From cb7d3d075949ca400eed3fbcd0100248302c1778 Mon Sep 17 00:00:00 2001
From: Tommy Chiu <tommychiu@google.com>
Date: Wed, 9 Mar 2022 04:24:46 +0000
Subject: [PATCH] remote_prov_utils: Add instance name in the JSON output

Bug: 223509807
Test: libkeymint_remote_prov_support_test
Change-Id: I45d2ee46f6fe3c8a7da55c7cc0b04fc007ddea43
---
 .../support/include/remote_prov/remote_prov_utils.h  | 12 +++++++-----
 security/keymint/support/remote_prov_utils.cpp       |  3 ++-
 security/keymint/support/remote_prov_utils_test.cpp  |  4 ++--
 3 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/security/keymint/support/include/remote_prov/remote_prov_utils.h b/security/keymint/support/include/remote_prov/remote_prov_utils.h
index 1d3abe512f..f3b8608b36 100644
--- a/security/keymint/support/include/remote_prov/remote_prov_utils.h
+++ b/security/keymint/support/include/remote_prov/remote_prov_utils.h
@@ -124,17 +124,19 @@ struct JsonOutput {
 };
 
 /**
- * Take a given certificate request and output a JSON blob containing both the
- * build fingerprint and certificate request. This data may be serialized, then
- * later uploaded to the remote provisioning service. The input csr is not
- * validated, only encoded.
+ * Take a given instance name and certificate request, then output a JSON blob
+ * containing the name, build fingerprint and certificate request. This data may
+ * be serialized, then later uploaded to the remote provisioning service. The
+ * input csr is not validated, only encoded.
  *
  * Output format:
  *   {
  *     "build_fingerprint": <string>
  *     "csr": <base64 CBOR CSR>
+ *     "name": <string>
  *   }
  */
-JsonOutput jsonEncodeCsrWithBuild(const cppbor::Array& csr);
+JsonOutput jsonEncodeCsrWithBuild(const std::string instance_name,
+                                  const cppbor::Array& csr);
 
 }  // namespace aidl::android::hardware::security::keymint::remote_prov
diff --git a/security/keymint/support/remote_prov_utils.cpp b/security/keymint/support/remote_prov_utils.cpp
index 0776282b27..a365a3b92f 100644
--- a/security/keymint/support/remote_prov_utils.cpp
+++ b/security/keymint/support/remote_prov_utils.cpp
@@ -408,7 +408,7 @@ ErrMsgOr<std::vector<BccEntryData>> validateBcc(const cppbor::Array* bcc) {
     return result;
 }
 
-JsonOutput jsonEncodeCsrWithBuild(const cppbor::Array& csr) {
+JsonOutput jsonEncodeCsrWithBuild(const std::string instance_name, const cppbor::Array& csr) {
     const std::string kFingerprintProp = "ro.build.fingerprint";
 
     if (!::android::base::WaitForPropertyCreation(kFingerprintProp)) {
@@ -432,6 +432,7 @@ JsonOutput jsonEncodeCsrWithBuild(const cppbor::Array& csr) {
     }
 
     Json::Value json(Json::objectValue);
+    json["name"] = instance_name;
     json["build_fingerprint"] = ::android::base::GetProperty(kFingerprintProp, /*default=*/"");
     json["csr"] = base64.data();  // Boring writes a NUL-terminated c-string
 
diff --git a/security/keymint/support/remote_prov_utils_test.cpp b/security/keymint/support/remote_prov_utils_test.cpp
index e1c4467a64..0250cd6c7d 100644
--- a/security/keymint/support/remote_prov_utils_test.cpp
+++ b/security/keymint/support/remote_prov_utils_test.cpp
@@ -185,13 +185,13 @@ TEST(RemoteProvUtilsTest, JsonEncodeCsr) {
     cppbor::Array array;
     array.add(1);
 
-    auto [json, error] = jsonEncodeCsrWithBuild(array);
+    auto [json, error] = jsonEncodeCsrWithBuild(std::string("test"), array);
 
     ASSERT_TRUE(error.empty()) << error;
 
     std::string expected = R"({"build_fingerprint":")" +
                            ::android::base::GetProperty("ro.build.fingerprint", /*default=*/"") +
-                           R"(","csr":"gQE="})";
+                           R"(","csr":"gQE=","name":"test"})";
 
     ASSERT_EQ(json, expected);
 }