1 /*
2  * Copyright 2014 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef SYSTEM_KEYMASTER_KEY_H_
18 #define SYSTEM_KEYMASTER_KEY_H_
19 
20 #include <assert.h>
21 
22 #include <hardware/keymaster_defs.h>
23 #include <keymaster/UniquePtr.h>
24 #include <keymaster/android_keymaster_utils.h>
25 #include <keymaster/authorization_set.h>
26 
27 namespace keymaster {
28 
29 class KeyFactory;
30 
31 class Key {
32   public:
~Key()33     virtual ~Key() {}
34     Key(const Key&) = delete;
35     void operator=(const Key&) = delete;
36 
37     /**
38      * Return a copy of raw key material, in the specified format.
39      */
40     virtual keymaster_error_t formatted_key_material(keymaster_key_format_t format,
41                                                      UniquePtr<uint8_t[]>* material,
42                                                      size_t* size) const = 0;
43 
authorizations()44     AuthProxy authorizations() const { return AuthProxy(hw_enforced_, sw_enforced_); }
hw_enforced()45     const AuthorizationSet& hw_enforced() const { return hw_enforced_; }
sw_enforced()46     const AuthorizationSet& sw_enforced() const { return sw_enforced_; }
hw_enforced()47     AuthorizationSet& hw_enforced() { return hw_enforced_; }
sw_enforced()48     AuthorizationSet& sw_enforced() { return sw_enforced_; }
49 
key_material()50     const KeymasterKeyBlob& key_material() const { return key_material_; }
key_material()51     KeymasterKeyBlob& key_material() { return key_material_; }
52 
53     // Methods to move data out of the key.  These could be overloads of the methods above, with ref
54     // qualifiers, but naming them differently makes it harder to accidentally make a temporary copy
55     // when we mean to move.
hw_enforced_move()56     AuthorizationSet&& hw_enforced_move() { return move(hw_enforced_); }
sw_enforced_move()57     AuthorizationSet&& sw_enforced_move() { return move(sw_enforced_); }
key_material_move()58     KeymasterKeyBlob&& key_material_move() { return move(key_material_); }
59 
key_factory()60     const KeyFactory* key_factory() const { return key_factory_; }
key_factory()61     const KeyFactory*& key_factory() { return key_factory_; }
62 
63   protected:
Key(AuthorizationSet && hw_enforced,AuthorizationSet && sw_enforced,const KeyFactory * key_factory)64     Key(AuthorizationSet&& hw_enforced, AuthorizationSet&& sw_enforced,
65         const KeyFactory* key_factory)
66         : hw_enforced_(move(hw_enforced)), sw_enforced_(move(sw_enforced)),
67           key_factory_(key_factory) {}
68 
69   protected:
70     AuthorizationSet hw_enforced_;
71     AuthorizationSet sw_enforced_;
72     KeymasterKeyBlob key_material_;
73     const KeyFactory* key_factory_;
74 };
75 
76 }  // namespace keymaster
77 
78 #endif  // SYSTEM_KEYMASTER_KEY_H_
79