keystore/keystore_utils.h - platform/system/security - Git at Google

 /*
  * Copyright (C) 2016 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 #ifndef KEYSTORE_KEYSTORE_UTILS_H_
 #define KEYSTORE_KEYSTORE_UTILS_H_

 #include <cstdint>
 #include <string>
 #include <vector>

 #include <openssl/evp.h>
 #include <openssl/pem.h>

 #include <memory>

 #include <keystore/keymaster_types.h>

 size_t readFully(int fd, uint8_t* data, size_t size);
 size_t writeFully(int fd, uint8_t* data, size_t size);
 std::string getContainingDirectory(const std::string& filename);
 void fsyncDirectory(const std::string& path);

 void add_legacy_key_authorizations(int keyType, keystore::AuthorizationSet* params);

 /**
  * Returns the app ID (in the Android multi-user sense) for the current
  * UNIX UID.
  */
 uid_t get_app_id(uid_t uid);

 /**
  * Returns the user ID (in the Android multi-user sense) for the current
  * UNIX UID.
  */
 uid_t get_user_id(uid_t uid);

 struct EVP_PKEY_Delete {
     void operator()(EVP_PKEY* p) const { EVP_PKEY_free(p); }
 };
 typedef std::unique_ptr<EVP_PKEY, EVP_PKEY_Delete> Unique_EVP_PKEY;

 struct PKCS8_PRIV_KEY_INFO_Delete {
     void operator()(PKCS8_PRIV_KEY_INFO* p) const { PKCS8_PRIV_KEY_INFO_free(p); }
 };
 typedef std::unique_ptr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_Delete> Unique_PKCS8_PRIV_KEY_INFO;

 class Blob;

 // Tags for audit logging. Be careful and don't log sensitive data.
 // Should be in sync with frameworks/base/core/java/android/app/admin/SecurityLogTags.logtags
 constexpr int SEC_TAG_KEY_DESTROYED = 210026;
 constexpr int SEC_TAG_KEY_INTEGRITY_VIOLATION = 210032;
 constexpr int SEC_TAG_AUTH_KEY_GENERATED = 210024;
 constexpr int SEC_TAG_KEY_IMPORTED = 210025;

 void log_key_integrity_violation(const char* name, uid_t uid);

 namespace keystore {

 hidl_vec<uint8_t> blob2hidlVec(const Blob& blob);

 SecurityLevel flagsToSecurityLevel(int32_t flags);
 uint32_t securityLevelToFlags(SecurityLevel secLevel);

 }  // namespace keystore

 #endif  // KEYSTORE_KEYSTORE_UTILS_H_
	/*
	* Copyright (C) 2016 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	#ifndef KEYSTORE_KEYSTORE_UTILS_H_
	#define KEYSTORE_KEYSTORE_UTILS_H_

	#include <cstdint>
	#include <string>
	#include <vector>

	#include <openssl/evp.h>
	#include <openssl/pem.h>

	#include <memory>

	#include <keystore/keymaster_types.h>

	size_t readFully(int fd, uint8_t* data, size_t size);
	size_t writeFully(int fd, uint8_t* data, size_t size);
	std::string getContainingDirectory(const std::string& filename);
	void fsyncDirectory(const std::string& path);

	void add_legacy_key_authorizations(int keyType, keystore::AuthorizationSet* params);

	/**
	* Returns the app ID (in the Android multi-user sense) for the current
	* UNIX UID.
	*/
	uid_t get_app_id(uid_t uid);

	/**
	* Returns the user ID (in the Android multi-user sense) for the current
	* UNIX UID.
	*/
	uid_t get_user_id(uid_t uid);

	struct EVP_PKEY_Delete {
	void operator()(EVP_PKEY* p) const { EVP_PKEY_free(p); }
	};
	typedef std::unique_ptr<EVP_PKEY, EVP_PKEY_Delete> Unique_EVP_PKEY;

	struct PKCS8_PRIV_KEY_INFO_Delete {
	void operator()(PKCS8_PRIV_KEY_INFO* p) const { PKCS8_PRIV_KEY_INFO_free(p); }
	};
	typedef std::unique_ptr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_Delete> Unique_PKCS8_PRIV_KEY_INFO;

	class Blob;

	// Tags for audit logging. Be careful and don't log sensitive data.
	// Should be in sync with frameworks/base/core/java/android/app/admin/SecurityLogTags.logtags
	constexpr int SEC_TAG_KEY_DESTROYED = 210026;
	constexpr int SEC_TAG_KEY_INTEGRITY_VIOLATION = 210032;
	constexpr int SEC_TAG_AUTH_KEY_GENERATED = 210024;
	constexpr int SEC_TAG_KEY_IMPORTED = 210025;

	void log_key_integrity_violation(const char* name, uid_t uid);

	namespace keystore {

	hidl_vec<uint8_t> blob2hidlVec(const Blob& blob);

	SecurityLevel flagsToSecurityLevel(int32_t flags);
	uint32_t securityLevelToFlags(SecurityLevel secLevel);

	} // namespace keystore

	#endif // KEYSTORE_KEYSTORE_UTILS_H_