/* * Copyright 2020, The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #pragma once #include #include #include #include "guest/hals/keymint/remote/remote_keymaster.h" namespace aidl::android::hardware::security::keymint { using ::ndk::ScopedAStatus; using std::optional; using std::shared_ptr; using std::vector; using secureclock::TimeStampToken; class RemoteKeyMintDevice : public BnKeyMintDevice { public: explicit RemoteKeyMintDevice(::keymaster::RemoteKeymaster&, SecurityLevel); virtual ~RemoteKeyMintDevice(); ScopedAStatus getHardwareInfo(KeyMintHardwareInfo* info) override; ScopedAStatus addRngEntropy(const vector& data) override; ScopedAStatus generateKey(const vector& keyParams, const optional& attestationKey, KeyCreationResult* creationResult) override; ScopedAStatus importKey(const vector& keyParams, KeyFormat keyFormat, const vector& keyData, const optional& attestationKey, KeyCreationResult* creationResult) override; ScopedAStatus importWrappedKey(const vector& wrappedKeyData, const vector& wrappingKeyBlob, const vector& maskingKey, const vector& unwrappingParams, int64_t passwordSid, int64_t biometricSid, KeyCreationResult* creationResult) override; ScopedAStatus upgradeKey(const vector& keyBlobToUpgrade, const vector& upgradeParams, vector* keyBlob) override; ScopedAStatus deleteKey(const vector& keyBlob) override; ScopedAStatus deleteAllKeys() override; ScopedAStatus destroyAttestationIds() override; ScopedAStatus begin(KeyPurpose purpose, const vector& keyBlob, const vector& params, const optional& authToken, BeginResult* result) override; ScopedAStatus deviceLocked( bool passwordOnly, const optional& timestampToken) override; ScopedAStatus earlyBootEnded() override; ScopedAStatus convertStorageKeyToEphemeral( const std::vector& storageKeyBlob, std::vector* ephemeralKeyBlob) override; ScopedAStatus getKeyCharacteristics( const std::vector& storageKeyBlob, const std::vector& appId, const std::vector& appData, std::vector* keyCharacteristics) override; ScopedAStatus getRootOfTrustChallenge( std::array* challenge) override; ScopedAStatus getRootOfTrust(const std::array& challenge, std::vector* rootOfTrust) override; ScopedAStatus sendRootOfTrust( const std::vector& rootOfTrust) override; protected: ::keymaster::RemoteKeymaster& impl_; SecurityLevel securityLevel_; }; } // namespace aidl::android::hardware::security::keymint