1*4d7e907cSAndroid Build Coastguard Worker /* 2*4d7e907cSAndroid Build Coastguard Worker * Copyright 2021, The Android Open Source Project 3*4d7e907cSAndroid Build Coastguard Worker * 4*4d7e907cSAndroid Build Coastguard Worker * Licensed under the Apache License, Version 2.0 (the "License"); 5*4d7e907cSAndroid Build Coastguard Worker * you may not use this file except in compliance with the License. 6*4d7e907cSAndroid Build Coastguard Worker * You may obtain a copy of the License at 7*4d7e907cSAndroid Build Coastguard Worker * 8*4d7e907cSAndroid Build Coastguard Worker * http://www.apache.org/licenses/LICENSE-2.0 9*4d7e907cSAndroid Build Coastguard Worker * 10*4d7e907cSAndroid Build Coastguard Worker * Unless required by applicable law or agreed to in writing, software 11*4d7e907cSAndroid Build Coastguard Worker * distributed under the License is distributed on an "AS IS" BASIS, 12*4d7e907cSAndroid Build Coastguard Worker * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13*4d7e907cSAndroid Build Coastguard Worker * See the License for the specific language governing permissions and 14*4d7e907cSAndroid Build Coastguard Worker * limitations under the License. 15*4d7e907cSAndroid Build Coastguard Worker */ 16*4d7e907cSAndroid Build Coastguard Worker 17*4d7e907cSAndroid Build Coastguard Worker #ifndef ANDROID_HARDWARE_IDENTITY_PRESENTATIONSESSION_H 18*4d7e907cSAndroid Build Coastguard Worker #define ANDROID_HARDWARE_IDENTITY_PRESENTATIONSESSION_H 19*4d7e907cSAndroid Build Coastguard Worker 20*4d7e907cSAndroid Build Coastguard Worker #include <aidl/android/hardware/identity/BnPresentationSession.h> 21*4d7e907cSAndroid Build Coastguard Worker #include <android/hardware/identity/support/IdentityCredentialSupport.h> 22*4d7e907cSAndroid Build Coastguard Worker 23*4d7e907cSAndroid Build Coastguard Worker #include <vector> 24*4d7e907cSAndroid Build Coastguard Worker 25*4d7e907cSAndroid Build Coastguard Worker #include <cppbor.h> 26*4d7e907cSAndroid Build Coastguard Worker 27*4d7e907cSAndroid Build Coastguard Worker #include "IdentityCredentialStore.h" 28*4d7e907cSAndroid Build Coastguard Worker #include "SecureHardwareProxy.h" 29*4d7e907cSAndroid Build Coastguard Worker 30*4d7e907cSAndroid Build Coastguard Worker namespace aidl::android::hardware::identity { 31*4d7e907cSAndroid Build Coastguard Worker 32*4d7e907cSAndroid Build Coastguard Worker using ::aidl::android::hardware::keymaster::HardwareAuthToken; 33*4d7e907cSAndroid Build Coastguard Worker using ::aidl::android::hardware::keymaster::VerificationToken; 34*4d7e907cSAndroid Build Coastguard Worker using ::android::sp; 35*4d7e907cSAndroid Build Coastguard Worker using ::android::hardware::identity::SecureHardwareSessionProxy; 36*4d7e907cSAndroid Build Coastguard Worker using ::std::vector; 37*4d7e907cSAndroid Build Coastguard Worker 38*4d7e907cSAndroid Build Coastguard Worker class PresentationSession : public BnPresentationSession { 39*4d7e907cSAndroid Build Coastguard Worker public: PresentationSession(sp<SecureHardwareProxyFactory> hwProxyFactory,sp<SecureHardwareSessionProxy> hwProxy,HardwareInformation hardwareInformation)40*4d7e907cSAndroid Build Coastguard Worker PresentationSession(sp<SecureHardwareProxyFactory> hwProxyFactory, 41*4d7e907cSAndroid Build Coastguard Worker sp<SecureHardwareSessionProxy> hwProxy, 42*4d7e907cSAndroid Build Coastguard Worker HardwareInformation hardwareInformation) 43*4d7e907cSAndroid Build Coastguard Worker : hwProxyFactory_(std::move(hwProxyFactory)), 44*4d7e907cSAndroid Build Coastguard Worker hwProxy_(std::move(hwProxy)), 45*4d7e907cSAndroid Build Coastguard Worker hardwareInformation_(std::move(hardwareInformation)) {} 46*4d7e907cSAndroid Build Coastguard Worker 47*4d7e907cSAndroid Build Coastguard Worker virtual ~PresentationSession(); 48*4d7e907cSAndroid Build Coastguard Worker 49*4d7e907cSAndroid Build Coastguard Worker // Creates ephemeral key and auth-challenge in TA. Returns a status code from 50*4d7e907cSAndroid Build Coastguard Worker // IIdentityCredentialStore. Must be called right after construction. 51*4d7e907cSAndroid Build Coastguard Worker int initialize(); 52*4d7e907cSAndroid Build Coastguard Worker 53*4d7e907cSAndroid Build Coastguard Worker uint64_t getSessionId(); 54*4d7e907cSAndroid Build Coastguard Worker 55*4d7e907cSAndroid Build Coastguard Worker vector<uint8_t> getSessionTranscript(); 56*4d7e907cSAndroid Build Coastguard Worker vector<uint8_t> getReaderEphemeralPublicKey(); 57*4d7e907cSAndroid Build Coastguard Worker 58*4d7e907cSAndroid Build Coastguard Worker // Methods from IPresentationSession follow. 59*4d7e907cSAndroid Build Coastguard Worker ndk::ScopedAStatus getEphemeralKeyPair(vector<uint8_t>* outKeyPair) override; 60*4d7e907cSAndroid Build Coastguard Worker ndk::ScopedAStatus getAuthChallenge(int64_t* outChallenge) override; 61*4d7e907cSAndroid Build Coastguard Worker ndk::ScopedAStatus setReaderEphemeralPublicKey(const vector<uint8_t>& publicKey) override; 62*4d7e907cSAndroid Build Coastguard Worker ndk::ScopedAStatus setSessionTranscript(const vector<uint8_t>& sessionTranscript) override; 63*4d7e907cSAndroid Build Coastguard Worker 64*4d7e907cSAndroid Build Coastguard Worker ndk::ScopedAStatus getCredential(const vector<uint8_t>& credentialData, 65*4d7e907cSAndroid Build Coastguard Worker shared_ptr<IIdentityCredential>* outCredential) override; 66*4d7e907cSAndroid Build Coastguard Worker 67*4d7e907cSAndroid Build Coastguard Worker private: 68*4d7e907cSAndroid Build Coastguard Worker // Set by constructor 69*4d7e907cSAndroid Build Coastguard Worker sp<SecureHardwareProxyFactory> hwProxyFactory_; 70*4d7e907cSAndroid Build Coastguard Worker sp<SecureHardwareSessionProxy> hwProxy_; 71*4d7e907cSAndroid Build Coastguard Worker HardwareInformation hardwareInformation_; 72*4d7e907cSAndroid Build Coastguard Worker 73*4d7e907cSAndroid Build Coastguard Worker // Set by initialize() 74*4d7e907cSAndroid Build Coastguard Worker uint64_t id_; 75*4d7e907cSAndroid Build Coastguard Worker uint64_t authChallenge_; 76*4d7e907cSAndroid Build Coastguard Worker 77*4d7e907cSAndroid Build Coastguard Worker // Set by getEphemeralKeyPair() 78*4d7e907cSAndroid Build Coastguard Worker vector<uint8_t> ephemeralKeyPair_; 79*4d7e907cSAndroid Build Coastguard Worker 80*4d7e907cSAndroid Build Coastguard Worker // Set by setReaderEphemeralPublicKey() 81*4d7e907cSAndroid Build Coastguard Worker vector<uint8_t> readerPublicKey_; 82*4d7e907cSAndroid Build Coastguard Worker 83*4d7e907cSAndroid Build Coastguard Worker // Set by setSessionTranscript() 84*4d7e907cSAndroid Build Coastguard Worker vector<uint8_t> sessionTranscript_; 85*4d7e907cSAndroid Build Coastguard Worker }; 86*4d7e907cSAndroid Build Coastguard Worker 87*4d7e907cSAndroid Build Coastguard Worker } // namespace aidl::android::hardware::identity 88*4d7e907cSAndroid Build Coastguard Worker 89*4d7e907cSAndroid Build Coastguard Worker #endif // ANDROID_HARDWARE_IDENTITY_PRESENTATIONSESSION_H 90