summaryrefslogtreecommitdiff
path: root/security/keymint/aidl/default/RemotelyProvisionedComponent.h
AgeCommit message (Collapse)Author
2021-04-20Porting the client <-> HAL service interfaceMax Bires
This change removes the interface layer between the client and the underlying HAL. This is one part of a two part change to properly finish migrating all of the RemotelyProvisionedComponent functionality to system/keymaster. Test: atest VtsHalRemotelyProvisionedComponentTargetTest Change-Id: Ibccc6b3af86a63b8a6c6207fffd43cfc41b903b5
2021-04-19Merge "Adding getHardwareInfo to IRPC"Treehugger Robot
2021-04-17Porting IRPC functionality.Max Bires
This is the change that removes the functionality that has been shifted over to appropriate classes and contexts in system/keymaster. Test: atest VtsHalRemotelyProvisionedComponentTargetTest Change-Id: I491f4ef823868322ea6a804d88ca09662c099a44
2021-04-17Adding getHardwareInfo to IRPCMax Bires
This adds a way to derive information about the hardware for clients that call the HAL. The primary functional usecase here is to differentiate which EC curve the underlying hardware for a given instance of IRemotelyProvisionedComponent is supported. Originally, curve 25519 would have been used in all implementations for verifying the EEK certificate chain and doing ECDH, but secure elements do not offer 25519 support yet. In order to support remote provisioning on SEs, we have to relax the standard here a bit to allow for P256. Test: Everything builds Change-Id: I9245c6f4e27bd118fe093bffc0152549ed7f0825
2021-03-31Fix DeviceInfo encoding and checksDavid Drysdale
- Make the default implementation include the DeviceInfo as a map, not a bstr-holding-a-map, to match the spec. - Check the signature of the signed MAC even in test mode. - Include the DeviceInfo in the data that the signature covers. Test: VtsHalRemotelyProvisionedComponentTargetTest Change-Id: I9084343c1273c16a9cbd5a1156e7057a1c54a860
2021-03-24IRemotelyProvisionedComponent returns DeviceInfoMax Bires
This alters the AIDL interface and underlying functionality to have the component return the DeviceInfo CBOR blob that is used as AAD in verification of a signature over a MAC key. Trying to reconstruct this from userspace is very likely to lead to pain and subtle errors in the future as adoption of this HAL increases, and multiple instances of this HAL may exist on device simultaneously. Test: atest VtsRemotelyProvisionedComponentTests Change-Id: I44bd588586652630ed31a87cfda7e9c01cbf0a2f
2021-02-16Add RemotelyProvisionedComponent HAL.Shawn Willden
Test: VtsHalRemotelyProvisionedComponentTargetTest Change-Id: I51fb01f4c52949c81f3ad2d694a4afdf0fa67788
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-03 15:51:54 +0000