diff options
| author | Joseph Jang <josephjang@google.com> | 2022-03-16 03:57:30 +0000 |
|---|---|---|
| committer | Joseph Jang <josephjang@google.com> | 2022-03-16 04:02:07 +0000 |
| commit | 9a9a9ab2f9942967cab300adcc609647ad592f0e (patch) | |
| tree | a1c019b7c702f7f0a7d48a03cb09bbb6f180b3cb | |
| parent | e0893e6e74d915711988f64ce7146dfe88352244 (diff) | |
| parent | 3d3ccc51a0328ee73271595ca49eaad6913470d4 (diff) | |
| download | generic-9a9a9ab2f9942967cab300adcc609647ad592f0e.tar.gz | |
Merge remote-tracking branch 'goog/upstream-master' into josephjang-nos-merge-upstream
* goog/upstream-master:
nugget: Add new GSA-GSC pre-shared secret key for factory pairing
identity: Add to support KM RKP
Making nugget protobuf visible to other projects.
Bug: 193547934
Bug: 218613398
Bug: 223285692
Bug: 224883693
Test: release tests, QMC
Change-Id: I2ffec6b08e8996919fa161fd5e0908cb7d8ded24
| -rw-r--r-- | nugget/include/app_nugget.h | 8 | ||||
| -rw-r--r-- | nugget/proto/BUILD | 4 | ||||
| -rw-r--r-- | nugget/proto/nugget/app/keymaster/keymaster.proto | 2 |
3 files changed, 14 insertions, 0 deletions
diff --git a/nugget/include/app_nugget.h b/nugget/include/app_nugget.h index da6710e..fbf5ddd 100644 --- a/nugget/include/app_nugget.h +++ b/nugget/include/app_nugget.h @@ -449,6 +449,14 @@ struct gsa_gsc_pairing_persist_storage { uint8_t gsc_public_key[EC_P256_PUBLIC_KEY_SIZE]; }; +#define GSA_GSC_PSK_VERSION 0 +#define HAS_GSA_GSC_PSK 0xa5 +struct gsa_gsc_psk_persist_storage { + uint8_t version; + uint8_t has_gsa_gsc_psk_provision; + uint8_t gsa_gsc_psk[PSK_KEY_SIZE]; +}; + #define NUGGET_PARAM_GSA_KEY_PROVISION 0x0017 /* * GSA key provision command diff --git a/nugget/proto/BUILD b/nugget/proto/BUILD index 0b7219f..fc1df57 100644 --- a/nugget/proto/BUILD +++ b/nugget/proto/BUILD @@ -330,6 +330,7 @@ proto_library( proto_library( name = "nugget_app_avb_avb_proto", + visibility = ["//visibility:public"], srcs = [ "nugget/app/avb/avb.proto", ], @@ -341,6 +342,7 @@ proto_library( proto_library( name = "nugget_app_keymaster_keymaster_proto", + visibility = ["//visibility:public"], srcs = [ "nugget/app/keymaster/keymaster.proto", "nugget/app/keymaster/keymaster_defs.proto", @@ -403,6 +405,7 @@ proto_library( proto_library( name = "nugget_app_weaver_weaver_proto", + visibility = ["//visibility:public"], srcs = [ "nugget/app/weaver/weaver.proto", ], @@ -414,6 +417,7 @@ proto_library( proto_library( name = "nugget_app_identity_identity_proto", + visibility = ["//visibility:public"], srcs = [ "nugget/app/identity/identity.proto", "nugget/app/identity/identity_defs.proto", diff --git a/nugget/proto/nugget/app/keymaster/keymaster.proto b/nugget/proto/nugget/app/keymaster/keymaster.proto index 430cec2..67f464a 100644 --- a/nugget/proto/nugget/app/keymaster/keymaster.proto +++ b/nugget/proto/nugget/app/keymaster/keymaster.proto @@ -557,6 +557,7 @@ message IdentityStartAttestKeyRequest { bytes not_after = 6; // strftime('%y%m%d%H%M%SZ') [15 octects] uint64 creation_time_ms = 7; // Rough current time (ms since epoch). bool use_km_attest_key = 8; + bytes caller_issuer_subj_name = 9; } message IdentityStartAttestKeyResponse { ErrorCode error_code = 1; @@ -568,6 +569,7 @@ message IdentityStartAttestKeyResponse { message IdentityFinishAttestKeyRequest { OperationHandle handle = 1; bool use_km_attest_key = 2; + KeyBlob caller_blob = 3; } message IdentityFinishAttestKeyResponse { ErrorCode error_code = 1; |