Google Git
Sign in
cos / mirrors / cros / chromiumos / platform2 / HEAD / . / chaps / chaps_adaptor.h
blob: 9ff7c3de0ae2fdfc13a09cb7dd6cc2b30a5b7b75 [file] [log] [blame]
// Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHAPS_CHAPS_ADAPTOR_H_
#define CHAPS_CHAPS_ADAPTOR_H_
#include <string>
#include <vector>
#include <base/macros.h>
#include <brillo/dbus/async_event_sequencer.h>
#include <brillo/dbus/dbus_object.h>
#include <brillo/secure_blob.h>
#include <dbus/bus.h>
#include <chaps/proto_bindings/ck_structs.pb.h>
namespace base {
class Lock;
} // namespace base
namespace chaps {
const char kPersistentLogLevelPath[] = "/var/lib/chaps/.loglevel";
class ChapsInterface;
class TokenManagerInterface;
// The ChapsAdaptor class implements the D-Bus interface and redirects IPC
// calls to a ChapsInterface or TokenManagerInterface.
class ChapsAdaptor {
public:
ChapsAdaptor(scoped_refptr<dbus::Bus> bus,
base::Lock* lock,
ChapsInterface* service,
TokenManagerInterface* token_manager);
ChapsAdaptor(const ChapsAdaptor&) = delete;
ChapsAdaptor& operator=(const ChapsAdaptor&) = delete;
virtual ~ChapsAdaptor();
void RegisterAsync(
const brillo::dbus_utils::AsyncEventSequencer::CompletionAction& cb);
// Chaps D-Bus interface methods.
void OpenIsolate(const brillo::SecureVector& isolate_credential_in,
brillo::SecureVector* isolate_credential_out,
bool* new_isolate_created,
bool* result);
void CloseIsolate(const brillo::SecureVector& isolate_credential);
void LoadToken(const brillo::SecureVector& isolate_credential,
const std::string& path,
const brillo::SecureVector& auth_data,
const std::string& label,
uint64_t* slot_id,
bool* result);
void UnloadToken(const brillo::SecureVector& isolate_credential,
const std::string& path);
void ChangeTokenAuthData(const std::string& path,
const brillo::SecureVector& old_auth_data,
const brillo::SecureVector& new_auth_data);
void GetTokenPath(const brillo::SecureVector& isolate_credential,
uint64_t slot_id,
std::string* path,
bool* result);
void SetLogLevel(const int32_t& level);
void GetSlotList(const brillo::SecureVector& isolate_credential,
bool token_present,
std::vector<uint64_t>* slot_list,
uint32_t* result);
void GetSlotInfo(const brillo::SecureVector& isolate_credential,
uint64_t slot_id,
SlotInfo* slot_info,
uint32_t* result);
void GetTokenInfo(const brillo::SecureVector& isolate_credential,
uint64_t slot_id,
TokenInfo* token_info,
uint32_t* result);
void GetMechanismList(const brillo::SecureVector& isolate_credential,
uint64_t slot_id,
std::vector<uint64_t>* mechanism_list,
uint32_t* result);
void GetMechanismInfo(const brillo::SecureVector& isolate_credential,
uint64_t slot_id,
uint64_t mechanism_type,
MechanismInfo* mechanism_info,
uint32_t* result);
uint32_t InitToken(const brillo::SecureVector& isolate_credential,
uint64_t slot_id,
bool use_null_pin,
const std::string& optional_so_pin,
const std::vector<uint8_t>& new_token_label);
uint32_t InitPIN(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
bool use_null_pin,
const std::string& optional_user_pin);
uint32_t SetPIN(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
bool use_null_old_pin,
const std::string& optional_old_pin,
bool use_null_new_pin,
const std::string& optional_new_pin);
void OpenSession(const brillo::SecureVector& isolate_credential,
uint64_t slot_id,
uint64_t flags,
uint64_t* session_id,
uint32_t* result);
uint32_t CloseSession(const brillo::SecureVector& isolate_credential,
uint64_t session_id);
void GetSessionInfo(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
SessionInfo* session_info,
uint32_t* result);
void GetOperationState(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
std::vector<uint8_t>* operation_state,
uint32_t* result);
uint32_t SetOperationState(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& operation_state,
uint64_t encryption_key_handle,
uint64_t authentication_key_handle);
uint32_t Login(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t user_type,
bool use_null_pin,
const std::string& optional_pin);
uint32_t Logout(const brillo::SecureVector& isolate_credential,
uint64_t session_id);
void CreateObject(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& attributes,
uint64_t* new_object_handle,
uint32_t* result);
void CopyObject(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t object_handle,
const std::vector<uint8_t>& attributes,
uint64_t* new_object_handle,
uint32_t* result);
uint32_t DestroyObject(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t object_handle);
void GetObjectSize(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t object_handle,
uint64_t* object_size,
uint32_t* result);
void GetAttributeValue(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t object_handle,
const std::vector<uint8_t>& attributes_in,
std::vector<uint8_t>* attributes_out,
uint32_t* result);
uint32_t SetAttributeValue(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t object_handle,
const std::vector<uint8_t>& attributes);
uint32_t FindObjectsInit(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& attributes);
void FindObjects(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t max_object_count,
std::vector<uint64_t>* object_list,
uint32_t* result);
uint32_t FindObjectsFinal(const brillo::SecureVector& isolate_credential,
uint64_t session_id);
uint32_t EncryptInit(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t mechanism_type,
const std::vector<uint8_t>& mechanism_parameter,
uint64_t key_handle);
void Encrypt(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& data_in,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* data_out,
uint32_t* result);
void EncryptUpdate(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& data_in,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* data_out,
uint32_t* result);
void EncryptFinal(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* data_out,
uint32_t* result);
void EncryptCancel(const brillo::SecureVector& isolate_credential,
uint64_t session_id);
uint32_t DecryptInit(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t mechanism_type,
const std::vector<uint8_t>& mechanism_parameter,
uint64_t key_handle);
void Decrypt(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& data_in,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* data_out,
uint32_t* result);
void DecryptUpdate(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& data_in,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* data_out,
uint32_t* result);
void DecryptFinal(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* data_out,
uint32_t* result);
void DecryptCancel(const brillo::SecureVector& isolate_credential,
uint64_t session_id);
uint32_t DigestInit(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t mechanism_type,
const std::vector<uint8_t>& mechanism_parameter);
void Digest(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& data_in,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* digest,
uint32_t* result);
uint32_t DigestUpdate(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& data_in);
uint32_t DigestKey(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t key_handle);
void DigestFinal(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* digest,
uint32_t* result);
void DigestCancel(const brillo::SecureVector& isolate_credential,
uint64_t session_id);
uint32_t SignInit(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t mechanism_type,
const std::vector<uint8_t>& mechanism_parameter,
uint64_t key_handle);
void Sign(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& data,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* signature,
uint32_t* result);
uint32_t SignUpdate(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& data_part);
void SignFinal(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* signature,
uint32_t* result);
void SignCancel(const brillo::SecureVector& isolate_credential,
uint64_t session_id);
uint32_t SignRecoverInit(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t mechanism_type,
const std::vector<uint8_t>& mechanism_parameter,
uint64_t key_handle);
void SignRecover(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& data,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* signature,
uint32_t* result);
uint32_t VerifyInit(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t mechanism_type,
const std::vector<uint8_t>& mechanism_parameter,
uint64_t key_handle);
uint32_t Verify(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& data,
const std::vector<uint8_t>& signature);
uint32_t VerifyUpdate(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& data_part);
uint32_t VerifyFinal(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& signature);
void VerifyCancel(const brillo::SecureVector& isolate_credential,
uint64_t session_id);
uint32_t VerifyRecoverInit(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t mechanism_type,
const std::vector<uint8_t>& mechanism_parameter,
uint64_t key_handle);
void VerifyRecover(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& signature,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* data,
uint32_t* result);
void DigestEncryptUpdate(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& data_in,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* data_out,
uint32_t* result);
void DecryptDigestUpdate(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& data_in,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* data_out,
uint32_t* result);
void SignEncryptUpdate(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& data_in,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* data_out,
uint32_t* result);
void DecryptVerifyUpdate(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& data_in,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* data_out,
uint32_t* result);
void GenerateKey(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t mechanism_type,
const std::vector<uint8_t>& mechanism_parameter,
const std::vector<uint8_t>& attributes,
uint64_t* key_handle,
uint32_t* result);
void GenerateKeyPair(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t mechanism_type,
const std::vector<uint8_t>& mechanism_parameter,
const std::vector<uint8_t>& public_attributes,
const std::vector<uint8_t>& private_attributes,
uint64_t* public_key_handle,
uint64_t* private_key_handle,
uint32_t* result);
void WrapKey(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t mechanism_type,
const std::vector<uint8_t>& mechanism_parameter,
uint64_t wrapping_key_handle,
uint64_t key_handle,
uint64_t max_out_length,
uint64_t* actual_out_length,
std::vector<uint8_t>* wrapped_key,
uint32_t* result);
void UnwrapKey(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t mechanism_type,
const std::vector<uint8_t>& mechanism_parameter,
uint64_t wrapping_key_handle,
const std::vector<uint8_t>& wrapped_key,
const std::vector<uint8_t>& attributes,
uint64_t* key_handle,
uint32_t* result);
void DeriveKey(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t mechanism_type,
const std::vector<uint8_t>& mechanism_parameter,
uint64_t base_key_handle,
const std::vector<uint8_t>& attributes,
uint64_t* key_handle,
uint32_t* result);
uint32_t SeedRandom(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
const std::vector<uint8_t>& seed);
void GenerateRandom(const brillo::SecureVector& isolate_credential,
uint64_t session_id,
uint64_t num_bytes,
std::vector<uint8_t>* random_data,
uint32_t* result);
private:
brillo::dbus_utils::DBusObject dbus_object_;
base::Lock* lock_;
ChapsInterface* service_;
TokenManagerInterface* token_manager_;
};
} // namespace chaps
#endif // CHAPS_CHAPS_ADAPTOR_H_