1 /*
2  * Copyright 2015 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef TRUSTY_APP_KEYMASTER_TRUSTY_KEYMASTER_ENFORCEMENT_H_
18 #define TRUSTY_APP_KEYMASTER_TRUSTY_KEYMASTER_ENFORCEMENT_H_
19 
20 #include "openssl_keymaster_enforcement.h"
21 
22 namespace keymaster {
23 
24 class TrustyKeymasterContext;
25 
26 const int kAccessMapTableSize = 32;
27 const int kAccessCountTableSize = 32;
28 
29 class TrustyKeymasterEnforcement : public OpenSSLKeymasterEnforcement {
30 public:
TrustyKeymasterEnforcement(TrustyKeymasterContext * context)31     TrustyKeymasterEnforcement(TrustyKeymasterContext* context)
32             : OpenSSLKeymasterEnforcement(kAccessMapTableSize,
33                                           kAccessCountTableSize),
34               context_(context) {}
~TrustyKeymasterEnforcement()35     ~TrustyKeymasterEnforcement() {}
36 
activation_date_valid(uint64_t activation_date)37     bool activation_date_valid(uint64_t activation_date) const override {
38         // Have no wall clock, can't check activations.
39         return true;
40     }
41 
expiration_date_passed(uint64_t expiration_date)42     bool expiration_date_passed(uint64_t expiration_date) const override {
43         // Have no wall clock, can't check expirations.
44         return false;
45     }
46 
47     bool auth_token_timed_out(const hw_auth_token_t& token,
48                               uint32_t timeout) const override;
49     uint64_t get_current_time_ms() const override;
50     keymaster_security_level_t SecurityLevel() const override;
51     bool ValidateTokenSignature(const hw_auth_token_t& token) const override;
52 
53 private:
54     uint64_t milliseconds_since_boot() const;
55 
56     TrustyKeymasterContext* context_;
57 };
58 
59 }  // namespace keymaster
60 
61 #endif  // TRUSTY_APP_KEYMASTER_TRUSTY_KEYMASTER_ENFORCEMENT_H_
62