Also add a check in the default implementation to help catch bugs like
this in the future.
Bug: 189865806
Test: atest VtsHalIdentityTargetTest
Test: atest CtsIdentityTestCases
Change-Id: Ief55528af8e14707b5c4d9431a851f9c8ccfae0c
The description should note that keystore-enforced tags are not to be
returned. This is done so that the keymint implementation doesn't have
to bother keeping track of tags it's not repsonsible for dealing with.
Bug: 186685601
Test: none (it's just a comment change)
Change-Id: I3ff94201c262a5071d271b150dbbf21888d678aa
This fixes up the tests to go along with the change to the signature
of the MAC key. Primarily, this adds the MAC tag from the MACing
operation over the public key set to be signed into the AAD of the
signature of said MAC key.
Bug: 189018262
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: Ibdcf242e0ae73dee1a08fe98d939130055e4492e
Merged-In: Ibdcf242e0ae73dee1a08fe98d939130055e4492e
The cppcose_rkp library was updated to generate MAC via callback instead
of passing keys around to allow for stronger MAC key protection.
Bug: 182928606
Test: VtsHalRemotelyProvisionedComponentTargetTest
Test: RemoteProvisionerUnitTests
Change-Id: Ia8a0410408fe3064e904c5282b52f172f8134b9a
Merged-In: Ia8a0410408fe3064e904c5282b52f172f8134b9a
If these HALs aren't present on the device, then the test runner will
fail due to test binary trying to dynamically link to libs that aren't
present. Statically linking them will allow the test to fail gracefully
when the test harness sees that the HAL interfaces aren't available on
device.
Fixes: 184797684
Test: atest VtsAidlKeyMintTargetTest
Change-Id: I0f8dea081a51256cfb0e50d6af20038e2b8f1f07
Merged-In: I0f8dea081a51256cfb0e50d6af20038e2b8f1f07
The error is on property kernel_configs, but it is described as being on
kernel_config.
Bug: N/A
Test: N/A
Change-Id: Ifa58ac370775d5b5d01860be446bc961f52f667f
The current matrix is left in this same CL because this way, downstream
modifications to the current CL will automatically get absorbed into the
level 7 compatibility matrix. A CL on top of this will disable the 7
matrix and then get reverted in the aosp/master..goog/master merge
path.
WARNING: this is not actually the Android S compatibility matrix in this
CL, but rather the AOSP current matrix copied into
compatibility_matrix.6.xml. The actual S compatibility matrix is not
released on AOSP yet. However, this is the parts of it which are
available on AOSP, added here in order to allow Android T development
in a way that will merge happily downstream.
Bug: 178221726
Test: boot device, vts_treble_vintf_vendor_test
Test: inspect matrix by diffing matrix with old matrix using:
m analyze_matrix &&
system/libvintf/analyze_matrix/hals_for_release.py
Change-Id: Id83986fc5089eefc2292f0042753f739f4e01a44
(cherry picked from commit 86a518cfa6)
Merged-In: Id83986fc5089eefc2292f0042753f739f4e01a44
- clarify & test BIGNUM spec
- allow alternative return codes when requesting device unique
attestation
- use specific error for early boot import failure
- test more early boot key scenarios (in post-early-boot mode)
Test: VtsAidlKeyMintTargetTest
Change-Id: I70a342084a29144aef1ed0ff80fec02cc06ffbc0
When device is configured as single SIM device, skip
VTS on 2nd vendor radio service instance.
Fix: 187998097
Test: atest VtsHalRadioV1_6TargetTest
Merged-In: Ib634b22dd75f10e5059c9482764ca481184162be
Change-Id: Ib634b22dd75f10e5059c9482764ca481184162be
(cherry picked from commit efb934b15a)
Modem has restriction that it can not process back-to-back thermal actions.
For DSDS device, after slot-1 test finished, a 1s delay is needed before start slot-2 test.
Bug: 187968151
Test: atest VtsHalRadioV1_6TargetTest -- --test-arg com.android.tradefed.testtype.GTest:native-test-flag:"--gtest_filter=*setDataThrottling*"
Change-Id: I052d0d9c7c0ccc86a7590204679295268973c6cf
Change RSA encryption (with public key) so it happens locally in the
test, rather than by invoking an ENCRYPT operation against KeyMint.
- Specify MGF1 digest for OAEP mode as (now) required by AIDL spec.
- Drop tests for too-long encryption inputs.
- Adjust test comments to reflect decryption-only nature.
- Change parameter checking tests to do so on DECRYPT rather than ENCRYPT.
Test: VtsAidlKeyMintTargetTest
Change-Id: I10c4beea28387eecfd0bc7c5dfd59a1b66fec21e
8-byte intergers are identified by the additional information having the
value 27.
Test: atest VtsHalIdentityTargetTest
Change-Id: I986162c4966275d7589d99c08c7323445e1f9e80
Strongbox doens't support p-224. Change the curve to p-256 for better
compatibility.
Also update the tags to be filtered on the hw-enforcement list.
Change-Id: I3f587c5471ca68b88a565ee9ec2e27d1e9e11b17
Change verification of ECDSA and RSA signatures so it happens locally
in the test, rather than by invoking a VERIFY operation against KeyMint.
Test: VtsAidlKeyMintTargetTest
Change-Id: I0efc30f3c96cd70ac636d34718eff53cc23f1480
