atap/trusty_atap_ops.h - trusty/app/keymaster - Git at Google

 /*
  * Copyright (C) 2017 The Android Open Source Project
  *
  * Permission is hereby granted, free of charge, to any person
  * obtaining a copy of this software and associated documentation
  * files (the "Software"), to deal in the Software without
  * restriction, including without limitation the rights to use, copy,
  * modify, merge, publish, distribute, sublicense, and/or sell copies
  * of the Software, and to permit persons to whom the Software is
  * furnished to do so, subject to the following conditions:
  *
  * The above copyright notice and this permission notice shall be
  * included in all copies or substantial portions of the Software.
  *
  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
  * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
  * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
  * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE.
  */

 #ifndef TRUSTY_ATAP_OPS_H_
 #define TRUSTY_ATAP_OPS_H_

 #include "ops/openssl_ops.h"

 namespace keymaster {

 // An ops implementation for Trusty. All instances of this class must be created
 // on the same thread. This class is intended to be used with libatap and does
 // not perform additional verification of data formats. Only use this class with
 // sanitized inputs.
 class TrustyAtapOps : public atap::OpensslOps {
 public:
     TrustyAtapOps();
     ~TrustyAtapOps() override;

     // AtapOpsDelegate methods. Other methods are handled by OpensslOps.
     AtapResult read_product_id(
             uint8_t product_id[ATAP_PRODUCT_ID_LEN]) override;

     AtapResult get_auth_key_type(AtapKeyType* key_type) override;

     AtapResult read_auth_key_cert_chain(AtapCertChain* cert_chain) override;

     AtapResult write_attestation_key(AtapKeyType key_type,
                                      const AtapBlob* key,
                                      const AtapCertChain* cert_chain) override;

     AtapResult read_attestation_public_key(AtapKeyType key_type,
                                            uint8_t pubkey[ATAP_KEY_LEN_MAX],
                                            uint32_t* pubkey_len) override;

     AtapResult read_soc_global_key(
             uint8_t global_key[ATAP_AES_128_KEY_LEN]) override;

     AtapResult write_hex_uuid(const uint8_t uuid[ATAP_HEX_UUID_LEN]) override;

     AtapResult auth_key_sign(const uint8_t* nonce,
                              uint32_t nonce_len,
                              uint8_t sig[ATAP_SIGNATURE_LEN_MAX],
                              uint32_t* sig_len) override;

 private:
     bool _auth_key_type_init = false;
     AtapKeyType _auth_key_type;
 };

 }  // namespace keymaster

 #endif /* TRUSTY_ATAP_OPS_H_ */
	/*
	* Copyright (C) 2017 The Android Open Source Project
	*
	* Permission is hereby granted, free of charge, to any person
	* obtaining a copy of this software and associated documentation
	* files (the "Software"), to deal in the Software without
	* restriction, including without limitation the rights to use, copy,
	* modify, merge, publish, distribute, sublicense, and/or sell copies
	* of the Software, and to permit persons to whom the Software is
	* furnished to do so, subject to the following conditions:
	*
	* The above copyright notice and this permission notice shall be
	* included in all copies or substantial portions of the Software.
	*
	* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
	* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
	* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
	* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
	* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
	* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
	* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
	* SOFTWARE.
	*/

	#ifndef TRUSTY_ATAP_OPS_H_
	#define TRUSTY_ATAP_OPS_H_

	#include "ops/openssl_ops.h"

	namespace keymaster {

	// An ops implementation for Trusty. All instances of this class must be created
	// on the same thread. This class is intended to be used with libatap and does
	// not perform additional verification of data formats. Only use this class with
	// sanitized inputs.
	class TrustyAtapOps : public atap::OpensslOps {
	public:
	TrustyAtapOps();
	~TrustyAtapOps() override;

	// AtapOpsDelegate methods. Other methods are handled by OpensslOps.
	AtapResult read_product_id(
	uint8_t product_id[ATAP_PRODUCT_ID_LEN]) override;

	AtapResult get_auth_key_type(AtapKeyType* key_type) override;

	AtapResult read_auth_key_cert_chain(AtapCertChain* cert_chain) override;

	AtapResult write_attestation_key(AtapKeyType key_type,
	const AtapBlob* key,
	const AtapCertChain* cert_chain) override;

	AtapResult read_attestation_public_key(AtapKeyType key_type,
	uint8_t pubkey[ATAP_KEY_LEN_MAX],
	uint32_t* pubkey_len) override;

	AtapResult read_soc_global_key(
	uint8_t global_key[ATAP_AES_128_KEY_LEN]) override;

	AtapResult write_hex_uuid(const uint8_t uuid[ATAP_HEX_UUID_LEN]) override;

	AtapResult auth_key_sign(const uint8_t* nonce,
	uint32_t nonce_len,
	uint8_t sig[ATAP_SIGNATURE_LEN_MAX],
	uint32_t* sig_len) override;

	private:
	bool _auth_key_type_init = false;
	AtapKeyType _auth_key_type;
	};

	} // namespace keymaster

	#endif /* TRUSTY_ATAP_OPS_H_ */