Home | History | Annotate | Download | only in keymaster 
      1 /*
      2  * Copyright 2017 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 
     17 #ifndef SYSTEM_KEYMASTER_WRAPPED_KEY_H_
     18 #define SYSTEM_KEYMASTER_WRAPPED_KEY_H_
     19 
     20 #include <hardware/keymaster_defs.h>
     21 
     22 #include <keymaster/attestation_record.h>
     23 #include <keymaster/authorization_set.h>
     24 
     25 namespace keymaster {
     26 
     27 typedef struct km_wrapped_key_description {
     28     ASN1_INTEGER* key_format;
     29     KM_AUTH_LIST* auth_list;
     30 } KM_WRAPPED_KEY_DESCRIPTION;
     31 
     32 ASN1_SEQUENCE(KM_WRAPPED_KEY_DESCRIPTION) = {
     33     ASN1_SIMPLE(KM_WRAPPED_KEY_DESCRIPTION, key_format, ASN1_INTEGER),
     34     ASN1_SIMPLE(KM_WRAPPED_KEY_DESCRIPTION, auth_list, KM_AUTH_LIST),
     35 } ASN1_SEQUENCE_END(KM_WRAPPED_KEY_DESCRIPTION);
     36 DECLARE_ASN1_FUNCTIONS(KM_WRAPPED_KEY_DESCRIPTION);
     37 
     38 typedef struct km_wrapped_key {
     39     ASN1_INTEGER* version;
     40     ASN1_OCTET_STRING* transit_key;
     41     ASN1_OCTET_STRING* iv;
     42     KM_WRAPPED_KEY_DESCRIPTION* wrapped_key_description;
     43     ASN1_OCTET_STRING* secure_key;
     44     ASN1_OCTET_STRING* tag;
     45 } KM_WRAPPED_KEY;
     46 
     47 ASN1_SEQUENCE(KM_WRAPPED_KEY) = {
     48     ASN1_SIMPLE(KM_WRAPPED_KEY, version, ASN1_INTEGER),
     49     ASN1_SIMPLE(KM_WRAPPED_KEY, transit_key, ASN1_OCTET_STRING),
     50     ASN1_SIMPLE(KM_WRAPPED_KEY, iv, ASN1_OCTET_STRING),
     51     ASN1_SIMPLE(KM_WRAPPED_KEY, wrapped_key_description, KM_WRAPPED_KEY_DESCRIPTION),
     52     ASN1_SIMPLE(KM_WRAPPED_KEY, secure_key, ASN1_OCTET_STRING),
     53     ASN1_SIMPLE(KM_WRAPPED_KEY, tag, ASN1_OCTET_STRING),
     54 } ASN1_SEQUENCE_END(KM_WRAPPED_KEY);
     55 DECLARE_ASN1_FUNCTIONS(KM_WRAPPED_KEY);
     56 
     57 keymaster_error_t build_wrapped_key(const KeymasterKeyBlob& encrypted_ephemeral_key,
     58                                     const KeymasterBlob& iv, keymaster_key_format_t key_format,
     59                                     const KeymasterKeyBlob& secure_key, const KeymasterBlob& tag,
     60                                     const AuthorizationSet& authorization_list,
     61                                     KeymasterKeyBlob* der_wrapped_key);
     62 
     63 keymaster_error_t parse_wrapped_key(const KeymasterKeyBlob& wrapped_key, KeymasterBlob* iv,
     64                                     KeymasterKeyBlob* transit_key, KeymasterKeyBlob* secure_key,
     65                                     KeymasterBlob* tag, AuthorizationSet* auth_list,
     66                                     keymaster_key_format_t* key_format,
     67                                     KeymasterBlob* wrapped_key_description);
     68 
     69 }  // namespace keymaster
     70 
     71 #endif  // SYSTEM_KEYMASTER_WRAPPED_KEY_H_
     72