Define and implement a service for key management in CompOS.
This is based on the interface prototyped in
system/security/ondevice-signing/FakeCompOs.h.
For now, to allow manual testing, this is a standalone binary.
Bug: 191763370
Test: Builds.
Change-Id: I307ba9144fa51cca7ebee2142980f3a1cd436ef2
diff --git a/compos/aidl/Android.bp b/compos/aidl/Android.bp
index 3639775..07bec09 100644
--- a/compos/aidl/Android.bp
+++ b/compos/aidl/Android.bp
@@ -15,5 +15,10 @@
"com.android.compos",
],
},
+ ndk: {
+ apex_available: [
+ "com.android.virt",
+ ],
+ },
},
}
diff --git a/compos/aidl/com/android/compos/CompOsKeyData.aidl b/compos/aidl/com/android/compos/CompOsKeyData.aidl
new file mode 100644
index 0000000..381ec0d
--- /dev/null
+++ b/compos/aidl/com/android/compos/CompOsKeyData.aidl
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.compos;
+
+/** {@hide} */
+parcelable CompOsKeyData {
+ /**
+ * Self-signed certificate (X.509 DER) containing the public key.
+ */
+ byte[] certificate;
+
+ /**
+ * Opaque encrypted blob containing the private key and related metadata.
+ */
+ byte[] keyBlob;
+}
diff --git a/compos/aidl/com/android/compos/ICompOsKeyService.aidl b/compos/aidl/com/android/compos/ICompOsKeyService.aidl
new file mode 100644
index 0000000..2ddae58
--- /dev/null
+++ b/compos/aidl/com/android/compos/ICompOsKeyService.aidl
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.compos;
+
+import com.android.compos.CompOsKeyData;
+
+/** {@hide} */
+interface ICompOsKeyService {
+ /**
+ * Generate a new public/private key pair suitable for signing CompOs output files.
+ *
+ * @return a certificate for the public key and the encrypted private key
+ */
+ CompOsKeyData generateSigningKey();
+
+ /**
+ * Check that the supplied encrypted private key is valid for signing CompOs output files, and
+ * corresponds to the public key.
+ *
+ * @param keyBlob The encrypted blob containing the private key, as returned by
+ * generateSigningKey().
+ * @param publicKey The public key, as a DER encoded RSAPublicKey (RFC 3447 Appendix-A.1.1).
+ * @return whether the inputs are valid and correspond to each other.
+ */
+ boolean verifySigningKey(in byte[] keyBlob, in byte[] publicKey);
+}