Loading security/rkp/CHANGELOG.md +1 −1 Original line number Diff line number Diff line Loading @@ -31,7 +31,7 @@ This document provides an exact description of which changes have occurred in th * IRemotelyProvisionedComponent * The need for an EEK has been removed. There is no longer an encrypted portion of the CSR. * Keys for new CSR format must be generated with test mode set to false, effectively removing test mode in the new CSR flow. Old behavior is kept unchanged for backwards compatibility. mode in the new CSR flow. * The schema for the CSR itself has been significantly simplified, please see IRemotelyProvisionedComponent.aidl for more details. Notably, * the chain of signing, MACing, and encryption operations has been replaced with a single Loading security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl +3 −3 Original line number Diff line number Diff line Loading @@ -144,9 +144,9 @@ interface IRemotelyProvisionedComponent { byte[] generateEcdsaP256KeyPair(in boolean testMode, out MacedPublicKey macedPublicKey); /** * This method can be removed in version 3 of the HAL. The header is kept around for * backwards compatibility purposes. From v3, this method is allowed to raise a * ServiceSpecificException with an error code of STATUS_REMOVED. * This method has been deprecated since version 3 of the HAL. The header is kept around for * backwards compatibility purposes. From v3, this method must raise a ServiceSpecificException * with an error code of STATUS_REMOVED. * * For v1 and v2 implementations: * generateCertificateRequest creates a certificate request to be sent to the provisioning Loading security/rkp/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp +16 −10 Original line number Diff line number Diff line Loading @@ -408,16 +408,8 @@ class CertificateRequestTest : public CertificateRequestTestBase { ASSERT_FALSE(HasFatalFailure()); if (rpcHardwareInfo.versionNumber >= VERSION_WITHOUT_TEST_MODE) { bytevec keysToSignMac; DeviceInfo deviceInfo; ProtectedData protectedData; auto status = provisionable_->generateCertificateRequest( false, {}, {}, {}, &deviceInfo, &protectedData, &keysToSignMac); if (!status.isOk() && (status.getServiceSpecificError() == BnRemotelyProvisionedComponent::STATUS_REMOVED)) { GTEST_SKIP() << "This test case applies to RKP v3+ only if " << "generateCertificateRequest() is implemented."; } GTEST_SKIP() << "This test case only applies to RKP v1 and v2. " << "RKP version discovered: " << rpcHardwareInfo.versionNumber; } } }; Loading Loading @@ -798,6 +790,20 @@ TEST_P(CertificateRequestV2Test, NonEmptyRequest_testKeyInProdCert) { BnRemotelyProvisionedComponent::STATUS_TEST_KEY_IN_PRODUCTION_REQUEST); } /** * Call generateCertificateRequest(). Make sure it's removed. */ TEST_P(CertificateRequestV2Test, CertificateRequestV1Removed) { bytevec keysToSignMac; DeviceInfo deviceInfo; ProtectedData protectedData; auto status = provisionable_->generateCertificateRequest( true /* testMode */, {} /* keysToSign */, {} /* EEK chain */, challenge_, &deviceInfo, &protectedData, &keysToSignMac); ASSERT_FALSE(status.isOk()) << status.getMessage(); EXPECT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_REMOVED); } void parse_root_of_trust(const vector<uint8_t>& attestation_cert, vector<uint8_t>* verified_boot_key, VerifiedBoot* verified_boot_state, bool* device_locked, vector<uint8_t>* verified_boot_hash) { Loading Loading
security/rkp/CHANGELOG.md +1 −1 Original line number Diff line number Diff line Loading @@ -31,7 +31,7 @@ This document provides an exact description of which changes have occurred in th * IRemotelyProvisionedComponent * The need for an EEK has been removed. There is no longer an encrypted portion of the CSR. * Keys for new CSR format must be generated with test mode set to false, effectively removing test mode in the new CSR flow. Old behavior is kept unchanged for backwards compatibility. mode in the new CSR flow. * The schema for the CSR itself has been significantly simplified, please see IRemotelyProvisionedComponent.aidl for more details. Notably, * the chain of signing, MACing, and encryption operations has been replaced with a single Loading
security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl +3 −3 Original line number Diff line number Diff line Loading @@ -144,9 +144,9 @@ interface IRemotelyProvisionedComponent { byte[] generateEcdsaP256KeyPair(in boolean testMode, out MacedPublicKey macedPublicKey); /** * This method can be removed in version 3 of the HAL. The header is kept around for * backwards compatibility purposes. From v3, this method is allowed to raise a * ServiceSpecificException with an error code of STATUS_REMOVED. * This method has been deprecated since version 3 of the HAL. The header is kept around for * backwards compatibility purposes. From v3, this method must raise a ServiceSpecificException * with an error code of STATUS_REMOVED. * * For v1 and v2 implementations: * generateCertificateRequest creates a certificate request to be sent to the provisioning Loading
security/rkp/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp +16 −10 Original line number Diff line number Diff line Loading @@ -408,16 +408,8 @@ class CertificateRequestTest : public CertificateRequestTestBase { ASSERT_FALSE(HasFatalFailure()); if (rpcHardwareInfo.versionNumber >= VERSION_WITHOUT_TEST_MODE) { bytevec keysToSignMac; DeviceInfo deviceInfo; ProtectedData protectedData; auto status = provisionable_->generateCertificateRequest( false, {}, {}, {}, &deviceInfo, &protectedData, &keysToSignMac); if (!status.isOk() && (status.getServiceSpecificError() == BnRemotelyProvisionedComponent::STATUS_REMOVED)) { GTEST_SKIP() << "This test case applies to RKP v3+ only if " << "generateCertificateRequest() is implemented."; } GTEST_SKIP() << "This test case only applies to RKP v1 and v2. " << "RKP version discovered: " << rpcHardwareInfo.versionNumber; } } }; Loading Loading @@ -798,6 +790,20 @@ TEST_P(CertificateRequestV2Test, NonEmptyRequest_testKeyInProdCert) { BnRemotelyProvisionedComponent::STATUS_TEST_KEY_IN_PRODUCTION_REQUEST); } /** * Call generateCertificateRequest(). Make sure it's removed. */ TEST_P(CertificateRequestV2Test, CertificateRequestV1Removed) { bytevec keysToSignMac; DeviceInfo deviceInfo; ProtectedData protectedData; auto status = provisionable_->generateCertificateRequest( true /* testMode */, {} /* keysToSign */, {} /* EEK chain */, challenge_, &deviceInfo, &protectedData, &keysToSignMac); ASSERT_FALSE(status.isOk()) << status.getMessage(); EXPECT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_REMOVED); } void parse_root_of_trust(const vector<uint8_t>& attestation_cert, vector<uint8_t>* verified_boot_key, VerifiedBoot* verified_boot_state, bool* device_locked, vector<uint8_t>* verified_boot_hash) { Loading
