diff options
Diffstat (limited to 'include/keymaster/keymaster_enforcement.h')
-rw-r--r-- | include/keymaster/keymaster_enforcement.h | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/include/keymaster/keymaster_enforcement.h b/include/keymaster/keymaster_enforcement.h index 1d783ba..5400d8f 100644 --- a/include/keymaster/keymaster_enforcement.h +++ b/include/keymaster/keymaster_enforcement.h @@ -17,10 +17,13 @@ #ifndef ANDROID_LIBRARY_KEYMASTER_ENFORCEMENT_H #define ANDROID_LIBRARY_KEYMASTER_ENFORCEMENT_H +#include <array> + #include <stdio.h> #include <keymaster/android_keymaster_messages.h> #include <keymaster/authorization_set.h> +#include <keymaster/keymaster_utils.h> namespace keymaster { @@ -181,6 +184,16 @@ class KeymasterEnforcement { virtual keymaster_error_t GenerateTimestampToken(TimestampToken* token); /** + * Compute an HMAC using the auth token HMAC key. + * + * Note: Use with caution. MACed data must contain enough structure that it's unambiguous. + */ + virtual KmErrorOr<std::array<uint8_t, 32>> + ComputeHmac(const std::vector<uint8_t>& /* data_to_mac */) const { + return KM_ERROR_UNIMPLEMENTED; + } + + /** * Creates a key ID for use in subsequent calls to AuthorizeOperation. AndroidKeymaster * uses this method for creating key IDs. The generated id must be stable in that the same * key_blob bits yield the same keyid. |