Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 45d1faae authored by Alan Stokes's avatar Alan Stokes
Browse files

Clarify Secretkeeper comments 

Various small wording changes to attempt to clarify some of the
details of the Secretkeeper API.

While I'm here: fix error code naming inconsistency.

Bug: 291224769
Test: N/A
Change-Id: I956b549bc5bf4d2b964dde9867430cb4778e445b
parent 91664b85

security/secretkeeper/aidl/android/hardware/security/secretkeeper/ISecretkeeper.aidl

+9 −4
Original line number Diff line number Diff line
@@ -41,7 +41,12 @@ interface ISecretkeeper { 
     * Retrieve the instance of the `IAuthGraphKeyExchange` HAL that should be used for shared

     * session key establishment. These keys are used to perform encryption of messages as

     * described in SecretManagement.cddl, allowing the client and Secretkeeper to have a

     * cryptographically secure channel.

     * cryptographically secure channel. In the key exchange protocol the client acts as P1

     * (source) and Secretkeeper as P2 (sink). The interface returned here can be used to invoke

     * methods on the sink.

     *

     * The client's identity is its DICE chain; Secretkeeper's identity is a

     * per-boot key pair.

     */

    IAuthGraphKeyExchange getAuthGraphKe();
@@ -56,8 +61,8 @@ interface ISecretkeeper { 
     * ProtectedRequestPacket & ProtectedResponsePacket using symmetric keys agreed between

     * the client & service. This cryptographic protection is required because the messages are

     * ferried via Android, which is allowed to be outside the TCB of clients (for example protected

     * Virtual Machines). For this, service (& client) must implement a key exchange protocol, which

     * is critical for establishing the secure channel.

     * Virtual Machines). For this, service (& client) must implement the AuthGraph key exchange

     * protocol to establish a secure channel between them.

     *

     * If an encrypted response cannot be generated, then a service-specific Binder error using one

     * of the ERROR_ codes above will be returned.

security/secretkeeper/aidl/android/hardware/security/secretkeeper/SecretManagement.cddl

+2 −2
Original line number Diff line number Diff line
@@ -82,7 +82,7 @@ ErrorCode = &( 
    ; Requested Entry not found.

    ErrorCode_EntryNotFound: 3,

    ; Error happened while serialization or deserialization.

    SerializationError: 4,

    ErrorCode_SerializationError: 4,

    ; Indicates that Dice Policy matching did not succeed & hence access not granted.

    ErrorCode_DicePolicyError: 5,

)
@@ -95,7 +95,7 @@ Result = &( 
    GetSecretResult,

)



GetVersionResult = (version : uint)

GetVersionResult = (1)



StoreSecretResult = ()