Commit graph

8233 commits

Author SHA1 Message Date
Eric Biggers
6745f53b46 keystore2: log super key creation
Log an informational message when creating each of a user's super keys,
as these are significant events.

Bug: 296464083
Test: atest -p --include-subdirs system/security/keystore2
Flag: exempt, just adds a log message
Change-Id: I9d76a0ec06fae208412f4c6cf1b7dd739b023a61
2023-11-02 21:19:31 +00:00
Eric Biggers
456a3a6974 keystore2: factor out create_super_key()
Currently the UnlockedDeviceRequired super keys are created by
get_or_create_super_key(), while the AfterFirstUnlock super key is
created by separate code in init_user().  The super key creation code in
get_or_create_super_key() is generic enough to work for all super keys,
however.  This CL factors this code out into a new function
create_super_key(), which a later CL will use for the AfterFirstUnlock
super key.  No change in behavior.

Bug: 296464083
Test: atest -p --include-subdirs system/security/keystore2
Flag: exempt, mechanical refactoring
Change-Id: I88779273efef6cb925152381c07549e1f49daecf
2023-11-02 21:19:31 +00:00
James Willcox
855f233004 Merge "Add getLastAuthTime() to IKeystoreAuthorization" into main 2023-11-02 21:09:20 +00:00
James Willcox
d215da817a Add getLastAuthTime() to IKeystoreAuthorization
This returns the time (from CLOCK_MONOTONIC_RAW) that the specified user
last authenticated using the given authenticator.

Bug: 303839446
Test: atest keystore2_client_tests
Change-Id: Idd4c477365ffa556b7985d1d926dfa554680ff28
2023-10-31 20:30:50 +00:00
Treehugger Robot
449c3b2cec Merge "Adding tests using APPLICATION_DATA and APPLICATION_ID." into main 2023-10-31 18:22:42 +00:00
Shaquille Johnson
ca3fa2b990 Merge "Add flag for deprecation of Legacy Keystore" into main 2023-10-30 05:18:05 +00:00
Shaquille Johnson
7e4cd0ade7 Add flag for deprecation of Legacy Keystore
Test: m keystore2
Bug: 307460850
Change-Id: Ib09449ad1a84c9f6dd455d8b14e1830788c86d49
2023-10-30 03:53:36 +00:00
Rajesh Nyamagoud
290dd7386f Adding tests using APPLICATION_DATA and APPLICATION_ID.
1. Generate a key with application-data and use the generated key to
   create an operation using the same application-data. Test should
   create an operation successfully.

2. Generate a key with application-data and use the generated key to
   create an operation using different application-data. Test should
   fail to create an operation with `INVALID_KEY_BLOB` error code.

3. Generate a key with application-id and use the generated key to
   create an operation using the same application-id. Test should
   create an operation successfully.

4. Generate a key with application-id and use the generated key to
   create an operation using different application-id. Test should
   fail to create an operation with `INVALID_KEY_BLOB` error code.

5. Generate an attestation key without app-id and app-data. Test should
   generate a new key with specifying app-id, app-data and using
   previously generated attestation key. Test should be able to generate
   a new key successfully.

6. Generate an attestation key with app-id and app-data. Test should try
   to generate an attested key using previously generated attestation
   key without specifying same app-id, app-data. Test should fail to
   generate a new key with an error code `INVALID_KEY_BLOB`. It is an
   oversight of the Keystore API that `APPLICATION_ID` and
   `APPLICATION_DATA` tags cannot be provided to generateKey for
   an attestation key that was generated with them.

Bug: 279721870
Test: atest keystore2_client_tests
Change-Id: I56fad4806c6d96c5994f4affdd7aa6620b1f1be8
2023-10-27 19:25:09 +00:00
Tri Vo
c08cf0863a Merge "Add keystore2_client_tests to VTS" into main 2023-10-27 16:07:38 +00:00
Eran Messeri
6b0612d62c Merge "Add keystore2_client_tests to TEST_MAPPING" into main 2023-10-25 18:49:43 +00:00
Tri Vo
4e6dbef7f7 Add keystore2_client_tests to VTS
Bug: 194359114
Test: keystore2_client_tests
Change-Id: I74f29e8c42fd6fdca07a7999dfc2e5345ad45c09
2023-10-23 14:50:30 -04:00
Tri Vo
724e4e5660 Add keystore2_client_tests to TEST_MAPPING
Bug: 194359114
Test: keystore2_client_tests
Change-Id: Ia5f774cd797d1b4b4e343a5588833739ad4843ee
2023-10-23 14:50:25 -04:00
Eran Messeri
f692f42327 Merge "The INCLUDE_UNIQUE_ID parameter is not strictly expected to be in key authorizations." into main 2023-10-20 16:14:01 +00:00
Rajesh Nyamagoud
17a9261560 The INCLUDE_UNIQUE_ID parameter is not strictly expected to be in key authorizations.
Bug: 279721870
Test: atest keystore2_client_tests
Change-Id: Ic5724cf7ea2b6ad6d1f80e34524af777e5e0ea49
2023-10-19 17:29:12 +00:00
Eric Biggers
6ec35f4461 Merge changes I98f7716d,I9b16934f,I78f15e21 into main
* changes:
  keystore2: rename the ScreenLockBound superencryption keys and type
  keystore2: rename the LskfBound superencryption key and type
  keystore2: rename values of UserState enum
2023-10-19 16:22:26 +00:00
Eric Biggers
b1f641d7a5 keystore2: rename the ScreenLockBound superencryption keys and type
Rename the ScreenLockBound superencryption keys and superencryption type
to UnlockedDeviceRequired.  This avoids confusion about what "screen
lock bound" means and makes the terminology consistent with the
UnlockedDeviceRequired key parameter in the API.

Bug: 296464083
Test: atest -p --include-subdirs system/security/keystore2
Test: atest CtsKeystoreTestCases
Flag: exempt, mechanical refactoring and comment changes
Change-Id: I98f7716d05c06f8c6db0f3eb616fb6e780407c2d
2023-10-18 01:54:18 +00:00
Eric Biggers
673d34addb keystore2: rename the LskfBound superencryption key and type
Rename the LskfBound superencryption key and superencryption type (also
known as per-boot) to AfterFirstUnlock.

This makes it much clearer what the protection of this key is.  This
includes avoiding the misleading use of "LSKF"; the secret that's
actually relevant is the user's synthetic password, which is most
commonly unlocked with the LSKF but can potentially be unlocked in other
ways.  This is also helpful for the planned change to make the user's
super keys exist even while the user doesn't have an LSKF.

Bug: 296464083
Test: atest -p --include-subdirs system/security/keystore2
Test: atest CtsKeystoreTestCases
Flag: exempt, mechanical refactoring and comment changes
Change-Id: I9b16934f37222fef2bf01830f521928ef2c1853a
2023-10-18 01:54:18 +00:00
Eric Biggers
1386937eca keystore2: rename values of UserState enum
Rename UserState::LskfLocked to UserState::BeforeFirstUnlock, and
rename UserState::LskfUnlocked to UserState::AfterFirstUnlock.

This makes it much clearer what these states are.  This includes
avoiding the misleading use of "LSKF"; the secret that's actually
relevant is the user's synthetic password, which is most commonly
unlocked with the LSKF but can potentially be unlocked in other ways.
This is also helpful for the planned change to make the user's super
keys exist even while the user doesn't have an LSKF.

Bug: 296464083
Test: atest -p --include-subdirs system/security/keystore2
Test: atest CtsKeystoreTestCases
Flag: exempt, mechanical refactoring and comment changes
Change-Id: I78f15e2165876951c98e22e577fc4c92a3602b3b
2023-10-18 01:54:18 +00:00
Victor Hsieh
61e3d4fa11 Merge "Flag guard to make fsverity_init a no-op" into main 2023-10-17 18:25:10 +00:00
Victor Hsieh
0da66a5537 Flag guard to make fsverity_init a no-op
As early as fsverity_init, the flag can only be static (thus
is_fixed_read_only). It is now a constant/false and will be flipped
during the ramp up at build time.

Bug: 290064770
Test: mma
Test: Inspect the generated code
Change-Id: I4bd1addb996705f6e6b9f75313bf22b9ecd3e11c
2023-10-17 10:54:28 -07:00
Treehugger Robot
7eea1e3c1c Merge "Update needed for Rust v1.73.0" into main 2023-10-17 16:33:52 +00:00
David Drysdale
abdfe3a53e Merge "Add utilities to deal with software keyblobs" into main 2023-10-17 06:44:29 +00:00
Treehugger Robot
e79fe80acf Merge changes Ic7857267,I2bf53018 into main
* changes:
  Adding tests to check unique id attestation.
  Changes are made in keystore-client-tests to verify CREATION_DATETIME, ATTESTATION_CHALLENGE and ATTESTATION_APPLICATION_ID.
2023-10-16 17:20:52 +00:00
Eric Biggers
b6d1dfbe0b Merge "Remove IKeystoreMaintenance#getState()" into main 2023-10-16 16:26:56 +00:00
Alice Wang
3fed4bfcae Merge "[dice] Move open-dice Rust wrapper libraries to virt" into main 2023-10-16 15:07:50 +00:00
Alice Wang
817b5a046b [dice] Move open-dice Rust wrapper libraries to virt
Since these wrapper libraries are only used in virt projects.

Test: atest MicrodroidHostTests
Change-Id: I917c06bd031bb5bcd493fdc3435f8ec688bb705e
2023-10-16 13:47:23 +00:00
Charisee
6fff58e850 Update needed for Rust v1.73.0
Bug: 303252546
Test: ./test_compiler.py --prebuilt-path dist/rust-dev.tar.xz  --target aosp_cf_x86_64_phone --image
Change-Id: Icbe8740b2bff6bf35fd18cdaee1518af5a11a348
2023-10-14 21:11:03 +00:00
Alice Wang
28c7dceb22 Merge "[dice] Add API to derive CDI_Leaf_Priv from DiceArtifacts" into main 2023-10-13 14:34:18 +00:00
Treehugger Robot
df6fe6d17d Merge "Adding tests using MAX_USES_PER_BOOT, EARLY_BOOT_ONLY, BOOTLOADER_ONLY and USAGE_COUNT_LIMIT" into main 2023-10-13 10:56:03 +00:00
Alice Wang
fd9ebcf62e [dice] Add API to derive CDI_Leaf_Priv from DiceArtifacts
This function will be uses in several places for pVM
remote attestation.

Bug: 303807447
Test: atest libdiced_sample_inputs.integration_test \
libdiced_sample_inputs_nostd.integration_test

Change-Id: I6f45ff35c6e48eb42a32d28c1eb3e851859db655
2023-10-13 08:38:29 +00:00
David Drysdale
c0ed986a8d Add utilities to deal with software keyblobs
Add code (adapted from system/keymint/common/src/keyblob/legacy.rs)
which parses keyblobs in the format produced by the previous C++
reference implementation of KeyMint.

Bug: 283077822
Bug: 296403357
Test: tested with ARC upgrade, see b/296403357
Change-Id: I519eed0ac968d5c2595f95609ffadede5d2d2677
2023-10-12 09:27:49 +01:00
David Drysdale
cc5143e2b1 Merge changes I8539455e,I14f0d535 into main
* changes:
  Cope with Keymaster->KeyMint device upgrade
  Commonize upgrade_keyblob_if_required_with
2023-10-11 10:50:21 +00:00
Tri Vo
1cb39dd704 Merge "Adding tests using tags ACTIVE_DATETIME, ORIGINATION_EXPIRE_DATETIME, USAGE_EXPIRE_DATETIME." into main 2023-10-10 14:21:18 +00:00
Tri Vo
deeda26f0f Merge "Restructuring of AAID using aidl_interface build system." into main 2023-10-10 14:04:23 +00:00
David Drysdale
5accbaa18a Cope with Keymaster->KeyMint device upgrade
When handling keyblob upgrade required, also watch out for an invalid
keyblob error that might indicate that a key used to be a
km_compat-wrapped Keymaster key.

In this situation, try stripping off the km_compat prefix and
attempt upgrade of the inner keyblob data instead.

Bug: 251426862
Bug: 283077822
Bug: 296403357
Test: tested with ARC upgrade, see b/296403357
Change-Id: I8539455e33ab2e1c97f26174476ee9d616269e74
2023-10-10 07:04:50 +01:00
Eric Biggers
2f9498af06 Remove IKeystoreMaintenance#getState()
IKeystoreMaintenance#getState() is no longer called, so remove it along
with the enum value for the GetState permission.

Bug: 296464083
Test: atest -p --include-subdirs system/security/keystore2
Change-Id: I9ec6cca78cd1eb899ac7adfc99fc5eee41dc7e44
2023-10-09 23:16:05 +00:00
Rajesh Nyamagoud
f408c28c0e Adding tests to check unique id attestation.
Bug: 279721870
Test: atest keystore2_client_tests
Change-Id: Ic7857267345035ad0d92d8176d34cfe3e64e5c62
2023-10-09 21:59:43 +00:00
Rajesh Nyamagoud
5f6db2f442 Changes are made in keystore-client-tests to verify CREATION_DATETIME,
ATTESTATION_CHALLENGE and ATTESTATION_APPLICATION_ID.

Bug: 279721870
Test: atest keystore2_client_tests
Change-Id: I2bf530189e41ede27763ef696ff9a126c4110e24
2023-10-09 21:51:19 +00:00
Rajesh Nyamagoud
f436a9326c Adding tests using MAX_USES_PER_BOOT, EARLY_BOOT_ONLY, BOOTLOADER_ONLY and USAGE_COUNT_LIMIT
1. Generate a key with `BOOTLOADER_ONLY` tag. Test should successfully
   generate a key and verify the key characteristics. Test should fail
   with error code `INVALID_KEY_BLOB` during creation of an operation
   using this key.

2. Generate a key with `EARLY_BOOT_ONLY` tag. Test should successfully
   generate a key and verify the key characteristics. Test should fail
   with error code `EARLY_BOOT_ENDED` during creation of an operation
   using this key.

3. Generate a key with `MAX_USES_PER_BOOT` tag. Test should successfully
   generate a key and verify the key characteristics. Test should be
   able to use the key successfully `MAX_USES_COUNT` times. After
   exceeding key usage `MAX_USES_COUNT` times subsequent attempts to use
   the key in test should fail with error code `MAX_OPS_EXCEEDED`.

4. Generate a key with `USAGE_COUNT_LIMIT` tag. Test should successfully
   generate a key and verify the key characteristics. Test should be
   able to use the key successfully `MAX_USES_COUNT` times. After
   exceeding key usage `MAX_USES_COUNT` times subsequent attempts to use
   the key in test should fail with error code `KEY_NOT_FOUND`. Test
   should also check attest record for attested keys that
   `USAGE_COUNT_LIMIT` is included in attest record.

Bug: 279721870
Test: atest keystore2_client_tests
Change-Id: I205964b571d92dc0fcbd11b1f6d45bc3aea7c050
2023-10-09 21:44:48 +00:00
Rajesh Nyamagoud
75dfa0c2ec Adding tests using tags ACTIVE_DATETIME, ORIGINATION_EXPIRE_DATETIME,
USAGE_EXPIRE_DATETIME.

1. Tests will generate a key with current date and time set to
   active-datetime and verify the key characteristics. Test will use
   this key to create a sign operation successfully.

2. Test will generate a key with future date set to active-datetime and
   verify the key characteristics. Test will fail with error code
   `KEY_NOT_YET_VALID` while creating an operation using generated key.

3. Tests will generate a key with future date and time set to
   origination-expire-datetime and verify the key characteristics. Test
   will use this key to create a sign operation successfully.

4. Test will generate a key with current date and time set to
   origination-expire-datetime and verify the key characteristics. Test
   will fail with error code `KEY_EXPIRED` while creating an operation
   using generated key.

5. Tests will generate a key with future date and time set to
   usage-expire-datetime and verify the key characteristics. Test
   will use this key to successfully verify the signature created using
   this key.

6. Tests will generate a key with current date and time set to
   usage-expire-datetime and verify the key characteristics. Test
   will fail with error code `KEY_EXPIRED` while verifying the signature
   created using this key.

7. Test will generate a AES key with future date and time set to
   usage-expire-datetime and verify the key characteristics. Test
   will perform encrypt and decrypt operations using this generated key
   successfully.

8. Test will generate a AES key with current date and time set to
   usage-expire-datetime and verify the key characteristics. Test
   will fail with error code `KEY_EXPIRED` while creating Decrypt
   operation using generated key.

Bug: 279721870
Test: atest keystore2_client_tests
Change-Id: I8a0865a6256a6da133e95d0ee8250ba67359a2a2
2023-10-09 21:10:00 +00:00
Eric Biggers
3363996eaf Merge "IKeystoreMaintenance.aidl: document permissions correctly" into main 2023-10-09 16:41:43 +00:00
Tri Vo
9314fa1a6a Merge "Removed dependency on libkeymint_vts_test_utils." into main 2023-10-09 15:17:48 +00:00
David Drysdale
96db425969 Commonize upgrade_keyblob_if_required_with
Bug: 251426862
Bug: 283077822
Bug: 296403357
Test: tested with ARC upgrade, see b/296403357
Change-Id: I14f0d53585c97da2ebdbd53aafa18c4d8b778e17
2023-10-09 10:07:26 +01:00
Rajesh Nyamagoud
19fe29adb3 Removed dependency on libkeymint_vts_test_utils.
Test: mmm system/security/keystore2/test_utils/; mmm system/security/keystore2/tests;
atest keystore2_client_tests; atest keystore2_test_utils_test; atest keystore2_test; atest keystore2_legacy_blobs_test;
Bug: 194359114

Change-Id: I2e17697c8ea54b1c38e128b32b4d30f1214c51fc
2023-10-06 23:15:21 +00:00
Eric Biggers
37e72923ce IKeystoreMaintenance.aidl: document permissions correctly
Test: N/A
Change-Id: Ia31dd277e17d32b857d1dd0fe58b8903c6ad2679
2023-10-06 21:42:06 +00:00
Rajesh Nyamagoud
3f6c15c656 Restructuring of AAID using aidl_interface build system.
Making changes to use cpp backend generated by aidl_interface
build system for KeyAttestationApplicationProvider.
Removed custom parcelables defined for AAID.
Updated the tests to use the aidl_interface generated bindings.

Bug: 267452060
Test: atest android.keystore.cts.KeyAttestationTest; atest
keystore_unit_tests; keystoreSignature_fuzzer;
keystorePackageInfo_fuzzer; keystoreApplicationId_fuzzer;
keystoreAttestationId_fuzzer

Change-Id: Ibdfb8e2837538d01a04b6771b1a71c38529d1307
2023-10-06 04:23:41 +00:00
Shaquille Johnson
1a7cd1d195 Merge "Use pragma WAL in db connections" into main am: 3df6966cd6
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2763288

Change-Id: I62e8915eeb935c11f7e54ff788f513e9cab1694b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-10-04 12:17:53 +00:00
Shaquille Johnson
3df6966cd6 Merge "Use pragma WAL in db connections" into main 2023-10-04 11:40:49 +00:00
Shaquille Johnson
7f5a815ac4 Use pragma WAL in db connections
WAL mode allows db connections to open when the disk
is full. This is done in the current and legacy db and
tested manually by the commandline.

Testing: Filled a file with empty values until it took up all the space on the disk then accessed the database. This was not possible with this mode disabled but was once I enabled it on a new flash

Bug: 191777960
Test: atest keystore2_test and atest CtsKeystoreTestCases, filled real device to full and tested
Change-Id: Ic1a45fd635168061a6c5489a42a67cb59d3ddc6a
2023-10-03 11:39:28 +00:00
Shaquille Johnson
ab681b262f Merge "Remove java generated files" into main am: 89f48f77c8
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2766245

Change-Id: I49779d4ca387bcbb722777f4abd7d4c790199dc0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-09-28 11:08:58 +00:00