Merge remote-tracking branch 'goog/upstream-master' into citadel-ba9f1d086 * goog/upstream-master: keymaster: remove unused buffer and blockMode fields AuthSecret: fix update reboot logic Keymaster HAL: fixed stoi exception. keymaster: rpc scaffolding for attestation keymaster: add rsa and ec support to update() keymaster: add buffering layer Add NOTICE files to get copyright info published NUGGET_PARAM_ENABLE_UPDATE tells us whether it worked or not Fix build breakage on pi-dev-plus-aosp-without-vendor Keymaster HAL: Fix the format of the OS version. Bug: 109864210 Test: Update, boot, set and unlock with PIN Change-Id: Iac8bc0aeff1a5f8ff9fa522ec45048bfc66b0bc2
Android communicates with Nugget apps in order to implement security related HALs. Currently, those HALs are Keymaster, Weaver and OemLock.
Apps that define a protobuf service will have an app interface class autogenerated. These classes will wrap a NuggetClient. The generator can be found in the generator directory.
Work in progress.
Currently, everything is synchronous and just exposes the call_application() function from the Nugget transport API. In future, asynchronous calls may be desired. Support for this could be added in:
NuggetClient on top of call_application()citadelThis directory contains the components to support Citadel connected to Android.