1 /* 2 * Copyright (C) 2020 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #pragma once 18 19 #include <optional> 20 21 #include <android-base/macros.h> 22 #include <android-base/result.h> 23 #include <android-base/unique_fd.h> 24 25 #include <utils/StrongPointer.h> 26 27 #include <android/system/keystore2/IKeystoreService.h> 28 29 #include "KeystoreHmacKey.h" 30 #include "SigningKey.h" 31 32 class KeystoreKey : public SigningKey { 33 using IKeystoreService = ::android::system::keystore2::IKeystoreService; 34 using IKeystoreSecurityLevel = ::android::system::keystore2::IKeystoreSecurityLevel; 35 using KeyDescriptor = ::android::system::keystore2::KeyDescriptor; 36 using KeyMetadata = ::android::system::keystore2::KeyMetadata; 37 38 public: ~KeystoreKey()39 virtual ~KeystoreKey(){}; 40 static android::base::Result<SigningKey*> getInstance(); 41 42 virtual android::base::Result<std::string> sign(const std::string& message) const; 43 virtual android::base::Result<std::vector<uint8_t>> getPublicKey() const; 44 45 private: 46 KeystoreKey(); 47 bool initialize(); 48 android::base::Result<std::vector<uint8_t>> verifyExistingKey(); 49 android::base::Result<std::vector<uint8_t>> createKey(); 50 android::base::Result<std::vector<uint8_t>> getOrCreateKey(); 51 52 KeyDescriptor mDescriptor; 53 KeystoreHmacKey mHmacKey; 54 android::sp<IKeystoreService> mService; 55 android::sp<IKeystoreSecurityLevel> mSecurityLevel; 56 std::vector<uint8_t> mPublicKey; 57 }; 58