summaryrefslogtreecommitdiff
path: root/security
AgeCommit message (Collapse)Author
2022-06-20Merge "KeyMint VTS: cope with ATTEST_KEY +/- SIGN" into tm-devDavid Drysdale
2022-06-17Read VSR level from correct property.Shawn Willden
Bug: 235424890 Test: VtsHalKeymasterV4_0TargetTest & VtsAidlKeyMintTargetTest Ignore-AOSP-First: Cherry-pick of aosp/2128833 Change-Id: I39109c097d129124097a303c3f108d015cb367e3 Merged-In: I39109c097d129124097a303c3f108d015cb367e3
2022-06-13KeyMint VTS: cope with ATTEST_KEY +/- SIGNDavid Drysdale
This change syncs aosp/master with the change in http://aosp/2117528, allowing devices that launched with the (incorrect) version of ATTEST_KEY VTS tests in Android S to continue to pass the test. Bug: 197096139 Bug: 230074335 Test: VtsAidlKeyMintTargetTest Change-Id: If88642e238e64ca9ec80303a4a72f7171c63464f Merged-In: If88642e238e64ca9ec80303a4a72f7171c63464f
2022-06-10Merge "Add a README for Remote Key Provisioning." into tm-devTreeHugger Robot
2022-06-10Add a README for Remote Key Provisioning.Max Bires
This document goes a little more in depth on the motivating factors and background mechanisms that occur with RKP, that are not appropriate for direct inclusion in the HAL docs in the .aidl files. Bug: 234159998 Test: Readable Change-Id: I141fb098c536a5468b1113af64dcf6185ea7ae9f
2022-06-06Merge "Implement KeyMint2 test for VSR13" into tm-devTreeHugger Robot
2022-06-06Implement KeyMint2 test for VSR13Shawn Willden
Test: VtsAidlKeyMintTargetTest & VtsHalKeymasterV4_0TargetTest Bug: 235099905 Ignore-AOSP-First: Cherry pick from aosp/2115214 Change-Id: Ie10b705bb06990a2a2c6223fcce28f5fde6bf3f3 Merged-In: Ie10b705bb06990a2a2c6223fcce28f5fde6bf3f3
2022-06-02Implement alternate SE RoT provisioningShawn Willden
Bug: 219076736 Test: VtsAidlKeyMintTargetTest Change-Id: Ia696d7765f316d35eba1b4e65acae6c1072987b1
2022-05-12Clean up description of IRemotelyProvisionedComponent uniqueIdSeth Moore
The identifier is to be used in telemetry to identify problematic implementations. Thus, it needs to be globally consistent, at least within a given device type. Test: None -- doc only changes Bug: 231495834 Change-Id: Ia55db336fa099d8e1196f6bfe2bafb6fa5ead329 Merged-In: Ia55db336fa099d8e1196f6bfe2bafb6fa5ead329
2022-05-09KeyMint VTS: x25519 pubkey as SubjectPublicKeyInfoDavid Drysdale
The data for a key agreement operation should always send in the SubjectPublicKeyInfo structure, not a raw key for X25519. Test: VtsAidlKeyMintTargetTest Bug: 231959070 Change-Id: Ib5157da6a986d957162fab60dbe927017cfdd703 Merged-In: Ib5157da6a986d957162fab60dbe927017cfdd703
2022-05-09Merge "KeyMint VTS: skip device ID checks on GSI" into tm-devDavid Drysdale
2022-05-06Merge "Clean up keymint ProtectedData documentation" into tm-devSeth Moore
2022-05-05KeyMint VTS: skip device ID checks on GSIDavid Drysdale
Bug: 229356841 Test: VtsAidlKeyMintTargetTest Change-Id: I3182bad5584c35df7b1eeb476dabb39d19fdf12c (cherry picked from commit 555ba00c0f2adb6bed6f507a78e43885e9f46048) Merged-In: I3182bad5584c35df7b1eeb476dabb39d19fdf12c
2022-05-04Clean up keymint ProtectedData documentationSeth Moore
- Fix up some minor CDDL formatting issues. - Add more definition around the BCC, hopefully clearing up partner confusion around how to implement it. - Explain when BccPayload entries may be omitted in the case of a "Degenerate BCC" - Add a bit more description to the DKSignature format Bug: 227350250 Test: N/A -- doc changes only Change-Id: I28337a80e2b49661cc37876400d7ac3b8759ba01 Merged-In: I28337a80e2b49661cc37876400d7ac3b8759ba01
2022-05-04Merge "Run SecureElementProvision tests for KeyMint version >= 2." am: ↵David Drysdale
d347852bcc Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2051222 Bug: 230803681 Change-Id: I42b63bdea5fa0fb6c3a79e457f8bd63c6b346111 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> (cherry picked from commit 009d595c0f84d060120b9012d8fa6a9921664b14)
2022-04-21Merge "Increase challenge size in tests." am: dcaa803893 am: a24527be86 am: ↵Max Bires
14bae2b195 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2066892 Change-Id: Iab5729979eef4a7e3d318f8c3fa816276442e5be Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-20Increase challenge size in tests.Max Bires
VTS tests were currently passing a challenge size of 32 in all cases. However, the server currently sends a challenge of length 40, which may or may not change in the future. A 64 byte upper limit provides a standard size along with flexibility in case the challenge format changes in the future. Test: atest VtsHalRemotelyProvisionedComponentTargetTest Change-Id: I678bb915f139e4c23354180870a66ce33a9cfd8c
2022-04-16Freeze AIDL APIs for TMJiyong Park
Bug: 225941299 Test: m Change-Id: I61eb51c0334eb99489c6f1570110d7e18c350c99
2022-04-11Merge "Fix AES corrupt padding test" am: b474607b7c am: b661792d06 am: ↵David Drysdale
2e449950d6 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2059787 Change-Id: I1a4bf228d73452cbc718ab126165bf09e0cdf833 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-04-11Fix AES corrupt padding testDavid Drysdale
The AesEcbPkcs7PaddingCorrupted test has been incorrect since it was originally introduced -- it was feeding the original message as input to the decryption operation, rather than the corrupted ciphertext. As a result, the expected error code was also wrong -- INVALID_INPUT_LENGTH is appropriate for a too-short cipher text (length 1 in this case), whereas a corrupt-but-correct-length cipher text should give INVALID_ARGUMENT. Fix the test, and add a separate test to cover what was inadvertently being tested before. Add a sentence to the HAL spec to describe what expected and tested by CTS/VTS. Bug: 194126736 Test: VtsAidlKeyMintTargetTest, VtsHalKeymasterV4_0TargetTest Change-Id: Iaa5e42768814197f373797831093cf344d342b77
2022-04-02Merge changes from topic "aidl_freeze_tm" into tm-devJiyong Park
* changes: Implement getInterfaceHash/Version for SoundTrigger Add -Wno-missing-permission-annotation for soundtrigger3 V3 is the latest version of keymaster HAL interface Freeze AIDL APIs for TM
2022-03-31Merge "KeyMint: Device IDs attestation based on verion." am: 1b7abc43b6 am: ↵Eran Messeri
d8fdf0b804 am: 8adaed5f62 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2028224 Change-Id: I2937358195e0218cf7337b989686f649b7e82d22 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-03-31Freeze AIDL APIs for TMJiyong Park
Bug: 225941299 Test: m Change-Id: Ie41cc0797710f813f92c65c387f247c7806d8394
2022-03-25KeyMint: Device IDs attestation based on verion.Prashant Patil
Updated VTS testcases where Device IDs Attestation expected as optional and made it mandatory if KeyMint version >= 2 or device first shipped with api_level 33. Bug: 221190197 Test: run vts -m VtsAidlKeyMintTargetTest Change-Id: I8870a9301d36abdc4fa6585b9f8d62cc1cfd3d96
2022-03-24Merge "Updated the vts attestation tests for strongbox implementations which ↵Treehugger Robot
do not support factory attestation." am: 950b7b8026 am: cc399cf7b0 am: af1490f3f7 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2027803 Change-Id: I07f19f0c03955d3931842688d8a2ee31dbf174cf
2022-03-24Merge "Updated the vts attestation tests for strongbox implementations which ↵Treehugger Robot
do not support factory attestation."
2022-03-23Updated the vts attestation tests for strongbox implementations whichsubrahmanyaman
do not support factory attestation. Bug: b/219962281 Test: Run vts tests. Change-Id: Ie3f3f33f773227d879e11f11e2ef0eaee33db648
2022-03-22Merge "Fix CDDL for signatures." am: 1edd38d6ee am: 3303e97603 am: 08835aaa3dTreehugger Robot
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2036743 Change-Id: Iaf829618dc93488ac3db71e6c7bab37830295ea7
2022-03-22Merge "Fix CDDL for signatures."Treehugger Robot
2022-03-22Fix CDDL for signatures.Alan Stokes
The signature is not CBOR-encoded, it's the raw bytes of the signature encoded as specified for the specific algorithm. I've made the references to PureEd25519() / ECDSA() into comments, since I believe they're not actually legal CDDL but are aimed at humans. And I've made the two occurrences consistent with each other. Test: N/A Change-Id: Ia42362ff3d0ce5458322663256cbd34d258afe76
2022-03-22Merge "KeyMint VTS: strict test only for v2+" am: d057fc0cb6 am: 1f0d75f1f8 ↵David Drysdale
am: 3056221f7c Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2033925 Change-Id: I2783a11812212640bbca13a8fd0faadba57e7103
2022-03-22Merge "KeyMint HAL: clarify ATTEST_KEY is like SIGN" am: afa73442b7 am: ↵David Drysdale
bbbc278300 am: be65672ee4 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2033928 Change-Id: I49d1939007b771ad90fed66b475d3034272ff291
2022-03-22Merge "KeyMint VTS: strict test only for v2+"David Drysdale
2022-03-22Merge "KeyMint HAL: clarify ATTEST_KEY is like SIGN"David Drysdale
2022-03-21Merge "More canonicalization checks and canonicalize before signing" am: ↵Max Bires
cf02e97946 am: 8daddefc18 am: 59624afdce Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2029343 Change-Id: Ia1ceaa34fdbcf2d20690e1cc447321bdf3b40856
2022-03-21KeyMint HAL: clarify ATTEST_KEY is like SIGNDavid Drysdale
Bug: 221280929 Test: None, comment change only (already assumed by VTS tests) Change-Id: Ifc077c6ce1a89164b0d7c70c6e3353d941eee670
2022-03-21Merge "More canonicalization checks and canonicalize before signing"Max Bires
2022-03-21KeyMint VTS: strict test only for v2+David Drysdale
Bug: 223537775 Bug: 197096139 Test: VtsAidlKeyMintTargetTest Change-Id: Ib77d52e4a91233c936b3a44f5eac71f53b2af450
2022-03-21More canonicalization checks and canonicalize before signingMax Bires
This change makes sure the DeviceInfo CBOR map is canonicalized before the signature check instead of just separately checking the canonicalization in a separate call. Additionally, some ASSERTs have been changed to EXPECTs in validation of the DeviceInfo map more generally, where it makes sense to avoid failing immediately. Test: atest VtsHalRemotelyProvisionedComponentTargetTest Change-Id: I69806c887656772ea6b5e2e3f0af50957e6b05e3
2022-03-18Merge "KeyMint VTS: Expect empty key if boot state unverfied" am: a26f8cb316 ↵Tri Vo
am: 39f920bae3 am: c18ed24712 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2014678 Change-Id: I877572dcb311c4c83f4effb4e0dbdec38ebee5bc
2022-03-18Merge "KeyMint VTS: Expect empty key if boot state unverfied"Tri Vo
2022-03-16Merge changes from topic "default_dice_hal" am: 49a1688f5e am: 0b05aae7dc ↵Janis Danisevskis
am: 2c90fb249d Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1896435 Change-Id: Ic00ebe42a30cfa7bff9e229d07f91bb2ec4c3698
2022-03-16Merge changes from topic "default_dice_hal"Janis Danisevskis
* changes: Dice HAL: Add VTS Test. Dice HAL: Added default implementation.
2022-03-16Merge "Revert "KeyMint VTS: add TEST_MAPPING"" am: 83e3bffe66 am: 0918368cf8 ↵David Drysdale
am: 85b06d9590 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2028363 Change-Id: Ife7fefb8c11e694a0a36340ddab12851e34ce09d
2022-03-16Merge "Revert "KeyMint VTS: add TEST_MAPPING""David Drysdale
2022-03-16Revert "KeyMint VTS: add TEST_MAPPING"David Drysdale
This reverts commit 7e71fcf8527c1720dbc5c740ddd5b45e29e89fd5. Reason for revert: failing tests on git_master on aosp_x86_64-userdebug Bug: 224951152 Bug: 224951969 Bug: 224950581 Change-Id: I86ae5e8d73cefd6d9d923138384cf98ec80a42df
2022-03-16Merge "KeyMint VTS: add TEST_MAPPING" am: 7f366ab5dd am: 4c1b6dfb23 am: ↵David Drysdale
36f58e6c98 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1879916 Change-Id: Ic2d9051445575fce6e451d9919d07a4fd42d3211
2022-03-16Merge "KeyMint VTS: add TEST_MAPPING"David Drysdale
2022-03-15Dice HAL: Add VTS Test.Janis Danisevskis
This CL adds a VTS test for the DICE HAL, and a test specific for demotion testing. Demotion testing leaves the device in a permanently modified state untill the next reboot, which is why it needs a special test config. The current test config restarts the device before testing, in a followup the device also has to reboot after the test. Bug: 198197213 Test: atest VtsAidlDiceTargetTest atest VtsAidlDiceDemoteTargetTest Change-Id: I4278a1352df749da50dc8e5d118fc37336026061
2022-03-15Merge "Prevent test crashes if device sets invalid curve" am: ceedbb0d1a am: ↵David Drysdale
cd2af34d63 am: 590665c1b9 Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2020155 Change-Id: I21eff3e3f3af55b2041b739dc7e0d8342df25599
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-03 10:41:34 +0000