Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5aeb705c authored Aug 18, 2021 by Bill Richardson Committed by Automerger Merge Worker Aug 18, 2021

Merge "Revert "AesInvalidKeySize skip 192 on SB devices"" into sc-dev am: f332d02b am: d3a0230a

Original change: https://googleplex-android-review.googlesource.com/c/platform/hardware/interfaces/+/15595275

Change-Id: I0aada250ccbb96d61caef4796cd8d29c1eccd32f

parents ff1c1d5f d3a0230a

keymaster/4.0/vts/functional/KeymasterHidlTest.cpp

+0 −4

Original line number	Diff line number	Diff line
		@@ -21,7 +21,6 @@

		#include <android-base/logging.h>
		#include <android/hidl/manager/1.0/IServiceManager.h>
		#include <cutils/properties.h>

		#include <keymasterV4_0/key_param_output.h>
		#include <keymasterV4_0/keymaster_utils.h>
		@@ -686,9 +685,6 @@ std::vector<uint32_t> KeymasterHidlTest::InvalidKeySizes(Algorithm algorithm) {
		case Algorithm::EC:
		return {224, 384, 521};
		case Algorithm::AES:
		// The HAL language was clarified to exclude AES key sizes of 192 for StrongBox
		// instances on devices launched on API Level 31 and above.
		if (property_get_int32("ro.board.first_api_level", 0) < 31) return {};
		return {192};
		default:
		return {};

security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl

+1 −2

Original line number	Diff line number	Diff line
		@@ -96,8 +96,7 @@ import android.hardware.security.secureclock.TimeStampToken;
		*
		* o AES
		*
		* - TRUSTED_ENVIRONMENT IKeyMintDevices must support 128, 192 and 256-bit keys.
		* STRONGBOX IKeyMintDevices must only support 128 and 256-bit keys.
		* - 128 and 256-bit keys
		* - CBC, CTR, ECB and GCM modes. The GCM mode must not allow the use of tags smaller than 96
		* bits or nonce lengths other than 96 bits.
		* - CBC and ECB modes must support unpadded and PKCS7 padding modes. With no padding CBC and