diff --git a/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl b/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl index c50666737c..ff710f14f6 100644 --- a/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl +++ b/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl @@ -222,7 +222,7 @@ interface IRemotelyProvisionedComponent { * 2 : bstr ; KID : EEK ID * 3 : -25, ; Algorithm : ECDH-ES + HKDF-256 * -1 : 4, ; Curve : X25519 - * -2 : bstr ; X25519 public key + * -2 : bstr ; X25519 public key, little-endian * } * * EekP256 = { ; COSE_Key @@ -440,6 +440,9 @@ interface IRemotelyProvisionedComponent { * * ; The following section defines some types that are reused throughout the above * ; data structures. + * ; NOTE: Integer encoding is different for Ed25519 and P256 keys: + * ; - Ed25519 is LE: https://www.rfc-editor.org/rfc/rfc8032#section-3.1 + * ; - P256 is BE: https://www.secg.org/sec1-v2.pdf#page=19 (section 2.3.7) * PubKeyEd25519 = { ; COSE_Key * 1 : 1, ; Key type : octet key pair * 3 : AlgorithmEdDSA, ; Algorithm : EdDSA @@ -451,8 +454,8 @@ interface IRemotelyProvisionedComponent { * 1 : 2, ; Key type : EC2 * 3 : AlgorithmES256, ; Algorithm : ECDSA w/ SHA-256 * -1 : 1, ; Curve: P256 - * -2 : bstr, ; X coordinate - * -3 : bstr ; Y coordinate + * -2 : bstr, ; X coordinate, big-endian + * -3 : bstr ; Y coordinate, big-endian * } * * AlgorithmES256 = -7 diff --git a/security/rkp/aidl/android/hardware/security/keymint/MacedPublicKey.aidl b/security/rkp/aidl/android/hardware/security/keymint/MacedPublicKey.aidl index 275e322784..1e41d1b98c 100644 --- a/security/rkp/aidl/android/hardware/security/keymint/MacedPublicKey.aidl +++ b/security/rkp/aidl/android/hardware/security/keymint/MacedPublicKey.aidl @@ -36,12 +36,15 @@ parcelable MacedPublicKey { * ] * * ; NOTE: -70000 is deprecated for v3 HAL implementations. + * ; NOTE: Integer encoding is different for Ed25519 and P256 keys: + * ; - Ed25519 is LE: https://www.rfc-editor.org/rfc/rfc8032#section-3.1 + * ; - P256 is BE: https://www.secg.org/sec1-v2.pdf#page=19 (section 2.3.7) * PublicKey = { ; COSE_Key * 1 : 2, ; Key type : EC2 * 3 : -7, ; Algorithm : ES256 * -1 : 1, ; Curve : P256 - * -2 : bstr, ; X coordinate, little-endian - * -3 : bstr, ; Y coordinate, little-endian + * -2 : bstr, ; X coordinate, big-endian + * -3 : bstr, ; Y coordinate, big-endian * -70000 : nil ; Presence indicates this is a test key. If set, K_mac is * ; all zeros. * }, diff --git a/security/rkp/aidl/android/hardware/security/keymint/ProtectedData.aidl b/security/rkp/aidl/android/hardware/security/keymint/ProtectedData.aidl index d59508b962..3f699bc75a 100644 --- a/security/rkp/aidl/android/hardware/security/keymint/ProtectedData.aidl +++ b/security/rkp/aidl/android/hardware/security/keymint/ProtectedData.aidl @@ -209,7 +209,7 @@ parcelable ProtectedData { * PubKeyX25519 = { ; COSE_Key * 1 : 1, ; Key type : Octet Key Pair * -1 : 4, ; Curve : X25519 - * -2 : bstr ; Sender X25519 public key + * -2 : bstr ; Sender X25519 public key, little-endian * } * * PubKeyEd25519 = { ; COSE_Key @@ -222,16 +222,16 @@ parcelable ProtectedData { * PubKeyEcdhP256 = { ; COSE_Key * 1 : 2, ; Key type : EC2 * -1 : 1, ; Curve : P256 - * -2 : bstr ; Sender X coordinate - * -3 : bstr ; Sender Y coordinate + * -2 : bstr ; Sender X coordinate, big-endian + * -3 : bstr ; Sender Y coordinate, big-endian * } * * PubKeyECDSA256 = { ; COSE_Key * 1 : 2, ; Key type : EC2 * 3 : AlgorithmES256, ; Algorithm : ECDSA w/ SHA-256 * -1 : 1, ; Curve: P256 - * -2 : bstr, ; X coordinate - * -3 : bstr ; Y coordinate + * -2 : bstr, ; X coordinate, big-endian + * -3 : bstr ; Y coordinate, big-endian * } * * AlgorithmES256 = -7