Loading security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl +8 −4 Original line number Diff line number Diff line Loading @@ -54,8 +54,12 @@ import android.hardware.security.keymint.RpcHardwareInfo; * use by the IRemotelyProvisionedComponent. * * The root keypair is generated by immutable code (e.g. ROM), from a Unique Device Secret (UDS). * The keypair that is generated from it can be referred to as the UDS_Pub/UDS_Priv keys. After the * device-unique secret is used, it must be made unavailable to any later boot stage. * The UDS is a hardware-bound secret that forms the root of identify for the device and code * running on the device. The keypair generated from the UDS is referred to as the UDS_Pub/UDS_Priv * keypair. After the device-unique secret is used, it must be made unavailable to any later boot * stage. Refer to the * [Open Profile for DICE ](https://pigweed.googlesource.com/open-dice/+/HEAD/docs/specification.md#uds-details) * specification for more details on the UDS. * * In this way, booting the device incrementally builds a certificate chain that (a) identifies and * validates the integrity of every stage and (b) contains a set of public keys that correspond to Loading Loading @@ -95,8 +99,8 @@ import android.hardware.security.keymint.RpcHardwareInfo; * * 2) The CDI_Leaf_Priv key cannot be used to sign arbitrary data. * * 3) Backend infrastructure does not correlate UDS_Pub with the certificates signed and sent back * to the device. * 3) Backend infrastructure very closely guards access to UDS_Pub, limiting it to the minimum * set of services that need to know it for security, privacy, and counter-abuse purposes. * * Versioning * ========== Loading Loading
security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl +8 −4 Original line number Diff line number Diff line Loading @@ -54,8 +54,12 @@ import android.hardware.security.keymint.RpcHardwareInfo; * use by the IRemotelyProvisionedComponent. * * The root keypair is generated by immutable code (e.g. ROM), from a Unique Device Secret (UDS). * The keypair that is generated from it can be referred to as the UDS_Pub/UDS_Priv keys. After the * device-unique secret is used, it must be made unavailable to any later boot stage. * The UDS is a hardware-bound secret that forms the root of identify for the device and code * running on the device. The keypair generated from the UDS is referred to as the UDS_Pub/UDS_Priv * keypair. After the device-unique secret is used, it must be made unavailable to any later boot * stage. Refer to the * [Open Profile for DICE ](https://pigweed.googlesource.com/open-dice/+/HEAD/docs/specification.md#uds-details) * specification for more details on the UDS. * * In this way, booting the device incrementally builds a certificate chain that (a) identifies and * validates the integrity of every stage and (b) contains a set of public keys that correspond to Loading Loading @@ -95,8 +99,8 @@ import android.hardware.security.keymint.RpcHardwareInfo; * * 2) The CDI_Leaf_Priv key cannot be used to sign arbitrary data. * * 3) Backend infrastructure does not correlate UDS_Pub with the certificates signed and sent back * to the device. * 3) Backend infrastructure very closely guards access to UDS_Pub, limiting it to the minimum * set of services that need to know it for security, privacy, and counter-abuse purposes. * * Versioning * ========== Loading
