diff options
author | Janis Danisevskis <jdanis@google.com> | 2021-01-05 09:15:57 -0800 |
---|---|---|
committer | Janis Danisevskis <jdanis@google.com> | 2021-01-14 10:19:28 -0800 |
commit | 6251827cda9b256e1c9c00add6fb4bebfe70a026 (patch) | |
tree | d456bb84dfc924bdb6dc356dcb9607be4d521ab6 /security/secureclock/aidl | |
parent | 600b7775ef945b70b211d67bf2a3285a0071c252 (diff) | |
download | platform_hardware_interfaces-6251827cda9b256e1c9c00add6fb4bebfe70a026.tar.gz platform_hardware_interfaces-6251827cda9b256e1c9c00add6fb4bebfe70a026.tar.bz2 platform_hardware_interfaces-6251827cda9b256e1c9c00add6fb4bebfe70a026.zip |
KeyMint/SecureClock: Reverse dependency between keymint and secureclock.
This patch removes verifyAuthorization from the KeyMint spec in favor of
secureclock and the TimeStampToken. Timestamp has moved to secureclock
and the VerificationToken was removed from keymint. This reverses the
dependency between keymint and secureclock because keymint no imports
TimeStampToken and Timestamp from secureclock.
Test: Tested with CtsVerifier Fingerprint bound keys test.
Change-Id: I4e0bde0d77e74918e2b5483c30be8057417e3bf1
Diffstat (limited to 'security/secureclock/aidl')
5 files changed, 53 insertions, 12 deletions
diff --git a/security/secureclock/aidl/Android.bp b/security/secureclock/aidl/Android.bp index 7d26a9bd58..5a6d7ae538 100644 --- a/security/secureclock/aidl/Android.bp +++ b/security/secureclock/aidl/Android.bp @@ -5,9 +5,6 @@ aidl_interface { "android/hardware/security/secureclock/*.aidl", ], stability: "vintf", - imports: [ - "android.hardware.security.keymint", - ], backend: { java: { sdk_version: "module_current", diff --git a/security/secureclock/aidl/aidl_api/android.hardware.security.secureclock/current/android/hardware/security/secureclock/TimeStampToken.aidl b/security/secureclock/aidl/aidl_api/android.hardware.security.secureclock/current/android/hardware/security/secureclock/TimeStampToken.aidl index c23ddca2c9..51b1824da1 100644 --- a/security/secureclock/aidl/aidl_api/android.hardware.security.secureclock/current/android/hardware/security/secureclock/TimeStampToken.aidl +++ b/security/secureclock/aidl/aidl_api/android.hardware.security.secureclock/current/android/hardware/security/secureclock/TimeStampToken.aidl @@ -20,7 +20,6 @@ package android.hardware.security.secureclock; @VintfStability parcelable TimeStampToken { long challenge; - android.hardware.security.keymint.Timestamp timestamp; - android.hardware.security.keymint.SecurityLevel securityLevel; + android.hardware.security.secureclock.Timestamp timestamp; byte[] mac; } diff --git a/security/secureclock/aidl/aidl_api/android.hardware.security.secureclock/current/android/hardware/security/secureclock/Timestamp.aidl b/security/secureclock/aidl/aidl_api/android.hardware.security.secureclock/current/android/hardware/security/secureclock/Timestamp.aidl new file mode 100644 index 0000000000..50b8b9ff13 --- /dev/null +++ b/security/secureclock/aidl/aidl_api/android.hardware.security.secureclock/current/android/hardware/security/secureclock/Timestamp.aidl @@ -0,0 +1,23 @@ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.hardware.security.secureclock; +@VintfStability +parcelable Timestamp { + long milliSeconds; +} diff --git a/security/secureclock/aidl/android/hardware/security/secureclock/TimeStampToken.aidl b/security/secureclock/aidl/android/hardware/security/secureclock/TimeStampToken.aidl index 76a2d28780..b24d3355e5 100644 --- a/security/secureclock/aidl/android/hardware/security/secureclock/TimeStampToken.aidl +++ b/security/secureclock/aidl/android/hardware/security/secureclock/TimeStampToken.aidl @@ -16,8 +16,7 @@ package android.hardware.security.secureclock; -import android.hardware.security.keymint.SecurityLevel; -import android.hardware.security.keymint.Timestamp; +import android.hardware.security.secureclock.Timestamp; /** * TimeStampToken instances are used for secure environments that requires secure time information. @@ -36,11 +35,6 @@ parcelable TimeStampToken { Timestamp timestamp; /** - * SecurityLevel of the secure environment that generated the token. - */ - SecurityLevel securityLevel; - - /** * 32-byte HMAC-SHA256 of the above values, computed as: * * HMAC(H, diff --git a/security/secureclock/aidl/android/hardware/security/secureclock/Timestamp.aidl b/security/secureclock/aidl/android/hardware/security/secureclock/Timestamp.aidl new file mode 100644 index 0000000000..7bd1f9eab1 --- /dev/null +++ b/security/secureclock/aidl/android/hardware/security/secureclock/Timestamp.aidl @@ -0,0 +1,28 @@ +/* + * Copyright 2020 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.hardware.security.secureclock; + +/** + * Time in milliseconds since some arbitrary point in time. Time must be monotonically increasing, + * and a secure environment's notion of "current time" must not repeat until the Android device + * reboots, or until at least 50 million years have elapsed (note that this requirement is satisfied + * by setting the clock to zero during each boot, and then counting time accurately). + */ +@VintfStability +parcelable Timestamp { + long milliSeconds; +} |