#include <tpm_keymaster_context.h>

Inheritance diagram for cuttlefish::TpmKeymasterContext:

Collaboration diagram for cuttlefish::TpmKeymasterContext:

Public Member Functions
	TpmKeymasterContext (TpmResourceManager &, keymaster::KeymasterEnforcement &)

	~TpmKeymasterContext ()=default

keymaster::KmVersion	GetKmVersion () const override

keymaster_error_t	SetSystemVersion (uint32_t os_version, uint32_t os_patchlevel) override

void	GetSystemVersion (uint32_t os_version, uint32_t os_patchlevel) const override

const keymaster::KeyFactory *	GetKeyFactory (keymaster_algorithm_t algorithm) const override

keymaster::OperationFactory *	GetOperationFactory (keymaster_algorithm_t algorithm, keymaster_purpose_t purpose) const override

const keymaster_algorithm_t *	GetSupportedAlgorithms (size_t *algorithms_count) const override

keymaster_error_t	UpgradeKeyBlob (const keymaster::KeymasterKeyBlob &key_to_upgrade, const keymaster::AuthorizationSet &upgrade_params, keymaster::KeymasterKeyBlob *upgraded_key) const override

keymaster_error_t	ParseKeyBlob (const keymaster::KeymasterKeyBlob &blob, const keymaster::AuthorizationSet &additional_params, keymaster::UniquePtr< keymaster::Key > *key) const override

keymaster_error_t	AddRngEntropy (const uint8_t *buf, size_t length) const override

keymaster::KeymasterEnforcement *	enforcement_policy () override

keymaster::AttestationContext *	attestation_context () override

keymaster::CertificateChain	GenerateAttestation (const keymaster::Key &key, const keymaster::AuthorizationSet &attest_params, keymaster::UniquePtr< keymaster::Key > attest_key, const keymaster::KeymasterBlob &issuer_subject, keymaster_error_t *error) const override

keymaster::CertificateChain	GenerateSelfSignedCertificate (const keymaster::Key &key, const keymaster::AuthorizationSet &cert_params, bool fake_signature, keymaster_error_t *error) const override

keymaster_error_t	UnwrapKey (const keymaster::KeymasterKeyBlob &wrapped_key_blob, const keymaster::KeymasterKeyBlob &wrapping_key_blob, const keymaster::AuthorizationSet &wrapping_key_params, const keymaster::KeymasterKeyBlob &masking_key, keymaster::AuthorizationSet wrapped_key_params, keymaster_key_format_t wrapped_key_format, keymaster::KeymasterKeyBlob *wrapped_key_material) const override

keymaster_error_t	CheckConfirmationToken (const std::uint8_t *input_data, size_t input_data_size, const uint8_t confirmation_token[keymaster::kConfirmationTokenSize]) const

keymaster::RemoteProvisioningContext *	GetRemoteProvisioningContext () const override

keymaster_error_t	SetVerifiedBootInfo (std::string_view verified_boot_state, std::string_view bootloader_state, const std::vector< uint8_t > &vbmeta_digest) override

keymaster_error_t	SetVendorPatchlevel (uint32_t vendor_patchlevel) override

keymaster_error_t	SetBootPatchlevel (uint32_t boot_patchlevel) override

std::optional< uint32_t >	GetVendorPatchlevel () const override

std::optional< uint32_t >	GetBootPatchlevel () const override

keymaster_error_t	SetAttestationIds (const keymaster::SetAttestationIdsRequest &request) override

keymaster_error_t	SetAttestationIdsKM3 (const keymaster::SetAttestationIdsKM3Request &request) override

Private Attributes
TpmResourceManager &	resource_manager_

keymaster::KeymasterEnforcement &	enforcement_

std::unique_ptr< TpmKeyBlobMaker >	key_blob_maker_

std::unique_ptr< TpmRandomSource >	random_source_

std::unique_ptr< TpmAttestationRecordContext >	attestation_context_

std::unique_ptr< TpmRemoteProvisioningContext >	remote_provisioning_context_

std::map< keymaster_algorithm_t, std::unique_ptr< keymaster::KeyFactory > >	key_factories_

std::vector< keymaster_algorithm_t >	supported_algorithms_

uint32_t	os_version_

uint32_t	os_patchlevel_

std::optional< uint32_t >	vendor_patchlevel_

std::optional< uint32_t >	boot_patchlevel_

std::optional< std::string >	bootloader_state_

std::optional< std::string >	verified_boot_state_

std::optional< std::vector< uint8_t > >	vbmeta_digest_

Detailed Description

Implementation of KeymasterContext that wraps its keys with a TPM.

See the parent class for details: https://cs.android.com/android/platform/superproject/+/master:system/keymaster/include/keymaster/keymaster_context.h;drc=821acb74d7febb886a9b7cefee4ee3df4cc8c556

Constructor & Destructor Documentation

◆ TpmKeymasterContext()

cuttlefish::TpmKeymasterContext::TpmKeymasterContext	(	TpmResourceManager &	resource_manager,
		keymaster::KeymasterEnforcement &	enforcement
	)

◆ ~TpmKeymasterContext()

cuttlefish::TpmKeymasterContext::~TpmKeymasterContext ( )

default

Member Function Documentation

◆ AddRngEntropy()

keymaster_error_t cuttlefish::TpmKeymasterContext::AddRngEntropy	(	const uint8_t *	buf,
		size_t	length
	)		const

override

◆ attestation_context()

keymaster::AttestationContext * cuttlefish::TpmKeymasterContext::attestation_context ( )

inlineoverride

◆ CheckConfirmationToken()

keymaster_error_t cuttlefish::TpmKeymasterContext::CheckConfirmationToken	(	const std::uint8_t *	input_data,
		size_t	input_data_size,
		const uint8_t	confirmation_token[keymaster::kConfirmationTokenSize]
	)		const

◆ enforcement_policy()

keymaster::KeymasterEnforcement * cuttlefish::TpmKeymasterContext::enforcement_policy ( )

override

◆ GenerateAttestation()

keymaster::CertificateChain cuttlefish::TpmKeymasterContext::GenerateAttestation	(	const keymaster::Key &	key,
		const keymaster::AuthorizationSet &	attest_params,
		keymaster::UniquePtr< keymaster::Key >	attest_key,
		const keymaster::KeymasterBlob &	issuer_subject,
		keymaster_error_t *	error
	)		const

override

◆ GenerateSelfSignedCertificate()

keymaster::CertificateChain cuttlefish::TpmKeymasterContext::GenerateSelfSignedCertificate	(	const keymaster::Key &	key,
		const keymaster::AuthorizationSet &	cert_params,
		bool	fake_signature,
		keymaster_error_t *	error
	)		const

override

◆ GetBootPatchlevel()

std::optional< uint32_t > cuttlefish::TpmKeymasterContext::GetBootPatchlevel ( ) const

override

◆ GetKeyFactory()

const KeyFactory * cuttlefish::TpmKeymasterContext::GetKeyFactory ( keymaster_algorithm_t algorithm ) const

override

◆ GetKmVersion()

keymaster::KmVersion cuttlefish::TpmKeymasterContext::GetKmVersion ( ) const

inlineoverride

◆ GetOperationFactory()

OperationFactory * cuttlefish::TpmKeymasterContext::GetOperationFactory	(	keymaster_algorithm_t	algorithm,
		keymaster_purpose_t	purpose
	)		const

override

◆ GetRemoteProvisioningContext()

keymaster::RemoteProvisioningContext * cuttlefish::TpmKeymasterContext::GetRemoteProvisioningContext ( ) const

override

◆ GetSupportedAlgorithms()

const keymaster_algorithm_t * cuttlefish::TpmKeymasterContext::GetSupportedAlgorithms ( size_t * algorithms_count ) const

override

◆ GetSystemVersion()

void cuttlefish::TpmKeymasterContext::GetSystemVersion	(	uint32_t *	os_version,
		uint32_t *	os_patchlevel
	)		const

override

◆ GetVendorPatchlevel()

std::optional< uint32_t > cuttlefish::TpmKeymasterContext::GetVendorPatchlevel ( ) const

override

◆ ParseKeyBlob()

keymaster_error_t cuttlefish::TpmKeymasterContext::ParseKeyBlob	(	const keymaster::KeymasterKeyBlob &	blob,
		const keymaster::AuthorizationSet &	additional_params,
		keymaster::UniquePtr< keymaster::Key > *	key
	)		const

override

◆ SetAttestationIds()

keymaster_error_t cuttlefish::TpmKeymasterContext::SetAttestationIds ( const keymaster::SetAttestationIdsRequest & request )

inlineoverride

◆ SetAttestationIdsKM3()

keymaster_error_t cuttlefish::TpmKeymasterContext::SetAttestationIdsKM3 ( const keymaster::SetAttestationIdsKM3Request & request )

inlineoverride

◆ SetBootPatchlevel()

keymaster_error_t cuttlefish::TpmKeymasterContext::SetBootPatchlevel ( uint32_t boot_patchlevel )

override

◆ SetSystemVersion()

keymaster_error_t cuttlefish::TpmKeymasterContext::SetSystemVersion	(	uint32_t	os_version,
		uint32_t	os_patchlevel
	)

override

◆ SetVendorPatchlevel()

keymaster_error_t cuttlefish::TpmKeymasterContext::SetVendorPatchlevel ( uint32_t vendor_patchlevel )

override

◆ SetVerifiedBootInfo()

keymaster_error_t cuttlefish::TpmKeymasterContext::SetVerifiedBootInfo	(	std::string_view	verified_boot_state,
		std::string_view	bootloader_state,
		const std::vector< uint8_t > &	vbmeta_digest
	)

override

◆ UnwrapKey()

keymaster_error_t cuttlefish::TpmKeymasterContext::UnwrapKey	(	const keymaster::KeymasterKeyBlob &	wrapped_key_blob,
		const keymaster::KeymasterKeyBlob &	wrapping_key_blob,
		const keymaster::AuthorizationSet &	wrapping_key_params,
		const keymaster::KeymasterKeyBlob &	masking_key,
		keymaster::AuthorizationSet *	wrapped_key_params,
		keymaster_key_format_t *	wrapped_key_format,
		keymaster::KeymasterKeyBlob *	wrapped_key_material
	)		const

override

◆ UpgradeKeyBlob()

keymaster_error_t cuttlefish::TpmKeymasterContext::UpgradeKeyBlob	(	const keymaster::KeymasterKeyBlob &	key_to_upgrade,
		const keymaster::AuthorizationSet &	upgrade_params,
		keymaster::KeymasterKeyBlob *	upgraded_key
	)		const

override

Member Data Documentation

◆ attestation_context_

std::unique_ptr<TpmAttestationRecordContext> cuttlefish::TpmKeymasterContext::attestation_context_

private

◆ boot_patchlevel_

std::optional<uint32_t> cuttlefish::TpmKeymasterContext::boot_patchlevel_

private

◆ bootloader_state_

std::optional<std::string> cuttlefish::TpmKeymasterContext::bootloader_state_

private

◆ enforcement_

keymaster::KeymasterEnforcement& cuttlefish::TpmKeymasterContext::enforcement_

private

◆ key_blob_maker_

std::unique_ptr<TpmKeyBlobMaker> cuttlefish::TpmKeymasterContext::key_blob_maker_

private

◆ key_factories_

std::map<keymaster_algorithm_t, std::unique_ptr<keymaster::KeyFactory> > cuttlefish::TpmKeymasterContext::key_factories_

private

◆ os_patchlevel_

uint32_t cuttlefish::TpmKeymasterContext::os_patchlevel_

private

◆ os_version_

uint32_t cuttlefish::TpmKeymasterContext::os_version_

private

◆ random_source_

std::unique_ptr<TpmRandomSource> cuttlefish::TpmKeymasterContext::random_source_

private

◆ remote_provisioning_context_

std::unique_ptr<TpmRemoteProvisioningContext> cuttlefish::TpmKeymasterContext::remote_provisioning_context_

private

◆ resource_manager_

TpmResourceManager& cuttlefish::TpmKeymasterContext::resource_manager_

private

◆ supported_algorithms_

std::vector<keymaster_algorithm_t> cuttlefish::TpmKeymasterContext::supported_algorithms_

private

◆ vbmeta_digest_

std::optional<std::vector<uint8_t> > cuttlefish::TpmKeymasterContext::vbmeta_digest_

private

◆ vendor_patchlevel_

std::optional<uint32_t> cuttlefish::TpmKeymasterContext::vendor_patchlevel_

private

◆ verified_boot_state_

std::optional<std::string> cuttlefish::TpmKeymasterContext::verified_boot_state_

private

The documentation for this class was generated from the following files:

cuttlefish/host/commands/secure_env/tpm_keymaster_context.h
cuttlefish/host/commands/secure_env/tpm_keymaster_context.cpp

Public Member Functions

Private Attributes

Detailed Description

Constructor & Destructor Documentation

◆ TpmKeymasterContext()

◆ ~TpmKeymasterContext()

Member Function Documentation

◆ AddRngEntropy()

◆ attestation_context()

◆ CheckConfirmationToken()

◆ enforcement_policy()

◆ GenerateAttestation()

◆ GenerateSelfSignedCertificate()

◆ GetBootPatchlevel()

◆ GetKeyFactory()

◆ GetKmVersion()

◆ GetOperationFactory()

◆ GetRemoteProvisioningContext()

◆ GetSupportedAlgorithms()

◆ GetSystemVersion()

◆ GetVendorPatchlevel()

◆ ParseKeyBlob()

◆ SetAttestationIds()

◆ SetAttestationIdsKM3()

◆ SetBootPatchlevel()

◆ SetSystemVersion()

◆ SetVendorPatchlevel()

◆ SetVerifiedBootInfo()

◆ UnwrapKey()

◆ UpgradeKeyBlob()

Member Data Documentation

◆ attestation_context_

◆ boot_patchlevel_

◆ bootloader_state_

◆ enforcement_

◆ key_blob_maker_

◆ key_factories_

◆ os_patchlevel_

◆ os_version_

◆ random_source_

◆ remote_provisioning_context_

◆ resource_manager_

◆ supported_algorithms_

◆ vbmeta_digest_

◆ vendor_patchlevel_

◆ verified_boot_state_