File: android_key.py

package info (click to toggle)
odoo 18.0.0%2Bdfsg-2
links: PTS, VCS
area: main
in suites: sid
size: 878,716 kB
sloc: javascript: 927,937; python: 685,670; xml: 388,524; sh: 1,033; sql: 415; makefile: 26
file content (131 lines) | stat: -rw-r--r-- 4,657 bytes
from enum import Enum

from asn1crypto.core import (
    Boolean,
    Enumerated,
    Integer,
    Null,
    OctetString,
    Sequence,
    SetOf,
)


class Integers(SetOf):
    _child_spec = Integer


class SecurityLevel(Enumerated):
    _map = {
        0: "Software",
        1: "TrustedEnvironment",
        2: "StrongBox",
    }


class VerifiedBootState(Enumerated):
    _map = {
        0: "Verified",
        1: "SelfSigned",
        2: "Unverified",
        3: "Failed",
    }


class RootOfTrust(Sequence):
    _fields = [
        ("verifiedBootKey", OctetString),
        ("deviceLocked", Boolean),
        ("verifiedBootState", VerifiedBootState),
        ("verifiedBootHash", OctetString),
    ]


class AuthorizationList(Sequence):
    _fields = [
        ("purpose", Integers, {"explicit": 1, "optional": True}),
        ("algorithm", Integer, {"explicit": 2, "optional": True}),
        ("keySize", Integer, {"explicit": 3, "optional": True}),
        ("digest", Integers, {"explicit": 5, "optional": True}),
        ("padding", Integers, {"explicit": 6, "optional": True}),
        ("ecCurve", Integer, {"explicit": 10, "optional": True}),
        ("rsaPublicExponent", Integer, {"explicit": 200, "optional": True}),
        ("rollbackResistance", Null, {"explicit": 303, "optional": True}),
        ("activeDateTime", Integer, {"explicit": 400, "optional": True}),
        ("originationExpireDateTime", Integer, {"explicit": 401, "optional": True}),
        ("usageExpireDateTime", Integer, {"explicit": 402, "optional": True}),
        ("noAuthRequired", Null, {"explicit": 503, "optional": True}),
        ("userAuthType", Integer, {"explicit": 504, "optional": True}),
        ("authTimeout", Integer, {"explicit": 505, "optional": True}),
        ("allowWhileOnBody", Null, {"explicit": 506, "optional": True}),
        ("trustedUserPresenceRequired", Null, {"explicit": 507, "optional": True}),
        ("trustedConfirmationRequired", Null, {"explicit": 508, "optional": True}),
        ("unlockedDeviceRequired", Null, {"explicit": 509, "optional": True}),
        ("allApplications", Null, {"explicit": 600, "optional": True}),
        ("applicationId", OctetString, {"explicit": 601, "optional": True}),
        ("creationDateTime", Integer, {"explicit": 701, "optional": True}),
        ("origin", Integer, {"explicit": 702, "optional": True}),
        ("rollbackResistant", Null, {"explicit": 703, "optional": True}),
        ("rootOfTrust", RootOfTrust, {"explicit": 704, "optional": True}),
        ("osVersion", Integer, {"explicit": 705, "optional": True}),
        ("osPatchLevel", Integer, {"explicit": 706, "optional": True}),
        ("attestationApplicationId", OctetString, {"explicit": 709, "optional": True}),
        ("attestationIdBrand", OctetString, {"explicit": 710, "optional": True}),
        ("attestationIdDevice", OctetString, {"explicit": 711, "optional": True}),
        ("attestationIdProduct", OctetString, {"explicit": 712, "optional": True}),
        ("attestationIdSerial", OctetString, {"explicit": 713, "optional": True}),
        ("attestationIdImei", OctetString, {"explicit": 714, "optional": True}),
        ("attestationIdMeid", OctetString, {"explicit": 715, "optional": True}),
        ("attestationIdManufacturer", OctetString, {"explicit": 716, "optional": True}),
        ("attestationIdModel", OctetString, {"explicit": 717, "optional": True}),
        ("vendorPatchLevel", Integer, {"explicit": 718, "optional": True}),
        ("bootPatchLevel", Integer, {"explicit": 719, "optional": True}),
    ]


class KeyDescription(Sequence):
    """Attestation extension content as ASN.1 schema (DER-encoded)

    Corresponds to X.509 certificate extension with the following OID:

    `1.3.6.1.4.1.11129.2.1.17`

    See https://source.android.com/security/keystore/attestation#schema
    """

    _fields = [
        ("attestationVersion", Integer),
        ("attestationSecurityLevel", SecurityLevel),
        ("keymasterVersion", Integer),
        ("keymasterSecurityLevel", SecurityLevel),
        ("attestationChallenge", OctetString),
        ("uniqueId", OctetString),
        ("softwareEnforced", AuthorizationList),
        ("teeEnforced", AuthorizationList),
    ]


class KeyOrigin(int, Enum):
    """`Tag::ORIGIN`

    See https://source.android.com/security/keystore/tags#origin
    """

    GENERATED = 0
    DERIVED = 1
    IMPORTED = 2
    UNKNOWN = 3


class KeyPurpose(int, Enum):
    """`Tag::PURPOSE`

    See https://source.android.com/security/keystore/tags#purpose
    """

    ENCRYPT = 0
    DECRYPT = 1
    SIGN = 2
    VERIFY = 3
    DERIVE_KEY = 4
    WRAP_KEY = 5