Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 41fb8f8f authored by Android Build Coastguard Worker's avatar Android Build Coastguard Worker
Browse files

Snap for 8340624 from 0286ec56 to tm-d1-release

Change-Id: Ia5bd99817e30b4a53314bba6e1418d2959e2ba3e
parents c3d19b60 0286ec56
Loading
Loading
Loading
Loading
+8 −7
Original line number Original line Diff line number Diff line
@@ -78,15 +78,16 @@ parcelable KeyCreationResult {
     *     provided, otherwise ATTESTATION_APPLICATION_ID_MISSING will be returned.
     *     provided, otherwise ATTESTATION_APPLICATION_ID_MISSING will be returned.
     *
     *
     * 3.  Asymmetric key non-attestation with signing key.  If Tag::ATTESTATION_CHALLENGE is not
     * 3.  Asymmetric key non-attestation with signing key.  If Tag::ATTESTATION_CHALLENGE is not
     *     provided and the generated/imported key has KeyPurpose::SIGN, then the returned
     *     provided and the generated/imported key has KeyPurpose::SIGN or KeyPurpose::ATTEST_KEY,
     *     certificate chain must contain only a single self-signed certificate with no attestation
     *     then the returned certificate chain must contain only a single self-signed certificate
     *     extension.  Tag::ATTESTATION_APPLICATION_ID will be ignored if provided.
     *     with no attestation extension.  Tag::ATTESTATION_APPLICATION_ID will be ignored if
     *     provided.
     *
     *
     * 4.  Asymmetric key non-attestation with non-signing key.  If TAG::ATTESTATION_CHALLENGE is
     * 4.  Asymmetric key non-attestation with non-signing key.  If TAG::ATTESTATION_CHALLENGE is
     *     not provided and the generated/imported key does not have KeyPurpose::SIGN, then the
     *     not provided and the generated/imported key does not have KeyPurpose::SIGN nor
     *     returned certificate chain must contain only a single certificate with an empty signature
     *     KeyPurpose::ATTEST_KEY, then the returned certificate chain must contain only a single
     *     and no attestation extension.  Tag::ATTESTATION_APPLICATION_ID will be ignored if
     *     certificate with an empty signature and no attestation extension.
     *     provided.
     *     Tag::ATTESTATION_APPLICATION_ID will be ignored if provided.
     *
     *
     * 5.  Symmetric key.  If the generated/imported key is symmetric, the certificate chain must
     * 5.  Symmetric key.  If the generated/imported key is symmetric, the certificate chain must
     *     return empty, any Tag::ATTESTATION_CHALLENGE or Tag::ATTESTATION_APPLICATION_ID inputs,
     *     return empty, any Tag::ATTESTATION_CHALLENGE or Tag::ATTESTATION_APPLICATION_ID inputs,
+4 −4
Original line number Original line Diff line number Diff line
@@ -92,8 +92,8 @@ parcelable ProtectedData {
     *         },
     *         },
     *         {},                   // Unprotected params
     *         {},                   // Unprotected params
     *         bstr .size 32,                  // MAC key
     *         bstr .size 32,                  // MAC key
     *         bstr PureEd25519(KM_priv, .cbor SignedMac_structure) /
     *         bstr // PureEd25519(KM_priv, bstr .cbor SignedMac_structure) /
     *              ECDSA(KM_priv, bstr .cbor SignedMac_structure)
     *              // ECDSA(KM_priv, bstr .cbor SignedMac_structure)
     *     ]
     *     ]
     *
     *
     *     SignedMac_structure = [
     *     SignedMac_structure = [
@@ -144,8 +144,8 @@ parcelable ProtectedData {
     *         },
     *         },
     *         unprotected: {},
     *         unprotected: {},
     *         payload: bstr .cbor BccPayload,
     *         payload: bstr .cbor BccPayload,
     *         signature: bstr .cbor PureEd25519(SigningKey, bstr .cbor BccEntryInput) /
     *         signature: bstr // PureEd25519(SigningKey, bstr .cbor BccEntryInput) /
     *                    bstr .cbor ECDSA(SigningKey, bstr .cbor BccEntryInput)
     *                         // ECDSA(SigningKey, bstr .cbor BccEntryInput)
     *         // See RFC 8032 for details of how to encode the signature value for Ed25519.
     *         // See RFC 8032 for details of how to encode the signature value for Ed25519.
     *     ]
     *     ]
     *
     *
+15 −0
Original line number Original line Diff line number Diff line
@@ -183,6 +183,14 @@ TEST_P(AttestKeyTest, AllRsaSizes) {
 * This test attempts to create an RSA attestation key that also allows signing.
 * This test attempts to create an RSA attestation key that also allows signing.
 */
 */
TEST_P(AttestKeyTest, RsaAttestKeyMultiPurposeFail) {
TEST_P(AttestKeyTest, RsaAttestKeyMultiPurposeFail) {
    if (AidlVersion() < 2) {
        // The KeyMint v1 spec required that KeyPurpose::ATTEST_KEY not be combined
        // with other key purposes.  However, this was not checked at the time
        // so we can only be strict about checking this for implementations of KeyMint
        // version 2 and above.
        GTEST_SKIP() << "Single-purpose for KeyPurpose::ATTEST_KEY only strict since KeyMint v2";
    }

    vector<uint8_t> attest_key_blob;
    vector<uint8_t> attest_key_blob;
    vector<KeyCharacteristics> attest_key_characteristics;
    vector<KeyCharacteristics> attest_key_characteristics;
    vector<Certificate> attest_key_cert_chain;
    vector<Certificate> attest_key_cert_chain;
@@ -453,6 +461,13 @@ TEST_P(AttestKeyTest, EcAttestKeyChaining) {
 * This test attempts to create an EC attestation key that also allows signing.
 * This test attempts to create an EC attestation key that also allows signing.
 */
 */
TEST_P(AttestKeyTest, EcAttestKeyMultiPurposeFail) {
TEST_P(AttestKeyTest, EcAttestKeyMultiPurposeFail) {
    if (AidlVersion() < 2) {
        // The KeyMint v1 spec required that KeyPurpose::ATTEST_KEY not be combined
        // with other key purposes.  However, this was not checked at the time
        // so we can only be strict about checking this for implementations of KeyMint
        // version 2 and above.
        GTEST_SKIP() << "Single-purpose for KeyPurpose::ATTEST_KEY only strict since KeyMint v2";
    }
    vector<uint8_t> attest_key_blob;
    vector<uint8_t> attest_key_blob;
    vector<KeyCharacteristics> attest_key_characteristics;
    vector<KeyCharacteristics> attest_key_characteristics;
    vector<Certificate> attest_key_cert_chain;
    vector<Certificate> attest_key_cert_chain;
+14 −0
Original line number Original line Diff line number Diff line
@@ -3821,6 +3821,13 @@ TEST_P(ImportKeyTest, RsaPublicExponentMismatch) {
 * Verifies that importing an RSA key pair with purpose ATTEST_KEY+SIGN fails.
 * Verifies that importing an RSA key pair with purpose ATTEST_KEY+SIGN fails.
 */
 */
TEST_P(ImportKeyTest, RsaAttestMultiPurposeFail) {
TEST_P(ImportKeyTest, RsaAttestMultiPurposeFail) {
    if (AidlVersion() < 2) {
        // The KeyMint v1 spec required that KeyPurpose::ATTEST_KEY not be combined
        // with other key purposes.  However, this was not checked at the time
        // so we can only be strict about checking this for implementations of KeyMint
        // version 2 and above.
        GTEST_SKIP() << "Single-purpose for KeyPurpose::ATTEST_KEY only strict since KeyMint v2";
    }
    uint32_t key_size = 2048;
    uint32_t key_size = 2048;
    string key = rsa_2048_key;
    string key = rsa_2048_key;


@@ -3959,6 +3966,13 @@ TEST_P(ImportKeyTest, EcdsaCurveMismatch) {
 * Verifies that importing and using an ECDSA P-256 key pair with purpose ATTEST_KEY+SIGN fails.
 * Verifies that importing and using an ECDSA P-256 key pair with purpose ATTEST_KEY+SIGN fails.
 */
 */
TEST_P(ImportKeyTest, EcdsaAttestMultiPurposeFail) {
TEST_P(ImportKeyTest, EcdsaAttestMultiPurposeFail) {
    if (AidlVersion() < 2) {
        // The KeyMint v1 spec required that KeyPurpose::ATTEST_KEY not be combined
        // with other key purposes.  However, this was not checked at the time
        // so we can only be strict about checking this for implementations of KeyMint
        // version 2 and above.
        GTEST_SKIP() << "Single-purpose for KeyPurpose::ATTEST_KEY only strict since KeyMint v2";
    }
    ASSERT_EQ(ErrorCode::INCOMPATIBLE_PURPOSE,
    ASSERT_EQ(ErrorCode::INCOMPATIBLE_PURPOSE,
              ImportKey(AuthorizationSetBuilder()
              ImportKey(AuthorizationSetBuilder()
                                .Authorization(TAG_NO_AUTH_REQUIRED)
                                .Authorization(TAG_NO_AUTH_REQUIRED)
+0 −31
Original line number Original line Diff line number Diff line
@@ -43,7 +43,6 @@ using aidl::android::hardware::wifi::supplicant::ISupplicant;
using aidl::android::hardware::wifi::supplicant::ISupplicantStaIface;
using aidl::android::hardware::wifi::supplicant::ISupplicantStaIface;
using aidl::android::hardware::wifi::supplicant::ISupplicantStaNetwork;
using aidl::android::hardware::wifi::supplicant::ISupplicantStaNetwork;
using aidl::android::hardware::wifi::supplicant::KeyMgmtMask;
using aidl::android::hardware::wifi::supplicant::KeyMgmtMask;
using aidl::android::hardware::wifi::supplicant::RxFilterType;
using aidl::android::hardware::wifi::supplicant::WpaDriverCapabilitiesMask;
using aidl::android::hardware::wifi::supplicant::WpaDriverCapabilitiesMask;
using aidl::android::hardware::wifi::supplicant::WpsConfigMethods;
using aidl::android::hardware::wifi::supplicant::WpsConfigMethods;
using android::ProcessState;
using android::ProcessState;
@@ -543,36 +542,6 @@ TEST_P(SupplicantStaIfaceAidlTest, SetPowerSave) {
    EXPECT_TRUE(sta_iface_->setPowerSave(false).isOk());
    EXPECT_TRUE(sta_iface_->setPowerSave(false).isOk());
}
}


/*
 * StartRxFilter
 */
TEST_P(SupplicantStaIfaceAidlTest, StartRxFilter) {
    EXPECT_TRUE(sta_iface_->startRxFilter().isOk());
}

/*
 * StopRxFilter
 */
TEST_P(SupplicantStaIfaceAidlTest, StopRxFilter) {
    EXPECT_TRUE(sta_iface_->stopRxFilter().isOk());
}

/*
 * AddRxFilter
 */
TEST_P(SupplicantStaIfaceAidlTest, AddRxFilter) {
    EXPECT_TRUE(sta_iface_->addRxFilter(RxFilterType::V4_MULTICAST).isOk());
    EXPECT_TRUE(sta_iface_->addRxFilter(RxFilterType::V6_MULTICAST).isOk());
}

/*
 * RemoveRxFilter
 */
TEST_P(SupplicantStaIfaceAidlTest, RemoveRxFilter) {
    EXPECT_TRUE(sta_iface_->removeRxFilter(RxFilterType::V4_MULTICAST).isOk());
    EXPECT_TRUE(sta_iface_->removeRxFilter(RxFilterType::V6_MULTICAST).isOk());
}

/*
/*
 * AddExtRadioWork
 * AddExtRadioWork
 */
 */