Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit be321133 authored by Seth Moore's avatar Seth Moore
Browse files

Revert "Add remote key provisioning to the IC HAL" 

Revert "Add dependency on keymint cpp lib"

Revert "Allow default identity service to call keymint"

Revert submission 1956689-add rkp to identity-default

Reason for revert: Broke git-master. Will resubmit later.
Reverted Changes:
I96dcf3027:Add remote key provisioning to the IC HAL
Id686ac33a:Add dependency on keymint cpp lib
Ib368a2a00:Log to logd in the default identity service
I7d2906de0:Refactor IC support for RKP
Iae0f14f1c:Fix formatting of identity credential aidl
I01d086a4b:Allow default identity service to call keymint

Change-Id: I76a898c04090c5befe5fb5a5d07ec2e397fdd8b3
parent b5b69f0e

identity/aidl/Android.bp

+0 −2
Original line number Diff line number Diff line
@@ -15,7 +15,6 @@ aidl_interface { 
    ],

    imports: [

        "android.hardware.keymaster",

        "android.hardware.security.keymint",

    ],

    stability: "vintf",

    backend: {
@@ -26,7 +25,6 @@ aidl_interface { 
            vndk: {

                enabled: true,

            },

            apps_enabled: false,

        },

    },

    versions: [

identity/aidl/aidl_api/android.hardware.identity/current/android/hardware/identity/HardwareInformation.aidl

+0 −1
Original line number Diff line number Diff line
@@ -39,5 +39,4 @@ parcelable HardwareInformation { 
  int dataChunkSize;

  boolean isDirectAccess;

  @utf8InCpp String[] supportedDocTypes;

  boolean isRemoteKeyProvisioningSupported = false;

}

identity/aidl/aidl_api/android.hardware.identity/current/android/hardware/identity/IIdentityCredentialStore.aidl

+0 −1
Original line number Diff line number Diff line
@@ -38,7 +38,6 @@ interface IIdentityCredentialStore { 
  android.hardware.identity.IWritableIdentityCredential createCredential(in @utf8InCpp String docType, in boolean testCredential);

  android.hardware.identity.IIdentityCredential getCredential(in android.hardware.identity.CipherSuite cipherSuite, in byte[] credentialData);

  android.hardware.identity.IPresentationSession createPresentationSession(in android.hardware.identity.CipherSuite cipherSuite);

  android.hardware.security.keymint.IRemotelyProvisionedComponent getRemotelyProvisionedComponent();

  const int STATUS_OK = 0;

  const int STATUS_FAILED = 1;

  const int STATUS_CIPHER_SUITE_NOT_SUPPORTED = 2;

identity/aidl/aidl_api/android.hardware.identity/current/android/hardware/identity/IWritableIdentityCredential.aidl

+0 −1
Original line number Diff line number Diff line
@@ -41,5 +41,4 @@ interface IWritableIdentityCredential { 
  byte[] addEntryValue(in byte[] content);

  @SuppressWarnings(value={"out-array"}) void finishAddingEntries(out byte[] credentialData, out byte[] proofOfProvisioningSignature);

  void setExpectedProofOfProvisioningSize(in int expectedProofOfProvisioningSize);

  void setRemotelyProvisionedAttestationKey(in byte[] attestationKeyBlob, in byte[] attestationCertificate);

}

identity/aidl/android/hardware/identity/HardwareInformation.aidl

+0 −15
Original line number Diff line number Diff line
@@ -51,19 +51,4 @@ parcelable HardwareInformation { 
     *

     */

    @utf8InCpp String[] supportedDocTypes;



    /**

     * isRemoteKeyProvisioningSupported indicates whether or not the underlying implementation

     * supports a remotely provisioned key for attestation or not. If this field is false, then

     * the implementation only uses a factory-installed, fixed attestation key. If this field is

     * true, then an IRemotelyProvisionedComponent is associated with the IIdentityCredentialStore,

     * and a remotely provisioned key blob may be provided for credential key attestation.

     *

     * Note that remote provisioning is not required, even when it is supported. Implementations

     * MUST use a factory-installed attestation key as a fallback for when there are no

     * remotely provisioned keys available. This behavior mirrors keystore key attestation.

     *

     * This field was added in API version 4.

     */

    boolean isRemoteKeyProvisioningSupported = false;

}