From 86edc262aff711af9edf24e6a2ba9cb8f4253178 Mon Sep 17 00:00:00 2001
From: Max Bires <jbires@google.com>
Date: Fri, 23 Jul 2021 01:26:00 -0700
Subject: [PATCH] AesInvalidKeySize skip 192 on SB devices

This change clarifies the language to specify that StrongBox devices
must only support key sizes of 128 and 256. Additionally, it changes the
new AesInvalidKeySize test to only enforce against StrongBox instances
on devices that launch on S or later, not previously launched devices.

Ignore-AOSP-First: CP to AOSP
Bug: 191736606
Test: Test passes on a StrongBox enabled device
Change-Id: I1a27a0d61e5247ad90c8f5b1423f2a1567016bac
---
 keymaster/4.0/vts/functional/KeymasterHidlTest.cpp            | 4 ++++
 .../android/hardware/security/keymint/IKeyMintDevice.aidl     | 3 ++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp b/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
index d0ad433464..d326334510 100644
--- a/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
+++ b/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
@@ -21,6 +21,7 @@
 
 #include <android-base/logging.h>
 #include <android/hidl/manager/1.0/IServiceManager.h>
+#include <cutils/properties.h>
 
 #include <keymasterV4_0/key_param_output.h>
 #include <keymasterV4_0/keymaster_utils.h>
@@ -685,6 +686,9 @@ std::vector<uint32_t> KeymasterHidlTest::InvalidKeySizes(Algorithm algorithm) {
             case Algorithm::EC:
                 return {224, 384, 521};
             case Algorithm::AES:
+                // The HAL language was clarified to exclude AES key sizes of 192 for StrongBox
+                // instances on devices launched on API Level 31 and above.
+                if (property_get_int32("ro.board.first_api_level", 0) < 31) return {};
                 return {192};
             default:
                 return {};
diff --git a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
index 18497236eb..cd8cfc5f6e 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
@@ -96,7 +96,8 @@ import android.hardware.security.secureclock.TimeStampToken;
  *
  * o   AES
  *
- *      - 128 and 256-bit keys
+ *      - TRUSTED_ENVIRONMENT IKeyMintDevices must support 128, 192 and 256-bit keys.
+ *        STRONGBOX IKeyMintDevices must only support 128 and 256-bit keys.
  *      - CBC, CTR, ECB and GCM modes.  The GCM mode must not allow the use of tags smaller than 96
  *        bits or nonce lengths other than 96 bits.
  *      - CBC and ECB modes must support unpadded and PKCS7 padding modes.  With no padding CBC and