| Age | Commit message (Collapse) | Author |
|---|
|
Bug: 235424890
Test: VtsHalKeymasterV4_0TargetTest & VtsAidlKeyMintTargetTest
Ignore-AOSP-First: Cherry-pick of aosp/2128833
Change-Id: I39109c097d129124097a303c3f108d015cb367e3
Merged-In: I39109c097d129124097a303c3f108d015cb367e3
|
|
|
|
Test: VtsAidlKeyMintTargetTest & VtsHalKeymasterV4_0TargetTest
Bug: 235099905
Ignore-AOSP-First: Cherry pick from aosp/2115214
Change-Id: Ie10b705bb06990a2a2c6223fcce28f5fde6bf3f3
Merged-In: Ie10b705bb06990a2a2c6223fcce28f5fde6bf3f3
|
|
Bug: 219076736
Test: VtsAidlKeyMintTargetTest
Change-Id: Ia696d7765f316d35eba1b4e65acae6c1072987b1
|
|
Bug: 229356841
Test: VtsAidlKeyMintTargetTest
Change-Id: I3182bad5584c35df7b1eeb476dabb39d19fdf12c
(cherry picked from commit 555ba00c0f2adb6bed6f507a78e43885e9f46048)
Merged-In: I3182bad5584c35df7b1eeb476dabb39d19fdf12c
|
|
Updated VTS testcases where Device IDs Attestation expected as optional
and made it mandatory if KeyMint version >= 2 or device first shipped
with api_level 33.
Bug: 221190197
Test: run vts -m VtsAidlKeyMintTargetTest
Change-Id: I8870a9301d36abdc4fa6585b9f8d62cc1cfd3d96
|
|
do not support factory attestation.
Bug: b/219962281
Test: Run vts tests.
Change-Id: Ie3f3f33f773227d879e11f11e2ef0eaee33db648
|
|
|
|
Change Id62fdce65131ee00c88e5849955a937f1c171748 split up the AES
incremental encryption tests into individual tests for each encryption
mode. This meant that each generated key is only valid for a single
mode, which in turn means that for non-GCM mode keys it is not valid
to specify MIN_MAC_LENGTH.
Bug: 223934835
Test: VtsAidlKeyMintTargetTest
Change-Id: I38f34f60116bde3d23f203365d62e5b25d7b254b
|
|
Bug: 221128605
Test: VtsAidlKeyMintTargetTest
Change-Id: Icbf0ccf57245b2eef559a119087e15cd883239f5
|
|
Change mentioned above is done in VTS for Keymaster4.0
and Keymint
Test: VTS tests with tradefed
Change-Id: Id62fdce65131ee00c88e5849955a937f1c171748
|
|
Test: Run keymint Vts tests.
Change-Id: I8055fef8df5ec77e317f810f9b95a53311b23cf0
|
|
* changes:
KeyMint VTS: police Ed25519 msg size limit
KeyMint VTS: test curve 25519 functionality
|
|
Ed25519 signing operations require the secure world to accumulate the
entirety of the message; consequently, impose a limit on message size
for this operation.
Bug: 194358913
Test: VtsAidlKeyMintTargetTest
Change-Id: Ibfb6a54c1d546b5b4e51f42795d2bb4660add772
|
|
The Key{Mint,Master} spec previously said that RSA-PSS mode should use
SHA-1 for the MGF1 digest, separately from whatever Tag::DIGEST gets
specified as the main digest.
However, both the reference implementation and the VTS/CTS tests
use BoringSSL's defaults, which is to re-use the main digest as the MGF1
digest if none is separately specified.
Given that this behaviour is embedded in many implementations over
several years (and given that there isn't a security implication),
change the spec to match this behaviour. Also update the VTS test
code to make this clear/obvious.
Test: VtsAidlKeyMintTargetTest, VtsHalKeymasterV4_0TargetTest
Bug: 210424594
Merged-In: I4303f28d094ef4d4b9dc931d6728b1fa040de20d
Change-Id: I4303f28d094ef4d4b9dc931d6728b1fa040de20d
|
|
- Add CURVE_25519 as a supported curve for EC operations.
- Add a helper that checks whether the HAL is of a version that is
expected to support curve 25519, and skip relevant tests if not.
- Ed25519 support
- Update KeyMintAidlTestBase::LocalVerifyMessage to cope with a public
key of type EVP_PKEY_ED25519.
- Add a test key pair generated with openssl command line.
- Key generation test
- Key import test for raw format
- Key import test for PKCS#8 format
- Key import failures tests
- Signature test
- Check that purposes cannot be combined (Ed25519 != X25519)
- Check that Ed25519 key can be attested to
- Implicitly check that an Ed25519 key can be used for attestation
(as it is in ValidCurves())
- Force Digest::NONE for Ed25519 throughout.
- X25519 support
- Add a test key pair generated with openssl command line.
- Key generation test
- Key import test for raw format
- Key import test for PKCS#8 format
- Key import failures tests
- Key agreement test, including...
- Refactoring of existing key agreement test for re-use
- Update key agreement checks to cope with a public key of type
EVP_PLEY_X25519.
- Key agreement test using imported key
- Check that purposes cannot be combined (Ed25519 != X25519)
Bug: 194358913
Test: VtsAidlKeyMintTargetTest
Change-Id: Ifa0f95fdfba4387843c8e821c2ca977da0488fa6
|
|
If op_ is a nullptr, the test runner can SIGSEGV.
Test: manual, atest EncryptionOperationsTest#TripleDesCbcPkcs7PaddingCorrupted
Bug: None
Signed-off-by: Brian J Murray <brianjmurray@google.com>
Change-Id: Ibdd6139952ca8bc83ac1a82202839feee39562e1
|
|
For the time being, allow the version number in the attestation record
to be 100 even if the AIDL version is 2, so that implementations don't
have to update both versions simultaneously.
Bug: 194358913
Test: TreeHugger, VtsAidlKeyMintTargetTest
Change-Id: I9aae69327a62014e286ce30ca2a4d91c4c280714
|
|
Added invalid AES key sizes to be tested for Default and TEE based
Keymint implementations.
Bug: 205679497
Test: run vts -m VtsAidlKeyMintTargetTest
Change-Id: Id9044cdc0324258c15f1daa81487c7819a780fe8
|
|
Bug: 202487002
Test: atest VtsAidlKeyMintTargetTest (on CF, O6)
Change-Id: I8bc674b47549aa1133f816c510289774db752e04
|
|
If vendor/boot patchlevel is shorter than the expected YYYYMMDD format,
fail properly rather than crashing the VTS test process.
Bug: 201946955
Test: VtsAidlKeyMintTargetTest
Change-Id: Icf3541e1b76675871672edec8590ec1821770acf
|
|
There are multiple ways this predicate can fail, so add some logging
statements when errors occur so that tests are easier to debug.
Test: VtsAidlKeyMintTargetTest
Change-Id: I49ec12271bdebeab3aa6b9c7ae5d491075b3b649
|
|
Fix the device-unique attestation chain specification: The chain should
have two or three certificates.
In case of two certificates, the device-unique key should be used for
the self-signed root.
In case of three certificates, the device-unique key should be certified
by another key (ideally shared by all StrongBox instances from the same
manufacturer, to ease validation).
Adjust the device-unique attestation tests to accept two or three
certificates in the chain.
Additionally, the current StrongBox KeyMint implementation can not yet
generate fully-valid chains (with matching subjects and issuers), so
relax that check.
Bug: 191361618
Test: m VtsAidlKeyMintTargetTest
Change-Id: I6e6bca33ebb4af67cac8e41a39e9c305d0f1345f
|
|
The KeyMint AIDL spec requires that "Tag::EC_CURVE must be provided to
generate an ECDSA key". Move the VTS tests to always create ECDSA keys
by curve not key size.
Bug: 188672564
Test: VtsAidlKeyMintTargetTest
Change-Id: I33036387c243b21ab0ecd49221b7e7757598913e
|
|
Try all tags in attestion extension one by one
Test: VtsAidlKeyMintTargetTest on CF
Bug: 186735514
Change-Id: I63ca8d298d2d16f707f2437ab48aaa69c1d7563d
|
|
|
|
The cppcose_rkp library was updated to generate MAC via callback instead
of passing keys around to allow for stronger MAC key protection.
Bug: 182928606
Test: VtsHalRemotelyProvisionedComponentTargetTest
Test: RemoteProvisionerUnitTests
Change-Id: Ia8a0410408fe3064e904c5282b52f172f8134b9a
Merged-In: Ia8a0410408fe3064e904c5282b52f172f8134b9a
|
|
Bug: 186685601
Bug: 188855306
Test: VtsAidlKeyMintTargetTest
Change-Id: Icf400533b0ded98b9338f2d782d95d90c7efbff4
|
|
- clarify & test BIGNUM spec
- allow alternative return codes when requesting device unique
attestation
- use specific error for early boot import failure
- test more early boot key scenarios (in post-early-boot mode)
Test: VtsAidlKeyMintTargetTest
Change-Id: I70a342084a29144aef1ed0ff80fec02cc06ffbc0
|
|
* changes:
KeyMint VTS: local RSA encryption
KeyMint VTS: local asymmetric verification
|
|
Change RSA encryption (with public key) so it happens locally in the
test, rather than by invoking an ENCRYPT operation against KeyMint.
- Specify MGF1 digest for OAEP mode as (now) required by AIDL spec.
- Drop tests for too-long encryption inputs.
- Adjust test comments to reflect decryption-only nature.
- Change parameter checking tests to do so on DECRYPT rather than ENCRYPT.
Test: VtsAidlKeyMintTargetTest
Change-Id: I10c4beea28387eecfd0bc7c5dfd59a1b66fec21e
|
|
Strongbox doens't support p-224. Change the curve to p-256 for better
compatibility.
Also update the tags to be filtered on the hw-enforcement list.
Change-Id: I3f587c5471ca68b88a565ee9ec2e27d1e9e11b17
|
|
Change verification of ECDSA and RSA signatures so it happens locally
in the test, rather than by invoking a VERIFY operation against KeyMint.
Test: VtsAidlKeyMintTargetTest
Change-Id: I0efc30f3c96cd70ac636d34718eff53cc23f1480
|
|
Tests for:
- non-prime RSA exponent (fails with CF KeyMint)
- RSA exponent value of 3
- key size > 512 for `STRONGBOX`
- unknown tag inclusion
- CBC input size not block size multiple
- challenge omitted for attestation (fails with CF KeyMint)
- import RSA key with implicit params
- vestigial upgradeKey test
- importWrappedKey errors
- importWrappedKey sids ignored
- duplicate/missing params on begin()
- more tests for incompatible params on begin()
- HMAC size not multiple of 8 (fails with CF KeyMint)
- wrong size caller IV for 3DES rejected
- too large MIN_MAC_LENGTH for HMAC
- invalid AES-GCM minimum MAC length values
- check failed updateAad() cancels operation
- check that auto-generated nonces are distinct
- (DISABLED_) invoke destroyAttestationIds()
- omitting optional RSA keygen tags
Also add commenting to illustrate the ASN.1 structure of hex data.
Test: VtsKeyMintAidlTargetTest
Change-Id: I4663c42671cbb094ffe8d603e0352ffa9f1dbf2e
|
|
Add tests for:
- Too much entropy should be rejected with INVALID_INPUT_LENGTH
- All authorization lists should include a vendor and boot patchlevel.
These requirements are in both the KeyMint and the KeyMaster 4.0 AIDL
specificications, but have never been policed before.
Currently disabled with a command-line flag because CF does not have
the patchlevels and so fails lots of tests.
Test: VtsKeyMintAidlTargetTest
Change-Id: Ic9622ef3f1b80e013a34059218e3e029f392eb72
|
|
Also fix some test name comments along the way.
Test: VtsKeyMintAidlTargetTest
Change-Id: I828acfaa676e1b9fa2e3c6f184f9dafb936b0e82
|
|
|
|
|
|
Somehow the attestation format docs got dropped from KeyMint in the
transition from Keymaster. This replaces them, and also clarifies
that KeyMint StrongBox should not support device attestation.
Test: VtsAidlKeyMintTargetTest
Change-Id: I2334e99b4797c7a0e2e59727ffa730cf7504df31
|
|
- Added tests for signing attest key with factory chain.
- Added test for signing encryption keys.
- Added tests for chaining many RSA attest keys on the same chain.
- Added tests for chaining many Ec attest keys on the same chain.
- Added tests for alternate chaining of rsa-ec-rsa-ec-rsa attesti
keys on the same chain.
Test: atest VtsAidlKeyMintTargetTest
Change-Id: I9c67e2b928d6bba6cc4074a4b65f639f33c9ec26
|
|
algorithms and self sign or non-self sign certificates.
Test: atest VtsAidlKeyMintTargetTest
Change-Id: I4e9d8db7be500f165c3a9f240ea2dfe00c2a70d1
|
|
- Make HardwareAuthToken nullable on begin()
- Drop unused vestigial performOperation() entrypoint
- Drop unused Tag::BLOB_USAGE_REQUIREMENTS
Test: TreeHugger, VtsKeyMintAidlTargetTest (CF)
Change-Id: I577ac04d843ee6d03cbfb99e56ef3e69eb034532
|
|
only if challenge is provided. - Verify self sign certificate works for RSA and Ecdsa. - Verified attestation is generated for encryption keys too. - Verify no attestation is generated for symetric keys. - Verify app id is always required when attestation challenge is provided to the new key generation. - Verify app id is ignored when challenge is missing. - Verify app id length is properly encoded. - Added vts tests for various attestation success and fail cases."
|
|
- Check for app id only if challenge is provided.
- Verify self sign certificate works for RSA and Ecdsa.
- Verified attestation is generated for encryption keys too.
- Verify no attestation is generated for symetric keys.
- Verify app id is always required when attestation challenge is
provided to the new key generation.
- Verify app id is ignored when challenge is missing.
- Verify app id length is properly encoded.
- Added vts tests for various attestation success and fail cases.
Test: atest VtsAidlKeyMintTargetTest
Change-Id: If29249b0913fd9c2f91d20188ca5cfbaa04bead8
|
|
This is the change that removes the functionality that has been shifted
over to appropriate classes and contexts in system/keymaster.
Test: atest VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I491f4ef823868322ea6a804d88ca09662c099a44
|
|
|
|
Move helper utilities across into KeyMintAidlTestBase to allow re-use.
Test: VtsHalRemotelyProvisionedComponentTargetTest, VtsAidlKeyMintTargetTest
Change-Id: Ib9e55a7d72fd197016ae1a1f073dadedafa09c25
|
|
TAG_BOOT_PATCHLEVEL and TAG_VENDOR_PATCHLEVEL should be interger type.
Fixed: 184796337
Test: VtsAidlKeyMintTargetTest not abort
Change-Id: Iccd6ac93910d44c0a02b798210909c404a98d8ab
|
|
Test: VtsRemotelyProvisionedComponentTests
Change-Id: I2f5187bfb4fd1572d10c306377e07a6d167689fa
|
|
Test: VtsKeyMintAidlTargetTest
Change-Id: Ib4ab43dbf2604a7642fb2b551646fd7f0adac615
|
