Merge "Update the UdsCertChain comment to reflect the latest recommendation." into main

2026-02-01 11:36:00 +00:00 · 2024-08-07 00:07:52 +00:00
parent 2ab04e760b 2027a9b597
commit 9471625f69
1 changed files with 7 additions and 3 deletions
--- a/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl
+++ b/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl
@@ -62,9 +62,13 @@ UdsCerts = {
 SignerName = tstr

 UdsCertChain = [
-    2* X509Certificate      ; Root -> ... -> Leaf. "Root" is the vendor self-signed
-                            ; cert, "Leaf" contains UDS_Public. There may also be
-                            ; intermediate certificates between Root and Leaf.
+    + X509Certificate       ; Root -> ... -> Leaf. "Root" is the vendor self-signed
+                            ; cert, "Leaf" contains UDS_Public. It's recommended to
+                            ; have at least 3 certificates in the chain.
+                            ; The Root certificate is recommended to be generated in an air-gapped,
+                            ; HSM-based secure environment. The intermediate signing keys may be
+                            ; online, and should be rotated regularly (e.g. annually). Additionally,
+                            ; the intermediate certificates may contain product family identifiers.
 ]

 ; A bstr containing a DER-encoded X.509 certificate (RSA, NIST P-curve, or EdDSA)