First Publicly Shared Version of ODKiTEE v15

oemcrypto_ta/oemcrypto_key_table.h

@@ -0,0 +1,79 @@
+/* Copyright 2019 Google LLC. All Rights Reserved. This file and proprietary
+   source code may only be used and distributed under the Widevine Master
+   License Agreement. */
+
+#ifndef OEMCRYPTO_TA_OEMCRYPTO_KEY_TABLE_H_
+#define OEMCRYPTO_TA_OEMCRYPTO_KEY_TABLE_H_
+
+#include "oemcrypto_config_interface.h"
+#include "oemcrypto_key.h"
+
+typedef struct KeyTable {
+  CryptoKey keys[MAX_NUMBER_OF_KEYS];
+  uint32_t size;
+  uint32_t first_free_key;
+  uint32_t next_free_key[MAX_NUMBER_OF_KEYS];
+  bool is_free[MAX_NUMBER_OF_KEYS];
+} KeyTable;
+
+/* Initializes the key table so the session can grab keys at a late point.
+   Returns OEMCrypto_ERROR_INIT_FAILED if the key table has already been
+   initialized and OEMCrypto_SUCCESS otherwise. */
+OEMCryptoResult InitializeKeyTable(void);
+
+/* Gets the max number of keys. */
+uint32_t MaxNumberOfKeys(void);
+
+/* Gets the number of currently used keys. Returns
+   OEMCrypto_ERROR_SYSTEM_INVALIDATED if the key table has not been initialized
+   and OEMCrypto_SUCCESS otherwise.
+   Caller retains ownership of |num_used_keys| and it must not be NULL. */
+OEMCryptoResult NumberOfUsedKeys(uint32_t* num_used_keys);
+
+/* Attempts to grab an unused entry in the key table and set *|index| to the
+   entry position. Returns OEMCrypto_ERROR_SYSTEM_INVALIDATED if the key table
+   has not been initialized and OEMCrypto_ERROR_TOO_MANY_KEYS if there are no
+   keys left to grab. Returns OEMCrypto_SUCCESS otherwise.
+   Caller retains ownership of |index| and it must not be NULL. */
+OEMCryptoResult GrabKey(uint32_t* index);
+
+/* Sets key to the key at |index| in the key table if it is free. Returns
+   OEMCrypto_ERROR_SYSTEM_INVALIDATED if the key table has not been initialized
+   and OEMCrypto_ERROR_INVALID_CONTEXT if the key has not been grabbed or if the
+   index is invalid. Returns OEMCrypto_SUCCESS otherwise.
+   If successful, caller gains ownership of *|key| and |key| must not be NULL.
+   */
+OEMCryptoResult GetKey(uint32_t index, CryptoKey** key);
+
+/* Grabs, gets, and initializes a CryptoKey using |serialized_bytes| and
+   GrabKey, GetKey, and InitializeCryptoKey and sets the result in *|key|.
+   If |key| points to an existing key, this method tries to free it before
+   continuing. If there is an error in generating the new key, this method will
+   free it before returning and set *|key| to NULL.
+   If successful, caller gains ownership of *|key| and it must not be NULL. */
+OEMCryptoResult CreateKey(CryptoKey** key, const uint8_t* serialized_bytes,
+                          uint32_t serialized_bytes_length,
+                          CryptoKeyType key_type,
+                          CryptoKeyOperation key_operation,
+                          CryptoKeySize key_size);
+
+/* Given a pointer to a CryptoKey*, attempts to free the CryptoKey it points to
+   if it exists, and then sets the pointer to the CryptoKey to NULL.
+   Returns OEMCrypto_ERROR_SYSTEM_INVALIDATED if the key table has not been
+   initialized, OEMCrypto_ERROR_INVALID_CONTEXT if the non-null CryptoKey has
+   not been grabbed or if its index is invalid. Returns the result of freeing
+   the CryptoKey otherwise.
+   If there is an existing error in the caller, in which case this is likely
+   used for cleanup, that error will be returned and the result of this shall be
+   ignored.
+   Caller retains ownership of *|key| but **|key| will be destroyed if *|key|
+   is not NULL. */
+OEMCryptoResult FreeKey(CryptoKey** key);
+
+/* Clears and cleans up the key table. The key table must be reinitialized to be
+   used. Returns OEMCrypto_ERROR_TERMINATE_FAILED if the table has not been
+   initialized or if there are any active keys still. Returns OEMCrypto_SUCCESS
+   otherwise. */
+OEMCryptoResult TerminateKeyTable(void);
+
+#endif /* OEMCRYPTO_TA_OEMCRYPTO_KEY_TABLE_H_ */