Merge changes I2f5187bf,Icb79e1e0,I833894d3,I54dcaa61,I47a810f2 am: b39baeaa92 (319cf923) · Commits · e / os / android_hardware_interfaces

security/keymint/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl

+2 −2

Original line number	Diff line number	Diff line
		@@ -202,7 +202,7 @@ interface IRemotelyProvisionedComponent {
		* 2 : bstr // KID : EEK ID
		* 3 : -25, // Algorithm : ECDH-ES + HKDF-256
		* -1 : 4, // Curve : X25519
		* -2 : bstr // Ed25519 public key
		* -2 : bstr // X25519 public key
		* }
		*
		* EekSignatureInput = [
		@@ -221,7 +221,7 @@ interface IRemotelyProvisionedComponent {
		* in the chain, which implies that it must not attempt to validate the signature.
		*
		* If testMode is false, the method must validate the chain signatures, and must verify
		* that the public key in the root certifictate is in its pre-configured set of
		* that the public key in the root certificate is in its pre-configured set of
		* authorized EEK root keys. If the public key is not in the database, or if signature
		* verification fails, the method must return STATUS_INVALID_EEK.
		*

security/keymint/aidl/android/hardware/security/keymint/MacedPublicKey.aidl

+6 −5

Original line number	Diff line number	Diff line
		@@ -26,7 +26,7 @@ parcelable MacedPublicKey {
		/**
		* key is a COSE_Mac0 structure containing the new public key. It's MACed by a key available
		* only to the secure environment, as proof that the public key was generated by that
		* environment. In CDDL, assuming the contained key is an Ed25519 public key:
		* environment. In CDDL, assuming the contained key is a P-256 public key:
		*
		* MacedPublicKey = [ // COSE_Mac0
		* protected: bstr .cbor { 1 : 5}, // Algorithm : HMAC-256
		@@ -36,10 +36,11 @@ parcelable MacedPublicKey {
		* ]
		*
		* PublicKey = { // COSE_Key
		* 1 : 1, // Key type : octet key pair
		* 3 : -8 // Algorithm : EdDSA
		* -1 : 6, // Curve : Ed25519
		* 1 : 2, // Key type : EC2
		* 3 : -8 // Algorithm : ES256
		* -1 : 6, // Curve : P256
		* -2 : bstr // X coordinate, little-endian
		* -3 : bstr // Y coordinate, little-endian
		* ? -70000 : nil // Presence indicates this is a test key. If set, K_mac is
		* // all zeros.
		* },
		@@ -51,7 +52,7 @@ parcelable MacedPublicKey {
		* payload : bstr .cbor PublicKey
		* ]
		*
		* if a non-Ed25519 public key were contained, the contents of the PublicKey map would change a
		* if a non-P256 public key were contained, the contents of the PublicKey map would change a
		* little; see RFC 8152 for details.
		*/
		byte[] macedKey;

security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl

+1 −1

Original line number	Diff line number	Diff line
		@@ -33,7 +33,7 @@ parcelable ProtectedData {
		* unprotected: {
		* 5 : bstr .size 12 // IV
		* },
		* ciphertext: bstr, // AES-GCM-128(K, .cbor ProtectedDataPayload)
		* ciphertext: bstr, // AES-GCM-256(K, .cbor ProtectedDataPayload)
		* recipients : [
		* [ // COSE_Recipient
		* protected : bstr .cbor {

security/keymint/aidl/default/RemotelyProvisionedComponent.cpp

+17 −2

Original line number	Diff line number	Diff line
		@@ -46,6 +46,14 @@ using namespace keymaster;

		namespace {

		// Hard-coded set of acceptable public keys that can act as roots of EEK chains.
		inline const vector<bytevec> kAuthorizedEekRoots = {
		// TODO(drysdale): replace this random value with real root pubkey(s).
		{0x5c, 0xea, 0x4b, 0xd2, 0x31, 0x27, 0x15, 0x5e, 0x62, 0x94, 0x70,
		0x53, 0x94, 0x43, 0x0f, 0x9a, 0x89, 0xd5, 0xc5, 0x0f, 0x82, 0x9b,
		0xcd, 0x10, 0xe0, 0x79, 0xef, 0xf3, 0xfa, 0x40, 0xeb, 0x0a},
		};

		constexpr auto STATUS_FAILED = RemotelyProvisionedComponent::STATUS_FAILED;
		constexpr auto STATUS_INVALID_EEK = RemotelyProvisionedComponent::STATUS_INVALID_EEK;
		constexpr auto STATUS_INVALID_MAC = RemotelyProvisionedComponent::STATUS_INVALID_MAC;
		@@ -135,6 +143,13 @@ StatusOr<std::pair<bytevec /* EEK pub /, bytevec / EEK ID */>> validateAndExtr
		"Failed to validate EEK chain: " + cosePubKey.moveMessage());
		}
		lastPubKey = *std::move(cosePubKey);

		// In prod mode the first pubkey should match a well-known Google public key.
		if (!testMode && i == 0 &&
		std::find(kAuthorizedEekRoots.begin(), kAuthorizedEekRoots.end(), lastPubKey) ==
		kAuthorizedEekRoots.end()) {
		return Status(STATUS_INVALID_EEK, "Unrecognized root of EEK chain");
		}
		}

		auto eek = CoseKey::parseX25519(lastPubKey, true /* requireKid */);
		@@ -417,8 +432,8 @@ RemotelyProvisionedComponent::generateBcc() {
		.add(1 /* Issuer */, "Issuer")
		.add(2 /* Subject */, "Subject")
		.add(-4670552 /* Subject Pub Key */, coseKey)
		.add(-4670553 /* Key Usage */,
		std::vector<uint8_t>(0x05) /* Big endian order */)
		.add(-4670553 /* Key Usage (little-endian order) */,
		std::vector<uint8_t>{0x20} /* keyCertSign = 1<<5 */)
		.canonicalize()
		.encode();
		auto coseSign1 = constructCoseSign1(privKey, /* signing key */

security/keymint/aidl/vts/functional/Android.bp

+4 −1

Original line number	Diff line number	Diff line
		@@ -94,11 +94,14 @@ cc_test {
		],
		static_libs: [
		"android.hardware.security.keymint-V1-ndk_platform",
		"android.hardware.security.secureclock-V1-ndk_platform",
		"libcppcose",
		"libgmock_ndk",
		"libremote_provisioner",
		"libkeymint",
		"libkeymint_support",
		"libkeymint_remote_prov_support",
		"libkeymint_vts_test_utils",
		"libremote_provisioner",
		],
		test_suites: [
		"general-tests",