode for FBE. This is ported
from CAF
https://source.codeaurora.org/quic/la/platform/system/vold/commit/?h=LA.UM.7.8.r4-01000-SDM710.0&id=9229262d893a8592f7bc1b4e8a8dab7aad8df68c,
originally by folks at Mokee for vold
https://mokeedev.review/c/MoKee/android_system_vold/+/34102.

This patch ports the above changes to `ext4crypt`, which we can use in
recovery. Note that since we do not have `fs_mgr` in the recovery, we
cannot read the `wrappedkey` flag from fstab. Instead, similar to
`fbe.contents`, we use a special property `fbe.data.wrappedkey` to
indicate support for wrappedkey mode. Devices that need to use this
should set this property to `true` to activate corresponding code.

Change-Id: I79c2855d577156670b45c10c7c7b1fcd9fece8d9
---
 crypto/ext4crypt/KeyStorage4.cpp | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

(limited to 'crypto/ext4crypt/KeyStorage4.cpp')

diff --git a/crypto/ext4crypt/KeyStorage4.cpp b/crypto/ext4crypt/KeyStorage4.cpp
index 28efdf1a9..cab88a19d 100644
--- a/crypto/ext4crypt/KeyStorage4.cpp
+++ b/crypto/ext4crypt/KeyStorage4.cpp
@@ -66,6 +66,7 @@ static constexpr size_t SECDISCARDABLE_BYTES = 1 << 14;
 static constexpr size_t STRETCHED_BYTES = 1 << 6;
 
 static constexpr uint32_t AUTH_TIMEOUT = 30;  // Seconds
+constexpr int EXT4_AES_256_XTS_KEY_SIZE = 64;
 
 static const char* kCurrentVersion = "1";
 static const char* kRmPath = "/system/bin/rm";
@@ -131,6 +132,45 @@ static bool generateKeymasterKey(Keymaster& keymaster, const KeyAuthentication&
     return keymaster.generateKey(paramBuilder, key);
 }
 
+bool generateWrappedKey(userid_t user_id, KeyType key_type,
+                                     KeyBuffer* key) {
+    Keymaster keymaster;
+    if (!keymaster) return false;
+    *key = KeyBuffer(EXT4_AES_256_XTS_KEY_SIZE);
+    std::string key_temp;
+    auto paramBuilder = km::AuthorizationSetBuilder()
+                               .AesEncryptionKey(AES_KEY_BYTES * 8)
+                               .GcmModeMinMacLen(GCM_MAC_BYTES * 8)
+                               .Authorization(km::TAG_USER_ID, user_id);
+    km::KeyParameter param1;
+    param1.tag = (km::Tag) (android::hardware::keymaster::V4_0::KM_TAG_FBE_ICE);
+    param1.f.boolValue = true;
+    paramBuilder.push_back(param1);
+    km::KeyParameter param2;
+    if ((key_type == KeyType::DE_USER) || (key_type == KeyType::DE_SYS)) {
+        param2.tag = (km::Tag) (android::hardware::keymaster::V4_0::KM_TAG_KEY_TYPE);
+        param2.f.integer = 0;
+    } else if (key_type == KeyType::CE_USER) {
+        param2.tag = (km::Tag) (android::hardware::keymaster::V4_0::KM_TAG_KEY_TYPE);
+        param2.f.integer = 1;
+    }
+    paramBuilder.push_back(param2);
+    if (!keymaster.generateKey(paramBuilder, &key_temp)) return false;
+    *key = KeyBuffer(key_temp.size());
+    memcpy(reinterpret_cast<void*>(key->data()), key_temp.c_str(), key->size());
+    return true;
+}
+
+bool getEphemeralWrappedKey(km::KeyFormat format, KeyBuffer& kmKey, KeyBuffer* key) {
+    std::string key_temp;
+    Keymaster keymaster;
+    if (!keymaster) return false;
+    if (!keymaster.exportKey(format, kmKey, "!", "!", &key_temp)) return false;
+    *key = KeyBuffer(key_temp.size());
+    memcpy(reinterpret_cast<void*>(key->data()), key_temp.c_str(), key->size());
+    return true;
+}
+
 static std::pair<km::AuthorizationSet, km::HardwareAuthToken> beginParams(
     const KeyAuthentication& auth, const std::string& appId) {
     auto paramBuilder = km::AuthorizationSetBuilder()
-- 
cgit v1.2.3