| Age | Commit message (Collapse) | Author |
|---|
|
This change removes the interface layer between the client and the
underlying HAL. This is one part of a two part change to properly finish
migrating all of the RemotelyProvisionedComponent functionality to
system/keymaster.
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: Ibccc6b3af86a63b8a6c6207fffd43cfc41b903b5
|
|
|
|
This is the change that removes the functionality that has been shifted
over to appropriate classes and contexts in system/keymaster.
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I491f4ef823868322ea6a804d88ca09662c099a44
|
|
This adds a way to derive information about the hardware for clients
that call the HAL. The primary functional usecase here is to
differentiate which EC curve the underlying hardware for a given
instance of IRemotelyProvisionedComponent is supported.
Originally, curve 25519 would have been used in all implementations for
verifying the EEK certificate chain and doing ECDH, but secure elements
do not offer 25519 support yet. In order to support remote provisioning
on SEs, we have to relax the standard here a bit to allow for P256.
Test: Everything builds
Change-Id: I9245c6f4e27bd118fe093bffc0152549ed7f0825
|
|
- Make the default implementation include the DeviceInfo as a map, not
a bstr-holding-a-map, to match the spec.
- Check the signature of the signed MAC even in test mode.
- Include the DeviceInfo in the data that the signature covers.
Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I9084343c1273c16a9cbd5a1156e7057a1c54a860
|
|
- Test with deliberately-invalid EEK in request:
- corrupt signature
- missing initial self-signed cert
- Test with different sizes of EEK chain.
These tests will only really take effect when we have a valid GEEK to
test with.
Other changes:
- Fix encoding of KeyUsage bitset.
- Add a made-up allowed-root pubkey for prod mode. This needs to be
replaced with the real GEEK when available.
- Fix generateEek() so that the first private key isn't used for
all signing operations.
Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I833894d33cd1757b7a0cfcf18f79b61e4e56a556
|
|
This alters the AIDL interface and underlying functionality to have the
component return the DeviceInfo CBOR blob that is used as AAD in
verification of a signature over a MAC key. Trying to reconstruct this
from userspace is very likely to lead to pain and subtle errors in the
future as adoption of this HAL increases, and multiple instances of this
HAL may exist on device simultaneously.
Test: atest VtsRemotelyProvisionedComponentTests
Change-Id: I44bd588586652630ed31a87cfda7e9c01cbf0a2f
|
|
As per RFC 8152 section 3, the unprotected parameters in the headers
of COSE objects are just encoded as a map, not as a bstr that contains
the CBOR-encoding of a map.
Test: TreeHugger presubmit
Change-Id: Id4eeb023d3a81ad1398d78d410c8224bf941f9b1
|
|
This CL re-enables the IRemotelyProvisionedComponent VTS tests after
updating the IRemotelyProvisionedComponent HAL to generate keys with
PURPOSE_ATTEST_KEY instead of PURPOSE_ATTEST_SIGN to match the new
PURPOSE_* functionality in KeyMint.
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I70c7918b460898d31e343c060ac07986271148a9
|
|
Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I51fb01f4c52949c81f3ad2d694a4afdf0fa67788
|
