1 // 2 // Copyright (C) 2015 The Android Open Source Project 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // http://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 // 16 17 #ifndef ATTESTATION_SERVER_KEY_STORE_H_ 18 #define ATTESTATION_SERVER_KEY_STORE_H_ 19 20 #include <string> 21 22 #include <base/macros.h> 23 24 #include "attestation/common/common.pb.h" 25 26 namespace attestation { 27 28 // A mock-able key storage interface. 29 class KeyStore { 30 public: KeyStore()31 KeyStore() {} ~KeyStore()32 virtual ~KeyStore() {} 33 34 // Reads key data from the store for the key identified by |key_label| and by 35 // |username|. On success true is returned and |key_data| is populated. 36 virtual bool Read(const std::string& username, 37 const std::string& key_label, 38 std::string* key_data) = 0; 39 40 // Writes key data to the store for the key identified by |key_label| and by 41 // |username|. If such a key already exists the existing data will be 42 // overwritten. 43 virtual bool Write(const std::string& username, 44 const std::string& key_label, 45 const std::string& key_data) = 0; 46 47 // Deletes key data for the key identified by |key_label| and by |username|. 48 // Returns false if key data exists but could not be deleted. 49 virtual bool Delete(const std::string& username, 50 const std::string& key_label) = 0; 51 52 // Deletes key data for all keys identified by |key_prefix| and by |username| 53 // Returns false if key data exists but could not be deleted. 54 virtual bool DeleteByPrefix(const std::string& username, 55 const std::string& key_prefix) = 0; 56 57 // Registers a key to be associated with |username|. 58 // The provided |label| will be associated with all registered objects. 59 // |private_key_blob| holds the private key in some opaque format and 60 // |public_key_der| holds the public key in PKCS #1 RSAPublicKey format. 61 // If a non-empty |certificate| is provided it will be registered along with 62 // the key. Returns true on success. 63 virtual bool Register(const std::string& username, 64 const std::string& label, 65 KeyType key_type, 66 KeyUsage key_usage, 67 const std::string& private_key_blob, 68 const std::string& public_key_der, 69 const std::string& certificate) = 0; 70 71 // Registers a |certificate| that is not associated to a registered key. The 72 // certificate will be associated with |username|. 73 virtual bool RegisterCertificate(const std::string& username, 74 const std::string& certificate) = 0; 75 76 private: 77 DISALLOW_COPY_AND_ASSIGN(KeyStore); 78 }; 79 80 } // namespace attestation 81 82 #endif // ATTESTATION_SERVER_KEY_STORE_H_ 83