From deaa5dd8084a2d83e2a8a326f8c476be4398eb57 Mon Sep 17 00:00:00 2001 From: Shawn Willden Date: Wed, 22 Mar 2023 07:59:46 -0600 Subject: [PATCH] Remove reference to factory reset of K The ISharedSecret.aidl description of the pre-shared secret K mentioned that K was set up during factory reset. While that could be done, it is almost never done; most OEMs inject K in the factory. Removed the reference to setup in factory reset to reduce confusion. Test: N/A, comment-only change Change-Id: Idbbd5a8d64197ef4713a75075a9730d06162ad05 --- .../hardware/security/sharedsecret/ISharedSecret.aidl | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/security/sharedsecret/aidl/android/hardware/security/sharedsecret/ISharedSecret.aidl b/security/sharedsecret/aidl/android/hardware/security/sharedsecret/ISharedSecret.aidl index eca8d87f57..b0dd284dd8 100644 --- a/security/sharedsecret/aidl/android/hardware/security/sharedsecret/ISharedSecret.aidl +++ b/security/sharedsecret/aidl/android/hardware/security/sharedsecret/ISharedSecret.aidl @@ -81,14 +81,9 @@ interface ISharedSecret { * defined in the standard. The counter is prefixed and length L appended, as shown * in the construction on page 12 of the standard. The label string is UTF-8 encoded. * - * ``K'' is a pre-established shared secret, set up during factory reset. The mechanism for - * establishing this shared secret is implementation-defined.Any method of securely - * establishing K that ensures that an attacker cannot obtain or derive its value is - * acceptable. - * - * CRITICAL SECURITY REQUIREMENT: All keys created by a IKeymintDevice instance must - * be cryptographically bound to the value of K, such that establishing a new K - * permanently destroys them. + * ``K'' is a pre-established shared secret. The mechanism for establishing this shared + * secret is implementation-defined. Any method of securely establishing K that + * ensures that an attacker cannot obtain or derive its value is acceptable. * * ``||'' represents concatenation. *