include/keymaster/key_blob_utils/software_keyblobs.h - platform/system/keymaster - Git at Google

 /*
 **
 ** Copyright 2017, The Android Open Source Project
 **
 ** Licensed under the Apache License, Version 2.0 (the "License");
 ** you may not use this file except in compliance with the License.
 ** You may obtain a copy of the License at
 **
 **     http://www.apache.org/licenses/LICENSE-2.0
 **
 ** Unless required by applicable law or agreed to in writing, software
 ** distributed under the License is distributed on an "AS IS" BASIS,
 ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 ** See the License for the specific language governing permissions and
 ** limitations under the License.
 */

 #ifndef KEY_BLOB_UTILS_SOFTWARE_KEYBLOBS_H_
 #define KEY_BLOB_UTILS_SOFTWARE_KEYBLOBS_H_

 #include <hardware/keymaster_defs.h>
 #include <openssl/base.h>
 #include <keymaster/android_keymaster_utils.h>

 namespace keymaster {

 template <typename> struct TKeymasterBlob;
 typedef TKeymasterBlob<keymaster_key_blob_t> KeymasterKeyBlob;
 class AuthorizationSet;
 class Key;

 extern KeymasterBlob softwareRootOfTrust;

 keymaster_error_t BuildHiddenAuthorizations(const AuthorizationSet& input_set,
                                             AuthorizationSet* hidden,
                                             const KeymasterBlob& root_of_trust);

 keymaster_error_t FakeKeyAuthorizations(EVP_PKEY* pubkey,
                                         AuthorizationSet* hw_enforced,
                                         AuthorizationSet* sw_enforced);

 keymaster_error_t ParseOldSoftkeymasterBlob(const KeymasterKeyBlob& blob,
                                             KeymasterKeyBlob* key_material,
                                             AuthorizationSet* hw_enforced,
                                             AuthorizationSet* sw_enforced);

 keymaster_error_t ParseOcbAuthEncryptedBlob(const KeymasterKeyBlob& blob,
                                             const AuthorizationSet& hidden,
                                             KeymasterKeyBlob* key_material,
                                             AuthorizationSet* hw_enforced,
                                             AuthorizationSet* sw_enforced);

 keymaster_error_t SetKeyBlobAuthorizations(const AuthorizationSet& key_description,
                                            keymaster_key_origin_t origin, uint32_t os_version,
                                            uint32_t os_patchlevel, AuthorizationSet* hw_enforced,
                                            AuthorizationSet* sw_enforced);
 keymaster_error_t UpgradeSoftKeyBlob(const UniquePtr<Key>& key,
                                      const uint32_t os_version, const uint32_t os_patchlevel,
                                      const AuthorizationSet& upgrade_params,
                                      KeymasterKeyBlob* upgraded_key);
 } // namespace keymaster

 #endif  // KEY_BLOB_UTILS_SOFTWARE_KEYBLOBS_H_
	/*
	**
	** Copyright 2017, The Android Open Source Project
	**
	** Licensed under the Apache License, Version 2.0 (the "License");
	** you may not use this file except in compliance with the License.
	** You may obtain a copy of the License at
	**
	** http://www.apache.org/licenses/LICENSE-2.0
	**
	** Unless required by applicable law or agreed to in writing, software
	** distributed under the License is distributed on an "AS IS" BASIS,
	** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	** See the License for the specific language governing permissions and
	** limitations under the License.
	*/

	#ifndef KEY_BLOB_UTILS_SOFTWARE_KEYBLOBS_H_
	#define KEY_BLOB_UTILS_SOFTWARE_KEYBLOBS_H_

	#include <hardware/keymaster_defs.h>
	#include <openssl/base.h>
	#include <keymaster/android_keymaster_utils.h>

	namespace keymaster {

	template <typename> struct TKeymasterBlob;
	typedef TKeymasterBlob<keymaster_key_blob_t> KeymasterKeyBlob;
	class AuthorizationSet;
	class Key;

	extern KeymasterBlob softwareRootOfTrust;

	keymaster_error_t BuildHiddenAuthorizations(const AuthorizationSet& input_set,
	AuthorizationSet* hidden,
	const KeymasterBlob& root_of_trust);

	keymaster_error_t FakeKeyAuthorizations(EVP_PKEY* pubkey,
	AuthorizationSet* hw_enforced,
	AuthorizationSet* sw_enforced);

	keymaster_error_t ParseOldSoftkeymasterBlob(const KeymasterKeyBlob& blob,
	KeymasterKeyBlob* key_material,
	AuthorizationSet* hw_enforced,
	AuthorizationSet* sw_enforced);

	keymaster_error_t ParseOcbAuthEncryptedBlob(const KeymasterKeyBlob& blob,
	const AuthorizationSet& hidden,
	KeymasterKeyBlob* key_material,
	AuthorizationSet* hw_enforced,
	AuthorizationSet* sw_enforced);

	keymaster_error_t SetKeyBlobAuthorizations(const AuthorizationSet& key_description,
	keymaster_key_origin_t origin, uint32_t os_version,
	uint32_t os_patchlevel, AuthorizationSet* hw_enforced,
	AuthorizationSet* sw_enforced);
	keymaster_error_t UpgradeSoftKeyBlob(const UniquePtr<Key>& key,
	const uint32_t os_version, const uint32_t os_patchlevel,
	const AuthorizationSet& upgrade_params,
	KeymasterKeyBlob* upgraded_key);
	} // namespace keymaster

	#endif // KEY_BLOB_UTILS_SOFTWARE_KEYBLOBS_H_