Define a KeyMint tag for a second IMEI to be included in the attestation
record.
Also clarify that the IMEI tag is meant to include one, and only one,
IMEI.
Bug: 244732345
Test: android.keystore.cts.DeviceOwnerKeyManagementTest
Change-Id: I70ecbb0245ba2e517e5d0db0cfdce4525846f3e5
Revert "Add dependency on newly-split RKP HAL"
Revert "Add dependencies on newly-split RKP HAL"
Revert "Add dependency on split out RKP HAL"
Revert submission 20364235-split-rkp-aidl
Reason for revert: Build break in android.hardware.identity-api
Reverted Changes:
Ib86454bbb:Update dependencies on HAL types moved from keymin...
I501c967e2:Add dependencies on newly-split RKP HAL
I08560f9af:Add dependency on split out RKP HAL
I87133e385:Add dependency on split out RKP HAL
Ia13374cbc:Add dependency on split out RKP HAL
I72bc1774c:Add dependency on newly-split RKP HAL
I71ac265e3:Add dependency on newly-split RKP HAL
Ie0e17bb2c:Update the RKP aidl dependency
I5d24f47ce:Update README and CHANGELOG for RKP
I4b2498dd1:Split rkp from keymint.
I266009d75:Add dependency on newly-split rkp HAL
Change-Id: Ic0a1c38d36a24cc2206d078e1486d51baef0e4c3
This change makes all of the changes to the HAL AIDL files, along with
corresponding documentation edits, to facilitate the definition for
version 3 of IRemotelyProvisionedComponent HAL.
The bulk of the changes are described within the RKP_CHANGELOG.md file
and will therefore not be discussed here within the commit message.
Bug: 240312857
Test: It is human readable and also builds.
Change-Id: I920550bdfe5a8f9ba677c4a4f67e975bcd3672ab
On some devices it is infeasible to provision the KeyMint RoT bits in
the Android Bootloader. This provides an alternate path to provision
them from the TEE during early boot.
Bug: 219076736
Test: VtsAidlKeyMintTargetTest
Change-Id: If69f7e25e58edbf4d2190084e2c0a03a94bfa5d6
Merged-In: If69f7e25e58edbf4d2190084e2c0a03a94bfa5d6
This id is used to differentiate between implementations of the
IRemotelyProvisionedComponent interface. This is required to track
certificates and keys for each implementation. Without an implementation
id, we would have no way to associate persisted, remote provisioning
data with the appropriate IRemotelyProvisionedComponent.
Include VTS tests for compliance.
Test: VtsHalRemotelyProvisionedComponentTargetTest
Bug: 194696876
Change-Id: Id8bca26d71ecf9e389e68a269f782a9dc5ee6f01
Revert "Bump keystore2 AIDL API version 1->2"
Revert "Advertise support of KeyMint V2"
Revert submission 1900930-version-bump
Reason for revert: Broken build on sc-qpr1-dev-plus-aosp, b/210450339
Reverted Changes:
I42a9b854f:keystore2: cope with new curve25519 enum
I167d568d6:Bump keystore2 AIDL API version 1->2
I3a16d072e:Advertise support of KeyMint V2
Ibf2325329:KeyMint HAL: add curve 25519, bump version
Change-Id: I78d4b07c41aa6bfeb367b56a58deeac6adb6ec46
Marked as required for TRUSTED_ENVIRONMENT impls but not STRONGBOX.
Bump keymint HAL version 1->2 in defaults and in current compatibility
matrix.
Bug: 194358913
Test: build
Change-Id: Ibf2325329f0656a2d1fc416c2f9a74d505d0bf20
This adds a way to derive information about the hardware for clients
that call the HAL. The primary functional usecase here is to
differentiate which EC curve the underlying hardware for a given
instance of IRemotelyProvisionedComponent is supported.
Originally, curve 25519 would have been used in all implementations for
verifying the EEK certificate chain and doing ECDH, but secure elements
do not offer 25519 support yet. In order to support remote provisioning
on SEs, we have to relax the standard here a bit to allow for P256.
Test: Everything builds
Change-Id: I9245c6f4e27bd118fe093bffc0152549ed7f0825
This alters the AIDL interface and underlying functionality to have the
component return the DeviceInfo CBOR blob that is used as AAD in
verification of a signature over a MAC key. Trying to reconstruct this
from userspace is very likely to lead to pain and subtle errors in the
future as adoption of this HAL increases, and multiple instances of this
HAL may exist on device simultaneously.
Test: atest VtsRemotelyProvisionedComponentTests
Change-Id: I44bd588586652630ed31a87cfda7e9c01cbf0a2f
Add a function convertStorageKeyToEphemeral to IKeymintDevice that vold
can use to get a per-boot ephemeral key from a wrapped storage key.
Bug: 181806377
Bug: 181910578
Change-Id: I1b008423e3e24797132c8eb79ab3899e2b1c68e8
Enable generation of java sources for AIDL interfaces. This allows
enabling the @SensitiveData annotation without causing circular build
dependencies.
Also mark doc comments as @hide to prevent the interface from being
included in the SDK.
Bug: 174857732
Test: N/A
Merged-In: If00e4dfc24bf776f87c7e2b2e3f42350aa4d4379
Change-Id: If00e4dfc24bf776f87c7e2b2e3f42350aa4d4379
The output format of headers generated by
"m android.hardware.security.keymint-update-api" has changed. This patch
updates the format of those generated files in the tree.
Change-Id: If00a194f136c67197c96081b3c211d615fad5f07
A key with the MAX_BOOT_LEVEL tag cannot be used past a particular
stage of device boot.
Test: Treehugger
Bug: 176450483
Change-Id: I113e3101734736a8621a01ed85969a4ecbe12a68
This allows applications to generate their own attestation keys and
then use them to attest other application-generated keys.
Bug: 171845652
Test: VtsAidlKeyMintTargetTest
Change-Id: I32add16dcc2d1b29665a88024610f7bef7e50200
We need a way to distinguish between tags that are enforced by KeyMint
with security level "SOFTWARE" and tags that are not enforced by
KeyMint but are expected to be enforced by KEYSTORE.
Test: VtsAidlKeyMintTargetTest
Change-Id: I9f414bec43959577a50d49146029c9edb031be56
This adds rust derive stanzas to TimeStamp, TimeStampToken, and
HardwareAuthToken.
Also removes an unused import from IKeyMintDevice.
Test: Compiles.
Change-Id: If41248f5cda8015ecb07bec5d1bc75317b803492
And add vts test to verify the tag appears in the key characteristics.
also if the tag is enforced in the hardware, afer the usage of the key
is exhausted, the key blob should be invalidated from the secure storage
(such as RPMB partition).
Bug: b/174140443
Test: atest VtsHalKeyMintV1_0TargetTest
Change-Id: Ic65b855c5a8692ab8d1281dd46562ad0844ab1b0
This patch removes verifyAuthorization from the KeyMint spec in favor of
secureclock and the TimeStampToken. Timestamp has moved to secureclock
and the VerificationToken was removed from keymint. This reverses the
dependency between keymint and secureclock because keymint no imports
TimeStampToken and Timestamp from secureclock.
Test: Tested with CtsVerifier Fingerprint bound keys test.
Change-Id: I4e0bde0d77e74918e2b5483c30be8057417e3bf1
Support key characteristics with three security levels, do not store
unenforced authorizations with keys or bind them to keys.
Bug: 163606833
Test: atest VtsAidlKeyMintTargetTest
Change-Id: Idbc523f16d8ef66ec38e0d503ad579a93c49e7b4
AIDL now supports union types. This CL changes KeyParameter to use
one.
Test: VtsAidlKeyMintTargetTest
Change-Id: I5112611b161e3de1ea86105ea3c7ed0912036a7b
1ffcdebadd
Bug: 175345910
Bug: 171429297
Exempt-From-Owner-Approval: re-landing topic with no changes in this CL.
Change-Id: I691cad252f188b54a8076589d9955774d74d4729
