Revert "AesInvalidKeySize skip 192 on SB devices"

This reverts commit eb8b0577e8. Reason for revert: Broke a different TEE implementation Bug: 196922051 Change-Id: I9f136d237bd06bfe2a1cc29d11bb1fbe0b8ace5e Merged-In: I9f136d237bd06bfe2a1cc29d11bb1fbe0b8ace5e
2021-08-17 14:25:57 +00:00 · 2021-08-17 14:25:57 +00:00 · d067e790ab
commit d067e790ab
parent 4dad1ae2d8
2 changed files with 1 additions and 6 deletions
--- a/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
+++ b/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
@ -21,7 +21,6 @@

 #include <android-base/logging.h>
 #include <android/hidl/manager/1.0/IServiceManager.h>
-#include <cutils/properties.h>

 #include <keymasterV4_0/key_param_output.h>
 #include <keymasterV4_0/keymaster_utils.h>
@ -686,9 +685,6 @@ std::vector<uint32_t> KeymasterHidlTest::InvalidKeySizes(Algorithm algorithm) {
            case Algorithm::EC:
                return {224, 384, 521};
            case Algorithm::AES:
-                // The HAL language was clarified to exclude AES key sizes of 192 for StrongBox
-                // instances on devices launched on API Level 31 and above.
-                if (property_get_int32("ro.board.first_api_level", 0) < 31) return {};
                return {192};
            default:
                return {};
--- a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
@ -96,8 +96,7 @@ import android.hardware.security.secureclock.TimeStampToken;
 *
 * o   AES
 *
- *      - TRUSTED_ENVIRONMENT IKeyMintDevices must support 128, 192 and 256-bit keys.
- *        STRONGBOX IKeyMintDevices must only support 128 and 256-bit keys.
+ *      - 128 and 256-bit keys
 *      - CBC, CTR, ECB and GCM modes.  The GCM mode must not allow the use of tags smaller than 96
 *        bits or nonce lengths other than 96 bits.
 *      - CBC and ECB modes must support unpadded and PKCS7 padding modes.  With no padding CBC and