1//
2// Copyright (C) 2015 The Android Open Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8//      http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15//
16
17#ifndef ATTESTATION_SERVER_KEY_STORE_H_
18#define ATTESTATION_SERVER_KEY_STORE_H_
19
20#include <string>
21
22#include <base/macros.h>
23
24#include "attestation/common/common.pb.h"
25
26namespace attestation {
27
28// A mock-able key storage interface.
29class KeyStore {
30 public:
31  KeyStore() {}
32  virtual ~KeyStore() {}
33
34  // Reads key data from the store for the key identified by |key_label| and by
35  // |username|. On success true is returned and |key_data| is populated.
36  virtual bool Read(const std::string& username,
37                    const std::string& key_label,
38                    std::string* key_data) = 0;
39
40  // Writes key data to the store for the key identified by |key_label| and by
41  // |username|. If such a key already exists the existing data will be
42  // overwritten.
43  virtual bool Write(const std::string& username,
44                     const std::string& key_label,
45                     const std::string& key_data) = 0;
46
47  // Deletes key data for the key identified by |key_label| and by |username|.
48  // Returns false if key data exists but could not be deleted.
49  virtual bool Delete(const std::string& username,
50                      const std::string& key_label) = 0;
51
52  // Deletes key data for all keys identified by |key_prefix| and by |username|
53  // Returns false if key data exists but could not be deleted.
54  virtual bool DeleteByPrefix(const std::string& username,
55                              const std::string& key_prefix) = 0;
56
57  // Registers a key to be associated with |username|.
58  // The provided |label| will be associated with all registered objects.
59  // |private_key_blob| holds the private key in some opaque format and
60  // |public_key_der| holds the public key in PKCS #1 RSAPublicKey format.
61  // If a non-empty |certificate| is provided it will be registered along with
62  // the key. Returns true on success.
63  virtual bool Register(const std::string& username,
64                        const std::string& label,
65                        KeyType key_type,
66                        KeyUsage key_usage,
67                        const std::string& private_key_blob,
68                        const std::string& public_key_der,
69                        const std::string& certificate) = 0;
70
71  // Registers a |certificate| that is not associated to a registered key. The
72  // certificate will be associated with |username|.
73  virtual bool RegisterCertificate(const std::string& username,
74                                   const std::string& certificate) = 0;
75
76 private:
77  DISALLOW_COPY_AND_ASSIGN(KeyStore);
78};
79
80}  // namespace attestation
81
82#endif  // ATTESTATION_SERVER_KEY_STORE_H_
83