hardware_interfaces

Evolution-x/hardware_interfaces

Fork 0

mirror of https://github.com/Evolution-X/hardware_interfaces synced 2026-02-01 16:50:18 +00:00

Commit Graph

Author	SHA1	Message	Date
Dan Shi	ba4d532fee	Suppress gtest error for tests without any instance Bug: 162052785 Test: m -j vts Change-Id: I8c1a48e6fbd7c8161137902b5332911fa0d7b8b3	2020-07-28 15:12:32 -07:00
David Zeuthen	2e4533e5c1	Identity: Update for changes to ISO 18013-5. Key derivation for session encryption and MACing now involves mixing in SessionTranscriptBytes. Update docs, default implementation, and VTS tests to reflect this. Also, the standard changed such that instead of DeviceAuthentication being MACed or signed, it's instead DeviceAuthenticationBytes which is defined as #6.24(bstr .cbor DeviceAuthentication). The same also for ReaderAuthentication, now ReaderAuthenticationBytes is the CBOR which is signed by the reader. Also update the URL for CDDL since it's now a published RFC. Bug: 159482543 Test: atest VtsHalIdentityTargetTest Test: atest android.security.identity.cts Change-Id: I73fc7eb48ffb71e00a8b54849266ed814295fa39	2020-06-24 09:27:02 -04:00
David Zeuthen	ef7395127f	Update Identity Credential VTS tests. These updates are based on input/experiences implementing this HAL. There are no API changes. - Specify that the validity for credentialKey certificate shall be from current time and expire at the same time as the attestation batch certificate. - Require challenge passed to getAttestationCertificate() is non-empty. - Fix bug in VTS tests where the startPersonlization() result was not checked. - Remove verifyStartPersonalizationZero test since it cannot be completed. - Ensure secureUserId is non-zero if user authentication is needed. - Specify format for signingKeyBlob in generateSigningKeyPair() same way we do for credentialData in finishAddingEntries(). - Modify EndToEndTest to decrypt/unpack credentialData to obtain credentialPrivKey and storageKey and do cross-checks on these. - Modify EndToEndTest to decrypt/unpack signingKeyBlob to obtain signingKeyPriv and check it matches the public key in the returned certificate. - Add new VTS tests for user and reader authentication. - Relax unnecessary requirements about SessionTranscript structure - just require it has X and Y of the ephemeral key created earlier. - Allow calls in VTS tests to v2 HAL to fail - this should allow these VTS tests to pass on a compliant v1 HAL. Bug: 156911917 Bug: 158107945 Test: atest VtsHalIdentityTargetTest Test: atest android.security.identity.cts Change-Id: I11b79dbd57b1830609c70301fea9c99f9e5080cb	2020-06-04 16:46:54 -04:00

Author

SHA1

Message

Date

Dan Shi

ba4d532fee

Suppress gtest error for tests without any instance

Bug: 162052785
Test: m -j vts
Change-Id: I8c1a48e6fbd7c8161137902b5332911fa0d7b8b3

2020-07-28 15:12:32 -07:00

David Zeuthen

2e4533e5c1

Identity: Update for changes to ISO 18013-5.

Key derivation for session encryption and MACing now involves mixing
in SessionTranscriptBytes. Update docs, default implementation, and
VTS tests to reflect this.

Also, the standard changed such that instead of DeviceAuthentication
being MACed or signed, it's instead DeviceAuthenticationBytes which is
defined as #6.24(bstr .cbor DeviceAuthentication). The same also for
ReaderAuthentication, now ReaderAuthenticationBytes is the CBOR which
is signed by the reader.

Also update the URL for CDDL since it's now a published RFC.

Bug: 159482543
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Change-Id: I73fc7eb48ffb71e00a8b54849266ed814295fa39

2020-06-24 09:27:02 -04:00

David Zeuthen

ef7395127f

Update Identity Credential VTS tests.

These updates are based on input/experiences implementing this
HAL. There are no API changes.

 - Specify that the validity for credentialKey certificate shall be
   from current time and expire at the same time as the attestation
   batch certificate.

 - Require challenge passed to getAttestationCertificate() is
   non-empty.

 - Fix bug in VTS tests where the startPersonlization() result was not
   checked.

 - Remove verifyStartPersonalizationZero test since it cannot be
   completed.

 - Ensure secureUserId is non-zero if user authentication is needed.

 - Specify format for signingKeyBlob in generateSigningKeyPair() same
   way we do for credentialData in finishAddingEntries().

 - Modify EndToEndTest to decrypt/unpack credentialData to obtain
   credentialPrivKey and storageKey and do cross-checks on these.

 - Modify EndToEndTest to decrypt/unpack signingKeyBlob to obtain
   signingKeyPriv and check it matches the public key in the returned
   certificate.

 - Add new VTS tests for user and reader authentication.

 - Relax unnecessary requirements about SessionTranscript structure -
   just require it has X and Y of the ephemeral key created earlier.

 - Allow calls in VTS tests to v2 HAL to fail - this should allow
   these VTS tests to pass on a compliant v1 HAL.

Bug: 156911917
Bug: 158107945
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Change-Id: I11b79dbd57b1830609c70301fea9c99f9e5080cb

2020-06-04 16:46:54 -04:00

3 Commits