diff options
author | Tommy Chiu <tommychiu@google.com> | 2021-12-29 21:06:16 +0800 |
---|---|---|
committer | TreeHugger Robot <android-build-prod@system.gserviceaccount.com> | 2022-02-16 00:57:06 +0000 |
commit | 2443a10d9458d6ac7d1c4be9cf4733a069a9e318 (patch) | |
tree | b23190f240ab76d9c78b58cd8c97a958f57712f7 | |
parent | 0d58a576d97d8a91ea3f6cecd99940b880567855 (diff) | |
download | generic-2443a10d9458d6ac7d1c4be9cf4733a069a9e318.tar.gz |
keymint: Proto definition of IRemotelyProvisionedComponent
Bug: 203037043
Change-Id: Ib9c2b819df6d80641097d87a7081d7e6bb1222de
Reviewed-on: https://nugget-os-review.googlesource.com/c/host/generic/+/48885
Tested-by: Tommy Chiu <tommychiu@google.com>
Reviewed-by: Tommy Chiu <tommychiu@google.com>
Reviewed-by: Brian Murray <brianjmurray@google.com>
Presubmit-Verified: TreeHugger Robot <android-build-prod@system.gserviceaccount.com>
Autosubmit: Tommy Chiu <tommychiu@google.com>
4 files changed, 43 insertions, 1 deletions
diff --git a/nugget/proto/nugget/app/keymaster/keymaster.proto b/nugget/proto/nugget/app/keymaster/keymaster.proto index 1cb50bd..430cec2 100644 --- a/nugget/proto/nugget/app/keymaster/keymaster.proto +++ b/nugget/proto/nugget/app/keymaster/keymaster.proto @@ -143,6 +143,12 @@ service Keymaster { */ rpc GetPerFactoryResetValue(GetPerFactoryResetValueRequest) returns (GetPerFactoryResetValueResponse); + /* + * RKP implementation + */ + rpc GenerateRkpKey(GenerateRkpKeyRequest) returns (GenerateRkpKeyResponse); + rpc GenerateRkpCsr(GenerateRkpCsrRequest) returns (GenerateRkpCsrResponse); + // These are implemented with a enum, so new RPCs must be appended, and // deprecated RPCs need placeholders. } @@ -575,8 +581,31 @@ message GetPerFactoryResetValueRequest { bool bootloader_only = 1; bytes input = 2; } - message GetPerFactoryResetValueResponse { ErrorCode error_code = 1; bytes output = 2; } + +// RKP messages +message GenerateRkpKeyRequest{ + bool test_mode = 1; + KeyParameters params = 2; + KeyBlob blob = 3; +} +message GenerateRkpKeyResponse{ + ErrorCode error_code = 1; + bytes maced_public_key = 2; +} + +message GenerateRkpCsrRequest{ + bool test_mode = 1; + KeysToSign keys_to_sign = 2; + bytes endpoint_enc_cert_chain = 3; + bytes challenge = 4; +} +message GenerateRkpCsrResponse{ + ErrorCode error_code = 1; + bytes keys_to_sign_mac = 2; + bytes device_info_blob = 3; + bytes protected_data_blob = 4; +} diff --git a/nugget/proto/nugget/app/keymaster/keymaster_defs.proto b/nugget/proto/nugget/app/keymaster/keymaster_defs.proto index da597b1..66d1801 100644 --- a/nugget/proto/nugget/app/keymaster/keymaster_defs.proto +++ b/nugget/proto/nugget/app/keymaster/keymaster_defs.proto @@ -267,6 +267,10 @@ enum ErrorCode { STORAGE_KEY_UNSUPPORTED = 81; INCOMPATIBLE_MGF_DIGEST = 82; UNSUPPORTED_MGF_DIGEST = 83; + INVALID_MAC = 84; // RKP specific. + PRODUCTION_KEY_IN_TEST_REQUEST = 85; // RKP specific. + TEST_KEY_IN_PRODUCTION_REQUEST = 86; // RKP specific. + INVALID_EEK = 87; // RKP specific. }; enum SecurityLevel { diff --git a/nugget/proto/nugget/app/keymaster/keymaster_types.options b/nugget/proto/nugget/app/keymaster/keymaster_types.options index 02853bc..417e181 100644 --- a/nugget/proto/nugget/app/keymaster/keymaster_types.options +++ b/nugget/proto/nugget/app/keymaster/keymaster_types.options @@ -9,3 +9,4 @@ nugget.app.keymaster.VigoSignature.s max_size:32 nugget.app.keymaster.VigoSecret.material max_size:32 nugget.app.keymaster.VigoSecret.iv max_size:16 nugget.app.keymaster.VigoSecret.tag max_size:16 +nugget.app.keymaster.KeysToSign.keys max_count:20 diff --git a/nugget/proto/nugget/app/keymaster/keymaster_types.proto b/nugget/proto/nugget/app/keymaster/keymaster_types.proto index 4a66d4e..1a4c539 100644 --- a/nugget/proto/nugget/app/keymaster/keymaster_types.proto +++ b/nugget/proto/nugget/app/keymaster/keymaster_types.proto @@ -126,3 +126,11 @@ message VigoSecret { bytes iv = 2; bytes tag = 3; } + +message MacedKey{ + bytes blob = 1; +} + +message KeysToSign { + repeated MacedKey keys = 1; +} |