Loading trusty/keymaster/TrustyKeymaster.cpp +5 −0 Original line number Diff line number Diff line Loading @@ -178,6 +178,11 @@ void TrustyKeymaster::GenerateCsr(const GenerateCsrRequest& request, ForwardCommand(KM_GENERATE_CSR, request, response); } void TrustyKeymaster::GenerateCsrV2(const GenerateCsrV2Request& request, GenerateCsrV2Response* response) { ForwardCommand(KM_GENERATE_CSR_V2, request, response); } void TrustyKeymaster::GetKeyCharacteristics(const GetKeyCharacteristicsRequest& request, GetKeyCharacteristicsResponse* response) { ForwardCommand(KM_GET_KEY_CHARACTERISTICS, request, response); Loading trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h +1 −0 Original line number Diff line number Diff line Loading @@ -44,6 +44,7 @@ class TrustyKeymaster { void GenerateKey(const GenerateKeyRequest& request, GenerateKeyResponse* response); void GenerateRkpKey(const GenerateRkpKeyRequest& request, GenerateRkpKeyResponse* response); void GenerateCsr(const GenerateCsrRequest& request, GenerateCsrResponse* response); void GenerateCsrV2(const GenerateCsrV2Request& request, GenerateCsrV2Response* response); void GetKeyCharacteristics(const GetKeyCharacteristicsRequest& request, GetKeyCharacteristicsResponse* response); void ImportKey(const ImportKeyRequest& request, ImportKeyResponse* response); Loading trusty/keymaster/include/trusty_keymaster/TrustyRemotelyProvisionedComponentDevice.h +4 −0 Original line number Diff line number Diff line Loading @@ -46,6 +46,10 @@ class TrustyRemotelyProvisionedComponentDevice : public BnRemotelyProvisionedCom DeviceInfo* deviceInfo, ProtectedData* protectedData, std::vector<uint8_t>* keysToSignMac) override; ScopedAStatus generateCertificateRequestV2(const std::vector<MacedPublicKey>& keysToSign, const std::vector<uint8_t>& challenge, std::vector<uint8_t>* csr) override; private: std::shared_ptr<::keymaster::TrustyKeymaster> impl_; }; Loading trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h +1 −0 Original line number Diff line number Diff line Loading @@ -61,6 +61,7 @@ enum keymaster_command : uint32_t { KM_CONFIGURE_VENDOR_PATCHLEVEL = (33 << KEYMASTER_REQ_SHIFT), KM_GET_ROOT_OF_TRUST = (34 << KEYMASTER_REQ_SHIFT), KM_GET_HW_INFO = (35 << KEYMASTER_REQ_SHIFT), KM_GENERATE_CSR_V2 = (36 << KEYMASTER_REQ_SHIFT), // Bootloader/provisioning calls. KM_SET_BOOT_PARAMS = (0x1000 << KEYMASTER_REQ_SHIFT), Loading trusty/keymaster/keymint/TrustyRemotelyProvisionedComponentDevice.cpp +24 −0 Original line number Diff line number Diff line Loading @@ -28,11 +28,14 @@ namespace aidl::android::hardware::security::keymint::trusty { using keymaster::GenerateCsrRequest; using keymaster::GenerateCsrResponse; using keymaster::GenerateCsrV2Request; using keymaster::GenerateCsrV2Response; using keymaster::GenerateRkpKeyRequest; using keymaster::GenerateRkpKeyResponse; using keymaster::GetHwInfoRequest; using keymaster::GetHwInfoResponse; using keymaster::KeymasterBlob; using km_utils::kmError2ScopedAStatus; using ::std::string; using ::std::unique_ptr; using ::std::vector; Loading Loading @@ -125,4 +128,25 @@ ScopedAStatus TrustyRemotelyProvisionedComponentDevice::generateCertificateReque return ScopedAStatus::ok(); } ScopedAStatus TrustyRemotelyProvisionedComponentDevice::generateCertificateRequestV2( const std::vector<MacedPublicKey>& keysToSign, const std::vector<uint8_t>& challenge, std::vector<uint8_t>* csr) { GenerateCsrV2Request request(impl_->message_version()); if (!request.InitKeysToSign(keysToSign.size())) { return kmError2ScopedAStatus(static_cast<keymaster_error_t>(STATUS_FAILED)); } for (size_t i = 0; i < keysToSign.size(); i++) { request.SetKeyToSign(i, keysToSign[i].macedKey.data(), keysToSign[i].macedKey.size()); } request.SetChallenge(challenge.data(), challenge.size()); GenerateCsrV2Response response(impl_->message_version()); impl_->GenerateCsrV2(request, &response); if (response.error != KM_ERROR_OK) { return Status(-static_cast<int32_t>(response.error), "Failure in CSR v2 generation."); } *csr = km_utils::kmBlob2vector(response.csr); return ScopedAStatus::ok(); } } // namespace aidl::android::hardware::security::keymint::trusty Loading
trusty/keymaster/TrustyKeymaster.cpp +5 −0 Original line number Diff line number Diff line Loading @@ -178,6 +178,11 @@ void TrustyKeymaster::GenerateCsr(const GenerateCsrRequest& request, ForwardCommand(KM_GENERATE_CSR, request, response); } void TrustyKeymaster::GenerateCsrV2(const GenerateCsrV2Request& request, GenerateCsrV2Response* response) { ForwardCommand(KM_GENERATE_CSR_V2, request, response); } void TrustyKeymaster::GetKeyCharacteristics(const GetKeyCharacteristicsRequest& request, GetKeyCharacteristicsResponse* response) { ForwardCommand(KM_GET_KEY_CHARACTERISTICS, request, response); Loading
trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h +1 −0 Original line number Diff line number Diff line Loading @@ -44,6 +44,7 @@ class TrustyKeymaster { void GenerateKey(const GenerateKeyRequest& request, GenerateKeyResponse* response); void GenerateRkpKey(const GenerateRkpKeyRequest& request, GenerateRkpKeyResponse* response); void GenerateCsr(const GenerateCsrRequest& request, GenerateCsrResponse* response); void GenerateCsrV2(const GenerateCsrV2Request& request, GenerateCsrV2Response* response); void GetKeyCharacteristics(const GetKeyCharacteristicsRequest& request, GetKeyCharacteristicsResponse* response); void ImportKey(const ImportKeyRequest& request, ImportKeyResponse* response); Loading
trusty/keymaster/include/trusty_keymaster/TrustyRemotelyProvisionedComponentDevice.h +4 −0 Original line number Diff line number Diff line Loading @@ -46,6 +46,10 @@ class TrustyRemotelyProvisionedComponentDevice : public BnRemotelyProvisionedCom DeviceInfo* deviceInfo, ProtectedData* protectedData, std::vector<uint8_t>* keysToSignMac) override; ScopedAStatus generateCertificateRequestV2(const std::vector<MacedPublicKey>& keysToSign, const std::vector<uint8_t>& challenge, std::vector<uint8_t>* csr) override; private: std::shared_ptr<::keymaster::TrustyKeymaster> impl_; }; Loading
trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h +1 −0 Original line number Diff line number Diff line Loading @@ -61,6 +61,7 @@ enum keymaster_command : uint32_t { KM_CONFIGURE_VENDOR_PATCHLEVEL = (33 << KEYMASTER_REQ_SHIFT), KM_GET_ROOT_OF_TRUST = (34 << KEYMASTER_REQ_SHIFT), KM_GET_HW_INFO = (35 << KEYMASTER_REQ_SHIFT), KM_GENERATE_CSR_V2 = (36 << KEYMASTER_REQ_SHIFT), // Bootloader/provisioning calls. KM_SET_BOOT_PARAMS = (0x1000 << KEYMASTER_REQ_SHIFT), Loading
trusty/keymaster/keymint/TrustyRemotelyProvisionedComponentDevice.cpp +24 −0 Original line number Diff line number Diff line Loading @@ -28,11 +28,14 @@ namespace aidl::android::hardware::security::keymint::trusty { using keymaster::GenerateCsrRequest; using keymaster::GenerateCsrResponse; using keymaster::GenerateCsrV2Request; using keymaster::GenerateCsrV2Response; using keymaster::GenerateRkpKeyRequest; using keymaster::GenerateRkpKeyResponse; using keymaster::GetHwInfoRequest; using keymaster::GetHwInfoResponse; using keymaster::KeymasterBlob; using km_utils::kmError2ScopedAStatus; using ::std::string; using ::std::unique_ptr; using ::std::vector; Loading Loading @@ -125,4 +128,25 @@ ScopedAStatus TrustyRemotelyProvisionedComponentDevice::generateCertificateReque return ScopedAStatus::ok(); } ScopedAStatus TrustyRemotelyProvisionedComponentDevice::generateCertificateRequestV2( const std::vector<MacedPublicKey>& keysToSign, const std::vector<uint8_t>& challenge, std::vector<uint8_t>* csr) { GenerateCsrV2Request request(impl_->message_version()); if (!request.InitKeysToSign(keysToSign.size())) { return kmError2ScopedAStatus(static_cast<keymaster_error_t>(STATUS_FAILED)); } for (size_t i = 0; i < keysToSign.size(); i++) { request.SetKeyToSign(i, keysToSign[i].macedKey.data(), keysToSign[i].macedKey.size()); } request.SetChallenge(challenge.data(), challenge.size()); GenerateCsrV2Response response(impl_->message_version()); impl_->GenerateCsrV2(request, &response); if (response.error != KM_ERROR_OK) { return Status(-static_cast<int32_t>(response.error), "Failure in CSR v2 generation."); } *csr = km_utils::kmBlob2vector(response.csr); return ScopedAStatus::ok(); } } // namespace aidl::android::hardware::security::keymint::trusty