The cppcose_rkp library was updated to generate MAC via callback instead
of passing keys around to allow for stronger MAC key protection.
Bug: 182928606
Test: VtsHalRemotelyProvisionedComponentTargetTest
Test: RemoteProvisionerUnitTests
Change-Id: Ia8a0410408fe3064e904c5282b52f172f8134b9a
If these HALs aren't present on the device, then the test runner will
fail due to test binary trying to dynamically link to libs that aren't
present. Statically linking them will allow the test to fail gracefully
when the test harness sees that the HAL interfaces aren't available on
device.
Fixes: 184797684
Test: atest VtsAidlKeyMintTargetTest
Change-Id: I0f8dea081a51256cfb0e50d6af20038e2b8f1f07
Merged-In: I0f8dea081a51256cfb0e50d6af20038e2b8f1f07
If these HALs aren't present on the device, then the test runner will
fail due to test binary trying to dynamically link to libs that aren't
present. Statically linking them will allow the test to fail gracefully
when the test harness sees that the HAL interfaces aren't available on
device.
Fixes: 184797684
Test: atest VtsAidlKeyMintTargetTest
Change-Id: I0f8dea081a51256cfb0e50d6af20038e2b8f1f07
- clarify & test BIGNUM spec
- allow alternative return codes when requesting device unique
attestation
- use specific error for early boot import failure
- test more early boot key scenarios (in post-early-boot mode)
Bug: 188672564
Test: VtsAidlKeyMintTargetTest
Merged-In: I70a342084a29144aef1ed0ff80fec02cc06ffbc0
Change-Id: I70a342084a29144aef1ed0ff80fec02cc06ffbc0
- clarify & test BIGNUM spec
- allow alternative return codes when requesting device unique
attestation
- use specific error for early boot import failure
- test more early boot key scenarios (in post-early-boot mode)
Test: VtsAidlKeyMintTargetTest
Change-Id: I70a342084a29144aef1ed0ff80fec02cc06ffbc0
Strongbox doens't support p-224. Change the curve to p-256 for better
compatibility.
Also update the tags to be filtered on the hw-enforcement list.
Bug: 186735514
Test: VtsAidlKeyMintTargetTest
Change-Id: I3f587c5471ca68b88a565ee9ec2e27d1e9e11b17
Merged-In: Ia8eb4c8e28810de5f37295abd8baed6f01b19a3c
Change RSA encryption (with public key) so it happens locally in the
test, rather than by invoking an ENCRYPT operation against KeyMint.
- Specify MGF1 digest for OAEP mode as (now) required by AIDL spec.
- Drop tests for too-long encryption inputs.
- Adjust test comments to reflect decryption-only nature.
- Change parameter checking tests to do so on DECRYPT rather than ENCRYPT.
Bug: 188385353
Test: VtsAidlKeyMintTargetTest
Merged-In: I10c4beea28387eecfd0bc7c5dfd59a1b66fec21e
Change-Id: I10c4beea28387eecfd0bc7c5dfd59a1b66fec21e
Change verification of ECDSA and RSA signatures so it happens locally
in the test, rather than by invoking a VERIFY operation against KeyMint.
Bug: 188385353
Test: VtsAidlKeyMintTargetTest
Merged-In: I0efc30f3c96cd70ac636d34718eff53cc23f1480
Change-Id: I0efc30f3c96cd70ac636d34718eff53cc23f1480
Change RSA encryption (with public key) so it happens locally in the
test, rather than by invoking an ENCRYPT operation against KeyMint.
- Specify MGF1 digest for OAEP mode as (now) required by AIDL spec.
- Drop tests for too-long encryption inputs.
- Adjust test comments to reflect decryption-only nature.
- Change parameter checking tests to do so on DECRYPT rather than ENCRYPT.
Test: VtsAidlKeyMintTargetTest
Change-Id: I10c4beea28387eecfd0bc7c5dfd59a1b66fec21e
Strongbox doens't support p-224. Change the curve to p-256 for better
compatibility.
Also update the tags to be filtered on the hw-enforcement list.
Change-Id: I3f587c5471ca68b88a565ee9ec2e27d1e9e11b17
Change verification of ECDSA and RSA signatures so it happens locally
in the test, rather than by invoking a VERIFY operation against KeyMint.
Test: VtsAidlKeyMintTargetTest
Change-Id: I0efc30f3c96cd70ac636d34718eff53cc23f1480
Commit 40eb8f53ea ("KeyMint AIDL tweaks") removed references to
getKeyCharacteristics() in docs, as it was a KeyMaster entrypoint
that wasn't present on the KeyMint HAL.
Commit dadb18dd29 ("Add getKeyCharacteristics method to KeyMint")
added the getKeyCharacteristics() entrypoint to KeyMint, as it
turned out it was needed after all.
This commit restores references to getKeyCharacteristics() in the
Tag.aidl documentation.
Test: VtsAidlKeyMintTargetTest
Change-Id: I860479554b85f4adfeddd4eee70a09cf5265c938
If GenerateKey() with user-provide key_blob, it needs to be specified in
the following begin() operations as well. Update the test case just to
take key_blob from private member instead of creating a local one.
Note:
- Remove redudent TAG_NO_AUTH_REQUIRED in DeviceUniqueAttestationTest
Change-Id: I81860294e1e7e01a57e66e08e75507a8292ec0c3
Tests for:
- non-prime RSA exponent (fails with CF KeyMint)
- RSA exponent value of 3
- key size > 512 for `STRONGBOX`
- unknown tag inclusion
- CBC input size not block size multiple
- challenge omitted for attestation (fails with CF KeyMint)
- import RSA key with implicit params
- vestigial upgradeKey test
- importWrappedKey errors
- importWrappedKey sids ignored
- duplicate/missing params on begin()
- more tests for incompatible params on begin()
- HMAC size not multiple of 8 (fails with CF KeyMint)
- wrong size caller IV for 3DES rejected
- too large MIN_MAC_LENGTH for HMAC
- invalid AES-GCM minimum MAC length values
- check failed updateAad() cancels operation
- check that auto-generated nonces are distinct
- (DISABLED_) invoke destroyAttestationIds()
- omitting optional RSA keygen tags
Also add commenting to illustrate the ASN.1 structure of hex data.
Test: VtsKeyMintAidlTargetTest
Change-Id: I4663c42671cbb094ffe8d603e0352ffa9f1dbf2e
Add tests for:
- Too much entropy should be rejected with INVALID_INPUT_LENGTH
- All authorization lists should include a vendor and boot patchlevel.
These requirements are in both the KeyMint and the KeyMaster 4.0 AIDL
specificications, but have never been policed before.
Currently disabled with a command-line flag because CF does not have
the patchlevels and so fails lots of tests.
Test: VtsKeyMintAidlTargetTest
Change-Id: Ic9622ef3f1b80e013a34059218e3e029f392eb72
- Describe 3DES requirements
- Remove references to non-existent getKeyCharacteristics() entrypoint
- Remove references to non-existent attestKey() entrypoint
- Remove mention of asymmetric verification operations
- Remove text describing incomplete update()
- Remove text discussing padding for ECDSA
- EC keys can't encrypt/decrypt
- Force use of curve not key size for EC keys
- Drop TODO re: CBOR encoding of wrapped key
- Indicate caller-provided nonces must have correct size
- Add more reference to IKeyMintOperation
- Align parameter names with signatures
- Correct MIN_MAC_LENGTH error code
- Make CREATION_DATETIME consistently optional
- Describe use of MGF1 digest option
- Fix typos
Test: VtsKeyMintAidlTargetTest (CF)
Change-Id: Ie01b99d33be7336e872bf24a7761a3ac5b1d584c
Somehow the attestation format docs got dropped from KeyMint in the
transition from Keymaster. This replaces them, and also clarifies
that KeyMint StrongBox should not support device attestation.
Test: VtsAidlKeyMintTargetTest
Change-Id: I2334e99b4797c7a0e2e59727ffa730cf7504df31
- Added tests for signing attest key with factory chain.
- Added test for signing encryption keys.
- Added tests for chaining many RSA attest keys on the same chain.
- Added tests for chaining many Ec attest keys on the same chain.
- Added tests for alternate chaining of rsa-ec-rsa-ec-rsa attesti
keys on the same chain.
Test: atest VtsAidlKeyMintTargetTest
Change-Id: I9c67e2b928d6bba6cc4074a4b65f639f33c9ec26
- Check for app id only if challenge is provided.
- Verify self sign certificate works for RSA and Ecdsa.
- Verified attestation is generated for encryption keys too.
- Verify no attestation is generated for symetric keys.
- Verify app id is always required when attestation challenge is
provided to the new key generation.
- Verify app id is ignored when challenge is missing.
- Verify app id length is properly encoded.
- Added vts tests for various attestation success and fail cases.
Test: atest VtsAidlKeyMintTargetTest
Change-Id: If29249b0913fd9c2f91d20188ca5cfbaa04bead8
This change removes the interface layer between the client and the
underlying HAL. This is one part of a two part change to properly finish
migrating all of the RemotelyProvisionedComponent functionality to
system/keymaster.
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: Ibccc6b3af86a63b8a6c6207fffd43cfc41b903b5
This is the change that removes the functionality that has been shifted
over to appropriate classes and contexts in system/keymaster.
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I491f4ef823868322ea6a804d88ca09662c099a44
This adds a way to derive information about the hardware for clients
that call the HAL. The primary functional usecase here is to
differentiate which EC curve the underlying hardware for a given
instance of IRemotelyProvisionedComponent is supported.
Originally, curve 25519 would have been used in all implementations for
verifying the EEK certificate chain and doing ECDH, but secure elements
do not offer 25519 support yet. In order to support remote provisioning
on SEs, we have to relax the standard here a bit to allow for P256.
Test: Everything builds
Change-Id: I9245c6f4e27bd118fe093bffc0152549ed7f0825
Move helper utilities across into KeyMintAidlTestBase to allow re-use.
Test: VtsHalRemotelyProvisionedComponentTargetTest, VtsAidlKeyMintTargetTest
Change-Id: Ib9e55a7d72fd197016ae1a1f073dadedafa09c25
TAG_BOOT_PATCHLEVEL and TAG_VENDOR_PATCHLEVEL should be interger type.
Fixed: 184796337
Test: VtsAidlKeyMintTargetTest not abort
Change-Id: Iccd6ac93910d44c0a02b798210909c404a98d8ab
This change adds the host supported flag to the libcppcose and removes
some unnecessary dependencies from the blueprint file.
Test: libcppcose builds
Change-Id: I45bca44267a50d0d401fc1964f96363e558317ff
Also adds a test to verify that implementations return the expected
error code.
Test: VtsAidlKeyMintTargetTest
Change-Id: Ic8e9953a2572eb0cc8fefc363934eaf9b432b5a4
Every KeyMint device should have a corresponding
IRemotelyProvisionedComponent instance, but the converse is not true.
So given an IRPC instance under test, look for a corresponding KeyMint
device by comparing suffixes, but just skip the test if not found.
Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I390aa7025eb77f75a3280e8d85dc453b784c23ee
- Make the default implementation include the DeviceInfo as a map, not
a bstr-holding-a-map, to match the spec.
- Check the signature of the signed MAC even in test mode.
- Include the DeviceInfo in the data that the signature covers.
Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I9084343c1273c16a9cbd5a1156e7057a1c54a860
* changes:
Test that provisioned keys can be used with KeyMint
Add tests with corrupted MAC on keypair
Add more EEK variant tests and related fixes
Commonize MacedPublicKey and ProtectedData checks
Tweak IRemotelyProvisionedComponent AIDL docs
- Test with deliberately-invalid EEK in request:
- corrupt signature
- missing initial self-signed cert
- Test with different sizes of EEK chain.
These tests will only really take effect when we have a valid GEEK to
test with.
Other changes:
- Fix encoding of KeyUsage bitset.
- Add a made-up allowed-root pubkey for prod mode. This needs to be
replaced with the real GEEK when available.
- Fix generateEek() so that the first private key isn't used for
all signing operations.
Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I833894d33cd1757b7a0cfcf18f79b61e4e56a556
- Use P-256 in MacedPublicKey: The main place that MacedPublicKey is
used requires a P-256 key, so use that as the example in the comment.
- Fix leaf key type comment
- Fix AES key size comment
- Typo fix
Test: none, just comment change
Change-Id: I47a810f2a965facad6ddcd251341f233884e5f7c
This change includes permission files for the new permission
FEATURE_HARDWARE_KEYSTORE for the default KeyMaster and KeyMint
implementations.
Test: Manually inspected that permission files are installed.
Test: atest android.keystore.cts.KeyAttestationTest#testAttestationKmVersionMatchesFeatureVersion
Bug: 160616951
Change-Id: Ia35e1ba6c894624999eed62e8434a20ebc833b97
Any device that provides an implementation for
IRemotelyProvisionedComponent will need the RemoteProvisioner system app
to actually drive the business logic and handle communicating out to
external servers. If this HAL is not present, then the app should not be
present on device either.
Test: app appears on CF, does not appear on e.g. blueline, coral
Change-Id: I84c3e450486ecff841b848b5e5e7a15f26895725
This alters the AIDL interface and underlying functionality to have the
component return the DeviceInfo CBOR blob that is used as AAD in
verification of a signature over a MAC key. Trying to reconstruct this
from userspace is very likely to lead to pain and subtle errors in the
future as adoption of this HAL increases, and multiple instances of this
HAL may exist on device simultaneously.
Test: atest VtsRemotelyProvisionedComponentTests
Change-Id: I44bd588586652630ed31a87cfda7e9c01cbf0a2f
With great powers comes great responsibility. Or reverts.
Test: jbires can give owners vote on CLs in gerrit
Change-Id: I2efa65047b15be4a5138e6b343a534b3da245909
Add a function convertStorageKeyToEphemeral to IKeymintDevice that vold
can use to get a per-boot ephemeral key from a wrapped storage key.
Bug: 181806377
Bug: 181910578
Change-Id: I1b008423e3e24797132c8eb79ab3899e2b1c68e8
Enable generation of java sources for AIDL interfaces. This allows
enabling the @SensitiveData annotation without causing circular build
dependencies.
Also mark doc comments as @hide to prevent the interface from being
included in the SDK.
Bug: 174857732
Test: N/A
Merged-In: If00e4dfc24bf776f87c7e2b2e3f42350aa4d4379
Change-Id: If00e4dfc24bf776f87c7e2b2e3f42350aa4d4379
The output format of headers generated by
"m android.hardware.security.keymint-update-api" has changed. This patch
updates the format of those generated files in the tree.
Change-Id: If00a194f136c67197c96081b3c211d615fad5f07
As per RFC 8152 section 3, the unprotected parameters in the headers
of COSE objects are just encoded as a map, not as a bstr that contains
the CBOR-encoding of a map.
Test: TreeHugger presubmit
Change-Id: Id4eeb023d3a81ad1398d78d410c8224bf941f9b1
A key with the MAX_BOOT_LEVEL tag cannot be used past a particular
stage of device boot.
Test: Treehugger
Bug: 176450483
Change-Id: I113e3101734736a8621a01ed85969a4ecbe12a68
Added SPDX-license-identifier-Apache-2.0 to:
neuralnetworks/utils/adapter/Android.bp
security/keymint/aidl/vts/performance/Android.bp
Bug: 68860345
Bug: 151177513
Bug: 151953481
Test: m all
Exempt-From-Owner-Approval: janitorial work
Change-Id: I139497d894d893a405d9b16df5e23b69dc82674f
This CL re-enables the IRemotelyProvisionedComponent VTS tests after
updating the IRemotelyProvisionedComponent HAL to generate keys with
PURPOSE_ATTEST_KEY instead of PURPOSE_ATTEST_SIGN to match the new
PURPOSE_* functionality in KeyMint.
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I70c7918b460898d31e343c060ac07986271148a9
This allows applications to generate their own attestation keys and
then use them to attest other application-generated keys.
Bug: 171845652
Test: VtsAidlKeyMintTargetTest
Change-Id: I32add16dcc2d1b29665a88024610f7bef7e50200
Verify that when keymint implementation supports rollback resistance,
it must also enforce the single use key in hardware by secure hardware.
Test: atest -c VtsAidlKeyMintTargetTest
Change-Id: Ib984003247906ded7266da620e2d82e826d916bc
1. Fix test case for usage count limit tag = 1 case, when
hardware cannot enforce it, the tag should by enforced by keystore.
2. Add test case for usage count limit tag > 1.
3. Add test case to verify the usage count limit tag appears
correctly in the attestation certificate for asymmetic key.
Test: atest -c VtsAidlKeyMintTargetTest
Change-Id: I01df278b42a91a78c8888c13c4f81b7ec70cfa22
We need a way to distinguish between tags that are enforced by KeyMint
with security level "SOFTWARE" and tags that are not enforced by
KeyMint but are expected to be enforced by KEYSTORE.
Test: VtsAidlKeyMintTargetTest
Change-Id: I9f414bec43959577a50d49146029c9edb031be56
authorizationValue checked the uion value tag twice instead of checking
the actual tag value.
Test: N/A
Change-Id: I348b5ac06801a04ca7243088d758374148910d39
This adds rust derive stanzas to TimeStamp, TimeStampToken, and
HardwareAuthToken.
Also removes an unused import from IKeyMintDevice.
Test: Compiles.
Change-Id: If41248f5cda8015ecb07bec5d1bc75317b803492
And add vts test to verify the tag appears in the key characteristics.
also if the tag is enforced in the hardware, afer the usage of the key
is exhausted, the key blob should be invalidated from the secure storage
(such as RPMB partition).
Bug: b/174140443
Test: atest VtsHalKeyMintV1_0TargetTest
Change-Id: Ic65b855c5a8692ab8d1281dd46562ad0844ab1b0
This is by no means complete, but it validates basic functionality.
More is coming.
Test: VtsAidlKeyMintTargetTest
Change-Id: I0727a9f5b137b58b9a2f0aaf9935bfdc6525df8f
This patch removes verifyAuthorization from the KeyMint spec in favor of
secureclock and the TimeStampToken. Timestamp has moved to secureclock
and the VerificationToken was removed from keymint. This reverses the
dependency between keymint and secureclock because keymint no imports
TimeStampToken and Timestamp from secureclock.
Test: Tested with CtsVerifier Fingerprint bound keys test.
Change-Id: I4e0bde0d77e74918e2b5483c30be8057417e3bf1
* changes:
The aidl definition for Shared Secret functionality.
Add Shared Secret to the compatibility matrix.
The aidl definition for Secure Clock keymint service.
Add Secure Clock to the compatibility matrix.
Support key characteristics with three security levels, do not store
unenforced authorizations with keys or bind them to keys.
Bug: 163606833
Test: atest VtsAidlKeyMintTargetTest
Change-Id: Idbc523f16d8ef66ec38e0d503ad579a93c49e7b4
Renaming the test without updating the test configuration broke it.
This fixes it.
Test: atest VtsAidlKeyMintTargetTest
Change-Id: I3f4c07a04f2b0ce604f0bbac43ffdbdbb5b34d53
* replace NullOr with std::optional.
* Add mising tag.
* Undefine helper macros so that keymint_tags.h can be used together
with keymaster_tags.h
* Check if KeyParameterValue variant matches KeyParameterTag in
accessors.
Test: VtsAidlKeyMintTargetTest
Change-Id: I6c951071f30fd27c8c21a2e8cc86f421a3bc37d9
AIDL now supports union types. This CL changes KeyParameter to use
one.
Test: VtsAidlKeyMintTargetTest
Change-Id: I5112611b161e3de1ea86105ea3c7ed0912036a7b
This is no longer needed in KeyMint. Keystore2 implements similar
functionality in Rust.
Test: Build
Change-Id: Ia43716449756935619fb22ef5aba113e420c2687
Because AIDL doesn't allow tag values to be constructed the way we
did in HIDL (and before), each tag definition carries a comment
specifying what the "magic" tag type value used in its construction
means. This CL moves those comments so they're adjacent to the value
they're documenting.
Test: Build
Change-Id: I30b037f9ddf6bf2b07326a53959d490e045c891a
Mostly just removal of old-style #include guards in favor of #pragm
once, reorganization of header includes, correction of copyright
years, etc.
Test: VtsAidlKeyMintTargetTest
Change-Id: I070584ecec550a2f133b1c19f36f99e7b5544e7c