1*789431f2SAndroid Build Coastguard Worker /* 2*789431f2SAndroid Build Coastguard Worker * Copyright 2015 The Android Open Source Project 3*789431f2SAndroid Build Coastguard Worker * 4*789431f2SAndroid Build Coastguard Worker * Licensed under the Apache License, Version 2.0 (the "License"); 5*789431f2SAndroid Build Coastguard Worker * you may not use this file except in compliance with the License. 6*789431f2SAndroid Build Coastguard Worker * You may obtain a copy of the License at 7*789431f2SAndroid Build Coastguard Worker * 8*789431f2SAndroid Build Coastguard Worker * http://www.apache.org/licenses/LICENSE-2.0 9*789431f2SAndroid Build Coastguard Worker * 10*789431f2SAndroid Build Coastguard Worker * Unless required by applicable law or agreed to in writing, software 11*789431f2SAndroid Build Coastguard Worker * distributed under the License is distributed on an "AS IS" BASIS, 12*789431f2SAndroid Build Coastguard Worker * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13*789431f2SAndroid Build Coastguard Worker * See the License for the specific language governing permissions and 14*789431f2SAndroid Build Coastguard Worker * limitations under the License. 15*789431f2SAndroid Build Coastguard Worker */ 16*789431f2SAndroid Build Coastguard Worker 17*789431f2SAndroid Build Coastguard Worker #pragma once 18*789431f2SAndroid Build Coastguard Worker 19*789431f2SAndroid Build Coastguard Worker #include <hardware/keymaster_defs.h> 20*789431f2SAndroid Build Coastguard Worker #include <keymaster/authorization_set.h> 21*789431f2SAndroid Build Coastguard Worker 22*789431f2SAndroid Build Coastguard Worker namespace keymaster { 23*789431f2SAndroid Build Coastguard Worker 24*789431f2SAndroid Build Coastguard Worker class Key; 25*789431f2SAndroid Build Coastguard Worker class KeymasterContext; 26*789431f2SAndroid Build Coastguard Worker class OperationFactory; 27*789431f2SAndroid Build Coastguard Worker template <typename BlobType> struct TKeymasterBlob; 28*789431f2SAndroid Build Coastguard Worker typedef TKeymasterBlob<keymaster_key_blob_t> KeymasterKeyBlob; 29*789431f2SAndroid Build Coastguard Worker 30*789431f2SAndroid Build Coastguard Worker /** 31*789431f2SAndroid Build Coastguard Worker * KeyFactory is a abstraction that encapsulats the knowledge of how to build and parse a specifiec 32*789431f2SAndroid Build Coastguard Worker * subclass of Key. 33*789431f2SAndroid Build Coastguard Worker */ 34*789431f2SAndroid Build Coastguard Worker class KeyFactory { 35*789431f2SAndroid Build Coastguard Worker public: ~KeyFactory()36*789431f2SAndroid Build Coastguard Worker virtual ~KeyFactory() {} 37*789431f2SAndroid Build Coastguard Worker 38*789431f2SAndroid Build Coastguard Worker // Factory methods. 39*789431f2SAndroid Build Coastguard Worker virtual keymaster_error_t GenerateKey(const AuthorizationSet& key_description, 40*789431f2SAndroid Build Coastguard Worker UniquePtr<Key> attestation_signing_key, 41*789431f2SAndroid Build Coastguard Worker const KeymasterBlob& issuer_subject, 42*789431f2SAndroid Build Coastguard Worker KeymasterKeyBlob* key_blob, // 43*789431f2SAndroid Build Coastguard Worker AuthorizationSet* hw_enforced, 44*789431f2SAndroid Build Coastguard Worker AuthorizationSet* sw_enforced, 45*789431f2SAndroid Build Coastguard Worker CertificateChain* cert_chain) const = 0; 46*789431f2SAndroid Build Coastguard Worker 47*789431f2SAndroid Build Coastguard Worker virtual keymaster_error_t ImportKey(const AuthorizationSet& key_description, // 48*789431f2SAndroid Build Coastguard Worker keymaster_key_format_t input_key_material_format, 49*789431f2SAndroid Build Coastguard Worker const KeymasterKeyBlob& input_key_material, 50*789431f2SAndroid Build Coastguard Worker UniquePtr<Key> attestation_signing_key, // 51*789431f2SAndroid Build Coastguard Worker const KeymasterBlob& issuer_subject, 52*789431f2SAndroid Build Coastguard Worker KeymasterKeyBlob* output_key_blob, 53*789431f2SAndroid Build Coastguard Worker AuthorizationSet* hw_enforced, 54*789431f2SAndroid Build Coastguard Worker AuthorizationSet* sw_enforced, 55*789431f2SAndroid Build Coastguard Worker CertificateChain* cert_chain) const = 0; 56*789431f2SAndroid Build Coastguard Worker 57*789431f2SAndroid Build Coastguard Worker virtual keymaster_error_t LoadKey(KeymasterKeyBlob&& key_material, 58*789431f2SAndroid Build Coastguard Worker const AuthorizationSet& additional_params, 59*789431f2SAndroid Build Coastguard Worker AuthorizationSet&& hw_enforced, 60*789431f2SAndroid Build Coastguard Worker AuthorizationSet&& sw_enforced, 61*789431f2SAndroid Build Coastguard Worker UniquePtr<Key>* key) const = 0; 62*789431f2SAndroid Build Coastguard Worker 63*789431f2SAndroid Build Coastguard Worker virtual OperationFactory* GetOperationFactory(keymaster_purpose_t purpose) const = 0; 64*789431f2SAndroid Build Coastguard Worker 65*789431f2SAndroid Build Coastguard Worker // Informational methods. 66*789431f2SAndroid Build Coastguard Worker virtual const keymaster_key_format_t* SupportedImportFormats(size_t* format_count) const = 0; 67*789431f2SAndroid Build Coastguard Worker virtual const keymaster_key_format_t* SupportedExportFormats(size_t* format_count) const = 0; 68*789431f2SAndroid Build Coastguard Worker }; 69*789431f2SAndroid Build Coastguard Worker 70*789431f2SAndroid Build Coastguard Worker } // namespace keymaster 71