1 // Copyright 2022, The Android Open Source Project
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 //! Generation of certificates and attestation extensions.
16
17 use crate::keys::SigningInfo;
18 use alloc::{borrow::Cow, vec::Vec};
19 use core::time::Duration;
20 use der::asn1::{BitString, OctetString, OctetStringRef, SetOfVec};
21 use der::{
22 asn1::{GeneralizedTime, Null, UtcTime},
23 oid::AssociatedOid,
24 Enumerated, Sequence,
25 };
26 use der::{Decode, Encode, EncodeValue, ErrorKind, Length};
27 use flagset::FlagSet;
28 use kmr_common::crypto::KeyMaterial;
29 use kmr_common::{
30 crypto, der_err, get_tag_value, km_err, tag, try_to_vec, vec_try_with_capacity, Error,
31 };
32 use kmr_common::{get_bool_tag_value, get_opt_tag_value, FallibleAllocExt};
33 use kmr_wire::{
34 keymint,
35 keymint::{
36 from_raw_tag_value, raw_tag_value, DateTime, ErrorCode, KeyCharacteristics, KeyParam,
37 KeyPurpose, Tag,
38 },
39 KeySizeInBits, RsaExponent,
40 };
41 use spki::{AlgorithmIdentifier, ObjectIdentifier, SubjectPublicKeyInfoOwned};
42 use x509_cert::serial_number::SerialNumber;
43 use x509_cert::{
44 certificate::{Certificate, TbsCertificate, Version},
45 ext::pkix::{constraints::BasicConstraints, KeyUsage, KeyUsages},
46 ext::Extension,
47 name::RdnSequence,
48 time::Time,
49 };
50
51 /// OID value for the Android Attestation extension.
52 pub const ATTESTATION_EXTENSION_OID: ObjectIdentifier =
53 ObjectIdentifier::new_unwrap("1.3.6.1.4.1.11129.2.1.17");
54
55 /// Empty value to use in the `RootOfTrust.verifiedBootKey` field in attestations
56 /// if an empty value was passed to the bootloader.
57 const EMPTY_BOOT_KEY: [u8; 32] = [0u8; 32];
58
59 /// Build an ASN.1 DER-encodable `Certificate`.
certificate(tbs_cert: TbsCertificate, sig_val: &[u8]) -> Result<Certificate, Error>60 pub(crate) fn certificate(tbs_cert: TbsCertificate, sig_val: &[u8]) -> Result<Certificate, Error> {
61 Ok(Certificate {
62 signature_algorithm: tbs_cert.signature.clone(),
63 tbs_certificate: tbs_cert,
64 signature: BitString::new(0, sig_val)
65 .map_err(|e| der_err!(e, "failed to build BitString"))?,
66 })
67 }
68
69 /// Build an ASN.1 DER-encodable `tbsCertificate`.
tbs_certificate<'a>( info: &'a Option<SigningInfo>, spki: SubjectPublicKeyInfoOwned, key_usage_ext_bits: &'a [u8], basic_constraint_ext_val: Option<&'a [u8]>, attestation_ext: Option<&'a [u8]>, chars: &'a [KeyParam], params: &'a [KeyParam], ) -> Result<TbsCertificate, Error>70 pub(crate) fn tbs_certificate<'a>(
71 info: &'a Option<SigningInfo>,
72 spki: SubjectPublicKeyInfoOwned,
73 key_usage_ext_bits: &'a [u8],
74 basic_constraint_ext_val: Option<&'a [u8]>,
75 attestation_ext: Option<&'a [u8]>,
76 chars: &'a [KeyParam],
77 params: &'a [KeyParam],
78 ) -> Result<TbsCertificate, Error> {
79 let cert_serial = tag::get_cert_serial(params)?;
80 let cert_subject = tag::get_cert_subject(params)?;
81 let not_before = get_tag_value!(params, CertificateNotBefore, ErrorCode::MissingNotBefore)?;
82 let not_after = get_tag_value!(params, CertificateNotAfter, ErrorCode::MissingNotAfter)?;
83
84 // Determine the OID part of the `AlgorithmIdentifier`; we do not support any signing key
85 // types that have parameters in the `AlgorithmIdentifier`
86 let sig_alg_oid = match info {
87 Some(info) => match info.signing_key {
88 KeyMaterial::Rsa(_) => crypto::rsa::SHA256_PKCS1_SIGNATURE_OID,
89 KeyMaterial::Ec(curve, _, _) => crypto::ec::curve_to_signing_oid(curve),
90 _ => {
91 return Err(km_err!(UnsupportedAlgorithm, "unexpected cert signing key type"));
92 }
93 },
94 None => {
95 // No signing key, so signature will be empty, but we still need a value here.
96 match tag::get_algorithm(params)? {
97 keymint::Algorithm::Rsa => crypto::rsa::SHA256_PKCS1_SIGNATURE_OID,
98 keymint::Algorithm::Ec => {
99 crypto::ec::curve_to_signing_oid(tag::get_ec_curve(chars)?)
100 }
101 alg => {
102 return Err(km_err!(
103 UnsupportedAlgorithm,
104 "unexpected algorithm for public key {:?}",
105 alg
106 ))
107 }
108 }
109 }
110 };
111 let cert_issuer = match &info {
112 Some(info) => &info.issuer_subject,
113 None => cert_subject,
114 };
115
116 // Build certificate extensions
117 let key_usage_extension = Extension {
118 extn_id: KeyUsage::OID,
119 critical: true,
120 extn_value: OctetString::new(key_usage_ext_bits)
121 .map_err(|e| der_err!(e, "failed to build OctetString"))?,
122 };
123
124 let mut cert_extensions = vec_try_with_capacity!(3)?;
125 cert_extensions.push(key_usage_extension); // capacity enough
126
127 if let Some(basic_constraint_ext_val) = basic_constraint_ext_val {
128 let basic_constraint_ext = Extension {
129 extn_id: BasicConstraints::OID,
130 critical: true,
131 extn_value: OctetString::new(basic_constraint_ext_val)
132 .map_err(|e| der_err!(e, "failed to build OctetString"))?,
133 };
134 cert_extensions.push(basic_constraint_ext); // capacity enough
135 }
136
137 if let Some(attest_extn_val) = attestation_ext {
138 let attest_ext = Extension {
139 extn_id: AttestationExtension::OID,
140 critical: false,
141 extn_value: OctetString::new(attest_extn_val)
142 .map_err(|e| der_err!(e, "failed to build OctetString"))?,
143 };
144 cert_extensions.push(attest_ext) // capacity enough
145 }
146
147 Ok(TbsCertificate {
148 version: Version::V3,
149 serial_number: SerialNumber::new(cert_serial)
150 .map_err(|e| der_err!(e, "failed to build serial number for {:?}", cert_serial))?,
151 signature: AlgorithmIdentifier { oid: sig_alg_oid, parameters: None },
152 issuer: RdnSequence::from_der(cert_issuer)
153 .map_err(|e| der_err!(e, "failed to build issuer"))?,
154 validity: x509_cert::time::Validity {
155 not_before: validity_time_from_datetime(not_before)?,
156 not_after: validity_time_from_datetime(not_after)?,
157 },
158 subject: RdnSequence::from_der(cert_subject)
159 .map_err(|e| der_err!(e, "failed to build subject"))?,
160 subject_public_key_info: spki,
161 issuer_unique_id: None,
162 subject_unique_id: None,
163 extensions: Some(cert_extensions),
164 })
165 }
166
167 /// Extract the Subject field from a `keymint::Certificate` as DER-encoded data.
extract_subject(cert: &keymint::Certificate) -> Result<Vec<u8>, Error>168 pub(crate) fn extract_subject(cert: &keymint::Certificate) -> Result<Vec<u8>, Error> {
169 let cert = x509_cert::Certificate::from_der(&cert.encoded_certificate)
170 .map_err(|e| km_err!(EncodingError, "failed to parse certificate: {:?}", e))?;
171 let subject_data = cert
172 .tbs_certificate
173 .subject
174 .to_der()
175 .map_err(|e| km_err!(EncodingError, "failed to DER-encode subject: {:?}", e))?;
176 Ok(subject_data)
177 }
178
179 /// Construct x.509-cert::time::Time from `DateTime`.
180 /// RFC 5280 section 4.1.2.5 requires that UtcTime is used up to 2049
181 /// and GeneralizedTime from 2050 onwards
validity_time_from_datetime(when: DateTime) -> Result<Time, Error>182 fn validity_time_from_datetime(when: DateTime) -> Result<Time, Error> {
183 let dt_err = |_| Error::Der(ErrorKind::DateTime);
184 let secs_since_epoch: i64 = when.ms_since_epoch / 1000;
185
186 if when.ms_since_epoch >= 0 {
187 const MAX_UTC_TIME: Duration = Duration::from_secs(2524608000); // 2050-01-01T00:00:00Z
188
189 let duration = Duration::from_secs(u64::try_from(secs_since_epoch).map_err(dt_err)?);
190 if duration >= MAX_UTC_TIME {
191 Ok(Time::GeneralTime(
192 GeneralizedTime::from_unix_duration(duration)
193 .map_err(|e| der_err!(e, "failed to build GeneralTime for {:?}", when))?,
194 ))
195 } else {
196 Ok(Time::UtcTime(
197 UtcTime::from_unix_duration(duration)
198 .map_err(|e| der_err!(e, "failed to build UtcTime for {:?}", when))?,
199 ))
200 }
201 } else {
202 // TODO: cope with negative offsets from Unix Epoch.
203 Ok(Time::GeneralTime(
204 GeneralizedTime::from_unix_duration(Duration::from_secs(0))
205 .map_err(|e| der_err!(e, "failed to build GeneralizedTime(0) for {:?}", when))?,
206 ))
207 }
208 }
209
asn1_der_encode<T: Encode>(obj: &T) -> Result<Vec<u8>, der::Error>210 pub(crate) fn asn1_der_encode<T: Encode>(obj: &T) -> Result<Vec<u8>, der::Error> {
211 let mut encoded_data = Vec::<u8>::new();
212 obj.encode_to_vec(&mut encoded_data)?;
213 Ok(encoded_data)
214 }
215
216 /// Build key usage extension bits.
key_usage_extension_bits(params: &[KeyParam]) -> KeyUsage217 pub(crate) fn key_usage_extension_bits(params: &[KeyParam]) -> KeyUsage {
218 // Build `KeyUsage` bitmask based on allowed purposes for the key.
219 let mut key_usage_bits = FlagSet::<KeyUsages>::default();
220 for param in params {
221 if let KeyParam::Purpose(purpose) = param {
222 match purpose {
223 KeyPurpose::Sign | KeyPurpose::Verify => {
224 key_usage_bits |= KeyUsages::DigitalSignature;
225 }
226 KeyPurpose::Decrypt | KeyPurpose::Encrypt => {
227 key_usage_bits |= KeyUsages::DataEncipherment;
228 key_usage_bits |= KeyUsages::KeyEncipherment;
229 }
230 KeyPurpose::WrapKey => {
231 key_usage_bits |= KeyUsages::KeyEncipherment;
232 }
233 KeyPurpose::AgreeKey => {
234 key_usage_bits |= KeyUsages::KeyAgreement;
235 }
236 KeyPurpose::AttestKey => {
237 key_usage_bits |= KeyUsages::KeyCertSign;
238 }
239 }
240 }
241 }
242 KeyUsage(key_usage_bits)
243 }
244
245 /// Build basic constraints extension value
basic_constraints_ext_value(ca_required: bool) -> BasicConstraints246 pub(crate) fn basic_constraints_ext_value(ca_required: bool) -> BasicConstraints {
247 BasicConstraints { ca: ca_required, path_len_constraint: None }
248 }
249
250 /// Attestation extension contents
251 ///
252 /// ```asn1
253 /// KeyDescription ::= SEQUENCE {
254 /// attestationVersion INTEGER,
255 /// attestationSecurityLevel SecurityLevel,
256 /// keyMintVersion INTEGER,
257 /// keymintSecurityLevel SecurityLevel,
258 /// attestationChallenge OCTET_STRING,
259 /// uniqueId OCTET_STRING,
260 /// softwareEnforced AuthorizationList,
261 /// hardwareEnforced AuthorizationList,
262 /// }
263 /// ```
264 #[derive(Debug, Clone, Sequence, PartialEq)]
265 pub struct AttestationExtension<'a> {
266 attestation_version: i32,
267 attestation_security_level: SecurityLevel,
268 keymint_version: i32,
269 keymint_security_level: SecurityLevel,
270 #[asn1(type = "OCTET STRING")]
271 attestation_challenge: &'a [u8],
272 #[asn1(type = "OCTET STRING")]
273 unique_id: &'a [u8],
274 sw_enforced: AuthorizationList<'a>,
275 hw_enforced: AuthorizationList<'a>,
276 }
277
278 impl<'a> AssociatedOid for AttestationExtension<'a> {
279 const OID: ObjectIdentifier = ATTESTATION_EXTENSION_OID;
280 }
281
282 /// Security level enumeration
283 /// ```asn1
284 /// SecurityLevel ::= ENUMERATED {
285 /// Software (0),
286 /// TrustedEnvironment (1),
287 /// StrongBox (2),
288 /// }
289 /// ```
290 #[repr(u32)]
291 #[derive(Debug, Clone, Copy, Enumerated, PartialEq)]
292 enum SecurityLevel {
293 Software = 0,
294 TrustedEnvironment = 1,
295 Strongbox = 2,
296 }
297
298 /// Build an ASN.1 DER-encoded attestation extension.
299 #[allow(clippy::too_many_arguments)]
attestation_extension<'a>( keymint_version: i32, challenge: &'a [u8], app_id: &'a [u8], security_level: keymint::SecurityLevel, attestation_ids: Option<&'a crate::AttestationIdInfo>, params: &'a [KeyParam], chars: &'a [KeyCharacteristics], unique_id: &'a Vec<u8>, boot_info: &'a keymint::BootInfo, additional_attestation_info: &'a [KeyParam], ) -> Result<AttestationExtension<'a>, Error>300 pub(crate) fn attestation_extension<'a>(
301 keymint_version: i32,
302 challenge: &'a [u8],
303 app_id: &'a [u8],
304 security_level: keymint::SecurityLevel,
305 attestation_ids: Option<&'a crate::AttestationIdInfo>,
306 params: &'a [KeyParam],
307 chars: &'a [KeyCharacteristics],
308 unique_id: &'a Vec<u8>,
309 boot_info: &'a keymint::BootInfo,
310 additional_attestation_info: &'a [KeyParam],
311 ) -> Result<AttestationExtension<'a>, Error> {
312 let mut sw_chars: &[KeyParam] = &[];
313 let mut hw_chars: &[KeyParam] = &[];
314 for characteristic in chars.iter() {
315 match characteristic.security_level {
316 keymint::SecurityLevel::Keystore | keymint::SecurityLevel::Software => {
317 sw_chars = &characteristic.authorizations
318 }
319 l if l == security_level => hw_chars = &characteristic.authorizations,
320 l => {
321 return Err(km_err!(
322 InvalidTag,
323 "found characteristics for unexpected security level {:?}",
324 l,
325 ))
326 }
327 }
328 }
329 let (sw_params, hw_params): (&[KeyParam], &[KeyParam]) = match security_level {
330 keymint::SecurityLevel::Software => (params, &[]),
331 _ => (&[], params),
332 };
333 let sw_enforced = AuthorizationList::new(
334 sw_chars,
335 sw_params,
336 attestation_ids,
337 None,
338 Some(app_id),
339 additional_attestation_info,
340 )?;
341 let hw_enforced = AuthorizationList::new(
342 hw_chars,
343 hw_params,
344 attestation_ids,
345 Some(RootOfTrust::from(boot_info)),
346 None,
347 &[],
348 )?;
349 let sec_level = SecurityLevel::try_from(security_level as u32)
350 .map_err(|_| km_err!(InvalidArgument, "invalid security level {:?}", security_level))?;
351 let ext = AttestationExtension {
352 attestation_version: keymint_version,
353 attestation_security_level: sec_level,
354 keymint_version,
355 keymint_security_level: sec_level,
356 attestation_challenge: challenge,
357 unique_id,
358 sw_enforced,
359 hw_enforced,
360 };
361 Ok(ext)
362 }
363
364 /// Struct for creating ASN.1 DER-serialized `AuthorizationList`. The fields in the ASN.1
365 /// sequence are categorized into four fields in the struct based on their usage.
366 /// ```asn1
367 /// AuthorizationList ::= SEQUENCE {
368 /// purpose [1] EXPLICIT SET OF INTEGER OPTIONAL,
369 /// algorithm [2] EXPLICIT INTEGER OPTIONAL,
370 /// keySize [3] EXPLICIT INTEGER OPTIONAL,
371 /// blockMode [4] EXPLICIT SET OF INTEGER OPTIONAL, -- Symmetric keys only
372 /// digest [5] EXPLICIT SET OF INTEGER OPTIONAL,
373 /// padding [6] EXPLICIT SET OF INTEGER OPTIONAL,
374 /// callerNonce [7] EXPLICIT NULL OPTIONAL, -- Symmetric keys only
375 /// minMacLength [8] EXPLICIT INTEGER OPTIONAL, -- Symmetric keys only
376 /// ecCurve [10] EXPLICIT INTEGER OPTIONAL,
377 /// rsaPublicExponent [200] EXPLICIT INTEGER OPTIONAL,
378 /// mgfDigest [203] EXPLICIT SET OF INTEGER OPTIONAL,
379 /// rollbackResistance [303] EXPLICIT NULL OPTIONAL,
380 /// earlyBootOnly [305] EXPLICIT NULL OPTIONAL,
381 /// activeDateTime [400] EXPLICIT INTEGER OPTIONAL,
382 /// originationExpireDateTime [401] EXPLICIT INTEGER OPTIONAL,
383 /// usageExpireDateTime [402] EXPLICIT INTEGER OPTIONAL,
384 /// usageCountLimit [405] EXPLICIT INTEGER OPTIONAL,
385 /// userSecureId [502] EXPLICIT INTEGER OPTIONAL, -- Only used on key import
386 /// noAuthRequired [503] EXPLICIT NULL OPTIONAL,
387 /// userAuthType [504] EXPLICIT INTEGER OPTIONAL,
388 /// authTimeout [505] EXPLICIT INTEGER OPTIONAL,
389 /// allowWhileOnBody [506] EXPLICIT NULL OPTIONAL,
390 /// trustedUserPresenceReq [507] EXPLICIT NULL OPTIONAL,
391 /// trustedConfirmationReq [508] EXPLICIT NULL OPTIONAL,
392 /// unlockedDeviceReq [509] EXPLICIT NULL OPTIONAL,
393 /// creationDateTime [701] EXPLICIT INTEGER OPTIONAL,
394 /// origin [702] EXPLICIT INTEGER OPTIONAL,
395 /// rootOfTrust [704] EXPLICIT RootOfTrust OPTIONAL,
396 /// osVersion [705] EXPLICIT INTEGER OPTIONAL,
397 /// osPatchLevel [706] EXPLICIT INTEGER OPTIONAL,
398 /// attestationApplicationId [709] EXPLICIT OCTET_STRING OPTIONAL,
399 /// attestationIdBrand [710] EXPLICIT OCTET_STRING OPTIONAL,
400 /// attestationIdDevice [711] EXPLICIT OCTET_STRING OPTIONAL,
401 /// attestationIdProduct [712] EXPLICIT OCTET_STRING OPTIONAL,
402 /// attestationIdSerial [713] EXPLICIT OCTET_STRING OPTIONAL,
403 /// attestationIdImei [714] EXPLICIT OCTET_STRING OPTIONAL,
404 /// attestationIdMeid [715] EXPLICIT OCTET_STRING OPTIONAL,
405 /// attestationIdManufacturer [716] EXPLICIT OCTET_STRING OPTIONAL,
406 /// attestationIdModel [717] EXPLICIT OCTET_STRING OPTIONAL,
407 /// vendorPatchLevel [718] EXPLICIT INTEGER OPTIONAL,
408 /// bootPatchLevel [719] EXPLICIT INTEGER OPTIONAL,
409 /// deviceUniqueAttestation [720] EXPLICIT NULL OPTIONAL,
410 /// attestationIdSecondImei [723] EXPLICIT OCTET_STRING OPTIONAL,
411 /// -- moduleHash contains a SHA-256 hash of DER-encoded `Modules`
412 /// moduleHash [724] EXPLICIT OCTET_STRING OPTIONAL,
413 /// }
414 /// ```
415 #[derive(Debug, Clone, PartialEq, Eq)]
416 pub struct AuthorizationList<'a> {
417 pub auths: Cow<'a, [KeyParam]>,
418 pub keygen_params: Cow<'a, [KeyParam]>,
419 pub rot_info: Option<KeyParam>,
420 pub app_id: Option<KeyParam>,
421 pub additional_attestation_info: Cow<'a, [KeyParam]>,
422 }
423
424 /// Macro to check that a specified attestation ID matches the provisioned value.
425 macro_rules! check_attestation_id {
426 {
427 $params:expr, $variant:ident, $mustmatch:expr
428 } => {
429 {
430 if let Some(val) = get_opt_tag_value!($params, $variant)? {
431 match $mustmatch {
432 None => return Err(km_err!(CannotAttestIds,
433 "no attestation IDs provisioned")),
434 Some(want) => if val != want {
435 return Err(km_err!(CannotAttestIds,
436 "attestation ID mismatch for {}",
437 stringify!($variant)))
438 }
439 }
440 }
441 }
442 }
443 }
444
445 impl<'a> AuthorizationList<'a> {
446 /// Build an `AuthorizationList` ready for serialization. This constructor will fail if device
447 /// ID attestation is required but the relevant IDs are missing or mismatched.
new( auths: &'a [KeyParam], keygen_params: &'a [KeyParam], attestation_ids: Option<&'a crate::AttestationIdInfo>, rot_info: Option<RootOfTrust<'a>>, app_id: Option<&'a [u8]>, additional_attestation_info: &'a [KeyParam], ) -> Result<Self, Error>448 fn new(
449 auths: &'a [KeyParam],
450 keygen_params: &'a [KeyParam],
451 attestation_ids: Option<&'a crate::AttestationIdInfo>,
452 rot_info: Option<RootOfTrust<'a>>,
453 app_id: Option<&'a [u8]>,
454 additional_attestation_info: &'a [KeyParam],
455 ) -> Result<Self, Error> {
456 check_attestation_id!(keygen_params, AttestationIdBrand, attestation_ids.map(|v| &v.brand));
457 check_attestation_id!(
458 keygen_params,
459 AttestationIdDevice,
460 attestation_ids.map(|v| &v.device)
461 );
462 check_attestation_id!(
463 keygen_params,
464 AttestationIdProduct,
465 attestation_ids.map(|v| &v.product)
466 );
467 check_attestation_id!(
468 keygen_params,
469 AttestationIdSerial,
470 attestation_ids.map(|v| &v.serial)
471 );
472 check_attestation_id!(keygen_params, AttestationIdImei, attestation_ids.map(|v| &v.imei));
473 check_attestation_id!(
474 keygen_params,
475 AttestationIdSecondImei,
476 attestation_ids.map(|v| &v.imei2)
477 );
478 check_attestation_id!(keygen_params, AttestationIdMeid, attestation_ids.map(|v| &v.meid));
479 check_attestation_id!(
480 keygen_params,
481 AttestationIdManufacturer,
482 attestation_ids.map(|v| &v.manufacturer)
483 );
484 check_attestation_id!(keygen_params, AttestationIdModel, attestation_ids.map(|v| &v.model));
485
486 let encoded_rot = if let Some(rot) = rot_info {
487 Some(rot.to_der().map_err(|e| der_err!(e, "failed to encode RoT"))?)
488 } else {
489 None
490 };
491 Ok(Self {
492 auths: auths.into(),
493 keygen_params: keygen_params.into(),
494 rot_info: encoded_rot.map(KeyParam::RootOfTrust),
495 app_id: match app_id {
496 Some(app_id) => Some(KeyParam::AttestationApplicationId(try_to_vec(app_id)?)),
497 None => None,
498 },
499 additional_attestation_info: additional_attestation_info.into(),
500 })
501 }
502
503 /// Build an `AuthorizationList` using a set of key parameters.
504 /// The checks for the attestation ids are not run here in contrast to `AuthorizationList::new`
505 /// because this method is used to construct an `AuthorizationList` in the decode path rather
506 /// than in the encode path. Note: decode path is currently used only by
507 /// `KeyMintTa::import_wrapped_key` functionality, which only uses `auth` field of
508 /// `AuthorizationList`. Decoding for the whole `AuthorizationList` is added here for the
509 /// completeness and anticipating a future use case of decoding the attestation extension from
510 /// an X.509 certificate.
new_from_key_params(key_params: Vec<KeyParam>) -> Result<Self, der::Error>511 fn new_from_key_params(key_params: Vec<KeyParam>) -> Result<Self, der::Error> {
512 let mut auths = Vec::new();
513 let mut keygen_params = Vec::new();
514 let mut rot: Option<KeyParam> = None;
515 let mut attest_app_id: Option<KeyParam> = None;
516 let mut additional_attestation_info = Vec::new();
517
518 // Divide key parameters into key characteristics and key generation parameters.
519 for param in key_params {
520 match param {
521 KeyParam::RootOfTrust(_) => rot = Some(param),
522 KeyParam::AttestationApplicationId(_) => attest_app_id = Some(param),
523 KeyParam::AttestationIdBrand(_)
524 | KeyParam::AttestationIdDevice(_)
525 | KeyParam::AttestationIdProduct(_)
526 | KeyParam::AttestationIdSerial(_)
527 | KeyParam::AttestationIdImei(_)
528 | KeyParam::AttestationIdSecondImei(_)
529 | KeyParam::AttestationIdMeid(_)
530 | KeyParam::AttestationIdManufacturer(_)
531 | KeyParam::AttestationIdModel(_) => {
532 keygen_params.try_push(param).map_err(der_alloc_err)?
533 }
534 KeyParam::ModuleHash(_) => {
535 additional_attestation_info.try_push(param).map_err(der_alloc_err)?
536 }
537 _ => auths.try_push(param).map_err(der_alloc_err)?,
538 }
539 }
540 Ok(AuthorizationList {
541 auths: auths.into(),
542 keygen_params: keygen_params.into(),
543 rot_info: rot,
544 app_id: attest_app_id,
545 additional_attestation_info: additional_attestation_info.into(),
546 })
547 }
548 }
549
550 /// Convert an error into a `der::Error` indicating allocation failure.
551 #[inline]
der_alloc_err<T>(_e: T) -> der::Error552 fn der_alloc_err<T>(_e: T) -> der::Error {
553 der::Error::new(der::ErrorKind::Overlength, der::Length::ZERO)
554 }
555
556 /// All the fields of AuthorizationList sequence are optional. Therefore, the expected tag and the
557 /// decoded tag might be different. If they don't match, return the decoded tag to be used in a
558 /// future call to this method. If the two tags match, continue to read the value,
559 /// populate key parameters and return None, so that the next call to this method will
560 /// decode the tag from bytes. See the implementation of [`der::DecodeValue`] trait for
561 /// AuthorizationList.
decode_opt_field<'a, R: der::Reader<'a>>( decoder: &mut R, already_read_tag: Option<keymint::Tag>, expected_tag: keymint::Tag, key_params: &mut Vec<KeyParam>, ) -> Result<Option<keymint::Tag>, der::Error>562 fn decode_opt_field<'a, R: der::Reader<'a>>(
563 decoder: &mut R,
564 already_read_tag: Option<keymint::Tag>,
565 expected_tag: keymint::Tag,
566 key_params: &mut Vec<KeyParam>,
567 ) -> Result<Option<keymint::Tag>, der::Error> {
568 // Decode the tag if no tag is provided
569 let tag =
570 if already_read_tag.is_none() { decode_tag_from_bytes(decoder)? } else { already_read_tag };
571 match tag {
572 Some(tag) if tag == expected_tag => {
573 // Decode the length of the inner encoding
574 let inner_len = Length::decode(decoder)?;
575 if decoder.remaining_len() < inner_len {
576 return Err(der::ErrorKind::Incomplete {
577 expected_len: inner_len,
578 actual_len: decoder.remaining_len(),
579 }
580 .into());
581 }
582 let next_tlv = decoder.tlv_bytes()?;
583 decode_value_from_bytes(expected_tag, next_tlv, key_params)?;
584 Ok(None)
585 }
586 Some(tag) => Ok(Some(tag)), // Return the tag for which the value is unread.
587 None => Ok(None),
588 }
589 }
590
591 macro_rules! process_authz_list_tags {
592 {$decoder:expr, $key_params:expr, ($($tag:ident),*)} => {
593 let mut non_consumed_tag: Option<Tag> = None;
594 ($(non_consumed_tag = decode_opt_field($decoder,
595 non_consumed_tag,
596 Tag::$tag,
597 $key_params)?),*);
598 if non_consumed_tag.is_some(){
599 return Err($decoder.error(der::ErrorKind::Incomplete {
600 expected_len: Length::ZERO,
601 actual_len: $decoder.remaining_len(),
602 }));
603 }
604 };
605 }
606
607 /// Implementation of [`der::DecodeValue`] which constructs an AuthorizationList from bytes.
608 impl<'a> der::DecodeValue<'a> for AuthorizationList<'a> {
decode_value<R: der::Reader<'a>>(decoder: &mut R, header: der::Header) -> der::Result<Self>609 fn decode_value<R: der::Reader<'a>>(decoder: &mut R, header: der::Header) -> der::Result<Self> {
610 // TODO: define a MAX_SIZE for AuthorizationList and check whether the actual length from
611 // the length field of header is less than the MAX_SIZE
612
613 // Check for an empty sequence
614 if header.length.is_zero() {
615 return Ok(AuthorizationList {
616 auths: Vec::new().into(),
617 keygen_params: Vec::new().into(),
618 rot_info: None,
619 app_id: None,
620 additional_attestation_info: Vec::new().into(),
621 });
622 }
623 if decoder.remaining_len() < header.length {
624 return Err(der::ErrorKind::Incomplete {
625 expected_len: header.length,
626 actual_len: decoder.remaining_len(),
627 })?;
628 }
629 let mut key_params = Vec::new();
630 process_authz_list_tags!(
631 decoder,
632 &mut key_params,
633 (
634 Purpose,
635 Algorithm,
636 KeySize,
637 BlockMode,
638 Digest,
639 Padding,
640 CallerNonce,
641 MinMacLength,
642 EcCurve,
643 RsaPublicExponent,
644 RsaOaepMgfDigest,
645 RollbackResistance,
646 EarlyBootOnly,
647 ActiveDatetime,
648 OriginationExpireDatetime,
649 UsageExpireDatetime,
650 UsageCountLimit,
651 UserSecureId,
652 NoAuthRequired,
653 UserAuthType,
654 AuthTimeout,
655 AllowWhileOnBody,
656 TrustedUserPresenceRequired,
657 TrustedConfirmationRequired,
658 UnlockedDeviceRequired,
659 CreationDatetime,
660 CreationDatetime,
661 Origin,
662 RootOfTrust,
663 OsVersion,
664 OsPatchlevel,
665 AttestationApplicationId,
666 AttestationIdBrand,
667 AttestationIdDevice,
668 AttestationIdProduct,
669 AttestationIdSerial,
670 AttestationIdSerial,
671 AttestationIdSerial,
672 AttestationIdImei,
673 AttestationIdMeid,
674 AttestationIdManufacturer,
675 AttestationIdModel,
676 VendorPatchlevel,
677 BootPatchlevel,
678 DeviceUniqueAttestation,
679 AttestationIdSecondImei,
680 ModuleHash
681 )
682 );
683
684 // Process the key params and construct the `AuthorizationList`
685 AuthorizationList::new_from_key_params(key_params)
686 }
687 }
688
689 // Macros to decode key parameters from their ASN.1 encoding in one of the forms:
690 // field [<tag>] EXPLICIT SET OF INTEGER OPTIONAL
691 // field [<tag>] EXPLICIT INTEGER OPTIONAL
692 // field [<tag>] EXPLICIT NULL OPTIONAL
693 // field [<tag>] EXPLICIT OCTET STRING OPTIONAL
694 // There are three different variants for the INTEGER type.
695
696 macro_rules! key_params_from_asn1_set_of_integer {
697 {$variant:ident, $tlv_bytes:expr, $key_params:expr} => {
698 let vals = SetOfVec::<i32>::from_der($tlv_bytes)?;
699 for val in vals.into_vec() {
700 $key_params.try_push(KeyParam::$variant(val.try_into().map_err(
701 |_e| der::ErrorKind::Value {tag: der::Tag::Set})?)).map_err(der_alloc_err)?;
702 }
703 }
704 }
705
706 macro_rules! key_param_from_asn1_integer {
707 {$variant:ident, $int_type:ident, $tlv_bytes:expr, $key_params:expr} => {
708 let val = $int_type::from_der($tlv_bytes)?;
709 $key_params.try_push(KeyParam::$variant(val.try_into().map_err(
710 |_e| der::ErrorKind::Value {tag: der::Tag::Integer})?)).map_err(der_alloc_err)?;
711 }
712 }
713
714 macro_rules! key_param_from_asn1_integer_newtype {
715 {$variant:ident, $int_type:ident, $newtype:ident, $tlv_bytes:expr, $key_params:expr} => {
716 let val = $int_type::from_der($tlv_bytes)?;
717 $key_params.try_push(KeyParam::$variant($newtype(val.try_into().map_err(
718 |_e| der::ErrorKind::Value {tag: der::Tag::Integer})?))).map_err(der_alloc_err)?;
719 }
720 }
721
722 macro_rules! key_param_from_asn1_null {
723 {$variant:ident, $tlv_bytes:expr, $key_params:expr} => {
724 Null::from_der($tlv_bytes)?;
725 $key_params.try_push(KeyParam::$variant).map_err(der_alloc_err)?;
726 };
727 }
728
729 macro_rules! key_param_from_asn1_integer_datetime {
730 {$variant:ident, $tlv_bytes:expr, $key_params:expr} => {
731 let val = i64::from_der($tlv_bytes)?;
732 $key_params
733 .try_push(KeyParam::$variant(DateTime{ms_since_epoch: val}))
734 .map_err(der_alloc_err)?;
735 };
736 }
737
738 macro_rules! key_param_from_asn1_octet_string {
739 {$variant:ident, $tlv_bytes:expr, $key_params:expr} => {
740 let val = OctetStringRef::from_der($tlv_bytes)?;
741 $key_params.try_push(KeyParam::$variant(try_to_vec(val.as_bytes())
742 .map_err(der_alloc_err)?)).map_err(der_alloc_err)?;
743 };
744 }
745
decode_value_from_bytes( tag: keymint::Tag, tlv_bytes: &[u8], key_params: &mut Vec<KeyParam>, ) -> Result<(), der::Error>746 fn decode_value_from_bytes(
747 tag: keymint::Tag,
748 tlv_bytes: &[u8],
749 key_params: &mut Vec<KeyParam>,
750 ) -> Result<(), der::Error> {
751 match tag {
752 Tag::Purpose => {
753 key_params_from_asn1_set_of_integer!(Purpose, tlv_bytes, key_params);
754 }
755 Tag::Algorithm => {
756 key_param_from_asn1_integer!(Algorithm, i32, tlv_bytes, key_params);
757 }
758 Tag::KeySize => {
759 key_param_from_asn1_integer_newtype!(
760 KeySize,
761 u32,
762 KeySizeInBits,
763 tlv_bytes,
764 key_params
765 );
766 }
767 Tag::BlockMode => {
768 key_params_from_asn1_set_of_integer!(BlockMode, tlv_bytes, key_params);
769 }
770 Tag::Digest => {
771 key_params_from_asn1_set_of_integer!(Digest, tlv_bytes, key_params);
772 }
773 Tag::Padding => {
774 key_params_from_asn1_set_of_integer!(Padding, tlv_bytes, key_params);
775 }
776 Tag::CallerNonce => {
777 key_param_from_asn1_null!(CallerNonce, tlv_bytes, key_params);
778 }
779 Tag::MinMacLength => {
780 key_param_from_asn1_integer!(MinMacLength, u32, tlv_bytes, key_params);
781 }
782 Tag::EcCurve => {
783 key_param_from_asn1_integer!(EcCurve, i32, tlv_bytes, key_params);
784 }
785 Tag::RsaPublicExponent => {
786 key_param_from_asn1_integer_newtype!(
787 RsaPublicExponent,
788 u64,
789 RsaExponent,
790 tlv_bytes,
791 key_params
792 );
793 }
794 Tag::RsaOaepMgfDigest => {
795 key_params_from_asn1_set_of_integer!(RsaOaepMgfDigest, tlv_bytes, key_params);
796 }
797 Tag::RollbackResistance => {
798 key_param_from_asn1_null!(RollbackResistance, tlv_bytes, key_params);
799 }
800 Tag::EarlyBootOnly => {
801 key_param_from_asn1_null!(EarlyBootOnly, tlv_bytes, key_params);
802 }
803 Tag::ActiveDatetime => {
804 key_param_from_asn1_integer_datetime!(ActiveDatetime, tlv_bytes, key_params);
805 }
806 Tag::OriginationExpireDatetime => {
807 key_param_from_asn1_integer_datetime!(OriginationExpireDatetime, tlv_bytes, key_params);
808 }
809 Tag::UsageExpireDatetime => {
810 key_param_from_asn1_integer_datetime!(UsageExpireDatetime, tlv_bytes, key_params);
811 }
812 Tag::UsageCountLimit => {
813 key_param_from_asn1_integer!(UsageCountLimit, u32, tlv_bytes, key_params);
814 }
815 Tag::UserSecureId => {
816 // Note that the `UserSecureId` tag has tag type `ULONG_REP` indicating that it can be
817 // repeated, but the ASN.1 schema for `AuthorizationList` has this field as having type
818 // `INTEGER` not `SET OF INTEGER`. This reflects the special usage of `UserSecureId`
819 // in `importWrappedKey()` processing.
820 key_param_from_asn1_integer!(UserSecureId, u64, tlv_bytes, key_params);
821 }
822 Tag::NoAuthRequired => {
823 key_param_from_asn1_null!(NoAuthRequired, tlv_bytes, key_params);
824 }
825 Tag::UserAuthType => {
826 key_param_from_asn1_integer!(UserAuthType, u32, tlv_bytes, key_params);
827 }
828 Tag::AuthTimeout => {
829 key_param_from_asn1_integer!(AuthTimeout, u32, tlv_bytes, key_params);
830 }
831 Tag::AllowWhileOnBody => {
832 key_param_from_asn1_null!(AllowWhileOnBody, tlv_bytes, key_params);
833 }
834 Tag::TrustedUserPresenceRequired => {
835 key_param_from_asn1_null!(TrustedUserPresenceRequired, tlv_bytes, key_params);
836 }
837 Tag::TrustedConfirmationRequired => {
838 key_param_from_asn1_null!(TrustedConfirmationRequired, tlv_bytes, key_params);
839 }
840 Tag::UnlockedDeviceRequired => {
841 key_param_from_asn1_null!(UnlockedDeviceRequired, tlv_bytes, key_params);
842 }
843 Tag::CreationDatetime => {
844 key_param_from_asn1_integer_datetime!(CreationDatetime, tlv_bytes, key_params);
845 }
846 Tag::Origin => {
847 key_param_from_asn1_integer!(Origin, i32, tlv_bytes, key_params);
848 }
849 Tag::RootOfTrust => {
850 key_params
851 .try_push(KeyParam::RootOfTrust(try_to_vec(tlv_bytes).map_err(der_alloc_err)?))
852 .map_err(der_alloc_err)?;
853 }
854 Tag::OsVersion => {
855 key_param_from_asn1_integer!(OsVersion, u32, tlv_bytes, key_params);
856 }
857 Tag::OsPatchlevel => {
858 key_param_from_asn1_integer!(OsPatchlevel, u32, tlv_bytes, key_params);
859 }
860 Tag::AttestationApplicationId => {
861 key_param_from_asn1_octet_string!(AttestationApplicationId, tlv_bytes, key_params);
862 }
863 Tag::AttestationIdBrand => {
864 key_param_from_asn1_octet_string!(AttestationIdBrand, tlv_bytes, key_params);
865 }
866 Tag::AttestationIdDevice => {
867 key_param_from_asn1_octet_string!(AttestationIdDevice, tlv_bytes, key_params);
868 }
869 Tag::AttestationIdProduct => {
870 key_param_from_asn1_octet_string!(AttestationIdProduct, tlv_bytes, key_params);
871 }
872 Tag::AttestationIdSerial => {
873 key_param_from_asn1_octet_string!(AttestationIdSerial, tlv_bytes, key_params);
874 }
875 Tag::AttestationIdImei => {
876 key_param_from_asn1_octet_string!(AttestationIdImei, tlv_bytes, key_params);
877 }
878 Tag::AttestationIdSecondImei => {
879 key_param_from_asn1_octet_string!(AttestationIdSecondImei, tlv_bytes, key_params);
880 }
881 Tag::AttestationIdMeid => {
882 key_param_from_asn1_octet_string!(AttestationIdMeid, tlv_bytes, key_params);
883 }
884 Tag::AttestationIdManufacturer => {
885 key_param_from_asn1_octet_string!(AttestationIdManufacturer, tlv_bytes, key_params);
886 }
887 Tag::AttestationIdModel => {
888 key_param_from_asn1_octet_string!(AttestationIdModel, tlv_bytes, key_params);
889 }
890 Tag::VendorPatchlevel => {
891 key_param_from_asn1_integer!(VendorPatchlevel, u32, tlv_bytes, key_params);
892 }
893 Tag::BootPatchlevel => {
894 key_param_from_asn1_integer!(BootPatchlevel, u32, tlv_bytes, key_params);
895 }
896 Tag::DeviceUniqueAttestation => {
897 key_param_from_asn1_null!(DeviceUniqueAttestation, tlv_bytes, key_params);
898 }
899 Tag::ModuleHash => {
900 key_param_from_asn1_octet_string!(ModuleHash, tlv_bytes, key_params);
901 }
902 _ => {
903 // Note: `der::Error` or `der::ErrorKind` is not expressive enough for decoding
904 // tags in high tag form. Documentation of this error kind does not match this
905 // situation. But we use the `der::ErrorKind` as close as possible.
906 return Err(der::ErrorKind::TagNumberInvalid.into());
907 }
908 }
909 Ok(())
910 }
911
912 /// Decode the tag of a field in AuthorizationList.
decode_tag_from_bytes<'a, R: der::Reader<'a>>( decoder: &mut R, ) -> Result<Option<keymint::Tag>, der::Error>913 fn decode_tag_from_bytes<'a, R: der::Reader<'a>>(
914 decoder: &mut R,
915 ) -> Result<Option<keymint::Tag>, der::Error> {
916 // Avoid reading for tags beyond the size of the encoded AuthorizationList
917 if decoder.remaining_len() == Length::ZERO {
918 return Ok(None);
919 }
920 let b1 = decoder.read_byte()?;
921 let raw_tag = if b1 & 0xbfu8 == 0xbfu8 {
922 // High tag form, read the next byte
923 let b2 = decoder.read_byte()?;
924 if b2 & 0x80u8 == 0x80u8 {
925 // Encoded tag length is 3, read the next byte
926 let b3 = decoder.read_byte()?;
927 let tag_byte: u16 = ((b2 ^ 0x80u8) as u16) << 7;
928 (tag_byte | b3 as u16) as u32
929 } else {
930 b2 as u32
931 }
932 } else {
933 (b1 ^ 0b10100000u8) as u32
934 };
935 let tag = from_raw_tag_value(raw_tag);
936 if tag == Tag::Invalid {
937 // Note: der::Error or der::ErrorKind is not expressive enough for decoding tags
938 // in high tag form. Documentation of this error kind does not match this situation.
939 // Find a better way to express the error.
940 Err(der::ErrorKind::TagNumberInvalid.into())
941 } else {
942 Ok(Some(tag))
943 }
944 }
945
946 // Macros to extract key characteristics for ASN.1 encoding into one of the forms:
947 // field [<tag>] EXPLICIT SET OF INTEGER OPTIONAL
948 // field [<tag>] EXPLICIT INTEGER OPTIONAL
949 // field [<tag>] EXPLICIT NULL OPTIONAL
950 // field [<tag>] EXPLICIT OCTET STRING OPTIONAL
951 // together with an extra variant that deals with OCTET STRING values that must match
952 // a provisioned attestation ID value.
953 macro_rules! asn1_set_of_integer {
954 { $params:expr, $variant:ident } => {
955 {
956 let mut results = Vec::new();
957 for param in $params.as_ref() {
958 if let KeyParam::$variant(v) = param {
959 results.try_push(v.clone()).map_err(der_alloc_err)?;
960 }
961 }
962 if !results.is_empty() {
963 // The input key characteristics have been sorted and so are in numerical order, but
964 // may contain duplicates that need to be weeded out.
965 let mut set = der::asn1::SetOfVec::new();
966 let mut prev_val = None;
967 for val in results {
968 let val = val as i64;
969 if let Some(prev) = prev_val {
970 if prev == val {
971 continue; // skip duplicate
972 }
973 }
974 set.insert_ordered(val)?;
975 prev_val = Some(val);
976 }
977 Some(ExplicitTaggedValue {
978 tag: raw_tag_value(Tag::$variant),
979 val: set,
980 })
981 } else {
982 None
983 }
984 }
985 }
986 }
987 macro_rules! asn1_integer {
988 { $params:expr, $variant:ident } => {
989 if let Some(val) = get_opt_tag_value!($params.as_ref(), $variant).map_err(|_e| {
990 log::warn!("failed to get {} value for ext", stringify!($variant));
991 der::Error::new(der::ErrorKind::Failed, der::Length::ZERO)
992 })? {
993 Some(ExplicitTaggedValue {
994 tag: raw_tag_value(Tag::$variant),
995 val: *val as i64
996 })
997 } else {
998 None
999 }
1000 }
1001 }
1002 macro_rules! asn1_integer_newtype {
1003 { $params:expr, $variant:ident } => {
1004 if let Some(val) = get_opt_tag_value!($params.as_ref(), $variant).map_err(|_e| {
1005 log::warn!("failed to get {} value for ext", stringify!($variant));
1006 der::Error::new(der::ErrorKind::Failed, der::Length::ZERO)
1007 })? {
1008 Some(ExplicitTaggedValue {
1009 tag: raw_tag_value(Tag::$variant),
1010 val: val.0 as i64
1011 })
1012 } else {
1013 None
1014 }
1015 }
1016 }
1017 macro_rules! asn1_integer_datetime {
1018 { $params:expr, $variant:ident } => {
1019 if let Some(val) = get_opt_tag_value!($params.as_ref(), $variant).map_err(|_e| {
1020 log::warn!("failed to get {} value for ext", stringify!($variant));
1021 der::Error::new(der::ErrorKind::Failed, der::Length::ZERO)
1022 })? {
1023 Some(ExplicitTaggedValue {
1024 tag: raw_tag_value(Tag::$variant),
1025 val: val.ms_since_epoch
1026 })
1027 } else {
1028 None
1029 }
1030 }
1031 }
1032 macro_rules! asn1_null {
1033 { $params:expr, $variant:ident } => {
1034 if get_bool_tag_value!($params.as_ref(), $variant).map_err(|_e| {
1035 log::warn!("failed to get {} value for ext", stringify!($variant));
1036 der::Error::new(der::ErrorKind::Failed, der::Length::ZERO)
1037 })? {
1038 Some(ExplicitTaggedValue {
1039 tag: raw_tag_value(Tag::$variant),
1040 val: ()
1041 })
1042 } else {
1043 None
1044 }
1045 }
1046 }
1047 macro_rules! asn1_octet_string {
1048 { $params:expr, $variant:ident } => {
1049 if let Some(val) = get_opt_tag_value!($params.as_ref(), $variant).map_err(|_e| {
1050 log::warn!("failed to get {} value for ext", stringify!($variant));
1051 der::Error::new(der::ErrorKind::Failed, der::Length::ZERO)
1052 })? {
1053 Some(ExplicitTaggedValue {
1054 tag: raw_tag_value(Tag::$variant),
1055 val: der::asn1::OctetStringRef::new(val)?,
1056 })
1057 } else {
1058 None
1059 }
1060 }
1061 }
1062
asn1_val<T: Encode>( val: Option<ExplicitTaggedValue<T>>, writer: &mut impl der::Writer, ) -> der::Result<()>1063 fn asn1_val<T: Encode>(
1064 val: Option<ExplicitTaggedValue<T>>,
1065 writer: &mut impl der::Writer,
1066 ) -> der::Result<()> {
1067 if let Some(val) = val {
1068 val.encode(writer)
1069 } else {
1070 Ok(())
1071 }
1072 }
1073
asn1_len<T: Encode>(val: Option<ExplicitTaggedValue<T>>) -> der::Result<Length>1074 fn asn1_len<T: Encode>(val: Option<ExplicitTaggedValue<T>>) -> der::Result<Length> {
1075 match val {
1076 Some(val) => val.encoded_len(),
1077 None => Ok(Length::ZERO),
1078 }
1079 }
1080
1081 impl<'a> Sequence<'a> for AuthorizationList<'a> {}
1082
1083 impl<'a> EncodeValue for AuthorizationList<'a> {
value_len(&self) -> der::Result<Length>1084 fn value_len(&self) -> der::Result<Length> {
1085 let mut length = asn1_len(asn1_set_of_integer!(self.auths, Purpose))?
1086 + asn1_len(asn1_integer!(self.auths, Algorithm))?
1087 + asn1_len(asn1_integer_newtype!(self.auths, KeySize))?
1088 + asn1_len(asn1_set_of_integer!(self.auths, BlockMode))?
1089 + asn1_len(asn1_set_of_integer!(self.auths, Digest))?
1090 + asn1_len(asn1_set_of_integer!(self.auths, Padding))?
1091 + asn1_len(asn1_null!(self.auths, CallerNonce))?
1092 + asn1_len(asn1_integer!(self.auths, MinMacLength))?
1093 + asn1_len(asn1_integer!(self.auths, EcCurve))?
1094 + asn1_len(asn1_integer_newtype!(self.auths, RsaPublicExponent))?
1095 + asn1_len(asn1_set_of_integer!(self.auths, RsaOaepMgfDigest))?
1096 + asn1_len(asn1_null!(self.auths, RollbackResistance))?
1097 + asn1_len(asn1_null!(self.auths, EarlyBootOnly))?
1098 + asn1_len(asn1_integer_datetime!(self.auths, ActiveDatetime))?
1099 + asn1_len(asn1_integer_datetime!(self.auths, OriginationExpireDatetime))?
1100 + asn1_len(asn1_integer_datetime!(self.auths, UsageExpireDatetime))?
1101 + asn1_len(asn1_integer!(self.auths, UsageCountLimit))?
1102 + asn1_len(asn1_null!(self.auths, NoAuthRequired))?
1103 + asn1_len(asn1_integer!(self.auths, UserAuthType))?
1104 + asn1_len(asn1_integer!(self.auths, AuthTimeout))?
1105 + asn1_len(asn1_null!(self.auths, AllowWhileOnBody))?
1106 + asn1_len(asn1_null!(self.auths, TrustedUserPresenceRequired))?
1107 + asn1_len(asn1_null!(self.auths, TrustedConfirmationRequired))?
1108 + asn1_len(asn1_null!(self.auths, UnlockedDeviceRequired))?
1109 + asn1_len(asn1_integer_datetime!(self.auths, CreationDatetime))?
1110 + asn1_len(asn1_integer!(self.auths, Origin))?;
1111 if let Some(KeyParam::RootOfTrust(encoded_rot_info)) = &self.rot_info {
1112 length = length
1113 + ExplicitTaggedValue {
1114 tag: raw_tag_value(Tag::RootOfTrust),
1115 val: RootOfTrust::from_der(encoded_rot_info.as_slice())?,
1116 }
1117 .encoded_len()?;
1118 }
1119 length = length
1120 + asn1_len(asn1_integer!(self.auths, OsVersion))?
1121 + asn1_len(asn1_integer!(self.auths, OsPatchlevel))?;
1122 if let Some(KeyParam::AttestationApplicationId(app_id)) = &self.app_id {
1123 length = length
1124 + ExplicitTaggedValue {
1125 tag: raw_tag_value(Tag::AttestationApplicationId),
1126 val: der::asn1::OctetStringRef::new(app_id.as_slice())?,
1127 }
1128 .encoded_len()?;
1129 }
1130 length = length
1131 + asn1_len(asn1_octet_string!(&self.keygen_params, AttestationIdBrand))?
1132 + asn1_len(asn1_octet_string!(&self.keygen_params, AttestationIdDevice))?
1133 + asn1_len(asn1_octet_string!(&self.keygen_params, AttestationIdProduct))?
1134 + asn1_len(asn1_octet_string!(&self.keygen_params, AttestationIdSerial))?
1135 + asn1_len(asn1_octet_string!(&self.keygen_params, AttestationIdImei))?
1136 + asn1_len(asn1_octet_string!(&self.keygen_params, AttestationIdMeid))?
1137 + asn1_len(asn1_octet_string!(&self.keygen_params, AttestationIdManufacturer))?
1138 + asn1_len(asn1_octet_string!(&self.keygen_params, AttestationIdModel))?
1139 + asn1_len(asn1_integer!(self.auths, VendorPatchlevel))?
1140 + asn1_len(asn1_integer!(self.auths, BootPatchlevel))?
1141 + asn1_len(asn1_null!(self.auths, DeviceUniqueAttestation))?
1142 + asn1_len(asn1_octet_string!(&self.keygen_params, AttestationIdSecondImei))?
1143 + asn1_len(asn1_octet_string!(&self.additional_attestation_info, ModuleHash))?;
1144 length
1145 }
1146
encode_value(&self, writer: &mut impl der::Writer) -> der::Result<()>1147 fn encode_value(&self, writer: &mut impl der::Writer) -> der::Result<()> {
1148 asn1_val(asn1_set_of_integer!(self.auths, Purpose), writer)?;
1149 asn1_val(asn1_integer!(self.auths, Algorithm), writer)?;
1150 asn1_val(asn1_integer_newtype!(self.auths, KeySize), writer)?;
1151 asn1_val(asn1_set_of_integer!(self.auths, BlockMode), writer)?;
1152 asn1_val(asn1_set_of_integer!(self.auths, Digest), writer)?;
1153 asn1_val(asn1_set_of_integer!(self.auths, Padding), writer)?;
1154 asn1_val(asn1_null!(self.auths, CallerNonce), writer)?;
1155 asn1_val(asn1_integer!(self.auths, MinMacLength), writer)?;
1156 asn1_val(asn1_integer!(self.auths, EcCurve), writer)?;
1157 asn1_val(asn1_integer_newtype!(self.auths, RsaPublicExponent), writer)?;
1158 asn1_val(asn1_set_of_integer!(self.auths, RsaOaepMgfDigest), writer)?;
1159 asn1_val(asn1_null!(self.auths, RollbackResistance), writer)?;
1160 asn1_val(asn1_null!(self.auths, EarlyBootOnly), writer)?;
1161 asn1_val(asn1_integer_datetime!(self.auths, ActiveDatetime), writer)?;
1162 asn1_val(asn1_integer_datetime!(self.auths, OriginationExpireDatetime), writer)?;
1163 asn1_val(asn1_integer_datetime!(self.auths, UsageExpireDatetime), writer)?;
1164 asn1_val(asn1_integer!(self.auths, UsageCountLimit), writer)?;
1165 // Skip `UserSecureId` as it's only included in the extension for
1166 // importWrappedKey() cases.
1167 asn1_val(asn1_null!(self.auths, NoAuthRequired), writer)?;
1168 asn1_val(asn1_integer!(self.auths, UserAuthType), writer)?;
1169 asn1_val(asn1_integer!(self.auths, AuthTimeout), writer)?;
1170 asn1_val(asn1_null!(self.auths, AllowWhileOnBody), writer)?;
1171 asn1_val(asn1_null!(self.auths, TrustedUserPresenceRequired), writer)?;
1172 asn1_val(asn1_null!(self.auths, TrustedConfirmationRequired), writer)?;
1173 asn1_val(asn1_null!(self.auths, UnlockedDeviceRequired), writer)?;
1174 asn1_val(asn1_integer_datetime!(self.auths, CreationDatetime), writer)?;
1175 asn1_val(asn1_integer!(self.auths, Origin), writer)?;
1176 // Root of trust info is a special case (not in key characteristics).
1177 if let Some(KeyParam::RootOfTrust(encoded_rot_info)) = &self.rot_info {
1178 ExplicitTaggedValue {
1179 tag: raw_tag_value(Tag::RootOfTrust),
1180 val: RootOfTrust::from_der(encoded_rot_info.as_slice())?,
1181 }
1182 .encode(writer)?;
1183 }
1184 asn1_val(asn1_integer!(self.auths, OsVersion), writer)?;
1185 asn1_val(asn1_integer!(self.auths, OsPatchlevel), writer)?;
1186 // Attestation application ID is a special case (not in key characteristics).
1187 if let Some(KeyParam::AttestationApplicationId(app_id)) = &self.app_id {
1188 ExplicitTaggedValue {
1189 tag: raw_tag_value(Tag::AttestationApplicationId),
1190 val: der::asn1::OctetStringRef::new(app_id.as_slice())?,
1191 }
1192 .encode(writer)?;
1193 }
1194 // Accuracy of attestation IDs has already been checked, so just copy across.
1195 asn1_val(asn1_octet_string!(&self.keygen_params, AttestationIdBrand), writer)?;
1196 asn1_val(asn1_octet_string!(&self.keygen_params, AttestationIdDevice), writer)?;
1197 asn1_val(asn1_octet_string!(&self.keygen_params, AttestationIdProduct), writer)?;
1198 asn1_val(asn1_octet_string!(&self.keygen_params, AttestationIdSerial), writer)?;
1199 asn1_val(asn1_octet_string!(&self.keygen_params, AttestationIdImei), writer)?;
1200 asn1_val(asn1_octet_string!(&self.keygen_params, AttestationIdMeid), writer)?;
1201 asn1_val(asn1_octet_string!(&self.keygen_params, AttestationIdManufacturer), writer)?;
1202 asn1_val(asn1_octet_string!(&self.keygen_params, AttestationIdModel), writer)?;
1203 asn1_val(asn1_integer!(self.auths, VendorPatchlevel), writer)?;
1204 asn1_val(asn1_integer!(self.auths, BootPatchlevel), writer)?;
1205 asn1_val(asn1_null!(self.auths, DeviceUniqueAttestation), writer)?;
1206 asn1_val(asn1_octet_string!(&self.keygen_params, AttestationIdSecondImei), writer)?;
1207 asn1_val(asn1_octet_string!(&self.additional_attestation_info, ModuleHash), writer)?;
1208 Ok(())
1209 }
1210 }
1211
1212 struct ExplicitTaggedValue<T: Encode> {
1213 pub tag: u32,
1214 pub val: T,
1215 }
1216
1217 impl<T: Encode> ExplicitTaggedValue<T> {
explicit_tag_len(&self) -> der::Result<der::Length>1218 fn explicit_tag_len(&self) -> der::Result<der::Length> {
1219 match self.tag {
1220 0..=0x1e => Ok(der::Length::ONE),
1221 0x1f..=0x7f => Ok(der::Length::new(2)),
1222 0x80..=0x3fff => Ok(der::Length::new(3)),
1223 _ => Err(der::ErrorKind::Overflow.into()),
1224 }
1225 }
1226
explicit_tag_encode(&self, encoder: &mut dyn der::Writer) -> der::Result<()>1227 fn explicit_tag_encode(&self, encoder: &mut dyn der::Writer) -> der::Result<()> {
1228 match self.tag {
1229 0..=0x1e => {
1230 // b101vvvvv is context-specific+constructed
1231 encoder.write_byte(0b10100000u8 | (self.tag as u8))
1232 }
1233 0x1f..=0x7f => {
1234 // b101 11111 indicates a context-specific+constructed long-form tag number
1235 encoder.write_byte(0b10111111)?;
1236 encoder.write_byte(self.tag as u8)
1237 }
1238 0x80..=0x3fff => {
1239 // b101 11111 indicates a context-specific+constructed long-form tag number
1240 encoder.write_byte(0b10111111)?;
1241 encoder.write_byte((self.tag >> 7) as u8 | 0x80u8)?;
1242 encoder.write_byte((self.tag & 0x007f) as u8)
1243 }
1244 _ => Err(der::ErrorKind::Overflow.into()),
1245 }
1246 }
1247 }
1248
1249 /// The der library explicitly does not support `TagNumber` values bigger than 31,
1250 /// which are required here. Work around this by manually providing the encoding functionality.
1251 impl<T: Encode> Encode for ExplicitTaggedValue<T> {
encoded_len(&self) -> der::Result<der::Length>1252 fn encoded_len(&self) -> der::Result<der::Length> {
1253 let inner_len = self.val.encoded_len()?;
1254 self.explicit_tag_len() + inner_len.encoded_len()? + inner_len
1255 }
1256
encode(&self, encoder: &mut impl der::Writer) -> der::Result<()>1257 fn encode(&self, encoder: &mut impl der::Writer) -> der::Result<()> {
1258 let inner_len = self.val.encoded_len()?;
1259 self.explicit_tag_encode(encoder)?;
1260 inner_len.encode(encoder)?;
1261 self.val.encode(encoder)
1262 }
1263 }
1264
1265 /// Root of Trust ASN.1 structure
1266 /// ```asn1
1267 /// * RootOfTrust ::= SEQUENCE {
1268 /// * verifiedBootKey OCTET_STRING,
1269 /// * deviceLocked BOOLEAN,
1270 /// * verifiedBootState VerifiedBootState,
1271 /// * verifiedBootHash OCTET_STRING,
1272 /// * }
1273 /// ```
1274 #[derive(Debug, Clone, Sequence)]
1275 struct RootOfTrust<'a> {
1276 #[asn1(type = "OCTET STRING")]
1277 verified_boot_key: &'a [u8],
1278 device_locked: bool,
1279 verified_boot_state: VerifiedBootState,
1280 #[asn1(type = "OCTET STRING")]
1281 verified_boot_hash: &'a [u8],
1282 }
1283
1284 impl<'a> From<&'a keymint::BootInfo> for RootOfTrust<'a> {
from(info: &keymint::BootInfo) -> RootOfTrust1285 fn from(info: &keymint::BootInfo) -> RootOfTrust {
1286 let verified_boot_key: &[u8] = if info.verified_boot_key.is_empty() {
1287 // If an empty verified boot key was passed by the boot loader, set the verified boot
1288 // key in the attestation to all zeroes.
1289 &EMPTY_BOOT_KEY[..]
1290 } else {
1291 &info.verified_boot_key[..]
1292 };
1293 RootOfTrust {
1294 verified_boot_key,
1295 device_locked: info.device_boot_locked,
1296 verified_boot_state: info.verified_boot_state.into(),
1297 verified_boot_hash: &info.verified_boot_hash[..],
1298 }
1299 }
1300 }
1301
1302 /// Verified Boot State as ASN.1 ENUMERATED type.
1303 ///```asn1
1304 /// * VerifiedBootState ::= ENUMERATED {
1305 /// * Verified (0),
1306 /// * SelfSigned (1),
1307 /// * Unverified (2),
1308 /// * Failed (3),
1309 /// * }
1310 ///```
1311 #[repr(u32)]
1312 #[derive(Debug, Clone, Copy, Enumerated)]
1313 enum VerifiedBootState {
1314 Verified = 0,
1315 SelfSigned = 1,
1316 Unverified = 2,
1317 Failed = 3,
1318 }
1319
1320 impl From<keymint::VerifiedBootState> for VerifiedBootState {
from(state: keymint::VerifiedBootState) -> VerifiedBootState1321 fn from(state: keymint::VerifiedBootState) -> VerifiedBootState {
1322 match state {
1323 keymint::VerifiedBootState::Verified => VerifiedBootState::Verified,
1324 keymint::VerifiedBootState::SelfSigned => VerifiedBootState::SelfSigned,
1325 keymint::VerifiedBootState::Unverified => VerifiedBootState::Unverified,
1326 keymint::VerifiedBootState::Failed => VerifiedBootState::Failed,
1327 }
1328 }
1329 }
1330
1331 #[cfg(test)]
1332 mod tests {
1333 use super::*;
1334 use crate::KeyMintHalVersion;
1335 use alloc::vec;
1336
1337 #[test]
test_attest_ext_encode_decode()1338 fn test_attest_ext_encode_decode() {
1339 let sec_level = SecurityLevel::TrustedEnvironment;
1340 let ext = AttestationExtension {
1341 attestation_version: KeyMintHalVersion::V3 as i32,
1342 attestation_security_level: sec_level,
1343 keymint_version: KeyMintHalVersion::V3 as i32,
1344 keymint_security_level: sec_level,
1345 attestation_challenge: b"abc",
1346 unique_id: b"xxx",
1347 sw_enforced: AuthorizationList::new(&[], &[], None, None, None, &[]).unwrap(),
1348 hw_enforced: AuthorizationList::new(
1349 &[KeyParam::Algorithm(keymint::Algorithm::Ec)],
1350 &[],
1351 None,
1352 Some(RootOfTrust {
1353 verified_boot_key: &[0xbbu8; 32],
1354 device_locked: false,
1355 verified_boot_state: VerifiedBootState::Unverified,
1356 verified_boot_hash: &[0xee; 32],
1357 }),
1358 None,
1359 &[],
1360 )
1361 .unwrap(),
1362 };
1363 let got = ext.to_der().unwrap();
1364 let want = concat!(
1365 "3071", // SEQUENCE
1366 "0202", // INTEGER len 2
1367 "012c", // 300
1368 "0a01", // ENUM len 1
1369 "01", // 1 (TrustedEnvironment)
1370 "0202", // INTEGER len 2
1371 "012c", // 300
1372 "0a01", // ENUM len 1
1373 "01", // 1 (TrustedEnvironement)
1374 "0403", // BYTE STRING len 3
1375 "616263", // b"abc"
1376 "0403", // BYTE STRING len 3
1377 "787878", // b"xxx"
1378 "3000", // SEQUENCE len 0
1379 "3055", // SEQUENCE len 55
1380 "a203", // EXPLICIT [2]
1381 "0201", // INTEGER len 1
1382 "03", // 3 (Algorithm::Ec)
1383 "bf8540",
1384 "4c", // EXPLICIT [704] len 0x4c
1385 "304a", // SEQUENCE len x4a
1386 "0420", // OCTET STRING len 32
1387 "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
1388 "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
1389 "0101", // BOOLEAN len 1
1390 "00", // false
1391 "0a01", // ENUMERATED len 1
1392 "02", // Unverified(2)
1393 "0420", // OCTET STRING len 32
1394 "eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee",
1395 "eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee",
1396 );
1397 assert_eq!(hex::encode(&got), want);
1398 assert_eq!(AttestationExtension::from_der(&got).unwrap(), ext);
1399 }
1400
1401 #[test]
test_explicit_tagged_value()1402 fn test_explicit_tagged_value() {
1403 assert_eq!(
1404 hex::encode(ExplicitTaggedValue { tag: 2, val: 16 }.to_der().unwrap()),
1405 "a203020110"
1406 );
1407 assert_eq!(
1408 hex::encode(ExplicitTaggedValue { tag: 2, val: () }.to_der().unwrap()),
1409 "a2020500"
1410 );
1411 assert_eq!(
1412 hex::encode(ExplicitTaggedValue { tag: 503, val: 16 }.to_der().unwrap()),
1413 "bf837703020110"
1414 );
1415 }
1416
1417 #[test]
test_authz_list_encode_decode()1418 fn test_authz_list_encode_decode() {
1419 let additional_attestation_info = [KeyParam::ModuleHash(vec![0xaa; 32])];
1420 let authz_list = AuthorizationList::new(
1421 &[KeyParam::Algorithm(keymint::Algorithm::Ec)],
1422 &[],
1423 None,
1424 Some(RootOfTrust {
1425 verified_boot_key: &[0xbbu8; 32],
1426 device_locked: false,
1427 verified_boot_state: VerifiedBootState::Unverified,
1428 verified_boot_hash: &[0xee; 32],
1429 }),
1430 None,
1431 &additional_attestation_info,
1432 )
1433 .unwrap();
1434 let got = authz_list.to_der().unwrap();
1435 let want: &str = concat!(
1436 "307b", // SEQUENCE len 123
1437 "a203", // EXPLICIT [2]
1438 "0201", // INTEGER len 1
1439 "03", // 3 (Algorithm::Ec)
1440 "bf8540",
1441 "4c", // EXPLICIT [704] len 0x4c
1442 "304a", // SEQUENCE len x4a
1443 "0420", // OCTET STRING len 32
1444 "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
1445 "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
1446 "0101", // BOOLEAN len 1
1447 "00", // false
1448 "0a01", // ENUMERATED len 1
1449 "02", // Unverified(2)
1450 "0420", // OCTET STRING len 32
1451 "eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee",
1452 "eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee",
1453 "bf8554",
1454 "22", // EXPLICIT [724] len 34
1455 "0420", // OCTET STRING len 32
1456 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
1457 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
1458 );
1459 // encode
1460 assert_eq!(hex::encode(&got), want);
1461 // decode from encoded
1462 assert_eq!(AuthorizationList::from_der(got.as_slice()).unwrap(), authz_list);
1463 }
1464
1465 #[test]
test_authz_list_user_secure_id_encode()1466 fn test_authz_list_user_secure_id_encode() {
1467 // Create an authorization list that includes multiple values for SecureUserId.
1468 let authz_list = AuthorizationList::new(
1469 &[
1470 KeyParam::Algorithm(keymint::Algorithm::Ec),
1471 KeyParam::UserSecureId(42),
1472 KeyParam::UserSecureId(43),
1473 KeyParam::UserSecureId(44),
1474 ],
1475 &[],
1476 None,
1477 Some(RootOfTrust {
1478 verified_boot_key: &[0xbbu8; 32],
1479 device_locked: false,
1480 verified_boot_state: VerifiedBootState::Unverified,
1481 verified_boot_hash: &[0xee; 32],
1482 }),
1483 None,
1484 &[],
1485 )
1486 .unwrap();
1487 let got = authz_list.to_der().unwrap();
1488 // The `SecureUserId` values are *not* included in the generated output.
1489 let want: &str = concat!(
1490 "3055", // SEQUENCE len 55
1491 "a203", // EXPLICIT [2]
1492 "0201", // INTEGER len 1
1493 "03", // 3 (Algorithm::Ec)
1494 "bf8540",
1495 "4c", // EXPLICIT [704] len 0x4c
1496 "304a", // SEQUENCE len x4a
1497 "0420", // OCTET STRING len 32
1498 "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
1499 "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
1500 "0101", // BOOLEAN len 1
1501 "00", // false
1502 "0a01", // ENUMERATED len 1
1503 "02", // Unverified(2)
1504 "0420", // OCTET STRING len 32
1505 "eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee",
1506 "eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee",
1507 );
1508 // encode
1509 assert_eq!(hex::encode(got), want);
1510 }
1511
1512 #[test]
test_authz_list_user_secure_id_decode()1513 fn test_authz_list_user_secure_id_decode() {
1514 // Create a DER-encoded `AuthorizationList` that includes a `UserSecureId` value.
1515 let input = hex::decode(concat!(
1516 "305c", // SEQUENCE
1517 "a203", // EXPLICIT [2] len 3
1518 "0201", // INTEGER len 1
1519 "03", // 3 (Algorithm::Ec)
1520 "bf8376", // EXPLICIT [502]
1521 "03", // len 3
1522 "0201", // INTEGER len 1
1523 "02", // 2
1524 "bf8540", // EXPLICIT [704]
1525 "4c", // len 0x4c
1526 "304a", // SEQUENCE len x4a
1527 "0420", // OCTET STRING len 32
1528 "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
1529 "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
1530 "0101", // BOOLEAN len 1
1531 "00", // false
1532 "0a01", // ENUMERATED len 1
1533 "02", // Unverified(2)
1534 "0420", // OCTET STRING len 32
1535 "eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee",
1536 "eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee",
1537 ))
1538 .unwrap();
1539 let got = AuthorizationList::from_der(&input).unwrap();
1540
1541 let want = AuthorizationList::new(
1542 &[KeyParam::Algorithm(keymint::Algorithm::Ec), KeyParam::UserSecureId(2)],
1543 &[],
1544 None,
1545 Some(RootOfTrust {
1546 verified_boot_key: &[0xbbu8; 32],
1547 device_locked: false,
1548 verified_boot_state: VerifiedBootState::Unverified,
1549 verified_boot_hash: &[0xee; 32],
1550 }),
1551 None,
1552 &[],
1553 )
1554 .unwrap();
1555
1556 assert_eq!(got, want);
1557 }
1558
1559 #[test]
test_authz_list_dup_encode()1560 fn test_authz_list_dup_encode() {
1561 use kmr_wire::keymint::Digest;
1562 let authz_list = AuthorizationList::new(
1563 &[
1564 KeyParam::Digest(Digest::None),
1565 KeyParam::Digest(Digest::Sha1),
1566 KeyParam::Digest(Digest::Sha1), // duplicate value
1567 ],
1568 &[],
1569 None,
1570 Some(RootOfTrust {
1571 verified_boot_key: &[0xbbu8; 32],
1572 device_locked: false,
1573 verified_boot_state: VerifiedBootState::Unverified,
1574 verified_boot_hash: &[0xee; 32],
1575 }),
1576 None,
1577 &[],
1578 )
1579 .unwrap();
1580 let got = authz_list.to_der().unwrap();
1581 assert!(AuthorizationList::from_der(got.as_slice()).is_ok());
1582 }
1583
1584 #[test]
test_authz_list_order_fail()1585 fn test_authz_list_order_fail() {
1586 use kmr_wire::keymint::Digest;
1587 let authz_list = AuthorizationList::new(
1588 &[KeyParam::Digest(Digest::Sha1), KeyParam::Digest(Digest::None)],
1589 &[],
1590 None,
1591 Some(RootOfTrust {
1592 verified_boot_key: &[0xbbu8; 32],
1593 device_locked: false,
1594 verified_boot_state: VerifiedBootState::Unverified,
1595 verified_boot_hash: &[0xee; 32],
1596 }),
1597 None,
1598 &[],
1599 )
1600 .unwrap();
1601 assert!(authz_list.to_der().is_err());
1602 }
1603 }
1604