Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4710ce82 authored by Treehugger Robot's avatar Treehugger Robot Committed by Automerger Merge Worker
Browse files

Merge "Update ProtectedData DKCertChain to use X.509" am: e003ed06 am:... 

Merge "Update ProtectedData DKCertChain to use X.509" am: e003ed06 am: 2c2972a1 am: 5d784140 am: 3645f804 am: b7771229

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2089226



Change-Id: I7060666a33532e4ccd14937dcef288fe472b8203
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents ddbc4115 b7771229

security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl

+3 −5
Original line number Diff line number Diff line
@@ -100,15 +100,13 @@ parcelable ProtectedData { 
     *     SignerName = tstr

     *

     *     DKCertChain = [

     *         2* Certificate           // Root -> ... -> Leaf. "Root" is the vendor self-signed

     *         2* X509Certificate       // Root -> ... -> Leaf. "Root" is the vendor self-signed

     *                                  // cert, "Leaf" contains DK_pub. There may also be

     *                                  // intermediate certificates between Root and Leaf.

     *     ]

     *

     *     // Certificates may be either:

     *     // 1. COSE_Sign1, with payload containing PubKeyEd25519 or PubKeyECDSA256

     *     // 2. a bstr containing a DER-encoded X.509 certificate (RSA, NIST P-curve, or edDSA)

     *     Certificate = COSE_Sign1 / bstr

     *     // A bstr containing a DER-encoded X.509 certificate (RSA, NIST P-curve, or edDSA)

     *     X509Certificate = bstr

     *

     *     // The SignedMac, which authenticates the MAC key that is used to authenticate the

     *     // keysToSign.