Add RemotelyProvisionedComponent HAL.
Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I51fb01f4c52949c81f3ad2d694a4afdf0fa67788
diff --git a/security/keymint/aidl/default/Android.bp b/security/keymint/aidl/default/Android.bp
index 9b7e081..e9f3be0 100644
--- a/security/keymint/aidl/default/Android.bp
+++ b/security/keymint/aidl/default/Android.bp
@@ -18,15 +18,41 @@
"android.hardware.security.secureclock-unstable-ndk_platform",
"libbase",
"libbinder_ndk",
- "libcppbor",
+ "libcppbor_external",
"libcrypto",
"libkeymaster_portable",
"libkeymint",
"liblog",
"libpuresoftkeymasterdevice",
+ "libremote_provisioner",
"libutils",
],
srcs: [
"service.cpp",
],
}
+
+cc_library {
+ name: "libremote_provisioner",
+ vendor_available: true,
+ static_libs: [
+ "libkeymint_remote_prov_support",
+ ],
+ shared_libs: [
+ "android.hardware.security.keymint-unstable-ndk_platform",
+ "libbinder_ndk",
+ "libcppbor_external",
+ "libcppcose",
+ "libcrypto",
+ "libkeymaster_portable",
+ "libkeymint",
+ "liblog",
+ "libpuresoftkeymasterdevice",
+ ],
+ export_include_dirs: [
+ ".",
+ ],
+ srcs: [
+ "RemotelyProvisionedComponent.cpp",
+ ],
+}
diff --git a/security/keymint/aidl/default/RemotelyProvisionedComponent.cpp b/security/keymint/aidl/default/RemotelyProvisionedComponent.cpp
new file mode 100644
index 0000000..f2651fb
--- /dev/null
+++ b/security/keymint/aidl/default/RemotelyProvisionedComponent.cpp
@@ -0,0 +1,430 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "RemotelyProvisionedComponent.h"
+
+#include <assert.h>
+#include <variant>
+
+#include <cppbor.h>
+#include <cppbor_parse.h>
+
+#include <KeyMintUtils.h>
+#include <cppcose/cppcose.h>
+#include <keymaster/keymaster_configuration.h>
+#include <remote_prov/remote_prov_utils.h>
+
+#include <openssl/bn.h>
+#include <openssl/ec.h>
+#include <openssl/rand.h>
+#include <openssl/x509.h>
+
+namespace aidl::android::hardware::security::keymint {
+
+using ::std::string;
+using ::std::tuple;
+using ::std::unique_ptr;
+using ::std::variant;
+using ::std::vector;
+using bytevec = ::std::vector<uint8_t>;
+
+using namespace cppcose;
+using namespace keymaster;
+
+namespace {
+
+constexpr auto STATUS_FAILED = RemotelyProvisionedComponent::STATUS_FAILED;
+constexpr auto STATUS_INVALID_EEK = RemotelyProvisionedComponent::STATUS_INVALID_EEK;
+constexpr auto STATUS_INVALID_MAC = RemotelyProvisionedComponent::STATUS_INVALID_MAC;
+constexpr uint32_t kAffinePointLength = 32;
+struct AStatusDeleter {
+ void operator()(AStatus* p) { AStatus_delete(p); }
+};
+
+// TODO(swillden): Remove the dependency on AStatus stuff. The COSE lib should use something like
+// StatusOr, but it shouldn't depend on AStatus.
+class Status {
+ public:
+ Status() {}
+ Status(int32_t errCode, const std::string& errMsg)
+ : status_(AStatus_fromServiceSpecificErrorWithMessage(errCode, errMsg.c_str())) {}
+ explicit Status(const std::string& errMsg)
+ : status_(AStatus_fromServiceSpecificErrorWithMessage(STATUS_FAILED, errMsg.c_str())) {}
+ Status(AStatus* status) : status_(status) {}
+ Status(Status&&) = default;
+ Status(const Status&) = delete;
+
+ operator ::ndk::ScopedAStatus() && { return ndk::ScopedAStatus(status_.release()); }
+
+ bool isOk() { return !status_; }
+
+ // Don't call getMessage() unless isOk() returns false;
+ const char* getMessage() const { return AStatus_getMessage(status_.get()); }
+
+ private:
+ std::unique_ptr<AStatus, AStatusDeleter> status_;
+};
+
+template <typename T>
+class StatusOr {
+ public:
+ StatusOr(AStatus* status) : status_(status) {}
+ StatusOr(Status status) : status_(std::move(status)) {}
+ StatusOr(T val) : value_(std::move(val)) {}
+
+ bool isOk() { return status_.isOk(); }
+
+ T* operator->() & {
+ assert(isOk());
+ return &value_.value();
+ }
+ T& operator*() & {
+ assert(isOk());
+ return value_.value();
+ }
+ T&& operator*() && {
+ assert(isOk());
+ return std::move(value_).value();
+ }
+
+ const char* getMessage() const {
+ assert(!isOk());
+ return status_.getMessage();
+ }
+
+ Status moveError() {
+ assert(!isOk());
+ return std::move(status_);
+ }
+
+ T moveValue() { return std::move(value_).value(); }
+
+ private:
+ Status status_;
+ std::optional<T> value_;
+};
+
+StatusOr<std::pair<bytevec /* EEK pub */, bytevec /* EEK ID */>> validateAndExtractEekPubAndId(
+ bool testMode, const bytevec& endpointEncryptionCertChain) {
+ auto [item, newPos, errMsg] = cppbor::parse(endpointEncryptionCertChain);
+
+ if (!item || !item->asArray()) {
+ return Status("Error parsing EEK chain" + errMsg);
+ }
+
+ const cppbor::Array* certArr = item->asArray();
+ bytevec lastPubKey;
+ for (int i = 0; i < certArr->size(); ++i) {
+ auto cosePubKey = verifyAndParseCoseSign1(testMode, certArr->get(i)->asArray(),
+ std::move(lastPubKey), bytevec{} /* AAD */);
+ if (!cosePubKey) {
+ return Status(STATUS_INVALID_EEK,
+ "Failed to validate EEK chain: " + cosePubKey.moveMessage());
+ }
+ lastPubKey = *std::move(cosePubKey);
+ }
+
+ auto eek = CoseKey::parseX25519(lastPubKey, true /* requireKid */);
+ if (!eek) return Status(STATUS_INVALID_EEK, "Failed to get EEK: " + eek.moveMessage());
+
+ return std::make_pair(eek->getBstrValue(CoseKey::PUBKEY_X).value(),
+ eek->getBstrValue(CoseKey::KEY_ID).value());
+}
+
+StatusOr<bytevec /* pubkeys */> validateAndExtractPubkeys(bool testMode,
+ const vector<MacedPublicKey>& keysToSign,
+ const bytevec& macKey) {
+ auto pubKeysToMac = cppbor::Array();
+ for (auto& keyToSign : keysToSign) {
+ auto [macedKeyItem, _, coseMacErrMsg] = cppbor::parse(keyToSign.macedKey);
+ if (!macedKeyItem || !macedKeyItem->asArray() ||
+ macedKeyItem->asArray()->size() != kCoseMac0EntryCount) {
+ return Status("Invalid COSE_Mac0 structure");
+ }
+
+ auto protectedParms = macedKeyItem->asArray()->get(kCoseMac0ProtectedParams)->asBstr();
+ auto unprotectedParms = macedKeyItem->asArray()->get(kCoseMac0UnprotectedParams)->asBstr();
+ auto payload = macedKeyItem->asArray()->get(kCoseMac0Payload)->asBstr();
+ auto tag = macedKeyItem->asArray()->get(kCoseMac0Tag)->asBstr();
+ if (!protectedParms || !unprotectedParms || !payload || !tag) {
+ return Status("Invalid COSE_Mac0 contents");
+ }
+
+ auto [protectedMap, __, errMsg] = cppbor::parse(protectedParms);
+ if (!protectedMap || !protectedMap->asMap()) {
+ return Status("Invalid Mac0 protected: " + errMsg);
+ }
+ auto& algo = protectedMap->asMap()->get(ALGORITHM);
+ if (!algo || !algo->asInt() || algo->asInt()->value() != HMAC_256) {
+ return Status("Unsupported Mac0 algorithm");
+ }
+
+ auto pubKey = CoseKey::parse(payload->value(), EC2, ES256, P256);
+ if (!pubKey) return Status(pubKey.moveMessage());
+
+ bool testKey = static_cast<bool>(pubKey->getMap().get(CoseKey::TEST_KEY));
+ if (testMode && !testKey) {
+ return Status(BnRemotelyProvisionedComponent::STATUS_PRODUCTION_KEY_IN_TEST_REQUEST,
+ "Production key in test request");
+ } else if (!testMode && testKey) {
+ return Status(BnRemotelyProvisionedComponent::STATUS_TEST_KEY_IN_PRODUCTION_REQUEST,
+ "Test key in production request");
+ }
+
+ auto macTag = generateCoseMac0Mac(macKey, {} /* external_aad */, payload->value());
+ if (!macTag) return Status(STATUS_INVALID_MAC, macTag.moveMessage());
+ if (macTag->size() != tag->value().size() ||
+ CRYPTO_memcmp(macTag->data(), tag->value().data(), macTag->size()) != 0) {
+ return Status(STATUS_INVALID_MAC, "MAC tag mismatch");
+ }
+
+ pubKeysToMac.add(pubKey->moveMap());
+ }
+
+ return pubKeysToMac.encode();
+}
+
+StatusOr<std::pair<bytevec, bytevec>> buildCosePublicKeyFromKmCert(
+ const keymaster_blob_t* km_cert) {
+ if (km_cert == nullptr) {
+ return Status(STATUS_FAILED, "km_cert is a nullptr");
+ }
+ const uint8_t* temp = km_cert->data;
+ X509* cert = d2i_X509(NULL, &temp, km_cert->data_length);
+ if (cert == nullptr) {
+ return Status(STATUS_FAILED, "d2i_X509 returned null when attempting to get the cert.");
+ }
+ EVP_PKEY* pubKey = X509_get_pubkey(cert);
+ if (pubKey == nullptr) {
+ return Status(STATUS_FAILED, "Boringssl failed to get the public key from the cert");
+ }
+ EC_KEY* ecKey = EVP_PKEY_get0_EC_KEY(pubKey);
+ if (ecKey == nullptr) {
+ return Status(STATUS_FAILED,
+ "The key in the certificate returned from GenerateKey is not "
+ "an EC key.");
+ }
+ const EC_POINT* jacobian_coords = EC_KEY_get0_public_key(ecKey);
+ BIGNUM x;
+ BIGNUM y;
+ BN_CTX* ctx = BN_CTX_new();
+ if (ctx == nullptr) {
+ return Status(STATUS_FAILED, "Memory allocation failure for BN_CTX");
+ }
+ if (!EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ecKey), jacobian_coords, &x, &y,
+ ctx)) {
+ return Status(STATUS_FAILED, "Failed to get affine coordinates");
+ }
+ bytevec x_bytestring(kAffinePointLength);
+ bytevec y_bytestring(kAffinePointLength);
+ if (BN_bn2binpad(&x, x_bytestring.data(), kAffinePointLength) != kAffinePointLength) {
+ return Status(STATUS_FAILED, "Wrote incorrect number of bytes for x coordinate");
+ }
+ if (BN_bn2binpad(&y, y_bytestring.data(), kAffinePointLength) != kAffinePointLength) {
+ return Status(STATUS_FAILED, "Wrote incorrect number of bytes for y coordinate");
+ }
+ BN_CTX_free(ctx);
+ return std::make_pair(x_bytestring, y_bytestring);
+}
+
+cppbor::Array buildCertReqRecipients(const bytevec& pubkey, const bytevec& kid) {
+ return cppbor::Array() // Array of recipients
+ .add(cppbor::Array() // Recipient
+ .add(cppbor::Map() // Protected
+ .add(ALGORITHM, ECDH_ES_HKDF_256)
+ .canonicalize()
+ .encode())
+ .add(cppbor::Map() // Unprotected
+ .add(COSE_KEY, cppbor::Map()
+ .add(CoseKey::KEY_TYPE, OCTET_KEY_PAIR)
+ .add(CoseKey::CURVE, cppcose::X25519)
+ .add(CoseKey::PUBKEY_X, pubkey)
+ .canonicalize())
+ .add(KEY_ID, kid)
+ .canonicalize())
+ .add(cppbor::Null())); // No ciphertext
+}
+
+static keymaster_key_param_t kKeyMintEcdsaP256Params[] = {
+ Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN), Authorization(TAG_ALGORITHM, KM_ALGORITHM_EC),
+ Authorization(TAG_KEY_SIZE, 256), Authorization(TAG_DIGEST, KM_DIGEST_SHA_2_256),
+ Authorization(TAG_EC_CURVE, KM_EC_CURVE_P_256), Authorization(TAG_NO_AUTH_REQUIRED),
+ // The certificate generated by KM will be discarded, these values don't matter.
+ Authorization(TAG_CERTIFICATE_NOT_BEFORE, 0), Authorization(TAG_CERTIFICATE_NOT_AFTER, 0)};
+
+} // namespace
+
+RemotelyProvisionedComponent::RemotelyProvisionedComponent(
+ std::shared_ptr<keymint::AndroidKeyMintDevice> keymint) {
+ std::tie(devicePrivKey_, bcc_) = generateBcc();
+ impl_ = keymint->getKeymasterImpl();
+}
+
+RemotelyProvisionedComponent::~RemotelyProvisionedComponent() {}
+
+ScopedAStatus RemotelyProvisionedComponent::generateEcdsaP256KeyPair(bool testMode,
+ MacedPublicKey* macedPublicKey,
+ bytevec* privateKeyHandle) {
+ // TODO(jbires): The following should move from ->GenerateKey to ->GenerateRKPKey and everything
+ // after the GenerateKey call should basically be moved into that new function call
+ // as well once the issue with libcppbor in system/keymaster is sorted out
+ GenerateKeyRequest request(impl_->message_version());
+ request.key_description.Reinitialize(kKeyMintEcdsaP256Params,
+ array_length(kKeyMintEcdsaP256Params));
+ GenerateKeyResponse response(impl_->message_version());
+ impl_->GenerateKey(request, &response);
+ if (response.error != KM_ERROR_OK) {
+ return km_utils::kmError2ScopedAStatus(response.error);
+ }
+
+ if (response.certificate_chain.entry_count != 1) {
+ // Error: Need the single non-signed certificate with the public key in it.
+ return Status(STATUS_FAILED,
+ "Expected to receive a single certificate from GenerateKey. Instead got: " +
+ std::to_string(response.certificate_chain.entry_count));
+ }
+ auto affineCoords = buildCosePublicKeyFromKmCert(response.certificate_chain.begin());
+ if (!affineCoords.isOk()) return affineCoords.moveError();
+ cppbor::Map cosePublicKeyMap = cppbor::Map()
+ .add(CoseKey::KEY_TYPE, EC2)
+ .add(CoseKey::ALGORITHM, ES256)
+ .add(CoseKey::CURVE, cppcose::P256)
+ .add(CoseKey::PUBKEY_X, affineCoords->first)
+ .add(CoseKey::PUBKEY_Y, affineCoords->second);
+ if (testMode) {
+ cosePublicKeyMap.add(CoseKey::TEST_KEY, cppbor::Null());
+ }
+
+ bytevec cosePublicKey = cosePublicKeyMap.canonicalize().encode();
+
+ auto macedKey = constructCoseMac0(testMode ? remote_prov::kTestMacKey : macKey_,
+ {} /* externalAad */, cosePublicKey);
+ if (!macedKey) return Status(macedKey.moveMessage());
+
+ macedPublicKey->macedKey = macedKey->encode();
+ *privateKeyHandle = km_utils::kmBlob2vector(response.key_blob);
+ return ScopedAStatus::ok();
+}
+
+ScopedAStatus RemotelyProvisionedComponent::generateCertificateRequest(
+ bool testMode, const vector<MacedPublicKey>& keysToSign,
+ const bytevec& endpointEncCertChain, const bytevec& challenge, bytevec* keysToSignMac,
+ ProtectedData* protectedData) {
+ auto pubKeysToSign = validateAndExtractPubkeys(testMode, keysToSign,
+ testMode ? remote_prov::kTestMacKey : macKey_);
+ if (!pubKeysToSign.isOk()) return pubKeysToSign.moveError();
+
+ bytevec ephemeralMacKey = remote_prov::randomBytes(SHA256_DIGEST_LENGTH);
+
+ auto pubKeysToSignMac = generateCoseMac0Mac(ephemeralMacKey, bytevec{}, *pubKeysToSign);
+ if (!pubKeysToSignMac) return Status(pubKeysToSignMac.moveMessage());
+ *keysToSignMac = *std::move(pubKeysToSignMac);
+
+ bytevec devicePrivKey;
+ cppbor::Array bcc;
+ if (testMode) {
+ std::tie(devicePrivKey, bcc) = generateBcc();
+ } else {
+ devicePrivKey = devicePrivKey_;
+ bcc = bcc_.clone();
+ }
+
+ auto signedMac = constructCoseSign1(devicePrivKey /* Signing key */, //
+ ephemeralMacKey /* Payload */,
+ cppbor::Array() /* AAD */
+ .add(challenge)
+ .add(createDeviceInfo())
+ .encode());
+ if (!signedMac) return Status(signedMac.moveMessage());
+
+ bytevec ephemeralPrivKey(X25519_PRIVATE_KEY_LEN);
+ bytevec ephemeralPubKey(X25519_PUBLIC_VALUE_LEN);
+ X25519_keypair(ephemeralPubKey.data(), ephemeralPrivKey.data());
+
+ auto eek = validateAndExtractEekPubAndId(testMode, endpointEncCertChain);
+ if (!eek.isOk()) return eek.moveError();
+
+ auto sessionKey = x25519_HKDF_DeriveKey(ephemeralPubKey, ephemeralPrivKey, eek->first,
+ true /* senderIsA */);
+ if (!sessionKey) return Status(sessionKey.moveMessage());
+
+ auto coseEncrypted =
+ constructCoseEncrypt(*sessionKey, remote_prov::randomBytes(kAesGcmNonceLength),
+ cppbor::Array() // payload
+ .add(signedMac.moveValue())
+ .add(std::move(bcc))
+ .encode(),
+ {}, // aad
+ buildCertReqRecipients(ephemeralPubKey, eek->second));
+
+ if (!coseEncrypted) return Status(coseEncrypted.moveMessage());
+ protectedData->protectedData = coseEncrypted->encode();
+
+ return ScopedAStatus::ok();
+}
+
+bytevec RemotelyProvisionedComponent::deriveBytesFromHbk(const string& context,
+ size_t numBytes) const {
+ bytevec fakeHbk(32, 0);
+ bytevec result(numBytes);
+
+ // TODO(swillden): Figure out if HKDF can fail. It doesn't seem like it should be able to,
+ // but the function does return an error code.
+ HKDF(result.data(), numBytes, //
+ EVP_sha256(), //
+ fakeHbk.data(), fakeHbk.size(), //
+ nullptr /* salt */, 0 /* salt len */, //
+ reinterpret_cast<const uint8_t*>(context.data()), context.size());
+
+ return result;
+}
+
+bytevec RemotelyProvisionedComponent::createDeviceInfo() const {
+ return cppbor::Map().encode();
+}
+
+std::pair<bytevec /* privKey */, cppbor::Array /* BCC */>
+RemotelyProvisionedComponent::generateBcc() {
+ bytevec privKey(ED25519_PRIVATE_KEY_LEN);
+ bytevec pubKey(ED25519_PUBLIC_KEY_LEN);
+
+ ED25519_keypair(pubKey.data(), privKey.data());
+
+ auto coseKey = cppbor::Map()
+ .add(CoseKey::KEY_TYPE, OCTET_KEY_PAIR)
+ .add(CoseKey::ALGORITHM, EDDSA)
+ .add(CoseKey::CURVE, ED25519)
+ .add(CoseKey::KEY_OPS, VERIFY)
+ .add(CoseKey::PUBKEY_X, pubKey)
+ .canonicalize()
+ .encode();
+ auto sign1Payload = cppbor::Map()
+ .add(1 /* Issuer */, "Issuer")
+ .add(2 /* Subject */, "Subject")
+ .add(-4670552 /* Subject Pub Key */, coseKey)
+ .add(-4670553 /* Key Usage */,
+ std::vector<uint8_t>(0x05) /* Big endian order */)
+ .canonicalize()
+ .encode();
+ auto coseSign1 = constructCoseSign1(privKey, /* signing key */
+ cppbor::Map(), /* extra protected */
+ sign1Payload, {} /* AAD */);
+ assert(coseSign1);
+
+ return {privKey, cppbor::Array().add(coseKey).add(coseSign1.moveValue())};
+}
+
+} // namespace aidl::android::hardware::security::keymint
diff --git a/security/keymint/aidl/default/RemotelyProvisionedComponent.h b/security/keymint/aidl/default/RemotelyProvisionedComponent.h
new file mode 100644
index 0000000..e8d2343
--- /dev/null
+++ b/security/keymint/aidl/default/RemotelyProvisionedComponent.h
@@ -0,0 +1,57 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <AndroidKeyMintDevice.h>
+#include <aidl/android/hardware/security/keymint/BnRemotelyProvisionedComponent.h>
+#include <aidl/android/hardware/security/keymint/SecurityLevel.h>
+#include <cppbor.h>
+#include <keymaster/UniquePtr.h>
+#include <keymaster/android_keymaster.h>
+
+namespace aidl::android::hardware::security::keymint {
+
+using ::ndk::ScopedAStatus;
+
+class RemotelyProvisionedComponent : public BnRemotelyProvisionedComponent {
+ public:
+ explicit RemotelyProvisionedComponent(std::shared_ptr<keymint::AndroidKeyMintDevice> keymint);
+ virtual ~RemotelyProvisionedComponent();
+
+ ScopedAStatus generateEcdsaP256KeyPair(bool testMode, MacedPublicKey* macedPublicKey,
+ std::vector<uint8_t>* privateKeyHandle) override;
+
+ ScopedAStatus generateCertificateRequest(bool testMode,
+ const std::vector<MacedPublicKey>& keysToSign,
+ const std::vector<uint8_t>& endpointEncCertChain,
+ const std::vector<uint8_t>& challenge,
+ std::vector<uint8_t>* keysToSignMac,
+ ProtectedData* protectedData) override;
+
+ private:
+ // TODO(swillden): Move these into an appropriate Context class.
+ std::vector<uint8_t> deriveBytesFromHbk(const std::string& context, size_t numBytes) const;
+ std::vector<uint8_t> createDeviceInfo() const;
+ std::pair<std::vector<uint8_t>, cppbor::Array> generateBcc();
+
+ std::vector<uint8_t> macKey_ = deriveBytesFromHbk("Key to MAC public keys", 32);
+ std::vector<uint8_t> devicePrivKey_;
+ cppbor::Array bcc_;
+ std::shared_ptr<::keymaster::AndroidKeymaster> impl_;
+};
+
+} // namespace aidl::android::hardware::security::keymint
diff --git a/security/keymint/aidl/default/android.hardware.security.keymint-service.xml b/security/keymint/aidl/default/android.hardware.security.keymint-service.xml
index 73d15a8..4aa05ef 100644
--- a/security/keymint/aidl/default/android.hardware.security.keymint-service.xml
+++ b/security/keymint/aidl/default/android.hardware.security.keymint-service.xml
@@ -3,4 +3,8 @@
<name>android.hardware.security.keymint</name>
<fqname>IKeyMintDevice/default</fqname>
</hal>
+ <hal format="aidl">
+ <name>android.hardware.security.keymint</name>
+ <fqname>IRemotelyProvisionedComponent/default</fqname>
+ </hal>
</manifest>
diff --git a/security/keymint/aidl/default/service.cpp b/security/keymint/aidl/default/service.cpp
index 75b394e..bcebbaf 100644
--- a/security/keymint/aidl/default/service.cpp
+++ b/security/keymint/aidl/default/service.cpp
@@ -25,7 +25,10 @@
#include <AndroidSharedSecret.h>
#include <keymaster/soft_keymaster_logger.h>
+#include "RemotelyProvisionedComponent.h"
+
using aidl::android::hardware::security::keymint::AndroidKeyMintDevice;
+using aidl::android::hardware::security::keymint::RemotelyProvisionedComponent;
using aidl::android::hardware::security::keymint::SecurityLevel;
using aidl::android::hardware::security::secureclock::AndroidSecureClock;
using aidl::android::hardware::security::sharedsecret::AndroidSharedSecret;
@@ -45,7 +48,6 @@
// Zero threads seems like a useless pool, but below we'll join this thread to it, increasing
// the pool size to 1.
ABinderProcess_setThreadPoolMaxThreadCount(0);
-
// Add Keymint Service
std::shared_ptr<AndroidKeyMintDevice> keyMint =
addService<AndroidKeyMintDevice>(SecurityLevel::SOFTWARE);
@@ -53,6 +55,8 @@
addService<AndroidSecureClock>(keyMint);
// Add Shared Secret Service
addService<AndroidSharedSecret>(keyMint);
+ // Add Remotely Provisioned Component Service
+ addService<RemotelyProvisionedComponent>(keyMint);
ABinderProcess_joinThreadPool();
return EXIT_FAILURE; // should not reach
}