1 /*
2  * Copyright 2016 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include <keymaster/km_openssl/attestation_record.h>
18 
19 #include <assert.h>
20 #include <math.h>
21 
22 #include <unordered_map>
23 
24 #include <cppbor_parse.h>
25 #include <openssl/asn1t.h>
26 
27 #include <keymaster/android_keymaster_utils.h>
28 #include <keymaster/attestation_context.h>
29 #include <keymaster/km_openssl/openssl_err.h>
30 #include <keymaster/km_openssl/openssl_utils.h>
31 
32 #define ASSERT_OR_RETURN_ERROR(stmt, error)                                                        \
33     do {                                                                                           \
34         assert(stmt);                                                                              \
35         if (!(stmt)) {                                                                             \
36             return error;                                                                          \
37         }                                                                                          \
38     } while (0)
39 
40 namespace keymaster {
41 
42 constexpr size_t kMaximumAttestationChallengeLength = 128;
43 
44 IMPLEMENT_ASN1_FUNCTIONS(KM_ROOT_OF_TRUST);
45 IMPLEMENT_ASN1_FUNCTIONS(KM_AUTH_LIST);
46 IMPLEMENT_ASN1_FUNCTIONS(KM_KEY_DESCRIPTION);
47 
48 static const keymaster_tag_t kDeviceAttestationTags[] = {
49     KM_TAG_ATTESTATION_ID_BRAND,        KM_TAG_ATTESTATION_ID_DEVICE, KM_TAG_ATTESTATION_ID_PRODUCT,
50     KM_TAG_ATTESTATION_ID_SERIAL,       KM_TAG_ATTESTATION_ID_IMEI,   KM_TAG_ATTESTATION_ID_MEID,
51     KM_TAG_ATTESTATION_ID_MANUFACTURER, KM_TAG_ATTESTATION_ID_MODEL,
52 };
53 
54 struct KM_AUTH_LIST_Delete {
operator ()keymaster::KM_AUTH_LIST_Delete55     void operator()(KM_AUTH_LIST* p) { KM_AUTH_LIST_free(p); }
56 };
57 
58 struct KM_KEY_DESCRIPTION_Delete {
operator ()keymaster::KM_KEY_DESCRIPTION_Delete59     void operator()(KM_KEY_DESCRIPTION* p) { KM_KEY_DESCRIPTION_free(p); }
60 };
61 
62 struct KM_ROOT_OF_TRUST_Delete {
operator ()keymaster::KM_ROOT_OF_TRUST_Delete63     void operator()(KM_ROOT_OF_TRUST* p) { KM_ROOT_OF_TRUST_free(p); }
64 };
65 
blob_to_bstr(const keymaster_blob_t & blob)66 static cppbor::Bstr blob_to_bstr(const keymaster_blob_t& blob) {
67     return cppbor::Bstr(std::pair(blob.data, blob.data_length));
68 }
69 
bstr_to_blob(const cppbor::Bstr * bstr,keymaster_blob_t * blob)70 static keymaster_error_t bstr_to_blob(const cppbor::Bstr* bstr, keymaster_blob_t* blob) {
71     ASSERT_OR_RETURN_ERROR(bstr, KM_ERROR_INVALID_TAG);
72     const std::vector<uint8_t>& vec = bstr->value();
73     uint8_t* data = (uint8_t*)calloc(vec.size(), sizeof(uint8_t));
74     if (data == nullptr) {
75         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
76     }
77 
78     std::copy(vec.begin(), vec.end(), data);
79     blob->data = data;
80     blob->data_length = vec.size();
81 
82     return KM_ERROR_OK;
83 }
84 
get_uint32_value(const keymaster_key_param_t & param)85 static uint32_t get_uint32_value(const keymaster_key_param_t& param) {
86     switch (keymaster_tag_get_type(param.tag)) {
87     case KM_ENUM:
88     case KM_ENUM_REP:
89         return param.enumerated;
90     case KM_UINT:
91     case KM_UINT_REP:
92         return param.integer;
93     default:
94         ASSERT_OR_RETURN_ERROR(false, 0xFFFFFFFF);
95     }
96 }
97 
get_uint32_value(EatSecurityLevel level)98 static int64_t get_uint32_value(EatSecurityLevel level) {
99     return static_cast<int64_t>(level);
100 }
101 
102 // Insert value in either the dest_integer or the dest_integer_set, whichever is provided.
insert_integer(ASN1_INTEGER * value,ASN1_INTEGER ** dest_integer,ASN1_INTEGER_SET ** dest_integer_set)103 static keymaster_error_t insert_integer(ASN1_INTEGER* value, ASN1_INTEGER** dest_integer,
104                                         ASN1_INTEGER_SET** dest_integer_set) {
105     ASSERT_OR_RETURN_ERROR((dest_integer == nullptr) ^ (dest_integer_set == nullptr),
106                            KM_ERROR_UNEXPECTED_NULL_POINTER);
107     ASSERT_OR_RETURN_ERROR(value, KM_ERROR_INVALID_ARGUMENT);
108 
109     if (dest_integer_set) {
110         if (!*dest_integer_set) {
111             *dest_integer_set = sk_ASN1_INTEGER_new_null();
112         }
113         if (!*dest_integer_set) {
114             return KM_ERROR_MEMORY_ALLOCATION_FAILED;
115         }
116         if (!sk_ASN1_INTEGER_push(*dest_integer_set, value)) {
117             return KM_ERROR_MEMORY_ALLOCATION_FAILED;
118         }
119         return KM_ERROR_OK;
120 
121     } else if (dest_integer) {
122         if (*dest_integer) {
123             ASN1_INTEGER_free(*dest_integer);
124         }
125         *dest_integer = value;
126         return KM_ERROR_OK;
127     }
128 
129     ASSERT_OR_RETURN_ERROR(false, KM_ERROR_UNKNOWN_ERROR);  // Should never get here.
130 }
131 
132 // Add a repeating enum to a map going mapping its key to list of values.
add_repeating_enum(EatClaim key,uint32_t value,std::unordered_map<EatClaim,cppbor::Array> * fields_map)133 static void add_repeating_enum(EatClaim key, uint32_t value,
134                                std::unordered_map<EatClaim, cppbor::Array>* fields_map) {
135     auto field = fields_map->find(key);
136     if (field != fields_map->end()) {
137         field->second.add(value);
138     } else {
139         fields_map->insert({key, cppbor::Array().add(value)});
140     }
141 }
142 
143 static keymaster_error_t
insert_unknown_tag(const keymaster_key_param_t & param,cppbor::Map * dest_map,std::unordered_map<EatClaim,cppbor::Array> * fields_map)144 insert_unknown_tag(const keymaster_key_param_t& param, cppbor::Map* dest_map,
145                    std::unordered_map<EatClaim, cppbor::Array>* fields_map) {
146     EatClaim private_eat_tag = static_cast<EatClaim>(convert_to_eat_claim(param.tag));
147     switch (keymaster_tag_get_type(param.tag)) {
148     case KM_ENUM:
149         dest_map->add(private_eat_tag, param.enumerated);
150         break;
151     case KM_ENUM_REP:
152         add_repeating_enum(private_eat_tag, param.enumerated, fields_map);
153         break;
154     case KM_UINT:
155         dest_map->add(private_eat_tag, param.integer);
156         break;
157     case KM_UINT_REP:
158         add_repeating_enum(private_eat_tag, param.integer, fields_map);
159         break;
160     case KM_ULONG:
161         dest_map->add(private_eat_tag, param.long_integer);
162         break;
163     case KM_ULONG_REP:
164         add_repeating_enum(private_eat_tag, param.long_integer, fields_map);
165         break;
166     case KM_DATE:
167         dest_map->add(private_eat_tag, param.date_time);
168         break;
169     case KM_BOOL:
170         dest_map->add(private_eat_tag, true);
171         break;
172     case KM_BIGNUM:
173     case KM_BYTES:
174         dest_map->add(private_eat_tag, blob_to_bstr(param.blob));
175         break;
176     default:
177         ASSERT_OR_RETURN_ERROR(false, KM_ERROR_INVALID_TAG);
178     }
179     return KM_ERROR_OK;
180 }
181 
182 /**
183  * Convert an IMEI encoded as a string of numbers into the UEID format defined in
184  * https://tools.ietf.org/html/draft-ietf-rats-eat.
185  * The resulting format is a bstr encoded as follows:
186  * - Type byte: 0x03
187  * - IMEI (without check digit), encoded as byte string of length 14 with each byte as the digit's
188  *   value. The IMEI value encoded SHALL NOT include Luhn checksum or SVN information.
189  */
imei_to_ueid(const keymaster_blob_t & imei_blob,cppbor::Bstr * out)190 keymaster_error_t imei_to_ueid(const keymaster_blob_t& imei_blob, cppbor::Bstr* out) {
191     ASSERT_OR_RETURN_ERROR(imei_blob.data_length == kImeiBlobLength, KM_ERROR_INVALID_TAG);
192 
193     uint8_t ueid[kUeidLength];
194     ueid[0] = kImeiTypeByte;
195     // imei_blob corresponds to android.telephony.TelephonyManager#getDeviceId(), which is the
196     // 15-digit IMEI (including the check digit), encoded as a string.
197     for (size_t i = 1; i < kUeidLength; i++) {
198         // Convert each character to its numeric value.
199         ueid[i] = imei_blob.data[i - 1] - '0';  // Intentionally skip check digit at last position.
200     }
201 
202     *out = cppbor::Bstr(std::pair(ueid, sizeof(ueid)));
203     return KM_ERROR_OK;
204 }
205 
ueid_to_imei_blob(const cppbor::Bstr * ueid,keymaster_blob_t * out)206 keymaster_error_t ueid_to_imei_blob(const cppbor::Bstr* ueid, keymaster_blob_t* out) {
207     ASSERT_OR_RETURN_ERROR(ueid, KM_ERROR_INVALID_TAG);
208     const std::vector<uint8_t>& ueid_vec = ueid->value();
209     ASSERT_OR_RETURN_ERROR(ueid_vec.size() == kUeidLength, KM_ERROR_INVALID_TAG);
210     ASSERT_OR_RETURN_ERROR(ueid_vec[0] == kImeiTypeByte, KM_ERROR_INVALID_TAG);
211 
212     uint8_t* imei_string = (uint8_t*)calloc(kImeiBlobLength, sizeof(uint8_t));
213     // Fill string from left to right, and calculate Luhn check digit.
214     int luhn_digit_sum = 0;
215     for (size_t i = 0; i < kImeiBlobLength - 1; i++) {
216         uint8_t digit_i = ueid_vec[i + 1];
217         // Convert digit to its string value.
218         imei_string[i] = '0' + digit_i;
219         luhn_digit_sum += i % 2 == 0 ? digit_i : digit_i * 2 / 10 + (digit_i * 2) % 10;
220     }
221     imei_string[kImeiBlobLength - 1] = '0' + (10 - luhn_digit_sum % 10) % 10;
222 
223     *out = {.data = imei_string, .data_length = kImeiBlobLength};
224     return KM_ERROR_OK;
225 }
226 
ec_key_size_to_eat_curve(uint32_t key_size_bits,int * curve)227 keymaster_error_t ec_key_size_to_eat_curve(uint32_t key_size_bits, int* curve) {
228     switch (key_size_bits) {
229     default:
230         return KM_ERROR_UNSUPPORTED_KEY_SIZE;
231 
232     case 224:
233         *curve = (int)EatEcCurve::P_224;
234         break;
235 
236     case 256:
237         *curve = (int)EatEcCurve::P_256;
238         break;
239 
240     case 384:
241         *curve = (int)EatEcCurve::P_384;
242         break;
243 
244     case 521:
245         *curve = (int)EatEcCurve::P_521;
246         break;
247     }
248 
249     return KM_ERROR_OK;
250 }
251 
is_valid_attestation_challenge(const keymaster_blob_t & attestation_challenge)252 bool is_valid_attestation_challenge(const keymaster_blob_t& attestation_challenge) {
253     // TODO(171864369): Limit apps targeting >= API 30 to attestations in the range of
254     // [0, 128] bytes.
255     return (attestation_challenge.data_length <= kMaximumAttestationChallengeLength);
256 }
257 
generate_unique_id(const AttestationContext & context,const AuthorizationSet & sw_enforced,const AuthorizationSet & attestation_params,keymaster_error_t * error)258 Buffer generate_unique_id(const AttestationContext& context,  //
259                           const AuthorizationSet& sw_enforced,
260                           const AuthorizationSet& attestation_params,  //
261                           keymaster_error_t* error) {
262     uint64_t creation_datetime;
263     // Only check sw_enforced for TAG_CREATION_DATETIME, since it shouldn't be in tee_enforced,
264     // since this implementation has no secure wall clock.
265     if (!sw_enforced.GetTagValue(TAG_CREATION_DATETIME, &creation_datetime)) {
266         LOG_E("Unique ID cannot be created without creation datetime", 0);
267         *error = KM_ERROR_INVALID_KEY_BLOB;
268         return {};
269     }
270 
271     keymaster_blob_t application_id = {nullptr, 0};
272     sw_enforced.GetTagValue(TAG_APPLICATION_ID, &application_id);
273 
274     return context.GenerateUniqueId(creation_datetime, application_id,
275                                     attestation_params.GetTagValue(TAG_RESET_SINCE_ID_ROTATION),
276                                     error);
277 }
278 
279 // Put the contents of the keymaster AuthorizationSet auth_list into the EAT record structure.
build_eat_submod(const AuthorizationSet & auth_list,const EatSecurityLevel security_level,cppbor::Map * submod)280 keymaster_error_t build_eat_submod(const AuthorizationSet& auth_list,
281                                    const EatSecurityLevel security_level, cppbor::Map* submod) {
282     ASSERT_OR_RETURN_ERROR(submod, KM_ERROR_UNEXPECTED_NULL_POINTER);
283 
284     if (auth_list.empty()) return KM_ERROR_OK;
285 
286     submod->add(EatClaim::SECURITY_LEVEL, get_uint32_value(security_level));
287 
288     // Keep repeating fields in a separate map for easy lookup.
289     // Add them to submod map in postprocessing.
290     std::unordered_map<EatClaim, cppbor::Array> repeating_fields =
291         std::unordered_map<EatClaim, cppbor::Array>();
292 
293     for (auto entry : auth_list) {
294 
295         switch (entry.tag) {
296 
297         default:
298             // Unknown tags should only be included if they're software-enforced.
299             if (security_level == EatSecurityLevel::UNRESTRICTED) {
300                 keymaster_error_t error = insert_unknown_tag(entry, submod, &repeating_fields);
301                 if (error != KM_ERROR_OK) {
302                     return error;
303                 }
304             }
305             break;
306 
307         /* Tags ignored because they should never exist */
308         case KM_TAG_INVALID:
309 
310         /* Tags ignored because they're not used. */
311         case KM_TAG_ALL_USERS:
312         case KM_TAG_EXPORTABLE:
313         case KM_TAG_ECIES_SINGLE_HASH_MODE:
314         case KM_TAG_KDF:
315 
316         /* Tags ignored because they're used only to provide information to operations */
317         case KM_TAG_ASSOCIATED_DATA:
318         case KM_TAG_NONCE:
319         case KM_TAG_AUTH_TOKEN:
320         case KM_TAG_MAC_LENGTH:
321         case KM_TAG_ATTESTATION_CHALLENGE:
322         case KM_TAG_RESET_SINCE_ID_ROTATION:
323 
324         /* Tags ignored because they have no meaning off-device */
325         case KM_TAG_USER_ID:
326         case KM_TAG_USER_SECURE_ID:
327         case KM_TAG_BLOB_USAGE_REQUIREMENTS:
328 
329         /* Tags ignored because they're not usable by app keys */
330         case KM_TAG_BOOTLOADER_ONLY:
331         case KM_TAG_INCLUDE_UNIQUE_ID:
332         case KM_TAG_MAX_USES_PER_BOOT:
333         case KM_TAG_MIN_SECONDS_BETWEEN_OPS:
334         case KM_TAG_UNIQUE_ID:
335 
336         /* Tags ignored because they contain data that should not be exported */
337         case KM_TAG_APPLICATION_DATA:
338         case KM_TAG_APPLICATION_ID:
339         case KM_TAG_ROOT_OF_TRUST:
340             continue;
341 
342         /* Non-repeating enumerations */
343         case KM_TAG_ALGORITHM:
344             submod->add(EatClaim::ALGORITHM, get_uint32_value(entry));
345             break;
346         case KM_TAG_EC_CURVE:
347             submod->add(EatClaim::EC_CURVE, get_uint32_value(entry));
348             break;
349         case KM_TAG_USER_AUTH_TYPE:
350             submod->add(EatClaim::USER_AUTH_TYPE, get_uint32_value(entry));
351             break;
352         case KM_TAG_ORIGIN:
353             submod->add(EatClaim::ORIGIN, get_uint32_value(entry));
354             break;
355 
356         /* Repeating enumerations */
357         case KM_TAG_PURPOSE:
358             add_repeating_enum(EatClaim::PURPOSE, get_uint32_value(entry), &repeating_fields);
359             break;
360         case KM_TAG_PADDING:
361             add_repeating_enum(EatClaim::PADDING, get_uint32_value(entry), &repeating_fields);
362             break;
363         case KM_TAG_DIGEST:
364             add_repeating_enum(EatClaim::DIGEST, get_uint32_value(entry), &repeating_fields);
365             break;
366         case KM_TAG_BLOCK_MODE:
367             add_repeating_enum(EatClaim::BLOCK_MODE, get_uint32_value(entry), &repeating_fields);
368             break;
369 
370         /* Non-repeating unsigned integers */
371         case KM_TAG_KEY_SIZE:
372             submod->add(EatClaim::KEY_SIZE, get_uint32_value(entry));
373             break;
374         case KM_TAG_AUTH_TIMEOUT:
375             submod->add(EatClaim::AUTH_TIMEOUT, get_uint32_value(entry));
376             break;
377         case KM_TAG_OS_VERSION:
378             submod->add(EatClaim::OS_VERSION, get_uint32_value(entry));
379             break;
380         case KM_TAG_OS_PATCHLEVEL:
381             submod->add(EatClaim::OS_PATCHLEVEL, get_uint32_value(entry));
382             break;
383         case KM_TAG_VENDOR_PATCHLEVEL:
384             submod->add(EatClaim::VENDOR_PATCHLEVEL, get_uint32_value(entry));
385             break;
386         case KM_TAG_BOOT_PATCHLEVEL:
387             submod->add(EatClaim::BOOT_PATCHLEVEL, get_uint32_value(entry));
388             break;
389         case KM_TAG_MIN_MAC_LENGTH:
390             submod->add(EatClaim::MIN_MAC_LENGTH, get_uint32_value(entry));
391             break;
392 
393         /* Non-repeating long unsigned integers */
394         case KM_TAG_RSA_PUBLIC_EXPONENT:
395             submod->add(EatClaim::RSA_PUBLIC_EXPONENT, entry.long_integer);
396             break;
397 
398         /* Dates */
399         case KM_TAG_ACTIVE_DATETIME:
400             submod->add(EatClaim::ACTIVE_DATETIME, entry.date_time);
401             break;
402         case KM_TAG_ORIGINATION_EXPIRE_DATETIME:
403             submod->add(EatClaim::ORIGINATION_EXPIRE_DATETIME, entry.date_time);
404             break;
405         case KM_TAG_USAGE_EXPIRE_DATETIME:
406             submod->add(EatClaim::USAGE_EXPIRE_DATETIME, entry.date_time);
407             break;
408         case KM_TAG_CREATION_DATETIME:
409             submod->add(EatClaim::IAT, entry.date_time);
410             break;
411 
412         /* Booleans */
413         case KM_TAG_NO_AUTH_REQUIRED:
414             submod->add(EatClaim::NO_AUTH_REQUIRED, true);
415             break;
416         case KM_TAG_ALL_APPLICATIONS:
417             submod->add(EatClaim::ALL_APPLICATIONS, true);
418             break;
419         case KM_TAG_ROLLBACK_RESISTANT:
420             submod->add(EatClaim::ROLLBACK_RESISTANT, true);
421             break;
422         case KM_TAG_ALLOW_WHILE_ON_BODY:
423             submod->add(EatClaim::ALLOW_WHILE_ON_BODY, true);
424             break;
425         case KM_TAG_UNLOCKED_DEVICE_REQUIRED:
426             submod->add(EatClaim::UNLOCKED_DEVICE_REQUIRED, true);
427             break;
428         case KM_TAG_CALLER_NONCE:
429             submod->add(EatClaim::CALLER_NONCE, true);
430             break;
431         case KM_TAG_TRUSTED_CONFIRMATION_REQUIRED:
432             submod->add(EatClaim::TRUSTED_CONFIRMATION_REQUIRED, true);
433             break;
434         case KM_TAG_EARLY_BOOT_ONLY:
435             submod->add(EatClaim::EARLY_BOOT_ONLY, true);
436             break;
437         case KM_TAG_DEVICE_UNIQUE_ATTESTATION:
438             submod->add(EatClaim::DEVICE_UNIQUE_ATTESTATION, true);
439             break;
440         case KM_TAG_IDENTITY_CREDENTIAL_KEY:
441             submod->add(EatClaim::IDENTITY_CREDENTIAL_KEY, true);
442             break;
443         case KM_TAG_TRUSTED_USER_PRESENCE_REQUIRED:
444             submod->add(EatClaim::TRUSTED_USER_PRESENCE_REQUIRED, true);
445             break;
446         case KM_TAG_STORAGE_KEY:
447             submod->add(EatClaim::STORAGE_KEY, true);
448             break;
449 
450         /* Byte arrays*/
451         case KM_TAG_ATTESTATION_APPLICATION_ID:
452             submod->add(EatClaim::ATTESTATION_APPLICATION_ID, blob_to_bstr(entry.blob));
453             break;
454         case KM_TAG_ATTESTATION_ID_BRAND:
455             submod->add(EatClaim::ATTESTATION_ID_BRAND, blob_to_bstr(entry.blob));
456             break;
457         case KM_TAG_ATTESTATION_ID_DEVICE:
458             submod->add(EatClaim::ATTESTATION_ID_DEVICE, blob_to_bstr(entry.blob));
459             break;
460         case KM_TAG_ATTESTATION_ID_PRODUCT:
461             submod->add(EatClaim::ATTESTATION_ID_PRODUCT, blob_to_bstr(entry.blob));
462             break;
463         case KM_TAG_ATTESTATION_ID_SERIAL:
464             submod->add(EatClaim::ATTESTATION_ID_SERIAL, blob_to_bstr(entry.blob));
465             break;
466         case KM_TAG_ATTESTATION_ID_IMEI: {
467             cppbor::Bstr ueid("");
468             keymaster_error_t error = imei_to_ueid(entry.blob, &ueid);
469             if (error != KM_ERROR_OK) return error;
470             submod->add(EatClaim::UEID, ueid);
471             break;
472         }
473         case KM_TAG_ATTESTATION_ID_MEID:
474             submod->add(EatClaim::ATTESTATION_ID_MEID, blob_to_bstr(entry.blob));
475             break;
476         case KM_TAG_ATTESTATION_ID_MANUFACTURER:
477             submod->add(EatClaim::ATTESTATION_ID_MANUFACTURER, blob_to_bstr(entry.blob));
478             break;
479         case KM_TAG_ATTESTATION_ID_MODEL:
480             submod->add(EatClaim::ATTESTATION_ID_MODEL, blob_to_bstr(entry.blob));
481             break;
482         case KM_TAG_CONFIRMATION_TOKEN:
483             submod->add(EatClaim::CONFIRMATION_TOKEN, blob_to_bstr(entry.blob));
484             break;
485         }
486     }
487 
488     // Move values from repeating enums into the submod map.
489     for (auto const& repeating_field : repeating_fields) {
490         EatClaim key = static_cast<EatClaim>(repeating_field.first);
491         submod->add(key, std::move(repeating_fields.at(key)));
492     }
493 
494     int ec_curve;
495     uint32_t key_size;
496     if (auth_list.Contains(TAG_ALGORITHM, KM_ALGORITHM_EC) && !auth_list.Contains(TAG_EC_CURVE) &&
497         auth_list.GetTagValue(TAG_KEY_SIZE, &key_size)) {
498         // This must be a keymaster1 key. It's an EC key with no curve.  Insert the curve.
499 
500         keymaster_error_t error = ec_key_size_to_eat_curve(key_size, &ec_curve);
501         if (error != KM_ERROR_OK) return error;
502 
503         submod->add(EatClaim::EC_CURVE, ec_curve);
504     }
505 
506     return KM_ERROR_OK;
507 }
508 
509 // Put the contents of the keymaster AuthorizationSet auth_list into the ASN.1 record structure,
510 // record.
build_auth_list(const AuthorizationSet & auth_list,KM_AUTH_LIST * record)511 keymaster_error_t build_auth_list(const AuthorizationSet& auth_list, KM_AUTH_LIST* record) {
512     ASSERT_OR_RETURN_ERROR(record, KM_ERROR_UNEXPECTED_NULL_POINTER);
513 
514     if (auth_list.empty()) return KM_ERROR_OK;
515 
516     for (auto entry : auth_list) {
517 
518         ASN1_INTEGER_SET** integer_set = nullptr;
519         ASN1_INTEGER** integer_ptr = nullptr;
520         ASN1_OCTET_STRING** string_ptr = nullptr;
521         ASN1_NULL** bool_ptr = nullptr;
522 
523         switch (entry.tag) {
524 
525         /* Tags ignored because they should never exist */
526         case KM_TAG_INVALID:
527 
528         /* Tags ignored because they're not used. */
529         case KM_TAG_ALL_USERS:
530         case KM_TAG_EXPORTABLE:
531         case KM_TAG_ECIES_SINGLE_HASH_MODE:
532 
533         /* Tags ignored because they're used only to provide information to operations */
534         case KM_TAG_ASSOCIATED_DATA:
535         case KM_TAG_NONCE:
536         case KM_TAG_AUTH_TOKEN:
537         case KM_TAG_MAC_LENGTH:
538         case KM_TAG_ATTESTATION_CHALLENGE:
539         case KM_TAG_RESET_SINCE_ID_ROTATION:
540         case KM_TAG_KDF:
541 
542         /* Tags ignored because they're used only to provide for certificate generation */
543         case KM_TAG_CERTIFICATE_SERIAL:
544         case KM_TAG_CERTIFICATE_SUBJECT:
545         case KM_TAG_CERTIFICATE_NOT_BEFORE:
546         case KM_TAG_CERTIFICATE_NOT_AFTER:
547 
548         /* Tags ignored because they have no meaning off-device */
549         case KM_TAG_USER_ID:
550         case KM_TAG_USER_SECURE_ID:
551         case KM_TAG_BLOB_USAGE_REQUIREMENTS:
552 
553         /* Tags ignored because they're not usable by app keys */
554         case KM_TAG_BOOTLOADER_ONLY:
555         case KM_TAG_INCLUDE_UNIQUE_ID:
556         case KM_TAG_MAX_BOOT_LEVEL:
557         case KM_TAG_MAX_USES_PER_BOOT:
558         case KM_TAG_MIN_SECONDS_BETWEEN_OPS:
559         case KM_TAG_STORAGE_KEY:
560         case KM_TAG_UNIQUE_ID:
561 
562         /* Tags ignored because they contain data that should not be exported */
563         case KM_TAG_APPLICATION_DATA:
564         case KM_TAG_APPLICATION_ID:
565         case KM_TAG_CONFIRMATION_TOKEN:
566         case KM_TAG_ROOT_OF_TRUST:
567             continue;
568 
569         /* Non-repeating enumerations */
570         case KM_TAG_ALGORITHM:
571             integer_ptr = &record->algorithm;
572             break;
573         case KM_TAG_EC_CURVE:
574             integer_ptr = &record->ec_curve;
575             break;
576         case KM_TAG_USER_AUTH_TYPE:
577             integer_ptr = &record->user_auth_type;
578             break;
579         case KM_TAG_ORIGIN:
580             integer_ptr = &record->origin;
581             break;
582 
583         /* Repeating enumerations */
584         case KM_TAG_PURPOSE:
585             integer_set = &record->purpose;
586             break;
587         case KM_TAG_PADDING:
588             integer_set = &record->padding;
589             break;
590         case KM_TAG_DIGEST:
591             integer_set = &record->digest;
592             break;
593         case KM_TAG_BLOCK_MODE:
594             integer_set = &record->block_mode;
595             break;
596         case KM_TAG_RSA_OAEP_MGF_DIGEST:
597             integer_set = &record->mgf_digest;
598             break;
599 
600         /* Non-repeating unsigned integers */
601         case KM_TAG_KEY_SIZE:
602             integer_ptr = &record->key_size;
603             break;
604         case KM_TAG_AUTH_TIMEOUT:
605             integer_ptr = &record->auth_timeout;
606             break;
607         case KM_TAG_OS_VERSION:
608             integer_ptr = &record->os_version;
609             break;
610         case KM_TAG_OS_PATCHLEVEL:
611             integer_ptr = &record->os_patchlevel;
612             break;
613         case KM_TAG_MIN_MAC_LENGTH:
614             integer_ptr = &record->min_mac_length;
615             break;
616         case KM_TAG_BOOT_PATCHLEVEL:
617             integer_ptr = &record->boot_patch_level;
618             break;
619         case KM_TAG_VENDOR_PATCHLEVEL:
620             integer_ptr = &record->vendor_patchlevel;
621             break;
622         case KM_TAG_USAGE_COUNT_LIMIT:
623             integer_ptr = &record->usage_count_limit;
624             break;
625 
626         /* Non-repeating long unsigned integers */
627         case KM_TAG_RSA_PUBLIC_EXPONENT:
628             integer_ptr = &record->rsa_public_exponent;
629             break;
630 
631         /* Dates */
632         case KM_TAG_ACTIVE_DATETIME:
633             integer_ptr = &record->active_date_time;
634             break;
635         case KM_TAG_ORIGINATION_EXPIRE_DATETIME:
636             integer_ptr = &record->origination_expire_date_time;
637             break;
638         case KM_TAG_USAGE_EXPIRE_DATETIME:
639             integer_ptr = &record->usage_expire_date_time;
640             break;
641         case KM_TAG_CREATION_DATETIME:
642             integer_ptr = &record->creation_date_time;
643             break;
644 
645         /* Booleans */
646         case KM_TAG_NO_AUTH_REQUIRED:
647             bool_ptr = &record->no_auth_required;
648             break;
649         case KM_TAG_ALL_APPLICATIONS:
650             bool_ptr = &record->all_applications;
651             break;
652         case KM_TAG_ROLLBACK_RESISTANT:
653             bool_ptr = &record->rollback_resistant;
654             break;
655         case KM_TAG_ROLLBACK_RESISTANCE:
656             bool_ptr = &record->rollback_resistance;
657             break;
658         case KM_TAG_ALLOW_WHILE_ON_BODY:
659             bool_ptr = &record->allow_while_on_body;
660             break;
661         case KM_TAG_UNLOCKED_DEVICE_REQUIRED:
662             bool_ptr = &record->unlocked_device_required;
663             break;
664         case KM_TAG_CALLER_NONCE:
665             bool_ptr = &record->caller_nonce;
666             break;
667         case KM_TAG_TRUSTED_CONFIRMATION_REQUIRED:
668             bool_ptr = &record->trusted_confirmation_required;
669             break;
670         case KM_TAG_EARLY_BOOT_ONLY:
671             bool_ptr = &record->early_boot_only;
672             break;
673         case KM_TAG_DEVICE_UNIQUE_ATTESTATION:
674             bool_ptr = &record->device_unique_attestation;
675             break;
676         case KM_TAG_IDENTITY_CREDENTIAL_KEY:
677             bool_ptr = &record->identity_credential_key;
678             break;
679         case KM_TAG_TRUSTED_USER_PRESENCE_REQUIRED:
680             bool_ptr = &record->trusted_user_presence_required;
681             break;
682 
683         /* Byte arrays*/
684         case KM_TAG_ATTESTATION_APPLICATION_ID:
685             string_ptr = &record->attestation_application_id;
686             break;
687         case KM_TAG_ATTESTATION_ID_BRAND:
688             string_ptr = &record->attestation_id_brand;
689             break;
690         case KM_TAG_ATTESTATION_ID_DEVICE:
691             string_ptr = &record->attestation_id_device;
692             break;
693         case KM_TAG_ATTESTATION_ID_PRODUCT:
694             string_ptr = &record->attestation_id_product;
695             break;
696         case KM_TAG_ATTESTATION_ID_SERIAL:
697             string_ptr = &record->attestation_id_serial;
698             break;
699         case KM_TAG_ATTESTATION_ID_IMEI:
700             string_ptr = &record->attestation_id_imei;
701             break;
702         case KM_TAG_ATTESTATION_ID_MEID:
703             string_ptr = &record->attestation_id_meid;
704             break;
705         case KM_TAG_ATTESTATION_ID_MANUFACTURER:
706             string_ptr = &record->attestation_id_manufacturer;
707             break;
708         case KM_TAG_ATTESTATION_ID_MODEL:
709             string_ptr = &record->attestation_id_model;
710             break;
711         }
712 
713         keymaster_tag_type_t type = keymaster_tag_get_type(entry.tag);
714         switch (type) {
715         case KM_ENUM:
716         case KM_ENUM_REP:
717         case KM_UINT:
718         case KM_UINT_REP: {
719             ASSERT_OR_RETURN_ERROR((keymaster_tag_repeatable(entry.tag) && integer_set) ||
720                                        (!keymaster_tag_repeatable(entry.tag) && integer_ptr),
721                                    KM_ERROR_INVALID_TAG);
722 
723             UniquePtr<ASN1_INTEGER, ASN1_INTEGER_Delete> value(ASN1_INTEGER_new());
724             if (!value.get()) {
725                 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
726             }
727             if (!ASN1_INTEGER_set(value.get(), get_uint32_value(entry))) {
728                 return TranslateLastOpenSslError();
729             }
730 
731             insert_integer(value.release(), integer_ptr, integer_set);
732             break;
733         }
734 
735         case KM_ULONG:
736         case KM_ULONG_REP:
737         case KM_DATE: {
738             ASSERT_OR_RETURN_ERROR((keymaster_tag_repeatable(entry.tag) && integer_set) ||
739                                        (!keymaster_tag_repeatable(entry.tag) && integer_ptr),
740                                    KM_ERROR_INVALID_TAG);
741 
742             UniquePtr<BIGNUM, BIGNUM_Delete> bn_value(BN_new());
743             if (!bn_value.get()) {
744                 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
745             }
746 
747             if (type == KM_DATE) {
748                 if (!BN_set_u64(bn_value.get(), entry.date_time)) {
749                     return TranslateLastOpenSslError();
750                 }
751             } else {
752                 if (!BN_set_u64(bn_value.get(), entry.long_integer)) {
753                     return TranslateLastOpenSslError();
754                 }
755             }
756 
757             UniquePtr<ASN1_INTEGER, ASN1_INTEGER_Delete> value(
758                 BN_to_ASN1_INTEGER(bn_value.get(), nullptr));
759             if (!value.get()) {
760                 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
761             }
762 
763             insert_integer(value.release(), integer_ptr, integer_set);
764             break;
765         }
766 
767         case KM_BOOL:
768             ASSERT_OR_RETURN_ERROR(bool_ptr, KM_ERROR_INVALID_TAG);
769             if (!*bool_ptr) *bool_ptr = ASN1_NULL_new();
770             if (!*bool_ptr) return KM_ERROR_MEMORY_ALLOCATION_FAILED;
771             break;
772 
773         /* Byte arrays*/
774         case KM_BYTES:
775             ASSERT_OR_RETURN_ERROR(string_ptr, KM_ERROR_INVALID_TAG);
776             if (!*string_ptr) {
777                 *string_ptr = ASN1_OCTET_STRING_new();
778             }
779             if (!*string_ptr) {
780                 return KM_ERROR_MEMORY_ALLOCATION_FAILED;
781             }
782             if (!ASN1_OCTET_STRING_set(*string_ptr, entry.blob.data, entry.blob.data_length)) {
783                 return TranslateLastOpenSslError();
784             }
785             break;
786 
787         default:
788             return KM_ERROR_UNIMPLEMENTED;
789         }
790     }
791 
792     keymaster_ec_curve_t ec_curve;
793     uint32_t key_size;
794     if (auth_list.Contains(TAG_ALGORITHM, KM_ALGORITHM_EC) &&  //
795         !auth_list.Contains(TAG_EC_CURVE) &&                   //
796         auth_list.GetTagValue(TAG_KEY_SIZE, &key_size)) {
797         // This must be a keymaster1 key. It's an EC key with no curve.  Insert the curve.
798 
799         keymaster_error_t error = EcKeySizeToCurve(key_size, &ec_curve);
800         if (error != KM_ERROR_OK) return error;
801 
802         UniquePtr<ASN1_INTEGER, ASN1_INTEGER_Delete> value(ASN1_INTEGER_new());
803         if (!value.get()) {
804             return KM_ERROR_MEMORY_ALLOCATION_FAILED;
805         }
806 
807         if (!ASN1_INTEGER_set(value.get(), ec_curve)) {
808             return TranslateLastOpenSslError();
809         }
810 
811         insert_integer(value.release(), &record->ec_curve, nullptr);
812     }
813 
814     return KM_ERROR_OK;
815 }
816 
817 // Construct a CBOR-encoded attestation record containing the values from sw_enforced
818 // and tee_enforced.
build_eat_record(const AuthorizationSet & attestation_params,AuthorizationSet sw_enforced,AuthorizationSet tee_enforced,const AttestationContext & context,std::vector<uint8_t> * eat_token)819 keymaster_error_t build_eat_record(const AuthorizationSet& attestation_params,
820                                    AuthorizationSet sw_enforced, AuthorizationSet tee_enforced,
821                                    const AttestationContext& context,
822                                    std::vector<uint8_t>* eat_token) {
823     ASSERT_OR_RETURN_ERROR(eat_token, KM_ERROR_UNEXPECTED_NULL_POINTER);
824 
825     cppbor::Map eat_record;
826     switch (context.GetSecurityLevel()) {
827     case KM_SECURITY_LEVEL_SOFTWARE:
828         eat_record.add(EatClaim::SECURITY_LEVEL, get_uint32_value(EatSecurityLevel::UNRESTRICTED));
829         break;
830     case KM_SECURITY_LEVEL_TRUSTED_ENVIRONMENT:
831         eat_record.add(EatClaim::SECURITY_LEVEL,
832                        get_uint32_value(EatSecurityLevel::SECURE_RESTRICTED));
833         break;
834     case KM_SECURITY_LEVEL_STRONGBOX:
835         eat_record.add(EatClaim::SECURITY_LEVEL, get_uint32_value(EatSecurityLevel::HARDWARE));
836         break;
837     default:
838         return KM_ERROR_UNKNOWN_ERROR;
839     }
840 
841     keymaster_error_t error;
842     const AttestationContext::VerifiedBootParams* vb_params = context.GetVerifiedBootParams(&error);
843     if (error != KM_ERROR_OK) return error;
844 
845     if (vb_params->verified_boot_key.data_length) {
846         eat_record.add(EatClaim::VERIFIED_BOOT_KEY, blob_to_bstr(vb_params->verified_boot_key));
847     }
848     if (vb_params->verified_boot_hash.data_length) {
849         eat_record.add(EatClaim::VERIFIED_BOOT_HASH, blob_to_bstr(vb_params->verified_boot_hash));
850     }
851     if (vb_params->device_locked) {
852         eat_record.add(EatClaim::DEVICE_LOCKED, vb_params->device_locked);
853     }
854 
855     bool verified_or_self_signed = (vb_params->verified_boot_state == KM_VERIFIED_BOOT_VERIFIED ||
856                                     vb_params->verified_boot_state == KM_VERIFIED_BOOT_SELF_SIGNED);
857     auto eat_boot_state = cppbor::Array()
858                               .add(verified_or_self_signed)  // secure-boot-enabled
859                               .add(verified_or_self_signed)  // debug-disabled
860                               .add(verified_or_self_signed)  // debug-disabled-since-boot
861                               .add(verified_or_self_signed)  // debug-permanent-disable
862                               .add(false);  // debug-full-permanent-disable (no way to verify)
863     eat_record.add(EatClaim::BOOT_STATE, std::move(eat_boot_state));
864     eat_record.add(EatClaim::OFFICIAL_BUILD,
865                    vb_params->verified_boot_state == KM_VERIFIED_BOOT_VERIFIED);
866 
867     eat_record.add(EatClaim::ATTESTATION_VERSION,
868                    version_to_attestation_version(context.GetKmVersion()));
869     eat_record.add(EatClaim::KEYMASTER_VERSION,
870                    version_to_attestation_km_version(context.GetKmVersion()));
871 
872     keymaster_blob_t attestation_challenge = {nullptr, 0};
873     if (!attestation_params.GetTagValue(TAG_ATTESTATION_CHALLENGE, &attestation_challenge)) {
874         return KM_ERROR_ATTESTATION_CHALLENGE_MISSING;
875     }
876 
877     if (!is_valid_attestation_challenge(attestation_challenge)) {
878         return KM_ERROR_INVALID_INPUT_LENGTH;
879     }
880 
881     eat_record.add(EatClaim::NONCE, blob_to_bstr(attestation_challenge));
882 
883     keymaster_blob_t attestation_app_id;
884     if (!attestation_params.GetTagValue(TAG_ATTESTATION_APPLICATION_ID, &attestation_app_id)) {
885         return KM_ERROR_ATTESTATION_APPLICATION_ID_MISSING;
886     }
887     // TODO: what should happen when sw_enforced already contains TAG_ATTESTATION_APPLICATION_ID?
888     // (as is the case in android_keymaster_test.cpp). For now, we will ignore the provided one in
889     // attestation_params if that's the case.
890     keymaster_blob_t existing_app_id;
891     if (!sw_enforced.GetTagValue(TAG_ATTESTATION_APPLICATION_ID, &existing_app_id)) {
892         sw_enforced.push_back(TAG_ATTESTATION_APPLICATION_ID, attestation_app_id);
893     }
894 
895     error = context.VerifyAndCopyDeviceIds(
896         attestation_params,
897         context.GetSecurityLevel() == KM_SECURITY_LEVEL_SOFTWARE ? &sw_enforced : &tee_enforced);
898     if (error == KM_ERROR_UNIMPLEMENTED) {
899         // The KeymasterContext implementation does not support device ID attestation. Bail out if
900         // device ID attestation is being attempted.
901         for (const auto& tag : kDeviceAttestationTags) {
902             if (attestation_params.find(tag) != -1) {
903                 return KM_ERROR_CANNOT_ATTEST_IDS;
904             }
905         }
906     } else if (error != KM_ERROR_OK) {
907         return error;
908     }
909 
910     if (attestation_params.Contains(TAG_DEVICE_UNIQUE_ATTESTATION) &&
911         context.GetSecurityLevel() == KM_SECURITY_LEVEL_STRONGBOX) {
912         eat_record.add(EatClaim::DEVICE_UNIQUE_ATTESTATION, true);
913     }
914 
915     cppbor::Map software_submod;
916     error = build_eat_submod(sw_enforced, EatSecurityLevel::UNRESTRICTED, &software_submod);
917     if (error != KM_ERROR_OK) return error;
918 
919     cppbor::Map tee_submod;
920     error = build_eat_submod(tee_enforced, EatSecurityLevel::SECURE_RESTRICTED, &tee_submod);
921     if (error != KM_ERROR_OK) return error;
922 
923     if (software_submod.size() + tee_submod.size() > 0) {
924         cppbor::Map submods;
925         if (software_submod.size() > 0) {
926             submods.add(kEatSubmodNameSoftware, std::move(software_submod));
927         }
928         if (tee_submod.size() > 0) {
929             submods.add(kEatSubmodNameTee, std::move(tee_submod));
930         }
931 
932         eat_record.add(EatClaim::SUBMODS, std::move(submods));
933     }
934 
935     // Only check tee_enforced for TAG_INCLUDE_UNIQUE_ID.  If we don't have hardware we can't
936     // generate unique IDs.
937     if (tee_enforced.GetTagValue(TAG_INCLUDE_UNIQUE_ID)) {
938         uint64_t creation_datetime;
939         // Only check sw_enforced for TAG_CREATION_DATETIME, since it shouldn't be in tee_enforced,
940         // since this implementation has no secure wall clock.
941         if (!sw_enforced.GetTagValue(TAG_CREATION_DATETIME, &creation_datetime)) {
942             LOG_E("Unique ID cannot be created without creation datetime", 0);
943             return KM_ERROR_INVALID_KEY_BLOB;
944         }
945 
946         keymaster_blob_t application_id = {nullptr, 0};
947         sw_enforced.GetTagValue(TAG_APPLICATION_ID, &application_id);
948 
949         Buffer unique_id = context.GenerateUniqueId(
950             creation_datetime, application_id,
951             attestation_params.GetTagValue(TAG_RESET_SINCE_ID_ROTATION), &error);
952         if (error != KM_ERROR_OK) return error;
953 
954         eat_record.add(EatClaim::CTI,
955                        cppbor::Bstr(std::pair(unique_id.begin(), unique_id.available_read())));
956     }
957 
958     *eat_token = eat_record.encode();
959 
960     return KM_ERROR_OK;
961 }
962 
963 // Construct an ASN1.1 DER-encoded attestation record containing the values from sw_enforced and
964 // tee_enforced.
build_attestation_record(const AuthorizationSet & attestation_params,AuthorizationSet sw_enforced,AuthorizationSet tee_enforced,const AttestationContext & context,UniquePtr<uint8_t[]> * asn1_key_desc,size_t * asn1_key_desc_len)965 keymaster_error_t build_attestation_record(const AuthorizationSet& attestation_params,  //
966                                            AuthorizationSet sw_enforced,
967                                            AuthorizationSet tee_enforced,
968                                            const AttestationContext& context,
969                                            UniquePtr<uint8_t[]>* asn1_key_desc,
970                                            size_t* asn1_key_desc_len) {
971     ASSERT_OR_RETURN_ERROR(asn1_key_desc && asn1_key_desc_len, KM_ERROR_UNEXPECTED_NULL_POINTER);
972 
973     UniquePtr<KM_KEY_DESCRIPTION, KM_KEY_DESCRIPTION_Delete> key_desc(KM_KEY_DESCRIPTION_new());
974     if (!key_desc.get()) return KM_ERROR_MEMORY_ALLOCATION_FAILED;
975 
976     KM_ROOT_OF_TRUST* root_of_trust = nullptr;
977     if (context.GetSecurityLevel() == KM_SECURITY_LEVEL_SOFTWARE) {
978         key_desc->software_enforced->root_of_trust = KM_ROOT_OF_TRUST_new();
979         root_of_trust = key_desc->software_enforced->root_of_trust;
980     } else {
981         key_desc->tee_enforced->root_of_trust = KM_ROOT_OF_TRUST_new();
982         root_of_trust = key_desc->tee_enforced->root_of_trust;
983     }
984 
985     keymaster_error_t error;
986     auto vb_params = context.GetVerifiedBootParams(&error);
987     if (error != KM_ERROR_OK) return error;
988     if (vb_params->verified_boot_key.data_length &&
989         !ASN1_OCTET_STRING_set(root_of_trust->verified_boot_key, vb_params->verified_boot_key.data,
990                                vb_params->verified_boot_key.data_length)) {
991         return TranslateLastOpenSslError();
992     }
993     if (vb_params->verified_boot_hash.data_length &&
994         !ASN1_OCTET_STRING_set(root_of_trust->verified_boot_hash,
995                                vb_params->verified_boot_hash.data,
996                                vb_params->verified_boot_hash.data_length)) {
997         return TranslateLastOpenSslError();
998     }
999 
1000     root_of_trust->device_locked = vb_params->device_locked ? 0xFF : 0x00;
1001     if (!ASN1_ENUMERATED_set(root_of_trust->verified_boot_state, vb_params->verified_boot_state)) {
1002         return TranslateLastOpenSslError();
1003     }
1004 
1005     if (!ASN1_INTEGER_set(key_desc->attestation_version,
1006                           version_to_attestation_version(context.GetKmVersion())) ||
1007         !ASN1_ENUMERATED_set(key_desc->attestation_security_level, context.GetSecurityLevel()) ||
1008         !ASN1_INTEGER_set(key_desc->keymaster_version,
1009                           version_to_attestation_km_version(context.GetKmVersion())) ||
1010         !ASN1_ENUMERATED_set(key_desc->keymaster_security_level, context.GetSecurityLevel())) {
1011         return TranslateLastOpenSslError();
1012     }
1013 
1014     keymaster_blob_t attestation_challenge = {nullptr, 0};
1015     if (!attestation_params.GetTagValue(TAG_ATTESTATION_CHALLENGE, &attestation_challenge)) {
1016         return KM_ERROR_ATTESTATION_CHALLENGE_MISSING;
1017     }
1018 
1019     if (!is_valid_attestation_challenge(attestation_challenge)) {
1020         return KM_ERROR_INVALID_INPUT_LENGTH;
1021     }
1022 
1023     if (!ASN1_OCTET_STRING_set(key_desc->attestation_challenge, attestation_challenge.data,
1024                                attestation_challenge.data_length)) {
1025         return TranslateLastOpenSslError();
1026     }
1027 
1028     keymaster_blob_t attestation_app_id;
1029     if (!attestation_params.GetTagValue(TAG_ATTESTATION_APPLICATION_ID, &attestation_app_id)) {
1030         return KM_ERROR_ATTESTATION_APPLICATION_ID_MISSING;
1031     }
1032     sw_enforced.push_back(TAG_ATTESTATION_APPLICATION_ID, attestation_app_id);
1033 
1034     error = context.VerifyAndCopyDeviceIds(
1035         attestation_params,
1036         context.GetSecurityLevel() == KM_SECURITY_LEVEL_SOFTWARE ? &sw_enforced : &tee_enforced);
1037     if (error == KM_ERROR_UNIMPLEMENTED) {
1038         // The KeymasterContext implementation does not support device ID attestation. Bail out if
1039         // device ID attestation is being attempted.
1040         for (const auto& tag : kDeviceAttestationTags) {
1041             if (attestation_params.find(tag) != -1) {
1042                 return KM_ERROR_CANNOT_ATTEST_IDS;
1043             }
1044         }
1045     } else if (error != KM_ERROR_OK) {
1046         return error;
1047     }
1048 
1049     if (attestation_params.Contains(TAG_DEVICE_UNIQUE_ATTESTATION) &&
1050         context.GetSecurityLevel() == KM_SECURITY_LEVEL_STRONGBOX) {
1051         tee_enforced.push_back(TAG_DEVICE_UNIQUE_ATTESTATION);
1052     };
1053 
1054     error = build_auth_list(sw_enforced, key_desc->software_enforced);
1055     if (error != KM_ERROR_OK) return error;
1056 
1057     error = build_auth_list(tee_enforced, key_desc->tee_enforced);
1058     if (error != KM_ERROR_OK) return error;
1059 
1060     // Only check tee_enforced for TAG_INCLUDE_UNIQUE_ID.  If we don't have hardware we can't
1061     // generate unique IDs.
1062     if (tee_enforced.GetTagValue(TAG_INCLUDE_UNIQUE_ID)) {
1063         uint64_t creation_datetime;
1064         // Only check sw_enforced for TAG_CREATION_DATETIME, since it shouldn't be in tee_enforced,
1065         // since this implementation has no secure wall clock.
1066         if (!sw_enforced.GetTagValue(TAG_CREATION_DATETIME, &creation_datetime)) {
1067             LOG_E("Unique ID cannot be created without creation datetime", 0);
1068             return KM_ERROR_INVALID_KEY_BLOB;
1069         }
1070 
1071         keymaster_blob_t application_id = {nullptr, 0};
1072         sw_enforced.GetTagValue(TAG_APPLICATION_ID, &application_id);
1073 
1074         Buffer unique_id = context.GenerateUniqueId(
1075             creation_datetime, application_id,
1076             attestation_params.GetTagValue(TAG_RESET_SINCE_ID_ROTATION), &error);
1077         if (error != KM_ERROR_OK) return error;
1078 
1079         key_desc->unique_id = ASN1_OCTET_STRING_new();
1080         if (!key_desc->unique_id ||
1081             !ASN1_OCTET_STRING_set(key_desc->unique_id, unique_id.peek_read(),
1082                                    unique_id.available_read()))
1083             return TranslateLastOpenSslError();
1084     }
1085 
1086     int len = i2d_KM_KEY_DESCRIPTION(key_desc.get(), nullptr);
1087     if (len < 0) return TranslateLastOpenSslError();
1088     *asn1_key_desc_len = len;
1089     asn1_key_desc->reset(new (std::nothrow) uint8_t[*asn1_key_desc_len]);
1090     if (!asn1_key_desc->get()) return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1091     uint8_t* p = asn1_key_desc->get();
1092     len = i2d_KM_KEY_DESCRIPTION(key_desc.get(), &p);
1093     if (len < 0) return TranslateLastOpenSslError();
1094 
1095     return KM_ERROR_OK;
1096 }
1097 
1098 // Copy all enumerated values with the specified tag from stack to auth_list.
get_repeated_enums(const ASN1_INTEGER_SET * stack,keymaster_tag_t tag,AuthorizationSet * auth_list)1099 static bool get_repeated_enums(const ASN1_INTEGER_SET* stack, keymaster_tag_t tag,
1100                                AuthorizationSet* auth_list) {
1101     ASSERT_OR_RETURN_ERROR(keymaster_tag_get_type(tag) == KM_ENUM_REP, KM_ERROR_INVALID_TAG);
1102     for (size_t i = 0; i < sk_ASN1_INTEGER_num(stack); ++i) {
1103         if (!auth_list->push_back(
1104                 keymaster_param_enum(tag, ASN1_INTEGER_get(sk_ASN1_INTEGER_value(stack, i)))))
1105             return false;
1106     }
1107     return true;
1108 }
1109 
1110 // Add the specified integer tag/value pair to auth_list.
1111 template <keymaster_tag_type_t Type, keymaster_tag_t Tag, typename KeymasterEnum>
get_enum(const ASN1_INTEGER * asn1_int,TypedEnumTag<Type,Tag,KeymasterEnum> tag,AuthorizationSet * auth_list)1112 static bool get_enum(const ASN1_INTEGER* asn1_int, TypedEnumTag<Type, Tag, KeymasterEnum> tag,
1113                      AuthorizationSet* auth_list) {
1114     if (!asn1_int) return true;
1115     return auth_list->push_back(tag, static_cast<KeymasterEnum>(ASN1_INTEGER_get(asn1_int)));
1116 }
1117 
1118 // Add the specified ulong tag/value pair to auth_list.
get_ulong(const ASN1_INTEGER * asn1_int,keymaster_tag_t tag,AuthorizationSet * auth_list)1119 static bool get_ulong(const ASN1_INTEGER* asn1_int, keymaster_tag_t tag,
1120                       AuthorizationSet* auth_list) {
1121     if (!asn1_int) return true;
1122     UniquePtr<BIGNUM, BIGNUM_Delete> bn(ASN1_INTEGER_to_BN(asn1_int, nullptr));
1123     if (!bn.get()) return false;
1124     uint64_t ulong = 0;
1125     BN_get_u64(bn.get(), &ulong);
1126     return auth_list->push_back(keymaster_param_long(tag, ulong));
1127 }
1128 
1129 // Extract the values from the specified ASN.1 record and place them in auth_list.
extract_auth_list(const KM_AUTH_LIST * record,AuthorizationSet * auth_list)1130 keymaster_error_t extract_auth_list(const KM_AUTH_LIST* record, AuthorizationSet* auth_list) {
1131     if (!record) return KM_ERROR_OK;
1132 
1133     // Purpose
1134     if (!get_repeated_enums(record->purpose, TAG_PURPOSE, auth_list)) {
1135         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1136     }
1137 
1138     // Algorithm
1139     if (!get_enum(record->algorithm, TAG_ALGORITHM, auth_list)) {
1140         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1141     }
1142 
1143     // Key size
1144     if (record->key_size &&
1145         !auth_list->push_back(TAG_KEY_SIZE, ASN1_INTEGER_get(record->key_size))) {
1146         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1147     }
1148 
1149     // Block mode
1150     if (!get_repeated_enums(record->block_mode, TAG_BLOCK_MODE, auth_list)) {
1151         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1152     }
1153 
1154     // Digest
1155     if (!get_repeated_enums(record->digest, TAG_DIGEST, auth_list)) {
1156         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1157     }
1158 
1159     // Padding
1160     if (!get_repeated_enums(record->padding, TAG_PADDING, auth_list)) {
1161         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1162     }
1163 
1164     // Caller nonce
1165     if (record->caller_nonce && !auth_list->push_back(TAG_CALLER_NONCE)) {
1166         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1167     }
1168 
1169     // Min mac length
1170     if (!get_ulong(record->min_mac_length, TAG_MIN_MAC_LENGTH, auth_list)) {
1171         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1172     }
1173 
1174     // EC curve
1175     if (!get_enum(record->ec_curve, TAG_EC_CURVE, auth_list)) {
1176         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1177     }
1178 
1179     // RSA public exponent
1180     if (!get_ulong(record->rsa_public_exponent, TAG_RSA_PUBLIC_EXPONENT, auth_list)) {
1181         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1182     }
1183 
1184     // Rsa Oaep Mgf Digest
1185     if (!get_repeated_enums(record->mgf_digest, TAG_RSA_OAEP_MGF_DIGEST, auth_list)) {
1186         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1187     }
1188 
1189     // Rollback resistance
1190     if (record->rollback_resistance && !auth_list->push_back(TAG_ROLLBACK_RESISTANCE)) {
1191         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1192     }
1193 
1194     // Early boot only
1195     if (record->early_boot_only && !auth_list->push_back(TAG_EARLY_BOOT_ONLY)) {
1196         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1197     }
1198 
1199     // Active date time
1200     if (!get_ulong(record->active_date_time, TAG_ACTIVE_DATETIME, auth_list)) {
1201         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1202     }
1203 
1204     // Origination expire date time
1205     if (!get_ulong(record->origination_expire_date_time, TAG_ORIGINATION_EXPIRE_DATETIME,
1206                    auth_list)) {
1207         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1208     }
1209 
1210     // Usage Expire date time
1211     if (!get_ulong(record->usage_expire_date_time, TAG_USAGE_EXPIRE_DATETIME, auth_list)) {
1212         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1213     }
1214 
1215     // Usage count limit
1216     if (record->usage_count_limit &&
1217         !auth_list->push_back(TAG_USAGE_COUNT_LIMIT, ASN1_INTEGER_get(record->usage_count_limit))) {
1218         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1219     }
1220 
1221     // No auth required
1222     if (record->no_auth_required && !auth_list->push_back(TAG_NO_AUTH_REQUIRED)) {
1223         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1224     }
1225 
1226     // User auth type
1227     if (!get_enum(record->user_auth_type, TAG_USER_AUTH_TYPE, auth_list)) {
1228         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1229     }
1230 
1231     // Auth timeout
1232     if (record->auth_timeout &&
1233         !auth_list->push_back(TAG_AUTH_TIMEOUT, ASN1_INTEGER_get(record->auth_timeout))) {
1234         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1235     }
1236 
1237     // Allow while on body
1238     if (record->allow_while_on_body && !auth_list->push_back(TAG_ALLOW_WHILE_ON_BODY)) {
1239         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1240     }
1241 
1242     // trusted user presence required
1243     if (record->trusted_user_presence_required &&
1244         !auth_list->push_back(TAG_TRUSTED_USER_PRESENCE_REQUIRED)) {
1245         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1246     }
1247 
1248     // trusted confirmation required
1249     if (record->trusted_confirmation_required &&
1250         !auth_list->push_back(TAG_TRUSTED_CONFIRMATION_REQUIRED)) {
1251         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1252     }
1253 
1254     // Unlocked device required
1255     if (record->unlocked_device_required && !auth_list->push_back(TAG_UNLOCKED_DEVICE_REQUIRED)) {
1256         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1257     }
1258 
1259     // All applications
1260     if (record->all_applications && !auth_list->push_back(TAG_ALL_APPLICATIONS)) {
1261         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1262     }
1263 
1264     // Application ID
1265     if (record->application_id &&
1266         !auth_list->push_back(TAG_APPLICATION_ID, record->application_id->data,
1267                               record->application_id->length)) {
1268         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1269     }
1270 
1271     // Creation date time
1272     if (!get_ulong(record->creation_date_time, TAG_CREATION_DATETIME, auth_list)) {
1273         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1274     }
1275 
1276     // Origin
1277     if (!get_enum(record->origin, TAG_ORIGIN, auth_list)) {
1278         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1279     }
1280 
1281     // Rollback resistant
1282     if (record->rollback_resistant && !auth_list->push_back(TAG_ROLLBACK_RESISTANT)) {
1283         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1284     }
1285 
1286     // Root of trust
1287     if (record->root_of_trust) {
1288         KM_ROOT_OF_TRUST* rot = record->root_of_trust;
1289         if (!rot->verified_boot_key) return KM_ERROR_INVALID_KEY_BLOB;
1290 
1291         // Other root of trust fields are not mapped to auth set entries.
1292     }
1293 
1294     // OS Version
1295     if (record->os_version &&
1296         !auth_list->push_back(TAG_OS_VERSION, ASN1_INTEGER_get(record->os_version))) {
1297         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1298     }
1299 
1300     // OS Patch level
1301     if (record->os_patchlevel &&
1302         !auth_list->push_back(TAG_OS_PATCHLEVEL, ASN1_INTEGER_get(record->os_patchlevel))) {
1303         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1304     }
1305 
1306     // attestation application Id
1307     if (record->attestation_application_id &&
1308         !auth_list->push_back(TAG_ATTESTATION_APPLICATION_ID,
1309                               record->attestation_application_id->data,
1310                               record->attestation_application_id->length)) {
1311         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1312     }
1313 
1314     // Brand name
1315     if (record->attestation_id_brand &&
1316         !auth_list->push_back(TAG_ATTESTATION_ID_BRAND, record->attestation_id_brand->data,
1317                               record->attestation_id_brand->length)) {
1318         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1319     }
1320 
1321     // Device name
1322     if (record->attestation_id_device &&
1323         !auth_list->push_back(TAG_ATTESTATION_ID_DEVICE, record->attestation_id_device->data,
1324                               record->attestation_id_device->length)) {
1325         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1326     }
1327 
1328     // Product name
1329     if (record->attestation_id_product &&
1330         !auth_list->push_back(TAG_ATTESTATION_ID_PRODUCT, record->attestation_id_product->data,
1331                               record->attestation_id_product->length)) {
1332         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1333     }
1334 
1335     // Serial number
1336     if (record->attestation_id_serial &&
1337         !auth_list->push_back(TAG_ATTESTATION_ID_SERIAL, record->attestation_id_serial->data,
1338                               record->attestation_id_serial->length)) {
1339         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1340     }
1341 
1342     // IMEI
1343     if (record->attestation_id_imei &&
1344         !auth_list->push_back(TAG_ATTESTATION_ID_IMEI, record->attestation_id_imei->data,
1345                               record->attestation_id_imei->length)) {
1346         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1347     }
1348 
1349     // MEID
1350     if (record->attestation_id_meid &&
1351         !auth_list->push_back(TAG_ATTESTATION_ID_MEID, record->attestation_id_meid->data,
1352                               record->attestation_id_meid->length)) {
1353         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1354     }
1355 
1356     // Manufacturer name
1357     if (record->attestation_id_manufacturer &&
1358         !auth_list->push_back(TAG_ATTESTATION_ID_MANUFACTURER,
1359                               record->attestation_id_manufacturer->data,
1360                               record->attestation_id_manufacturer->length)) {
1361         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1362     }
1363 
1364     // Model name
1365     if (record->attestation_id_model &&
1366         !auth_list->push_back(TAG_ATTESTATION_ID_MODEL, record->attestation_id_model->data,
1367                               record->attestation_id_model->length)) {
1368         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1369     }
1370 
1371     // vendor patch level
1372     if (record->vendor_patchlevel &&
1373         !auth_list->push_back(TAG_VENDOR_PATCHLEVEL, ASN1_INTEGER_get(record->vendor_patchlevel))) {
1374         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1375     }
1376 
1377     // boot patch level
1378     if (record->boot_patch_level &&
1379         !auth_list->push_back(TAG_BOOT_PATCHLEVEL, ASN1_INTEGER_get(record->boot_patch_level))) {
1380         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1381     }
1382 
1383     // device unique attestation
1384     if (record->device_unique_attestation && !auth_list->push_back(TAG_DEVICE_UNIQUE_ATTESTATION)) {
1385         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1386     }
1387 
1388     // identity credential key
1389     if (record->identity_credential_key && !auth_list->push_back(TAG_IDENTITY_CREDENTIAL_KEY)) {
1390         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
1391     }
1392 
1393     return KM_ERROR_OK;
1394 }
1395 
1396 // Parse the DER-encoded attestation record, placing the results in keymaster_version,
1397 // attestation_challenge, software_enforced, tee_enforced and unique_id.
parse_attestation_record(const uint8_t * asn1_key_desc,size_t asn1_key_desc_len,uint32_t * attestation_version,keymaster_security_level_t * attestation_security_level,uint32_t * keymaster_version,keymaster_security_level_t * keymaster_security_level,keymaster_blob_t * attestation_challenge,AuthorizationSet * software_enforced,AuthorizationSet * tee_enforced,keymaster_blob_t * unique_id)1398 keymaster_error_t parse_attestation_record(const uint8_t* asn1_key_desc, size_t asn1_key_desc_len,
1399                                            uint32_t* attestation_version,  //
1400                                            keymaster_security_level_t* attestation_security_level,
1401                                            uint32_t* keymaster_version,
1402                                            keymaster_security_level_t* keymaster_security_level,
1403                                            keymaster_blob_t* attestation_challenge,
1404                                            AuthorizationSet* software_enforced,
1405                                            AuthorizationSet* tee_enforced,
1406                                            keymaster_blob_t* unique_id) {
1407     const uint8_t* p = asn1_key_desc;
1408     UniquePtr<KM_KEY_DESCRIPTION, KM_KEY_DESCRIPTION_Delete> record(
1409         d2i_KM_KEY_DESCRIPTION(nullptr, &p, asn1_key_desc_len));
1410     if (!record.get()) return TranslateLastOpenSslError();
1411 
1412     *attestation_version = ASN1_INTEGER_get(record->attestation_version);
1413     *attestation_security_level = static_cast<keymaster_security_level_t>(
1414         ASN1_ENUMERATED_get(record->attestation_security_level));
1415     *keymaster_version = ASN1_INTEGER_get(record->keymaster_version);
1416     *keymaster_security_level = static_cast<keymaster_security_level_t>(
1417         ASN1_ENUMERATED_get(record->keymaster_security_level));
1418 
1419     attestation_challenge->data =
1420         dup_buffer(record->attestation_challenge->data, record->attestation_challenge->length);
1421     attestation_challenge->data_length = record->attestation_challenge->length;
1422 
1423     unique_id->data = dup_buffer(record->unique_id->data, record->unique_id->length);
1424     unique_id->data_length = record->unique_id->length;
1425 
1426     keymaster_error_t error = extract_auth_list(record->software_enforced, software_enforced);
1427     if (error != KM_ERROR_OK) return error;
1428 
1429     return extract_auth_list(record->tee_enforced, tee_enforced);
1430 }
1431 
parse_root_of_trust(const uint8_t * asn1_key_desc,size_t asn1_key_desc_len,keymaster_blob_t * verified_boot_key,keymaster_verified_boot_t * verified_boot_state,bool * device_locked)1432 keymaster_error_t parse_root_of_trust(const uint8_t* asn1_key_desc, size_t asn1_key_desc_len,
1433                                       keymaster_blob_t* verified_boot_key,
1434                                       keymaster_verified_boot_t* verified_boot_state,
1435                                       bool* device_locked) {
1436     const uint8_t* p = asn1_key_desc;
1437     UniquePtr<KM_KEY_DESCRIPTION, KM_KEY_DESCRIPTION_Delete> record(
1438         d2i_KM_KEY_DESCRIPTION(nullptr, &p, asn1_key_desc_len));
1439     if (!record.get()) {
1440         return TranslateLastOpenSslError();
1441     }
1442     if (!record->tee_enforced) {
1443         return KM_ERROR_INVALID_ARGUMENT;
1444     }
1445     if (!record->tee_enforced->root_of_trust) {
1446         return KM_ERROR_INVALID_ARGUMENT;
1447     }
1448     if (!record->tee_enforced->root_of_trust->verified_boot_key) {
1449         return KM_ERROR_INVALID_ARGUMENT;
1450     }
1451     KM_ROOT_OF_TRUST* root_of_trust = record->tee_enforced->root_of_trust;
1452     verified_boot_key->data = dup_buffer(root_of_trust->verified_boot_key->data,
1453                                          root_of_trust->verified_boot_key->length);
1454     verified_boot_key->data_length = root_of_trust->verified_boot_key->length;
1455     *verified_boot_state = static_cast<keymaster_verified_boot_t>(
1456         ASN1_ENUMERATED_get(root_of_trust->verified_boot_state));
1457     *device_locked = root_of_trust->device_locked;
1458     return KM_ERROR_OK;
1459 }
1460 
1461 // Parse the EAT-encoded attestation record, placing the results in keymaster_version,
1462 // attestation_challenge, software_enforced, tee_enforced and unique_id.
parse_eat_record(const uint8_t * eat_key_desc,size_t eat_key_desc_len,uint32_t * attestation_version,keymaster_security_level_t * attestation_security_level,uint32_t * keymaster_version,keymaster_security_level_t * keymaster_security_level,keymaster_blob_t * attestation_challenge,AuthorizationSet * software_enforced,AuthorizationSet * tee_enforced,keymaster_blob_t * unique_id,keymaster_blob_t * verified_boot_key,keymaster_verified_boot_t * verified_boot_state,bool * device_locked,std::vector<int64_t> * unexpected_claims)1463 keymaster_error_t parse_eat_record(
1464     const uint8_t* eat_key_desc, size_t eat_key_desc_len, uint32_t* attestation_version,
1465     keymaster_security_level_t* attestation_security_level, uint32_t* keymaster_version,
1466     keymaster_security_level_t* keymaster_security_level, keymaster_blob_t* attestation_challenge,
1467     AuthorizationSet* software_enforced, AuthorizationSet* tee_enforced,
1468     keymaster_blob_t* unique_id, keymaster_blob_t* verified_boot_key,
1469     keymaster_verified_boot_t* verified_boot_state, bool* device_locked,
1470     std::vector<int64_t>* unexpected_claims) {
1471     auto [top_level_item, next_pos, error] = cppbor::parse(eat_key_desc, eat_key_desc_len);
1472     ASSERT_OR_RETURN_ERROR(top_level_item, KM_ERROR_INVALID_TAG);
1473     const cppbor::Map* eat_map = top_level_item->asMap();
1474     ASSERT_OR_RETURN_ERROR(eat_map, KM_ERROR_INVALID_TAG);
1475     bool verified_or_self_signed = false;
1476 
1477     for (size_t i = 0; i < eat_map->size(); i++) {
1478         auto& [key_item, value_item] = (*eat_map)[i];
1479         const cppbor::Int* key = key_item->asInt();
1480         ASSERT_OR_RETURN_ERROR(key, (KM_ERROR_INVALID_TAG));
1481 
1482         // The following values will either hold the typed value, or be null (if not the right
1483         // type).
1484         const cppbor::Int* int_value = value_item->asInt();
1485         const cppbor::Bstr* bstr_value = value_item->asBstr();
1486         const cppbor::Simple* simple_value = value_item->asSimple();
1487         const cppbor::Array* array_value = value_item->asArray();
1488         const cppbor::Map* map_value = value_item->asMap();
1489 
1490         keymaster_error_t error;
1491         switch ((EatClaim)key->value()) {
1492         default:
1493             unexpected_claims->push_back(key->value());
1494             break;
1495         case EatClaim::ATTESTATION_VERSION:
1496             ASSERT_OR_RETURN_ERROR(int_value, KM_ERROR_INVALID_TAG);
1497             *attestation_version = int_value->value();
1498             break;
1499         case EatClaim::SECURITY_LEVEL:
1500             ASSERT_OR_RETURN_ERROR(int_value, KM_ERROR_INVALID_TAG);
1501             switch ((EatSecurityLevel)int_value->value()) {
1502             // TODO: Is my assumption correct that the security level of the attestation data should
1503             // always be equal to the security level of keymint, as the attestation data always
1504             // lives in the top-level module?
1505             case EatSecurityLevel::UNRESTRICTED:
1506                 *keymaster_security_level = *attestation_security_level =
1507                     KM_SECURITY_LEVEL_SOFTWARE;
1508                 break;
1509             case EatSecurityLevel::SECURE_RESTRICTED:
1510                 *keymaster_security_level = *attestation_security_level =
1511                     KM_SECURITY_LEVEL_TRUSTED_ENVIRONMENT;
1512                 break;
1513             case EatSecurityLevel::HARDWARE:
1514                 *keymaster_security_level = *attestation_security_level =
1515                     KM_SECURITY_LEVEL_STRONGBOX;
1516                 break;
1517             default:
1518                 return KM_ERROR_INVALID_TAG;
1519             }
1520             break;
1521         case EatClaim::KEYMASTER_VERSION:
1522             ASSERT_OR_RETURN_ERROR(int_value, KM_ERROR_INVALID_TAG);
1523             *keymaster_version = int_value->value();
1524             break;
1525         case EatClaim::SUBMODS:
1526             ASSERT_OR_RETURN_ERROR(map_value, KM_ERROR_INVALID_TAG);
1527             for (size_t j = 0; j < map_value->size(); j++) {
1528                 auto& [submod_key, submod_value] = (*map_value)[j];
1529                 const cppbor::Map* submod_map = submod_value->asMap();
1530                 ASSERT_OR_RETURN_ERROR(submod_map, KM_ERROR_INVALID_TAG);
1531                 error = parse_eat_submod(submod_map, software_enforced, tee_enforced);
1532                 if (error != KM_ERROR_OK) return error;
1533             }
1534             break;
1535         case EatClaim::CTI:
1536             error = bstr_to_blob(bstr_value, unique_id);
1537             if (error != KM_ERROR_OK) return error;
1538             break;
1539         case EatClaim::NONCE:
1540             error = bstr_to_blob(bstr_value, attestation_challenge);
1541             if (error != KM_ERROR_OK) return error;
1542             break;
1543         case EatClaim::VERIFIED_BOOT_KEY:
1544             error = bstr_to_blob(bstr_value, verified_boot_key);
1545             if (error != KM_ERROR_OK) return error;
1546             break;
1547         case EatClaim::VERIFIED_BOOT_HASH:
1548             // Not parsing this for now.
1549             break;
1550         case EatClaim::DEVICE_UNIQUE_ATTESTATION:
1551             if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1552                 return KM_ERROR_INVALID_TAG;
1553             }
1554             // Not parsing this for now.
1555             break;
1556         case EatClaim::DEVICE_LOCKED:
1557             ASSERT_OR_RETURN_ERROR(simple_value->asBool(), KM_ERROR_INVALID_TAG);
1558             *device_locked = simple_value->asBool()->value();
1559             break;
1560         case EatClaim::BOOT_STATE:
1561             ASSERT_OR_RETURN_ERROR(array_value, KM_ERROR_INVALID_TAG);
1562             ASSERT_OR_RETURN_ERROR(array_value->size() == 5, KM_ERROR_INVALID_TAG);
1563             ASSERT_OR_RETURN_ERROR((*array_value)[4]->asSimple()->asBool()->value() == false,
1564                                    KM_ERROR_INVALID_TAG);
1565             verified_or_self_signed = (*array_value)[0]->asSimple()->asBool()->value();
1566             ASSERT_OR_RETURN_ERROR(verified_or_self_signed ==
1567                                        (*array_value)[1]->asSimple()->asBool()->value(),
1568                                    KM_ERROR_INVALID_TAG);
1569             ASSERT_OR_RETURN_ERROR(verified_or_self_signed ==
1570                                        (*array_value)[2]->asSimple()->asBool()->value(),
1571                                    KM_ERROR_INVALID_TAG);
1572             ASSERT_OR_RETURN_ERROR(verified_or_self_signed ==
1573                                        (*array_value)[3]->asSimple()->asBool()->value(),
1574                                    KM_ERROR_INVALID_TAG);
1575             break;
1576         case EatClaim::OFFICIAL_BUILD:
1577             *verified_boot_state = KM_VERIFIED_BOOT_VERIFIED;
1578             break;
1579         }
1580     }
1581 
1582     if (*verified_boot_state == KM_VERIFIED_BOOT_VERIFIED) {
1583         (void)(verified_boot_state);
1584         // TODO: re-enable this
1585         // ASSERT_OR_RETURN_ERROR(verified_or_self_signed, KM_ERROR_INVALID_TAG);
1586     } else {
1587         *verified_boot_state =
1588             verified_or_self_signed ? KM_VERIFIED_BOOT_SELF_SIGNED : KM_VERIFIED_BOOT_UNVERIFIED;
1589     }
1590 
1591     return KM_ERROR_OK;
1592 }
1593 
parse_submod_values(AuthorizationSetBuilder * set_builder,int * auth_set_security_level,const cppbor::Map * submod_map)1594 keymaster_error_t parse_submod_values(AuthorizationSetBuilder* set_builder,
1595                                       int* auth_set_security_level, const cppbor::Map* submod_map) {
1596     ASSERT_OR_RETURN_ERROR(set_builder, KM_ERROR_UNEXPECTED_NULL_POINTER);
1597     for (size_t i = 0; i < submod_map->size(); i++) {
1598         auto& [key_item, value_item] = (*submod_map)[i];
1599         const cppbor::Int* key_int = key_item->asInt();
1600         ASSERT_OR_RETURN_ERROR(key_int, KM_ERROR_INVALID_TAG);
1601         int key = key_int->value();
1602         keymaster_error_t error;
1603         keymaster_blob_t blob;
1604 
1605         switch ((EatClaim)key) {
1606         default:
1607             return KM_ERROR_INVALID_TAG;
1608         case EatClaim::ALGORITHM:
1609             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1610             set_builder->Authorization(
1611                 TAG_ALGORITHM, static_cast<keymaster_algorithm_t>(value_item->asInt()->value()));
1612             break;
1613         case EatClaim::EC_CURVE:
1614             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1615             set_builder->Authorization(
1616                 TAG_EC_CURVE, static_cast<keymaster_ec_curve_t>(value_item->asInt()->value()));
1617             break;
1618         case EatClaim::USER_AUTH_TYPE:
1619             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1620             set_builder->Authorization(TAG_USER_AUTH_TYPE, static_cast<hw_authenticator_type_t>(
1621                                                                value_item->asInt()->value()));
1622             break;
1623         case EatClaim::ORIGIN:
1624             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1625             set_builder->Authorization(
1626                 TAG_ORIGIN, static_cast<keymaster_key_origin_t>(value_item->asInt()->value()));
1627             break;
1628         case EatClaim::PURPOSE:
1629             for (size_t j = 0; j < value_item->asArray()->size(); j++) {
1630                 set_builder->Authorization(TAG_PURPOSE,
1631                                            static_cast<keymaster_purpose_t>(
1632                                                (*value_item->asArray())[j]->asInt()->value()));
1633             }
1634             break;
1635         case EatClaim::PADDING:
1636             for (size_t j = 0; j < value_item->asArray()->size(); j++) {
1637                 set_builder->Authorization(TAG_PADDING,
1638                                            static_cast<keymaster_padding_t>(
1639                                                (*value_item->asArray())[j]->asInt()->value()));
1640             }
1641             break;
1642         case EatClaim::DIGEST:
1643             for (size_t j = 0; j < value_item->asArray()->size(); j++) {
1644                 set_builder->Authorization(
1645                     TAG_DIGEST,
1646                     static_cast<keymaster_digest_t>((*value_item->asArray())[j]->asInt()->value()));
1647             }
1648             break;
1649         case EatClaim::BLOCK_MODE:
1650             for (size_t j = 0; j < value_item->asArray()->size(); j++) {
1651                 set_builder->Authorization(TAG_BLOCK_MODE,
1652                                            static_cast<keymaster_block_mode_t>(
1653                                                (*value_item->asArray())[j]->asInt()->value()));
1654             }
1655             break;
1656         case EatClaim::KEY_SIZE:
1657             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1658             set_builder->Authorization(TAG_KEY_SIZE, value_item->asInt()->value());
1659             break;
1660         case EatClaim::AUTH_TIMEOUT:
1661             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1662             set_builder->Authorization(TAG_AUTH_TIMEOUT, value_item->asInt()->value());
1663             break;
1664         case EatClaim::OS_VERSION:
1665             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1666             set_builder->Authorization(TAG_OS_VERSION, value_item->asInt()->value());
1667             break;
1668         case EatClaim::OS_PATCHLEVEL:
1669             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1670             set_builder->Authorization(TAG_OS_PATCHLEVEL, value_item->asInt()->value());
1671             break;
1672         case EatClaim::MIN_MAC_LENGTH:
1673             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1674             set_builder->Authorization(TAG_MIN_MAC_LENGTH, value_item->asInt()->value());
1675             break;
1676         case EatClaim::BOOT_PATCHLEVEL:
1677             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1678             set_builder->Authorization(TAG_BOOT_PATCHLEVEL, value_item->asInt()->value());
1679             break;
1680         case EatClaim::VENDOR_PATCHLEVEL:
1681             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1682             set_builder->Authorization(TAG_VENDOR_PATCHLEVEL, value_item->asInt()->value());
1683             break;
1684         case EatClaim::RSA_PUBLIC_EXPONENT:
1685             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1686             set_builder->Authorization(TAG_RSA_PUBLIC_EXPONENT, value_item->asInt()->value());
1687             break;
1688         case EatClaim::ACTIVE_DATETIME:
1689             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1690             set_builder->Authorization(TAG_ACTIVE_DATETIME, value_item->asInt()->value());
1691             break;
1692         case EatClaim::ORIGINATION_EXPIRE_DATETIME:
1693             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1694             set_builder->Authorization(TAG_ORIGINATION_EXPIRE_DATETIME,
1695                                        value_item->asInt()->value());
1696             break;
1697         case EatClaim::USAGE_EXPIRE_DATETIME:
1698             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1699             set_builder->Authorization(TAG_USAGE_EXPIRE_DATETIME, value_item->asInt()->value());
1700             break;
1701         case EatClaim::IAT:
1702             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1703             set_builder->Authorization(TAG_CREATION_DATETIME, value_item->asInt()->value());
1704             break;
1705         case EatClaim::NO_AUTH_REQUIRED:
1706             if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1707                 return KM_ERROR_INVALID_TAG;
1708             }
1709             set_builder->Authorization(TAG_NO_AUTH_REQUIRED);
1710             break;
1711         case EatClaim::ALL_APPLICATIONS:
1712             if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1713                 return KM_ERROR_INVALID_TAG;
1714             }
1715             set_builder->Authorization(TAG_ALL_APPLICATIONS);
1716             break;
1717         case EatClaim::ROLLBACK_RESISTANT:
1718             if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1719                 return KM_ERROR_INVALID_TAG;
1720             }
1721             set_builder->Authorization(TAG_ROLLBACK_RESISTANT);
1722             break;
1723         case EatClaim::ALLOW_WHILE_ON_BODY:
1724             if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1725                 return KM_ERROR_INVALID_TAG;
1726             }
1727             set_builder->Authorization(TAG_ALLOW_WHILE_ON_BODY);
1728             break;
1729         case EatClaim::UNLOCKED_DEVICE_REQUIRED:
1730             if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1731                 return KM_ERROR_INVALID_TAG;
1732             }
1733             set_builder->Authorization(TAG_UNLOCKED_DEVICE_REQUIRED);
1734             break;
1735         case EatClaim::CALLER_NONCE:
1736             if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1737                 return KM_ERROR_INVALID_TAG;
1738             }
1739             set_builder->Authorization(TAG_CALLER_NONCE);
1740             break;
1741         case EatClaim::TRUSTED_CONFIRMATION_REQUIRED:
1742             if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1743                 return KM_ERROR_INVALID_TAG;
1744             }
1745             set_builder->Authorization(TAG_TRUSTED_CONFIRMATION_REQUIRED);
1746             break;
1747         case EatClaim::EARLY_BOOT_ONLY:
1748             if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1749                 return KM_ERROR_INVALID_TAG;
1750             }
1751             set_builder->Authorization(TAG_EARLY_BOOT_ONLY);
1752             break;
1753         case EatClaim::IDENTITY_CREDENTIAL_KEY:
1754             if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1755                 return KM_ERROR_INVALID_TAG;
1756             }
1757             set_builder->Authorization(TAG_IDENTITY_CREDENTIAL_KEY);
1758             break;
1759         case EatClaim::STORAGE_KEY:
1760             if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1761                 return KM_ERROR_INVALID_TAG;
1762             }
1763             set_builder->Authorization(TAG_STORAGE_KEY);
1764             break;
1765         case EatClaim::TRUSTED_USER_PRESENCE_REQUIRED:
1766             if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1767                 return KM_ERROR_INVALID_TAG;
1768             }
1769             set_builder->Authorization(TAG_TRUSTED_USER_PRESENCE_REQUIRED);
1770             break;
1771         case EatClaim::DEVICE_UNIQUE_ATTESTATION:
1772             if (value_item->asSimple() == nullptr || !value_item->asSimple()->asBool()->value()) {
1773                 return KM_ERROR_INVALID_TAG;
1774             }
1775             set_builder->Authorization(TAG_DEVICE_UNIQUE_ATTESTATION);
1776             break;
1777         case EatClaim::APPLICATION_ID:
1778             error = bstr_to_blob(value_item->asBstr(), &blob);
1779             if (error != KM_ERROR_OK) return error;
1780             set_builder->Authorization(TAG_APPLICATION_ID, blob);
1781             break;
1782         case EatClaim::ATTESTATION_APPLICATION_ID:
1783             error = bstr_to_blob(value_item->asBstr(), &blob);
1784             if (error != KM_ERROR_OK) return error;
1785             set_builder->Authorization(TAG_ATTESTATION_APPLICATION_ID, blob);
1786             break;
1787         case EatClaim::ATTESTATION_ID_BRAND:
1788             error = bstr_to_blob(value_item->asBstr(), &blob);
1789             if (error != KM_ERROR_OK) return error;
1790             set_builder->Authorization(TAG_ATTESTATION_ID_BRAND, blob);
1791             break;
1792         case EatClaim::ATTESTATION_ID_DEVICE:
1793             error = bstr_to_blob(value_item->asBstr(), &blob);
1794             if (error != KM_ERROR_OK) return error;
1795             set_builder->Authorization(TAG_ATTESTATION_ID_DEVICE, blob);
1796             break;
1797         case EatClaim::ATTESTATION_ID_PRODUCT:
1798             error = bstr_to_blob(value_item->asBstr(), &blob);
1799             if (error != KM_ERROR_OK) return error;
1800             set_builder->Authorization(TAG_ATTESTATION_ID_PRODUCT, blob);
1801             break;
1802         case EatClaim::ATTESTATION_ID_SERIAL:
1803             error = bstr_to_blob(value_item->asBstr(), &blob);
1804             if (error != KM_ERROR_OK) return error;
1805             set_builder->Authorization(TAG_ATTESTATION_ID_SERIAL, blob);
1806             break;
1807         case EatClaim::UEID:
1808             error = ueid_to_imei_blob(value_item->asBstr(), &blob);
1809             if (error != KM_ERROR_OK) return error;
1810             set_builder->Authorization(TAG_ATTESTATION_ID_IMEI, blob);
1811             break;
1812         case EatClaim::ATTESTATION_ID_MEID:
1813             error = bstr_to_blob(value_item->asBstr(), &blob);
1814             if (error != KM_ERROR_OK) return error;
1815             set_builder->Authorization(TAG_ATTESTATION_ID_MEID, blob);
1816             break;
1817         case EatClaim::ATTESTATION_ID_MANUFACTURER:
1818             error = bstr_to_blob(value_item->asBstr(), &blob);
1819             if (error != KM_ERROR_OK) return error;
1820             set_builder->Authorization(TAG_ATTESTATION_ID_MANUFACTURER, blob);
1821             break;
1822         case EatClaim::ATTESTATION_ID_MODEL:
1823             error = bstr_to_blob(value_item->asBstr(), &blob);
1824             if (error != KM_ERROR_OK) return error;
1825             set_builder->Authorization(TAG_ATTESTATION_ID_MODEL, blob);
1826             break;
1827         case EatClaim::CONFIRMATION_TOKEN:
1828             error = bstr_to_blob(value_item->asBstr(), &blob);
1829             if (error != KM_ERROR_OK) return error;
1830             set_builder->Authorization(TAG_CONFIRMATION_TOKEN, blob);
1831             break;
1832         case EatClaim::SECURITY_LEVEL:
1833             ASSERT_OR_RETURN_ERROR(value_item->asInt(), KM_ERROR_INVALID_TAG);
1834             *auth_set_security_level = value_item->asInt()->value();
1835         }
1836     }
1837 
1838     return KM_ERROR_OK;
1839 }
1840 
parse_eat_submod(const cppbor::Map * submod_values,AuthorizationSet * software_enforced,AuthorizationSet * tee_enforced)1841 keymaster_error_t parse_eat_submod(const cppbor::Map* submod_values,
1842                                    AuthorizationSet* software_enforced,
1843                                    AuthorizationSet* tee_enforced) {
1844     AuthorizationSetBuilder auth_set_builder;
1845     int auth_set_security_level = 0;
1846     keymaster_error_t error =
1847         parse_submod_values(&auth_set_builder, &auth_set_security_level, submod_values);
1848     if (error) return error;
1849     switch ((EatSecurityLevel)auth_set_security_level) {
1850     case EatSecurityLevel::HARDWARE:
1851         // Hardware attestation should never occur in a submod of another EAT.
1852         [[fallthrough]];
1853     default:
1854         return KM_ERROR_INVALID_TAG;
1855     case EatSecurityLevel::UNRESTRICTED:
1856         *software_enforced = AuthorizationSet(auth_set_builder);
1857         break;
1858     case EatSecurityLevel::SECURE_RESTRICTED:
1859         *tee_enforced = AuthorizationSet(auth_set_builder);
1860         break;
1861     }
1862 
1863     return KM_ERROR_OK;
1864 }
1865 }  // namespace keymaster
1866