This CL needs some polish. Changes
herein are somewhat brute-force to
make things work, particularly with
authorization-list parsing and validation.
This CL also copies over support for
dumping attestation records.
Bug: 129282228
Test: VtsHalKeymasterV4_1TargetTest
Change-Id: I4fc0183dc0b8a76e84d14054b38ad7c1540a1897
This test is expected to be run
on non-StrongBox instances.
Bug: 129282228
Test: StrongBoxOnly passes on TZ
Change-Id: Ia6b274d097b4c698904d1c51daed821188a50510
Bug: 151896491
Test: local build
Exempt-From-Owner-Approval: This CL update suite name vts-core to vts as
the suite name is updated. This CL won't change test logic or behavior.
Change-Id: I562b4dc50765e953800a814a8fd84a01c1b9352b
Merged-In: I562b4dc50765e953800a814a8fd84a01c1b9352b
The attestation code used boringssl's ASN.1 encoding tools
incorrectly, causing it to encode incorrect values in device_locked.
Bug: b/152503089
Test: Build & boot
Change-Id: I3c5352523b2db37d539ad353ac8c48c1585eb08d
HMAC key was created with Digest(Digest::SHA_2_256) which is missing in
the UseHmacKey function
Bug: 152932473
Test: VtsHalKeymasterV4_1TargetTest
Change-Id: If63dd197fe12172e14be9890ab07a00c3eef4a4c
The way I planned for this to work doesn't work. We'll revisit in
Keymaster5. For now, removing IOperation and beginOp.
Bug: 152536287
Test: Build & boot
Change-Id: I017d17079380cc3bacc6f05b2486e1b6e6c3f675
These are keymaster keys used specifically for storage
encryption. This provides the ability for keymaster implementations to
securely protect storage encryption keys.
Test: VtsHalKeymasterV4_1TargetTest
Bug: 147733587
Change-Id: I5f7f83755fcbed96d8f38fa51812aa6d2eb0927b
* changes:
Keymaster 4.1 VTS tests
Update KM4 VTS tests to allow s/w implementation to pass.
Remove service death test.
Change finish input test to avoid large sizes.
This CL adds:
- The IDENTITY_CREDENTIAL_KEY tag. This new tag is not actually used
by Keymaster at all. It's used by the new Identity Credential HAL in
its key attestations, which use the Keymaster format and the Keymaster
attestation key.
- A VerificationToken argument to deviceLocked, used for StrongBox
implementations.
- Some error codes, including one to diagnose unprovisioned
attestation keys/ids.
- Clarifications in the documentation.
Test: VtsHalKeymasterV41TargetTest
Change-Id: Iae7151e2d9b328dd73e5cd78e59687ef29bab4f0
Note that CL is missing complete tests (what's included is just a
stub, really) and support library code. All of that will come in
near-future CLs. This CL omits them because they'll take time and
there's a need to unblock Keymaster 4.1 implementers now.
Bug: 140193672
Bug: 140192237
Bug: 140824829
Test: Will be in a future CL
Change-Id: I0e6e3a38356f0517158a10604b549415641ad1b9
