Merge "Trusty IRemotelyProvisionedComponent v3 HAL implementation"

    ForwardCommand(KM_GENERATE_CSR, request, response);

}

void TrustyKeymaster::GenerateCsrV2(const GenerateCsrV2Request& request,

                                    GenerateCsrV2Response* response) {

    ForwardCommand(KM_GENERATE_CSR_V2, request, response);

}

void TrustyKeymaster::GetKeyCharacteristics(const GetKeyCharacteristicsRequest& request,

                                            GetKeyCharacteristicsResponse* response) {

    ForwardCommand(KM_GET_KEY_CHARACTERISTICS, request, response);

    void GenerateKey(const GenerateKeyRequest& request, GenerateKeyResponse* response);

    void GenerateRkpKey(const GenerateRkpKeyRequest& request, GenerateRkpKeyResponse* response);

    void GenerateCsr(const GenerateCsrRequest& request, GenerateCsrResponse* response);

    void GenerateCsrV2(const GenerateCsrV2Request& request, GenerateCsrV2Response* response);

    void GetKeyCharacteristics(const GetKeyCharacteristicsRequest& request,

                               GetKeyCharacteristicsResponse* response);

    void ImportKey(const ImportKeyRequest& request, ImportKeyResponse* response);

                                             DeviceInfo* deviceInfo, ProtectedData* protectedData,

                                             std::vector<uint8_t>* keysToSignMac) override;

    ScopedAStatus generateCertificateRequestV2(const std::vector<MacedPublicKey>& keysToSign,

                                               const std::vector<uint8_t>& challenge,

                                               std::vector<uint8_t>* csr) override;

  private:

    std::shared_ptr<::keymaster::TrustyKeymaster> impl_;

};

    KM_CONFIGURE_VENDOR_PATCHLEVEL  = (33 << KEYMASTER_REQ_SHIFT),

    KM_GET_ROOT_OF_TRUST            = (34 << KEYMASTER_REQ_SHIFT),

    KM_GET_HW_INFO                  = (35 << KEYMASTER_REQ_SHIFT),

    KM_GENERATE_CSR_V2              = (36 << KEYMASTER_REQ_SHIFT),

    // Bootloader/provisioning calls.

    KM_SET_BOOT_PARAMS = (0x1000 << KEYMASTER_REQ_SHIFT),

using keymaster::GenerateCsrRequest;

using keymaster::GenerateCsrResponse;

using keymaster::GenerateCsrV2Request;

using keymaster::GenerateCsrV2Response;

using keymaster::GenerateRkpKeyRequest;

using keymaster::GenerateRkpKeyResponse;

using keymaster::GetHwInfoRequest;

using keymaster::GetHwInfoResponse;

using keymaster::KeymasterBlob;

using km_utils::kmError2ScopedAStatus;

using ::std::string;

using ::std::unique_ptr;

using ::std::vector;

    return ScopedAStatus::ok();

}

ScopedAStatus TrustyRemotelyProvisionedComponentDevice::generateCertificateRequestV2(

        const std::vector<MacedPublicKey>& keysToSign, const std::vector<uint8_t>& challenge,

        std::vector<uint8_t>* csr) {

    GenerateCsrV2Request request(impl_->message_version());

    if (!request.InitKeysToSign(keysToSign.size())) {

        return kmError2ScopedAStatus(static_cast<keymaster_error_t>(STATUS_FAILED));

    }

    for (size_t i = 0; i < keysToSign.size(); i++) {

        request.SetKeyToSign(i, keysToSign[i].macedKey.data(), keysToSign[i].macedKey.size());

    }

    request.SetChallenge(challenge.data(), challenge.size());

    GenerateCsrV2Response response(impl_->message_version());

    impl_->GenerateCsrV2(request, &response);

    if (response.error != KM_ERROR_OK) {

        return Status(-static_cast<int32_t>(response.error), "Failure in CSR v2 generation.");

    }

    *csr = km_utils::kmBlob2vector(response.csr);

    return ScopedAStatus::ok();

}

}  // namespace aidl::android::hardware::security::keymint::trusty