• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright 2021 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #pragma once
18 
19 #include <keymaster/km_openssl/asymmetric_key.h>
20 #include <keymaster/km_openssl/openssl_utils.h>
21 
22 namespace keymaster {
23 
24 // OpenSSL uses 64-byte private keys for the APIs in curve25519.h, and the
25 // first 32 bytes hold the seed (as per RFC 8032).  The EVP_PKEY_* functions
26 // also only expect to deal with the seed.
27 constexpr int ED25519_SEED_LEN = 32;
28 
29 // Determine whether the key characteristics indicate the presence of an Ed25519 key.
30 bool IsEd25519Key(const AuthorizationSet& hw_enforced, const AuthorizationSet& sw_enforced);
31 
32 // Determine whether the key characteristics indicate the presence of an X25519 key.
33 bool IsX25519Key(const AuthorizationSet& hw_enforced, const AuthorizationSet& sw_enforced);
34 
35 class Curve25519Key : public AsymmetricKey {
36   public:
Curve25519Key(AuthorizationSet hw_enforced,AuthorizationSet sw_enforced,const KeyFactory * factory)37     Curve25519Key(AuthorizationSet hw_enforced, AuthorizationSet sw_enforced,
38                   const KeyFactory* factory)
39         : AsymmetricKey(move(hw_enforced), move(sw_enforced), factory) {}
Curve25519Key(AuthorizationSet hw_enforced,AuthorizationSet sw_enforced,const KeyFactory * factory,const KeymasterKeyBlob & key_material)40     Curve25519Key(AuthorizationSet hw_enforced, AuthorizationSet sw_enforced,
41                   const KeyFactory* factory, const KeymasterKeyBlob& key_material)
42         : AsymmetricKey(move(hw_enforced), move(sw_enforced), factory) {
43         key_material_ = key_material;
44     }
45 
46     EVP_PKEY_Ptr InternalToEvp() const override;
47     bool EvpToInternal(const EVP_PKEY* pkey) override;
48 };
49 
50 class Ed25519Key : public Curve25519Key {
51   public:
52     using Curve25519Key::Curve25519Key;
evp_key_type()53     int evp_key_type() const override { return EVP_PKEY_ED25519; }
54 };
55 
56 class X25519Key : public Curve25519Key {
57   public:
58     using Curve25519Key::Curve25519Key;
evp_key_type()59     int evp_key_type() const override { return EVP_PKEY_X25519; }
60 };
61 
62 }  // namespace keymaster
63