hwcrypto: Add key token export/import

  android.hardware.security.see.hwcrypto.IHwCryptoKey.DerivedKey deriveKey(in android.hardware.security.see.hwcrypto.IHwCryptoKey.DerivedKeyParameters parameters);

  android.hardware.security.see.hwcrypto.IHwCryptoOperations getHwCryptoOperations();

  android.hardware.security.see.hwcrypto.IOpaqueKey importClearKey(in android.hardware.security.see.hwcrypto.types.ExplicitKeyMaterial keyMaterial, in android.hardware.security.see.hwcrypto.KeyPolicy newKeyPolicy);

  byte[] getCurrentDicePolicy();

  android.hardware.security.see.hwcrypto.IOpaqueKey keyTokenImport(in android.hardware.security.see.hwcrypto.types.OpaqueKeyToken requestedKey, in byte[] sealingDicePolicy);

  enum DeviceKeyId {

    DEVICE_BOUND_KEY,

    BATCH_KEY,

  byte[] exportWrappedKey(in android.hardware.security.see.hwcrypto.IOpaqueKey wrappingKey);

  android.hardware.security.see.hwcrypto.KeyPolicy getKeyPolicy();

  byte[] getPublicKey();

  android.hardware.security.see.hwcrypto.types.OpaqueKeyToken getShareableToken(in byte[] sealingDicePolicy);

}

/*

 * Copyright 2024 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

///////////////////////////////////////////////////////////////////////////////

// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //

///////////////////////////////////////////////////////////////////////////////

// This file is a snapshot of an AIDL file. Do not edit it manually. There are

// two cases:

// 1). this is a frozen version file - do not edit this in any case.

// 2). this is a 'current' file. If you make a backwards compatible change to

//     the interface (from the latest frozen version), the build system will

//     prompt you to update this file with `m <name>-update-api`.

//

// You must not make a backward incompatible change to any AIDL file built

// with the aidl_interface module type with versions property set. The module

// type is used to build AIDL files in a way that they can be used across

// independently updatable components of the system. If a device is shipped

// with such a backward incompatible change, it has a high risk of breaking

// later when a module using the interface is updated, e.g., Mainline modules.

package android.hardware.security.see.hwcrypto.types;

parcelable OpaqueKeyToken {

  byte[] keyToken;

}

import android.hardware.security.see.hwcrypto.IOpaqueKey;

import android.hardware.security.see.hwcrypto.KeyPolicy;

import android.hardware.security.see.hwcrypto.types.ExplicitKeyMaterial;

import android.hardware.security.see.hwcrypto.types.OpaqueKeyToken;

/*

 * Higher level interface to access and generate keys.

     *      otherwise.

     */

    IOpaqueKey importClearKey(in ExplicitKeyMaterial keyMaterial, in KeyPolicy newKeyPolicy);

    /*

     * getCurrentDicePolicy() - Returns the client current DICE policy. This policy is encrypted and

     *                          considered opaque from the client perspective. This policy is the

     *                          same used to create DICE bound keys and will also be used to seal

     *                          secrets that can only be retrieved by the DICE policy owner. The

     *                          first use of this seal operation will be

     *                          <code>IOpaqueKey::getShareableToken</code> and

     *                          <code>IHwCryptoKey::keyTokenImport</code>. To start this process,

     *                          the intended key receiver will call this function and then pass the

     *                          generated DICE policy to the owner of the key that the receiver

     *                          wants to import. The key owner will then call

     *                          <code>IOpaqueKey::getShareableToken</code> passing the receiver DICE

     *                          policy to insure that only that receiver can import the key.

     *

     * Return:

     *      byte[] on success, which is the caller encrypted DICE policy.

     */

    byte[] getCurrentDicePolicy();

    /*

     * key_token_import() - Imports a key from a different client service instance. Because

     *                      IOpaqueKey are binder objects that cannot be directly shared between

     *                      binder rpc clients, this method provide a way to send a key to another

     *                      client. Keys to be imported by the receiver are represented by a token

     *                      created using <code>IOpaqueKey::getShareableToken</code>. The flow

     *                      to create this token is described in

     *                      <code>IHwCryptoKey::getCurrentDicePolicy</code>.

     *

     * @requested_key:

     *      Handle to the key to be imported to the caller service.

     * @sealingDicePolicy:

     *      DICE policy used to seal the exported key.

     * Return:

     *      A IOpaqueKey that can be directly be used on the local HWCrypto service on

     *      success, service specific error based on <code>HalErrorCode</code> otherwise.

     */

    IOpaqueKey keyTokenImport(in OpaqueKeyToken requestedKey, in byte[] sealingDicePolicy);

}

package android.hardware.security.see.hwcrypto;

import android.hardware.security.see.hwcrypto.KeyPolicy;

import android.hardware.security.see.hwcrypto.types.OpaqueKeyToken;

import android.hardware.security.see.hwcrypto.types.OperationType;

interface IOpaqueKey {

     *      <code>HalErrorCode</code> otherwise. Format used for the returned public key is COSE.

     */

    byte[] getPublicKey();

    /*

     * getShareableToken() - Returns a token that can shared with another HWCrypto client.

     *

     * @sealingDicePolicy:

     *      Token to be used to protect the returned OpaqueKeyToken. It will be used so only

     *      the owner of the sealingDicePolicy can import the key.

     * Return:

     *      <code>OpaqueKeyMaterial</code> token on success, service specific error based on

     *      <code>HalErrorCode</code> otherwise.

     */

    OpaqueKeyToken getShareableToken(in byte[] sealingDicePolicy);

}