1 /* 2 * Copyright 2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef HARDWARE_INTERFACES_KEYMASTER_30_VTS_FUNCTIONAL_ATTESTATION_RECORD_H_ 18 #define HARDWARE_INTERFACES_KEYMASTER_30_VTS_FUNCTIONAL_ATTESTATION_RECORD_H_ 19 20 #include "authorization_set.h" 21 22 namespace android { 23 namespace hardware { 24 namespace keymaster { 25 namespace V3_0 { 26 27 /** 28 * The OID for Android attestation records. For the curious, it breaks down as follows: 29 * 30 * 1 = ISO 31 * 3 = org 32 * 6 = DoD (Huh? OIDs are weird.) 33 * 1 = IANA 34 * 4 = Private 35 * 1 = Enterprises 36 * 11129 = Google 37 * 2 = Google security 38 * 1 = certificate extension 39 * 17 = Android attestation extension. 40 */ 41 static const char kAttestionRecordOid[] = "1.3.6.1.4.1.11129.2.1.17"; 42 43 ErrorCode parse_attestation_record(const uint8_t* asn1_key_desc, size_t asn1_key_desc_len, 44 uint32_t* attestation_version, // 45 SecurityLevel* attestation_security_level, 46 uint32_t* keymaster_version, 47 SecurityLevel* keymaster_security_level, 48 hidl_vec<uint8_t>* attestation_challenge, 49 AuthorizationSet* software_enforced, 50 AuthorizationSet* tee_enforced, // 51 hidl_vec<uint8_t>* unique_id); 52 } // namespace V3_0 53 } // namespace keymaster 54 } // namespace hardware 55 } // namespace android 56 57 #endif // HARDWARE_INTERFACES_KEYMASTER_30_VTS_FUNCTIONAL_ATTESTATION_RECORD_H_ 58