Skip to content

Javacard KeyMint 100 v1.0 Final Release

Compare
Choose a tag to compare
@mdwivedi mdwivedi released this 20 Apr 02:44
· 126 commits to Javacard_KeyMint_100_master since this release
JC_Keymint_100_v1.0
772720f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

This is the Version 1.0 final release for Javacard KeyMint 1.0. Please refer to the following release notes for details.

Relese Tag : JC_Keymint_100_v1.0
Branch: Javacard_KeyMint_100_master
KeyMint Spec Version: 1.0

Detailed Release Notes:
https://docs.google.com/document/d/1DopGqSU8s7VkQgNeP0x5bqSVItlRPkVpDA5o2-KuNW4/edit#

Release Documents:
https://drive.google.com/corp/drive/folders/1bh0IMgDH4ryS_ACa12VFaQWCJ02AQsEn

Release Folder Contents

  • Detailed Release Notes
  • xTS Setup Guide
  • Details on RKP Component Provisioning
  • RKP Explanation
  • Keymint Provisioning

Release Highlights
Please refer to detailed release notes for complete list.

  • Few corrections in the tag related validations as per Keymint specification.
  • RKP End to end testing
  • Integrated OMAPI changes in the HAL source code and removed it as a patch
  • KeyMint applet upgrade support.
  • Use jc_strongbox as AID in the .rc file.
  • Included version parameters in the KeyBlob. This is for backward compatibility for KeyBlobs.
  • Maximum size limit validation for all the Byte tags
    • APPLICATION_ID and APPLICATION_DATA
    • CERTIFICATE_SUBJECT
    • ATTESTATION_APPLICATION_ID
    • BRAND, DEVICE, MODEL, IMEI, MEID, MANUFACTURER, PRODUCT, SERIAL
  • Updated Goldfish patches.
  • To support read data from socket over multiple calls, prepended data length to the actual data while sending over socket. This is to solve the socket issues in goldfish emulators. Please look for changes in SocketTransport, JCProxy and ProvisionTool.This is purely while testing through socket. No changes in OMAPI, HAL or Applet code.
  • Updated the JCardSim code to support testing on JCardSimulator.
  • Memory optimization in generateKey/importKey/importWrappedKey flow when sending the output response.
    • Created output in a stacked manner with custom cbor encoding for these functions.
    • Reclaimed the heap memory (moved heap pointer back to original state before the function call) post operations if possible.
    • Reused i/p parameters and reference to avoid copy.
    • Reduced number of exp creations for keyParameters inside keyCharacteristics.
  • Feedbacks from SE partners.
Assets 2
Loading