1 /*
2  * Copyright 2018 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef REMOTE_KEYMASTER_H_
18 #define REMOTE_KEYMASTER_H_
19 
20 #include <keymaster/android_keymaster_messages.h>
21 
22 #include "common/libs/security/keymaster_channel_sharedfd.h"
23 
24 namespace keymaster {
25 
26 class RemoteKeymaster {
27  private:
28   cuttlefish::SharedFdKeymasterChannel* channel_;
29   const int32_t message_version_;
30 
31   void ForwardCommand(AndroidKeymasterCommand command, const Serializable& req,
32                       KeymasterResponse* rsp);
33 
34  public:
35   RemoteKeymaster(cuttlefish::SharedFdKeymasterChannel*,
36                   int32_t message_version = kDefaultMessageVersion);
37   ~RemoteKeymaster();
38   bool Initialize();
39   void GetVersion(const GetVersionRequest& request,
40                   GetVersionResponse* response);
41   void SupportedAlgorithms(const SupportedAlgorithmsRequest& request,
42                            SupportedAlgorithmsResponse* response);
43   void SupportedBlockModes(const SupportedBlockModesRequest& request,
44                            SupportedBlockModesResponse* response);
45   void SupportedPaddingModes(const SupportedPaddingModesRequest& request,
46                              SupportedPaddingModesResponse* response);
47   void SupportedDigests(const SupportedDigestsRequest& request,
48                         SupportedDigestsResponse* response);
49   void SupportedImportFormats(const SupportedImportFormatsRequest& request,
50                               SupportedImportFormatsResponse* response);
51   void SupportedExportFormats(const SupportedExportFormatsRequest& request,
52                               SupportedExportFormatsResponse* response);
53   void AddRngEntropy(const AddEntropyRequest& request,
54                      AddEntropyResponse* response);
55   void Configure(const ConfigureRequest& request, ConfigureResponse* response);
56   void GenerateKey(const GenerateKeyRequest& request,
57                    GenerateKeyResponse* response);
58   void GenerateRkpKey(const GenerateRkpKeyRequest& request,
59                       GenerateRkpKeyResponse* response);
60   void GenerateCsr(const GenerateCsrRequest& request,
61                    GenerateCsrResponse* response);
62   void GenerateCsrV2(const GenerateCsrV2Request& request,
63                      GenerateCsrV2Response* response);
64   void GetKeyCharacteristics(const GetKeyCharacteristicsRequest& request,
65                              GetKeyCharacteristicsResponse* response);
66   void ImportKey(const ImportKeyRequest& request, ImportKeyResponse* response);
67   void ImportWrappedKey(const ImportWrappedKeyRequest& request,
68                         ImportWrappedKeyResponse* response);
69   void ExportKey(const ExportKeyRequest& request, ExportKeyResponse* response);
70   void AttestKey(const AttestKeyRequest& request, AttestKeyResponse* response);
71   void UpgradeKey(const UpgradeKeyRequest& request,
72                   UpgradeKeyResponse* response);
73   void DeleteKey(const DeleteKeyRequest& request, DeleteKeyResponse* response);
74   void DeleteAllKeys(const DeleteAllKeysRequest& request,
75                      DeleteAllKeysResponse* response);
76   void BeginOperation(const BeginOperationRequest& request,
77                       BeginOperationResponse* response);
78   void UpdateOperation(const UpdateOperationRequest& request,
79                        UpdateOperationResponse* response);
80   void FinishOperation(const FinishOperationRequest& request,
81                        FinishOperationResponse* response);
82   void AbortOperation(const AbortOperationRequest& request,
83                       AbortOperationResponse* response);
84   GetHmacSharingParametersResponse GetHmacSharingParameters();
85   ComputeSharedHmacResponse ComputeSharedHmac(
86       const ComputeSharedHmacRequest& request);
87   VerifyAuthorizationResponse VerifyAuthorization(
88       const VerifyAuthorizationRequest& request);
89   DeviceLockedResponse DeviceLocked(const DeviceLockedRequest& request);
90   EarlyBootEndedResponse EarlyBootEnded();
91   ConfigureVendorPatchlevelResponse ConfigureVendorPatchlevel(
92       const ConfigureVendorPatchlevelRequest& request);
93   ConfigureBootPatchlevelResponse ConfigureBootPatchlevel(
94       const ConfigureBootPatchlevelRequest& request);
95   ConfigureVerifiedBootInfoResponse ConfigureVerifiedBootInfo(
96       const ConfigureVerifiedBootInfoRequest& request);
97   void GenerateTimestampToken(GenerateTimestampTokenRequest& request,
98                               GenerateTimestampTokenResponse* response);
99   GetRootOfTrustResponse GetRootOfTrust(const GetRootOfTrustRequest& request);
100   GetHwInfoResponse GetHwInfo();
101   SetAttestationIdsResponse SetAttestationIds(
102       const SetAttestationIdsRequest& request);
103   SetAttestationIdsKM3Response SetAttestationIdsKM3(
104       const SetAttestationIdsKM3Request& request);
105 
106   // CF HAL and remote sides are always compiled together, so will never
107   // disagree about message versions.
message_version()108   int32_t message_version() { return message_version_; }
109 };
110 
111 }  // namespace keymaster
112 
113 #endif  // REMOTE_KEYMASTER_H_
114