Remove improper import and make the flag a constant
with the read only option
Bug: 191777960
Test: m keystore2
Change-Id: I34bd2d0d891686c93a167456e8d50eec75374244
KeyMint.generateKey requires a challenge to be passed when a key
blob is also passed. The test missed this, and was thus failing on
compliant HALs.
Bug: 301223273
Test: keystore2_test
Change-Id: Icf7a32683c85d87fddd7d05ba07a110bb4e38c79
This cl adds a version of libdiced_sample_inputs
that is compatible with the nostd environment.
This allows the sample inputs to be used as DICE
chain in the non-protected rialto later for testing
purposes.
Test: atest libdiced_sample_inputs.integration_test \
libdiced_sample_inputs_nostd.integration_test
Bug: 287233786
Change-Id: I6e96e051a8ba0b232521b259d5473520ac767383
Define SerializedError wire type for convenience and type safety. It
does not change the rules of how errors are downcasted to an i32.
Change operation outcome errors from Keymint ErrorCode to
SerializedError. This has an intended effect of binder errors being
reported to metrics as ResponseCode::SYSTEM_ERROR instead of
ErrorCode::UNKNOWN_ERROR.
Also update comments.
Bug: 298194325
Test: m
Change-Id: Ieff70245b776c38845c4f5142ab13d438ff79104
Removed `libkeymint_vts_test_utils` and its dependent libs from static
libs list and added only `libkeymint_vts_test_utils` in shared libs
list.
Test: m libkeystore2_test_utils; atest keystore2_client_tests; atest keystore2_test_utils_test;
atest keystore2_test
Bug: 194359114
Change-Id: Iab4b8c174af81a8c64a9f44fcd634d54f78773da
New devices will no longer have hwservicemanager installed as part of
HIDL deprecation. So this service must not crash when it's not found.
From keystore2's perspective, this is the same as not having the HIDL
Keymaster HALs installed.
Test: remove hwservicemanager from
device/google/cuttlefish/shared/device.mk && launch_cvd
Bug: 298454031
Change-Id: I4c7cefd388936aff821cff572a8af1b6f69f82d1
Also remove benign logging when there are multiple strong
biometrics.
Test: adb logcat on CF while adding/removing user/pwd
Change-Id: I777404d566990a4a604554133c0d87abba2200bc
Instead of listing all the possible parameters, put them in a struct
(as the C API does).
This means callers only have to list the ones they use, and a new
parameter doesn't require all clients to change.
Bug: 291241882
Test: atest -p in diced
Change-Id: I7c4925385e30ba9fcec0dc188747a23d7df614d7
Symbols for Android in open-dice now use the DiceAndroid* prefix rather
than the Bcc* prefix. This does not migrate the whole library away from
the legacy BCC nomencalture.
Test: TH
Change-Id: I878de15f663ee2bcb678db12475cae6c45fc8b87
We publish a prebuilt rkp_factory_extraction_tool online, so we should
only dynamically load the libraries that we cannot avoid (e.g. libdl)
Test: built and ran tool
Change-Id: Id109e12dde841797169f0a4e54fa2ede558da252
We will be publishing more tools for partners, and they should live
together. With that in mind, move the rkp_factory_extraction_tool dist
to "rkp/" instead of "rkp_factory_extraction_tool/".
Test: Built it
Change-Id: Ic86fe555a75dfe12a4cae1b4be48c33bae95ecbb
These will soon be required by a lint.
Some functions were incorrectly marked as safe which were not actually
safe, so I've fixed those too.
Bug: 290018030
Test: m rust
Change-Id: I38df6a8162d430617f123ab1aace38b741458fce
Rework the defaults to avoid enabling vendor_available, apex_available,
or host_supported in the "_nostd" libraries, where they shouldn't be
used as the static libraries built from these modules aren't distributed
through APEXes or vendor code and are not expected to be compatible with
the host.
Bug: 293260907
Test: mmma external/open-dice
Change-Id: Ia922ed6b8d525c89724a5dc70bbd0d9621f1ba92
Changes made in keystore2-client-tests to verify the key characteristics
of generated and imported keys.
Bug: 279721870
Test: atest keystore2_client_tests
Change-Id: I30c1fb2bdb1d69d321d356453d895db73347acde
