// Copyright 2023 Google LLC. All Rights Reserved. This file and proprietary // source code may only be used and distributed under the Widevine License // Agreement. // // Reference implementation utilities of OEMCrypto APIs // #ifndef WVOEC_UTIL_BCC_VALIDATOR_H_ #define WVOEC_UTIL_BCC_VALIDATOR_H_ #include #include #include #include "cbor_validator.h" #include "cppbor.h" namespace wvoec { namespace util { // BccValidator processes a Provisioning 4.0 device root of trust. It extracts // and validates relevant pieces of information of BCC. // Relevant documents: // Android definition: go/remote-provisioning-hal#bcc. // Google Dice Profile: go/dice-profile class BccValidator : public CborValidator { public: explicit BccValidator() {} virtual ~BccValidator() override = default; BccValidator(const BccValidator&) = delete; BccValidator& operator=(const BccValidator&) = delete; // Verifies the Cbor struct of a client generated root of trust. This message // is part of an attestation model conforming to the Google Open Dice Profile. // This message is received from a client device to attest it is a valid // Widevine device. virtual CborMessageStatus Validate() override; // Outputs BCC in YAML. virtual std::string GetFormattedMessage() const override; private: // Processes CoseKey PubKeyEd25519 / PubKeyECDSA256, prints into |fmt_msgs|, // and extracts the PubKey string to *|public_key_bytes|. CborMessageStatus ProcessSubjectPublicKeyInfo( const cppbor::Map& public_key_info_map, std::vector& fmt_msgs, std::string* public_key_bytes); // Processes DiceChainEntryPayload, which contains subject public key, prints // into |fmt_msgs|, and extracts the PubKey string to *|public_key_bytes|. CborMessageStatus ProcessDiceChainEntryPayload( const std::vector& payload, std::vector& fmt_msgs, std::string* public_key_bytes); // Used to generate formatted message. std::stringstream msg_ss_; }; } // namespace util } // namespace wvoec #endif // WVOEC_UTIL_BCC_VALIDATOR_H_