C++程序  |  85行  |  2.87 KB

/*
 * Copyright (C) 2016 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#ifndef KEYSTORE_KEYSTORE_ATTESTATION_ID_H_
#define KEYSTORE_KEYSTORE_ATTESTATION_ID_H_

#include <utils/Errors.h>
#include <vector>

namespace android {
namespace security {

constexpr size_t KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE = 1024;

namespace keymaster {

class KeyAttestationApplicationId;

}  // namespace keymaster

template <typename T> class StatusOr {
  public:
    // NOLINTNEXTLINE(google-explicit-constructor)
    StatusOr(const status_t error) : _status(error), _value() {}
    // NOLINTNEXTLINE(google-explicit-constructor)
    StatusOr(const T& value) : _status(NO_ERROR), _value(value) {}
    // NOLINTNEXTLINE(google-explicit-constructor)
    StatusOr(T&& value) : _status(NO_ERROR), _value(value) {}

    // NOLINTNEXTLINE(google-explicit-constructor)
    operator const T&() const { return _value; }
    // NOLINTNEXTLINE(google-explicit-constructor)
    operator T&() { return _value; }
    // NOLINTNEXTLINE(google-explicit-constructor)
    operator T &&() && { return std::move(_value); }

    bool isOk() const { return NO_ERROR == _status; }

    ::android::status_t status() const { return _status; }

    const T& value() const & { return _value; }
    T& value() & { return _value; }
    T&& value() && { return std::move(_value); }

  private:
    ::android::status_t _status;
    T _value;
};

/**
 * Gathers the attestation id for the application determined by uid by querying the package manager
 * As of this writing uids can be shared in android, which is why the asn.1 encoded attestation
 * application id may contain more than one package info followed by a set of digests of the
 * packages signing certificates.
 *
 * @returns the asn.1 encoded attestation application id or an error code. Check the result with
 *          .isOk() before accessing.
 */
StatusOr<std::vector<uint8_t>> gather_attestation_application_id(uid_t uid);

/**
 * Generates a DER-encoded vector containing information from KeyAttestationApplicationId.
 * The size of the returned vector will not exceed KEY_ATTESTATION_APPLICATION_ID_MAX_SIZE.
 */

StatusOr<std::vector<uint8_t>> build_attestation_application_id(
    const ::android::security::keymaster::KeyAttestationApplicationId& key_attestation_id);

}  // namespace security
}  // namespace android
#endif  // KEYSTORE_KEYSTORE_ATTESTATION_ID_H_