Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added support for NIAPSEC updates #3

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Added support for NIAPSEC updates #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
8f94ce2
Added support for NIAPSEC updates, which includes testing devices wit…
jmarkoff Jul 22, 2020
b6e2f3c
Add key testing patches for Android 9
brarcher-google Aug 7, 2020
1b0adaf
Add key testing patches for Android 10
brarcher-google Aug 7, 2020
4dc96c3
Removed worker threads. Running all encryption on UI thread to ensure…
jmarkoff Aug 15, 2020
0aa4fe7
Updated to ensure key clearing. All EphemeralSecretKey usage is in on…
jmarkoff Aug 20, 2020
41022ab
Added keypairalias for key eviction.
jmarkoff Oct 6, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 37 additions & 0 deletions niap-cc/KeyTestingPatches/Android10/0001-Add-logging-for-SP800-derived-passwords-too.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
From bd84acd97787d76bd87d42b7a8dbc1e164583112 Mon Sep 17 00:00:00 2001
From: Branden Archer <[email protected]>
Date: Thu, 6 Aug 2020 22:54:29 -0700
Subject: [PATCH] Add logging for SP800-derived passwords too

Change-Id: Icc8ffdfaed260034bfd5e911b6621c7981918419
---
.../locksettings/SyntheticPasswordManager.java | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java b/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java
index 1ba0e8ce7839..7f8695644c01 100644
--- a/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java
+++ b/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java
@@ -159,8 +159,18 @@ public class SyntheticPasswordManager {

private byte[] derivePassword(byte[] personalization) {
if (mVersion == SYNTHETIC_PASSWORD_VERSION_V3) {
- return (new SP800Derive(syntheticPassword.getBytes()))
+ StringBuilder logMessage = new StringBuilder();
+ logMessage.append("DO NOT SUBMIT derivePassword");
+ logMessage.append(" personalization: ");
+ logMessage.append(personalization);
+ logMessage.append(" context: ");
+ logMessage.append(SyntheticPasswordCrypto.bytesToHex(PERSONALISATION_CONTEXT));
+ byte[] res = (new SP800Derive(syntheticPassword.getBytes()))
.withContext(personalization, PERSONALISATION_CONTEXT);
+ logMessage.append(" result: ");
+ logMessage.append(SyntheticPasswordCrypto.bytesToHex(res));
+ Log.e(TAG, logMessage.toString());
+ return res;
} else {
return SyntheticPasswordCrypto.personalisedHash(personalization,
syntheticPassword.getBytes());
--
2.28.0.236.gb10cc79966-goog

30 changes: 30 additions & 0 deletions niap-cc/KeyTestingPatches/Android10/0001-DO-NOT-SUBMIT-log-disk-encryption-keys.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
From 871bfa37af72a81f03b413160f1b05ff7e26ede9 Mon Sep 17 00:00:00 2001
From: Paul Crowley <[email protected]>
Date: Thu, 24 Jan 2019 11:23:50 +0000
Subject: [PATCH] DO NOT SUBMIT log disk encryption keys

Bug: 121287968
Test: DO NOT SUBMIT
Change-Id: I1232ca6aff48b858e6e9fbbda70e96b2f80987a7
---
KeyStorage.cpp | 4 ++++
1 file changed, 4 insertions(+)

diff --git a/KeyStorage.cpp b/KeyStorage.cpp
index 0290086..e12dec2 100644
--- a/KeyStorage.cpp
+++ b/KeyStorage.cpp
@@ -541,6 +541,10 @@ bool retrieveKey(const std::string& dir, const KeyAuthentication& auth, KeyBuffe
} else {
if (!decryptWithoutKeymaster(appId, encryptedMessage, key)) return false;
}
+ KeyBuffer hexKey;
+ StrToHex(*key, hexKey);
+ hexKey.push_back('\0');
+ LOG(DEBUG) << "DO NOT SUBMIT log of key in " << dir << " " << hexKey.data();
return true;
}

--
2.28.0.236.gb10cc79966-goog

130 changes: 130 additions & 0 deletions niap-cc/KeyTestingPatches/Android10/0001-DO-NOT-SUBMIT-log-personalized-keys.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,130 @@
From 5148660f89ca289b0e70e508308b09f1d458c579 Mon Sep 17 00:00:00 2001
From: Paul Crowley <[email protected]>
Date: Thu, 6 Aug 2020 23:04:50 -0700
Subject: [PATCH] DO NOT SUBMIT log personalized keys

Change-Id: Id1ad9c46a9e77c94c2217c8945c31f1cb5244b13
---
.../locksettings/SyntheticPasswordCrypto.java | 43 ++++++++++++++++++-
.../SyntheticPasswordManager.java | 16 +------
2 files changed, 42 insertions(+), 17 deletions(-)

diff --git a/services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java b/services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java
index 388e51f203ca..494083c2f627 100644
--- a/services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java
+++ b/services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java
@@ -18,9 +18,10 @@ package com.android.server.locksettings;

import android.security.keystore.KeyProperties;
import android.security.keystore.KeyProtection;
-
+import android.util.Log;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
+import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
@@ -43,6 +44,7 @@ import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;

public class SyntheticPasswordCrypto {
+ private static final String TAG = "SyntheticPasswordCrypto";
private static final int PROFILE_KEY_IV_SIZE = 12;
private static final int DEFAULT_TAG_LENGTH_BITS = 128;
private static final int AES_KEY_LENGTH = 32; // 256-bit AES key
@@ -199,6 +201,8 @@ public class SyntheticPasswordCrypto {

protected static byte[] personalisedHash(byte[] personalisation, byte[]... message) {
try {
+ StringBuilder logMessage = new StringBuilder();
+ logMessage.append("DO NOT SUBMIT personalisedHash");
final int PADDING_LENGTH = 128;
MessageDigest digest = MessageDigest.getInstance("SHA-512");
if (personalisation.length > PADDING_LENGTH) {
@@ -206,14 +210,49 @@ public class SyntheticPasswordCrypto {
}
// Personalize the hash
// Pad it to the block size of the hash function
+ logMessage.append(" personalization: ");
+ logMessage.append(bytesToHex(personalisation));
personalisation = Arrays.copyOf(personalisation, PADDING_LENGTH);
digest.update(personalisation);
+ logMessage.append(" message: [");
for (byte[] data : message) {
+ logMessage.append(" ");
+ logMessage.append(bytesToHex(data));
digest.update(data);
}
- return digest.digest();
+ logMessage.append(" ]");
+ byte[] res = digest.digest();
+ logMessage.append(" digest: ");
+ logMessage.append(bytesToHex(res));
+ Log.e(TAG, logMessage.toString());
+ return res;
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException("NoSuchAlgorithmException for SHA-512", e);
}
}
+
+ /**
+ * Uppercase hex string for byte array
+ */
+ public static String bytesToHex(byte[] bytes) {
+ try {
+ return new String(bytesToHexBytes(bytes), "UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ protected static final byte[] HEX_ARRAY = "0123456789ABCDEF".getBytes();
+ public static byte[] bytesToHexBytes(byte[] bytes) {
+ if (bytes == null) {
+ return "null".getBytes();
+ }
+ byte[] hexBytes = new byte[bytes.length * 2];
+ for ( int j = 0; j < bytes.length; j++ ) {
+ int v = bytes[j] & 0xFF;
+ hexBytes[j * 2] = HEX_ARRAY[v >>> 4];
+ hexBytes[j * 2 + 1] = HEX_ARRAY[v & 0x0F];
+ }
+ return hexBytes;
+ }
}
diff --git a/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java b/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java
index 7f8695644c01..3053d99e51f4 100644
--- a/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java
+++ b/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java
@@ -178,7 +178,7 @@ public class SyntheticPasswordManager {
}

public byte[] deriveKeyStorePassword() {
- return bytesToHex(derivePassword(PERSONALIZATION_KEY_STORE_PASSWORD));
+ return SyntheticPasswordCrypto.bytesToHexBytes(derivePassword(PERSONALIZATION_KEY_STORE_PASSWORD));
}

public byte[] deriveGkPassword() {
@@ -1223,18 +1223,4 @@ public class SyntheticPasswordManager {
}
return result;
}
-
- protected static final byte[] HEX_ARRAY = "0123456789ABCDEF".getBytes();
- private static byte[] bytesToHex(byte[] bytes) {
- if (bytes == null) {
- return "null".getBytes();
- }
- byte[] hexBytes = new byte[bytes.length * 2];
- for ( int j = 0; j < bytes.length; j++ ) {
- int v = bytes[j] & 0xFF;
- hexBytes[j * 2] = HEX_ARRAY[v >>> 4];
- hexBytes[j * 2 + 1] = HEX_ARRAY[v & 0x0F];
- }
- return hexBytes;
- }
}
--
2.28.0.236.gb10cc79966-goog

73 changes: 73 additions & 0 deletions niap-cc/KeyTestingPatches/Android10/0001-Dump-master-key-when-generated-and-read.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
From 4ba7ae38c2a7738180f8da3ef3dc99739a59569d Mon Sep 17 00:00:00 2001
From: Branden Archer <[email protected]>
Date: Thu, 6 Aug 2020 23:09:05 -0700
Subject: [PATCH] Dump master key when generated and read

Change-Id: I5027a72d8e368338eefd6c66e610ae83b45792ab
---
keystore/user_state.cpp | 21 ++++++++++++++++++++-
1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/keystore/user_state.cpp b/keystore/user_state.cpp
index bc3f6d9..b1a505d 100644
--- a/keystore/user_state.cpp
+++ b/keystore/user_state.cpp
@@ -20,6 +20,8 @@

#include <dirent.h>
#include <fcntl.h>
+#include <iomanip>
+#include <sstream>
#include <stdio.h>
#include <stdlib.h>
#include <sys/stat.h>
@@ -148,6 +150,18 @@ ResponseCode UserState::writeMasterKey(const android::String8& pw) {
return lockedEntry.writeBlobs(masterKeyBlob, {}, passwordKey, STATE_NO_ERROR);
}

+static std::string hexEncode(const std::vector<uint8_t>& input) {
+ std::stringstream hexStream;
+ for (std::vector<uint8_t>::const_iterator it = input.begin(); it != input.end(); ++it) {
+ char raw[20] = {0};
+ snprintf(raw, sizeof(raw), "%02x", *it);
+ hexStream << raw;
+ }
+ std::string result;
+ hexStream >> result;
+ return result;
+}
+
ResponseCode UserState::readMasterKey(const android::String8& pw) {

auto lockedEntry = LockedKeyBlobEntry::get(mMasterKeyEntry);
@@ -200,7 +214,8 @@ ResponseCode UserState::readMasterKey(const android::String8& pw) {
if (response == ResponseCode::NO_ERROR) {
mMasterKey = std::vector<uint8_t>(masterKeyBlob.getValue(),
masterKeyBlob.getValue() + masterKeyBlob.getLength());
-
+ std::string hexKeyBlob = hexEncode(mMasterKey);
+ ALOGI("CKM.4 keystore daemon Master key read: %s %lu", hexKeyBlob.c_str(), mMasterKey.size());
setupMasterKeys();
}
return response;
@@ -269,6 +284,8 @@ void UserState::generateKeyFromPassword(std::vector<uint8_t>& key, const android

PKCS5_PBKDF2_HMAC(reinterpret_cast<const char*>(pw.string()), pw.length(), salt, saltSize, 8192,
digest, key.size(), key.data());
+ std::string hexKey = hexEncode(key);
+ ALOGI("CKM.4 keystore daemon Password key: %s", hexKey.c_str());
}

bool UserState::generateSalt() {
@@ -283,6 +300,8 @@ bool UserState::generateMasterKey() {
if (!generateSalt()) {
return false;
}
+ std::string hexKey = hexEncode(mMasterKey);
+ ALOGI("CKM.4 keystore daemon Master key generate: %s %lu", hexKey.c_str(), mMasterKey.size());
return true;
}

--
2.28.0.236.gb10cc79966-goog

30 changes: 30 additions & 0 deletions niap-cc/KeyTestingPatches/Android10/0001-Dump-security-key.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
From 5c72e383be28b5644e7b89833e0afe53095a6bc8 Mon Sep 17 00:00:00 2001
From: Sunil Ravi <[email protected]>
Date: Sun, 10 Mar 2019 12:49:53 -0700
Subject: [PATCH] Dump security key

Dump security keys from supplicant

Bug: 123907624
Test: Regression test
Change-Id: I77254d92077d20d6a9520d7cf9f55eecbb2853f6
---
src/utils/wpa_debug.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/utils/wpa_debug.c b/src/utils/wpa_debug.c
index c437000..916e385 100644
--- a/src/utils/wpa_debug.c
+++ b/src/utils/wpa_debug.c
@@ -387,7 +387,7 @@ void wpa_hexdump(int level, const char *title, const void *buf, size_t len)

void wpa_hexdump_key(int level, const char *title, const void *buf, size_t len)
{
- _wpa_hexdump(level, title, buf, len, wpa_debug_show_keys);
+ _wpa_hexdump(level, title, buf, len, 1/* wpa_debug_show_keys */);
}


--
2.28.0.236.gb10cc79966-goog

52 changes: 52 additions & 0 deletions niap-cc/KeyTestingPatches/Android10/0001-Dump-synthetic-password-related-keys.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
From cb30a1083ab64307eec816220c67356827f3a81b Mon Sep 17 00:00:00 2001
From: Branden Archer <[email protected]>
Date: Thu, 6 Aug 2020 23:15:28 -0700
Subject: [PATCH] Dump synthetic password related keys

The change relates to NIAP certification testing. This
should not be committed, as it should only be used in
one-off builds for testing.

Test: Created a lock screen password, observed keys dumped to logs
from keystore and SyntheticPasswordManager
Change-Id: Ieac878ba5b94425cbf29d870ff0a4930092d6b7a
---
.../server/locksettings/SyntheticPasswordManager.java | 8 ++++++++
1 file changed, 8 insertions(+)

diff --git a/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java b/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java
index 3053d99e51f4..7bac237570d5 100644
--- a/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java
+++ b/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java
@@ -645,6 +645,10 @@ public class SyntheticPasswordManager {
long handle = generateHandle();
PasswordData pwd = PasswordData.create(credentialType);
byte[] pwdToken = computePasswordToken(credential, pwd);
+
+ String hexPwdToken = String.valueOf(HexEncoding.encode(pwdToken));
+ Log.i(TAG, "CKM.4.1 pwdToken " + hexPwdToken);
+
final long sid;
final byte[] applicationId;

@@ -987,6 +991,8 @@ public class SyntheticPasswordManager {

private AuthenticationToken unwrapSyntheticPasswordBlob(long handle, byte type,
byte[] applicationId, long sid, int userId) {
+ String hexApplicationId = String.valueOf(HexEncoding.encode(applicationId));
+ Log.i(TAG, "CKM.4.2 applicationId " + hexApplicationId);
byte[] blob = loadState(SP_BLOB_NAME, handle, userId);
if (blob == null) {
return null;
@@ -1021,6 +1027,8 @@ public class SyntheticPasswordManager {
result.recreate(secret);
} else {
result.syntheticPassword = new String(secret);
+ String hexSyntheticPassword = String.valueOf(HexEncoding.encode(secret));
+ Log.i(TAG, "CKM.4.3 synthetic password " + hexSyntheticPassword);
}
if (version == SYNTHETIC_PASSWORD_VERSION_V1) {
Log.i(TAG, "Upgrade v1 SP blob for user " + userId + ", type = " + type);
--
2.28.0.236.gb10cc79966-goog

16 changes: 16 additions & 0 deletions niap-cc/KeyTestingPatches/Android10/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
These patches are based off of tag `android-10.0.0_r41`.
Here are the paths that the patches apply to:

`frameworks/base`:
0001-Add-logging-for-SP800-derived-passwords-too.patch
0001-DO-NOT-SUBMIT-log-personalized-keys.patch
0001-Dump-synthetic-password-related-keys.patch

`system/vold`:
0001-DO-NOT-SUBMIT-log-disk-encryption-keys.patch

`system/security`:
0001-Dump-master-key-when-generated-and-read.patch

`external/wpa_supplicant_8`:
0001-Dump-security-key.patch
Loading