The RKP VM is part of the Android Virtualization Framework. It will be
uniquely authenticated by the RKP server, and therefore needs its own
certificate type.
Bug: 300624493
Change-Id: Ice586ad85ae43235dd80a5d220603e7394c1c49b
Revert submission 2829351-revert-2812456-revert-2812435-revert-2778549-expose-avf-rkp-hal-GTFGLMUUKQ-PAWNEHUQBT-WYENGHRTXK
Reason for revert: Relands the original topic:
https://r.android.com/q/topic:%22expose-avf-rkp-hal%22
PS2 is the same as the original cl: aosp/2796032
Reverted changes: /q/submissionid:2829351-revert-2812456-revert-2812435-revert-2778549-expose-avf-rkp-hal-GTFGLMUUKQ-PAWNEHUQBT-WYENGHRTXK
Test: atest MicrodroidHostTests librkp_support_test
Change-Id: I7200599131c01908db7fa3bb4a6f989418a89288
getMessage is often empty. getDescription will always include at least
the status code.
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: Id401184a3c3642188e26fa2ec03f19515f89ae4f
Revert submission 2812435-revert-2778549-expose-avf-rkp-hal-GTFGLMUUKQ
Reason for revert: This change relands the topic
https://r.android.com/q/topic:%22expose-avf-rkp-hal%22
This SELinux denial has been fixed in system/sepolicy
Reverted changes: /q/submissionid:2812435-revert-2778549-expose-avf-rkp-hal-GTFGLMUUKQ
Change-Id: Ia1aed212bf8de4b81239997cc1d1ca665cc456eb
This cl adjusts IRPC VTS tests so that it can handle the IRPC AVF
impl in an environment where the IRPC operations are not supported.
Bug: 299257581
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: Iae96076c20e360e6a4aca5518ca8df21920f6978
Check the VSR of the device to select the DICE validation rules that
will be appropriate to use for VTS.
Test: TH
Change-Id: Iff19debd1e442a0b318da1a4d8a08d470efba0ae
Extract CDDL from MacedPublicKey.aidl and DeviceInfo.aidl.
Make -70000 optional in `PublicKey`.
Make CDDL compliant with RFC8610:
- Move `bstr` contents for generated data (e.g. `ECDSA(..)`) to comments.
- Fix alternatives in CBOR-encoded bstr instances.
Add more RFC references and unify reference style.
Try to use a standard format to indicate that external files are needed
for the complete CDDL schema. (Hopefully in the future we might have
tooling that uses these to check the schemas.)
Test: Compile with docs.rs/cddl-cat and https://cddl.anweiss.tech/
Change-Id: Ie1d6c39f1cc0314e312df9205b570b89178ebd16
Move CDDL out of comments and into files, per-method
generateCertificateRequest.cddl
generateCertificateRequestV2.cddl
This makes it easier to read and it means tools can parse it.
Test: Treehugger
Change-Id: I9b71b094d128a5a4566a4d352aaa11d1c9b595ff
Remove the inline definition of the Android Profile for DICE and instead
reference the definition that exists alongside the Open Profile for DICE
and is now the source of truth for the profile.
Test: n/a
Change-Id: Ia71a674234be13542ad0ce4db0b764e8ee0c7a62
Specify that DICE-based RKP implementations may also allow a ROM
extension to manage the UDS public key.
Test: The words are semantically parseable
Change-Id: I8f9c6efb01fc76318220cf1bc4a0eb3a3ad42f87
Update the RKP readme to match contemporary philosophy about the design.
This includes replacing discussion if the obsolete term `BCC` with a
description of the Android Profile for DICE.
The privacy concerns are relaxed to match updates to the HAL which
remove the superencryption of the DICE chain.
Test: n/a
Fix: 281755202
Change-Id: I3a6fd2cd12599c5843b5dce0044eb16c2afbffa2
Align with the Open Profile for DICE by requiring that the configuration
hash be included because the configuration input is a hash of the
specified configuration desscriptor.
Test: n/a
Change-Id: I9d2ef560dc8e6f567b5b8d1a244f5138c45ae420
Introduce a field to the configuration descriptor that provides a
standard semantically-defined version number rather than the
vendor-defined component version which acts more like a build ID.
Test: n/a
Bug: 282205139
Change-Id: Idb0c991ab12ae75687236f2489e639e4422a0225
Only specify the requirements for `normal` DICE mode and allow vendors
to choose the non-normal mode that fits their need per the ope-dice
specification.
Add a note that RKP required `normal` mode in the DICE chain in order to
trust the device.
Test: n/a
Bug: 263144485
Change-Id: Iaaa3799c53234de61a51ebc855822b93ab3e5bb8
The Open Profile for DICE give possible guidelines on the requirements
for the DICE mode but Android needs those to be strictly specified.
Fix: 263144485
Test: n/a
Change-Id: Ia5fc937654504199cabf4709f1c15484242e0161
It's already documented that IRPC v3 doesn't make use of test mode keys
however VTS still required support for their generation. Fix this and
simplify implementation of the v3 HAL by expecting an error in all cases
that the deprecated test mode keys are seen.
IRPC v3 also fully deprecated the EEK meaning a v3 implementation must
unconditionally report CURVE_NONE for supportedEekCurve.
The VTS tests are enhanced with contextual version constants rather than
reusing constants with seemingly unrelated names.
Bug: 278013975
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I5709a0b1cd77eb28e677f64bb781fad58d91570a
Following feedback from partners, allow the component version in the
configuration descriptor to be either an int or a string.
Bug: 273552826
Test: n/a
Change-Id: Iecc9889592a2e634a3b9e40f14347b231b703c60
