1 /*
2 * Copyright 2016 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #pragma once
18
19 #include <hardware/keymaster_defs.h>
20
21 #include <keymaster/authorization_set.h>
22 #include <keymaster/km_version.h>
23
24 #include <cppbor.h>
25 #include <openssl/asn1t.h>
26
27 #include <vector>
28
29 #define remove_type_mask(tag) ((tag)&0x0FFFFFFF)
30
31 namespace keymaster {
32
33 class AttestationContext;
34
35 constexpr KmVersion kCurrentKmVersion = KmVersion::KEYMASTER_4_1;
36
37 // Size (in bytes) of generated UNIQUE_ID values.
38 constexpr int UNIQUE_ID_SIZE = 16;
39
40 constexpr int EAT_CLAIM_PRIVATE_BASE = -80000;
41 constexpr int EAT_CLAIM_PRIVATE_NON_KM_BASE = EAT_CLAIM_PRIVATE_BASE - 2000;
42
convert_to_eat_claim(keymaster_tag_t tag)43 constexpr int64_t convert_to_eat_claim(keymaster_tag_t tag) {
44 return EAT_CLAIM_PRIVATE_BASE - remove_type_mask(tag);
45 }
46
47 struct stack_st_ASN1_TYPE_Delete {
operatorstack_st_ASN1_TYPE_Delete48 void operator()(stack_st_ASN1_TYPE* p) { sk_ASN1_TYPE_free(p); }
49 };
50
51 struct ASN1_STRING_Delete {
operatorASN1_STRING_Delete52 void operator()(ASN1_STRING* p) { ASN1_STRING_free(p); }
53 };
54
55 struct ASN1_TYPE_Delete {
operatorASN1_TYPE_Delete56 void operator()(ASN1_TYPE* p) { ASN1_TYPE_free(p); }
57 };
58
59 #define ASN1_INTEGER_SET STACK_OF(ASN1_INTEGER)
60
61 typedef struct km_root_of_trust {
62 ASN1_OCTET_STRING* verified_boot_key;
63 ASN1_BOOLEAN device_locked;
64 ASN1_ENUMERATED* verified_boot_state;
65 ASN1_OCTET_STRING* verified_boot_hash;
66 } KM_ROOT_OF_TRUST;
67
68 ASN1_SEQUENCE(KM_ROOT_OF_TRUST) = {
69 ASN1_SIMPLE(KM_ROOT_OF_TRUST, verified_boot_key, ASN1_OCTET_STRING),
70 ASN1_SIMPLE(KM_ROOT_OF_TRUST, device_locked, ASN1_BOOLEAN),
71 ASN1_SIMPLE(KM_ROOT_OF_TRUST, verified_boot_state, ASN1_ENUMERATED),
72 ASN1_SIMPLE(KM_ROOT_OF_TRUST, verified_boot_hash, ASN1_OCTET_STRING),
73 } ASN1_SEQUENCE_END(KM_ROOT_OF_TRUST);
74 DECLARE_ASN1_FUNCTIONS(KM_ROOT_OF_TRUST);
75
76 // Fields ordered in tag order.
77 typedef struct km_auth_list {
78 ASN1_INTEGER_SET* purpose;
79 ASN1_INTEGER* algorithm;
80 ASN1_INTEGER* key_size;
81 ASN1_INTEGER_SET* block_mode;
82 ASN1_INTEGER_SET* digest;
83 ASN1_INTEGER_SET* padding;
84 ASN1_NULL* caller_nonce;
85 ASN1_INTEGER* min_mac_length;
86 ASN1_INTEGER_SET* kdf;
87 ASN1_INTEGER* ec_curve;
88 ASN1_INTEGER* rsa_public_exponent;
89 ASN1_INTEGER_SET* mgf_digest;
90 ASN1_NULL* rollback_resistance;
91 ASN1_NULL* early_boot_only;
92 ASN1_INTEGER* active_date_time;
93 ASN1_INTEGER* origination_expire_date_time;
94 ASN1_INTEGER* usage_expire_date_time;
95 ASN1_INTEGER* usage_count_limit;
96 ASN1_NULL* no_auth_required;
97 ASN1_INTEGER* user_auth_type;
98 ASN1_INTEGER* auth_timeout;
99 ASN1_NULL* allow_while_on_body;
100 ASN1_NULL* trusted_user_presence_required;
101 ASN1_NULL* trusted_confirmation_required;
102 ASN1_NULL* unlocked_device_required;
103 ASN1_NULL* all_applications;
104 ASN1_OCTET_STRING* application_id;
105 ASN1_INTEGER* creation_date_time;
106 ASN1_INTEGER* origin;
107 ASN1_NULL* rollback_resistant;
108 KM_ROOT_OF_TRUST* root_of_trust;
109 ASN1_INTEGER* os_version;
110 ASN1_INTEGER* os_patchlevel;
111 ASN1_OCTET_STRING* attestation_application_id;
112 ASN1_OCTET_STRING* attestation_id_brand;
113 ASN1_OCTET_STRING* attestation_id_device;
114 ASN1_OCTET_STRING* attestation_id_product;
115 ASN1_OCTET_STRING* attestation_id_serial;
116 ASN1_OCTET_STRING* attestation_id_imei;
117 ASN1_OCTET_STRING* attestation_id_meid;
118 ASN1_OCTET_STRING* attestation_id_manufacturer;
119 ASN1_OCTET_STRING* attestation_id_model;
120 ASN1_INTEGER* vendor_patchlevel;
121 ASN1_INTEGER* boot_patch_level;
122 ASN1_NULL* device_unique_attestation;
123 ASN1_NULL* identity_credential_key;
124 } KM_AUTH_LIST;
125
126 ASN1_SEQUENCE(KM_AUTH_LIST) = {
127 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, purpose, ASN1_INTEGER, TAG_PURPOSE.masked_tag()),
128 ASN1_EXP_OPT(KM_AUTH_LIST, algorithm, ASN1_INTEGER, TAG_ALGORITHM.masked_tag()),
129 ASN1_EXP_OPT(KM_AUTH_LIST, key_size, ASN1_INTEGER, TAG_KEY_SIZE.masked_tag()),
130 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, block_mode, ASN1_INTEGER, TAG_BLOCK_MODE.masked_tag()),
131 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, digest, ASN1_INTEGER, TAG_DIGEST.masked_tag()),
132 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, padding, ASN1_INTEGER, TAG_PADDING.masked_tag()),
133 ASN1_EXP_OPT(KM_AUTH_LIST, caller_nonce, ASN1_NULL, TAG_CALLER_NONCE.masked_tag()),
134 ASN1_EXP_OPT(KM_AUTH_LIST, min_mac_length, ASN1_INTEGER, TAG_MIN_MAC_LENGTH.masked_tag()),
135 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, kdf, ASN1_INTEGER, TAG_KDF.masked_tag()),
136 ASN1_EXP_OPT(KM_AUTH_LIST, ec_curve, ASN1_INTEGER, TAG_EC_CURVE.masked_tag()),
137 ASN1_EXP_OPT(KM_AUTH_LIST, rsa_public_exponent, ASN1_INTEGER,
138 TAG_RSA_PUBLIC_EXPONENT.masked_tag()),
139 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, mgf_digest, ASN1_INTEGER,
140 TAG_RSA_OAEP_MGF_DIGEST.masked_tag()),
141 ASN1_EXP_OPT(KM_AUTH_LIST, rollback_resistance, ASN1_NULL,
142 TAG_ROLLBACK_RESISTANCE.masked_tag()),
143 ASN1_EXP_OPT(KM_AUTH_LIST, early_boot_only, ASN1_NULL, TAG_EARLY_BOOT_ONLY.masked_tag()),
144 ASN1_EXP_OPT(KM_AUTH_LIST, active_date_time, ASN1_INTEGER, TAG_ACTIVE_DATETIME.masked_tag()),
145 ASN1_EXP_OPT(KM_AUTH_LIST, origination_expire_date_time, ASN1_INTEGER,
146 TAG_ORIGINATION_EXPIRE_DATETIME.masked_tag()),
147 ASN1_EXP_OPT(KM_AUTH_LIST, usage_expire_date_time, ASN1_INTEGER,
148 TAG_USAGE_EXPIRE_DATETIME.masked_tag()),
149 ASN1_EXP_OPT(KM_AUTH_LIST, usage_count_limit, ASN1_INTEGER, TAG_USAGE_COUNT_LIMIT.masked_tag()),
150 ASN1_EXP_OPT(KM_AUTH_LIST, no_auth_required, ASN1_NULL, TAG_NO_AUTH_REQUIRED.masked_tag()),
151 ASN1_EXP_OPT(KM_AUTH_LIST, user_auth_type, ASN1_INTEGER, TAG_USER_AUTH_TYPE.masked_tag()),
152 ASN1_EXP_OPT(KM_AUTH_LIST, auth_timeout, ASN1_INTEGER, TAG_AUTH_TIMEOUT.masked_tag()),
153 ASN1_EXP_OPT(KM_AUTH_LIST, allow_while_on_body, ASN1_NULL,
154 TAG_ALLOW_WHILE_ON_BODY.masked_tag()),
155 ASN1_EXP_OPT(KM_AUTH_LIST, trusted_user_presence_required, ASN1_NULL,
156 TAG_TRUSTED_USER_PRESENCE_REQUIRED.masked_tag()),
157 ASN1_EXP_OPT(KM_AUTH_LIST, trusted_confirmation_required, ASN1_NULL,
158 TAG_TRUSTED_CONFIRMATION_REQUIRED.masked_tag()),
159 ASN1_EXP_OPT(KM_AUTH_LIST, unlocked_device_required, ASN1_NULL,
160 TAG_UNLOCKED_DEVICE_REQUIRED.masked_tag()),
161 ASN1_EXP_OPT(KM_AUTH_LIST, all_applications, ASN1_NULL, TAG_ALL_APPLICATIONS.masked_tag()),
162 ASN1_EXP_OPT(KM_AUTH_LIST, application_id, ASN1_OCTET_STRING, TAG_APPLICATION_ID.masked_tag()),
163 ASN1_EXP_OPT(KM_AUTH_LIST, creation_date_time, ASN1_INTEGER,
164 TAG_CREATION_DATETIME.masked_tag()),
165 ASN1_EXP_OPT(KM_AUTH_LIST, origin, ASN1_INTEGER, TAG_ORIGIN.masked_tag()),
166 ASN1_EXP_OPT(KM_AUTH_LIST, rollback_resistant, ASN1_NULL, TAG_ROLLBACK_RESISTANT.masked_tag()),
167 ASN1_EXP_OPT(KM_AUTH_LIST, root_of_trust, KM_ROOT_OF_TRUST, TAG_ROOT_OF_TRUST.masked_tag()),
168 ASN1_EXP_OPT(KM_AUTH_LIST, os_version, ASN1_INTEGER, TAG_OS_VERSION.masked_tag()),
169 ASN1_EXP_OPT(KM_AUTH_LIST, os_patchlevel, ASN1_INTEGER, TAG_OS_PATCHLEVEL.masked_tag()),
170 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_application_id, ASN1_OCTET_STRING,
171 TAG_ATTESTATION_APPLICATION_ID.masked_tag()),
172 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_brand, ASN1_OCTET_STRING,
173 TAG_ATTESTATION_ID_BRAND.masked_tag()),
174 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_device, ASN1_OCTET_STRING,
175 TAG_ATTESTATION_ID_DEVICE.masked_tag()),
176 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_product, ASN1_OCTET_STRING,
177 TAG_ATTESTATION_ID_PRODUCT.masked_tag()),
178 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_serial, ASN1_OCTET_STRING,
179 TAG_ATTESTATION_ID_SERIAL.masked_tag()),
180 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_imei, ASN1_OCTET_STRING,
181 TAG_ATTESTATION_ID_IMEI.masked_tag()),
182 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_meid, ASN1_OCTET_STRING,
183 TAG_ATTESTATION_ID_MEID.masked_tag()),
184 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_manufacturer, ASN1_OCTET_STRING,
185 TAG_ATTESTATION_ID_MANUFACTURER.masked_tag()),
186 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_model, ASN1_OCTET_STRING,
187 TAG_ATTESTATION_ID_MODEL.masked_tag()),
188 ASN1_EXP_OPT(KM_AUTH_LIST, vendor_patchlevel, ASN1_INTEGER, TAG_VENDOR_PATCHLEVEL.masked_tag()),
189 ASN1_EXP_OPT(KM_AUTH_LIST, boot_patch_level, ASN1_INTEGER, TAG_BOOT_PATCHLEVEL.masked_tag()),
190 ASN1_EXP_OPT(KM_AUTH_LIST, device_unique_attestation, ASN1_NULL,
191 TAG_DEVICE_UNIQUE_ATTESTATION.masked_tag()),
192 ASN1_EXP_OPT(KM_AUTH_LIST, identity_credential_key, ASN1_NULL,
193 TAG_IDENTITY_CREDENTIAL_KEY.masked_tag()),
194 } ASN1_SEQUENCE_END(KM_AUTH_LIST);
195 DECLARE_ASN1_FUNCTIONS(KM_AUTH_LIST);
196
197 typedef struct km_key_description {
198 ASN1_INTEGER* attestation_version;
199 ASN1_ENUMERATED* attestation_security_level;
200 ASN1_INTEGER* keymaster_version;
201 ASN1_ENUMERATED* keymaster_security_level;
202 ASN1_OCTET_STRING* attestation_challenge;
203 KM_AUTH_LIST* software_enforced;
204 KM_AUTH_LIST* tee_enforced;
205 ASN1_INTEGER* unique_id;
206 } KM_KEY_DESCRIPTION;
207
208 ASN1_SEQUENCE(KM_KEY_DESCRIPTION) = {
209 ASN1_SIMPLE(KM_KEY_DESCRIPTION, attestation_version, ASN1_INTEGER),
210 ASN1_SIMPLE(KM_KEY_DESCRIPTION, attestation_security_level, ASN1_ENUMERATED),
211 ASN1_SIMPLE(KM_KEY_DESCRIPTION, keymaster_version, ASN1_INTEGER),
212 ASN1_SIMPLE(KM_KEY_DESCRIPTION, keymaster_security_level, ASN1_ENUMERATED),
213 ASN1_SIMPLE(KM_KEY_DESCRIPTION, attestation_challenge, ASN1_OCTET_STRING),
214 ASN1_SIMPLE(KM_KEY_DESCRIPTION, unique_id, ASN1_OCTET_STRING),
215 ASN1_SIMPLE(KM_KEY_DESCRIPTION, software_enforced, KM_AUTH_LIST),
216 ASN1_SIMPLE(KM_KEY_DESCRIPTION, tee_enforced, KM_AUTH_LIST),
217 } ASN1_SEQUENCE_END(KM_KEY_DESCRIPTION);
218 DECLARE_ASN1_FUNCTIONS(KM_KEY_DESCRIPTION);
219
220 enum class EatClaim {
221
222 // Official CWT claims, as defined in https://www.iana.org/assignments/cwt/cwt.xhtml
223
224 IAT = 6,
225 CTI = 7,
226
227 // Claims defined in
228 // https://github.com/laurencelundblade/ctoken/blob/master/inc/ctoken_eat_labels.h, by the
229 // author of the EAT standard, and in the ARM PSA. They should be considered stable at least
230 // until the standard is officially published.
231
232 UEID = -75009,
233 NONCE = -75008,
234 SECURITY_LEVEL = -76002,
235 BOOT_STATE = -76003,
236 SUBMODS = -76000,
237
238 // Claims specific to Android, and not part of the official EAT standard.
239
240 PURPOSE = convert_to_eat_claim(KM_TAG_PURPOSE),
241 ALGORITHM = convert_to_eat_claim(KM_TAG_ALGORITHM),
242 KEY_SIZE = convert_to_eat_claim(KM_TAG_KEY_SIZE),
243 BLOCK_MODE = convert_to_eat_claim(KM_TAG_BLOCK_MODE),
244 DIGEST = convert_to_eat_claim(KM_TAG_DIGEST),
245 PADDING = convert_to_eat_claim(KM_TAG_PADDING),
246 // TODO: Check if CALLER_NONCE is needed (see go/keymint-eat)
247 CALLER_NONCE = convert_to_eat_claim(KM_TAG_CALLER_NONCE),
248 MIN_MAC_LENGTH = convert_to_eat_claim(KM_TAG_MIN_MAC_LENGTH),
249 EC_CURVE = convert_to_eat_claim(KM_TAG_EC_CURVE),
250 RSA_PUBLIC_EXPONENT = convert_to_eat_claim(KM_TAG_RSA_PUBLIC_EXPONENT),
251 EARLY_BOOT_ONLY = convert_to_eat_claim(KM_TAG_EARLY_BOOT_ONLY),
252 ACTIVE_DATETIME = convert_to_eat_claim(KM_TAG_ACTIVE_DATETIME),
253 ORIGINATION_EXPIRE_DATETIME = convert_to_eat_claim(KM_TAG_ORIGINATION_EXPIRE_DATETIME),
254 USAGE_EXPIRE_DATETIME = convert_to_eat_claim(KM_TAG_USAGE_EXPIRE_DATETIME),
255 NO_AUTH_REQUIRED = convert_to_eat_claim(KM_TAG_NO_AUTH_REQUIRED),
256 USER_AUTH_TYPE = convert_to_eat_claim(KM_TAG_USER_AUTH_TYPE),
257 AUTH_TIMEOUT = convert_to_eat_claim(KM_TAG_AUTH_TIMEOUT),
258 ALLOW_WHILE_ON_BODY = convert_to_eat_claim(KM_TAG_ALLOW_WHILE_ON_BODY),
259 TRUSTED_USER_PRESENCE_REQUIRED = convert_to_eat_claim(KM_TAG_TRUSTED_USER_PRESENCE_REQUIRED),
260 TRUSTED_CONFIRMATION_REQUIRED = convert_to_eat_claim(KM_TAG_TRUSTED_CONFIRMATION_REQUIRED),
261 UNLOCKED_DEVICE_REQUIRED = convert_to_eat_claim(KM_TAG_UNLOCKED_DEVICE_REQUIRED),
262 ALL_APPLICATIONS = convert_to_eat_claim(KM_TAG_ALL_APPLICATIONS),
263 APPLICATION_ID = convert_to_eat_claim(KM_TAG_APPLICATION_ID),
264 ORIGIN = convert_to_eat_claim(KM_TAG_ORIGIN),
265 ROLLBACK_RESISTANT = convert_to_eat_claim(KM_TAG_ROLLBACK_RESISTANT),
266 OS_VERSION = convert_to_eat_claim(KM_TAG_OS_VERSION),
267 OS_PATCHLEVEL = convert_to_eat_claim(KM_TAG_OS_PATCHLEVEL),
268 ATTESTATION_APPLICATION_ID = convert_to_eat_claim(KM_TAG_ATTESTATION_APPLICATION_ID),
269 ATTESTATION_ID_BRAND = convert_to_eat_claim(KM_TAG_ATTESTATION_ID_BRAND),
270 ATTESTATION_ID_DEVICE = convert_to_eat_claim(KM_TAG_ATTESTATION_ID_DEVICE),
271 ATTESTATION_ID_PRODUCT = convert_to_eat_claim(KM_TAG_ATTESTATION_ID_PRODUCT),
272 ATTESTATION_ID_SERIAL = convert_to_eat_claim(KM_TAG_ATTESTATION_ID_SERIAL),
273 ATTESTATION_ID_MEID = convert_to_eat_claim(KM_TAG_ATTESTATION_ID_MEID),
274 ATTESTATION_ID_MANUFACTURER = convert_to_eat_claim(KM_TAG_ATTESTATION_ID_MANUFACTURER),
275 VENDOR_PATCHLEVEL = convert_to_eat_claim(KM_TAG_VENDOR_PATCHLEVEL),
276 BOOT_PATCHLEVEL = convert_to_eat_claim(KM_TAG_BOOT_PATCHLEVEL),
277 ATTESTATION_ID_MODEL = convert_to_eat_claim(KM_TAG_ATTESTATION_ID_MODEL),
278 DEVICE_UNIQUE_ATTESTATION = convert_to_eat_claim(KM_TAG_DEVICE_UNIQUE_ATTESTATION),
279 IDENTITY_CREDENTIAL_KEY = convert_to_eat_claim(KM_TAG_IDENTITY_CREDENTIAL_KEY),
280 STORAGE_KEY = convert_to_eat_claim(KM_TAG_STORAGE_KEY),
281 CONFIRMATION_TOKEN = convert_to_eat_claim(KM_TAG_CONFIRMATION_TOKEN),
282
283 // Claims specific to Android that do not exist as Keymint tags.
284
285 VERIFIED_BOOT_KEY = EAT_CLAIM_PRIVATE_NON_KM_BASE - 1,
286 DEVICE_LOCKED = EAT_CLAIM_PRIVATE_NON_KM_BASE - 2,
287 VERIFIED_BOOT_HASH = EAT_CLAIM_PRIVATE_NON_KM_BASE - 3,
288 ATTESTATION_VERSION = EAT_CLAIM_PRIVATE_NON_KM_BASE - 4,
289 KEYMASTER_VERSION = EAT_CLAIM_PRIVATE_NON_KM_BASE - 5,
290 OFFICIAL_BUILD = EAT_CLAIM_PRIVATE_NON_KM_BASE - 6,
291 };
292
293 enum class EatSecurityLevel {
294 UNRESTRICTED = 1,
295 RESTRICTED = 2,
296 SECURE_RESTRICTED = 3,
297 HARDWARE = 4,
298 };
299
300 enum class EatEcCurve {
301 P_224 = KM_EC_CURVE_P_224,
302 P_256 = KM_EC_CURVE_P_256,
303 P_384 = KM_EC_CURVE_P_384,
304 P_521 = KM_EC_CURVE_P_521,
305 };
306
307 static const char kEatSubmodNameSoftware[] = "software";
308 static const char kEatSubmodNameTee[] = "tee";
309
310 constexpr size_t kImeiBlobLength = 15;
311 constexpr size_t kUeidLength = 15;
312 constexpr uint8_t kImeiTypeByte = 0x03;
313
314 /**
315 * The OID for Android attestation records. For the curious, it breaks down as follows:
316 *
317 * 1 = ISO
318 * 3 = org
319 * 6 = DoD (Huh? OIDs are weird.)
320 * 1 = IANA
321 * 4 = Private
322 * 1 = Enterprises
323 * 11129 = Google
324 * 2 = Google security
325 * 1 = certificate extension
326 * 17 / 25 = ASN.1 attestation extension / EAT attestation extension
327 */
328 static const char kAsn1TokenOid[] = "1.3.6.1.4.1.11129.2.1.17";
329 static const char kEatTokenOid[] = "1.3.6.1.4.1.11129.2.1.25";
330
331 // This build_attestation_record sets the keymaster version to the default
332 // value, and chooses the correct attestation extension (ASN.1 or EAT) based
333 // on that value.
334 keymaster_error_t build_attestation_record(const AuthorizationSet& attestation_params,
335 AuthorizationSet software_enforced,
336 AuthorizationSet tee_enforced,
337 const AttestationContext& context,
338 UniquePtr<uint8_t[]>* asn1_key_desc,
339 size_t* asn1_key_desc_len);
340
341 // Builds EAT record, with the same values as the attestation record above,
342 // but encoded as a CBOR (EAT) structure rather than an ASN.1 structure.
343 keymaster_error_t build_eat_record(const AuthorizationSet& attestation_params,
344 AuthorizationSet software_enforced,
345 AuthorizationSet tee_enforced, //
346 const AttestationContext& context, //
347 std::vector<uint8_t>* eat_token);
348
349 // Builds the input to HMAC-SHA256 for unique ID generation.
350 std::vector<uint8_t> build_unique_id_input(uint64_t creation_date_time,
351 const keymaster_blob_t& application_id,
352 bool reset_since_rotation);
353
354 // Builds a unique ID of size UNIQUE_ID_SIZE from the given inputs.
355 Buffer generate_unique_id(const std::vector<uint8_t>& hbk, uint64_t creation_date_time,
356 const keymaster_blob_t& application_id, bool reset_since_rotation);
357
358 /**
359 * Helper functions for attestation record tests. Caller takes ownership of
360 * |attestation_challenge->data| and |unique_id->data|, deallocate using delete[].
361 */
362 keymaster_error_t parse_attestation_record(const uint8_t* asn1_key_desc, size_t asn1_key_desc_len,
363 uint32_t* attestation_version, //
364 keymaster_security_level_t* attestation_security_level,
365 uint32_t* keymaster_version,
366 keymaster_security_level_t* keymaster_security_level,
367 keymaster_blob_t* attestation_challenge,
368 AuthorizationSet* software_enforced,
369 AuthorizationSet* tee_enforced,
370 keymaster_blob_t* unique_id);
371
372 /**
373 * Caller takes ownership of |verified_boot_key->data|, deallocate using delete[].
374 */
375 keymaster_error_t parse_root_of_trust(const uint8_t* asn1_key_desc, size_t asn1_key_desc_len,
376 keymaster_blob_t* verified_boot_key,
377 keymaster_verified_boot_t* verified_boot_state,
378 bool* device_locked);
379
380 keymaster_error_t build_eat_submod(const AuthorizationSet& auth_list,
381 EatSecurityLevel security_level, cppbor::Map* submod);
382
383 keymaster_error_t build_auth_list(const AuthorizationSet& auth_list, KM_AUTH_LIST* record);
384
385 keymaster_error_t parse_eat_record(
386 const uint8_t* eat_key_desc, size_t eat_key_desc_len, uint32_t* attestation_version,
387 keymaster_security_level_t* attestation_security_level, uint32_t* keymaster_version,
388 keymaster_security_level_t* keymaster_security_level, keymaster_blob_t* attestation_challenge,
389 AuthorizationSet* software_enforced, AuthorizationSet* tee_enforced,
390 keymaster_blob_t* unique_id, keymaster_blob_t* verified_boot_key,
391 keymaster_verified_boot_t* verified_boot_state, bool* device_locked,
392 std::vector<int64_t>* unexpected_claims);
393
394 keymaster_error_t parse_eat_submod(const cppbor::Map* submod_values,
395 AuthorizationSet* software_enforced,
396 AuthorizationSet* tee_enforced);
397
398 keymaster_error_t extract_auth_list(const KM_AUTH_LIST* record, AuthorizationSet* auth_list);
399
400 /**
401 * Convert a KeymasterContext::Version to the keymaster version number used in attestations.
402 */
version_to_attestation_km_version(KmVersion version)403 inline static uint version_to_attestation_km_version(KmVersion version) {
404 switch (version) {
405 default:
406 case KmVersion::KEYMASTER_1:
407 case KmVersion::KEYMASTER_1_1:
408 return 0; // Attestation not actually supported.
409 case KmVersion::KEYMASTER_2:
410 return 2;
411 case KmVersion::KEYMASTER_3:
412 return 3;
413 case KmVersion::KEYMASTER_4:
414 return 4;
415 case KmVersion::KEYMASTER_4_1:
416 return 41;
417 case KmVersion::KEYMINT_1:
418 return 100;
419 }
420 }
421
422 /**
423 * Convert a KeymasterContext::Version to the corresponding attestation format version number.
424 */
version_to_attestation_version(KmVersion version)425 inline static uint version_to_attestation_version(KmVersion version) {
426 switch (version) {
427 default:
428 case KmVersion::KEYMASTER_1:
429 return 0; // Attestation not actually supported.
430 case KmVersion::KEYMASTER_2:
431 return 1;
432 case KmVersion::KEYMASTER_3:
433 return 2;
434 case KmVersion::KEYMASTER_4:
435 return 3;
436 case KmVersion::KEYMASTER_4_1:
437 return 4;
438 case KmVersion::KEYMINT_1:
439 return 100;
440 }
441 }
442
443 } // namespace keymaster
444