Commit graph

146 commits

Author SHA1 Message Date
David Drysdale
37af4b3656 KeyMint VTS: more attestation info tests
Try all tags in attestion extension one by one

Test: VtsAidlKeyMintTargetTest on CF
Bug: 186735514
Change-Id: I63ca8d298d2d16f707f2437ab48aaa69c1d7563d
2021-06-18 07:45:27 +01:00
David Drysdale
a676c3b4ef KeyMint VTS: improve attestation tests
Check that the various ATTESTATION_ID_* tags are included if they
have the correct value, and that keygen fails if they have an invalid
value.

Also update attestation tags to include vendor/boot patchlevel if
they're available. (They always should be, but fixing that is a
separate task.)

Bug: 190757200
Test: VtsAidlKeyMintTargetTest
Merged-In: Ibaed7364c6d08c0982e2a9fb6cb864ae42cf39fe
Change-Id: Ibaed7364c6d08c0982e2a9fb6cb864ae42cf39fe
2021-06-17 16:43:37 +01:00
Eran Messeri
a5047720f0 Use TagType constants
Now that the aidl compiler supports it, use constants from TagType to
indicate the type of each tag, rather than duplicating the values of
the constants.

Test: atest VtsAidlKeyMintTargetTest
Bug: 183737811
Change-Id: Ie8af1f00d04fa05c59cfc72692caecbcf2fae483
2021-06-15 14:26:59 +01:00
David Drysdale
ba8e44599c Merge "KeyMint: sync all attestation tags" 2021-06-09 05:49:33 +00:00
David Drysdale
f3374d4237 Merge "KeyMint VTS: better early boot key tests" 2021-06-07 16:05:23 +00:00
David Drysdale
93c72cef92 KeyMint: sync all attestation tags
Get description of ASN.1 schema in HAL and the keymint support library
in sync with each other.  Change code to always list tags in the same
order (by numeric tag).

Bug: 188672564
Bug: 186735514
Test: VtsAidlKeyMintTargetTest
Change-Id: I620f54ba4a265ea69d174f6f44765a8508bfe803
2021-06-07 13:46:49 +01:00
Treehugger Robot
0872e42bec Merge "Improve unique attestation docs & tests" 2021-06-07 11:22:48 +00:00
David Drysdale
adfe6116d5 KeyMint VTS: better early boot key tests
Add a check that the TAG_EARLY_BOOT_ONLY is included in the returned key
characteristics.

Bug: 188672564
Test: VtsAidlKeyMintTargetTest
Change-Id: I200c61f34888c720c47f6289d79cd21d78436b58
2021-06-04 16:42:23 +01:00
David Drysdale
19c7c575f0 Merge "KeyMint VTS: test getKeyCharacteristics()" 2021-06-03 06:55:24 +00:00
Treehugger Robot
6f87175e16 Merge "Fixing tests to reflect change in CDDL" 2021-06-03 00:25:49 +00:00
Seth Moore
fa3d38d206 Correct the description for getKeyCharacteristics
The description should note that keystore-enforced tags are not to be
returned. This is done so that the keymint implementation doesn't have
to bother keeping track of tags it's not repsonsible for dealing with.

Bug: 186685601
Test: none (it's just a comment change)
Change-Id: I3ff94201c262a5071d271b150dbbf21888d678aa
2021-06-01 11:30:24 -07:00
Eran Messeri
90747ad701 Improve unique attestation docs & tests
Improve the documentation and tests related to device-unique
attestation on StrongBox KeyMint devices:
* Test that the chain produced is exactly of length 2.
* Document how the chain needs to be structured.
* Explain the trust properties of the key used for the
  self-signed root.

Test: atest VtsAidlKeyMintTargetTest
Bug: 187803288
Change-Id: I09bb16d6938b567c114485d2df00bde9d3e1ccf9
2021-05-27 18:19:18 +01:00
Max Bires
8dff0b3584 Fixing tests to reflect change in CDDL
This fixes up the tests to go along with the change to the signature
of the MAC key. Primarily, this adds the MAC tag from the MACing
operation over the public key set to be signed into the AAD of the
signature of said MAC key.

Bug: 189018262
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: Ibdcf242e0ae73dee1a08fe98d939130055e4492e
Merged-In: Ibdcf242e0ae73dee1a08fe98d939130055e4492e
2021-05-26 21:42:17 +00:00
Treehugger Robot
25e701b915 Merge "Correct documentation for update()" 2021-05-26 12:16:04 +00:00
Treehugger Robot
29159c728f Merge "Generate COSE MAC with a callback, not raw key" 2021-05-25 19:35:37 +00:00
Treehugger Robot
241327c140 Merge "Shifting VTS libs to static_lib entry" 2021-05-25 18:12:22 +00:00
Seth Moore
026bb7431d Generate COSE MAC with a callback, not raw key
The cppcose_rkp library was updated to generate MAC via callback instead
of passing keys around to allow for stronger MAC key protection.

Bug: 182928606
Test: VtsHalRemotelyProvisionedComponentTargetTest
Test: RemoteProvisionerUnitTests
Change-Id: Ia8a0410408fe3064e904c5282b52f172f8134b9a
Merged-In: Ia8a0410408fe3064e904c5282b52f172f8134b9a
2021-05-25 07:57:13 -07:00
Shawn Willden
0b11d84fdd Correct documentation for update()
update() is no longer allowed to consume only part of the data provided.

Change-Id: Ia64a9c0340f19b5dca6dff2502dc7072021522b6
Test: N/A
2021-05-25 12:14:03 +00:00
David Drysdale
300b555b6b KeyMint VTS: test getKeyCharacteristics()
Bug: 186685601
Bug: 188855306
Test: VtsAidlKeyMintTargetTest
Change-Id: Icf400533b0ded98b9338f2d782d95d90c7efbff4
2021-05-25 11:07:51 +01:00
Max Bires
e857afb6a6 Shifting VTS libs to static_lib entry
If these HALs aren't present on the device, then the test runner will
fail due to test binary trying to dynamically link to libs that aren't
present. Statically linking them will allow the test to fail gracefully
when the test harness sees that the HAL interfaces aren't available on
device.

Fixes: 184797684
Test: atest VtsAidlKeyMintTargetTest
Change-Id: I0f8dea081a51256cfb0e50d6af20038e2b8f1f07
Merged-In: I0f8dea081a51256cfb0e50d6af20038e2b8f1f07
2021-05-23 22:10:13 +00:00
David Drysdale
db0dcf5034 KeyMint: improve HAL spec and tests
- clarify & test BIGNUM spec
- allow alternative return codes when requesting device unique
  attestation
- use specific error for early boot import failure
- test more early boot key scenarios (in post-early-boot mode)

Test: VtsAidlKeyMintTargetTest
Change-Id: I70a342084a29144aef1ed0ff80fec02cc06ffbc0
2021-05-19 16:40:25 +01:00
David Drysdale
cad5403270 Merge changes I10c4beea,I0efc30f3
* changes:
  KeyMint VTS: local RSA encryption
  KeyMint VTS: local asymmetric verification
2021-05-17 17:12:40 +00:00
David Drysdale
8d1d302ffa Merge "KeyMint HAL: cert dates are in milliseconds" 2021-05-17 13:45:21 +00:00
Tommy Chiu
77aae9e40e Merge "KeyMint vts: Correct the EC curve parameter and some return code" 2021-05-15 01:50:30 +00:00
David Drysdale
59cae644e7 KeyMint VTS: local RSA encryption
Change RSA encryption (with public key) so it happens locally in the
test, rather than by invoking an ENCRYPT operation against KeyMint.

 - Specify MGF1 digest for OAEP mode as (now) required by AIDL spec.
 - Drop tests for too-long encryption inputs.
 - Adjust test comments to reflect decryption-only nature.
 - Change parameter checking tests to do so on DECRYPT rather than ENCRYPT.

Test: VtsAidlKeyMintTargetTest
Change-Id: I10c4beea28387eecfd0bc7c5dfd59a1b66fec21e
2021-05-12 16:09:44 +01:00
Tommy Chiu
c93c439ad3 KeyMint vts: Correct the EC curve parameter and some return code
Strongbox doens't support p-224. Change the curve to p-256 for better
compatibility.
Also update the tags to be filtered on the hw-enforcement list.

Change-Id: I3f587c5471ca68b88a565ee9ec2e27d1e9e11b17
2021-05-12 19:13:55 +08:00
David Drysdale
df8f52ee8d KeyMint VTS: local asymmetric verification
Change verification of ECDSA and RSA signatures so it happens locally
in the test, rather than by invoking a VERIFY operation against KeyMint.

Test: VtsAidlKeyMintTargetTest
Change-Id: I0efc30f3c96cd70ac636d34718eff53cc23f1480
2021-05-12 11:51:24 +01:00
David Drysdale
2a73db3d9e KeyMint VTS: fix 3DES key sizes
DES key size is 7/8 of what's provided.

Test: VtsAidlKeyMintTargetTest
Change-Id: I645c1df11646d129a9421630cb6e5ed86edb8899
2021-05-10 10:59:19 +01:00
David Drysdale
e650667341 KeyMint HAL: cert dates are in milliseconds
Test: None, comment change only
Change-Id: I6251d4a0ba74d111f4c107f9a54a5c45811aa90f
2021-05-06 08:25:33 +01:00
David Drysdale
c9bc2f742d KeyMint VTS: symmetric import test with bad keylen
Test: VtsAidlKeyMintTargetTest
Change-Id: I32ad8ad2ca2b18d3279ebe77ba63b34457ab888d
2021-05-05 15:59:39 +01:00
David Drysdale
d0bc4b9e64 KeyMint HAL: restore getKeyCharacteristics() docs
Commit 40eb8f53ea ("KeyMint AIDL tweaks") removed references to
getKeyCharacteristics() in docs, as it was a KeyMaster entrypoint
that wasn't present on the KeyMint HAL.

Commit dadb18dd29 ("Add getKeyCharacteristics method to KeyMint")
added the getKeyCharacteristics() entrypoint to KeyMint, as it
turned out it was needed after all.

This commit restores references to getKeyCharacteristics() in the
Tag.aidl documentation.

Test: VtsAidlKeyMintTargetTest
Change-Id: I860479554b85f4adfeddd4eee70a09cf5265c938
2021-05-05 15:58:43 +01:00
Tommy Chiu
384c82dd14 Merge "vts: Correct the parameters on strongbox" 2021-05-05 14:08:48 +00:00
Shawn Willden
da2b9ae9f8 Merge changes Ic8949e22,Ia3a6363d
* changes:
  Update DeviceUniqueAttestationTest to match spec
  Make AttestKeyTest not crash if no cert is returned.
2021-05-04 19:50:41 +00:00
Tommy Chiu
3950b45a44 vts: Correct the parameters on strongbox
If GenerateKey() with user-provide key_blob, it needs to be specified in
the following begin() operations as well. Update the test case just to
take key_blob from private member instead of creating a local one.

Note:
- Remove redudent TAG_NO_AUTH_REQUIRED in DeviceUniqueAttestationTest

Change-Id: I81860294e1e7e01a57e66e08e75507a8292ec0c3
2021-05-04 23:09:56 +08:00
David Drysdale
3368b3c6b0 Merge "More KeyMint VTS testcases" 2021-05-04 08:00:41 +00:00
Shawn Willden
ced5c2c23a Update DeviceUniqueAttestationTest to match spec
Test: VtsAidlKeyMintTargetTest
Change-Id: Ic8949e223eb7ba2445d4738dcd9b31a1d244bb46
2021-05-03 16:36:49 -06:00
Shawn Willden
c410f6fb44 Make AttestKeyTest not crash if no cert is returned.
Test: VtsAidlKeyMintTargetTest
Change-Id: Ia3a6363d854742681f684ff989b98b7cfda30746
2021-05-03 16:36:33 -06:00
Shawn Willden
c46f9da49f Merge "AttestationKey documentation" 2021-05-03 15:07:38 +00:00
Paul Crowley
8b25958b75 Merge "Add getKeyCharacteristics method to KeyMint" 2021-04-30 21:06:14 +00:00
David Drysdale
d2cc8c2c5e More KeyMint VTS testcases
Tests for:
 - non-prime RSA exponent (fails with CF KeyMint)
 - RSA exponent value of 3
 - key size > 512 for `STRONGBOX`
 - unknown tag inclusion
 - CBC input size not block size multiple
 - challenge omitted for attestation (fails with CF KeyMint)
 - import RSA key with implicit params
 - vestigial upgradeKey test
 - importWrappedKey errors
 - importWrappedKey sids ignored
 - duplicate/missing params on begin()
 - more tests for incompatible params on begin()
 - HMAC size not multiple of 8 (fails with CF KeyMint)
 - wrong size caller IV for 3DES rejected
 - too large MIN_MAC_LENGTH for HMAC
 - invalid AES-GCM minimum MAC length values
 - check failed updateAad() cancels operation
 - check that auto-generated nonces are distinct
 - (DISABLED_) invoke destroyAttestationIds()
 - omitting optional RSA keygen tags

Also add commenting to illustrate the ASN.1 structure of hex data.

Test: VtsKeyMintAidlTargetTest
Change-Id: I4663c42671cbb094ffe8d603e0352ffa9f1dbf2e
2021-04-30 19:15:39 +01:00
Paul Crowley
dadb18dd29 Add getKeyCharacteristics method to KeyMint
(cherry picked from commit 402d62f7be)

Bug: 186685601
Test: Treehugger
Merged-In: Ie72d865a37e2b6834fe6a86bf843d30286384aa5
Change-Id: Ie72d865a37e2b6834fe6a86bf843d30286384aa5
2021-04-30 10:58:31 -07:00
David Drysdale
bb3d85eaa4 Test for patchlevels and too much entropy
Add tests for:
 - Too much entropy should be rejected with INVALID_INPUT_LENGTH
 - All authorization lists should include a vendor and boot patchlevel.

These requirements are in both the KeyMint and the KeyMaster 4.0 AIDL
specificications, but have never been policed before.

Currently disabled with a command-line flag because CF does not have
the patchlevels and so fails lots of tests.

Test: VtsKeyMintAidlTargetTest
Change-Id: Ic9622ef3f1b80e013a34059218e3e029f392eb72
2021-04-30 14:50:14 +01:00
David Drysdale
7de9febd17 Add more symmetric KeyMint tests
Also fix some test name comments along the way.

Test: VtsKeyMintAidlTargetTest
Change-Id: I828acfaa676e1b9fa2e3c6f184f9dafb936b0e82
2021-04-30 14:50:12 +01:00
David Drysdale
40eb8f53ea KeyMint AIDL tweaks
- Describe 3DES requirements
- Remove references to non-existent getKeyCharacteristics() entrypoint
- Remove references to non-existent attestKey() entrypoint
- Remove mention of asymmetric verification operations
- Remove text describing incomplete update()
- Remove text discussing padding for ECDSA
- EC keys can't encrypt/decrypt
- Force use of curve not key size for EC keys
- Drop TODO re: CBOR encoding of wrapped key
- Indicate caller-provided nonces must have correct size
- Add more reference to IKeyMintOperation
- Align parameter names with signatures
- Correct MIN_MAC_LENGTH error code
- Make CREATION_DATETIME consistently optional
- Describe use of MGF1 digest option
- Fix typos

Test: VtsKeyMintAidlTargetTest (CF)
Change-Id: Ie01b99d33be7336e872bf24a7761a3ac5b1d584c
2021-04-30 14:19:31 +01:00
Treehugger Robot
af3b58e35a Merge "Add attestation format documentation" 2021-04-27 20:40:50 +00:00
David Drysdale
5cde787c9f Merge "Align KeyMint AIDL with usage" 2021-04-27 16:43:01 +00:00
Shawn Willden
8691e58bd1 AttestationKey documentation
Test: N/A, only added documentation
Change-Id: I41ed99c385c99511e8a9a19a5aa7aec180ee41ac
2021-04-27 09:22:25 -06:00
Shawn Willden
3cb64a6822 Add attestation format documentation
Somehow the attestation format docs got dropped from KeyMint in the
transition from Keymaster.  This replaces them, and also clarifies
that KeyMint StrongBox should not support device attestation.

Test: VtsAidlKeyMintTargetTest
Change-Id: I2334e99b4797c7a0e2e59727ffa730cf7504df31
2021-04-27 09:22:25 -06:00
Selene Huang
8f9494c4f6 Added various vts tests for attestKey.
- Added tests for signing attest key with factory chain.
  - Added test for signing encryption keys.
  - Added tests for chaining many RSA attest keys on the same chain.
  - Added tests for chaining many Ec attest keys on the same chain.
  - Added tests for alternate chaining of rsa-ec-rsa-ec-rsa attesti
    keys on the same chain.

Test: atest VtsAidlKeyMintTargetTest
Change-Id: I9c67e2b928d6bba6cc4074a4b65f639f33c9ec26
2021-04-24 22:43:13 -07:00
Selene Huang
6e46f1467c Added vts tests for certificate subject and serial for various
algorithms and self sign or non-self sign certificates.

Test: atest VtsAidlKeyMintTargetTest
Change-Id: I4e9d8db7be500f165c3a9f240ea2dfe00c2a70d1
2021-04-22 15:18:32 -07:00