1 /* 2 * Copyright 2017, The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef ANDROID_HARDWARE_KEYMASTER_KEYMASTER_DEVICE_H 18 #define ANDROID_HARDWARE_KEYMASTER_KEYMASTER_DEVICE_H 19 20 #include <android/hardware/keymaster/4.0/IKeymasterDevice.h> 21 22 #include <Keymaster.client.h> 23 24 #include <vector> 25 26 namespace android { 27 namespace hardware { 28 namespace keymaster { 29 30 using ::android::hardware::keymaster::V4_0::ErrorCode; 31 using ::android::hardware::keymaster::V4_0::HardwareAuthToken; 32 using ::android::hardware::keymaster::V4_0::HmacSharingParameters; 33 using ::android::hardware::keymaster::V4_0::IKeymasterDevice; 34 using ::android::hardware::keymaster::V4_0::KeyFormat; 35 using ::android::hardware::keymaster::V4_0::KeyParameter; 36 using ::android::hardware::keymaster::V4_0::KeyPurpose; 37 using ::android::hardware::keymaster::V4_0::VerificationToken; 38 using ::android::hardware::Return; 39 using ::android::hardware::hidl_vec; 40 using ::nugget::app::keymaster::BootColor; 41 42 #define KM_MAX_PROTO_FIELD_SIZE 2048 43 44 using KeymasterClient = ::nugget::app::keymaster::IKeymaster; 45 46 struct KeymasterDevice : public IKeymasterDevice { 47 KeymasterDevice(KeymasterClient& keymaster); 48 ~KeymasterDevice() override = default; 49 50 // Methods from ::android::hardware::keymaster::V4_0::IKeymasterDevice follow. 51 Return<void> getHardwareInfo(getHardwareInfo_cb _hidl_cb) override; 52 Return<void> getHmacSharingParameters( 53 getHmacSharingParameters_cb _hidl_cb) override; 54 Return<void> computeSharedHmac( 55 const hidl_vec<HmacSharingParameters>& params, 56 computeSharedHmac_cb _hidl_cb) override; 57 Return<void> verifyAuthorization( 58 uint64_t operationHandle, 59 const hidl_vec<KeyParameter>& parametersToVerify, 60 const HardwareAuthToken& authToken, 61 verifyAuthorization_cb _hidl_cb) override; 62 Return<ErrorCode> addRngEntropy(const hidl_vec<uint8_t>& data) override; 63 Return<void> generateKey(const hidl_vec<KeyParameter>& keyParams, 64 generateKey_cb _hidl_cb) override; 65 Return<void> getKeyCharacteristics( 66 const hidl_vec<uint8_t>& keyBlob, 67 const hidl_vec<uint8_t>& clientId, 68 const hidl_vec<uint8_t>& appData, 69 getKeyCharacteristics_cb _hidl_cb) override; 70 Return<void> importKey( 71 const hidl_vec<KeyParameter>& params, KeyFormat keyFormat, 72 const hidl_vec<uint8_t>& keyData, importKey_cb _hidl_cb) override; 73 Return<void> importWrappedKey(const hidl_vec<uint8_t>& wrappedKeyData, 74 const hidl_vec<uint8_t>& wrappingKeyBlob, 75 const hidl_vec<uint8_t>& maskingKey, 76 const hidl_vec<KeyParameter>& unwrappingParams, 77 uint64_t passwordSid, uint64_t biometricSid, 78 importWrappedKey_cb _hidl_cb) override; 79 Return<void> exportKey( 80 KeyFormat exportFormat, const hidl_vec<uint8_t>& keyBlob, 81 const hidl_vec<uint8_t>& clientId, const hidl_vec<uint8_t>& appData, 82 exportKey_cb _hidl_cb) override; 83 Return<void> attestKey(const hidl_vec<uint8_t>& keyToAttest, 84 const hidl_vec<KeyParameter>& attestParams, 85 attestKey_cb _hidl_cb) override; 86 Return<void> upgradeKey(const hidl_vec<uint8_t>& keyBlobToUpgrade, 87 const hidl_vec<KeyParameter>& upgradeParams, 88 upgradeKey_cb _hidl_cb) override; 89 Return<ErrorCode> deleteKey(const hidl_vec<uint8_t>& keyBlob) override; 90 Return<ErrorCode> deleteAllKeys() override; 91 Return<ErrorCode> destroyAttestationIds() override; 92 Return<void> begin(KeyPurpose purpose, const hidl_vec<uint8_t>& key, 93 const hidl_vec<KeyParameter>& inParams, 94 const HardwareAuthToken& authToken, 95 begin_cb _hidl_cb) override; 96 Return<void> update( 97 uint64_t operationHandle, const hidl_vec<KeyParameter>& inParams, 98 const hidl_vec<uint8_t>& input, const HardwareAuthToken& authToken, 99 const VerificationToken& verificationToken, 100 update_cb _hidl_cb) override; 101 Return<void> finish( 102 uint64_t operationHandle, const hidl_vec<KeyParameter>& inParams, 103 const hidl_vec<uint8_t>& input, const hidl_vec<uint8_t>& signature, 104 const HardwareAuthToken& authToken, 105 const VerificationToken& verificationToken, 106 finish_cb _hidl_cb) override; 107 Return<ErrorCode> abort(uint64_t operationHandle) override; 108 109 private: 110 KeymasterClient& _keymaster; 111 // These come from GetProperty. 112 uint32_t _os_version; 113 uint32_t _os_patchlevel; 114 uint32_t _vendor_patchlevel; 115 116 // These come from the bootloader through Citadel. 117 bool _is_unlocked; 118 BootColor _boot_color; 119 std::vector<uint8_t> _boot_key; 120 std::vector<uint8_t> _boot_hash; 121 122 Return<ErrorCode> SendSystemVersionInfo() const; 123 Return<ErrorCode> GetBootInfo(); 124 }; 125 126 } // namespace keymaster 127 } // namespace hardware 128 } // namespace android 129 130 #endif // ANDROID_HARDWARE_KEYMASTER_KEYMASTER_DEVICE_H 131