1d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden/* 2d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * Copyright 2015 The Android Open Source Project 3d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * 4d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * Licensed under the Apache License, Version 2.0 (the "License"); 5d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * you may not use this file except in compliance with the License. 6d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * You may obtain a copy of the License at 7d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * 8d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * http://www.apache.org/licenses/LICENSE-2.0 9d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * 10d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * Unless required by applicable law or agreed to in writing, software 11d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * distributed under the License is distributed on an "AS IS" BASIS, 12d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * See the License for the specific language governing permissions and 14d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * limitations under the License. 15d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden */ 16d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 17d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#ifndef SYSTEM_KEYMASTER_RSA_KEYMASTER1_KEY_H_ 18d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#define SYSTEM_KEYMASTER_RSA_KEYMASTER1_KEY_H_ 19d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 20d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#include <openssl/rsa.h> 21d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 22d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#include <keymaster/rsa_key_factory.h> 23d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 24d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#include "keymaster1_engine.h" 25d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#include "rsa_key.h" 26d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 27d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willdennamespace keymaster { 28d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 29d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willdenclass SoftKeymasterContext; 30d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 31d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden/** 32d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * RsaKeymaster1KeyFactory is a KeyFactory that creates and loads keys which are actually backed by 33d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * a hardware keymaster1 module, but which does not support all keymaster1 digests. If unsupported 34d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * digests are found during generation or import, KM_DIGEST_NONE is added to the key description, 35d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * then the operations handle the unsupported digests in software. 36d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * 37d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * If unsupported digests are requested and KM_PAD_RSA_PSS or KM_PAD_RSA_OAEP is also requested, but 38d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * KM_PAD_NONE is not present KM_PAD_NONE will be added to the description, to allow for 39d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden * software padding as well as software digesting. 40d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden */ 41d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willdenclass RsaKeymaster1KeyFactory : public RsaKeyFactory { 42d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden public: 43d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden RsaKeymaster1KeyFactory(const SoftKeymasterContext* context, const Keymaster1Engine* engine); 44d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 45d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden keymaster_error_t GenerateKey(const AuthorizationSet& key_description, 46d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden KeymasterKeyBlob* key_blob, AuthorizationSet* hw_enforced, 47d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden AuthorizationSet* sw_enforced) const override; 48d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 49d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden keymaster_error_t ImportKey(const AuthorizationSet& key_description, 50d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden keymaster_key_format_t input_key_material_format, 51d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden const KeymasterKeyBlob& input_key_material, 52d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden KeymasterKeyBlob* output_key_blob, AuthorizationSet* hw_enforced, 53d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden AuthorizationSet* sw_enforced) const override; 54d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 55d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden keymaster_error_t LoadKey(const KeymasterKeyBlob& key_material, 56d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden const AuthorizationSet& additional_params, 57d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden const AuthorizationSet& hw_enforced, 58d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden const AuthorizationSet& sw_enforced, 59d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden UniquePtr<Key>* key) const override; 60d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 61d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden OperationFactory* GetOperationFactory(keymaster_purpose_t purpose) const override; 62d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 63d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden private: 64d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden const Keymaster1Engine* engine_; 65d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 66d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden std::unique_ptr<OperationFactory> sign_factory_; 67d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden std::unique_ptr<OperationFactory> decrypt_factory_; 68d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden std::unique_ptr<OperationFactory> verify_factory_; 69d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden std::unique_ptr<OperationFactory> encrypt_factory_; 70d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden}; 71d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 72d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willdenclass RsaKeymaster1Key : public RsaKey { 73d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden public: 74d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden RsaKeymaster1Key(RSA* rsa_key, const AuthorizationSet& hw_enforced, 754fc15704d86aab977c2bdbb14345a2c417be2babShawn Willden const AuthorizationSet& sw_enforced, keymaster_error_t* error) 764fc15704d86aab977c2bdbb14345a2c417be2babShawn Willden : RsaKey(rsa_key, hw_enforced, sw_enforced, error) {} 77d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden}; 78d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 79d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden} // namespace keymaster 80d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden 81d599b15c0693950bdc72fb867872044fdc484ef5Shawn Willden#endif // SYSTEM_KEYMASTER_RSA_KEYMASTER1_KEY_H_ 82