11e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden/* 21e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Copyright 2017 The Android Open Source Project 31e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * 41e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Licensed under the Apache License, Version 2.0 (the "License"); 51e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * you may not use this file except in compliance with the License. 61e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * You may obtain a copy of the License at 71e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * 81e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * http://www.apache.org/licenses/LICENSE-2.0 91e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * 101e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Unless required by applicable law or agreed to in writing, software 111e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * distributed under the License is distributed on an "AS IS" BASIS, 121e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 131e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * See the License for the specific language governing permissions and 141e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * limitations under the License. 151e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 161e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 171e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden#ifndef SYSTEM_SECURITY_KEYSTORE_KM4_AUTHORIZATION_SET_H_ 181e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden#define SYSTEM_SECURITY_KEYSTORE_KM4_AUTHORIZATION_SET_H_ 191e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 201e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden#include <vector> 211e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 221e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden#include <keymasterV4_0/keymaster_tags.h> 231e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 241e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willdennamespace android { 251e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willdennamespace hardware { 261e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willdennamespace keymaster { 271e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willdennamespace V4_0 { 281e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 291e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willdenclass AuthorizationSetBuilder; 301e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 311e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden/** 321e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * An ordered collection of KeyParameters. It provides memory ownership and some convenient 331e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * functionality for sorting, deduplicating, joining, and subtracting sets of KeyParameters. 341e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * For serialization, wrap the backing store of this structure in a hidl_vec<KeyParameter>. 351e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 361e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willdenclass AuthorizationSet { 371e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden public: 381e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden typedef KeyParameter value_type; 391e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 401e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 411e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Construct an empty, dynamically-allocated, growable AuthorizationSet. 421e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 431e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSet(){}; 441e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 451e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden // Copy constructor. 461e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSet(const AuthorizationSet& other) : data_(other.data_) {} 471e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 481e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden // Move constructor. 491e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSet(AuthorizationSet&& other) : data_(std::move(other.data_)) {} 501e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 511e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden // Constructor from hidl_vec<KeyParameter> 521e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSet(const hidl_vec<KeyParameter>& other) { *this = other; } 531e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 541e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden // Copy assignment. 551e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSet& operator=(const AuthorizationSet& other) { 561e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden data_ = other.data_; 571e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden return *this; 581e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 591e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 601e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden // Move assignment. 611e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSet& operator=(AuthorizationSet&& other) { 621e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden data_ = std::move(other.data_); 631e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden return *this; 641e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 651e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 661e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSet& operator=(const hidl_vec<KeyParameter>& other) { 671e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden if (other.size() > 0) { 681e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden data_.resize(other.size()); 691e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden for (size_t i = 0; i < data_.size(); ++i) { 701e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /* This makes a deep copy even of embedded blobs. 711e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * See assignment operator/copy constructor of hidl_vec.*/ 721e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden data_[i] = other[i]; 731e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 741e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 751e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden return *this; 761e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 771e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 781e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 791e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Clear existing authorization set data 801e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 811e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden void Clear(); 821e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 831e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden ~AuthorizationSet() = default; 841e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 851e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 861e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Returns the size of the set. 871e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 881e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden size_t size() const { return data_.size(); } 891e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 901e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 911e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Returns true if the set is empty. 921e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 931e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden bool empty() const { return size() == 0; } 941e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 951e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 961e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Returns the data in the set, directly. Be careful with this. 971e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 981e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden const KeyParameter* data() const { return data_.data(); } 991e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 1001e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 1011e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Sorts the set 1021e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 1031e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden void Sort(); 1041e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 1051e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 1061e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Sorts the set and removes duplicates (inadvertently duplicating tags is easy to do with the 1071e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * AuthorizationSetBuilder). 1081e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 1091e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden void Deduplicate(); 1101e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 1111e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 1121e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Adds all elements from \p set that are not already present in this AuthorizationSet. As a 1131e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * side-effect, if \p set is not null this AuthorizationSet will end up sorted. 1141e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 1151e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden void Union(const AuthorizationSet& set); 1161e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 1171e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 1181e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Removes all elements in \p set from this AuthorizationSet. 1191e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 1201e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden void Subtract(const AuthorizationSet& set); 1211e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 1221e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 1231e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Returns the offset of the next entry that matches \p tag, starting from the element after \p 1241e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * begin. If not found, returns -1. 1251e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 1261e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden int find(Tag tag, int begin = -1) const; 1271e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 1281e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 1291e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Removes the entry at the specified index. Returns true if successful, false if the index was 1301e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * out of bounds. 1311e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 1321e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden bool erase(int index); 1331e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 1341e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 1351e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Returns iterator (pointer) to beginning of elems array, to enable STL-style iteration 1361e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 1371e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden std::vector<KeyParameter>::const_iterator begin() const { return data_.begin(); } 1381e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 1391e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 1401e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Returns iterator (pointer) one past end of elems array, to enable STL-style iteration 1411e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 1421e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden std::vector<KeyParameter>::const_iterator end() const { return data_.end(); } 1431e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 1441e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 1451e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Returns the nth element of the set. 1461e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Like for std::vector::operator[] there is no range check performed. Use of out of range 1471e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * indices is undefined. 1481e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 1491e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden KeyParameter& operator[](int n); 1501e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 1511e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 1521e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Returns the nth element of the set. 1531e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Like for std::vector::operator[] there is no range check performed. Use of out of range 1541e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * indices is undefined. 1551e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 1561e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden const KeyParameter& operator[](int n) const; 1571e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 1581e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 1591e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Returns true if the set contains at least one instance of \p tag 1601e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 1611e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden bool Contains(Tag tag) const { return find(tag) != -1; } 1621e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 1631e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden template <TagType tag_type, Tag tag, typename ValueT> 1641e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden bool Contains(TypedTag<tag_type, tag> ttag, const ValueT& value) const { 1651e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden for (const auto& param : data_) { 1661e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden auto entry = authorizationValue(ttag, param); 1671e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden if (entry.isOk() && static_cast<ValueT>(entry.value()) == value) return true; 1681e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 1691e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden return false; 1701e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 1711e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 1721e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Returns the number of \p tag entries. 1731e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 1741e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden size_t GetTagCount(Tag tag) const; 1751e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 1761e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden template <typename T> 1771e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden inline NullOr<const typename TypedTag2ValueType<T>::type&> GetTagValue(T tag) const { 1781e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden auto entry = GetEntry(tag); 1791e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden if (entry.isOk()) return authorizationValue(tag, entry.value()); 1801e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden return {}; 1811e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 1821e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 1831e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden void push_back(const KeyParameter& param) { data_.push_back(param); } 1841e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden void push_back(KeyParameter&& param) { data_.push_back(std::move(param)); } 1851e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden void push_back(const AuthorizationSet& set) { 1861e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden for (auto& entry : set) { 1871e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden push_back(entry); 1881e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 1891e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 1901e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden void push_back(AuthorizationSet&& set) { 1911e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden std::move(set.begin(), set.end(), std::back_inserter(*this)); 1921e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 1931e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 1941e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden /** 1951e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * Append the tag and enumerated value to the set. 1961e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * "val" may be exactly one parameter unless a boolean parameter is added. 1971e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden * In this case "val" is omitted. This condition is checked at compile time by Authorization() 1981e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden */ 1991e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden template <typename TypedTagT, typename... Value> 2001e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden void push_back(TypedTagT tag, Value&&... val) { 2011e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden push_back(Authorization(tag, std::forward<Value>(val)...)); 2021e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 2031e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 2041e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden template <typename Iterator> 2051e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden void append(Iterator begin, Iterator end) { 2061e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden while (begin != end) { 2071e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden push_back(*begin); 2081e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden ++begin; 2091e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 2101e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 2111e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 2121e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden hidl_vec<KeyParameter> hidl_data() const { 2131e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden hidl_vec<KeyParameter> result; 2141e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden result.setToExternal(const_cast<KeyParameter*>(data()), size()); 2151e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden return result; 2161e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 2171e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 2181e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden void Serialize(std::ostream* out) const; 2191e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden void Deserialize(std::istream* in); 2201e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 2211e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden private: 2221e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden NullOr<const KeyParameter&> GetEntry(Tag tag) const; 2231e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 2241e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden std::vector<KeyParameter> data_; 2251e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden}; 2261e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 2271e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willdenclass AuthorizationSetBuilder : public AuthorizationSet { 2281e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden public: 2291e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden template <typename TagType, typename... ValueType> 2301e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& Authorization(TagType ttag, ValueType&&... value) { 2311e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden push_back(ttag, std::forward<ValueType>(value)...); 2321e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden return *this; 2331e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 2341e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 2351e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden template <Tag tag> 2361e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& Authorization(TypedTag<TagType::BYTES, tag> ttag, const uint8_t* data, 2371e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden size_t data_length) { 2381e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden hidl_vec<uint8_t> new_blob; 2391e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden new_blob.setToExternal(const_cast<uint8_t*>(data), data_length); 2401e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden push_back(ttag, std::move(new_blob)); 2411e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden return *this; 2421e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 2431e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 2441e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden template <Tag tag> 2451e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& Authorization(TypedTag<TagType::BYTES, tag> ttag, const char* data, 2461e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden size_t data_length) { 2471e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden return Authorization(ttag, reinterpret_cast<const uint8_t*>(data), data_length); 2481e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 2491e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 2501e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& Authorizations(const AuthorizationSet& set) { 2511e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden for (const auto& entry : set) { 2521e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden push_back(entry); 2531e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 2541e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden return *this; 2551e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 2561e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 2571e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& RsaKey(uint32_t key_size, uint64_t public_exponent); 2581e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& EcdsaKey(uint32_t key_size); 2591e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& EcdsaKey(EcCurve curve); 2601e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& AesKey(uint32_t key_size); 2618823a4415c96ad6481a685c02aa5dcdfdff599f9Shawn Willden AuthorizationSetBuilder& TripleDesKey(uint32_t key_size); 2621e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& HmacKey(uint32_t key_size); 2631e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 2641e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& RsaSigningKey(uint32_t key_size, uint64_t public_exponent); 2651e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& RsaEncryptionKey(uint32_t key_size, uint64_t public_exponent); 2661e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& EcdsaSigningKey(uint32_t key_size); 2671e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& EcdsaSigningKey(EcCurve curve); 2681e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& AesEncryptionKey(uint32_t key_size); 2698823a4415c96ad6481a685c02aa5dcdfdff599f9Shawn Willden AuthorizationSetBuilder& TripleDesEncryptionKey(uint32_t key_size); 2701e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 2711e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& SigningKey(); 2721e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& EncryptionKey(); 27398b998b59a417bb22b88587eac8311efd08169b9Shawn Willden 2741e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& NoDigestOrPadding(); 27598b998b59a417bb22b88587eac8311efd08169b9Shawn Willden 2761e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& EcbMode(); 27798b998b59a417bb22b88587eac8311efd08169b9Shawn Willden AuthorizationSetBuilder& GcmModeMinMacLen(uint32_t minMacLength); 27898b998b59a417bb22b88587eac8311efd08169b9Shawn Willden AuthorizationSetBuilder& GcmModeMacLen(uint32_t macLength); 2791e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 2801e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& BlockMode(std::initializer_list<BlockMode> blockModes); 2811e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& Digest(std::initializer_list<Digest> digests); 28298b998b59a417bb22b88587eac8311efd08169b9Shawn Willden AuthorizationSetBuilder& Padding(std::initializer_list<PaddingMode> paddings); 2831e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 2841e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden template <typename... T> 2851e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& BlockMode(T&&... a) { 2861e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden return BlockMode({std::forward<T>(a)...}); 2871e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 2881e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden template <typename... T> 2891e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& Digest(T&&... a) { 2901e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden return Digest({std::forward<T>(a)...}); 2911e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 2921e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden template <typename... T> 2931e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden AuthorizationSetBuilder& Padding(T&&... a) { 2941e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden return Padding({std::forward<T>(a)...}); 2951e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden } 2961e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden}; 2971e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 2981e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden} // namespace V4_0 2991e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden} // namespace keymaster 3001e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden} // namespace hardware 3011e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden} // namespace android 3021e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden 3031e50c676f6fe5cfa726b66b2c6ba57084a3888e8Shawn Willden#endif // SYSTEM_SECURITY_KEYSTORE_KM4_AUTHORIZATION_SET_H_ 304