Add SeqNum as an the external_aad in CryptoPayload am: 73f66600e9 am: 27f472d5ad

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2876314

Change-Id: I5a1dd0a2a376efdb1509e9dfb697174b8f90e366
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

security/secretkeeper/aidl/android/hardware/security/secretkeeper/SecretManagement.cddl

@@ -3,10 +3,11 @@
 ; The input parameter to the `processSecretManagementRequest` operation in
 ; `ISecretkeeper.aidl` is always an encrypted request message, CBOR-encoded as a
 ; COSE_Encrypt0 object.  The encryption uses the first of the keys agreed using
-; the associated AuthGraph instance, referred to as `KeySourceToSink`.
-ProtectedRequestPacket = CryptoPayload<RequestPacket, KeySourceToSink>
+; the associated AuthGraph instance, referred to as `KeySourceToSink`. Additionally,
+; an external aad is used - RequestSeqNum.
+ProtectedRequestPacket = CryptoPayload<RequestPacket, KeySourceToSink, RequestSeqNum>
 
-CryptoPayload<Payload, Key> = [ ; COSE_Encrypt0 (untagged), [RFC 9052 s5.2]
+CryptoPayload<Payload, Key, SeqNum> = [ ; COSE_Encrypt0 (untagged), [RFC 9052 s5.2]
     protected: bstr .cbor {
         1 : 3,                  ; Algorithm: AES-GCM mode w/ 256-bit key, 128-bit tag
         4 : bstr                ; key identifier set to session ID produced
@@ -17,7 +18,7 @@ CryptoPayload<Payload, Key> = [ ; COSE_Encrypt0 (untagged), [RFC 9052 s5.2]
     },
     ciphertext : bstr           ; AES-GCM-256(Key, bstr .cbor Payload)
                                 ; AAD for the encryption is CBOR-serialized
-                                ; Enc_structure (RFC 9052 s5.3) with empty external_aad.
+                                ; Enc_structure (RFC 9052 s5.3) with SeqNum as the external_aad.
 ]
 
 ; Once decrypted, the request packet is an encoded CBOR array holding:
@@ -58,10 +59,18 @@ GetSecretParams = (
 SecretId = bstr .size 64        ; Unique identifier of the secret.
 Secret = bstr .size 32          ; The secret value.
 
+; A monotonically incrementing number is associated with each RequestPacket to prevent replay
+; of messages within a session. This starts with 0 and is incremented (by 1) for each request
+; in a session. Secretkeeper implementation must maintain an expected RequestSeqNum for each
+; session (increasing it by 1 for each SecretManagement request received). This will be used in
+; in decryption (external_aad).
+RequestSeqNum = bstr .cbor uint     ; Encoded in accordance with Core Deterministic Encoding
+                                    ; Requirements [RFC 8949 s4.2.1]
+
 ; The return value from a successful `processSecretManagementRequest` operation is a
 ; response message encrypted with the second of the keys agreed using the associated
 ; AuthGraph instance, referred to as `KeySinkToSource`.
-ProtectedResponsePacket = CryptoPayload<ResponsePacket, KeySinkToSource>
+ProtectedResponsePacket = CryptoPayload<ResponsePacket, KeySinkToSource, ResponseSeqNum>
 
 ; Once decrypted, the inner response message is encoded as a CBOR array holding:
 ; - An initial integer return code value.
@@ -100,3 +109,8 @@ GetVersionResult = (version : uint)
 StoreSecretResult = ()
 
 GetSecretResult = (secret : Secret)
+
+; Analogous to RequestSeqNum, Secretkeeper must maintain ResponseSeqNum for each session.
+; This will be input to the encryption (ProtectedResponsePacket) as external_aad.
+ResponseSeqNum = bstr .cbor uint    ; Encoded in accordance with Core Deterministic Encoding
+                                    ; Requirements [RFC 8949 s4.2.1]