From 18a9fa99a8088b1c2a33b474586b22e3b2eabb43 Mon Sep 17 00:00:00 2001 From: "chuanchuan.gao" Date: Thu, 7 Dec 2023 16:50:51 +0800 Subject: [PATCH] Change the way rkp tool obtains serial number [Description] 1.Add patch to modify rkp_factory_extraction_tool, so that it can meet TV customer's factory product line. 2.Change the method for rkp_factory_extraction_tool to get the serial number. 3.Introduce a new input parameter, serialno_prop, to the function jsonEncodeCsrWithBuild. 4.Use the new property of serialno_prop if it is set, otherwise defaults to "ro.serialno". Test: 1.build pass 2.AC on/off pass 3.run "rkp_factory_extraction_tool --output_format build+csr --serialno_prop $(customer_prop) > csr.json" pass 4.run "rkp_factory_extraction_tool --output_format build+csr > csr.json" pass 5.VtsHalRemotelyProvisionedComponentTargetTest pass 6.libkeymint_remote_prov_support_test pass 7.VtsAidlKeyMintTargetTest pass Bug: 313811996 Change-Id: I8aa83bacab22f0a28bc54aea9e816f75a382ffde --- .../keymint/support/include/remote_prov/remote_prov_utils.h | 2 +- security/keymint/support/remote_prov_utils.cpp | 6 +++--- security/keymint/support/remote_prov_utils_test.cpp | 3 ++- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/security/keymint/support/include/remote_prov/remote_prov_utils.h b/security/keymint/support/include/remote_prov/remote_prov_utils.h index 79189a1cca..3b02fadaf4 100644 --- a/security/keymint/support/include/remote_prov/remote_prov_utils.h +++ b/security/keymint/support/include/remote_prov/remote_prov_utils.h @@ -130,7 +130,7 @@ struct JsonOutput { * } */ JsonOutput jsonEncodeCsrWithBuild(const std::string instance_name, - const cppbor::Array& csr); + const cppbor::Array& csr, const std::string serialno_prop); /** * Parses a DeviceInfo structure from the given CBOR data. The parsed data is then validated to diff --git a/security/keymint/support/remote_prov_utils.cpp b/security/keymint/support/remote_prov_utils.cpp index 6edbfc157a..bd1e557457 100644 --- a/security/keymint/support/remote_prov_utils.cpp +++ b/security/keymint/support/remote_prov_utils.cpp @@ -337,9 +337,9 @@ ErrMsgOr> validateBcc(const cppbor::Array* bcc, return result; } -JsonOutput jsonEncodeCsrWithBuild(const std::string instance_name, const cppbor::Array& csr) { +JsonOutput jsonEncodeCsrWithBuild(const std::string instance_name, const cppbor::Array& csr, + const std::string serialno_prop) { const std::string kFingerprintProp = "ro.build.fingerprint"; - const std::string kSerialNoProp = "ro.serialno"; if (!::android::base::WaitForPropertyCreation(kFingerprintProp)) { return JsonOutput::Error("Unable to read build fingerprint"); @@ -364,7 +364,7 @@ JsonOutput jsonEncodeCsrWithBuild(const std::string instance_name, const cppbor: Json::Value json(Json::objectValue); json["name"] = instance_name; json["build_fingerprint"] = ::android::base::GetProperty(kFingerprintProp, /*default=*/""); - json["serialno"] = ::android::base::GetProperty(kSerialNoProp, /*default=*/""); + json["serialno"] = ::android::base::GetProperty(serialno_prop, /*default=*/""); json["csr"] = base64.data(); // Boring writes a NUL-terminated c-string Json::StreamWriterBuilder factory; diff --git a/security/keymint/support/remote_prov_utils_test.cpp b/security/keymint/support/remote_prov_utils_test.cpp index eaaba455cc..630f7bba56 100644 --- a/security/keymint/support/remote_prov_utils_test.cpp +++ b/security/keymint/support/remote_prov_utils_test.cpp @@ -182,10 +182,11 @@ TEST(RemoteProvUtilsTest, GetProdEekChain) { } TEST(RemoteProvUtilsTest, JsonEncodeCsr) { + const std::string kSerialNoProp = "ro.serialno"; cppbor::Array array; array.add(1); - auto [json, error] = jsonEncodeCsrWithBuild(std::string("test"), array); + auto [json, error] = jsonEncodeCsrWithBuild(std::string("test"), array, kSerialNoProp); ASSERT_TRUE(error.empty()) << error;