Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit aedb92d5 authored by David Drysdale's avatar David Drysdale Committed by Gerrit Code Review
Browse files

Merge changes I33036387,I63ca8d29 

* changes:
  KeyMint VTS: require curve for ECDSA keys
  KeyMint VTS: more attestation info tests
parents 11854c2d df09e54e

security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp

+42 −34
Original line number Diff line number Diff line
@@ -62,6 +62,9 @@ namespace test { 


namespace {



// Invalid value for a patchlevel (which is of form YYYYMMDD).

const uint32_t kInvalidPatchlevel = 99998877;



// Overhead for PKCS#1 v1.5 signature padding of undigested messages.  Digested messages have

// additional overhead, for the digest algorithmIdentifier required by PKCS#1.

const size_t kPkcs1UndigestedSignaturePaddingOverhead = 11;
@@ -127,7 +130,6 @@ char nibble2hex[16] = {'0', '1', '2', '3', '4', '5', '6', '7', 
// lists to produce the lists that we expect to match the attestations.

auto kTagsToFilter = {

        Tag::CREATION_DATETIME,

    Tag::EC_CURVE,

        Tag::HARDWARE_TYPE,

        Tag::INCLUDE_UNIQUE_ID,

};
@@ -163,6 +165,28 @@ string x509NameToStr(X509_NAME* name) { 
bool KeyMintAidlTestBase::arm_deleteAllKeys = false;

bool KeyMintAidlTestBase::dump_Attestations = false;



uint32_t KeyMintAidlTestBase::boot_patch_level(

        const vector<KeyCharacteristics>& key_characteristics) {

    // The boot patchlevel is not available as a property, but should be present

    // in the key characteristics of any created key.

    AuthorizationSet allAuths;

    for (auto& entry : key_characteristics) {

        allAuths.push_back(AuthorizationSet(entry.authorizations));

    }

    auto patchlevel = allAuths.GetTagValue(TAG_BOOT_PATCHLEVEL);

    if (patchlevel.has_value()) {

        return patchlevel.value();

    } else {

        // No boot patchlevel is available. Return a value that won't match anything

        // and so will trigger test failures.

        return kInvalidPatchlevel;

    }

}



uint32_t KeyMintAidlTestBase::boot_patch_level() {

    return boot_patch_level(key_characteristics_);

}



ErrorCode KeyMintAidlTestBase::GetReturnErrorCode(const Status& result) {

    if (result.isOk()) return ErrorCode::OK;
@@ -998,16 +1022,7 @@ vector<uint32_t> KeyMintAidlTestBase::ValidKeySizes(Algorithm algorithm) { 
            }

            break;

        case Algorithm::EC:

            switch (SecLevel()) {

                case SecurityLevel::SOFTWARE:

                case SecurityLevel::TRUSTED_ENVIRONMENT:

                    return {224, 256, 384, 521};

                case SecurityLevel::STRONGBOX:

                    return {256};

                default:

                    ADD_FAILURE() << "Invalid security level " << uint32_t(SecLevel());

                    break;

            }

            ADD_FAILURE() << "EC keys must be specified by curve not size";

            break;

        case Algorithm::AES:

            return {128, 256};
@@ -1123,9 +1138,11 @@ vector<EcCurve> KeyMintAidlTestBase::ValidCurves() { 
}



vector<EcCurve> KeyMintAidlTestBase::InvalidCurves() {

    if (SecLevel() == SecurityLevel::TRUSTED_ENVIRONMENT) return {};

    CHECK(SecLevel() == SecurityLevel::STRONGBOX);

    if (SecLevel() == SecurityLevel::STRONGBOX) {

        return {EcCurve::P_224, EcCurve::P_384, EcCurve::P_521};

    } else {

        return {};

    }

}



vector<Digest> KeyMintAidlTestBase::ValidDigests(bool withNone, bool withMD5) {
@@ -1293,9 +1310,9 @@ bool verify_attestation_record(const string& challenge, // 
    AuthorizationSet att_sw_enforced;

    AuthorizationSet att_hw_enforced;

    uint32_t att_attestation_version;

    uint32_t att_keymaster_version;

    uint32_t att_keymint_version;

    SecurityLevel att_attestation_security_level;

    SecurityLevel att_keymaster_security_level;

    SecurityLevel att_keymint_security_level;

    vector<uint8_t> att_challenge;

    vector<uint8_t> att_unique_id;

    vector<uint8_t> att_app_id;
@@ -1304,8 +1321,8 @@ bool verify_attestation_record(const string& challenge, // 
                                          attest_rec->length,               //

                                          &att_attestation_version,         //

                                          &att_attestation_security_level,  //

                                          &att_keymaster_version,           //

                                          &att_keymaster_security_level,    //

                                          &att_keymint_version,             //

                                          &att_keymint_security_level,      //

                                          &att_challenge,                   //

                                          &att_sw_enforced,                 //

                                          &att_hw_enforced,                 //
@@ -1324,14 +1341,14 @@ bool verify_attestation_record(const string& challenge, // 
        expected_sw_enforced.push_back(TAG_ATTESTATION_APPLICATION_ID, appId);

    }



    EXPECT_EQ(att_keymaster_version, 100U);

    EXPECT_EQ(security_level, att_keymaster_security_level);

    EXPECT_EQ(att_keymint_version, 100U);

    EXPECT_EQ(security_level, att_keymint_security_level);

    EXPECT_EQ(security_level, att_attestation_security_level);





    char property_value[PROPERTY_VALUE_MAX] = {};

    // TODO(b/136282179): When running under VTS-on-GSI the TEE-backed

    // keymaster implementation will report YYYYMM dates instead of YYYYMMDD

    // keymint implementation will report YYYYMM dates instead of YYYYMMDD

    // for the BOOT_PATCH_LEVEL.

    if (avb_verification_enabled()) {

        for (int i = 0; i < att_hw_enforced.size(); i++) {
@@ -1370,13 +1387,6 @@ bool verify_attestation_record(const string& challenge, // 
        EXPECT_TRUE(expected_hw_enforced.Contains(TAG_NO_AUTH_REQUIRED));

    }



    // Alternatively this checks the opposite - a false boolean tag (one that isn't provided in

    // the authorization list during key generation) isn't being attested to in the certificate.

    EXPECT_FALSE(expected_sw_enforced.Contains(TAG_TRUSTED_USER_PRESENCE_REQUIRED));

    EXPECT_FALSE(att_sw_enforced.Contains(TAG_TRUSTED_USER_PRESENCE_REQUIRED));

    EXPECT_FALSE(expected_hw_enforced.Contains(TAG_TRUSTED_USER_PRESENCE_REQUIRED));

    EXPECT_FALSE(att_hw_enforced.Contains(TAG_TRUSTED_USER_PRESENCE_REQUIRED));



    if (att_hw_enforced.Contains(TAG_ALGORITHM, Algorithm::EC)) {

        // For ECDSA keys, either an EC_CURVE or a KEY_SIZE can be specified, but one must be.

        EXPECT_TRUE(att_hw_enforced.Contains(TAG_EC_CURVE) ||
@@ -1442,9 +1452,7 @@ bool verify_attestation_record(const string& challenge, // 


    att_sw_enforced.Sort();

    expected_sw_enforced.Sort();

    auto a = filtered_tags(expected_sw_enforced);

    auto b = filtered_tags(att_sw_enforced);

    EXPECT_EQ(a, b);

    EXPECT_EQ(filtered_tags(expected_sw_enforced), filtered_tags(att_sw_enforced));



    att_hw_enforced.Sort();

    expected_hw_enforced.Sort();

security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h

+3 −1
Original line number Diff line number Diff line
@@ -76,6 +76,8 @@ class KeyMintAidlTestBase : public ::testing::TestWithParam<string> { 
    uint32_t os_version() { return os_version_; }

    uint32_t os_patch_level() { return os_patch_level_; }

    uint32_t vendor_patch_level() { return vendor_patch_level_; }

    uint32_t boot_patch_level(const vector<KeyCharacteristics>& key_characteristics);

    uint32_t boot_patch_level();



    ErrorCode GetReturnErrorCode(const Status& result);
@@ -253,7 +255,7 @@ class KeyMintAidlTestBase : public ::testing::TestWithParam<string> { 
        /* ECDSA */

        KeyData ecdsaKeyData;

        AuthorizationSetBuilder ecdsaBuilder = AuthorizationSetBuilder()

                                                       .EcdsaSigningKey(256)

                                                       .EcdsaSigningKey(EcCurve::P_256)

                                                       .Authorization(tagToTest)

                                                       .Digest(Digest::SHA_2_256)

                                                       .Authorization(TAG_NO_AUTH_REQUIRED)

security/keymint/aidl/vts/functional/KeyMintTest.cpp

+209 −107

File changed.

Preview size limit exceeded, changes collapsed.