tequilaOS/platform_hardware_interfaces
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update README and CHANGELOG for RKP

Browse source 
Bug: 254112961
Test: vts_treble_vintf_vendor_test
Merged-In: Ib66fcbdbaadda3f32cd8423f61bd31d5f43dc44b
Change-Id: Ib66fcbdbaadda3f32cd8423f61bd31d5f43dc44b
This commit is contained in:
Seth Moore 2022-11-04 17:39:05 +00:00
parent 3a810627e0
commit f479b4b902
3 changed files with 24 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
security/keymint/README.md Normal file
View file

@ -0,0 +1,10 @@
# KeyMint HAL
This directory contains the HAL definition for KeyMint. KeyMint provides
cryptographic services in a hardware-isolated environment.
Note that the `IRemotelyProvisionedComponent` HAL, and it's associated types,
used to also be defined in this directory. As of Android U, this HAL has been
moved to a different directory (../rkp). This move is ABI compatible, as the
interfaces have been maintained. The build is split so that the generated
code may be built with different options.

6
security/keymint/RKP_CHANGELOG.md → security/rkp/CHANGELOG.md
View file

@ -19,6 +19,12 @@ This document provides an exact description of which changes have occurred in th
* `uniqueId` String added as a field in order to differentiate IRPC instances on device. * `uniqueId` String added as a field in order to differentiate IRPC instances on device.
## IRemotelyProvisionedComponent 2 -> 3 ## IRemotelyProvisionedComponent 2 -> 3
* The RKP HAL now builds separately from KeyMint.
* The HAL remains under the `android.hardware.security.keymint` package for
compatibility with previous releases. ABI compatibility requires this.
* Dependencies on the RKP HAL must add a dependency on
`"android.hardware.security.rkp"` generated code (instead of
`"android.hardward.security.keymint"`).
* ProtectedData has been removed. * ProtectedData has been removed.
* DeviceInfo * DeviceInfo
* `version` has moved to a top-level field within the CSR generated by the HAL * `version` has moved to a top-level field within the CSR generated by the HAL

16
security/keymint/RKP_README.md → security/rkp/README.md
View file

@ -6,8 +6,8 @@ Design a HAL to support over-the-air provisioning of certificates for asymmetric
keys. The HAL must interact effectively with Keystore (and other daemons) and keys. The HAL must interact effectively with Keystore (and other daemons) and
protect device privacy and security. protect device privacy and security.
Note that this API is designed for KeyMint, but with the intention that it Note that this API was originally designed for KeyMint, with the intention that
should be usable for other HALs that require certificate provisioning. it should be usable for other HALs that require certificate provisioning.
Throughout this document we'll refer to the Keystore and KeyMint (formerly Throughout this document we'll refer to the Keystore and KeyMint (formerly
called Keymaster) components, but only for concreteness and convenience; those called Keymaster) components, but only for concreteness and convenience; those
labels could be replaced with the names of any system and secure area labels could be replaced with the names of any system and secure area
@ -312,7 +312,7 @@ the range \[-70000, -70999\] (these are reserved for future additions here).
``` ```
Please see Please see
[ProtectedData.aidl](https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl) [ProtectedData.aidl](https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/rkp/aidl/android/hardware/security/keymint/ProtectedData.aidl)
for a full CDDL definition of the BCC. for a full CDDL definition of the BCC.
### `CertificateRequest` ### `CertificateRequest`
@ -366,9 +366,9 @@ Please see the related HAL documentation directly in the source code at the
following links: following links:
* [IRemotelyProvisionedComponent * [IRemotelyProvisionedComponent
HAL](https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/keymint/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl) HAL](https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl)
* [ProtectedData](https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl) * [ProtectedData](https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/rkp/aidl/android/hardware/security/keymint/ProtectedData.aidl)
* [MacedPublicKey](https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/keymint/aidl/android/hardware/security/keymint/MacedPublicKey.aidl) * [MacedPublicKey](https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/rkp/aidl/android/hardware/security/keymint/MacedPublicKey.aidl)
* [RpcHardwareInfo](https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/keymint/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl) * [RpcHardwareInfo](https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/rkp/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl)
* [DeviceInfo](https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/keymint/aidl/android/hardware/security/keymint/DeviceInfo.aidl) * [DeviceInfo](https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/rkp/aidl/android/hardware/security/keymint/DeviceInfo.aidl)