supreme-common/at.asitplus.attestation.android/AttestationKeyDescription

AttestationKeyDescription

class AttestationKeyDescription(val attestationVersion: Int, val attestationSecurityLevel: AttestationKeyDescription.SecurityLevel, val keyMintVersion: Int, val keyMintSecurityLevel: AttestationKeyDescription.SecurityLevel, val attestationChallenge: ByteArray, val uniqueId: ByteArray, val softwareEnforced: AuthorizationList, val hardwareEnforced: AuthorizationList) : Asn1Encodable<Asn1Sequence> , Identifiable, PrettyPrintable(source)

Attestation certificate extension used by Google. While we could use sophisticated sanity checks to ensure that only valid extensions that conform to the schema in every aspect, the reality is ugly, with device manufacturers being very creative about how and what will be encoded into softwareEnforced and hardwareEnforced. Hence, we must be able to parse extensions that are structurally valid at first glance, even when the actual values inside look like they have been through a meat grinder. As long as those values we check for during attestation validation are there and contain the values required for a successful assessment, we're golden! Hence, barely any sanity checks are enforced.

Constructors

AttestationKeyDescription

constructor(attestationVersion: Int, attestationSecurityLevel: AttestationKeyDescription.SecurityLevel, keyMintVersion: Int, keyMintSecurityLevel: AttestationKeyDescription.SecurityLevel, attestationChallenge: ByteArray, uniqueId: ByteArray, softwareEnforced: AuthorizationList, hardwareEnforced: AuthorizationList)

Types

object Companion : Identifiable, Asn1Decodable<Asn1Sequence, AttestationKeyDescription>

enum SecurityLevel : Asn1Encodable<Asn1Primitive> , Enum<AttestationKeyDescription.SecurityLevel>

Attestation security level as defined by Google.

Properties

attestationChallenge

val attestationChallenge: ByteArray

attestationSecurityLevel

val attestationSecurityLevel: AttestationKeyDescription.SecurityLevel

attestationVersion

val attestationVersion: Int

hardwareEnforced

val hardwareEnforced: AuthorizationList

keymasterSecurityLevel

val keymasterSecurityLevel: AttestationKeyDescription.SecurityLevel

alias for keyMintSecurityLevel for backwards compatibility for attestationVersion<=4

keymasterVersion

val keymasterVersion: Int

alias for keyMintVersion for backwards compatibility for attestationVersion<=4

keyMintSecurityLevel

val keyMintSecurityLevel: AttestationKeyDescription.SecurityLevel

val keyMintVersion: Int

open override val oid: ObjectIdentifier

softwareEnforced

val softwareEnforced: AuthorizationList

val uniqueId: ByteArray

Functions

open override fun doPrettyPrint(indent: String): String

open fun encodeToDer(): ByteArray

encodeToDerOrNull

open fun encodeToDerOrNull(): ByteArray?

encodeToDerSafe

open fun encodeToDerSafe(): KmmResult<ByteArray>

open override fun encodeToTlv(): Asn1Sequence

encodeToTlvOrNull

open fun encodeToTlvOrNull(): Asn1Sequence?

encodeToTlvSafe

open fun encodeToTlvSafe(): KmmResult<Asn1Sequence>

open operator override fun equals(other: Any?): Boolean

open override fun hashCode(): Int

fun PrettyPrintable.prettyPrint(): String

prettyPrintAsn1

open fun prettyPrintAsn1(): String

open override fun toString(): String

fun versionCheck()

withImplicitTag

open infix fun withImplicitTag(tag: Asn1Element.Tag): Asn1Element

open infix fun withImplicitTag(template: Asn1Element.Tag.Template): Asn1Element

open infix fun withImplicitTag(tagValue: ULong): Asn1Element