device with keymaster implementation.
- Ignore INVALID tag in generated key characteristics if keymaster
implementation is present.
- RSA_OAEP_MGF_DIGEST, ATTEST_KEY, USAGE_COUNT_LIMIT are not expected in
generated key characteristics if keymaster implementation is present.
- Corrected device attest ids names.
- Skip device id attestation on device with GSI image and device
first_api_level is less than 34.
- When the DEVICE_UNIQUE_ATTESTATION tag is used in key generation,
root certificate signature verification is ignored during cert-chain
verification.
Bug: 322118247
Test: atest keystore2_client_tests
Change-Id: I42d339a7797114d9139c64bc4d397889b965cb48
The logs were missing a word and also this will
add the blob id into the logs when a query fails
to delete the blob.
Test: atest keystore2_test
Change-Id: Ieff6e9266837744d16633c93df0b6da27871eca7
This CL is created as a best effort to migrate test targets to the new Android ownership model.
It is based on historical data from repository history and insights from git blame.
Given the nature of this effort, there may be instances of incorrect attribution. If you find incorrect or unnecessary
attribution in this CL, please create a new CL to fix that.
For detailed guidelines and further information on the migration please refer to the link below,
go/new-android-ownership-model
Bug: 304529413
Test: N/A
Change-Id: Ia06fe7f4d0518d03cebf52d34ca9b1434011d272
This is needed to upgrade the android_logger crate from 0.12.0
to 0.13.3.
with_max_level provides the same functionality as with_min_level.
The renaming is admittedly confusing, but the new name is accurate
and it makes sense that they deprecated and then removed the
previously poorly named with_min_level.
See crate documentation [1] and code [2].
[1]: https://docs.rs/android_logger/0.12.0/android_logger/struct.Config.html#method.with_min_level
[2]: https://docs.rs/android_logger/0.12.0/src/android_logger/lib.rs.html#227
Bug: 322718401
Test: build and run CF with the change.
Test: m aosp_cf_x86_64_phone
Change-Id: Ibd13989ffe52a93191dd2d5a1b8f5a651eecd91d
Correct the permission check for the Keystore maintenance method
that returns the list of app UIDs which have keys that are
bound to a specific SID.
The previous check relied on SELinux policies. But the Settings
app that calls this method has a permission - MANAGE_USERS -
that is more appropriate to check.
Bug: 302109605
Test: Manual.
Change-Id: Ia26256cf995d16d03d0bb92d8b237f7bbea30d07
am skip reason: Merged-In I619784b71c0a87574dc633d641aec91da1fc3475 with SHA-1 9987d80385 is already in history
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2942886
Change-Id: I9a52e48380f7d7a4ff33327acbcb8b9ba603d0eb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
am skip reason: Merged-In I619784b71c0a87574dc633d641aec91da1fc3475 with SHA-1 9987d80385 is already in history
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2942886
Change-Id: Ide9d957401b2eeaecf982ba2fa64f241a1ccedb9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
am skip reason: Merged-In I619784b71c0a87574dc633d641aec91da1fc3475 with SHA-1 9987d80385 is already in history
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2942886
Change-Id: Iea73083f6e4a67441577b917a26af5ffd059a236
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
am skip reason: Merged-In I619784b71c0a87574dc633d641aec91da1fc3475 with SHA-1 9987d80385 is already in history
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2942886
Change-Id: Icdeda328ff756256308160a1ed0ab4b1a89c1c15
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
Due to https://r.android.com/2822970 ("Use CLOCK_BOOTTIME for keystore2
auth token received time"), MonotonicRawTime now uses CLOCK_BOOTTIME
instead of CLOCK_MONOTONIC_RAW. Therefore, rename it to BootTime.
Bug: 309686873
Test: atest -p --include-subdirs system/security/keystore2
Change-Id: If1fbbac2eccb03dc7360ae742d79e58f871fb80d
This is needed to upgrade the android_logger crate from 0.12.0
to 0.13.3.
with_max_level provides the same functionality as with_min_level.
The renaming is admittedly confusing, but the new name is accurate
and it makes sense that they deprecated and then removed the
previously poorly named with_min_level.
See crate documentation [1] and code [2].
[1]: https://docs.rs/android_logger/0.12.0/android_logger/struct.Config.html#method.with_min_level
[2]: https://docs.rs/android_logger/0.12.0/src/android_logger/lib.rs.html#227
Bug: 322718401
Test: build and run CF with the change.
Test: m aosp_cf_x86_64_phone
Change-Id: I8d9d7c42100ede48496f9846068ed312fb8a15cb
Android Protected Confirmation is deprecated due to the high
support/maintenance cost for Android device makers and low adoption rate
among app developers. APC requires Android device makers to have a
substantial amount of device-specific UI code running in the trusted
execution environment. That has proven to be expensive to maintain and
non-scalable, as there cannot be a single implementations device makers
can share or use as a reference. Additionally, app developers have not
adopted this feature, as the Android platform offers other mechanisms
for authentication a user's intent. These mechanisms, such as
authentication-bound Keystore keys, are less secure than Trusted UI, but
are more wide-spread. While we explore alternatives to APC that are
viable to the device makers ecosystem, we sunset the APC API.
Bug: 313856313
Test: atest keystore2_test && atest CtsKeystoreTestCases
Change-Id: If065697ed13e3de706b8dde5cc5e2b6018592018
