tequilaOS/platform_hardware_interfaces
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "remote_prov_utils: Add instance name in the JSON output"

Browse source
This commit is contained in:
Treehugger Robot 2022-03-11 12:48:19 +00:00 committed by Gerrit Code Review
commit 3192a09b11
3 changed files with 11 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
security/keymint/support/include/remote_prov/remote_prov_utils.h
View file

@ -124,17 +124,19 @@ struct JsonOutput {
}; };
/** /**
* Take a given certificate request and output a JSON blob containing both the * Take a given instance name and certificate request, then output a JSON blob
* build fingerprint and certificate request. This data may be serialized, then * containing the name, build fingerprint and certificate request. This data may
* later uploaded to the remote provisioning service. The input csr is not * be serialized, then later uploaded to the remote provisioning service. The
* validated, only encoded. * input csr is not validated, only encoded.
* *
* Output format: * Output format:
* { * {
* "build_fingerprint": <string> * "build_fingerprint": <string>
* "csr": <base64 CBOR CSR> * "csr": <base64 CBOR CSR>
* "name": <string>
* } * }
*/ */
JsonOutput jsonEncodeCsrWithBuild(const cppbor::Array& csr); JsonOutput jsonEncodeCsrWithBuild(const std::string instance_name,
const cppbor::Array& csr);
} // namespace aidl::android::hardware::security::keymint::remote_prov } // namespace aidl::android::hardware::security::keymint::remote_prov

3
security/keymint/support/remote_prov_utils.cpp
View file

@ -408,7 +408,7 @@ ErrMsgOr<std::vector<BccEntryData>> validateBcc(const cppbor::Array* bcc) {
return result; return result;
} }
JsonOutput jsonEncodeCsrWithBuild(const cppbor::Array& csr) { JsonOutput jsonEncodeCsrWithBuild(const std::string instance_name, const cppbor::Array& csr) {
const std::string kFingerprintProp = "ro.build.fingerprint"; const std::string kFingerprintProp = "ro.build.fingerprint";
if (!::android::base::WaitForPropertyCreation(kFingerprintProp)) { if (!::android::base::WaitForPropertyCreation(kFingerprintProp)) {
@ -432,6 +432,7 @@ JsonOutput jsonEncodeCsrWithBuild(const cppbor::Array& csr) {
} }
Json::Value json(Json::objectValue); Json::Value json(Json::objectValue);
json["name"] = instance_name;
json["build_fingerprint"] = ::android::base::GetProperty(kFingerprintProp, /*default=*/""); json["build_fingerprint"] = ::android::base::GetProperty(kFingerprintProp, /*default=*/"");
json["csr"] = base64.data(); // Boring writes a NUL-terminated c-string json["csr"] = base64.data(); // Boring writes a NUL-terminated c-string

4
security/keymint/support/remote_prov_utils_test.cpp
View file

@ -185,13 +185,13 @@ TEST(RemoteProvUtilsTest, JsonEncodeCsr) {
cppbor::Array array; cppbor::Array array;
array.add(1); array.add(1);
auto [json, error] = jsonEncodeCsrWithBuild(array); auto [json, error] = jsonEncodeCsrWithBuild(std::string("test"), array);
ASSERT_TRUE(error.empty()) << error; ASSERT_TRUE(error.empty()) << error;
std::string expected = R"({"build_fingerprint":")" + std::string expected = R"({"build_fingerprint":")" +
::android::base::GetProperty("ro.build.fingerprint", /*default=*/"") + ::android::base::GetProperty("ro.build.fingerprint", /*default=*/"") +
R"(","csr":"gQE="})"; R"(","csr":"gQE=","name":"test"})";
ASSERT_EQ(json, expected); ASSERT_EQ(json, expected);
} }