On some devices it is infeasible to provision the KeyMint RoT bits in
the Android Bootloader. This provides an alternate path to provision
them from the TEE during early boot.
Bug: 219076736
Test: VtsAidlKeyMintTargetTest
Change-Id: If69f7e25e58edbf4d2190084e2c0a03a94bfa5d6
Merged-In: If69f7e25e58edbf4d2190084e2c0a03a94bfa5d6
This change allows the os_version in the DeviceInfo map to be optional
for StrongBox implementations. It also adds the appropriate changes to
the VTS test to relax this requirement.
Bug: 215444522
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I1695b7c4e7a9bd884fa88c14f9c22bacd38cdbd3
The algorithm choice was listed as -8 for ES256, when it should be -7.
Fixes: 217691766
Test: Everyone harmoniously agrees by +2'ing.
Change-Id: I7f73efff42ee6d2b3bfb94b74c1208170805b870
This change specifies that the DeviceInfo map returned by the IRPC HAL
implementation should be canonicalized. Additionally, it adds coverage
to the VTS tests to ensure this requirement is enforced.
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I276f38497a307c407d305b62a3e9af78a403054e
This change removes the optionality ("?") from all of the device info
fields, now that DeviceIDs are mandatory. It also changes att_id_state
to the broader "fused" category. It may not convey exactly the same
meaning, but it seems better to avoid proliferating a lot of fields that
all speak to some technical detail of the factory provisioning status of
the device.
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: Iaf3de6a7a7a9b8af7d2e9673d7f1320858b95617
The application of ops is currently inconsistent within the spec, and
wrong where it is specified. It is mapped to an integer when it should
be mapped to an array that contains the integer value. Given that all
key usage is strictly defined within the spec itself, there is no value
currently in including the ops field. Because of this, the choice is
being made to simply remove the field.
Test: documentation change only
Change-Id: Ia3a9895c7840e3cda9c2775080b7dcb18544d417
This change modifies the VTS tests to validate the structure of the CBOR
Web Token (CWT) which contains the public key as one of several fields
in the map. It only validates the subset of fields expected to be seen
in the VTS tests. The ones related to the actual BCC will not be
present in test mode due to the security guarantees of the interface.
Additionally, the test will also now check that the first key in the BCC
array matches the public key that should be self-signed in the
certificate located in the second index of the BCC array.
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I9e7769861529b8095d77ce8fee3c78222579d38c
* changes:
Revert^2 "Add remote key provisioning to the IC HAL"
Revert^2 "Refactor IC support for RKP"
Revert^2 "Log to logd in the default identity service"
Revert^2 "Fix formatting of identity credential aidl"
* changes:
Revert "Fix formatting of identity credential aidl"
Revert "Log to logd in the default identity service"
Revert "Refactor IC support for RKP"
Revert "Add remote key provisioning to the IC HAL"
Revert "Add dependency on keymint cpp lib"
Revert "Allow default identity service to call keymint"
Revert submission 1956689-add rkp to identity-default
Reason for revert: Broke git-master. Will resubmit later.
Reverted Changes:
I96dcf3027:Add remote key provisioning to the IC HAL
Id686ac33a:Add dependency on keymint cpp lib
Ib368a2a00:Log to logd in the default identity service
I7d2906de0:Refactor IC support for RKP
Iae0f14f1c:Fix formatting of identity credential aidl
I01d086a4b:Allow default identity service to call keymint
Change-Id: I76a898c04090c5befe5fb5a5d07ec2e397fdd8b3
* changes:
Add remote key provisioning to the IC HAL
Refactor IC support for RKP
Log to logd in the default identity service
Fix formatting of identity credential aidl
The IIdentityCredentialStore can now advertise the correct
IRemotelyProvisionedComponent that is used for getting remotely
provisioned attestation keys.
IWritableIdentityCredential has a new method so it can accept remotely
provisioned keys.
Update the VTS tests to check the new RKP functionality.
Support RKP in the default identity cred service
Test: VtsHalIdentityTargetTest
Bug: 194696876
Change-Id: I96dcf3027e0f21790c35900ddf8cc0953bd3b1ca
This id is used to differentiate between implementations of the
IRemotelyProvisionedComponent interface. This is required to track
certificates and keys for each implementation. Without an implementation
id, we would have no way to associate persisted, remote provisioning
data with the appropriate IRemotelyProvisionedComponent.
Include VTS tests for compliance.
Test: VtsHalRemotelyProvisionedComponentTargetTest
Bug: 194696876
Change-Id: Id8bca26d71ecf9e389e68a269f782a9dc5ee6f01
Ed25519 signing operations require the secure world to accumulate the
entirety of the message; consequently, impose a limit on message size
for this operation.
Bug: 194358913
Test: VtsAidlKeyMintTargetTest
Change-Id: Ibfb6a54c1d546b5b4e51f42795d2bb4660add772
Various block cipher testing fixups. Some of these changes reflect edge
cases I encountered when running local GSC builds.
Change:
* Extend ciphertext lengths.
* Add SCOPED_TRACE() within for loops.
* Use '\t' instead of 'a' for PKCS7 padding.
Test: CTS/VTS
Signed-off-by: Brian J Murray <brianjmurray@google.com>
Change-Id: I4555519787e0133367ad3f40609d43a7bc71c36e
The Key{Mint,Master} spec previously said that RSA-PSS mode should use
SHA-1 for the MGF1 digest, separately from whatever Tag::DIGEST gets
specified as the main digest.
However, both the reference implementation and the VTS/CTS tests
use BoringSSL's defaults, which is to re-use the main digest as the MGF1
digest if none is separately specified.
Given that this behaviour is embedded in many implementations over
several years (and given that there isn't a security implication),
change the spec to match this behaviour. Also update the VTS test
code to make this clear/obvious.
Test: VtsAidlKeyMintTargetTest, VtsHalKeymasterV4_0TargetTest
Bug: 210424594
Merged-In: I4303f28d094ef4d4b9dc931d6728b1fa040de20d
Change-Id: I4303f28d094ef4d4b9dc931d6728b1fa040de20d
- Add CURVE_25519 as a supported curve for EC operations.
- Add a helper that checks whether the HAL is of a version that is
expected to support curve 25519, and skip relevant tests if not.
- Ed25519 support
- Update KeyMintAidlTestBase::LocalVerifyMessage to cope with a public
key of type EVP_PKEY_ED25519.
- Add a test key pair generated with openssl command line.
- Key generation test
- Key import test for raw format
- Key import test for PKCS#8 format
- Key import failures tests
- Signature test
- Check that purposes cannot be combined (Ed25519 != X25519)
- Check that Ed25519 key can be attested to
- Implicitly check that an Ed25519 key can be used for attestation
(as it is in ValidCurves())
- Force Digest::NONE for Ed25519 throughout.
- X25519 support
- Add a test key pair generated with openssl command line.
- Key generation test
- Key import test for raw format
- Key import test for PKCS#8 format
- Key import failures tests
- Key agreement test, including...
- Refactoring of existing key agreement test for re-use
- Update key agreement checks to cope with a public key of type
EVP_PLEY_X25519.
- Key agreement test using imported key
- Check that purposes cannot be combined (Ed25519 != X25519)
Bug: 194358913
Test: VtsAidlKeyMintTargetTest
Change-Id: Ifa0f95fdfba4387843c8e821c2ca977da0488fa6
If op_ is a nullptr, the test runner can SIGSEGV.
Test: manual, atest EncryptionOperationsTest#TripleDesCbcPkcs7PaddingCorrupted
Bug: None
Signed-off-by: Brian J Murray <brianjmurray@google.com>
Change-Id: Ibdd6139952ca8bc83ac1a82202839feee39562e1
The dice HAL provides access to the Dice artifacts of the running Android
instance.
Bug: 198197213
Test: VTS test comming in two ...
Change-Id: I6e84f9a9c7153e7a96c06d1d451e658b3f222586
For the time being, allow the version number in the attestation record
to be 100 even if the AIDL version is 2, so that implementations don't
have to update both versions simultaneously.
Bug: 194358913
Test: TreeHugger, VtsAidlKeyMintTargetTest
Change-Id: I9aae69327a62014e286ce30ca2a4d91c4c280714
Revert "Bump keystore2 AIDL API version 1->2"
Revert "Advertise support of KeyMint V2"
Revert submission 1900930-version-bump
Reason for revert: Broken build on sc-qpr1-dev-plus-aosp, b/210450339
Reverted Changes:
I42a9b854f:keystore2: cope with new curve25519 enum
I167d568d6:Bump keystore2 AIDL API version 1->2
I3a16d072e:Advertise support of KeyMint V2
Ibf2325329:KeyMint HAL: add curve 25519, bump version
Change-Id: I78d4b07c41aa6bfeb367b56a58deeac6adb6ec46
Marked as required for TRUSTED_ENVIRONMENT impls but not STRONGBOX.
Bump keymint HAL version 1->2 in defaults and in current compatibility
matrix.
Bug: 194358913
Test: build
Change-Id: Ibf2325329f0656a2d1fc416c2f9a74d505d0bf20
A VTS test case to verify HMAC signature verification fails if data or
signature is currupted.
Bug: 209452930
Test: run vts -m VtsAidlKeyMintTargetTest
Change-Id: I2177fd99cfab4ef4a347d50461db0d2e3ad8c612
