diff options
author | Tri Vo <trong@google.com> | 2022-11-17 17:08:55 -0800 |
---|---|---|
committer | Tri Vo <trong@google.com> | 2022-11-17 17:10:26 -0800 |
commit | 25df4c78eea7b1324a0c7ed1098382f4a35394e0 (patch) | |
tree | 7a0950f09966d0ce61be3339c802219c9c0b7a04 | |
parent | b7186897774ddcdba0e9f8bc6bbcd1d50b427c4d (diff) | |
download | keymaster-25df4c78eea7b1324a0c7ed1098382f4a35394e0.tar.gz |
Update Trusty implementation of IRPC v3
Recent changes to IRPC v3 (aosp/2281789 and aosp/2275693) require
changes to implementation.
Bug: 235265072
Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I0feef88180af34693f57af185550451e2f06640d
-rw-r--r-- | trusty_remote_provisioning_context.cpp | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/trusty_remote_provisioning_context.cpp b/trusty_remote_provisioning_context.cpp index 5315ded..69ff83a 100644 --- a/trusty_remote_provisioning_context.cpp +++ b/trusty_remote_provisioning_context.cpp @@ -194,18 +194,22 @@ void TrustyRemoteProvisioningContext::GetHwInfo( hwInfo->rpcAuthorName = "Google"; hwInfo->supportedEekCurve = 2 /* CURVE_25519 */; hwInfo->uniqueId = "Google Trusty Implementation"; + hwInfo->supportedNumKeysInCsr = 20; } cppcose::ErrMsgOr<cppbor::Array> TrustyRemoteProvisioningContext::BuildCsr( const std::vector<uint8_t>& challenge, cppbor::Array keysToSign) const { auto deviceInfo = std::move(*CreateDeviceInfo()); + auto csrPayload = cppbor::Array() + .add(3 /* version */) + .add("keymint" /* CertificateType */) + .add(std::move(deviceInfo)) + .add(std::move(keysToSign)) + .encode(); auto signedDataPayload = cppbor::Array() - .add(1 /* version */) - .add("keymint" /* CertificateType */) - .add(std::move(deviceInfo)) .add(challenge) - .add(std::move(keysToSign)) + .add(cppbor::Bstr(csrPayload)) .encode(); std::vector<uint8_t> signedData(HWBCC_MAX_RESP_PAYLOAD_SIZE); @@ -226,7 +230,7 @@ cppcose::ErrMsgOr<cppbor::Array> TrustyRemoteProvisioningContext::BuildCsr( bcc.resize(actualBccSize); return cppbor::Array() - .add(3 /* version */) + .add(1 /* version */) .add(cppbor::Map() /* UdsCerts */) .add(cppbor::EncodedItem(std::move(bcc))) .add(cppbor::EncodedItem(std::move(signedData))); |