Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ea0819e5 authored by Hasini Gunasinghe's avatar Hasini Gunasinghe Committed by Automerger Merge Worker
Browse files

Merge "Add KeystoreKeyEventReported atom for keystore logging." into rvc-dev... 

Merge "Add KeystoreKeyEventReported atom for keystore logging." into rvc-dev am: dde631ac am: 1dcfccf3

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/11617960

Change-Id: I11d620cef91e3d624ceaa85b546d0ef953de3d13
parents 5cc9fc78 1dcfccf3

cmds/statsd/src/atoms.proto

+109 −0
Original line number Original line Diff line number Diff line
@@ -482,6 +482,7 @@ message Atom { 
        BlobLeased blob_leased = 299 [(module) = "framework"];

        BlobLeased blob_leased = 299 [(module) = "framework"];

        BlobOpened blob_opened = 300 [(module) = "framework"];

        BlobOpened blob_opened = 300 [(module) = "framework"];

        ContactsProviderStatusReported contacts_provider_status_reported = 301;

        ContactsProviderStatusReported contacts_provider_status_reported = 301;

        KeystoreKeyEventReported keystore_key_event_reported = 302;





        // StatsdStats tracks platform atoms with ids upto 500.

        // StatsdStats tracks platform atoms with ids upto 500.

        // Update StatsdStats::kMaxPushedAtomId when atom ids here approach that value.

        // Update StatsdStats::kMaxPushedAtomId when atom ids here approach that value.
@@ -10926,6 +10927,114 @@ message MediametricsAudioDeviceConnectionReported { 
    optional int32 connection_count = 6;

    optional int32 connection_count = 6;

}

}





/**

 * Logs: i) creation of different types of cryptographic keys in the keystore,

 * ii) operations performed using the keys,

 * iii) attestation of the keys

 * Logged from: system/security/keystore/key_event_log_handler.cpp

 */

message KeystoreKeyEventReported {



    enum Algorithm {

        /** Asymmetric algorithms. */

        RSA = 1;

        // 2 removed, do not reuse.

        EC = 3;

        /** Block cipher algorithms */

        AES = 32;

        TRIPLE_DES = 33;

        /** MAC algorithms */

        HMAC = 128;

    };

    /** Algorithm associated with the key */

    optional Algorithm algorithm = 1;



    /** Size of the key */

    optional int32 key_size = 2;



    enum KeyOrigin {

        /** Generated in keymaster.  Should not exist outside the TEE. */

        GENERATED = 0;

        /** Derived inside keymaster.  Likely exists off-device. */

        DERIVED = 1;

        /** Imported into keymaster.  Existed as cleartext in Android. */

        IMPORTED = 2;

        /** Keymaster did not record origin. */

        UNKNOWN = 3;

        /** Securely imported into Keymaster. */

        SECURELY_IMPORTED = 4;

    };

    /* Logs whether the key was generated, imported, securely imported, or derived.*/

    optional KeyOrigin key_origin = 3;



    enum HardwareAuthenticatorType {

        NONE = 0;

        PASSWORD = 1;

        FINGERPRINT = 2;

        // Additional entries must be powers of 2.

    };

    /**

     * What auth types does this key require? If none,

     * then no auth required.

     */

    optional HardwareAuthenticatorType user_auth_type = 4;



    /**

     * If user authentication is required, is the requirement time based? If it

     * is not time based then this field will not be used and the key is per

     * operation. Per operation keys must be user authenticated on each usage.

     */

    optional int32 user_auth_key_timeout_secs = 5;



    /**

     * padding mode, digest, block_mode and purpose should ideally be repeated

     * fields. However, since statsd does not support repeated fields in

     * pushed atoms, they are represented using bitmaps.

     */



    /** Track which padding mode is being used.*/

    optional int32 padding_mode_bitmap = 6;



    /** Track which digest is being used. */

    optional int32 digest_bitmap = 7;



    /** Track what block mode is being used (for encryption). */

    optional int32 block_mode_bitmap = 8;



    /** Track what purpose is this key serving. */

    optional int32 purpose_bitmap = 9;



    enum EcCurve {

        P_224 = 0;

        P_256 = 1;

        P_384 = 2;

        P_521 = 3;

    };

    /** Which ec curve was selected if elliptic curve cryptography is in use **/

    optional EcCurve ec_curve = 10;



    enum KeyBlobUsageRequirements {

        STANDALONE = 0;

        REQUIRES_FILE_SYSTEM = 1;

    };

    /** Standalone or is a file system required */

    optional KeyBlobUsageRequirements key_blob_usage_reqs = 11;



    enum Type {

        key_operation = 0;

        key_creation = 1;

        key_attestation = 2;

    }

    /** Key creation event, operation event or attestation event? */

    optional Type type = 12;



    /** Was the key creation, operation, or attestation successful? */

    optional bool was_successful = 13;



    /** Response code or error code */

    optional int32 error_code = 14;

}



// Blob Committer stats

// Blob Committer stats

// Keep in sync between:

// Keep in sync between:

//     frameworks/base/core/proto/android/server/blobstoremanagerservice.proto

//     frameworks/base/core/proto/android/server/blobstoremanagerservice.proto