• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  **
3  ** Copyright 2017, The Android Open Source Project
4  **
5  ** Licensed under the Apache License, Version 2.0 (the "License");
6  ** you may not use this file except in compliance with the License.
7  ** You may obtain a copy of the License at
8  **
9  **     http://www.apache.org/licenses/LICENSE-2.0
10  **
11  ** Unless required by applicable law or agreed to in writing, software
12  ** distributed under the License is distributed on an "AS IS" BASIS,
13  ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  ** See the License for the specific language governing permissions and
15  ** limitations under the License.
16  */
17 
18 #ifndef HIDL_android_hardware_keymaster_V4_0_AndroidKeymaster4Device_H_
19 #define HIDL_android_hardware_keymaster_V4_0_AndroidKeymaster4Device_H_
20 
21 #include <android/hardware/keymaster/4.0/IKeymasterDevice.h>
22 
23 #include <hardware/keymaster_defs.h>
24 #include <hidl/Status.h>
25 #include <keymaster/km_version.h>
26 
27 namespace keymaster {
28 class AndroidKeymaster;
29 class KeymasterContext;
30 
31 namespace V4_0 {
32 namespace ng {
33 
34 using ::android::sp;
35 using ::android::hardware::hidl_vec;
36 using ::android::hardware::Return;
37 using ::android::hardware::Void;
38 using ::android::hardware::keymaster::V4_0::ErrorCode;
39 using ::android::hardware::keymaster::V4_0::HardwareAuthenticatorType;
40 using ::android::hardware::keymaster::V4_0::HardwareAuthToken;
41 using ::android::hardware::keymaster::V4_0::HmacSharingParameters;
42 using ::android::hardware::keymaster::V4_0::IKeymasterDevice;
43 using ::android::hardware::keymaster::V4_0::KeyCharacteristics;
44 using ::android::hardware::keymaster::V4_0::KeyFormat;
45 using ::android::hardware::keymaster::V4_0::KeyParameter;
46 using ::android::hardware::keymaster::V4_0::KeyPurpose;
47 using ::android::hardware::keymaster::V4_0::SecurityLevel;
48 using ::android::hardware::keymaster::V4_0::Tag;
49 using ::android::hardware::keymaster::V4_0::VerificationToken;
50 
51 class AndroidKeymaster4Device : public IKeymasterDevice {
52   public:
AndroidKeymaster4Device(SecurityLevel securityLevel)53     explicit AndroidKeymaster4Device(SecurityLevel securityLevel)
54         : AndroidKeymaster4Device(KmVersion::KEYMASTER_4, securityLevel) {}
55     virtual ~AndroidKeymaster4Device();
56 
57     Return<void> getHardwareInfo(getHardwareInfo_cb _hidl_cb) override;
58     Return<void> getHmacSharingParameters(getHmacSharingParameters_cb _hidl_cb) override;
59     Return<void> computeSharedHmac(const hidl_vec<HmacSharingParameters>& params,
60                                    computeSharedHmac_cb) override;
61     Return<void> verifyAuthorization(uint64_t challenge,
62                                      const hidl_vec<KeyParameter>& parametersToVerify,
63                                      const HardwareAuthToken& authToken,
64                                      verifyAuthorization_cb _hidl_cb) override;
65     Return<ErrorCode> addRngEntropy(const hidl_vec<uint8_t>& data) override;
66     Return<void> generateKey(const hidl_vec<KeyParameter>& keyParams,
67                              generateKey_cb _hidl_cb) override;
68     Return<void> getKeyCharacteristics(const hidl_vec<uint8_t>& keyBlob,
69                                        const hidl_vec<uint8_t>& clientId,
70                                        const hidl_vec<uint8_t>& appData,
71                                        getKeyCharacteristics_cb _hidl_cb) override;
72     Return<void> importKey(const hidl_vec<KeyParameter>& params, KeyFormat keyFormat,
73                            const hidl_vec<uint8_t>& keyData, importKey_cb _hidl_cb) override;
74     Return<void> importWrappedKey(const hidl_vec<uint8_t>& wrappedKeyData,
75                                   const hidl_vec<uint8_t>& wrappingKeyBlob,
76                                   const hidl_vec<uint8_t>& maskingKey,
77                                   const hidl_vec<KeyParameter>& unwrappingParams,
78                                   uint64_t passwordSid, uint64_t biometricSid,
79                                   importWrappedKey_cb _hidl_cb) override;
80     Return<void> exportKey(KeyFormat exportFormat, const hidl_vec<uint8_t>& keyBlob,
81                            const hidl_vec<uint8_t>& clientId, const hidl_vec<uint8_t>& appData,
82                            exportKey_cb _hidl_cb) override;
83     Return<void> attestKey(const hidl_vec<uint8_t>& keyToAttest,
84                            const hidl_vec<KeyParameter>& attestParams,
85                            attestKey_cb _hidl_cb) override;
86     Return<void> upgradeKey(const hidl_vec<uint8_t>& keyBlobToUpgrade,
87                             const hidl_vec<KeyParameter>& upgradeParams,
88                             upgradeKey_cb _hidl_cb) override;
89     Return<ErrorCode> deleteKey(const hidl_vec<uint8_t>& keyBlob) override;
90     Return<ErrorCode> deleteAllKeys() override;
91     Return<ErrorCode> destroyAttestationIds() override;
92     Return<void> begin(KeyPurpose purpose, const hidl_vec<uint8_t>& key,
93                        const hidl_vec<KeyParameter>& inParams, const HardwareAuthToken& authToken,
94                        begin_cb _hidl_cb) override;
95     Return<void> update(uint64_t operationHandle, const hidl_vec<KeyParameter>& inParams,
96                         const hidl_vec<uint8_t>& input, const HardwareAuthToken& authToken,
97                         const VerificationToken& verificationToken, update_cb _hidl_cb) override;
98     Return<void> finish(uint64_t operationHandle, const hidl_vec<KeyParameter>& inParams,
99                         const hidl_vec<uint8_t>& input, const hidl_vec<uint8_t>& signature,
100                         const HardwareAuthToken& authToken,
101                         const VerificationToken& verificationToken, finish_cb _hidl_cb) override;
102     Return<ErrorCode> abort(uint64_t operationHandle) override;
103 
104   protected:
105     AndroidKeymaster4Device(::keymaster::KmVersion version, SecurityLevel securityLevel);
106 
107     std::unique_ptr<::keymaster::AndroidKeymaster> impl_;
108     SecurityLevel securityLevel_;
109 };
110 
111 // Convert HIDL key parametes to old keymaster param set.  Note that this does *not* copy the blobs
112 // from keyParams, only pointers to them.  The keyParams instance retains ownership and must
113 // continue to exist.
114 keymaster_key_param_set_t hidlKeyParams2Km(const hidl_vec<KeyParameter>& keyParams);
115 
116 IKeymasterDevice* CreateKeymasterDevice(SecurityLevel securityLevel);
117 
118 }  // namespace ng
119 }  // namespace V4_0
120 }  // namespace keymaster
121 
122 #endif  // HIDL_android_hardware_keymaster_V4_0_AndroidKeymaster4Device_H_
123