diff options
author | Matej Zidek <matejz@google.com> | 2019-07-29 18:42:07 +0100 |
---|---|---|
committer | Matt Zidek <matejz@google.com> | 2019-07-29 17:44:19 +0000 |
commit | 8c1024234204f2acfcb356f3e4f2cb77d19fd4c1 (patch) | |
tree | 1b5c95278dcc707bfbec0243553c6fd1ec06106b | |
parent | a456bc7d73b1aff9d56005f38ee96be31cbbac61 (diff) | |
download | android-key-attestation-8c1024234204f2acfcb356f3e4f2cb77d19fd4c1.tar.gz |
Add Immutable annotations
And fix a typo in AuthorizationListTest: VERISON -> VERSION.
Change-Id: Ida422e3478fcc59fcbd99f2a48af538b0be6135b
5 files changed, 11 insertions, 3 deletions
diff --git a/server/build.gradle b/server/build.gradle index 58096d5..cfa8d76 100644 --- a/server/build.gradle +++ b/server/build.gradle @@ -31,4 +31,6 @@ dependencies { testCompile 'junit:junit:4.12' testCompile 'com.google.truth:truth:1.0' testCompile 'com.google.truth.extensions:truth-java8-extension:1.0' + // ErrorProne for Immutable annotation + compile 'com.google.errorprone:error_prone_annotations:2.3.3' }
\ No newline at end of file diff --git a/server/src/main/java/com/google/android/attestation/AuthorizationList.java b/server/src/main/java/com/google/android/attestation/AuthorizationList.java index f6a567c..aebf58a 100644 --- a/server/src/main/java/com/google/android/attestation/AuthorizationList.java +++ b/server/src/main/java/com/google/android/attestation/AuthorizationList.java @@ -53,6 +53,7 @@ import static com.google.android.attestation.Constants.KM_TAG_USAGE_EXPIRE_DATE_ import static com.google.android.attestation.Constants.KM_TAG_USER_AUTH_TYPE; import static com.google.android.attestation.Constants.KM_TAG_VENDOR_PATCH_LEVEL; +import com.google.errorprone.annotations.Immutable; import java.time.Duration; import java.time.Instant; import java.util.HashMap; @@ -73,6 +74,7 @@ import org.bouncycastle.asn1.ASN1TaggedObject; * hardware abstraction layer (HAL). You compare these values to the device's current state or to a * set of expected values to verify that a key pair is still valid for use in your app. */ +@Immutable @SuppressWarnings("OptionalUsedAsFieldOrParameterType") public class AuthorizationList { diff --git a/server/src/main/java/com/google/android/attestation/ParsedAttestationRecord.java b/server/src/main/java/com/google/android/attestation/ParsedAttestationRecord.java index ce3a9cd..d2e1dcb 100644 --- a/server/src/main/java/com/google/android/attestation/ParsedAttestationRecord.java +++ b/server/src/main/java/com/google/android/attestation/ParsedAttestationRecord.java @@ -28,6 +28,7 @@ import static com.google.android.attestation.Constants.SW_ENFORCED_INDEX; import static com.google.android.attestation.Constants.TEE_ENFORCED_INDEX; import static com.google.android.attestation.Constants.UNIQUE_ID_INDEX; +import com.google.errorprone.annotations.Immutable; import java.io.IOException; import java.security.cert.X509Certificate; import org.bouncycastle.asn1.ASN1InputStream; @@ -35,6 +36,7 @@ import org.bouncycastle.asn1.ASN1OctetString; import org.bouncycastle.asn1.ASN1Sequence; /** Java representation of Key Attestation extension data. */ +@Immutable public class ParsedAttestationRecord { public final int attestationVersion; diff --git a/server/src/main/java/com/google/android/attestation/RootOfTrust.java b/server/src/main/java/com/google/android/attestation/RootOfTrust.java index f56477d..d354d81 100644 --- a/server/src/main/java/com/google/android/attestation/RootOfTrust.java +++ b/server/src/main/java/com/google/android/attestation/RootOfTrust.java @@ -24,10 +24,12 @@ import static com.google.android.attestation.Constants.ROOT_OF_TRUST_VERIFIED_BO import static com.google.android.attestation.Constants.ROOT_OF_TRUST_VERIFIED_BOOT_KEY_INDEX; import static com.google.android.attestation.Constants.ROOT_OF_TRUST_VERIFIED_BOOT_STATE_INDEX; +import com.google.errorprone.annotations.Immutable; import org.bouncycastle.asn1.ASN1OctetString; import org.bouncycastle.asn1.ASN1Sequence; /** This collection of values defines key information about the device's status. */ +@Immutable public class RootOfTrust { public final byte[] verifiedBootKey; diff --git a/server/src/test/java/com/google/android/attestation/AuthorizationListTest.java b/server/src/test/java/com/google/android/attestation/AuthorizationListTest.java index 15c7b2a..fb617f9 100644 --- a/server/src/test/java/com/google/android/attestation/AuthorizationListTest.java +++ b/server/src/test/java/com/google/android/attestation/AuthorizationListTest.java @@ -46,7 +46,7 @@ public class AuthorizationListTest { "MIGwoQgxBgIBAgIBA6IDAgEBowQCAggApQUxAwIBBKYIMQYCAQMCAQW/gUgFAgMBAAG/g3cCBQC/hT4DAgEAv4VATDBK" + "BCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBAAoBAgQgco2xJ08fHPFXHeQ4CwSKVUrEo4Dnb1" + "NVCDUpCEqTeAG/hUEDAgEAv4VCBQIDAxSzv4VOBgIEATQV8b+FTwYCBAE0Few="; - private static final int ATTESTATION_VERISON = 3; + private static final int ATTESTATION_VERSION = 3; // Some enum values, complete list can be found at: // https://source.android.com/security/keystore/tags @@ -96,7 +96,7 @@ public class AuthorizationListTest { public void testCanParseAuthorizationListFromSwEnforced() throws IOException { AuthorizationList authorizationList = AuthorizationList.createAuthorizationList( - getEncodableAuthorizationList(SW_ENFORCED_EXTENSION_DATA), ATTESTATION_VERISON); + getEncodableAuthorizationList(SW_ENFORCED_EXTENSION_DATA), ATTESTATION_VERSION); assertThat(authorizationList.creationDateTime).hasValue(EXPECTED_SW_CREATION_DATETIME); assertThat(authorizationList.rootOfTrust).isEmpty(); @@ -108,7 +108,7 @@ public class AuthorizationListTest { public void testCanParseAuthorizationListFromTeeEnforced() throws IOException { AuthorizationList authorizationList = AuthorizationList.createAuthorizationList( - getEncodableAuthorizationList(TEE_ENFORCED_EXTENSION_DATA), ATTESTATION_VERISON); + getEncodableAuthorizationList(TEE_ENFORCED_EXTENSION_DATA), ATTESTATION_VERSION); assertThat(authorizationList.purpose).hasValue(EXPECTED_TEE_PURPOSE); assertThat(authorizationList.algorithm).hasValue(EXPECTED_TEE_ALGORITHM); |