Merge "Update the UdsCertChain comment to reflect the latest recommendation." into main am: 9471625f69
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/3207215
Change-Id: I35335952f59f2c90204c0b38628d94df27913e70
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl b/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl
index 3c43238..40cf685 100644
--- a/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl
+++ b/security/rkp/aidl/android/hardware/security/keymint/generateCertificateRequestV2.cddl
@@ -62,9 +62,13 @@
SignerName = tstr
UdsCertChain = [
- 2* X509Certificate ; Root -> ... -> Leaf. "Root" is the vendor self-signed
- ; cert, "Leaf" contains UDS_Public. There may also be
- ; intermediate certificates between Root and Leaf.
+ + X509Certificate ; Root -> ... -> Leaf. "Root" is the vendor self-signed
+ ; cert, "Leaf" contains UDS_Public. It's recommended to
+ ; have at least 3 certificates in the chain.
+ ; The Root certificate is recommended to be generated in an air-gapped,
+ ; HSM-based secure environment. The intermediate signing keys may be
+ ; online, and should be rotated regularly (e.g. annually). Additionally,
+ ; the intermediate certificates may contain product family identifiers.
]
; A bstr containing a DER-encoded X.509 certificate (RSA, NIST P-curve, or EdDSA)