Merge "Deprecate CSR v1 and v2 in IRPC v3" am: 74a699c4d8 am: eb06c44f4f

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2510195

Change-Id: I037315bb7bfaf6dd106739b22b0537e01aed6cc9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Andrew Scull 2023-03-29 15:10:58 +00:00 committed by Automerger Merge Worker
commit 2379f9b037
3 changed files with 20 additions and 14 deletions

View file

@ -31,7 +31,7 @@ This document provides an exact description of which changes have occurred in th
* IRemotelyProvisionedComponent
* The need for an EEK has been removed. There is no longer an encrypted portion of the CSR.
* Keys for new CSR format must be generated with test mode set to false, effectively removing test
mode in the new CSR flow. Old behavior is kept unchanged for backwards compatibility.
mode in the new CSR flow.
* The schema for the CSR itself has been significantly simplified, please see
IRemotelyProvisionedComponent.aidl for more details. Notably,
* the chain of signing, MACing, and encryption operations has been replaced with a single

View file

@ -144,9 +144,9 @@ interface IRemotelyProvisionedComponent {
byte[] generateEcdsaP256KeyPair(in boolean testMode, out MacedPublicKey macedPublicKey);
/**
* This method can be removed in version 3 of the HAL. The header is kept around for
* backwards compatibility purposes. From v3, this method is allowed to raise a
* ServiceSpecificException with an error code of STATUS_REMOVED.
* This method has been deprecated since version 3 of the HAL. The header is kept around for
* backwards compatibility purposes. From v3, this method must raise a ServiceSpecificException
* with an error code of STATUS_REMOVED.
*
* For v1 and v2 implementations:
* generateCertificateRequest creates a certificate request to be sent to the provisioning

View file

@ -408,16 +408,8 @@ class CertificateRequestTest : public CertificateRequestTestBase {
ASSERT_FALSE(HasFatalFailure());
if (rpcHardwareInfo.versionNumber >= VERSION_WITHOUT_TEST_MODE) {
bytevec keysToSignMac;
DeviceInfo deviceInfo;
ProtectedData protectedData;
auto status = provisionable_->generateCertificateRequest(
false, {}, {}, {}, &deviceInfo, &protectedData, &keysToSignMac);
if (!status.isOk() && (status.getServiceSpecificError() ==
BnRemotelyProvisionedComponent::STATUS_REMOVED)) {
GTEST_SKIP() << "This test case applies to RKP v3+ only if "
<< "generateCertificateRequest() is implemented.";
}
GTEST_SKIP() << "This test case only applies to RKP v1 and v2. "
<< "RKP version discovered: " << rpcHardwareInfo.versionNumber;
}
}
};
@ -798,6 +790,20 @@ TEST_P(CertificateRequestV2Test, NonEmptyRequest_testKeyInProdCert) {
BnRemotelyProvisionedComponent::STATUS_TEST_KEY_IN_PRODUCTION_REQUEST);
}
/**
* Call generateCertificateRequest(). Make sure it's removed.
*/
TEST_P(CertificateRequestV2Test, CertificateRequestV1Removed) {
bytevec keysToSignMac;
DeviceInfo deviceInfo;
ProtectedData protectedData;
auto status = provisionable_->generateCertificateRequest(
true /* testMode */, {} /* keysToSign */, {} /* EEK chain */, challenge_, &deviceInfo,
&protectedData, &keysToSignMac);
ASSERT_FALSE(status.isOk()) << status.getMessage();
EXPECT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_REMOVED);
}
void parse_root_of_trust(const vector<uint8_t>& attestation_cert,
vector<uint8_t>* verified_boot_key, VerifiedBoot* verified_boot_state,
bool* device_locked, vector<uint8_t>* verified_boot_hash) {