Update Trusty implementation of IRPC v3

Recent changes to IRPC v3 (aosp/2281789 and aosp/2275693) require changes to implementation. Bug: 235265072 Test: VtsHalRemotelyProvisionedComponentTargetTest Change-Id: I0feef88180af34693f57af185550451e2f06640d
author: Tri Vo <trong@google.com> 2022-11-17 17:08:55 -0800
committer: Tri Vo <trong@google.com> 2022-11-17 17:10:26 -0800
commit: 25df4c78eea7b1324a0c7ed1098382f4a35394e0 (patch)
tree: 7a0950f09966d0ce61be3339c802219c9c0b7a04
parent: b7186897774ddcdba0e9f8bc6bbcd1d50b427c4d (diff)
download: keymaster-25df4c78eea7b1324a0c7ed1098382f4a35394e0.tar.gz
1 files changed, 9 insertions, 5 deletions
diff --git a/trusty_remote_provisioning_context.cpp b/trusty_remote_provisioning_context.cpp
index 5315ded..69ff83a 100644
--- a/trusty_remote_provisioning_context.cpp
+++ b/trusty_remote_provisioning_context.cpp
@@ -194,18 +194,22 @@ void TrustyRemoteProvisioningContext::GetHwInfo(
     hwInfo->rpcAuthorName = "Google";
     hwInfo->supportedEekCurve = 2 /* CURVE_25519 */;
     hwInfo->uniqueId = "Google Trusty Implementation";
+    hwInfo->supportedNumKeysInCsr = 20;
 }
 
 cppcose::ErrMsgOr<cppbor::Array> TrustyRemoteProvisioningContext::BuildCsr(
         const std::vector<uint8_t>& challenge,
         cppbor::Array keysToSign) const {
     auto deviceInfo = std::move(*CreateDeviceInfo());
+    auto csrPayload = cppbor::Array()
+                              .add(3 /* version */)
+                              .add("keymint" /* CertificateType */)
+                              .add(std::move(deviceInfo))
+                              .add(std::move(keysToSign))
+                              .encode();
     auto signedDataPayload = cppbor::Array()
-                                     .add(1 /* version */)
-                                     .add("keymint" /* CertificateType */)
-                                     .add(std::move(deviceInfo))
                                      .add(challenge)
-                                     .add(std::move(keysToSign))
+                                     .add(cppbor::Bstr(csrPayload))
                                      .encode();
 
     std::vector<uint8_t> signedData(HWBCC_MAX_RESP_PAYLOAD_SIZE);
@@ -226,7 +230,7 @@ cppcose::ErrMsgOr<cppbor::Array> TrustyRemoteProvisioningContext::BuildCsr(
     bcc.resize(actualBccSize);
 
     return cppbor::Array()
-            .add(3 /* version */)
+            .add(1 /* version */)
             .add(cppbor::Map() /* UdsCerts */)
             .add(cppbor::EncodedItem(std::move(bcc)))
             .add(cppbor::EncodedItem(std::move(signedData)));
author	Tri Vo <trong@google.com>	2022-11-17 17:08:55 -0800
committer	Tri Vo <trong@google.com>	2022-11-17 17:10:26 -0800
commit	25df4c78eea7b1324a0c7ed1098382f4a35394e0 (patch)
tree	7a0950f09966d0ce61be3339c802219c9c0b7a04
parent	b7186897774ddcdba0e9f8bc6bbcd1d50b427c4d (diff)
download	keymaster-25df4c78eea7b1324a0c7ed1098382f4a35394e0.tar.gz