Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ba9f55ee authored by Alan Stokes's avatar Alan Stokes
Browse files

Fix CDDL for signatures. 

The signature is not CBOR-encoded, it's the raw bytes of the signature
encoded as specified for the specific algorithm.

I've made the references to PureEd25519() / ECDSA() into comments,
since I believe they're not actually legal CDDL but are aimed at
humans. And I've made the two occurrences consistent with each other.

Test: N/A
Change-Id: Ia42362ff3d0ce5458322663256cbd34d258afe76
parent 1b51643a

security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl

+4 −4
Original line number Diff line number Diff line
@@ -92,8 +92,8 @@ parcelable ProtectedData { 
     *         },

     *         {},                   // Unprotected params

     *         bstr .size 32,                  // MAC key

     *         bstr PureEd25519(KM_priv, .cbor SignedMac_structure) /

     *              ECDSA(KM_priv, bstr .cbor SignedMac_structure)

     *         bstr // PureEd25519(KM_priv, bstr .cbor SignedMac_structure) /

     *              // ECDSA(KM_priv, bstr .cbor SignedMac_structure)

     *     ]

     *

     *     SignedMac_structure = [
@@ -144,8 +144,8 @@ parcelable ProtectedData { 
     *         },

     *         unprotected: {},

     *         payload: bstr .cbor BccPayload,

     *         signature: bstr .cbor PureEd25519(SigningKey, bstr .cbor BccEntryInput) /

     *                    bstr .cbor ECDSA(SigningKey, bstr .cbor BccEntryInput)

     *         signature: bstr // PureEd25519(SigningKey, bstr .cbor BccEntryInput) /

     *                         // ECDSA(SigningKey, bstr .cbor BccEntryInput)

     *         // See RFC 8032 for details of how to encode the signature value for Ed25519.

     *     ]

     *