/* * Copyright 2019, The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #ifndef VTS_IDENTITY_TEST_UTILS_H #define VTS_IDENTITY_TEST_UTILS_H #include #include #include #include #include #include namespace android::hardware::identity::test_utils { using ::std::map; using ::std::optional; using ::std::string; using ::std::vector; using ::android::sp; using ::android::binder::Status; struct AttestationData { AttestationData(sp& writableCredential, string challenge, vector attestationAppId) : attestationApplicationId(attestationAppId) { // ASSERT_NE(writableCredential, nullptr); if (!challenge.empty()) { attestationChallenge.assign(challenge.begin(), challenge.end()); } result = writableCredential->getAttestationCertificate( attestationApplicationId, attestationChallenge, &attestationCertificate); } AttestationData() {} vector attestationChallenge; vector attestationApplicationId; vector attestationCertificate; Status result; }; struct TestEntryData { TestEntryData(string nameSpace, string name, vector profileIds) : nameSpace(nameSpace), name(name), profileIds(profileIds) {} TestEntryData(string nameSpace, string name, const string& value, vector profileIds) : TestEntryData(nameSpace, name, profileIds) { valueCbor = cppbor::Tstr(((const char*)value.data())).encode(); } TestEntryData(string nameSpace, string name, const vector& value, vector profileIds) : TestEntryData(nameSpace, name, profileIds) { valueCbor = cppbor::Bstr(value).encode(); } TestEntryData(string nameSpace, string name, bool value, vector profileIds) : TestEntryData(nameSpace, name, profileIds) { valueCbor = cppbor::Bool(value).encode(); } TestEntryData(string nameSpace, string name, int64_t value, vector profileIds) : TestEntryData(nameSpace, name, profileIds) { if (value >= 0) { valueCbor = cppbor::Uint(value).encode(); } else { valueCbor = cppbor::Nint(-value).encode(); } } string nameSpace; string name; vector valueCbor; vector profileIds; }; struct TestProfile { uint16_t id; vector readerCertificate; bool userAuthenticationRequired; uint64_t timeoutMillis; }; bool setupWritableCredential(sp& writableCredential, sp& credentialStore, bool testCredential); optional>> createFakeRemotelyProvisionedCertificateChain( const ::android::hardware::security::keymint::MacedPublicKey& macedPublicKey); optional> generateReaderCertificate(string serialDecimal); optional> generateReaderCertificate(string serialDecimal, vector* outReaderPrivateKey); optional> addAccessControlProfiles( sp& writableCredential, const vector& testProfiles); bool addEntry(sp& writableCredential, const TestEntryData& entry, int dataChunkSize, map>>& encryptedBlobs, bool expectSuccess); void setImageData(vector& image); void validateAttestationCertificate(const vector& credentialKeyCertChain, const vector& expectedChallenge, const vector& expectedAppId, bool isTestCredential); vector buildRequestNamespaces(const vector entries); // Verifies that the X.509 certificate for a just created authentication key // is valid. // void verifyAuthKeyCertificate(const vector& authKeyCertChain); } // namespace android::hardware::identity::test_utils #endif // VTS_IDENTITY_TEST_UTILS_H