/* * Copyright (C) 2020 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #pragma once #include #include #include #include #include #include "KeystoreHmacKey.h" #include "SigningKey.h" class KeystoreKey : public SigningKey { using IKeystoreService = ::android::system::keystore2::IKeystoreService; using IKeystoreSecurityLevel = ::android::system::keystore2::IKeystoreSecurityLevel; using KeyDescriptor = ::android::system::keystore2::KeyDescriptor; using KeyMetadata = ::android::system::keystore2::KeyMetadata; public: virtual ~KeystoreKey(){}; static android::base::Result getInstance(const std::string& signedPubKeyPath, const android::String16& keyAlias, int64_t KeyNspace, int keyBootLevel); virtual android::base::Result sign(const std::string& message) const; virtual android::base::Result> getPublicKey() const; private: KeystoreKey(std::string signedPubKeyPath, const android::String16& keyAlias, int64_t keyNspace, int keyBootLevel); bool initialize(); android::base::Result> verifyExistingKey(); android::base::Result> createKey(); android::base::Result> getOrCreateKey(); KeyDescriptor mDescriptor; KeystoreHmacKey mHmacKey; android::sp mService; android::sp mSecurityLevel; std::vector mPublicKey; std::string mSignedPubKeyPath; int mKeyBootLevel; };