1 /*
2 * Copyright 2016 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #pragma once
18
19 #include <hardware/keymaster_defs.h>
20
21 #include <keymaster/authorization_set.h>
22 #include <keymaster/km_version.h>
23
24 #include <cppbor.h>
25 #include <openssl/asn1t.h>
26
27 #include <vector>
28
29 #define remove_type_mask(tag) ((tag)&0x0FFFFFFF)
30
31 namespace keymaster {
32
33 class AttestationContext;
34
35 constexpr KmVersion kCurrentKmVersion = KmVersion::KEYMASTER_4_1;
36
37 // Size (in bytes) of generated UNIQUE_ID values.
38 constexpr int UNIQUE_ID_SIZE = 16;
39
40 constexpr int EAT_CLAIM_PRIVATE_BASE = -80000;
41 constexpr int EAT_CLAIM_PRIVATE_NON_KM_BASE = EAT_CLAIM_PRIVATE_BASE - 2000;
42
convert_to_eat_claim(keymaster_tag_t tag)43 constexpr int64_t convert_to_eat_claim(keymaster_tag_t tag) {
44 return EAT_CLAIM_PRIVATE_BASE - remove_type_mask(tag);
45 }
46
47 struct stack_st_ASN1_TYPE_Delete {
operatorstack_st_ASN1_TYPE_Delete48 void operator()(stack_st_ASN1_TYPE* p) { sk_ASN1_TYPE_free(p); }
49 };
50
51 struct ASN1_STRING_Delete {
operatorASN1_STRING_Delete52 void operator()(ASN1_STRING* p) { ASN1_STRING_free(p); }
53 };
54
55 struct ASN1_TYPE_Delete {
operatorASN1_TYPE_Delete56 void operator()(ASN1_TYPE* p) { ASN1_TYPE_free(p); }
57 };
58
59 #define ASN1_INTEGER_SET STACK_OF(ASN1_INTEGER)
60
61 typedef struct km_root_of_trust {
62 ASN1_OCTET_STRING* verified_boot_key;
63 ASN1_BOOLEAN device_locked;
64 ASN1_ENUMERATED* verified_boot_state;
65 ASN1_OCTET_STRING* verified_boot_hash;
66 } KM_ROOT_OF_TRUST;
67
68 ASN1_SEQUENCE(KM_ROOT_OF_TRUST) = {
69 ASN1_SIMPLE(KM_ROOT_OF_TRUST, verified_boot_key, ASN1_OCTET_STRING),
70 ASN1_SIMPLE(KM_ROOT_OF_TRUST, device_locked, ASN1_BOOLEAN),
71 ASN1_SIMPLE(KM_ROOT_OF_TRUST, verified_boot_state, ASN1_ENUMERATED),
72 ASN1_SIMPLE(KM_ROOT_OF_TRUST, verified_boot_hash, ASN1_OCTET_STRING),
73 } ASN1_SEQUENCE_END(KM_ROOT_OF_TRUST);
74 DECLARE_ASN1_FUNCTIONS(KM_ROOT_OF_TRUST);
75
76 // Fields ordered in tag order.
77 typedef struct km_auth_list {
78 ASN1_INTEGER_SET* purpose;
79 ASN1_INTEGER* algorithm;
80 ASN1_INTEGER* key_size;
81 ASN1_INTEGER_SET* block_mode;
82 ASN1_INTEGER_SET* digest;
83 ASN1_INTEGER_SET* padding;
84 ASN1_NULL* caller_nonce;
85 ASN1_INTEGER* min_mac_length;
86 ASN1_INTEGER_SET* kdf;
87 ASN1_INTEGER* ec_curve;
88 ASN1_INTEGER* rsa_public_exponent;
89 ASN1_INTEGER_SET* mgf_digest;
90 ASN1_NULL* rollback_resistance;
91 ASN1_NULL* early_boot_only;
92 ASN1_INTEGER* active_date_time;
93 ASN1_INTEGER* origination_expire_date_time;
94 ASN1_INTEGER* usage_expire_date_time;
95 ASN1_INTEGER* usage_count_limit;
96 ASN1_NULL* no_auth_required;
97 ASN1_INTEGER* user_auth_type;
98 ASN1_INTEGER* auth_timeout;
99 ASN1_NULL* allow_while_on_body;
100 ASN1_NULL* trusted_user_presence_required;
101 ASN1_NULL* trusted_confirmation_required;
102 ASN1_NULL* unlocked_device_required;
103 ASN1_NULL* all_applications;
104 ASN1_OCTET_STRING* application_id;
105 ASN1_INTEGER* creation_date_time;
106 ASN1_INTEGER* origin;
107 ASN1_NULL* rollback_resistant;
108 KM_ROOT_OF_TRUST* root_of_trust;
109 ASN1_INTEGER* os_version;
110 ASN1_INTEGER* os_patchlevel;
111 ASN1_OCTET_STRING* attestation_application_id;
112 ASN1_OCTET_STRING* attestation_id_brand;
113 ASN1_OCTET_STRING* attestation_id_device;
114 ASN1_OCTET_STRING* attestation_id_product;
115 ASN1_OCTET_STRING* attestation_id_serial;
116 ASN1_OCTET_STRING* attestation_id_imei;
117 ASN1_OCTET_STRING* attestation_id_meid;
118 ASN1_OCTET_STRING* attestation_id_manufacturer;
119 ASN1_OCTET_STRING* attestation_id_model;
120 ASN1_INTEGER* vendor_patchlevel;
121 ASN1_INTEGER* boot_patch_level;
122 ASN1_NULL* device_unique_attestation;
123 ASN1_NULL* identity_credential_key;
124 ASN1_OCTET_STRING* attestation_id_second_imei;
125 } KM_AUTH_LIST;
126
127 ASN1_SEQUENCE(KM_AUTH_LIST) = {
128 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, purpose, ASN1_INTEGER, TAG_PURPOSE.masked_tag()),
129 ASN1_EXP_OPT(KM_AUTH_LIST, algorithm, ASN1_INTEGER, TAG_ALGORITHM.masked_tag()),
130 ASN1_EXP_OPT(KM_AUTH_LIST, key_size, ASN1_INTEGER, TAG_KEY_SIZE.masked_tag()),
131 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, block_mode, ASN1_INTEGER, TAG_BLOCK_MODE.masked_tag()),
132 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, digest, ASN1_INTEGER, TAG_DIGEST.masked_tag()),
133 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, padding, ASN1_INTEGER, TAG_PADDING.masked_tag()),
134 ASN1_EXP_OPT(KM_AUTH_LIST, caller_nonce, ASN1_NULL, TAG_CALLER_NONCE.masked_tag()),
135 ASN1_EXP_OPT(KM_AUTH_LIST, min_mac_length, ASN1_INTEGER, TAG_MIN_MAC_LENGTH.masked_tag()),
136 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, kdf, ASN1_INTEGER, TAG_KDF.masked_tag()),
137 ASN1_EXP_OPT(KM_AUTH_LIST, ec_curve, ASN1_INTEGER, TAG_EC_CURVE.masked_tag()),
138 ASN1_EXP_OPT(KM_AUTH_LIST, rsa_public_exponent, ASN1_INTEGER,
139 TAG_RSA_PUBLIC_EXPONENT.masked_tag()),
140 ASN1_EXP_SET_OF_OPT(KM_AUTH_LIST, mgf_digest, ASN1_INTEGER,
141 TAG_RSA_OAEP_MGF_DIGEST.masked_tag()),
142 ASN1_EXP_OPT(KM_AUTH_LIST, rollback_resistance, ASN1_NULL,
143 TAG_ROLLBACK_RESISTANCE.masked_tag()),
144 ASN1_EXP_OPT(KM_AUTH_LIST, early_boot_only, ASN1_NULL, TAG_EARLY_BOOT_ONLY.masked_tag()),
145 ASN1_EXP_OPT(KM_AUTH_LIST, active_date_time, ASN1_INTEGER, TAG_ACTIVE_DATETIME.masked_tag()),
146 ASN1_EXP_OPT(KM_AUTH_LIST, origination_expire_date_time, ASN1_INTEGER,
147 TAG_ORIGINATION_EXPIRE_DATETIME.masked_tag()),
148 ASN1_EXP_OPT(KM_AUTH_LIST, usage_expire_date_time, ASN1_INTEGER,
149 TAG_USAGE_EXPIRE_DATETIME.masked_tag()),
150 ASN1_EXP_OPT(KM_AUTH_LIST, usage_count_limit, ASN1_INTEGER, TAG_USAGE_COUNT_LIMIT.masked_tag()),
151 ASN1_EXP_OPT(KM_AUTH_LIST, no_auth_required, ASN1_NULL, TAG_NO_AUTH_REQUIRED.masked_tag()),
152 ASN1_EXP_OPT(KM_AUTH_LIST, user_auth_type, ASN1_INTEGER, TAG_USER_AUTH_TYPE.masked_tag()),
153 ASN1_EXP_OPT(KM_AUTH_LIST, auth_timeout, ASN1_INTEGER, TAG_AUTH_TIMEOUT.masked_tag()),
154 ASN1_EXP_OPT(KM_AUTH_LIST, allow_while_on_body, ASN1_NULL,
155 TAG_ALLOW_WHILE_ON_BODY.masked_tag()),
156 ASN1_EXP_OPT(KM_AUTH_LIST, trusted_user_presence_required, ASN1_NULL,
157 TAG_TRUSTED_USER_PRESENCE_REQUIRED.masked_tag()),
158 ASN1_EXP_OPT(KM_AUTH_LIST, trusted_confirmation_required, ASN1_NULL,
159 TAG_TRUSTED_CONFIRMATION_REQUIRED.masked_tag()),
160 ASN1_EXP_OPT(KM_AUTH_LIST, unlocked_device_required, ASN1_NULL,
161 TAG_UNLOCKED_DEVICE_REQUIRED.masked_tag()),
162 ASN1_EXP_OPT(KM_AUTH_LIST, all_applications, ASN1_NULL, TAG_ALL_APPLICATIONS.masked_tag()),
163 ASN1_EXP_OPT(KM_AUTH_LIST, application_id, ASN1_OCTET_STRING, TAG_APPLICATION_ID.masked_tag()),
164 ASN1_EXP_OPT(KM_AUTH_LIST, creation_date_time, ASN1_INTEGER,
165 TAG_CREATION_DATETIME.masked_tag()),
166 ASN1_EXP_OPT(KM_AUTH_LIST, origin, ASN1_INTEGER, TAG_ORIGIN.masked_tag()),
167 ASN1_EXP_OPT(KM_AUTH_LIST, rollback_resistant, ASN1_NULL, TAG_ROLLBACK_RESISTANT.masked_tag()),
168 ASN1_EXP_OPT(KM_AUTH_LIST, root_of_trust, KM_ROOT_OF_TRUST, TAG_ROOT_OF_TRUST.masked_tag()),
169 ASN1_EXP_OPT(KM_AUTH_LIST, os_version, ASN1_INTEGER, TAG_OS_VERSION.masked_tag()),
170 ASN1_EXP_OPT(KM_AUTH_LIST, os_patchlevel, ASN1_INTEGER, TAG_OS_PATCHLEVEL.masked_tag()),
171 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_application_id, ASN1_OCTET_STRING,
172 TAG_ATTESTATION_APPLICATION_ID.masked_tag()),
173 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_brand, ASN1_OCTET_STRING,
174 TAG_ATTESTATION_ID_BRAND.masked_tag()),
175 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_device, ASN1_OCTET_STRING,
176 TAG_ATTESTATION_ID_DEVICE.masked_tag()),
177 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_product, ASN1_OCTET_STRING,
178 TAG_ATTESTATION_ID_PRODUCT.masked_tag()),
179 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_serial, ASN1_OCTET_STRING,
180 TAG_ATTESTATION_ID_SERIAL.masked_tag()),
181 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_imei, ASN1_OCTET_STRING,
182 TAG_ATTESTATION_ID_IMEI.masked_tag()),
183 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_meid, ASN1_OCTET_STRING,
184 TAG_ATTESTATION_ID_MEID.masked_tag()),
185 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_manufacturer, ASN1_OCTET_STRING,
186 TAG_ATTESTATION_ID_MANUFACTURER.masked_tag()),
187 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_model, ASN1_OCTET_STRING,
188 TAG_ATTESTATION_ID_MODEL.masked_tag()),
189 ASN1_EXP_OPT(KM_AUTH_LIST, vendor_patchlevel, ASN1_INTEGER, TAG_VENDOR_PATCHLEVEL.masked_tag()),
190 ASN1_EXP_OPT(KM_AUTH_LIST, boot_patch_level, ASN1_INTEGER, TAG_BOOT_PATCHLEVEL.masked_tag()),
191 ASN1_EXP_OPT(KM_AUTH_LIST, device_unique_attestation, ASN1_NULL,
192 TAG_DEVICE_UNIQUE_ATTESTATION.masked_tag()),
193 ASN1_EXP_OPT(KM_AUTH_LIST, identity_credential_key, ASN1_NULL,
194 TAG_IDENTITY_CREDENTIAL_KEY.masked_tag()),
195 ASN1_EXP_OPT(KM_AUTH_LIST, attestation_id_second_imei, ASN1_OCTET_STRING,
196 TAG_ATTESTATION_ID_SECOND_IMEI.masked_tag()),
197 } ASN1_SEQUENCE_END(KM_AUTH_LIST);
198 DECLARE_ASN1_FUNCTIONS(KM_AUTH_LIST);
199
200 typedef struct km_key_description {
201 ASN1_INTEGER* attestation_version;
202 ASN1_ENUMERATED* attestation_security_level;
203 ASN1_INTEGER* keymaster_version;
204 ASN1_ENUMERATED* keymaster_security_level;
205 ASN1_OCTET_STRING* attestation_challenge;
206 KM_AUTH_LIST* software_enforced;
207 KM_AUTH_LIST* tee_enforced;
208 ASN1_OCTET_STRING* unique_id;
209 } KM_KEY_DESCRIPTION;
210
211 ASN1_SEQUENCE(KM_KEY_DESCRIPTION) = {
212 ASN1_SIMPLE(KM_KEY_DESCRIPTION, attestation_version, ASN1_INTEGER),
213 ASN1_SIMPLE(KM_KEY_DESCRIPTION, attestation_security_level, ASN1_ENUMERATED),
214 ASN1_SIMPLE(KM_KEY_DESCRIPTION, keymaster_version, ASN1_INTEGER),
215 ASN1_SIMPLE(KM_KEY_DESCRIPTION, keymaster_security_level, ASN1_ENUMERATED),
216 ASN1_SIMPLE(KM_KEY_DESCRIPTION, attestation_challenge, ASN1_OCTET_STRING),
217 ASN1_SIMPLE(KM_KEY_DESCRIPTION, unique_id, ASN1_OCTET_STRING),
218 ASN1_SIMPLE(KM_KEY_DESCRIPTION, software_enforced, KM_AUTH_LIST),
219 ASN1_SIMPLE(KM_KEY_DESCRIPTION, tee_enforced, KM_AUTH_LIST),
220 } ASN1_SEQUENCE_END(KM_KEY_DESCRIPTION);
221 DECLARE_ASN1_FUNCTIONS(KM_KEY_DESCRIPTION);
222
223 enum class EatClaim {
224
225 // Official CWT claims, as defined in https://www.iana.org/assignments/cwt/cwt.xhtml
226
227 IAT = 6,
228 CTI = 7,
229
230 // Claims defined in
231 // https://github.com/laurencelundblade/ctoken/blob/master/inc/ctoken_eat_labels.h, by the
232 // author of the EAT standard, and in the ARM PSA. They should be considered stable at least
233 // until the standard is officially published.
234
235 UEID = -75009,
236 NONCE = -75008,
237 SECURITY_LEVEL = -76002,
238 BOOT_STATE = -76003,
239 SUBMODS = -76000,
240
241 // Claims specific to Android, and not part of the official EAT standard.
242
243 PURPOSE = convert_to_eat_claim(KM_TAG_PURPOSE),
244 ALGORITHM = convert_to_eat_claim(KM_TAG_ALGORITHM),
245 KEY_SIZE = convert_to_eat_claim(KM_TAG_KEY_SIZE),
246 BLOCK_MODE = convert_to_eat_claim(KM_TAG_BLOCK_MODE),
247 DIGEST = convert_to_eat_claim(KM_TAG_DIGEST),
248 PADDING = convert_to_eat_claim(KM_TAG_PADDING),
249 // TODO: Check if CALLER_NONCE is needed (see go/keymint-eat)
250 CALLER_NONCE = convert_to_eat_claim(KM_TAG_CALLER_NONCE),
251 MIN_MAC_LENGTH = convert_to_eat_claim(KM_TAG_MIN_MAC_LENGTH),
252 EC_CURVE = convert_to_eat_claim(KM_TAG_EC_CURVE),
253 RSA_PUBLIC_EXPONENT = convert_to_eat_claim(KM_TAG_RSA_PUBLIC_EXPONENT),
254 EARLY_BOOT_ONLY = convert_to_eat_claim(KM_TAG_EARLY_BOOT_ONLY),
255 ACTIVE_DATETIME = convert_to_eat_claim(KM_TAG_ACTIVE_DATETIME),
256 ORIGINATION_EXPIRE_DATETIME = convert_to_eat_claim(KM_TAG_ORIGINATION_EXPIRE_DATETIME),
257 USAGE_EXPIRE_DATETIME = convert_to_eat_claim(KM_TAG_USAGE_EXPIRE_DATETIME),
258 NO_AUTH_REQUIRED = convert_to_eat_claim(KM_TAG_NO_AUTH_REQUIRED),
259 USER_AUTH_TYPE = convert_to_eat_claim(KM_TAG_USER_AUTH_TYPE),
260 AUTH_TIMEOUT = convert_to_eat_claim(KM_TAG_AUTH_TIMEOUT),
261 ALLOW_WHILE_ON_BODY = convert_to_eat_claim(KM_TAG_ALLOW_WHILE_ON_BODY),
262 TRUSTED_USER_PRESENCE_REQUIRED = convert_to_eat_claim(KM_TAG_TRUSTED_USER_PRESENCE_REQUIRED),
263 TRUSTED_CONFIRMATION_REQUIRED = convert_to_eat_claim(KM_TAG_TRUSTED_CONFIRMATION_REQUIRED),
264 UNLOCKED_DEVICE_REQUIRED = convert_to_eat_claim(KM_TAG_UNLOCKED_DEVICE_REQUIRED),
265 ALL_APPLICATIONS = convert_to_eat_claim(KM_TAG_ALL_APPLICATIONS),
266 APPLICATION_ID = convert_to_eat_claim(KM_TAG_APPLICATION_ID),
267 ORIGIN = convert_to_eat_claim(KM_TAG_ORIGIN),
268 ROLLBACK_RESISTANT = convert_to_eat_claim(KM_TAG_ROLLBACK_RESISTANT),
269 OS_VERSION = convert_to_eat_claim(KM_TAG_OS_VERSION),
270 OS_PATCHLEVEL = convert_to_eat_claim(KM_TAG_OS_PATCHLEVEL),
271 ATTESTATION_APPLICATION_ID = convert_to_eat_claim(KM_TAG_ATTESTATION_APPLICATION_ID),
272 ATTESTATION_ID_BRAND = convert_to_eat_claim(KM_TAG_ATTESTATION_ID_BRAND),
273 ATTESTATION_ID_DEVICE = convert_to_eat_claim(KM_TAG_ATTESTATION_ID_DEVICE),
274 ATTESTATION_ID_PRODUCT = convert_to_eat_claim(KM_TAG_ATTESTATION_ID_PRODUCT),
275 ATTESTATION_ID_SERIAL = convert_to_eat_claim(KM_TAG_ATTESTATION_ID_SERIAL),
276 ATTESTATION_ID_MEID = convert_to_eat_claim(KM_TAG_ATTESTATION_ID_MEID),
277 ATTESTATION_ID_MANUFACTURER = convert_to_eat_claim(KM_TAG_ATTESTATION_ID_MANUFACTURER),
278 VENDOR_PATCHLEVEL = convert_to_eat_claim(KM_TAG_VENDOR_PATCHLEVEL),
279 BOOT_PATCHLEVEL = convert_to_eat_claim(KM_TAG_BOOT_PATCHLEVEL),
280 ATTESTATION_ID_MODEL = convert_to_eat_claim(KM_TAG_ATTESTATION_ID_MODEL),
281 DEVICE_UNIQUE_ATTESTATION = convert_to_eat_claim(KM_TAG_DEVICE_UNIQUE_ATTESTATION),
282 IDENTITY_CREDENTIAL_KEY = convert_to_eat_claim(KM_TAG_IDENTITY_CREDENTIAL_KEY),
283 STORAGE_KEY = convert_to_eat_claim(KM_TAG_STORAGE_KEY),
284 CONFIRMATION_TOKEN = convert_to_eat_claim(KM_TAG_CONFIRMATION_TOKEN),
285
286 // Claims specific to Android that do not exist as Keymint tags.
287
288 VERIFIED_BOOT_KEY = EAT_CLAIM_PRIVATE_NON_KM_BASE - 1,
289 DEVICE_LOCKED = EAT_CLAIM_PRIVATE_NON_KM_BASE - 2,
290 VERIFIED_BOOT_HASH = EAT_CLAIM_PRIVATE_NON_KM_BASE - 3,
291 ATTESTATION_VERSION = EAT_CLAIM_PRIVATE_NON_KM_BASE - 4,
292 KEYMASTER_VERSION = EAT_CLAIM_PRIVATE_NON_KM_BASE - 5,
293 OFFICIAL_BUILD = EAT_CLAIM_PRIVATE_NON_KM_BASE - 6,
294 };
295
296 enum class EatSecurityLevel {
297 UNRESTRICTED = 1,
298 RESTRICTED = 2,
299 SECURE_RESTRICTED = 3,
300 HARDWARE = 4,
301 };
302
303 enum class EatEcCurve {
304 P_224 = KM_EC_CURVE_P_224,
305 P_256 = KM_EC_CURVE_P_256,
306 P_384 = KM_EC_CURVE_P_384,
307 P_521 = KM_EC_CURVE_P_521,
308 };
309
310 static const char kEatSubmodNameSoftware[] = "software";
311 static const char kEatSubmodNameTee[] = "tee";
312
313 constexpr size_t kImeiBlobLength = 15;
314 constexpr size_t kUeidLength = 15;
315 constexpr uint8_t kImeiTypeByte = 0x03;
316
317 /**
318 * The OID for Android attestation records. For the curious, it breaks down as follows:
319 *
320 * 1 = ISO
321 * 3 = org
322 * 6 = DoD (Huh? OIDs are weird.)
323 * 1 = IANA
324 * 4 = Private
325 * 1 = Enterprises
326 * 11129 = Google
327 * 2 = Google security
328 * 1 = certificate extension
329 * 17 / 25 = ASN.1 attestation extension / EAT attestation extension
330 */
331 static const char kAsn1TokenOid[] = "1.3.6.1.4.1.11129.2.1.17";
332 static const char kEatTokenOid[] = "1.3.6.1.4.1.11129.2.1.25";
333
334 // This build_attestation_record sets the keymaster version to the default
335 // value, and chooses the correct attestation extension (ASN.1 or EAT) based
336 // on that value.
337 keymaster_error_t build_attestation_record(const AuthorizationSet& attestation_params,
338 AuthorizationSet software_enforced,
339 AuthorizationSet tee_enforced,
340 const AttestationContext& context,
341 UniquePtr<uint8_t[]>* asn1_key_desc,
342 size_t* asn1_key_desc_len);
343
344 // Builds EAT record, with the same values as the attestation record above,
345 // but encoded as a CBOR (EAT) structure rather than an ASN.1 structure.
346 keymaster_error_t build_eat_record(const AuthorizationSet& attestation_params,
347 AuthorizationSet software_enforced,
348 AuthorizationSet tee_enforced, //
349 const AttestationContext& context, //
350 std::vector<uint8_t>* eat_token);
351
352 // Builds the input to HMAC-SHA256 for unique ID generation.
353 keymaster_error_t build_unique_id_input(uint64_t creation_date_time,
354 const keymaster_blob_t& application_id,
355 bool reset_since_rotation, Buffer* input_data);
356
357 // Builds a unique ID of size UNIQUE_ID_SIZE from the given inputs.
358 keymaster_error_t generate_unique_id(const std::vector<uint8_t>& hbk, uint64_t creation_date_time,
359 const keymaster_blob_t& application_id,
360 bool reset_since_rotation, Buffer* unique_id);
361
362 /**
363 * Helper functions for attestation record tests. Caller takes ownership of
364 * |attestation_challenge->data| and |unique_id->data|, deallocate using delete[].
365 */
366 keymaster_error_t parse_attestation_record(const uint8_t* asn1_key_desc, size_t asn1_key_desc_len,
367 uint32_t* attestation_version, //
368 keymaster_security_level_t* attestation_security_level,
369 uint32_t* keymaster_version,
370 keymaster_security_level_t* keymaster_security_level,
371 keymaster_blob_t* attestation_challenge,
372 AuthorizationSet* software_enforced,
373 AuthorizationSet* tee_enforced,
374 keymaster_blob_t* unique_id);
375
376 /**
377 * Caller takes ownership of |verified_boot_key->data|, deallocate using delete[].
378 */
379 keymaster_error_t parse_root_of_trust(const uint8_t* asn1_key_desc, size_t asn1_key_desc_len,
380 keymaster_blob_t* verified_boot_key,
381 keymaster_verified_boot_t* verified_boot_state,
382 bool* device_locked);
383
384 keymaster_error_t build_eat_submod(const AuthorizationSet& auth_list,
385 EatSecurityLevel security_level, cppbor::Map* submod);
386
387 keymaster_error_t build_auth_list(const AuthorizationSet& auth_list, KM_AUTH_LIST* record);
388
389 keymaster_error_t parse_eat_record(
390 const uint8_t* eat_key_desc, size_t eat_key_desc_len, uint32_t* attestation_version,
391 keymaster_security_level_t* attestation_security_level, uint32_t* keymaster_version,
392 keymaster_security_level_t* keymaster_security_level, keymaster_blob_t* attestation_challenge,
393 AuthorizationSet* software_enforced, AuthorizationSet* tee_enforced,
394 keymaster_blob_t* unique_id, keymaster_blob_t* verified_boot_key,
395 keymaster_verified_boot_t* verified_boot_state, bool* device_locked,
396 std::vector<int64_t>* unexpected_claims);
397
398 keymaster_error_t parse_eat_submod(const cppbor::Map* submod_values,
399 AuthorizationSet* software_enforced,
400 AuthorizationSet* tee_enforced);
401
402 keymaster_error_t extract_auth_list(const KM_AUTH_LIST* record, AuthorizationSet* auth_list);
403
404 /**
405 * Convert a KeymasterContext::Version to the keymaster version number used in attestations.
406 */
version_to_attestation_km_version(KmVersion version)407 inline static uint32_t version_to_attestation_km_version(KmVersion version) {
408 switch (version) {
409 default:
410 case KmVersion::KEYMASTER_1:
411 case KmVersion::KEYMASTER_1_1:
412 return 0; // Attestation not actually supported.
413 case KmVersion::KEYMASTER_2:
414 return 2;
415 case KmVersion::KEYMASTER_3:
416 return 3;
417 case KmVersion::KEYMASTER_4:
418 return 4;
419 case KmVersion::KEYMASTER_4_1:
420 return 41;
421 case KmVersion::KEYMINT_1:
422 return 100;
423 case KmVersion::KEYMINT_2:
424 return 200;
425 case KmVersion::KEYMINT_3:
426 return 300;
427 }
428 }
429
430 /**
431 * Convert a KeymasterContext::Version to the corresponding attestation format version number.
432 */
version_to_attestation_version(KmVersion version)433 inline static uint32_t version_to_attestation_version(KmVersion version) {
434 switch (version) {
435 default:
436 case KmVersion::KEYMASTER_1:
437 return 0; // Attestation not actually supported.
438 case KmVersion::KEYMASTER_2:
439 return 1;
440 case KmVersion::KEYMASTER_3:
441 return 2;
442 case KmVersion::KEYMASTER_4:
443 return 3;
444 case KmVersion::KEYMASTER_4_1:
445 return 4;
446 case KmVersion::KEYMINT_1:
447 return 100;
448 case KmVersion::KEYMINT_2:
449 return 200;
450 case KmVersion::KEYMINT_3:
451 return 300;
452 }
453 }
454
455 } // namespace keymaster
456