The GSI patch level might be greater than the vbmeta SPL, because
GSI system.img might be updated via the DSU flow, where vbmeta.img won't
be updated in this scenario.
https://developer.android.com/topic/dsu
Allowing GSI patch level to be greater than or equal to the vbmeta SPL,
since Treble allows new system.img works on old vendor images.
Bug: 145377203
Test: atest VtsHalKeymasterV4_0TargetTest
Change-Id: Ib761d80c88695eb2db08b0dc00e30fcdc2788865
The keymaster function affects the performance of secure os. When considering the swtiching time of the normal world < - > Secure world and the processing delay of the SecureOS by the scheduling policy of the normal world, it is necessary to increase the time.
Even though Secure world is no problem, Sometimes there is a possibility of that the test will fail because it is a limited resource normal world.
On average, it is performed in a very fast time, but sometimes it takes a lot of time. After many tests, the safe time was measured.
Bug: 162115135
Change-Id: I55862204ef71f69bc88c79fe2259f7cb8365699a
Signed-off-by: kh0705 <kh0705.park@samsung.com>
The test fails on devices because an unknown
client starts a keymaster BEGIN operation during
bootup but does not finish it. This affects the
keymaster hardware implementation's capability
to support the maximum possible operations while
running this test.
Bug: 154801042
Change-Id: Ib6adc6c28ebe76ddfdc2c66cd17cf78c04e5b468
HIDL libs are not necessarily part of VNDK now. Because some are
used by VNDK libs, they are still VNDK. But rest are now just
vendor-available.
.hidl_for_test files are also removed because they are used to exclude
test-purpose hidl libs from VNDK libs.
Instead, .hidl_for_system_ext files are added to tests/lazy to
distinguish them from others which are installed /system.
Bug: 143933769
Test: update-makefiles.sh && m com.android.vndk.current
Merged-In: Ia81312dda340b6b5cbdd7a3c21e1d323bda39a4a
Change-Id: Ia81312dda340b6b5cbdd7a3c21e1d323bda39a4a
(cherry picked from commit b0907a6bb8)
In deserializeVerificationToken(), we use extractUint64() to extract
VerificationToken.challenge. A potential bug was found in
extractUint64() that will cause VerificationToken.challenge()
incorrect.
Bug: 160198696
Merged-In: Ie0d2c0127cc34f1bb90455e4f7869e15e5542173
Change-Id: Ie0d2c0127cc34f1bb90455e4f7869e15e5542173
In deserializeVerificationToken(), we use extractUint64() to extract
VerificationToken.challenge. A potential bug was found in
extractUint64() that will cause VerificationToken.challenge()
incorrect.
Bug: 160198696
Change-Id: Ie0d2c0127cc34f1bb90455e4f7869e15e5542173
VTS was running on a userdebug build GSI before Android 10.
Starting from Android 10, VTS is switched to running on top of a
user build GSI image, plus the device-specific boot-debug.img to
allow adb root.
https://source.android.com/compatibility/vts/vts-on-gsi
So 'ro.build.type' will be 'user' because the value comes from
/system/build.prop. Switching to using 'ro.debuggable' to decide
whether we should check the device is locked or not. Note that
'ro.debuggable' will be '1' for userdebug/eng images or when a
boot-debug.img is used.
Bug: 154449286
Test: atest VtsHalKeymasterV4_0TargetTest
Change-Id: If5a90d62f77489aa58f96e908553a052cf6d1e18
Merged-In: If5a90d62f77489aa58f96e908553a052cf6d1e18
(cherry picked from commit 43dd6e34bd)
VTS was running on a userdebug build GSI before Android 10.
Starting from Android 10, VTS is switched to running on top of a
user build GSI image, plus the device-specific boot-debug.img to
allow adb root.
https://source.android.com/compatibility/vts/vts-on-gsi
So 'ro.build.type' will be 'user' because the value comes from
/system/build.prop. Switching to using 'ro.debuggable' to decide
whether we should check the device is locked or not. Note that
'ro.debuggable' will be '1' for userdebug/eng images or when a
boot-debug.img is used.
Bug: 154449286
Test: atest VtsHalKeymasterV4_0TargetTest
Change-Id: If5a90d62f77489aa58f96e908553a052cf6d1e18
This is to facilitate HAL implementations using a TA existing in a
different environment than where auth tokens are minted. This method
will be used by credstore in a companion CL.
This modifies version 2 of the Identity Credential API (which was
never been released) to add a new method and creates version 2 of the
Keymaster types-only AIDL API to include the new VerificationToken
parcelable and SecurityLevel enum.
Bug: 156076333
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Merged-In: I7d05413a9ec70225ce419079f3cc9daf026cf744
Change-Id: Idd7ab041d87617556ed840403033b642f8c2ab86
This is to facilitate HAL implementations using a TA existing in a
different environment than where auth tokens are minted. This method
will be used by credstore in a companion CL.
This modifies version 2 of the Identity Credential API (which was
never been released) to add a new method and creates version 2 of the
Keymaster types-only AIDL API to include the new VerificationToken
parcelable and SecurityLevel enum.
Bug: 156076333
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Change-Id: I7d05413a9ec70225ce419079f3cc9daf026cf744
Bug: 151896491
Test: local build
Exempt-From-Owner-Approval: This CL update suite name vts-core to vts as
the suite name is updated. This CL won't change test logic or behavior.
Change-Id: I562b4dc50765e953800a814a8fd84a01c1b9352b
Merged-In: I562b4dc50765e953800a814a8fd84a01c1b9352b
Bug: 151896491
Test: local build
Exempt-From-Owner-Approval: This CL update suite name vts-core to vts as
the suite name is updated. This CL won't change test logic or behavior.
Change-Id: I562b4dc50765e953800a814a8fd84a01c1b9352b
Merged-In: I562b4dc50765e953800a814a8fd84a01c1b9352b
The attestation code used boringssl's ASN.1 encoding tools
incorrectly, causing it to encode incorrect values in device_locked.
Bug: b/152503089
Test: Build & boot
Change-Id: I3c5352523b2db37d539ad353ac8c48c1585eb08d
Although no real devices should have a software implementation,
emulator and cloud devices do, and it's useful to be able to use them
as a development platform, which is facilitated by having useful VTS
tests.
This is in preparation for Keymaster 4.1 implementation and VTS work.
Bug: 140193672
Bug: 140192237
Bug: 140824829
Test: VtsHalKeymaster4.0TargetTest
Change-Id: Idc5de13c342ef1ac62d3131a1a2185d5e78a0d45
Merged-In: Idc5de13c342ef1ac62d3131a1a2185d5e78a0d45
We'll add a large-size test to the Keymaster 4.1 VTS tests.
Test: VtsHalKeymasterV4_0TargetTest
Change-Id: I2460106cf918e44ea5eeac5c518a89c311756eb3
Merged-In: I2460106cf918e44ea5eeac5c518a89c311756eb3
This is part of a refactor to facilitate reuse in Keymaster 4.1 VTS
tests.
Bug: 140193672
Bug: 140192237
Test: VtsHalKeymasterV4_0TargetTest
Change-Id: I9310a851648c028850f9795d303419c6a7e29a11
Merged-In: I9310a851648c028850f9795d303419c6a7e29a11
* changes:
Keymaster 4.1 VTS tests
Update KM4 VTS tests to allow s/w implementation to pass.
Remove service death test.
Change finish input test to avoid large sizes.
Although no real devices should have a software implementation,
emulator and cloud devices do, and it's useful to be able to use them
as a development platform, which is facilitated by having useful VTS
tests.
This is in preparation for Keymaster 4.1 implementation and VTS work.
Bug: 140193672
Bug: 140192237
Bug: 140824829
Test: VtsHalKeymaster4.0TargetTest
Change-Id: Idc5de13c342ef1ac62d3131a1a2185d5e78a0d45
This is part of a refactor to facilitate reuse in Keymaster 4.1 VTS
tests.
Bug: 140193672
Bug: 140192237
Test: VtsHalKeymasterV4_0TargetTest
Change-Id: I9310a851648c028850f9795d303419c6a7e29a11
We should not be relying on the HAL service to add CREATION_TIME to
keys. It was always intended to be an optional tag that could be
added by keystore, or maybe the caller of keystore. One widespread
Keymaster implementation started adding it (somewhat erroneously) if
it wasn't provided, and it appears that this implementation's behavior
became assumed to be the required behavior.
Test: VtsHalKeymasterV4_0TargetTest
Change-Id: I34267c4e1f59fd8ee5f898f8c746a7b49f4d74a5
Without the setting of TAG_MAC_LENGTH, the test fails due to
MISSING_MAC_PURPOSE.
Bug: 145626599
Test: VtsHalKeymasterV4_0TargetTest
Change-Id: Ic58411b86e07dfeeb78211abf9271ee995beabc9
This is updating the public exponent being checked from 3 to 65537. The
test was updated to use the latter public exponent without the check
also being updated
Test: atest VtsHalKeymasterV4_0TargetTest
Change-Id: I55fa2e67c94f0c52a1d65644f16b5f703a661e00
