163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden/* 263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Copyright 2017 The Android Open Source Project 363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * 463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Licensed under the Apache License, Version 2.0 (the "License"); 563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * you may not use this file except in compliance with the License. 663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * You may obtain a copy of the License at 763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * 863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * http://www.apache.org/licenses/LICENSE-2.0 963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * 1063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Unless required by applicable law or agreed to in writing, software 1163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * distributed under the License is distributed on an "AS IS" BASIS, 1263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * See the License for the specific language governing permissions and 1463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * limitations under the License. 1563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 1663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 1763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden#ifndef HARDWARE_INTERFACES_KEYMASTER_30_VTS_FUNCTIONAL_AUTHORIZATION_SET_H_ 1863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden#define HARDWARE_INTERFACES_KEYMASTER_30_VTS_FUNCTIONAL_AUTHORIZATION_SET_H_ 1963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 2063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden#include "keymaster_tags.h" 2163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 2263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden#include <utility> 2363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden#include <vector> 2463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 2563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdennamespace android { 2663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdennamespace hardware { 2763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdennamespace keymaster { 2863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdennamespace V3_0 { 2963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 3063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdenclass AuthorizationSetBuilder; 3163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 3263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden/** 3363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * An ordered collection of KeyParameters. It provides memory ownership and some convenient 3463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * functionality for sorting, deduplicating, joining, and subtracting sets of KeyParameters. 3563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * For serialization, wrap the backing store of this structure in a hidl_vec<KeyParameter>. 3663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 3763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdenclass AuthorizationSet { 3863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden public: 3963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden typedef KeyParameter value_type; 4063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 4163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 4263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Construct an empty, dynamically-allocated, growable AuthorizationSet. 4363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 4463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSet(){}; 4563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 4663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden // Copy constructor. 4763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSet(const AuthorizationSet& other) : data_(other.data_) {} 4863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 4963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden // Move constructor. 5063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSet(AuthorizationSet&& other) : data_(std::move(other.data_)) {} 5163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 5263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden // Constructor from hidl_vec<KeyParameter> 5363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSet(const hidl_vec<KeyParameter>& other) { *this = other; } 5463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 5563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden // Copy assignment. 5663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSet& operator=(const AuthorizationSet& other) { 5763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden data_ = other.data_; 5863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return *this; 5963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 6063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 6163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden // Move assignment. 6263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSet& operator=(AuthorizationSet&& other) { 6363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden data_ = std::move(other.data_); 6463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return *this; 6563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 6663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 6763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSet& operator=(const hidl_vec<KeyParameter>& other) { 6863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden if (other.size() > 0) { 6963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden data_.resize(other.size()); 7063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden for (size_t i = 0; i < data_.size(); ++i) { 7163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /* This makes a deep copy even of embedded blobs. 7263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * See assignment operator/copy constructor of hidl_vec.*/ 7363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden data_[i] = other[i]; 7463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 7563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 7663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return *this; 7763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 7863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 7963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 8063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Clear existing authorization set data 8163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 8263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden void Clear(); 8363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 8463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden ~AuthorizationSet() = default; 8563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 8663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 8763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Returns the size of the set. 8863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 8963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden size_t size() const { return data_.size(); } 9063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 9163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 9263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Returns true if the set is empty. 9363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 9463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden bool empty() const { return size() == 0; } 9563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 9663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 9763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Returns the data in the set, directly. Be careful with this. 9863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 9963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden const KeyParameter* data() const { return data_.data(); } 10063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 10163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 10263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Sorts the set 10363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 10463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden void Sort(); 10563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 10663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 10763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Sorts the set and removes duplicates (inadvertently duplicating tags is easy to do with the 10863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * AuthorizationSetBuilder). 10963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 11063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden void Deduplicate(); 11163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 11263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 11363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Adds all elements from \p set that are not already present in this AuthorizationSet. As a 11463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * side-effect, if \p set is not null this AuthorizationSet will end up sorted. 11563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 11663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden void Union(const AuthorizationSet& set); 11763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 11863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 11963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Removes all elements in \p set from this AuthorizationSet. 12063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 12163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden void Subtract(const AuthorizationSet& set); 12263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 12363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 12463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Returns the offset of the next entry that matches \p tag, starting from the element after \p 12563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * begin. If not found, returns -1. 12663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 12763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden int find(Tag tag, int begin = -1) const; 12863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 12963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 13063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Removes the entry at the specified index. Returns true if successful, false if the index was 13163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * out of bounds. 13263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 13363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden bool erase(int index); 13463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 13563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 13663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Returns iterator (pointer) to beginning of elems array, to enable STL-style iteration 13763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 13863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden std::vector<KeyParameter>::const_iterator begin() const { return data_.begin(); } 13963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 14063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 14163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Returns iterator (pointer) one past end of elems array, to enable STL-style iteration 14263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 14363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden std::vector<KeyParameter>::const_iterator end() const { return data_.end(); } 14463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 14563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 14663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Returns the nth element of the set. 14763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Like for std::vector::operator[] there is no range check performed. Use of out of range 14863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * indices is undefined. 14963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 15063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden KeyParameter& operator[](int n); 15163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 15263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 15363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Returns the nth element of the set. 15463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Like for std::vector::operator[] there is no range check performed. Use of out of range 15563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * indices is undefined. 15663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 15763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden const KeyParameter& operator[](int n) const; 15863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 15963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 16063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Returns true if the set contains at least one instance of \p tag 16163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 16263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden bool Contains(Tag tag) const { return find(tag) != -1; } 16363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 16463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden template <typename T> bool Contains(T tag) const { return find(tag) != -1; } 16563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 16663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden template <TagType tag_type, Tag tag, typename ValueT> 16763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden bool Contains(TypedTag<tag_type, tag> ttag, const ValueT& value) const { 16863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden for (const auto& param : data_) { 16963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden auto entry = authorizationValue(ttag, param); 17063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden if (entry.isOk() && static_cast<ValueT>(entry.value()) == value) return true; 17163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 17263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return false; 17363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 17463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 17563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Returns the number of \p tag entries. 17663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 17763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden size_t GetTagCount(Tag tag) const; 17863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 17963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden template <typename T> 18063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden inline NullOr<const typename TypedTag2ValueType<T>::type&> GetTagValue(T tag) const { 18163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden auto entry = GetEntry(tag); 18263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden if (entry.isOk()) return authorizationValue(tag, entry.value()); 18363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return {}; 18463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 18563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 18663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden void push_back(const KeyParameter& param) { data_.push_back(param); } 18763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden void push_back(KeyParameter&& param) { data_.push_back(std::move(param)); } 18863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 18963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden void push_back(const AuthorizationSet& set) { 19063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden for (auto& entry : set) { 19163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden push_back(entry); 19263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 19363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 19463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 19563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden void push_back(AuthorizationSet&& set) { 19663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden move(set.begin(), set.end()); 19763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden set.Clear(); 19863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 19963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 20063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden template <Tag tag> 20163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden void push_back(TypedTag<TagType::BYTES, tag> ttag, const uint8_t* data, size_t data_length) { 20263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden hidl_vec<uint8_t> new_blob; 20363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden new_blob.setToExternal(const_cast<uint8_t*>(data), data_length); 20463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden push_back(ttag, std::move(new_blob)); 20563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 20663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 20763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden /** 20863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * Append the tag and enumerated value to the set. 20963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * "val" may be exactly one parameter unless a boolean parameter is added. 21063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden * In this case "val" is omitted. This condition is checked at compile time by Authorization() 21163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden */ 21263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden template <typename TypedTagT, typename... Value> void push_back(TypedTagT tag, Value&&... val) { 21363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden push_back(Authorization(tag, std::forward<Value>(val)...)); 21463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 21563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 21663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden template <typename Iterator> void push_back(Iterator begin, Iterator end) { 21763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden while (begin != end) { 21863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden push_back(*begin); 21963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden ++begin; 22063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 22163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 22263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 22363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden template <typename Iterator> void move(Iterator begin, Iterator end) { 22463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden std::move(begin, end, std::back_inserter(data_)); 22563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 22663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 22763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden hidl_vec<KeyParameter> hidl_data() const { 22863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden hidl_vec<KeyParameter> result; 22963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden result.setToExternal(const_cast<KeyParameter*>(data()), size()); 23063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return result; 23163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 23263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 23363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden void Serialize(std::ostream* out) const; 23463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden void Deserialize(std::istream* in); 23563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 23663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden private: 23763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden NullOr<const KeyParameter&> GetEntry(Tag tag) const; 23863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 23963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden std::vector<KeyParameter> data_; 24063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden}; 24163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 24263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdenclass AuthorizationSetBuilder : public AuthorizationSet { 24363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden public: 24463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden template <typename TagType, typename... ValueType> 24563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& Authorization(TagType ttag, ValueType&&... value) { 24663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden push_back(ttag, std::forward<ValueType>(value)...); 24763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return *this; 24863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 24963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 25063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden template <Tag tag> 25163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& Authorization(TypedTag<TagType::BYTES, tag> ttag, const uint8_t* data, 25263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden size_t data_length) { 25363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden hidl_vec<uint8_t> new_blob; 25463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden new_blob.setToExternal(const_cast<uint8_t*>(data), data_length); 25563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden push_back(ttag, std::move(new_blob)); 25663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return *this; 25763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 25863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 25963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden template <Tag tag> 26063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& Authorization(TypedTag<TagType::BYTES, tag> ttag, const char* data, 26163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden size_t data_length) { 26263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return Authorization(ttag, reinterpret_cast<const uint8_t*>(data), data_length); 26363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 26463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 26563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& Authorizations(AuthorizationSet&& set); 26663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& Authorizations(const AuthorizationSet& set); 26763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 26863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& RsaKey(uint32_t key_size, uint64_t public_exponent); 26963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& EcdsaKey(uint32_t key_size); 27063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& EcdsaKey(EcCurve curve); 27163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& AesKey(uint32_t key_size); 27263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& HmacKey(uint32_t key_size); 27363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 27463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& RsaSigningKey(uint32_t key_size, uint64_t public_exponent); 27563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& RsaEncryptionKey(uint32_t key_size, uint64_t public_exponent); 27663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& EcdsaSigningKey(uint32_t key_size); 27763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& EcdsaSigningKey(EcCurve curve); 27863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& AesEncryptionKey(uint32_t key_size); 27963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 28063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& SigningKey(); 28163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& EncryptionKey(); 28263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& NoDigestOrPadding(); 28363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& EcbMode(); 28463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 28563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& BlockMode(std::initializer_list<BlockMode> block_modes); 28663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& Digest(std::initializer_list<Digest> digests); 28763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AuthorizationSetBuilder& Padding(std::initializer_list<PaddingMode> padding_modes); 28863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 28963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden // The following forwarding templates enable BlockMode,Digest and Padding to be called with a 29063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden // variable number of arguments; no need to wrap them in braces to make them an initalizer_list. 29163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden template <typename... T> AuthorizationSetBuilder& BlockMode(T&&... a) { 29263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return BlockMode({std::forward<T>(a)...}); 29363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 29463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden template <typename... T> AuthorizationSetBuilder& Digest(T&&... a) { 29563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return Digest({std::forward<T>(a)...}); 29663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 29763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden template <typename... T> AuthorizationSetBuilder& Padding(T&&... a) { 29863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return Padding({std::forward<T>(a)...}); 29963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 30063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden}; 30163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 30263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& AuthorizationSetBuilder::Authorizations(AuthorizationSet&& set) { 30363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden move(set.begin(), set.end()); 30463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden set.Clear(); 30563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return *this; 30663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 30763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 30863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& 30963e15f079062579a1b1866026eee0fca5d677fb7Shawn WilldenAuthorizationSetBuilder::Authorizations(const AuthorizationSet& set) { 31063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden push_back(set.begin(), set.end()); 31163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return *this; 31263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 31363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 31463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& AuthorizationSetBuilder::RsaKey(uint32_t key_size, 31563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden uint64_t public_exponent) { 31663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden Authorization(TAG_ALGORITHM, Algorithm::RSA); 31763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden Authorization(TAG_KEY_SIZE, key_size); 31863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden Authorization(TAG_RSA_PUBLIC_EXPONENT, public_exponent); 31963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return *this; 32063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 32163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 32263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& AuthorizationSetBuilder::EcdsaKey(uint32_t key_size) { 32363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden Authorization(TAG_ALGORITHM, Algorithm::EC); 32463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden Authorization(TAG_KEY_SIZE, key_size); 32563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return *this; 32663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 32763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 32863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& AuthorizationSetBuilder::EcdsaKey(EcCurve curve) { 32963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden Authorization(TAG_ALGORITHM, Algorithm::EC); 33063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden Authorization(TAG_EC_CURVE, curve); 33163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return *this; 33263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 33363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 33463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& AuthorizationSetBuilder::AesKey(uint32_t key_size) { 33563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden Authorization(TAG_ALGORITHM, Algorithm::AES); 33663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return Authorization(TAG_KEY_SIZE, key_size); 33763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 33863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 33963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& AuthorizationSetBuilder::HmacKey(uint32_t key_size) { 34063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden Authorization(TAG_ALGORITHM, Algorithm::HMAC); 34163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden Authorization(TAG_KEY_SIZE, key_size); 34263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return SigningKey(); 34363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 34463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 34563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& AuthorizationSetBuilder::RsaSigningKey(uint32_t key_size, 34663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden uint64_t public_exponent) { 34763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden RsaKey(key_size, public_exponent); 34863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return SigningKey(); 34963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 35063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 35163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& 35263e15f079062579a1b1866026eee0fca5d677fb7Shawn WilldenAuthorizationSetBuilder::RsaEncryptionKey(uint32_t key_size, uint64_t public_exponent) { 35363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden RsaKey(key_size, public_exponent); 35463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return EncryptionKey(); 35563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 35663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 35763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& AuthorizationSetBuilder::EcdsaSigningKey(uint32_t key_size) { 35863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden EcdsaKey(key_size); 35963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return SigningKey(); 36063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 36163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 36263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& AuthorizationSetBuilder::EcdsaSigningKey(EcCurve curve) { 36363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden EcdsaKey(curve); 36463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return SigningKey(); 36563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 36663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 36763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& AuthorizationSetBuilder::AesEncryptionKey(uint32_t key_size) { 36863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden AesKey(key_size); 36963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return EncryptionKey(); 37063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 37163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 37263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& AuthorizationSetBuilder::SigningKey() { 37363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden Authorization(TAG_PURPOSE, KeyPurpose::SIGN); 37463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return Authorization(TAG_PURPOSE, KeyPurpose::VERIFY); 37563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 37663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 37763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& AuthorizationSetBuilder::EncryptionKey() { 37863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden Authorization(TAG_PURPOSE, KeyPurpose::ENCRYPT); 37963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return Authorization(TAG_PURPOSE, KeyPurpose::DECRYPT); 38063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 38163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 38263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& AuthorizationSetBuilder::NoDigestOrPadding() { 38363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden Authorization(TAG_DIGEST, Digest::NONE); 38463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return Authorization(TAG_PADDING, PaddingMode::NONE); 38563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 38663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 38763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& AuthorizationSetBuilder::EcbMode() { 38863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return BlockMode(BlockMode::ECB); 38963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 39063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 39163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& 39263e15f079062579a1b1866026eee0fca5d677fb7Shawn WilldenAuthorizationSetBuilder::BlockMode(std::initializer_list<V3_0::BlockMode> block_modes) { 39363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden for (auto block_mode : block_modes) { 39463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden Authorization(TAG_BLOCK_MODE, block_mode); 39563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 39663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return *this; 39763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 39863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 39963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& 40063e15f079062579a1b1866026eee0fca5d677fb7Shawn WilldenAuthorizationSetBuilder::Digest(std::initializer_list<V3_0::Digest> digests) { 40163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden for (auto digest : digests) { 40263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden Authorization(TAG_DIGEST, digest); 40363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 40463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return *this; 40563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 40663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 40763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willdeninline AuthorizationSetBuilder& 40863e15f079062579a1b1866026eee0fca5d677fb7Shawn WilldenAuthorizationSetBuilder::Padding(std::initializer_list<V3_0::PaddingMode> padding_modes) { 40963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden for (auto padding : padding_modes) { 41063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden Authorization(TAG_PADDING, padding); 41163e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden } 41263e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden return *this; 41363e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} 41463e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 41563e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} // namespace V3_0 41663e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} // namespace keymaster 41763e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} // namespace hardware 41863e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden} // namespace android 41963e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden 42063e15f079062579a1b1866026eee0fca5d677fb7Shawn Willden#endif // HARDWARE_INTERFACES_KEYMASTER_30_VTS_FUNCTIONAL_AUTHORIZATION_SET_H_ 421