Merge "Add performOperation stub." (4411dc96) · Commits · e / os / android_hardware_interfaces

security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IKeyMintDevice.aidl

+1 −0

Original line number	Diff line number	Diff line
		@@ -45,5 +45,6 @@ interface IKeyMintDevice {
		android.hardware.security.keymint.BeginResult begin(in android.hardware.security.keymint.KeyPurpose purpose, in byte[] keyBlob, in android.hardware.security.keymint.KeyParameter[] params, in android.hardware.security.keymint.HardwareAuthToken authToken);
		void deviceLocked(in boolean passwordOnly, in @nullable android.hardware.security.secureclock.TimeStampToken timestampToken);
		void earlyBootEnded();
		byte[] performOperation(in byte[] request);
		const int AUTH_TOKEN_MAC_LENGTH = 32;
		}

+14 −0

Original line number	Diff line number	Diff line
		@@ -760,4 +760,18 @@ interface IKeyMintDevice {
		* an EARLY_BOOT_ONLY key after this method is called must fail with Error::INVALID_KEY_BLOB.
		*/
		void earlyBootEnded();

		/**
		* Called by the client to perform a KeyMint operation.
		*
		* This method is added primarily as a placeholder. Details will be fleshed before the KeyMint
		* V1 interface is frozen. Until then, implementations must return ErrorCode::UNIMPLEMENTED.
		*
		* @param request is an encrypted buffer containing a description of the operation the client
		* wishes to perform. Structure, content and encryption are TBD.
		*
		* @return an encrypted buffer containing the result of the operation. Structure, content and
		* encryption are TBD.
		*/
		byte[] performOperation(in byte[] request);
		}

+1 −1

Original line number	Diff line number	Diff line
		@@ -261,7 +261,7 @@ class KeyMintAidlTestBase : public ::testing::TestWithParam<string> {
		ErrorCode UseRsaKey(const vector<uint8_t>& rsaKeyBlob);
		ErrorCode UseEcdsaKey(const vector<uint8_t>& ecdsaKeyBlob);

		private:
		protected:
		std::shared_ptr<IKeyMintDevice> keymint_;
		uint32_t os_version_;
		uint32_t os_patch_level_;

+14 −2

Original line number	Diff line number	Diff line
		@@ -4633,7 +4633,7 @@ TEST_P(KeyAgreementTest, Ecdh) {

		INSTANTIATE_KEYMINT_AIDL_TEST(KeyAgreementTest);

		typedef KeyMintAidlTestBase EarlyBootKeyTest;
		using EarlyBootKeyTest = KeyMintAidlTestBase;

		TEST_P(EarlyBootKeyTest, CreateEarlyBootKeys) {
		auto [aesKeyData, hmacKeyData, rsaKeyData, ecdsaKeyData] =
		@@ -4690,9 +4690,10 @@ TEST_P(EarlyBootKeyTest, DISABLED_FullTest) {
		CheckedDeleteKey(&rsaKeyData.blob);
		CheckedDeleteKey(&ecdsaKeyData.blob);
		}

		INSTANTIATE_KEYMINT_AIDL_TEST(EarlyBootKeyTest);

		typedef KeyMintAidlTestBase UnlockedDeviceRequiredTest;
		using UnlockedDeviceRequiredTest = KeyMintAidlTestBase;

		// This may be a problematic test. It can't be run repeatedly without unlocking the device in
		// between runs... and on most test devices there are no enrolled credentials so it can't be
		@@ -4724,8 +4725,19 @@ TEST_P(UnlockedDeviceRequiredTest, DISABLED_KeysBecomeUnusable) {
		CheckedDeleteKey(&rsaKeyData.blob);
		CheckedDeleteKey(&ecdsaKeyData.blob);
		}

		INSTANTIATE_KEYMINT_AIDL_TEST(UnlockedDeviceRequiredTest);

		using PerformOperationTest = KeyMintAidlTestBase;

		TEST_P(PerformOperationTest, RequireUnimplemented) {
		vector<uint8_t> response;
		auto result = keymint_->performOperation({} /* request */, &response);
		ASSERT_EQ(GetReturnErrorCode(result), ErrorCode::UNIMPLEMENTED);
		}

		INSTANTIATE_KEYMINT_AIDL_TEST(PerformOperationTest);

		} // namespace aidl::android::hardware::security::keymint::test

		int main(int argc, char** argv) {