1 /* 2 * Copyright 2017 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef HARDWARE_INTERFACES_KEYMASTER_40_VTS_FUNCTIONAL_ATTESTATION_RECORD_H_ 18 #define HARDWARE_INTERFACES_KEYMASTER_40_VTS_FUNCTIONAL_ATTESTATION_RECORD_H_ 19 20 #include <android/hardware/keymaster/4.0/IKeymasterDevice.h> 21 22 namespace android { 23 namespace hardware { 24 namespace keymaster { 25 namespace V4_0 { 26 27 class AuthorizationSet; 28 29 /** 30 * The OID for Android attestation records. For the curious, it breaks down as follows: 31 * 32 * 1 = ISO 33 * 3 = org 34 * 6 = DoD (Huh? OIDs are weird.) 35 * 1 = IANA 36 * 4 = Private 37 * 1 = Enterprises 38 * 11129 = Google 39 * 2 = Google security 40 * 1 = certificate extension 41 * 17 = Android attestation extension. 42 */ 43 static const char kAttestionRecordOid[] = "1.3.6.1.4.1.11129.2.1.17"; 44 45 ErrorCode parse_attestation_record(const uint8_t* asn1_key_desc, size_t asn1_key_desc_len, 46 uint32_t* attestation_version, // 47 SecurityLevel* attestation_security_level, 48 uint32_t* keymaster_version, 49 SecurityLevel* keymaster_security_level, 50 hidl_vec<uint8_t>* attestation_challenge, 51 AuthorizationSet* software_enforced, 52 AuthorizationSet* tee_enforced, // 53 hidl_vec<uint8_t>* unique_id); 54 } // namespace V4_0 55 } // namespace keymaster 56 } // namespace hardware 57 } // namespace android 58 59 #endif // HARDWARE_INTERFACES_KEYMASTER_40_VTS_FUNCTIONAL_ATTESTATION_RECORD_H_ 60