commit | b123d9c6910631856f78c2965ad5878b3d1e027c | [log] [tgz] |
---|---|---|
author | Andrew Scull <ascull@google.com> | Thu Jun 07 17:39:10 2018 +0100 |
committer | Andrew Scull <ascull@google.com> | Thu Jun 07 17:39:10 2018 +0100 |
tree | 6cfb5e13f7e1a6cc888781af89499544b2f294f7 | |
parent | e93ae18f11ae11a3fc0c743bc4ce673cfe7fb25d [diff] | |
parent | 3e864353764fcc44f9fc8e81b257b486cc249b44 [diff] |
Merge remote-tracking branch 'goog/upstream-master' into citadel-ba9f1d086 * goog/upstream-master: keymaster: remove unused buffer and blockMode fields AuthSecret: fix update reboot logic Keymaster HAL: fixed stoi exception. keymaster: rpc scaffolding for attestation keymaster: add rsa and ec support to update() keymaster: add buffering layer Add NOTICE files to get copyright info published NUGGET_PARAM_ENABLE_UPDATE tells us whether it worked or not Fix build breakage on pi-dev-plus-aosp-without-vendor Keymaster HAL: Fix the format of the OS version. Bug: 109864210 Test: Update, boot, set and unlock with PIN Change-Id: Iac8bc0aeff1a5f8ff9fa522ec45048bfc66b0bc2
Android communicates with Nugget apps in order to implement security related HALs. Currently, those HALs are Keymaster, Weaver and OemLock.
Apps that define a protobuf service will have an app interface class autogenerated. These classes will wrap a NuggetClient
. The generator can be found in the generator
directory.
Work in progress.
Currently, everything is synchronous and just exposes the call_application()
function from the Nugget transport API. In future, asynchronous calls may be desired. Support for this could be added in:
NuggetClient
on top of call_application()
citadel
This directory contains the components to support Citadel connected to Android.