Loading core/java/android/content/Context.java +10 −0 Original line number Diff line number Diff line Loading @@ -3842,6 +3842,7 @@ public abstract class Context { UWB_SERVICE, MEDIA_METRICS_SERVICE, SUPPLEMENTAL_PROCESS_SERVICE, //@hide: ATTESTATION_VERIFICATION_SERVICE, //@hide: SAFETY_CENTER_SERVICE, }) @Retention(RetentionPolicy.SOURCE) Loading Loading @@ -5738,6 +5739,15 @@ public abstract class Context { */ public static final String INCREMENTAL_SERVICE = "incremental"; /** * Use with {@link #getSystemService(String)} to retrieve an * {@link android.security.attestationverification.AttestationVerificationManager}. * @see #getSystemService(String) * @see android.security.attestationverification.AttestationVerificationManager * @hide */ public static final String ATTESTATION_VERIFICATION_SERVICE = "attestation_verification"; /** * Use with {@link #getSystemService(String)} to retrieve an * {@link android.security.FileIntegrityManager}. Loading core/java/android/security/attestationverification/AttestationProfile.aidl 0 → 100644 +22 −0 Original line number Diff line number Diff line /* * Copyright (C) 2021 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.security.attestationverification; /** * {@hide} */ parcelable AttestationProfile; core/java/android/security/attestationverification/AttestationProfile.java 0 → 100644 +296 −0 Original line number Diff line number Diff line /* * Copyright (C) 2021 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.security.attestationverification; import static android.security.attestationverification.AttestationVerificationManager.PROFILE_APP_DEFINED; import static android.security.attestationverification.AttestationVerificationManager.PROFILE_UNKNOWN; import android.annotation.NonNull; import android.annotation.Nullable; import android.os.Parcelable; import android.security.attestationverification.AttestationVerificationManager.AttestationProfileId; import android.util.Log; import com.android.internal.util.DataClass; /** * An attestation profile defining the security requirements for verifying the attestation of a * remote compute environment. * * <p>This class is immutable and thread-safe. When checking this profile against an expected * profile, it is recommended to construct the expected profile and compare them with {@code * equals()}. * * @hide * @see AttestationVerificationManager */ @DataClass( genConstructor = false, genEqualsHashCode = true ) public final class AttestationProfile implements Parcelable { private static final String TAG = "AVF"; /** * The ID of a system-defined attestation profile. * * See constants in {@link AttestationVerificationManager} prefixed with {@code PROFILE_}. If * this has the value of {@link AttestationVerificationManager#PROFILE_APP_DEFINED}, then the * packageName and profileName are non-null. */ @AttestationProfileId private final int mAttestationProfileId; /** * The package name of a app-defined attestation profile. * * This value will be null unless the value of attestationProfileId is {@link * AttestationVerificationManager#PROFILE_APP_DEFINED}. */ @Nullable private final String mPackageName; /** * The name of an app-defined attestation profile. * * This value will be null unless the value of attestationProfileId is {@link * AttestationVerificationManager#PROFILE_APP_DEFINED}. */ @Nullable private final String mProfileName; private AttestationProfile( @AttestationProfileId int attestationProfileId, @Nullable String packageName, @Nullable String profileName) { mAttestationProfileId = attestationProfileId; mPackageName = packageName; mProfileName = profileName; } /** * Create a profile with the given id. * * <p>This constructor is for specifying a profile which is defined by the system. These are * available as constants in the {@link AttestationVerificationManager} class prefixed with * {@code PROFILE_}. * * @param attestationProfileId the ID of the system-defined profile * @throws IllegalArgumentException when called with * {@link AttestationVerificationManager#PROFILE_APP_DEFINED} * (use {@link #AttestationProfile(String, String)}) */ public AttestationProfile(@AttestationProfileId int attestationProfileId) { this(attestationProfileId, null, null); if (attestationProfileId == PROFILE_APP_DEFINED) { throw new IllegalArgumentException("App-defined profiles must be specified with the " + "constructor AttestationProfile#constructor(String, String)"); } } /** * Create a profile with the given package name and profile name. * * <p>This constructor is for specifying a profile defined by an app. The packageName must * match the package name of the app that defines the profile (as specified in the {@code * package} attribute of the {@code * <manifest>} tag in the app's manifest. The profile name matches the {@code name} attribute * of the {@code <attestation-profile>} tag. * * <p>Apps must declare profiles in their manifest as an {@code <attestation-profile>} element. * However, this constructor does not verify that such a profile exists. If the profile does not * exist, verifications will fail. * * @param packageName the package name of the app defining the profile * @param profileName the name of the profile */ public AttestationProfile(@NonNull String packageName, @NonNull String profileName) { this(PROFILE_APP_DEFINED, packageName, profileName); if (packageName == null || profileName == null) { throw new IllegalArgumentException("Both packageName and profileName must be non-null"); } } @Override public String toString() { if (mAttestationProfileId == PROFILE_APP_DEFINED) { return "AttestationProfile(package=" + mPackageName + ", name=" + mProfileName + ")"; } else { String humanReadableProfileId; switch (mAttestationProfileId) { case PROFILE_UNKNOWN: humanReadableProfileId = "PROFILE_UNKNOWN"; break; default: Log.e(TAG, "ERROR: Missing case in AttestationProfile#toString"); humanReadableProfileId = "ERROR"; } return "AttestationProfile(" + humanReadableProfileId + "/" + mAttestationProfileId + ")"; } } // Code below generated by codegen v1.0.23. // // DO NOT MODIFY! // CHECKSTYLE:OFF Generated code // // To regenerate run: // $ codegen $ANDROID_BUILD_TOP/frameworks/base/core/java/android/security // /attestationverification/AttestationProfile.java // // To exclude the generated code from IntelliJ auto-formatting enable (one-time): // Settings > Editor > Code Style > Formatter Control //@formatter:off /** * The ID of a system-defined attestation profile. * * See constants in {@link AttestationVerificationManager} prefixed with {@code PROFILE_}. If * this has the value of {@link AttestationVerificationManager#PROFILE_APP_DEFINED}, then the * packageName and profileName are non-null. */ @DataClass.Generated.Member public @AttestationProfileId int getAttestationProfileId() { return mAttestationProfileId; } /** * The package name of a app-defined attestation profile. * * This value will be null unless the value of attestationProfileId is {@link * AttestationVerificationManager#PROFILE_APP_DEFINED}. */ @DataClass.Generated.Member public @Nullable String getPackageName() { return mPackageName; } /** * The name of an app-defined attestation profile. * * This value will be null unless the value of attestationProfileId is {@link * AttestationVerificationManager#PROFILE_APP_DEFINED}. */ @DataClass.Generated.Member public @Nullable String getProfileName() { return mProfileName; } @Override @DataClass.Generated.Member public boolean equals(@Nullable Object o) { // You can override field equality logic by defining either of the methods like: // boolean fieldNameEquals(AttestationProfile other) { ... } // boolean fieldNameEquals(FieldType otherValue) { ... } if (this == o) return true; if (o == null || getClass() != o.getClass()) return false; @SuppressWarnings("unchecked") AttestationProfile that = (AttestationProfile) o; //noinspection PointlessBooleanExpression return true && mAttestationProfileId == that.mAttestationProfileId && java.util.Objects.equals(mPackageName, that.mPackageName) && java.util.Objects.equals(mProfileName, that.mProfileName); } @Override @DataClass.Generated.Member public int hashCode() { // You can override field hashCode logic by defining methods like: // int fieldNameHashCode() { ... } int _hash = 1; _hash = 31 * _hash + mAttestationProfileId; _hash = 31 * _hash + java.util.Objects.hashCode(mPackageName); _hash = 31 * _hash + java.util.Objects.hashCode(mProfileName); return _hash; } @Override @DataClass.Generated.Member public void writeToParcel(@NonNull android.os.Parcel dest, int flags) { // You can override field parcelling by defining methods like: // void parcelFieldName(Parcel dest, int flags) { ... } byte flg = 0; if (mPackageName != null) flg |= 0x2; if (mProfileName != null) flg |= 0x4; dest.writeByte(flg); dest.writeInt(mAttestationProfileId); if (mPackageName != null) dest.writeString(mPackageName); if (mProfileName != null) dest.writeString(mProfileName); } @Override @DataClass.Generated.Member public int describeContents() { return 0; } /** @hide */ @SuppressWarnings({"unchecked", "RedundantCast"}) @DataClass.Generated.Member /* package-private */ AttestationProfile(@NonNull android.os.Parcel in) { // You can override field unparcelling by defining methods like: // static FieldType unparcelFieldName(Parcel in) { ... } byte flg = in.readByte(); int attestationProfileId = in.readInt(); String packageName = (flg & 0x2) == 0 ? null : in.readString(); String profileName = (flg & 0x4) == 0 ? null : in.readString(); this.mAttestationProfileId = attestationProfileId; com.android.internal.util.AnnotationValidations.validate( AttestationProfileId.class, null, mAttestationProfileId); this.mPackageName = packageName; this.mProfileName = profileName; // onConstructed(); // You can define this method to get a callback } @DataClass.Generated.Member public static final @NonNull Parcelable.Creator<AttestationProfile> CREATOR = new Parcelable.Creator<AttestationProfile>() { @Override public AttestationProfile[] newArray(int size) { return new AttestationProfile[size]; } @Override public AttestationProfile createFromParcel(@NonNull android.os.Parcel in) { return new AttestationProfile(in); } }; @DataClass.Generated( time = 1633629498403L, codegenVersion = "1.0.23", sourceFile = "frameworks/base/core/java/android/security/attestationverification/AttestationProfile.java", inputSignatures = "private static final java.lang.String TAG\nprivate final @android.security.attestationverification.AttestationVerificationManager.AttestationProfileId int mAttestationProfileId\nprivate final @android.annotation.Nullable java.lang.String mPackageName\nprivate final @android.annotation.Nullable java.lang.String mProfileName\npublic @java.lang.Override java.lang.String toString()\nclass AttestationProfile extends java.lang.Object implements [android.os.Parcelable]\n@com.android.internal.util.DataClass(genConstructor=false, genEqualsHashCode=true)") @Deprecated private void __metadata() {} //@formatter:on // End of generated code } core/java/android/security/attestationverification/AttestationVerificationManager.java 0 → 100644 +271 −0 File added.Preview size limit exceeded, changes collapsed. Show changes core/java/android/security/attestationverification/AttestationVerificationService.java 0 → 100644 +100 −0 Original line number Diff line number Diff line /* * Copyright (C) 2021 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.security.attestationverification; import android.annotation.CheckResult; import android.annotation.NonNull; import android.app.Service; import android.os.Bundle; import android.security.attestationverification.AttestationVerificationManager.VerificationResult; /** * A verifier which can be implemented by apps to verify an attestation (as described in {@link * AttestationVerificationManager}). * * In the manifest for this service, specify the profile and local binding type this verifier * supports. Create a new service for each combination of profile & local binding type that your app * supports. Each service must declare an {@code intent-filter} action of {@link #SERVICE_INTERFACE} * and permission of {@link android.Manifest.permission#BIND_ATTESTATION_VERIFICATION_SERVICE}. * * <p>Example: * {@code * <pre> * <service android:name=".MyAttestationVerificationService" * android:permission="android.permission.BIND_ATTESTATION_VERIFICATION_SERVICE" * android:exported="true"> * <intent-filter> * <action * android:name="android.security.attestationverification.AttestationVerificationService" /> * </intent-filter> * <meta-data android:name="android.security.attestationverification.PROFILE_ID" * android:value="PROFILE_PLACEHOLDER_0" /> * <meta-data android:name="android.security.attestationverification.LOCAL_BINDING_TYPE" * android:value="TYPE_PLACEHOLDER_0" /> * </service> * </pre> * } * * <p>For app-defined profiles, an example of the {@code <meta-data>}: * {@code * <pre> * <meta-data android:name="android.security.attestation.PROFILE_PACKAGE_NAME" * android:value="com.example" /> * <meta-data android:name="android.security.attestation.PROFILE_NAME" * android:value="com.example.profile.PROFILE_FOO" /> * </pre> * } * * @hide */ public abstract class AttestationVerificationService extends Service { /** * An intent action for a service to be bound and act as an attestation verifier. * * <p>The app will be kept alive for a short duration between verification calls after which * the system will unbind from this service making the app eligible for cleanup. * * <p>The service must also require permission * {@link android.Manifest.permission#BIND_ATTESTATION_VERIFICATION_SERVICE}. */ public static final String SERVICE_INTERFACE = "android.security.attestationverification.AttestationVerificationService"; /** * Verifies that {@code attestation} attests that the device identified by the local binding * data in {@code requirements} meets the minimum requirements of this verifier for this * verifier's profile. * * <p>Called by the system to verify an attestation. * * <p>The data passed into this method comes directly from apps and should be treated as * potentially dangerous user input. * * @param requirements a {@link Bundle} containing locally-known data which must match {@code * attestation} * @param attestation the attestation to verify * @return whether the verification passed * @see AttestationVerificationManager#verifyAttestation(AttestationProfile, int, Bundle, * byte[], java.util.concurrent.Executor, java.util.function.BiConsumer) */ @CheckResult @VerificationResult public abstract int onVerifyPeerDeviceAttestation( @NonNull Bundle requirements, @NonNull byte[] attestation); } Loading
core/java/android/content/Context.java +10 −0 Original line number Diff line number Diff line Loading @@ -3842,6 +3842,7 @@ public abstract class Context { UWB_SERVICE, MEDIA_METRICS_SERVICE, SUPPLEMENTAL_PROCESS_SERVICE, //@hide: ATTESTATION_VERIFICATION_SERVICE, //@hide: SAFETY_CENTER_SERVICE, }) @Retention(RetentionPolicy.SOURCE) Loading Loading @@ -5738,6 +5739,15 @@ public abstract class Context { */ public static final String INCREMENTAL_SERVICE = "incremental"; /** * Use with {@link #getSystemService(String)} to retrieve an * {@link android.security.attestationverification.AttestationVerificationManager}. * @see #getSystemService(String) * @see android.security.attestationverification.AttestationVerificationManager * @hide */ public static final String ATTESTATION_VERIFICATION_SERVICE = "attestation_verification"; /** * Use with {@link #getSystemService(String)} to retrieve an * {@link android.security.FileIntegrityManager}. Loading
core/java/android/security/attestationverification/AttestationProfile.aidl 0 → 100644 +22 −0 Original line number Diff line number Diff line /* * Copyright (C) 2021 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.security.attestationverification; /** * {@hide} */ parcelable AttestationProfile;
core/java/android/security/attestationverification/AttestationProfile.java 0 → 100644 +296 −0 Original line number Diff line number Diff line /* * Copyright (C) 2021 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.security.attestationverification; import static android.security.attestationverification.AttestationVerificationManager.PROFILE_APP_DEFINED; import static android.security.attestationverification.AttestationVerificationManager.PROFILE_UNKNOWN; import android.annotation.NonNull; import android.annotation.Nullable; import android.os.Parcelable; import android.security.attestationverification.AttestationVerificationManager.AttestationProfileId; import android.util.Log; import com.android.internal.util.DataClass; /** * An attestation profile defining the security requirements for verifying the attestation of a * remote compute environment. * * <p>This class is immutable and thread-safe. When checking this profile against an expected * profile, it is recommended to construct the expected profile and compare them with {@code * equals()}. * * @hide * @see AttestationVerificationManager */ @DataClass( genConstructor = false, genEqualsHashCode = true ) public final class AttestationProfile implements Parcelable { private static final String TAG = "AVF"; /** * The ID of a system-defined attestation profile. * * See constants in {@link AttestationVerificationManager} prefixed with {@code PROFILE_}. If * this has the value of {@link AttestationVerificationManager#PROFILE_APP_DEFINED}, then the * packageName and profileName are non-null. */ @AttestationProfileId private final int mAttestationProfileId; /** * The package name of a app-defined attestation profile. * * This value will be null unless the value of attestationProfileId is {@link * AttestationVerificationManager#PROFILE_APP_DEFINED}. */ @Nullable private final String mPackageName; /** * The name of an app-defined attestation profile. * * This value will be null unless the value of attestationProfileId is {@link * AttestationVerificationManager#PROFILE_APP_DEFINED}. */ @Nullable private final String mProfileName; private AttestationProfile( @AttestationProfileId int attestationProfileId, @Nullable String packageName, @Nullable String profileName) { mAttestationProfileId = attestationProfileId; mPackageName = packageName; mProfileName = profileName; } /** * Create a profile with the given id. * * <p>This constructor is for specifying a profile which is defined by the system. These are * available as constants in the {@link AttestationVerificationManager} class prefixed with * {@code PROFILE_}. * * @param attestationProfileId the ID of the system-defined profile * @throws IllegalArgumentException when called with * {@link AttestationVerificationManager#PROFILE_APP_DEFINED} * (use {@link #AttestationProfile(String, String)}) */ public AttestationProfile(@AttestationProfileId int attestationProfileId) { this(attestationProfileId, null, null); if (attestationProfileId == PROFILE_APP_DEFINED) { throw new IllegalArgumentException("App-defined profiles must be specified with the " + "constructor AttestationProfile#constructor(String, String)"); } } /** * Create a profile with the given package name and profile name. * * <p>This constructor is for specifying a profile defined by an app. The packageName must * match the package name of the app that defines the profile (as specified in the {@code * package} attribute of the {@code * <manifest>} tag in the app's manifest. The profile name matches the {@code name} attribute * of the {@code <attestation-profile>} tag. * * <p>Apps must declare profiles in their manifest as an {@code <attestation-profile>} element. * However, this constructor does not verify that such a profile exists. If the profile does not * exist, verifications will fail. * * @param packageName the package name of the app defining the profile * @param profileName the name of the profile */ public AttestationProfile(@NonNull String packageName, @NonNull String profileName) { this(PROFILE_APP_DEFINED, packageName, profileName); if (packageName == null || profileName == null) { throw new IllegalArgumentException("Both packageName and profileName must be non-null"); } } @Override public String toString() { if (mAttestationProfileId == PROFILE_APP_DEFINED) { return "AttestationProfile(package=" + mPackageName + ", name=" + mProfileName + ")"; } else { String humanReadableProfileId; switch (mAttestationProfileId) { case PROFILE_UNKNOWN: humanReadableProfileId = "PROFILE_UNKNOWN"; break; default: Log.e(TAG, "ERROR: Missing case in AttestationProfile#toString"); humanReadableProfileId = "ERROR"; } return "AttestationProfile(" + humanReadableProfileId + "/" + mAttestationProfileId + ")"; } } // Code below generated by codegen v1.0.23. // // DO NOT MODIFY! // CHECKSTYLE:OFF Generated code // // To regenerate run: // $ codegen $ANDROID_BUILD_TOP/frameworks/base/core/java/android/security // /attestationverification/AttestationProfile.java // // To exclude the generated code from IntelliJ auto-formatting enable (one-time): // Settings > Editor > Code Style > Formatter Control //@formatter:off /** * The ID of a system-defined attestation profile. * * See constants in {@link AttestationVerificationManager} prefixed with {@code PROFILE_}. If * this has the value of {@link AttestationVerificationManager#PROFILE_APP_DEFINED}, then the * packageName and profileName are non-null. */ @DataClass.Generated.Member public @AttestationProfileId int getAttestationProfileId() { return mAttestationProfileId; } /** * The package name of a app-defined attestation profile. * * This value will be null unless the value of attestationProfileId is {@link * AttestationVerificationManager#PROFILE_APP_DEFINED}. */ @DataClass.Generated.Member public @Nullable String getPackageName() { return mPackageName; } /** * The name of an app-defined attestation profile. * * This value will be null unless the value of attestationProfileId is {@link * AttestationVerificationManager#PROFILE_APP_DEFINED}. */ @DataClass.Generated.Member public @Nullable String getProfileName() { return mProfileName; } @Override @DataClass.Generated.Member public boolean equals(@Nullable Object o) { // You can override field equality logic by defining either of the methods like: // boolean fieldNameEquals(AttestationProfile other) { ... } // boolean fieldNameEquals(FieldType otherValue) { ... } if (this == o) return true; if (o == null || getClass() != o.getClass()) return false; @SuppressWarnings("unchecked") AttestationProfile that = (AttestationProfile) o; //noinspection PointlessBooleanExpression return true && mAttestationProfileId == that.mAttestationProfileId && java.util.Objects.equals(mPackageName, that.mPackageName) && java.util.Objects.equals(mProfileName, that.mProfileName); } @Override @DataClass.Generated.Member public int hashCode() { // You can override field hashCode logic by defining methods like: // int fieldNameHashCode() { ... } int _hash = 1; _hash = 31 * _hash + mAttestationProfileId; _hash = 31 * _hash + java.util.Objects.hashCode(mPackageName); _hash = 31 * _hash + java.util.Objects.hashCode(mProfileName); return _hash; } @Override @DataClass.Generated.Member public void writeToParcel(@NonNull android.os.Parcel dest, int flags) { // You can override field parcelling by defining methods like: // void parcelFieldName(Parcel dest, int flags) { ... } byte flg = 0; if (mPackageName != null) flg |= 0x2; if (mProfileName != null) flg |= 0x4; dest.writeByte(flg); dest.writeInt(mAttestationProfileId); if (mPackageName != null) dest.writeString(mPackageName); if (mProfileName != null) dest.writeString(mProfileName); } @Override @DataClass.Generated.Member public int describeContents() { return 0; } /** @hide */ @SuppressWarnings({"unchecked", "RedundantCast"}) @DataClass.Generated.Member /* package-private */ AttestationProfile(@NonNull android.os.Parcel in) { // You can override field unparcelling by defining methods like: // static FieldType unparcelFieldName(Parcel in) { ... } byte flg = in.readByte(); int attestationProfileId = in.readInt(); String packageName = (flg & 0x2) == 0 ? null : in.readString(); String profileName = (flg & 0x4) == 0 ? null : in.readString(); this.mAttestationProfileId = attestationProfileId; com.android.internal.util.AnnotationValidations.validate( AttestationProfileId.class, null, mAttestationProfileId); this.mPackageName = packageName; this.mProfileName = profileName; // onConstructed(); // You can define this method to get a callback } @DataClass.Generated.Member public static final @NonNull Parcelable.Creator<AttestationProfile> CREATOR = new Parcelable.Creator<AttestationProfile>() { @Override public AttestationProfile[] newArray(int size) { return new AttestationProfile[size]; } @Override public AttestationProfile createFromParcel(@NonNull android.os.Parcel in) { return new AttestationProfile(in); } }; @DataClass.Generated( time = 1633629498403L, codegenVersion = "1.0.23", sourceFile = "frameworks/base/core/java/android/security/attestationverification/AttestationProfile.java", inputSignatures = "private static final java.lang.String TAG\nprivate final @android.security.attestationverification.AttestationVerificationManager.AttestationProfileId int mAttestationProfileId\nprivate final @android.annotation.Nullable java.lang.String mPackageName\nprivate final @android.annotation.Nullable java.lang.String mProfileName\npublic @java.lang.Override java.lang.String toString()\nclass AttestationProfile extends java.lang.Object implements [android.os.Parcelable]\n@com.android.internal.util.DataClass(genConstructor=false, genEqualsHashCode=true)") @Deprecated private void __metadata() {} //@formatter:on // End of generated code }
core/java/android/security/attestationverification/AttestationVerificationManager.java 0 → 100644 +271 −0 File added.Preview size limit exceeded, changes collapsed. Show changes
core/java/android/security/attestationverification/AttestationVerificationService.java 0 → 100644 +100 −0 Original line number Diff line number Diff line /* * Copyright (C) 2021 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.security.attestationverification; import android.annotation.CheckResult; import android.annotation.NonNull; import android.app.Service; import android.os.Bundle; import android.security.attestationverification.AttestationVerificationManager.VerificationResult; /** * A verifier which can be implemented by apps to verify an attestation (as described in {@link * AttestationVerificationManager}). * * In the manifest for this service, specify the profile and local binding type this verifier * supports. Create a new service for each combination of profile & local binding type that your app * supports. Each service must declare an {@code intent-filter} action of {@link #SERVICE_INTERFACE} * and permission of {@link android.Manifest.permission#BIND_ATTESTATION_VERIFICATION_SERVICE}. * * <p>Example: * {@code * <pre> * <service android:name=".MyAttestationVerificationService" * android:permission="android.permission.BIND_ATTESTATION_VERIFICATION_SERVICE" * android:exported="true"> * <intent-filter> * <action * android:name="android.security.attestationverification.AttestationVerificationService" /> * </intent-filter> * <meta-data android:name="android.security.attestationverification.PROFILE_ID" * android:value="PROFILE_PLACEHOLDER_0" /> * <meta-data android:name="android.security.attestationverification.LOCAL_BINDING_TYPE" * android:value="TYPE_PLACEHOLDER_0" /> * </service> * </pre> * } * * <p>For app-defined profiles, an example of the {@code <meta-data>}: * {@code * <pre> * <meta-data android:name="android.security.attestation.PROFILE_PACKAGE_NAME" * android:value="com.example" /> * <meta-data android:name="android.security.attestation.PROFILE_NAME" * android:value="com.example.profile.PROFILE_FOO" /> * </pre> * } * * @hide */ public abstract class AttestationVerificationService extends Service { /** * An intent action for a service to be bound and act as an attestation verifier. * * <p>The app will be kept alive for a short duration between verification calls after which * the system will unbind from this service making the app eligible for cleanup. * * <p>The service must also require permission * {@link android.Manifest.permission#BIND_ATTESTATION_VERIFICATION_SERVICE}. */ public static final String SERVICE_INTERFACE = "android.security.attestationverification.AttestationVerificationService"; /** * Verifies that {@code attestation} attests that the device identified by the local binding * data in {@code requirements} meets the minimum requirements of this verifier for this * verifier's profile. * * <p>Called by the system to verify an attestation. * * <p>The data passed into this method comes directly from apps and should be treated as * potentially dangerous user input. * * @param requirements a {@link Bundle} containing locally-known data which must match {@code * attestation} * @param attestation the attestation to verify * @return whether the verification passed * @see AttestationVerificationManager#verifyAttestation(AttestationProfile, int, Bundle, * byte[], java.util.concurrent.Executor, java.util.function.BiConsumer) */ @CheckResult @VerificationResult public abstract int onVerifyPeerDeviceAttestation( @NonNull Bundle requirements, @NonNull byte[] attestation); }
