Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6f7f7176 authored by Treehugger Robot's avatar Treehugger Robot Committed by Automerger Merge Worker
Browse files

Merge "Add more clarity about integer encoding for keys" am: 7a15fa50 am:... 

Merge "Add more clarity about integer encoding for keys" am: 7a15fa50 am: 21326838 am: cedd7bc2

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2378099



Change-Id: Ia58cf871593107fb503ae24efd3f6e68ea791674
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents 5fa39fbe cedd7bc2

security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl

+6 −3
Original line number Original line Diff line number Diff line
@@ -222,7 +222,7 @@ interface IRemotelyProvisionedComponent { 
     *                2 : bstr             ; KID : EEK ID

     *                2 : bstr             ; KID : EEK ID

     *                3 : -25,             ; Algorithm : ECDH-ES + HKDF-256

     *                3 : -25,             ; Algorithm : ECDH-ES + HKDF-256

     *                -1 : 4,              ; Curve : X25519

     *                -1 : 4,              ; Curve : X25519

     *                -2 : bstr            ; X25519 public key

     *                -2 : bstr            ; X25519 public key, little-endian

     *            }

     *            }

     *

     *

     *            EekP256 = {              ; COSE_Key

     *            EekP256 = {              ; COSE_Key
@@ -440,6 +440,9 @@ interface IRemotelyProvisionedComponent { 
     *

     *

     * ; The following section defines some types that are reused throughout the above

     * ; The following section defines some types that are reused throughout the above

     * ; data structures.

     * ; data structures.

     * ; NOTE: Integer encoding is different for Ed25519 and P256 keys:

     * ;       - Ed25519 is LE: https://www.rfc-editor.org/rfc/rfc8032#section-3.1

     * ;       - P256 is BE: https://www.secg.org/sec1-v2.pdf#page=19 (section 2.3.7)

     * PubKeyEd25519 = {                ; COSE_Key

     * PubKeyEd25519 = {                ; COSE_Key

     *     1 : 1,                       ; Key type : octet key pair

     *     1 : 1,                       ; Key type : octet key pair

     *     3 : AlgorithmEdDSA,          ; Algorithm : EdDSA

     *     3 : AlgorithmEdDSA,          ; Algorithm : EdDSA
@@ -451,8 +454,8 @@ interface IRemotelyProvisionedComponent { 
     *     1 : 2,                       ; Key type : EC2

     *     1 : 2,                       ; Key type : EC2

     *     3 : AlgorithmES256,          ; Algorithm : ECDSA w/ SHA-256

     *     3 : AlgorithmES256,          ; Algorithm : ECDSA w/ SHA-256

     *     -1 : 1,                      ; Curve: P256

     *     -1 : 1,                      ; Curve: P256

     *     -2 : bstr,                   ; X coordinate

     *     -2 : bstr,                   ; X coordinate, big-endian

     *     -3 : bstr                    ; Y coordinate

     *     -3 : bstr                    ; Y coordinate, big-endian

     * }

     * }

     *

     *

     * AlgorithmES256 = -7

     * AlgorithmES256 = -7

security/rkp/aidl/android/hardware/security/keymint/MacedPublicKey.aidl

+5 −2
Original line number Original line Diff line number Diff line
@@ -36,12 +36,15 @@ parcelable MacedPublicKey { 
     *     ]

     *     ]

     *

     *

     *     ; NOTE: -70000 is deprecated for v3 HAL implementations.

     *     ; NOTE: -70000 is deprecated for v3 HAL implementations.

     *     ; NOTE: Integer encoding is different for Ed25519 and P256 keys:

     *     ;       - Ed25519 is LE: https://www.rfc-editor.org/rfc/rfc8032#section-3.1

     *     ;       - P256 is BE: https://www.secg.org/sec1-v2.pdf#page=19 (section 2.3.7)

     *     PublicKey = {               ; COSE_Key

     *     PublicKey = {               ; COSE_Key

     *         1 : 2,                  ; Key type : EC2

     *         1 : 2,                  ; Key type : EC2

     *         3 : -7,                 ; Algorithm : ES256

     *         3 : -7,                 ; Algorithm : ES256

     *         -1 : 1,                 ; Curve : P256

     *         -1 : 1,                 ; Curve : P256

     *         -2 : bstr,              ; X coordinate, little-endian

     *         -2 : bstr,              ; X coordinate, big-endian

     *         -3 : bstr,              ; Y coordinate, little-endian

     *         -3 : bstr,              ; Y coordinate, big-endian

     *         -70000 : nil            ; Presence indicates this is a test key. If set, K_mac is

     *         -70000 : nil            ; Presence indicates this is a test key. If set, K_mac is

     *                                 ; all zeros.

     *                                 ; all zeros.

     *     },

     *     },

security/rkp/aidl/android/hardware/security/keymint/ProtectedData.aidl

+5 −5
Original line number Original line Diff line number Diff line
@@ -209,7 +209,7 @@ parcelable ProtectedData { 
     *     PubKeyX25519 = {                 ; COSE_Key

     *     PubKeyX25519 = {                 ; COSE_Key

     *          1 : 1,                      ; Key type : Octet Key Pair

     *          1 : 1,                      ; Key type : Octet Key Pair

     *         -1 : 4,                      ; Curve : X25519

     *         -1 : 4,                      ; Curve : X25519

     *         -2 : bstr                    ; Sender X25519 public key

     *         -2 : bstr                    ; Sender X25519 public key, little-endian

     *     }

     *     }

     *

     *

     *     PubKeyEd25519 = {                ; COSE_Key

     *     PubKeyEd25519 = {                ; COSE_Key
@@ -222,16 +222,16 @@ parcelable ProtectedData { 
     *     PubKeyEcdhP256 = {               ; COSE_Key

     *     PubKeyEcdhP256 = {               ; COSE_Key

     *          1 : 2,                      ; Key type : EC2

     *          1 : 2,                      ; Key type : EC2

     *          -1 : 1,                     ; Curve : P256

     *          -1 : 1,                     ; Curve : P256

     *          -2 : bstr                   ; Sender X coordinate

     *          -2 : bstr                   ; Sender X coordinate, big-endian

     *          -3 : bstr                   ; Sender Y coordinate

     *          -3 : bstr                   ; Sender Y coordinate, big-endian

     *     }

     *     }

     *

     *

     *     PubKeyECDSA256 = {               ; COSE_Key

     *     PubKeyECDSA256 = {               ; COSE_Key

     *         1 : 2,                       ; Key type : EC2

     *         1 : 2,                       ; Key type : EC2

     *         3 : AlgorithmES256,          ; Algorithm : ECDSA w/ SHA-256

     *         3 : AlgorithmES256,          ; Algorithm : ECDSA w/ SHA-256

     *         -1 : 1,                      ; Curve: P256

     *         -1 : 1,                      ; Curve: P256

     *         -2 : bstr,                   ; X coordinate

     *         -2 : bstr,                   ; X coordinate, big-endian

     *         -3 : bstr                    ; Y coordinate

     *         -3 : bstr                    ; Y coordinate, big-endian

     *     }

     *     }

     *

     *

     *     AlgorithmES256 = -7

     *     AlgorithmES256 = -7