Merge "Revert "KeyMint HAL: add curve 25519, bump version"" am: 391a772300 am: f121b2c2bb am: 4df4387267 am: 633046efb2

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1918632

Change-Id: I465283c26ef3a281a07a83dbe3c33a138c2eac75
This commit is contained in:
David Drysdale 2021-12-13 17:09:42 +00:00 committed by Automerger Merge Worker
commit 9758dcae18
7 changed files with 12 additions and 35 deletions

View file

@ -381,7 +381,7 @@
</hal>
<hal format="aidl" optional="true">
<name>android.hardware.security.keymint</name>
<version>1-2</version>
<version>1</version>
<interface>
<name>IKeyMintDevice</name>
<instance>default</instance>
@ -390,7 +390,6 @@
</hal>
<hal format="aidl" optional="true">
<name>android.hardware.security.keymint</name>
<version>1-2</version>
<interface>
<name>IRemotelyProvisionedComponent</name>
<instance>default</instance>

View file

@ -45,14 +45,14 @@ aidl_interface {
cc_defaults {
name: "keymint_use_latest_hal_aidl_ndk_static",
static_libs: [
"android.hardware.security.keymint-V2-ndk",
"android.hardware.security.keymint-V1-ndk",
],
}
cc_defaults {
name: "keymint_use_latest_hal_aidl_ndk_shared",
shared_libs: [
"android.hardware.security.keymint-V2-ndk",
"android.hardware.security.keymint-V1-ndk",
],
}
@ -62,6 +62,6 @@ cc_defaults {
rust_defaults {
name: "keymint_use_latest_hal_aidl_rust",
rustlibs: [
"android.hardware.security.keymint-V2-rust",
"android.hardware.security.keymint-V1-rust",
],
}

View file

@ -39,5 +39,4 @@ enum EcCurve {
P_256 = 1,
P_384 = 2,
P_521 = 3,
CURVE_25519 = 4,
}

View file

@ -27,5 +27,4 @@ enum EcCurve {
P_256 = 1,
P_384 = 2,
P_521 = 3,
CURVE_25519 = 4,
}

View file

@ -93,11 +93,6 @@ import android.hardware.security.secureclock.TimeStampToken;
* P-521. STRONGBOX IKeyMintDevices must support NIST curve P-256.
* - TRUSTED_ENVIRONMENT IKeyMintDevices must support SHA1, SHA-2 224, SHA-2 256, SHA-2
* 384 and SHA-2 512 digest modes. STRONGBOX IKeyMintDevices must support SHA-2 256.
* - TRUSTED_ENVRIONMENT IKeyMintDevices must support curve 25519 for Purpose::SIGN (Ed25519,
* as specified in RFC 8032), Purpose::ATTEST_KEY (Ed25519) or for KeyPurpose::AGREE_KEY
* (X25519, as specified in RFC 7748). However, a key must have exactly one of these
* purpose values; the same key cannot be used for multiple purposes.
* STRONGBOX IKeyMintDevices do not support curve 25519.
*
* o AES
*
@ -292,7 +287,7 @@ interface IKeyMintDevice {
* except AGREE_KEY must be supported for RSA keys.
*
* o Tag::DIGEST specifies digest algorithms that may be used with the new key. TEE
* IKeyMintDevice implementations must support all Digest values (see Digest.aidl) for RSA
* IKeyMintDevice implementations must support all Digest values (see digest.aidl) for RSA
* keys. StrongBox IKeyMintDevice implementations must support SHA_2_256.
*
* o Tag::PADDING specifies the padding modes that may be used with the new
@ -303,24 +298,13 @@ interface IKeyMintDevice {
* == ECDSA Keys ==
*
* Tag::EC_CURVE must be provided to generate an ECDSA key. If it is not provided, generateKey
* must return ErrorCode::UNSUPPORTED_KEY_SIZE or ErrorCode::UNSUPPORTED_EC_CURVE. TEE
* IKeyMintDevice implementations must support all required curves. StrongBox implementations
* must support P_256 and no other curves.
*
* must return ErrorCode::UNSUPPORTED_KEY_SIZE. TEE IKeyMintDevice implementations must support
* all curves. StrongBox implementations must support P_256.
* Tag::CERTIFICATE_NOT_BEFORE and Tag::CERTIFICATE_NOT_AFTER must be provided to specify the
* valid date range for the returned X.509 certificate holding the public key. If omitted,
* generateKey must return ErrorCode::MISSING_NOT_BEFORE or ErrorCode::MISSING_NOT_AFTER.
*
* Keys with EC_CURVE of EcCurve::CURVE_25519 must have exactly one purpose in the set
* {KeyPurpose::SIGN, KeyPurpose::ATTEST_KEY, KeyPurpose::AGREE_KEY}. Key generation with more
* than one purpose should be rejected with ErrorCode::INCOMPATIBLE_PURPOSE.
* StrongBox implementation do not support CURVE_25519.
*
* Tag::DIGEST specifies digest algorithms that may be used with the new key. TEE
* IKeyMintDevice implementations must support all Digest values (see Digest.aidl) for ECDSA
* keys; Ed25519 keys only support Digest::NONE. StrongBox IKeyMintDevice implementations must
* support SHA_2_256.
*
* == AES Keys ==
*
* Only Tag::KEY_SIZE is required to generate an AES key. If omitted, generateKey must return

View file

@ -25,10 +25,8 @@ package android.hardware.security.keymint;
enum KeyFormat {
/** X.509 certificate format, for public key export. */
X509 = 0,
/** PKCS#8 format, asymmetric key pair import. */
/** PCKS#8 format, asymmetric key pair import. */
PKCS8 = 1,
/**
* Raw bytes, for symmetric key import, and for import of raw asymmetric keys for curve 25519.
*/
/** Raw bytes, for symmetric key import. */
RAW = 3,
}

View file

@ -6661,7 +6661,7 @@ INSTANTIATE_KEYMINT_AIDL_TEST(TransportLimitTest);
typedef KeyMintAidlTestBase KeyAgreementTest;
static int EcdhCurveToOpenSslCurveName(EcCurve curve) {
int CurveToOpenSslCurveName(EcCurve curve) {
switch (curve) {
case EcCurve::P_224:
return NID_secp224r1;
@ -6671,8 +6671,6 @@ static int EcdhCurveToOpenSslCurveName(EcCurve curve) {
return NID_secp384r1;
case EcCurve::P_521:
return NID_secp521r1;
case EcCurve::CURVE_25519:
return NID_X25519;
}
}
@ -6694,7 +6692,7 @@ TEST_P(KeyAgreementTest, Ecdh) {
for (auto localCurve : ValidCurves()) {
// Generate EC key locally (with access to private key material)
auto ecKey = EC_KEY_Ptr(EC_KEY_new());
int curveName = EcdhCurveToOpenSslCurveName(localCurve);
int curveName = CurveToOpenSslCurveName(localCurve);
auto group = EC_GROUP_Ptr(EC_GROUP_new_by_curve_name(curveName));
ASSERT_NE(group, nullptr);
ASSERT_EQ(EC_KEY_set_group(ecKey.get(), group.get()), 1);