Android-cuttlefish cvd tool
proxy_keymaster_context.h
Go to the documentation of this file.
1//
2// Copyright (C) 2020 The Android Open Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8// http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15
16#pragma once
17
18#include <map>
19#include <vector>
20
21#include <keymaster/key.h>
22#include <keymaster/keymaster_context.h>
23#include <keymaster/km_openssl/attestation_record.h>
24
25#include "tpm_attestation_record.h"
26
27namespace cuttlefish {
28
29class TpmAttestationRecordContext;
30class TpmResourceManager;
31class TpmKeyBlobMaker;
32class TpmRandomSource;
33class TpmRemoteProvisioningContext;
34
44class ProxyKeymasterContext : public keymaster::KeymasterContext {
45 public:
46 ProxyKeymasterContext(KeymasterContext& wrapped) : wrapped_(wrapped) {}
47 ~ProxyKeymasterContext() = default;
48
49 keymaster::KmVersion GetKmVersion() const override {
50 return wrapped_.GetKmVersion();
51 }
52
53 keymaster_error_t SetSystemVersion(uint32_t os_version,
54 uint32_t os_patchlevel) override {
55 return wrapped_.SetSystemVersion(os_version, os_patchlevel);
56 }
57 void GetSystemVersion(uint32_t* os_version,
58 uint32_t* os_patchlevel) const override {
59 return wrapped_.GetSystemVersion(os_version, os_patchlevel);
60 }
61
62 const keymaster::KeyFactory* GetKeyFactory(
63 keymaster_algorithm_t algorithm) const override {
64 return wrapped_.GetKeyFactory(algorithm);
65 }
66 const keymaster::OperationFactory* GetOperationFactory(
67 keymaster_algorithm_t algorithm,
68 keymaster_purpose_t purpose) const override {
69 return wrapped_.GetOperationFactory(algorithm, purpose);
70 }
71 const keymaster_algorithm_t* GetSupportedAlgorithms(
72 size_t* algorithms_count) const override {
73 return wrapped_.GetSupportedAlgorithms(algorithms_count);
74 }
75
76 keymaster_error_t UpgradeKeyBlob(
77 const keymaster::KeymasterKeyBlob& key_to_upgrade,
78 const keymaster::AuthorizationSet& upgrade_params,
79 keymaster::KeymasterKeyBlob* upgraded_key) const override {
80 return wrapped_.UpgradeKeyBlob(key_to_upgrade, upgrade_params,
81 upgraded_key);
82 }
83
84 keymaster_error_t ParseKeyBlob(
85 const keymaster::KeymasterKeyBlob& blob,
86 const keymaster::AuthorizationSet& additional_params,
87 keymaster::UniquePtr<keymaster::Key>* key) const override {
88 return wrapped_.ParseKeyBlob(blob, additional_params, key);
89 }
90
91 keymaster_error_t AddRngEntropy(const uint8_t* buf,
92 size_t length) const override {
93 return wrapped_.AddRngEntropy(buf, length);
94 }
95
96 keymaster::KeymasterEnforcement* enforcement_policy() override {
97 return wrapped_.enforcement_policy();
98 }
99
100 keymaster::AttestationContext* attestation_context() override {
101 return wrapped_.attestation_context();
102 }
103
104 keymaster::CertificateChain GenerateAttestation(
105 const keymaster::Key& key,
106 const keymaster::AuthorizationSet& attest_params,
107 keymaster::UniquePtr<keymaster::Key> attest_key,
108 const keymaster::KeymasterBlob& issuer_subject,
109 keymaster_error_t* error) const override {
110 return wrapped_.GenerateAttestation(
111 key, attest_params, std::move(attest_key), issuer_subject, error);
112 }
113
114 keymaster::CertificateChain GenerateSelfSignedCertificate(
115 const keymaster::Key& key, const keymaster::AuthorizationSet& cert_params,
116 bool fake_signature, keymaster_error_t* error) const override {
117 return wrapped_.GenerateSelfSignedCertificate(key, cert_params,
118 fake_signature, error);
119 }
120
121 keymaster_error_t UnwrapKey(
122 const keymaster::KeymasterKeyBlob& wrapped_key_blob,
123 const keymaster::KeymasterKeyBlob& wrapping_key_blob,
124 const keymaster::AuthorizationSet& wrapping_key_params,
125 const keymaster::KeymasterKeyBlob& masking_key,
126 keymaster::AuthorizationSet* wrapped_key_params,
127 keymaster_key_format_t* wrapped_key_format,
128 keymaster::KeymasterKeyBlob* wrapped_key_material) const override {
129 return wrapped_.UnwrapKey(
130 wrapped_key_blob, wrapping_key_blob, wrapping_key_params, masking_key,
131 wrapped_key_params, wrapped_key_format, wrapped_key_material);
132 }
133
134 keymaster_error_t CheckConfirmationToken(
135 const std::uint8_t* input_data, size_t input_data_size,
136 const uint8_t confirmation_token[keymaster::kConfirmationTokenSize])
137 const {
138 return wrapped_.CheckConfirmationToken(input_data, input_data_size,
139 confirmation_token);
140 }
141
142 keymaster::RemoteProvisioningContext* GetRemoteProvisioningContext()
143 const override {
144 return wrapped_.GetRemoteProvisioningContext();
145 }
146
147 keymaster_error_t SetVendorPatchlevel(uint32_t vendor_patchlevel) override {
148 return wrapped_.SetVendorPatchlevel(vendor_patchlevel);
149 }
150 keymaster_error_t SetBootPatchlevel(uint32_t boot_patchlevel) override {
151 return wrapped_.SetBootPatchlevel(boot_patchlevel);
152 }
153 keymaster_error_t SetVerifiedBootInfo(
154 std::string_view verified_boot_state, std::string_view bootloader_state,
155 const std::vector<uint8_t>& vbmeta_digest) {
156 return wrapped_.SetVerifiedBootInfo(verified_boot_state, bootloader_state,
157 vbmeta_digest);
158 }
159 std::optional<uint32_t> GetVendorPatchlevel() const override {
160 return wrapped_.GetVendorPatchlevel();
161 }
162 std::optional<uint32_t> GetBootPatchlevel() const override {
163 return wrapped_.GetBootPatchlevel();
164 }
165
166 keymaster_error_t SetAttestationIds(
167 const keymaster::SetAttestationIdsRequest& request) override {
168 return wrapped_.SetAttestationIds(request);
169 }
170
171 keymaster_error_t SetAttestationIdsKM3(
172 const keymaster::SetAttestationIdsKM3Request& request) override {
173 return wrapped_.SetAttestationIdsKM3(request);
174 }
175
176 private:
177 KeymasterContext& wrapped_;
178};
179
180} // namespace cuttlefish
cuttlefish::ProxyKeymasterContext
Definition: proxy_keymaster_context.h:44
cuttlefish::ProxyKeymasterContext::SetSystemVersion
keymaster_error_t SetSystemVersion(uint32_t os_version, uint32_t os_patchlevel) override
Definition: proxy_keymaster_context.h:53
cuttlefish::ProxyKeymasterContext::SetBootPatchlevel
keymaster_error_t SetBootPatchlevel(uint32_t boot_patchlevel) override
Definition: proxy_keymaster_context.h:150
cuttlefish::ProxyKeymasterContext::UnwrapKey
keymaster_error_t UnwrapKey(const keymaster::KeymasterKeyBlob &wrapped_key_blob, const keymaster::KeymasterKeyBlob &wrapping_key_blob, const keymaster::AuthorizationSet &wrapping_key_params, const keymaster::KeymasterKeyBlob &masking_key, keymaster::AuthorizationSet *wrapped_key_params, keymaster_key_format_t *wrapped_key_format, keymaster::KeymasterKeyBlob *wrapped_key_material) const override
Definition: proxy_keymaster_context.h:121
cuttlefish::ProxyKeymasterContext::GetVendorPatchlevel
std::optional< uint32_t > GetVendorPatchlevel() const override
Definition: proxy_keymaster_context.h:159
cuttlefish::ProxyKeymasterContext::enforcement_policy
keymaster::KeymasterEnforcement * enforcement_policy() override
Definition: proxy_keymaster_context.h:96
cuttlefish::ProxyKeymasterContext::GetRemoteProvisioningContext
keymaster::RemoteProvisioningContext * GetRemoteProvisioningContext() const override
Definition: proxy_keymaster_context.h:142
cuttlefish::ProxyKeymasterContext::SetAttestationIds
keymaster_error_t SetAttestationIds(const keymaster::SetAttestationIdsRequest &request) override
Definition: proxy_keymaster_context.h:166
cuttlefish::ProxyKeymasterContext::GetKeyFactory
const keymaster::KeyFactory * GetKeyFactory(keymaster_algorithm_t algorithm) const override
Definition: proxy_keymaster_context.h:62
cuttlefish::ProxyKeymasterContext::GetBootPatchlevel
std::optional< uint32_t > GetBootPatchlevel() const override
Definition: proxy_keymaster_context.h:162
cuttlefish::ProxyKeymasterContext::attestation_context
keymaster::AttestationContext * attestation_context() override
Definition: proxy_keymaster_context.h:100
cuttlefish::ProxyKeymasterContext::ParseKeyBlob
keymaster_error_t ParseKeyBlob(const keymaster::KeymasterKeyBlob &blob, const keymaster::AuthorizationSet &additional_params, keymaster::UniquePtr< keymaster::Key > *key) const override
Definition: proxy_keymaster_context.h:84
cuttlefish::ProxyKeymasterContext::SetVerifiedBootInfo
keymaster_error_t SetVerifiedBootInfo(std::string_view verified_boot_state, std::string_view bootloader_state, const std::vector< uint8_t > &vbmeta_digest)
Definition: proxy_keymaster_context.h:153
cuttlefish::ProxyKeymasterContext::GetSystemVersion
void GetSystemVersion(uint32_t *os_version, uint32_t *os_patchlevel) const override
Definition: proxy_keymaster_context.h:57
cuttlefish::ProxyKeymasterContext::GenerateAttestation
keymaster::CertificateChain GenerateAttestation(const keymaster::Key &key, const keymaster::AuthorizationSet &attest_params, keymaster::UniquePtr< keymaster::Key > attest_key, const keymaster::KeymasterBlob &issuer_subject, keymaster_error_t *error) const override
Definition: proxy_keymaster_context.h:104
cuttlefish::ProxyKeymasterContext::GetKmVersion
keymaster::KmVersion GetKmVersion() const override
Definition: proxy_keymaster_context.h:49
cuttlefish::ProxyKeymasterContext::UpgradeKeyBlob
keymaster_error_t UpgradeKeyBlob(const keymaster::KeymasterKeyBlob &key_to_upgrade, const keymaster::AuthorizationSet &upgrade_params, keymaster::KeymasterKeyBlob *upgraded_key) const override
Definition: proxy_keymaster_context.h:76
cuttlefish::ProxyKeymasterContext::AddRngEntropy
keymaster_error_t AddRngEntropy(const uint8_t *buf, size_t length) const override
Definition: proxy_keymaster_context.h:91
cuttlefish::ProxyKeymasterContext::CheckConfirmationToken
keymaster_error_t CheckConfirmationToken(const std::uint8_t *input_data, size_t input_data_size, const uint8_t confirmation_token[keymaster::kConfirmationTokenSize]) const
Definition: proxy_keymaster_context.h:134
cuttlefish::ProxyKeymasterContext::GetSupportedAlgorithms
const keymaster_algorithm_t * GetSupportedAlgorithms(size_t *algorithms_count) const override
Definition: proxy_keymaster_context.h:71
cuttlefish::ProxyKeymasterContext::wrapped_
KeymasterContext & wrapped_
Definition: proxy_keymaster_context.h:177
cuttlefish::ProxyKeymasterContext::SetVendorPatchlevel
keymaster_error_t SetVendorPatchlevel(uint32_t vendor_patchlevel) override
Definition: proxy_keymaster_context.h:147
cuttlefish::ProxyKeymasterContext::SetAttestationIdsKM3
keymaster_error_t SetAttestationIdsKM3(const keymaster::SetAttestationIdsKM3Request &request) override
Definition: proxy_keymaster_context.h:171
cuttlefish::ProxyKeymasterContext::GetOperationFactory
const keymaster::OperationFactory * GetOperationFactory(keymaster_algorithm_t algorithm, keymaster_purpose_t purpose) const override
Definition: proxy_keymaster_context.h:66
cuttlefish::ProxyKeymasterContext::GenerateSelfSignedCertificate
keymaster::CertificateChain GenerateSelfSignedCertificate(const keymaster::Key &key, const keymaster::AuthorizationSet &cert_params, bool fake_signature, keymaster_error_t *error) const override
Definition: proxy_keymaster_context.h:114
cuttlefish::ProxyKeymasterContext::ProxyKeymasterContext
ProxyKeymasterContext(KeymasterContext &wrapped)
Definition: proxy_keymaster_context.h:46
error
#define error(format, args...)
Definition: fec_private.h:201
cuttlefish
Definition: alloc_utils.cpp:23
tpm_attestation_record.h
Generated by doxygen 1.9.4