Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 52f822d6ae6b0ff611b2912e0472ea4544f62ffc / . / keystore / keystore_utils.h
blob: 380eb4ea5f7a4b6160855984da29bedd3f4d5fd7 [file] [log] [blame]
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]1/*
2 * Copyright (C) 2016 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#ifndef KEYSTORE_KEYSTORE_UTILS_H_
18#define KEYSTORE_KEYSTORE_UTILS_H_
19
Shawn Willdenbb22a6c2017-12-06 19:35:28 -0700[diff] [blame]20#include <cstdint>
Janis Danisevskis6a0d9982019-04-30 15:43:59 -0700[diff] [blame]21#include <string>
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]22#include <vector>
23
24#include <openssl/evp.h>
25#include <openssl/pem.h>
26
Janis Danisevskisccfff102017-05-01 11:02:51 -0700[diff] [blame]27#include <memory>
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]28
Shawn Willdenbb22a6c2017-12-06 19:35:28 -0700[diff] [blame]29#include <keystore/keymaster_types.h>
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]30
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]31size_t readFully(int fd, uint8_t* data, size_t size);
32size_t writeFully(int fd, uint8_t* data, size_t size);
Janis Danisevskis6a0d9982019-04-30 15:43:59 -0700[diff] [blame]33std::string getContainingDirectory(const std::string& filename);
34void fsyncDirectory(const std::string& path);
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]35
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]36void add_legacy_key_authorizations(int keyType, keystore::AuthorizationSet* params);
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]37
38/**
39 * Returns the app ID (in the Android multi-user sense) for the current
40 * UNIX UID.
41 */
42uid_t get_app_id(uid_t uid);
43
44/**
45 * Returns the user ID (in the Android multi-user sense) for the current
46 * UNIX UID.
47 */
48uid_t get_user_id(uid_t uid);
49
50struct EVP_PKEY_Delete {
51 void operator()(EVP_PKEY* p) const { EVP_PKEY_free(p); }
52};
Janis Danisevskisccfff102017-05-01 11:02:51 -0700[diff] [blame]53typedef std::unique_ptr<EVP_PKEY, EVP_PKEY_Delete> Unique_EVP_PKEY;
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]54
55struct PKCS8_PRIV_KEY_INFO_Delete {
56 void operator()(PKCS8_PRIV_KEY_INFO* p) const { PKCS8_PRIV_KEY_INFO_free(p); }
57};
Janis Danisevskisccfff102017-05-01 11:02:51 -0700[diff] [blame]58typedef std::unique_ptr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_Delete> Unique_PKCS8_PRIV_KEY_INFO;
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]59
Janis Danisevskisc1460142017-12-18 16:48:46 -0800[diff] [blame]60class Blob;
61
Pavel Grafovcef39472018-02-12 18:45:02 +0000[diff] [blame]62// Tags for audit logging. Be careful and don't log sensitive data.
63// Should be in sync with frameworks/base/core/java/android/app/admin/SecurityLogTags.logtags
64constexpr int SEC_TAG_KEY_DESTROYED = 210026;
65constexpr int SEC_TAG_KEY_INTEGRITY_VIOLATION = 210032;
66constexpr int SEC_TAG_AUTH_KEY_GENERATED = 210024;
67constexpr int SEC_TAG_KEY_IMPORTED = 210025;
68
69void log_key_integrity_violation(const char* name, uid_t uid);
70
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]71namespace keystore {
72
Janis Danisevskisc1460142017-12-18 16:48:46 -0800[diff] [blame]73hidl_vec<uint8_t> blob2hidlVec(const Blob& blob);
74
75SecurityLevel flagsToSecurityLevel(int32_t flags);
76uint32_t securityLevelToFlags(SecurityLevel secLevel);
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]77
Shawn Willdenbb22a6c2017-12-06 19:35:28 -0700[diff] [blame]78} // namespace keystore
Janis Danisevskisc7a9fa22016-10-13 18:43:45 +0100[diff] [blame]79
Shawn Willdenc1d1fee2016-01-26 22:44:56 -0700[diff] [blame]80#endif // KEYSTORE_KEYSTORE_UTILS_H_