Source release 19.4.0

oemcrypto/util/include/device_info_validator.h

@@ -15,10 +15,47 @@
 
 #include "cbor_validator.h"
 #include "cppbor.h"
+#include "prov4_validation_helper.h"
 #include "wv_class_utils.h"
 
 namespace wvoec {
 namespace util {
+struct DeviceInfo {
+  // Version 2 and 3 fields
+  std::pair<FieldStatus, std::string> brand;
+  std::pair<FieldStatus, std::string> manufacturer;
+  std::pair<FieldStatus, std::string> product;
+  std::pair<FieldStatus, std::string> model;
+  std::pair<FieldStatus, std::string> device;
+  std::pair<FieldStatus, std::string>
+      vb_state;  // "green" / "yellow" / "orange"
+  std::pair<FieldStatus, std::string>
+      bootloader_state;  // "locked" / "unlocked"
+  std::pair<FieldStatus, std::vector<uint8_t>> vbmeta_digest;
+  std::pair<FieldStatus, std::string> os_version;
+  std::pair<FieldStatus, std::string> system_patch_level;  // YYYYMM
+  std::pair<FieldStatus, std::string> boot_patch_level;    // YYYYMMDD
+  std::pair<FieldStatus, std::string> vendor_patch_level;  // YYYYMMDD
+  std::pair<FieldStatus, std::string> security_level;  // "tee" / "strongbox"
+  std::pair<FieldStatus, std::string> fused;           // 1 / 0
+  // Version 1 fields
+  std::pair<FieldStatus, std::string> board;
+  std::pair<FieldStatus, std::string> version;
+  std::pair<FieldStatus, std::string> att_id_state;
+  std::string ToString() const;
+  CborMessageStatus Validate(
+      std::vector<std::pair<CborMessageStatus, std::string>>& msgs, bool is_gms,
+      int version_number) const;
+  CborMessageStatus ValidateV3Fields(
+      bool is_tee_device_info,
+      std::vector<std::pair<CborMessageStatus, std::string>>& msgs) const;
+  CborMessageStatus ValidateV2Fields(
+      bool is_tee_device_info,
+      std::vector<std::pair<CborMessageStatus, std::string>>& msgs) const;
+  CborMessageStatus ValidateV1Fields(
+      std::vector<std::pair<CborMessageStatus, std::string>>& msgs) const;
+};
+
 // DeviceInfoValidator parses and validates a Cbor struct of DeviceInfo used by
 // Provisioning 4.0. DeviceInfo definition:
 // https://source.corp.google.com/h/googleplex-android/platform/superproject/main/+/main:hardware/interfaces/security/rkp/aidl/android/hardware/security/keymint/DeviceInfoV3.cddl
@@ -27,8 +64,8 @@ class DeviceInfoValidator : public CborValidator {
   DeviceInfoValidator() = delete;
   WVCDM_DISALLOW_COPY_AND_MOVE(DeviceInfoValidator);
 
-  explicit DeviceInfoValidator(int version_number)
-      : version_number_(version_number) {}
+  explicit DeviceInfoValidator(int version_number = 3, bool is_gms = false)
+      : version_number_(version_number), is_gms_(is_gms) {}
 
   virtual ~DeviceInfoValidator() override = default;
 
@@ -41,15 +78,15 @@ class DeviceInfoValidator : public CborValidator {
   virtual std::string GetFormattedMessage() const override;
 
  private:
-  // Checks whether a device info entry with |entry_name| and |major_type|
-  // exists in |device_info| map.
-  void CheckDeviceInfoMapEntry(const cppbor::Map& device_info,
-                               cppbor::MajorType major_type,
-                               const std::string& entry_name);
+  // Builds a struct of DeviceInfo from input CBOR map |device_info_map|.
+  CborMessageStatus BuildDeviceInfo(DeviceInfo& device_info,
+                                    const cppbor::Map* device_info_map);
   // Used to generate formatted message.
   std::stringstream msg_ss_;
   // Device info version. Validations are done based on the version number.
   int version_number_;
+  // Whether the device is a GMS device.
+  bool is_gms_;
   // Saved Cbor-encoded device info.
   std::vector<uint8_t> device_info_bytes_;
 };  // class DeviceInfoValidator