Add Bcc validator to oemcrypto util and unit tests
A Bcc validator that can parse and validate BCC. This is to support better prov40 unit tests regarding OEMCrypto_GetBootCertificateChain() later. Test: opk_ta_p40 Bug: 300304834 Bug: 307968622 Change-Id: I3cfdad9f1891c6abc83051af1d80a20e0adeb58b
This commit is contained in:
Cong Lin
54
libwvdrmengine/oemcrypto/util/include/bcc_validator.h
Normal file
54
libwvdrmengine/oemcrypto/util/include/bcc_validator.h
Normal file
@@ -0,0 +1,54 @@
|
||||
// Copyright 2023 Google LLC. All Rights Reserved. This file and proprietary
|
||||
// source code may only be used and distributed under the Widevine License
|
||||
// Agreement.
|
||||
//
|
||||
// Reference implementation utilities of OEMCrypto APIs
|
||||
//
|
||||
#ifndef WVOEC_UTIL_BCC_VALIDATOR_H_
|
||||
#define WVOEC_UTIL_BCC_VALIDATOR_H_
|
||||
|
||||
#include <sstream>
|
||||
#include <string>
|
||||
#include <vector>
|
||||
|
||||
#include "cbor_validator.h"
|
||||
#include "cppbor.h"
|
||||
|
||||
namespace wvoec {
|
||||
namespace util {
|
||||
// BccValidator processes a Provisioning 4.0 device root of trust. It extracts
|
||||
// and validates relevant pieces of information of BCC.
|
||||
// Relevant documents:
|
||||
// Android definition: go/remote-provisioning-hal#bcc.
|
||||
// Google Dice Profile: go/dice-profile
|
||||
class BccValidator : public CborValidator {
|
||||
public:
|
||||
explicit BccValidator() {}
|
||||
virtual ~BccValidator() override = default;
|
||||
BccValidator(const BccValidator&) = delete;
|
||||
BccValidator& operator=(const BccValidator&) = delete;
|
||||
// Verifies the Cbor struct of a client generated root of trust. This message
|
||||
// is part of an attestation model conforming to the Google Open Dice Profile.
|
||||
// This message is received from a client device to attest it is a valid
|
||||
// Widevine device.
|
||||
virtual CborMessageStatus Validate() override;
|
||||
// Outputs BCC in YAML.
|
||||
virtual std::string GetFormattedMessage() const override;
|
||||
|
||||
private:
|
||||
// Processes CoseKey PubKeyEd25519 / PubKeyECDSA256, prints into |fmt_msgs|,
|
||||
// and extracts the PubKey string to *|public_key_bytes|.
|
||||
CborMessageStatus ProcessSubjectPublicKeyInfo(
|
||||
const cppbor::Map& public_key_info_map,
|
||||
std::vector<std::string>& fmt_msgs, std::string* public_key_bytes);
|
||||
// Processes DiceChainEntryPayload, which contains subject public key, prints
|
||||
// into |fmt_msgs|, and extracts the PubKey string to *|public_key_bytes|.
|
||||
CborMessageStatus ProcessDiceChainEntryPayload(
|
||||
const std::vector<uint8_t>& payload, std::vector<std::string>& fmt_msgs,
|
||||
std::string* public_key_bytes);
|
||||
// Used to generate formatted message.
|
||||
std::stringstream msg_ss_;
|
||||
};
|
||||
} // namespace util
|
||||
} // namespace wvoec
|
||||
#endif // WVOEC_UTIL_BCC_VALIDATOR_H_
|
||||
Reference in New Issue
Block a user