tequilaOS/platform_hardware_interfaces
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Define the AIDL interface for AuthGraph key exchange.

Browse source 
Introduce the AIDL methods for key exchange and the CDDLs for
the relevant input/output types that are CBOR encoded.

Use a standard comment format in CDDL files to indicate where additional
structure definitions can be found, in the hope that one day tooling
will be available to automatically check schema syntax.

Add authgraph to compatibility matrix

This CL merges the CLs: aosp/2750484, aosp/2750485, aosp/2750486 by
drysdale@google.com

Co-authored-by: David Drysdale <drysdale@google.com>

Bug: 284470121
Test: validate schemas with https://cddl.anweiss.tech/
Test: VtsAidlAuthGraphSessionTest (with nonsecure default impl)
Change-Id: I2793666ede028f8abe91569587c09dcac21c67e0
This commit is contained in:
Hasini Gunasinghe 2023-05-31 01:41:26 +00:00
parent 3d000a3a6f
commit 0e2495f107
33 changed files with 1497 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
compatibility_matrices/compatibility_matrix.9.xml
View file

@ -508,6 +508,14 @@
<regex-instance>SIM[1-9][0-9]*</regex-instance>
</interface>
</hal>
<hal format="aidl" optional="true" updatable-via-apex="true">
<name>android.hardware.security.authgraph</name>
<version>1</version>
<interface>
<name>IAuthGraphKeyExchange</name>
<instance>default</instance>
</interface>
</hal>
<hal format="aidl" optional="true" updatable-via-apex="true">
<name>android.hardware.security.secureclock</name>
<version>1</version>

47
security/authgraph/aidl/Android.bp Normal file
View file

@ -0,0 +1,47 @@
// Copyright (C) 2023 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package {
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
// to get the below license kinds:
// SPDX-license-identifier-Apache-2.0
default_applicable_licenses: ["hardware_interfaces_license"],
}
aidl_interface {
name: "android.hardware.security.authgraph",
vendor_available: true,
srcs: [
"android/hardware/security/authgraph/*.aidl",
],
stability: "vintf",
frozen: false,
backend: {
java: {
platform_apis: true,
},
ndk: {
apps_enabled: false,
},
rust: {
enabled: true,
apex_available: [
"//apex_available:platform",
"com.android.virt",
],
},
},
}

39
security/authgraph/aidl/aidl_api/android.hardware.security.authgraph/current/android/hardware/security/authgraph/Arc.aidl Normal file
View file

@ -0,0 +1,39 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
///////////////////////////////////////////////////////////////////////////////
// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
///////////////////////////////////////////////////////////////////////////////
// This file is a snapshot of an AIDL file. Do not edit it manually. There are
// two cases:
// 1). this is a frozen version file - do not edit this in any case.
// 2). this is a 'current' file. If you make a backwards compatible change to
// the interface (from the latest frozen version), the build system will
// prompt you to update this file with `m <name>-update-api`.
//
// You must not make a backward incompatible change to any AIDL file built
// with the aidl_interface module type with versions property set. The module
// type is used to build AIDL files in a way that they can be used across
// independently updatable components of the system. If a device is shipped
// with such a backward incompatible change, it has a high risk of breaking
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.security.authgraph;
/* @hide */
@RustDerive(Clone=true, Eq=true, PartialEq=true) @VintfStability
parcelable Arc {
byte[] arc;
}

50
security/authgraph/aidl/aidl_api/android.hardware.security.authgraph/current/android/hardware/security/authgraph/Error.aidl Normal file
View file

@ -0,0 +1,50 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
///////////////////////////////////////////////////////////////////////////////
// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
///////////////////////////////////////////////////////////////////////////////
// This file is a snapshot of an AIDL file. Do not edit it manually. There are
// two cases:
// 1). this is a frozen version file - do not edit this in any case.
// 2). this is a 'current' file. If you make a backwards compatible change to
// the interface (from the latest frozen version), the build system will
// prompt you to update this file with `m <name>-update-api`.
//
// You must not make a backward incompatible change to any AIDL file built
// with the aidl_interface module type with versions property set. The module
// type is used to build AIDL files in a way that they can be used across
// independently updatable components of the system. If a device is shipped
// with such a backward incompatible change, it has a high risk of breaking
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.security.authgraph;
/* @hide */
@Backing(type="int") @VintfStability
enum Error {
OK = 0,
INVALID_PEER_NONCE = (-1) /* -1 */,
INVALID_PEER_KE_KEY = (-2) /* -2 */,
INVALID_IDENTITY = (-3) /* -3 */,
INVALID_CERT_CHAIN = (-4) /* -4 */,
INVALID_SIGNATURE = (-5) /* -5 */,
INVALID_KE_KEY = (-6) /* -6 */,
INVALID_PUB_KEY_IN_KEY = (-7) /* -7 */,
INVALID_PRIV_KEY_ARC_IN_KEY = (-8) /* -8 */,
INVALID_SHARED_KEY_ARCS = (-9) /* -9 */,
MEMORY_ALLOCATION_FAILED = (-10) /* -10 */,
INCOMPATIBLE_PROTOCOL_VERSION = (-11) /* -11 */,
}

42
security/authgraph/aidl/aidl_api/android.hardware.security.authgraph/current/android/hardware/security/authgraph/IAuthGraphKeyExchange.aidl Normal file
View file

@ -0,0 +1,42 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
///////////////////////////////////////////////////////////////////////////////
// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
///////////////////////////////////////////////////////////////////////////////
// This file is a snapshot of an AIDL file. Do not edit it manually. There are
// two cases:
// 1). this is a frozen version file - do not edit this in any case.
// 2). this is a 'current' file. If you make a backwards compatible change to
// the interface (from the latest frozen version), the build system will
// prompt you to update this file with `m <name>-update-api`.
//
// You must not make a backward incompatible change to any AIDL file built
// with the aidl_interface module type with versions property set. The module
// type is used to build AIDL files in a way that they can be used across
// independently updatable components of the system. If a device is shipped
// with such a backward incompatible change, it has a high risk of breaking
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.security.authgraph;
/* @hide */
@VintfStability
interface IAuthGraphKeyExchange {
android.hardware.security.authgraph.SessionInitiationInfo create();
android.hardware.security.authgraph.KeInitResult init(in android.hardware.security.authgraph.PubKey peerPubKey, in android.hardware.security.authgraph.Identity peerId, in byte[] peerNonce, in int peerVersion);
android.hardware.security.authgraph.SessionInfo finish(in android.hardware.security.authgraph.PubKey peerPubKey, in android.hardware.security.authgraph.Identity peerId, in android.hardware.security.authgraph.SessionIdSignature peerSignature, in byte[] peerNonce, in int peerVersion, in android.hardware.security.authgraph.Key ownKey);
android.hardware.security.authgraph.Arc[2] authenticationComplete(in android.hardware.security.authgraph.SessionIdSignature peerSignature, in android.hardware.security.authgraph.Arc[2] sharedKeys);
}

38
security/authgraph/aidl/aidl_api/android.hardware.security.authgraph/current/android/hardware/security/authgraph/Identity.aidl Normal file
View file

@ -0,0 +1,38 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
///////////////////////////////////////////////////////////////////////////////
// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
///////////////////////////////////////////////////////////////////////////////
// This file is a snapshot of an AIDL file. Do not edit it manually. There are
// two cases:
// 1). this is a frozen version file - do not edit this in any case.
// 2). this is a 'current' file. If you make a backwards compatible change to
// the interface (from the latest frozen version), the build system will
// prompt you to update this file with `m <name>-update-api`.
//
// You must not make a backward incompatible change to any AIDL file built
// with the aidl_interface module type with versions property set. The module
// type is used to build AIDL files in a way that they can be used across
// independently updatable components of the system. If a device is shipped
// with such a backward incompatible change, it has a high risk of breaking
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.security.authgraph;
@RustDerive(Clone=true, Eq=true, PartialEq=true) @VintfStability
parcelable Identity {
byte[] identity;
}

39
security/authgraph/aidl/aidl_api/android.hardware.security.authgraph/current/android/hardware/security/authgraph/KeInitResult.aidl Normal file
View file

@ -0,0 +1,39 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
///////////////////////////////////////////////////////////////////////////////
// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
///////////////////////////////////////////////////////////////////////////////
// This file is a snapshot of an AIDL file. Do not edit it manually. There are
// two cases:
// 1). this is a frozen version file - do not edit this in any case.
// 2). this is a 'current' file. If you make a backwards compatible change to
// the interface (from the latest frozen version), the build system will
// prompt you to update this file with `m <name>-update-api`.
//
// You must not make a backward incompatible change to any AIDL file built
// with the aidl_interface module type with versions property set. The module
// type is used to build AIDL files in a way that they can be used across
// independently updatable components of the system. If a device is shipped
// with such a backward incompatible change, it has a high risk of breaking
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.security.authgraph;
@RustDerive(Clone=true, Eq=true, PartialEq=true) @VintfStability
parcelable KeInitResult {
android.hardware.security.authgraph.SessionInitiationInfo sessionInitiationInfo;
android.hardware.security.authgraph.SessionInfo sessionInfo;
}

39
security/authgraph/aidl/aidl_api/android.hardware.security.authgraph/current/android/hardware/security/authgraph/Key.aidl Normal file
View file

@ -0,0 +1,39 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
///////////////////////////////////////////////////////////////////////////////
// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
///////////////////////////////////////////////////////////////////////////////
// This file is a snapshot of an AIDL file. Do not edit it manually. There are
// two cases:
// 1). this is a frozen version file - do not edit this in any case.
// 2). this is a 'current' file. If you make a backwards compatible change to
// the interface (from the latest frozen version), the build system will
// prompt you to update this file with `m <name>-update-api`.
//
// You must not make a backward incompatible change to any AIDL file built
// with the aidl_interface module type with versions property set. The module
// type is used to build AIDL files in a way that they can be used across
// independently updatable components of the system. If a device is shipped
// with such a backward incompatible change, it has a high risk of breaking
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.security.authgraph;
@RustDerive(Clone=true, Eq=true, PartialEq=true) @VintfStability
parcelable Key {
@nullable android.hardware.security.authgraph.PubKey pubKey;
@nullable android.hardware.security.authgraph.Arc arcFromPBK;
}

38
security/authgraph/aidl/aidl_api/android.hardware.security.authgraph/current/android/hardware/security/authgraph/PlainPubKey.aidl Normal file
View file

@ -0,0 +1,38 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
///////////////////////////////////////////////////////////////////////////////
// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
///////////////////////////////////////////////////////////////////////////////
// This file is a snapshot of an AIDL file. Do not edit it manually. There are
// two cases:
// 1). this is a frozen version file - do not edit this in any case.
// 2). this is a 'current' file. If you make a backwards compatible change to
// the interface (from the latest frozen version), the build system will
// prompt you to update this file with `m <name>-update-api`.
//
// You must not make a backward incompatible change to any AIDL file built
// with the aidl_interface module type with versions property set. The module
// type is used to build AIDL files in a way that they can be used across
// independently updatable components of the system. If a device is shipped
// with such a backward incompatible change, it has a high risk of breaking
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.security.authgraph;
@RustDerive(Clone=true, Eq=true, PartialEq=true) @VintfStability
parcelable PlainPubKey {
byte[] plainPubKey;
}

39
security/authgraph/aidl/aidl_api/android.hardware.security.authgraph/current/android/hardware/security/authgraph/PubKey.aidl Normal file
View file

@ -0,0 +1,39 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
///////////////////////////////////////////////////////////////////////////////
// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
///////////////////////////////////////////////////////////////////////////////
// This file is a snapshot of an AIDL file. Do not edit it manually. There are
// two cases:
// 1). this is a frozen version file - do not edit this in any case.
// 2). this is a 'current' file. If you make a backwards compatible change to
// the interface (from the latest frozen version), the build system will
// prompt you to update this file with `m <name>-update-api`.
//
// You must not make a backward incompatible change to any AIDL file built
// with the aidl_interface module type with versions property set. The module
// type is used to build AIDL files in a way that they can be used across
// independently updatable components of the system. If a device is shipped
// with such a backward incompatible change, it has a high risk of breaking
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.security.authgraph;
@RustDerive(Clone=true, Eq=true, PartialEq=true) @VintfStability
union PubKey {
android.hardware.security.authgraph.PlainPubKey plainKey;
android.hardware.security.authgraph.SignedPubKey signedKey;
}

38
security/authgraph/aidl/aidl_api/android.hardware.security.authgraph/current/android/hardware/security/authgraph/SessionIdSignature.aidl Normal file
View file

@ -0,0 +1,38 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
///////////////////////////////////////////////////////////////////////////////
// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
///////////////////////////////////////////////////////////////////////////////
// This file is a snapshot of an AIDL file. Do not edit it manually. There are
// two cases:
// 1). this is a frozen version file - do not edit this in any case.
// 2). this is a 'current' file. If you make a backwards compatible change to
// the interface (from the latest frozen version), the build system will
// prompt you to update this file with `m <name>-update-api`.
//
// You must not make a backward incompatible change to any AIDL file built
// with the aidl_interface module type with versions property set. The module
// type is used to build AIDL files in a way that they can be used across
// independently updatable components of the system. If a device is shipped
// with such a backward incompatible change, it has a high risk of breaking
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.security.authgraph;
@RustDerive(Clone=true, Eq=true, PartialEq=true) @VintfStability
parcelable SessionIdSignature {
byte[] signature;
}

40
security/authgraph/aidl/aidl_api/android.hardware.security.authgraph/current/android/hardware/security/authgraph/SessionInfo.aidl Normal file
View file

@ -0,0 +1,40 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
///////////////////////////////////////////////////////////////////////////////
// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
///////////////////////////////////////////////////////////////////////////////
// This file is a snapshot of an AIDL file. Do not edit it manually. There are
// two cases:
// 1). this is a frozen version file - do not edit this in any case.
// 2). this is a 'current' file. If you make a backwards compatible change to
// the interface (from the latest frozen version), the build system will
// prompt you to update this file with `m <name>-update-api`.
//
// You must not make a backward incompatible change to any AIDL file built
// with the aidl_interface module type with versions property set. The module
// type is used to build AIDL files in a way that they can be used across
// independently updatable components of the system. If a device is shipped
// with such a backward incompatible change, it has a high risk of breaking
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.security.authgraph;
@RustDerive(Clone=true, Eq=true, PartialEq=true) @VintfStability
parcelable SessionInfo {
android.hardware.security.authgraph.Arc[2] sharedKeys;
byte[] sessionId;
android.hardware.security.authgraph.SessionIdSignature signature;
}

41
security/authgraph/aidl/aidl_api/android.hardware.security.authgraph/current/android/hardware/security/authgraph/SessionInitiationInfo.aidl Normal file
View file

@ -0,0 +1,41 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
///////////////////////////////////////////////////////////////////////////////
// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
///////////////////////////////////////////////////////////////////////////////
// This file is a snapshot of an AIDL file. Do not edit it manually. There are
// two cases:
// 1). this is a frozen version file - do not edit this in any case.
// 2). this is a 'current' file. If you make a backwards compatible change to
// the interface (from the latest frozen version), the build system will
// prompt you to update this file with `m <name>-update-api`.
//
// You must not make a backward incompatible change to any AIDL file built
// with the aidl_interface module type with versions property set. The module
// type is used to build AIDL files in a way that they can be used across
// independently updatable components of the system. If a device is shipped
// with such a backward incompatible change, it has a high risk of breaking
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.security.authgraph;
@RustDerive(Clone=true, Eq=true, PartialEq=true) @VintfStability
parcelable SessionInitiationInfo {
android.hardware.security.authgraph.Key key;
android.hardware.security.authgraph.Identity identity;
byte[] nonce;
int version;
}

38
security/authgraph/aidl/aidl_api/android.hardware.security.authgraph/current/android/hardware/security/authgraph/SignedPubKey.aidl Normal file
View file

@ -0,0 +1,38 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
///////////////////////////////////////////////////////////////////////////////
// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
///////////////////////////////////////////////////////////////////////////////
// This file is a snapshot of an AIDL file. Do not edit it manually. There are
// two cases:
// 1). this is a frozen version file - do not edit this in any case.
// 2). this is a 'current' file. If you make a backwards compatible change to
// the interface (from the latest frozen version), the build system will
// prompt you to update this file with `m <name>-update-api`.
//
// You must not make a backward incompatible change to any AIDL file built
// with the aidl_interface module type with versions property set. The module
// type is used to build AIDL files in a way that they can be used across
// independently updatable components of the system. If a device is shipped
// with such a backward incompatible change, it has a high risk of breaking
// later when a module using the interface is updated, e.g., Mainline modules.
package android.hardware.security.authgraph;
@RustDerive(Clone=true, Eq=true, PartialEq=true) @VintfStability
parcelable SignedPubKey {
byte[] signedPubKey;
}

34
security/authgraph/aidl/android/hardware/security/authgraph/Arc.aidl Normal file
View file

@ -0,0 +1,34 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.hardware.security.authgraph;
/**
* This is the definition of the data format of an Arc.
* @hide
*/
@VintfStability
@RustDerive(Clone=true, Eq=true, PartialEq=true)
parcelable Arc {
/**
* The messages exchanged between the domains in the AuthGraph protocol are called Arcs.
* An arc is simply AES-GCM. Encryption of a payload P with a key K and additional
* authentication data (AAD) D: (i.e. Arc = Enc(K, P, D)).
*
* Data is CBOR-encoded according to the `Arc` CDDL definition in Arc.cddl.
*/
byte[] arc;
}

115
security/authgraph/aidl/android/hardware/security/authgraph/Arc.cddl Normal file
View file

@ -0,0 +1,115 @@
;
; Copyright (C) 2023 The Android Open Source Project
;
; Licensed under the Apache License, Version 2.0 (the "License");
; you may not use this file except in compliance with the License.
; You may obtain a copy of the License at
;
; http://www.apache.org/licenses/LICENSE-2.0
;
; Unless required by applicable law or agreed to in writing, software
; distributed under the License is distributed on an "AS IS" BASIS,
; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
; See the License for the specific language governing permissions and
; limitations under the License.
;
Arc = [ ; COSE_Encrypt0 [RFC9052 s5.2]
protected : bstr .cbor ArcProtectedHeaders,
unprotected : {
5 : bstr .size 12 ; IV
},
ciphertext : bstr ; Enc(K, bstr .cbor Payload, encoded ArcEncStruct)
]
ArcProtectedHeaders = {
1 : 3, ; Algorithm: AES-GCM mode w/ 256-bit key, 128-bit tag
? -70001 : { + Permission }, ; One or more Permissions
? -70002 : { + Limitation }, ; One or more Limitations
? -70003 : int, ; Timestamp in milliseconds since some starting point (generally
; the most recent device boot) which all of the applications within
; the secure domain must agree upon
? -70004 : bstr .size 16, ; Nonce used in key exchange methods
? -70005 : PayloadType, ; Payload type, if needed to disambiguate, when processing an arc
? -70006 : int, ; Version of the payload structure (if applicable)
? -70007 : int, ; Sequence number (if needed to prevent replay attacks)
? -70008 : Direction ; Direction of the encryption key (i.e. whether it is used to
; encrypt incoming messages or outgoing messages)
? -70009 : bool, ; "authentication_completed" - this is used during authenticated
; key exchange indicate whether signature verification is done
? -70010 : bstr .size 32 ; "session_id" computed during key exchange protocol
}
; Permissions indicate what an arc can be used with. Permissions are added to an arc during the
; `create()` primitive operation and are propagated during `mint` and `snap` primitive operations.
Permission = &(
-4770552 : IdentityEncoded, ; "source_id" - in the operations performed by a source, the
; source adds its own identity to the permissions of an arc.
-4770553 : IdentityEncoded, ; "sink_id" - in the operations performed by a sink, the sink
; adds its own identity to the permissions of an arc.
-4770555 : [ +IdentityEncoded ] ; "minting_allowed" - defines the set of TA identities
; to whom the payload key is allowed to be minted.
-4770556 : bool ; "deleted_on_biometric_change" - A Boolean value that
; indicates whether an auth key issued from a biometric TA is
; invalidated on new biometric enrollment or removal of all
; biometrics.
)
; Limitations indicate what restrictions are applied on the usage of an arc. Permissions are added
; to an arc during the `create` primitive operation and are propagated during `snap` primitive
; operation.
Limitation = &(
-4770554 : bstr, ; "challenge" - is added to an arc that transfers an auth key to a channel
; key, in order to ensure the freshness of the authentication.
; A challenge is issued by a sink (e.g. Keymint TA, Biometric TAs).
)
; INCLUDE Identity.cddl for: Identity
IdentityEncoded = bstr .cbor Identity
Direction = &(
In: 1,
Out: 2,
)
PayloadType = &(
SecretKey: 1,
Arc: 2,
; Any other payload types should also be defined here
)
Payload = &(
SecretKey,
Arc,
; Any other payload formats should also be defined here
)
SecretKey = &( ; One of the payload types of an Arc is a secret key
SymmetricKey,
ECPrivateKey, ; Private key of a key pair generated for key exchange
)
ECPrivateKey = { ; COSE_Key [RFC9052 s7]
1 : 2, ; Key type : EC2
3 : -25, ; Algorithm: ECDH ES w/ HKDF 256 - generate key directly
? 4 : [7], ; Key_ops: [derive key]
-1 : 1, ; Curve: P-256
? -2 : bstr, ; x coordinate
? -3 : bstr, ; y coordinate
-4 : bstr, ; private key (d)
}
SymmetricKey = { ; COSE_Key [RFC9052 s7] - For symmetric key encryption
1 : 4, ; Key type : Symmetric
3 : 3, ; Algorithm : AES-GCM mode w/ 256-bit key, 128-bit tag
4 : [ 4 ], ; Key_ops: [decrypt]
-1 : bstr .size 32, ; Key value (k)
}
ArcEncStruct = [ ; COSE_Enc_structure [RFC9052 s5.3]
context : "Encrypt0",
protected : bstr .cbor ArcProtectedHeaders,
external_aad : bstr .size 0,
]
; INCLUDE generateCertificateRequestV2.cddl for: PubKeyEd25519, PubKeyECDSA256, PubKeyECDSA384
; from hardware/interfaces/security/rkp/aidl/android/hardware/security/keymint/

33
security/authgraph/aidl/android/hardware/security/authgraph/DicePolicy.cddl Normal file
View file

@ -0,0 +1,33 @@
;
; Copyright (C) 2023 The Android Open Source Project
;
; Licensed under the Apache License, Version 2.0 (the "License");
; you may not use this file except in compliance with the License.
; You may obtain a copy of the License at
;
; http://www.apache.org/licenses/LICENSE-2.0
;
; Unless required by applicable law or agreed to in writing, software
; distributed under the License is distributed on an "AS IS" BASIS,
; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
; See the License for the specific language governing permissions and
; limitations under the License.
;
DicePolicy = [
1, ; dice policy version
+ nodeConstraintList ; for each entry in dice chain
]
nodeConstraintList = [
* nodeConstraint
]
; We may add a hashConstraint item later
nodeConstraint = exactMatchConstraint / geConstraint
exactMatchConstraint = [1, keySpec, value]
geConstraint = [2, keySpec, int]
keySpec = [value+]
value = bool / int / tstr / bstr

51
security/authgraph/aidl/android/hardware/security/authgraph/Error.aidl Normal file
View file

@ -0,0 +1,51 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.hardware.security.authgraph;
/**
* AuthGraph error codes. Aidl will return these error codes as service specific errors in
* EX_SERVICE_SPECIFIC.
* @hide
*/
@VintfStability
@Backing(type="int")
enum Error {
/* Success */
OK = 0,
/* Invalid peer nonce for key exchange */
INVALID_PEER_NONCE = -1,
/* Invalid key exchange public key by the peer */
INVALID_PEER_KE_KEY = -2,
/* Invalid identity of the peer */
INVALID_IDENTITY = -3,
/* Invalid certificate chain in the identity of the peer */
INVALID_CERT_CHAIN = -4,
/* Invalid signature by the peer */
INVALID_SIGNATURE = -5,
/* Invalid key exchange key created by a particular party themselves to be used as a handle */
INVALID_KE_KEY = -6,
/* Invalid public key in the `Key` struct */
INVALID_PUB_KEY_IN_KEY = -7,
/* Invalid private key arc in the `Key` struct */
INVALID_PRIV_KEY_ARC_IN_KEY = -8,
/* Invalid shared key arcs */
INVALID_SHARED_KEY_ARCS = -9,
/* Memory allocation failed */
MEMORY_ALLOCATION_FAILED = -10,
/* The protocol version negotiated with the sink is incompatible */
INCOMPATIBLE_PROTOCOL_VERSION = -11,
}

30
security/authgraph/aidl/android/hardware/security/authgraph/ExplicitKeyDiceCertChain.cddl Normal file
View file

@ -0,0 +1,30 @@
;
; Copyright (C) 2023 The Android Open Source Project
;
; Licensed under the Apache License, Version 2.0 (the "License");
; you may not use this file except in compliance with the License.
; You may obtain a copy of the License at
;
; http://www.apache.org/licenses/LICENSE-2.0
;
; Unless required by applicable law or agreed to in writing, software
; distributed under the License is distributed on an "AS IS" BASIS,
; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
; See the License for the specific language governing permissions and
; limitations under the License.
;
ExplicitKeyDiceCertChain = [
1, ; version, hopefully will never change
DiceCertChainInitialPayload,
* DiceChainEntry
]
DiceCertChainInitialPayload = {
-4670552 : bstr .cbor PubKeyEd25519 /
bstr .cbor PubKeyECDSA256 /
bstr .cbor PubKeyECDSA384 ; subjectPublicKey
}
; INCLUDE generateCertificateRequestV2.cddl for: PubKeyEd25519, PubKeyECDSA256, PubKeyECDSA384,
; DiceChainEntry
; from hardware/interfaces/security/rkp/aidl/android/hardware/security/keymint/

216
security/authgraph/aidl/android/hardware/security/authgraph/IAuthGraphKeyExchange.aidl Normal file
View file

@ -0,0 +1,216 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.hardware.security.authgraph;
import android.hardware.security.authgraph.Arc;
import android.hardware.security.authgraph.Identity;
import android.hardware.security.authgraph.KeInitResult;
import android.hardware.security.authgraph.Key;
import android.hardware.security.authgraph.PubKey;
import android.hardware.security.authgraph.SessionIdSignature;
import android.hardware.security.authgraph.SessionInfo;
import android.hardware.security.authgraph.SessionInitiationInfo;
/**
* AuthGraph interface definition for authenticated key exchange between two parties: P1 (source)
* and P2 (sink).
* Pre-requisites: each participant should have a:
* 1. Persistent identity - e.g. a signing key pair with a self signed certificate or a DICE
* certificate chain.
* 2. A symmetric encryption key kept in memory with per-boot life time of the participant
* (a.k.a per-boot key)
*
* ErrorCodes are defined in android.hardware.security.authgraph.ErrorCode.aidl.
* @hide
*/
@VintfStability
interface IAuthGraphKeyExchange {
/**
* This method is invoked on P1 (source).
* Create an ephermeral EC key pair on NIST curve P-256 and a nonce (of 16 bytes) for
* key exchange.
*
* @return SessionInitiationInfo including the `Key` containing the public key of the created
* key pair and an arc from the per-boot key to the private key, the nonce, the persistent
* identity and the latest protocol version (i.e. AIDL version) supported.
*
* Note: The arc from the per-boot key to the private key in `Key` of the return type:
* `SessionInitiationInfo` serves two purposes:
* i. A mapping to correlate `create` and `finish` calls to P1 in a particular instance of the
* key exchange protocol.
* ii.A way to minimize the in-memory storage (P1 can include the nonce in the protected headers
* of the arc).
* However, P1 should maintain some form of in-memory record to be able to verify that the input
* `Key` sent to `finish` is from an unfinished instance of a key exchange protocol, to prevent
* any replay attacks in `finish`.
*/
SessionInitiationInfo create();
/**
* This method is invoked on P2 (sink).
* Perform the following steps for key exchange:
* 0. If either `peerPubKey`, `peerId`, `peerNonce` is not in the expected format, return
* errors: INVALID_PEER_KE_KEY, INVALID_IDENTITY, INVALID_PEER_NONCE respectively.
* 1. Create an ephemeral EC key pair on NIST curve P-256.
* 2. Create a nonce (of 16 bytes).
* 3. Compute the diffie-hellman shared secret: Z.
* 4. Compute a salt = bstr .cbor [
* source_version: int, ; from input `peerVersion`
* sink_pub_key: bstr .cbor PlainPubKey, ; from step #1
* source_pub_key: bstr .cbor PlainPubKey, ; from input `peerPubKey`
* sink_nonce: bstr .size 16, ; from step #2
* source_nonce: bstr .size 16, ; from input `peerNonce`
* sink_cert_chain: bstr .cbor ExplicitKeyDiceCertChain, ; from own identity
* source_cert_chain: bstr .cbor ExplicitKeyDiceCertChain, ; from input `peerId`
* ]
* 5. Extract a cryptographic secret S from Z, using the salt from #4 above.
* 6. Derive two symmetric encryption keys of 256 bits with:
* i. b"KE_ENCRYPTION_KEY_SOURCE_TO_SINK" as context for the key used to encrypt incoming
* messages
* ii. b"KE_ENCRYPTION_KEY_SINK_TO_SOURCE" as context for the key used to encrypt outgoing
* messages
* 7. Create arcs from the per-boot key to each of the two shared keys from step #6 and
* mark authentication_complete = false in arcs' protected headers.
* 8. Derive a MAC key with b"KE_HMAC_KEY" as the context.
* 9. Compute session_id_input = bstr .cbor [
* sink_nonce: bstr .size 16,
* source_nonce: bstr .size 16,
* ],
* 10.Compute a session_id as a 256 bits HMAC over the session_id_input from step#9 with
* the key from step #8.
* 11.Create a signature over the session_id from step #10, using the signing key which is
* part of the party's identity.
*
* @param peerPubKey - the public key of the key pair created by the peer (P1) for key exchange
*
* @param peerId - the persistent identity of the peer
*
* @param peerNonce - nonce created by the peer
*
* @param peerVersion - an integer representing the latest protocol version (i.e. AIDL version)
* supported by the peer
*
* @return KeInitResult including the `Key` containing the public key of the created key pair,
* the nonce, the persistent identity, two shared key arcs from step #7, session id, signature
* over the session id and the negotiated protocol version. The negotiated protocol version
* should be less than or equal to the peer's version.
*
* Note: The two shared key arcs in the return type: `KeInitResult` serves two purposes:
* i. A mapping to correlate `init` and `authenticationComplete` calls to P2 in a particular
* instance of the key exchange protocol.
* ii.A way to minimize the in-memory storage of P2 allocated for key exchange.
* However, P2 should maintain some in-memory record to be able to verify that the input
* `sharedkeys` sent to `authenticationComplete` and to any subsequent AuthGraph protocol
* methods are valid shared keys agreed with the party identified by `peerId`, to prevent
* any replay attacks in `authenticationComplete` and in any subsequent AuthGraph protocol
* methods which use the shared keys to encrypt the secret messages.
*/
KeInitResult init(
in PubKey peerPubKey, in Identity peerId, in byte[] peerNonce, in int peerVersion);
/**
* This method is invoked on P1 (source).
* Perform the following steps:
* 0. If either `peerPubKey`, `peerId`, `peerNonce` is not in the expected format, return
* errors: INVALID_PEER_KE_KEY, INVALID_IDENTITY, INVALID_PEER_NONCE respectively. If
* `peerVersion` is greater than the version advertised in `create`, return error:
* INCOMPATIBLE_PROTOCOL_VERSION.
* If `ownKey` is not in the in-memory records for unfinished instances of a key
* exchange protocol, return error: INVALID_KE_KEY. Similarly, if the public key or the
* arc containing the private key in `ownKey` is invalid, return INVALID_PUB_KEY_IN_KEY
* and INVALID_PRIV_KEY_ARC_IN_KEY respectively.
* 1. Compute the diffie-hellman shared secret: Z.
* 2. Compute a salt = bstr .cbor [
* source_version: int, ; the protocol version used in `create`
* sink_pub_key: bstr .cbor PlainPubKey, ; from input `peerPubKey`
* source_pub_key: bstr .cbor PlainPubKey, ; from the output of `create`
* sink_nonce: bstr .size 16, ; from input `peerNonce`
* source_nonce: bstr .size 16, ; from the output of `create`
* sink_cert_chain: bstr .cbor ExplicitKeyDiceCertChain, ; from input `peerId`
* source_cert_chain: bstr .cbor ExplicitKeyDiceCertChain, ; from own identity
* ]
* 3. Extract a cryptographic secret S from Z, using the salt from #2 above.
* 4. Derive two symmetric encryption keys of 256 bits with:
* i. b"KE_ENCRYPTION_KEY_SOURCE_TO_SINK" as context for the key used to encrypt outgoing
* messages
* ii. b"KE_ENCRYPTION_KEY_SINK_TO_SOURCE" as context for the key used to encrypt incoming
* messages
* 5. Derive a MAC key with b"KE_HMAC_KEY" as the context.
* 6. Compute session_id_input = bstr .cbor [
* sink_nonce: bstr .size 16,
* source_nonce: bstr .size 16,
* ],
* 7. Compute a session_id as a 256 bits HMAC over the session_id_input from step #6 with
* the key from step #5.
* 8. Verify the peer's signature over the session_id from step #7. If successful, proceed,
* otherwise, return error: INVALID_SIGNATURE.
* 9. Create arcs from the per-boot key to each of the two shared keys from step #4 and
* mark authentication_complete = true in arcs' protected headers.
* 10.Create a signature over the session_id from step #7, using the signing key which is
* part of the party's identity.
*
* @param peerPubKey - the public key of the key pair created by the peer (P2) for key exchange
*
* @param peerId - the persistent identity of the peer
*
* @param peerSignature - the signature created by the peer over the session id computed by the
* peer
*
* @param peerNonce - nonce created by the peer
*
* @param peerVersion - an integer representing the protocol version (i.e. AIDL version)
* negotiated with the peer
*
* @param ownKey - the key created by P1 (source) in `create()` for key exchange
*
* @return SessionInfo including the two shared key arcs from step #9, session id and the
* signature over the session id.
*
* Note: The two shared key arcs in the return type: `SessionInfo` serves two purposes:
* i. A mapping to correlate the key exchange protocol taken place with a particular peer and
* subsequent AuthGraph protocols execued with the same peer.
* ii.A way to minimize the in-memory storage for shared keys.
* However, P1 should maintain some in-memory record to be able to verify that the shared key
* arcs sent to any subsequent AuthGraph protocol methods are valid shared keys agreed with the
* party identified by `peerId`, to prevent any replay attacks.
*/
SessionInfo finish(in PubKey peerPubKey, in Identity peerId,
in SessionIdSignature peerSignature, in byte[] peerNonce, in int peerVersion,
in Key ownKey);
/**
* This method is invoked on P2 (sink).
* Perform the following steps:
* 0. If input `sharedKeys` is invalid (i.e. they cannot be decrypted with P2's per-boot key
* or they are not in P2's in-memory records as valid shared keys agreed with the party
* identified by `peerId`), return error: INVALID_SHARED_KEY_ARCS.
* 1. Verify that both shared key arcs have the same session id and peer identity.
* 2. Verify the peer's signature over the session id attached to the shared key arcs'
* headers. If successful, proceed, otherwise, return error: INVALID_SIGNATURE.
* 3. Mark authentication_complete = true in the shared key arcs' headers
*
* @param peerSignature - the signature created by the peer over the session id computed by the
* peer
*
* @param sharedKeys - two shared key arcs created by P2 in `init`. P2 obtains from the arcs'
* protected headers, the session id and the peer's identity to verify the
* peer's signature over the session id.
*
* @return Arc[] - an array of two updated shared key arcs
*/
Arc[2] authenticationComplete(in SessionIdSignature peerSignature, in Arc[2] sharedKeys);
}

43
security/authgraph/aidl/android/hardware/security/authgraph/Identity.aidl Normal file
View file

@ -0,0 +1,43 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.hardware.security.authgraph;
/**
* Persistent (versioned) identity of a participant of Authgraph key exchange.
* Identity consists of two main parts:
* 1. a certificate chain (e.g. a DICE certificate chain)
* 2. (optional) a policy specifying how to verify the certificate chain - if a policy is not
* provided, a simple byte-to-byte comparison of the certificate chain is assumed.
*
* During identity verification, the certificate chain of the identity attached to the access
* request is compared against the policy of the identity attached to the persistent resources.
*
* The usage of policy based identity verification in Authgraph is three-fold:
* 1. Retain access to persistent resources for the newer versions of the party who
* created them, even when parts of the certificate chain are updated in the new version.
* 2. Deny access to the new persistent resources for the older versions of the party
* who created the new persistent resources.
* 3. Trigger rotation of critical keys encrypted in persistent arcs created by the previous
* version of the party, by including an updated policy in the identity attached to the
* access request.
*/
@VintfStability
@RustDerive(Clone=true, Eq=true, PartialEq=true)
parcelable Identity {
/* Data is CBOR-encoded according to the `Identity` CDDL definition in Identity.cddl */
byte[] identity;
}

23
security/authgraph/aidl/android/hardware/security/authgraph/Identity.cddl Normal file
View file

@ -0,0 +1,23 @@
;
; Copyright (C) 2023 The Android Open Source Project
;
; Licensed under the Apache License, Version 2.0 (the "License");
; you may not use this file except in compliance with the License.
; You may obtain a copy of the License at
;
; http://www.apache.org/licenses/LICENSE-2.0
;
; Unless required by applicable law or agreed to in writing, software
; distributed under the License is distributed on an "AS IS" BASIS,
; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
; See the License for the specific language governing permissions and
; limitations under the License.
;
Identity = [
1, ; Version
cert_chain: bstr .cbor ExplicitKeyDiceCertChain,
policy: bstr .cbor DicePolicy / nil,
]
; INCLUDE ExplicitKeyDiceCertChain.cddl for: ExplicitKeyDiceCertChain
; INCLUDE DicePolicy.cddl for: DicePolicy

37
security/authgraph/aidl/android/hardware/security/authgraph/KeInitResult.aidl Normal file
View file

@ -0,0 +1,37 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.hardware.security.authgraph;
import android.hardware.security.authgraph.SessionInfo;
import android.hardware.security.authgraph.SessionInitiationInfo;
/**
* The return type for the init() step of authenticated key exchange.
*/
@VintfStability
@RustDerive(Clone=true, Eq=true, PartialEq=true)
parcelable KeInitResult {
/**
* Session initiation information.
*/
SessionInitiationInfo sessionInitiationInfo;
/**
* Session information.
*/
SessionInfo sessionInfo;
}

41
security/authgraph/aidl/android/hardware/security/authgraph/Key.aidl Normal file
View file

@ -0,0 +1,41 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.hardware.security.authgraph;
import android.hardware.security.authgraph.Arc;
import android.hardware.security.authgraph.PubKey;
/**
* The type that encapsulates a key. Key can be either a symmetric key or an asymmetric key.
* If it is an asymmetric key, it is used for key exchange.
*/
@VintfStability
@RustDerive(Clone=true, Eq=true, PartialEq=true)
parcelable Key {
/**
* If the Key is an asymmetric key, public key should be present.
*/
@nullable PubKey pubKey;
/**
* Arc from the per-boot key to the payload key. The payload key is either the symmetric key
* or the private key of an asymmetric key, based on the type of the key being created.
* This is marked as optional because there are instances where only the public key is returned,
* e.g. `init` method in the key exchange protocol.
*/
@nullable Arc arcFromPBK;
}

28
security/authgraph/aidl/android/hardware/security/authgraph/PlainPubKey.aidl Normal file
View file

@ -0,0 +1,28 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.hardware.security.authgraph;
/**
* One of the two enum variants of the enum type: `PubKey`. This represents the plain public key
* material encoded as a COSE_Key.
*/
@VintfStability
@RustDerive(Clone=true, Eq=true, PartialEq=true)
parcelable PlainPubKey {
/* Data is CBOR-encoded according to the `PlainPubKey` CDDL definition in PlainPubKey.cddl */
byte[] plainPubKey;
}

24
security/authgraph/aidl/android/hardware/security/authgraph/PlainPubKey.cddl Normal file
View file

@ -0,0 +1,24 @@
;
; Copyright (C) 2023 The Android Open Source Project
;
; Licensed under the Apache License, Version 2.0 (the "License");
; you may not use this file except in compliance with the License.
; You may obtain a copy of the License at
;
; http://www.apache.org/licenses/LICENSE-2.0
;
; Unless required by applicable law or agreed to in writing, software
; distributed under the License is distributed on an "AS IS" BASIS,
; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
; See the License for the specific language governing permissions and
; limitations under the License.
;
; P-256 public key for key exchange.
PlainPubKey = [ ; COSE_Key [RFC9052 s7]
1 : 2, ; Key type : EC2
3 : -27, ; Algorithm : ECDH-SS + HKDF-256
-1 : 1, ; Curve: P256
-2 : bstr, ; X coordinate, big-endian
-3 : bstr ; Y coordinate, big-endian
]

37
security/authgraph/aidl/android/hardware/security/authgraph/PubKey.aidl Normal file
View file

@ -0,0 +1,37 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.hardware.security.authgraph;
import android.hardware.security.authgraph.PlainPubKey;
import android.hardware.security.authgraph.SignedPubKey;
/**
* The enum type representing the public key of an asymmetric key pair.
*/
@VintfStability
@RustDerive(Clone=true, Eq=true, PartialEq=true)
union PubKey {
/**
* Plain public key material encoded as a COSE_Key.
*/
PlainPubKey plainKey;
/**
* Public key signed with the long term signing key of the party.
*/
SignedPubKey signedKey;
}

28
security/authgraph/aidl/android/hardware/security/authgraph/SessionIdSignature.aidl Normal file
View file

@ -0,0 +1,28 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.hardware.security.authgraph;
/**
* Signature computed by a party over the session id during authenticated key exchange.
*/
@VintfStability
@RustDerive(Clone=true, Eq=true, PartialEq=true)
parcelable SessionIdSignature {
/* Data is CBOR-encoded according to the `SessionIdSignature` CDDL definition in
* SessionIdSignature.cddl */
byte[] signature;
}

33
security/authgraph/aidl/android/hardware/security/authgraph/SessionIdSignature.cddl Normal file
View file

@ -0,0 +1,33 @@
;
; Copyright (C) 2023 The Android Open Source Project
;
; Licensed under the Apache License, Version 2.0 (the "License");
; you may not use this file except in compliance with the License.
; You may obtain a copy of the License at
;
; http://www.apache.org/licenses/LICENSE-2.0
;
; Unless required by applicable law or agreed to in writing, software
; distributed under the License is distributed on an "AS IS" BASIS,
; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
; See the License for the specific language governing permissions and
; limitations under the License.
;
SessionIdSignature = [ ; COSE_Sign1 (untagged) [RFC9052 s4.2]
protected: bstr .cbor SessionIdSignatureProtected,
unprotected: {},
payload: nil, ; session ID payload to be transported separately
signature: bstr ; PureEd25519(privateKey, SessionIdSignatureSigStruct) /
; ECDSA(privateKey, SessionIdSignatureSigStruct)
]
SessionIdSignatureProtected = {
1 : AlgorithmEdDSA / AlgorithmES256,
}
SessionIdSignatureSigStruct = [ ; Sig_structure for SessionIdSignature [ RFC9052 s4.4]
context: "Signature1",
protected: bstr SessionIdSignatureProtected,
external_aad: bstr .size 0,
payload: bstr, ; session ID payload provided separately
]

50
security/authgraph/aidl/android/hardware/security/authgraph/SessionInfo.aidl Normal file
View file

@ -0,0 +1,50 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.hardware.security.authgraph;
import android.hardware.security.authgraph.Arc;
import android.hardware.security.authgraph.SessionIdSignature;
/**
* Session information returned as part of authenticated key exchange.
*/
@VintfStability
@RustDerive(Clone=true, Eq=true, PartialEq=true)
parcelable SessionInfo {
/**
* The arcs that encrypt the two derived symmetric encryption keys (for two-way communication)
* from the party's per-boot key.
*/
Arc[2] sharedKeys;
/**
* The value of the session id computed by the two parties during the authenticate key
* exchange. Apart from the usage of the session id by the two peers, session id is also useful
* to verify (by a third party) that the key exchange was successful.
*/
byte[] sessionId;
/**
* The signature over the session id, created by the party who computed the session id.
*
* If there is one or more `DiceChainEntry` in the `ExplicitKeyDiceCertChain` of the party's
* identity, the signature is verified with the public key in the leaf of the chain of
* DiceChainEntries (i.e the public key in the last of the array of DiceChainEntries).
* Otherwise, the signature is verified with the `DiceCertChainInitialPayload`.
*/
SessionIdSignature signature;
}

69
security/authgraph/aidl/android/hardware/security/authgraph/SessionInitiationInfo.aidl Normal file
View file

@ -0,0 +1,69 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.hardware.security.authgraph;
import android.hardware.security.authgraph.Arc;
import android.hardware.security.authgraph.Identity;
import android.hardware.security.authgraph.Key;
/**
* Session initiation information returned as part of authenticated key exchange.
*/
@VintfStability
@RustDerive(Clone=true, Eq=true, PartialEq=true)
parcelable SessionInitiationInfo {
/**
* An ephemeral EC key created for the ECDH process.
*/
Key key;
/**
* The identity of the party who created the Diffie-Hellman key exchange key.
*/
Identity identity;
/**
* Nonce value specific to this session. The nonce serves three purposes:
* 1. freshness of key exchange
* 2. creating a session id (a publicly known value related to the exchanged keys)
* 3. usage as salt into the HKDF-EXTRACT function during key derivation from the shared DH key
*/
byte[] nonce;
/**
* The protocol version (i.e. AIDL version) - This is used to prevent version downgrade attacks
* as follows:
* 1. In `create`, the source advertises the latest protocol version supported by the source,
* which is given as input to the `init` call on the sink in the input parameter:
* `peerVersion`.
* 2. In `init`, the sink includes the `peerVersion` in the inputs to the derivation of the
* shared keys. Then the sink returns the latest protocol version supported by the sink,
* which is given as input to the `finish` call on the source in the input parameter:
* `peerVersion`.
* 3. In `finish`, the source first checks whether the sink's version is equal or less than the
* source's version and includes in the source's version in the inputs to the derivation of
* the shared keys.
* Analysis: if an attacker-in-the-middle wanted the two parties to use an older (vulnerable)
* version of the protocol, they can invoke `init` with a version that is lower than the version
* advertised by the source in `create`. However, since both parties include the source's
* version in the inputs to the derivation of the shared keys, the two parties won't end up with
* the same shared keys in the presence of such an attack. This is detected when checking the
* signature on the session id in `finish`, at which point the protocol aborts. Therefore,
* an attacker cannot successfully launch a version downgrade attack on this protocol.
*/
int version;
}

28
security/authgraph/aidl/android/hardware/security/authgraph/SignedPubKey.aidl Normal file
View file

@ -0,0 +1,28 @@
/*
* Copyright (C) 2023 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.hardware.security.authgraph;
/**
* One of the two enum variants of the enum type: `PubKey`. This represents the public key signed
* with the long term signing key of the party.
*/
@VintfStability
@RustDerive(Clone=true, Eq=true, PartialEq=true)
parcelable SignedPubKey {
/* Data is CBOR-encoded according to the `SignedPubKey` CDDL definition in SignedPubKey.cddl */
byte[] signedPubKey;
}

41
security/authgraph/aidl/android/hardware/security/authgraph/SignedPubKey.cddl Normal file
View file

@ -0,0 +1,41 @@
;
; Copyright (C) 2023 The Android Open Source Project
;
; Licensed under the Apache License, Version 2.0 (the "License");
; you may not use this file except in compliance with the License.
; You may obtain a copy of the License at
;
; http://www.apache.org/licenses/LICENSE-2.0
;
; Unless required by applicable law or agreed to in writing, software
; distributed under the License is distributed on an "AS IS" BASIS,
; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
; See the License for the specific language governing permissions and
; limitations under the License.
;
SignedPubKey = [ ; COSE_Sign1 (untagged) [RFC9052 s4.2]
protected: bstr .cbor SignedPubKeyProtected,
unprotected: {},
payload: bstr .cbor PlainPubKey,
signature: bstr ; PureEd25519(privateKey, SignedPubKeySigStruct) /
; ECDSA(privateKey, SignedPubKeySigStruct)
]
SignedPubKeyProtected = {
1 : AlgorithmEdDSA / AlgorithmES256,
? -70011 : Identity, ; the party who performs the signing operation adds its own
; identity to the protected headers.
}
SignedPubKeySigStruct = [ ; Sig_structure for SignedPubKey [ RFC9052 s4.4]
context: "Signature1",
protected: bstr SignedPubKeyProtected,
external_aad: bstr .size 0,
payload: bstr .cbor PlainPubKey,
]
AlgorithmES256 = -7 ; [RFC9053 s2.1]
AlgorithmEdDSA = -8 ; [RFC9053 s2.2]
; INCLUDE PlainPubKey.cddl for: PlainPubKey
; INCLUDE Identity.cddl for: Identity