1 /*
2  * Copyright 2014 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef SYSTEM_KEYMASTER_KEY_H_
18 #define SYSTEM_KEYMASTER_KEY_H_
19 
20 #include <UniquePtr.h>
21 
22 #include <hardware/keymaster_defs.h>
23 
24 #include <keymaster/android_keymaster_utils.h>
25 #include <keymaster/authorization_set.h>
26 #include <keymaster/keymaster_context.h>
27 
28 namespace keymaster {
29 
30 class Key {
31   public:
~Key()32     virtual ~Key() {}
33 
34     /**
35      * Return a copy of raw key material, in the specified format.
36      */
37     virtual keymaster_error_t formatted_key_material(keymaster_key_format_t format,
38                                                      UniquePtr<uint8_t[]>* material,
39                                                      size_t* size) const = 0;
40 
41     /**
42      * Generate an attestation certificate chain.
43      */
GenerateAttestation(const KeymasterContext &,const AuthorizationSet &,const AuthorizationSet &,const AuthorizationSet &,keymaster_cert_chain_t *)44     virtual keymaster_error_t GenerateAttestation(
45         const KeymasterContext& /* context */, const AuthorizationSet& /* attest_params */,
46         const AuthorizationSet& /* tee_enforced */, const AuthorizationSet& /* sw_enforced */,
47         keymaster_cert_chain_t* /* certificate_chain */) const {
48         return KM_ERROR_INCOMPATIBLE_ALGORITHM;
49     }
50 
authorizations()51     const AuthorizationSet& authorizations() const { return authorizations_; }
52 
53   protected:
54     Key(const AuthorizationSet& hw_enforced, const AuthorizationSet& sw_enforced,
55         keymaster_error_t* error);
56 
57   private:
58     AuthorizationSet authorizations_;
59 };
60 
61 }  // namespace keymaster
62 
63 #endif  // SYSTEM_KEYMASTER_KEY_H_
64