commit ec93170857027fc46fbc2dd68fadb4202ca0e06a
author Andrew Scull <ascull@google.com> Fri Sep 01 22:22:58 2023 +0000
committer Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Fri Sep 01 22:22:58 2023 +0000
tree df7750990a3a8d94e3552205afb5a6ff6b8a4a79
parent 3af2302ef52ae984224856ae6f8509b3bf3be3db
parent f8d5b437b102c148b3d858787771e73a70416b03

Merge "Test the format of patch level device info" into main am: 92bd93934a am: f8d5b437b1

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2736075

Change-Id: I6b1745db60e300d9aa0b6ce0c4ca6c4a3020a1e2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

security/keymint/support/remote_prov_utils.cpp

diff --git a/security/keymint/support/remote_prov_utils.cpp b/security/keymint/support/remote_prov_utils.cpp
index c9c3e4d..780c3d2 100644
--- a/security/keymint/support/remote_prov_utils.cpp
+++ b/security/keymint/support/remote_prov_utils.cpp
@@ -14,6 +14,7 @@
  * limitations under the License.
  */
 
+#include <iomanip>
 #include <iterator>
 #include <memory>
 #include <set>
@@ -420,6 +421,36 @@
     return entryName + " has an invalid value.\n";
 }
 
+std::string checkMapPatchLevelEntry(bool isFactory, const cppbor::Map& devInfo,
+                                    const std::string& entryName) {
+    std::string error = checkMapEntry(isFactory, devInfo, cppbor::UINT, entryName);
+    if (!error.empty()) {
+        return error;
+    }
+
+    if (isFactory) {
+        return "";
+    }
+
+    const std::unique_ptr<cppbor::Item>& val = devInfo.get(entryName);
+    std::string dateString = std::to_string(val->asUint()->unsignedValue());
+    if (dateString.size() == 6) {
+        dateString += "01";
+    }
+    if (dateString.size() != 8) {
+        return entryName + " should in the format YYYYMMDD or YYYYMM\n";
+    }
+
+    std::tm t;
+    std::istringstream ss(dateString);
+    ss >> std::get_time(&t, "%Y%m%d");
+    if (!ss) {
+        return entryName + " should in the format YYYYMMDD or YYYYMM\n";
+    }
+
+    return "";
+}
+
 bool isTeeDeviceInfo(const cppbor::Map& devInfo) {
     return devInfo.get("security_level") && devInfo.get("security_level")->asTstr() &&
            devInfo.get("security_level")->asTstr()->value() == "tee";
@@ -520,6 +551,10 @@
                     error += "Err: Unrecognized key entry: <" + key->asTstr()->value() + ">,\n";
                 }
             }
+            // Checks that only apply to v3.
+            error += checkMapPatchLevelEntry(isFactory, *parsed, "system_patch_level");
+            error += checkMapPatchLevelEntry(isFactory, *parsed, "boot_patch_level");
+            error += checkMapPatchLevelEntry(isFactory, *parsed, "vendor_patch_level");
             FALLTHROUGH_INTENDED;
         case 2:
             for (const auto& entry : kAttestationIdEntrySet) {