Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4e7b1974 authored by Android Build Coastguard Worker's avatar Android Build Coastguard Worker
Browse files

Snap for 8242241 from 6d122494 to tm-d1-release

Change-Id: I161503323d482ec34c6ae931da4346e0e6c332ea
parents 82999cc3 6d122494
Loading
Loading
Loading
Loading
+4 −1
Original line number Diff line number Diff line
@@ -24,7 +24,10 @@ import @3.6::HalStreamConfiguration;
import @3.7::ICameraDeviceSession;

/**
 * Injection Camera device active session interface.
 * Injection camera device active session interface.
 *
 * Note that this is implemented on a special camera injection hal, if it is a
 * general camera hal, it is not necessary to implement this interface.
 *
 * When an external camera is injected to replace the internal camera session, the
 * injection session will be established in camera framework, and then
+1 −0
Original line number Diff line number Diff line
@@ -910,5 +910,6 @@ f767a132ef28275294db15353f14f3876a4048770751931a77d038d4228f2cb7 android.hardwar
d0fb32f3ddeb9af7115ab32905225ea69b930d2472be8e9610f0cf136c15aefb android.hardware.keymaster@4.0::IKeymasterDevice # b/210424594
ca62a2a95d173ed323309e5e00f653ad3cceec82a6e5e4976a249cb5aafe2515 android.hardware.neuralnetworks@1.2::types
fa76bced6b1b71c40fc706c508a9011284c57f57831cd0cf5f45653ed4ea463e android.hardware.neuralnetworks@1.3::types
700d9de9b47984898789f5706e59285ea6fe83aa5744dccf8491c4b881033ae7 android.hardware.camera.device@3.7::ICameraInjectionSession

# There should be no more HIDL HALs - please use AIDL instead.
+4 −1
Original line number Diff line number Diff line
@@ -1051,7 +1051,10 @@ class GraphicsBlendModeCompositionTest
        SetUpBase(std::get<0>(GetParam()));
        // TODO(b/219590743) we should remove the below SRGB color mode
        // once we have the BlendMode test fix for all the versions of the ColorMode
        mTestColorModes = {ColorMode::SRGB};
        mTestColorModes.erase(
                std::remove_if(mTestColorModes.begin(), mTestColorModes.end(),
                               [](ColorMode mode) { return mode != ColorMode::SRGB; }),
                mTestColorModes.end());
        mBackgroundColor = BLACK;
        mTopLayerColor = RED;
    }
+29 −14
Original line number Diff line number Diff line
@@ -185,6 +185,7 @@ class VtsRemotelyProvisionedComponentTests : public testing::TestWithParam<std::
            provisionable_ = IRemotelyProvisionedComponent::fromBinder(binder);
        }
        ASSERT_NE(provisionable_, nullptr);
        ASSERT_TRUE(provisionable_->getHardwareInfo(&rpcHardwareInfo).isOk());
    }

    static vector<string> build_params() {
@@ -194,6 +195,7 @@ class VtsRemotelyProvisionedComponentTests : public testing::TestWithParam<std::

  protected:
    std::shared_ptr<IRemotelyProvisionedComponent> provisionable_;
    RpcHardwareInfo rpcHardwareInfo;
};

/**
@@ -357,11 +359,10 @@ TEST_P(GenerateKeyTests, generateEcdsaP256Key_testMode) {
class CertificateRequestTest : public VtsRemotelyProvisionedComponentTests {
  protected:
    CertificateRequestTest() : eekId_(string_to_bytevec("eekid")), challenge_(randomBytes(32)) {
        generateTestEekChain(3);
    }

    void generateTestEekChain(size_t eekLength) {
        auto chain = generateEekChain(eekLength, eekId_);
        auto chain = generateEekChain(rpcHardwareInfo.supportedEekCurve, eekLength, eekId_);
        EXPECT_TRUE(chain) << chain.message();
        if (chain) testEekChain_ = chain.moveValue();
        testEekLength_ = eekLength;
@@ -382,6 +383,17 @@ class CertificateRequestTest : public VtsRemotelyProvisionedComponentTests {
        }
    }

    ErrMsgOr<bytevec> getSessionKey(ErrMsgOr<std::pair<bytevec, bytevec>>& senderPubkey) {
        if (rpcHardwareInfo.supportedEekCurve == RpcHardwareInfo::CURVE_25519 ||
            rpcHardwareInfo.supportedEekCurve == RpcHardwareInfo::CURVE_NONE) {
            return x25519_HKDF_DeriveKey(testEekChain_.last_pubkey, testEekChain_.last_privkey,
                                         senderPubkey->first, false /* senderIsA */);
        } else {
            return ECDH_HKDF_DeriveKey(testEekChain_.last_pubkey, testEekChain_.last_privkey,
                                       senderPubkey->first, false /* senderIsA */);
        }
    }

    void checkProtectedData(const DeviceInfo& deviceInfo, const cppbor::Array& keysToSign,
                            const bytevec& keysToSignMac, const ProtectedData& protectedData,
                            std::vector<BccEntryData>* bccOutput = nullptr) {
@@ -394,9 +406,7 @@ class CertificateRequestTest : public VtsRemotelyProvisionedComponentTests {
        ASSERT_TRUE(senderPubkey) << senderPubkey.message();
        EXPECT_EQ(senderPubkey->second, eekId_);

        auto sessionKey =
                x25519_HKDF_DeriveKey(testEekChain_.last_pubkey, testEekChain_.last_privkey,
                                      senderPubkey->first, false /* senderIsA */);
        auto sessionKey = getSessionKey(senderPubkey);
        ASSERT_TRUE(sessionKey) << sessionKey.message();

        auto protectedDataPayload =
@@ -406,7 +416,8 @@ class CertificateRequestTest : public VtsRemotelyProvisionedComponentTests {
        auto [parsedPayload, __, payloadErrMsg] = cppbor::parse(*protectedDataPayload);
        ASSERT_TRUE(parsedPayload) << "Failed to parse payload: " << payloadErrMsg;
        ASSERT_TRUE(parsedPayload->asArray());
        EXPECT_EQ(parsedPayload->asArray()->size(), 2U);
        // Strongbox may contain additional certificate chain.
        EXPECT_LE(parsedPayload->asArray()->size(), 3U);

        auto& signedMac = parsedPayload->asArray()->get(0);
        auto& bcc = parsedPayload->asArray()->get(1);
@@ -566,6 +577,7 @@ TEST_P(CertificateRequestTest, NewKeyPerCallInTestMode) {
    bytevec keysToSignMac;
    DeviceInfo deviceInfo;
    ProtectedData protectedData;
    generateTestEekChain(3);
    auto status = provisionable_->generateCertificateRequest(
            testMode, {} /* keysToSign */, testEekChain_.chain, challenge_, &deviceInfo,
            &protectedData, &keysToSignMac);
@@ -605,8 +617,8 @@ TEST_P(CertificateRequestTest, DISABLED_EmptyRequest_prodMode) {
    DeviceInfo deviceInfo;
    ProtectedData protectedData;
    auto status = provisionable_->generateCertificateRequest(
            testMode, {} /* keysToSign */, getProdEekChain(), challenge_, &deviceInfo,
            &protectedData, &keysToSignMac);
            testMode, {} /* keysToSign */, getProdEekChain(rpcHardwareInfo.supportedEekCurve),
            challenge_, &deviceInfo, &protectedData, &keysToSignMac);
    EXPECT_TRUE(status.isOk());
}

@@ -646,8 +658,8 @@ TEST_P(CertificateRequestTest, DISABLED_NonEmptyRequest_prodMode) {
    DeviceInfo deviceInfo;
    ProtectedData protectedData;
    auto status = provisionable_->generateCertificateRequest(
            testMode, keysToSign_, getProdEekChain(), challenge_, &deviceInfo, &protectedData,
            &keysToSignMac);
            testMode, keysToSign_, getProdEekChain(rpcHardwareInfo.supportedEekCurve), challenge_,
            &deviceInfo, &protectedData, &keysToSignMac);
    EXPECT_TRUE(status.isOk());
}

@@ -662,6 +674,7 @@ TEST_P(CertificateRequestTest, NonEmptyRequestCorruptMac_testMode) {
    bytevec keysToSignMac;
    DeviceInfo deviceInfo;
    ProtectedData protectedData;
    generateTestEekChain(3);
    auto status = provisionable_->generateCertificateRequest(
            testMode, {keyWithCorruptMac}, testEekChain_.chain, challenge_, &deviceInfo,
            &protectedData, &keysToSignMac);
@@ -681,8 +694,8 @@ TEST_P(CertificateRequestTest, NonEmptyRequestCorruptMac_prodMode) {
    DeviceInfo deviceInfo;
    ProtectedData protectedData;
    auto status = provisionable_->generateCertificateRequest(
            testMode, {keyWithCorruptMac}, getProdEekChain(), challenge_, &deviceInfo,
            &protectedData, &keysToSignMac);
            testMode, {keyWithCorruptMac}, getProdEekChain(rpcHardwareInfo.supportedEekCurve),
            challenge_, &deviceInfo, &protectedData, &keysToSignMac);
    ASSERT_FALSE(status.isOk()) << status.getMessage();
    EXPECT_EQ(status.getServiceSpecificError(), BnRemotelyProvisionedComponent::STATUS_INVALID_MAC);
}
@@ -695,7 +708,7 @@ TEST_P(CertificateRequestTest, NonEmptyCorruptEekRequest_prodMode) {
    bool testMode = false;
    generateKeys(testMode, 4 /* numKeys */);

    auto prodEekChain = getProdEekChain();
    auto prodEekChain = getProdEekChain(rpcHardwareInfo.supportedEekCurve);
    auto [parsedChain, _, parseErr] = cppbor::parse(prodEekChain);
    ASSERT_NE(parsedChain, nullptr) << parseErr;
    ASSERT_NE(parsedChain->asArray(), nullptr);
@@ -726,7 +739,7 @@ TEST_P(CertificateRequestTest, NonEmptyIncompleteEekRequest_prodMode) {

    // Build an EEK chain that omits the first self-signed cert.
    auto truncatedChain = cppbor::Array();
    auto [chain, _, parseErr] = cppbor::parse(getProdEekChain());
    auto [chain, _, parseErr] = cppbor::parse(getProdEekChain(rpcHardwareInfo.supportedEekCurve));
    ASSERT_TRUE(chain);
    auto eekChain = chain->asArray();
    ASSERT_NE(eekChain, nullptr);
@@ -754,6 +767,7 @@ TEST_P(CertificateRequestTest, NonEmptyRequest_prodKeyInTestCert) {
    bytevec keysToSignMac;
    DeviceInfo deviceInfo;
    ProtectedData protectedData;
    generateTestEekChain(3);
    auto status = provisionable_->generateCertificateRequest(
            true /* testMode */, keysToSign_, testEekChain_.chain, challenge_, &deviceInfo,
            &protectedData, &keysToSignMac);
@@ -772,6 +786,7 @@ TEST_P(CertificateRequestTest, NonEmptyRequest_testKeyInProdCert) {
    bytevec keysToSignMac;
    DeviceInfo deviceInfo;
    ProtectedData protectedData;
    generateTestEekChain(3);
    auto status = provisionable_->generateCertificateRequest(
            false /* testMode */, keysToSign_, testEekChain_.chain, challenge_, &deviceInfo,
            &protectedData, &keysToSignMac);
+7 −0
Original line number Diff line number Diff line
@@ -60,11 +60,15 @@ cc_library {
    export_include_dirs: [
        "include",
    ],
    defaults: [
        "keymint_use_latest_hal_aidl_ndk_shared",
    ],
    shared_libs: [
        "libbase",
        "libcppbor_external",
        "libcppcose_rkp",
        "libcrypto",
        "libkeymaster_portable",
        "libjsoncpp",
    ],
}
@@ -76,6 +80,9 @@ cc_test {
        "libgmock",
        "libgtest_main",
    ],
    defaults: [
        "keymint_use_latest_hal_aidl_ndk_shared",
    ],
    shared_libs: [
        "libbase",
        "libcppbor_external",
Loading