Merge "Adding getHardwareInfo to IRPC" am: ed54acfb

/* @hide */

@VintfStability

interface IRemotelyProvisionedComponent {

  android.hardware.security.keymint.RpcHardwareInfo getHardwareInfo();

  byte[] generateEcdsaP256KeyPair(in boolean testMode, out android.hardware.security.keymint.MacedPublicKey macedPublicKey);

  byte[] generateCertificateRequest(in boolean testMode, in android.hardware.security.keymint.MacedPublicKey[] keysToSign, in byte[] endpointEncryptionCertChain, in byte[] challenge, out android.hardware.security.keymint.DeviceInfo deviceInfo, out android.hardware.security.keymint.ProtectedData protectedData);

  const int STATUS_FAILED = 1;

/*

 * Copyright (C) 2020 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

///////////////////////////////////////////////////////////////////////////////

// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //

///////////////////////////////////////////////////////////////////////////////

// This file is a snapshot of an AIDL file. Do not edit it manually. There are

// two cases:

// 1). this is a frozen version file - do not edit this in any case.

// 2). this is a 'current' file. If you make a backwards compatible change to

//     the interface (from the latest frozen version), the build system will

//     prompt you to update this file with `m <name>-update-api`.

//

// You must not make a backward incompatible change to any AIDL file built

// with the aidl_interface module type with versions property set. The module

// type is used to build AIDL files in a way that they can be used across

// independently updatable components of the system. If a device is shipped

// with such a backward incompatible change, it has a high risk of breaking

// later when a module using the interface is updated, e.g., Mainline modules.

package android.hardware.security.keymint;

/* @hide */

@RustDerive(Clone=true, Eq=true, Hash=true, Ord=true, PartialEq=true, PartialOrd=true) @VintfStability

parcelable RpcHardwareInfo {

  int versionNumber;

  @utf8InCpp String rpcAuthorName;

  int supportedEekCurve = 0;

  const int CURVE_NONE = 0;

  const int CURVE_P256 = 1;

  const int CURVE_25519 = 2;

}

import android.hardware.security.keymint.DeviceInfo;

import android.hardware.security.keymint.MacedPublicKey;

import android.hardware.security.keymint.ProtectedData;

import android.hardware.security.keymint.RpcHardwareInfo;

/**

 * An IRemotelyProvisionedComponent is a secure-side component for which certificates can be

    const int STATUS_TEST_KEY_IN_PRODUCTION_REQUEST = 4;

    const int STATUS_INVALID_EEK = 5;

    /**

     * @return info which contains information about the underlying IRemotelyProvisionedComponent

     *         hardware, such as version number, component name, author name, and supported curve.

     */

    RpcHardwareInfo getHardwareInfo();

    /**

     * generateKeyPair generates a new ECDSA P-256 key pair that can be certified.  Note that this

     * method only generates ECDSA P-256 key pairs, but the interface can be extended to add methods

/*

 * Copyright (C) 2020 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.hardware.security.keymint;

/**

 * RpcHardwareInfo is the hardware information returned by calling RemotelyProvisionedComponent

 * getHardwareInfo()

 * @hide

 */

@VintfStability

@RustDerive(Clone=true, Eq=true, PartialEq=true, Ord=true, PartialOrd=true, Hash=true)

parcelable RpcHardwareInfo {

    const int CURVE_NONE = 0;

    const int CURVE_P256 = 1;

    const int CURVE_25519 = 2;

    /**

     * Implementation version of the remotely provisioned component hardware.  The version number is

     * implementation defined, and not necessarily globally meaningful.  The version is used to

     * distinguish between different versions of a given implementation.

     */

    int versionNumber;

    /**

     * rpcAuthorName is the name of the author of the IRemotelyProvisionedComponent implementation

     * (organization name, not individual). This name is implementation defined, so it can be used

     * to distinguish between different implementations from the same author.

     */

    @utf8InCpp String rpcAuthorName;

    /**

     * supportedEekCurve returns an int representing which curve is supported for validating

     * signatures over the Endpoint Encryption Key certificate chain and for using the corresponding

     * signed encryption key in ECDH. Only one curve should be supported, with preference for 25519

     * if it's available. These values are defined as constants above.

     *

     * CURVE_NONE is made the default to help ensure that an implementor doesn't accidentally forget

     * to provide the correct information here, as the VTS tests will check to make certain that

     * a passing implementation does not provide CURVE_NONE.

     */

    int supportedEekCurve = CURVE_NONE;

}

RemotelyProvisionedComponent::~RemotelyProvisionedComponent() {}

ScopedAStatus RemotelyProvisionedComponent::getHardwareInfo(RpcHardwareInfo* info) {

    info->versionNumber = 1;

    info->rpcAuthorName = "Google";

    info->supportedEekCurve = RpcHardwareInfo::CURVE_25519;

    return ScopedAStatus::ok();

}

ScopedAStatus RemotelyProvisionedComponent::generateEcdsaP256KeyPair(bool testMode,

                                                                     MacedPublicKey* macedPublicKey,

                                                                     bytevec* privateKeyHandle) {