summaryrefslogtreecommitdiff
path: root/security/keymint/aidl/vts/functional
AgeCommit message (Collapse)Author
2022-06-20Merge "KeyMint VTS: cope with ATTEST_KEY +/- SIGN" into tm-devDavid Drysdale
2022-06-17Read VSR level from correct property.Shawn Willden
Bug: 235424890 Test: VtsHalKeymasterV4_0TargetTest & VtsAidlKeyMintTargetTest Ignore-AOSP-First: Cherry-pick of aosp/2128833 Change-Id: I39109c097d129124097a303c3f108d015cb367e3 Merged-In: I39109c097d129124097a303c3f108d015cb367e3
2022-06-13KeyMint VTS: cope with ATTEST_KEY +/- SIGNDavid Drysdale
This change syncs aosp/master with the change in http://aosp/2117528, allowing devices that launched with the (incorrect) version of ATTEST_KEY VTS tests in Android S to continue to pass the test. Bug: 197096139 Bug: 230074335 Test: VtsAidlKeyMintTargetTest Change-Id: If88642e238e64ca9ec80303a4a72f7171c63464f Merged-In: If88642e238e64ca9ec80303a4a72f7171c63464f
2022-06-06Merge "Implement KeyMint2 test for VSR13" into tm-devTreeHugger Robot
2022-06-06Implement KeyMint2 test for VSR13Shawn Willden
Test: VtsAidlKeyMintTargetTest & VtsHalKeymasterV4_0TargetTest Bug: 235099905 Ignore-AOSP-First: Cherry pick from aosp/2115214 Change-Id: Ie10b705bb06990a2a2c6223fcce28f5fde6bf3f3 Merged-In: Ie10b705bb06990a2a2c6223fcce28f5fde6bf3f3
2022-06-02Implement alternate SE RoT provisioningShawn Willden
Bug: 219076736 Test: VtsAidlKeyMintTargetTest Change-Id: Ia696d7765f316d35eba1b4e65acae6c1072987b1
2022-05-09KeyMint VTS: x25519 pubkey as SubjectPublicKeyInfoDavid Drysdale
The data for a key agreement operation should always send in the SubjectPublicKeyInfo structure, not a raw key for X25519. Test: VtsAidlKeyMintTargetTest Bug: 231959070 Change-Id: Ib5157da6a986d957162fab60dbe927017cfdd703 Merged-In: Ib5157da6a986d957162fab60dbe927017cfdd703
2022-05-05KeyMint VTS: skip device ID checks on GSIDavid Drysdale
Bug: 229356841 Test: VtsAidlKeyMintTargetTest Change-Id: I3182bad5584c35df7b1eeb476dabb39d19fdf12c (cherry picked from commit 555ba00c0f2adb6bed6f507a78e43885e9f46048) Merged-In: I3182bad5584c35df7b1eeb476dabb39d19fdf12c
2022-05-04Merge "Run SecureElementProvision tests for KeyMint version >= 2." am: ↵David Drysdale
d347852bcc Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2051222 Bug: 230803681 Change-Id: I42b63bdea5fa0fb6c3a79e457f8bd63c6b346111 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> (cherry picked from commit 009d595c0f84d060120b9012d8fa6a9921664b14)
2022-04-21Merge "Increase challenge size in tests." am: dcaa803893 am: a24527be86 am: ↵Max Bires
14bae2b195 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2066892 Change-Id: Iab5729979eef4a7e3d318f8c3fa816276442e5be Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-20Increase challenge size in tests.Max Bires
VTS tests were currently passing a challenge size of 32 in all cases. However, the server currently sends a challenge of length 40, which may or may not change in the future. A 64 byte upper limit provides a standard size along with flexibility in case the challenge format changes in the future. Test: atest VtsHalRemotelyProvisionedComponentTargetTest Change-Id: I678bb915f139e4c23354180870a66ce33a9cfd8c
2022-04-11Merge "Fix AES corrupt padding test" am: b474607b7c am: b661792d06 am: ↵David Drysdale
2e449950d6 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2059787 Change-Id: I1a4bf228d73452cbc718ab126165bf09e0cdf833 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-11Fix AES corrupt padding testDavid Drysdale
The AesEcbPkcs7PaddingCorrupted test has been incorrect since it was originally introduced -- it was feeding the original message as input to the decryption operation, rather than the corrupted ciphertext. As a result, the expected error code was also wrong -- INVALID_INPUT_LENGTH is appropriate for a too-short cipher text (length 1 in this case), whereas a corrupt-but-correct-length cipher text should give INVALID_ARGUMENT. Fix the test, and add a separate test to cover what was inadvertently being tested before. Add a sentence to the HAL spec to describe what expected and tested by CTS/VTS. Bug: 194126736 Test: VtsAidlKeyMintTargetTest, VtsHalKeymasterV4_0TargetTest Change-Id: Iaa5e42768814197f373797831093cf344d342b77
2022-03-31Merge "KeyMint: Device IDs attestation based on verion." am: 1b7abc43b6 am: ↵Eran Messeri
d8fdf0b804 am: 8adaed5f62 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2028224 Change-Id: I2937358195e0218cf7337b989686f649b7e82d22 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-03-25KeyMint: Device IDs attestation based on verion.Prashant Patil
Updated VTS testcases where Device IDs Attestation expected as optional and made it mandatory if KeyMint version >= 2 or device first shipped with api_level 33. Bug: 221190197 Test: run vts -m VtsAidlKeyMintTargetTest Change-Id: I8870a9301d36abdc4fa6585b9f8d62cc1cfd3d96
2022-03-24Merge "Updated the vts attestation tests for strongbox implementations which ↵Treehugger Robot
do not support factory attestation." am: 950b7b8026 am: cc399cf7b0 am: af1490f3f7 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2027803 Change-Id: I07f19f0c03955d3931842688d8a2ee31dbf174cf
2022-03-24Merge "Updated the vts attestation tests for strongbox implementations which ↵Treehugger Robot
do not support factory attestation."
2022-03-23Updated the vts attestation tests for strongbox implementations whichsubrahmanyaman
do not support factory attestation. Bug: b/219962281 Test: Run vts tests. Change-Id: Ie3f3f33f773227d879e11f11e2ef0eaee33db648
2022-03-22Merge "KeyMint VTS: strict test only for v2+" am: d057fc0cb6 am: 1f0d75f1f8 ↵David Drysdale
am: 3056221f7c Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2033925 Change-Id: I2783a11812212640bbca13a8fd0faadba57e7103
2022-03-22Merge "KeyMint VTS: strict test only for v2+"David Drysdale
2022-03-21Merge "More canonicalization checks and canonicalize before signing" am: ↵Max Bires
cf02e97946 am: 8daddefc18 am: 59624afdce Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2029343 Change-Id: Ia1ceaa34fdbcf2d20690e1cc447321bdf3b40856
2022-03-21Merge "More canonicalization checks and canonicalize before signing"Max Bires
2022-03-21KeyMint VTS: strict test only for v2+David Drysdale
Bug: 223537775 Bug: 197096139 Test: VtsAidlKeyMintTargetTest Change-Id: Ib77d52e4a91233c936b3a44f5eac71f53b2af450
2022-03-21More canonicalization checks and canonicalize before signingMax Bires
This change makes sure the DeviceInfo CBOR map is canonicalized before the signature check instead of just separately checking the canonicalization in a separate call. Additionally, some ASSERTs have been changed to EXPECTs in validation of the DeviceInfo map more generally, where it makes sense to avoid failing immediately. Test: atest VtsHalRemotelyProvisionedComponentTargetTest Change-Id: I69806c887656772ea6b5e2e3f0af50957e6b05e3
2022-03-18Merge "KeyMint VTS: Expect empty key if boot state unverfied" am: a26f8cb316 ↵Tri Vo
am: 39f920bae3 am: c18ed24712 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2014678 Change-Id: I877572dcb311c4c83f4effb4e0dbdec38ebee5bc
2022-03-18Merge "KeyMint VTS: Expect empty key if boot state unverfied"Tri Vo
2022-03-15Merge "Prevent test crashes if device sets invalid curve" am: ceedbb0d1a am: ↵David Drysdale
cd2af34d63 am: 590665c1b9 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2020155 Change-Id: I21eff3e3f3af55b2041b739dc7e0d8342df25599
2022-03-15Merge "Prevent test crashes if device sets invalid curve"David Drysdale
2022-03-14Merge "Key{Mint,Master} VTS: fix incremental AES tags" am: e5c2bf01fc am: ↵David Drysdale
523b300da7 am: a219992eef Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2020421 Change-Id: I771b72b5f4f439c8b6eea264010b90f0efa876a8
2022-03-14Merge "Key{Mint,Master} VTS: fix incremental AES tags"David Drysdale
2022-03-14Key{Mint,Master} VTS: fix incremental AES tagsDavid Drysdale
Change Id62fdce65131ee00c88e5849955a937f1c171748 split up the AES incremental encryption tests into individual tests for each encryption mode. This meant that each generated key is only valid for a single mode, which in turn means that for non-GCM mode keys it is not valid to specify MIN_MAC_LENGTH. Bug: 223934835 Test: VtsAidlKeyMintTargetTest Change-Id: I38f34f60116bde3d23f203365d62e5b25d7b254b
2022-03-10Prevent test crashes if device sets invalid curveDavid Drysdale
Test: VtsHalRemotelyProvisionedComponentTargetTest Change-Id: Ib623b3dcdd5a496b34314c1e0d1a310c8beeb18d
2022-03-09KeyMint VTS: check for relevant devices am: 1585fdceb5 am: 4e3b4590c9 am: ↵David Drysdale
b96f3a4099 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2013077 Change-Id: I593e54aff83abc22b3749075b114595363af8e4d
2022-03-08KeyMint VTS: Expect empty key if boot state unverfiedTri Vo
Bug: 221128605 Test: VtsAidlKeyMintTargetTest Change-Id: Icbf0ccf57245b2eef559a119087e15cd883239f5
2022-03-08KeyMint VTS: check for relevant devicesDavid Drysdale
Don't run tests if the appropriate KeyMint device is not available (e.g. on something that only has Keymaster). Move to use GTEST_SKIP consistently. Bug: 221909227 Test: VtsAidlKeyMintTargetTest Change-Id: I5dab238519e57e6752b795f3a983681cf4337bdd
2022-03-04Merge "Split AESincremental VTS test into 4 Tests(For ↵Treehugger Robot
blockmodes-ECB,CBC,GCM,CTR)" am: 90019d46c2 am: bfdd991c76 am: 8be10ddce6 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2007030 Change-Id: Iffe169fcff0a11478672bf8f5895a93fcdcc9003
2022-03-03Split AESincremental VTS test into 4 Tests(For blockmodes-ECB,CBC,GCM,CTR)anil.hiranniah
Change mentioned above is done in VTS for Keymaster4.0 and Keymint Test: VTS tests with tradefed Change-Id: Id62fdce65131ee00c88e5849955a937f1c171748
2022-03-02Merge "Support for P256 curve in RKP for Strongbox Test: Run Rkp Vts tests." ↵Treehugger Robot
am: 55419fd935 am: 3b6c35b95e am: df05e41148 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1969799 Change-Id: I7a8bc93b7f4d8a391c86c1b9cc6f4bd88a9ee759
2022-03-02Merge "Support for P256 curve in RKP for Strongbox Test: Run Rkp Vts tests."Treehugger Robot
2022-03-01KeyMint VTS: fix fixture setup name am: 795f758780 am: 85ce9e2530 am: 77a0eb6d63David Drysdale
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2003891 Change-Id: I10373d673da1d3d2e24cff7d28551b9f60eb0605
2022-03-01KeyMint VTS: fix fixture setup nameDavid Drysdale
Bug: 221909227 Test: VtsAidlKeyMintTargetTest Change-Id: Ic0722242cee2ea21c974133e4f81b13b21e44615
2022-02-24Merge "KeyMint: Test generation of asymmetric keys fails with missing ↵Treehugger Robot
parameters" am: 72358dab6a am: 9a7ab7c60b am: 140062e6fb Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1895034 Change-Id: If1d224518b75ce8d90061aa243ad3959fed6b5f1
2022-02-24Merge "KeyMint: Test generation of asymmetric keys fails with missing ↵Treehugger Robot
parameters"
2022-02-24Merge "Add timed out test files to tidy_timeout_srcs" am: ff54f73b4f am: ↵Chih-hung Hsieh
fa83970b3a am: 581616e658 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1992232 Change-Id: I2eac13fe3b5ab0b4f15d6ceadf376e5e74124a81
2022-02-24Merge "Add timed out test files to tidy_timeout_srcs"Chih-hung Hsieh
2022-02-23Merge "Provide alternate SE RoT provisioning path." am: 07011d9e09 am: ↵Treehugger Robot
11c970f706 am: b56acbc92e Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1982797 Change-Id: I86a0b94d2c61d1e4268f27e0121085dbc4e17927
2022-02-22Provide alternate SE RoT provisioning path.Shawn Willden
On some devices it is infeasible to provision the KeyMint RoT bits in the Android Bootloader. This provides an alternate path to provision them from the TEE during early boot. Bug: 219076736 Test: VtsAidlKeyMintTargetTest Change-Id: If69f7e25e58edbf4d2190084e2c0a03a94bfa5d6 Merged-In: If69f7e25e58edbf4d2190084e2c0a03a94bfa5d6
2022-02-23Support for P256 curve in RKP for Strongboxsubrahmanyaman
Test: Run Rkp Vts tests. Change-Id: Ic38fd2318dd8749ae125f1e78d25f2722bd367e5
2022-02-18Add timed out test files to tidy_timeout_srcsChih-Hung Hsieh
* Timed out runs do not show any warning messages. * These test files cannot finish clang-tidy runs with the following settings: TIDY_TIMEOUT=90 WITH_TIDY=1 CLANG_ANALYZER_CHECKS=1 * When TIDY_TIMEOUT is set, in Android continuous builds, tidy_timeout_srcs files will not be compiled by clang-tidy. When developers build locally without TIDY_TIMEOUT, tidy_timeout_srcs files will be compiled. * Some of these test modules may be split into smaller ones, or disable some time consuming checks, and then enable clang-tidy to run within limited time. Bug: 201099167 Test: make droid tidy-hardware-interfaces_subset Change-Id: I1de28f1572fff368f67eab512fffec9f2e5c2a9b
2022-02-16Merge "Fixed vts tests cases which do not support factory attestation. Test: ↵Treehugger Robot
Run keymint Vts tests." am: 0f7d419136 am: c1603e8ef5 am: 07c1601d5f Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1972595 Change-Id: I27812795afb51c66ebacc735b1986bd508c71cc4
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-03 18:07:45 +0000