commit be32113307d67f54e594e5322f85b65e4e2c4fdb
author Seth Moore <sethmo@google.com> Tue Jan 25 22:44:24 2022 +0000
committer Seth Moore <sethmo@google.com> Tue Jan 25 22:44:24 2022 +0000
tree a9b8786c217a28e6c47f127ae518109cc98c3a41
parent b5b69f0e009388fccb000a9a8aac5a38dbbd2726

Revert "Add remote key provisioning to the IC HAL"

Revert "Add dependency on keymint cpp lib"

Revert "Allow default identity service to call keymint"

Revert submission 1956689-add rkp to identity-default

Reason for revert: Broke git-master. Will resubmit later.
Reverted Changes:
I96dcf3027:Add remote key provisioning to the IC HAL
Id686ac33a:Add dependency on keymint cpp lib
Ib368a2a00:Log to logd in the default identity service
I7d2906de0:Refactor IC support for RKP
Iae0f14f1c:Fix formatting of identity credential aidl
I01d086a4b:Allow default identity service to call keymint

Change-Id: I76a898c04090c5befe5fb5a5d07ec2e397fdd8b3

identity/aidl/default/FakeSecureHardwareProxy.cpp

diff --git a/identity/aidl/default/FakeSecureHardwareProxy.cpp b/identity/aidl/default/FakeSecureHardwareProxy.cpp
index 9b9a749..91e634c 100644
--- a/identity/aidl/default/FakeSecureHardwareProxy.cpp
+++ b/identity/aidl/default/FakeSecureHardwareProxy.cpp
@@ -155,11 +155,7 @@
     size_t publicKeyCertSize = sizeof publicKeyCert;
     if (!eicProvisioningCreateCredentialKey(&ctx_, challenge.data(), challenge.size(),
                                             applicationId.data(), applicationId.size(),
-                                            /*attestationKeyBlob=*/nullptr,
-                                            /*attestationKeyBlobSize=*/0,
-                                            /*attestationKeyCert=*/nullptr,
-                                            /*attestationKeyCertSize=*/0, publicKeyCert,
-                                            &publicKeyCertSize)) {
+                                            publicKeyCert, &publicKeyCertSize)) {
         return std::nullopt;
     }
     vector<uint8_t> pubKeyCert(publicKeyCertSize);
@@ -167,23 +163,6 @@
     return pubKeyCert;
 }
 
-optional<vector<uint8_t>> FakeSecureHardwareProvisioningProxy::createCredentialKeyUsingRkp(
-        const vector<uint8_t>& challenge, const vector<uint8_t>& applicationId,
-        const vector<uint8_t>& attestationKeyBlob, const vector<uint8_t>& attstationKeyCert) {
-    size_t publicKeyCertSize = 4096;
-    vector<uint8_t> publicKeyCert(publicKeyCertSize);
-    if (!eicProvisioningCreateCredentialKey(&ctx_, challenge.data(), challenge.size(),
-                                            applicationId.data(), applicationId.size(),
-                                            attestationKeyBlob.data(), attestationKeyBlob.size(),
-                                            attstationKeyCert.data(), attstationKeyCert.size(),
-                                            publicKeyCert.data(), &publicKeyCertSize)) {
-        LOG(ERROR) << "error creating credential key";
-        return std::nullopt;
-    }
-    publicKeyCert.resize(publicKeyCertSize);
-    return publicKeyCert;
-}
-
 bool FakeSecureHardwareProvisioningProxy::startPersonalization(
         int accessControlProfileCount, const vector<int>& entryCounts, const string& docType,
         size_t expectedProofOfProvisioningSize) {