1 /* 2 * Copyright 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #pragma once 18 19 #include <keymaster/key_factory.h> 20 #include <keymaster/random_source.h> 21 #include <keymaster/soft_key_factory.h> 22 23 #include <keymaster/key.h> 24 25 namespace keymaster { 26 27 class SymmetricKey; 28 29 class SymmetricKeyFactory : public KeyFactory, public SoftKeyFactoryMixin { 30 public: SymmetricKeyFactory(const SoftwareKeyBlobMaker & blob_maker,const RandomSource & random_source)31 explicit SymmetricKeyFactory(const SoftwareKeyBlobMaker& blob_maker, 32 const RandomSource& random_source) 33 : SoftKeyFactoryMixin(blob_maker), random_source_(random_source) {} 34 35 keymaster_error_t GenerateKey(const AuthorizationSet& key_description, 36 UniquePtr<Key> attest_key, 37 const KeymasterBlob& issuer_subject, // 38 KeymasterKeyBlob* key_blob, 39 AuthorizationSet* hw_enforced, // 40 AuthorizationSet* sw_enforced, 41 CertificateChain* cert_chain) const override; 42 keymaster_error_t ImportKey(const AuthorizationSet& key_description, 43 keymaster_key_format_t input_key_material_format, 44 const KeymasterKeyBlob& input_key_material, 45 UniquePtr<Key> attest_key, 46 const KeymasterBlob& issuer_subject, // 47 KeymasterKeyBlob* output_key_blob, 48 AuthorizationSet* hw_enforced, // 49 AuthorizationSet* sw_enforced, 50 CertificateChain* cert_chain) const override; 51 52 virtual const keymaster_key_format_t* SupportedImportFormats(size_t* count) const override; SupportedExportFormats(size_t * count)53 virtual const keymaster_key_format_t* SupportedExportFormats(size_t* count) const override { 54 return NoFormats(count); 55 }; 56 57 private: 58 virtual bool key_size_supported(size_t key_size_bits) const = 0; 59 60 // These methods translate between key size in bits and bytes. Normally it's just 8 bits to the 61 // byte, but DES is different. key_size_bytes(size_t key_size_bits)62 virtual size_t key_size_bytes(size_t key_size_bits) const { return key_size_bits / 8; } key_size_bits(size_t key_size_bytes)63 virtual size_t key_size_bits(size_t key_size_bytes) const { return key_size_bytes * 8; } 64 65 virtual keymaster_error_t 66 validate_algorithm_specific_new_key_params(const AuthorizationSet& key_description) const = 0; 67 NoFormats(size_t * format_count)68 const keymaster_key_format_t* NoFormats(size_t* format_count) const { 69 *format_count = 0; 70 return nullptr; 71 } 72 const RandomSource& random_source_; 73 }; 74 75 class SymmetricKey : public Key { 76 public: 77 ~SymmetricKey(); 78 formatted_key_material(keymaster_key_format_t,UniquePtr<uint8_t[]> *,size_t *)79 virtual keymaster_error_t formatted_key_material(keymaster_key_format_t, UniquePtr<uint8_t[]>*, 80 size_t*) const { 81 return KM_ERROR_UNSUPPORTED_KEY_FORMAT; 82 } 83 84 protected: 85 SymmetricKey(KeymasterKeyBlob&& key_material, AuthorizationSet&& hw_enforced, 86 AuthorizationSet&& sw_enforced, const KeyFactory* key_factory); 87 }; 88 89 } // namespace keymaster 90