Merge "Document changes and clean up spec" am: 4ad2bb150e

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2308373

Change-Id: I9be585e03fdecfbd2471eff53561586923eda702
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

security/rkp/CHANGELOG.md

@@ -27,7 +27,7 @@ This document provides an exact description of which changes have occurred in th
     `"android.hardward.security.keymint"`).
 * ProtectedData has been removed.
 * DeviceInfo
-  * `version` has moved to a top-level field within the CSR generated by the HAL
+  * `version` has moved to a top-level field within the CSR generated by the HAL.
 * IRemotelyProvisionedComponent
   * The need for an EEK has been removed. There is no longer an encrypted portion of the CSR.
   * Test mode has been removed.
@@ -36,5 +36,10 @@ This document provides an exact description of which changes have occurred in th
     * the chain of signing, MACing, and encryption operations has been replaced with a single
       COSE_Sign1 object.
     * CertificateType has been added to identify the type of certificate being requested.
+    * The structure has been composed to enable a clear split between what is required to validate a
+      payload and the implementation-defined payload itself. This is done by creating a typed
+      `AuthenticatedRequest<T>` object representing the top level data required to authenticate
+      the data provided in the payload, `T`.
 * RpcHardwareInfo
   * `supportedNumKeysInCsr` added to report the maximum number of keys supported in a CSR.
+  * `supportedEekCurve` is no longer used, due to the removal of the EEK from the scheme.

security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl

@@ -345,20 +345,20 @@ interface IRemotelyProvisionedComponent {
      * ]
      *
      * ; COSE_Sign1 (untagged)
-     * SignedData<T> = [
+     * SignedData<Data> = [
      *     protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 },
      *     unprotected: {},
-     *     payload: bstr .cbor T / nil,
-     *     signature: bstr         ; PureEd25519(CDI_Leaf_Priv, bstr .cbor SignedDataSigStruct<T>) /
-     *                             ; ECDSA(CDI_Leaf_Priv, bstr .cbor SignedDataSigStruct<T>)
+     *     payload: bstr .cbor Data / nil,
+     *     signature: bstr      ; PureEd25519(CDI_Leaf_Priv, bstr .cbor SignedDataSigStruct<Data>) /
+     *                          ; ECDSA(CDI_Leaf_Priv, bstr .cbor SignedDataSigStruct<Data>)
      * ]
      *
      * ; Sig_structure for SignedData
-     * SignedDataSigStruct<T> = [
+     * SignedDataSigStruct<Data> = [
      *     context: "Signature1",
      *     protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 },
      *     external_aad: bstr .size 0,
-     *     payload: bstr .cbor T
+     *     payload: bstr .cbor Data / nil,
      * ]
      *
      * ; UdsCerts allows the platform to provide additional certifications for the UDS_Pub. For

security/rkp/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl

@@ -29,9 +29,9 @@ parcelable RpcHardwareInfo {
     const int CURVE_25519 = 2;
 
     /**
-     * Implementation version of the remotely provisioned component hardware.  The version number is
-     * implementation defined, and not necessarily globally meaningful.  The version is used to
-     * distinguish between different versions of a given implementation.
+     * Implementation version of the remotely provisioned component hardware. The version provided
+     * here must match the version reported in the CsrPayload produced by the HAL interface. This
+     * field primarily acts as a convenience for the system components interacting with the HALs.
      */
     int versionNumber;
 
@@ -43,6 +43,9 @@ parcelable RpcHardwareInfo {
     @utf8InCpp String rpcAuthorName;
 
     /**
+     * NOTE: This field is no longer used as of version 3 of the HAL interface. This is because the
+     *       Endpoint Encryption Key is no longer used in the provisioning scheme.
+     *
      * supportedEekCurve returns an int representing which curve is supported for validating
      * signatures over the Endpoint Encryption Key certificate chain and for using the corresponding
      * signed encryption key in ECDH. Only one curve should be supported, with preference for 25519