From 9b8d75eacb8288f98f8697d7884123840f54c60c Mon Sep 17 00:00:00 2001 From: David Drysdale Date: Tue, 5 Sep 2023 15:16:47 +0100 Subject: [PATCH] KeyMint: clarify EC_CURVE on import Bug: 292318194 Test: VtsAidlKeyMintTargetTest Change-Id: I4194b70f1da8816e19f231331c738050c2b7d59f --- .../security/keymint/IKeyMintDevice.aidl | 6 ++++ .../aidl/vts/functional/KeyMintTest.cpp | 36 +++++++++++++++++++ 2 files changed, 42 insertions(+) diff --git a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl index 2e4fc1572e..aeb0163977 100644 --- a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl @@ -379,6 +379,12 @@ interface IKeyMintDevice { * validate it against the key material. In the event of a mismatch, importKey must return * ErrorCode::IMPORT_PARAMETER_MISMATCH. * + * o Tag::EC_CURVE is not necessary in the input parameters for import of EC keys. If not + * provided the IKeyMintDevice must deduce the value from the provided key material and add + * the tag and value to the key characteristics. If Tag::EC_CURVE is provided, the + * IKeyMintDevice must validate it against the key material. In the event of a mismatch, + * importKey must return ErrorCode::IMPORT_PARAMETER_MISMATCH. + * * o Tag::RSA_PUBLIC_EXPONENT (for RSA keys only) is not necessary in the input parameters. If * not provided, the IKeyMintDevice must deduce the value from the provided key material and * add the tag and value to the key characteristics. If Tag::RSA_PUBLIC_EXPONENT is provided, diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp index 022dd3fe7d..0e5562d144 100644 --- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp +++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp @@ -4147,6 +4147,42 @@ TEST_P(ImportKeyTest, EcdsaSuccess) { LocalVerifyMessage(message, signature, params); } +/* + * ImportKeyTest.EcdsaSuccessCurveNotSpecified + * + * Verifies that importing and using an ECDSA P-256 key pair works correctly + * when the EC_CURVE is not explicitly specified. + */ +TEST_P(ImportKeyTest, EcdsaSuccessCurveNotSpecified) { + if (AidlVersion() < 4) { + /* + * The KeyMint spec before V4 was not clear as to whether EC_CURVE was optional on import of + * EC keys. However, this was not checked at the time so we can only be strict about + * checking this for implementations of KeyMint version 4 and above. + */ + GTEST_SKIP() << "Skipping EC_CURVE on import only strict since KeyMint v4"; + } + + ASSERT_EQ(ErrorCode::OK, ImportKey(AuthorizationSetBuilder() + .Authorization(TAG_NO_AUTH_REQUIRED) + .Authorization(TAG_ALGORITHM, Algorithm::EC) + .SigningKey() + .Digest(Digest::SHA_2_256) + .SetDefaultValidity(), + KeyFormat::PKCS8, ec_256_key)); + + CheckCryptoParam(TAG_ALGORITHM, Algorithm::EC); + CheckCryptoParam(TAG_DIGEST, Digest::SHA_2_256); + CheckCryptoParam(TAG_EC_CURVE, EcCurve::P_256); + + CheckOrigin(); + + string message(32, 'a'); + auto params = AuthorizationSetBuilder().Digest(Digest::SHA_2_256); + string signature = SignMessage(message, params); + LocalVerifyMessage(message, signature, params); +} + /* * ImportKeyTest.EcdsaP256RFC5915Success *