/* * Copyright 2017, The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #ifndef ANDROID_HARDWARE_KEYMASTER_KEYMASTER_DEVICE_H #define ANDROID_HARDWARE_KEYMASTER_KEYMASTER_DEVICE_H #include #include #include namespace android { namespace hardware { namespace keymaster { using ::android::hardware::keymaster::V4_0::ErrorCode; using ::android::hardware::keymaster::V4_0::HardwareAuthToken; using ::android::hardware::keymaster::V4_0::HmacSharingParameters; using ::android::hardware::keymaster::V4_0::IKeymasterDevice; using ::android::hardware::keymaster::V4_0::KeyFormat; using ::android::hardware::keymaster::V4_0::KeyParameter; using ::android::hardware::keymaster::V4_0::KeyPurpose; using ::android::hardware::keymaster::V4_0::VerificationToken; using ::android::hardware::Return; using ::android::hardware::hidl_vec; using ::nugget::app::keymaster::BootColor; #define KM_MAX_PROTO_FIELD_SIZE 2048 using KeymasterClient = ::nugget::app::keymaster::IKeymaster; struct KeymasterDevice : public IKeymasterDevice { KeymasterDevice(KeymasterClient& keymaster); ~KeymasterDevice() override = default; // Methods from ::android::hardware::keymaster::V4_0::IKeymasterDevice follow. Return getHardwareInfo(getHardwareInfo_cb _hidl_cb) override; Return getHmacSharingParameters( getHmacSharingParameters_cb _hidl_cb) override; Return computeSharedHmac( const hidl_vec& params, computeSharedHmac_cb _hidl_cb) override; Return verifyAuthorization( uint64_t operationHandle, const hidl_vec& parametersToVerify, const HardwareAuthToken& authToken, verifyAuthorization_cb _hidl_cb) override; Return addRngEntropy(const hidl_vec& data) override; Return generateKey(const hidl_vec& keyParams, generateKey_cb _hidl_cb) override; Return getKeyCharacteristics( const hidl_vec& keyBlob, const hidl_vec& clientId, const hidl_vec& appData, getKeyCharacteristics_cb _hidl_cb) override; Return importKey( const hidl_vec& params, KeyFormat keyFormat, const hidl_vec& keyData, importKey_cb _hidl_cb) override; Return importWrappedKey(const hidl_vec& wrappedKeyData, const hidl_vec& wrappingKeyBlob, const hidl_vec& maskingKey, const hidl_vec& unwrappingParams, uint64_t passwordSid, uint64_t biometricSid, importWrappedKey_cb _hidl_cb) override; Return exportKey( KeyFormat exportFormat, const hidl_vec& keyBlob, const hidl_vec& clientId, const hidl_vec& appData, exportKey_cb _hidl_cb) override; Return attestKey(const hidl_vec& keyToAttest, const hidl_vec& attestParams, attestKey_cb _hidl_cb) override; Return upgradeKey(const hidl_vec& keyBlobToUpgrade, const hidl_vec& upgradeParams, upgradeKey_cb _hidl_cb) override; Return deleteKey(const hidl_vec& keyBlob) override; Return deleteAllKeys() override; Return destroyAttestationIds() override; Return begin(KeyPurpose purpose, const hidl_vec& key, const hidl_vec& inParams, const HardwareAuthToken& authToken, begin_cb _hidl_cb) override; Return update( uint64_t operationHandle, const hidl_vec& inParams, const hidl_vec& input, const HardwareAuthToken& authToken, const VerificationToken& verificationToken, update_cb _hidl_cb) override; Return finish( uint64_t operationHandle, const hidl_vec& inParams, const hidl_vec& input, const hidl_vec& signature, const HardwareAuthToken& authToken, const VerificationToken& verificationToken, finish_cb _hidl_cb) override; Return abort(uint64_t operationHandle) override; private: KeymasterClient& _keymaster; // These come from GetProperty. uint32_t _os_version; uint32_t _os_patchlevel; uint32_t _vendor_patchlevel; // These come from the bootloader through Citadel. bool _is_unlocked; BootColor _boot_color; std::vector _boot_key; std::vector _boot_hash; Return SendSystemVersionInfo() const; Return GetBootInfo(); }; } // namespace keymaster } // namespace hardware } // namespace android #endif // ANDROID_HARDWARE_KEYMASTER_KEYMASTER_DEVICE_H