Revert "Add remote key provisioning to the IC HAL"

Revert "Add dependency on keymint cpp lib"

Revert "Allow default identity service to call keymint"

Revert submission 1956689-add rkp to identity-default

Reason for revert: Broke git-master. Will resubmit later.
Reverted Changes:
I96dcf3027:Add remote key provisioning to the IC HAL
Id686ac33a:Add dependency on keymint cpp lib
Ib368a2a00:Log to logd in the default identity service
I7d2906de0:Refactor IC support for RKP
Iae0f14f1c:Fix formatting of identity credential aidl
I01d086a4b:Allow default identity service to call keymint

Change-Id: I76a898c04090c5befe5fb5a5d07ec2e397fdd8b3

1 files changed, 4 insertions, 49 deletions

diff --git a/identity/aidl/default/common/WritableIdentityCredential.cpp b/identity/aidl/default/common/WritableIdentityCredential.cpp
index e420a7b74b..200ee61df4 100644
--- a/identity/aidl/default/common/WritableIdentityCredential.cpp
+++ b/identity/aidl/default/common/WritableIdentityCredential.cpp
@@ -79,15 +79,8 @@ ndk::ScopedAStatus WritableIdentityCredential::getAttestationCertificate(
                 IIdentityCredentialStore::STATUS_INVALID_DATA, "Challenge can not be empty"));
     }
 
-    optional<vector<uint8_t>> certChain;
-    if (attestationKeyBlob_ && attestationCertificateChain_) {
-        certChain = hwProxy_->createCredentialKeyUsingRkp(
-                attestationChallenge, attestationApplicationId, *attestationKeyBlob_,
-                attestationCertificateChain_->at(0));
-    } else {
-        certChain = hwProxy_->createCredentialKey(attestationChallenge, attestationApplicationId);
-    }
-
+    optional<vector<uint8_t>> certChain =
+            hwProxy_->createCredentialKey(attestationChallenge, attestationApplicationId);
     if (!certChain) {
         return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
                 IIdentityCredentialStore::STATUS_FAILED,
@@ -102,14 +95,8 @@ ndk::ScopedAStatus WritableIdentityCredential::getAttestationCertificate(
     }
 
     *outCertificateChain = vector<Certificate>();
-    for (vector<uint8_t>& cert : certs.value()) {
-        Certificate c;
-        c.encodedCertificate = std::move(cert);
-        outCertificateChain->push_back(std::move(c));
-    }
-
-    for (const vector<uint8_t>& cert : *attestationCertificateChain_) {
-        Certificate c;
+    for (const vector<uint8_t>& cert : certs.value()) {
+        Certificate c = Certificate();
         c.encodedCertificate = cert;
         outCertificateChain->push_back(std::move(c));
     }
@@ -415,36 +402,4 @@ ndk::ScopedAStatus WritableIdentityCredential::finishAddingEntries(
     return ndk::ScopedAStatus::ok();
 }
 
-ndk::ScopedAStatus WritableIdentityCredential::setRemotelyProvisionedAttestationKey(
-        const vector<uint8_t>& attestationKeyBlob,
-        const vector<uint8_t>& attestationCertificateChain) {
-    if (!hardwareInformation_.isRemoteKeyProvisioningSupported) {
-        return ndk::ScopedAStatus(AStatus_fromExceptionCodeWithMessage(
-                EX_UNSUPPORTED_OPERATION, "Remote key provisioning is not supported"));
-    }
-
-    if (attestationKeyBlob.empty() || attestationCertificateChain.empty()) {
-        return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
-                IIdentityCredentialStore::STATUS_FAILED,
-                "Empty data passed to setRemotlyProvisionedAttestationKey"));
-    }
-
-    if (attestationKeyBlob_.has_value()) {
-        return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
-                IIdentityCredentialStore::STATUS_FAILED, "Attestation key already set"));
-    }
-
-    optional<vector<vector<uint8_t>>> certs =
-            support::certificateChainSplit(attestationCertificateChain);
-    if (!certs) {
-        return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
-                IIdentityCredentialStore::STATUS_FAILED,
-                "Error splitting chain into separate certificates"));
-    }
-
-    attestationKeyBlob_ = attestationKeyBlob;
-    attestationCertificateChain_ = *certs;
-    return ndk::ScopedAStatus::ok();
-}
-
 }  // namespace aidl::android::hardware::identity