Commit graph

738 commits

Author SHA1 Message Date
Pirama Arumuga Nainar
205a7e59a9 Merge "Use shared libutils instead of static for keystore fuzzers" 2022-04-01 19:20:19 +00:00
Frederick Mayle
b3f93cded3 keystore: Fix double ownership of ConfirmationListener in test
Using std::make_shared with ndk::SharedRefBase objects causes memory
errors.

Test: TH
Bug: 226379467
Change-Id: I889f7a5b79b4c22b313cdcb6a118d7bb5d62d7a5
2022-03-29 17:37:14 +00:00
Pirama Arumuga Nainar
aa7e8ba4fb Use shared libutils instead of static for keystore fuzzers
Bug: http://b/197965342

These fuzzers depend on libhidlbase.so which already depends on
libutils.so.  Moving to shared dep for them doesn't increase their
shared-library closure.  Using libutils.a instead causes build failures
with upstream lld because lld tries to fetch symbols from libutils.a to
resolve undefined symbols from libhidlbase as well.

Test: cherry-pick aosp/2036867 and `mma system/keystore`
Change-Id: I4a2d215736867032a13686c31978eaeec17fc15a
2022-03-24 19:06:05 -07:00
David Drysdale
c4e0d5bed1 Use defaults to reference current keystore AIDL
The KeyMint HAL will soon be updated for a new version, which will in
turn induce a version bump for the keystore2 AIDL interface. To make
this process easier, add cc_defaults that references the "current"
version, and use this elsewhere. This should hopefully mean that a
future version bump only needs to happen in the defaults.

Test: TreeHugger
Change-Id: I8999de92443fd121a9515dccde8d76094dc93023
2021-12-02 08:19:40 +00:00
Jooyung Han
7ffd2fdd49 Include <variant>
keystore/keystore_cli_v2.cpp uses std::get_if<> from <variant>. But it
doesn't include it but relies on the indirect inclusion of
AIDL-generated header. It should include it directly.

Bug: n/a
Test: m

Change-Id: I895bcdc69f10bc9f16a4c7c37adba6eaaf892c74
2021-11-19 15:14:38 +09:00
Bob Badour
181857fec1 [LSC] Add LOCAL_LICENSE_KINDS to system/security
Added SPDX-license-identifier-Apache-2.0 to:
  keystore/tests/fuzzer/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all
Change-Id: If7701aa8e0125aa6829c42a7dedb0efd1832ace4
2021-11-04 11:00:55 -07:00
Aditya Wazir
730a1338fb Added fuzz targets for libkeystore-attestation-application-id
This patch adds following fuzz
targets: keystoreSignature_fuzzer, keystorePackageInfo_fuzzer,
keystoreApplicationId_fuzzer and keystoreAttestationId_fuzzer.

Test: ./keystoreSignature_fuzzer
Test: ./keystorePackageInfo_fuzzer
Test: ./keystoreApplicationId-fuzzer
Test: ./keystoreAttestationId_fuzzer
Bug: 187131475

Change-Id: I129a577208624b32a3eea24e877995828922acbb
2021-11-03 04:12:28 +00:00
Aditya Wazir
4f33d5e290 libkeystore-attestation-application-id: Updated Android.bp
Updated Android.bp to build both static and shared library

Test: Build libkeystore-attestation-application-id
Bug: 187131475

Change-Id: Ica9710a701db0cd4fdc07c67514510f8305eb0ef
2021-11-02 21:40:00 +00:00
Aditya Wazir
498b6ebed6 Added keystoreGetWifiHidl_fuzzer
Test: ./keystoreGetWifiHidl_fuzzer
Bug: 187130384

Change-Id: If64eb1a8b2aa22b9a2711e27449744bc7a0f0296
2021-11-02 21:06:10 +00:00
David Drysdale
ff0f59251c Specify KeyMint EC keys by curve not size
Future addition of extra curves means that key size is not enough to
identify the particular EC curve required. Use the EcCurve enum instead.

Test: m keystore_cli_v2, TreeHugger
Change-Id: Iaf6a3378a5431030fa002ed986ec67f4b18f801e
2021-10-14 15:24:45 +01:00
Treehugger Robot
4181f76592 Merge "Revert "libkeystore-wifi-hidl: Updated to vendor_available:true"" 2021-09-02 17:17:32 +00:00
Aditya Vasu Wazir
40353d8f97 Revert "libkeystore-wifi-hidl: Updated to vendor_available:true"
This reverts commit 64ce92520d.

Reason for revert: 'vendor_available:true' is no longer required

Change-Id: I9430bc9744bf7af91bf9a0b7faf6e553c273d3b1
2021-09-02 11:05:53 +00:00
Jiyong Park
0d61dd6c3a Remove ndk_platform backend. Use the ndk backend.
The ndk_platform backend will soon be deprecated because the ndk backend
can serve the same purpose. This is to eliminate the confusion about
having two variants (ndk and ndk_platform) for the same 'ndk' backend.

Bug: 161456198
Test: m
Change-Id: Ibeb4178f99857be75bb5f83a073a2d679058d921
2021-07-27 12:20:26 +09:00
Aditya Wazir
64ce92520d libkeystore-wifi-hidl: Updated to vendor_available:true
Updated libkeystore-wifi-hidl from 'vendor: true' to 'vendor_available: true'

Test: Build libkeystore-wifi-hidl
Bug: 187130384

Change-Id: Ifba05b57248f52ac33e297acd5d0b7811e3524ee
2021-06-11 11:06:26 +05:30
Aditya Wazir
f6c3bfc428 libkeystore-wifi-hidl: Updated Android.bp
Updated Android.bp to build both static and shared library

Test: Build libkeystore-wifi-hidl
Bug: 187130384

Change-Id: Idd0f35fc33a224c598fc3e96f11f88cacf5c9aba
2021-06-11 11:06:10 +05:30
Janis Danisevskis
2cb4f090ae Keystore 2.0: CLI fixes.
* Fix keystore_cli_v2 and have it installed on the device by default
  again.
* Fix confirmationui invocation test by statically linking dependencies.

Bug: 188450250
Test: atest confirmationui_invocation_test
      run any keystore_cli_v2 command
Merged-In: I7097646b6714214782cf15c51dffb7368d62761b
Change-Id: I7097646b6714214782cf15c51dffb7368d62761b
2021-05-17 13:41:32 -07:00
Janis Danisevskis
2437fde7a6 Keystore 2.0: Remove Keystore 1.0 and remaining references
* Remove superseded keystore engine backends.
* Remove keystore_cli.
* Update keystoer_cli_v2 to use Keystore 2.0.
* Update confirmationui invocation test.
* Remove reference to enable keystore2 property from keystore2.rc.

Test: N/A
Bug: 171305684

Change-Id: I855dead9d95c2c8cfa451944087bc8290871c0e5
2021-03-22 14:34:45 -07:00
David Zeuthen
27407a5743 credstore: Fix several problems with credstore.
The root of the problem is that in some cases credstore would
pass auth- and verification-tokens to the Identity Credential
HAL without first having obtained a challenge via
IIdentityCredential.createAuthChallenge(). This makes it
impossible for the TA to validate the verification token for
freshness.

This is easily fixed by simply ensuring createAuthChallenge()
is called (and the returned challenge is used in the requested
verification token) whenever dealing with ACPs using user
authentication.

Additional issues / changes:

 - During Android 12 development, an use-after-free bug was
   introduced in Credential.cpp L120.

 - keystore's getTokensForCredstore() had some bugs in how to
   select an auth-token, in particular mixing authTokenAgeMillis
   (milliseconds) with time_t values (seconds)
   - as a result, keystore would sometimes return tokens older
     than what credstore requested. This wasn't actually problem
      because the TA would check it anyway.
   - we now precisely define semantics in IKeystoreService.aidl

 - Another potential use-after-free bug was found in
   Credential.cpp L767

None of the fixes for these bugs affect CTS or VTS tests.

Bug: 181893400
Test: atest android.security.identity.cts on emulator
Test: atest android.security.identity.cts on crosshatch (w/ Android 11 era HAL)
Test: CtsVerifier's Identity Credential Authentication test crosshatch (w/ Android 11 era HAL)
Change-Id: I45a3fd16eff3b6a232d8b8c88f2e3dd3619a9c03
2021-03-08 11:10:28 -05:00
Bob Badour
4c7858c848 [LSC] Add LOCAL_LICENSE_KINDS to system/security
Added SPDX-license-identifier-Apache-2.0 to:
  fsverity_init/Android.bp
  identity/Android.bp
  keystore/tests/Android.bp
  keystore2/Android.bp
  keystore2/aaid/Android.bp
  keystore2/aidl/Android.bp
  keystore2/apc_compat/Android.bp
  keystore2/selinux/Android.bp
  keystore2/src/crypto/Android.bp
  keystore2/src/km_compat/Android.bp
  ondevice-signing/Android.bp
  provisioner/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
  Android.bp
  keystore/Android.bp

Added SPDX-license-identifier-BSD to:
  keystore-engine/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all

Exempt-From-Owner-Approval: janitorial work
Change-Id: Ic9e19695bd19c3f127dfd545df60e4c9df89af77
2021-02-14 10:37:25 -08:00
Bill Yi
94f6a64cb7 Merge RQ1A.210105.003 to aosp-master - DO NOT MERGE
Merged-In: Ida4af108e86b538ab64d1dea4809cfa3b36f74cd
Merged-In: I598802169728b46b0e6592f08d05936f9846b252
Change-Id: Ic188f4755abb38c71fa11d534add3f0ee8ad353c
2021-01-06 05:08:26 +00:00
Shawn Willden
613b2d5663 Update to support keymaster's configurable version.
Test: Keystore CTS tests
Bug: b/173577355
Change-Id: Iccb0b197bd939ad867ae3b02fcc69630809f1f21
2020-11-23 22:25:57 -07:00
Hasini Gunasinghe
33b83f6f32 Make mIsDeviceLockedForUser synchronized.
Bug: 169933423
Test: TBD/Treehugger passes
Change-Id: I8e1f57dd5ab8314801bdd62058c9ed5f761b7c55
(cherry picked from commit 106f46eaa6)
2020-11-18 22:51:56 +00:00
Jooyung Han
1eec75aaa7 Use std::optional instead of std::unique_ptr
Since Android R, Parcel provides read/write methods for "@nullable"
values using std::optional.

Bug: 149784838
Test: m
Change-Id: I343841e690ed2d00548bb2ad623e07fa26823214
2020-11-18 15:02:52 +09:00
Branden Archer
2f0c3976e3 Add @SensitiveData to Keystore service and callback
Bug: 171501998
Test: Builds and manual evaluation
Change-Id: Ie2f88994afca298df34020bc62659e7c51060e6e
2020-11-04 13:26:46 -08:00
Mathew Inwood
271f57b52c Add maxTargetSdk restriction to unused APIs.
These are APIs that have @UnsupportedAppUsage but for which we don't
have any evidence of them currently being used, so should be safe to remove
from the unsupported list.

Bug: 170729553
Test: Treehugger
Change-Id: I54fce50d3fb9d3ba02eae312c478bac419a46ede
2020-10-26 11:21:01 +00:00
Hasini Gunasinghe
2481b9deb7 Pass default values for the optional fields in attestation logs
This CL provides the fix for the issue reported in b/169959923.

Bug: 169959923
Test: tested using statsd_testdrive script.
Change-Id: I3fe42e85abd0976782795ad4fa13a804702624d6
2020-10-05 12:46:42 +00:00
Edman Anjos
e18c228d11 Merge "Model KeyStore security level in keymaster worker" am: ae73ca248e
Original change: https://android-review.googlesource.com/c/platform/system/security/+/1418729

Change-Id: I72df29824042c5e517744f2e19da5cfc9b3c4c8c
2020-09-08 13:39:10 +00:00
Edman Anjos
ba9b7d32a7 Model KeyStore security level in keymaster worker
On certain device configurations the security level reported by the
Keymaster HAL differs from the security level understood in KeyStore.
Namely, on devices with only a software Keymaster, KeyStore will set it
in the TEE slot, and create a new in-process legacy Keymaster for the
software slot.

This change introduces a field to keymaster worker to represent the
security level that KeyStore understands this worker to operate on.

Bug: 167412989
Test: atest CtsKeystoreTestCases
Change-Id: Ifeaa4782913be45d89cdd175a02302c7dc318719
2020-09-02 19:11:37 +02:00
Xin Li
98003f1d08 Merge Android R (rvc-dev-plus-aosp-without-vendor@6692709)
Bug: 166295507
Merged-In: Ibd6ee7bf201a920e72602010bef128083f235453
Change-Id: Id31817f370322187d410dbd76e3d19184f9cf28d
2020-08-28 13:59:20 -07:00
Treehugger Robot
3b7ee238bd Merge "Adding TEST_MAPPING to system/security/keystore" 2020-08-20 16:25:48 +00:00
Max Bires
788136d2fa Adding TEST_MAPPING to system/security/keystore
This file maps to about 4 minutes and 15 seconds of tests within
Keystore to be added to presubmit.

Bug: 158797959
Test: atest --test-mapping
Change-Id: I3cb6614d3f3b3fe43f326f50e2dfa915a1b81d21
2020-08-20 00:40:28 -07:00
Hasini Gunasinghe
8c8c2d4676 Log keystore key attestation events using statsd.
This is the third CL on sending keystore logging to statsd.
This creates the logs for key attestation events.
Test: Adding tests for logging is yet to be decided.
Bug: 157664923
Merged-In: I412ac59fd6bb2dbcb380f8579740d02ce2fd8790
Change-Id: I16cac8c4ee950adc330659dcb648052e8b2b41a2
2020-08-12 16:19:11 +00:00
Hasini Gunasinghe
242460eac7 Log keystore key operation events using statsd.
This is the second CL on migrating keystore logging to statsd.
This migrates the logging for key operation events.
Three new ResponseCodes are added for the logging purpose of the
	abort operations.

Test: Adding tests for logging is yet to be decided.
Change-Id: Iede72341b0f4c80199c9e16cef96a5d98bca8754
Merged-In: I68c1d89beeb733e4b6ba493b8d95935b7e73df60
2020-08-12 15:11:11 +00:00
Hasini Gunasinghe
4e55c2f279 Log keystore key creation events using statsd.
This is the first CL on migrating keystore logging to use statsd.
This migrates the logging for key creation events
	(generation/import).
A work-around is implemented to handle repeated fields via bitmaps
	because statsd does not support repeated fields as of now.

Test: Adding tests for logging is yet to be decided.
Bug: 157664923
Change-Id: Id23724cfbd21dca8ef5fd77e5712c0bc2e727f4b
Merged-In: Id23724cfbd21dca8ef5fd77e5712c0bc2e727f4b
2020-08-06 13:52:36 -07:00
Stephen Hines
8b68026faa Switch from count to N for template due to ambiguity with std::count
Recent versions of Clang will flag this use of `count` in namespace
`std` as ambiguous due to the existence of `std::count`. To remove this
problem, we can switch to the commonly used `N` for array sizes.

Bug: http://b/155835175
Test: m with aosp_blueline
Change-Id: I983180b6e2e94dadb095f531e13ea415468ee104
2020-07-15 18:12:36 -07:00
Orion Hodson
e86b1db7c4 Merge "Remove unused libnativehelper include" am: c373ce2a88 am: 74685e1ecd
Original change: https://android-review.googlesource.com/c/platform/system/security/+/1354335

Change-Id: I779cae1f133b3364c383687cdabde70c6ab088ee
2020-07-07 09:18:43 +00:00
Orion Hodson
45d12bd92b Remove unused libnativehelper include
Bug: 152482542
Test: build clean-up
Change-Id: Ibe4534362891201476ee31fee19663f9bc8e1410
2020-07-02 13:16:19 +01:00
Hasini Gunasinghe
bf1f103c08 Log keystore key attestation events using statsd. am: 9d2bd25cbd
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/11972698

Change-Id: I5cc2032a293a28fd6e10728ac9e908aea02624c3
2020-06-23 19:45:11 +00:00
Hasini Gunasinghe
9d2bd25cbd Log keystore key attestation events using statsd.
This is the third CL on sending keystore logging to statsd.
This creates the logs for key attestation events.
Test: Adding tests for logging is yet to be decided.
Bug: 157664923

Change-Id: I412ac59fd6bb2dbcb380f8579740d02ce2fd8790
2020-06-23 16:52:31 +00:00
Hasini Gunasinghe
9cc5da2dc2 Log keystore key operation events using statsd. am: 0dab3eb11f
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/11869299

Change-Id: If48a6ff7b3070fbf3a19f429bf51f4398ca1f251
2020-06-18 00:38:56 +00:00
Hasini Gunasinghe
2d84b2d7fa Log keystore key creation events using statsd. am: 0e88123f7d
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/11822381

Change-Id: Ib75f0e391ab0d1664497564751285962b243e68b
2020-06-17 18:23:28 +00:00
Hasini Gunasinghe
0dab3eb11f Log keystore key operation events using statsd.
This is the second CL on migrating keystore logging to statsd.
This migrates the logging for key operation events.
Three new ResponseCodes are added for the logging purpose of the
	abort operations.

Test: Adding tests for logging is yet to be decided.
Change-Id: I68c1d89beeb733e4b6ba493b8d95935b7e73df60
Bug: 157664923
2020-06-15 16:44:54 +00:00
Hasini Gunasinghe
0e88123f7d Log keystore key creation events using statsd.
This is the first CL on migrating keystore logging to use statsd.
This migrates the logging for key creation events
	(generation/import).
A work-around is implemented to handle repeated fields via bitmaps
	because statsd does not support repeated fields as of now.

Test: Adding tests for logging is yet to be decided.
Bug: 157664923
Change-Id: I76900eb2abec627afb80573cda25340186e9f244

Change-Id: Id23724cfbd21dca8ef5fd77e5712c0bc2e727f4b
2020-06-13 04:33:11 +00:00
David Zeuthen
f635cf0e31 keystore: Pass verification token to credstore along with requested auth token.
This is needed because the Secure Areas backing the Identity
Credential HAL may exist in a different environment from where the
auth token is minted. In this case, the Secure Area needs a
verification token to make sense of the timestamp in the auth token.

Getting a verification token is an asynchronous operation so change
the binder method used by credstore to be asynchronous as well.

Bug: 156076333
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Merged-In: Id6cb6812a31d968069b7d72bd2b39b512d38d241
Change-Id: I6d75a4fd5cf3607f08dee33da7db5f0f20923656
2020-05-08 13:42:44 -04:00
David Zeuthen
59102f388f keystore: Pass verification token to credstore along with requested auth token.
This is needed because the Secure Areas backing the Identity
Credential HAL may exist in a different environment from where the
auth token is minted. In this case, the Secure Area needs a
verification token to make sense of the timestamp in the auth token.

Getting a verification token is an asynchronous operation so change
the binder method used by credstore to be asynchronous as well.

Bug: 156076333
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Change-Id: Id6cb6812a31d968069b7d72bd2b39b512d38d241
2020-05-08 11:30:49 -04:00
Bill Yi
de087d8746 Merge "Merge android10-qpr2-s3-release to aosp/master - DO NOT MERGE" 2020-05-06 15:59:08 +00:00
Dorin Drimus
2f43a6a754 Allow device properties attestation in attestKey
Allow base device properties that are not unique IDs and don't
require special permission to be attested from any process.

Test: atest CtsKeystoreTestCases
Bug: 152945378
Change-Id: I45eeda0eac725fd0ad28caf25a5a183fe117fabb
2020-05-05 19:19:24 +02:00
Bill Yi
3255773023 Merge android10-qpr2-s3-release to aosp/master - DO NOT MERGE
Change-Id: Ic781131f8d6c84feacd1df31c5dbdd5533c3f24c
2020-05-04 20:39:43 -07:00
Dorin Drimus
4b7a7fb5f8 Allow attest to device properties
Attesting (only) to device properties is allowed without special
permission (android.permission.READ_PRIVILEGED_PHONE_STATE) since
base device properties should be accessible to everyone. For
unique identifying IDs attestation the permission is still needed.

Test: atest CtsKeystoreTestCases
Bug: 152945378
Change-Id: I8395e0c18cfc91916a172d20dd6049c7c027e8d9
2020-05-01 16:45:29 +00:00
Janis Danisevskis
1642dc0039 Add permission check on onKeyguardVisibilityChanged
Without this permission check any app can toggle the locked state of
keymaster once it has been unlocked for the first time.

Bug: 144285084
Test: Manually tested with debugger that the requred code paths are
      run.

Merged-In: Idb8a200dc2963e1085e9fddd0c565c5172465e65
Change-Id: Idb8a200dc2963e1085e9fddd0c565c5172465e65
(cherry picked from commit 21f452c372)
(cherry picked from commit aad9178b57)
2020-03-19 04:53:04 +00:00