Google Git
Sign in
android / platform / external / nos / host / android / ad2f39394ce7756e14e741d04ac4370036e93f56
commitad2f39394ce7756e14e741d04ac4370036e93f56[log] [tgz]
authornagendra modadugu <ngm@google.com>Mon Jul 23 16:53:54 2018 -0700
committernagendra modadugu <ngm@google.com>Mon Jul 23 17:01:23 2018 -0700
treecf1d2243e2317743859f02ee5b7601d6cfab526b
parentd64669a969f171e68649a7d5ad2b60468fc24297 [diff]
parentc33f79118d6980b9b1bae5183067f0868cc6102d [diff]
Merge remote-tracking branch 'goog/upstream-master' into ngm-nos-merge-upstream

* goog/upstream-master:
  keymaster: refactor batch cert constants
  [keymaster] Select attestation certificate chain based on hint
  [keymaster] Switch to prod/dvt attestation keys

Bug: 111761046
Change-Id: I231a4fb8e13de1230e42c51aabfe03eb6ada7ed4
tree: cf1d2243e2317743859f02ee5b7601d6cfab526b
  1. citadel/
  2. hals/
  3. manual_tests/
  4. Android.bp
  5. LICENSE
  6. METADATA
  7. MODULE_LICENSE_APACHE2
  8. NOTICE
  9. README.md
README.md

Android components for Nugget

Android communicates with Nugget apps in order to implement security related HALs. Currently, those HALs are Keymaster, Weaver and OemLock.

Services

Apps that define a protobuf service will have an app interface class autogenerated. These classes will wrap a NuggetClient. The generator can be found in the generator directory.

Asynchronous communication

Work in progress.

Currently, everything is synchronous and just exposes the call_application() function from the Nugget transport API. In future, asynchronous calls may be desired. Support for this could be added in:

  • Nugget transport API
  • NuggetClient on top of call_application()
  • Generated services

citadel

This directory contains the components to support Citadel connected to Android.