Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / b6d1dfbe0b83dfdca36adbb0bafd8db8258bea9d / . / keystore2 / test_utils / authorizations.rs
blob: b73aab51bce70cad99b0b2284461693a96e3e6a3 [file] [log] [blame]
Rajesh Nyamagoud901386c2022-03-21 20:35:18 +0000[diff] [blame]1// Copyright 2022, The Android Open Source Project
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15//! This module implements test utils to create Autherizations.
16
17use std::ops::Deref;
18
19use android_hardware_security_keymint::aidl::android::hardware::security::keymint::{
Rajesh Nyamagoud11912ea2021-12-20 20:37:20 +0000[diff] [blame]20 Algorithm::Algorithm, BlockMode::BlockMode, Digest::Digest, EcCurve::EcCurve,
21 KeyParameter::KeyParameter, KeyParameterValue::KeyParameterValue, KeyPurpose::KeyPurpose,
22 PaddingMode::PaddingMode, Tag::Tag,
Rajesh Nyamagoud901386c2022-03-21 20:35:18 +0000[diff] [blame]23};
24
25/// Helper struct to create set of Authorizations.
Rajesh Nyamagoudb881d512021-12-10 00:33:15 +0000[diff] [blame]26#[derive(Debug, Clone, Eq, Hash, Ord, PartialEq, PartialOrd)]
Rajesh Nyamagoud901386c2022-03-21 20:35:18 +0000[diff] [blame]27pub struct AuthSetBuilder(Vec<KeyParameter>);
28
29impl Default for AuthSetBuilder {
30 fn default() -> Self {
31 Self::new()
32 }
33}
34
35impl AuthSetBuilder {
36 /// Creates new Authorizations list.
37 pub fn new() -> Self {
38 Self(Vec::new())
39 }
40
41 /// Add Purpose.
42 pub fn purpose(mut self, p: KeyPurpose) -> Self {
43 self.0.push(KeyParameter { tag: Tag::PURPOSE, value: KeyParameterValue::KeyPurpose(p) });
44 self
45 }
46
47 /// Add Digest.
48 pub fn digest(mut self, d: Digest) -> Self {
49 self.0.push(KeyParameter { tag: Tag::DIGEST, value: KeyParameterValue::Digest(d) });
50 self
51 }
52
53 /// Add Algorithm.
54 pub fn algorithm(mut self, a: Algorithm) -> Self {
55 self.0.push(KeyParameter { tag: Tag::ALGORITHM, value: KeyParameterValue::Algorithm(a) });
56 self
57 }
58
59 /// Add EC-Curve.
60 pub fn ec_curve(mut self, e: EcCurve) -> Self {
61 self.0.push(KeyParameter { tag: Tag::EC_CURVE, value: KeyParameterValue::EcCurve(e) });
62 self
63 }
64
65 /// Add Attestation-Challenge.
66 pub fn attestation_challenge(mut self, b: Vec<u8>) -> Self {
67 self.0.push(KeyParameter {
68 tag: Tag::ATTESTATION_CHALLENGE,
69 value: KeyParameterValue::Blob(b),
70 });
71 self
72 }
73
Rajesh Nyamagoudb881d512021-12-10 00:33:15 +0000[diff] [blame]74 /// Add No_auth_required.
75 pub fn no_auth_required(mut self) -> Self {
76 self.0.push(KeyParameter {
77 tag: Tag::NO_AUTH_REQUIRED,
78 value: KeyParameterValue::BoolValue(true),
79 });
80 self
81 }
Rajesh Nyamagoud11912ea2021-12-20 20:37:20 +0000[diff] [blame]82
83 /// Add RSA_public_exponent.
84 pub fn rsa_public_exponent(mut self, e: i64) -> Self {
85 self.0.push(KeyParameter {
86 tag: Tag::RSA_PUBLIC_EXPONENT,
87 value: KeyParameterValue::LongInteger(e),
88 });
89 self
90 }
91
92 /// Add key size.
93 pub fn key_size(mut self, s: i32) -> Self {
94 self.0.push(KeyParameter { tag: Tag::KEY_SIZE, value: KeyParameterValue::Integer(s) });
95 self
96 }
97
98 /// Add block mode.
99 pub fn block_mode(mut self, b: BlockMode) -> Self {
100 self.0.push(KeyParameter { tag: Tag::BLOCK_MODE, value: KeyParameterValue::BlockMode(b) });
101 self
102 }
103
104 /// Add certificate_not_before.
105 pub fn cert_not_before(mut self, b: i64) -> Self {
106 self.0.push(KeyParameter {
107 tag: Tag::CERTIFICATE_NOT_BEFORE,
108 value: KeyParameterValue::DateTime(b),
109 });
110 self
111 }
112
113 /// Add certificate_not_after.
114 pub fn cert_not_after(mut self, a: i64) -> Self {
115 self.0.push(KeyParameter {
116 tag: Tag::CERTIFICATE_NOT_AFTER,
117 value: KeyParameterValue::DateTime(a),
118 });
119 self
120 }
121
122 /// Add padding mode.
123 pub fn padding_mode(mut self, p: PaddingMode) -> Self {
124 self.0.push(KeyParameter { tag: Tag::PADDING, value: KeyParameterValue::PaddingMode(p) });
125 self
126 }
127
128 /// Add mgf_digest.
129 pub fn mgf_digest(mut self, d: Digest) -> Self {
130 self.0.push(KeyParameter {
131 tag: Tag::RSA_OAEP_MGF_DIGEST,
132 value: KeyParameterValue::Digest(d),
133 });
134 self
135 }
Rajesh Nyamagoud47409932022-01-08 00:37:13 +0000[diff] [blame]136
137 /// Add nonce.
138 pub fn nonce(mut self, b: Vec<u8>) -> Self {
139 self.0.push(KeyParameter { tag: Tag::NONCE, value: KeyParameterValue::Blob(b) });
140 self
141 }
142
Rajesh Nyamagoudc946cc42022-04-12 22:49:11 +0000[diff] [blame]143 /// Add CALLER_NONCE.
144 pub fn caller_nonce(mut self) -> Self {
145 self.0.push(KeyParameter {
146 tag: Tag::CALLER_NONCE,
147 value: KeyParameterValue::BoolValue(true),
148 });
149 self
150 }
151
Rajesh Nyamagoud47409932022-01-08 00:37:13 +0000[diff] [blame]152 /// Add MAC length.
153 pub fn mac_length(mut self, l: i32) -> Self {
154 self.0.push(KeyParameter { tag: Tag::MAC_LENGTH, value: KeyParameterValue::Integer(l) });
155 self
156 }
157
158 /// Add min MAC length.
159 pub fn min_mac_length(mut self, l: i32) -> Self {
160 self.0
161 .push(KeyParameter { tag: Tag::MIN_MAC_LENGTH, value: KeyParameterValue::Integer(l) });
162 self
163 }
Rajesh Nyamagouda42dee62022-04-22 21:15:55 +0000[diff] [blame]164
165 /// Add Attestation-Device-Brand.
166 pub fn attestation_device_brand(mut self, b: Vec<u8>) -> Self {
167 self.0.push(KeyParameter {
168 tag: Tag::ATTESTATION_ID_BRAND,
169 value: KeyParameterValue::Blob(b),
170 });
171 self
172 }
173
174 /// Add Attestation-Device-name.
175 pub fn attestation_device_name(mut self, b: Vec<u8>) -> Self {
176 self.0.push(KeyParameter {
177 tag: Tag::ATTESTATION_ID_DEVICE,
178 value: KeyParameterValue::Blob(b),
179 });
180 self
181 }
182
183 /// Add Attestation-Device-Product-Name.
184 pub fn attestation_device_product_name(mut self, b: Vec<u8>) -> Self {
185 self.0.push(KeyParameter {
186 tag: Tag::ATTESTATION_ID_PRODUCT,
187 value: KeyParameterValue::Blob(b),
188 });
189 self
190 }
191
192 /// Add Attestation-Device-Serial.
193 pub fn attestation_device_serial(mut self, b: Vec<u8>) -> Self {
194 self.0.push(KeyParameter {
195 tag: Tag::ATTESTATION_ID_SERIAL,
196 value: KeyParameterValue::Blob(b),
197 });
198 self
199 }
200
201 /// Add Attestation-Device-IMEI.
202 pub fn attestation_device_imei(mut self, b: Vec<u8>) -> Self {
203 self.0.push(KeyParameter {
204 tag: Tag::ATTESTATION_ID_IMEI,
205 value: KeyParameterValue::Blob(b),
206 });
207 self
208 }
209
210 /// Add Attestation-Device-IMEI.
211 pub fn attestation_device_second_imei(mut self, b: Vec<u8>) -> Self {
212 self.0.push(KeyParameter {
213 tag: Tag::ATTESTATION_ID_SECOND_IMEI,
214 value: KeyParameterValue::Blob(b),
215 });
216 self
217 }
218
219 /// Add Attestation-Device-MEID.
220 pub fn attestation_device_meid(mut self, b: Vec<u8>) -> Self {
221 self.0.push(KeyParameter {
222 tag: Tag::ATTESTATION_ID_MEID,
223 value: KeyParameterValue::Blob(b),
224 });
225 self
226 }
227
228 /// Add Attestation-Device-Manufacturer.
229 pub fn attestation_device_manufacturer(mut self, b: Vec<u8>) -> Self {
230 self.0.push(KeyParameter {
231 tag: Tag::ATTESTATION_ID_MANUFACTURER,
232 value: KeyParameterValue::Blob(b),
233 });
234 self
235 }
236
237 /// Add Attestation-Device-Model.
238 pub fn attestation_device_model(mut self, b: Vec<u8>) -> Self {
239 self.0.push(KeyParameter {
240 tag: Tag::ATTESTATION_ID_MODEL,
241 value: KeyParameterValue::Blob(b),
242 });
243 self
244 }
Rajesh Nyamagoud75dfa0c2023-05-11 00:31:40 +0000[diff] [blame]245
246 /// Set active date-time.
247 pub fn active_date_time(mut self, date: i64) -> Self {
248 self.0.push(KeyParameter {
249 tag: Tag::ACTIVE_DATETIME,
250 value: KeyParameterValue::DateTime(date),
251 });
252 self
253 }
254
255 /// Set origination expire date-time.
256 pub fn origination_expire_date_time(mut self, date: i64) -> Self {
257 self.0.push(KeyParameter {
258 tag: Tag::ORIGINATION_EXPIRE_DATETIME,
259 value: KeyParameterValue::DateTime(date),
260 });
261 self
262 }
263
264 /// Set usage expire date-time.
265 pub fn usage_expire_date_time(mut self, date: i64) -> Self {
266 self.0.push(KeyParameter {
267 tag: Tag::USAGE_EXPIRE_DATETIME,
268 value: KeyParameterValue::DateTime(date),
269 });
270 self
271 }
Rajesh Nyamagoudf436a932023-05-12 01:16:07 +0000[diff] [blame]272
273 /// Set boot loader only.
274 pub fn boot_loader_only(mut self) -> Self {
275 self.0.push(KeyParameter {
276 tag: Tag::BOOTLOADER_ONLY,
277 value: KeyParameterValue::BoolValue(true),
278 });
279 self
280 }
281
282 /// Set early boot only.
283 pub fn early_boot_only(mut self) -> Self {
284 self.0.push(KeyParameter {
285 tag: Tag::EARLY_BOOT_ONLY,
286 value: KeyParameterValue::BoolValue(true),
287 });
288 self
289 }
290
291 /// Set max uses per boot.
292 pub fn max_uses_per_boot(mut self, max_uses: i32) -> Self {
293 self.0.push(KeyParameter {
294 tag: Tag::MAX_USES_PER_BOOT,
295 value: KeyParameterValue::Integer(max_uses),
296 });
297 self
298 }
299
300 /// Set max usage count.
301 pub fn usage_count_limit(mut self, usage_count: i32) -> Self {
302 self.0.push(KeyParameter {
303 tag: Tag::USAGE_COUNT_LIMIT,
304 value: KeyParameterValue::Integer(usage_count),
305 });
306 self
307 }
Rajesh Nyamagoud901386c2022-03-21 20:35:18 +0000[diff] [blame]308}
309
310impl Deref for AuthSetBuilder {
311 type Target = Vec<KeyParameter>;
312
313 fn deref(&self) -> &Self::Target {
314 &self.0
315 }
316}