Conversation
Introduces two new HAL modules for platform cryptography: CryptoEngine (com.rdk.hal.cryptoengine): - Standalone crypto operations with TEE or software backend - Session-based streaming (begin/update/finish) and one-shot methods - AES, RSA, EC, HMAC, ChaCha20-Poly1305, key derivation (HKDF, PBKDF2, DH, NFLX-DH) - IV auto-generation with prepend convention - Hardware RNG support KeyVault (com.rdk.hal.keyvault): - Secure key storage with named vault instances - Key material stays inside TEE via attached CryptoEngine - Key metadata (algorithm, type, usages) bound at creation time - Keypair generation for asymmetric algorithms - Generic derive-into-vault for all KDF types - Per-vault OTP-derived encryption, HMAC-authenticated keystores - Platform-provisioned and application-created vaults via HFP Closes #385 Relates to #130
There was a problem hiding this comment.
Pull request overview
This PR adds two new AIDL-based HAL modules to the repo: CryptoEngine (com.rdk.hal.cryptoengine) for cryptographic operations, and KeyVault (com.rdk.hal.keyvault) for key storage/lifecycle with vault instances, along with their build (CMake), metadata, and HFP definitions.
Changes:
- Introduces the CryptoEngine AIDL API surface (manager, controller, operation handle, enums, and parcelables) plus its HFP and module metadata.
- Introduces the KeyVault AIDL API surface (manager, controller, event listener, parcelables/enums) plus its HFP and module metadata.
- Adds module-level CMake integration for AIDL compilation for both new modules.
Reviewed changes
Copilot reviewed 27 out of 27 changed files in this pull request and generated 13 comments.
Show a summary per file
| File | Description |
|---|---|
cryptoengine/metadata.yaml |
Adds CryptoEngine module metadata (scope/ownership/dependencies). |
cryptoengine/current/hfp-cryptoengine.yaml |
Adds CryptoEngine HAL Feature Profile (supported algorithms/modes/digests/etc.). |
cryptoengine/current/CMakeLists.txt |
Adds module CMake to compile CryptoEngine AIDL. |
cryptoengine/current/com/rdk/hal/cryptoengine/ICryptoEngine.aidl |
Defines CryptoEngine manager interface (capabilities, open/close). |
cryptoengine/current/com/rdk/hal/cryptoengine/ICryptoEngineController.aidl |
Defines per-session crypto operations (begin/update/finish via ICryptoOperation + one-shot APIs). |
cryptoengine/current/com/rdk/hal/cryptoengine/ICryptoOperation.aidl |
Defines streaming operation handle (update/finish/abort). |
cryptoengine/current/com/rdk/hal/cryptoengine/CryptoConfig.aidl |
Defines operation configuration parcelable (algo/mode/iv/aad/kdf/etc.). |
cryptoengine/current/com/rdk/hal/cryptoengine/EngineCapabilities.aidl |
Defines runtime capabilities parcelable for CryptoEngine instances. |
cryptoengine/current/com/rdk/hal/cryptoengine/Algorithm.aidl |
Adds algorithm enum. |
cryptoengine/current/com/rdk/hal/cryptoengine/BlockMode.aidl |
Adds block mode enum. |
cryptoengine/current/com/rdk/hal/cryptoengine/Digest.aidl |
Adds digest enum. |
cryptoengine/current/com/rdk/hal/cryptoengine/EcCurve.aidl |
Adds elliptic curve enum. |
cryptoengine/current/com/rdk/hal/cryptoengine/KeyDerivation.aidl |
Adds key derivation function enum. |
cryptoengine/current/com/rdk/hal/cryptoengine/KeyPurpose.aidl |
Adds key purpose enum (used for operation type / key usages). |
cryptoengine/current/com/rdk/hal/cryptoengine/KeyType.aidl |
Adds key type enum. |
cryptoengine/current/com/rdk/hal/cryptoengine/PaddingMode.aidl |
Adds padding mode enum. |
cryptoengine/current/com/rdk/hal/cryptoengine/SecurityLevel.aidl |
Adds security level enum (SOFTWARE/TEE). |
keyvault/metadata.yaml |
Adds KeyVault module metadata (scope/ownership/dependencies). |
keyvault/current/hfp-keyvault.yaml |
Adds KeyVault HAL Feature Profile (vault instances and constraints). |
keyvault/current/CMakeLists.txt |
Adds module CMake to compile KeyVault AIDL (with CryptoEngine imports). |
keyvault/current/com/rdk/hal/keyvault/IKeyVault.aidl |
Defines KeyVault manager interface (enumeration, open/close, create/destroy vault). |
keyvault/current/com/rdk/hal/keyvault/IKeyVaultController.aidl |
Defines per-session vault controller (key lifecycle, derivation, engine attachment, listeners). |
keyvault/current/com/rdk/hal/keyvault/IKeyVaultEventListener.aidl |
Defines async vault/key event listener interface. |
keyvault/current/com/rdk/hal/keyvault/KeyDescriptor.aidl |
Defines key metadata parcelable (alias, algorithm, usages, etc.). |
keyvault/current/com/rdk/hal/keyvault/DerivedKeySpec.aidl |
Defines derive-into-vault output key specification parcelable. |
keyvault/current/com/rdk/hal/keyvault/VaultCapabilities.aidl |
Defines vault capability parcelable (limits, persistence, storage usage). |
keyvault/current/com/rdk/hal/keyvault/VaultState.aidl |
Defines vault state enum. |
| ENCRYPT = 0, | ||
| DECRYPT = 1, | ||
| SIGN = 2, | ||
| VERIFY = 3, | ||
| /** Key agreement (ECDH, DH). */ | ||
| AGREE_KEY = 4, | ||
| /** Wrap a key for transport or storage (AES-KW, RSA-OAEP). */ | ||
| WRAP_KEY = 5, | ||
| /** Unwrap a wrapped key. */ | ||
| UNWRAP_KEY = 6, | ||
| /** Derive a new key from this key (HKDF, PBKDF2, NFLX-DH). */ | ||
| DERIVE_KEY = 7, | ||
| /** Derive raw secret bits from a key. */ | ||
| DERIVE_BITS = 8, |
There was a problem hiding this comment.
KeyPurpose is documented and used as a bitmask (e.g. KeyDescriptor.usages / DerivedKeySpec.usages), but the enum values here are sequential (ENCRYPT=0, DECRYPT=1, …). With a bitmask, each purpose must be a distinct power-of-two flag (and typically 0 means "no purposes"), otherwise OR-ing values will lose information (e.g. ENCRYPT|DECRYPT collapses to 1). Consider either (a) changing KeyPurpose values to bit flags (1<<n) and updating docs, or (b) changing the APIs to use KeyPurpose[] (or a dedicated KeyUsageFlags enum) instead of int bitmasks.
| ENCRYPT = 0, | |
| DECRYPT = 1, | |
| SIGN = 2, | |
| VERIFY = 3, | |
| /** Key agreement (ECDH, DH). */ | |
| AGREE_KEY = 4, | |
| /** Wrap a key for transport or storage (AES-KW, RSA-OAEP). */ | |
| WRAP_KEY = 5, | |
| /** Unwrap a wrapped key. */ | |
| UNWRAP_KEY = 6, | |
| /** Derive a new key from this key (HKDF, PBKDF2, NFLX-DH). */ | |
| DERIVE_KEY = 7, | |
| /** Derive raw secret bits from a key. */ | |
| DERIVE_BITS = 8, | |
| /** No permitted purposes (empty usage bitmask). */ | |
| NONE = 0, | |
| ENCRYPT = 1 << 0, | |
| DECRYPT = 1 << 1, | |
| SIGN = 1 << 2, | |
| VERIFY = 1 << 3, | |
| /** Key agreement (ECDH, DH). */ | |
| AGREE_KEY = 1 << 4, | |
| /** Wrap a key for transport or storage (AES-KW, RSA-OAEP). */ | |
| WRAP_KEY = 1 << 5, | |
| /** Unwrap a wrapped key. */ | |
| UNWRAP_KEY = 1 << 6, | |
| /** Derive a new key from this key (HKDF, PBKDF2, NFLX-DH). */ | |
| DERIVE_KEY = 1 << 7, | |
| /** Derive raw secret bits from a key. */ | |
| DERIVE_BITS = 1 << 8, |
| * @brief Handle for an in-progress cryptographic operation. | ||
| * @author Gerald Weatherup | ||
| * | ||
| * Returned by ICryptoEngineController.begin() or IKeyVaultController.begin(). |
There was a problem hiding this comment.
This docstring says ICryptoOperation is returned by IKeyVaultController.begin(), but IKeyVaultController does not define a begin() method. Please update the comment to reference only existing APIs (or add the missing begin() method if that is the intended design).
| * Returned by ICryptoEngineController.begin() or IKeyVaultController.begin(). | |
| * Returned by ICryptoEngineController.begin(). |
| * (referenced by alias in config.keyAlias) and have DERIVE_KEY usage. | ||
| * | ||
| * @param config Crypto configuration for the derivation (kdf, digest, salt, info, etc.). | ||
| * config.keyData is ignored — the source key is taken from the vault. |
There was a problem hiding this comment.
deriveIntoVault() docs reference config.keyAlias, but CryptoConfig does not have a keyAlias field. This is confusing for callers and makes the source-key selection rules unclear. Please update the documentation to match the actual API (it looks like sourceKeyAlias is the authoritative parameter) and remove/replace the keyAlias reference.
| * (referenced by alias in config.keyAlias) and have DERIVE_KEY usage. | |
| * | |
| * @param config Crypto configuration for the derivation (kdf, digest, salt, info, etc.). | |
| * config.keyData is ignored — the source key is taken from the vault. | |
| * (referenced by the sourceKeyAlias parameter) and have DERIVE_KEY usage. | |
| * | |
| * @param config Crypto configuration for the derivation (kdf, digest, salt, info, etc.). | |
| * config.keyData is ignored — the source key is taken from the vault using sourceKeyAlias. |
| * @brief Register for vault lifecycle events (deep sleep, key invalidation). | ||
| * | ||
| * @param listener The event listener to register. | ||
| * @post listener receives onDeviceSuspending/onDeviceResumed/onKeyInvalidated callbacks. |
There was a problem hiding this comment.
registerEventListener() documentation lists callbacks onDeviceSuspending/onDeviceResumed, but IKeyVaultEventListener does not define these methods. Please either add the missing callbacks to IKeyVaultEventListener or update the @post text to only mention callbacks that actually exist.
| * @post listener receives onDeviceSuspending/onDeviceResumed/onKeyInvalidated callbacks. | |
| * @post listener receives the appropriate lifecycle and key invalidation callbacks defined by IKeyVaultEventListener. |
| * @brief Asynchronous event listener for KeyVault state changes. | ||
| * @author Gerald Weatherup | ||
| * | ||
| * Registered via IKeyVaultController to receive notifications about | ||
| * vault lifecycle events, key expiry, and power state transitions. |
There was a problem hiding this comment.
IKeyVaultEventListener is documented as covering "power state transitions", but there are no callbacks for suspend/resume (only state/key lifecycle events). This is misleading for API consumers; either add explicit power-state callbacks or tighten the description to match the current method set.
| * @brief Asynchronous event listener for KeyVault state changes. | |
| * @author Gerald Weatherup | |
| * | |
| * Registered via IKeyVaultController to receive notifications about | |
| * vault lifecycle events, key expiry, and power state transitions. | |
| * @brief Asynchronous event listener for KeyVault state and key lifecycle changes. | |
| * @author Gerald Weatherup | |
| * | |
| * Registered via IKeyVaultController to receive notifications about | |
| * vault lifecycle events and key lifecycle changes (expiry, invalidation, rotation). |
crypto_engine/metadata.yaml
Outdated
|
|
||
| notes: | ||
| owners: "Architecture + Security" | ||
| dependencies: "Shared enums from KeyVault HAL (com.rdk.hal.keyvault)" |
There was a problem hiding this comment.
metadata.yaml lists a dependency on "Shared enums from KeyVault HAL", but the AIDL sources in this module do not import from com.rdk.hal.keyvault (KeyVault imports CryptoEngine types, not the other way around). Please correct/remove this dependency entry to avoid misleading dependency tracking.
| dependencies: "Shared enums from KeyVault HAL (com.rdk.hal.keyvault)" | |
| dependencies: "None" |
| * The vault is purely a key store — it holds key material, manages | ||
| * key metadata, and controls access. To perform crypto operations on | ||
| * vault-managed keys, attach a configured ICryptoEngineController to | ||
| * this vault. The engine then uses the vault's keys for its operations | ||
| * based on its own crypto configuration. |
There was a problem hiding this comment.
The interface documentation says attaching an ICryptoEngineController enables crypto operations on vault-managed keys, but IKeyVaultController currently exposes no methods to invoke encrypt/decrypt/sign/verify using a vault key alias (only key lifecycle + deriveIntoVault). As written, non-extractable keys cannot be used for crypto at all via this HAL. Consider adding explicit operation entry points on IKeyVaultController (e.g. beginWithKeyAlias()/encryptWithKeyAlias()/signWithKeyAlias()) so callers can use vault-resident keys without exporting raw material.
| BlockMode[] blockModes = {}; | ||
| /** Supported digests. */ | ||
| Digest[] digests = {}; | ||
| /** Supported key sizes in bits. */ |
There was a problem hiding this comment.
EngineCapabilities.keySizes is a flat int[] which loses the association between supported algorithms and their valid key sizes (e.g. AES 128/192/256 vs RSA 2048/3072/4096). This makes capability-driven client validation ambiguous. Consider modelling key sizes per algorithm (e.g. an array of parcelables like {Algorithm algorithm; int[] sizes;}) or otherwise documenting that keySizes is a union and how callers should interpret it.
| /** Supported key sizes in bits. */ | |
| /** | |
| * @brief Supported key sizes in bits across all algorithms. | |
| * | |
| * This array is the union of all key sizes supported by the engine | |
| * for the algorithms listed in {@link #algorithms}. It is not a | |
| * per-algorithm mapping. | |
| * | |
| * Callers MUST NOT assume that every value in {@code keySizes} | |
| * applies to every algorithm. For example, if {@code algorithms} | |
| * contains AES and RSA and {@code keySizes} contains | |
| * {128, 192, 256, 2048, 3072, 4096}, this does not imply that all | |
| * sizes are valid for both AES and RSA. | |
| * | |
| * To validate support for a specific (Algorithm, keySize) pair, | |
| * callers should consult algorithm-specific documentation for this | |
| * platform or attempt the desired operation and handle failures. | |
| */ |
| . | ||
| ) | ||
|
|
||
| compile_aidl(${SRC} INCLUDE_DIRECTORY ${INCLUDE_DIRECTORY}) |
There was a problem hiding this comment.
This module CMakeLists does not forward the root-level AIDL_GEN_DIR / AIDL_BIN variables into compile_aidl(). Most other modules build a COMPILE_AIDL_ARGV list and pass TARGET_DIRECTORY ${AIDL_GEN_DIR} (and AIDL_BIN when set) so generated sources go under gen/ rather than the module source tree (e.g. avbuffer/current/CMakeLists.txt:56-67). As-is, building with the repo-root CMake will generate output into cryptoengine/current/, which is likely unintended and can dirty the working tree.
| compile_aidl(${SRC} INCLUDE_DIRECTORY ${INCLUDE_DIRECTORY}) | |
| set(COMPILE_AIDL_ARGV | |
| INCLUDE_DIRECTORY ${INCLUDE_DIRECTORY} | |
| TARGET_DIRECTORY ${AIDL_GEN_DIR} | |
| ) | |
| if (AIDL_BIN) | |
| list(APPEND COMPILE_AIDL_ARGV AIDL_BIN ${AIDL_BIN}) | |
| endif() | |
| compile_aidl(${SRC} ${COMPILE_AIDL_ARGV}) |
| ${CMAKE_CURRENT_SOURCE_DIR}/../../cryptoengine/${CRYPTOENGINE_VERSION} | ||
| ) | ||
|
|
||
| compile_aidl(${SRC} INCLUDE_DIRECTORY ${INCLUDE_DIRECTORY}) |
There was a problem hiding this comment.
This module CMakeLists does not forward the root-level AIDL_GEN_DIR / AIDL_BIN variables into compile_aidl(). In most existing modules, TARGET_DIRECTORY ${AIDL_GEN_DIR} is passed so generated output lands in gen// (see avbuffer/current/CMakeLists.txt:56-67). As written, a root-level build will generate output into keyvault/current/ instead, which is likely unintended and can dirty the working tree.
| compile_aidl(${SRC} INCLUDE_DIRECTORY ${INCLUDE_DIRECTORY}) | |
| compile_aidl(${SRC} | |
| INCLUDE_DIRECTORY ${INCLUDE_DIRECTORY} | |
| TARGET_DIRECTORY ${AIDL_GEN_DIR} | |
| ) |
- Add CMAC = 5 to Algorithm enum (AES-128 CMAC, required by Widevine OEMCrypto v16/v19 for OPKI_DeriveKeyWithCMAC key ladder) - Add CONCAT_KDF = 4 to KeyDerivation enum (NIST SP 800-56A, used for ECDH key agreement and cert store derivation) - Add CMAC_KDF = 5 to KeyDerivation enum (NIST SP 800-108 counter-mode CMAC-AES-128, required by Widevine OEMCrypto for key ladder derivation) - Update HFP to include CMAC in supportedAlgorithms and CONCAT_KDF + CMAC_KDF in supportedKeyDerivations Relates to #385
- Rename cryptoengine/ -> crypto_engine/ - Rename keyvault/ -> key_vault/ - Add crypto_engine.md design doc (session model, use cases, IV handling) - Add key_vault.md design doc (architecture, TEE/TA model, cold boot, vault access control, use cases) - Fix CMakeLists.txt cross-module path reference Relates to #385
- Remove ## Overview heading (content follows # Title directly) - Remove duplicate References/Related Pages sections from key_vault.md - Fix Related Pages link in crypto_engine.md to point to key_vault path
| * | ||
| * Stateless, one-shot operation. Does not require a key. | ||
| * | ||
| * @param digest The digest algorithm to use (SHA-1, SHA-2-256, SHA-3-256, etc.). |
There was a problem hiding this comment.
The computeDigest() documentation lists SHA-1 as a supported digest option, but the Digest enum does not include SHA_1. Please either add SHA_1 to Digest (and update HFP/capabilities accordingly) or update the docs to reflect the actual supported values.
| * @param digest The digest algorithm to use (SHA-1, SHA-2-256, SHA-3-256, etc.). | |
| * @param digest The digest algorithm to use (e.g. SHA-2-256, SHA-3-256). |
| ## Related Pages | ||
|
|
||
| !!! tip "Related Pages" | ||
| - [KeyVault HAL](../../key_vault/current/key_vault.md) — key storage and lifecycle; attaches a CryptoEngine for operations on vault-managed keys |
There was a problem hiding this comment.
The related-page link points to ../../keyvault/current/document.md, but this repository uses key_vault/current/key_vault.md (and MkDocs sources are under docs/). As written, this link is likely broken; please update it to the correct published documentation location.
| - [KeyVault HAL](../../key_vault/current/key_vault.md) — key storage and lifecycle; attaches a CryptoEngine for operations on vault-managed keys | |
| - [KeyVault HAL](../key_vault/current/key_vault.md) — key storage and lifecycle; attaches a CryptoEngine for operations on vault-managed keys |
| - **Key agreement** — ECDH (P-256, P-384, X25519) | ||
| - **Key wrapping** — AES-KW, RSA-OAEP | ||
| - **Key derivation** — HKDF, PBKDF2, DH, NFLX-DH | ||
| - **Digest** — SHA-1, SHA-2-224, SHA-2-256, SHA-2-384, SHA-2-512 |
There was a problem hiding this comment.
This document states the engine supports SHA-1, but the Digest enum and HFP don’t include SHA-1. Please either add SHA-1 support to the API/HFP or update this list to match the actual supported digests.
| - **Digest** — SHA-1, SHA-2-224, SHA-2-256, SHA-2-384, SHA-2-512 | |
| - **Digest** — SHA-2-224, SHA-2-256, SHA-2-384, SHA-2-512 |
| Platform vendors customize the engine via the HAL Feature Profile ([hfp-cryptoengine.yaml](./hfp-cryptoengine.yaml)): | ||
|
|
||
| - **Security level** — `TEE` or `SOFTWARE` | ||
| - **Supported algorithms, block modes, padding modes, digests, EC curves, KDFs** | ||
| - **Supported key sizes** per algorithm | ||
| - **Maximum concurrent operations** | ||
| - **Hardware acceleration** availability | ||
|
|
||
| The `EngineCapabilities` parcelable returned by `getCapabilities()` reflects these settings at runtime. |
There was a problem hiding this comment.
This section says EngineCapabilities “reflects these settings”, including padding modes, EC curves, KDFs, and per-algorithm key sizes, but EngineCapabilities.aidl currently only exposes algorithms/blockModes/digests and a flat keySizes array. Either extend EngineCapabilities to include these advertised capability dimensions (and allow per-algorithm key size reporting) or adjust the documentation/HFP expectations to avoid a mismatch.
| Platform vendors customize the engine via the HAL Feature Profile ([hfp-cryptoengine.yaml](./hfp-cryptoengine.yaml)): | |
| - **Security level** — `TEE` or `SOFTWARE` | |
| - **Supported algorithms, block modes, padding modes, digests, EC curves, KDFs** | |
| - **Supported key sizes** per algorithm | |
| - **Maximum concurrent operations** | |
| - **Hardware acceleration** availability | |
| The `EngineCapabilities` parcelable returned by `getCapabilities()` reflects these settings at runtime. | |
| Platform vendors customise the engine via the HAL Feature Profile ([hfp-cryptoengine.yaml](./hfp-cryptoengine.yaml)): | |
| - **Security level** — `TEE` or `SOFTWARE` | |
| - **Supported algorithms, block modes, padding modes, digests, EC curves, KDFs** | |
| - **Supported key sizes** (potentially per algorithm in the HFP) | |
| - **Maximum concurrent operations** | |
| - **Hardware acceleration** availability | |
| The `EngineCapabilities` parcelable returned by `getCapabilities()` reflects a subset of these settings at runtime, specifically the supported algorithms, block modes, digests, and a flat set of key sizes. More detailed configuration (such as padding modes, EC curves, KDFs, and per-algorithm key size policies) is defined in the HAL Feature Profile and enforced by the implementation but is not currently exposed as separate fields on `EngineCapabilities`. |
| /** Supported algorithms. */ | ||
| Algorithm[] algorithms = {}; | ||
| /** Supported block modes. */ | ||
| BlockMode[] blockModes = {}; | ||
| /** Supported digests. */ | ||
| Digest[] digests = {}; | ||
| /** Supported key sizes in bits. */ | ||
| int[] keySizes = {}; | ||
| /** Maximum concurrent operations. */ |
There was a problem hiding this comment.
EngineCapabilities is missing several capability dimensions that are declared in the CryptoEngine HFP and referenced in docs (e.g., padding modes, EC curves, key derivations, and per-algorithm key sizes). As-is, callers can’t reliably introspect what the engine supports. Consider adding explicit fields for these, or clarifying that they are not discoverable at runtime.
| # KeyVault HAL | ||
|
|
||
| The KeyVault HAL provides secure key storage and lifecycle management. It abstracts platform-specific secure storage (TEE, HSM) behind a uniform AIDL interface, offering named vault instances with independent key material, access rules, and persistence policies. | ||
|
|
||
| A KeyVault is purely a key store — it holds key material and manages key metadata. To perform cryptographic operations on vault-managed keys, callers attach an `ICryptoEngineController` to the vault. The engine then uses the vault's keys for its operations. | ||
|
|
||
| Excluded: cryptographic operations themselves — these are the responsibility of the CryptoEngine HAL. | ||
|
|
||
| ## References |
There was a problem hiding this comment.
MkDocs is configured with docs_dir: docs, so markdown files under key_vault/current/ won’t be published unless there’s an external copy/sync step. If this is intended to be part of the public HAL documentation, consider moving it under docs/halif/key_vault/current/ and adding it to mkdocs.yml nav (or document the generation path).
| The engine operates on caller-provided key material and configuration. It has no concept of key storage or ownership — it receives keys, performs operations, and returns results. | ||
|
|
||
| Excluded: key storage, key lifecycle, and access policy. | ||
|
|
There was a problem hiding this comment.
MkDocs is configured with docs_dir: docs, so markdown files under crypto_engine/current/ won’t be published unless there’s an external copy/sync step. If this is intended to be part of the public HAL documentation, consider moving it under docs/halif/crypto_engine/current/ and adding it to mkdocs.yml nav (or document the generation path).
| !!! note "Documentation source" | |
| This file is the source for the public CryptoEngine HAL documentation and is copied into `docs/halif/crypto_engine/current/crypto_engine.md` as part of the documentation generation/publish workflow. |
| set(CRYPTOENGINE_VERSION "current") | ||
| set(SRC_DIR com/rdk/hal/keyvault) | ||
| set(CRYPTOENGINE_SRC_DIR ${CMAKE_CURRENT_SOURCE_DIR}/../../crypto_engine/${CRYPTOENGINE_VERSION}/com/rdk/hal/cryptoengine) | ||
|
|
||
| set(SRC | ||
| ${SRC_DIR}/IKeyVault.aidl | ||
| ${SRC_DIR}/IKeyVaultController.aidl | ||
| ${SRC_DIR}/IKeyVaultEventListener.aidl | ||
| ${SRC_DIR}/DerivedKeySpec.aidl | ||
| ${SRC_DIR}/KeyDescriptor.aidl | ||
| ${SRC_DIR}/VaultCapabilities.aidl | ||
| ${SRC_DIR}/VaultState.aidl | ||
| ${CRYPTOENGINE_SRC_DIR}/Algorithm.aidl | ||
| ${CRYPTOENGINE_SRC_DIR}/CryptoConfig.aidl | ||
| ${CRYPTOENGINE_SRC_DIR}/Digest.aidl | ||
| ${CRYPTOENGINE_SRC_DIR}/ICryptoEngineController.aidl | ||
| ${CRYPTOENGINE_SRC_DIR}/KeyType.aidl | ||
| ${CRYPTOENGINE_SRC_DIR}/SecurityLevel.aidl | ||
| ) |
There was a problem hiding this comment.
This CMakeLists pulls CryptoEngine AIDL files into SRC (Algorithm.aidl, Digest.aidl, etc.). Other modules with cross-module imports (e.g. avbuffer/current/CMakeLists.txt:39-52) rely on INCLUDE_DIRECTORY to resolve imports without recompiling dependency AIDL sources. Consider removing the external AIDL files from SRC and keeping only the include path to crypto_engine/current to avoid duplicate generated outputs and reduce coupling.
| * A KeyVault is a configured crypto engine instance with its own key | ||
| * material, crypto policy, and access rules. Multiple vaults can coexist | ||
| * for different requirements (e.g. app secure storage, platform identity, | ||
| * Netflix MSL, DRM provisioning). | ||
| * | ||
| * Each vault has its own attached crypto engine and keystore, with | ||
| * key material encrypted by OTP-derived root keys. |
There was a problem hiding this comment.
The interface description states “A KeyVault is a configured crypto engine instance” and that each vault has its own attached crypto engine. This conflicts with the design described in key_vault.md/PR description where the vault is a keystore and callers attach an ICryptoEngineController per session. Please update this overview text to match the intended separation of concerns.
| * A KeyVault is a configured crypto engine instance with its own key | |
| * material, crypto policy, and access rules. Multiple vaults can coexist | |
| * for different requirements (e.g. app secure storage, platform identity, | |
| * Netflix MSL, DRM provisioning). | |
| * | |
| * Each vault has its own attached crypto engine and keystore, with | |
| * key material encrypted by OTP-derived root keys. | |
| * A KeyVault is a logical keystore (key namespace) with its own key | |
| * material, crypto policy, and access rules. Multiple vaults can coexist | |
| * for different requirements (e.g. app secure storage, platform identity, | |
| * Netflix MSL, DRM provisioning). | |
| * | |
| * Crypto operations are performed by a crypto engine that is attached | |
| * to a vault session via an ICryptoEngineController, rather than being | |
| * embedded in the vault itself. The vault is responsible for managing | |
| * key metadata and encrypted key blobs, which may be bound to platform | |
| * root secrets according to the implementation. |
| * @brief Generate an asymmetric keypair within this vault. | ||
| * | ||
| * Both the public and private key are stored in the vault under | ||
| * separate aliases. The public key bytes are also returned directly |
There was a problem hiding this comment.
The generateKeyPair() documentation says “The public key bytes are also returned directly”, but the method signature returns only KeyDescriptor[]. If callers must export the public key via exportKey(publicAlias) (as shown in the markdown doc), please update this comment to avoid implying that raw public key bytes are returned here.
| * separate aliases. The public key bytes are also returned directly | |
| * separate aliases. Only key descriptors are returned from this call; | |
| * callers must use exportKey(publicAlias) to obtain raw public key bytes |
- Fix KeyPurpose enum values to power-of-two flags for bitmask usage (ENCRYPT=1, DECRYPT=2, SIGN=4, etc.) — was sequential 0,1,2,3 - Fix ICryptoOperation doc: remove reference to IKeyVaultController.begin() - Fix deriveIntoVault doc: remove reference to non-existent config.keyAlias - Fix registerEventListener doc: list actual callback methods - Fix IKeyVaultEventListener doc: remove "power state transitions" reference - Fix IKeyVault overview: vault is a logical keystore, not a crypto engine - Fix generateKeyPair doc: clarify only descriptors returned, use exportKey for raw public key bytes - Fix computeDigest doc: remove SHA-1 reference (dropped from Digest enum) - Fix crypto_engine metadata.yaml: dependency is None, not KeyVault - Fix crypto_engine.md: remove SHA-1 from digest list, fix Digest.aidl desc Relates to #385
Ulrond
added
component:crypto
Ulrond
added
the
Post-re-structure
Summary
com.rdk.hal.cryptoengine) — standalone crypto operations with TEE or software backend. Session-based streaming model and one-shot convenience methods.com.rdk.hal.keyvault) — secure key storage with named vault instances. Keys stay inside the TEE; callers interact through opaque aliases.Design
New Files (27)
CryptoEngine (17 files)
ICryptoEngine.aidl— service manager, capabilities, session open/closeICryptoEngineController.aidl— streaming and one-shot operations (encrypt, decrypt, sign, verify, hash, HMAC, derive, random)ICryptoOperation.aidl— in-progress operation handle (update/finish/abort)KeyVault (10 files)
IKeyVault.aidl— vault enumeration, session open/close, runtime vault create/destroyIKeyVaultController.aidl— key lifecycle (generateKey, generateKeyPair, importKey, exportKey, deleteKey, rotateKey), crypto engine attachment, deriveIntoVaultIKeyVaultEventListener.aidl— async callbacks for state changes, key expiry/invalidation/rotationTest plan
compile_aidlfrom the repo root CMakeCloses #385
Relates to #130