From 65a514dcf62719afdf91b6977f27ff64964e8597 Mon Sep 17 00:00:00 2001
From: Andrew Scull <ascull@google.com>
Date: Wed, 29 Mar 2023 17:43:01 +0000
Subject: [PATCH] Document that the component version can be a string

Following feedback from partners, allow the component version in the
configuration descriptor to be either an int or a string.

Bug: 273552826
Test: n/a
Change-Id: Iecc9889592a2e634a3b9e40f14347b231b703c60
---
 security/rkp/CHANGELOG.md                                       | 1 +
 security/rkp/README.md                                          | 2 +-
 .../security/keymint/IRemotelyProvisionedComponent.aidl         | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/security/rkp/CHANGELOG.md b/security/rkp/CHANGELOG.md
index 9409a6db0c..79932b773a 100644
--- a/security/rkp/CHANGELOG.md
+++ b/security/rkp/CHANGELOG.md
@@ -42,6 +42,7 @@ This document provides an exact description of which changes have occurred in th
       `AuthenticatedRequest<T>` object representing the top level data required to authenticate
       the data provided in the payload, `T`.
   * The new CSR format supports P-384 signing keys and SHA-384 hashes in the DICE chain.
+  * The component version can now be either an int or a string.
 * RpcHardwareInfo
   * `supportedNumKeysInCsr` added to report the maximum number of keys supported in a CSR.
   * `supportedEekCurve` is no longer used, due to the removal of the EEK from the scheme.
diff --git a/security/rkp/README.md b/security/rkp/README.md
index 9090ac5c05..01c90a8db1 100644
--- a/security/rkp/README.md
+++ b/security/rkp/README.md
@@ -302,7 +302,7 @@ the range \[-70000, -70999\] (these are reserved for future additions here).
 | ----------------- | ------ | ---------- | ----------------------------------|
 | Component name    | -70002 | tstr       | Name of firmware component / boot |
 :                   :        :            : stage                             :
-| Component version | -70003 | int        | Version of firmware component /   |
+| Component version | -70003 | int / tstr | Version of firmware component /   |
 :                   :        :            : boot stage                        :
 | Resettable        | -70004 | null       | If present, key changes on factory|
 :                   :        :            : reset                             :
diff --git a/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl b/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
index 35b83ddbfc..0392009099 100644
--- a/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
+++ b/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
@@ -421,7 +421,7 @@ interface IRemotelyProvisionedComponent {
      *     ? -4670547 : bstr,                       ; Configuration Hash
      *     -4670548 : bstr .cbor {                  ; Configuration Descriptor
      *         ? -70002 : tstr,                         ; Component name
-     *         ? -70003 : int,                          ; Firmware version
+     *         ? -70003 : int / tstr,                   ; Component version
      *         ? -70004 : null,                         ; Resettable
      *     },
      *     -4670549 : bstr,                         ; Authority Hash