diff options
author | Alan Stokes <alanstokes@google.com> | 2023-11-28 17:19:33 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2023-11-28 17:19:33 +0000 |
commit | 593d568d83eb00f37c2c415199761111ab550114 (patch) | |
tree | a6db87a2b2c2b6c18ec95379a965522bec189b37 | |
parent | fc30075f25c8c58f64693301ae60e4d681c3d51d (diff) | |
parent | 5f90aa464b387494819fc3f984550863d1152463 (diff) | |
download | open-dice-593d568d83eb00f37c2c415199761111ab550114.tar.gz |
Merge upstream changes am: 28e80a8911 am: 5f90aa464b
Original change: https://android-review.googlesource.com/c/platform/external/open-dice/+/2841613
Change-Id: Ib4dffbe17e9e69954f1d0068364bbd79fbdaac2d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
-rw-r--r-- | docs/android.md | 23 | ||||
-rw-r--r-- | include/dice/android.h | 1 | ||||
-rw-r--r-- | src/android.c | 20 | ||||
-rw-r--r-- | src/android_test.cc | 16 | ||||
-rw-r--r-- | src/boringssl_p384_ops.c | 3 | ||||
-rw-r--r-- | src/cbor_p384_cert_op.c | 2 |
6 files changed, 48 insertions, 17 deletions
diff --git a/docs/android.md b/docs/android.md index fd65f12..6398996 100644 --- a/docs/android.md +++ b/docs/android.md @@ -82,6 +82,29 @@ Component name | -70002 | tstr | Name of the component Component version | -70003 | int / tstr | Version of the component Resettable | -70004 | null | If present, key changes on factory reset Security version | -70005 | uint | Machine-comparable, monotonically increasing version of the component where a greater value indicates a newer version, for example, the anti-rollback counter +[RKP VM][rkp-vm] marker | -70006 | null | If present, the component can take part in running a VM that can receive an attestation certificate from an [RKP Service][rkp-service]. + +[rkp-vm]: https://android.googlesource.com/platform/packages/modules/Virtualization/+/main/service_vm/README.md#rkp-vm-remote-key-provisioning-virtual-machine +[rkp-service]: https://source.android.com/docs/core/ota/modular-system/remote-key-provisioning#stack-architecture + +### RKP VM + +The RKP VM marker is used to distinguish the RKP VM from other components. + +When parsing a DICE chain compliant with this profile, there are multiple types +of components that may be described by a given chain: +1. RKP VM: If a DICE chain has zero or more certificates without the RKP VM + marker followed by one or more certificates with the marker, then that chain + describes an RKP VM. If there are further certificates without the RKP VM + marker, then the chain does not describe an RKP VM. + + Implementations must include the first RPK VM marker as early as possible + after the point of divergence between TEE and non-TEE components in the DICE + chain, prior to loading the Android Bootloader (ABL). +2. A TEE Component (e.g. KeyMint): If there are no certificates with the RKP VM + marker then it describes a TEE component. +3. Other: Any component described by a DICE chain that does not match the above + two categories. ### Versions diff --git a/include/dice/android.h b/include/dice/android.h index 7a64cc6..7ca1df8 100644 --- a/include/dice/android.h +++ b/include/dice/android.h @@ -27,6 +27,7 @@ extern "C" { #define DICE_ANDROID_CONFIG_COMPONENT_VERSION (1 << 1) #define DICE_ANDROID_CONFIG_RESETTABLE (1 << 2) #define DICE_ANDROID_CONFIG_SECURITY_VERSION (1 << 3) +#define DICE_ANDROID_CONFIG_RKP_VM_MARKER (1 << 4) // Contains the input values used to construct the Android Profile for DICE // configuration descriptor. The fields to include in the configuration diff --git a/src/android.c b/src/android.c index 39ee7d0..cf540db 100644 --- a/src/android.c +++ b/src/android.c @@ -37,7 +37,8 @@ DiceResult DiceAndroidFormatConfigDescriptor( static const int64_t kComponentNameLabel = -70002; static const int64_t kComponentVersionLabel = -70003; static const int64_t kResettableLabel = -70004; - static const int64_t kSecurityVersion = -70005; + static const int64_t kSecurityVersionLabel = -70005; + static const int64_t kRkpVmMarkerLabel = -70006; // AndroidConfigDescriptor = { // ? -70002 : tstr, ; Component name @@ -61,9 +62,13 @@ DiceResult DiceAndroidFormatConfigDescriptor( CborWriteNull(&out); } if (config_values->configs & DICE_ANDROID_CONFIG_SECURITY_VERSION) { - CborWriteInt(kSecurityVersion, &out); + CborWriteInt(kSecurityVersionLabel, &out); CborWriteUint(config_values->security_version, &out); } + if (config_values->configs & DICE_ANDROID_CONFIG_RKP_VM_MARKER) { + CborWriteInt(kRkpVmMarkerLabel, &out); + CborWriteNull(&out); + } *actual_size = CborOutSize(&out); if (CborOutOverflowed(&out)) { return kDiceResultBufferTooSmall; @@ -117,22 +122,23 @@ DiceResult DiceAndroidMainFlow(void* context, struct CborOut out; CborOutInit(buffer, buffer_size, &out); CborWriteArray(chain_item_count + 1, &out); + size_t new_chain_prefix_size = CborOutSize(&out); if (CborOutOverflowed(&out) || - chain_items_size > buffer_size - CborOutSize(&out)) { + chain_items_size > buffer_size - new_chain_prefix_size) { // Continue with an empty buffer to measure the required size. buffer_size = 0; } else { - memcpy(buffer + CborOutSize(&out), chain + chain_items_offset, + memcpy(buffer + new_chain_prefix_size, chain + chain_items_offset, chain_items_size); - buffer += CborOutSize(&out) + chain_items_size; - buffer_size -= CborOutSize(&out) + chain_items_size; + buffer += new_chain_prefix_size + chain_items_size; + buffer_size -= new_chain_prefix_size + chain_items_size; } size_t certificate_size; result = DiceMainFlow(context, current_cdi_attest, current_cdi_seal, input_values, buffer_size, buffer, &certificate_size, next_cdi_attest, next_cdi_seal); - *actual_size = CborOutSize(&out) + chain_items_size + certificate_size; + *actual_size = new_chain_prefix_size + chain_items_size + certificate_size; return result; } diff --git a/src/android_test.cc b/src/android_test.cc index c90bed1..86e1cb5 100644 --- a/src/android_test.cc +++ b/src/android_test.cc @@ -45,7 +45,8 @@ TEST(DiceAndroidConfigTest, AllConfigFields) { .configs = DICE_ANDROID_CONFIG_COMPONENT_NAME | DICE_ANDROID_CONFIG_COMPONENT_VERSION | DICE_ANDROID_CONFIG_RESETTABLE | - DICE_ANDROID_CONFIG_SECURITY_VERSION, + DICE_ANDROID_CONFIG_SECURITY_VERSION | + DICE_ANDROID_CONFIG_RKP_VM_MARKER, .component_name = "Test Component Name", .component_version = 0x232a13dec90f42b5, .security_version = 0xfab777c1, @@ -56,16 +57,17 @@ TEST(DiceAndroidConfigTest, AllConfigFields) { EXPECT_EQ(kDiceResultBufferTooSmall, result); std::vector<uint8_t> buffer(buffer_size); const uint8_t expected[] = { - 0xa4, 0x3a, 0x00, 0x01, 0x11, 0x71, 0x73, 'T', 'e', 's', 't', ' ', - 'C', 'o', 'm', 'p', 'o', 'n', 'e', 'n', 't', ' ', 'N', 'a', - 'm', 'e', 0x3a, 0x00, 0x01, 0x11, 0x72, 0x1b, 0x23, 0x2a, 0x13, 0xde, - 0xc9, 0x0f, 0x42, 0xb5, 0x3a, 0x00, 0x01, 0x11, 0x73, 0xf6, 0x3a, 0x00, - 0x01, 0x11, 0x74, 0x1a, 0xfa, 0xb7, 0x77, 0xc1}; + 0xa5, 0x3a, 0x00, 0x01, 0x11, 0x71, 0x73, 'T', 'e', 's', 't', + ' ', 'C', 'o', 'm', 'p', 'o', 'n', 'e', 'n', 't', ' ', + 'N', 'a', 'm', 'e', 0x3a, 0x00, 0x01, 0x11, 0x72, 0x1b, 0x23, + 0x2a, 0x13, 0xde, 0xc9, 0x0f, 0x42, 0xb5, 0x3a, 0x00, 0x01, 0x11, + 0x73, 0xf6, 0x3a, 0x00, 0x01, 0x11, 0x74, 0x1a, 0xfa, 0xb7, 0x77, + 0xc1, 0x3a, 0x00, 0x01, 0x11, 0x75, 0xf6}; EXPECT_EQ(sizeof(expected), buffer.size()); result = DiceAndroidFormatConfigDescriptor(&config_values, buffer.size(), buffer.data(), &buffer_size); EXPECT_EQ(sizeof(expected), buffer_size); - EXPECT_EQ(0, memcmp(expected, buffer.data(), buffer.size())); + EXPECT_EQ(0, memcmp(expected, buffer.data(), sizeof(expected))); } TEST(DiceAndroidTest, PreservesPreviousEntries) { diff --git a/src/boringssl_p384_ops.c b/src/boringssl_p384_ops.c index ca5e88b..d5a0d0c 100644 --- a/src/boringssl_p384_ops.c +++ b/src/boringssl_p384_ops.c @@ -12,8 +12,7 @@ // License for the specific language governing permissions and limitations under // the License. -// This is an implementation of the crypto operations that uses boringssl. The -// algorithms used are SHA512, HKDF-SHA512, and Ed25519-SHA512. +// This is an implementation of P-384 signature operations using boringssl. #include <stdint.h> #include <stdio.h> diff --git a/src/cbor_p384_cert_op.c b/src/cbor_p384_cert_op.c index a263573..8e9df7a 100644 --- a/src/cbor_p384_cert_op.c +++ b/src/cbor_p384_cert_op.c @@ -13,7 +13,7 @@ // the License. // This is a DiceGenerateCertificate implementation that generates a CWT-style -// CBOR certificate using the ED25519-SHA512 signature scheme. +// CBOR certificate using the P-384 signature algorithm. #include <stddef.h> #include <stdint.h> |