Merge "Deprecate CSR v1 and v2 in IRPC v3" am: 74a699c4d8 (eb06c44f) · Commits · e / os / android_hardware_interfaces

security/rkp/CHANGELOG.md

+1 −1

Original line number	Diff line number	Diff line
		@@ -31,7 +31,7 @@ This document provides an exact description of which changes have occurred in th
		* IRemotelyProvisionedComponent
		* The need for an EEK has been removed. There is no longer an encrypted portion of the CSR.
		* Keys for new CSR format must be generated with test mode set to false, effectively removing test
		mode in the new CSR flow. Old behavior is kept unchanged for backwards compatibility.
		mode in the new CSR flow.
		* The schema for the CSR itself has been significantly simplified, please see
		IRemotelyProvisionedComponent.aidl for more details. Notably,
		* the chain of signing, MACing, and encryption operations has been replaced with a single

security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl

+3 −3

Original line number	Diff line number	Diff line
		@@ -144,9 +144,9 @@ interface IRemotelyProvisionedComponent {
		byte[] generateEcdsaP256KeyPair(in boolean testMode, out MacedPublicKey macedPublicKey);

		/**
		* This method can be removed in version 3 of the HAL. The header is kept around for
		* backwards compatibility purposes. From v3, this method is allowed to raise a
		* ServiceSpecificException with an error code of STATUS_REMOVED.
		* This method has been deprecated since version 3 of the HAL. The header is kept around for
		* backwards compatibility purposes. From v3, this method must raise a ServiceSpecificException
		* with an error code of STATUS_REMOVED.
		*
		* For v1 and v2 implementations:
		* generateCertificateRequest creates a certificate request to be sent to the provisioning

security/rkp/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp

+16 −10

Original line number	Diff line number	Diff line
		@@ -408,16 +408,8 @@ class CertificateRequestTest : public CertificateRequestTestBase {
		ASSERT_FALSE(HasFatalFailure());

		if (rpcHardwareInfo.versionNumber >= VERSION_WITHOUT_TEST_MODE) {
		bytevec keysToSignMac;
		DeviceInfo deviceInfo;
		ProtectedData protectedData;
		auto status = provisionable_->generateCertificateRequest(
		false, {}, {}, {}, &deviceInfo, &protectedData, &keysToSignMac);
		if (!status.isOk() && (status.getServiceSpecificError() ==
		BnRemotelyProvisionedComponent::STATUS_REMOVED)) {
		GTEST_SKIP() << "This test case applies to RKP v3+ only if "
		<< "generateCertificateRequest() is implemented.";
		}
		GTEST_SKIP() << "This test case only applies to RKP v1 and v2. "
		<< "RKP version discovered: " << rpcHardwareInfo.versionNumber;
		}
		}
		};
		@@ -798,6 +790,20 @@ TEST_P(CertificateRequestV2Test, NonEmptyRequest_testKeyInProdCert) {
		BnRemotelyProvisionedComponent::STATUS_TEST_KEY_IN_PRODUCTION_REQUEST);
		}

		/**
		* Call generateCertificateRequest(). Make sure it's removed.
		*/
		TEST_P(CertificateRequestV2Test, CertificateRequestV1Removed) {
		bytevec keysToSignMac;
		DeviceInfo deviceInfo;
		ProtectedData protectedData;
		auto status = provisionable_->generateCertificateRequest(
		true /* testMode /, {} / keysToSign /, {} / EEK chain */, challenge_, &deviceInfo,
		&protectedData, &keysToSignMac);
		ASSERT_FALSE(status.isOk()) << status.getMessage();
		EXPECT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_REMOVED);
		}

		void parse_root_of_trust(const vector<uint8_t>& attestation_cert,
		vector<uint8_t>* verified_boot_key, VerifiedBoot* verified_boot_state,
		bool* device_locked, vector<uint8_t>* verified_boot_hash) {