1 /* 2 * Copyright 2021, The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #pragma once 18 19 #include <aidl/android/hardware/security/keymint/BnKeyMintDevice.h> 20 #include <aidl/android/hardware/security/keymint/BnKeyMintOperation.h> 21 #include <aidl/android/hardware/security/keymint/HardwareAuthToken.h> 22 23 #include <trusty_keymaster/TrustyKeymaster.h> 24 25 namespace aidl::android::hardware::security::keymint::trusty { 26 27 using ::keymaster::TrustyKeymaster; 28 using ::ndk::ScopedAStatus; 29 using secureclock::TimeStampToken; 30 using ::std::optional; 31 using ::std::shared_ptr; 32 using ::std::vector; 33 34 class TrustyKeyMintDevice : public BnKeyMintDevice { 35 public: TrustyKeyMintDevice(shared_ptr<TrustyKeymaster> impl)36 explicit TrustyKeyMintDevice(shared_ptr<TrustyKeymaster> impl) : impl_(std::move(impl)) {} 37 virtual ~TrustyKeyMintDevice() = default; 38 39 ScopedAStatus getHardwareInfo(KeyMintHardwareInfo* info) override; 40 41 ScopedAStatus addRngEntropy(const vector<uint8_t>& data) override; 42 43 ScopedAStatus generateKey(const vector<KeyParameter>& keyParams, 44 const optional<AttestationKey>& attestationKey, 45 KeyCreationResult* creationResult) override; 46 47 ScopedAStatus getKeyCharacteristics(const vector<uint8_t>& keyBlob, 48 const vector<uint8_t>& clientId, 49 const vector<uint8_t>& appData, 50 vector<KeyCharacteristics>* characteristics) override; 51 52 ScopedAStatus importKey(const vector<KeyParameter>& keyParams, KeyFormat keyFormat, 53 const vector<uint8_t>& keyData, 54 const optional<AttestationKey>& attestationKey, 55 KeyCreationResult* creationResult) override; 56 57 ScopedAStatus importWrappedKey(const vector<uint8_t>& wrappedKeyData, 58 const vector<uint8_t>& wrappingKeyBlob, 59 const vector<uint8_t>& maskingKey, 60 const vector<KeyParameter>& unwrappingParams, 61 int64_t passwordSid, int64_t biometricSid, 62 KeyCreationResult* creationResult) override; 63 64 ScopedAStatus upgradeKey(const vector<uint8_t>& keyBlobToUpgrade, 65 const vector<KeyParameter>& upgradeParams, 66 vector<uint8_t>* keyBlob) override; 67 68 ScopedAStatus deleteKey(const vector<uint8_t>& keyBlob) override; 69 ScopedAStatus deleteAllKeys() override; 70 ScopedAStatus destroyAttestationIds() override; 71 72 ScopedAStatus begin(KeyPurpose purpose, const vector<uint8_t>& keyBlob, 73 const vector<KeyParameter>& params, 74 const optional<HardwareAuthToken>& authToken, BeginResult* result) override; 75 76 ScopedAStatus deviceLocked(bool passwordOnly, 77 const optional<TimeStampToken>& timestampToken) override; 78 ScopedAStatus earlyBootEnded() override; 79 80 ScopedAStatus convertStorageKeyToEphemeral(const std::vector<uint8_t>& storageKeyBlob, 81 std::vector<uint8_t>* ephemeralKeyBlob) override; 82 83 protected: 84 std::shared_ptr<TrustyKeymaster> impl_; 85 SecurityLevel securityLevel_; 86 }; 87 88 } // namespace aidl::android::hardware::security::keymint::trusty 89