Adding the factory extraction binary
This binary gets added to the system image under
/bin/rkp_factory_extraction_tool. The purpose of this tool is to query
every IRemotelyProvisionedComponent interface in the device manifest and
print out a CertificateRequest to stdout for each interface.
The CertificateRequest will contain no keys to sign and a semantically
useless challenge, since this tool is just for key upload. The items of
value will be the DeviceInfo CBOR blob which will get associated with
the encrypted device public key once it is uploaded to the backing
servers and decrypted.
The tool will fail if it is unable to successfully query an
IRemotelyProvisionedComponent interface that is specified in the device
manifest file.
Test: Build and run
Change-Id: Ia82787749be5963567019f6523075100208aa101
diff --git a/provisioner/Android.bp b/provisioner/Android.bp
index d3f06fe..12a21d1 100644
--- a/provisioner/Android.bp
+++ b/provisioner/Android.bp
@@ -51,3 +51,19 @@
"android.security.provisioner-java",
],
}
+
+cc_binary {
+ name: "rkp_factory_extraction_tool",
+ srcs: ["rkp_factory_extraction_tool.cpp"],
+ shared_libs: [
+ "android.hardware.security.keymint-V1-ndk_platform",
+ "libbinder",
+ "libbinder_ndk",
+ "libcppbor_external",
+ "libcppcose_rkp",
+ "libcrypto",
+ "liblog",
+ "libvintf",
+ ],
+ //export_include_dirs: ["include"],
+}