// Copyright 2023 Google LLC. All Rights Reserved. This file and proprietary // source code may only be used and distributed under the Widevine License // Agreement. // // Reference implementation utilities of OEMCrypto APIs // #ifndef WVOEC_UTIL_DEVICE_INFO_VALIDATOR_H_ #define WVOEC_UTIL_DEVICE_INFO_VALIDATOR_H_ #include #include #include #include #include "cbor_validator.h" #include "cppbor.h" #include "prov4_validation_helper.h" #include "wv_class_utils.h" namespace wvoec { namespace util { struct DeviceInfo { // Version 2 and 3 fields std::pair brand; std::pair manufacturer; std::pair product; std::pair model; std::pair device; std::pair vb_state; // "green" / "yellow" / "orange" std::pair bootloader_state; // "locked" / "unlocked" std::pair> vbmeta_digest; std::pair os_version; std::pair system_patch_level; // YYYYMM std::pair boot_patch_level; // YYYYMMDD std::pair vendor_patch_level; // YYYYMMDD std::pair security_level; // "tee" / "strongbox" std::pair fused; // 1 / 0 // Version 1 fields std::pair board; std::pair version; std::pair att_id_state; std::string ToString() const; CborMessageStatus Validate( std::vector>& msgs, bool is_gms, int version_number) const; CborMessageStatus ValidateV3Fields( bool is_tee_device_info, std::vector>& msgs) const; CborMessageStatus ValidateV2Fields( bool is_tee_device_info, std::vector>& msgs) const; CborMessageStatus ValidateV1Fields( std::vector>& msgs) const; }; // DeviceInfoValidator parses and validates a Cbor struct of DeviceInfo used by // Provisioning 4.0. DeviceInfo definition: // https://source.corp.google.com/h/googleplex-android/platform/superproject/main/+/main:hardware/interfaces/security/rkp/aidl/android/hardware/security/keymint/DeviceInfoV3.cddl class DeviceInfoValidator : public CborValidator { public: DeviceInfoValidator() = delete; WVCDM_DISALLOW_COPY_AND_MOVE(DeviceInfoValidator); explicit DeviceInfoValidator(int version_number = 3, bool is_gms = false) : version_number_(version_number), is_gms_(is_gms) {} virtual ~DeviceInfoValidator() override = default; // Decodes |device_info| and sets |message_status_|. virtual CborMessageStatus Parse( const std::vector& device_info) override; // Verifies the Cbor struct of a client generated device info. virtual CborMessageStatus Validate() override; // Outputs DeviceInfo in YAML. virtual std::string GetFormattedMessage() const override; private: // Builds a struct of DeviceInfo from input CBOR map |device_info_map|. CborMessageStatus BuildDeviceInfo(DeviceInfo& device_info, const cppbor::Map* device_info_map); // Used to generate formatted message. std::stringstream msg_ss_; // Device info version. Validations are done based on the version number. int version_number_; // Whether the device is a GMS device. bool is_gms_; // Saved Cbor-encoded device info. std::vector device_info_bytes_; }; // class DeviceInfoValidator } // namespace util } // namespace wvoec #endif // WVOEC_UTIL_DEVICE_INFO_VALIDATOR_H_