/* * Copyright 2020, The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #pragma once #include #include #include namespace keymaster { class AndroidKeymaster; } namespace aidl::android::hardware::security::keymint { using ::ndk::ScopedAStatus; using std::array; using std::optional; using std::shared_ptr; using std::vector; using secureclock::TimeStampToken; class AndroidKeyMintDevice : public BnKeyMintDevice { public: explicit AndroidKeyMintDevice(SecurityLevel securityLevel); virtual ~AndroidKeyMintDevice(); ScopedAStatus getHardwareInfo(KeyMintHardwareInfo* info) override; ScopedAStatus addRngEntropy(const vector& data) override; ScopedAStatus generateKey(const vector& keyParams, const optional& attestationKey, KeyCreationResult* creationResult) override; ScopedAStatus importKey(const vector& keyParams, KeyFormat keyFormat, const vector& keyData, const optional& attestationKey, KeyCreationResult* creationResult) override; ScopedAStatus importWrappedKey(const vector& wrappedKeyData, const vector& wrappingKeyBlob, const vector& maskingKey, const vector& unwrappingParams, int64_t passwordSid, int64_t biometricSid, KeyCreationResult* creationResult) override; ScopedAStatus upgradeKey(const vector& keyBlobToUpgrade, const vector& upgradeParams, vector* keyBlob) override; ScopedAStatus deleteKey(const vector& keyBlob) override; ScopedAStatus deleteAllKeys() override; ScopedAStatus destroyAttestationIds() override; ScopedAStatus begin(KeyPurpose purpose, const vector& keyBlob, const vector& params, const optional& authToken, BeginResult* result) override; ScopedAStatus deviceLocked(bool passwordOnly, const optional& timestampToken) override; ScopedAStatus earlyBootEnded() override; ScopedAStatus convertStorageKeyToEphemeral(const vector& storageKeyBlob, vector* ephemeralKeyBlob) override; ScopedAStatus getKeyCharacteristics(const vector& keyBlob, const vector& appId, const vector& appData, vector* keyCharacteristics) override; ScopedAStatus getRootOfTrustChallenge(array* challenge) override; ScopedAStatus getRootOfTrust(const array& challenge, vector* rootOfTrust) override; ScopedAStatus sendRootOfTrust(const vector& rootOfTrust) override; shared_ptr<::keymaster::AndroidKeymaster>& getKeymasterImpl() { return impl_; } protected: std::shared_ptr<::keymaster::AndroidKeymaster> impl_; SecurityLevel securityLevel_; }; std::shared_ptr CreateKeyMintDevice(SecurityLevel securityLevel); } // namespace aidl::android::hardware::security::keymint