1 /*
2  * Copyright 2019, The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef VTS_IDENTITY_TEST_UTILS_H
18 #define VTS_IDENTITY_TEST_UTILS_H
19 
20 #include <android/hardware/identity/IIdentityCredentialStore.h>
21 #include <android/hardware/identity/support/IdentityCredentialSupport.h>
22 #include <cppbor.h>
23 #include <cppbor_parse.h>
24 
25 namespace android::hardware::identity::test_utils {
26 
27 using ::std::map;
28 using ::std::optional;
29 using ::std::string;
30 using ::std::vector;
31 
32 using ::android::sp;
33 using ::android::binder::Status;
34 
35 struct AttestationData {
AttestationDataAttestationData36     AttestationData(sp<IWritableIdentityCredential>& writableCredential, string challenge,
37                     vector<uint8_t> applicationId)
38         : attestationApplicationId(applicationId) {
39         // ASSERT_NE(writableCredential, nullptr);
40 
41         if (!challenge.empty()) {
42             attestationChallenge.assign(challenge.begin(), challenge.end());
43         }
44 
45         result = writableCredential->getAttestationCertificate(
46                 attestationApplicationId, attestationChallenge, &attestationCertificate);
47     }
48 
AttestationDataAttestationData49     AttestationData() {}
50 
51     vector<uint8_t> attestationChallenge;
52     vector<uint8_t> attestationApplicationId;
53     vector<Certificate> attestationCertificate;
54     Status result;
55 };
56 
57 struct TestEntryData {
TestEntryDataTestEntryData58     TestEntryData(string nameSpace, string name, vector<int32_t> profileIds)
59         : nameSpace(nameSpace), name(name), profileIds(profileIds) {}
60 
TestEntryDataTestEntryData61     TestEntryData(string nameSpace, string name, const string& value, vector<int32_t> profileIds)
62         : TestEntryData(nameSpace, name, profileIds) {
63         valueCbor = cppbor::Tstr(((const char*)value.data())).encode();
64     }
TestEntryDataTestEntryData65     TestEntryData(string nameSpace, string name, const vector<uint8_t>& value,
66                   vector<int32_t> profileIds)
67         : TestEntryData(nameSpace, name, profileIds) {
68         valueCbor = cppbor::Bstr(value).encode();
69     }
TestEntryDataTestEntryData70     TestEntryData(string nameSpace, string name, bool value, vector<int32_t> profileIds)
71         : TestEntryData(nameSpace, name, profileIds) {
72         valueCbor = cppbor::Bool(value).encode();
73     }
TestEntryDataTestEntryData74     TestEntryData(string nameSpace, string name, int64_t value, vector<int32_t> profileIds)
75         : TestEntryData(nameSpace, name, profileIds) {
76         if (value >= 0) {
77             valueCbor = cppbor::Uint(value).encode();
78         } else {
79             valueCbor = cppbor::Nint(-value).encode();
80         }
81     }
82 
83     string nameSpace;
84     string name;
85     vector<uint8_t> valueCbor;
86     vector<int32_t> profileIds;
87 };
88 
89 struct TestProfile {
90     uint16_t id;
91     vector<uint8_t> readerCertificate;
92     bool userAuthenticationRequired;
93     uint64_t timeoutMillis;
94 };
95 
96 bool setupWritableCredential(sp<IWritableIdentityCredential>& writableCredential,
97                              sp<IIdentityCredentialStore>& credentialStore);
98 
99 optional<vector<uint8_t>> generateReaderCertificate(string serialDecimal);
100 
101 optional<vector<uint8_t>> generateReaderCertificate(string serialDecimal,
102                                                     vector<uint8_t>* outReaderPrivateKey);
103 
104 optional<vector<SecureAccessControlProfile>> addAccessControlProfiles(
105         sp<IWritableIdentityCredential>& writableCredential,
106         const vector<TestProfile>& testProfiles);
107 
108 bool addEntry(sp<IWritableIdentityCredential>& writableCredential, const TestEntryData& entry,
109               int dataChunkSize, map<const TestEntryData*, vector<vector<uint8_t>>>& encryptedBlobs,
110               bool expectSuccess);
111 
112 void setImageData(vector<uint8_t>& image);
113 
114 bool validateAttestationCertificate(const vector<Certificate>& inputCertificates,
115                                     const vector<uint8_t>& expectedChallenge,
116                                     const vector<uint8_t>& expectedAppId,
117                                     const HardwareInformation& hwInfo);
118 
119 vector<RequestNamespace> buildRequestNamespaces(const vector<TestEntryData> entries);
120 
121 }  // namespace android::hardware::identity::test_utils
122 
123 #endif  // VTS_IDENTITY_TEST_UTILS_H
124