1*60b67249SAndroid Build Coastguard Worker // Copyright 2021 Google LLC
2*60b67249SAndroid Build Coastguard Worker //
3*60b67249SAndroid Build Coastguard Worker // Licensed under the Apache License, Version 2.0 (the "License"); you may not
4*60b67249SAndroid Build Coastguard Worker // use this file except in compliance with the License. You may obtain a copy of
5*60b67249SAndroid Build Coastguard Worker // the License at
6*60b67249SAndroid Build Coastguard Worker //
7*60b67249SAndroid Build Coastguard Worker // https://www.apache.org/licenses/LICENSE-2.0
8*60b67249SAndroid Build Coastguard Worker //
9*60b67249SAndroid Build Coastguard Worker // Unless required by applicable law or agreed to in writing, software
10*60b67249SAndroid Build Coastguard Worker // distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11*60b67249SAndroid Build Coastguard Worker // WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12*60b67249SAndroid Build Coastguard Worker // License for the specific language governing permissions and limitations under
13*60b67249SAndroid Build Coastguard Worker // the License.
14*60b67249SAndroid Build Coastguard Worker
15*60b67249SAndroid Build Coastguard Worker // For more information on the Android Profile for DICE, see docs/android.md.
16*60b67249SAndroid Build Coastguard Worker
17*60b67249SAndroid Build Coastguard Worker #include "dice/android.h"
18*60b67249SAndroid Build Coastguard Worker
19*60b67249SAndroid Build Coastguard Worker #include <string.h>
20*60b67249SAndroid Build Coastguard Worker
21*60b67249SAndroid Build Coastguard Worker #include "dice/cbor_reader.h"
22*60b67249SAndroid Build Coastguard Worker #include "dice/cbor_writer.h"
23*60b67249SAndroid Build Coastguard Worker #include "dice/dice.h"
24*60b67249SAndroid Build Coastguard Worker #include "dice/ops.h"
25*60b67249SAndroid Build Coastguard Worker #include "dice/ops/trait/cose.h"
26*60b67249SAndroid Build Coastguard Worker
27*60b67249SAndroid Build Coastguard Worker // Completely gratuitous bit twiddling.
PopulationCount(uint32_t n)28*60b67249SAndroid Build Coastguard Worker static size_t PopulationCount(uint32_t n) {
29*60b67249SAndroid Build Coastguard Worker n = n - ((n >> 1) & 0x55555555);
30*60b67249SAndroid Build Coastguard Worker n = (n & 0x33333333) + ((n >> 2) & 0x33333333);
31*60b67249SAndroid Build Coastguard Worker return (((n + (n >> 4)) & 0x0F0F0F0F) * 0x01010101) >> 24;
32*60b67249SAndroid Build Coastguard Worker }
33*60b67249SAndroid Build Coastguard Worker
DiceAndroidFormatConfigDescriptor(const DiceAndroidConfigValues * config_values,size_t buffer_size,uint8_t * buffer,size_t * actual_size)34*60b67249SAndroid Build Coastguard Worker DiceResult DiceAndroidFormatConfigDescriptor(
35*60b67249SAndroid Build Coastguard Worker const DiceAndroidConfigValues* config_values, size_t buffer_size,
36*60b67249SAndroid Build Coastguard Worker uint8_t* buffer, size_t* actual_size) {
37*60b67249SAndroid Build Coastguard Worker static const int64_t kComponentNameLabel = -70002;
38*60b67249SAndroid Build Coastguard Worker static const int64_t kComponentVersionLabel = -70003;
39*60b67249SAndroid Build Coastguard Worker static const int64_t kResettableLabel = -70004;
40*60b67249SAndroid Build Coastguard Worker static const int64_t kSecurityVersionLabel = -70005;
41*60b67249SAndroid Build Coastguard Worker static const int64_t kRkpVmMarkerLabel = -70006;
42*60b67249SAndroid Build Coastguard Worker
43*60b67249SAndroid Build Coastguard Worker // AndroidConfigDescriptor = {
44*60b67249SAndroid Build Coastguard Worker // ? -70002 : tstr, ; Component name
45*60b67249SAndroid Build Coastguard Worker // ? -70003 : int, ; Component version
46*60b67249SAndroid Build Coastguard Worker // ? -70004 : null, ; Resettable
47*60b67249SAndroid Build Coastguard Worker // }
48*60b67249SAndroid Build Coastguard Worker struct CborOut out;
49*60b67249SAndroid Build Coastguard Worker CborOutInit(buffer, buffer_size, &out);
50*60b67249SAndroid Build Coastguard Worker CborWriteMap(PopulationCount(config_values->configs), &out);
51*60b67249SAndroid Build Coastguard Worker if (config_values->configs & DICE_ANDROID_CONFIG_COMPONENT_NAME &&
52*60b67249SAndroid Build Coastguard Worker config_values->component_name) {
53*60b67249SAndroid Build Coastguard Worker CborWriteInt(kComponentNameLabel, &out);
54*60b67249SAndroid Build Coastguard Worker CborWriteTstr(config_values->component_name, &out);
55*60b67249SAndroid Build Coastguard Worker }
56*60b67249SAndroid Build Coastguard Worker if (config_values->configs & DICE_ANDROID_CONFIG_COMPONENT_VERSION) {
57*60b67249SAndroid Build Coastguard Worker CborWriteInt(kComponentVersionLabel, &out);
58*60b67249SAndroid Build Coastguard Worker CborWriteUint(config_values->component_version, &out);
59*60b67249SAndroid Build Coastguard Worker }
60*60b67249SAndroid Build Coastguard Worker if (config_values->configs & DICE_ANDROID_CONFIG_RESETTABLE) {
61*60b67249SAndroid Build Coastguard Worker CborWriteInt(kResettableLabel, &out);
62*60b67249SAndroid Build Coastguard Worker CborWriteNull(&out);
63*60b67249SAndroid Build Coastguard Worker }
64*60b67249SAndroid Build Coastguard Worker if (config_values->configs & DICE_ANDROID_CONFIG_SECURITY_VERSION) {
65*60b67249SAndroid Build Coastguard Worker CborWriteInt(kSecurityVersionLabel, &out);
66*60b67249SAndroid Build Coastguard Worker CborWriteUint(config_values->security_version, &out);
67*60b67249SAndroid Build Coastguard Worker }
68*60b67249SAndroid Build Coastguard Worker if (config_values->configs & DICE_ANDROID_CONFIG_RKP_VM_MARKER) {
69*60b67249SAndroid Build Coastguard Worker CborWriteInt(kRkpVmMarkerLabel, &out);
70*60b67249SAndroid Build Coastguard Worker CborWriteNull(&out);
71*60b67249SAndroid Build Coastguard Worker }
72*60b67249SAndroid Build Coastguard Worker *actual_size = CborOutSize(&out);
73*60b67249SAndroid Build Coastguard Worker if (CborOutOverflowed(&out)) {
74*60b67249SAndroid Build Coastguard Worker return kDiceResultBufferTooSmall;
75*60b67249SAndroid Build Coastguard Worker }
76*60b67249SAndroid Build Coastguard Worker return kDiceResultOk;
77*60b67249SAndroid Build Coastguard Worker }
78*60b67249SAndroid Build Coastguard Worker
DiceAndroidMainFlow(void * context,const uint8_t current_cdi_attest[DICE_CDI_SIZE],const uint8_t current_cdi_seal[DICE_CDI_SIZE],const uint8_t * chain,size_t chain_size,const DiceInputValues * input_values,size_t buffer_size,uint8_t * buffer,size_t * actual_size,uint8_t next_cdi_attest[DICE_CDI_SIZE],uint8_t next_cdi_seal[DICE_CDI_SIZE])79*60b67249SAndroid Build Coastguard Worker DiceResult DiceAndroidMainFlow(void* context,
80*60b67249SAndroid Build Coastguard Worker const uint8_t current_cdi_attest[DICE_CDI_SIZE],
81*60b67249SAndroid Build Coastguard Worker const uint8_t current_cdi_seal[DICE_CDI_SIZE],
82*60b67249SAndroid Build Coastguard Worker const uint8_t* chain, size_t chain_size,
83*60b67249SAndroid Build Coastguard Worker const DiceInputValues* input_values,
84*60b67249SAndroid Build Coastguard Worker size_t buffer_size, uint8_t* buffer,
85*60b67249SAndroid Build Coastguard Worker size_t* actual_size,
86*60b67249SAndroid Build Coastguard Worker uint8_t next_cdi_attest[DICE_CDI_SIZE],
87*60b67249SAndroid Build Coastguard Worker uint8_t next_cdi_seal[DICE_CDI_SIZE]) {
88*60b67249SAndroid Build Coastguard Worker DiceResult result;
89*60b67249SAndroid Build Coastguard Worker enum CborReadResult res;
90*60b67249SAndroid Build Coastguard Worker struct CborIn in;
91*60b67249SAndroid Build Coastguard Worker size_t chain_item_count;
92*60b67249SAndroid Build Coastguard Worker
93*60b67249SAndroid Build Coastguard Worker // The Android DICE chain has a more detailed internal structure, but those
94*60b67249SAndroid Build Coastguard Worker // details aren't relevant to the work of this function.
95*60b67249SAndroid Build Coastguard Worker //
96*60b67249SAndroid Build Coastguard Worker // DiceCertChain = [
97*60b67249SAndroid Build Coastguard Worker // COSE_Key, ; Root public key
98*60b67249SAndroid Build Coastguard Worker // + COSE_Sign1, ; DICE chain entries
99*60b67249SAndroid Build Coastguard Worker // ]
100*60b67249SAndroid Build Coastguard Worker CborInInit(chain, chain_size, &in);
101*60b67249SAndroid Build Coastguard Worker res = CborReadArray(&in, &chain_item_count);
102*60b67249SAndroid Build Coastguard Worker if (res != CBOR_READ_RESULT_OK) {
103*60b67249SAndroid Build Coastguard Worker return kDiceResultInvalidInput;
104*60b67249SAndroid Build Coastguard Worker }
105*60b67249SAndroid Build Coastguard Worker
106*60b67249SAndroid Build Coastguard Worker if (chain_item_count < 2 || chain_item_count == SIZE_MAX) {
107*60b67249SAndroid Build Coastguard Worker // There should at least be the public key and one entry.
108*60b67249SAndroid Build Coastguard Worker return kDiceResultInvalidInput;
109*60b67249SAndroid Build Coastguard Worker }
110*60b67249SAndroid Build Coastguard Worker
111*60b67249SAndroid Build Coastguard Worker // Measure the existing chain entries.
112*60b67249SAndroid Build Coastguard Worker size_t chain_items_offset = CborInOffset(&in);
113*60b67249SAndroid Build Coastguard Worker for (size_t chain_pos = 0; chain_pos < chain_item_count; ++chain_pos) {
114*60b67249SAndroid Build Coastguard Worker res = CborReadSkip(&in);
115*60b67249SAndroid Build Coastguard Worker if (res != CBOR_READ_RESULT_OK) {
116*60b67249SAndroid Build Coastguard Worker return kDiceResultInvalidInput;
117*60b67249SAndroid Build Coastguard Worker }
118*60b67249SAndroid Build Coastguard Worker }
119*60b67249SAndroid Build Coastguard Worker size_t chain_items_size = CborInOffset(&in) - chain_items_offset;
120*60b67249SAndroid Build Coastguard Worker
121*60b67249SAndroid Build Coastguard Worker // Copy to the new buffer, with space in the chain for one more entry.
122*60b67249SAndroid Build Coastguard Worker struct CborOut out;
123*60b67249SAndroid Build Coastguard Worker CborOutInit(buffer, buffer_size, &out);
124*60b67249SAndroid Build Coastguard Worker CborWriteArray(chain_item_count + 1, &out);
125*60b67249SAndroid Build Coastguard Worker size_t new_chain_prefix_size = CborOutSize(&out);
126*60b67249SAndroid Build Coastguard Worker if (CborOutOverflowed(&out) ||
127*60b67249SAndroid Build Coastguard Worker chain_items_size > buffer_size - new_chain_prefix_size) {
128*60b67249SAndroid Build Coastguard Worker // Continue with an empty buffer to measure the required size.
129*60b67249SAndroid Build Coastguard Worker buffer_size = 0;
130*60b67249SAndroid Build Coastguard Worker } else {
131*60b67249SAndroid Build Coastguard Worker memcpy(buffer + new_chain_prefix_size, chain + chain_items_offset,
132*60b67249SAndroid Build Coastguard Worker chain_items_size);
133*60b67249SAndroid Build Coastguard Worker buffer += new_chain_prefix_size + chain_items_size;
134*60b67249SAndroid Build Coastguard Worker buffer_size -= new_chain_prefix_size + chain_items_size;
135*60b67249SAndroid Build Coastguard Worker }
136*60b67249SAndroid Build Coastguard Worker
137*60b67249SAndroid Build Coastguard Worker size_t certificate_size;
138*60b67249SAndroid Build Coastguard Worker result = DiceMainFlow(context, current_cdi_attest, current_cdi_seal,
139*60b67249SAndroid Build Coastguard Worker input_values, buffer_size, buffer, &certificate_size,
140*60b67249SAndroid Build Coastguard Worker next_cdi_attest, next_cdi_seal);
141*60b67249SAndroid Build Coastguard Worker *actual_size = new_chain_prefix_size + chain_items_size + certificate_size;
142*60b67249SAndroid Build Coastguard Worker return result;
143*60b67249SAndroid Build Coastguard Worker }
144*60b67249SAndroid Build Coastguard Worker
DiceAndroidMainFlowWithNewDiceChain(void * context,const uint8_t current_cdi_attest[DICE_CDI_SIZE],const uint8_t current_cdi_seal[DICE_CDI_SIZE],const DiceInputValues * input_values,size_t buffer_size,uint8_t * buffer,size_t * chain_size,uint8_t next_cdi_attest[DICE_CDI_SIZE],uint8_t next_cdi_seal[DICE_CDI_SIZE])145*60b67249SAndroid Build Coastguard Worker static DiceResult DiceAndroidMainFlowWithNewDiceChain(
146*60b67249SAndroid Build Coastguard Worker void* context, const uint8_t current_cdi_attest[DICE_CDI_SIZE],
147*60b67249SAndroid Build Coastguard Worker const uint8_t current_cdi_seal[DICE_CDI_SIZE],
148*60b67249SAndroid Build Coastguard Worker const DiceInputValues* input_values, size_t buffer_size, uint8_t* buffer,
149*60b67249SAndroid Build Coastguard Worker size_t* chain_size, uint8_t next_cdi_attest[DICE_CDI_SIZE],
150*60b67249SAndroid Build Coastguard Worker uint8_t next_cdi_seal[DICE_CDI_SIZE]) {
151*60b67249SAndroid Build Coastguard Worker uint8_t current_cdi_private_key_seed[DICE_PRIVATE_KEY_SEED_SIZE];
152*60b67249SAndroid Build Coastguard Worker uint8_t attestation_public_key[DICE_PUBLIC_KEY_BUFFER_SIZE];
153*60b67249SAndroid Build Coastguard Worker uint8_t attestation_private_key[DICE_PRIVATE_KEY_BUFFER_SIZE];
154*60b67249SAndroid Build Coastguard Worker // Derive an asymmetric private key seed from the current attestation CDI
155*60b67249SAndroid Build Coastguard Worker // value.
156*60b67249SAndroid Build Coastguard Worker DiceResult result = DiceDeriveCdiPrivateKeySeed(context, current_cdi_attest,
157*60b67249SAndroid Build Coastguard Worker current_cdi_private_key_seed);
158*60b67249SAndroid Build Coastguard Worker if (result != kDiceResultOk) {
159*60b67249SAndroid Build Coastguard Worker goto out;
160*60b67249SAndroid Build Coastguard Worker }
161*60b67249SAndroid Build Coastguard Worker // Derive attestation key pair.
162*60b67249SAndroid Build Coastguard Worker result = DiceKeypairFromSeed(context, kDicePrincipalAuthority,
163*60b67249SAndroid Build Coastguard Worker current_cdi_private_key_seed,
164*60b67249SAndroid Build Coastguard Worker attestation_public_key, attestation_private_key);
165*60b67249SAndroid Build Coastguard Worker if (result != kDiceResultOk) {
166*60b67249SAndroid Build Coastguard Worker goto out;
167*60b67249SAndroid Build Coastguard Worker }
168*60b67249SAndroid Build Coastguard Worker
169*60b67249SAndroid Build Coastguard Worker // Consruct the DICE chain from the attestation public key and the next CDI
170*60b67249SAndroid Build Coastguard Worker // certificate.
171*60b67249SAndroid Build Coastguard Worker struct CborOut out;
172*60b67249SAndroid Build Coastguard Worker CborOutInit(buffer, buffer_size, &out);
173*60b67249SAndroid Build Coastguard Worker CborWriteArray(2, &out);
174*60b67249SAndroid Build Coastguard Worker size_t encoded_size_used = CborOutSize(&out);
175*60b67249SAndroid Build Coastguard Worker if (CborOutOverflowed(&out)) {
176*60b67249SAndroid Build Coastguard Worker // Continue with an empty buffer to measure the required size.
177*60b67249SAndroid Build Coastguard Worker buffer_size = 0;
178*60b67249SAndroid Build Coastguard Worker } else {
179*60b67249SAndroid Build Coastguard Worker buffer += encoded_size_used;
180*60b67249SAndroid Build Coastguard Worker buffer_size -= encoded_size_used;
181*60b67249SAndroid Build Coastguard Worker }
182*60b67249SAndroid Build Coastguard Worker
183*60b67249SAndroid Build Coastguard Worker size_t encoded_pub_key_size = 0;
184*60b67249SAndroid Build Coastguard Worker result = DiceCoseEncodePublicKey(context, kDicePrincipalAuthority,
185*60b67249SAndroid Build Coastguard Worker attestation_public_key, buffer_size, buffer,
186*60b67249SAndroid Build Coastguard Worker &encoded_pub_key_size);
187*60b67249SAndroid Build Coastguard Worker if (result == kDiceResultOk) {
188*60b67249SAndroid Build Coastguard Worker buffer += encoded_pub_key_size;
189*60b67249SAndroid Build Coastguard Worker buffer_size -= encoded_pub_key_size;
190*60b67249SAndroid Build Coastguard Worker } else if (result == kDiceResultBufferTooSmall) {
191*60b67249SAndroid Build Coastguard Worker // Continue with an empty buffer to measure the required size.
192*60b67249SAndroid Build Coastguard Worker buffer_size = 0;
193*60b67249SAndroid Build Coastguard Worker } else {
194*60b67249SAndroid Build Coastguard Worker goto out;
195*60b67249SAndroid Build Coastguard Worker }
196*60b67249SAndroid Build Coastguard Worker
197*60b67249SAndroid Build Coastguard Worker result = DiceMainFlow(context, current_cdi_attest, current_cdi_seal,
198*60b67249SAndroid Build Coastguard Worker input_values, buffer_size, buffer, chain_size,
199*60b67249SAndroid Build Coastguard Worker next_cdi_attest, next_cdi_seal);
200*60b67249SAndroid Build Coastguard Worker *chain_size += encoded_size_used + encoded_pub_key_size;
201*60b67249SAndroid Build Coastguard Worker if (result != kDiceResultOk) {
202*60b67249SAndroid Build Coastguard Worker return result;
203*60b67249SAndroid Build Coastguard Worker }
204*60b67249SAndroid Build Coastguard Worker
205*60b67249SAndroid Build Coastguard Worker out:
206*60b67249SAndroid Build Coastguard Worker DiceClearMemory(context, sizeof(current_cdi_private_key_seed),
207*60b67249SAndroid Build Coastguard Worker current_cdi_private_key_seed);
208*60b67249SAndroid Build Coastguard Worker DiceClearMemory(context, sizeof(attestation_private_key),
209*60b67249SAndroid Build Coastguard Worker attestation_private_key);
210*60b67249SAndroid Build Coastguard Worker
211*60b67249SAndroid Build Coastguard Worker return result;
212*60b67249SAndroid Build Coastguard Worker }
213*60b67249SAndroid Build Coastguard Worker
214*60b67249SAndroid Build Coastguard Worker // AndroidDiceHandover = {
215*60b67249SAndroid Build Coastguard Worker // 1 : bstr .size 32, ; CDI_Attest
216*60b67249SAndroid Build Coastguard Worker // 2 : bstr .size 32, ; CDI_Seal
217*60b67249SAndroid Build Coastguard Worker // ? 3 : DiceCertChain, ; Android DICE chain
218*60b67249SAndroid Build Coastguard Worker // }
219*60b67249SAndroid Build Coastguard Worker static const int64_t kCdiAttestLabel = 1;
220*60b67249SAndroid Build Coastguard Worker static const int64_t kCdiSealLabel = 2;
221*60b67249SAndroid Build Coastguard Worker static const int64_t kDiceChainLabel = 3;
222*60b67249SAndroid Build Coastguard Worker
DiceAndroidHandoverMainFlow(void * context,const uint8_t * handover,size_t handover_size,const DiceInputValues * input_values,size_t buffer_size,uint8_t * buffer,size_t * actual_size)223*60b67249SAndroid Build Coastguard Worker DiceResult DiceAndroidHandoverMainFlow(void* context, const uint8_t* handover,
224*60b67249SAndroid Build Coastguard Worker size_t handover_size,
225*60b67249SAndroid Build Coastguard Worker const DiceInputValues* input_values,
226*60b67249SAndroid Build Coastguard Worker size_t buffer_size, uint8_t* buffer,
227*60b67249SAndroid Build Coastguard Worker size_t* actual_size) {
228*60b67249SAndroid Build Coastguard Worker DiceResult result;
229*60b67249SAndroid Build Coastguard Worker const uint8_t* current_cdi_attest;
230*60b67249SAndroid Build Coastguard Worker const uint8_t* current_cdi_seal;
231*60b67249SAndroid Build Coastguard Worker const uint8_t* chain;
232*60b67249SAndroid Build Coastguard Worker size_t chain_size;
233*60b67249SAndroid Build Coastguard Worker
234*60b67249SAndroid Build Coastguard Worker result =
235*60b67249SAndroid Build Coastguard Worker DiceAndroidHandoverParse(handover, handover_size, ¤t_cdi_attest,
236*60b67249SAndroid Build Coastguard Worker ¤t_cdi_seal, &chain, &chain_size);
237*60b67249SAndroid Build Coastguard Worker if (result != kDiceResultOk) {
238*60b67249SAndroid Build Coastguard Worker return kDiceResultInvalidInput;
239*60b67249SAndroid Build Coastguard Worker }
240*60b67249SAndroid Build Coastguard Worker
241*60b67249SAndroid Build Coastguard Worker // Write the new handover data.
242*60b67249SAndroid Build Coastguard Worker struct CborOut out;
243*60b67249SAndroid Build Coastguard Worker CborOutInit(buffer, buffer_size, &out);
244*60b67249SAndroid Build Coastguard Worker CborWriteMap(/*num_pairs=*/3, &out);
245*60b67249SAndroid Build Coastguard Worker CborWriteInt(kCdiAttestLabel, &out);
246*60b67249SAndroid Build Coastguard Worker uint8_t* next_cdi_attest = CborAllocBstr(DICE_CDI_SIZE, &out);
247*60b67249SAndroid Build Coastguard Worker CborWriteInt(kCdiSealLabel, &out);
248*60b67249SAndroid Build Coastguard Worker uint8_t* next_cdi_seal = CborAllocBstr(DICE_CDI_SIZE, &out);
249*60b67249SAndroid Build Coastguard Worker CborWriteInt(kDiceChainLabel, &out);
250*60b67249SAndroid Build Coastguard Worker
251*60b67249SAndroid Build Coastguard Worker uint8_t ignored_cdi_attest[DICE_CDI_SIZE];
252*60b67249SAndroid Build Coastguard Worker uint8_t ignored_cdi_seal[DICE_CDI_SIZE];
253*60b67249SAndroid Build Coastguard Worker if (CborOutOverflowed(&out)) {
254*60b67249SAndroid Build Coastguard Worker // Continue with an empty buffer and placeholders for the output CDIs to
255*60b67249SAndroid Build Coastguard Worker // measure the required size.
256*60b67249SAndroid Build Coastguard Worker buffer_size = 0;
257*60b67249SAndroid Build Coastguard Worker next_cdi_attest = ignored_cdi_attest;
258*60b67249SAndroid Build Coastguard Worker next_cdi_seal = ignored_cdi_seal;
259*60b67249SAndroid Build Coastguard Worker } else {
260*60b67249SAndroid Build Coastguard Worker buffer += CborOutSize(&out);
261*60b67249SAndroid Build Coastguard Worker buffer_size -= CborOutSize(&out);
262*60b67249SAndroid Build Coastguard Worker }
263*60b67249SAndroid Build Coastguard Worker
264*60b67249SAndroid Build Coastguard Worker if (chain_size != 0) {
265*60b67249SAndroid Build Coastguard Worker // If the DICE chain is present in the handover, append the next certificate
266*60b67249SAndroid Build Coastguard Worker // to the existing DICE chain.
267*60b67249SAndroid Build Coastguard Worker result = DiceAndroidMainFlow(context, current_cdi_attest, current_cdi_seal,
268*60b67249SAndroid Build Coastguard Worker chain, chain_size, input_values, buffer_size,
269*60b67249SAndroid Build Coastguard Worker buffer, &chain_size, next_cdi_attest,
270*60b67249SAndroid Build Coastguard Worker next_cdi_seal);
271*60b67249SAndroid Build Coastguard Worker } else {
272*60b67249SAndroid Build Coastguard Worker // If DICE chain is not present in the handover, construct the DICE chain
273*60b67249SAndroid Build Coastguard Worker // from the public key derived from the current CDI attest and the next CDI
274*60b67249SAndroid Build Coastguard Worker // certificate.
275*60b67249SAndroid Build Coastguard Worker result = DiceAndroidMainFlowWithNewDiceChain(
276*60b67249SAndroid Build Coastguard Worker context, current_cdi_attest, current_cdi_seal, input_values,
277*60b67249SAndroid Build Coastguard Worker buffer_size, buffer, &chain_size, next_cdi_attest, next_cdi_seal);
278*60b67249SAndroid Build Coastguard Worker }
279*60b67249SAndroid Build Coastguard Worker *actual_size = CborOutSize(&out) + chain_size;
280*60b67249SAndroid Build Coastguard Worker return result;
281*60b67249SAndroid Build Coastguard Worker }
282*60b67249SAndroid Build Coastguard Worker
DiceAndroidHandoverParse(const uint8_t * handover,size_t handover_size,const uint8_t ** cdi_attest,const uint8_t ** cdi_seal,const uint8_t ** chain,size_t * chain_size)283*60b67249SAndroid Build Coastguard Worker DiceResult DiceAndroidHandoverParse(const uint8_t* handover,
284*60b67249SAndroid Build Coastguard Worker size_t handover_size,
285*60b67249SAndroid Build Coastguard Worker const uint8_t** cdi_attest,
286*60b67249SAndroid Build Coastguard Worker const uint8_t** cdi_seal,
287*60b67249SAndroid Build Coastguard Worker const uint8_t** chain, size_t* chain_size) {
288*60b67249SAndroid Build Coastguard Worker // Extract details from the handover data.
289*60b67249SAndroid Build Coastguard Worker struct CborIn in;
290*60b67249SAndroid Build Coastguard Worker int64_t label;
291*60b67249SAndroid Build Coastguard Worker size_t num_pairs;
292*60b67249SAndroid Build Coastguard Worker size_t item_size;
293*60b67249SAndroid Build Coastguard Worker CborInInit(handover, handover_size, &in);
294*60b67249SAndroid Build Coastguard Worker if (CborReadMap(&in, &num_pairs) != CBOR_READ_RESULT_OK || num_pairs < 2 ||
295*60b67249SAndroid Build Coastguard Worker // Read the attestation CDI.
296*60b67249SAndroid Build Coastguard Worker CborReadInt(&in, &label) != CBOR_READ_RESULT_OK ||
297*60b67249SAndroid Build Coastguard Worker label != kCdiAttestLabel ||
298*60b67249SAndroid Build Coastguard Worker CborReadBstr(&in, &item_size, cdi_attest) != CBOR_READ_RESULT_OK ||
299*60b67249SAndroid Build Coastguard Worker item_size != DICE_CDI_SIZE ||
300*60b67249SAndroid Build Coastguard Worker // Read the sealing CDI.
301*60b67249SAndroid Build Coastguard Worker CborReadInt(&in, &label) != CBOR_READ_RESULT_OK ||
302*60b67249SAndroid Build Coastguard Worker label != kCdiSealLabel ||
303*60b67249SAndroid Build Coastguard Worker CborReadBstr(&in, &item_size, cdi_seal) != CBOR_READ_RESULT_OK ||
304*60b67249SAndroid Build Coastguard Worker item_size != DICE_CDI_SIZE) {
305*60b67249SAndroid Build Coastguard Worker return kDiceResultInvalidInput;
306*60b67249SAndroid Build Coastguard Worker }
307*60b67249SAndroid Build Coastguard Worker
308*60b67249SAndroid Build Coastguard Worker *chain = NULL;
309*60b67249SAndroid Build Coastguard Worker *chain_size = 0;
310*60b67249SAndroid Build Coastguard Worker if (num_pairs >= 3 && CborReadInt(&in, &label) == CBOR_READ_RESULT_OK) {
311*60b67249SAndroid Build Coastguard Worker if (label == kDiceChainLabel) {
312*60b67249SAndroid Build Coastguard Worker // Calculate the DICE chain size, if it is present in the handover object.
313*60b67249SAndroid Build Coastguard Worker size_t chain_start = CborInOffset(&in);
314*60b67249SAndroid Build Coastguard Worker if (CborReadSkip(&in) != CBOR_READ_RESULT_OK) {
315*60b67249SAndroid Build Coastguard Worker return kDiceResultInvalidInput;
316*60b67249SAndroid Build Coastguard Worker }
317*60b67249SAndroid Build Coastguard Worker *chain = handover + chain_start;
318*60b67249SAndroid Build Coastguard Worker *chain_size = CborInOffset(&in) - chain_start;
319*60b67249SAndroid Build Coastguard Worker }
320*60b67249SAndroid Build Coastguard Worker }
321*60b67249SAndroid Build Coastguard Worker
322*60b67249SAndroid Build Coastguard Worker return kDiceResultOk;
323*60b67249SAndroid Build Coastguard Worker }
324