Merge Android 12
Bug: 202323961
Merged-In: I44395460a9d0d4c42e675be2439b39bc80c82caf
Change-Id: I7796e57242cbc98dd941741a86a959b9c2d20c6c
diff --git a/libnos/NuggetClient.cpp b/libnos/NuggetClient.cpp
index 72a9e9f..c361463 100644
--- a/libnos/NuggetClient.cpp
+++ b/libnos/NuggetClient.cpp
@@ -21,17 +21,15 @@
namespace nos {
-NuggetClient::NuggetClient()
- : NuggetClient("") {
+NuggetClient::NuggetClient(const std::string& name)
+ : device_name_(name), open_(false) {
}
-NuggetClient::NuggetClient(const std::string& device_name)
- : device_name_(device_name), open_(false) {
+NuggetClient::NuggetClient(const char* name, uint32_t config)
+ : device_name_(name ? name : ""), open_(false) {
+ device_ = { .config = config };
}
-NuggetClient::NuggetClient(const char* device_name)
- : device_name_(device_name ? device_name : ""), open_(false) {}
-
NuggetClient::~NuggetClient() {
Close();
}
@@ -86,6 +84,14 @@
return status_code;
}
+uint32_t NuggetClient::Reset() const {
+
+ if (!open_)
+ return APP_ERROR_NOT_READY;
+
+ return device_.ops.reset(device_.ctx);
+}
+
nos_device* NuggetClient::Device() {
return open_ ? &device_ : nullptr;
}
diff --git a/libnos/NuggetClientDebuggable.cpp b/libnos/NuggetClientDebuggable.cpp
index 5ee86e9..e4a087d 100644
--- a/libnos/NuggetClientDebuggable.cpp
+++ b/libnos/NuggetClientDebuggable.cpp
@@ -21,16 +21,11 @@
namespace nos {
-NuggetClientDebuggable::NuggetClientDebuggable(request_cb_t req_fn, response_cb_t resp_fn)
- : request_cb_(req_fn), response_cb_(resp_fn) {}
-
-NuggetClientDebuggable::NuggetClientDebuggable(const std::string& device_name,
- request_cb_t req_fn, response_cb_t resp_fn)
- : NuggetClient(device_name), request_cb_(req_fn), response_cb_(resp_fn) {}
-
-NuggetClientDebuggable::NuggetClientDebuggable(const char* device_name,
- request_cb_t req_fn, response_cb_t resp_fn)
- : NuggetClient(device_name), request_cb_(req_fn), response_cb_(resp_fn) {}
+NuggetClientDebuggable::NuggetClientDebuggable(
+ const char* name, uint32_t config,
+ request_cb_t req_fn, response_cb_t resp_fn)
+ : NuggetClient(name, config),
+ request_cb_(req_fn), response_cb_(resp_fn) {}
uint32_t NuggetClientDebuggable::CallApp(uint32_t appId, uint16_t arg,
const std::vector<uint8_t>& request,
diff --git a/libnos/include/nos/NuggetClient.h b/libnos/include/nos/NuggetClient.h
index 563f532..9484bd8 100644
--- a/libnos/include/nos/NuggetClient.h
+++ b/libnos/include/nos/NuggetClient.h
@@ -32,17 +32,13 @@
class NuggetClient : public NuggetClientInterface {
public:
/**
- * Create a client for the default Nugget device.
- */
- NuggetClient();
-
- /**
- * Create a client for the named Nugget device.
+ * Create a client for the named Nugget device
*
- * Passing an empty device name causes the default device to be selected.
+ * An empty device name causes the default device to be selected.
+ * An empty config uses default configurations.
*/
- NuggetClient(const std::string& device_name);
- NuggetClient(const char* device_name);
+ NuggetClient(const std::string& name);
+ NuggetClient(const char* name = 0, uint32_t config = 0);
~NuggetClient() override;
@@ -77,6 +73,11 @@
std::vector<uint8_t>* response) override;
/**
+ * Reset the device. Use with caution; context may be lost.
+ */
+ uint32_t Reset() const override;
+
+ /**
* Access the underlying device.
*
* NULL is returned if the connection to the device is not open.
diff --git a/libnos/include/nos/NuggetClientDebuggable.h b/libnos/include/nos/NuggetClientDebuggable.h
index 507eb15..ff1f080 100644
--- a/libnos/include/nos/NuggetClientDebuggable.h
+++ b/libnos/include/nos/NuggetClientDebuggable.h
@@ -36,10 +36,7 @@
using response_cb_t = std::function<void(uint32_t, const std::vector<uint8_t>&)>;
/* Need to pass the base constructor params up */
- NuggetClientDebuggable(request_cb_t req_cb_ = 0, response_cb_t resp_cb_ = 0);
- NuggetClientDebuggable(const std::string& device_name,
- request_cb_t req_cb_ = 0, response_cb_t resp_cb_ = 0);
- NuggetClientDebuggable(const char* device_name,
+ NuggetClientDebuggable(const char* name = 0, uint32_t config = 0,
request_cb_t req_cb_ = 0, response_cb_t resp_cb_ = 0);
/* We'll override this */
diff --git a/libnos/include/nos/NuggetClientInterface.h b/libnos/include/nos/NuggetClientInterface.h
index f7db0d1..8d78185 100644
--- a/libnos/include/nos/NuggetClientInterface.h
+++ b/libnos/include/nos/NuggetClientInterface.h
@@ -47,7 +47,7 @@
virtual bool IsOpen() const = 0;
/**
- * Call into and app running on Nugget.
+ * Call into an app running on Nugget.
*
* @param app_id The ID of the app to call.
* @param arg Argument to pass to the app.
@@ -58,6 +58,10 @@
virtual uint32_t CallApp(uint32_t appId, uint16_t arg,
const std::vector<uint8_t>& request,
std::vector<uint8_t>* response) = 0;
+ /**
+ * Reset the device. Use with caution; context may be lost.
+ */
+ virtual uint32_t Reset() const = 0;
};
} // namespace nos
diff --git a/libnos/test/include/nos/MockNuggetClient.h b/libnos/test/include/nos/MockNuggetClient.h
index 2c30832..48814c9 100644
--- a/libnos/test/include/nos/MockNuggetClient.h
+++ b/libnos/test/include/nos/MockNuggetClient.h
@@ -33,6 +33,7 @@
MOCK_METHOD4(CallApp, uint32_t(uint32_t, uint16_t,
const std::vector<uint8_t>&,
std::vector<uint8_t>*));
+ MOCK_CONST_METHOD0(Reset, uint32_t());
};
} // namespace nos
diff --git a/libnos_datagram/include/nos/device.h b/libnos_datagram/include/nos/device.h
index 5472156..2ba57e0 100644
--- a/libnos_datagram/include/nos/device.h
+++ b/libnos_datagram/include/nos/device.h
@@ -69,23 +69,12 @@
* The device must not be used after closing.
*/
void (*close)(void *ctx);
-
-#ifndef ANDROID
- /**
- * Get or Set a configuration value. These are opaque, implementation-specific
- * values useful only for bringup and development. The defaults should be
- * optimal for production use.
- *
- * Return 0 on success and a negative value on failure.
- */
- int (*get_config)(void *ctx, uint32_t config_id, void *value);
- int (*set_config)(void *ctx, uint32_t config_id, void *value);
-#endif
};
struct nos_device {
void *ctx;
struct nos_device_ops ops;
+ uint32_t config;
};
/*
diff --git a/libnos_transport/transport.c b/libnos_transport/transport.c
index 77a430a..85ba312 100644
--- a/libnos_transport/transport.c
+++ b/libnos_transport/transport.c
@@ -471,7 +471,7 @@
return APP_ERROR_IO;
}
- NLOGD("Calling app %d with params 0x%04x", app_id, params);
+ NLOGD("Calling App %d with params 0x%04x", app_id, params);
struct transport_status status;
uint32_t status_code;
@@ -501,7 +501,7 @@
NLOGW("App %d request checksum error", app_id);
}
if (status_code == APP_ERROR_CHECKSUM) {
- NLOGE("App %d equest checksum failed too many times", app_id);
+ NLOGE("App %d request checksum failed too many times", app_id);
status_code = APP_ERROR_IO;
}
diff --git a/nugget/include/app_nugget.h b/nugget/include/app_nugget.h
index 14191df..1ef9f31 100644
--- a/nugget/include/app_nugget.h
+++ b/nugget/include/app_nugget.h
@@ -264,6 +264,24 @@
#define NUGGET_PARAM_RDD_CFG 0x000e
/*
+ * Enable/Disable the RDD SuzyQable Detection
+ *
+ * This always returns the current state of the RDD SuzyQable detection
+ * feature.
+ *
+ * The AP can request that the RDD SuzyQable detection to be disabled (0) or
+ * enabled (1).
+ *
+ * @param args 0 OR 1
+ * @param arg_len 0 OR 1 byte
+ * @param reply current state (0 or 1)
+ * @param reply_len 1 byte
+ *
+ * @errors APP_ERROR_BOGUS_ARGS
+ */
+
+#define NUGGET_PARAM_BOARD_ID 0x000f
+/*
* Set / Get Board ID
*
* This sets or gets the Board ID of the device.
@@ -280,24 +298,6 @@
uint32_t flag;
uint32_t inv; /* must equal ~type when setting */
} __packed;
-#define NUGGET_PARAM_BOARD_ID 0x000f
-
-/*
- * Enable/Disable the RDD SuzyQable Deteaction
- *
- * This always returns the current state of the RDD SuezyQable detection
- * feature.
- *
- * The AP can request that the RDD SuezyQable detection to be disabled (0) or
- * enabled (1).
- *
- * @param args 0 OR 1
- * @param arg_len 0 OR 1 byte
- * @param reply 0 OR 1 current state
- * @param reply_len 1 byte
- *
- * @errors APP_ERROR_BOGUS_ARGS
- */
#define NUGGET_PARAM_GET_EVENT_RECORD 0x0010
/*
@@ -310,6 +310,110 @@
* @param reply_len sizeof struct event_record OR 0
*/
+#define NUGGET_PARAM_AP_IS_REBOOTING 0x0011
+/*
+ * This can be used to replace the GPIO signal for some boards, if the
+ * communication path is trusted. If not, it has no effect.
+ *
+ * @param args <none>
+ * @param arg_len 0
+ * @param reply <none>
+ * @param reply_len 0
+ */
+
+#define FILE_ID_NUGGET_PERSIST 0
+#define NUGGET_PERSIST_VERSION_1 1
+struct nugget_persist_t {
+ uint8_t version;
+ uint8_t user_consent;
+ uint8_t reserved[2];
+};
+
+enum nugget_sjtag_user_consent_cfg {
+ NUGGET_SJTAG_USER_CONSENT_DISALLOW, /* DISALLOW */
+ NUGGET_SJTAG_USER_CONSENT_ALLOW, /* ALLOW */
+
+ NUGGET_SJTAG_USER_CONSENT_NUM_CFGS,
+};
+
+#define NUGGET_PARAM_SJTAG_USER_CONSENT 0x0012
+/*
+ * Set/Get the SJTAG USER CONSENT function
+ *
+ * This always returns the current state of the SJTAG USER CONSENT feature.
+ *
+ * @param args <none> OR enum nugget_sjtag_user_consent_cfg
+ * @param arg_len 0 OR 1 byte
+ * @param reply enum nugget_sjtag_user_consent_cfg
+ * @param reply_len 1 byte
+ *
+ * @errors APP_ERROR_BOGUS_ARGS
+ */
+
+enum nugget_sjtag_avb_boot_lock_result {
+ AVB_BOOT_LOCK_DISABLED,
+ AVB_BOOT_LOCK_ENABLED,
+ AVB_BOOT_LOCK_ERROR,
+};
+
+#define NUGGET_PARAM_SJTAG_ALLOW 0x0013
+/*
+ * Get the SJTAG ALLOW
+ *
+ * This always returns the current state of the SJTAG ALLOW feature.
+ *
+ * @param args <none>
+ * @param arg_len 0
+ * @param reply 0(DISALLOW) OR 1(ALLOW)
+ * @param reply_len 1 byte
+ *
+ * @errors APP_ERROR_BOGUS_ARGS
+ */
+
+/*
+ * Persistent storage of arbitrary data, up to
+ * (FS_MAX_FILE_SIZE - sizeof(struct nugget_app_data)) bytes.
+ */
+struct nugget_app_storage {
+ uint32_t flags; /* TBD, use zero for now */
+#ifndef __cplusplus
+ uint8_t data[]; /* Zero or more bytes */
+#endif
+} __packed;
+
+#define NUGGET_PARAM_STORAGE_WRITE 0x0014
+/*
+ * Write arbitrary data.
+ *
+ * The current storage is erased, then new data (if any) is saved.
+ *
+ * .flags meaning is not yet defined; for now it must be 0x00000000
+ * Possible usage could restrict reading to the bootloader,
+ * erase data after N reads or reboots, etc.
+ *
+ * @param args struct nugget_app_storage + zero or more bytes
+ * @param arg_len To write: > sizeof(struct nugget_app_storage)
+ * To erase: <= sizeof(struct nugget_app_storage)
+ * @param reply <none>
+ * @param reply_len 0
+ *
+ * @errors APP_ERROR_BOGUS_ARGS
+ */
+#define NUGGET_PARAM_STORAGE_READ 0x0015
+/*
+ * Read arbitrary data.
+ *
+ * On success, struct nugget_app_storage is returned, followed by zero
+ * or more bytes of .data
+ *
+ * @param args <none>
+ * @param arg_len 0
+ * @param reply struct nugget_app_storage + zero or more bytes
+ * @param reply_len <varies>
+ *
+ * @errors APP_ERROR_BOGUS_ARGS
+ */
+
/****************************************************************************/
/* Test related commands */
@@ -352,10 +456,11 @@
/*
* This struct is specific to Citadel and Nugget OS, but it's enough for the
- * AP-side implementation to translate into the info required for the HAL
- * structs.
+ * AP-side implementation to translate into the info required for the power
+ * stats service.
*/
-struct nugget_app_low_power_stats {
+#define NUGGET_APP_LOW_POWER_STATS_MAGIC 0xC0DEACE1
+struct nugget_app_low_power_stats { /* version 1 */
/* All times in usecs */
uint64_t hard_reset_count; /* Cleared by power loss */
uint64_t time_since_hard_reset;
@@ -368,6 +473,18 @@
uint64_t time_spent_in_deep_sleep;
uint64_t time_at_ap_reset;
uint64_t time_at_ap_bootloader_done;
+ /*
+ * New fields for v1, used by factory tests. The caller can tell whether the
+ * firmare supports these fields by checking the v1_magic value.
+ */
+ uint32_t v1_magic; /* NUGGET_APP_LOW_POWER_STATS_MAGIC */
+ uint32_t temp;
+ struct {
+ unsigned int phone_on_l : 1;
+ unsigned int vol_up_l : 1;
+ unsigned int vol_dn_l : 1;
+ unsigned int _padding : 29; /* pad to 32 bits */
+ } signals;
} __packed;
#define NUGGET_PARAM_GET_LOW_POWER_STATS 0x200
@@ -500,6 +617,21 @@
* @param reply_len 0
*/
+#define NUGGET_PARAM_TRIGGER_PIN 0xF005
+/**
+ * Get/Set trigger pin level
+ *
+ * This command asks GSC to set the level (0|1) of an otherwise unused GPIO,
+ * to signal external test equipment.
+ *
+ * @param args 0 OR 1
+ * @param arg_len 0 OR 1 byte
+ * @param reply current state (0 or 1)
+ * @param reply_len 1 byte
+ *
+ * @errors APP_ERROR_BOGUS_ARGS
+ */
+
#ifdef __cplusplus
}
#endif
diff --git a/nugget/include/application.h b/nugget/include/application.h
index de771f0..1d485c6 100644
--- a/nugget/include/application.h
+++ b/nugget/include/application.h
@@ -73,6 +73,7 @@
#define APP_ID_WEAVER 0x03
#define APP_ID_PROTOBUF 0x04
#define APP_ID_IDENTITY 0x05
+#define APP_ID_GSC_FACEAUTH 0x06
/* Fake apps used only for testing */
#define APP_ID_AVB_TEST 0x11
diff --git a/nugget/include/citadel_events.h b/nugget/include/citadel_events.h
index 314ca41..3e3a33e 100644
--- a/nugget/include/citadel_events.h
+++ b/nugget/include/citadel_events.h
@@ -72,6 +72,7 @@
enum upgrade_state_def {
UPGRADE_SUCCESS = 0,
UPGRADE_PW_MISMATCH = 1,
+ UPGRADE_EN_FW_FAIL =2,
};
/* Please do not change the size of this struct */
diff --git a/nugget/include/flash_layout.h b/nugget/include/flash_layout.h
index 13c00ef..e8edc9a 100644
--- a/nugget/include/flash_layout.h
+++ b/nugget/include/flash_layout.h
@@ -10,7 +10,7 @@
* The flash memory is implemented in two halves. The SoC bootrom will look for
* a first-stage bootloader (aka "RO firmware") at the beginning of each of the
* two halves and prefer the newer one if both are valid. The chosen bootloader
- * also looks in each half of the flash for a valid application image (("RW
+ * also looks in each half of the flash for a valid application image ("RW
* firmware"), so we have two possible RW images as well. The RO and RW images
* are not tightly coupled, so either RO image can choose to boot either RW
* image. RO images are provided by the SoC team, and can be updated separately
@@ -35,4 +35,10 @@
#define DAUNTLESS_RW_A_MEM_OFF DAUNTLESS_RO_SIZE
#define DAUNTLESS_RW_B_MEM_OFF (DAUNTLESS_FLASH_HALF + DAUNTLESS_RW_A_MEM_OFF)
+/*
+ * Citadel reserves 0x4000 bytes (16K) for its RO firmware. Dauntless can vary,
+ * but the RW firmware will follow RO and be aligned on a 16K boundary.
+ */
+#define FLASH_RW_ALIGNMENT 0x4000
+
#endif /* __CROS_EC_FLASH_LAYOUT_H */
diff --git a/nugget/proto/nugget/app/identity/identity.proto b/nugget/proto/nugget/app/identity/identity.proto
index 96548c0..10500cb 100644
--- a/nugget/proto/nugget/app/identity/identity.proto
+++ b/nugget/proto/nugget/app/identity/identity.proto
@@ -34,6 +34,7 @@
// RPCs for the Identity HAL
rpc WICinitialize (WICinitializeRequest) returns (WICinitializeResponse);
+ rpc WICinitializeForUpdate (WICinitializeForUpdateRequest) returns (WICinitializeForUpdateResponse);
rpc WICcreateCredentialKey (WICcreateCredentialKeyRequest) returns (WICcreateCredentialKeyResponse);
rpc WICstartPersonalization (WICstartPersonalizationRequest) returns (WICstartPersonalizationResponse);
rpc WICaddAccessControlProfile (WICaddAccessControlProfileRequest) returns (WICaddAccessControlProfileResponse);
@@ -54,6 +55,7 @@
rpc ICretrieveEntryValue (ICretrieveEntryValueRequest) returns (ICretrieveEntryValueResponse);
rpc ICfinishRetrieval (ICfinishRetrievalRequest) returns (ICfinishRetrievalResponse);
rpc ICdeleteCredential (ICdeleteCredentialRequest) returns (ICdeleteCredentialResponse);
+ rpc ICproveOwnership (ICproveOwnershipRequest) returns (ICproveOwnershipResponse);
}
// WICinitialize
@@ -64,6 +66,17 @@
Result result = 1;
}
+// WICinitializeForUpdate
+message WICinitializeForUpdateRequest{
+ bool testCredential = 1;
+ bytes docType = 2;
+ bytes encryptedCredentialKeys = 3;
+}
+
+message WICinitializeForUpdateResponse{
+ Result result = 1;
+}
+
// WICcreateCredentialKey
message WICcreateCredentialKeyRequest{
}
@@ -295,11 +308,25 @@
// ICdeleteCredential
message ICdeleteCredentialRequest{
bytes docType = 1;
- bool testCredential = 2;
- uint32 proofOfDeletionCborSize =3;
+ bytes challenge = 2;
+ bool includeChallenge = 3;
+ uint32 proofOfDeletionCborSize = 4;
}
message ICdeleteCredentialResponse{
Result result = 1;
bytes signatureOfToBeSigned = 2;
+}
+
+// ICproveOwnership
+message ICproveOwnershipRequest{
+ bytes docType = 1;
+ bool testCredential = 2;
+ bytes challenge = 3;
+ uint32 proofOfOwnershipCborSize = 4;
+}
+
+message ICproveOwnershipResponse{
+ Result result = 1;
+ bytes signatureOfToBeSigned = 2;
}
\ No newline at end of file
diff --git a/nugget/proto/nugget/app/keymaster/keymaster.options b/nugget/proto/nugget/app/keymaster/keymaster.options
index ad3a0a1..4d99765 100644
--- a/nugget/proto/nugget/app/keymaster/keymaster.options
+++ b/nugget/proto/nugget/app/keymaster/keymaster.options
@@ -4,7 +4,7 @@
nugget.app.keymaster.SetRootOfTrustRequest.digest max_size:32
nugget.app.keymaster.SetBootStateRequest.public_key max_size:32
nugget.app.keymaster.SetBootStateRequest.boot_hash max_size:32
-nugget.app.keymaster.ComputeSharedHmacRequest.hmac_sharing_params max_count:3
+nugget.app.keymaster.ComputeSharedHmacRequest.hmac_sharing_params max_count:10
nugget.app.keymaster.ComputeSharedHmacResponse.sharing_check max_size:32
nugget.app.keymaster.DTupHandshakeRequest.nonce_client max_size:32
nugget.app.keymaster.DTupHandshakeResponse.nonce_citadel max_size:32
@@ -15,6 +15,7 @@
nugget.app.keymaster.ProvisionPresharedSecretRequest.preshared_secret max_size:32
nugget.app.keymaster.StartAttestKeyRequest.not_before max_size:15
nugget.app.keymaster.StartAttestKeyRequest.not_after max_size:15
+nugget.app.keymaster.StartAttestKeyRequest.caller_issuer_subj_name max_size:64
nugget.app.keymaster.ProvisionPresharedSecretResponse.digest max_size:32
nugget.app.keymaster.ProvisionCertificatesRequest.cert_block max_size: 1024
-nugget.app.keymaster.ProvisionCertificatesRequest.digest max_size: 32
\ No newline at end of file
+nugget.app.keymaster.ProvisionCertificatesRequest.digest max_size: 32
diff --git a/nugget/proto/nugget/app/keymaster/keymaster.proto b/nugget/proto/nugget/app/keymaster/keymaster.proto
index 0a11349..e6fec75 100644
--- a/nugget/proto/nugget/app/keymaster/keymaster.proto
+++ b/nugget/proto/nugget/app/keymaster/keymaster.proto
@@ -210,8 +210,10 @@
KeyParameters params = 2;
uint32 attestation_app_id_len = 3;
AttestationSelector selector = 4;
- bytes not_before = 5; // strftime('%y%m%d%H%M%SZ') [13 octects]
- bytes not_after = 6; // strftime('%y%m%d%H%M%SZ') [13 octects]
+ bytes not_before = 5; // strftime('%Y%m%d%H%M%SZ') [15 octects]
+ bytes not_after = 6; // strftime('%Y%m%d%H%M%SZ') [15 octects]
+ bytes caller_issuer_subj_name = 7;
+ KeyParameters caller_key_params = 8;
}
message StartAttestKeyResponse {
ErrorCode error_code = 1;
@@ -233,6 +235,8 @@
// FinishAttestKeyRequest
message FinishAttestKeyRequest {
OperationHandle handle = 1;
+ KeyBlob caller_blob = 2;
+ KeyParameters caller_key_params = 3;
}
message FinishAttestKeyResponse {
ErrorCode error_code = 1;
@@ -538,8 +542,8 @@
KeyParameters params = 2;
uint32 attestation_app_id_len = 3;
AttestationSelector selector = 4;
- bytes not_before = 5; // strftime('%y%m%d%H%M%SZ') [13 octects]
- bytes not_after = 6; // strftime('%y%m%d%H%M%SZ') [13 octects]
+ bytes not_before = 5; // strftime('%y%m%d%H%M%SZ') [15 octects]
+ bytes not_after = 6; // strftime('%y%m%d%H%M%SZ') [15 octects]
uint64 creation_time_ms = 7; // Rough current time (ms since epoch).
bool use_km_attest_key = 8;
}
diff --git a/nugget/proto/nugget/app/keymaster/keymaster_defs.proto b/nugget/proto/nugget/app/keymaster/keymaster_defs.proto
index 76f1a2f..da597b1 100644
--- a/nugget/proto/nugget/app/keymaster/keymaster_defs.proto
+++ b/nugget/proto/nugget/app/keymaster/keymaster_defs.proto
@@ -31,7 +31,7 @@
ULONG = 0x50000; /* 5 << 16 */
DATE = 0x60000; /* 6 << 16 */
BOOL = 0x70000; /* 7 << 16 */
- /* BIGNUM = 0x80000; 8 << 16 */ /* Unused. */
+ BIGNUM_ = 0x80000; /* 8 << 16 */
BYTES = 0x90000; /* 9 << 16 */
ULONG_REP = 0xA0000; /* 10 << 16 */
};
@@ -51,6 +51,7 @@
RSA_PUBLIC_EXPONENT = 0x500c8; // (TagType:ULONG | 200)
/* RESERVED: ECIES_SINGLE_HASH_MODE = 0x700c9; // (TagType:BOOL | 201) */
INCLUDE_UNIQUE_ID = 0x700ca; // (TagType:BOOL | 202)
+ RSA_OAEP_MGF_DIGEST = 0x200cb; // (TagType:ENUM_REP | 203)
BLOB_USAGE_REQUIREMENTS = 0x1012d; // (TagType:ENUM | 301)
BOOTLOADER_ONLY = 0x7012e; // (TagType:BOOL | 302)
ROLLBACK_RESISTANCE = 0x7012f; // (TagType:BOOL | 303)
@@ -61,6 +62,7 @@
USAGE_EXPIRE_DATETIME = 0x60192; // (TagType:DATE | 402)
MIN_SECONDS_BETWEEN_OPS = 0x30193; // (TagType:UINT | 403)
MAX_USES_PER_BOOT = 0x30194; // (TagType:UINT | 404)
+ USAGE_COUNT_LIMIT = 0x30195; // (TagType:UINT | 405)
/* RESERVED: ALL_USERS = 0x701f4; // (TagType:BOOL | 500) */
USER_ID = 0x301f5; // (TagType:UINT | 501)
USER_SECURE_ID = 0xa01f6; // (TagType:ULONG_REP | 502)
@@ -102,7 +104,9 @@
/* RESERVED: AUTH_TOKEN = 0x903ea; // (TagType:BYTES | 1002) */
MAC_LENGTH = 0x303eb; // (TagType:UINT | 1003)
RESET_SINCE_ID_ROTATION = 0x703ec; // (TagType:BOOL | 1004)
- CONFIRMATION_TOKEN = 0x903ed;// (TagType:BYTES | 1005)
+ CONFIRMATION_TOKEN = 0x903ed; // (TagType:BYTES | 1005)
+ CERTIFICATE_SERIAL = 0x803ee; // (TagType:BIGNUM | 1006)
+ CERTIFICATE_SUBJECT = 0x903ef; // (TagType:BYTES | 1007)
};
enum Algorithm {
@@ -173,7 +177,9 @@
VERIFY = 3;
/* RESERVED: DERIVE_KEY = 4; */
WRAP_KEY = 5;
- PURPOSE_MAX = 6;
+ AGREE_KEY = 6;
+ ATTEST_KEY = 7;
+ PURPOSE_MAX = 8;
};
enum ErrorCode {
@@ -259,6 +265,8 @@
ATTESTATION_IDS_NOT_PROVISIONED = 79;
INVALID_OPERATION = 80;
STORAGE_KEY_UNSUPPORTED = 81;
+ INCOMPATIBLE_MGF_DIGEST = 82;
+ UNSUPPORTED_MGF_DIGEST = 83;
};
enum SecurityLevel {
@@ -307,6 +315,8 @@
FUSING_DVT = 1;
FUSING_PVT = 2; // Strongbox gen v0 certs.
FUSING_PVT_1 = 3; // Strongbox gen v1 certs.
+ FUSING_D_PVT = 4; // Dauntless gen v0 certs.
+ FUSING_D_PVT_1 = 5; // Dauntless gen v1 certs.
}
enum CertificateStatus {
diff --git a/nugget/proto/nugget/app/keymaster/keymaster_types.proto b/nugget/proto/nugget/app/keymaster/keymaster_types.proto
index 2689498..4a66d4e 100644
--- a/nugget/proto/nugget/app/keymaster/keymaster_types.proto
+++ b/nugget/proto/nugget/app/keymaster/keymaster_types.proto
@@ -108,6 +108,8 @@
ATTEST_TEST = 0;
ATTEST_BATCH = 1;
ATTEST_INDIVIDUAL = 2;
+ ATTEST_SELF = 3;
+ ATTEST_CALLER = 4;
}
message VigoKey {