KeyMint: tweak spec to allow for no v4 in V

Given that we are not expecting to release a v4 of the KeyMint HAL for Android V, tweak some spec and test details so that existing v3 implementations do not need to change. - Soften the requirement to use (1970-01-01, 9999-12-31) as cert dates when secure-importing an asymmetric to be a suggestion instead. - Change the version gate for the test of importing an EC key with no specified `EC_CURVE` to be VSR-gated rather than gated on a putative future version of the HAL. Test: VtsAidlKeyMintTargetTest Bug: 292318194 Bug: 292534977 Change-Id: Ib8d6e79ea948ee77eeb2528d698205179f026fd3
2023-11-02 09:26:44 +00:00 · 2023-11-02 09:26:44 +00:00 · 1405dbc7a4
commit 1405dbc7a4
parent 69efe8e753
2 changed files with 10 additions and 9 deletions
--- a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
@ -974,8 +974,8 @@ enum Tag {
     * time in milliseconds.  This value is used when generating attestation or self signed
     * certificates.  ErrorCode::MISSING_NOT_BEFORE must be returned if this tag is not provided if
     * this tag is not provided to generateKey or importKey.  For importWrappedKey, there is no way
-     * to specify the value of this tag for the wrapped key, so a value of 0 must be used for
-     * certificate generation.
+     * to specify the value of this tag for a wrapped asymmetric key, so a value of 0 is suggested
+     * for certificate generation.
     */
    CERTIFICATE_NOT_BEFORE = TagType.DATE | 1008,

@ -983,8 +983,9 @@ enum Tag {
     * Tag::CERTIFICATE_NOT_AFTER the end of the validity of the certificate in UNIX epoch time in
     * milliseconds.  This value is used when generating attestation or self signed certificates.
     * ErrorCode::MISSING_NOT_AFTER must be returned if this tag is not provided to generateKey or
-     * importKey.  For importWrappedKey, there is no way to specify the value of this tag for the
-     * wrapped key, so a value of 253402300799000 is used for certificate generation.
+     * importKey.  For importWrappedKey, there is no way to specify the value of this tag for a
+     * wrapped asymmetric key, so a value of 253402300799000 is suggested for certificate
+     * generation.
     */
    CERTIFICATE_NOT_AFTER = TagType.DATE | 1009,

--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@ -4123,13 +4123,13 @@ TEST_P(ImportKeyTest, EcdsaSuccess) {
 * when the EC_CURVE is not explicitly specified.
 */
 TEST_P(ImportKeyTest, EcdsaSuccessCurveNotSpecified) {
-    if (AidlVersion() < 4) {
+    if (get_vsr_api_level() < __ANDROID_API_V__) {
        /*
-         * The KeyMint spec before V4 was not clear as to whether EC_CURVE was optional on import of
-         * EC keys. However, this was not checked at the time so we can only be strict about
-         * checking this for implementations of KeyMint version 4 and above.
+         * The KeyMint spec was previously not clear as to whether EC_CURVE was optional on import
+         * of EC keys. However, this was not checked at the time so we can only be strict about
+         * checking this for implementations at VSR-V or later.
         */
-        GTEST_SKIP() << "Skipping EC_CURVE on import only strict since KeyMint v4";
+        GTEST_SKIP() << "Skipping EC_CURVE on import only strict >= VSR-V";
    }

    ASSERT_EQ(ErrorCode::OK, ImportKey(AuthorizationSetBuilder()