diff options
author | Tri Vo <trong@google.com> | 2023-03-10 03:47:38 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2023-03-10 03:47:38 +0000 |
commit | a0c5e5bf37fd8f01257377225afbc0eff826a618 (patch) | |
tree | 3e29a08163531a19c6d11a7cb0833ad8e386e7b4 | |
parent | be8a1dedc38dee5538c2b0707652ff2bf56cc1d7 (diff) | |
parent | 1647b401e250188ae486e7d4183d94374f8bd71f (diff) | |
download | keymaster-a0c5e5bf37fd8f01257377225afbc0eff826a618.tar.gz |
Fix IRPCv3 pure software implementation am: e5fb905431 am: c641370370 am: 8915aa4580 am: 1647b401e2
Original change: https://android-review.googlesource.com/c/platform/system/keymaster/+/2481375
Change-Id: I59fc73afa534981a74b8ca9036d647e211268edc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
-rw-r--r-- | contexts/pure_soft_remote_provisioning_context.cpp | 12 | ||||
-rw-r--r-- | ng/AndroidRemotelyProvisionedComponentDevice.cpp | 1 |
2 files changed, 9 insertions, 4 deletions
diff --git a/contexts/pure_soft_remote_provisioning_context.cpp b/contexts/pure_soft_remote_provisioning_context.cpp index c0eea3a..72232ac 100644 --- a/contexts/pure_soft_remote_provisioning_context.cpp +++ b/contexts/pure_soft_remote_provisioning_context.cpp @@ -197,7 +197,7 @@ PureSoftRemoteProvisioningContext::GenerateHmacSha256(const cppcose::bytevec& in } void PureSoftRemoteProvisioningContext::GetHwInfo(GetHwInfoResponse* hwInfo) const { - hwInfo->version = 2; + hwInfo->version = 3; hwInfo->rpcAuthorName = "Google"; hwInfo->supportedEekCurve = 2 /* CURVE_25519 */; hwInfo->uniqueId = "default keymint"; @@ -209,12 +209,16 @@ PureSoftRemoteProvisioningContext::BuildCsr(const std::vector<uint8_t>& challeng cppbor::Array keysToSign) const { uint32_t csrVersion = 3; auto deviceInfo = std::move(*CreateDeviceInfo(csrVersion)); - auto signedDataPayload = - cppbor::Array().add(std::move(deviceInfo)).add(challenge).add(std::move(keysToSign)); + auto csrPayload = cppbor::Array() + .add(csrVersion) + .add("keymint" /* CertificateType */) + .add(std::move(deviceInfo)) + .add(std::move(keysToSign)); + auto signedDataPayload = cppbor::Array().add(challenge).add(cppbor::Bstr(csrPayload.encode())); auto signedData = constructCoseSign1(devicePrivKey_, signedDataPayload.encode(), {} /* aad */); return cppbor::Array() - .add(csrVersion) + .add(1 /* version */) .add(cppbor::Map() /* UdsCerts */) .add(std::move(*bcc_.clone()->asArray()) /* DiceCertChain */) .add(std::move(*signedData) /* SignedData */); diff --git a/ng/AndroidRemotelyProvisionedComponentDevice.cpp b/ng/AndroidRemotelyProvisionedComponentDevice.cpp index 6fc0c1a..c8d4070 100644 --- a/ng/AndroidRemotelyProvisionedComponentDevice.cpp +++ b/ng/AndroidRemotelyProvisionedComponentDevice.cpp @@ -96,6 +96,7 @@ ScopedAStatus AndroidRemotelyProvisionedComponentDevice::getHardwareInfo(RpcHard info->rpcAuthorName = response.rpcAuthorName; info->supportedEekCurve = response.supportedEekCurve; info->uniqueId = response.uniqueId; + info->supportedNumKeysInCsr = response.supportedNumKeysInCsr; return ScopedAStatus::ok(); } |