Commit graph

177 commits

Author SHA1 Message Date
Dan Shi
3bacd7f634 Convert VtsHalKeymasterV*_0TargetTest to be parameterized test
Bug: 142397658
Test: atest VtsHalKeymasterV3_0TargetTest \
  VtsHalKeymasterV4_0TargetTest

Change-Id: I0fbda4d9ab810a4ef616f8741919c522d5d58cc0
2019-12-11 09:46:54 -08:00
Colin Cross
263d2df2c7 Use libcrypto_static instead of libcrypto
Replace libcrypto with libcrypto_static, which can be protected through
visibility to ensure only modules that don't affect FIPS certification
can use it.

Bug: 141248879
Test: m checkbuild
Change-Id: I8685cb06d15f3425eeb96d998ffda54c82dcd387
2019-09-18 11:07:09 -07:00
Steven Moreland
b3a4d3832e Remove libhwbinder/libhidltransport deps
Since these were combined into libhidlbase.

Bug: 135686713
Test: build only (libhwbinder/libhidltransport are empty)
Change-Id: I075670b64eebbbbd6a6ae0e84ad51bf1c6f5ba36
2019-09-06 01:07:02 +00:00
Felix
551b8d15ce Add interface info to .rc files
Signed-off-by: Felix <google@ix5.org>
Change-Id: I6d70bbdb66c3dce280bf6908c3750316a6f6cf70
2019-06-25 20:00:07 +02:00
Steven Moreland
1ae4615d9f Update hidl makefiles for bpfmt
hidl-generated makefiles are now generated such that bpfmt(file) == file.

Bug: 67417008
Test: enable bpfmt hook
Change-Id: I1f69d292bc23a7cc293a66110cb02d597e1019ad
2019-04-17 09:38:50 -07:00
Steven Moreland
a878aee9ab Update makefies: no 'types'
Bug: 123976090
Test: N/A
Change-Id: I30fb04c81889b62775e1b764b965fdb0f893de17
2019-03-04 11:27:17 -08:00
Sasha Smundak
769c053d7c Explicitly include log/log.h or android/log.h instead of cutils/log.h
Eliminates the warning.
Test: treehugger

Bug: 123758136
Change-Id: Ibe50261efc18d659a10129977342bc765a9ba9d5
2019-02-01 10:52:09 -08:00
Yi Kong
45cb85f8c0 Suppress null-dereference warning
It is unclear whether author intentionally meant to cause segfault here.
While waiting for the author to explain/fix the code, suppress the
warning to unblock enabling the warning globally.

Test: m checkbuild
Bug: 121390225
Change-Id: Iad03842833cfdc243404a32f6b31d161387c3890
2018-12-21 14:52:47 -08:00
Keun Soo YIM
68ae05dd2d pack VTS cc_test binaries as general-tests
Test: make general-tests
Bug: 120093339
Merged-In: I363450d205868f900e4925ccff1430e2a569f2a4
Change-Id: I363450d205868f900e4925ccff1430e2a569f2a4
2018-12-07 10:49:56 -08:00
Elliott Hughes
d9de6aa270 C++17 compatibility: add a non-const char* overload.
C++17 adds a non-const std::basic_string::data, so non-const std::strings in the
test are `char*` and the const std::strings are `const char*`. See
https://en.cppreference.com/w/cpp/string/basic_string/data for details.

Without adding the non-const overload, the varargs overload is preferred, leading
to static_assert failures:

  In file included from hardware/interfaces/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp:33:
  In file included from hardware/interfaces/keymaster/3.0/vts/functional/authorization_set.h:20:
  hardware/interfaces/keymaster/3.0/vts/functional/keymaster_tags.h:257:5: error: static_assert failed "Authorization other then TagType::BOOL take exactly one parameter."
  static_assert(tag_type == TagType::BOOL || (sizeof...(args) == 1),
  ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  hardware/interfaces/keymaster/3.0/vts/functional/authorization_set.h:213:19: note: in instantiation of function template specialization 'android::hardware::keymaster::V3_0::Authorization<android::hardware::keymaster::V3_0::TagType::BYTES, android::hardware::keymaster::V3_0::Tag::ASSOCIATED_DATA, char *, unsigned long>' requested here
  push_back(Authorization(tag, std::forward<Value>(val)...));
  ^
  hardware/interfaces/keymaster/3.0/vts/functional/authorization_set.h:245:9: note: in instantiation of function template specialization 'android::hardware::keymaster::V3_0::AuthorizationSet::push_back<android::hardware::keymaster::V3_0::TypedTag<android::hardware::keymaster::V3_0::TagType::BYTES, android::hardware::keymaster::V3_0::Tag::ASSOCIATED_DATA>, char *, unsigned long>' requested here
  push_back(ttag, std::forward<ValueType>(value)...);
  ^
  hardware/interfaces/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp:3426:35: note: in instantiation of function template specialization 'android::hardware::keymaster::V3_0::AuthorizationSetBuilder::Authorization<android::hardware::keymaster::V3_0::TypedTag<android::hardware::keymaster::V3_0::TagType::BYTES, android::hardware::keymaster::V3_0::Tag::ASSOCIATED_DATA>, char *, unsigned long>' requested here
  AuthorizationSetBuilder().Authorization(TAG_ASSOCIATED_DATA, aad.data(), aad.size());
  ^

Bug: http://b/111067277
Test: builds
Change-Id: I3d70fb5a41db16cc9dff50364cd793e0c3510ed0
2018-11-27 16:40:33 +00:00
Janis Danisevskis
9c41221206 Removed unsafe use of hidl_vec<>.setToExternal
hidl_vec objects that do not own their associated buffer are highly
unsafe in multithreaded environments where move semantic is used to
transfer ownership between threads. With keystore transitioning to a
multi threaded execution model we can no longer use this optimization
safely.

Bug: 111443219
Test: Ran full keystore cts test suite.
Change-Id: I9a366fc7df5dfee508dc092855545963ef6d9665
2018-11-09 10:49:55 -08:00
Roberto Pereira
848607a121 keymaster 3.0: make service use nobody as user and remove system group
Only the drmrpc group is necessary

Test: VtsHalKeymasterV3_0TargetTest
Change-Id: I2be255215df827c9f17ecaffcb9d0ba402dd3405
2018-09-10 12:44:42 -07:00
Shawn Willden
1404b6e8b0 Handle software keymaster implementations.
Test: VtsHalKeymasterV3_0TargetTest
Change-Id: I0ca923fab3e312c576abc2f51f6dd28482176db7
2018-08-15 12:13:34 -06:00
Hung-ying Tyan
3c07de32fc Fix free() in keymaster VTS
am: 555cb5e13b

Change-Id: Ida0db54bf04cc81b8dfe218f4e2835e59947e6b7
2018-08-10 14:31:03 -07:00
Hung-ying Tyan
555cb5e13b Fix free() in keymaster VTS
The buffer is allocated by OPENSSL_malloc() in X509_NAME_oneline(name, nullptr, 0).
Should be reclaimed by OPENSSL_free() instead of free().

The patch is provided by vink.shen@mediatek.corp-partner.google.com

Bug: 109708231
Test: build pass
Merged-In: I66a864e3e28905eebac2e7d3a4517d4d5aaa39df
Change-Id: I66a864e3e28905eebac2e7d3a4517d4d5aaa39df
(cherry picked from commit 79db3ec849)
2018-08-10 00:48:32 +00:00
Xin Li
27353e7065 Merge pi-dev-plus-aosp-without-vendor into stage-aosp-master
Bug: 79597307
Change-Id: Ifa37597ef6090bfbf1b41307a60cf65cfa1f563d
2018-06-08 11:07:51 -07:00
Treehugger Robot
636650bd84 Merge "Fix bug in VTS attestation cert verification." 2018-06-08 13:00:19 +00:00
Steven Moreland
913c071391 Update comments for doc comments.
Doc comments look like "/** ... */" and they
can only be in certain places.

Bug: 79865343
Test: m
Change-Id: Ic15c08ff7dc6e4f9827c1dbe7f7236c11a572ec1
Merged-In: Ic15c08ff7dc6e4f9827c1dbe7f7236c11a572ec1
2018-05-21 14:36:29 -07:00
Steven Moreland
4ee4582230 Update comments for doc comments.
Doc comments look like "/** ... */" and they
can only be in certain places.

Bug: 79865343
Test: m
Change-Id: Ic15c08ff7dc6e4f9827c1dbe7f7236c11a572ec1
2018-05-18 10:10:32 -07:00
Shawn Willden
44dc86edf8 Fix bug in VTS attestation cert verification.
Keymaster VTS is failing to verify that the last certificate in the
chain is self-signed.  CTS and GTS tests verify this, but it should be
validated at this level as well.

Bug: 79123157
Test: VtsHalKeymasterV3_0TargetTest
Change-Id: I5ff33fc8186182c2cf8d43d90cd59f89ce45d416
2018-05-04 16:15:06 +00:00
Brian C. Young
9fca9719a3 Remove superfluous test
This test was added on a bad assumption about the behavior of the
keymaster spec, and is now being removed.

Test: VTS
Bug: 77307569
Change-Id: Iac2f6f45ea1816505ff3b47bbdc548ff1161c96b
2018-04-11 12:38:52 -07:00
Brian Young
3f48322658 Add "Unlocked device required" key API
Add a keymaster parameter for keys that should be inaccessible when
the device screen is locked. "Locked" here is a state where the device
can be used or accessed without any further trust factor such as a
PIN, password, fingerprint, or trusted face or voice.

This parameter is added to the Java keystore interface for key
creation and import, as well as enums specified by and for the native
keystore process.

Test: CTS tests in I8a5affd1eaed176756175158e3057e44934fffed

Bug: 67752510

Merged-In: Id19d19b19532ac8d4c52aad46a954faa4515289d
Change-Id: Id19d19b19532ac8d4c52aad46a954faa4515289d
(cherry picked from commit 1840be6d35)
2018-03-28 08:38:56 -07:00
Brian Young
f67e953919 Revert "Restore "Add "Unlocked device required" parameter to keys""
This reverts commit 97e02689d9.

Reason for revert: Regression in creating auth-bound keys

Bug: 73773914

Bug: 67752510

Change-Id: I8ccba28580099c4c533f53b0be92f1d607ce63c6
2018-02-23 01:31:40 +00:00
Brian C. Young
97e02689d9 Restore "Add "Unlocked device required" parameter to keys"
Add a keymaster parameter for keys that should be inaccessible when
the device screen is locked. "Locked" here is a state where the device
can be used or accessed without any further trust factor such as a
PIN, password, fingerprint, or trusted face or voice.

This parameter is added to the Java keystore interface for key
creation and import, as well as enums specified by and for the native
keystore process.

This reverts commit 95b60a0f41.

Test: CTS tests in I8a5affd1eaed176756175158e3057e44934fffed

Bug: 67752510

Change-Id: I2893c23ab173ff5c39085d56b555e54770900cbc
2018-02-15 11:19:40 -08:00
Zhuoyao Zhang
bc02ee16e4 Merge "Convert keymaster hal test to use VtsHalHidlTargetTestEnvBase" am: eeeaaf5589 am: 6e4263fa6b
am: 75cfb6b035

Change-Id: I5a2b49315d74cc53b6205346e39d953826a15dab
2018-02-12 17:51:39 +00:00
Zhuoyao Zhang
14ab40b9e7 Convert keymaster hal test to use VtsHalHidlTargetTestEnvBase
Bug: 64203181
Test: make vts
      vts-tradefed run vts -m VtsHalKeymasterV3_0Target

Change-Id: I6f245996749a53418b71f516ba782fe9d4321501
2018-02-10 12:40:25 -08:00
Shawn Willden
647357f6cb Remove libkeymaster_staging
Test: Builds
Change-Id: I742a3e36fd96c3a1b37181f48aab7e5faa63b063
2017-12-21 12:49:35 -07:00
Iris Chang
784e993ef6 Merge "Fix Keymaster VTS for OpenSSL error code change" am: fc23356909 am: f9fceff665
am: 11fab4809b

Change-Id: Ibe60ee37e674ff9622f795b6cce7ae9c255bd5d5
2017-11-22 02:16:25 +00:00
Iris Chang
f9fceff665 Merge "Fix Keymaster VTS for OpenSSL error code change"
am: fc23356909

Change-Id: If832fc5e82618c394fd253215cd5c8e5e0011e39
2017-11-22 02:04:08 +00:00
Treehugger Robot
fc23356909 Merge "Fix Keymaster VTS for OpenSSL error code change" 2017-11-22 01:55:27 +00:00
Ryan Campbell
6f62a49017 Transfer VTS test ownership. am: ae6b2a5f1e am: 8ca98990ab
am: 4596756e1b

Change-Id: I3f889b17ff28d49c120b4ce42f1b79a75441bc0d
2017-11-17 02:17:33 +00:00
Ryan Campbell
8ca98990ab Transfer VTS test ownership.
am: ae6b2a5f1e

Change-Id: I4dd526bbfc6e8fa51495f4298e820e62f2fb62dd
2017-11-17 02:10:09 +00:00
Ryan Campbell
ae6b2a5f1e Transfer VTS test ownership.
Remove self from test ownership and transfer to new owners as agreed.

Test: none
Bug: 69425312
Change-Id: I8b189e6f2d7076b9ee7f3bad91445ccf6c5e1767
Merged-In: I8b189e6f2d7076b9ee7f3bad91445ccf6c5e1767
2017-11-16 14:48:00 -08:00
Iris Chang
890d3dfe27 Fix Keymaster VTS for OpenSSL error code change
OpenSSL changes error code of large RSA data from
KM_ERROR_INVALID_INPUT_LENGTH to KM_ERROR_INVALID_ARGUMENT which causes
HidlHalGTest#EncryptionOperationsTest.RsaOaepTooLarge and 
HidlHalGTest#EncryptionOperationsTest.RsaPkcs1TooLarge tests failed. 
Fix keymaster VTS to accept both the error codes.

Bug: 68289922
Test: HidlHalGTest#EncryptionOperationsTest.RsaOaepTooLarge and
      HidlHalGTest#EncryptionOperationsTest.RsaPkcs1TooLargeHidlHalGTest#EncryptionOperationsTest.RsaOaepTooLarge
      and HidlHalGTest#EncryptionOperationsTest.RsaPkcs1TooLarge are
      passed after applying this modification and other Keymaster 3.0
      VTS test cases are not affected.
Change-Id: I493bfa1c6e4b69560dfae3585a416b5c3d33e215
2017-11-15 08:09:52 +00:00
Xin Li
bb9e38fef9 Merge commit '1a06284b24f5eb7bb9c1fea0817da8898b3b1bff' from
oc-mr1-dev-plus-aosp into stage-aosp-master

Change-Id: I2a044eb8c9981d0a8198ffe2df55559afbd76341
Merged-In: I4fb9f18884f7ef21162015a0032c4431444f7025
2017-11-14 12:08:38 -08:00
Steven Moreland
8db261bc99 Updating makefiles for hidl_interface.
Bug: 64487114
Test: manual
Merged-In: Ie13d9e014cf2b81c18c67f551b4644fb9f0ba812
Change-Id: Ie13d9e014cf2b81c18c67f551b4644fb9f0ba812
2017-11-13 10:00:18 -08:00
Steven Moreland
a1169dd600 Update makefiles for hidl_interface.
Bug: 35570956
Test: manual
Change-Id: I7a220b78ee081240e1dc30ef5672ba39e3e98375
2017-11-10 09:06:55 -08:00
Steven Moreland
1d7374c5e1 Update for Soong java makefiles. am: c3e80fa01e am: 0fff75dee1 am: 6c811964a1
am: 116161d94e

Change-Id: I33643636e2511de77fdf7de57777eb67edee2e52
2017-10-11 16:39:21 +00:00
Steven Moreland
116161d94e Update for Soong java makefiles. am: c3e80fa01e am: 0fff75dee1
am: 6c811964a1

Change-Id: I85ccbb4a15cd18938607f5bca4e065b9d7e0182b
2017-10-11 16:31:07 +00:00
Steven Moreland
6c811964a1 Update for Soong java makefiles. am: c3e80fa01e
am: 0fff75dee1

Change-Id: I5b524ccf13233f3696881a2a670b5d2134fd5f15
2017-10-11 16:27:24 +00:00
Steven Moreland
0fff75dee1 Update for Soong java makefiles.
am: c3e80fa01e

Change-Id: Ia8835f9c95bd98a96f5fd3aff11191e7d3726fb9
2017-10-11 16:23:54 +00:00
Steven Moreland
c3e80fa01e Update for Soong java makefiles.
Test: pass
Bug: 33420795
Change-Id: Id9b1919a19b8ff682738cfb0869a479b4dbb4293
2017-10-10 23:07:20 +00:00
Iris Chang
13edc1a4d3 Merge "VTS: fix VtsHalKeymasterV3_0Target issue" am: 1912c73a7f am: b87becf1c2 am: 7fdf8d791f
am: 41df3d9063

Change-Id: I98db06ff0ca957ea35bf0793e1ed8163dc64e2c2
2017-10-06 01:55:09 +00:00
Iris Chang
41df3d9063 Merge "VTS: fix VtsHalKeymasterV3_0Target issue" am: 1912c73a7f am: b87becf1c2
am: 7fdf8d791f

Change-Id: I63b0905fc6091f62b297ed9c85f21e97fe84decd
2017-10-06 01:53:28 +00:00
Iris Chang
7fdf8d791f Merge "VTS: fix VtsHalKeymasterV3_0Target issue" am: 1912c73a7f
am: b87becf1c2

Change-Id: I4674864a39b3f558d30bf63f1b79505c69330867
2017-10-06 01:51:40 +00:00
Iris Chang
b87becf1c2 Merge "VTS: fix VtsHalKeymasterV3_0Target issue"
am: 1912c73a7f

Change-Id: I781812c77d96a0a7beb832298df8d537ce1d55da
2017-10-06 01:49:29 +00:00
Treehugger Robot
1912c73a7f Merge "VTS: fix VtsHalKeymasterV3_0Target issue" 2017-10-06 01:43:54 +00:00
Iris Chang
54ca32a130 VTS: fix VtsHalKeymasterV3_0Target issue
Failed cases:
AttestationTest.RsaAttestation
AttestationTest.EcAttestation

Analysis:
The verify_attestation_record() in Keymaster_hidl_hal_test.cpp calls
parse_attestation_record() to set the value of att_challenge. It fails
to compare att_challenge with challenge by memcmp.
Because setToExternal() method uses buffer pointer to local variable
(record), not use memcpy to copy into itself buffer in
parse_attestation_record(). When it leaves the parse_attestation_record(),
we will get the att_challenge which is null buffer to compare with challenge
incorrectly.

Fix: use memcpy to copy the buffer.

Bug: 65039571
Test: build passed. VtsHalKeymasterV3_0Target -> PASSED: 106, FAILED: 0.

Change-Id: I700a9242cc9a5f4cb196b62860823601e4088531
2017-10-06 00:45:42 +00:00
Steven Moreland
70bfb9d250 Merge "Update for hidl adapter module defaults." am: 988c977079 am: 861651985f am: b53e6ad535
am: 9a17f41f6f

Change-Id: I78d9292068b372238554fd9d35128e69f5b5f9d2
2017-10-04 21:54:11 +00:00
Steven Moreland
9a17f41f6f Merge "Update for hidl adapter module defaults." am: 988c977079 am: 861651985f
am: b53e6ad535

Change-Id: I23269fb7a9bdd352e670a80f390527d9eef31412
2017-10-04 21:51:00 +00:00