• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2019, The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef SYSTEM_SECURITY_CREDENTIAL_STORE_H_
18 #define SYSTEM_SECURITY_CREDENTIAL_STORE_H_
19 
20 #include <string>
21 #include <vector>
22 
23 #include <android/hardware/identity/IIdentityCredentialStore.h>
24 #include <android/security/identity/BnCredentialStore.h>
25 #include <android/security/remoteprovisioning/IRemotelyProvisionedKeyPool.h>
26 
27 namespace android {
28 namespace security {
29 namespace identity {
30 
31 using ::android::sp;
32 using ::android::binder::Status;
33 using ::std::optional;
34 using ::std::string;
35 using ::std::unique_ptr;
36 using ::std::vector;
37 
38 using ::android::hardware::identity::HardwareInformation;
39 using ::android::hardware::identity::IIdentityCredentialStore;
40 using ::android::hardware::identity::IPresentationSession;
41 using ::android::hardware::identity::IWritableIdentityCredential;
42 using ::android::security::remoteprovisioning::IRemotelyProvisionedKeyPool;
43 
44 class CredentialStore : public BnCredentialStore {
45   public:
46     CredentialStore(const string& dataPath, sp<IIdentityCredentialStore> hal);
47     ~CredentialStore();
48 
49     bool init();
50 
51     // Used by both getCredentialByName() and Session::getCredential()
52     //
53     Status getCredentialCommon(const string& credentialName, int32_t cipherSuite,
54                                sp<IPresentationSession> halSessionBinder,
55                                sp<ICredential>* _aidl_return);
56 
57     // ICredentialStore overrides
58     Status getSecurityHardwareInfo(SecurityHardwareInfoParcel* _aidl_return) override;
59 
60     Status createCredential(const string& credentialName, const string& docType,
61                             sp<IWritableCredential>* _aidl_return) override;
62 
63     Status getCredentialByName(const string& credentialName, int32_t cipherSuite,
64                                sp<ICredential>* _aidl_return) override;
65 
66     Status createPresentationSession(int32_t cipherSuite, sp<ISession>* _aidl_return) override;
67 
68   private:
69     Status setRemotelyProvisionedAttestationKey(IWritableIdentityCredential* halWritableCredential);
70 
71     string dataPath_;
72 
73     sp<IIdentityCredentialStore> hal_;
74     int halApiVersion_;
75 
76     sp<IRemotelyProvisionedKeyPool> keyPool_;
77 
78     HardwareInformation hwInfo_;
79 };
80 
81 }  // namespace identity
82 }  // namespace security
83 }  // namespace android
84 
85 #endif  // SYSTEM_SECURITY_CREDENTIAL_STORE_H_
86