From 4190509ed6fd13262daaaf783415306dfa30a313 Mon Sep 17 00:00:00 2001 From: Max Bires Date: Fri, 16 Apr 2021 14:15:32 -0700 Subject: [PATCH] Adding getHardwareInfo to IRPC This adds a way to derive information about the hardware for clients that call the HAL. The primary functional usecase here is to differentiate which EC curve the underlying hardware for a given instance of IRemotelyProvisionedComponent is supported. Originally, curve 25519 would have been used in all implementations for verifying the EEK certificate chain and doing ECDH, but secure elements do not offer 25519 support yet. In order to support remote provisioning on SEs, we have to relax the standard here a bit to allow for P256. Test: Everything builds Change-Id: I9245c6f4e27bd118fe093bffc0152549ed7f0825 --- .../IRemotelyProvisionedComponent.aidl | 1 + .../security/keymint/RpcHardwareInfo.aidl | 44 +++++++++++++++ .../IRemotelyProvisionedComponent.aidl | 7 +++ .../security/keymint/RpcHardwareInfo.aidl | 56 +++++++++++++++++++ .../default/RemotelyProvisionedComponent.cpp | 7 +++ .../default/RemotelyProvisionedComponent.h | 2 + 6 files changed, 117 insertions(+) create mode 100644 security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/RpcHardwareInfo.aidl create mode 100644 security/keymint/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl diff --git a/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl index 88c479c7d2..f56646227b 100644 --- a/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl @@ -35,6 +35,7 @@ package android.hardware.security.keymint; /* @hide */ @VintfStability interface IRemotelyProvisionedComponent { + android.hardware.security.keymint.RpcHardwareInfo getHardwareInfo(); byte[] generateEcdsaP256KeyPair(in boolean testMode, out android.hardware.security.keymint.MacedPublicKey macedPublicKey); byte[] generateCertificateRequest(in boolean testMode, in android.hardware.security.keymint.MacedPublicKey[] keysToSign, in byte[] endpointEncryptionCertChain, in byte[] challenge, out android.hardware.security.keymint.DeviceInfo deviceInfo, out android.hardware.security.keymint.ProtectedData protectedData); const int STATUS_FAILED = 1; diff --git a/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/RpcHardwareInfo.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/RpcHardwareInfo.aidl new file mode 100644 index 0000000000..06bce19c82 --- /dev/null +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/RpcHardwareInfo.aidl @@ -0,0 +1,44 @@ +/* + * Copyright (C) 2020 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m -update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.hardware.security.keymint; +/* @hide */ +@RustDerive(Clone=true, Eq=true, Hash=true, Ord=true, PartialEq=true, PartialOrd=true) @VintfStability +parcelable RpcHardwareInfo { + int versionNumber; + @utf8InCpp String rpcAuthorName; + int supportedEekCurve = 0; + const int CURVE_NONE = 0; + const int CURVE_P256 = 1; + const int CURVE_25519 = 2; +} diff --git a/security/keymint/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl b/security/keymint/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl index 1ae6762420..b6285d91eb 100644 --- a/security/keymint/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl @@ -19,6 +19,7 @@ package android.hardware.security.keymint; import android.hardware.security.keymint.DeviceInfo; import android.hardware.security.keymint.MacedPublicKey; import android.hardware.security.keymint.ProtectedData; +import android.hardware.security.keymint.RpcHardwareInfo; /** * An IRemotelyProvisionedComponent is a secure-side component for which certificates can be @@ -120,6 +121,12 @@ interface IRemotelyProvisionedComponent { const int STATUS_TEST_KEY_IN_PRODUCTION_REQUEST = 4; const int STATUS_INVALID_EEK = 5; + /** + * @return info which contains information about the underlying IRemotelyProvisionedComponent + * hardware, such as version number, component name, author name, and supported curve. + */ + RpcHardwareInfo getHardwareInfo(); + /** * generateKeyPair generates a new ECDSA P-256 key pair that can be certified. Note that this * method only generates ECDSA P-256 key pairs, but the interface can be extended to add methods diff --git a/security/keymint/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl b/security/keymint/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl new file mode 100644 index 0000000000..d297f871fb --- /dev/null +++ b/security/keymint/aidl/android/hardware/security/keymint/RpcHardwareInfo.aidl @@ -0,0 +1,56 @@ +/* + * Copyright (C) 2020 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.hardware.security.keymint; + +/** + * RpcHardwareInfo is the hardware information returned by calling RemotelyProvisionedComponent + * getHardwareInfo() + * @hide + */ +@VintfStability +@RustDerive(Clone=true, Eq=true, PartialEq=true, Ord=true, PartialOrd=true, Hash=true) +parcelable RpcHardwareInfo { + const int CURVE_NONE = 0; + const int CURVE_P256 = 1; + const int CURVE_25519 = 2; + + /** + * Implementation version of the remotely provisioned component hardware. The version number is + * implementation defined, and not necessarily globally meaningful. The version is used to + * distinguish between different versions of a given implementation. + */ + int versionNumber; + + /** + * rpcAuthorName is the name of the author of the IRemotelyProvisionedComponent implementation + * (organization name, not individual). This name is implementation defined, so it can be used + * to distinguish between different implementations from the same author. + */ + @utf8InCpp String rpcAuthorName; + + /** + * supportedEekCurve returns an int representing which curve is supported for validating + * signatures over the Endpoint Encryption Key certificate chain and for using the corresponding + * signed encryption key in ECDH. Only one curve should be supported, with preference for 25519 + * if it's available. These values are defined as constants above. + * + * CURVE_NONE is made the default to help ensure that an implementor doesn't accidentally forget + * to provide the correct information here, as the VTS tests will check to make certain that + * a passing implementation does not provide CURVE_NONE. + */ + int supportedEekCurve = CURVE_NONE; +} diff --git a/security/keymint/aidl/default/RemotelyProvisionedComponent.cpp b/security/keymint/aidl/default/RemotelyProvisionedComponent.cpp index 5b027292fe..d6a1edc9dc 100644 --- a/security/keymint/aidl/default/RemotelyProvisionedComponent.cpp +++ b/security/keymint/aidl/default/RemotelyProvisionedComponent.cpp @@ -291,6 +291,13 @@ RemotelyProvisionedComponent::RemotelyProvisionedComponent( RemotelyProvisionedComponent::~RemotelyProvisionedComponent() {} +ScopedAStatus RemotelyProvisionedComponent::getHardwareInfo(RpcHardwareInfo* info) { + info->versionNumber = 1; + info->rpcAuthorName = "Google"; + info->supportedEekCurve = RpcHardwareInfo::CURVE_25519; + return ScopedAStatus::ok(); +} + ScopedAStatus RemotelyProvisionedComponent::generateEcdsaP256KeyPair(bool testMode, MacedPublicKey* macedPublicKey, bytevec* privateKeyHandle) { diff --git a/security/keymint/aidl/default/RemotelyProvisionedComponent.h b/security/keymint/aidl/default/RemotelyProvisionedComponent.h index 8185e26e1f..b86ab76ecb 100644 --- a/security/keymint/aidl/default/RemotelyProvisionedComponent.h +++ b/security/keymint/aidl/default/RemotelyProvisionedComponent.h @@ -32,6 +32,8 @@ class RemotelyProvisionedComponent : public BnRemotelyProvisionedComponent { explicit RemotelyProvisionedComponent(std::shared_ptr keymint); virtual ~RemotelyProvisionedComponent(); + ScopedAStatus getHardwareInfo(RpcHardwareInfo* info) override; + ScopedAStatus generateEcdsaP256KeyPair(bool testMode, MacedPublicKey* macedPublicKey, std::vector* privateKeyHandle) override;