Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 201e6abb authored by Seth Moore's avatar Seth Moore
Browse files

Revert "Refactor IC support for RKP" 

Revert "Add dependency on keymint cpp lib"

Revert "Allow default identity service to call keymint"

Revert submission 1956689-add rkp to identity-default

Reason for revert: Broke git-master. Will resubmit later.
Reverted Changes:
I96dcf3027:Add remote key provisioning to the IC HAL
Id686ac33a:Add dependency on keymint cpp lib
Ib368a2a00:Log to logd in the default identity service
I7d2906de0:Refactor IC support for RKP
Iae0f14f1c:Fix formatting of identity credential aidl
I01d086a4b:Allow default identity service to call keymint

Change-Id: I0bbce79b86e1bbbc2526288072289478744d7613
parent be321133

identity/support/include/android/hardware/identity/support/IdentityCredentialSupport.h

+0 −18
Original line number Diff line number Diff line
@@ -17,8 +17,6 @@ 
#ifndef IDENTITY_SUPPORT_INCLUDE_IDENTITY_CREDENTIAL_UTILS_H_

#define IDENTITY_SUPPORT_INCLUDE_IDENTITY_CREDENTIAL_UTILS_H_



#include <openssl/evp.h>



#include <cstdint>

#include <map>

#include <optional>
@@ -130,15 +128,6 @@ optional<std::pair<vector<uint8_t>, vector<vector<uint8_t>>>> createEcKeyPairAnd 
        const vector<uint8_t>& challenge, const vector<uint8_t>& applicationId,

        bool isTestCredential);



// Alternate version of createEcKeyPairAndAttestation that accepts an attestation key

// blob to sign the generated key. Only a single certificate is returned, rather than

// a full chain.

//

optional<std::pair<vector<uint8_t>, vector<uint8_t>>> createEcKeyPairWithAttestationKey(

        const vector<uint8_t>& challenge, const vector<uint8_t>& applicationId,

        const vector<uint8_t>& attestationKeyBlob, const vector<uint8_t>& attestationKeyCert,

        bool isTestCredential);



// (TODO: remove when no longer used by 3rd party.)

optional<vector<vector<uint8_t>>> createAttestationForEcPublicKey(

        const vector<uint8_t>& publicKey, const vector<uint8_t>& challenge,
@@ -251,13 +240,6 @@ optional<vector<uint8_t>> ecPublicKeyGenerateCertificate( 
        time_t validityNotBefore, time_t validityNotAfter,

        const map<string, vector<uint8_t>>& extensions);



// Identical behavior to the above version of ecPublicKeyGenerateCertificate, except this

// overload takes OpenSSL key parameters instead of key bitstrings as inputs.

optional<vector<uint8_t>> ecPublicKeyGenerateCertificate(

        EVP_PKEY* publicKey, EVP_PKEY* signingKey, const string& serialDecimal,

        const string& issuer, const string& subject, time_t validityNotBefore,

        time_t validityNotAfter, const map<string, vector<uint8_t>>& extensions);



// Performs Elliptic-curve Diffie-Helman using |publicKey| (which must be in the

// format returned by ecKeyPairGetPublicKey()) and |privateKey| (which must be

// in the format returned by ecKeyPairGetPrivateKey()).

identity/support/src/IdentityCredentialSupport.cpp

+195 −338

File changed.

Preview size limit exceeded, changes collapsed.