android

package

v0.0.0-...-60e628d Latest Latest Go to latest Published: May 1, 2024 License: Apache-2.0 Imports: 1 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/pomerium/webauthn

Links

Open Source Insights

Documentation ¶

Overview ¶

Package android contains helper functions and types for Android.

Index ¶

type AuthorizationList
type KeyDescription
- func UnmarshalKeyDescription(raw []byte) (keyDescription *KeyDescription, remaining []byte, err error)
- func (keyDescription KeyDescription) Marshal() ([]byte, error)
type KeyMasterPurpose
type KeyMasterPurposeSet
- func (set KeyMasterPurposeSet) Has(purpose KeyMasterPurpose) bool
type KeyOrigin
type RootOfTrust
type SafetyNetClaims
type SecurityLevel
type VerifiedBootState

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AuthorizationList ¶

type AuthorizationList struct {
	Purpose                     KeyMasterPurposeSet `asn1:"tag:1,explicit,set,optional"`
	Algorithm                   int                 `asn1:"tag:2,explicit,optional"`
	KeySize                     int                 `asn1:"tag:3,explicit,optional"`
	Digest                      []int               `asn1:"tag:5,explicit,set,optional"`
	Padding                     []int               `asn1:"tag:6,explicit,set,optional"`
	ECCurve                     int                 `asn1:"tag:10,explicit,optional"`
	RSAPublicExponent           int                 `asn1:"tag:200,explicit,optional"`
	RollbackResistance          asn1.Flag           `asn1:"tag:303,explicit,optional"`
	ActiveDateTime              int                 `asn1:"tag:400,explicit,optional"`
	OriginationExpireDateTime   int                 `asn1:"tag:401,explicit,optional"`
	UsageExpireDateTime         int                 `asn1:"tag:402,explicit,optional"`
	NoAuthRequired              asn1.Flag           `asn1:"tag:503,explicit,optional"`
	UserAuthType                int                 `asn1:"tag:504,explicit,optional"`
	AuthTimeout                 int                 `asn1:"tag:505,explicit,optional"`
	AllowWhileOnBody            asn1.Flag           `asn1:"tag:506,explicit,optional"`
	TrustedUserPresenceRequired asn1.Flag           `asn1:"tag:507,explicit,optional"`
	TrustedConfirmationRequired asn1.Flag           `asn1:"tag:508,explicit,optional"`
	UnlockedDeviceRequired      asn1.Flag           `asn1:"tag:509,explicit,optional"`
	AllApplications             asn1.Flag           `asn1:"tag:600,explicit,optional"`
	ApplicationID               asn1.Flag           `asn1:"tag:601,explicit,optional"`
	CreationDateTime            int                 `asn1:"tag:701,explicit,optional"`
	Origin                      KeyOrigin           `asn1:"tag:702,explicit,optional"`
	RootOfTrust                 RootOfTrust         `asn1:"tag:704,explicit,optional"`
	OSVersion                   int                 `asn1:"tag:705,explicit,optional"`
	OSPatchLevel                int                 `asn1:"tag:706,explicit,optional"`
	AttestationApplicationID    []byte              `asn1:"tag:709,explicit,optional"`
	AttestationIDBrand          []byte              `asn1:"tag:710,explicit,optional"`
	AttestationIDDevice         []byte              `asn1:"tag:711,explicit,optional"`
	AttestationIDProduct        []byte              `asn1:"tag:712,explicit,optional"`
	AttestationIDSerial         []byte              `asn1:"tag:713,explicit,optional"`
	AttestationIDIMEID          []byte              `asn1:"tag:714,explicit,optional"`
	AttestationIDMEID           []byte              `asn1:"tag:715,explicit,optional"`
	AttestationIDManufacturer   []byte              `asn1:"tag:716,explicit,optional"`
	AttestationIDModel          []byte              `asn1:"tag:717,explicit,optional"`
	VendorPatchLevel            int                 `asn1:"tag:718,explicit,optional"`
	BootPatchLevel              int                 `asn1:"tag:719,explicit,optional"`
}

AuthorizationList is the keymaster authorization list.

type KeyDescription ¶

type KeyDescription struct {
	AttestationVersion       int
	AttestationSecurityLevel SecurityLevel
	KeyMasterVersion         int
	KeyMasterSecurityLevel   SecurityLevel
	AttestationChallenge     []byte
	UniqueID                 []byte
	SoftwareEnforced         AuthorizationList
	TeeEnforced              AuthorizationList
}

A KeyDescription describes an android hardware key.

func UnmarshalKeyDescription ¶

func UnmarshalKeyDescription(raw []byte) (keyDescription *KeyDescription, remaining []byte, err error)

UnmarshalKeyDescription unmarshals an ASN.1 encoded key description from a slice of bytes.

func (KeyDescription) Marshal ¶

func (keyDescription KeyDescription) Marshal() ([]byte, error)

Marshal marshals an android key description to an ASN.1 encoded slice of bytes.

type KeyMasterPurpose ¶

type KeyMasterPurpose = int

A KeyMasterPurpose describe the purpose of a key (or pair).

const (
	KeyMasterPurposeEncrypt KeyMasterPurpose = iota
	KeyMasterPurposeDecrypt
	KeyMasterPurposeSign
	KeyMasterPurposeVerify
	KeyMasterPurposeDeriveKey
	KeyMasterPurposeWrap
	KeyMasterPurposeAgreeKey
	KeyMasterPurposeAttestKey
)

keymaster purposes

type KeyMasterPurposeSet ¶

type KeyMasterPurposeSet []KeyMasterPurpose

A KeyMasterPurposeSet is a set of key master purposes.

func (KeyMasterPurposeSet) Has ¶

func (set KeyMasterPurposeSet) Has(purpose KeyMasterPurpose) bool

Has returns true if the set contains the given purpose.

type KeyOrigin ¶

type KeyOrigin = int

A KeyOrigin describes the origin of a key as defined in: https://android.googlesource.com/platform/hardware/libhardware/+/master/include/hardware/keymaster_defs.h#315

const (
	KeyOriginGenerated KeyOrigin = iota
	KeyOriginDerived
	KeyOriginImported
	KeyOriginUnknown
)

key origins

type RootOfTrust ¶

type RootOfTrust struct {
	VerifiedBootKey   []byte
	DeviceLocked      bool
	VerifiedBootState VerifiedBootState
	VerifiedBootHash  []byte
}

RootOfTrust described the verification state of a device's boot.

type SafetyNetClaims ¶

type SafetyNetClaims struct {
	TimestampMS                int      `json:"timestampMs"`
	Nonce                      []byte   `json:"nonce"`
	APKPackageName             string   `json:"apkPackageName"`
	APKCertificateDigestSHA256 [][]byte `json:"apkCertificateDigestSha256"`
	CTSProfileMatch            bool     `json:"ctsProfileMatch"`
	BasicIntegrity             bool     `json:"basicIntegrity"`
	EvaluationType             string   `json:"evaluationType"`
}

SafetyNetClaims are fields available in the JWT payload of a SafetyNet attestation response as defined by: https://developer.android.com/training/safetynet/attestation#use-response-server

type SecurityLevel ¶

type SecurityLevel = asn1.Enumerated

SecurityLevel indicates the level of security.

const (
	SecurityLevelSoftware SecurityLevel = iota
	SecurityLevelTrustedEnvironment
	SecurityLevelStrongBox
)

security levels

type VerifiedBootState ¶

type VerifiedBootState = asn1.Enumerated

A VerifiedBootState indicates the state of the verified boot.

const (
	VerifiedBootStateVerified VerifiedBootState = iota
	VerifiedBootStateSelfSigned
	VerifiedBootStateUnverified
	VerifiedBootStateFailed
)

verified boot states

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL