diff options
| author | Seth Moore <sethmo@google.com> | 2022-01-05 09:34:42 -0800 |
|---|---|---|
| committer | Seth Moore <sethmo@google.com> | 2022-01-24 16:19:21 -0800 |
| commit | b5b69f0e009388fccb000a9a8aac5a38dbbd2726 (patch) | |
| tree | 8d71317158f8c634b17ea271cf7ac8070ca7688e /identity/aidl/default/service.cpp | |
| parent | 3200496e757423986114f788158969adbb08b10c (diff) | |
Add remote key provisioning to the IC HAL
The IIdentityCredentialStore can now advertise the correct
IRemotelyProvisionedComponent that is used for getting remotely
provisioned attestation keys.
IWritableIdentityCredential has a new method so it can accept remotely
provisioned keys.
Update the VTS tests to check the new RKP functionality.
Support RKP in the default identity cred service
Test: VtsHalIdentityTargetTest
Bug: 194696876
Change-Id: I96dcf3027e0f21790c35900ddf8cc0953bd3b1ca
Diffstat (limited to 'identity/aidl/default/service.cpp')
| -rw-r--r-- | identity/aidl/default/service.cpp | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/identity/aidl/default/service.cpp b/identity/aidl/default/service.cpp index 1ff52f9773..ed3c4cbcce 100644 --- a/identity/aidl/default/service.cpp +++ b/identity/aidl/default/service.cpp @@ -16,6 +16,7 @@ #define LOG_TAG "android.hardware.identity-service" +#include <aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.h> #include <android-base/logging.h> #include <android/binder_manager.h> #include <android/binder_process.h> @@ -32,6 +33,7 @@ using ::android::base::LogSeverity; using ::android::base::StderrLogger; using ::aidl::android::hardware::identity::IdentityCredentialStore; +using ::aidl::android::hardware::security::keymint::IRemotelyProvisionedComponent; using ::android::hardware::identity::FakeSecureHardwareProxyFactory; using ::android::hardware::identity::SecureHardwareProxyFactory; @@ -47,10 +49,13 @@ int main(int /*argc*/, char* argv[]) { InitLogging(argv, ComboLogger); sp<SecureHardwareProxyFactory> hwProxyFactory = new FakeSecureHardwareProxyFactory(); + const std::string remotelyProvisionedComponentName = + std::string(IRemotelyProvisionedComponent::descriptor) + "/default"; ABinderProcess_setThreadPoolMaxThreadCount(0); std::shared_ptr<IdentityCredentialStore> store = - ndk::SharedRefBase::make<IdentityCredentialStore>(hwProxyFactory); + ndk::SharedRefBase::make<IdentityCredentialStore>(hwProxyFactory, + remotelyProvisionedComponentName); const std::string instance = std::string() + IdentityCredentialStore::descriptor + "/default"; binder_status_t status = AServiceManager_addService(store->asBinder().get(), instance.c_str()); |