1 /*
2  * Copyright 2015 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #pragma once
18 
19 #include <hardware/keymaster_defs.h>
20 #include <keymaster/authorization_set.h>
21 
22 namespace keymaster {
23 
24 class Key;
25 class KeymasterContext;
26 class OperationFactory;
27 template <typename BlobType> struct TKeymasterBlob;
28 typedef TKeymasterBlob<keymaster_key_blob_t> KeymasterKeyBlob;
29 
30 /**
31  * KeyFactory is a abstraction that encapsulats the knowledge of how to build and parse a specifiec
32  * subclass of Key.
33  */
34 class KeyFactory {
35   public:
~KeyFactory()36     virtual ~KeyFactory() {}
37 
38     // Factory methods.
39     virtual keymaster_error_t GenerateKey(const AuthorizationSet& key_description,
40                                           UniquePtr<Key> attestation_signing_key,
41                                           const KeymasterBlob& issuer_subject,
42                                           KeymasterKeyBlob* key_blob,  //
43                                           AuthorizationSet* hw_enforced,
44                                           AuthorizationSet* sw_enforced,
45                                           CertificateChain* cert_chain) const = 0;
46 
47     virtual keymaster_error_t ImportKey(const AuthorizationSet& key_description,  //
48                                         keymaster_key_format_t input_key_material_format,
49                                         const KeymasterKeyBlob& input_key_material,
50                                         UniquePtr<Key> attestation_signing_key,  //
51                                         const KeymasterBlob& issuer_subject,
52                                         KeymasterKeyBlob* output_key_blob,
53                                         AuthorizationSet* hw_enforced,
54                                         AuthorizationSet* sw_enforced,
55                                         CertificateChain* cert_chain) const = 0;
56 
57     virtual keymaster_error_t LoadKey(KeymasterKeyBlob&& key_material,
58                                       const AuthorizationSet& additional_params,
59                                       AuthorizationSet&& hw_enforced,
60                                       AuthorizationSet&& sw_enforced,
61                                       UniquePtr<Key>* key) const = 0;
62 
63     virtual OperationFactory* GetOperationFactory(keymaster_purpose_t purpose) const = 0;
64 
65     // Informational methods.
66     virtual const keymaster_key_format_t* SupportedImportFormats(size_t* format_count) const = 0;
67     virtual const keymaster_key_format_t* SupportedExportFormats(size_t* format_count) const = 0;
68 };
69 
70 }  // namespace keymaster
71