Merge "KeyMint: improve HAL spec and tests" into sc-dev am: bad3aebaeb (be3c6396) · Commits · e / os / android_hardware_interfaces

security/keymint/aidl/android/hardware/security/keymint/Tag.aidl

+1 −1

Original line number	Diff line number	Diff line
		@@ -234,7 +234,7 @@ enum Tag {
		* IKeyMintDevice::earlyBootEnded() is called. Early boot keys may be created after
		* early boot. Early boot keys may not be imported at all, if Tag::EARLY_BOOT_ONLY is
		* provided to IKeyMintDevice::importKey, the import must fail with
		* ErrorCode::INVALID_ARGUMENT.
		* ErrorCode::EARLY_BOOT_ENDED.
		*/
		EARLY_BOOT_ONLY = (7 << 28) /* TagType:BOOL */ \| 305,

+15 −1

Original line number	Diff line number	Diff line
		@@ -39,7 +39,21 @@ enum TagType {
		DATE = 6 << 28,
		/** Boolean. If a tag with this type is present, the value is "true". If absent, "false". */
		BOOL = 7 << 28,
		/** Byte string containing an arbitrary-length integer, big-endian ordering. */
		/**
		* Byte string containing an arbitrary-length integer, in a two's-complement big-endian
		* ordering. The byte array contains the minimum number of bytes needed to represent the
		* integer, including at least one sign bit (so zero encodes as the single byte 0x00. This
		* matches the encoding of both java.math.BigInteger.toByteArray() and contents octets for an
		* ASN.1 INTEGER value (X.690 section 8.3). Examples:
		* - value 65536 encodes as 0x01 0x00 0x00
		* - value 65535 encodes as 0x00 0xFF 0xFF
		* - value 255 encodes as 0x00 0xFF
		* - value 1 encodes as 0x01
		* - value 0 encodes as 0x00
		* - value -1 encodes as 0xFF
		* - value -255 encodes as 0xFF 0x01
		* - value -256 encodes as 0xFF 0x00
		*/
		BIGNUM = 8 << 28,
		/** Byte string */
		BYTES = 9 << 28,

+4 −2

Original line number	Diff line number	Diff line
		@@ -180,7 +180,9 @@ TEST_P(AttestKeyTest, RsaAttestedAttestKeys) {
		auto subject = "cert subj 2";
		vector<uint8_t> subject_der(make_name_from_str(subject));

		uint64_t serial_int = 66;
		// An X.509 certificate serial number SHOULD be >0, but this is not policed. Check
		// that a zero value doesn't cause problems.
		uint64_t serial_int = 0;
		vector<uint8_t> serial_blob(build_serial_blob(serial_int));

		/*
		@@ -223,7 +225,7 @@ TEST_P(AttestKeyTest, RsaAttestedAttestKeys) {
		auto subject2 = "cert subject";
		vector<uint8_t> subject_der2(make_name_from_str(subject2));

		uint64_t serial_int2 = 987;
		uint64_t serial_int2 = 255;
		vector<uint8_t> serial_blob2(build_serial_blob(serial_int2));

		EXPECT_EQ(ErrorCode::OK,

+2 −2

Original line number	Diff line number	Diff line
		@@ -75,7 +75,7 @@ TEST_P(DeviceUniqueAttestationTest, RsaNonStrongBoxUnimplemented) {
		.Authorization(TAG_DEVICE_UNIQUE_ATTESTATION),
		&key_blob, &key_characteristics);

		ASSERT_EQ(result, ErrorCode::INVALID_ARGUMENT);
		ASSERT_TRUE(result == ErrorCode::INVALID_ARGUMENT \|\| result == ErrorCode::UNSUPPORTED_TAG);
		}

		/*
		@@ -101,7 +101,7 @@ TEST_P(DeviceUniqueAttestationTest, EcdsaNonStrongBoxUnimplemented) {
		.Authorization(TAG_DEVICE_UNIQUE_ATTESTATION),
		&key_blob, &key_characteristics);

		ASSERT_EQ(result, ErrorCode::INVALID_ARGUMENT);
		ASSERT_TRUE(result == ErrorCode::INVALID_ARGUMENT \|\| result == ErrorCode::UNSUPPORTED_TAG);
		}

		/*

+8 −0

Original line number	Diff line number	Diff line
		@@ -1185,6 +1185,14 @@ vector<uint8_t> build_serial_blob(const uint64_t serial_int) {
		return {};
		}

		if (serial_blob.empty() \|\| serial_blob[0] & 0x80) {
		// An empty blob is OpenSSL's encoding of the zero value; we need single zero byte.
		// Top bit being set indicates a negative number in two's complement, but our input
		// was positive.
		// In either case, prepend a zero byte.
		serial_blob.insert(serial_blob.begin(), 0x00);
		}

		return serial_blob;
		}