diff options
| author | Tri Vo <trong@google.com> | 2023-03-09 15:19:50 -0800 |
|---|---|---|
| committer | Tri Vo <trong@google.com> | 2023-03-09 15:21:41 -0800 |
| commit | e5fb9054314a2a04b209402abc6e1df071cbbfe2 (patch) | |
| tree | 9dae88eaab037623e1753af7edb535e0a750ba5c | |
| parent | 117f7e18ea433212371ea140f8c653a8738a10a5 (diff) | |
| download | keymaster-e5fb9054314a2a04b209402abc6e1df071cbbfe2.tar.gz | |
Fix IRPCv3 pure software implementation
Bug: 270522174
Test: RKPD successfully provisions keys
Change-Id: I7dfc61c55778aecc984e633b0bfaca08444298a9
| -rw-r--r-- | contexts/pure_soft_remote_provisioning_context.cpp | 12 | ||||
| -rw-r--r-- | ng/AndroidRemotelyProvisionedComponentDevice.cpp | 1 |
2 files changed, 9 insertions, 4 deletions
diff --git a/contexts/pure_soft_remote_provisioning_context.cpp b/contexts/pure_soft_remote_provisioning_context.cpp index c0eea3a..72232ac 100644 --- a/contexts/pure_soft_remote_provisioning_context.cpp +++ b/contexts/pure_soft_remote_provisioning_context.cpp @@ -197,7 +197,7 @@ PureSoftRemoteProvisioningContext::GenerateHmacSha256(const cppcose::bytevec& in } void PureSoftRemoteProvisioningContext::GetHwInfo(GetHwInfoResponse* hwInfo) const { - hwInfo->version = 2; + hwInfo->version = 3; hwInfo->rpcAuthorName = "Google"; hwInfo->supportedEekCurve = 2 /* CURVE_25519 */; hwInfo->uniqueId = "default keymint"; @@ -209,12 +209,16 @@ PureSoftRemoteProvisioningContext::BuildCsr(const std::vector<uint8_t>& challeng cppbor::Array keysToSign) const { uint32_t csrVersion = 3; auto deviceInfo = std::move(*CreateDeviceInfo(csrVersion)); - auto signedDataPayload = - cppbor::Array().add(std::move(deviceInfo)).add(challenge).add(std::move(keysToSign)); + auto csrPayload = cppbor::Array() + .add(csrVersion) + .add("keymint" /* CertificateType */) + .add(std::move(deviceInfo)) + .add(std::move(keysToSign)); + auto signedDataPayload = cppbor::Array().add(challenge).add(cppbor::Bstr(csrPayload.encode())); auto signedData = constructCoseSign1(devicePrivKey_, signedDataPayload.encode(), {} /* aad */); return cppbor::Array() - .add(csrVersion) + .add(1 /* version */) .add(cppbor::Map() /* UdsCerts */) .add(std::move(*bcc_.clone()->asArray()) /* DiceCertChain */) .add(std::move(*signedData) /* SignedData */); diff --git a/ng/AndroidRemotelyProvisionedComponentDevice.cpp b/ng/AndroidRemotelyProvisionedComponentDevice.cpp index 6fc0c1a..c8d4070 100644 --- a/ng/AndroidRemotelyProvisionedComponentDevice.cpp +++ b/ng/AndroidRemotelyProvisionedComponentDevice.cpp @@ -96,6 +96,7 @@ ScopedAStatus AndroidRemotelyProvisionedComponentDevice::getHardwareInfo(RpcHard info->rpcAuthorName = response.rpcAuthorName; info->supportedEekCurve = response.supportedEekCurve; info->uniqueId = response.uniqueId; + info->supportedNumKeysInCsr = response.supportedNumKeysInCsr; return ScopedAStatus::ok(); } |