Commit graph

572 commits

Author SHA1 Message Date
Ryan Prichard
2abfe4abc7 Merge "Fix nonce uniqueness tests" into main am: 8d333ff410
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2758146

Change-Id: Ifc31204eaea700e50e8ac0601fa77911b590b65c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-09-22 20:51:37 +00:00
Ryan Prichard
b2c9d5c9a6 Fix nonce uniqueness tests
std::unique consolidates the unique nonces at the start of the `nonces`
vector, but it doesn't modify nonces.size(), so these tests weren't
actually verifying that the nonces were unique. Add a vector::erase
call to shrink the vector.

After upgrading libc++, std::unique is [[nodiscard]] and this bug is
a compiler error.

Bug: 175635923
Test: treehugger
Test: m VtsAidlSharedSecretTargetTest VtsHalKeymasterV4_0TargetTest
Change-Id: I7fd8c40a3920bf3a8988c8065503c78ba36dc742
2023-09-20 16:11:35 -07:00
Treehugger Robot
779971ccee Merge "Keymaster VTS: add TEST_MAPPING" am: fce05decfc am: 5721b05a66 am: 8ca0d0f7be
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2603747

Change-Id: I23522ea5ac602236d61ec25f8261940835c9f16b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-06-12 20:05:30 +00:00
Treehugger Robot
fce05decfc Merge "Keymaster VTS: add TEST_MAPPING" 2023-06-12 16:57:08 +00:00
Tri Vo
0d5e77816b Merge "KM 4 test fix Root-of-Trust parsing" am: 29e3465494 am: f08398126f am: e183724f74
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2603248

Change-Id: Iec5e8d95605a0adcd8d9fa574a1ce9e594ae840e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-05-25 19:48:06 +00:00
Tri Vo
82602e2274 Keymaster VTS: add TEST_MAPPING
Test: presubmit
Change-Id: Ida2f2b02b5f69aa9e0ffb8c7aede9b3ebce618c0
2023-05-24 16:58:27 -04:00
Tri Vo
4387c4d619 KM 4 test fix Root-of-Trust parsing
ROT was previously parsed into local variable, then discarded.
Fix it so that we are actually using parsed values.

Bug: 283892150
Test: VtsHalKeymasterV4_0TargetTest
Change-Id: I8af439d6262141648b01f1accaa9eb739fea85f8
2023-05-24 14:15:29 -04:00
David Benjamin
dd38b57f33 Use BoringSSL's public API in keymaster_hidl_hal_test am: 727f1ed7f3 am: ba14346ea7 am: 19ded5fc02
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2588645

Change-Id: I5e1fd06d8a959c3d91014bc8f7fe35542748e9b5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-05-15 08:10:10 +00:00
David Benjamin
727f1ed7f3 Use BoringSSL's public API in keymaster_hidl_hal_test
Reaching into the struct will fail to build in the future when we make
the struct opaque. Use the public APIs instead.

Test: mm, treehugger
Change-Id: I78cbf5e66f0c4a891049edd187c8705ad163f658
2023-05-15 00:16:39 -04:00
Treehugger Robot
a0ca3e549b Merge "KM 4 tests for Root-of-Trust" am: 62d6a35dfc am: e8c50237d2 am: 96ba494049
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2582033

Change-Id: Ib2575c4ecb6c6702f3e2db93ec11eed021d0de32
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-05-11 22:31:07 +00:00
Tri Vo
06843cb67a KM 4 tests for Root-of-Trust
Add tests for device locked state, verfied boot state and VBMeta digest.

Bug: 255344624
Test: VtsHalKeymasterV4_0TargetTest against default impl of KM 4
Change-Id: I46e62ab9031d3745f99bd214f9e579e80edc9128
2023-05-11 14:53:58 -04:00
Alex Buynytskyy
ec1198d941 UpsideDownCake is now 34
Ignore-AOSP-First: UpsideDownCake Finalization
Bug: 275409981
Test: build
Change-Id: I832ab7a8b5445ba85e27bbcf5be64906bfa0e5be
2023-04-07 23:41:20 +00:00
Yi Kong
1a39569491 Fix return-stack-address warning
Apply the same fix as https://r.android.com/2462896 to
keymaster/4.0/vts/performance/Benchmark.cpp

Test: presubmit
Bug: 271241374
Change-Id: Ib0d2a3a523491d0522f5b3dd031cdde46f88a165
2023-03-01 11:10:02 +00:00
Yinchu Chen
8bbaaa103e Add an exception for QTI SM8550
SM8550 doesn't support Keymint2.0, per the discussion in b/
add an exception in the test case when SM8550 is detected.

Bug: b/245649355
Test: VtsHalKeymasterV4_0TargetTest

Change-Id: I788a80c0f9b011f73aac9a8c4774e70e203ac3d6
2022-12-23 07:14:49 +00:00
Ilya Matyukhin
e00ec5d9fc Add @hide to the keymaster interfaces
This change allows the framework to depend on biometric AIDL types, for
example: `android.hardware.keymaster.HardwareAuthToken`.

The dependency can be introduced with a `-java-source` target, for
example: `:android.hardware.keymaster-V4-java-source`.

The "@hide" annotation informs Metalava that these types are not a
public API (not part of the SDK).

Bug: 218388821
Test: m android.hardware.keymaster-update-api
Change-Id: I0da555645f1548ad7124732236054f6e408c43e5
2022-11-01 20:38:02 +00:00
David Drysdale
02abced109 Coalesce OWNERS and add component
Test: TreeHugger
Bug: 237676243
Change-Id: I04f79cfcf3a4a4dd132e17e93b53c2807818d60d
2022-10-13 09:25:48 +01:00
Jooyung Han
c3f8861bb8 Merge "Remove AIDL-libs from VNDK" 2022-06-20 01:15:09 +00:00
Shawn Willden
35db349596 Read VSR level from correct property.
Bug: 235424890
Test: VtsHalKeymasterV4_0TargetTest & VtsAidlKeyMintTargetTest
Change-Id: I39109c097d129124097a303c3f108d015cb367e3
2022-06-17 10:49:29 +09:00
Jooyung Han
d81d6a12be Remove AIDL-libs from VNDK
Some are still in VNDK because they are used in other VNDK libs.

Bug: 234181591
Test: m
Merged-In: If999df9c78a20df931177da11742b1c5de19bc08
Change-Id: If999df9c78a20df931177da11742b1c5de19bc08
2022-06-14 16:42:42 +09:00
Shawn Willden
22fb9c16fc Implement KeyMint2 test for VSR13
Test: VtsAidlKeyMintTargetTest & VtsHalKeymasterV4_0TargetTest
Change-Id: Ie10b705bb06990a2a2c6223fcce28f5fde6bf3f3
2022-06-06 09:10:17 -06:00
Tommy Chiu
ee70569078 Add EncryptionOperationsTest.AesCbcZeroInputSuccess
Check if the zero input data with AES-CBC-[NONE|PKCS7] padding mode
generates correct output data and length.

Bug: 200553873
Test: VtsHalKeymasterV4_0TargetTest, VtsAidlKeyMintTargetTest
Merged-In: I729c2bad65e9d8b194422032346e5ee3c4b0dce5
Change-Id: I729c2bad65e9d8b194422032346e5ee3c4b0dce5
2022-05-31 13:37:55 +01:00
David Drysdale
b809329dc7 Fix AES corrupt padding test
The AesEcbPkcs7PaddingCorrupted test has been incorrect since it was
originally introduced -- it was feeding the original message as input to
the decryption operation, rather than the corrupted ciphertext.  As a
result, the expected error code was also wrong -- INVALID_INPUT_LENGTH
is appropriate for a too-short cipher text (length 1 in this case),
whereas a corrupt-but-correct-length cipher text should give
INVALID_ARGUMENT.

Fix the test, and add a separate test to cover what was inadvertently
being tested before. Add a sentence to the HAL spec to describe what
expected and tested by CTS/VTS.

Bug: 194126736
Test: VtsAidlKeyMintTargetTest, VtsHalKeymasterV4_0TargetTest
Change-Id: Iaa5e42768814197f373797831093cf344d342b77
2022-04-11 08:35:11 +01:00
Pirama Arumuga Nainar
da5fa76f9f Build with upstream lld: Fix incorrect static dependencies
Bug: http://b/197965342

Remove unnecessary `static_libs` dependencies or move them to
`shared_libs` to build with upstream LLD.  See b/197965342#comment1
(internal) for rationale.  Some info is available externally at
https://github.com/llvm/llvm-project/issues/42899.

Per go/android-lld-static-lib-fix, OWNERS are added for visibility.  No
action is needed if the change looks good.  This change will be merged
after two business days with Global Approvers.

Test: Build modules with aosp/2036867 in addition to presubmit
Change-Id: I6b607969ab89605d392344d307f5deeb883d4191
2022-04-06 23:05:20 +00:00
David Drysdale
d3e783be43 Merge "Add OWNER for keymaster VTS" 2022-03-14 16:04:31 +00:00
David Drysdale
f06d5d3978 Add OWNER for keymaster VTS
Test: TreeHugger
Change-Id: I2ff243a2cadbfcc9bedf634f9a9327b2fa8ccd63
2022-03-14 14:28:27 +00:00
David Drysdale
1a637199e4 Key{Mint,Master} VTS: fix incremental AES tags
Change Id62fdce65131ee00c88e5849955a937f1c171748 split up the AES
incremental encryption tests into individual tests for each encryption
mode.  This meant that each generated key is only valid for a single
mode, which in turn means that for non-GCM mode keys it is not valid
to specify MIN_MAC_LENGTH.

Bug: 223934835
Test: VtsAidlKeyMintTargetTest
Change-Id: I38f34f60116bde3d23f203365d62e5b25d7b254b
2022-03-14 09:23:29 +00:00
anil.hiranniah
19a4ca17ea Split AESincremental VTS test into 4 Tests(For blockmodes-ECB,CBC,GCM,CTR)
Change mentioned above is done in VTS for Keymaster4.0
and Keymint

Test: VTS tests with tradefed
Change-Id: Id62fdce65131ee00c88e5849955a937f1c171748
2022-03-03 18:02:04 +05:30
Chih-Hung Hsieh
ad1bf31b78 Add timed out test files to tidy_timeout_srcs
* Timed out runs do not show any warning messages.
* These test files cannot finish clang-tidy runs with
  the following settings:
    TIDY_TIMEOUT=90
    WITH_TIDY=1
    CLANG_ANALYZER_CHECKS=1
* When TIDY_TIMEOUT is set, in Android continuous builds,
  tidy_timeout_srcs files will not be compiled by clang-tidy.
  When developers build locally without TIDY_TIMEOUT,
  tidy_timeout_srcs files will be compiled.
* Some of these test modules may be split into smaller ones,
  or disable some time consuming checks, and then
  enable clang-tidy to run within limited time.

Bug: 201099167
Test: make droid tidy-hardware-interfaces_subset
Change-Id: I1de28f1572fff368f67eab512fffec9f2e5c2a9b
2022-02-18 17:25:41 -08:00
David Drysdale
4daee77052 Merge "Turn off CFI for other Keymaster VTS versions" 2022-01-21 07:58:28 +00:00
David Drysdale
f3e239fc36 Turn off CFI for other Keymaster VTS versions
Repeat the change for the 4.0 KeyMaster VTS tests in 3.0 and 4.1.

See previous change: I12b145dad5535846d68c97954d31a93123bb95e7

Bug: 206498742
Test: VtsHalKeymasterV4_1TargetTest, VtsHalKeymasterV3_0TargetTest
Change-Id: I3b4f9bc13e155ff451d03318d114a01abbbf138e
2022-01-19 19:23:12 +00:00
David Drysdale
c6b8907a32 Alter spec text for RSA-PSS to match reality
The Key{Mint,Master} spec previously said that RSA-PSS mode should use
SHA-1 for the MGF1 digest, separately from whatever Tag::DIGEST gets
specified as the main digest.

However, both the reference implementation and the VTS/CTS tests
use BoringSSL's defaults, which is to re-use the main digest as the MGF1
digest if none is separately specified.

Given that this behaviour is embedded in many implementations over
several years (and given that there isn't a security implication),
change the spec to match this behaviour.  Also update the VTS test
code to make this clear/obvious.

Test: VtsAidlKeyMintTargetTest, VtsHalKeymasterV4_0TargetTest
Bug: 210424594
Merged-In: I4303f28d094ef4d4b9dc931d6728b1fa040de20d
Change-Id: I4303f28d094ef4d4b9dc931d6728b1fa040de20d
2022-01-13 09:13:08 +00:00
David Drysdale
ab78c4b682 Merge "Turn off CFI for the Keymaster VTS" am: 1ff635ab2d
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1906291

Change-Id: Idf81c498e1b5ef26b8d5ade160217556a81340a3
2021-12-07 06:39:35 +00:00
David Drysdale
1ff635ab2d Merge "Turn off CFI for the Keymaster VTS" 2021-12-07 06:22:35 +00:00
David Drysdale
2bd0d43b24 Turn off CFI for the Keymaster VTS
On a bramble device, observed a crash in the VTS binary itself when
executing BoringSSL signature verification code locally (i.e. with no
KeyMaster interaction involved).

The crash call stack involves CFI checks, and seems to occur at the
point when some BoringSSL digest calculation code invokes a function
pointer.

 - SHA1_Update passes &sha1_block_data_order to (inlined)...
 - crypto_md32_update() which invokes the function pointer
   via its block_func parameter.

Moving the BoringSSL dependency from static_libs: libcrypto_static to
shared_libs: libcrypto makes the crash go away, but a smaller change
that also fixes the problem is to disable CFI checks for the test
binary.

This approach was inspired by:
ab65cd0e89%5E%21/#F0

The same problem looks to be relevant for the bugs listed below.

Bug: 206496340
Bug: 206498742
Test: VtsHalKeymasterV4_0TargetTest --gtest_filter="*VerificationOperationsTest.RsaAllPaddingsAndDigests*"
Change-Id: I12b145dad5535846d68c97954d31a93123bb95e7
2021-11-30 15:27:32 +00:00
David Drysdale
61cf943208 Merge "Fix flaky corrupted padding tests" am: a33f46bc2a
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1903312

Change-Id: I5e5b1e62c017e2e1db8ce099e1cabda6501ce44c
2021-11-30 07:00:16 +00:00
David Drysdale
4c1f6ac496 Fix flaky corrupted padding tests
Transfer the fix in http://aosp/1745035 from the KeyMint VTS test back
into the keymaster VTS test.

Bug: 189261752
Test: VtsHalKeymasterV4_0TargetTest
Change-Id: I5f0a69255cfe980dd6e71fa29ff06a84cb668f6d
2021-11-29 16:17:11 +00:00
Xin Li
8f6d361f15 Merge sc-qpr1-dev-plus-aosp-without-vendor@7810918
Bug: 205056467
Merged-In: I96a417467346a57b13c2efae12a183d78506afc3
Change-Id: I570a3b599281f519af7a440562c83f8484684fd5
2021-11-10 08:05:55 +00:00
Jim Blackler
0531c94771 Merge "Revert "Delete KM1"" 2021-10-11 14:04:30 +00:00
Jim Blackler
a08ea2d23f Revert "Delete KM1"
Revert "Delete KM1"

Revert "Delete KM1"

Revert "Delete KM1"

Revert submission 1844016-delkm1

Reason for revert: b/202675261
Reverted Changes:
Iba996962b:Delete KM1
Ia4c5359cd:Delete KM1
Iee6ec9816:Delete KM1
I6058e4d86:Delete KM1
I8abb9c570:Delete KM1
I9c4dc5c9e:Delete KM1

Change-Id: I2a2d4b737a90f8ce31cd14b68f64564d8d245ab3
2021-10-11 13:38:59 +00:00
Shawn Willden
bb661ea978 Merge "Delete KM1" am: 13274fa22d am: 9c379e224f
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1849793

Change-Id: I6d7acf78da1a57e078ffd21378d2021740633960
2021-10-09 01:19:59 +00:00
Shawn Willden
13274fa22d Merge "Delete KM1" 2021-10-09 00:46:52 +00:00
Shawn Willden
50f70d73da Delete KM1
Test: Build
Change-Id: Iee6ec98163dff3a969debd9f4343c7b06ebe8d4f
2021-10-07 09:43:32 -06:00
Yiming Pan
02aa333117 Merge "Backfill owner information for VTS module VtsHalKeymasterV4_0TargetTest." am: ea60a110ab am: e988b0f6c7
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1813761

Change-Id: Ie1be063bc1c976404fdb285c5653bb3c14c851e2
2021-09-28 16:02:04 +00:00
Yiming Pan
d6bc599f1d Merge "Backfill owner information for VTS module VtsHalKeymasterV3_0TargetTest." am: 1a1b23ecf4 am: 5f27f901cd
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1813760

Change-Id: I5679e4c8702c53952ac6c8f7106273c94d324dfd
2021-09-28 16:01:58 +00:00
Yiming Pan
709ace51dd Merge "Backfill owner information for VTS module VtsHalKeymasterV4_1TargetTest." am: 9b6eea2479 am: 4d0ca281d7
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1814138

Change-Id: I4dd19edd2db979533021a2754b4463b480e2c7b4
2021-09-28 16:01:47 +00:00
Yiming Pan
e988b0f6c7 Merge "Backfill owner information for VTS module VtsHalKeymasterV4_0TargetTest." am: ea60a110ab
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1813761

Change-Id: I65bd9c3bde86a4d297419bda45c2ea5ab1ad08d7
2021-09-28 15:50:15 +00:00
Yiming Pan
5f27f901cd Merge "Backfill owner information for VTS module VtsHalKeymasterV3_0TargetTest." am: 1a1b23ecf4
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1813760

Change-Id: I749ee3fb64eb5997a11492856d24f44f06da4261
2021-09-28 15:50:09 +00:00
Yiming Pan
4d0ca281d7 Merge "Backfill owner information for VTS module VtsHalKeymasterV4_1TargetTest." am: 9b6eea2479
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1814138

Change-Id: If028a781f9476e35551844687e8ce3fa64fc6537
2021-09-28 15:49:58 +00:00
Yiming Pan
ea60a110ab Merge "Backfill owner information for VTS module VtsHalKeymasterV4_0TargetTest." 2021-09-28 01:24:22 +00:00
Yiming Pan
1a1b23ecf4 Merge "Backfill owner information for VTS module VtsHalKeymasterV3_0TargetTest." 2021-09-28 01:24:09 +00:00