authorization_set.h revision 1fa5d591fe6807665092753a5628d8d470888da4
15ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden/* 25ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * Copyright 2014 The Android Open Source Project 35ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * 45ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * Licensed under the Apache License, Version 2.0 (the "License"); 55ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * you may not use this file except in compliance with the License. 65ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * You may obtain a copy of the License at 75ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * 85ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * http://www.apache.org/licenses/LICENSE-2.0 95ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * 105ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * Unless required by applicable law or agreed to in writing, software 115ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * distributed under the License is distributed on an "AS IS" BASIS, 125ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 135ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * See the License for the specific language governing permissions and 145ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * limitations under the License. 155ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 165ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 17b10f3b26af1e3b382d9ef361b3eb5279d16a9c05Shawn Willden#ifndef SYSTEM_KEYMASTER_AUTHORIZATION_SET_H_ 18b10f3b26af1e3b382d9ef361b3eb5279d16a9c05Shawn Willden#define SYSTEM_KEYMASTER_AUTHORIZATION_SET_H_ 195ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 205ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden#include <UniquePtr.h> 215ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 22b9d584d3dacc8041e5502cd0d036e21895eb6dc6Shawn Willden#include <hardware/keymaster_defs.h> 2398d9b92547a9a7553b99e3e941a4175926f95b62Shawn Willden#include <keymaster/keymaster_tags.h> 2498d9b92547a9a7553b99e3e941a4175926f95b62Shawn Willden#include <keymaster/serializable.h> 255ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 265ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willdennamespace keymaster { 275ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 285ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden/** 295ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * A container that manages a set of keymaster_key_param_t objects, providing serialization, 305ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * de-serialization and accessors. 315ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 325ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willdenclass AuthorizationSet : public Serializable { 335ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden public: 345ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden /** 355ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * Construct an empty, dynamically-allocated, growable AuthorizationSet. Does not actually 365ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * allocate any storage until elements are added, so there is no cost to creating an 375ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * AuthorizationSet with this constructor and then reinitializing it to point at pre-allocated 385ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * buffers, with \p Reinitialize. 395ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 405ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden AuthorizationSet() 415ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden : elems_(NULL), elems_size_(0), elems_capacity_(0), indirect_data_(NULL), 42172f8c9be706e27f43022063bbc7f4b0177583acShawn Willden indirect_data_size_(0), indirect_data_capacity_(0), error_(OK) {} 435ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 445ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden /** 455ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * Construct an AuthorizationSet from the provided array. The AuthorizationSet copies the data 465ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * from the provided array (and the data referenced by its embedded pointers, if any) into 475ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * dynamically-allocated storage. If allocation of the needed storage fails, \p is_valid() will 485ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * return ALLOCATION_FAILURE. It is the responsibility of the caller to check before using the 495ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * set, if allocations might fail. 505ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 5158e1a5486219a1be9264d4e863a9dd3e393906c3Shawn Willden AuthorizationSet(const keymaster_key_param_t* elems, size_t count) 5258e1a5486219a1be9264d4e863a9dd3e393906c3Shawn Willden : elems_(NULL), indirect_data_(NULL) { 535ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden Reinitialize(elems, count); 545ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden } 555ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 56cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden AuthorizationSet(const keymaster_key_param_set_t& set) : elems_(NULL), indirect_data_(NULL) { 57cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden Reinitialize(set.params, set.length); 58cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden } 59cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden 6058e1a5486219a1be9264d4e863a9dd3e393906c3Shawn Willden AuthorizationSet(const uint8_t* serialized_set, size_t serialized_size) 6158e1a5486219a1be9264d4e863a9dd3e393906c3Shawn Willden : elems_(NULL), indirect_data_(NULL) { 6258e1a5486219a1be9264d4e863a9dd3e393906c3Shawn Willden Deserialize(&serialized_set, serialized_set + serialized_size); 635ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden } 645ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 6558e1a5486219a1be9264d4e863a9dd3e393906c3Shawn Willden // Copy constructor. 6658e1a5486219a1be9264d4e863a9dd3e393906c3Shawn Willden AuthorizationSet(const AuthorizationSet&); 6758e1a5486219a1be9264d4e863a9dd3e393906c3Shawn Willden 685ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden /** 69941d1c4ad4422a796d90010191c11aef0580295eShawn Willden * Clear existing authorization set data 70941d1c4ad4422a796d90010191c11aef0580295eShawn Willden */ 71941d1c4ad4422a796d90010191c11aef0580295eShawn Willden void Clear(); 72941d1c4ad4422a796d90010191c11aef0580295eShawn Willden 73941d1c4ad4422a796d90010191c11aef0580295eShawn Willden /** 745ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * Reinitialize an AuthorizationSet as a dynamically-allocated, growable copy of the data in the 755ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * provided array (and the data referenced by its embedded pointers, if any). If the allocation 765ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * of the needed storage fails this method will return false and \p is_valid() will return 775ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * ALLOCATION_FAILURE. 785ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 795ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool Reinitialize(const keymaster_key_param_t* elems, size_t count); 805ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 817636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden bool Reinitialize(const AuthorizationSet& set) { 827636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden return Reinitialize(set.elems_, set.elems_size_); 837636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden } 847636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden 8558e1a5486219a1be9264d4e863a9dd3e393906c3Shawn Willden ~AuthorizationSet(); 865ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 875ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden enum Error { 8858e1a5486219a1be9264d4e863a9dd3e393906c3Shawn Willden OK, 895ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden ALLOCATION_FAILURE, 905ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden MALFORMED_DATA, 915ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden }; 925ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 93172f8c9be706e27f43022063bbc7f4b0177583acShawn Willden Error is_valid() const { return error_; } 945ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 955ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden /** 965ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * Returns the size of the set. 975ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 98172f8c9be706e27f43022063bbc7f4b0177583acShawn Willden size_t size() const { return elems_size_; } 997636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden 1007636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden /** 101370121346777e13437c275fbe7a975d899cc325cShawn Willden * Returns the total size of all indirect data referenced by set elements. 102370121346777e13437c275fbe7a975d899cc325cShawn Willden */ 103370121346777e13437c275fbe7a975d899cc325cShawn Willden size_t indirect_size() const { return indirect_data_size_; } 104370121346777e13437c275fbe7a975d899cc325cShawn Willden 105370121346777e13437c275fbe7a975d899cc325cShawn Willden /** 1067636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden * Returns the data in the set, directly. Be careful with this. 1077636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden */ 108be4a2a3e70ada1ee026eaffb7163211161396215Shawn Willden const keymaster_key_param_t* data() const { return elems_; } 109cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden 110cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden /** 111cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden * Returns the data in a keymaster_key_param_set_t, suitable for returning to C code. For C 112cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden * compatibility, the allocated struct and its contents are malloced, not new'ed, and so must be 113cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden * freed with free(), not delete. The caller takes ownership. 114cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden */ 115cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden void CopyToParamSet(keymaster_key_param_set_t* set) const; 1165ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 1175ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden /** 1185ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * Returns the offset of the next entry that matches \p tag, starting from the element after \p 1195ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * begin. If not found, returns -1. 1205ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 1215ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden int find(keymaster_tag_t tag, int begin = -1) const; 1225ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 1235ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden /** 1245ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * Returns the nth element of the set. 1255ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 1265ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden keymaster_key_param_t operator[](int n) const; 1275ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 1285ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden /** 1291fa5d591fe6807665092753a5628d8d470888da4Shawn Willden * Returns the number of \p tag entries. 1301fa5d591fe6807665092753a5628d8d470888da4Shawn Willden */ 1311fa5d591fe6807665092753a5628d8d470888da4Shawn Willden size_t GetTagCount(keymaster_tag_t tag) const; 1321fa5d591fe6807665092753a5628d8d470888da4Shawn Willden 1331fa5d591fe6807665092753a5628d8d470888da4Shawn Willden /** 1345ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * If the specified integer-typed \p tag exists, places its value in \p val and returns true. 1355ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * If \p tag is not present, leaves \p val unmodified and returns false. 1365ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 1375ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden template <keymaster_tag_t T> 1385ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden inline bool GetTagValue(TypedTag<KM_INT, T> tag, uint32_t* val) const { 1395ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden return GetTagValueInt(tag, val); 1405ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden } 1415ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 1425ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden /** 1435ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * If the specified instance of the specified integer-typed \p tag exists, places its value 1445ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * in \p val and returns true. If \p tag is not present, leaves \p val unmodified and returns 1455ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * false. 1465ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 1475ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden template <keymaster_tag_t Tag> 1485ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool GetTagValue(TypedTag<KM_INT_REP, Tag> tag, size_t instance, uint32_t* val) const { 1495ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden return GetTagValueIntRep(tag, instance, val); 1505ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden } 1515ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 1525ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden /** 1535ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * If the specified long-typed \p tag exists, places its value in \p val and returns true. 1545ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * If \p tag is not present, leaves \p val unmodified and returns false. 1555ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 1565ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden template <keymaster_tag_t T> 1575ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden inline bool GetTagValue(TypedTag<KM_LONG, T> tag, uint64_t* val) const { 1585ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden return GetTagValueLong(tag, val); 1595ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden } 1605ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 1615ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden /** 1625ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * If the specified enumeration-typed \p tag exists, places its value in \p val and returns 1635ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * true. If \p tag is not present, leaves \p val unmodified and returns false. 1645ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 1655ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden template <keymaster_tag_t Tag, typename T> 1665ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool GetTagValue(TypedEnumTag<KM_ENUM, Tag, T> tag, T* val) const { 1675ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden return GetTagValueEnum(tag, reinterpret_cast<uint32_t*>(val)); 1685ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden } 1695ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 1705ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden /** 1715ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * If the specified instance of the specified enumeration-typed \p tag exists, places its value 1725ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * in \p val and returns true. If \p tag is not present, leaves \p val unmodified and returns 1735ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * false. 1745ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 1755ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden template <keymaster_tag_t Tag, typename T> 1765ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool GetTagValue(TypedEnumTag<KM_ENUM_REP, Tag, T> tag, size_t instance, T* val) const { 1775ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden return GetTagValueEnumRep(tag, instance, reinterpret_cast<uint32_t*>(val)); 1785ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden } 1795ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 1805ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden /** 1815ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * If the specified date-typed \p tag exists, places its value in \p val and returns 1825ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * true. If \p tag is not present, leaves \p val unmodified and returns false. 1835ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 1845ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden template <keymaster_tag_t Tag> 1855ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool GetTagValue(TypedTag<KM_INT_REP, Tag> tag, size_t instance, 1865ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden typename TypedTag<KM_INT_REP, Tag>::value_type* val) const { 1875ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden return GetTagValueIntRep(tag, instance, val); 1885ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden } 1895ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 1905ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden /** 1915ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * If the specified bytes-typed \p tag exists, places its value in \p val and returns 1925ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * true. If \p tag is not present, leaves \p val unmodified and returns false. 1935ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 1945ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden template <keymaster_tag_t Tag> 1955ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool GetTagValue(TypedTag<KM_BYTES, Tag> tag, keymaster_blob_t* val) const { 1965ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden return GetTagValueBlob(tag, val); 1975ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden } 1985ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 1995ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden /** 2005ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * If the specified bignum-typed \p tag exists, places its value in \p val and returns 2015ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * true. If \p tag is not present, leaves \p val unmodified and returns false. 2025ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 2035ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden template <keymaster_tag_t Tag> 2045ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool GetTagValue(TypedTag<KM_BIGNUM, Tag> tag, keymaster_blob_t* val) const { 20528e41475a2559824a0f3f2c850ed92a65c586f95Shawn Willden return GetTagValueBlob(tag, val); 2065ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden } 2075ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 2085ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden /** 209dfa1c030e941cba4e66b362854d84b19298353c9Shawn Willden * Returns true if the specified tag is present, and therefore has the value 'true'. 210dfa1c030e941cba4e66b362854d84b19298353c9Shawn Willden */ 211dfa1c030e941cba4e66b362854d84b19298353c9Shawn Willden template <keymaster_tag_t Tag> 212dfa1c030e941cba4e66b362854d84b19298353c9Shawn Willden bool GetTagValue(TypedTag<KM_BOOL, Tag> tag) const { 213dfa1c030e941cba4e66b362854d84b19298353c9Shawn Willden return GetTagValueBool(tag); 214dfa1c030e941cba4e66b362854d84b19298353c9Shawn Willden } 215dfa1c030e941cba4e66b362854d84b19298353c9Shawn Willden 216dfa1c030e941cba4e66b362854d84b19298353c9Shawn Willden /** 2175ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * If the specified \p tag exists, places its value in \p val and returns true. If \p tag is 2185ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden * not present, leaves \p val unmodified and returns false. 2195ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden */ 2205ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden template <keymaster_tag_t Tag, keymaster_tag_type_t Type> 2215ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool GetTagValue(TypedTag<Type, Tag> tag, typename TagValueType<Type>::value_type* val) const { 2225ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden return GetTagValueLong(tag, val); 2235ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden } 2245ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 2255ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool push_back(keymaster_key_param_t elem); 2265ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 227370121346777e13437c275fbe7a975d899cc325cShawn Willden /** 228370121346777e13437c275fbe7a975d899cc325cShawn Willden * Grow the elements array to ensure it can contain \p count entries. Preserves any existing 229370121346777e13437c275fbe7a975d899cc325cShawn Willden * entries. 230370121346777e13437c275fbe7a975d899cc325cShawn Willden */ 231370121346777e13437c275fbe7a975d899cc325cShawn Willden bool reserve_elems(size_t count); 232370121346777e13437c275fbe7a975d899cc325cShawn Willden 233370121346777e13437c275fbe7a975d899cc325cShawn Willden /** 234370121346777e13437c275fbe7a975d899cc325cShawn Willden * Grow the indirect data array to ensure it can contain \p length bytes. Preserves any 235370121346777e13437c275fbe7a975d899cc325cShawn Willden * existing indirect data. 236370121346777e13437c275fbe7a975d899cc325cShawn Willden */ 237370121346777e13437c275fbe7a975d899cc325cShawn Willden bool reserve_indirect(size_t length); 238370121346777e13437c275fbe7a975d899cc325cShawn Willden 239370121346777e13437c275fbe7a975d899cc325cShawn Willden bool push_back(const AuthorizationSet& set); 240370121346777e13437c275fbe7a975d899cc325cShawn Willden 241cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden /** 242cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden * Append the tag and enumerated value to the set. 243cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden */ 2445ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden template <keymaster_tag_t Tag, keymaster_tag_type_t Type, typename KeymasterEnum> 2455ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool push_back(TypedEnumTag<Type, Tag, KeymasterEnum> tag, KeymasterEnum val) { 2465ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden return push_back(Authorization(tag, val)); 2475ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden } 2485ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 249cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden /** 250cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden * Append the boolean tag (value "true") to the set. 251cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden */ 2525ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden template <keymaster_tag_t Tag> bool push_back(TypedTag<KM_BOOL, Tag> tag) { 2535ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden return push_back(Authorization(tag)); 2545ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden } 2555ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 256cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden /** 257cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden * Append the tag and byte array to the set. Copies the array into internal storage; does not 258cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden * take ownership of the passed-in array. 259cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden */ 2607636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden template <keymaster_tag_t Tag> 2617636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden bool push_back(TypedTag<KM_BYTES, Tag> tag, const void* bytes, size_t bytes_len) { 2627636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden return push_back(keymaster_param_blob(tag, static_cast<const uint8_t*>(bytes), bytes_len)); 2637636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden } 2647636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden 265cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden /** 266cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden * Append the tag and blob to the set. Copies the blob contents into internal storage; does not 267cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden * take ownership of the blob's data. 268cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden */ 269cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden template <keymaster_tag_t Tag> 270cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden bool push_back(TypedTag<KM_BYTES, Tag> tag, const keymaster_blob_t& blob) { 271cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden return push_back(tag, blob.data, blob.data_length); 272cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden } 273cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden 274cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden /** 275cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden * Append the tag and bignum array to the set. Copies the array into internal storage; does not 276cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden * take ownership of the passed-in array. 277cb0d64b02d0df2b9eb692c5b0ea5c36db1000e9aShawn Willden */ 2787636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden template <keymaster_tag_t Tag> 2797636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden bool push_back(TypedTag<KM_BIGNUM, Tag> tag, const void* bytes, size_t bytes_len) { 2807636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden return push_back(keymaster_param_blob(tag, static_cast<const uint8_t*>(bytes), bytes_len)); 2817636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden } 2827636471bd1c553ac179f0dddc17133491d0e1fafShawn Willden 2835ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden template <keymaster_tag_t Tag, keymaster_tag_type_t Type> 2845ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool push_back(TypedTag<Type, Tag> tag, typename TypedTag<Type, Tag>::value_type val) { 2855ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden return push_back(Authorization(tag, val)); 2865ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden } 2875ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 2885ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden template <keymaster_tag_t Tag, keymaster_tag_type_t Type> 2895ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool push_back(TypedTag<Type, Tag> tag, const void* bytes, size_t bytes_len) { 2905ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden return push_back(Authorization(tag, bytes, bytes_len)); 2915ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden } 2925ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 29358e1a5486219a1be9264d4e863a9dd3e393906c3Shawn Willden /* Virtual methods from Serializable */ 29458e1a5486219a1be9264d4e863a9dd3e393906c3Shawn Willden size_t SerializedSize() const; 29558e1a5486219a1be9264d4e863a9dd3e393906c3Shawn Willden uint8_t* Serialize(uint8_t* serialized_set, const uint8_t* end) const; 296172f8c9be706e27f43022063bbc7f4b0177583acShawn Willden bool Deserialize(const uint8_t** buf_ptr, const uint8_t* end); 2975ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 2988d336ae10df66da4c0433f17c2d42e85baea32c5Shawn Willden size_t SerializedSizeOfElements() const; 2998d336ae10df66da4c0433f17c2d42e85baea32c5Shawn Willden 3005ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden private: 30158e1a5486219a1be9264d4e863a9dd3e393906c3Shawn Willden // Disallow assignment 30258e1a5486219a1be9264d4e863a9dd3e393906c3Shawn Willden void operator=(const AuthorizationSet&); 30358e1a5486219a1be9264d4e863a9dd3e393906c3Shawn Willden 3045ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden void FreeData(); 3055ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden void set_invalid(Error err); 3065ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 3075ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden static size_t ComputeIndirectDataSize(const keymaster_key_param_t* elems, size_t count); 3085ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden void CopyIndirectData(); 3098d336ae10df66da4c0433f17c2d42e85baea32c5Shawn Willden bool CheckIndirectData(); 3105ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 311370121346777e13437c275fbe7a975d899cc325cShawn Willden bool DeserializeIndirectData(const uint8_t** buf_ptr, const uint8_t* end); 312370121346777e13437c275fbe7a975d899cc325cShawn Willden bool DeserializeElementsData(const uint8_t** buf_ptr, const uint8_t* end); 313370121346777e13437c275fbe7a975d899cc325cShawn Willden 3145ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool GetTagValueEnum(keymaster_tag_t tag, uint32_t* val) const; 3155ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool GetTagValueEnumRep(keymaster_tag_t tag, size_t instance, uint32_t* val) const; 3165ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool GetTagValueInt(keymaster_tag_t tag, uint32_t* val) const; 3175ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool GetTagValueIntRep(keymaster_tag_t tag, size_t instance, uint32_t* val) const; 3185ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool GetTagValueLong(keymaster_tag_t tag, uint64_t* val) const; 3195ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool GetTagValueDate(keymaster_tag_t tag, uint64_t* val) const; 3205ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden bool GetTagValueBlob(keymaster_tag_t tag, keymaster_blob_t* val) const; 321dfa1c030e941cba4e66b362854d84b19298353c9Shawn Willden bool GetTagValueBool(keymaster_tag_t tag) const; 3225ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 3235ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden keymaster_key_param_t* elems_; 3245ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden size_t elems_size_; 3255ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden size_t elems_capacity_; 3265ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden uint8_t* indirect_data_; 3275ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden size_t indirect_data_size_; 3285ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden size_t indirect_data_capacity_; 3295ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden Error error_; 3305ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden}; 3315ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 3325ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden} // namespace keymaster 3335ada7b6c525d2bfd5b556a698ccb11db23e052bbShawn Willden 334b10f3b26af1e3b382d9ef361b3eb5279d16a9c05Shawn Willden#endif // SYSTEM_KEYMASTER_KEY_AUTHORIZATION_SET_H_ 335