Commit graph

22 commits

Author SHA1 Message Date
Treehugger Robot
7f788a7bb0 Merge "Update needed for Rust v1.77.0" into main am: f814c97702 am: 1a67e24cb7
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/3017016

Change-Id: Ib28f40dd6b807fef8d137d48035f2066eefe553d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-03-28 07:01:18 +00:00
Charisee
c3a74935a1 Update needed for Rust v1.77.0
error: field `0` is never read
  --> hardware/interfaces/security/authgraph/default/src/main.rs:34:24
   |
34 | struct HalServiceError(String);
   |        --------------- ^^^^^^
   |        |
   |        field in this struct
   |
   = note: `HalServiceError` has derived impls for the traits `Clone` and `Debug`, but these are intenti
onally ignored during dead code analysis
   = note: `-D dead-code` implied by `-D warnings`
   = help: to override `-D warnings` add `#[allow(dead_code)]`
help: consider changing the field to be of unit type to suppress this warning while preserving the field
 numbering, or remove the field
   |
34 | struct HalServiceError(());
   |                        ~~

error: aborting due to 1 previous error


Test: ./build.py --lto thin

bug: http://b/330185853
Change-Id: I08b79176fb5edea9e24990e4884e521c24660d68
2024-03-27 22:58:56 +00:00
Devin Moore
a8efdb127e Vendor API level 202404 is now frozen
Ignore-AOSP-First: VINTF 202404 Finalization
Bug: 279809333
Test: build
Change-Id: Ie6d38d27a287e258c30516e0030ad8c931d06432
2024-02-20 21:05:23 +00:00
Jeff Vander Stoep
e8934d0991 Replace use of deprecated logging functions
This is needed to upgrade the android_logger crate from 0.12.0
to 0.13.3.

with_max_level provides the same functionality as with_min_level.
The renaming is admittedly confusing, but the new name is accurate
and it makes sense that they deprecated and then removed the
previously poorly named with_min_level.

See crate documentation [1] and code [2].

[1]: https://docs.rs/android_logger/0.12.0/android_logger/struct.Config.html#method.with_min_level
[2]: https://docs.rs/android_logger/0.12.0/src/android_logger/lib.rs.html#227

Bug: 322718401
Test: build and run CF with the change.
Test: m aosp_cf_x86_64_phone
Change-Id: I0ca9596433967be70e9d55acb6cfbf9322741bf8
2024-01-31 10:49:31 +01:00
Shikha Panwar
fc0dbfee70 InitialPayload of ExplicitKeyDiceCertChain
Change the spec for DiceCertChainInitialPayload, removing the map &
directly equating it to bstr .cbor PubKey. Also mandate it to stick to
Core Deterministic Encoding Requirements. The deterministic encoding is
essential to ensure DicePolicies can be applied on the root key.

Test: Builds
Bug: 319613231
Change-Id: I5e12ecbcbae84ae608d784a12f8ae4afc49b5a9d
2024-01-12 06:32:08 +00:00
David Drysdale
b108e8cd87 authgraph: cope with LocalTa being dropped
When a LocalTa instance is used in a fuzzer, it gets dropped at the end
of processing each fuzz input.  This makes the `mpsc::channel`s fail,
so update to cope with this.

Bug: 316075932
Test: run fuzzer on Cuttlefish
Change-Id: I069f441013e269f652cbe1ff3053606f9bcb2dfd
2023-12-18 17:33:33 +00:00
David Drysdale
bef8d3ae89 Secretkeeper: add message encryption
All request messages are encrypted, but response messages have an outer
unencrypted layer, with an inner response (and the result values inside
that).

Make the SecretManagement.cddl file clearer to reflect that, and make
the schema valid along the way.

Move the outer (unencrypted) error code values into `ErrorCode.aidl` and
use them as service-specific error codes, thus reducing the number of
error types from 3 to 2.

Bug: 291228560
Test: VtsSecretkeeperTargetTest
Test: validate CDDL with https://atacama.informatik.uni-bremen.de/
Change-Id: I46c5bfd7e40b03919d7d3779b265b3bb3ff1ce1e
2023-12-12 16:03:04 +00:00
David Drysdale
8898d2ec57 Secretkeeper: add AuthGraph key exchange
Add `ISecretkeeper::getAuthGraphKe()` method to the Secretkeeper HAL.

Align the AIDL targets between AuthGraph and Secretkeeper, and add
some defaults that automatically link to the current version of the
Secretkeeper AIDL targets.

Move the non-secure implementation of AuthGraph to run the TA in a
separate thread.

Alter the nonsecure implementation of Secretkeeper so that it no longer
directly implements Secretkeeper functionality, but instead re-uses
common code from the Secretkeeper reference implementation.  This
involves re-using the common implementation of the HAL service (from
`authgraph_hal`), but also involves using the reference implementation
of the the TA code that would normally run in a separate secure
environment.  The latter code expects to run in a single-threaded
environment, so run it in a single local thread.

Note that the negotiated session keys emitted by AuthGraph are not yet
used by Secretkeeper (coming in a subsequent CL).

Extend the Secretkeeper VTS tests to invoke the AuthGraph VTS inner
tests on the returned IAuthGraphKeyExchange instance, exercising the
instance as an AuthGraph sink.

Bug: 291228560
Test: VtsSecretkeeperTargetTest
Change-Id: Ia2c97976edc4530b2c902d95a74f3c340d342174
2023-12-06 06:50:19 +00:00
David Drysdale
20c6549f34 AuthGraph: drop now-unused StdClock
Test: build
Bug: 291228560
Change-Id: Ie4bd2c7ebca1ceae07012f406c2dcbb5efbd915d
2023-11-23 15:50:42 +00:00
Jooyung Han
28b3387f4c Merge "Add authgraph HAL APEX" into main 2023-11-23 02:03:18 +00:00
David Drysdale
087ead1608 AuthGraph VTS: detect additional errors
A failure to get the IAuthGraphKeyExchange/nonsecure instance might
be because it's not registered (likely on most non-Cuttlefish devices)
or it might be for some other reason, such as SELinux denial.

So detect other kinds of failure to get the service, and also change
the VTS to require root so SELinux denials don't happen.

Also tweak the expected return code when a source is given a corrupt
key; now that replay protection is implemented, the reference
implementation rejects this earlier (and with a different error)
because the session lookup fails.

Test: VtsAidlAuthGraphRoleTest
Bug: 291228560
Change-Id: I032600ac809f43a3642fa9ef9aae788d3ca2378f
2023-11-21 11:09:42 +00:00
Jooyung Han
9f3f37f288 Add authgraph HAL APEX
Bug: 309463258
Test: VtsAidlAuthGraphSessionTest
Change-Id: I5ac32a6e5d70321f31321b613a982020bf51db68
2023-11-21 17:14:33 +09:00
Hasini Gunasinghe
7a32f3e555 Documentation updates as per the API council review and proof reading.
This CL updates description of the `Nonce` used in key exchange as per
API council review.

Additionally, this includes updates to the documentation that are found
to be suitable as per further proof reading.

Test: N/A
Change-Id: Ie59e3a10eb8844fcfac9dad60c9d431ae499ee40
2023-11-17 02:18:23 +00:00
Hasini Gunasinghe
5df6ed5e66 Update the VTS module according to the refactoring in aosp/2826571
Test: atest VtsAidlAuthGraphRoleTest, atest VtsAidlAuthGraphSessionTest
Change-Id: I6cc3bd17952f602b58668d35e09c6a5385c7de61
2023-11-16 06:49:05 +00:00
David Drysdale
fe41825f1c AuthGraph: add per-role VTS tests
Add VTS tests that just exercise a single role, sink or source.

Use the AuthGraph core library to provide the implementation of the
other role.  This means that the tests are best written in Rust.

Put the test code into a library, so that other HALs which include
AuthGraph as a component can exercise the AuthGraph parts in their own
VTS tests.

Test: VtsAidlAuthGraphRoleTest
Bug: 284470121
Change-Id: I73f6aa277b41cc728587d707d7a6f82f0d18e08f
2023-11-08 12:43:29 +00:00
David Drysdale
6fb22dc9ef AuthGraph: add fuzzer
Test: m android.hardware.authgraph-service.nonsecure_fuzzer
Bug: 284470121
Change-Id: Ib702b5b0cf69a4a839326297c2d71355562b46c3
2023-11-06 13:26:25 +00:00
David Drysdale
6c09af215d AuthGraph: move code into library
Use the core library's new service implementation, which wraps a
channel to the TA.

In this nonsecure case, the TA is local in-process, so use the core
library's AuthGraphTa, and implement the SerializedChannel as just
a direct invocation of the TA.

Move this code into a _nonsecure library, so the main.rs just has
the code needed to start the executable and register the service.

Test: VtsAidlAuthGraphSessionTest
Bug: 284470121
Change-Id: I738d3876872a8cd248f0ebec708676d1173b6e37
2023-11-06 13:08:45 +00:00
David Drysdale
f2117ff77c AuthGraph: reduce dependency on authgraph_core
The authgraph_hal library should only depend on libauthgraph_wire, not
on libauthgraph_core, so adjust error processing accordingly.

Test: VtsAidlAuthGraphSessionTest
Bug: 284470121
Change-Id: I48056db6ceeab409d0f165f8e051809129643c6f
2023-11-03 12:22:42 +00:00
David Drysdale
7fd838c0fe Add (nonsecure) default AuthGraph impl
Add an implementation for the AuthGraph key exchange HAL, to allow
testing and policy compliance.

In real use, IAuthGraphKeyExchange instances are expected to be
retrieved from some other HAL, allowing the AuthGraph instance to be
specifically correlated with the component that uses it.

Bug: 284470121
Bug: 291228560
Test: hal_implementation_test
Test: VtsAidlAuthGraphSessionTest
Change-Id: Ib064292d60bead663af7721fd1406f2a9b5d8ecd
2023-10-31 23:18:56 +00:00
David Drysdale
d42cb6fa69 authgraph: add parallel session VTS tests
Test: VtsAidlAuthGraphSessionTest
Change-Id: Idcf79afe838fdbfb88bd7f43fe758ac03d9ba0d1
2023-10-31 23:18:56 +00:00
David Drysdale
c8625a8963 authgraph: add placeholder VTS test
Test: VtsAidlAuthGraphSessionTest (with nonsecure default impl)
Change-Id: I1a94071da8de8d4934709fa7875f89a0bb00a142
2023-10-31 23:18:56 +00:00
Hasini Gunasinghe
0e2495f107 Define the AIDL interface for AuthGraph key exchange.
Introduce the AIDL methods for key exchange and the CDDLs for
the relevant input/output types that are CBOR encoded.

Use a standard comment format in CDDL files to indicate where additional
structure definitions can be found, in the hope that one day tooling
will be available to automatically check schema syntax.

Add authgraph to compatibility matrix

This CL merges the CLs: aosp/2750484, aosp/2750485, aosp/2750486 by
drysdale@google.com

Co-authored-by: David Drysdale <drysdale@google.com>

Bug: 284470121
Test: validate schemas with https://cddl.anweiss.tech/
Test: VtsAidlAuthGraphSessionTest (with nonsecure default impl)
Change-Id: I2793666ede028f8abe91569587c09dcac21c67e0
2023-10-31 23:18:56 +00:00