Merge "Make android.hardware.security.rkp-rust available for virt apex" into main
diff --git a/automotive/evs/OWNERS b/automotive/evs/OWNERS
index 15de48f..4787f0b 100644
--- a/automotive/evs/OWNERS
+++ b/automotive/evs/OWNERS
@@ -1,2 +1,2 @@
ankitarora@google.com
-jwhpryor@google.com
+changyeon@google.com
diff --git a/bluetooth/aidl/default/Android.bp b/bluetooth/aidl/default/Android.bp
index 32d1a13..3f4ba99 100644
--- a/bluetooth/aidl/default/Android.bp
+++ b/bluetooth/aidl/default/Android.bp
@@ -30,15 +30,8 @@
defaults: ["android.hardware.bluetooth-service-build-defaults"],
srcs: [
"BluetoothHci.cpp",
- ":BluetoothPacketSources",
"net_bluetooth_mgmt.cpp",
],
- generated_headers: [
- "BluetoothGeneratedPackets_h",
- ],
- include_dirs: [
- "packages/modules/Bluetooth/system/gd",
- ],
}
cc_binary {
diff --git a/bluetooth/aidl/default/BluetoothHci.cpp b/bluetooth/aidl/default/BluetoothHci.cpp
index 013ab7f..9862e9e 100644
--- a/bluetooth/aidl/default/BluetoothHci.cpp
+++ b/bluetooth/aidl/default/BluetoothHci.cpp
@@ -29,11 +29,6 @@
#include "log/log.h"
-// TODO: Remove custom logging defines from PDL packets.
-#undef LOG_INFO
-#undef LOG_DEBUG
-#include "hci/hci_packets.h"
-
namespace {
int SetTerminalRaw(int fd) {
termios terminal_settings;
@@ -140,9 +135,7 @@
void BluetoothHci::reset() {
// Send a reset command and wait until the command complete comes back.
- std::vector<uint8_t> reset;
- ::bluetooth::packet::BitInserter bi{reset};
- ::bluetooth::hci::ResetBuilder::Create()->Serialize(bi);
+ std::vector<uint8_t> reset = {0x03, 0x0c, 0x00};
auto resetPromise = std::make_shared<std::promise<void>>();
auto resetFuture = resetPromise->get_future();
@@ -162,13 +155,15 @@
static_cast<int>(raw_sco.size()));
},
[resetPromise](const std::vector<uint8_t>& raw_event) {
- bool valid = ::bluetooth::hci::ResetCompleteView::Create(
- ::bluetooth::hci::CommandCompleteView::Create(
- ::bluetooth::hci::EventView::Create(
- ::bluetooth::hci::PacketView<true>(
- std::make_shared<std::vector<uint8_t>>(
- raw_event)))))
- .IsValid();
+ std::vector<uint8_t> reset_complete = {0x0e, 0x04, 0x01,
+ 0x03, 0x0c, 0x00};
+ bool valid = raw_event.size() == 6 &&
+ raw_event[0] == reset_complete[0] &&
+ raw_event[1] == reset_complete[1] &&
+ // Don't compare the number of packets field.
+ raw_event[3] == reset_complete[3] &&
+ raw_event[4] == reset_complete[4] &&
+ raw_event[5] == reset_complete[5];
if (valid) {
resetPromise->set_value();
} else {
@@ -306,7 +301,8 @@
{
std::lock_guard<std::mutex> guard(mStateMutex);
if (mState != HalState::ONE_CLIENT) {
- ASSERT(mState != HalState::INITIALIZING);
+ LOG_ALWAYS_FATAL_IF(mState == HalState::INITIALIZING,
+ "mState is INITIALIZING");
ALOGI("Already closed");
return ndk::ScopedAStatus::ok();
}
diff --git a/bluetooth/aidl/vts/Android.bp b/bluetooth/aidl/vts/Android.bp
index 5fc0b2e..ade3bef 100644
--- a/bluetooth/aidl/vts/Android.bp
+++ b/bluetooth/aidl/vts/Android.bp
@@ -16,10 +16,6 @@
srcs: [
"VtsHalBluetoothTargetTest.cpp",
":BluetoothPacketSources",
- ":BluetoothHciPacketSources",
- ],
- generated_headers: [
- "BluetoothGeneratedPackets_h",
],
include_dirs: [
"packages/modules/Bluetooth/system/gd",
@@ -31,7 +27,7 @@
],
static_libs: [
"android.hardware.bluetooth-V1-ndk",
- "libbluetooth-types",
+ "libbluetooth_hci_pdl",
],
test_config: "VtsHalBluetoothTargetTest.xml",
test_suites: [
@@ -57,6 +53,5 @@
],
tidy_disabled_srcs: [
":BluetoothPacketSources",
- ":BluetoothHciPacketSources",
],
}
diff --git a/boot/1.0/vts/functional/OWNERS b/boot/1.0/vts/functional/OWNERS
index 36e79be..5aeb4df 100644
--- a/boot/1.0/vts/functional/OWNERS
+++ b/boot/1.0/vts/functional/OWNERS
@@ -1,2 +1,2 @@
-# Bug component: 30545
+# Bug component: 1014951
dvander@google.com
diff --git a/boot/1.1/vts/functional/OWNERS b/boot/1.1/vts/functional/OWNERS
index 36e79be..5aeb4df 100644
--- a/boot/1.1/vts/functional/OWNERS
+++ b/boot/1.1/vts/functional/OWNERS
@@ -1,2 +1,2 @@
-# Bug component: 30545
+# Bug component: 1014951
dvander@google.com
diff --git a/boot/aidl/vts/functional/OWNERS b/boot/aidl/vts/functional/OWNERS
index bc813d8..c67d246 100644
--- a/boot/aidl/vts/functional/OWNERS
+++ b/boot/aidl/vts/functional/OWNERS
@@ -1,2 +1,2 @@
-# Bug component: 30545
+# Bug component: 1014951
zhangkelvin@google.com
diff --git a/cas/1.0/default/CasImpl.cpp b/cas/1.0/default/CasImpl.cpp
index 178020e..98e7593 100644
--- a/cas/1.0/default/CasImpl.cpp
+++ b/cas/1.0/default/CasImpl.cpp
@@ -103,8 +103,7 @@
Return<Status> CasImpl::setSessionPrivateData(
const HidlCasSessionId &sessionId, const HidlCasData& pvtData) {
- ALOGV("%s: sessionId=%s", __FUNCTION__,
- sessionIdToString(sessionId).string());
+ ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).c_str());
std::shared_ptr<CasPlugin> holder = std::atomic_load(&mPluginHolder);
if (holder.get() == nullptr) {
return toStatus(INVALID_OPERATION);
@@ -113,8 +112,7 @@
}
Return<Status> CasImpl::closeSession(const HidlCasSessionId &sessionId) {
- ALOGV("%s: sessionId=%s", __FUNCTION__,
- sessionIdToString(sessionId).string());
+ ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).c_str());
std::shared_ptr<CasPlugin> holder = std::atomic_load(&mPluginHolder);
if (holder.get() == nullptr) {
return toStatus(INVALID_OPERATION);
@@ -124,8 +122,7 @@
Return<Status> CasImpl::processEcm(
const HidlCasSessionId &sessionId, const HidlCasData& ecm) {
- ALOGV("%s: sessionId=%s", __FUNCTION__,
- sessionIdToString(sessionId).string());
+ ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).c_str());
std::shared_ptr<CasPlugin> holder = std::atomic_load(&mPluginHolder);
if (holder.get() == nullptr) {
return toStatus(INVALID_OPERATION);
diff --git a/cas/1.0/default/DescramblerImpl.cpp b/cas/1.0/default/DescramblerImpl.cpp
index f79b32d..6b730eb 100644
--- a/cas/1.0/default/DescramblerImpl.cpp
+++ b/cas/1.0/default/DescramblerImpl.cpp
@@ -62,8 +62,7 @@
}
Return<Status> DescramblerImpl::setMediaCasSession(const HidlCasSessionId& sessionId) {
- ALOGV("%s: sessionId=%s", __FUNCTION__,
- sessionIdToString(sessionId).string());
+ ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).c_str());
std::shared_ptr<DescramblerPlugin> holder = std::atomic_load(&mPluginHolder);
if (holder.get() == nullptr) {
diff --git a/cas/1.0/default/FactoryLoader.h b/cas/1.0/default/FactoryLoader.h
index 45e515a..3d49d9e 100644
--- a/cas/1.0/default/FactoryLoader.h
+++ b/cas/1.0/default/FactoryLoader.h
@@ -17,6 +17,7 @@
#ifndef ANDROID_HARDWARE_CAS_V1_0_FACTORY_LOADER_H_
#define ANDROID_HARDWARE_CAS_V1_0_FACTORY_LOADER_H_
+#include <android-base/strings.h>
#include <dirent.h>
#include <dlfcn.h>
#include "SharedLibrary.h"
@@ -98,17 +99,17 @@
String8 dirPath("/vendor/lib/mediacas");
#endif
- DIR* pDir = opendir(dirPath.string());
+ DIR* pDir = opendir(dirPath.c_str());
if (pDir == NULL) {
- ALOGE("Failed to open plugin directory %s", dirPath.string());
+ ALOGE("Failed to open plugin directory %s", dirPath.c_str());
return false;
}
struct dirent* pEntry;
while ((pEntry = readdir(pDir))) {
String8 pluginPath = dirPath + "/" + pEntry->d_name;
- if (pluginPath.getPathExtension() == ".so") {
+ if (base::EndsWith(pluginPath.c_str(), ".so")) {
if (loadFactoryForSchemeFromPath(
pluginPath, CA_system_id, library, factory)) {
mCASystemIdToLibraryPathMap.add(CA_system_id, pluginPath);
@@ -138,10 +139,10 @@
String8 dirPath("/vendor/lib/mediacas");
#endif
- DIR* pDir = opendir(dirPath.string());
+ DIR* pDir = opendir(dirPath.c_str());
if (pDir == NULL) {
- ALOGE("Failed to open plugin directory %s", dirPath.string());
+ ALOGE("Failed to open plugin directory %s", dirPath.c_str());
return false;
}
@@ -150,7 +151,7 @@
struct dirent* pEntry;
while ((pEntry = readdir(pDir))) {
String8 pluginPath = dirPath + "/" + pEntry->d_name;
- if (pluginPath.getPathExtension() == ".so") {
+ if (base::EndsWith(pluginPath.c_str(), ".so")) {
queryPluginsFromPath(pluginPath, results);
}
}
diff --git a/cas/1.0/default/SharedLibrary.cpp b/cas/1.0/default/SharedLibrary.cpp
index 9c7f385..90c84b8 100644
--- a/cas/1.0/default/SharedLibrary.cpp
+++ b/cas/1.0/default/SharedLibrary.cpp
@@ -29,7 +29,7 @@
namespace implementation {
SharedLibrary::SharedLibrary(const String8 &path) {
- mLibHandle = dlopen(path.string(), RTLD_NOW);
+ mLibHandle = dlopen(path.c_str(), RTLD_NOW);
}
SharedLibrary::~SharedLibrary() {
diff --git a/cas/1.1/default/CasImpl.cpp b/cas/1.1/default/CasImpl.cpp
index 4cc6017..105e036 100644
--- a/cas/1.1/default/CasImpl.cpp
+++ b/cas/1.1/default/CasImpl.cpp
@@ -125,7 +125,7 @@
Return<Status> CasImpl::setSessionPrivateData(const HidlCasSessionId& sessionId,
const HidlCasData& pvtData) {
- ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).string());
+ ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).c_str());
std::shared_ptr<CasPlugin> holder = std::atomic_load(&mPluginHolder);
if (holder.get() == nullptr) {
return toStatus(INVALID_OPERATION);
@@ -134,7 +134,7 @@
}
Return<Status> CasImpl::closeSession(const HidlCasSessionId& sessionId) {
- ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).string());
+ ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).c_str());
std::shared_ptr<CasPlugin> holder = std::atomic_load(&mPluginHolder);
if (holder.get() == nullptr) {
return toStatus(INVALID_OPERATION);
@@ -143,7 +143,7 @@
}
Return<Status> CasImpl::processEcm(const HidlCasSessionId& sessionId, const HidlCasData& ecm) {
- ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).string());
+ ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).c_str());
std::shared_ptr<CasPlugin> holder = std::atomic_load(&mPluginHolder);
if (holder.get() == nullptr) {
return toStatus(INVALID_OPERATION);
diff --git a/cas/1.1/default/DescramblerImpl.cpp b/cas/1.1/default/DescramblerImpl.cpp
index 309cd3c..9d2ead7 100644
--- a/cas/1.1/default/DescramblerImpl.cpp
+++ b/cas/1.1/default/DescramblerImpl.cpp
@@ -59,7 +59,7 @@
}
Return<Status> DescramblerImpl::setMediaCasSession(const HidlCasSessionId& sessionId) {
- ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).string());
+ ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).c_str());
std::shared_ptr<DescramblerPlugin> holder = std::atomic_load(&mPluginHolder);
if (holder.get() == nullptr) {
diff --git a/cas/1.1/default/FactoryLoader.h b/cas/1.1/default/FactoryLoader.h
index 121f90c..a575df6 100644
--- a/cas/1.1/default/FactoryLoader.h
+++ b/cas/1.1/default/FactoryLoader.h
@@ -17,6 +17,7 @@
#ifndef ANDROID_HARDWARE_CAS_V1_1_FACTORY_LOADER_H_
#define ANDROID_HARDWARE_CAS_V1_1_FACTORY_LOADER_H_
+#include <android-base/strings.h>
#include <dirent.h>
#include <dlfcn.h>
#include <media/cas/CasAPI.h>
@@ -90,17 +91,17 @@
#else
String8 dirPath("/vendor/lib/mediacas");
#endif
- DIR* pDir = opendir(dirPath.string());
+ DIR* pDir = opendir(dirPath.c_str());
if (pDir == NULL) {
- ALOGE("Failed to open plugin directory %s", dirPath.string());
+ ALOGE("Failed to open plugin directory %s", dirPath.c_str());
return false;
}
struct dirent* pEntry;
while ((pEntry = readdir(pDir))) {
String8 pluginPath = dirPath + "/" + pEntry->d_name;
- if (pluginPath.getPathExtension() == ".so") {
+ if (base::EndsWith(pluginPath.c_str(), ".so")) {
if (loadFactoryForSchemeFromPath(pluginPath, CA_system_id, library, factory)) {
mCASystemIdToLibraryPathMap.add(CA_system_id, pluginPath);
closedir(pDir);
@@ -127,10 +128,10 @@
#else
String8 dirPath("/vendor/lib/mediacas");
#endif
- DIR* pDir = opendir(dirPath.string());
+ DIR* pDir = opendir(dirPath.c_str());
if (pDir == NULL) {
- ALOGE("Failed to open plugin directory %s", dirPath.string());
+ ALOGE("Failed to open plugin directory %s", dirPath.c_str());
return false;
}
@@ -139,7 +140,7 @@
struct dirent* pEntry;
while ((pEntry = readdir(pDir))) {
String8 pluginPath = dirPath + "/" + pEntry->d_name;
- if (pluginPath.getPathExtension() == ".so") {
+ if (base::EndsWith(pluginPath.c_str(), ".so")) {
queryPluginsFromPath(pluginPath, results);
}
}
diff --git a/cas/1.1/default/SharedLibrary.cpp b/cas/1.1/default/SharedLibrary.cpp
index ffe4bb9..ac5dbcf 100644
--- a/cas/1.1/default/SharedLibrary.cpp
+++ b/cas/1.1/default/SharedLibrary.cpp
@@ -29,7 +29,7 @@
namespace implementation {
SharedLibrary::SharedLibrary(const String8& path) {
- mLibHandle = dlopen(path.string(), RTLD_NOW);
+ mLibHandle = dlopen(path.c_str(), RTLD_NOW);
}
SharedLibrary::~SharedLibrary() {
diff --git a/cas/1.2/default/CasImpl.cpp b/cas/1.2/default/CasImpl.cpp
index 46dd251..b1038bc 100644
--- a/cas/1.2/default/CasImpl.cpp
+++ b/cas/1.2/default/CasImpl.cpp
@@ -174,7 +174,7 @@
Return<Status> CasImpl::setSessionPrivateData(const HidlCasSessionId& sessionId,
const HidlCasData& pvtData) {
- ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).string());
+ ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).c_str());
std::shared_ptr<CasPlugin> holder = std::atomic_load(&mPluginHolder);
if (holder.get() == nullptr) {
return toStatus(INVALID_OPERATION);
@@ -183,7 +183,7 @@
}
Return<Status> CasImpl::closeSession(const HidlCasSessionId& sessionId) {
- ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).string());
+ ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).c_str());
std::shared_ptr<CasPlugin> holder = std::atomic_load(&mPluginHolder);
if (holder.get() == nullptr) {
return toStatus(INVALID_OPERATION);
@@ -192,7 +192,7 @@
}
Return<Status> CasImpl::processEcm(const HidlCasSessionId& sessionId, const HidlCasData& ecm) {
- ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).string());
+ ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).c_str());
std::shared_ptr<CasPlugin> holder = std::atomic_load(&mPluginHolder);
if (holder.get() == nullptr) {
return toStatus(INVALID_OPERATION);
diff --git a/cas/1.2/default/DescramblerImpl.cpp b/cas/1.2/default/DescramblerImpl.cpp
index 309cd3c..9d2ead7 100644
--- a/cas/1.2/default/DescramblerImpl.cpp
+++ b/cas/1.2/default/DescramblerImpl.cpp
@@ -59,7 +59,7 @@
}
Return<Status> DescramblerImpl::setMediaCasSession(const HidlCasSessionId& sessionId) {
- ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).string());
+ ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).c_str());
std::shared_ptr<DescramblerPlugin> holder = std::atomic_load(&mPluginHolder);
if (holder.get() == nullptr) {
diff --git a/cas/1.2/default/FactoryLoader.h b/cas/1.2/default/FactoryLoader.h
index a374b31..0b05bfc 100644
--- a/cas/1.2/default/FactoryLoader.h
+++ b/cas/1.2/default/FactoryLoader.h
@@ -17,6 +17,7 @@
#ifndef ANDROID_HARDWARE_CAS_V1_1_FACTORY_LOADER_H_
#define ANDROID_HARDWARE_CAS_V1_1_FACTORY_LOADER_H_
+#include <android-base/strings.h>
#include <dirent.h>
#include <dlfcn.h>
#include <media/cas/CasAPI.h>
@@ -90,17 +91,17 @@
#else
String8 dirPath("/vendor/lib/mediacas");
#endif
- DIR* pDir = opendir(dirPath.string());
+ DIR* pDir = opendir(dirPath.c_str());
if (pDir == NULL) {
- ALOGE("Failed to open plugin directory %s", dirPath.string());
+ ALOGE("Failed to open plugin directory %s", dirPath.c_str());
return false;
}
struct dirent* pEntry;
while ((pEntry = readdir(pDir))) {
String8 pluginPath = dirPath + "/" + pEntry->d_name;
- if (pluginPath.getPathExtension() == ".so") {
+ if (base::EndsWith(pluginPath.c_str(), ".so")) {
if (loadFactoryForSchemeFromPath(pluginPath, CA_system_id, library, factory)) {
mCASystemIdToLibraryPathMap.add(CA_system_id, pluginPath);
closedir(pDir);
@@ -127,10 +128,10 @@
#else
String8 dirPath("/vendor/lib/mediacas");
#endif
- DIR* pDir = opendir(dirPath.string());
+ DIR* pDir = opendir(dirPath.c_str());
if (pDir == NULL) {
- ALOGE("Failed to open plugin directory %s", dirPath.string());
+ ALOGE("Failed to open plugin directory %s", dirPath.c_str());
return false;
}
@@ -139,7 +140,7 @@
struct dirent* pEntry;
while ((pEntry = readdir(pDir))) {
String8 pluginPath = dirPath + "/" + pEntry->d_name;
- if (pluginPath.getPathExtension() == ".so") {
+ if (base::EndsWith(pluginPath.c_str(), ".so")) {
queryPluginsFromPath(pluginPath, results);
}
}
diff --git a/cas/1.2/default/SharedLibrary.cpp b/cas/1.2/default/SharedLibrary.cpp
index ffe4bb9..ac5dbcf 100644
--- a/cas/1.2/default/SharedLibrary.cpp
+++ b/cas/1.2/default/SharedLibrary.cpp
@@ -29,7 +29,7 @@
namespace implementation {
SharedLibrary::SharedLibrary(const String8& path) {
- mLibHandle = dlopen(path.string(), RTLD_NOW);
+ mLibHandle = dlopen(path.c_str(), RTLD_NOW);
}
SharedLibrary::~SharedLibrary() {
diff --git a/cas/aidl/OWNERS b/cas/OWNERS
old mode 100755
new mode 100644
similarity index 100%
rename from cas/aidl/OWNERS
rename to cas/OWNERS
diff --git a/cas/aidl/default/Android.bp b/cas/aidl/default/Android.bp
index 6ce5681..576016e 100644
--- a/cas/aidl/default/Android.bp
+++ b/cas/aidl/default/Android.bp
@@ -21,6 +21,7 @@
shared_libs: [
"android.hardware.cas-V1-ndk",
+ "libbase",
"libbinder_ndk",
"liblog",
"libutils",
@@ -48,6 +49,7 @@
],
shared_libs: [
"android.hardware.cas-V1-ndk",
+ "libbase",
"libbinder_ndk",
"liblog",
"libutils",
diff --git a/cas/aidl/default/CasImpl.cpp b/cas/aidl/default/CasImpl.cpp
index f08fcc0..9885e16 100644
--- a/cas/aidl/default/CasImpl.cpp
+++ b/cas/aidl/default/CasImpl.cpp
@@ -158,7 +158,7 @@
ScopedAStatus CasImpl::setSessionPrivateData(const vector<uint8_t>& sessionId,
const vector<uint8_t>& pvtData) {
- ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).string());
+ ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).c_str());
shared_ptr<CasPlugin> holder = atomic_load(&mPluginHolder);
if (holder.get() == nullptr) {
return toStatus(INVALID_OPERATION);
@@ -167,7 +167,7 @@
}
ScopedAStatus CasImpl::closeSession(const vector<uint8_t>& sessionId) {
- ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).string());
+ ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).c_str());
shared_ptr<CasPlugin> holder = atomic_load(&mPluginHolder);
if (holder.get() == nullptr) {
return toStatus(INVALID_OPERATION);
@@ -176,7 +176,7 @@
}
ScopedAStatus CasImpl::processEcm(const vector<uint8_t>& sessionId, const vector<uint8_t>& ecm) {
- ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).string());
+ ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(sessionId).c_str());
shared_ptr<CasPlugin> holder = atomic_load(&mPluginHolder);
if (holder.get() == nullptr) {
return toStatus(INVALID_OPERATION);
diff --git a/cas/aidl/default/DescramblerImpl.cpp b/cas/aidl/default/DescramblerImpl.cpp
index a96fd46..d658887 100644
--- a/cas/aidl/default/DescramblerImpl.cpp
+++ b/cas/aidl/default/DescramblerImpl.cpp
@@ -54,7 +54,7 @@
}
ScopedAStatus DescramblerImpl::setMediaCasSession(const vector<uint8_t>& in_sessionId) {
- ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(in_sessionId).string());
+ ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(in_sessionId).c_str());
shared_ptr<DescramblerPlugin> holder = atomic_load(&mPluginHolder);
if (holder.get() == nullptr) {
diff --git a/cas/aidl/default/FactoryLoader.h b/cas/aidl/default/FactoryLoader.h
index 6a562f6..bc3d715 100644
--- a/cas/aidl/default/FactoryLoader.h
+++ b/cas/aidl/default/FactoryLoader.h
@@ -14,6 +14,7 @@
* limitations under the License.
*/
+#include <android-base/strings.h>
#include <dirent.h>
#include <dlfcn.h>
#include <media/cas/CasAPI.h>
@@ -86,17 +87,17 @@
#else
String8 dirPath("/vendor/lib/mediacas");
#endif
- DIR* pDir = opendir(dirPath.string());
+ DIR* pDir = opendir(dirPath.c_str());
if (pDir == NULL) {
- ALOGE("Failed to open plugin directory %s", dirPath.string());
+ ALOGE("Failed to open plugin directory %s", dirPath.c_str());
return false;
}
struct dirent* pEntry;
while ((pEntry = readdir(pDir))) {
String8 pluginPath = dirPath + "/" + pEntry->d_name;
- if (pluginPath.getPathExtension() == ".so") {
+ if (base::EndsWith(pluginPath.c_str(), ".so")) {
if (loadFactoryForSchemeFromPath(pluginPath, CA_system_id, library, factory)) {
mCASystemIdToLibraryPathMap.add(CA_system_id, pluginPath);
closedir(pDir);
@@ -123,10 +124,10 @@
#else
String8 dirPath("/vendor/lib/mediacas");
#endif
- DIR* pDir = opendir(dirPath.string());
+ DIR* pDir = opendir(dirPath.c_str());
if (pDir == NULL) {
- ALOGE("Failed to open plugin directory %s", dirPath.string());
+ ALOGE("Failed to open plugin directory %s", dirPath.c_str());
return false;
}
@@ -135,7 +136,7 @@
struct dirent* pEntry;
while ((pEntry = readdir(pDir))) {
String8 pluginPath = dirPath + "/" + pEntry->d_name;
- if (pluginPath.getPathExtension() == ".so") {
+ if (base::EndsWith(pluginPath.c_str(), ".so")) {
queryPluginsFromPath(pluginPath, results);
}
}
diff --git a/cas/aidl/default/SharedLibrary.cpp b/cas/aidl/default/SharedLibrary.cpp
index e79f383..c12d17d 100644
--- a/cas/aidl/default/SharedLibrary.cpp
+++ b/cas/aidl/default/SharedLibrary.cpp
@@ -26,7 +26,7 @@
namespace cas {
SharedLibrary::SharedLibrary(const String8& path) {
- mLibHandle = dlopen(path.string(), RTLD_NOW);
+ mLibHandle = dlopen(path.c_str(), RTLD_NOW);
}
SharedLibrary::~SharedLibrary() {
diff --git a/cas/aidl/default/TypeConvert.cpp b/cas/aidl/default/TypeConvert.cpp
index 4f7005f..1f0a46d 100644
--- a/cas/aidl/default/TypeConvert.cpp
+++ b/cas/aidl/default/TypeConvert.cpp
@@ -98,7 +98,7 @@
for (auto it = sessionId.begin(); it != sessionId.end(); it++) {
result.appendFormat("%02x ", *it);
}
- if (result.isEmpty()) {
+ if (result.empty()) {
result.append("(null)");
}
return result;
diff --git a/compatibility_matrices/compatibility_matrix.8.xml b/compatibility_matrices/compatibility_matrix.8.xml
index b7ed648..098270f 100644
--- a/compatibility_matrices/compatibility_matrix.8.xml
+++ b/compatibility_matrices/compatibility_matrix.8.xml
@@ -449,7 +449,7 @@
<regex-instance>.*</regex-instance>
</interface>
</hal>
- <hal format="aidl" optional="true">
+ <hal format="aidl" optional="true" updatable-via-apex="true">
<name>android.hardware.neuralnetworks</name>
<version>1-4</version>
<interface>
diff --git a/compatibility_matrices/compatibility_matrix.9.xml b/compatibility_matrices/compatibility_matrix.9.xml
index 6e2178a..f006c71 100644
--- a/compatibility_matrices/compatibility_matrix.9.xml
+++ b/compatibility_matrices/compatibility_matrix.9.xml
@@ -446,7 +446,7 @@
<regex-instance>.*</regex-instance>
</interface>
</hal>
- <hal format="aidl" optional="true">
+ <hal format="aidl" optional="true" updatable-via-apex="true">
<name>android.hardware.neuralnetworks</name>
<version>1-4</version>
<interface>
@@ -646,6 +646,14 @@
<instance>default</instance>
</interface>
</hal>
+ <hal format="aidl" optional="true" updatable-via-apex="true">
+ <name>android.hardware.threadnetwork</name>
+ <version>1</version>
+ <interface>
+ <name>IThreadChip</name>
+ <regex-instance>chip[0-9]+</regex-instance>
+ </interface>
+ </hal>
<hal format="aidl" optional="true">
<name>android.hardware.tv.hdmi.cec</name>
<version>1</version>
@@ -787,12 +795,4 @@
<regex-instance>.*</regex-instance>
</interface>
</hal>
- <hal format="aidl" optional="true" updatable-via-apex="true">
- <name>android.hardware.threadnetwork</name>
- <version>1</version>
- <interface>
- <name>IThreadChip</name>
- <regex-instance>chip[0-9]+</regex-instance>
- </interface>
- </hal>
</compatibility-matrix>
diff --git a/drm/1.0/default/Android.bp b/drm/1.0/default/Android.bp
index cbdab4f..45aba7b 100644
--- a/drm/1.0/default/Android.bp
+++ b/drm/1.0/default/Android.bp
@@ -134,6 +134,7 @@
shared_libs: [
"android.hardware.drm@1.0",
"android.hidl.memory@1.0",
+ "libbase",
"libcutils",
"libhidlbase",
"libhidlmemory",
diff --git a/drm/1.0/default/include/PluginLoader.h b/drm/1.0/default/include/PluginLoader.h
index e243f42..5130b16 100644
--- a/drm/1.0/default/include/PluginLoader.h
+++ b/drm/1.0/default/include/PluginLoader.h
@@ -18,6 +18,8 @@
#define PLUGIN_LOADER_H_
#include "SharedLibrary.h"
+
+#include <android-base/strings.h>
#include <utils/Log.h>
#include <utils/String8.h>
#include <utils/Vector.h>
@@ -46,7 +48,7 @@
struct dirent* pEntry;
while ((pEntry = readdir(pDir))) {
String8 file(pEntry->d_name);
- if (file.getPathExtension() == ".so") {
+ if (base::EndsWith(file.c_str(), ".so")) {
String8 path = pluginDir + "/" + pEntry->d_name;
T *plugin = loadOne(path, entry);
if (plugin) {
diff --git a/health/1.0/default/convert.cpp b/health/1.0/default/convert.cpp
index 3680d4d..31b4679 100644
--- a/health/1.0/default/convert.cpp
+++ b/health/1.0/default/convert.cpp
@@ -26,19 +26,18 @@
config.periodicChoresIntervalFast = hc->periodic_chores_interval_fast;
config.periodicChoresIntervalSlow = hc->periodic_chores_interval_slow;
- config.batteryStatusPath = hc->batteryStatusPath.string();
- config.batteryHealthPath = hc->batteryHealthPath.string();
- config.batteryPresentPath = hc->batteryPresentPath.string();
- config.batteryCapacityPath = hc->batteryCapacityPath.string();
- config.batteryVoltagePath = hc->batteryVoltagePath.string();
- config.batteryTemperaturePath = hc->batteryTemperaturePath.string();
- config.batteryTechnologyPath = hc->batteryTechnologyPath.string();
- config.batteryCurrentNowPath = hc->batteryCurrentNowPath.string();
- config.batteryCurrentAvgPath = hc->batteryCurrentAvgPath.string();
- config.batteryChargeCounterPath = hc->batteryChargeCounterPath.string();
- config.batteryFullChargePath = hc->batteryFullChargePath.string();
- config.batteryCycleCountPath = hc->batteryCycleCountPath.string();
-
+ config.batteryStatusPath = hc->batteryStatusPath.c_str();
+ config.batteryHealthPath = hc->batteryHealthPath.c_str();
+ config.batteryPresentPath = hc->batteryPresentPath.c_str();
+ config.batteryCapacityPath = hc->batteryCapacityPath.c_str();
+ config.batteryVoltagePath = hc->batteryVoltagePath.c_str();
+ config.batteryTemperaturePath = hc->batteryTemperaturePath.c_str();
+ config.batteryTechnologyPath = hc->batteryTechnologyPath.c_str();
+ config.batteryCurrentNowPath = hc->batteryCurrentNowPath.c_str();
+ config.batteryCurrentAvgPath = hc->batteryCurrentAvgPath.c_str();
+ config.batteryChargeCounterPath = hc->batteryChargeCounterPath.c_str();
+ config.batteryFullChargePath = hc->batteryFullChargePath.c_str();
+ config.batteryCycleCountPath = hc->batteryCycleCountPath.c_str();
}
void convertFromHealthConfig(const HealthConfig& c, struct healthd_config *hc) {
diff --git a/health/aidl/OWNERS b/health/OWNERS
similarity index 100%
rename from health/aidl/OWNERS
rename to health/OWNERS
diff --git a/media/c2/aidl/aidl_api/android.hardware.media.c2/current/android/hardware/media/c2/IComponent.aidl b/media/c2/aidl/aidl_api/android.hardware.media.c2/current/android/hardware/media/c2/IComponent.aidl
index 1af66d0..c7d8a97 100644
--- a/media/c2/aidl/aidl_api/android.hardware.media.c2/current/android/hardware/media/c2/IComponent.aidl
+++ b/media/c2/aidl/aidl_api/android.hardware.media.c2/current/android/hardware/media/c2/IComponent.aidl
@@ -35,7 +35,7 @@
@VintfStability
interface IComponent {
android.hardware.common.NativeHandle configureVideoTunnel(in int avSyncHwId);
- android.hardware.media.c2.IComponent.BlockPool createBlockPool(in int allocatorId);
+ android.hardware.media.c2.IComponent.BlockPool createBlockPool(in android.hardware.media.c2.IComponent.BlockPoolAllocator allocator);
void destroyBlockPool(in long blockPoolId);
void drain(in boolean withEos);
android.hardware.media.c2.WorkBundle flush();
@@ -43,11 +43,14 @@
void queue(in android.hardware.media.c2.WorkBundle workBundle);
void release();
void reset();
- void setDecoderOutputAllocator(in android.hardware.media.c2.IGraphicBufferAllocator allocator);
void start();
void stop();
parcelable BlockPool {
long blockPoolId;
android.hardware.media.c2.IConfigurable configurable;
}
+ union BlockPoolAllocator {
+ int allocatorId;
+ android.hardware.media.c2.IGraphicBufferAllocator igba;
+ }
}
diff --git a/media/c2/aidl/android/hardware/media/c2/IComponent.aidl b/media/c2/aidl/android/hardware/media/c2/IComponent.aidl
index a9fddbb..a330d46 100644
--- a/media/c2/aidl/android/hardware/media/c2/IComponent.aidl
+++ b/media/c2/aidl/android/hardware/media/c2/IComponent.aidl
@@ -43,6 +43,18 @@
long blockPoolId;
IConfigurable configurable;
}
+
+ /**
+ * Allocator for C2BlockPool.
+ *
+ * C2BlockPool will use a C2Allocator which is specified by an id.
+ * or C2AIDL allocator interface directly.
+ */
+ union BlockPoolAllocator {
+ int allocatorId;
+ IGraphicBufferAllocator igba;
+ }
+
/**
* Configures a component for a tunneled playback mode.
*
@@ -86,7 +98,8 @@
* destroyBlockPool(), reset() or release(). reset() and release() must
* destroy all `C2BlockPool` objects that have been created.
*
- * @param allocatorId Id of a `C2Allocator`.
+ * @param allocator AIDL allocator interface or C2Allocator specifier
+ * for C2BlockPool
* @param out configurable Configuration interface for the created pool. This
* must not be null.
* @return Created block pool information. This could be used to config/query and
@@ -97,7 +110,7 @@
* - `Status::TIMED_OUT` - The operation cannot be finished in a timely manner.
* - `Status::CORRUPTED` - Some unknown error occurred.
*/
- BlockPool createBlockPool(in int allocatorId);
+ BlockPool createBlockPool(in BlockPoolAllocator allocator);
/**
* Destroys a local block pool previously created by createBlockPool().
@@ -232,17 +245,6 @@
void reset();
/**
- * Specify an allocator for decoder output buffer from HAL.
- *
- * The method will be used once during the life-cycle of a codec instance.
- * @param allocator Decoder output buffer allocator from the client
- * @throws ServiceSpecificException with one of the following values
- * - `Status::CANNOT_DO` - The component does not support allocating from the client.
- * - `Status::CORRUPTED` - Some unknown error occurred.
- */
- void setDecoderOutputAllocator(in IGraphicBufferAllocator allocator);
-
- /**
* Starts the component.
*
* This method must be supported in stopped state as well as tripped state.
diff --git a/security/README.md b/security/README.md
new file mode 100644
index 0000000..c5b5ba8
--- /dev/null
+++ b/security/README.md
@@ -0,0 +1,109 @@
+# Security-Related HALs
+
+The `security/` subdirectory holds various security-related HALs. (The final two sections of this
+document also describe security-related HALs that are in other places under `hardware/interfaces/`.)
+
+The most significant HAL is KeyMint (**`IKeyMintDevice`** in the
+`hardware/interfaces/security/keymint/` directory), which allows access to cryptographic
+functionality where the key material is restricted to a secure environment. This functionality is
+used by Android system services, and is also made available to apps via Android Keystore.
+
+A KeyMint implementation (or an implementation of its predecessor, Keymaster) that runs in an
+isolated execution environment (e.g. ARM TrustZone) is required for most Android devices; see [CDD
+9.11](https://source.android.com/docs/compatibility/13/android-13-cdd#911_keys_and_credentials).
+
+A device may optionally also support a second KeyMint instance, running in a dedicated secure
+processor; this is known as StrongBox ([CDD
+9.11.2](https://source.android.com/docs/compatibility/13/android-13-cdd#9112_strongbox)).
+
+Two specific features of KeyMint are worth highlighting, as they have an impact on the other
+security-related HALs:
+
+- KeyMint supports keys that can only be used when the operation is authenticated by the user,
+ either by their lock screen knowledge factor (LSKF, e.g. PIN or pattern) or by a strong biometric
+ (e.g. fingerprint).
+- KeyMint supports *attestation* of public keys: when an asymmetric keypair is created, the secure
+ environment produces a chain of signed certificates:
+ - starting from a trusted root certificate
+ - terminating in a leaf certificate that holds the public key; this leaf certificate may also
+ describe the state of the device and the policies attached to the key.
+
+## Authentication Verification
+
+User authentication must also take place in a secure environment (see the final section below), but
+the results of that authentication are communicated to KeyMint via Android. As such, the
+authentication result (a *hardware auth token*) is signed with a per-boot shared HMAC key known only
+to the secure components, so that it's authenticity can be verified.
+
+If an authenticator, for example GateKeeper (described by the **`IGatekeeper`** HAL in
+`hardware/interfaces/gatekeeper/`), is co-located in the same secure environment as KeyMint, it can
+use a local, vendor-specific, method to communicate the shared HMAC key.
+
+However, if the authenticator is in a different environment than the KeyMint instance then a local
+communication mechanism may not be possible. For example, a StrongBox KeyMint instance running in a
+separate secure processor may not have a communication channel with a TEE on the main processor.
+
+To allow for this, the **`ISharedSecret`** HAL (in `hardware/interfaces/security/sharedsecret`)
+describes an N-party shared key agreement protocol for per-boot derivation of the shared HMAC key,
+based on a pre-provisioned shared secret. This HAL can be implemented by any security component
+– whether KeyMint instance or authenticator – that needs access to the shared HMAC key.
+
+User authentication operations are also timestamped, but a StrongBox KeyMint instance may not have
+access to a secure time source that is aligned with the authenticator's time source.
+
+To allow for this, the **`ISecureClock`** HAL (in `hardware/interfaces/secureclock`) describes a
+challenge-based timestamp authentication protocol. This HAL is optional; it need only be
+implemented if there is a KeyMint instance without a secure source of time.
+
+## Attestation Key Provisioning
+
+As noted above, key generation may also generate an attestation certificate chain, which requires
+that the secure environment have access to a signing key which in turn chains back to the Google
+root.
+
+Historically these signing keys were created by Google and provided to vendors for installation in
+batches of devices (to prevent their use as unique device identifiers). However, this mechanism had
+significant disadvantages, as it required secure handling of key material and only allowed for
+coarse-grained revocation.
+
+The remote key provisioning HAL (**`IRemotelyProvisionedComponent`** in
+`hardware/interfaces/security/rkp/`) provides a mechanism whereby signing certificates for
+attestation can be retrieved at runtime from Google servers based on pre-registered device identity
+information. This mechanism is used to provision certificates for KeyMint's signing keys, but is
+not restricted to that purpose; it can also be used in other scenarios where keys need to be
+provisioned (for example, for [Widevine](https://developers.google.com/widevine/drm/overview)).
+
+## Keymaster
+
+The Keymaster HAL (**`IKeymasterDevice`** in `hardware/interfaces/keymaster/`) is the historical
+ancestor of many of the HALs here (and may still be present on older devices). Its functionality is
+effectively the union of the following current HALs:
+
+- **`IKeyMintDevice`**
+- **`ISharedSecret`**
+- **`ISecureClock`**
+
+## Related Authentication HALs
+
+Authentication of users needs to happen in a secure environment, using vendor-specific
+functionality, and so involves the use of one of the following HALs (all of which are outside the
+`security/` subdirectory).
+
+- The **`IGatekeeper`** HAL (in `hardware/interfaces/gatekeeper/`) provides user authentication
+ functionality based on the user's lock-screen knowledge factor (LSKF), including throttling
+ behaviour to prevent attacks. Authentication tokens produced by this HAL are consumed by KeyMint,
+ validated using the shared HMAC key described above.
+ - The optional **`IWeaver`** HAL (in `hardware/interfaces/weaver`) improves the security of LSKF
+ authentication by converting the user's LSKF into a *synthetic password* via hashing and
+ stretching. This is required to be implemented on a separate secure element, which prevents
+ offline attacks on Gatekeeper storage. Note that Weaver does not directly interact with KeyMint;
+ the synthetic password is fed into Gatekeeper in place of the plain user password, and then
+ Gatekeeper interacts with KeyMint as normal.
+- The **`IFingerprint`** and **`IFace`** HAL definitions (under `hardware/interfaces/biometrics/`)
+ allow access to biometric authentication functionality that is implemented in a secure
+ environment. Authentication tokens produced by these HALs are consumed by KeyMint, validated
+ using the shared HMAC key described above.
+- The optional **`IConfirmationUI`** HAL (in `hardware/interfaces/confirmationui`) supports
+ functionality where the user confirms that they have seen a specific message in a secure manner.
+ Confirmation tokens produced by this HAL are consumed by KeyMint, validated using the shared HMAC
+ key described above.
diff --git a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
index d401247..36f0106 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
@@ -971,7 +971,9 @@
* Tag::CERTIFICATE_NOT_BEFORE the beginning of the validity of the certificate in UNIX epoch
* time in milliseconds. This value is used when generating attestation or self signed
* certificates. ErrorCode::MISSING_NOT_BEFORE must be returned if this tag is not provided if
- * this tag is not provided to generateKey or importKey.
+ * this tag is not provided to generateKey or importKey. For importWrappedKey, there is no way
+ * to specify the value of this tag for the wrapped key, so a value of 0 must be used for
+ * certificate generation.
*/
CERTIFICATE_NOT_BEFORE = TagType.DATE | 1008,
@@ -979,7 +981,8 @@
* Tag::CERTIFICATE_NOT_AFTER the end of the validity of the certificate in UNIX epoch time in
* milliseconds. This value is used when generating attestation or self signed certificates.
* ErrorCode::MISSING_NOT_AFTER must be returned if this tag is not provided to generateKey or
- * importKey.
+ * importKey. For importWrappedKey, there is no way to specify the value of this tag for the
+ * wrapped key, so a value of 253402300799000 is used for certificate generation.
*/
CERTIFICATE_NOT_AFTER = TagType.DATE | 1009,
diff --git a/security/keymint/aidl/default/service.cpp b/security/keymint/aidl/default/service.cpp
index dc0c618..10cbf07 100644
--- a/security/keymint/aidl/default/service.cpp
+++ b/security/keymint/aidl/default/service.cpp
@@ -44,6 +44,8 @@
}
int main() {
+ // The global logger object required by keymaster's logging macros in keymaster/logger.h.
+ keymaster::SoftKeymasterLogger km_logger;
// Zero threads seems like a useless pool, but below we'll join this thread to it, increasing
// the pool size to 1.
ABinderProcess_setThreadPoolMaxThreadCount(0);
diff --git a/security/keymint/aidl/vts/functional/AuthTest.cpp b/security/keymint/aidl/vts/functional/AuthTest.cpp
index ecaee11..d5c6d2a 100644
--- a/security/keymint/aidl/vts/functional/AuthTest.cpp
+++ b/security/keymint/aidl/vts/functional/AuthTest.cpp
@@ -545,7 +545,7 @@
ASSERT_GT(dodgy_hat->mac.size(), 0);
dodgy_hat->mac[0] ^= 0x01;
EXPECT_EQ(ErrorCode::KEY_USER_NOT_AUTHENTICATED,
- Finish(message, {} /* signature */, &ciphertext, hat.value()));
+ Finish(message, {} /* signature */, &ciphertext, dodgy_hat.value()));
}
// Test use of a key that requires an auth token for each action on the operation, with
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
index 9f8593c..5f8ec0e 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
@@ -1300,15 +1300,12 @@
}
bool KeyMintAidlTestBase::IsRkpSupportRequired() const {
- if (get_vsr_api_level() >= __ANDROID_API_T__) {
- return true;
- }
-
- if (get_vsr_api_level() >= __ANDROID_API_S__) {
- return SecLevel() != SecurityLevel::STRONGBOX;
- }
-
- return false;
+ // This is technically not a match to the requirements for S chipsets,
+ // however when S shipped there was a bug in the test that skipped the
+ // tests if KeyMint 2 was not on the system. So we allowed many chipests
+ // to ship without RKP support. In T we hardened the requirements around
+ // support for RKP, so relax the test to match.
+ return get_vsr_api_level() >= __ANDROID_API_T__;
}
vector<uint32_t> KeyMintAidlTestBase::ValidKeySizes(Algorithm algorithm) {
diff --git a/security/keymint/support/remote_prov_utils.cpp b/security/keymint/support/remote_prov_utils.cpp
index c9c3e4d..780c3d2 100644
--- a/security/keymint/support/remote_prov_utils.cpp
+++ b/security/keymint/support/remote_prov_utils.cpp
@@ -14,6 +14,7 @@
* limitations under the License.
*/
+#include <iomanip>
#include <iterator>
#include <memory>
#include <set>
@@ -420,6 +421,36 @@
return entryName + " has an invalid value.\n";
}
+std::string checkMapPatchLevelEntry(bool isFactory, const cppbor::Map& devInfo,
+ const std::string& entryName) {
+ std::string error = checkMapEntry(isFactory, devInfo, cppbor::UINT, entryName);
+ if (!error.empty()) {
+ return error;
+ }
+
+ if (isFactory) {
+ return "";
+ }
+
+ const std::unique_ptr<cppbor::Item>& val = devInfo.get(entryName);
+ std::string dateString = std::to_string(val->asUint()->unsignedValue());
+ if (dateString.size() == 6) {
+ dateString += "01";
+ }
+ if (dateString.size() != 8) {
+ return entryName + " should in the format YYYYMMDD or YYYYMM\n";
+ }
+
+ std::tm t;
+ std::istringstream ss(dateString);
+ ss >> std::get_time(&t, "%Y%m%d");
+ if (!ss) {
+ return entryName + " should in the format YYYYMMDD or YYYYMM\n";
+ }
+
+ return "";
+}
+
bool isTeeDeviceInfo(const cppbor::Map& devInfo) {
return devInfo.get("security_level") && devInfo.get("security_level")->asTstr() &&
devInfo.get("security_level")->asTstr()->value() == "tee";
@@ -520,6 +551,10 @@
error += "Err: Unrecognized key entry: <" + key->asTstr()->value() + ">,\n";
}
}
+ // Checks that only apply to v3.
+ error += checkMapPatchLevelEntry(isFactory, *parsed, "system_patch_level");
+ error += checkMapPatchLevelEntry(isFactory, *parsed, "boot_patch_level");
+ error += checkMapPatchLevelEntry(isFactory, *parsed, "vendor_patch_level");
FALLTHROUGH_INTENDED;
case 2:
for (const auto& entry : kAttestationIdEntrySet) {
diff --git a/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl b/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
index b231dae..21c5315 100644
--- a/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
+++ b/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
@@ -185,77 +185,7 @@
*
* In either case, the root is self-signed.
*
- * EekChain = [ + SignedSignatureKey, SignedEek ]
- *
- * SignedSignatureKey = [ ; COSE_Sign1
- * protected: bstr .cbor {
- * 1 : AlgorithmEdDSA / AlgorithmES256, ; Algorithm
- * },
- * unprotected: {},
- * payload: bstr .cbor SignatureKeyEd25519 /
- * bstr .cbor SignatureKeyP256,
- * signature: bstr PureEd25519(.cbor SignatureKeySignatureInput) /
- * bstr ECDSA(.cbor SignatureKeySignatureInput)
- * ]
- *
- * SignatureKeyEd25519 = { ; COSE_Key
- * 1 : 1, ; Key type : Octet Key Pair
- * 3 : AlgorithmEdDSA, ; Algorithm
- * -1 : 6, ; Curve : Ed25519
- * -2 : bstr ; Ed25519 public key
- * }
- *
- * SignatureKeyP256 = { ; COSE_Key
- * 1 : 2, ; Key type : EC2
- * 3 : AlgorithmES256, ; Algorithm
- * -1 : 1, ; Curve: P256
- * -2 : bstr, ; X coordinate
- * -3 : bstr ; Y coordinate
- * }
- *
- * SignatureKeySignatureInput = [
- * context: "Signature1",
- * body_protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 },
- * external_aad: bstr .size 0,
- * payload: bstr .cbor SignatureKeyEd25519 /
- * bstr .cbor SignatureKeyP256
- * ]
- *
- * ; COSE_Sign1
- * SignedEek = [
- * protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 },
- * unprotected: {},
- * payload: bstr .cbor EekX25519 / .cbor EekP256,
- * signature: bstr PureEd25519(.cbor EekSignatureInput) /
- * bstr ECDSA(.cbor EekSignatureInput)
- * ]
- *
- * EekX25519 = { ; COSE_Key
- * 1 : 1, ; Key type : Octet Key Pair
- * 2 : bstr ; KID : EEK ID
- * 3 : -25, ; Algorithm : ECDH-ES + HKDF-256
- * -1 : 4, ; Curve : X25519
- * -2 : bstr ; X25519 public key, little-endian
- * }
- *
- * EekP256 = { ; COSE_Key
- * 1 : 2, ; Key type : EC2
- * 2 : bstr ; KID : EEK ID
- * 3 : -25, ; Algorithm : ECDH-ES + HKDF-256
- * -1 : 1, ; Curve : P256
- * -2 : bstr ; Sender X coordinate
- * -3 : bstr ; Sender Y coordinate
- * }
- *
- * EekSignatureInput = [
- * context: "Signature1",
- * body_protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 },
- * external_aad: bstr .size 0,
- * payload: bstr .cbor EekX25519 / .cbor EekP256
- * ]
- *
- * AlgorithmES256 = -7 ; RFC 8152 section 8.1
- * AlgorithmEdDSA = -8 ; RFC 8152 section 8.2
+ * See generateCertificateRequest.cddl for CDDL definitions.
*
* If the contents of endpointEncryptionKey do not match the SignedEek structure above,
* the method must return STATUS_INVALID_EEK.
@@ -283,25 +213,9 @@
* HMAC-256(EK_mac, .cbor KeysToMacStructure)
*
* Where EK_mac is an ephemeral MAC key, found in ProtectedData (see below). The MACed
- * data is the "tag" field of a COSE_Mac0 structure like:
+ * data is the "tag" field of a MacedKeys COSE_Mac0 structure.
*
- * MacedKeys = [ ; COSE_Mac0
- * protected : bstr .cbor {
- * 1 : 5, ; Algorithm : HMAC-256
- * },
- * unprotected : {},
- * ; Payload is PublicKeys from keysToSign argument, in provided order.
- * payload: bstr .cbor [ * PublicKey ],
- * tag: bstr
- * ]
- *
- * KeysToMacStructure = [
- * context : "MAC0",
- * protected : bstr .cbor { 1 : 5 }, ; Algorithm : HMAC-256
- * external_aad : bstr .size 0,
- * ; Payload is PublicKeys from keysToSign argument, in provided order.
- * payload : bstr .cbor [ * PublicKey ]
- * ]
+ * See generateCertificateRequest.cddl for CDDL definitions.
*/
byte[] generateCertificateRequest(in boolean testMode, in MacedPublicKey[] keysToSign,
in byte[] endpointEncryptionCertChain, in byte[] challenge, out DeviceInfo deviceInfo,
@@ -322,168 +236,9 @@
* use different semantic data for this field, but the supported sizes must be between 0
* and 64 bytes, inclusive.
*
- * @return the following CBOR Certificate Signing Request (Csr) serialized into a byte array:
+ * @return a CBOR Certificate Signing Request (Csr) serialized into a byte array.
*
- * Csr = AuthenticatedRequest<CsrPayload>
- *
- * CsrPayload = [ ; CBOR Array defining the payload for Csr
- * version: 3, ; The CsrPayload CDDL Schema version.
- * CertificateType, ; The type of certificate being requested.
- * DeviceInfo, ; Defined in DeviceInfo.aidl
- * KeysToSign, ; Provided by the method parameters
- * ]
- *
- * ; A tstr identifying the type of certificate. The set of supported certificate types may
- * ; be extended without requiring a version bump of the HAL. Custom certificate types may
- * ; be used, but the provisioning server may reject the request for an unknown certificate
- * ; type. The currently defined certificate types are:
- * ; - "widevine"
- * ; - "keymint"
- * CertificateType = tstr
- *
- * KeysToSign = [ * PublicKey ] ; Please see MacedPublicKey.aidl for the PublicKey definition.
- *
- * AuthenticatedRequest<T> = [
- * version: 1, ; The AuthenticatedRequest CDDL Schema version.
- * UdsCerts,
- * DiceCertChain,
- * SignedData<[
- * challenge: bstr .size (0..64), ; Provided by the method parameters
- * bstr .cbor T,
- * ]>,
- * ]
- *
- * ; COSE_Sign1 (untagged)
- * SignedData<Data> = [
- * protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 / AlgorithmES384 },
- * unprotected: {},
- * payload: bstr .cbor Data / nil,
- * signature: bstr ; PureEd25519(CDI_Leaf_Priv, SignedDataSigStruct<Data>) /
- * ; ECDSA(CDI_Leaf_Priv, SignedDataSigStruct<Data>)
- * ]
- *
- * ; Sig_structure for SignedData
- * SignedDataSigStruct<Data> = [
- * context: "Signature1",
- * protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 / AlgorithmES384 },
- * external_aad: bstr .size 0,
- * payload: bstr .cbor Data / nil,
- * ]
- *
- * ; UdsCerts allows the platform to provide additional certifications for the UDS_Pub. For
- * ; example, this could be provided by the hardware vendor, who certifies all of their chips.
- * ; The SignerName is a free-form string describing who generated the signature. The root
- * ; certificate will need to be communicated to the verifier out of band, along with the
- * ; SignerName that is expected for the given root certificate.
- * UdsCerts = {
- * * SignerName => UdsCertChain
- * }
- *
- * ; SignerName is a string identifier that indicates both the signing authority as
- * ; well as the format of the UdsCertChain
- * SignerName = tstr
- *
- * UdsCertChain = [
- * 2* X509Certificate ; Root -> ... -> Leaf. "Root" is the vendor self-signed
- * ; cert, "Leaf" contains UDS_Public. There may also be
- * ; intermediate certificates between Root and Leaf.
- * ]
- *
- * ; A bstr containing a DER-encoded X.509 certificate (RSA, NIST P-curve, or EdDSA)
- * X509Certificate = bstr
- *
- * ; The DICE Chain contains measurements about the device firmware.
- * ; The first entry in the DICE Chain is the UDS_Pub, encoded as a COSE_key. All entries
- * ; after the first describe a link in the boot chain (e.g. bootloaders: BL1, BL2, ... BLN)
- * ; Note that there is no DiceChainEntry for UDS_pub, only a "bare" COSE_key.
- * DiceCertChain = [
- * PubKeyEd25519 / PubKeyECDSA256 / PubKeyECDSA384, ; UDS_Pub
- * + DiceChainEntry, ; First CDI_Certificate -> Last CDI_Certificate
- * ; Last certificate corresponds to KeyMint's DICE key.
- * ]
- *
- * ; This is the signed payload for each entry in the DICE chain. Note that the "Configuration
- * ; Input Values" described by the Open Profile are not used here. Instead, the DICE chain
- * ; defines its own configuration values for the Configuration Descriptor field. See
- * ; the Open Profile for DICE for more details on the fields. SHA256, SHA384 and SHA512 are
- * ; acceptable hash algorithms. The digest bstr values in the payload are the digest values
- * ; without any padding. Note that this implies that the digest is a 32-byte bstr for SHA256
- * ; and a 48-byte bstr for SHA384. This is an intentional, minor deviation from Open Profile
- * ; for DICE, which specifies all digests are 64 bytes.
- * DiceChainEntryPayload = { ; CWT [RFC8392]
- * 1 : tstr, ; Issuer
- * 2 : tstr, ; Subject
- * -4670552 : bstr .cbor PubKeyEd25519 /
- * bstr .cbor PubKeyECDSA256,
- * bstr .cbor PubKeyECDSA384, ; Subject Public Key
- * -4670553 : bstr ; Key Usage
- *
- * ; NOTE: All of the following fields may be omitted for a "Degenerate DICE Chain", as
- * ; described above.
- * -4670545 : bstr, ; Code Hash
- * ? -4670546 : bstr, ; Code Descriptor
- * -4670547 : bstr, ; Configuration Hash
- * -4670548 : bstr .cbor { ; Configuration Descriptor
- * ? -70002 : tstr, ; Component name
- * ? -70003 : int / tstr, ; Component version
- * ? -70004 : null, ; Resettable
- * ? -70005 : uint, ; Security version
- * },
- * -4670549 : bstr, ; Authority Hash
- * ? -4670550 : bstr, ; Authority Descriptor
- * -4670551 : bstr, ; Mode
- * }
- *
- * ; Each entry in the DICE chain is a DiceChainEntryPayload signed by the key from the previous
- * ; entry in the DICE chain array.
- * DiceChainEntry = [ ; COSE_Sign1 (untagged)
- * protected : bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 / AlgorithmES384 },
- * unprotected: {},
- * payload: bstr .cbor DiceChainEntryPayload,
- * signature: bstr ; PureEd25519(SigningKey, DiceChainEntryInput) /
- * ; ECDSA(SigningKey, DiceChainEntryInput)
- * ; See RFC 8032 for details of how to encode the signature value
- * ; for Ed25519.
- * ]
- *
- * DiceChainEntryInput = [
- * context: "Signature1",
- * protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 / AlgorithmES384 },
- * external_aad: bstr .size 0,
- * payload: bstr .cbor DiceChainEntryPayload
- * ]
- *
- * ; The following section defines some types that are reused throughout the above
- * ; data structures.
- * ; NOTE: Integer encoding is different for Ed25519 and P256 keys:
- * ; - Ed25519 is LE: https://www.rfc-editor.org/rfc/rfc8032#section-3.1
- * ; - P256 is BE: https://www.secg.org/sec1-v2.pdf#page=19 (section 2.3.7)
- * PubKeyEd25519 = { ; COSE_Key
- * 1 : 1, ; Key type : octet key pair
- * 3 : AlgorithmEdDSA, ; Algorithm : EdDSA
- * -1 : 6, ; Curve : Ed25519
- * -2 : bstr ; X coordinate, little-endian
- * }
- *
- * PubKeyECDSA256 = { ; COSE_Key
- * 1 : 2, ; Key type : EC2
- * 3 : AlgorithmES256, ; Algorithm : ECDSA w/ SHA-256
- * -1 : 1, ; Curve: P256
- * -2 : bstr, ; X coordinate, big-endian
- * -3 : bstr ; Y coordinate, big-endian
- * }
- *
- * PubKeyECDSA384 = { ; COSE_Key
- * 1 : 2, ; Key type : EC2
- * 3 : AlgorithmES384, ; Algorithm : ECDSA w/ SHA-384
- * -1 : 2, ; Curve: P384
- * -2 : bstr, ; X coordinate
- * -3 : bstr ; Y coordinate
- * }
- *
- * AlgorithmES256 = -7
- * AlgorithmES384 = -35
- * AlgorithmEdDSA = -8
+ * See generateCertificateRequestV2.cddl for CDDL definitions.
*/
byte[] generateCertificateRequestV2(in MacedPublicKey[] keysToSign, in byte[] challenge);
}
diff --git a/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequest.cddl b/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequest.cddl
new file mode 100644
index 0000000..82930bc
--- /dev/null
+++ b/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequest.cddl
@@ -0,0 +1,92 @@
+; CDDL for the deprecated version 1 generateCertificateRequest method
+; in IRemotelyProvisionedComponent.aidl
+
+EekChain = [ + SignedSignatureKey, SignedEek ]
+
+SignedSignatureKey = [ ; COSE_Sign1
+ protected: bstr .cbor {
+ 1 : AlgorithmEdDSA / AlgorithmES256, ; Algorithm
+ },
+ unprotected: {},
+ payload: bstr .cbor SignatureKeyEd25519 /
+ bstr .cbor SignatureKeyP256,
+ signature: bstr PureEd25519(.cbor SignatureKeySignatureInput) /
+ bstr ECDSA(.cbor SignatureKeySignatureInput)
+]
+
+SignatureKeyEd25519 = { ; COSE_Key
+ 1 : 1, ; Key type : Octet Key Pair
+ 3 : AlgorithmEdDSA, ; Algorithm
+ -1 : 6, ; Curve : Ed25519
+ -2 : bstr ; Ed25519 public key
+}
+
+SignatureKeyP256 = { ; COSE_Key
+ 1 : 2, ; Key type : EC2
+ 3 : AlgorithmES256, ; Algorithm
+ -1 : 1, ; Curve: P256
+ -2 : bstr, ; X coordinate
+ -3 : bstr ; Y coordinate
+}
+
+SignatureKeySignatureInput = [
+ context: "Signature1",
+ body_protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 },
+ external_aad: bstr .size 0,
+ payload: bstr .cbor SignatureKeyEd25519 /
+ bstr .cbor SignatureKeyP256
+]
+
+; COSE_Sign1
+SignedEek = [
+ protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 },
+ unprotected: {},
+ payload: bstr .cbor EekX25519 / .cbor EekP256,
+ signature: bstr PureEd25519(.cbor EekSignatureInput) /
+ bstr ECDSA(.cbor EekSignatureInput)
+]
+
+EekX25519 = { ; COSE_Key
+ 1 : 1, ; Key type : Octet Key Pair
+ 2 : bstr ; KID : EEK ID
+ 3 : -25, ; Algorithm : ECDH-ES + HKDF-256
+ -1 : 4, ; Curve : X25519
+ -2 : bstr ; X25519 public key, little-endian
+}
+
+EekP256 = { ; COSE_Key
+ 1 : 2, ; Key type : EC2
+ 2 : bstr ; KID : EEK ID
+ 3 : -25, ; Algorithm : ECDH-ES + HKDF-256
+ -1 : 1, ; Curve : P256
+ -2 : bstr ; Sender X coordinate
+ -3 : bstr ; Sender Y coordinate
+}
+
+EekSignatureInput = [
+ context: "Signature1",
+ body_protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 },
+ external_aad: bstr .size 0,
+ payload: bstr .cbor EekX25519 / .cbor EekP256
+]
+
+AlgorithmES256 = -7 ; RFC 8152 section 8.1
+AlgorithmEdDSA = -8 ; RFC 8152 section 8.2
+
+MacedKeys = [ ; COSE_Mac0
+ protected : bstr .cbor {
+ 1 : 5, ; Algorithm : HMAC-256
+ },
+ unprotected : {},
+ ; Payload is PublicKeys from keysToSign argument, in provided order.
+ payload: bstr .cbor [ * PublicKey ],
+ tag: bstr
+]
+
+KeysToMacStructure = [
+ context : "MAC0",
+ protected : bstr .cbor { 1 : 5 }, ; Algorithm : HMAC-256
+ external_aad : bstr .size 0,
+ ; Payload is PublicKeys from keysToSign argument, in provided order.
+ payload : bstr .cbor [ * PublicKey ]
+]
diff --git a/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl b/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl
new file mode 100644
index 0000000..ea71f98
--- /dev/null
+++ b/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl
@@ -0,0 +1,163 @@
+; CDDL for the generateCertificateRequestV2 method in
+; IRemotelyProvisionedComponent.aidl
+
+Csr = AuthenticatedRequest<CsrPayload>
+
+CsrPayload = [ ; CBOR Array defining the payload for Csr
+ version: 3, ; The CsrPayload CDDL Schema version.
+ CertificateType, ; The type of certificate being requested.
+ DeviceInfo, ; Defined in DeviceInfo.aidl
+ KeysToSign, ; Provided by the method parameters
+]
+
+; A tstr identifying the type of certificate. The set of supported certificate types may
+; be extended without requiring a version bump of the HAL. Custom certificate types may
+; be used, but the provisioning server may reject the request for an unknown certificate
+; type. The currently defined certificate types are:
+; - "widevine"
+; - "keymint"
+CertificateType = tstr
+
+KeysToSign = [ * PublicKey ] ; Please see MacedPublicKey.aidl for the PublicKey definition.
+
+AuthenticatedRequest<T> = [
+ version: 1, ; The AuthenticatedRequest CDDL Schema version.
+ UdsCerts,
+ DiceCertChain,
+ SignedData<[
+ challenge: bstr .size (0..64), ; Provided by the method parameters
+ bstr .cbor T,
+ ]>,
+]
+
+; COSE_Sign1 (untagged)
+SignedData<Data> = [
+ protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 / AlgorithmES384 },
+ unprotected: {},
+ payload: bstr .cbor Data / nil,
+ signature: bstr ; PureEd25519(CDI_Leaf_Priv, SignedDataSigStruct<Data>) /
+ ; ECDSA(CDI_Leaf_Priv, SignedDataSigStruct<Data>)
+]
+
+; Sig_structure for SignedData
+SignedDataSigStruct<Data> = [
+ context: "Signature1",
+ protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 / AlgorithmES384 },
+ external_aad: bstr .size 0,
+ payload: bstr .cbor Data / nil,
+]
+
+; UdsCerts allows the platform to provide additional certifications for the UDS_Pub. For
+; example, this could be provided by the hardware vendor, who certifies all of their chips.
+; The SignerName is a free-form string describing who generated the signature. The root
+; certificate will need to be communicated to the verifier out of band, along with the
+; SignerName that is expected for the given root certificate.
+UdsCerts = {
+ * SignerName => UdsCertChain
+}
+
+; SignerName is a string identifier that indicates both the signing authority as
+; well as the format of the UdsCertChain
+SignerName = tstr
+
+UdsCertChain = [
+ 2* X509Certificate ; Root -> ... -> Leaf. "Root" is the vendor self-signed
+ ; cert, "Leaf" contains UDS_Public. There may also be
+ ; intermediate certificates between Root and Leaf.
+]
+
+; A bstr containing a DER-encoded X.509 certificate (RSA, NIST P-curve, or EdDSA)
+X509Certificate = bstr
+
+; The DICE Chain contains measurements about the device firmware.
+; The first entry in the DICE Chain is the UDS_Pub, encoded as a COSE_key. All entries
+; after the first describe a link in the boot chain (e.g. bootloaders: BL1, BL2, ... BLN)
+; Note that there is no DiceChainEntry for UDS_pub, only a "bare" COSE_key.
+DiceCertChain = [
+ PubKeyEd25519 / PubKeyECDSA256 / PubKeyECDSA384, ; UDS_Pub
+ + DiceChainEntry, ; First CDI_Certificate -> Last CDI_Certificate
+ ; Last certificate corresponds to KeyMint's DICE key.
+]
+
+; This is the signed payload for each entry in the DICE chain. Note that the "Configuration
+; Input Values" described by the Open Profile are not used here. Instead, the DICE chain
+; defines its own configuration values for the Configuration Descriptor field. See
+; the Open Profile for DICE for more details on the fields. SHA256, SHA384 and SHA512 are
+; acceptable hash algorithms. The digest bstr values in the payload are the digest values
+; without any padding. Note that this implies that the digest is a 32-byte bstr for SHA256
+; and a 48-byte bstr for SHA384. This is an intentional, minor deviation from Open Profile
+; for DICE, which specifies all digests are 64 bytes.
+DiceChainEntryPayload = { ; CWT [RFC8392]
+ 1 : tstr, ; Issuer
+ 2 : tstr, ; Subject
+ -4670552 : bstr .cbor PubKeyEd25519 /
+ bstr .cbor PubKeyECDSA256 /
+ bstr .cbor PubKeyECDSA384, ; Subject Public Key
+ -4670553 : bstr ; Key Usage
+
+ ; NOTE: All of the following fields may be omitted for a "Degenerate DICE Chain", as
+ ; described above.
+ -4670545 : bstr, ; Code Hash
+ ? -4670546 : bstr, ; Code Descriptor
+ -4670547 : bstr, ; Configuration Hash
+ -4670548 : bstr .cbor { ; Configuration Descriptor
+ ? -70002 : tstr, ; Component name
+ ? -70003 : int / tstr, ; Component version
+ ? -70004 : null, ; Resettable
+ ? -70005 : uint, ; Security version
+ },
+ -4670549 : bstr, ; Authority Hash
+ ? -4670550 : bstr, ; Authority Descriptor
+ -4670551 : bstr, ; Mode
+}
+
+; Each entry in the DICE chain is a DiceChainEntryPayload signed by the key from the previous
+; entry in the DICE chain array.
+DiceChainEntry = [ ; COSE_Sign1 (untagged)
+ protected : bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 / AlgorithmES384 },
+ unprotected: {},
+ payload: bstr .cbor DiceChainEntryPayload,
+ signature: bstr ; PureEd25519(SigningKey, DiceChainEntryInput) /
+ ; ECDSA(SigningKey, DiceChainEntryInput)
+ ; See RFC 8032 for details of how to encode the signature value
+ ; for Ed25519.
+]
+
+DiceChainEntryInput = [
+ context: "Signature1",
+ protected: bstr .cbor { 1 : AlgorithmEdDSA / AlgorithmES256 / AlgorithmES384 },
+ external_aad: bstr .size 0,
+ payload: bstr .cbor DiceChainEntryPayload
+]
+
+; The following section defines some types that are reused throughout the above
+; data structures.
+; NOTE: Integer encoding is different for Ed25519 and P256 keys:
+; - Ed25519 is LE: https://www.rfc-editor.org/rfc/rfc8032#section-3.1
+; - P256 is BE: https://www.secg.org/sec1-v2.pdf#page=19 (section 2.3.7)
+PubKeyEd25519 = { ; COSE_Key
+ 1 : 1, ; Key type : octet key pair
+ 3 : AlgorithmEdDSA, ; Algorithm : EdDSA
+ -1 : 6, ; Curve : Ed25519
+ -2 : bstr ; X coordinate, little-endian
+}
+
+PubKeyECDSA256 = { ; COSE_Key
+ 1 : 2, ; Key type : EC2
+ 3 : AlgorithmES256, ; Algorithm : ECDSA w/ SHA-256
+ -1 : 1, ; Curve: P256
+ -2 : bstr, ; X coordinate, big-endian
+ -3 : bstr ; Y coordinate, big-endian
+}
+
+PubKeyECDSA384 = { ; COSE_Key
+ 1 : 2, ; Key type : EC2
+ 3 : AlgorithmES384, ; Algorithm : ECDSA w/ SHA-384
+ -1 : 2, ; Curve: P384
+ -2 : bstr, ; X coordinate
+ -3 : bstr ; Y coordinate
+}
+
+AlgorithmES256 = -7
+AlgorithmES384 = -35
+AlgorithmEdDSA = -8
diff --git a/tv/tuner/aidl/vts/OWNERS b/tv/tuner/aidl/vts/OWNERS
index bf2b609..5b33bf2 100644
--- a/tv/tuner/aidl/vts/OWNERS
+++ b/tv/tuner/aidl/vts/OWNERS
@@ -1,3 +1,5 @@
+# Bug component: 136752
+
hgchen@google.com
shubang@google.com
quxiangfang@google.com
diff --git a/tv/tuner/aidl/vts/functional/Android.bp b/tv/tuner/aidl/vts/functional/Android.bp
index e5fb1e6..5f04293 100644
--- a/tv/tuner/aidl/vts/functional/Android.bp
+++ b/tv/tuner/aidl/vts/functional/Android.bp
@@ -51,6 +51,7 @@
"android.hardware.cas@1.0",
"android.hardware.cas@1.1",
"android.hardware.cas@1.2",
+ "android.hardware.cas-V1-ndk",
"android.hardware.common-V2-ndk",
"android.hardware.common.fmq-V1-ndk",
"android.hardware.tv.tuner-V1-ndk",
diff --git a/tv/tuner/aidl/vts/functional/DescramblerTests.cpp b/tv/tuner/aidl/vts/functional/DescramblerTests.cpp
index 157fa04..f4855c2 100644
--- a/tv/tuner/aidl/vts/functional/DescramblerTests.cpp
+++ b/tv/tuner/aidl/vts/functional/DescramblerTests.cpp
@@ -19,71 +19,115 @@
using namespace std;
AssertionResult DescramblerTests::createCasPlugin(int32_t caSystemId) {
- auto status = mMediaCasService->isSystemIdSupported(caSystemId);
- if (!status.isOk() || !status) {
- ALOGW("[vts] Failed to check isSystemIdSupported.");
- return failure();
+ mCasListener = ::ndk::SharedRefBase::make<MediaCasListener>();
+
+ if (mMediaCasServiceAidl != nullptr) {
+ bool rst = false;
+ ScopedAStatus status = mMediaCasServiceAidl->isSystemIdSupported(caSystemId, &rst);
+ if (!status.isOk() || !rst) {
+ ALOGW("[vts] Failed to check isSystemIdSupported for AIDL service.");
+ return failure();
+ }
+ status = mMediaCasServiceAidl->createPlugin(caSystemId, mCasListener, &mCasAidl);
+ if (!status.isOk()) {
+ ALOGW("[vts] Failed to createPlugin for AIDL service.");
+ return failure();
+ }
+ } else {
+ auto status = mMediaCasServiceHidl->isSystemIdSupported(caSystemId);
+ if (!status.isOk() || !status) {
+ ALOGW("[vts] Failed to check isSystemIdSupported for HIDL service.");
+ return failure();
+ }
+ auto pluginStatus = mMediaCasServiceHidl->createPluginExt(
+ caSystemId, sp<ICasListenerHidl>(mCasListener.get()));
+ if (!pluginStatus.isOk()) {
+ ALOGW("[vts] Failed to createPluginExt for HIDL service.");
+ return failure();
+ }
+ mCasHidl = ICasHidl::castFrom(pluginStatus);
+ if (mCasHidl == nullptr) {
+ ALOGW("[vts] Failed to get ICas for HIDL service.");
+ return failure();
+ }
}
- mCasListener = new MediaCasListener();
- auto pluginStatus = mMediaCasService->createPluginExt(caSystemId, mCasListener);
- if (!pluginStatus.isOk()) {
- ALOGW("[vts] Failed to createPluginExt.");
- return failure();
- }
- mCas = ICas::castFrom(pluginStatus);
- if (mCas == nullptr) {
- ALOGW("[vts] Failed to get ICas.");
- return failure();
- }
return success();
}
AssertionResult DescramblerTests::openCasSession(vector<uint8_t>& sessionId,
- vector<uint8_t>& hidlPvtData) {
- Status sessionStatus;
- SessionIntent intent = SessionIntent::LIVE;
- ScramblingMode mode = ScramblingMode::RESERVED;
- auto returnVoid =
- mCas->openSession_1_2(intent, mode, [&](Status status, const hidl_vec<uint8_t>& id) {
- sessionStatus = status;
- sessionId = id;
- });
- if (!returnVoid.isOk() || (sessionStatus != Status::OK)) {
- ALOGW("[vts] Failed to open cas session.");
- mCas->closeSession(sessionId);
- return failure();
- }
-
- if (hidlPvtData.size() > 0) {
- auto status = mCas->setSessionPrivateData(sessionId, hidlPvtData);
- if (status != android::hardware::cas::V1_0::Status::OK) {
- ALOGW("[vts] Failed to set session private data");
- mCas->closeSession(sessionId);
+ vector<uint8_t>& pvtData) {
+ if (mMediaCasServiceAidl != nullptr) {
+ SessionIntentAidl intent = SessionIntentAidl::LIVE;
+ ScramblingModeAidl mode = ScramblingModeAidl::RESERVED;
+ std::vector<uint8_t> sessionId;
+ ScopedAStatus status = mCasAidl->openSession(intent, mode, &sessionId);
+ if (!status.isOk()) {
+ ALOGW("[vts] Failed to open cas session for AIDL service.");
+ mCasAidl->closeSession(sessionId);
return failure();
}
+
+ if (pvtData.size() > 0) {
+ ScopedAStatus status = mCasAidl->setSessionPrivateData(sessionId, pvtData);
+ if (!status.isOk()) {
+ ALOGW("[vts] Failed to set session private data for AIDL service.");
+ mCasAidl->closeSession(sessionId);
+ return failure();
+ }
+ }
+ } else {
+ Status sessionStatus;
+ SessionIntentHidl intent = SessionIntentHidl::LIVE;
+ ScramblingModeHidl mode = ScramblingModeHidl::RESERVED;
+ auto returnVoid = mCasHidl->openSession_1_2(
+ intent, mode, [&](Status status, const hidl_vec<uint8_t>& id) {
+ sessionStatus = status;
+ sessionId = id;
+ });
+ if (!returnVoid.isOk() || (sessionStatus != Status::OK)) {
+ ALOGW("[vts] Failed to open cas session for HIDL service.");
+ mCasHidl->closeSession(sessionId);
+ return failure();
+ }
+
+ if (pvtData.size() > 0) {
+ auto status = mCasHidl->setSessionPrivateData(sessionId, pvtData);
+ if (status != android::hardware::cas::V1_0::Status::OK) {
+ ALOGW("[vts] Failed to set session private data for HIDL service.");
+ mCasHidl->closeSession(sessionId);
+ return failure();
+ }
+ }
}
return success();
}
AssertionResult DescramblerTests::getKeyToken(int32_t caSystemId, string& provisonStr,
- vector<uint8_t>& hidlPvtData,
- vector<uint8_t>& token) {
+ vector<uint8_t>& pvtData, vector<uint8_t>& token) {
if (createCasPlugin(caSystemId) != success()) {
ALOGW("[vts] createCasPlugin failed.");
return failure();
}
if (provisonStr.size() > 0) {
- auto returnStatus = mCas->provision(hidl_string(provisonStr));
- if (returnStatus != android::hardware::cas::V1_0::Status::OK) {
- ALOGW("[vts] provision failed.");
- return failure();
+ if (mMediaCasServiceAidl != nullptr) {
+ ScopedAStatus status = mCasAidl->provision(provisonStr);
+ if (!status.isOk()) {
+ ALOGW("[vts] provision failed for AIDL service.");
+ return failure();
+ }
+ } else {
+ auto returnStatus = mCasHidl->provision(hidl_string(provisonStr));
+ if (returnStatus != android::hardware::cas::V1_0::Status::OK) {
+ ALOGW("[vts] provision failed for HIDL service.");
+ return failure();
+ }
}
}
- return openCasSession(token, hidlPvtData);
+ return openCasSession(token, pvtData);
}
AssertionResult DescramblerTests::openDescrambler(int32_t demuxId) {
diff --git a/tv/tuner/aidl/vts/functional/DescramblerTests.h b/tv/tuner/aidl/vts/functional/DescramblerTests.h
index f0b7691..bab1a88 100644
--- a/tv/tuner/aidl/vts/functional/DescramblerTests.h
+++ b/tv/tuner/aidl/vts/functional/DescramblerTests.h
@@ -30,11 +30,17 @@
#include <android/hardware/cas/1.2/IMediaCasService.h>
#include <android/hardware/cas/1.2/types.h>
+#include <aidl/android/hardware/cas/BnCasListener.h>
+#include <aidl/android/hardware/cas/ICas.h>
+#include <aidl/android/hardware/cas/IMediaCasService.h>
+#include <aidl/android/hardware/cas/ScramblingMode.h>
+#include <aidl/android/hardware/cas/SessionIntent.h>
#include <aidl/android/hardware/tv/tuner/IDescrambler.h>
#include <aidl/android/hardware/tv/tuner/IDvr.h>
#include <aidl/android/hardware/tv/tuner/IDvrCallback.h>
#include <aidl/android/hardware/tv/tuner/ITuner.h>
+using ::aidl::android::hardware::cas::BnCasListener;
using android::Condition;
using android::Mutex;
using android::sp;
@@ -42,19 +48,26 @@
using android::hardware::hidl_vec;
using android::hardware::Return;
using android::hardware::Void;
-using android::hardware::cas::V1_2::ICas;
-using android::hardware::cas::V1_2::ICasListener;
-using android::hardware::cas::V1_2::IMediaCasService;
-using android::hardware::cas::V1_2::ScramblingMode;
-using android::hardware::cas::V1_2::SessionIntent;
using android::hardware::cas::V1_2::Status;
using android::hardware::cas::V1_2::StatusEvent;
+using ICasAidl = ::aidl::android::hardware::cas::ICas;
+using ICasHidl = android::hardware::cas::V1_2::ICas;
+using ICasListenerHidl = android::hardware::cas::V1_2::ICasListener;
+using IMediaCasServiceAidl = ::aidl::android::hardware::cas::IMediaCasService;
+using IMediaCasServiceHidl = android::hardware::cas::V1_2::IMediaCasService;
+using ScramblingModeAidl = ::aidl::android::hardware::cas::ScramblingMode;
+using ScramblingModeHidl = android::hardware::cas::V1_2::ScramblingMode;
+using SessionIntentAidl = ::aidl::android::hardware::cas::SessionIntent;
+using SessionIntentHidl = android::hardware::cas::V1_2::SessionIntent;
+using ::ndk::ScopedAStatus;
using ::testing::AssertionResult;
using namespace aidl::android::hardware::tv::tuner;
-class MediaCasListener : public ICasListener {
+const std::string MEDIA_CAS_AIDL_SERVICE_NAME = "android.hardware.cas.IMediaCasService/default";
+
+class MediaCasListener : public ICasListenerHidl, public BnCasListener {
public:
virtual Return<void> onEvent(int32_t /*event*/, int32_t /*arg*/,
const hidl_vec<uint8_t>& /*data*/) override {
@@ -70,12 +83,33 @@
virtual Return<void> onStatusUpdate(StatusEvent /*event*/, int32_t /*arg*/) override {
return Void();
}
+
+ ScopedAStatus onEvent(int32_t /*in_event*/, int32_t /*in_arg*/,
+ const std::vector<uint8_t>& /*in_data*/) override {
+ return ScopedAStatus::ok();
+ }
+
+ ScopedAStatus onSessionEvent(const std::vector<uint8_t>& /*in_sessionId*/, int32_t /*in_event*/,
+ int32_t /*in_arg*/,
+ const std::vector<uint8_t>& /*in_data*/) override {
+ return ScopedAStatus::ok();
+ }
+
+ ScopedAStatus onStatusUpdate(::aidl::android::hardware::cas::StatusEvent /*in_event*/,
+ int32_t /*in_number*/) override {
+ return ScopedAStatus::ok();
+ }
};
class DescramblerTests {
public:
void setService(std::shared_ptr<ITuner> tuner) { mService = tuner; }
- void setCasService(sp<IMediaCasService> casService) { mMediaCasService = casService; }
+ void setCasServiceHidl(sp<IMediaCasServiceHidl> casService) {
+ mMediaCasServiceHidl = casService;
+ }
+ void setCasServiceAidl(std::shared_ptr<IMediaCasServiceAidl> casService) {
+ mMediaCasServiceAidl = casService;
+ }
AssertionResult setKeyToken(std::vector<uint8_t>& token);
AssertionResult openDescrambler(int32_t demuxId);
@@ -95,12 +129,13 @@
std::shared_ptr<ITuner> mService;
std::shared_ptr<IDescrambler> mDescrambler;
- android::sp<ICas> mCas;
- android::sp<IMediaCasService> mMediaCasService;
- android::sp<MediaCasListener> mCasListener;
+ std::shared_ptr<ICasAidl> mCasAidl;
+ android::sp<ICasHidl> mCasHidl;
+ std::shared_ptr<IMediaCasServiceAidl> mMediaCasServiceAidl;
+ android::sp<IMediaCasServiceHidl> mMediaCasServiceHidl;
+ std::shared_ptr<MediaCasListener> mCasListener;
private:
- AssertionResult openCasSession(std::vector<uint8_t>& sessionId,
- std::vector<uint8_t>& hidlPvtData);
+ AssertionResult openCasSession(std::vector<uint8_t>& sessionId, std::vector<uint8_t>& pvtData);
AssertionResult createCasPlugin(int32_t caSystemId);
};
diff --git a/tv/tuner/aidl/vts/functional/VtsHalTvTunerTargetTest.h b/tv/tuner/aidl/vts/functional/VtsHalTvTunerTargetTest.h
index 7f80d90..73dc797 100644
--- a/tv/tuner/aidl/vts/functional/VtsHalTvTunerTargetTest.h
+++ b/tv/tuner/aidl/vts/functional/VtsHalTvTunerTargetTest.h
@@ -338,16 +338,31 @@
} else {
mService = nullptr;
}
- mCasService = IMediaCasService::getService();
ASSERT_NE(mService, nullptr);
- ASSERT_NE(mCasService, nullptr);
+
+ // Get IMediaCasService. Try getting AIDL service first, if AIDL does not exist, try HIDL.
+ if (AServiceManager_isDeclared(MEDIA_CAS_AIDL_SERVICE_NAME.c_str())) {
+ ::ndk::SpAIBinder binder(
+ AServiceManager_waitForService(MEDIA_CAS_AIDL_SERVICE_NAME.c_str()));
+ mCasServiceAidl = IMediaCasServiceAidl::fromBinder(binder);
+ } else {
+ mCasServiceAidl = nullptr;
+ }
+ if (mCasServiceAidl == nullptr) {
+ mCasServiceHidl = IMediaCasServiceHidl::getService();
+ }
+ ASSERT_TRUE(mCasServiceAidl != nullptr || mCasServiceHidl != nullptr);
ASSERT_TRUE(initConfiguration());
mFrontendTests.setService(mService);
mDemuxTests.setService(mService);
mDvrTests.setService(mService);
mDescramblerTests.setService(mService);
- mDescramblerTests.setCasService(mCasService);
+ if (mCasServiceAidl != nullptr) {
+ mDescramblerTests.setCasServiceAidl(mCasServiceAidl);
+ } else {
+ mDescramblerTests.setCasServiceHidl(mCasServiceHidl);
+ }
}
protected:
@@ -360,7 +375,8 @@
AssertionResult filterDataOutputTest();
std::shared_ptr<ITuner> mService;
- android::sp<IMediaCasService> mCasService;
+ sp<IMediaCasServiceHidl> mCasServiceHidl;
+ std::shared_ptr<IMediaCasServiceAidl> mCasServiceAidl;
FrontendTests mFrontendTests;
DemuxTests mDemuxTests;
FilterTests mFilterTests;