Merge "Allow OTA package to contain fake AVB version"
diff --git a/audio/common/all-versions/test/utility/include/utility/EnvironmentTearDown.h b/audio/common/all-versions/test/utility/include/utility/EnvironmentTearDown.h
index a96d06e..7a08a54 100644
--- a/audio/common/all-versions/test/utility/include/utility/EnvironmentTearDown.h
+++ b/audio/common/all-versions/test/utility/include/utility/EnvironmentTearDown.h
@@ -37,7 +37,7 @@
class Environment : public ::testing::VtsHalHidlTargetTestEnvBase {
public:
using TearDownFunc = std::function<void()>;
- void registerTearDown(TearDownFunc&& tearDown) { tearDowns.push_back(std::move(tearDown)); }
+ void registerTearDown(TearDownFunc&& tearDown) { tearDowns.push_front(std::move(tearDown)); }
private:
void HidlTearDown() override {
diff --git a/boot/1.0/default/Android.bp b/boot/1.0/default/Android.bp
index 6cfbf32..67dee08 100644
--- a/boot/1.0/default/Android.bp
+++ b/boot/1.0/default/Android.bp
@@ -2,7 +2,8 @@
name: "android.hardware.boot@1.0-impl",
defaults: ["hidl_defaults"],
relative_install_path: "hw",
- vendor: true,
+ vendor_available: true,
+ recovery_available: true,
srcs: ["BootControl.cpp"],
shared_libs: [
diff --git a/compatibility_matrices/compatibility_matrix.3.xml b/compatibility_matrices/compatibility_matrix.3.xml
index caa3f89..e13d293 100644
--- a/compatibility_matrices/compatibility_matrix.3.xml
+++ b/compatibility_matrices/compatibility_matrix.3.xml
@@ -294,7 +294,7 @@
</hal>
<hal format="hidl" optional="true">
<name>android.hardware.power</name>
- <version>1.0-2</version>
+ <version>1.0-3</version>
<interface>
<name>IPower</name>
<instance>default</instance>
diff --git a/current.txt b/current.txt
index 5fa0337..628cd72 100644
--- a/current.txt
+++ b/current.txt
@@ -348,6 +348,8 @@
5e278fcaa3287d397d8eebe1c22aaa28150f5caae1cf9381cd6dc32cb37899c5 android.hardware.nfc@1.1::types
163e115e833fc1d77cdd4a8cf0c833bb8b8d74fe35c880fe693101d17774926f android.hardware.power@1.2::IPower
7899b9305587b2d5cd74a3cc87e9090f58bf4ae74256ce3ee36e7ec011822840 android.hardware.power@1.2::types
+5a464e6db53fad223986d655028a18185b73db8e2bfa9663f9042c9623eb0aa0 android.hardware.power@1.3::IPower
+a54a28d39b892d27a3cb06829181c038edcdd9e8eef359543b01e4313ae59aa0 android.hardware.power@1.3::types
ab132c990a62f0aca35871c092c22fb9c85d478e22124ef6a4d0a2302da76a9f android.hardware.radio@1.2::IRadio
cda752aeabaabc20486a82ac57a3dd107785c006094a349bc5e224e8aa22a17c android.hardware.radio@1.2::IRadioIndication
da8c6ae991c6a4b284cc6e445332e064e28ee8a09482ed5afff9d159ec6694b7 android.hardware.radio@1.2::IRadioResponse
diff --git a/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
index 77fd6f7..70a5205 100644
--- a/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
@@ -20,6 +20,7 @@
#include <iostream>
#include <openssl/evp.h>
+#include <openssl/mem.h>
#include <openssl/x509.h>
#include <android/hardware/keymaster/3.0/IKeymasterDevice.h>
@@ -322,11 +323,11 @@
char* cert_sub = X509_NAME_oneline(X509_get_subject_name(key_cert.get()), nullptr, 0);
EXPECT_STREQ("/CN=Android Keystore Key", cert_sub)
<< "Cert " << i << " has wrong subject. (Possibly b/38394614)";
- free(cert_sub);
+ OPENSSL_free(cert_sub);
}
- free(cert_issuer);
- free(signer_subj);
+ OPENSSL_free(cert_issuer);
+ OPENSSL_free(signer_subj);
if (dump_Attestations) std::cout << bin2hex(chain[i]) << std::endl;
}
diff --git a/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp b/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
index e266a86..c89abd9 100644
--- a/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
+++ b/keymaster/4.0/vts/functional/KeymasterHidlTest.cpp
@@ -16,6 +16,9 @@
#include "KeymasterHidlTest.h"
+#include <vector>
+
+#include <android-base/logging.h>
#include <android/hidl/manager/1.0/IServiceManager.h>
#include <keymasterV4_0/key_param_output.h>
@@ -383,12 +386,18 @@
AuthorizationSet begin_out_params;
EXPECT_EQ(ErrorCode::OK, Begin(operation, key_blob, in_params, &begin_out_params, &op_handle_));
+ string output;
+ size_t consumed = 0;
+ AuthorizationSet update_params;
+ AuthorizationSet update_out_params;
+ EXPECT_EQ(ErrorCode::OK,
+ Update(op_handle_, update_params, message, &update_out_params, &output, &consumed));
+
string unused;
AuthorizationSet finish_params;
AuthorizationSet finish_out_params;
- string output;
- EXPECT_EQ(ErrorCode::OK,
- Finish(op_handle_, finish_params, message, unused, &finish_out_params, &output));
+ EXPECT_EQ(ErrorCode::OK, Finish(op_handle_, finish_params, message.substr(consumed), unused,
+ &finish_out_params, &output));
op_handle_ = kOpHandleSentinel;
out_params->push_back(begin_out_params);
@@ -480,12 +489,20 @@
ASSERT_EQ(ErrorCode::OK,
Begin(KeyPurpose::VERIFY, key_blob, params, &begin_out_params, &op_handle_));
+ string output;
+ AuthorizationSet update_params;
+ AuthorizationSet update_out_params;
+ size_t consumed;
+ ASSERT_EQ(ErrorCode::OK,
+ Update(op_handle_, update_params, message, &update_out_params, &output, &consumed));
+ EXPECT_TRUE(output.empty());
+ EXPECT_GT(consumed, 0U);
+
string unused;
AuthorizationSet finish_params;
AuthorizationSet finish_out_params;
- string output;
- EXPECT_EQ(ErrorCode::OK,
- Finish(op_handle_, finish_params, message, signature, &finish_out_params, &output));
+ EXPECT_EQ(ErrorCode::OK, Finish(op_handle_, finish_params, message.substr(consumed), signature,
+ &finish_out_params, &output));
op_handle_ = kOpHandleSentinel;
EXPECT_TRUE(output.empty());
}
@@ -585,6 +602,112 @@
});
return retval;
}
+std::vector<uint32_t> KeymasterHidlTest::ValidKeySizes(Algorithm algorithm) {
+ switch (algorithm) {
+ case Algorithm::RSA:
+ switch (SecLevel()) {
+ case SecurityLevel::TRUSTED_ENVIRONMENT:
+ return {2048, 3072, 4096};
+ case SecurityLevel::STRONGBOX:
+ return {2048};
+ default:
+ CHECK(false) << "Invalid security level " << uint32_t(SecLevel());
+ break;
+ }
+ break;
+ case Algorithm::EC:
+ switch (SecLevel()) {
+ case SecurityLevel::TRUSTED_ENVIRONMENT:
+ return {224, 256, 384, 521};
+ case SecurityLevel::STRONGBOX:
+ return {256};
+ default:
+ CHECK(false) << "Invalid security level " << uint32_t(SecLevel());
+ break;
+ }
+ break;
+ case Algorithm::AES:
+ return {128, 256};
+ case Algorithm::TRIPLE_DES:
+ return {168};
+ case Algorithm::HMAC: {
+ std::vector<uint32_t> retval((512 - 64) / 8 + 1);
+ uint32_t size = 64 - 8;
+ std::generate(retval.begin(), retval.end(), [&]() { return (size += 8); });
+ return retval;
+ }
+ default:
+ CHECK(false) << "Invalid Algorithm: " << algorithm;
+ return {};
+ }
+ CHECK(false) << "Should be impossible to get here";
+ return {};
+}
+std::vector<uint32_t> KeymasterHidlTest::InvalidKeySizes(Algorithm algorithm) {
+ if (SecLevel() == SecurityLevel::TRUSTED_ENVIRONMENT) return {};
+ CHECK(SecLevel() == SecurityLevel::STRONGBOX);
+ switch (algorithm) {
+ case Algorithm::RSA:
+ return {3072, 4096};
+ case Algorithm::EC:
+ return {224, 384, 521};
+ default:
+ return {};
+ }
+}
+
+std::vector<EcCurve> KeymasterHidlTest::ValidCurves() {
+ if (securityLevel_ == SecurityLevel::STRONGBOX) {
+ return {EcCurve::P_256};
+ } else {
+ return {EcCurve::P_224, EcCurve::P_256, EcCurve::P_384, EcCurve::P_521};
+ }
+}
+
+std::vector<EcCurve> KeymasterHidlTest::InvalidCurves() {
+ if (SecLevel() == SecurityLevel::TRUSTED_ENVIRONMENT) return {};
+ CHECK(SecLevel() == SecurityLevel::STRONGBOX);
+ return {EcCurve::P_224, EcCurve::P_384, EcCurve::P_521};
+}
+
+std::initializer_list<Digest> KeymasterHidlTest::ValidDigests(bool withNone, bool withMD5) {
+ std::vector<Digest> result;
+ switch (SecLevel()) {
+ case SecurityLevel::TRUSTED_ENVIRONMENT:
+ if (withNone) {
+ if (withMD5)
+ return {Digest::NONE, Digest::MD5, Digest::SHA1,
+ Digest::SHA_2_224, Digest::SHA_2_256, Digest::SHA_2_384,
+ Digest::SHA_2_512};
+ else
+ return {Digest::NONE, Digest::SHA1, Digest::SHA_2_224,
+ Digest::SHA_2_256, Digest::SHA_2_384, Digest::SHA_2_512};
+ } else {
+ if (withMD5)
+ return {Digest::MD5, Digest::SHA1, Digest::SHA_2_224,
+ Digest::SHA_2_256, Digest::SHA_2_384, Digest::SHA_2_512};
+ else
+ return {Digest::SHA1, Digest::SHA_2_224, Digest::SHA_2_256, Digest::SHA_2_384,
+ Digest::SHA_2_512};
+ }
+ break;
+ case SecurityLevel::STRONGBOX:
+ if (withNone)
+ return {Digest::NONE, Digest::SHA_2_256};
+ else
+ return {Digest::SHA_2_256};
+ break;
+ default:
+ CHECK(false) << "Invalid security level " << uint32_t(SecLevel());
+ break;
+ }
+ CHECK(false) << "Should be impossible to get here";
+ return {};
+}
+
+std::vector<Digest> KeymasterHidlTest::InvalidDigests() {
+ return {};
+}
} // namespace test
} // namespace V4_0
diff --git a/keymaster/4.0/vts/functional/KeymasterHidlTest.h b/keymaster/4.0/vts/functional/KeymasterHidlTest.h
index 36d3fc2..94beb21 100644
--- a/keymaster/4.0/vts/functional/KeymasterHidlTest.h
+++ b/keymaster/4.0/vts/functional/KeymasterHidlTest.h
@@ -208,6 +208,15 @@
static bool IsSecure() { return securityLevel_ != SecurityLevel::SOFTWARE; }
static SecurityLevel SecLevel() { return securityLevel_; }
+ std::vector<uint32_t> ValidKeySizes(Algorithm algorithm);
+ std::vector<uint32_t> InvalidKeySizes(Algorithm algorithm);
+
+ std::vector<EcCurve> ValidCurves();
+ std::vector<EcCurve> InvalidCurves();
+
+ std::initializer_list<Digest> ValidDigests(bool withNone, bool withMD5);
+ std::vector<Digest> InvalidDigests();
+
HidlBuf key_blob_;
KeyCharacteristics key_characteristics_;
OperationHandle op_handle_ = kOpHandleSentinel;
diff --git a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
index bc33b2b..450b3eb 100644
--- a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
@@ -20,6 +20,7 @@
#include <iostream>
#include <openssl/evp.h>
+#include <openssl/mem.h>
#include <openssl/x509.h>
#include <cutils/properties.h>
@@ -208,11 +209,11 @@
char* cert_sub = X509_NAME_oneline(X509_get_subject_name(key_cert.get()), nullptr, 0);
EXPECT_STREQ("/CN=Android Keystore Key", cert_sub)
<< "Cert " << i << " has wrong subject.";
- free(cert_sub);
+ OPENSSL_free(cert_sub);
}
- free(cert_issuer);
- free(signer_subj);
+ OPENSSL_free(cert_issuer);
+ OPENSSL_free(signer_subj);
if (dump_Attestations) std::cout << bin2hex(chain[i]) << std::endl;
}
@@ -375,7 +376,7 @@
* correct characteristics.
*/
TEST_F(NewKeyGenerationTest, Rsa) {
- for (uint32_t key_size : {1024, 2048, 3072, 4096}) {
+ for (auto key_size : ValidKeySizes(Algorithm::RSA)) {
HidlBuf key_blob;
KeyCharacteristics key_characteristics;
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
@@ -405,6 +406,23 @@
}
/*
+ * NewKeyGenerationTest.NoInvalidRsaSizes
+ *
+ * Verifies that keymaster cannot generate any RSA key sizes that are designated as invalid.
+ */
+TEST_F(NewKeyGenerationTest, NoInvalidRsaSizes) {
+ for (auto key_size : InvalidKeySizes(Algorithm::RSA)) {
+ HidlBuf key_blob;
+ KeyCharacteristics key_characteristics;
+ ASSERT_EQ(ErrorCode::UNSUPPORTED_KEY_SIZE, GenerateKey(AuthorizationSetBuilder()
+ .RsaSigningKey(key_size, 3)
+ .Digest(Digest::NONE)
+ .Padding(PaddingMode::NONE),
+ &key_blob, &key_characteristics));
+ }
+}
+
+/*
* NewKeyGenerationTest.RsaNoDefaultSize
*
* Verifies that failing to specify a key size for RSA key generation returns UNSUPPORTED_KEY_SIZE.
@@ -424,7 +442,7 @@
* correct characteristics.
*/
TEST_F(NewKeyGenerationTest, Ecdsa) {
- for (uint32_t key_size : {224, 256, 384, 521}) {
+ for (auto key_size : ValidKeySizes(Algorithm::EC)) {
HidlBuf key_blob;
KeyCharacteristics key_characteristics;
ASSERT_EQ(
@@ -466,10 +484,18 @@
/*
* NewKeyGenerationTest.EcdsaInvalidSize
*
- * Verifies that failing to specify an invalid key size for EC key generation returns
- * UNSUPPORTED_KEY_SIZE.
+ * Verifies that specifying an invalid key size for EC key generation returns UNSUPPORTED_KEY_SIZE.
*/
TEST_F(NewKeyGenerationTest, EcdsaInvalidSize) {
+ for (auto key_size : InvalidKeySizes(Algorithm::EC)) {
+ HidlBuf key_blob;
+ KeyCharacteristics key_characteristics;
+ ASSERT_EQ(
+ ErrorCode::UNSUPPORTED_KEY_SIZE,
+ GenerateKey(AuthorizationSetBuilder().EcdsaSigningKey(key_size).Digest(Digest::NONE),
+ &key_blob, &key_characteristics));
+ }
+
ASSERT_EQ(ErrorCode::UNSUPPORTED_KEY_SIZE,
GenerateKey(AuthorizationSetBuilder().EcdsaSigningKey(190).Digest(Digest::NONE)));
}
@@ -481,6 +507,8 @@
* INVALID_ARGUMENT.
*/
TEST_F(NewKeyGenerationTest, EcdsaMismatchKeySize) {
+ if (SecLevel() == SecurityLevel::STRONGBOX) return;
+
ASSERT_EQ(ErrorCode::INVALID_ARGUMENT,
GenerateKey(AuthorizationSetBuilder()
.EcdsaSigningKey(224)
@@ -494,7 +522,7 @@
* Verifies that keymaster supports all required EC key sizes.
*/
TEST_F(NewKeyGenerationTest, EcdsaAllValidSizes) {
- size_t valid_sizes[] = {224, 256, 384, 521};
+ auto valid_sizes = ValidKeySizes(Algorithm::EC);
for (size_t size : valid_sizes) {
EXPECT_EQ(ErrorCode::OK,
GenerateKey(AuthorizationSetBuilder().EcdsaSigningKey(size).Digest(Digest::NONE)))
@@ -505,13 +533,12 @@
}
/*
- * NewKeyGenerationTest.EcdsaAllValidCurves
+ * NewKeyGenerationTest.EcdsaInvalidCurves
*
- * Verifies that keymaster supports all required EC curves.
+ * Verifies that keymaster does not support any curve designated as unsupported.
*/
TEST_F(NewKeyGenerationTest, EcdsaAllValidCurves) {
- V4_0::EcCurve curves[] = {EcCurve::P_224, EcCurve::P_256, EcCurve::P_384, EcCurve::P_521};
- for (V4_0::EcCurve curve : curves) {
+ for (auto curve : ValidCurves()) {
EXPECT_EQ(
ErrorCode::OK,
GenerateKey(AuthorizationSetBuilder().EcdsaSigningKey(curve).Digest(Digest::SHA_2_512)))
@@ -528,8 +555,7 @@
* characteristics.
*/
TEST_F(NewKeyGenerationTest, Hmac) {
- for (auto digest : {Digest::MD5, Digest::SHA1, Digest::SHA_2_224, Digest::SHA_2_256,
- Digest::SHA_2_384, Digest::SHA_2_512}) {
+ for (auto digest : ValidDigests(false /* withNone */, true /* withMD5 */)) {
HidlBuf key_blob;
KeyCharacteristics key_characteristics;
constexpr size_t key_size = 128;
@@ -630,6 +656,8 @@
* Verifies that keymaster rejects HMAC key generation with multiple specified digest algorithms.
*/
TEST_F(NewKeyGenerationTest, HmacMultipleDigests) {
+ if (SecLevel() == SecurityLevel::STRONGBOX) return;
+
ASSERT_EQ(ErrorCode::UNSUPPORTED_DIGEST,
GenerateKey(AuthorizationSetBuilder()
.HmacKey(128)
@@ -664,7 +692,7 @@
*/
TEST_F(SigningOperationsTest, RsaSuccess) {
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
- .RsaSigningKey(1024, 65537)
+ .RsaSigningKey(2048, 65537)
.Digest(Digest::NONE)
.Padding(PaddingMode::NONE)
.Authorization(TAG_NO_AUTH_REQUIRED)));
@@ -680,7 +708,7 @@
*/
TEST_F(SigningOperationsTest, RsaPssSha256Success) {
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
- .RsaSigningKey(1024, 65537)
+ .RsaSigningKey(2048, 65537)
.Digest(Digest::SHA_2_256)
.Padding(PaddingMode::RSA_PSS)
.Authorization(TAG_NO_AUTH_REQUIRED)));
@@ -698,7 +726,7 @@
*/
TEST_F(SigningOperationsTest, RsaPaddingNoneDoesNotAllowOther) {
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
- .RsaSigningKey(1024, 65537)
+ .RsaSigningKey(2048, 65537)
.Digest(Digest::NONE)
.Authorization(TAG_NO_AUTH_REQUIRED)
.Padding(PaddingMode::NONE)));
@@ -993,11 +1021,8 @@
* Verifies that ECDSA operations succeed with all possible key sizes and hashes.
*/
TEST_F(SigningOperationsTest, EcdsaAllSizesAndHashes) {
- for (auto key_size : {224, 256, 384, 521}) {
- for (auto digest : {
- Digest::SHA1, Digest::SHA_2_224, Digest::SHA_2_256, Digest::SHA_2_384,
- Digest::SHA_2_512,
- }) {
+ for (auto key_size : ValidKeySizes(Algorithm::EC)) {
+ for (auto digest : ValidDigests(false /* withNone */, false /* withMD5 */)) {
ErrorCode error = GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
.EcdsaSigningKey(key_size)
@@ -1020,7 +1045,7 @@
* Verifies that ECDSA operations succeed with all possible curves.
*/
TEST_F(SigningOperationsTest, EcdsaAllCurves) {
- for (auto curve : {EcCurve::P_224, EcCurve::P_256, EcCurve::P_384, EcCurve::P_521}) {
+ for (auto curve : ValidCurves()) {
ErrorCode error = GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
.EcdsaSigningKey(curve)
@@ -1075,8 +1100,7 @@
* Verifies that HMAC works with all digests.
*/
TEST_F(SigningOperationsTest, HmacAllDigests) {
- for (auto digest : {Digest::SHA1, Digest::SHA_2_224, Digest::SHA_2_256, Digest::SHA_2_384,
- Digest::SHA_2_512}) {
+ for (auto digest : ValidDigests(false /* withNone */, false /* withMD5 */)) {
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
.HmacKey(128)
@@ -1307,15 +1331,15 @@
* Verifies RSA signature/verification for all padding modes and digests.
*/
TEST_F(VerificationOperationsTest, RsaAllPaddingsAndDigests) {
- ASSERT_EQ(ErrorCode::OK,
- GenerateKey(AuthorizationSetBuilder()
+ auto authorizations = AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
.RsaSigningKey(2048, 65537)
- .Digest(Digest::NONE, Digest::MD5, Digest::SHA1, Digest::SHA_2_224,
- Digest::SHA_2_256, Digest::SHA_2_384, Digest::SHA_2_512)
+ .Digest(ValidDigests(true /* withNone */, true /* withMD5 */))
.Padding(PaddingMode::NONE)
.Padding(PaddingMode::RSA_PSS)
- .Padding(PaddingMode::RSA_PKCS1_1_5_SIGN)));
+ .Padding(PaddingMode::RSA_PKCS1_1_5_SIGN);
+
+ ASSERT_EQ(ErrorCode::OK, GenerateKey(authorizations));
string message(128, 'a');
string corrupt_message(message);
@@ -1323,8 +1347,7 @@
for (auto padding :
{PaddingMode::NONE, PaddingMode::RSA_PSS, PaddingMode::RSA_PKCS1_1_5_SIGN}) {
- for (auto digest : {Digest::NONE, Digest::MD5, Digest::SHA1, Digest::SHA_2_224,
- Digest::SHA_2_256, Digest::SHA_2_384, Digest::SHA_2_512}) {
+ for (auto digest : ValidDigests(true /* withNone */, true /* withMD5 */)) {
if (padding == PaddingMode::NONE && digest != Digest::NONE) {
// Digesting only makes sense with padding.
continue;
@@ -1402,14 +1425,11 @@
* Verifies ECDSA signature/verification for all digests and curves.
*/
TEST_F(VerificationOperationsTest, EcdsaAllDigestsAndCurves) {
- auto digests = {
- Digest::NONE, Digest::SHA1, Digest::SHA_2_224,
- Digest::SHA_2_256, Digest::SHA_2_384, Digest::SHA_2_512,
- };
+ auto digests = ValidDigests(true /* withNone */, false /* withMD5 */);
string message = "1234567890";
string corrupt_message = "2234567890";
- for (auto curve : {EcCurve::P_224, EcCurve::P_256, EcCurve::P_384, EcCurve::P_521}) {
+ for (auto curve : ValidCurves()) {
ErrorCode error = GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
.EcdsaSigningKey(curve)
@@ -1721,6 +1741,7 @@
* Verifies that importing and using an ECDSA P-521 key pair works correctly.
*/
TEST_F(ImportKeyTest, Ecdsa521Success) {
+ if (SecLevel() == SecurityLevel::STRONGBOX) return;
ASSERT_EQ(ErrorCode::OK, ImportKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
.EcdsaSigningKey(521)
@@ -2053,8 +2074,7 @@
* Verifies that RSA-OAEP encryption operations work, with all digests.
*/
TEST_F(EncryptionOperationsTest, RsaOaepSuccess) {
- auto digests = {Digest::MD5, Digest::SHA1, Digest::SHA_2_224,
- Digest::SHA_2_256, Digest::SHA_2_384, Digest::SHA_2_512};
+ auto digests = ValidDigests(false /* withNone */, true /* withMD5 */);
size_t key_size = 2048; // Need largish key for SHA-512 test.
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
@@ -2231,7 +2251,7 @@
TEST_F(EncryptionOperationsTest, EcdsaEncrypt) {
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
- .EcdsaSigningKey(224)
+ .EcdsaSigningKey(256)
.Digest(Digest::NONE)));
auto params = AuthorizationSetBuilder().Digest(Digest::NONE);
ASSERT_EQ(ErrorCode::UNSUPPORTED_PURPOSE, Begin(KeyPurpose::ENCRYPT, params));
@@ -2486,7 +2506,9 @@
for (size_t i = 0; i < message.size(); i += increment) {
to_send.append(message.substr(i, increment));
EXPECT_EQ(ErrorCode::OK, Update(to_send, &ciphertext, &input_consumed));
+ EXPECT_EQ(to_send.length(), input_consumed);
to_send = to_send.substr(input_consumed);
+ EXPECT_EQ(0U, to_send.length());
switch (block_mode) {
case BlockMode::ECB:
@@ -2802,6 +2824,8 @@
ASSERT_EQ(ErrorCode::OK,
Finish(op_handle_, update_params, message, "", &update_out_params, &ciphertext));
+ ASSERT_EQ(ciphertext.length(), message.length() + 16);
+
// Grab nonce
begin_params.push_back(begin_out_params);
@@ -2813,7 +2837,7 @@
&plaintext, &input_consumed));
EXPECT_EQ(ciphertext.size(), input_consumed);
EXPECT_EQ(ErrorCode::OK, Finish("", &plaintext));
-
+ EXPECT_EQ(message.length(), plaintext.length());
EXPECT_EQ(message, plaintext);
}
@@ -3700,6 +3724,8 @@
* Verifies that the max uses per boot tag works correctly with AES keys.
*/
TEST_F(MaxOperationsTest, TestLimitAes) {
+ if (SecLevel() == SecurityLevel::STRONGBOX) return;
+
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
.AesEncryptionKey(128)
@@ -3725,6 +3751,8 @@
* Verifies that the max uses per boot tag works correctly with RSA keys.
*/
TEST_F(MaxOperationsTest, TestLimitRsa) {
+ if (SecLevel() == SecurityLevel::STRONGBOX) return;
+
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
.RsaSigningKey(1024, 65537)
diff --git a/media/omx/1.0/vts/functional/audio/VtsHalMediaOmxV1_0TargetAudioDecTest.cpp b/media/omx/1.0/vts/functional/audio/VtsHalMediaOmxV1_0TargetAudioDecTest.cpp
index 725e290..e851a7c 100644
--- a/media/omx/1.0/vts/functional/audio/VtsHalMediaOmxV1_0TargetAudioDecTest.cpp
+++ b/media/omx/1.0/vts/functional/audio/VtsHalMediaOmxV1_0TargetAudioDecTest.cpp
@@ -151,6 +151,15 @@
framesReceived = 0;
timestampUs = 0;
timestampDevTest = false;
+ isSecure = false;
+ size_t suffixLen = strlen(".secure");
+ if (strlen(gEnv->getComponent().c_str()) >= suffixLen) {
+ isSecure =
+ !strcmp(gEnv->getComponent().c_str() +
+ strlen(gEnv->getComponent().c_str()) - suffixLen,
+ ".secure");
+ }
+ if (isSecure) disableTest = true;
if (disableTest) std::cout << "[ WARN ] Test Disabled \n";
}
@@ -247,6 +256,7 @@
OMX_AUDIO_CODINGTYPE eEncoding;
bool disableTest;
bool eosFlag;
+ bool isSecure;
uint32_t framesReceived;
uint64_t timestampUs;
::android::List<uint64_t> timestampUslist;
diff --git a/power/1.3/Android.bp b/power/1.3/Android.bp
new file mode 100644
index 0000000..65b7597
--- /dev/null
+++ b/power/1.3/Android.bp
@@ -0,0 +1,21 @@
+// This file is autogenerated by hidl-gen -Landroidbp.
+
+hidl_interface {
+ name: "android.hardware.power@1.3",
+ root: "android.hardware",
+ srcs: [
+ "types.hal",
+ "IPower.hal",
+ ],
+ interfaces: [
+ "android.hardware.power@1.0",
+ "android.hardware.power@1.1",
+ "android.hardware.power@1.2",
+ "android.hidl.base@1.0",
+ ],
+ types: [
+ "PowerHint",
+ ],
+ gen_java: true,
+}
+
diff --git a/power/1.3/IPower.hal b/power/1.3/IPower.hal
new file mode 100644
index 0000000..18b00a3
--- /dev/null
+++ b/power/1.3/IPower.hal
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2018 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.power@1.3;
+
+import @1.2::IPower;
+
+interface IPower extends @1.2::IPower {
+ /**
+ * Called to pass hints on power requirements which
+ * may result in adjustment of power/performance parameters of the
+ * cpufreq governor and other controls.
+ *
+ * A particular platform may choose to ignore any hint.
+ *
+ * @param hint PowerHint which is passed
+ * @param data contains additional information about the hint
+ * and is described along with the comments for each of the hints.
+ */
+ oneway powerHintAsync_1_3(PowerHint hint, int32_t data);
+};
diff --git a/power/1.3/types.hal b/power/1.3/types.hal
new file mode 100644
index 0000000..658495c
--- /dev/null
+++ b/power/1.3/types.hal
@@ -0,0 +1,28 @@
+/*
+ * Copyright (C) 2018 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.power@1.3;
+
+import @1.2::PowerHint;
+
+/** Power hint identifiers passed to powerHintAsync_1_3() */
+enum PowerHint : @1.2::PowerHint {
+ /**
+ * This hint indicates that the device is about to enter a period of expensive rendering, and
+ * the GPU should be configured accordingly. The data parameter is always 1 when entering this
+ * state and 0 when leaving it.
+ */
+ EXPENSIVE_RENDERING,
+};
diff --git a/power/1.3/vts/functional/Android.bp b/power/1.3/vts/functional/Android.bp
new file mode 100644
index 0000000..34cdb60
--- /dev/null
+++ b/power/1.3/vts/functional/Android.bp
@@ -0,0 +1,27 @@
+//
+// Copyright (C) 2018 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+cc_test {
+ name: "VtsHalPowerV1_3TargetTest",
+ defaults: ["VtsHalTargetTestDefaults"],
+ srcs: ["VtsHalPowerV1_3TargetTest.cpp"],
+ static_libs: [
+ "android.hardware.power@1.0",
+ "android.hardware.power@1.1",
+ "android.hardware.power@1.2",
+ "android.hardware.power@1.3",
+ ],
+}
diff --git a/power/1.3/vts/functional/VtsHalPowerV1_3TargetTest.cpp b/power/1.3/vts/functional/VtsHalPowerV1_3TargetTest.cpp
new file mode 100644
index 0000000..af1a1d8
--- /dev/null
+++ b/power/1.3/vts/functional/VtsHalPowerV1_3TargetTest.cpp
@@ -0,0 +1,64 @@
+/*
+ * Copyright (C) 2018 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#define LOG_TAG "power_hidl_hal_test"
+#include <android-base/logging.h>
+#include <android/hardware/power/1.3/IPower.h>
+
+#include <VtsHalHidlTargetTestBase.h>
+#include <VtsHalHidlTargetTestEnvBase.h>
+
+using ::android::sp;
+using ::android::hardware::hidl_vec;
+using ::android::hardware::Return;
+using ::android::hardware::power::V1_3::IPower;
+using ::android::hardware::power::V1_3::PowerHint;
+
+// Test environment for Power HIDL HAL.
+class PowerHidlEnvironment : public ::testing::VtsHalHidlTargetTestEnvBase {
+ public:
+ // get the test environment singleton
+ static PowerHidlEnvironment* Instance() {
+ static PowerHidlEnvironment* instance = new PowerHidlEnvironment;
+ return instance;
+ }
+
+ virtual void registerTestServices() override { registerTestService<IPower>(); }
+};
+
+class PowerHidlTest : public ::testing::VtsHalHidlTargetTestBase {
+ public:
+ virtual void SetUp() override {
+ power = ::testing::VtsHalHidlTargetTestBase::getService<IPower>(
+ PowerHidlEnvironment::Instance()->getServiceName<IPower>());
+ ASSERT_NE(power, nullptr);
+ }
+
+ sp<IPower> power;
+};
+
+TEST_F(PowerHidlTest, PowerHintAsync_1_3) {
+ ASSERT_TRUE(power->powerHintAsync_1_3(PowerHint::EXPENSIVE_RENDERING, 0).isOk());
+}
+
+int main(int argc, char** argv) {
+ ::testing::AddGlobalTestEnvironment(PowerHidlEnvironment::Instance());
+ ::testing::InitGoogleTest(&argc, argv);
+ PowerHidlEnvironment::Instance()->init(&argc, argv);
+ int status = RUN_ALL_TESTS();
+ LOG(INFO) << "Test result = " << status;
+ return status;
+}
diff --git a/tests/baz/1.0/IBaz.hal b/tests/baz/1.0/IBaz.hal
index 00fe568..8118d8b 100644
--- a/tests/baz/1.0/IBaz.hal
+++ b/tests/baz/1.0/IBaz.hal
@@ -68,6 +68,11 @@
bitfield<BitField> bf;
};
+ struct MyHandle {
+ handle h;
+ int32_t guard;
+ };
+
struct StructWithInterface {
int32_t number;
int8_t[7] array;
diff --git a/tests/safeunion/1.0/ISafeUnion.hal b/tests/safeunion/1.0/ISafeUnion.hal
index e56022f..c38777a 100644
--- a/tests/safeunion/1.0/ISafeUnion.hal
+++ b/tests/safeunion/1.0/ISafeUnion.hal
@@ -68,6 +68,14 @@
IOtherInterface c;
string d;
vec<string> e;
+ handle f;
+ vec<handle> g;
+ };
+
+ safe_union HandleTypeSafeUnion {
+ handle a;
+ handle[5] b;
+ vec<handle> c;
};
newLargeSafeUnion() generates (LargeSafeUnion myUnion);
@@ -90,4 +98,11 @@
setInterfaceC(InterfaceTypeSafeUnion myUnion, IOtherInterface c) generates (InterfaceTypeSafeUnion myUnion);
setInterfaceD(InterfaceTypeSafeUnion myUnion, string d) generates (InterfaceTypeSafeUnion myUnion);
setInterfaceE(InterfaceTypeSafeUnion myUnion, vec<string> e) generates (InterfaceTypeSafeUnion myUnion);
+ setInterfaceF(InterfaceTypeSafeUnion myUnion, handle f) generates (InterfaceTypeSafeUnion myUnion);
+ setInterfaceG(InterfaceTypeSafeUnion myUnion, vec<handle> g) generates (InterfaceTypeSafeUnion myUnion);
+
+ newHandleTypeSafeUnion() generates (HandleTypeSafeUnion myUnion);
+ setHandleA(HandleTypeSafeUnion myUnion, handle a) generates (HandleTypeSafeUnion myUnion);
+ setHandleB(HandleTypeSafeUnion myUnion, handle[5] b) generates (HandleTypeSafeUnion myUnion);
+ setHandleC(HandleTypeSafeUnion myUnion, vec<handle> c) generates (HandleTypeSafeUnion myUnion);
};
diff --git a/tests/safeunion/1.0/default/SafeUnion.cpp b/tests/safeunion/1.0/default/SafeUnion.cpp
index 11b2e36..c395664 100644
--- a/tests/safeunion/1.0/default/SafeUnion.cpp
+++ b/tests/safeunion/1.0/default/SafeUnion.cpp
@@ -191,7 +191,8 @@
return Void();
}
-Return<void> SafeUnion::setInterfaceD(const ::android::hardware::tests::safeunion::V1_0::ISafeUnion::InterfaceTypeSafeUnion& myUnion, const hidl_string& d, setInterfaceD_cb _hidl_cb) {
+Return<void> SafeUnion::setInterfaceD(const InterfaceTypeSafeUnion& myUnion, const hidl_string& d,
+ setInterfaceD_cb _hidl_cb) {
LOG(INFO) << "SERVER(SafeUnion) setInterfaceD(myUnion, " << toString(d) << ")";
InterfaceTypeSafeUnion myNewUnion = myUnion;
@@ -201,7 +202,8 @@
return Void();
}
-Return<void> SafeUnion::setInterfaceE(const ::android::hardware::tests::safeunion::V1_0::ISafeUnion::InterfaceTypeSafeUnion& myUnion, const hidl_vec<hidl_string>& e, setInterfaceE_cb _hidl_cb) {
+Return<void> SafeUnion::setInterfaceE(const InterfaceTypeSafeUnion& myUnion,
+ const hidl_vec<hidl_string>& e, setInterfaceE_cb _hidl_cb) {
LOG(INFO) << "SERVER(SafeUnion) setInterfaceE(myUnion, " << toString(e) << ")";
InterfaceTypeSafeUnion myNewUnion = myUnion;
@@ -211,6 +213,70 @@
return Void();
}
+Return<void> SafeUnion::setInterfaceF(const InterfaceTypeSafeUnion& myUnion, const hidl_handle& f,
+ setInterfaceF_cb _hidl_cb) {
+ LOG(INFO) << "SERVER(SafeUnion) setInterfaceF(myUnion, " << toString(f) << ")";
+
+ InterfaceTypeSafeUnion myNewUnion = myUnion;
+ myNewUnion.f(f);
+
+ _hidl_cb(myNewUnion);
+ return Void();
+}
+
+Return<void> SafeUnion::setInterfaceG(const InterfaceTypeSafeUnion& myUnion,
+ const hidl_vec<hidl_handle>& g, setInterfaceG_cb _hidl_cb) {
+ LOG(INFO) << "SERVER(SafeUnion) setInterfaceG(myUnion, " << toString(g) << ")";
+
+ InterfaceTypeSafeUnion myNewUnion = myUnion;
+ myNewUnion.g(g);
+
+ _hidl_cb(myNewUnion);
+ return Void();
+}
+
+Return<void> SafeUnion::newHandleTypeSafeUnion(newHandleTypeSafeUnion_cb _hidl_cb) {
+ LOG(INFO) << "SERVER(SafeUnion) newHandleTypeSafeUnion()";
+
+ HandleTypeSafeUnion ret;
+ _hidl_cb(ret);
+ return Void();
+}
+
+Return<void> SafeUnion::setHandleA(
+ const ::android::hardware::tests::safeunion::V1_0::ISafeUnion::HandleTypeSafeUnion& myUnion,
+ const hidl_handle& a, setHandleA_cb _hidl_cb) {
+ LOG(INFO) << "SERVER(SafeUnion) setHandleA(myUnion, " << toString(a) << ")";
+
+ HandleTypeSafeUnion myNewUnion = myUnion;
+ myNewUnion.a(a);
+
+ _hidl_cb(myNewUnion);
+ return Void();
+}
+
+Return<void> SafeUnion::setHandleB(const HandleTypeSafeUnion& myUnion,
+ const hidl_array<hidl_handle, 5>& b, setHandleB_cb _hidl_cb) {
+ LOG(INFO) << "SERVER(SafeUnion) setHandleB(myUnion, " << toString(b) << ")";
+
+ HandleTypeSafeUnion myNewUnion = myUnion;
+ myNewUnion.b(b);
+
+ _hidl_cb(myNewUnion);
+ return Void();
+}
+
+Return<void> SafeUnion::setHandleC(const HandleTypeSafeUnion& myUnion,
+ const hidl_vec<hidl_handle>& c, setHandleC_cb _hidl_cb) {
+ LOG(INFO) << "SERVER(SafeUnion) setHandleC(myUnion, " << toString(c) << ")";
+
+ HandleTypeSafeUnion myNewUnion = myUnion;
+ myNewUnion.c(c);
+
+ _hidl_cb(myNewUnion);
+ return Void();
+}
+
ISafeUnion* HIDL_FETCH_ISafeUnion(const char* /* name */) {
return new SafeUnion();
}
diff --git a/tests/safeunion/1.0/default/SafeUnion.h b/tests/safeunion/1.0/default/SafeUnion.h
index e900fce..e774e09 100644
--- a/tests/safeunion/1.0/default/SafeUnion.h
+++ b/tests/safeunion/1.0/default/SafeUnion.h
@@ -54,6 +54,18 @@
Return<void> setInterfaceC(const InterfaceTypeSafeUnion& myUnion, const sp<::android::hardware::tests::safeunion::V1_0::IOtherInterface>& c, setInterfaceC_cb _hidl_cb) override;
Return<void> setInterfaceD(const InterfaceTypeSafeUnion& myUnion, const hidl_string& d, setInterfaceD_cb _hidl_cb) override;
Return<void> setInterfaceE(const InterfaceTypeSafeUnion& myUnion, const hidl_vec<hidl_string>& e, setInterfaceE_cb _hidl_cb) override;
+ Return<void> setInterfaceF(const InterfaceTypeSafeUnion& myUnion, const hidl_handle& f,
+ setInterfaceF_cb _hidl_cb) override;
+ Return<void> setInterfaceG(const InterfaceTypeSafeUnion& myUnion,
+ const hidl_vec<hidl_handle>& g, setInterfaceG_cb _hidl_cb) override;
+
+ Return<void> newHandleTypeSafeUnion(newHandleTypeSafeUnion_cb _hidl_cb) override;
+ Return<void> setHandleA(const HandleTypeSafeUnion& myUnion, const hidl_handle& a,
+ setHandleA_cb _hidl_cb) override;
+ Return<void> setHandleB(const HandleTypeSafeUnion& myUnion, const hidl_array<hidl_handle, 5>& b,
+ setHandleB_cb _hidl_cb) override;
+ Return<void> setHandleC(const HandleTypeSafeUnion& myUnion, const hidl_vec<hidl_handle>& c,
+ setHandleC_cb _hidl_cb) override;
};
extern "C" ISafeUnion* HIDL_FETCH_ISafeUnion(const char* name);