From ba9f55ee6973ba4d77f9eb0c8f01746e7b1245ba Mon Sep 17 00:00:00 2001 From: Alan Stokes Date: Tue, 22 Mar 2022 15:23:13 +0000 Subject: [PATCH] Fix CDDL for signatures. The signature is not CBOR-encoded, it's the raw bytes of the signature encoded as specified for the specific algorithm. I've made the references to PureEd25519() / ECDSA() into comments, since I believe they're not actually legal CDDL but are aimed at humans. And I've made the two occurrences consistent with each other. Test: N/A Change-Id: Ia42362ff3d0ce5458322663256cbd34d258afe76 --- .../android/hardware/security/keymint/ProtectedData.aidl | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl b/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl index a14fc88804..50244004fb 100644 --- a/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl @@ -92,8 +92,8 @@ parcelable ProtectedData { * }, * {}, // Unprotected params * bstr .size 32, // MAC key - * bstr PureEd25519(KM_priv, .cbor SignedMac_structure) / - * ECDSA(KM_priv, bstr .cbor SignedMac_structure) + * bstr // PureEd25519(KM_priv, bstr .cbor SignedMac_structure) / + * // ECDSA(KM_priv, bstr .cbor SignedMac_structure) * ] * * SignedMac_structure = [ @@ -144,8 +144,8 @@ parcelable ProtectedData { * }, * unprotected: {}, * payload: bstr .cbor BccPayload, - * signature: bstr .cbor PureEd25519(SigningKey, bstr .cbor BccEntryInput) / - * bstr .cbor ECDSA(SigningKey, bstr .cbor BccEntryInput) + * signature: bstr // PureEd25519(SigningKey, bstr .cbor BccEntryInput) / + * // ECDSA(SigningKey, bstr .cbor BccEntryInput) * // See RFC 8032 for details of how to encode the signature value for Ed25519. * ] *