1 /*
2 **
3 ** Copyright 2017, The Android Open Source Project
4 **
5 ** Licensed under the Apache License, Version 2.0 (the "License");
6 ** you may not use this file except in compliance with the License.
7 ** You may obtain a copy of the License at
8 **
9 **     http://www.apache.org/licenses/LICENSE-2.0
10 **
11 ** Unless required by applicable law or agreed to in writing, software
12 ** distributed under the License is distributed on an "AS IS" BASIS,
13 ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 ** See the License for the specific language governing permissions and
15 ** limitations under the License.
16 */
17 
18 #ifndef SYSTEM_KEYMASTER_KEYMASTER2_ENGINE_H_
19 #define SYSTEM_KEYMASTER_KEYMASTER2_ENGINE_H_
20 
21 #include <memory>
22 
23 #include <hardware/keymaster_defs.h>
24 
25 #include <keymaster/UniquePtr.h>
26 
27 struct keymaster1_device;
28 typedef struct keymaster1_device keymaster1_device_t;
29 struct keymaster2_device;
30 typedef struct keymaster2_device keymaster2_device_t;
31 
32 namespace keymaster {
33 
34 template <typename BlobType> struct TKeymasterBlob;
35 typedef TKeymasterBlob<keymaster_key_blob_t> KeymasterKeyBlob;
36 typedef TKeymasterBlob<keymaster_blob_t> KeymasterBlob;
37 class AuthorizationSet;
38 class OperationFactory;
39 
40 class KeymasterPassthroughEngine {
41   public:
~KeymasterPassthroughEngine()42     virtual ~KeymasterPassthroughEngine() {}
43     virtual keymaster_error_t GenerateKey(const AuthorizationSet& key_description,
44                                   KeymasterKeyBlob* key_material, AuthorizationSet* hw_enforced,
45                                   AuthorizationSet* sw_enforced) const = 0;
46 
47     virtual keymaster_error_t ImportKey(const AuthorizationSet& key_description,
48                                 keymaster_key_format_t input_key_material_format,
49                                 const KeymasterKeyBlob& input_key_material,
50                                 KeymasterKeyBlob* output_key_blob, AuthorizationSet* hw_enforced,
51                                 AuthorizationSet* sw_enforced) const = 0;
52     virtual keymaster_error_t ExportKey(keymaster_key_format_t format,
53             const KeymasterKeyBlob& blob,
54             const KeymasterBlob& client_id,
55             const KeymasterBlob& app_data,
56             KeymasterBlob* export_data) const = 0;
57     virtual keymaster_error_t DeleteKey(const KeymasterKeyBlob& blob) const = 0;
58     virtual keymaster_error_t DeleteAllKeys() const = 0;
59     virtual OperationFactory* GetOperationFactory(keymaster_purpose_t purpose,
60                                                   keymaster_algorithm_t algorithm) const = 0;
61 
62     static UniquePtr<KeymasterPassthroughEngine>
63     createInstance(const keymaster1_device_t* dev);
64     static UniquePtr<KeymasterPassthroughEngine>
65     createInstance(const keymaster2_device_t* dev);
66   protected:
KeymasterPassthroughEngine()67     KeymasterPassthroughEngine() {}
68 };
69 
70 } // namespace keymaster
71 
72 #endif  // SYSTEM_KEYMASTER_KEYMASTER2_ENGINE_H_
73