Commit graph

39 commits

Author SHA1 Message Date
Shawn Willden
647357f6cb Remove libkeymaster_staging
Test: Builds
Change-Id: I742a3e36fd96c3a1b37181f48aab7e5faa63b063
2017-12-21 12:49:35 -07:00
Janis Danisevskis
5a07ed4802 Switch to new NG AndroidKeymaster3Device
Test: VtsHalKeymasterV3_0TargetTest
Bug: 67358942
Change-Id: Idc7ac599c359b3af2e4866b9eb446a05e96132a0
2017-10-03 16:13:21 -07:00
Janis Danisevskis
957b1dc654 Reflect: Removed KeymasterEnforcement dependencies on openssl
in system/keymaster.

Test: VtsHalKeymasterV3_0TargetTest

Bug: 67358942
Change-Id: Ie3e1fb94a299635e6c7cf45d78822b03bedf5d11
2017-10-03 16:13:21 -07:00
Janis Danisevskis
02bc2768d4 Add OWNERS files to keymaster resources am: e6014f69ea am: 1ff3510d29 am: 2d83c98987
am: a0e1f49a11

Change-Id: Ic1eab465d8392c79411ce6c6097c40585748db1f
2017-10-03 22:31:13 +00:00
Janis Danisevskis
1ff3510d29 Add OWNERS files to keymaster resources
am: e6014f69ea

Change-Id: I71c2388fd278869daa652ae10fb8b7848b6e5443
2017-10-03 21:22:58 +00:00
Janis Danisevskis
e6014f69ea Add OWNERS files to keymaster resources
This patch adds swillden@ and jdanis@ as owners of keymaster/3.0/vts
and keymaster/3.0/default.

Test: No code changed
Change-Id: I04bc0f741e8fafd53aee7c9dd62954548b81263d
2017-10-03 13:37:19 -07:00
Jaekyun Seok
81104ae5ef Add 'vendor.' prefix to a vendor HAL service name
To prevent property name collisions between properties of system and
vendor, 'vendor.' prefix must be added to a vendor HAL service name.
You can see the details in http://go/treble-sysprop-compatibility.

Test: succeeded building and tested on a walleye device
Bug: 36796459
Change-Id: I4e8fbee791ec917a8f627a1366f4d44ec7e6febc
2017-09-12 08:01:42 +09:00
Janis Danisevskis
71ebd5f6b4 Rename libkeymaster to libkeymaster_staging
Fix a build breakage by renaming libkeymaster to
libkeymaster_staging. fugu's vendor tree already had
a libkeymaster.so which masked system/keymaster/libkeymaster.

Bug: 37997750
Change-Id: Ie478726bf81e965be64fb913844b881064e9b66c
2017-05-04 14:16:20 -07:00
Janis Danisevskis
448b624803 Merge "libkeymaster1 was split into libkeymaster and _portable" 2017-05-04 16:16:45 +00:00
TreeHugger Robot
a22bc7450b Merge "Fix Keymaster HAL crash." into oc-dev 2017-05-03 21:50:23 +00:00
Janis Danisevskis
85e15db319 libkeymaster1 was split into libkeymaster and _portable
libkeyamster1 was split into libkeymaster and
libkeymaster_portable.
Also removed UniquePtr usage from keymaster hal.

Bug: 37467707
Test: keymaster vts test and keystore cts test
Change-Id: Ic660586d3d9cfd20022a9c694f276da89e796e5d
2017-05-03 15:54:13 +00:00
Janis Danisevskis
2590b96be2 Revert "libkeymaster1 was split into libkeymaster and _portable"
This reverts commit beee35c850.

Reason for revert: fix broken build

Change-Id: I60762c834b6837c78027574dda54c5382dbcceec
2017-05-03 00:34:10 +00:00
Janis Danisevskis
beee35c850 libkeymaster1 was split into libkeymaster and _portable
libkeyamster1 was split into libkeymaster and
libkeymaster_portable.

Test: keymaster vts test and keystore cts test
Change-Id: Ia117199f07f6d55d35b2ae781ebab62386006474
2017-05-01 12:35:05 -07:00
Janis Danisevskis
0c3dd48665 Fix KM3.0 deleteKey behavior inconsistent with VTS test.
Keymaster 3.0 VTS test required that deleteKey returns
ErrorCode::OK even if the key blob parameter is invalid or garbage.
The rationale is that deleteKey shall have the invariant that
key blobs are unusable after the deleteKey call. If it was unusable
before, this invariant is upheld.

This patch makes the legacy wrapper for the Keymaster HAL translate
an ErrorCode::INVALID_KEY_BLOB retuned by the legacy delete_key to
ErrorCode::OK.

Bug: 37351644
Test: Manually run VtsHalKeymasterV3_0TargetTest with legacy keymaster
      HAL installed (tested with sailfish)

Change-Id: Ib22c8b8e10334770a1d4a5570acf16c2c52a6c60
2017-04-27 08:43:25 -07:00
Shawn Willden
fa67c8fc1d Fix Keymaster HAL crash.
Test: VTS test validates this fix
Change-Id: I5996c2166cf4141c97424df64a380f45b001d52e
2017-04-24 08:11:07 -06:00
Bartosz Fabianowski
8304a9040c Finish adding manufacturer and model to device ID attestation
This is a follow-up to change I5a9fd839497976cdb1e44cbe4a2d5b7730732b4c,
where manufacturer and model were added to the set of attestable device
IDs.

Bug: 37522655
Test: GTS com.google.android.gts.security.DeviceIdAttestationHostTest

Change-Id: Ied4246f4fc490feb2093f04c268aab83c8e1326d
2017-04-20 04:47:44 +02:00
TreeHugger Robot
206e38a4e8 Merge "Remove dependency of libhardware_legacy from HAL services" into oc-dev 2017-04-18 00:26:33 +00:00
Hung-ying Tyan
4f1bbf7074 Remove dependency of libhardware_legacy from HAL services
It is not used by these services.

Bug: 33241851
Bug: 37305530
Test: built and tested on sailfish
Change-Id: I1f3f51981d7dfcf27e18d9495c747b7662867d31
2017-04-15 10:17:16 +08:00
Shawn Willden
dc9965665e Require attestation app ID.
Bug: 37318025
Test: Manually tested
Change-Id: Iaa992c8d22e0c88c2a2570355199befa484adc19
2017-04-14 11:38:17 +00:00
Janis Danisevskis
1cc38f1e9c Adds default keymaster service to the early_hal class
The keymaster service is required by vold which starts very early
during boot up. This leads to the dependency loop:
init->installkey->vdc->vold->keymaster-service->init

This patch resolves this issue by adding service keymaster to the class
early-hal which will get started right after hwservicemanager on devices
that get treble.

Bug: 35764921
Test: Device boots. And lshal shows that service keymaster has two
      clients, keystore and vold.

Change-Id: Id0b6722de900b5513d46adb81d76b02fa6e155df
2017-04-05 17:22:46 -07:00
Shawn Willden
63e15f0790 Revert "Revert "Add keymaster VTS tests.""
This reverts commit 8e10baee45.

Test: Tests pass, except known failures with in-progress vendor fixes
Change-Id: Ia95c1444100e123fa65d095b001878cf9040d0c4
2017-03-30 13:21:54 +00:00
Keun Soo Yim
8e10baee45 Revert "Add keymaster VTS tests."
This reverts commit dda22ea884.

Change-Id: Ie6a60e17ed5258840eba3d3f6b8092636160b2c2
2017-03-29 20:18:52 +00:00
Shawn Willden
dda22ea884 Add keymaster VTS tests.
Note: Recent Google devices have keymaster implementations that don't
pass this test suite.  See https://goo.gl/6hsGwa for a summary.

Bug: 32022681
Test: This is the test suite.
Change-Id: Ib200b68e0c7844df02eb9f086385d6c36e306d45
2017-03-29 13:28:16 +00:00
Shawn Willden
031b6050b1 Revert "Add auth token parsing to IKeymasterDevice.hal"
This reverts commit 62f63c7ddb.

Reason for revert: b/36637075

Bug: 36637075
Change-Id: Ie0e8d0b480047a7c68f266e7e5d8a31722f85128
2017-03-28 00:44:17 +00:00
Shawn Willden
62f63c7ddb Add auth token parsing to IKeymasterDevice.hal
Auth tokens have an unfortunate dual character. To most of the system
they are opaque blobs that are intended only to be obtained from one
HAL (e.g. gatekeeper or fingerprint) and passed to another
HAL (keymaster), but keystore actually needs to extract some bits of
information from them in order to determine which of the available blobs
should be provided for a given keymaster key operation.

This CL adds a method that resolves this dual nature by moving the
responsibility of parsing blobs to the HAL so that no component of the
framework has to make any assumptions about their content and all can
treat them as fully opaque. This still means that the various HAL
implementers have to agree on content, but they also have to agree on an
HMAC key which much be securely distributed to all at every boot, so
asking them to agree on an auth token format is perfectly
acceptable. But now the Android system doesn't have to care about the
format.

Bug: 32962548
Test: CTS tests pass, plus manual testing.
Change-Id: I78aa6e4ea9c5d8f34906b0969909387e2c5894e6
2017-03-24 22:22:34 -06:00
Shawn Willden
d4417fb982 Add digest support and implementation name to getHardwareFeatures
This is needed to support the keystore statistics gathering initiative.
It will allow us to get information about what kinds of keymaster
implementations exist in the ecosystem, and which ones fail in which
ways.

Bug: 36549319
Test: Will add to VTS tests
Change-Id: I49ee4623656060d69a6de7723b11cd715150451a
2017-03-25 02:09:14 +00:00
TreeHugger Robot
dc039363d9 Merge "Add manufacturer and model to device ID attestation" 2017-03-23 00:01:46 +00:00
Janis Danisevskis
b77dbe37c1 Check for unimplemented keymaster function delete_key
delete_key is optional and may not be implemented by
a legacy hal. So the function pointer must be checked for
nullptr prior to being used.

Bug: 36500704
Test: run VTS tests with legacy hal that does not implement delete_key
Change-Id: Ie51dd173314826ef260319153c7df96d88b8a42f
2017-03-22 10:46:41 -07:00
Bartosz Fabianowski
2377553df2 Add manufacturer and model to device ID attestation
Discussions have shown that in addition to brand, device and product,
we should also allow devices to attest their manufacturer and model.

Bug: 36433192
Test: GTS com.google.android.gts.security.DeviceIdAttestationHostTest

Change-Id: I5a9fd839497976cdb1e44cbe4a2d5b7730732b4c
2017-03-20 14:01:03 +01:00
TreeHugger Robot
33b3a66047 Merge "keymaster HAL uses "default" service name" 2017-02-25 01:57:45 +00:00
Chris Phoenix
06be50266b keymaster HAL uses "default" service name
The getService() and registerAsService() methods of interface objects
now have default parameters of "default" for the service name. HALs
will not have to use any service name unless they want to register
more than one service.

Test: marlin boots

Bug: 33844934
Change-Id: I6533e4fe0e63e2d0b0158148f5e438bb4b6b5886
2017-02-24 14:31:22 -08:00
Steven Moreland
7e73d5b908 Remove viral dependency on libhwbinder. (2/2)
find hardware/interfaces -name Android.mk -exec sed -i -e '/libhwbinder
\\/d' {} \;
find hardware/interfaces -name Android.bp -exec sed -i -e
'/"libhwbinder"/d' {} \;
./hardware/interfaces/update-makefiles.sh

Note, automotive has some actual dependencies on libhwbinder, filed
b/35758626 for this.

Test: everything links
Test: (sanity) booted marlin on internal master with these changes
Bug: 35710429
Change-Id: I6d0726c8130d00684b978efbdd48e3ae396f12e5
2017-02-24 12:18:01 -08:00
TreeHugger Robot
da1773c3ce Merge "Have generateKey() treat additional entropy as optional" 2017-02-14 13:01:00 +00:00
Bartosz Fabianowski
50624e995d Have generateKey() treat additional entropy as optional
KeyStore.generateKey() takes an entropy parameter. This is optional
and can be null. That is how KeyStore used to work but a recent
refactor made us always feed the entropy to keymaster, even if it
is empty (null or byte[0] on the Java side). This CL makes us ignore
such empty entropy again.

We only noticed this because a recently added GTS test that happens
to set the entropy to null is failing on some hardware (other
keymaster implementations silently ignore this invalid attempt to
set entropy).

Bug: 35156555
Test: gts-tradefed run gts --module GtsGmscoreHostTestCases
      --test com.google.android.gts.security.DeviceIdAttestationHostTest

Change-Id: Iadaf40e69350c17dd18e4dc2a1dab97fa911e1bf
2017-02-14 11:24:38 +01:00
Steven Moreland
a0da1a1c3d Move hidl shims to the vendor partition. (2/2)
We need google shims on the vendor partition because they are providing
an implementation of a vendor defined interface. They were written by
google just as a courtesy/to make the transition easier. They're
basically a set for vendors to assemble their hal implementations
from.

Bug: 34135607
Test: marlin persist.hal.binderization on/off
Change-Id: I2e2af5af39264cf290259755bb9b2eb9827a21f5
2017-02-13 15:03:41 -08:00
Janis Danisevskis
2e88b6b408 Use propper default service implementation for keymaster HAL
Test: Boot marlin with ENABLE_TREBLE
Bug: 34641942
Change-Id: I3d65555dda7e5a54034f0768ba6739c5a3b1b268
2017-01-25 13:52:48 +00:00
Bartosz Fabianowski
aac0fc739e Add device id attestation
This adds device id attestation to the Keymaster 3.0 HAL. Device
id attestation must only be offered if the device can permanently
destroy device ids on request. The default implementation cannot
do this because it lacks storage that would survive device wipes.
Hence, the implementation refuses all device id attestation requests.

Bug: 34597337
Test: CTS CtsKeystoreTestCases and GTS DeviceIdAttestationHostTest

Change-Id: I6ff6146fad4656b8e1367650de922124b3d7f7b2
2017-01-24 23:06:30 +01:00
Martijn Coenen
028223775b Remove obsolete references to IPCThreadState/ProcessState.
Threadpool can now be configured/joined if needed with
configureRpcThreadpool() / joinRpcThreadpool().

Bug: 31226656
Test: mma
Change-Id: I0d7d9924cc8c8851cc2b61ebdae906204909890e
2016-12-30 14:00:31 +01:00
Janis Danisevskis
0f35e5a013 Add default implementation for binderized Keymaster HAL and service
The default implementation loads the device's legacy keymaster hal
and wraps in a softkeymasterdevice if the capabilities of the
device is less than keymaster 2.

Test: builds
Bug: 32020919
Change-Id: Ia7e274673b77c2712c386d573715ed3725b0c158
2016-12-20 09:09:29 -07:00