1 /* 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef _APP_SEC_H_ 18 #define _APP_SEC_H_ 19 20 #include <stdbool.h> 21 #include <stdint.h> 22 23 //types 24 struct AppSecState; 25 typedef uint32_t AppSecErr; 26 27 //callbacks 28 typedef AppSecErr (*AppSecWriteCbk)(const void *data, uint32_t len); 29 typedef AppSecErr (*AppSecPubKeyFindCbk)(const uint32_t *gotKey, bool *foundP); // fill in *foundP on result of lookup 30 typedef AppSecErr (*AppSecGetAesKeyCbk)(uint64_t keyIdx, void *keyBuf); // return APP_SEC_KEY_NOT_FOUND or APP_SEC_NO_ERROR 31 32 //return values 33 #define APP_SEC_NO_ERROR 0 //all went ok 34 #define APP_SEC_NEED_MORE_TIME 1 //please call appSecDoSomeProcessing(). 35 #define APP_SEC_KEY_NOT_FOUND 2 //we did not find the encr key 36 #define APP_SEC_HEADER_ERROR 3 //data (decrypted or input) has no recognizable header 37 #define APP_SEC_TOO_MUCH_DATA 4 //we got more data than expected 38 #define APP_SEC_TOO_LITTLE_DATA 5 //we got less data than expected 39 #define APP_SEC_SIG_VERIFY_FAIL 6 //some signature verification failed 40 #define APP_SEC_SIG_DECODE_FAIL 7 //some signature verification failed 41 #define APP_SEC_SIG_ROOT_UNKNOWN 8 //signatures all verified but the referenced root of trust is unknown 42 #define APP_SEC_MEMORY_ERROR 9 //we ran out of memory while doing things 43 #define APP_SEC_INVALID_DATA 10 //data is invalid in some way not described by other error messages 44 #define APP_SEC_VERIFY_FAILED 11 //decrypted data verification failed 45 #define APP_SEC_BAD 127 //something irrecoverably bad happened and we gave up. Sorry... 46 47 //init/deinit 48 struct AppSecState *appSecInit(AppSecWriteCbk writeCbk, AppSecPubKeyFindCbk pubKeyFindCbk, AppSecGetAesKeyCbk aesKeyAccessCbk, bool mandateSigning); 49 void appSecDeinit (struct AppSecState *state); 50 51 //actually doing things 52 AppSecErr appSecRxData(struct AppSecState *state, const void *data, uint32_t len, uint32_t *lenUnusedP); 53 AppSecErr appSecDoSomeProcessing(struct AppSecState *state); //caleed when any appSec function returns APP_SEC_NEED_MORE_TIME 54 AppSecErr appSecRxDataOver(struct AppSecState *state); //caleed when there is no more data 55 56 #endif 57