Adds the basic API of the attestation verification framework.

            UWB_SERVICE,

            MEDIA_METRICS_SERVICE,

            SUPPLEMENTAL_PROCESS_SERVICE,

            //@hide: ATTESTATION_VERIFICATION_SERVICE,

            //@hide: SAFETY_CENTER_SERVICE,

    })

    @Retention(RetentionPolicy.SOURCE)

     */

    public static final String INCREMENTAL_SERVICE = "incremental";

    /**

     * Use with {@link #getSystemService(String)} to retrieve an

     * {@link android.security.attestationverification.AttestationVerificationManager}.

     * @see #getSystemService(String)

     * @see android.security.attestationverification.AttestationVerificationManager

     * @hide

     */

    public static final String ATTESTATION_VERIFICATION_SERVICE = "attestation_verification";

    /**

     * Use with {@link #getSystemService(String)} to retrieve an

     * {@link android.security.FileIntegrityManager}.

/*

 * Copyright (C) 2021 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.security.attestationverification;

/**

 * {@hide}

 */

parcelable AttestationProfile;

/*

 * Copyright (C) 2021 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.security.attestationverification;

import static android.security.attestationverification.AttestationVerificationManager.PROFILE_APP_DEFINED;

import static android.security.attestationverification.AttestationVerificationManager.PROFILE_UNKNOWN;

import android.annotation.NonNull;

import android.annotation.Nullable;

import android.os.Parcelable;

import android.security.attestationverification.AttestationVerificationManager.AttestationProfileId;

import android.util.Log;

import com.android.internal.util.DataClass;

/**

 * An attestation profile defining the security requirements for verifying the attestation of a

 * remote compute environment.

 *

 * <p>This class is immutable and thread-safe. When checking this profile against an expected

 * profile, it is recommended to construct the expected profile and compare them with {@code

 * equals()}.

 *

 * @hide

 * @see AttestationVerificationManager

 */

@DataClass(

        genConstructor = false,

        genEqualsHashCode = true

)

public final class AttestationProfile implements Parcelable {

    private static final String TAG = "AVF";

    /**

     * The ID of a system-defined attestation profile.

     *

     * See constants in {@link AttestationVerificationManager} prefixed with {@code PROFILE_}. If

     * this has the value of {@link AttestationVerificationManager#PROFILE_APP_DEFINED}, then the

     * packageName and profileName are non-null.

     */

    @AttestationProfileId

    private final int mAttestationProfileId;

    /**

     * The package name of a app-defined attestation profile.

     *

     * This value will be null unless the value of attestationProfileId is {@link

     * AttestationVerificationManager#PROFILE_APP_DEFINED}.

     */

    @Nullable

    private final String mPackageName;

    /**

     * The name of an app-defined attestation profile.

     *

     * This value will be null unless the value of attestationProfileId is {@link

     * AttestationVerificationManager#PROFILE_APP_DEFINED}.

     */

    @Nullable

    private final String mProfileName;

    private AttestationProfile(

            @AttestationProfileId int attestationProfileId,

            @Nullable String packageName,

            @Nullable String profileName) {

        mAttestationProfileId = attestationProfileId;

        mPackageName = packageName;

        mProfileName = profileName;

    }

    /**

     * Create a profile with the given id.

     *

     * <p>This constructor is for specifying a profile which is defined by the system. These are

     * available as constants in the {@link AttestationVerificationManager} class prefixed with

     * {@code PROFILE_}.

     *

     * @param attestationProfileId the ID of the system-defined profile

     * @throws IllegalArgumentException when called with

     * {@link AttestationVerificationManager#PROFILE_APP_DEFINED}

     *                                  (use {@link #AttestationProfile(String, String)})

     */

    public AttestationProfile(@AttestationProfileId int attestationProfileId) {

        this(attestationProfileId, null, null);

        if (attestationProfileId == PROFILE_APP_DEFINED) {

            throw new IllegalArgumentException("App-defined profiles must be specified with the "

                    + "constructor AttestationProfile#constructor(String, String)");

        }

    }

    /**

     * Create a profile with the given package name and profile name.

     *

     * <p>This constructor is for specifying a profile defined by an app. The packageName must

     * match the package name of the app that defines the profile (as specified in the {@code

     * package} attribute of the {@code

     * <manifest>} tag in the app's manifest. The profile name matches the {@code name} attribute

     * of the {@code <attestation-profile>} tag.

     *

     * <p>Apps must declare profiles in their manifest as an {@code <attestation-profile>} element.

     * However, this constructor does not verify that such a profile exists. If the profile does not

     * exist, verifications will fail.

     *

     * @param packageName the package name of the app defining the profile

     * @param profileName the name of the profile

     */

    public AttestationProfile(@NonNull String packageName, @NonNull String profileName) {

        this(PROFILE_APP_DEFINED, packageName, profileName);

        if (packageName == null || profileName == null) {

            throw new IllegalArgumentException("Both packageName and profileName must be non-null");

        }

    }

    @Override

    public String toString() {

        if (mAttestationProfileId == PROFILE_APP_DEFINED) {

            return "AttestationProfile(package=" + mPackageName + ", name=" + mProfileName + ")";

        } else {

            String humanReadableProfileId;

            switch (mAttestationProfileId) {

                case PROFILE_UNKNOWN:

                    humanReadableProfileId = "PROFILE_UNKNOWN";

                    break;

                default:

                    Log.e(TAG, "ERROR: Missing case in AttestationProfile#toString");

                    humanReadableProfileId = "ERROR";

            }

            return "AttestationProfile(" + humanReadableProfileId + "/" + mAttestationProfileId

                    + ")";

        }

    }

    // Code below generated by codegen v1.0.23.

    //

    // DO NOT MODIFY!

    // CHECKSTYLE:OFF Generated code

    //

    // To regenerate run:

    // $ codegen $ANDROID_BUILD_TOP/frameworks/base/core/java/android/security

    // /attestationverification/AttestationProfile.java

    //

    // To exclude the generated code from IntelliJ auto-formatting enable (one-time):

    //   Settings > Editor > Code Style > Formatter Control

    //@formatter:off

    /**

     * The ID of a system-defined attestation profile.

     *

     * See constants in {@link AttestationVerificationManager} prefixed with {@code PROFILE_}. If

     * this has the value of {@link AttestationVerificationManager#PROFILE_APP_DEFINED}, then the

     * packageName and profileName are non-null.

     */

    @DataClass.Generated.Member

    public @AttestationProfileId int getAttestationProfileId() {

        return mAttestationProfileId;

    }

    /**

     * The package name of a app-defined attestation profile.

     *

     * This value will be null unless the value of attestationProfileId is {@link

     * AttestationVerificationManager#PROFILE_APP_DEFINED}.

     */

    @DataClass.Generated.Member

    public @Nullable String getPackageName() {

        return mPackageName;

    }

    /**

     * The name of an app-defined attestation profile.

     *

     * This value will be null unless the value of attestationProfileId is {@link

     * AttestationVerificationManager#PROFILE_APP_DEFINED}.

     */

    @DataClass.Generated.Member

    public @Nullable String getProfileName() {

        return mProfileName;

    }

    @Override

    @DataClass.Generated.Member

    public boolean equals(@Nullable Object o) {

        // You can override field equality logic by defining either of the methods like:

        // boolean fieldNameEquals(AttestationProfile other) { ... }

        // boolean fieldNameEquals(FieldType otherValue) { ... }

        if (this == o) return true;

        if (o == null || getClass() != o.getClass()) return false;

        @SuppressWarnings("unchecked")

        AttestationProfile that = (AttestationProfile) o;

        //noinspection PointlessBooleanExpression

        return true

                && mAttestationProfileId == that.mAttestationProfileId

                && java.util.Objects.equals(mPackageName, that.mPackageName)

                && java.util.Objects.equals(mProfileName, that.mProfileName);

    }

    @Override

    @DataClass.Generated.Member

    public int hashCode() {

        // You can override field hashCode logic by defining methods like:

        // int fieldNameHashCode() { ... }

        int _hash = 1;

        _hash = 31 * _hash + mAttestationProfileId;

        _hash = 31 * _hash + java.util.Objects.hashCode(mPackageName);

        _hash = 31 * _hash + java.util.Objects.hashCode(mProfileName);

        return _hash;

    }

    @Override

    @DataClass.Generated.Member

    public void writeToParcel(@NonNull android.os.Parcel dest, int flags) {

        // You can override field parcelling by defining methods like:

        // void parcelFieldName(Parcel dest, int flags) { ... }

        byte flg = 0;

        if (mPackageName != null) flg |= 0x2;

        if (mProfileName != null) flg |= 0x4;

        dest.writeByte(flg);

        dest.writeInt(mAttestationProfileId);

        if (mPackageName != null) dest.writeString(mPackageName);

        if (mProfileName != null) dest.writeString(mProfileName);

    }

    @Override

    @DataClass.Generated.Member

    public int describeContents() { return 0; }

    /** @hide */

    @SuppressWarnings({"unchecked", "RedundantCast"})

    @DataClass.Generated.Member

    /* package-private */ AttestationProfile(@NonNull android.os.Parcel in) {

        // You can override field unparcelling by defining methods like:

        // static FieldType unparcelFieldName(Parcel in) { ... }

        byte flg = in.readByte();

        int attestationProfileId = in.readInt();

        String packageName = (flg & 0x2) == 0 ? null : in.readString();

        String profileName = (flg & 0x4) == 0 ? null : in.readString();

        this.mAttestationProfileId = attestationProfileId;

        com.android.internal.util.AnnotationValidations.validate(

                AttestationProfileId.class, null, mAttestationProfileId);

        this.mPackageName = packageName;

        this.mProfileName = profileName;

        // onConstructed(); // You can define this method to get a callback

    }

    @DataClass.Generated.Member

    public static final @NonNull Parcelable.Creator<AttestationProfile> CREATOR

            = new Parcelable.Creator<AttestationProfile>() {

        @Override

        public AttestationProfile[] newArray(int size) {

            return new AttestationProfile[size];

        }

        @Override

        public AttestationProfile createFromParcel(@NonNull android.os.Parcel in) {

            return new AttestationProfile(in);

        }

    };

    @DataClass.Generated(

            time = 1633629498403L,

            codegenVersion = "1.0.23",

            sourceFile = "frameworks/base/core/java/android/security/attestationverification/AttestationProfile.java",

            inputSignatures = "private static final  java.lang.String TAG\nprivate final @android.security.attestationverification.AttestationVerificationManager.AttestationProfileId int mAttestationProfileId\nprivate final @android.annotation.Nullable java.lang.String mPackageName\nprivate final @android.annotation.Nullable java.lang.String mProfileName\npublic @java.lang.Override java.lang.String toString()\nclass AttestationProfile extends java.lang.Object implements [android.os.Parcelable]\n@com.android.internal.util.DataClass(genConstructor=false, genEqualsHashCode=true)")

    @Deprecated

    private void __metadata() {}

    //@formatter:on

    // End of generated code

}

/*

 * Copyright (C) 2021 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.security.attestationverification;

import android.annotation.CheckResult;

import android.annotation.NonNull;

import android.app.Service;

import android.os.Bundle;

import android.security.attestationverification.AttestationVerificationManager.VerificationResult;

/**

 * A verifier which can be implemented by apps to verify an attestation (as described in {@link

 * AttestationVerificationManager}).

 *

 * In the manifest for this service, specify the profile and local binding type this verifier

 * supports. Create a new service for each combination of profile & local binding type that your app

 * supports. Each service must declare an {@code intent-filter} action of {@link #SERVICE_INTERFACE}

 * and permission of {@link android.Manifest.permission#BIND_ATTESTATION_VERIFICATION_SERVICE}.

 *

 * <p>Example:

 * {@code

 * <pre>

 * <service android:name=".MyAttestationVerificationService"

 *          android:permission="android.permission.BIND_ATTESTATION_VERIFICATION_SERVICE"

 *          android:exported="true">

 *   <intent-filter>

 *     <action

 *         android:name="android.security.attestationverification.AttestationVerificationService" />

 *   </intent-filter>

 *   <meta-data android:name="android.security.attestationverification.PROFILE_ID"

 *              android:value="PROFILE_PLACEHOLDER_0" />

 *   <meta-data android:name="android.security.attestationverification.LOCAL_BINDING_TYPE"

 *              android:value="TYPE_PLACEHOLDER_0" />

 * </service>

 * </pre>

 * }

 *

 * <p>For app-defined profiles, an example of the {@code <meta-data>}:

 * {@code

 * <pre>

 *   <meta-data android:name="android.security.attestation.PROFILE_PACKAGE_NAME"

 *              android:value="com.example" />

 *   <meta-data android:name="android.security.attestation.PROFILE_NAME"

 *              android:value="com.example.profile.PROFILE_FOO" />

 * </pre>

 * }

 *

 * @hide

 */

public abstract class AttestationVerificationService extends Service {

    /**

     * An intent action for a service to be bound and act as an attestation verifier.

     *

     * <p>The app will be kept alive for a short duration between verification calls after which

     * the system will unbind from this service making the app eligible for cleanup.

     *

     * <p>The service must also require permission

     * {@link android.Manifest.permission#BIND_ATTESTATION_VERIFICATION_SERVICE}.

     */

    public static final String SERVICE_INTERFACE =

            "android.security.attestationverification.AttestationVerificationService";

    /**

     * Verifies that {@code attestation} attests that the device identified by the local binding

     * data in {@code requirements} meets the minimum requirements of this verifier for this

     * verifier's profile.

     *

     * <p>Called by the system to verify an attestation.

     *

     * <p>The data passed into this method comes directly from apps and should be treated as

     * potentially dangerous user input.

     *

     * @param requirements a {@link Bundle} containing locally-known data which must match {@code

     *                     attestation}

     * @param attestation  the attestation to verify

     * @return whether the verification passed

     * @see AttestationVerificationManager#verifyAttestation(AttestationProfile, int, Bundle,

     * byte[], java.util.concurrent.Executor, java.util.function.BiConsumer)

     */

    @CheckResult

    @VerificationResult

    public abstract int onVerifyPeerDeviceAttestation(

            @NonNull Bundle requirements,

            @NonNull byte[] attestation);

}