sysroots/generic-arm32/usr/include/lib/keymaster/keymaster.h - platform/prebuilts/trusty/sysroot - Git at Google

 /*
  * Copyright (C) 2015 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 #pragma once

 #include <lk/compiler.h>
 #include <trusty_ipc.h>

 #include <hardware/hw_auth_token.h>
 __BEGIN_CDECLS

 typedef handle_t keymaster_session_t;

 /**
  * keymaster_open() - Opens a Keymaster session
  *
  * Return: a keymaster_session_t >= 0 on success, or an error code < 0
  * on failure.
  */
 int keymaster_open(void);

 /**
  * keymaster_close() - Opens a Keymaster session
  * @session: the keymaster_session_t to close.
  *
  */
 void keymaster_close(keymaster_session_t session);

 /**
  * Deprecated; use the appropriate token specific functions below if possible.
  *
  * keymaster_get_auth_token_key() - Retrieves the auth token signature key
  * @session: the keymaster_session_t to close.
  * @key_buf_p: pointer to buffer pointer to be allocated and filled with auth
  *             token key. Ownership of this pointer is transferred to the caller
  *             and must be deallocated with a call to free().
  * @size_p: set to the allocated size of key_buf
  *
  */
 int keymaster_get_auth_token_key(keymaster_session_t session,
                                  uint8_t** key_buf_p,
                                  uint32_t* size_p);

 /**
  * keymaster_sign_auth_token() - Sign the 'token' by populating the HMAC field
  *                                using the keymaster auth token.
  * @session: An open keymaster_session_t.
  * @token: The token for signing
  *
  * @return: NO_ERROR if token was signed successfully
  */
 int keymaster_sign_auth_token(keymaster_session_t session,
                               hw_auth_token_t* token);

 /**
  * keymaster_validate_auth_token() - Validate the incoming token against the
  *                                keymaster auth token.
  * @session: An open keymaster_session_t.
  * @token: The token to validate
  *
  * @return: NO_ERROR if the token is trusted, otherwise rejection reason.
  */
 int keymaster_validate_auth_token(keymaster_session_t session,
                                   hw_auth_token_t* token);

 __END_CDECLS
	/*
	* Copyright (C) 2015 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	#pragma once

	#include <lk/compiler.h>
	#include <trusty_ipc.h>

	#include <hardware/hw_auth_token.h>
	__BEGIN_CDECLS

	typedef handle_t keymaster_session_t;

	/**
	* keymaster_open() - Opens a Keymaster session
	*
	* Return: a keymaster_session_t >= 0 on success, or an error code < 0
	* on failure.
	*/
	int keymaster_open(void);

	/**
	* keymaster_close() - Opens a Keymaster session
	* @session: the keymaster_session_t to close.
	*
	*/
	void keymaster_close(keymaster_session_t session);

	/**
	* Deprecated; use the appropriate token specific functions below if possible.
	*
	* keymaster_get_auth_token_key() - Retrieves the auth token signature key
	* @session: the keymaster_session_t to close.
	* @key_buf_p: pointer to buffer pointer to be allocated and filled with auth
	* token key. Ownership of this pointer is transferred to the caller
	* and must be deallocated with a call to free().
	* @size_p: set to the allocated size of key_buf
	*
	*/
	int keymaster_get_auth_token_key(keymaster_session_t session,
	uint8_t** key_buf_p,
	uint32_t* size_p);

	/**
	* keymaster_sign_auth_token() - Sign the 'token' by populating the HMAC field
	* using the keymaster auth token.
	* @session: An open keymaster_session_t.
	* @token: The token for signing
	*
	* @return: NO_ERROR if token was signed successfully
	*/
	int keymaster_sign_auth_token(keymaster_session_t session,
	hw_auth_token_t* token);

	/**
	* keymaster_validate_auth_token() - Validate the incoming token against the
	* keymaster auth token.
	* @session: An open keymaster_session_t.
	* @token: The token to validate
	*
	* @return: NO_ERROR if the token is trusted, otherwise rejection reason.
	*/
	int keymaster_validate_auth_token(keymaster_session_t session,
	hw_auth_token_t* token);

	__END_CDECLS