| Age | Commit message (Collapse) | Author |
|---|
|
Bug: 225941299
Test: m
Change-Id: I653ab8fd188228439128a75a58363da211e4b79f
|
|
be32113307d67f54e594e5322f85b65e4e2c4fdb
Change-Id: I55ddbddd0bc317f1f077a63b0275c4d55fd9c76f
|
|
5502a1fa352de5567d3dbd68e3e04adc0b6bd59b
Change-Id: Iee5fb393555195be682982161ecb716ff28fa3a9
|
|
Revert "Add dependency on keymint cpp lib"
Revert "Allow default identity service to call keymint"
Revert submission 1956689-add rkp to identity-default
Reason for revert: Broke git-master. Will resubmit later.
Reverted Changes:
I96dcf3027:Add remote key provisioning to the IC HAL
Id686ac33a:Add dependency on keymint cpp lib
Ib368a2a00:Log to logd in the default identity service
I7d2906de0:Refactor IC support for RKP
Iae0f14f1c:Fix formatting of identity credential aidl
I01d086a4b:Allow default identity service to call keymint
Change-Id: I051e97b4b7ec8c060b46de42092c049f12379ea5
|
|
Revert "Add dependency on keymint cpp lib"
Revert "Allow default identity service to call keymint"
Revert submission 1956689-add rkp to identity-default
Reason for revert: Broke git-master. Will resubmit later.
Reverted Changes:
I96dcf3027:Add remote key provisioning to the IC HAL
Id686ac33a:Add dependency on keymint cpp lib
Ib368a2a00:Log to logd in the default identity service
I7d2906de0:Refactor IC support for RKP
Iae0f14f1c:Fix formatting of identity credential aidl
I01d086a4b:Allow default identity service to call keymint
Change-Id: I76a898c04090c5befe5fb5a5d07ec2e397fdd8b3
|
|
The IIdentityCredentialStore can now advertise the correct
IRemotelyProvisionedComponent that is used for getting remotely
provisioned attestation keys.
IWritableIdentityCredential has a new method so it can accept remotely
provisioned keys.
Update the VTS tests to check the new RKP functionality.
Support RKP in the default identity cred service
Test: VtsHalIdentityTargetTest
Bug: 194696876
Change-Id: I96dcf3027e0f21790c35900ddf8cc0953bd3b1ca
|
|
This allows us to see logs in logcat for the default service.
Test: VtsHalIdentityTargetTest
Bug: 194696876
Change-Id: Ib368a2a0021f72b457fc5e4717e34bb696dfb0fb
|
|
This new IPresentationSession interface enables an application to do a
multi-document presentation, something which isn't possible with the
existing API. As a practical example of this consider presenting both
your Mobile Driving License and your Vaccination Certificate in a single
transaction.
Bug: 197965513
Test: New CTS tests and new screen in CtsVerifier
Change-Id: I11712dca35df7f1224debf454731bc17ea9bfb37
|
|
Hey did I start this? We can take a little bit better errors. :)
Bug: N/A
Test: N/A
Change-Id: I0e96f7f49dae9968904333da9b8269694058c11c
|
|
1. Add input parameter buffer size for CBOR data encoding
because Nugget OS protobuf buffer is not null terminated.
2. Modify some libeic APIs to align with NoS libeic.
Bug: 198403263
Test: atest VtsHalIdentityTargetTest
atest android.security.identity.cts
Change-Id: I9bc3689da2571c0925972f33b7314cbaaad0e28d
|
|
The ndk_platform backend will soon be deprecated because the ndk backend
can serve the same purpose. This is to eliminate the confusion about
having two variants (ndk and ndk_platform) for the same 'ndk' backend.
Bug: 161456198
Test: m
Change-Id: Ibe8beeaf0d1b33968fb782f1f70c17ae9e9bf871
|
|
Also add a new libeic_test binary which has a regression test for this
vulnerability.
Bug: 190757775
Test: atest libeic_test
Test: atest VtsHalIdentityTargetTest
Test: atest CtsIdentityTestCases
Merged-In: I8344655c59930d6bf1baa4e0f8d0f60e4fc9e48d
Change-Id: I8344655c59930d6bf1baa4e0f8d0f60e4fc9e48d
|
|
Also add a check in the default implementation to help catch bugs like
this in the future.
Bug: 189865806
Test: atest VtsHalIdentityTargetTest
Test: atest CtsIdentityTestCases
Change-Id: Ief55528af8e14707b5c4d9431a851f9c8ccfae0c
|
|
8-byte intergers are identified by the additional information having the
value 27.
Test: atest VtsHalIdentityTargetTest
Change-Id: I986162c4966275d7589d99c08c7323445e1f9e80
|
|
This is the change that removes the functionality that has been shifted
over to appropriate classes and contexts in system/keymaster.
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I491f4ef823868322ea6a804d88ca09662c099a44
|
|
This change removes hardware/interfaces/identity's dependency on its own
libcppbor copy. The copy can not be fully removed until various vendor
dependencies are cleaned up.
Superficial changes are made to the VTS tests to match the slightly
altered namespace on some of the functions.
This migration is a prerequisite for getting the
IRemotelyProvisionedComponent functionality into system/keymaster.
Without migrating to the same library, the build system runs into issues
since there are "two" libcppbor libraries with conflicting namespaces
otherwise.
Bug: 182445123
Test: atest VtsHalIdentityTargetTest
Change-Id: I854ffa31c4adb5a3d1df06539fe66075ccc4625d
|
|
A problem where credstore didn't always use the TA-generated challenge
in the verification token was fixed in aosp/1619825. With this bug-fix
we can now reliably check that the passed-in verification token is
always fresh.
Bug: 181893400
Test: atest android.security.identity.cts on emulator
Test: atest VtsHalIdentityTargetTest
Change-Id: Iffdf026475da6321764561972aae27a82ab94530
|
|
Added SPDX-license-identifier-Apache-2.0 to:
atrace/1.0/Android.bp
atrace/1.0/default/Android.bp
atrace/1.0/vts/functional/Android.bp
audio/2.0/Android.bp
audio/2.0/config/Android.bp
audio/4.0/Android.bp
audio/4.0/config/Android.bp
audio/5.0/Android.bp
audio/5.0/config/Android.bp
audio/6.0/Android.bp
audio/6.0/config/Android.bp
audio/7.0/Android.bp
audio/7.0/config/Android.bp
audio/common/2.0/Android.bp
audio/common/4.0/Android.bp
audio/common/5.0/Android.bp
audio/common/6.0/Android.bp
audio/common/7.0/Android.bp
audio/common/7.0/example/Android.bp
audio/common/all-versions/default/Android.bp
audio/common/all-versions/default/service/Android.bp
audio/common/all-versions/test/utility/Android.bp
audio/common/all-versions/util/Android.bp
audio/core/all-versions/default/Android.bp
audio/core/all-versions/default/util/Android.bp
audio/core/all-versions/vts/functional/Android.bp
audio/effect/2.0/Android.bp
audio/effect/2.0/xml/Android.bp
audio/effect/4.0/Android.bp
audio/effect/4.0/xml/Android.bp
audio/effect/5.0/Android.bp
audio/effect/5.0/xml/Android.bp
audio/effect/6.0/Android.bp
audio/effect/6.0/xml/Android.bp
audio/effect/7.0/Android.bp
audio/effect/7.0/xml/Android.bp
audio/effect/all-versions/default/Android.bp
audio/effect/all-versions/default/util/Android.bp
audio/effect/all-versions/vts/functional/Android.bp
audio/policy/1.0/vts/functional/Android.bp
audio/policy/1.0/xml/Android.bp
audio/policy/1.0/xml/pfw_schemas/Android.bp
authsecret/1.0/Android.bp
authsecret/1.0/default/Android.bp
authsecret/1.0/vts/functional/Android.bp
authsecret/aidl/Android.bp
authsecret/aidl/default/Android.bp
authsecret/aidl/vts/Android.bp
automotive/audiocontrol/1.0/Android.bp
automotive/audiocontrol/1.0/default/Android.bp
automotive/audiocontrol/1.0/vts/functional/Android.bp
automotive/audiocontrol/2.0/Android.bp
automotive/audiocontrol/2.0/default/Android.bp
automotive/audiocontrol/2.0/vts/functional/Android.bp
automotive/can/1.0/default/libnetdevice/Android.bp
automotive/can/1.0/hidl-utils/Android.bp
automotive/can/1.0/tools/Android.bp
automotive/can/1.0/tools/configurator/Android.bp
automotive/can/1.0/tools/configurator/proto/Android.bp
automotive/can/1.0/tools/libcanhaltools/Android.bp
automotive/can/1.0/vts/functional/Android.bp
automotive/can/1.0/vts/utils/Android.bp
automotive/evs/1.0/Android.bp
automotive/evs/1.0/default/Android.bp
automotive/evs/1.0/vts/functional/Android.bp
automotive/evs/1.1/Android.bp
automotive/evs/1.1/default/Android.bp
automotive/evs/1.1/vts/functional/Android.bp
automotive/evs/1.1/vts/fuzzing/Android.bp
automotive/evs/common/utils/default/Android.bp
automotive/evs/common/utils/default/test/fuzz/Android.bp
automotive/occupant_awareness/aidl/Android.bp
automotive/occupant_awareness/aidl/default/Android.bp
automotive/occupant_awareness/aidl/mock/Android.bp
automotive/occupant_awareness/aidl/vts/functional/Android.bp
automotive/sv/1.0/Android.bp
automotive/sv/1.0/default/Android.bp
automotive/sv/1.0/vts/functional/Android.bp
automotive/vehicle/2.0/Android.bp
automotive/vehicle/2.0/default/Android.bp
automotive/vehicle/2.0/default/impl/vhal_v2_0/proto/Android.bp
automotive/vehicle/2.0/utils/Android.bp
biometrics/face/1.0/Android.bp
biometrics/face/1.0/default/Android.bp
biometrics/face/1.0/vts/functional/Android.bp
biometrics/fingerprint/2.1/Android.bp
biometrics/fingerprint/2.1/default/Android.bp
biometrics/fingerprint/2.1/vts/functional/Android.bp
biometrics/fingerprint/2.2/Android.bp
biometrics/fingerprint/2.2/vts/functional/Android.bp
bluetooth/1.0/Android.bp
bluetooth/1.0/default/Android.bp
bluetooth/1.0/vts/functional/Android.bp
bluetooth/1.1/Android.bp
bluetooth/1.1/default/Android.bp
bluetooth/1.1/vts/functional/Android.bp
bluetooth/a2dp/1.0/Android.bp
bluetooth/a2dp/1.0/default/Android.bp
bluetooth/a2dp/1.0/vts/functional/Android.bp
bluetooth/audio/2.0/Android.bp
bluetooth/audio/2.0/default/Android.bp
bluetooth/audio/2.0/vts/functional/Android.bp
bluetooth/audio/2.1/Android.bp
bluetooth/audio/2.1/default/Android.bp
bluetooth/audio/2.1/vts/functional/Android.bp
bluetooth/audio/utils/Android.bp
boot/1.0/Android.bp
boot/1.0/default/Android.bp
boot/1.0/vts/functional/Android.bp
boot/1.1/Android.bp
boot/1.1/default/Android.bp
boot/1.1/default/boot_control/Android.bp
boot/1.1/vts/functional/Android.bp
boot/1.2/Android.bp
boot/1.2/default/Android.bp
boot/1.2/vts/functional/Android.bp
broadcastradio/1.0/Android.bp
broadcastradio/1.0/default/Android.bp
broadcastradio/1.0/vts/functional/Android.bp
broadcastradio/1.1/Android.bp
broadcastradio/1.1/default/Android.bp
broadcastradio/1.1/vts/functional/Android.bp
broadcastradio/2.0/Android.bp
broadcastradio/2.0/default/Android.bp
broadcastradio/2.0/vts/functional/Android.bp
broadcastradio/common/tests/Android.bp
broadcastradio/common/utils/Android.bp
broadcastradio/common/utils1x/Android.bp
broadcastradio/common/utils2x/Android.bp
broadcastradio/common/vts/utils/Android.bp
camera/common/1.0/Android.bp
camera/common/1.0/default/Android.bp
camera/device/1.0/Android.bp
camera/device/1.0/default/Android.bp
camera/device/3.2/Android.bp
camera/device/3.2/default/Android.bp
camera/device/3.3/Android.bp
camera/device/3.3/default/Android.bp
camera/device/3.4/Android.bp
camera/device/3.4/default/Android.bp
camera/device/3.5/Android.bp
camera/device/3.5/default/Android.bp
camera/device/3.6/Android.bp
camera/device/3.6/default/Android.bp
camera/metadata/3.2/Android.bp
camera/metadata/3.3/Android.bp
camera/metadata/3.4/Android.bp
camera/metadata/3.5/Android.bp
camera/provider/2.4/Android.bp
camera/provider/2.4/default/Android.bp
camera/provider/2.4/vts/functional/Android.bp
camera/provider/2.5/Android.bp
camera/provider/2.5/default/Android.bp
camera/provider/2.6/Android.bp
cas/1.0/Android.bp
cas/1.0/default/Android.bp
cas/1.0/vts/functional/Android.bp
cas/1.1/Android.bp
cas/1.1/default/Android.bp
cas/1.1/vts/functional/Android.bp
cas/1.2/Android.bp
cas/1.2/default/Android.bp
cas/1.2/vts/functional/Android.bp
cas/native/1.0/Android.bp
common/aidl/Android.bp
common/fmq/aidl/Android.bp
common/support/Android.bp
compatibility_matrices/Android.bp
compatibility_matrices/Android.mk
compatibility_matrices/build/Android.bp
compatibility_matrices/exclude/Android.bp
configstore/1.0/Android.bp
configstore/1.0/vts/functional/Android.bp
configstore/1.1/Android.bp
configstore/1.1/default/Android.mk
configstore/utils/Android.bp
confirmationui/1.0/Android.bp
confirmationui/1.0/default/Android.bp
confirmationui/1.0/vts/functional/Android.bp
confirmationui/support/Android.bp
contexthub/1.0/Android.bp
contexthub/1.0/default/Android.bp
contexthub/1.0/vts/functional/Android.bp
contexthub/1.1/Android.bp
contexthub/1.1/default/Android.bp
contexthub/1.1/vts/functional/Android.bp
contexthub/common/vts/Android.bp
drm/1.0/Android.bp
drm/1.0/default/Android.bp
drm/1.0/vts/functional/Android.bp
drm/1.1/Android.bp
drm/1.1/vts/functional/Android.bp
drm/1.2/Android.bp
drm/1.2/vts/functional/Android.bp
drm/1.3/Android.bp
drm/1.3/vts/functional/Android.bp
dumpstate/1.0/Android.bp
dumpstate/1.0/default/Android.bp
dumpstate/1.0/vts/functional/Android.bp
dumpstate/1.1/Android.bp
dumpstate/1.1/default/Android.bp
dumpstate/1.1/vts/functional/Android.bp
fastboot/1.0/Android.bp
fastboot/1.0/default/Android.bp
fastboot/1.1/Android.bp
fastboot/1.1/default/Android.bp
gatekeeper/1.0/Android.bp
gatekeeper/1.0/default/Android.bp
gatekeeper/1.0/software/Android.bp
gatekeeper/1.0/software/tests/Android.bp
gatekeeper/1.0/vts/functional/Android.bp
gnss/1.0/Android.bp
gnss/1.0/default/Android.bp
gnss/1.0/vts/functional/Android.bp
gnss/1.1/Android.bp
gnss/1.1/default/Android.bp
gnss/1.1/vts/functional/Android.bp
gnss/2.0/Android.bp
gnss/2.0/default/Android.bp
gnss/2.0/vts/functional/Android.bp
gnss/2.1/Android.bp
gnss/2.1/default/Android.bp
gnss/2.1/vts/functional/Android.bp
gnss/common/utils/default/Android.bp
gnss/common/utils/vts/Android.bp
gnss/measurement_corrections/1.0/Android.bp
gnss/measurement_corrections/1.1/Android.bp
gnss/visibility_control/1.0/Android.bp
graphics/allocator/2.0/Android.bp
graphics/allocator/2.0/default/Android.bp
graphics/allocator/2.0/utils/gralloc1-adapter/Android.bp
graphics/allocator/2.0/utils/hal/Android.bp
graphics/allocator/2.0/utils/passthrough/Android.bp
graphics/allocator/3.0/Android.bp
graphics/allocator/4.0/Android.bp
graphics/bufferqueue/1.0/Android.bp
graphics/bufferqueue/2.0/Android.bp
graphics/common/1.0/Android.bp
graphics/common/1.1/Android.bp
graphics/common/1.2/Android.bp
graphics/common/aidl/Android.bp
graphics/composer/2.1/Android.bp
graphics/composer/2.1/default/Android.bp
graphics/composer/2.1/utils/command-buffer/Android.bp
graphics/composer/2.1/utils/hal/Android.bp
graphics/composer/2.1/utils/hwc2on1adapter/Android.bp
graphics/composer/2.1/utils/hwc2onfbadapter/Android.bp
graphics/composer/2.1/utils/passthrough/Android.bp
graphics/composer/2.1/utils/resources/Android.bp
graphics/composer/2.1/utils/vts/Android.bp
graphics/composer/2.1/vts/functional/Android.bp
graphics/composer/2.2/Android.bp
graphics/composer/2.2/default/Android.mk
graphics/composer/2.2/utils/command-buffer/Android.bp
graphics/composer/2.2/utils/hal/Android.bp
graphics/composer/2.2/utils/passthrough/Android.bp
graphics/composer/2.2/utils/resources/Android.bp
graphics/composer/2.2/utils/vts/Android.bp
graphics/composer/2.2/vts/functional/Android.bp
graphics/composer/2.3/Android.bp
graphics/composer/2.3/default/Android.bp
graphics/composer/2.3/utils/command-buffer/Android.bp
graphics/composer/2.3/utils/hal/Android.bp
graphics/composer/2.3/utils/passthrough/Android.bp
graphics/composer/2.3/utils/vts/Android.bp
graphics/composer/2.3/vts/functional/Android.bp
graphics/composer/2.4/Android.bp
graphics/composer/2.4/default/Android.bp
graphics/composer/2.4/utils/command-buffer/Android.bp
graphics/composer/2.4/utils/hal/Android.bp
graphics/composer/2.4/utils/passthrough/Android.bp
graphics/composer/2.4/utils/vts/Android.bp
graphics/composer/2.4/vts/functional/Android.bp
graphics/mapper/2.0/Android.bp
graphics/mapper/2.0/default/Android.bp
graphics/mapper/2.0/utils/hal/Android.bp
graphics/mapper/2.0/utils/passthrough/Android.bp
graphics/mapper/2.0/utils/vts/Android.bp
graphics/mapper/2.0/vts/functional/Android.bp
graphics/mapper/2.1/Android.bp
graphics/mapper/2.1/default/Android.bp
graphics/mapper/2.1/utils/hal/Android.bp
graphics/mapper/2.1/utils/passthrough/Android.bp
graphics/mapper/2.1/utils/vts/Android.bp
graphics/mapper/2.1/vts/functional/Android.bp
graphics/mapper/3.0/Android.bp
graphics/mapper/3.0/utils/vts/Android.bp
graphics/mapper/3.0/vts/functional/Android.bp
graphics/mapper/4.0/Android.bp
graphics/mapper/4.0/utils/vts/Android.bp
graphics/mapper/4.0/vts/functional/Android.bp
health/1.0/Android.bp
health/1.0/default/Android.bp
health/2.0/Android.bp
health/2.0/default/Android.bp
health/2.0/utils/libhealthhalutils/Android.bp
health/2.0/utils/libhealthservice/Android.bp
health/2.0/utils/libhealthstoragedefault/Android.bp
health/2.0/vts/functional/Android.bp
health/2.1/Android.bp
health/2.1/default/Android.bp
health/2.1/vts/functional/Android.bp
health/storage/1.0/Android.bp
health/storage/1.0/default/Android.bp
health/storage/1.0/vts/functional/Android.bp
health/storage/aidl/Android.bp
health/storage/aidl/default/Android.bp
health/storage/aidl/vts/functional/Android.bp
health/storage/impl_common/Android.bp
health/storage/test_common/Android.bp
health/utils/libhealth2impl/Android.bp
health/utils/libhealthloop/Android.bp
identity/aidl/Android.bp
identity/aidl/default/Android.bp
identity/aidl/vts/Android.bp
identity/support/Android.bp
input/classifier/1.0/Android.bp
input/classifier/1.0/default/Android.bp
input/classifier/1.0/vts/functional/Android.bp
input/common/1.0/Android.bp
ir/1.0/Android.bp
ir/1.0/default/Android.bp
ir/1.0/vts/functional/Android.bp
keymaster/3.0/Android.bp
keymaster/3.0/default/Android.mk
keymaster/3.0/vts/functional/Android.bp
keymaster/4.0/Android.bp
keymaster/4.0/default/Android.bp
keymaster/4.0/support/Android.bp
keymaster/4.0/vts/functional/Android.bp
keymaster/4.0/vts/performance/Android.bp
keymaster/4.1/Android.bp
keymaster/4.1/default/Android.bp
keymaster/4.1/support/Android.bp
keymaster/4.1/vts/functional/Android.bp
keymaster/aidl/Android.bp
light/2.0/Android.bp
light/2.0/default/Android.bp
light/2.0/vts/functional/Android.bp
light/aidl/Android.bp
light/aidl/default/Android.bp
light/aidl/vts/functional/Android.bp
light/utils/Android.bp
media/1.0/Android.bp
media/1.0/xml/Android.mk
media/Android.bp
media/bufferpool/1.0/Android.bp
media/bufferpool/2.0/Android.bp
media/c2/1.0/Android.bp
media/c2/1.1/Android.bp
media/omx/1.0/Android.bp
media/omx/1.0/vts/functional/audio/Android.bp
media/omx/1.0/vts/functional/common/Android.bp
media/omx/1.0/vts/functional/component/Android.bp
media/omx/1.0/vts/functional/store/Android.bp
media/omx/1.0/vts/functional/video/Android.bp
memtrack/1.0/Android.bp
memtrack/1.0/default/Android.bp
memtrack/1.0/vts/functional/Android.bp
memtrack/aidl/Android.bp
memtrack/aidl/default/Android.bp
memtrack/aidl/vts/Android.bp
neuralnetworks/1.0/Android.bp
neuralnetworks/1.0/utils/Android.bp
neuralnetworks/1.0/vts/functional/Android.bp
neuralnetworks/1.1/Android.bp
neuralnetworks/1.1/utils/Android.bp
neuralnetworks/1.1/vts/functional/Android.bp
neuralnetworks/1.2/Android.bp
neuralnetworks/1.2/utils/Android.bp
neuralnetworks/1.2/vts/functional/Android.bp
neuralnetworks/1.3/Android.bp
neuralnetworks/1.3/utils/Android.bp
neuralnetworks/1.3/vts/functional/Android.bp
neuralnetworks/aidl/Android.bp
neuralnetworks/aidl/utils/Android.bp
neuralnetworks/aidl/vts/functional/Android.bp
neuralnetworks/utils/common/Android.bp
neuralnetworks/utils/service/Android.bp
nfc/1.0/Android.bp
nfc/1.0/default/Android.bp
nfc/1.0/vts/functional/Android.bp
nfc/1.1/Android.bp
nfc/1.1/vts/functional/Android.bp
nfc/1.2/Android.bp
nfc/1.2/vts/functional/Android.bp
oemlock/1.0/Android.bp
oemlock/1.0/vts/functional/Android.bp
oemlock/aidl/Android.bp
oemlock/aidl/default/Android.bp
oemlock/aidl/vts/Android.bp
power/1.0/Android.bp
power/1.0/default/Android.bp
power/1.0/vts/functional/Android.bp
power/1.1/Android.bp
power/1.1/vts/functional/Android.bp
power/1.2/Android.bp
power/1.2/vts/functional/Android.bp
power/1.3/Android.bp
power/1.3/vts/functional/Android.bp
power/aidl/Android.bp
power/aidl/default/Android.bp
power/aidl/vts/Android.bp
power/stats/1.0/Android.bp
power/stats/1.0/default/Android.bp
power/stats/1.0/vts/functional/Android.bp
power/stats/aidl/Android.bp
power/stats/aidl/default/Android.bp
power/stats/aidl/vts/Android.bp
radio/1.0/Android.bp
radio/1.0/vts/functional/Android.bp
radio/1.1/Android.bp
radio/1.1/vts/functional/Android.bp
radio/1.2/Android.bp
radio/1.2/default/Android.bp
radio/1.2/vts/functional/Android.bp
radio/1.3/Android.bp
radio/1.3/vts/functional/Android.bp
radio/1.4/Android.bp
radio/1.4/vts/functional/Android.bp
radio/1.5/Android.bp
radio/1.5/vts/functional/Android.bp
radio/1.6/Android.bp
radio/1.6/vts/functional/Android.bp
radio/config/1.0/Android.bp
radio/config/1.0/default/Android.bp
radio/config/1.0/vts/functional/Android.bp
radio/config/1.1/Android.bp
radio/config/1.1/vts/functional/Android.bp
radio/config/1.2/Android.bp
radio/config/1.2/vts/functional/Android.bp
radio/config/1.3/Android.bp
radio/config/1.3/vts/functional/Android.bp
radio/deprecated/1.0/Android.bp
rebootescrow/aidl/Android.bp
rebootescrow/aidl/default/Android.bp
rebootescrow/aidl/vts/functional/Android.bp
renderscript/1.0/Android.bp
renderscript/1.0/default/Android.bp
renderscript/1.0/vts/functional/Android.bp
secure_element/1.0/Android.bp
secure_element/1.0/vts/functional/Android.bp
secure_element/1.1/Android.bp
secure_element/1.1/vts/functional/Android.bp
secure_element/1.2/Android.bp
secure_element/1.2/vts/functional/Android.bp
security/keymint/aidl/Android.bp
security/keymint/aidl/default/Android.bp
security/keymint/aidl/vts/functional/Android.bp
security/keymint/support/Android.bp
security/secureclock/aidl/Android.bp
security/secureclock/aidl/vts/functional/Android.bp
security/sharedsecret/aidl/Android.bp
security/sharedsecret/aidl/vts/functional/Android.bp
sensors/1.0/Android.bp
sensors/1.0/default/Android.bp
sensors/1.0/vts/functional/Android.bp
sensors/2.0/Android.bp
sensors/2.0/default/Android.bp
sensors/2.0/multihal/Android.bp
sensors/2.0/vts/functional/Android.bp
sensors/2.1/Android.bp
sensors/2.1/default/Android.bp
sensors/2.1/multihal/Android.bp
sensors/2.1/vts/functional/Android.bp
sensors/common/default/2.X/Android.bp
sensors/common/default/2.X/multihal/Android.bp
sensors/common/default/2.X/multihal/tests/Android.bp
sensors/common/utils/Android.bp
sensors/common/vts/2_X/Android.bp
sensors/common/vts/utils/Android.bp
soundtrigger/2.0/Android.bp
soundtrigger/2.0/default/Android.bp
soundtrigger/2.0/default/Android.mk
soundtrigger/2.0/vts/functional/Android.bp
soundtrigger/2.1/Android.bp
soundtrigger/2.1/default/Android.mk
soundtrigger/2.1/vts/functional/Android.bp
soundtrigger/2.2/Android.bp
soundtrigger/2.2/default/Android.bp
soundtrigger/2.2/vts/functional/Android.bp
soundtrigger/2.3/Android.bp
soundtrigger/2.3/default/Android.bp
soundtrigger/2.3/vts/functional/Android.bp
tests/bar/1.0/Android.bp
tests/bar/1.0/default/Android.bp
tests/baz/1.0/Android.bp
tests/baz/1.0/default/Android.bp
tests/expression/1.0/Android.bp
tests/extension/light/2.0/Android.bp
tests/extension/light/2.0/default/Android.bp
tests/extension/vibrator/aidl/Android.bp
tests/extension/vibrator/aidl/client/Android.bp
tests/extension/vibrator/aidl/default/Android.bp
tests/foo/1.0/Android.bp
tests/foo/1.0/default/Android.bp
tests/foo/1.0/default/lib/Android.bp
tests/hash/1.0/Android.bp
tests/hash/1.0/default/Android.bp
tests/inheritance/1.0/Android.bp
tests/inheritance/1.0/default/Android.bp
tests/lazy/1.0/Android.bp
tests/lazy/1.1/Android.bp
tests/libhwbinder/1.0/Android.bp
tests/libhwbinder/1.0/default/Android.bp
tests/libhwbinder/aidl/Android.bp
tests/memory/1.0/Android.bp
tests/memory/1.0/default/Android.bp
tests/memory/2.0/Android.bp
tests/msgq/1.0/Android.bp
tests/msgq/1.0/default/Android.bp
tests/multithread/1.0/Android.bp
tests/multithread/1.0/default/Android.bp
tests/safeunion/1.0/Android.bp
tests/safeunion/1.0/default/Android.bp
tests/safeunion/cpp/1.0/Android.bp
tests/safeunion/cpp/1.0/default/Android.bp
tests/trie/1.0/Android.bp
tests/trie/1.0/default/Android.bp
tetheroffload/config/1.0/Android.bp
tetheroffload/config/1.0/vts/functional/Android.bp
tetheroffload/control/1.0/Android.bp
tetheroffload/control/1.0/vts/functional/Android.bp
tetheroffload/control/1.1/Android.bp
tetheroffload/control/1.1/vts/functional/Android.bp
thermal/1.0/Android.bp
thermal/1.0/default/Android.bp
thermal/1.0/vts/functional/Android.bp
thermal/1.1/Android.bp
thermal/1.1/vts/functional/Android.bp
thermal/2.0/Android.bp
thermal/2.0/default/Android.bp
thermal/2.0/vts/functional/Android.bp
tv/cec/1.0/Android.bp
tv/cec/1.0/default/Android.bp
tv/input/1.0/Android.bp
tv/input/1.0/default/Android.bp
tv/input/1.0/vts/functional/Android.bp
tv/tuner/1.0/Android.bp
tv/tuner/1.0/default/Android.bp
tv/tuner/1.0/vts/functional/Android.bp
usb/1.0/Android.bp
usb/1.0/default/Android.bp
usb/1.0/vts/functional/Android.bp
usb/1.1/Android.bp
usb/1.1/vts/functional/Android.bp
usb/1.2/Android.bp
usb/1.2/vts/functional/Android.bp
usb/gadget/1.0/Android.bp
usb/gadget/1.1/Android.bp
usb/gadget/1.1/default/Android.bp
usb/gadget/1.1/default/lib/Android.bp
vibrator/1.0/Android.bp
vibrator/1.0/default/Android.bp
vibrator/1.0/vts/functional/Android.bp
vibrator/1.1/Android.bp
vibrator/1.1/vts/functional/Android.bp
vibrator/1.2/Android.bp
vibrator/1.2/vts/functional/Android.bp
vibrator/1.3/Android.bp
vibrator/1.3/example/Android.bp
vibrator/1.3/vts/functional/Android.bp
vibrator/aidl/Android.bp
vibrator/aidl/default/Android.bp
vibrator/aidl/vts/Android.bp
vr/1.0/Android.bp
vr/1.0/default/Android.bp
vr/1.0/vts/functional/Android.bp
weaver/1.0/Android.bp
weaver/1.0/vts/functional/Android.bp
weaver/aidl/Android.bp
weaver/aidl/default/Android.bp
weaver/aidl/vts/Android.bp
wifi/1.0/Android.bp
wifi/1.0/vts/functional/Android.bp
wifi/1.1/Android.bp
wifi/1.1/vts/functional/Android.bp
wifi/1.2/Android.bp
wifi/1.2/vts/functional/Android.bp
wifi/1.3/Android.bp
wifi/1.3/vts/functional/Android.bp
wifi/1.4/Android.bp
wifi/1.4/default/Android.mk
wifi/1.4/vts/functional/Android.bp
wifi/hostapd/1.0/Android.bp
wifi/hostapd/1.0/vts/functional/Android.bp
wifi/hostapd/1.1/Android.bp
wifi/hostapd/1.1/vts/functional/Android.bp
wifi/hostapd/1.2/Android.bp
wifi/hostapd/1.2/vts/functional/Android.bp
wifi/offload/1.0/Android.bp
wifi/offload/1.0/vts/functional/Android.bp
wifi/supplicant/1.0/Android.bp
wifi/supplicant/1.0/vts/functional/Android.bp
wifi/supplicant/1.1/Android.bp
wifi/supplicant/1.1/vts/functional/Android.bp
wifi/supplicant/1.2/Android.bp
wifi/supplicant/1.2/vts/functional/Android.bp
wifi/supplicant/1.3/Android.bp
wifi/supplicant/1.3/vts/functional/Android.bp
Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-NCSA to:
Android.bp
automotive/can/1.0/Android.bp
automotive/can/1.0/default/Android.bp
Added SPDX-license-identifier-NCSA to:
automotive/can/1.0/default/libc++fs/Android.bp
Bug: 68860345
Bug: 151177513
Bug: 151953481
Test: m all
Exempt-From-Owner-Approval: janitorial work
Change-Id: I602b072f77ff41e9eb8d3c36b6b5315d63664006
Merged-in: I602b072f77ff41e9eb8d3c36b6b5315d63664006
|
|
Bug: 150578172
Test: m
Change-Id: Ie7605c203c0f0eaf2c40f1e64ea45634b3aa54a5
Merged-In: I141de8ed6958fe42f727a0fa41473de4c1fb38de
|
|
- Add IIdentityCredential.deleteCredentialWithChallenge()
- Deprecate IIdentityCredential.deleteCredential()
- Add IIdentityCredential.proveOwership()
- Add IIdentityCredential.updateCredential()
- Add ProofOfBinding CBOR to AuthenticationKey X.509 certificate
- Document which API versions new methods/features appeared in.
- Mention need to declare android.hardware.identity_credential system
feature (w/ feature version number) and do this for the default
implementation.
Bug: 170146643
Test: atest VtsHalIdentityTargetTest
Change-Id: Ib47c7caa5f3d6fff6919f019eee44a735dba9cf8
|
|
|
|
Test: vts_treble_vintf_test
Bug: 150034914
Change-Id: I1f31aa015af61845855f7985188267fc35d29c1e
|
|
Introduce platform-neutral C library ("libeic") which can be used to
implement an Identity Credential Trusted Application/Applet in Secure
Hardware.
The libeic library is intentionally low-level, has no dependencies
(not even libc), uses very little run-time memory (less than 500 bytes
during a provisioning or presentation session), and doesn't
dynamically allocate any memory. Crypto routines are provided by the
library user through a simple crypto interface defined in EicOps.
Also provide an Android-side HAL implementation designed to
communicate with libeic running in Secure Hardware outside
Android. Abstract out communications between HAL and TA in a couple of
SecureHardwareProxy* classes which mimic libeic 1:1.
The default implementation of the HAL is a combination of the
aforementioned HAL using libeic in-process backed by BoringSSL for the
crypto bits.
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Bug: 170146643
Change-Id: I3bf43fa7fd9362f94023052591801f2094a04607
|
|
- The docs said that IdentityCredential.createEphemeralKey() returned
data encoded PKCS#8 which is wrong. It's supposed to be in DER format
which is also what the VTS tests and credstore expects.
- Clarify that createEphemeralKeyPair(), setReaderEphemeralPublicKey(),
and createAuthChallenge() are all optional.
- Avoid passing an invalid profile ID in the IdentityCredentialTests.
verifyOneProfileAndEntryPass test.
- Update requirements for which tags must be present in the attestation
for CredentialKey as well as the requirements on expiration date and
the issuer name. Update default implementation to satisfy these
requirements. Update VTS tests to carefully verify these requrements
are met.
- Clarify requirements for X.509 cert for AuthenticationKey. Add VTS
test to verify.
- Mandate that TAG_IDENTITY_CREDENTIAL_KEY must not be set for test
credentials. Add VTS test to verify this.
- Make default implementation pretend to be implemented in a trusted
environment and streamline VTS tests to not special-case for the
default implementation.
- Switch to using the attestation extension parser from the KM 4.1
support library instead of the one from system/keymaster. The latter
one did not support the latest attestation extension and thus would
fail for pretty much anything that wasn't the default HAL impl.
- Fix a couple of bugs in keymaster::V4_1::parse_attestation_record():
- Report root_of_trust.security_level
- Add support for Tag::IDENTITY_CREDENTIAL_KEY
- Fix how EMacKey is calculated.
- Add test vectors to verify how EMacKey and DeviceMac is calculated.
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Bug: 171745570
Change-Id: I2f8bd772de078556733f769cec2021918d1d7de6
|
|
Key derivation for session encryption and MACing now involves mixing
in SessionTranscriptBytes. Update docs, default implementation, and
VTS tests to reflect this.
Also, the standard changed such that instead of DeviceAuthentication
being MACed or signed, it's instead DeviceAuthenticationBytes which is
defined as #6.24(bstr .cbor DeviceAuthentication). The same also for
ReaderAuthentication, now ReaderAuthenticationBytes is the CBOR which
is signed by the reader.
Also update the URL for CDDL since it's now a published RFC.
Bug: 159482543
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Change-Id: I73fc7eb48ffb71e00a8b54849266ed814295fa39
|
|
These updates are based on input/experiences implementing this
HAL. There are no API changes.
- Specify that the validity for credentialKey certificate shall be
from current time and expire at the same time as the attestation
batch certificate.
- Require challenge passed to getAttestationCertificate() is
non-empty.
- Fix bug in VTS tests where the startPersonlization() result was not
checked.
- Remove verifyStartPersonalizationZero test since it cannot be
completed.
- Ensure secureUserId is non-zero if user authentication is needed.
- Specify format for signingKeyBlob in generateSigningKeyPair() same
way we do for credentialData in finishAddingEntries().
- Modify EndToEndTest to decrypt/unpack credentialData to obtain
credentialPrivKey and storageKey and do cross-checks on these.
- Modify EndToEndTest to decrypt/unpack signingKeyBlob to obtain
signingKeyPriv and check it matches the public key in the returned
certificate.
- Add new VTS tests for user and reader authentication.
- Relax unnecessary requirements about SessionTranscript structure -
just require it has X and Y of the ephemeral key created earlier.
- Allow calls in VTS tests to v2 HAL to fail - this should allow
these VTS tests to pass on a compliant v1 HAL.
Bug: 156911917
Bug: 158107945
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Change-Id: I11b79dbd57b1830609c70301fea9c99f9e5080cb
|
|
This is to facilitate HAL implementations using a TA existing in a
different environment than where auth tokens are minted. This method
will be used by credstore in a companion CL.
This modifies version 2 of the Identity Credential API (which was
never been released) to add a new method and creates version 2 of the
Keymaster types-only AIDL API to include the new VerificationToken
parcelable and SecurityLevel enum.
Bug: 156076333
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Change-Id: I7d05413a9ec70225ce419079f3cc9daf026cf744
|
|
Without this extra information passed upfront it's not practical to
implement a HAL which incrementally builds up cryptographically
authenticated data.
Two new methods are added to facilitate this and the HAL version
number is bumped to 2.
Bug: 154631410
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Change-Id: Iff63dfa2c4485c8768e06e7f6d70e940cfc8f68e
|
|
In order to implement Identity Credential on resource-restricted
secure hardware, we need to limit the number of possible
AccessControlProfile in a credential. A limit of 32 means that such
hardware only need to devote four bytes of RAM for a bitmask with
information about which profiles are authorized.
Document this, add new VTS test, and update the default
implementation.
Bug: 155100967
Test: atest android.security.identity.cts
Test: atest VtsHalIdentityTargetTest
Change-Id: Ia4f2ee0013b330561df744e0595f298a0d156122
|
|
Fixed following bugs in WritableIdentityCredential.cpp
- Do not allow startPersonalization to be called more than once per
aidl.
- Do not preceed with beginAddEntry if addAccessControlProfile and
startPersonalization profile count mismatch.
- Verify access control profile ids are unique.
- Do not let empty name space to mess up beginAddEntry.
- Do not allow beginAddEntry to add entries interleaving namespace
groupings. Enforce all entries must be added in namespace "groups"
per aidl.
- Fix counting error that allowed one entries to be added per name
space than startPersonalization limit.
- Do not approve finishAddingEntries if there are more profiles or
entries to be added than startPersonalization set accounting.
- Add testing utilities library for identity credential.
- Refactored end to end tests.
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Change-Id: I51902681776c6230e49589fc75a8145e79d7d1a6
|
|
In native world, byte stream is typically represented in uint8_t[]
or vector<uint8_t>. C++ backend already generates that way. This
change involves NDK backend.
Now NDK backend also uses vector<uint8_t> just like C++ backend.
Bug: 144957764
Test: atest CtsNdkBinderTestCases
Merged-In: I8de348b57cf92dd99b3ee16252f56300ce5f4683
Change-Id: I8de348b57cf92dd99b3ee16252f56300ce5f4683
(cherry picked from commit 9070318462e5e73acf1509cf7e75ac260e51e43a)
Exempt-From-Owner-Approval: cp from internal
|
|
The implementation of the Identity Credential TA in constrained
environments may need to incrementally update the HMAC-SHA256 of
DeviceAuthencation CBOR to avoid keeping the entire CBOR structure in
memory. To do this they need to calculate the derived key before
starting to build the CBOR so they need access to the signingKey
earlier on.
Bug: 150390415
Test: atest android.security.identity.cts
Test: VtsHalIdentityTargetTest
Change-Id: I72ad30ec3ccec0b8161cbea360ef8c9212f8cbbc
|
|
Bug: 149908474
Test: atest android.security.identity.cts.AttestationTest
Test: atest VtsHalIdentityCredentialTargetTest
Test: atest android.hardware.identity-support-lib-test
Change-Id: I18c5d05d806d4157c9dce42a398cc89421e26907
|
|
This includes add a partial types-only HAL for KeyMaster for
HardwareAuthToken.
Bug: 111446262
Test: atest android.security.identity.cts
Test: VtsHalIdentityTargetTest
Test: android.hardware.identity-support-lib-test
Change-Id: I7a6254d33200bfd62269aed1957cbb2a84b16272
|
