• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2019, The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef SYSTEM_SECURITY_CREDENTIAL_STORE_H_
18 #define SYSTEM_SECURITY_CREDENTIAL_STORE_H_
19 
20 #include <string>
21 #include <vector>
22 
23 #include <android/hardware/identity/IIdentityCredentialStore.h>
24 #include <android/security/identity/BnCredentialStore.h>
25 
26 namespace android {
27 namespace security {
28 namespace identity {
29 
30 using ::android::sp;
31 using ::android::binder::Status;
32 using ::std::optional;
33 using ::std::string;
34 using ::std::unique_ptr;
35 using ::std::vector;
36 
37 using ::android::hardware::identity::HardwareInformation;
38 using ::android::hardware::identity::IIdentityCredentialStore;
39 using ::android::hardware::identity::IPresentationSession;
40 using ::android::hardware::identity::IWritableIdentityCredential;
41 using ::android::hardware::security::keymint::IRemotelyProvisionedComponent;
42 
43 class CredentialStore : public BnCredentialStore {
44   public:
45     CredentialStore(const string& dataPath, sp<IIdentityCredentialStore> hal);
46     ~CredentialStore();
47 
48     bool init();
49 
50     // Used by both getCredentialByName() and Session::getCredential()
51     //
52     Status getCredentialCommon(const string& credentialName, int32_t cipherSuite,
53                                sp<IPresentationSession> halSessionBinder,
54                                sp<ICredential>* _aidl_return);
55 
56     // ICredentialStore overrides
57     Status getSecurityHardwareInfo(SecurityHardwareInfoParcel* _aidl_return) override;
58 
59     Status createCredential(const string& credentialName, const string& docType,
60                             sp<IWritableCredential>* _aidl_return) override;
61 
62     Status getCredentialByName(const string& credentialName, int32_t cipherSuite,
63                                sp<ICredential>* _aidl_return) override;
64 
65     Status createPresentationSession(int32_t cipherSuite, sp<ISession>* _aidl_return) override;
66 
67   private:
68     Status setRemotelyProvisionedAttestationKey(IWritableIdentityCredential* halWritableCredential);
69 
70     string dataPath_;
71 
72     sp<IIdentityCredentialStore> hal_;
73     int halApiVersion_;
74 
75     HardwareInformation hwInfo_;
76 
77     sp<IRemotelyProvisionedComponent> rpc_;
78 };
79 
80 }  // namespace identity
81 }  // namespace security
82 }  // namespace android
83 
84 #endif  // SYSTEM_SECURITY_CREDENTIAL_STORE_H_
85