diff options
Diffstat (limited to 'guest/hals/identity/common/SecureHardwareProxy.h')
-rw-r--r-- | guest/hals/identity/common/SecureHardwareProxy.h | 191 |
1 files changed, 191 insertions, 0 deletions
diff --git a/guest/hals/identity/common/SecureHardwareProxy.h b/guest/hals/identity/common/SecureHardwareProxy.h new file mode 100644 index 000000000..bd252a706 --- /dev/null +++ b/guest/hals/identity/common/SecureHardwareProxy.h @@ -0,0 +1,191 @@ +/* + * Copyright 2020, The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ANDROID_HARDWARE_IDENTITY_SECUREHARDWAREPROXY_H +#define ANDROID_HARDWARE_IDENTITY_SECUREHARDWAREPROXY_H + +#include <utils/RefBase.h> +#include <optional> +#include <string> +#include <utility> +#include <vector> + +namespace android::hardware::identity { + +using ::android::RefBase; +using ::std::optional; +using ::std::pair; +using ::std::string; +using ::std::vector; + +// These classes are used to communicate with Secure Hardware. They mimic the +// API in libEmbeddedIC 1:1 (except for using C++ types) as each call is +// intended to be forwarded to the Secure Hardware. +// +// Instances are instantiated when a provisioning or presentation session +// starts. When the session is complete, the shutdown() method is called. +// + +// Forward declare. +// +class SecureHardwareProvisioningProxy; +class SecureHardwarePresentationProxy; + +// This is a class used to create proxies. +// +class SecureHardwareProxyFactory : public RefBase { + public: + SecureHardwareProxyFactory() {} + virtual ~SecureHardwareProxyFactory() {} + + virtual sp<SecureHardwareProvisioningProxy> createProvisioningProxy() = 0; + virtual sp<SecureHardwarePresentationProxy> createPresentationProxy() = 0; +}; + +// The proxy used for provisioning. +// +class SecureHardwareProvisioningProxy : public RefBase { + public: + SecureHardwareProvisioningProxy() {} + virtual ~SecureHardwareProvisioningProxy() {} + + virtual bool initialize(bool testCredential) = 0; + + virtual bool initializeForUpdate(bool testCredential, string docType, + vector<uint8_t> encryptedCredentialKeys) = 0; + + // Returns public key certificate chain with attestation. + // + // This must return an entire certificate chain and its implementation must + // be coordinated with the implementation of eicOpsCreateCredentialKey() on + // the TA side (which may return just a single certificate or the entire + // chain). + virtual optional<vector<uint8_t>> createCredentialKey( + const vector<uint8_t>& challenge, + const vector<uint8_t>& applicationId) = 0; + + virtual bool startPersonalization(int accessControlProfileCount, + vector<int> entryCounts, + const string& docType, + size_t expectedProofOfProvisioningSize) = 0; + + // Returns MAC (28 bytes). + virtual optional<vector<uint8_t>> addAccessControlProfile( + int id, const vector<uint8_t>& readerCertificate, + bool userAuthenticationRequired, uint64_t timeoutMillis, + uint64_t secureUserId) = 0; + + virtual bool beginAddEntry(const vector<int>& accessControlProfileIds, + const string& nameSpace, const string& name, + uint64_t entrySize) = 0; + + // Returns encryptedContent. + virtual optional<vector<uint8_t>> addEntryValue( + const vector<int>& accessControlProfileIds, const string& nameSpace, + const string& name, const vector<uint8_t>& content) = 0; + + // Returns signatureOfToBeSigned (EIC_ECDSA_P256_SIGNATURE_SIZE bytes). + virtual optional<vector<uint8_t>> finishAddingEntries() = 0; + + // Returns encryptedCredentialKeys (80 bytes). + virtual optional<vector<uint8_t>> finishGetCredentialData( + const string& docType) = 0; + + virtual bool shutdown() = 0; +}; + +enum AccessCheckResult { + kOk, + kFailed, + kNoAccessControlProfiles, + kUserAuthenticationFailed, + kReaderAuthenticationFailed, +}; + +// The proxy used for presentation. +// +class SecureHardwarePresentationProxy : public RefBase { + public: + SecureHardwarePresentationProxy() {} + virtual ~SecureHardwarePresentationProxy() {} + + virtual bool initialize(bool testCredential, string docType, + vector<uint8_t> encryptedCredentialKeys) = 0; + + // Returns publicKeyCert (1st component) and signingKeyBlob (2nd component) + virtual optional<pair<vector<uint8_t>, vector<uint8_t>>> + generateSigningKeyPair(string docType, time_t now) = 0; + + // Returns private key + virtual optional<vector<uint8_t>> createEphemeralKeyPair() = 0; + + virtual optional<uint64_t> createAuthChallenge() = 0; + + virtual bool startRetrieveEntries() = 0; + + virtual bool setAuthToken(uint64_t challenge, uint64_t secureUserId, + uint64_t authenticatorId, + int hardwareAuthenticatorType, uint64_t timeStamp, + const vector<uint8_t>& mac, + uint64_t verificationTokenChallenge, + uint64_t verificationTokenTimestamp, + int verificationTokenSecurityLevel, + const vector<uint8_t>& verificationTokenMac) = 0; + + virtual bool pushReaderCert(const vector<uint8_t>& certX509) = 0; + + virtual optional<bool> validateAccessControlProfile( + int id, const vector<uint8_t>& readerCertificate, + bool userAuthenticationRequired, int timeoutMillis, uint64_t secureUserId, + const vector<uint8_t>& mac) = 0; + + virtual bool validateRequestMessage( + const vector<uint8_t>& sessionTranscript, + const vector<uint8_t>& requestMessage, int coseSignAlg, + const vector<uint8_t>& readerSignatureOfToBeSigned) = 0; + + virtual bool calcMacKey(const vector<uint8_t>& sessionTranscript, + const vector<uint8_t>& readerEphemeralPublicKey, + const vector<uint8_t>& signingKeyBlob, + const string& docType, + unsigned int numNamespacesWithValues, + size_t expectedProofOfProvisioningSize) = 0; + + virtual AccessCheckResult startRetrieveEntryValue( + const string& nameSpace, const string& name, + unsigned int newNamespaceNumEntries, int32_t entrySize, + const vector<int32_t>& accessControlProfileIds) = 0; + + virtual optional<vector<uint8_t>> retrieveEntryValue( + const vector<uint8_t>& encryptedContent, const string& nameSpace, + const string& name, const vector<int32_t>& accessControlProfileIds) = 0; + + virtual optional<vector<uint8_t>> finishRetrieval(); + + virtual optional<vector<uint8_t>> deleteCredential( + const string& docType, const vector<uint8_t>& challenge, + bool includeChallenge, size_t proofOfDeletionCborSize) = 0; + + virtual optional<vector<uint8_t>> proveOwnership( + const string& docType, bool testCredential, + const vector<uint8_t>& challenge, size_t proofOfOwnershipCborSize) = 0; + + virtual bool shutdown() = 0; +}; + +} // namespace android::hardware::identity + +#endif // ANDROID_HARDWARE_IDENTITY_SECUREHARDWAREPROXY_H |