Merge "Revert^2 "KeyMint HAL: add curve 25519, bump version"" am: 0834ba697f
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1920687 Change-Id: I06062f5b39fe9a2e229aa732b2bd63cf067c05da
This commit is contained in:
Seth Moore
Automerger Merge Worker
commit
07069c9e35
7 changed files with 35 additions and 12 deletions
|
|
@ -334,7 +334,7 @@
|
||||||
</hal>
|
</hal>
|
||||||
<hal format="aidl" optional="true">
|
<hal format="aidl" optional="true">
|
||||||
<name>android.hardware.security.keymint</name>
|
<name>android.hardware.security.keymint</name>
|
||||||
<version>1</version>
|
<version>1-2</version>
|
||||||
<interface>
|
<interface>
|
||||||
<name>IKeyMintDevice</name>
|
<name>IKeyMintDevice</name>
|
||||||
<instance>default</instance>
|
<instance>default</instance>
|
||||||
|
|
@ -343,6 +343,7 @@
|
||||||
</hal>
|
</hal>
|
||||||
<hal format="aidl" optional="true">
|
<hal format="aidl" optional="true">
|
||||||
<name>android.hardware.security.keymint</name>
|
<name>android.hardware.security.keymint</name>
|
||||||
|
<version>1-2</version>
|
||||||
<interface>
|
<interface>
|
||||||
<name>IRemotelyProvisionedComponent</name>
|
<name>IRemotelyProvisionedComponent</name>
|
||||||
<instance>default</instance>
|
<instance>default</instance>
|
||||||
|
|
|
||||||
|
|
@ -45,14 +45,14 @@ aidl_interface {
|
||||||
cc_defaults {
|
cc_defaults {
|
||||||
name: "keymint_use_latest_hal_aidl_ndk_static",
|
name: "keymint_use_latest_hal_aidl_ndk_static",
|
||||||
static_libs: [
|
static_libs: [
|
||||||
"android.hardware.security.keymint-V1-ndk",
|
"android.hardware.security.keymint-V2-ndk",
|
||||||
],
|
],
|
||||||
}
|
}
|
||||||
|
|
||||||
cc_defaults {
|
cc_defaults {
|
||||||
name: "keymint_use_latest_hal_aidl_ndk_shared",
|
name: "keymint_use_latest_hal_aidl_ndk_shared",
|
||||||
shared_libs: [
|
shared_libs: [
|
||||||
"android.hardware.security.keymint-V1-ndk",
|
"android.hardware.security.keymint-V2-ndk",
|
||||||
],
|
],
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -62,6 +62,6 @@ cc_defaults {
|
||||||
rust_defaults {
|
rust_defaults {
|
||||||
name: "keymint_use_latest_hal_aidl_rust",
|
name: "keymint_use_latest_hal_aidl_rust",
|
||||||
rustlibs: [
|
rustlibs: [
|
||||||
"android.hardware.security.keymint-V1-rust",
|
"android.hardware.security.keymint-V2-rust",
|
||||||
],
|
],
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -39,4 +39,5 @@ enum EcCurve {
|
||||||
P_256 = 1,
|
P_256 = 1,
|
||||||
P_384 = 2,
|
P_384 = 2,
|
||||||
P_521 = 3,
|
P_521 = 3,
|
||||||
|
CURVE_25519 = 4,
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -27,4 +27,5 @@ enum EcCurve {
|
||||||
P_256 = 1,
|
P_256 = 1,
|
||||||
P_384 = 2,
|
P_384 = 2,
|
||||||
P_521 = 3,
|
P_521 = 3,
|
||||||
|
CURVE_25519 = 4,
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -93,6 +93,11 @@ import android.hardware.security.secureclock.TimeStampToken;
|
||||||
* P-521. STRONGBOX IKeyMintDevices must support NIST curve P-256.
|
* P-521. STRONGBOX IKeyMintDevices must support NIST curve P-256.
|
||||||
* - TRUSTED_ENVIRONMENT IKeyMintDevices must support SHA1, SHA-2 224, SHA-2 256, SHA-2
|
* - TRUSTED_ENVIRONMENT IKeyMintDevices must support SHA1, SHA-2 224, SHA-2 256, SHA-2
|
||||||
* 384 and SHA-2 512 digest modes. STRONGBOX IKeyMintDevices must support SHA-2 256.
|
* 384 and SHA-2 512 digest modes. STRONGBOX IKeyMintDevices must support SHA-2 256.
|
||||||
|
* - TRUSTED_ENVRIONMENT IKeyMintDevices must support curve 25519 for Purpose::SIGN (Ed25519,
|
||||||
|
* as specified in RFC 8032), Purpose::ATTEST_KEY (Ed25519) or for KeyPurpose::AGREE_KEY
|
||||||
|
* (X25519, as specified in RFC 7748). However, a key must have exactly one of these
|
||||||
|
* purpose values; the same key cannot be used for multiple purposes.
|
||||||
|
* STRONGBOX IKeyMintDevices do not support curve 25519.
|
||||||
*
|
*
|
||||||
* o AES
|
* o AES
|
||||||
*
|
*
|
||||||
|
|
@ -287,7 +292,7 @@ interface IKeyMintDevice {
|
||||||
* except AGREE_KEY must be supported for RSA keys.
|
* except AGREE_KEY must be supported for RSA keys.
|
||||||
*
|
*
|
||||||
* o Tag::DIGEST specifies digest algorithms that may be used with the new key. TEE
|
* o Tag::DIGEST specifies digest algorithms that may be used with the new key. TEE
|
||||||
* IKeyMintDevice implementations must support all Digest values (see digest.aidl) for RSA
|
* IKeyMintDevice implementations must support all Digest values (see Digest.aidl) for RSA
|
||||||
* keys. StrongBox IKeyMintDevice implementations must support SHA_2_256.
|
* keys. StrongBox IKeyMintDevice implementations must support SHA_2_256.
|
||||||
*
|
*
|
||||||
* o Tag::PADDING specifies the padding modes that may be used with the new
|
* o Tag::PADDING specifies the padding modes that may be used with the new
|
||||||
|
|
@ -298,13 +303,24 @@ interface IKeyMintDevice {
|
||||||
* == ECDSA Keys ==
|
* == ECDSA Keys ==
|
||||||
*
|
*
|
||||||
* Tag::EC_CURVE must be provided to generate an ECDSA key. If it is not provided, generateKey
|
* Tag::EC_CURVE must be provided to generate an ECDSA key. If it is not provided, generateKey
|
||||||
* must return ErrorCode::UNSUPPORTED_KEY_SIZE. TEE IKeyMintDevice implementations must support
|
* must return ErrorCode::UNSUPPORTED_KEY_SIZE or ErrorCode::UNSUPPORTED_EC_CURVE. TEE
|
||||||
* all curves. StrongBox implementations must support P_256.
|
* IKeyMintDevice implementations must support all required curves. StrongBox implementations
|
||||||
|
* must support P_256 and no other curves.
|
||||||
|
*
|
||||||
* Tag::CERTIFICATE_NOT_BEFORE and Tag::CERTIFICATE_NOT_AFTER must be provided to specify the
|
* Tag::CERTIFICATE_NOT_BEFORE and Tag::CERTIFICATE_NOT_AFTER must be provided to specify the
|
||||||
* valid date range for the returned X.509 certificate holding the public key. If omitted,
|
* valid date range for the returned X.509 certificate holding the public key. If omitted,
|
||||||
* generateKey must return ErrorCode::MISSING_NOT_BEFORE or ErrorCode::MISSING_NOT_AFTER.
|
* generateKey must return ErrorCode::MISSING_NOT_BEFORE or ErrorCode::MISSING_NOT_AFTER.
|
||||||
*
|
*
|
||||||
|
* Keys with EC_CURVE of EcCurve::CURVE_25519 must have exactly one purpose in the set
|
||||||
|
* {KeyPurpose::SIGN, KeyPurpose::ATTEST_KEY, KeyPurpose::AGREE_KEY}. Key generation with more
|
||||||
|
* than one purpose should be rejected with ErrorCode::INCOMPATIBLE_PURPOSE.
|
||||||
|
* StrongBox implementation do not support CURVE_25519.
|
||||||
|
*
|
||||||
|
* Tag::DIGEST specifies digest algorithms that may be used with the new key. TEE
|
||||||
|
* IKeyMintDevice implementations must support all Digest values (see Digest.aidl) for ECDSA
|
||||||
|
* keys; Ed25519 keys only support Digest::NONE. StrongBox IKeyMintDevice implementations must
|
||||||
|
* support SHA_2_256.
|
||||||
|
*
|
||||||
* == AES Keys ==
|
* == AES Keys ==
|
||||||
*
|
*
|
||||||
* Only Tag::KEY_SIZE is required to generate an AES key. If omitted, generateKey must return
|
* Only Tag::KEY_SIZE is required to generate an AES key. If omitted, generateKey must return
|
||||||
|
|
|
||||||
|
|
@ -25,8 +25,10 @@ package android.hardware.security.keymint;
|
||||||
enum KeyFormat {
|
enum KeyFormat {
|
||||||
/** X.509 certificate format, for public key export. */
|
/** X.509 certificate format, for public key export. */
|
||||||
X509 = 0,
|
X509 = 0,
|
||||||
/** PCKS#8 format, asymmetric key pair import. */
|
/** PKCS#8 format, asymmetric key pair import. */
|
||||||
PKCS8 = 1,
|
PKCS8 = 1,
|
||||||
/** Raw bytes, for symmetric key import. */
|
/**
|
||||||
|
* Raw bytes, for symmetric key import, and for import of raw asymmetric keys for curve 25519.
|
||||||
|
*/
|
||||||
RAW = 3,
|
RAW = 3,
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -6618,7 +6618,7 @@ INSTANTIATE_KEYMINT_AIDL_TEST(TransportLimitTest);
|
||||||
|
|
||||||
typedef KeyMintAidlTestBase KeyAgreementTest;
|
typedef KeyMintAidlTestBase KeyAgreementTest;
|
||||||
|
|
||||||
int CurveToOpenSslCurveName(EcCurve curve) {
|
static int EcdhCurveToOpenSslCurveName(EcCurve curve) {
|
||||||
switch (curve) {
|
switch (curve) {
|
||||||
case EcCurve::P_224:
|
case EcCurve::P_224:
|
||||||
return NID_secp224r1;
|
return NID_secp224r1;
|
||||||
|
|
@ -6628,6 +6628,8 @@ int CurveToOpenSslCurveName(EcCurve curve) {
|
||||||
return NID_secp384r1;
|
return NID_secp384r1;
|
||||||
case EcCurve::P_521:
|
case EcCurve::P_521:
|
||||||
return NID_secp521r1;
|
return NID_secp521r1;
|
||||||
|
case EcCurve::CURVE_25519:
|
||||||
|
return NID_X25519;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -6649,7 +6651,7 @@ TEST_P(KeyAgreementTest, Ecdh) {
|
||||||
for (auto localCurve : ValidCurves()) {
|
for (auto localCurve : ValidCurves()) {
|
||||||
// Generate EC key locally (with access to private key material)
|
// Generate EC key locally (with access to private key material)
|
||||||
auto ecKey = EC_KEY_Ptr(EC_KEY_new());
|
auto ecKey = EC_KEY_Ptr(EC_KEY_new());
|
||||||
int curveName = CurveToOpenSslCurveName(localCurve);
|
int curveName = EcdhCurveToOpenSslCurveName(localCurve);
|
||||||
auto group = EC_GROUP_Ptr(EC_GROUP_new_by_curve_name(curveName));
|
auto group = EC_GROUP_Ptr(EC_GROUP_new_by_curve_name(curveName));
|
||||||
ASSERT_NE(group, nullptr);
|
ASSERT_NE(group, nullptr);
|
||||||
ASSERT_EQ(EC_KEY_set_group(ecKey.get(), group.get()), 1);
|
ASSERT_EQ(EC_KEY_set_group(ecKey.get(), group.get()), 1);
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue