Home | History | Annotate | Download | only in server 
      1 //
      2 // Copyright (C) 2015 The Android Open Source Project
      3 //
      4 // Licensed under the Apache License, Version 2.0 (the "License");
      5 // you may not use this file except in compliance with the License.
      6 // You may obtain a copy of the License at
      7 //
      8 //      http://www.apache.org/licenses/LICENSE-2.0
      9 //
     10 // Unless required by applicable law or agreed to in writing, software
     11 // distributed under the License is distributed on an "AS IS" BASIS,
     12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13 // See the License for the specific language governing permissions and
     14 // limitations under the License.
     15 //
     16 
     17 #ifndef ATTESTATION_SERVER_KEY_STORE_H_
     18 #define ATTESTATION_SERVER_KEY_STORE_H_
     19 
     20 #include <string>
     21 
     22 #include <base/macros.h>
     23 
     24 #include "attestation/common/common.pb.h"
     25 
     26 namespace attestation {
     27 
     28 // A mock-able key storage interface.
     29 class KeyStore {
     30  public:
     31   KeyStore() {}
     32   virtual ~KeyStore() {}
     33 
     34   // Reads key data from the store for the key identified by |key_label| and by
     35   // |username|. On success true is returned and |key_data| is populated.
     36   virtual bool Read(const std::string& username,
     37                     const std::string& key_label,
     38                     std::string* key_data) = 0;
     39 
     40   // Writes key data to the store for the key identified by |key_label| and by
     41   // |username|. If such a key already exists the existing data will be
     42   // overwritten.
     43   virtual bool Write(const std::string& username,
     44                      const std::string& key_label,
     45                      const std::string& key_data) = 0;
     46 
     47   // Deletes key data for the key identified by |key_label| and by |username|.
     48   // Returns false if key data exists but could not be deleted.
     49   virtual bool Delete(const std::string& username,
     50                       const std::string& key_label) = 0;
     51 
     52   // Deletes key data for all keys identified by |key_prefix| and by |username|
     53   // Returns false if key data exists but could not be deleted.
     54   virtual bool DeleteByPrefix(const std::string& username,
     55                               const std::string& key_prefix) = 0;
     56 
     57   // Registers a key to be associated with |username|.
     58   // The provided |label| will be associated with all registered objects.
     59   // |private_key_blob| holds the private key in some opaque format and
     60   // |public_key_der| holds the public key in PKCS #1 RSAPublicKey format.
     61   // If a non-empty |certificate| is provided it will be registered along with
     62   // the key. Returns true on success.
     63   virtual bool Register(const std::string& username,
     64                         const std::string& label,
     65                         KeyType key_type,
     66                         KeyUsage key_usage,
     67                         const std::string& private_key_blob,
     68                         const std::string& public_key_der,
     69                         const std::string& certificate) = 0;
     70 
     71   // Registers a |certificate| that is not associated to a registered key. The
     72   // certificate will be associated with |username|.
     73   virtual bool RegisterCertificate(const std::string& username,
     74                                    const std::string& certificate) = 0;
     75 
     76  private:
     77   DISALLOW_COPY_AND_ASSIGN(KeyStore);
     78 };
     79 
     80 }  // namespace attestation
     81 
     82 #endif  // ATTESTATION_SERVER_KEY_STORE_H_
     83