/* ** ** Copyright 2020, The Android Open Source Project ** ** Licensed under the Apache License, Version 2.0 (the "License"); ** you may not use this file except in compliance with the License. ** You may obtain a copy of the License at ** ** http://www.apache.org/licenses/LICENSE-2.0 ** ** Unless required by applicable law or agreed to in writing, software ** distributed under the License is distributed on an "AS IS" BASIS, ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ** See the License for the specific language governing permissions and ** limitations under the License. */ #pragma once #include #include #include #include #include #include #include #include #include #include #include namespace keymint::javacard { using aidl::android::hardware::security::keymint::AttestationKey; using aidl::android::hardware::security::keymint::Certificate; using aidl::android::hardware::security::keymint::HardwareAuthToken; using aidl::android::hardware::security::keymint::KeyCharacteristics; using aidl::android::hardware::security::keymint::KeyParameter; using aidl::android::hardware::security::secureclock::TimeStampToken; using aidl::android::hardware::security::sharedsecret::SharedSecretParameters; using cppbor::Array; using cppbor::Bstr; using cppbor::EncodedItem; using cppbor::Item; using cppbor::MajorType; using cppbor::Map; using cppbor::Nint; using cppbor::Tstr; using cppbor::Uint; using std::string; using std::unique_ptr; using std::vector; class CborConverter { public: CborConverter() = default; ~CborConverter() = default; std::tuple, keymaster_error_t> decodeData(const std::vector& response); std::optional getUint64(const unique_ptr& item); std::optional getUint64(const unique_ptr& item, const uint32_t pos); std::optional getSharedSecretParameters(const std::unique_ptr& item, const uint32_t pos); std::optional getByteArrayStr(const unique_ptr& item, const uint32_t pos); std::optional getTextStr(const unique_ptr& item, const uint32_t pos); std::optional> getByteArrayVec(const unique_ptr& item, const uint32_t pos); std::optional> getKeyParameters(const unique_ptr& item, const uint32_t pos); bool addKeyparameters(Array& array, const vector& keyParams); bool addAttestationKey(Array& array, const std::optional& attestationKey); bool addHardwareAuthToken(Array& array, const HardwareAuthToken& authToken); bool addSharedSecretParameters(Array& array, const vector& params); std::optional getTimeStampToken(const std::unique_ptr& item, const uint32_t pos); std::optional> getKeyCharacteristics(const std::unique_ptr& item, const uint32_t pos); std::optional> getCertificateChain(const std::unique_ptr& item, const uint32_t pos); std::optional>> getMultiByteArray(const unique_ptr& item, const uint32_t pos); bool addTimeStampToken(Array& array, const TimeStampToken& token); std::optional getMapItem(const std::unique_ptr& item, const uint32_t pos); std::optional getArrayItem(const std::unique_ptr& item, const uint32_t pos); std::optional getErrorCode(const std::unique_ptr& item, const uint32_t pos); private: /** * Get the type of the Item pointer. */ inline MajorType getType(const unique_ptr& item) { return item.get()->type(); } /** * Construct Keyparameter structure from the pair of key and value. If TagType is ENUM_REP the * value contains binary string. If TagType is UINT_REP or ULONG_REP the value contains Array of * unsigned integers. */ std::optional> getKeyParameter( const std::pair&, const std::unique_ptr&> pair); /** * Get the sub item pointer from the root item pointer at the given position. */ inline std::optional> getItemAtPos(const unique_ptr& item, const uint32_t pos) { Array* arr = nullptr; if (MajorType::ARRAY != getType(item)) { return std::nullopt; } arr = const_cast(item.get()->asArray()); if (arr->size() < (pos + 1)) { return std::nullopt; } return std::move((*arr)[pos]); } }; } // namespace keymint::javacard