1 /*
2 **
3 ** Copyright 2017, The Android Open Source Project
4 **
5 ** Licensed under the Apache License, Version 2.0 (the "License");
6 ** you may not use this file except in compliance with the License.
7 ** You may obtain a copy of the License at
8 **
9 **     http://www.apache.org/licenses/LICENSE-2.0
10 **
11 ** Unless required by applicable law or agreed to in writing, software
12 ** distributed under the License is distributed on an "AS IS" BASIS,
13 ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 ** See the License for the specific language governing permissions and
15 ** limitations under the License.
16 */
17 
18 #pragma once
19 
20 #include <memory>
21 
22 #include <hardware/keymaster_defs.h>
23 
24 #include <keymaster/UniquePtr.h>
25 
26 struct keymaster1_device;
27 typedef struct keymaster1_device keymaster1_device_t;
28 struct keymaster2_device;
29 typedef struct keymaster2_device keymaster2_device_t;
30 
31 namespace keymaster {
32 
33 template <typename BlobType> struct TKeymasterBlob;
34 typedef TKeymasterBlob<keymaster_key_blob_t> KeymasterKeyBlob;
35 typedef TKeymasterBlob<keymaster_blob_t> KeymasterBlob;
36 class AuthorizationSet;
37 class OperationFactory;
38 
39 class KeymasterPassthroughEngine {
40   public:
~KeymasterPassthroughEngine()41     virtual ~KeymasterPassthroughEngine() {}
42     virtual keymaster_error_t GenerateKey(const AuthorizationSet& key_description,
43                                           KeymasterKeyBlob* key_material,
44                                           AuthorizationSet* hw_enforced,
45                                           AuthorizationSet* sw_enforced) const = 0;
46 
47     virtual keymaster_error_t ImportKey(const AuthorizationSet& key_description,
48                                         keymaster_key_format_t input_key_material_format,
49                                         const KeymasterKeyBlob& input_key_material,
50                                         KeymasterKeyBlob* output_key_blob,
51                                         AuthorizationSet* hw_enforced,
52                                         AuthorizationSet* sw_enforced) const = 0;
53     virtual keymaster_error_t ExportKey(keymaster_key_format_t format, const KeymasterKeyBlob& blob,
54                                         const KeymasterBlob& client_id,
55                                         const KeymasterBlob& app_data,
56                                         KeymasterBlob* export_data) const = 0;
57     virtual keymaster_error_t DeleteKey(const KeymasterKeyBlob& blob) const = 0;
58     virtual keymaster_error_t DeleteAllKeys() const = 0;
59     virtual OperationFactory* GetOperationFactory(keymaster_purpose_t purpose,
60                                                   keymaster_algorithm_t algorithm) const = 0;
61 
62     static UniquePtr<KeymasterPassthroughEngine> createInstance(const keymaster1_device_t* dev);
63     static UniquePtr<KeymasterPassthroughEngine> createInstance(const keymaster2_device_t* dev);
64 
65   protected:
KeymasterPassthroughEngine()66     KeymasterPassthroughEngine() {}
67 };
68 
69 }  // namespace keymaster
70