Merge changes from topic "secclock_sharedkey" am: 600b7775 am: ec6228e4 am: be17331c

            <regex-instance>SIM[1-9][0-9]*</regex-instance>

        </interface>

    </hal>

    <hal format="aidl" optional="true">

        <name>android.hardware.security.secureclock</name>

        <interface>

            <name>ISecureClock</name>

            <instance>default</instance>

        </interface>

    </hal>

    <hal format="aidl" optional="true">

        <name>android.hardware.security.sharedsecret</name>

        <interface>

            <name>ISharedSecret</name>

            <instance>default</instance>

        </interface>

    </hal>

    <hal format="hidl" optional="true">

        <name>android.hardware.sensors</name>

        <version>1.0</version>

aidl_interface {

    name: "android.hardware.security.secureclock",

    vendor_available: true,

    srcs: [

        "android/hardware/security/secureclock/*.aidl",

    ],

    stability: "vintf",

    imports: [

        "android.hardware.security.keymint",

    ],

    backend: {

        java: {

            sdk_version: "module_current",

        },

        ndk: {

            vndk: {

                enabled: true,

            },

        },

        rust: {

            enabled: true,

        },

    },

}

///////////////////////////////////////////////////////////////////////////////

// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //

///////////////////////////////////////////////////////////////////////////////

// This file is a snapshot of an AIDL file. Do not edit it manually. There are

// two cases:

// 1). this is a frozen version file - do not edit this in any case.

// 2). this is a 'current' file. If you make a backwards compatible change to

//     the interface (from the latest frozen version), the build system will

//     prompt you to update this file with `m <name>-update-api`.

//

// You must not make a backward incompatible change to any AIDL file built

// with the aidl_interface module type with versions property set. The module

// type is used to build AIDL files in a way that they can be used across

// independently updatable components of the system. If a device is shipped

// with such a backward incompatible change, it has a high risk of breaking

// later when a module using the interface is updated, e.g., Mainline modules.

package android.hardware.security.secureclock;

@VintfStability

interface ISecureClock {

  android.hardware.security.secureclock.TimeStampToken generateTimeStamp(in long challenge);

  const String TIME_STAMP_MAC_LABEL = "Time Verification";

}

///////////////////////////////////////////////////////////////////////////////

// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //

///////////////////////////////////////////////////////////////////////////////

// This file is a snapshot of an AIDL file. Do not edit it manually. There are

// two cases:

// 1). this is a frozen version file - do not edit this in any case.

// 2). this is a 'current' file. If you make a backwards compatible change to

//     the interface (from the latest frozen version), the build system will

//     prompt you to update this file with `m <name>-update-api`.

//

// You must not make a backward incompatible change to any AIDL file built

// with the aidl_interface module type with versions property set. The module

// type is used to build AIDL files in a way that they can be used across

// independently updatable components of the system. If a device is shipped

// with such a backward incompatible change, it has a high risk of breaking

// later when a module using the interface is updated, e.g., Mainline modules.

package android.hardware.security.secureclock;

@VintfStability

parcelable TimeStampToken {

  long challenge;

  android.hardware.security.keymint.Timestamp timestamp;

  android.hardware.security.keymint.SecurityLevel securityLevel;

  byte[] mac;

}

/*

 * Copyright (C) 2020 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * limitations under the License.

 */

package android.hardware.security.secureclock;

import android.hardware.security.secureclock.TimeStampToken;

/**

 * Secure Clock definition.

 *

 * An ISecureClock provides a keymint service to generate secure timestamp using a secure platform.

 * The secure time stamp contains time in milliseconds. This time stamp also contains a 256-bit MAC

 * which provides integrity protection. The MAC is generated using HMAC-SHA-256 and a shared

 * secret. The shared secret must be available to secure clock service by implementing

 * ISharedSecret aidl. Note: ISecureClock depends on the shared secret, without which the secure

 * time stamp token cannot be generated.

 */

@VintfStability

interface ISecureClock {

    /**

     * String used as context in the HMAC computation signing the generated time stamp.

     * See TimeStampToken.mac for details.

     */

    const String TIME_STAMP_MAC_LABEL = "Time Verification";

    /**

     * Generates an authenticated timestamp.

     *

     * @param A challenge value provided by the relying party. It will be included in the generated

     *        TimeStampToken to ensure freshness. The relying service must ensure that the

     *        challenge cannot be specified or predicted by an attacker.

     *

     * @return the TimeStampToken, see the definition for details.

     */

    TimeStampToken generateTimeStamp(in long challenge);

}