Merge "remote_prov_utils: Add instance name in the JSON output" am: 3192a09b11 am: a91e17ed66

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2017795 Change-Id: I36bf9336a784f099d12cdb2e4833ea76f10e520b
2022-03-11 14:02:22 +00:00 · 2022-03-11 14:02:22 +00:00 · 6cc8d07a64
commit 6cc8d07a64
parent d6ef5852b5 a91e17ed66
3 changed files with 11 additions and 8 deletions
--- a/security/keymint/support/include/remote_prov/remote_prov_utils.h
+++ b/security/keymint/support/include/remote_prov/remote_prov_utils.h
@ -124,17 +124,19 @@ struct JsonOutput {
 };

 /**
- * Take a given certificate request and output a JSON blob containing both the
- * build fingerprint and certificate request. This data may be serialized, then
- * later uploaded to the remote provisioning service. The input csr is not
- * validated, only encoded.
+ * Take a given instance name and certificate request, then output a JSON blob
+ * containing the name, build fingerprint and certificate request. This data may
+ * be serialized, then later uploaded to the remote provisioning service. The
+ * input csr is not validated, only encoded.
 *
 * Output format:
 *   {
 *     "build_fingerprint": <string>
 *     "csr": <base64 CBOR CSR>
+ *     "name": <string>
 *   }
 */
-JsonOutput jsonEncodeCsrWithBuild(const cppbor::Array& csr);
+JsonOutput jsonEncodeCsrWithBuild(const std::string instance_name,
+                                  const cppbor::Array& csr);

 }  // namespace aidl::android::hardware::security::keymint::remote_prov
--- a/security/keymint/support/remote_prov_utils.cpp
+++ b/security/keymint/support/remote_prov_utils.cpp
@ -408,7 +408,7 @@ ErrMsgOr<std::vector<BccEntryData>> validateBcc(const cppbor::Array* bcc) {
    return result;
 }

-JsonOutput jsonEncodeCsrWithBuild(const cppbor::Array& csr) {
+JsonOutput jsonEncodeCsrWithBuild(const std::string instance_name, const cppbor::Array& csr) {
    const std::string kFingerprintProp = "ro.build.fingerprint";

    if (!::android::base::WaitForPropertyCreation(kFingerprintProp)) {
@ -432,6 +432,7 @@ JsonOutput jsonEncodeCsrWithBuild(const cppbor::Array& csr) {
    }

    Json::Value json(Json::objectValue);
+    json["name"] = instance_name;
    json["build_fingerprint"] = ::android::base::GetProperty(kFingerprintProp, /*default=*/"");
    json["csr"] = base64.data();  // Boring writes a NUL-terminated c-string

--- a/security/keymint/support/remote_prov_utils_test.cpp
+++ b/security/keymint/support/remote_prov_utils_test.cpp
@ -185,13 +185,13 @@ TEST(RemoteProvUtilsTest, JsonEncodeCsr) {
    cppbor::Array array;
    array.add(1);

-    auto [json, error] = jsonEncodeCsrWithBuild(array);
+    auto [json, error] = jsonEncodeCsrWithBuild(std::string("test"), array);

    ASSERT_TRUE(error.empty()) << error;

    std::string expected = R"({"build_fingerprint":")" +
                           ::android::base::GetProperty("ro.build.fingerprint", /*default=*/"") +
-                           R"(","csr":"gQE="})";
+                           R"(","csr":"gQE=","name":"test"})";

    ASSERT_EQ(json, expected);
 }