Janis Danisevskis | 18f27ad | 2016-06-01 13:57:40 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2016 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | #ifndef KEYSTORE_KEYSTORE_ATTESTATION_ID_H_ |
| 18 | #define KEYSTORE_KEYSTORE_ATTESTATION_ID_H_ |
| 19 | |
| 20 | #include <utils/Errors.h> |
| 21 | #include <vector> |
| 22 | |
| 23 | namespace android { |
| 24 | namespace security { |
| 25 | |
Eran Messeri | 03fc4c8 | 2018-08-16 18:53:15 +0100 | [diff] [blame] | 26 | constexpr size_t KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE = 1024; |
| 27 | |
| 28 | namespace keymaster { |
| 29 | |
| 30 | class KeyAttestationApplicationId; |
| 31 | |
| 32 | } // namespace keymaster |
| 33 | |
Janis Danisevskis | 011675d | 2016-09-01 11:41:29 +0100 | [diff] [blame] | 34 | template <typename T> class StatusOr { |
| 35 | public: |
Chih-Hung Hsieh | 4fa39ef | 2019-01-04 13:34:17 -0800 | [diff] [blame] | 36 | // NOLINTNEXTLINE(google-explicit-constructor) |
Janis Danisevskis | 011675d | 2016-09-01 11:41:29 +0100 | [diff] [blame] | 37 | StatusOr(const status_t error) : _status(error), _value() {} |
Chih-Hung Hsieh | 4fa39ef | 2019-01-04 13:34:17 -0800 | [diff] [blame] | 38 | // NOLINTNEXTLINE(google-explicit-constructor) |
Janis Danisevskis | 011675d | 2016-09-01 11:41:29 +0100 | [diff] [blame] | 39 | StatusOr(const T& value) : _status(NO_ERROR), _value(value) {} |
Chih-Hung Hsieh | 4fa39ef | 2019-01-04 13:34:17 -0800 | [diff] [blame] | 40 | // NOLINTNEXTLINE(google-explicit-constructor) |
Janis Danisevskis | 011675d | 2016-09-01 11:41:29 +0100 | [diff] [blame] | 41 | StatusOr(T&& value) : _status(NO_ERROR), _value(value) {} |
| 42 | |
Chih-Hung Hsieh | 4fa39ef | 2019-01-04 13:34:17 -0800 | [diff] [blame] | 43 | // NOLINTNEXTLINE(google-explicit-constructor) |
Janis Danisevskis | 011675d | 2016-09-01 11:41:29 +0100 | [diff] [blame] | 44 | operator const T&() const { return _value; } |
Chih-Hung Hsieh | 4fa39ef | 2019-01-04 13:34:17 -0800 | [diff] [blame] | 45 | // NOLINTNEXTLINE(google-explicit-constructor) |
Janis Danisevskis | 011675d | 2016-09-01 11:41:29 +0100 | [diff] [blame] | 46 | operator T&() { return _value; } |
Chih-Hung Hsieh | 4fa39ef | 2019-01-04 13:34:17 -0800 | [diff] [blame] | 47 | // NOLINTNEXTLINE(google-explicit-constructor) |
Janis Danisevskis | 011675d | 2016-09-01 11:41:29 +0100 | [diff] [blame] | 48 | operator T &&() && { return std::move(_value); } |
| 49 | |
| 50 | bool isOk() const { return NO_ERROR == _status; } |
| 51 | |
| 52 | ::android::status_t status() const { return _status; } |
| 53 | |
| 54 | const T& value() const & { return _value; } |
| 55 | T& value() & { return _value; } |
| 56 | T&& value() && { return std::move(_value); } |
| 57 | |
| 58 | private: |
| 59 | ::android::status_t _status; |
| 60 | T _value; |
| 61 | }; |
| 62 | |
Janis Danisevskis | 18f27ad | 2016-06-01 13:57:40 -0700 | [diff] [blame] | 63 | /** |
| 64 | * Gathers the attestation id for the application determined by uid by querying the package manager |
Janis Danisevskis | 011675d | 2016-09-01 11:41:29 +0100 | [diff] [blame] | 65 | * As of this writing uids can be shared in android, which is why the asn.1 encoded attestation |
| 66 | * application id may contain more than one package info followed by a set of digests of the |
| 67 | * packages signing certificates. |
Janis Danisevskis | 18f27ad | 2016-06-01 13:57:40 -0700 | [diff] [blame] | 68 | * |
Janis Danisevskis | 011675d | 2016-09-01 11:41:29 +0100 | [diff] [blame] | 69 | * @returns the asn.1 encoded attestation application id or an error code. Check the result with |
| 70 | * .isOk() before accessing. |
Janis Danisevskis | 18f27ad | 2016-06-01 13:57:40 -0700 | [diff] [blame] | 71 | */ |
Janis Danisevskis | 011675d | 2016-09-01 11:41:29 +0100 | [diff] [blame] | 72 | StatusOr<std::vector<uint8_t>> gather_attestation_application_id(uid_t uid); |
Janis Danisevskis | 18f27ad | 2016-06-01 13:57:40 -0700 | [diff] [blame] | 73 | |
Eran Messeri | 03fc4c8 | 2018-08-16 18:53:15 +0100 | [diff] [blame] | 74 | /** |
| 75 | * Generates a DER-encoded vector containing information from KeyAttestationApplicationId. |
| 76 | * The size of the returned vector will not exceed KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE. |
| 77 | */ |
| 78 | |
| 79 | StatusOr<std::vector<uint8_t>> build_attestation_application_id( |
| 80 | const ::android::security::keymaster::KeyAttestationApplicationId& key_attestation_id); |
| 81 | |
Janis Danisevskis | 18f27ad | 2016-06-01 13:57:40 -0700 | [diff] [blame] | 82 | } // namespace security |
| 83 | } // namespace android |
| 84 | #endif // KEYSTORE_KEYSTORE_ATTESTATION_ID_H_ |