From e5fb9054314a2a04b209402abc6e1df071cbbfe2 Mon Sep 17 00:00:00 2001
From: Tri Vo <trong@google.com>
Date: Thu, 9 Mar 2023 15:19:50 -0800
Subject: Fix IRPCv3 pure software implementation

Bug: 270522174
Test: RKPD successfully provisions keys
Change-Id: I7dfc61c55778aecc984e633b0bfaca08444298a9
---
 contexts/pure_soft_remote_provisioning_context.cpp | 12 ++++++++----
 ng/AndroidRemotelyProvisionedComponentDevice.cpp   |  1 +
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/contexts/pure_soft_remote_provisioning_context.cpp b/contexts/pure_soft_remote_provisioning_context.cpp
index c0eea3a..72232ac 100644
--- a/contexts/pure_soft_remote_provisioning_context.cpp
+++ b/contexts/pure_soft_remote_provisioning_context.cpp
@@ -197,7 +197,7 @@ PureSoftRemoteProvisioningContext::GenerateHmacSha256(const cppcose::bytevec& in
 }
 
 void PureSoftRemoteProvisioningContext::GetHwInfo(GetHwInfoResponse* hwInfo) const {
-    hwInfo->version = 2;
+    hwInfo->version = 3;
     hwInfo->rpcAuthorName = "Google";
     hwInfo->supportedEekCurve = 2 /* CURVE_25519 */;
     hwInfo->uniqueId = "default keymint";
@@ -209,12 +209,16 @@ PureSoftRemoteProvisioningContext::BuildCsr(const std::vector<uint8_t>& challeng
                                             cppbor::Array keysToSign) const {
     uint32_t csrVersion = 3;
     auto deviceInfo = std::move(*CreateDeviceInfo(csrVersion));
-    auto signedDataPayload =
-        cppbor::Array().add(std::move(deviceInfo)).add(challenge).add(std::move(keysToSign));
+    auto csrPayload = cppbor::Array()
+                          .add(csrVersion)
+                          .add("keymint" /* CertificateType */)
+                          .add(std::move(deviceInfo))
+                          .add(std::move(keysToSign));
+    auto signedDataPayload = cppbor::Array().add(challenge).add(cppbor::Bstr(csrPayload.encode()));
     auto signedData = constructCoseSign1(devicePrivKey_, signedDataPayload.encode(), {} /* aad */);
 
     return cppbor::Array()
-        .add(csrVersion)
+        .add(1 /* version */)
         .add(cppbor::Map() /* UdsCerts */)
         .add(std::move(*bcc_.clone()->asArray()) /* DiceCertChain */)
         .add(std::move(*signedData) /* SignedData */);
diff --git a/ng/AndroidRemotelyProvisionedComponentDevice.cpp b/ng/AndroidRemotelyProvisionedComponentDevice.cpp
index 6fc0c1a..c8d4070 100644
--- a/ng/AndroidRemotelyProvisionedComponentDevice.cpp
+++ b/ng/AndroidRemotelyProvisionedComponentDevice.cpp
@@ -96,6 +96,7 @@ ScopedAStatus AndroidRemotelyProvisionedComponentDevice::getHardwareInfo(RpcHard
     info->rpcAuthorName = response.rpcAuthorName;
     info->supportedEekCurve = response.supportedEekCurve;
     info->uniqueId = response.uniqueId;
+    info->supportedNumKeysInCsr = response.supportedNumKeysInCsr;
     return ScopedAStatus::ok();
 }
 
-- 
cgit v1.2.3