Cross Reference: /system/keymaster/android_keymaster

History log of /system/keymaster/android_keymaster_test.cpp
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
f4724998100e9eaa43e72dc8d42186d4c33863f2	10-May-2017	Shawn Willden <swillden@google.com>	Add attestation app ID to attestation unit tests Attestation now requires an app ID, but the tests hadn't been updated to match. Test: Ran unit tests. They built and passed. Change-Id: I92d54b2793cb5c98d063a31479f3e4d0009adcfa /system/keymaster/android_keymaster_test.cpp
6377b1c74de9ac4ca493c759799fd41ba7a1e4d3	10-May-2017	Shawn Willden <swillden@google.com>	Fix android_keymaster_test crashes. Test: Manually ran unit tests Change-Id: I5a19ab1f015b9b86248fb45f0477293db6d066c3 /system/keymaster/android_keymaster_test.cpp
c3e7ff3e420b0871cbb241514c3bad97a30dab6a	21-Nov-2016	Shawn Willden <swillden@google.com>	Enforce minimum and maximum key size requirements on HMAC keys. Test: This is to fix a CTS test failure. Also, this CL adds unit tests. Change-Id: I0fff724e3f1a61482f5ee65fad1d5fa9d6f6d4a4 /system/keymaster/android_keymaster_test.cpp
3560f7be392fa7f59844b8c5c54c2d75a62aad7b	01-Dec-2016	Shawn Willden <swillden@google.com>	Fully support input to finish() in SoftKeymasterDevice. SoftKeymasterDevice did not support sending input data to finish() when wrapping keymaster1 hardware. Test: CL includes unit tests Change-Id: Ia1e30295904e93093e1ef7b0514304fbb424bbb7 /system/keymaster/android_keymaster_test.cpp
2c3769c267c3fbbfb4edafad0d2518670914aac8	13-Oct-2016	Shawn Willden <swillden@google.com>	Modify SoftKeymasterDevice to fully handle keymaster1 devices When SoftKeymasterDevice is wrapping a keymaster1 device that does not implement all of the required digests, it simply rejects creation or import of HMAC keys that use an unsupported digest. This works only because keystore has a "fallback" software-only device which will be used to handle the issue. Treblization makes that fallback device rather weird. To allow removal of the fallback device, SoftKeymasterDevice needs to allow creation and import of HMAC keys that cannot be supported by the underlying hardware, creating a software-based key and using the software implementation for operations. This CL makes it do that. Test: Tested by running dev machine unit tests. Bug: 32020919 Change-Id: I6cdb5d57dc3360c279bf94a402c3b8fe3d673950 /system/keymaster/android_keymaster_test.cpp
f4927e7b1430fd816c85ffa1e08a4c0b35e3974f	04-Dec-2016	Shawn Willden <swillden@google.com>	Fix memory leak in unit tests. Test: This is the test. Verify with "make memcheck". Change-Id: I5e88fd7241b2bb2c235df37db79d26078025e042 /system/keymaster/android_keymaster_test.cpp
d328fa57b29a17ee5d65ae5e64969bb24ff92661	28-Apr-2016	TreeHugger Robot <treehugger-gerrit@google.com>	Merge changes I8705aac6,I27d98b71 into nyc-dev am: ec4c9ef am: 89a1084 * commit '89a1084424544bf2430c504122037bea536fad40': Add EC curve tag to keymaster1 SoftKeymaster1 attestations. Fix SoftKeymaster handling of EC curve specification. Change-Id: Idddfb7a82c68b1f89b6d10bb83d5a06abe5b92d9
ba0d5d01bde427b7d7a22cec84cd9304c00b4e14	25-Apr-2016	Shawn Willden <swillden@google.com>	Fix SoftKeymaster handling of EC curve specification. Keymaster2 should accept EC curve specification either by key size (as done in KM1) or with the new KM_TAG_EC_CURVE, filling in the other value if not specified, and validating that they match if both are provided. SoftKeymaster doesn't correctly implement this KM2 requirement. Bug: 28365747 Change-Id: I27d98b71730b69bb2f0c2543af6c027b1a5670f1 /system/keymaster/android_keymaster_test.cpp
aa555cf66dc0220ba2295e3d8179aca80eac59e4	26-Apr-2016	Chih-Hung Hsieh <chh@google.com>	Fix google-explicit-constructor warnings. am: 03d4b6d am: cf9063e * commit 'cf9063e2f1759af25ac2a4c16ffcb29e6b738b89': Fix google-explicit-constructor warnings. Change-Id: I6435f5722c4916904d18bc220c3a21baddd8ff4f
03d4b6d531eb8c2ebcb4d572a3bf118c70a83ff6	25-Apr-2016	Chih-Hung Hsieh <chh@google.com>	Fix google-explicit-constructor warnings. Bug: 28341362 Change-Id: I211a131920282b00558efeb28806e94dc892d378 /system/keymaster/android_keymaster_test.cpp
c636e187cb4cb6c5b07fab9bb5d27878690376de	10-Mar-2016	Shawn Willden <swillden@google.com>	Implement key version binding. Change-Id: If0f3bc12380b8b65bf1e60d5d8d039eb972c8a15 (cherry picked from commit cddf3a443abf64f3d77c48886693179c0b8a35bb) /system/keymaster/android_keymaster_test.cpp
c15af1910d8f451341d0068b5533816ace5defec	10-Mar-2016	Shawn Willden <swillden@google.com>	Implement key version binding. Change-Id: If0f3bc12380b8b65bf1e60d5d8d039eb972c8a15 /system/keymaster/android_keymaster_test.cpp
3609584c328ea66f95478dded394ad4697779450	10-Mar-2016	Shawn Willden <swillden@google.com>	Correct attestation record. This CL updates the attestation record content and format to match the final version published in the keymaster2 implementation guide. Change-Id: I112c7557b1c650420fd2fad78c8ed3fc9e34f24e /system/keymaster/android_keymaster_test.cpp
22dcdb75fc2d1aa9a25b9aadb65d4dcb31e8c647	03-Feb-2016	Shawn Willden <swillden@google.com>	Add version, challenge and unique ID to attestation. Bug: 22914603 Change-Id: I5ad9a97dd1eebb45c05eeaa4ceccfebcf4b69e03 /system/keymaster/android_keymaster_test.cpp
86a0b87bcc77bd24cedbcdc82699414de7345030	28-Jan-2016	Shawn Willden <swillden@google.com>	Revert "Revert "Add attestation support to SoftKeymaster."" This reverts commit 0fc3ef6f2de4f2204f121e3080a17203bf847cae. Change-Id: I658ad32b281ab74d3beeee66794b31f193e6d404 /system/keymaster/android_keymaster_test.cpp
0fc3ef6f2de4f2204f121e3080a17203bf847cae	28-Jan-2016	Shawn Willden <swillden@google.com>	Revert "Add attestation support to SoftKeymaster." This reverts commit fc3cafd487e69c84d83444e1d129d0ab131c4e3d. Change-Id: I1fb38db044c4039be04d1f75fb89ca9a6404321f /system/keymaster/android_keymaster_test.cpp
5dfdd6679189f5de34018f4f83ccde14a5ebfde3	28-Jan-2016	Shawn Willden <swillden@google.com>	Add attestation support to SoftKeymaster. am: fc3cafd487 am: 231a98f097 * commit '231a98f0977ce41778a50925ae3f8bf0749db608': Add attestation support to SoftKeymaster.
fc3cafd487e69c84d83444e1d129d0ab131c4e3d	11-Jan-2016	Shawn Willden <swillden@google.com>	Add attestation support to SoftKeymaster. Bug: 22914603 Change-Id: I7650f1b691665bce3024556c2ea38e122c9cb2cf /system/keymaster/android_keymaster_test.cpp
5c3e38b3f972125e36ef0540bde68c3dfb89f4e8	26-Jan-2016	Shawn Willden <swillden@google.com>	Update unit tests to use keymaster2 interface. am: 1937c715b3 am: f7c4bdbd02 * commit 'f7c4bdbd025e6c20647ee5575d29bce144e1491e': Update unit tests to use keymaster2 interface.
b6179f4bec118299e89ce1b6ef6480570880afd9	26-Jan-2016	Shawn Willden <swillden@google.com>	Set RSA PSS salt length equal to digest length. This is for compatibility with Bouncy Castle. Bug: 25770609 Change-Id: I2ada4d7b24711fc8d49a031ce04cbcf19fb949c0 /system/keymaster/android_keymaster_test.cpp
1937c715b39044e024e9eda98a09dee84142e9b2	06-Jan-2016	Shawn Willden <swillden@google.com>	Update unit tests to use keymaster2 interface. We no longer test the keymaster1 interface. That's okay, because it will be gone shortly. Change-Id: Id30c2fcda5d535165a0081a783b2252c112e5474 /system/keymaster/android_keymaster_test.cpp
01d8f24c45067bc3d909e3aae9a72582f3c985a1	16-Nov-2015	Shawn Willden <swillden@google.com>	Fix pass-through of deletion on wrapped KM0 and KM1. SoftKeymasterDevice was incorrectly directly sending deletion requests to wrapped hardware. In some cases the key blob passed in by SoftKeymasterDevice is a hardware blob encapsulated by a wrapper, and we need to remove the encapsulation before passing it on. Bug: 25676862 Change-Id: Ic315c6b08d9ec15aa0be8f28f485a221bc7f1135 /system/keymaster/android_keymaster_test.cpp
e9fb087a8245e26483e8865515c919c83ed84c5b	23-Oct-2015	Shawn Willden <swillden@google.com>	Return correct error from keymaster0engine for large RSA input Also, ensure that we always put some error on the OpenSSL error queue whenever a wrapped keymaster0 operation fails. Higher layers will look a the last entry on the queue and use it to determine what error code to return. Not putting any error on the queue means that those higher layers will get whatever error was last enqueued, making the result effectively random. Non-determinism bad. Bug: 25337630 Change-Id: I701ab735dd089f5258b2252f543906d9f3baa7a2 /system/keymaster/android_keymaster_test.cpp
b492f7082a7a95dc9360f40ea829c458f5d0b5a9	16-Oct-2015	Shawn Willden <swillden@google.com>	Fix incorrect initializer in keymaster tests. Change-Id: Ic78b0fa12bda1cd361fd505e13002651861c72ef /system/keymaster/android_keymaster_test.cpp
2ff74dcb3817ae32850e23e3a70bcf8cb274d442	28-Jul-2015	Shawn Willden <swillden@google.com>	Do digesting, and sometimes padding, in SW when HW doesnt. The keymaster1 specification only requires HW modules to implement SHA256 out of the list of keymaster1 digest modes. That would force many keys to be software only, and would break legacy scenarios. This change uses SoftKeymasterDevice to front keymaster modules that don't implement the full suite of digests, quietly inserting KM_DIGEST_NONE and KM_PAD_NONE into key generation/import requests when necessary, then performing the digesting, and sometimes padding, in software, then delegating crypto operations to the hardware. This is only done for RSA and EC keys. Software digesting isn't possible for HMAC or AES-GCM keys. Note that this is not the complete fix for the bug. Some changes in keystore are also required, coming in another CL. Bug: 24873723 Change-Id: I740572eb11341fb0659085309da01d5cbcd3854d /system/keymaster/android_keymaster_test.cpp
c0a63805e4f21e46cc533ec0938306ca997c9a2d	30-Jul-2015	Shawn Willden <swillden@google.com>	Left-pad messages when doing "unpadded" RSA operations. When RSA messages that are shorter than the key size, and padding is not applied, BoringSSL (sensbibly) refuses, because odds are very high that the caller is doing something dumb. However, this causes some (dumb) things that used to work to no longer work. This CL also fixes the error code returned when a message is signed or encrypted which is the same length as the public modulus but is numerically larger than or equal to the public modulus. Rather than KM_ERROR_UNKNOWN_ERROR, it now returns KM_ERROR_INVALID_ARGUMENT. Bug: 22599805 Change-Id: I99aca5516b092f3676ffdc6c5de39f2777e3d275 /system/keymaster/android_keymaster_test.cpp
df5eec89e97846edd3bda871e55dc03266476b62	30-Jul-2015	Shawn Willden <swillden@google.com>	Merge "Revert "Revert "Report keymaster0 keys as hardware-backed, origin unknown.""" into mnc-dev
34f09c52b08e654b8b76d9796240a5104c13a4a8	24-Jul-2015	Shawn Willden <swillden@google.com>	Revert "Revert "Report keymaster0 keys as hardware-backed, origin unknown."" This reverts commit 0e0cea3bc8aea903a50c1ee18e9f3309e9f67515. Bug: 22511313 Change-Id: I9c31b8ef604d961e20652c69498324b9dfce5911 /system/keymaster/android_keymaster_test.cpp
5cf45028751471f79d9f8a390f64fe9412acd53a	20-Jul-2015	Shawn Willden <swillden@google.com>	Make NONE mean NONE only (not ANY) KM_DIGEST_NONE and KM_PAD_NONE have implicit meanings of "any digest" and "any padding", respectively, as well as the expected meanings of "no digest" and "no padding". This CL changes that so they mean only "no digest" and "no padding". Bug: 22556114 Change-Id: I7b0b4c079067d85ba1aa39ae7edf0c6b17a9a500 /system/keymaster/android_keymaster_test.cpp
3ac35814df71dce203c9b3cc1a937b178f7dc9c7	28-Jul-2015	Shawn Willden <swillden@google.com>	Merge "Use minimum 20 bytes salt for RSA PSS." into mnc-dev
0e0cea3bc8aea903a50c1ee18e9f3309e9f67515	23-Jul-2015	Shawn Willden <swillden@google.com>	Revert "Report keymaster0 keys as hardware-backed, origin unknown." This reverts commit 9972a539acb4d17368ee607465d61b48acd71bde. Change-Id: Id5beb9c8ae8f3b106adc5f5e62eca0194b926be8 /system/keymaster/android_keymaster_test.cpp
53488c665d57bf64ed7cf45b72599cff29c517c3	17-Jul-2015	Shawn Willden <swillden@google.com>	Use minimum 20 bytes salt for RSA PSS. This is for compatibility with Bouncy Castle. Bug: 22492259 Change-Id: I753e5fd223404ba960b6a35862bbd20f519f369b /system/keymaster/android_keymaster_test.cpp
9972a539acb4d17368ee607465d61b48acd71bde	16-Jul-2015	Shawn Willden <swillden@google.com>	Report keymaster0 keys as hardware-backed, origin unknown. Bug: 22511313 Change-Id: I699df8010e27a546b2186896890c0099bfb149ae /system/keymaster/android_keymaster_test.cpp
33ab0389e908b98702806c746e7babc0d46eb452	08-Jul-2015	Shawn Willden <swillden@google.com>	Add support for KM_TAG_MIN_MAC_LENGTH. HMAC and AES-GCM keys must be bound to a mininum MAC/tag length at creation, and operations may not specify a length smaller than the minimum, or provide a length smaller than the minimum during verification. Bug: 22337277 Change-Id: Id5ae2f4259045ba1418c28e9de8f4a47e67fd433 /system/keymaster/android_keymaster_test.cpp
7d05d88dc44b18e0350f7fe8d28c20f2f643bb80	10-Jul-2015	Shawn Willden <swillden@google.com>	Use specified digest for RSA OAEP. Bug: 22405614 Change-Id: Ia5eb67a571a9d46acca4b4e708bb8178bd3acd0d /system/keymaster/android_keymaster_test.cpp
0d061c80d06f94291568e725f9eb649962a80352	09-Jul-2015	Shawn Willden <swillden@google.com>	Truncate too-long digests for keymaster 0 ECDSA sign operations BoringSSL doesn't pre-truncate too-long digests before calling the ECDSA sign operation via the ENGINE interface, and TrustyKeymaster is picky about accepting them. This means that trying to sign a message with, say, a 256-bit key and a 384-bit hash fails on Volantis. This CL also corrects an error in get_supported_digests for ECDSA, which was advertising support for MD5. BoringSSL doesn't support ECDSA with MD5 and we're not offering it in the JCA API, so the solution is simply not to advertise it and to return a better error code if it's requested anyway. Bug: 22355708 Change-Id: Iba2dad6953db7eda23951760b734f499a13c5191 /system/keymaster/android_keymaster_test.cpp
e23a2c91145e2294915e5d0cc5d7591c1aa82aca	06-Jul-2015	Shawn Willden <swillden@google.com>	Fix enforcement of block mode and MAC length on AES ops Bug: 22301168 Change-Id: I54b4efffa1786b08704dd6e785360870f155ed80 /system/keymaster/android_keymaster_test.cpp
5532a085818bdf27ede33c9199024b86023e5961	01-Jul-2015	Shawn Willden <swillden@google.com>	Allow any padding mode to be used with keys with KM_PAD_NONE. Bug: 22229156 Change-Id: I5de66c3ed86244452e7776bff9523e35030713e9 /system/keymaster/android_keymaster_test.cpp
ebc99a15e324d9f1cfaf681a8c95676984f16f08	26-Jun-2015	Shawn Willden <swillden@google.com>	Support creation and use of HMAC keys with KM_DIGEST_NONE KM_DIGEST_NONE should mean "any digest" when applied to HMAC keys, allowing any valid digest to be specified during begin() of an HMAC signature or verification operation. Bug: 22119295 Change-Id: I4698435f5d7aaf0a2f66b9c7aa4097f60c9c6eb3 /system/keymaster/android_keymaster_test.cpp
ada4850659d484dd5ece26dde73072bef16c1517	25-Jun-2015	Shawn Willden <swillden@google.com>	Add authorization enforcement to AndroidKeymaster. Note: Moving List.h into system/keymaster is unfortunate, but required to allow Trusty to use it. b/22088154 tracks cleaning this up. Bug: 19511945 Change-Id: Ia1dfe5fda5ea78935611b0a7656b323770edcbae /system/keymaster/android_keymaster_test.cpp
2101e9e8215cce6da36d8d7382486737b68e8c93	24-Jun-2015	Shawn Willden <swillden@google.com>	Handle ECDSA messages that may be a few bits longer than the key. Also fix an RSA error message. Bug: 22064177 Change-Id: If52b29a3e870e0318d9ecc0f124074a013cb491a /system/keymaster/android_keymaster_test.cpp
0afa3c8a03fc817279bdf0f46abe3dc7a3fd53e1	22-Jun-2015	Shawn Willden <swillden@google.com>	Require and handle digest for OAEP mode. Bug: 21998286 Change-Id: I03b21da6a71b7a7a01f3743f01925719191b0124 /system/keymaster/android_keymaster_test.cpp
d530305019e1ccc1e30a4f8edeb88db3d126e235	22-Jun-2015	Shawn Willden <swillden@google.com>	Validate input sizes for RSA and ECDSA signing/verification ops. Bug: 21955742 Change-Id: I4385a6539229b174facd5f04ce0391e2e8c3608d /system/keymaster/android_keymaster_test.cpp
294a2db0e5f2eb46d84e4f5c9ce25245ac474147	17-Jun-2015	Shawn Willden <swillden@google.com>	Don't enforce purpose, digest or padding on public key operations Bug: 21877150 Change-Id: Iaf00c94aaca892a154aea7aa4e3828bfbd8d9630 /system/keymaster/android_keymaster_test.cpp
34419130408d2a6dcadd7b0f1b6d2c9c4002bbac	09-Jun-2015	Shawn Willden <swillden@google.com>	GCM tags in ciphertext, rather than in params. Also, handle AAD correctly. Bug: 21786749 Change-Id: I26a413f39daf3bd946ed494c7c3b5c6f559fb30b /system/keymaster/android_keymaster_test.cpp
c7fe06da6dd4a7e5416a8b68a57ba563fbce72a0	11-Jun-2015	Shawn Willden <swillden@google.com>	Restore support for old unversioned OCB-encrypted blobs. This support was inadvertently removed in a refactor. There aren't many of these keys around, since they were only created by pre-release verions of Nexus 9 software, but we'll support them anyway. Change-Id: I46c4e9a2866c02b8030d7aef97bb64c45441168b /system/keymaster/android_keymaster_test.cpp
bfd9ed7f5c50cdfa310cb0f21c7706e99b780738	11-Jun-2015	Shawn Willden <swillden@google.com>	Make KM_PAD_NONE and KM_DIGEST_NONE mean any padding or digest. Bug: 21777596 Change-Id: I3574156902c8e28b42f36462a9aef3f11ce938d3 /system/keymaster/android_keymaster_test.cpp
3e37f0a2c3ccd3606aed6dc4aea4a2c8c6cf7f55	03-Jun-2015	Chad Brubaker <cbrubaker@google.com>	Fix unused variable issues Also adds -Wunused to bring gcc's -Werror inline with clang's to prevent similar build errors later. Bug:21583577 Change-Id: Ia051adbb3ea92a8ace914ad958a73348d70cca17 /system/keymaster/android_keymaster_test.cpp
ccb84e9118c6a89fedbb2be68bb629a0063eeda5	03-Jun-2015	Shawn Willden <swillden@google.com>	Fix support of HW keymaster0 keys. Bug: 21593823 Change-Id: Id9ed06b1c6805b1cff36577910715eda7727eef4 /system/keymaster/android_keymaster_test.cpp
0f39256c68dc689b2eb8b604c4d39f17b9300363	02-Jun-2015	Shawn Willden <swillden@google.com>	Add AES-GCM mode. Bug: 19919114 Change-Id: I27efed097efbd93d587a50f5d82fad80a96e7527 /system/keymaster/android_keymaster_test.cpp
30160842424ee43690247a0ec4e2858d2bb5d694	01-Jun-2015	Shawn Willden <swillden@google.com>	Add support for unpadded RSA encryption. Bug: 21499189 Change-Id: I895e566f769691f70f431b2ed139e0c94b0f6ab9 /system/keymaster/android_keymaster_test.cpp
2bf4ad32f195bd734e4d7e7d4ac52c051f182fbf	01-Jun-2015	Shawn Willden <swillden@google.com>	Support all digests for RSA. Also switch to using the EVP APIs where possible for RSA ops. Change-Id: I092a5c7598073980d36ce5137cfe17f0499a10b9 /system/keymaster/android_keymaster_test.cpp
efbd7e432228cf1e65abb6d85dffa38ec03f7a26	01-Jun-2015	Shawn Willden <swillden@google.com>	Add support for all digests for ECDSA. Also, switch to useing the EVP API rather than the ECDSA API. Bug: 21048758 Change-Id: I088b3332285ce2060cac5a7282ec42bea2fa5950 /system/keymaster/android_keymaster_test.cpp
6270aca8571399aca8ea538acd7386ddecdcc112	26-May-2015	Shawn Willden <swillden@google.com>	Delegate ECDSA keys to keymaster0 in SoftKeymasterDevice. Bug: 20912868 Change-Id: If63899e3244aed45d939d0165e6d94a1caa9d220 /system/keymaster/android_keymaster_test.cpp
4f83b89b2bdb1dacfa1c208786e29c0cd66f0b15	26-May-2015	Shawn Willden <swillden@google.com>	Fix broken ECDSA default key size test. Change-Id: I3b98c0e0463efcbe3d7498a2f71353ed669a11d9 /system/keymaster/android_keymaster_test.cpp
2beb628bfefae72fa6bb84a6235da7e3de532823	21-May-2015	Shawn Willden <swillden@google.com>	Delegate RSA keys to keymaster0 in SoftKeymasterDevice. Bug: 20912868 Change-Id: I515a125f1247357d2cd9b4633c3b223590848093 /system/keymaster/android_keymaster_test.cpp
58427c44b9261035351d2eee604a299c0b46dbb4	20-May-2015	Shawn Willden <swillden@google.com>	Make Keymaster1Test parameterizable. This enabled running the same test suite across different implementations. Bug: 20912868 Change-Id: Iaa2c4bcb38224d090aa54184a042375eb835ad60 /system/keymaster/android_keymaster_test.cpp
7bae132f732a73dc53b5ffc5e3eed0176e93a00c	26-May-2015	Shawn Willden <swillden@google.com>	Fix off-by-one error in PKCS#1 v1.5 encryption padding size. Change-Id: I0fdfe3223b351d4a064e5dac0aa5d732fa0ab073 /system/keymaster/android_keymaster_test.cpp
0cb6942d3efb6c056f96321c82a4b3d86af601d6	26-May-2015	Shawn Willden <swillden@google.com>	Revert "Revert "Large refactor to move context out of AndroidKeymaster."" This reverts commit 13fbe3e93247943c26e7ca2ed27b6d650282b8bf. Bug: 20912868, 19799085 Change-Id: Iadd6ce5cbe94956c2a2fe277f1bf5b108e4bcf57 /system/keymaster/android_keymaster_test.cpp
13fbe3e93247943c26e7ca2ed27b6d650282b8bf	23-May-2015	Shawn Willden <swillden@google.com>	Revert "Large refactor to move context out of AndroidKeymaster." This reverts commit 8ba2a043f0d44ad3f58d4af518f9391c03eca9c3. I need to update the Volantis non-secure code in sync. Reverting while I get that done. Change-Id: I0fb9f928e7e624ad678050a04bb873b43b1c9a48 /system/keymaster/android_keymaster_test.cpp
8ba2a043f0d44ad3f58d4af518f9391c03eca9c3	18-May-2015	Shawn Willden <swillden@google.com>	Large refactor to move context out of AndroidKeymaster. AndroidKeymaster made a number of assumptions about its context that are really only valid for TEE-based usage. In addition, KeyFactory made some similarly TEE-focused assumptions about key blob creation and parsing. Both concerns have been moved to a new KeymasterContext class, which is responsible for building and parsing key blobs in a manner appropriate for the context in which AndroidKeymaster is running, as well as providing other context-specific services, such as random number generation. In addition, the refactor reduces the need for the KeyBlob and UnencryptedKeyBlob classes, which encode too many assumptions about blob formatting and encryption, to the point that they can be removed and replaced by a handful of utility functions which are much cleaner and more flexible. How to review this CL: I looked hard at breaking this up into smaller CLs, but it's mostly not feasible. However, it's probably easier to approach it by starting with the fundamental changes, and then looking at the cascade effects. 1. Look at keymaster_context.h. The core of the change was pulling this set of features out of AndroidKeymaster. Note that the revised approach to key blob creation does not involve the KeyBlob and UnencryptedKeyBlob classes, but instead goes directly from raw key material plus ancillary data (e.g. auth sets) to a serialized buffer ready to return to keystore. The same is true in reverse direction for parsing key blobs. 2. Look at key.h. The revised KeyFactory GenerateKey, ImportKey and LoadKey methods are essential. GenerateKey and ImportKey no longer produce a Key object, because all that's needed is a returnable blob. LoadKey produces a Key object, but it starts with raw key material, rather than an UnencryptedKeyBlob. Also note the change to the Key class; because Key objects are only created by LoadKey, when there's a need to use a key, there's only one constructor. 3. Look at asymmetric_key.h, rsa_key.h and rsa_key.cpp. rsa_key.cpp provides a good example of how the new structure works. GenerateKey and ImportKey do all of the work necessary to produce an OpenSSL RSA key and extract the internal representation (using EvpToKeyMaterial; defined in asymmetric_key.h because it's the same for EC keys). Then, with the raw key data in hand, they call KeymasterContext::CreateKeyBlob to wrap the key data in a key blob that can be returned to the caller -- whatever that wrapping means in the current context. There's a subtlety not apparent here which is crucial to the rationale for the refactoring: RsaKeyFactory uses KeymasterContext::get_instance to retrieve the context, but key factories which depend on operating in a particular context can use a different way to get their context object, which may have a larger interface. RsaKeymaster0KeyFactory will do this. 4. Look at soft_keymaster_context. In particular, SoftKeymasterContext::CreateKeyBlob and ParseKeyBlob. CreateKeyBlob allocates authorization tags from key_description to hw_enforced and sw_enforced, then encrypts the key material and serializes it to a blob. This approach is compatible with the keys softkeymaster has been producing, but I'm going to change it (post M), because there's no reason to bother encrypting SW keys with a SW key. ParseKeyBlob reverses the process to recover the unencrypted key material and the auth lists. One debatable point was the decision to implement BuildHiddenAuthorizations and SetAuthorizations here, since all contexts will need something similar, and they really should all do it the same. I may refactor later to pull that functionality up to KeymasterContext; it will depend on what I learn implementing TrustyKeymasterContext and HybridKeymasterContext (used for the keymaster0 adapter). 5. Look at ocb_utils and auth_encrypted_key_blob. These contain the key encryption and key blob serialization code which was formerly split between AndroidKeymaster::SerializeKeyBlob, UnencryptedKeyBlob and KeyBlob, now divided into separate encryption and serialization utilities. Note the refactored key_blob_test.cpp, updated to use the new utilities rather than UnencryptedKeyBlob. 6. Look at soft_keymaster_device.cpp. Since KeyBlob no longer exists to provide a nice way to peer into a blob to extract the algorithm, for use in determining how to parse the keymaster0 signing key params (which come in as a void*, yuck), we now have to use get_key_characteristics to recover the params. This was the right way all along; the device layer should not depend on being able to parse key blobs. 7. The rest. Bug: 20912868, 19799085 Change-Id: Ieb74b8da39974f674eb8baa959bde75011fdd2e8 /system/keymaster/android_keymaster_test.cpp
b6837e7a62a1192e33beef586282812239ee8b28	16-May-2015	Shawn Willden <swillden@google.com>	Remove references to Google in Android keymaster reference implementation. Change-Id: I05de61353fc806b90232fab7c1d1cf76aefa35fc /system/keymaster/android_keymaster_test.cpp