Evolution-x/hardware_interfaces
1
0
Fork 0
mirror of https://github.com/Evolution-X/hardware_interfaces synced 2026-02-01 16:23:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "Enforcing canonicalization of DeviceInfo."

Browse Source
This commit is contained in:
Max Bires
2022-02-04 02:44:54 +00:00
committed by Gerrit Code Review
parent 85d3fae9c5 8c255e69bf
commit 4820b542fa
2 changed files with 7 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
security/keymint/aidl/android/hardware/security/keymint/DeviceInfo.aidl
View File

@@ -27,7 +27,9 @@ package android.hardware.security.keymint;
@VintfStability
parcelable DeviceInfo {
/**
* DeviceInfo is a CBOR Map structure described by the following CDDL.
* DeviceInfo is a CBOR Map structure described by the following CDDL. DeviceInfo must be
* canonicalized according to the specification in RFC 7049. The ordering presented here is
* non-canonical to group similar entries semantically.
*
* DeviceInfo = {
* "brand" : tstr,

6
security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
View File

@@ -422,7 +422,7 @@ class CertificateRequestTest : public VtsRemotelyProvisionedComponentTests {
ASSERT_TRUE(deviceInfoMap) << "Failed to parse deviceInfo: " << deviceInfoErrMsg;
ASSERT_TRUE(deviceInfoMap->asMap());
checkDeviceInfo(deviceInfoMap->asMap());
checkDeviceInfo(deviceInfoMap->asMap(), deviceInfo.deviceInfo);
auto& signingKey = bccContents->back().pubKey;
auto macKey = verifyAndParseCoseSign1(signedMac->asArray(), signingKey,
@@ -466,7 +466,7 @@ class CertificateRequestTest : public VtsRemotelyProvisionedComponentTests {
}
}
void checkDeviceInfo(const cppbor::Map* deviceInfo) {
void checkDeviceInfo(const cppbor::Map* deviceInfo, bytevec deviceInfoBytes) {
const auto& version = deviceInfo->get("version");
ASSERT_TRUE(version);
ASSERT_TRUE(version->asUint());
@@ -518,6 +518,8 @@ class CertificateRequestTest : public VtsRemotelyProvisionedComponentTests {
default:
FAIL() << "Unrecognized version: " << version->asUint()->value();
}
ASSERT_EQ(deviceInfo->clone()->asMap()->canonicalize().encode(), deviceInfoBytes)
<< "DeviceInfo ordering is non-canonical.";
}
bytevec eekId_;