Revert "Bump keystore2 AIDL API version 1->2"
Revert "Advertise support of KeyMint V2"
Revert submission 1900930-version-bump
Reason for revert: Broken build on sc-qpr1-dev-plus-aosp, b/210450339
Reverted Changes:
I42a9b854f:keystore2: cope with new curve25519 enum
I167d568d6:Bump keystore2 AIDL API version 1->2
I3a16d072e:Advertise support of KeyMint V2
Ibf2325329:KeyMint HAL: add curve 25519, bump version
Change-Id: I78d4b07c41aa6bfeb367b56a58deeac6adb6ec46
Marked as required for TRUSTED_ENVIRONMENT impls but not STRONGBOX.
Bump keymint HAL version 1->2 in defaults and in current compatibility
matrix.
Bug: 194358913
Test: build
Change-Id: Ibf2325329f0656a2d1fc416c2f9a74d505d0bf20
A VTS test case to verify HMAC signature verification fails if data or
signature is currupted.
Bug: 209452930
Test: run vts -m VtsAidlKeyMintTargetTest
Change-Id: I2177fd99cfab4ef4a347d50461db0d2e3ad8c612
The KeyMint spec requires that all generated keys include the
BOOT_PATCHLEVEL for the device.
However, the VTS test sometimes gets run in an environment where this
is not possible; specifically the Trusty QEMU tests don't have the
bootloader -> KeyMint communication that is needed to populate this
information.
Add a command line flag that disables checks for BOOT_PATCHLEVEL to
cope with these scenarios, making sure that it defaults to having the
checks enabled.
Test: VtsAidlKeyMintTargetTest
Change-Id: I215c8a18afbd68af199d49f74b977ad7cac6b805
Transfer the fix in http://aosp/1745035 from the KeyMint VTS test back
into the keymaster VTS test.
Bug: 189261752
Test: VtsHalKeymasterV4_0TargetTest
Change-Id: I5f0a69255cfe980dd6e71fa29ff06a84cb668f6d
The KeyMint HAL will soon be updated for a new version. To make this
process easier, add a cc_defaults and rust_defaults that references
the "current" version, and use this elsewhere. This should hopefully
mean that a future version bump only needs to happen in the defaults.
Test: TreeHugger
Change-Id: If7dd0c5778acb92177e16fd4fb4a04dcb837ad06
Added invalid AES key sizes to be tested for Default and TEE based
Keymint implementations.
Bug: 205679497
Test: run vts -m VtsAidlKeyMintTargetTest
Change-Id: Id9044cdc0324258c15f1daa81487c7819a780fe8
Test that specifying RESET_SINCE_ID_ROTATION results in a different
unique ID value.
Test: VtsAidlKeyMintTargetTest
Bug: 202487002
Change-Id: I2aed96514bf9e4802f0ef756f880cac79fa09554
Update the VTS tests so that attestation keys are not created with
another purpose.
Bug: 197096139
Test: VtsAidlKeyMintTargetTest
Change-Id: Ib6e4ad98cbe5c3015138854679b11fa0e683ade9
This support function is supposed to be useable by vendor in treble.
Add "vendor_available" to reflect that.
Bug: 203481954
Test: Link by vendor successfully
Change-Id: I9709ac0ab79405c336ed8a1bc44b2ef643dd5b2d
Future addition of extra curves means that key size is not enough to
identify the particular EC curve required. Use the EcCurve enum instead.
Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: Ia6b7d86a387cfc06db05e4ba6ff8f331e9c6345f
Existing comment is incorrect: the ATTESTATION_ID_* values that the test
provided are rejected because they do not match the device values, not
because the tags are specific to device-unique attestation.
Fix the test comment (and make the values more obviously wrong), and
add a separate test that includes correct values of ATTESTATION_ID_*
values.
Test: VtsAidlKeyMintTargetTest
Change-Id: I5c5f5ef6a228990c9e46f90727e0f135dfc2c528
Keymint is not supposed to support public key operations.
Update the parameter to reflect that.
Bug: 202928979
Test: VtsAidlKeyMintTargetTest
Change-Id: Id746953f5c68be6730beb3a7340e075ef28039c2
When a KeyMint VTS exercises optional functionality, where possible
use GTEST_SKIP() when that functionality is absent, so the test
summary includes information about what is present and what isn't.
This should not affect the overall test result.
Test: VtsAidlKeyMintTargetTest
Change-Id: I62d244d2e4ecc67737906009575e64b50450d4c4
