Radio: bump AIDL data and ims.media dependencies for default impl am: fa85fb3fa8
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/3315068
Change-Id: Id50e7b2cb741af7164205a34d4c8ea925ebe8fa4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/audio/aidl/vts/VtsHalVisualizerTargetTest.cpp b/audio/aidl/vts/VtsHalVisualizerTargetTest.cpp
index f89cb40..a0e43bc 100644
--- a/audio/aidl/vts/VtsHalVisualizerTargetTest.cpp
+++ b/audio/aidl/vts/VtsHalVisualizerTargetTest.cpp
@@ -48,27 +48,23 @@
std::tuple<std::pair<std::shared_ptr<IFactory>, Descriptor>, int, Visualizer::ScalingMode,
Visualizer::MeasurementMode, int>;
-class VisualizerParamTest : public ::testing::TestWithParam<VisualizerParamTestParam>,
- public EffectHelper {
+class VisualizerTestHelper : public EffectHelper {
public:
- VisualizerParamTest()
- : mCaptureSize(std::get<PARAM_CAPTURE_SIZE>(GetParam())),
- mScalingMode(std::get<PARAM_SCALING_MODE>(GetParam())),
- mMeasurementMode(std::get<PARAM_MEASUREMENT_MODE>(GetParam())),
- mLatency(std::get<PARAM_LATENCY>(GetParam())) {
- std::tie(mFactory, mDescriptor) = std::get<PARAM_INSTANCE_NAME>(GetParam());
-
- size_t channelCount =
- getChannelCount(AudioChannelLayout::make<AudioChannelLayout::layoutMask>(
- AudioChannelLayout::LAYOUT_STEREO));
- mBufferSizeInFrames = kInputFrameCount * channelCount;
- mInputBuffer.resize(mBufferSizeInFrames);
- generateInputBuffer(mInputBuffer, 0, true, channelCount, kMaxAudioSampleValue);
-
- mOutputBuffer.resize(mBufferSizeInFrames);
+ VisualizerTestHelper(
+ std::pair<std::shared_ptr<IFactory>, Descriptor> descPair = {}, int captureSize = 128,
+ int latency = 0,
+ Visualizer::ScalingMode scalingMode = Visualizer::ScalingMode::NORMALIZED,
+ Visualizer::MeasurementMode measurementMode = Visualizer::MeasurementMode::NONE)
+ : mCaptureSize(captureSize),
+ mLatency(latency),
+ mScalingMode(scalingMode),
+ mMeasurementMode(measurementMode),
+ mInputBuffer(mBufferSizeInFrames),
+ mOutputBuffer(mBufferSizeInFrames) {
+ std::tie(mFactory, mDescriptor) = descPair;
}
- void SetUp() override {
+ void SetUpVisualizer() {
ASSERT_NE(nullptr, mFactory);
ASSERT_NO_FATAL_FAILURE(create(mFactory, mEffect, mDescriptor));
@@ -80,28 +76,14 @@
mVersion = EffectFactoryHelper::getHalVersion(mFactory);
}
- void TearDown() override {
+ void TearDownVisualizer() {
ASSERT_NO_FATAL_FAILURE(close(mEffect));
ASSERT_NO_FATAL_FAILURE(destroy(mFactory, mEffect));
mOpenEffectReturn = IEffect::OpenEffectReturn{};
}
- static const long kInputFrameCount = 0x100, kOutputFrameCount = 0x100;
- std::shared_ptr<IFactory> mFactory;
- std::shared_ptr<IEffect> mEffect;
- Descriptor mDescriptor;
- int mCaptureSize;
- Visualizer::ScalingMode mScalingMode = Visualizer::ScalingMode::NORMALIZED;
- Visualizer::MeasurementMode mMeasurementMode = Visualizer::MeasurementMode::NONE;
- int mLatency = 0;
- int mVersion = 0;
- std::vector<float> mInputBuffer;
- std::vector<float> mOutputBuffer;
- size_t mBufferSizeInFrames;
- IEffect::OpenEffectReturn mOpenEffectReturn;
- bool mAllParamsValid = true;
-
- void SetAndGetParameters() {
+ void SetAndGetParameters(bool* allParamsValid = nullptr) {
+ if (allParamsValid != nullptr) *allParamsValid = true;
for (auto& it : mCommonTags) {
auto& tag = it.first;
auto& vs = it.second;
@@ -111,7 +93,9 @@
ASSERT_STATUS(EX_NONE, mEffect->getDescriptor(&desc));
const bool valid = isParameterValid<Visualizer, Range::visualizer>(vs, desc);
const binder_exception_t expected = valid ? EX_NONE : EX_ILLEGAL_ARGUMENT;
- if (expected == EX_ILLEGAL_ARGUMENT) mAllParamsValid = false;
+ if (expected == EX_ILLEGAL_ARGUMENT && allParamsValid != nullptr) {
+ *allParamsValid = false;
+ }
// set parameter
Parameter expectParam;
@@ -155,6 +139,44 @@
{Visualizer::latencyMs, Visualizer::make<Visualizer::latencyMs>(latency)});
}
+ static constexpr long kInputFrameCount = 0x100, kOutputFrameCount = 0x100;
+ const size_t mChannelCount =
+ getChannelCount(AudioChannelLayout::make<AudioChannelLayout::layoutMask>(
+ AudioChannelLayout::LAYOUT_STEREO));
+ const size_t mBufferSizeInFrames = kInputFrameCount * mChannelCount;
+ const int mCaptureSize;
+ const int mLatency;
+ const Visualizer::ScalingMode mScalingMode;
+ const Visualizer::MeasurementMode mMeasurementMode;
+ int mVersion;
+ std::vector<float> mInputBuffer;
+ std::vector<float> mOutputBuffer;
+ std::shared_ptr<IEffect> mEffect;
+ std::shared_ptr<IFactory> mFactory;
+ Descriptor mDescriptor;
+ IEffect::OpenEffectReturn mOpenEffectReturn;
+
+ private:
+ std::vector<std::pair<Visualizer::Tag, Visualizer>> mCommonTags;
+ void CleanUp() { mCommonTags.clear(); }
+};
+
+class VisualizerParamTest : public ::testing::TestWithParam<VisualizerParamTestParam>,
+ public VisualizerTestHelper {
+ public:
+ VisualizerParamTest()
+ : VisualizerTestHelper(std::get<PARAM_INSTANCE_NAME>(GetParam()),
+ std::get<PARAM_CAPTURE_SIZE>(GetParam()),
+ std::get<PARAM_LATENCY>(GetParam()),
+ std::get<PARAM_SCALING_MODE>(GetParam()),
+ std::get<PARAM_MEASUREMENT_MODE>(GetParam())) {
+ generateInputBuffer(mInputBuffer, 0, true, mChannelCount, kMaxAudioSampleValue);
+ }
+
+ void SetUp() override { SetUpVisualizer(); }
+
+ void TearDown() override { TearDownVisualizer(); }
+
static std::unordered_set<Visualizer::MeasurementMode> getMeasurementModeValues() {
return {ndk::enum_range<Visualizer::MeasurementMode>().begin(),
ndk::enum_range<Visualizer::MeasurementMode>().end()};
@@ -164,10 +186,6 @@
return {ndk::enum_range<Visualizer::ScalingMode>().begin(),
ndk::enum_range<Visualizer::ScalingMode>().end()};
}
-
- private:
- std::vector<std::pair<Visualizer::Tag, Visualizer>> mCommonTags;
- void CleanUp() { mCommonTags.clear(); }
};
TEST_P(VisualizerParamTest, SetAndGetCaptureSize) {
@@ -192,11 +210,13 @@
TEST_P(VisualizerParamTest, testCaptureSampleBufferSizeAndOutput) {
SKIP_TEST_IF_DATA_UNSUPPORTED(mDescriptor.common.flags);
+
+ bool allParamsValid = true;
ASSERT_NO_FATAL_FAILURE(addCaptureSizeParam(mCaptureSize));
ASSERT_NO_FATAL_FAILURE(addScalingModeParam(mScalingMode));
ASSERT_NO_FATAL_FAILURE(addMeasurementModeParam(mMeasurementMode));
ASSERT_NO_FATAL_FAILURE(addLatencyParam(mLatency));
- ASSERT_NO_FATAL_FAILURE(SetAndGetParameters());
+ ASSERT_NO_FATAL_FAILURE(SetAndGetParameters(&allParamsValid));
Parameter getParam;
Parameter::Id id;
@@ -209,7 +229,7 @@
&mOpenEffectReturn, mVersion));
ASSERT_EQ(mInputBuffer, mOutputBuffer);
- if (mAllParamsValid) {
+ if (allParamsValid) {
std::vector<uint8_t> captureBuffer = getParam.get<Parameter::specific>()
.get<Parameter::Specific::visualizer>()
.get<Visualizer::captureSampleBuffer>();
diff --git a/audio/aidl/vts/VtsHalVolumeTargetTest.cpp b/audio/aidl/vts/VtsHalVolumeTargetTest.cpp
index 2c21d2e..4300801 100644
--- a/audio/aidl/vts/VtsHalVolumeTargetTest.cpp
+++ b/audio/aidl/vts/VtsHalVolumeTargetTest.cpp
@@ -108,16 +108,13 @@
* Here we focus on specific parameter checking, general IEffect interfaces testing performed in
* VtsAudioEffectTargetTest.
*/
-enum ParamName { PARAM_INSTANCE_NAME, PARAM_LEVEL, PARAM_MUTE };
-using VolumeParamTestParam =
- std::tuple<std::pair<std::shared_ptr<IFactory>, Descriptor>, int, bool>;
+enum VolumeLevelParamName { PARAM_INSTANCE_NAME, PARAM_LEVEL };
+using VolumeLevelTestParam = std::tuple<std::pair<std::shared_ptr<IFactory>, Descriptor>, int>;
-class VolumeParamTest : public ::testing::TestWithParam<VolumeParamTestParam>,
- public VolumeControlHelper {
+class VolumeLevelParamTest : public ::testing::TestWithParam<VolumeLevelTestParam>,
+ public VolumeControlHelper {
public:
- VolumeParamTest()
- : mParamLevel(std::get<PARAM_LEVEL>(GetParam())),
- mParamMute(std::get<PARAM_MUTE>(GetParam())) {
+ VolumeLevelParamTest() : mParamLevel(std::get<PARAM_LEVEL>(GetParam())) {
std::tie(mFactory, mDescriptor) = std::get<PARAM_INSTANCE_NAME>(GetParam());
}
@@ -125,13 +122,31 @@
void TearDown() override { TearDownVolumeControl(); }
int mParamLevel = 0;
- bool mParamMute = false;
};
-TEST_P(VolumeParamTest, SetAndGetParams) {
+TEST_P(VolumeLevelParamTest, SetAndGetParams) {
ASSERT_NO_FATAL_FAILURE(
setAndVerifyParameters(Volume::levelDb, mParamLevel,
isLevelValid(mParamLevel) ? EX_NONE : EX_ILLEGAL_ARGUMENT));
+}
+
+enum VolumeMuteParamName { MUTE_PARAM_INSTANCE_NAME, PARAM_MUTE };
+using VolumeMuteTestParam = std::tuple<std::pair<std::shared_ptr<IFactory>, Descriptor>, bool>;
+
+class VolumeMuteParamTest : public ::testing::TestWithParam<VolumeMuteTestParam>,
+ public VolumeControlHelper {
+ public:
+ VolumeMuteParamTest() : mParamMute(std::get<PARAM_MUTE>(GetParam())) {
+ std::tie(mFactory, mDescriptor) = std::get<MUTE_PARAM_INSTANCE_NAME>(GetParam());
+ }
+
+ void SetUp() override { ASSERT_NO_FATAL_FAILURE(SetUpVolumeControl()); }
+ void TearDown() override { TearDownVolumeControl(); }
+
+ bool mParamMute = false;
+};
+
+TEST_P(VolumeMuteParamTest, SetAndGetParams) {
ASSERT_NO_FATAL_FAILURE(setAndVerifyParameters(Volume::mute, mParamMute, EX_NONE));
}
@@ -298,25 +313,40 @@
std::vector<std::pair<std::shared_ptr<IFactory>, Descriptor>> kDescPair;
INSTANTIATE_TEST_SUITE_P(
- VolumeTest, VolumeParamTest,
+ VolumeTest, VolumeLevelParamTest,
::testing::Combine(
testing::ValuesIn(kDescPair = EffectFactoryHelper::getAllEffectDescriptors(
IFactory::descriptor, getEffectTypeUuidVolume())),
testing::ValuesIn(
EffectHelper::getTestValueSet<Volume, int, Range::volume, Volume::levelDb>(
- kDescPair, EffectHelper::expandTestValueBasic<int>)),
- testing::Bool() /* mute */),
- [](const testing::TestParamInfo<VolumeParamTest::ParamType>& info) {
+ kDescPair, EffectHelper::expandTestValueBasic<int>))),
+ [](const testing::TestParamInfo<VolumeLevelParamTest::ParamType>& info) {
auto descriptor = std::get<PARAM_INSTANCE_NAME>(info.param).second;
std::string level = std::to_string(std::get<PARAM_LEVEL>(info.param));
- std::string mute = std::to_string(std::get<PARAM_MUTE>(info.param));
- std::string name = getPrefix(descriptor) + "_level" + level + "_mute" + mute;
+ std::string name = getPrefix(descriptor) + "_level" + level;
std::replace_if(
name.begin(), name.end(), [](const char c) { return !std::isalnum(c); }, '_');
return name;
});
-GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(VolumeParamTest);
+GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(VolumeLevelParamTest);
+
+INSTANTIATE_TEST_SUITE_P(
+ VolumeTest, VolumeMuteParamTest,
+ ::testing::Combine(
+ testing::ValuesIn(kDescPair = EffectFactoryHelper::getAllEffectDescriptors(
+ IFactory::descriptor, getEffectTypeUuidVolume())),
+ testing::Bool() /* mute */),
+ [](const testing::TestParamInfo<VolumeMuteParamTest::ParamType>& info) {
+ auto descriptor = std::get<MUTE_PARAM_INSTANCE_NAME>(info.param).second;
+ std::string mute = std::to_string(std::get<PARAM_MUTE>(info.param));
+ std::string name = getPrefix(descriptor) + "_mute" + mute;
+ std::replace_if(
+ name.begin(), name.end(), [](const char c) { return !std::isalnum(c); }, '_');
+ return name;
+ });
+
+GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(VolumeMuteParamTest);
INSTANTIATE_TEST_SUITE_P(VolumeTest, VolumeDataTest,
testing::ValuesIn(EffectFactoryHelper::getAllEffectDescriptors(
diff --git a/automotive/evs/1.0/vts/functional/Android.bp b/automotive/evs/1.0/vts/functional/Android.bp
index f1b57d7..bad193b 100644
--- a/automotive/evs/1.0/vts/functional/Android.bp
+++ b/automotive/evs/1.0/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_perception_virtualization",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/automotive/evs/1.1/vts/functional/Android.bp b/automotive/evs/1.1/vts/functional/Android.bp
index 18687bf..8f9d5c7 100644
--- a/automotive/evs/1.1/vts/functional/Android.bp
+++ b/automotive/evs/1.1/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_perception_virtualization",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/automotive/evs/aidl/vts/Android.bp b/automotive/evs/aidl/vts/Android.bp
index e50c913..79905fa 100644
--- a/automotive/evs/aidl/vts/Android.bp
+++ b/automotive/evs/aidl/vts/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_perception_virtualization",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/automotive/ivn_android_device/impl/default/src/IvnAndroidDeviceService.cpp b/automotive/ivn_android_device/impl/default/src/IvnAndroidDeviceService.cpp
index 4166fdc..b284205 100644
--- a/automotive/ivn_android_device/impl/default/src/IvnAndroidDeviceService.cpp
+++ b/automotive/ivn_android_device/impl/default/src/IvnAndroidDeviceService.cpp
@@ -24,6 +24,7 @@
#include <json/json.h>
#include <fstream>
+#include <string>
namespace android {
namespace hardware {
diff --git a/automotive/sv/1.0/vts/functional/Android.bp b/automotive/sv/1.0/vts/functional/Android.bp
index e94893c..4ea5aff 100644
--- a/automotive/sv/1.0/vts/functional/Android.bp
+++ b/automotive/sv/1.0/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_perception_virtualization",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
@@ -45,7 +46,10 @@
"android.hidl.memory@1.0",
"libhidlmemory",
],
- test_suites: ["general-tests", "vts"],
+ test_suites: [
+ "general-tests",
+ "vts",
+ ],
cflags: [
"-O0",
"-g",
diff --git a/biometrics/face/1.0/vts/functional/Android.bp b/biometrics/face/1.0/vts/functional/Android.bp
index 259c4ec..4c06121 100644
--- a/biometrics/face/1.0/vts/functional/Android.bp
+++ b/biometrics/face/1.0/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_biometrics_framework",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/biometrics/fingerprint/2.1/vts/functional/Android.bp b/biometrics/fingerprint/2.1/vts/functional/Android.bp
index 68b3360..819feb4 100644
--- a/biometrics/fingerprint/2.1/vts/functional/Android.bp
+++ b/biometrics/fingerprint/2.1/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_biometrics_framework",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/biometrics/fingerprint/2.2/vts/functional/Android.bp b/biometrics/fingerprint/2.2/vts/functional/Android.bp
index 02f833a..11315fa 100644
--- a/biometrics/fingerprint/2.2/vts/functional/Android.bp
+++ b/biometrics/fingerprint/2.2/vts/functional/Android.bp
@@ -15,6 +15,7 @@
*/
package {
+ default_team: "trendy_team_biometrics_framework",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/boot/1.0/vts/functional/Android.bp b/boot/1.0/vts/functional/Android.bp
index 90ee9cb..b49772c 100644
--- a/boot/1.0/vts/functional/Android.bp
+++ b/boot/1.0/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_android_kernel",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/boot/1.1/vts/functional/Android.bp b/boot/1.1/vts/functional/Android.bp
index 3a36046..6e44996 100644
--- a/boot/1.1/vts/functional/Android.bp
+++ b/boot/1.1/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_android_kernel",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/boot/1.2/vts/functional/Android.bp b/boot/1.2/vts/functional/Android.bp
index 7d546ed..ba186bf 100644
--- a/boot/1.2/vts/functional/Android.bp
+++ b/boot/1.2/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_android_kernel",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/boot/aidl/vts/functional/Android.bp b/boot/aidl/vts/functional/Android.bp
index e46cbef..0310716 100644
--- a/boot/aidl/vts/functional/Android.bp
+++ b/boot/aidl/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_android_kernel",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/cas/1.0/vts/functional/Android.bp b/cas/1.0/vts/functional/Android.bp
index 560230b..1817371 100644
--- a/cas/1.0/vts/functional/Android.bp
+++ b/cas/1.0/vts/functional/Android.bp
@@ -15,7 +15,7 @@
//
package {
- default_team: "trendy_team_android_media_codec_framework",
+ default_team: "trendy_team_tv_os",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/cas/1.1/vts/functional/Android.bp b/cas/1.1/vts/functional/Android.bp
index b267f53..f95f9b3 100644
--- a/cas/1.1/vts/functional/Android.bp
+++ b/cas/1.1/vts/functional/Android.bp
@@ -15,7 +15,7 @@
//
package {
- default_team: "trendy_team_android_media_codec_framework",
+ default_team: "trendy_team_tv_os",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/cas/1.2/vts/functional/Android.bp b/cas/1.2/vts/functional/Android.bp
index 0a83ad4..3b1cfb1 100644
--- a/cas/1.2/vts/functional/Android.bp
+++ b/cas/1.2/vts/functional/Android.bp
@@ -15,7 +15,7 @@
//
package {
- default_team: "trendy_team_android_media_codec_framework",
+ default_team: "trendy_team_tv_os",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/cas/aidl/vts/functional/Android.bp b/cas/aidl/vts/functional/Android.bp
index 295ae7c..390c713 100644
--- a/cas/aidl/vts/functional/Android.bp
+++ b/cas/aidl/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_android_media_codec_framework",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/configstore/1.0/vts/functional/Android.bp b/configstore/1.0/vts/functional/Android.bp
index 27c66fd..388c565 100644
--- a/configstore/1.0/vts/functional/Android.bp
+++ b/configstore/1.0/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_android_kernel",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/gatekeeper/aidl/software/file_contexts b/gatekeeper/aidl/software/file_contexts
index 23a62ea..cc4180e 100644
--- a/gatekeeper/aidl/software/file_contexts
+++ b/gatekeeper/aidl/software/file_contexts
@@ -1,3 +1,3 @@
(/.*)? u:object_r:vendor_file:s0
/etc(/.*)? u:object_r:vendor_configs_file:s0
-/bin/hw/android\.hardware\.gatekeeper-service\.nonsecure u:object_r:hal_gatekeeper_remote_exec:s0
+/bin/hw/android\.hardware\.gatekeeper-service\.nonsecure u:object_r:hal_gatekeeper_default_exec:s0
diff --git a/ir/1.0/vts/functional/Android.bp b/ir/1.0/vts/functional/Android.bp
index 983f2a4..7c23f03 100644
--- a/ir/1.0/vts/functional/Android.bp
+++ b/ir/1.0/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_android_kernel",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/ir/aidl/vts/Android.bp b/ir/aidl/vts/Android.bp
index c2491b8..d42a7f4 100644
--- a/ir/aidl/vts/Android.bp
+++ b/ir/aidl/vts/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_android_kernel",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/neuralnetworks/1.3/vts/functional/Android.bp b/neuralnetworks/1.3/vts/functional/Android.bp
index 07071cc..ab2d4a1 100644
--- a/neuralnetworks/1.3/vts/functional/Android.bp
+++ b/neuralnetworks/1.3/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_renderscript_nnapi",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/radio/aidl/compat/libradiocompat/sim/structs.cpp b/radio/aidl/compat/libradiocompat/sim/structs.cpp
index 00db2b8..27aca60 100644
--- a/radio/aidl/compat/libradiocompat/sim/structs.cpp
+++ b/radio/aidl/compat/libradiocompat/sim/structs.cpp
@@ -70,26 +70,60 @@
};
}
-aidl::CarrierRestrictions toAidl(const V1_0::CarrierRestrictions& cr) {
+static aidl::CarrierInfo toCarrierInfo(const aidl::Carrier& carrier) {
return {
- .allowedCarriers = toAidl(cr.allowedCarriers),
- .excludedCarriers = toAidl(cr.excludedCarriers),
+ .mcc = carrier.mcc,
+ .mnc = carrier.mnc,
+ };
+}
+
+static std::vector<aidl::CarrierInfo> toCarrierInfos(const std::vector<aidl::Carrier>& carriers) {
+ std::vector<aidl::CarrierInfo> infos(carriers.size());
+ for (size_t i = 0; i < carriers.size(); i++) {
+ infos[i] = toCarrierInfo(carriers[i]);
+ }
+ return infos;
+}
+
+V1_0::Carrier toHidl(const aidl::CarrierInfo& carrierInfo) {
+ return {
+ .mcc = carrierInfo.mcc,
+ .mnc = carrierInfo.mnc,
+ };
+}
+
+aidl::CarrierRestrictions toAidl(const V1_0::CarrierRestrictions& cr) {
+ auto allowedCarriers = toAidl(cr.allowedCarriers);
+ auto excludedCarriers = toAidl(cr.excludedCarriers);
+ return {
+ .allowedCarriers = allowedCarriers,
+ .excludedCarriers = excludedCarriers,
.allowedCarriersPrioritized = true,
+ .allowedCarrierInfoList = toCarrierInfos(allowedCarriers),
+ .excludedCarrierInfoList = toCarrierInfos(excludedCarriers),
};
}
aidl::CarrierRestrictions toAidl(const V1_4::CarrierRestrictionsWithPriority& cr) {
+ auto allowedCarriers = toAidl(cr.allowedCarriers);
+ auto excludedCarriers = toAidl(cr.excludedCarriers);
return {
- .allowedCarriers = toAidl(cr.allowedCarriers),
- .excludedCarriers = toAidl(cr.excludedCarriers),
+ .allowedCarriers = allowedCarriers,
+ .excludedCarriers = excludedCarriers,
.allowedCarriersPrioritized = cr.allowedCarriersPrioritized,
+ .allowedCarrierInfoList = toCarrierInfos(allowedCarriers),
+ .excludedCarrierInfoList = toCarrierInfos(excludedCarriers),
};
}
V1_4::CarrierRestrictionsWithPriority toHidl(const aidl::CarrierRestrictions& cr) {
return {
- .allowedCarriers = toHidl(cr.allowedCarriers),
- .excludedCarriers = toHidl(cr.excludedCarriers),
+ .allowedCarriers = (cr.allowedCarriers.size() > cr.allowedCarrierInfoList.size())
+ ? toHidl(cr.allowedCarriers)
+ : toHidl(cr.allowedCarrierInfoList),
+ .excludedCarriers = (cr.excludedCarriers.size() > cr.excludedCarrierInfoList.size())
+ ? toHidl(cr.excludedCarriers)
+ : toHidl(cr.excludedCarrierInfoList),
.allowedCarriersPrioritized = cr.allowedCarriersPrioritized,
};
}
diff --git a/radio/aidl/compat/libradiocompat/sim/structs.h b/radio/aidl/compat/libradiocompat/sim/structs.h
index 54099b7..7774bee 100644
--- a/radio/aidl/compat/libradiocompat/sim/structs.h
+++ b/radio/aidl/compat/libradiocompat/sim/structs.h
@@ -37,6 +37,7 @@
::aidl::android::hardware::radio::sim::Carrier toAidl(const V1_0::Carrier& carrier);
V1_0::Carrier toHidl(const ::aidl::android::hardware::radio::sim::Carrier& carrier);
+V1_0::Carrier toHidl(const ::aidl::android::hardware::radio::sim::CarrierInfo& carrierInfo);
::aidl::android::hardware::radio::sim::CarrierRestrictions //
toAidl(const V1_0::CarrierRestrictions& cr);
diff --git a/radio/aidl/vts/radio_sim_test.cpp b/radio/aidl/vts/radio_sim_test.cpp
index e9b68cc..ec1facc 100644
--- a/radio/aidl/vts/radio_sim_test.cpp
+++ b/radio/aidl/vts/radio_sim_test.cpp
@@ -460,14 +460,43 @@
serial = GetRandomSerialNumber();
CarrierRestrictions carrierRestrictions;
memset(&carrierRestrictions, 0, sizeof(carrierRestrictions));
- carrierRestrictions.allowedCarriers.resize(1);
- carrierRestrictions.excludedCarriers.resize(0);
- carrierRestrictions.allowedCarriers[0].mcc = std::string("123");
- carrierRestrictions.allowedCarriers[0].mnc = std::string("456");
- carrierRestrictions.allowedCarriers[0].matchType = Carrier::MATCH_TYPE_ALL;
- carrierRestrictions.allowedCarriers[0].matchData = std::string();
- carrierRestrictions.allowedCarriersPrioritized = true;
+ int32_t aidl_version;
+ ndk::ScopedAStatus aidl_status = radio_sim->getInterfaceVersion(&aidl_version);
+ ASSERT_OK(aidl_status);
+
+ // Changes start
+
SimLockMultiSimPolicy multisimPolicy = SimLockMultiSimPolicy::NO_MULTISIM_POLICY;
+ ALOGI("VTSAllowedCarriers Current AIDL version is %d ", aidl_version);
+ if (aidl_version <= 2) {
+ ALOGI("VTSAllowedCarriers If aidl_version is below 3 then , it will consider old AIDLs");
+ carrierRestrictions.allowedCarrierInfoList.resize(1);
+ if ((carrierRestrictions.allowedCarrierInfoList.size() > 0)) {
+ ALOGI("VTSAllowedCarriers If size of allowedCarrierInfoList is greater than 0");
+ }
+ carrierRestrictions.allowedCarriers.resize(1);
+ carrierRestrictions.excludedCarriers.resize(0);
+ carrierRestrictions.allowedCarriers[0].mcc = std::string("123");
+ carrierRestrictions.allowedCarriers[0].mnc = std::string("456");
+ carrierRestrictions.allowedCarriers[0].matchType = Carrier::MATCH_TYPE_ALL;
+ carrierRestrictions.allowedCarriers[0].matchData = std::string();
+ carrierRestrictions.allowedCarriersPrioritized = true;
+ multisimPolicy = SimLockMultiSimPolicy::NO_MULTISIM_POLICY;
+ } else {
+ carrierRestrictions.allowedCarrierInfoList.resize(1);
+ carrierRestrictions.excludedCarrierInfoList.resize(0);
+ // TODO(b/365568518): change mcc/mnc to something else once CF fully supports
+ // setAllowedCarriers
+ carrierRestrictions.allowedCarrierInfoList[0].mcc = std::string("123");
+ carrierRestrictions.allowedCarrierInfoList[0].mnc = std::string("456");
+ carrierRestrictions.allowedCarrierInfoList[0].spn = std::string("TestNetwork");
+ carrierRestrictions.allowedCarrierInfoList[0].gid1 = std::string("BAE000000000000");
+ carrierRestrictions.allowedCarrierInfoList[0].gid2 = std::string("AE0000000000000");
+ carrierRestrictions.allowedCarrierInfoList[0].imsiPrefix = std::string("9987");
+ carrierRestrictions.allowedCarriersPrioritized = true;
+ carrierRestrictions.status = CarrierRestrictions::CarrierRestrictionStatus::RESTRICTED;
+ multisimPolicy = SimLockMultiSimPolicy::NO_MULTISIM_POLICY;
+ }
radio_sim->setAllowedCarriers(serial, carrierRestrictions, multisimPolicy);
EXPECT_EQ(std::cv_status::no_timeout, wait());
@@ -490,7 +519,7 @@
sleep(2);
updateSimCardStatus();
}
- // TODO: uncomment once CF fully supports setAllowedCarriers
+ // TODO(b/365568518): uncomment once CF fully supports setAllowedCarriers
// EXPECT_EQ(CardStatus::STATE_RESTRICTED, cardStatus.cardState);
}
@@ -503,17 +532,38 @@
EXPECT_EQ(serial, radioRsp_sim->rspInfo.serial);
EXPECT_EQ(RadioError::NONE, radioRsp_sim->rspInfo.error);
- EXPECT_EQ(1, radioRsp_sim->carrierRestrictionsResp.allowedCarriers.size());
- EXPECT_EQ(0, radioRsp_sim->carrierRestrictionsResp.excludedCarriers.size());
- ASSERT_TRUE(std::string("123") ==
- radioRsp_sim->carrierRestrictionsResp.allowedCarriers[0].mcc);
- ASSERT_TRUE(std::string("456") ==
- radioRsp_sim->carrierRestrictionsResp.allowedCarriers[0].mnc);
- EXPECT_EQ(Carrier::MATCH_TYPE_ALL,
- radioRsp_sim->carrierRestrictionsResp.allowedCarriers[0].matchType);
- ASSERT_TRUE(radioRsp_sim->carrierRestrictionsResp.allowedCarriersPrioritized);
- EXPECT_EQ(SimLockMultiSimPolicy::NO_MULTISIM_POLICY, radioRsp_sim->multiSimPolicyResp);
+ if (aidl_version <= 2) {
+ EXPECT_EQ(1, radioRsp_sim->carrierRestrictionsResp.allowedCarriers.size());
+ EXPECT_EQ(0, radioRsp_sim->carrierRestrictionsResp.excludedCarriers.size());
+ ASSERT_TRUE(std::string("123") ==
+ radioRsp_sim->carrierRestrictionsResp.allowedCarriers[0].mcc);
+ ASSERT_TRUE(std::string("456") ==
+ radioRsp_sim->carrierRestrictionsResp.allowedCarriers[0].mnc);
+ EXPECT_EQ(Carrier::MATCH_TYPE_ALL,
+ radioRsp_sim->carrierRestrictionsResp.allowedCarriers[0].matchType);
+ ASSERT_TRUE(radioRsp_sim->carrierRestrictionsResp.allowedCarriersPrioritized);
+ EXPECT_EQ(SimLockMultiSimPolicy::NO_MULTISIM_POLICY, radioRsp_sim->multiSimPolicyResp);
+ } else {
+ EXPECT_EQ(1, radioRsp_sim->carrierRestrictionsResp.allowedCarrierInfoList.size());
+ EXPECT_EQ(0, radioRsp_sim->carrierRestrictionsResp.excludedCarrierInfoList.size());
+ ASSERT_EQ(std::string("123"),
+ radioRsp_sim->carrierRestrictionsResp.allowedCarrierInfoList[0].mcc);
+ ASSERT_EQ(std::string("456"),
+ radioRsp_sim->carrierRestrictionsResp.allowedCarrierInfoList[0].mnc);
+#if 0 // TODO(b/365568518): enable once CF fully supports setAllowedCarriers
+ ASSERT_EQ(std::string("BAE000000000000"),
+ radioRsp_sim->carrierRestrictionsResp.allowedCarrierInfoList[0].gid1);
+ ASSERT_EQ(std::string("AE0000000000000"),
+ radioRsp_sim->carrierRestrictionsResp.allowedCarrierInfoList[0].gid2);
+ ASSERT_EQ(std::string("9987"),
+ radioRsp_sim->carrierRestrictionsResp.allowedCarrierInfoList[0].imsiPrefix);
+ EXPECT_EQ(CarrierRestrictions::CarrierRestrictionStatus::RESTRICTED,
+ radioRsp_sim->carrierRestrictionsResp.status);
+#endif
+ ASSERT_TRUE(radioRsp_sim->carrierRestrictionsResp.allowedCarriersPrioritized);
+ EXPECT_EQ(SimLockMultiSimPolicy::NO_MULTISIM_POLICY, radioRsp_sim->multiSimPolicyResp);
+ }
sleep(10);
/**
@@ -522,9 +572,15 @@
* status for cardStatus.
*/
memset(&carrierRestrictions, 0, sizeof(carrierRestrictions));
- carrierRestrictions.allowedCarriers.resize(0);
- carrierRestrictions.excludedCarriers.resize(0);
- carrierRestrictions.allowedCarriersPrioritized = false;
+ if (aidl_version <= 2) {
+ carrierRestrictions.allowedCarriers.resize(0);
+ carrierRestrictions.excludedCarriers.resize(0);
+ carrierRestrictions.allowedCarriersPrioritized = false;
+ } else {
+ carrierRestrictions.allowedCarrierInfoList.resize(0);
+ carrierRestrictions.excludedCarrierInfoList.resize(0);
+ carrierRestrictions.allowedCarriersPrioritized = false;
+ }
serial = GetRandomSerialNumber();
radio_sim->setAllowedCarriers(serial, carrierRestrictions, multisimPolicy);
diff --git a/security/keymint/aidl/default/file_contexts b/security/keymint/aidl/default/file_contexts
index dce7e3c..41b02d5 100644
--- a/security/keymint/aidl/default/file_contexts
+++ b/security/keymint/aidl/default/file_contexts
@@ -1,3 +1,3 @@
(/.*)? u:object_r:vendor_file:s0
/etc(/.*)? u:object_r:vendor_configs_file:s0
-/bin/hw/android\.hardware\.security\.keymint-service\.nonsecure u:object_r:hal_keymint_rust_exec:s0
+/bin/hw/android\.hardware\.security\.keymint-service\.nonsecure u:object_r:hal_keymint_default_exec:s0
diff --git a/security/keymint/support/Android.bp b/security/keymint/support/Android.bp
index c6e35ab..f313cf3 100644
--- a/security/keymint/support/Android.bp
+++ b/security/keymint/support/Android.bp
@@ -126,6 +126,7 @@
],
shared_libs: [
"libbase",
+ "libbinder_ndk",
"libcppbor",
"libcppcose_rkp",
"libcrypto",
diff --git a/security/keymint/support/include/remote_prov/MockIRemotelyProvisionedComponent.h b/security/keymint/support/include/remote_prov/MockIRemotelyProvisionedComponent.h
new file mode 100644
index 0000000..4fa39c2
--- /dev/null
+++ b/security/keymint/support/include/remote_prov/MockIRemotelyProvisionedComponent.h
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.h>
+#include <aidl/android/hardware/security/keymint/RpcHardwareInfo.h>
+#include <android-base/properties.h>
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+
+#include <cstdint>
+
+namespace aidl::android::hardware::security::keymint::remote_prov {
+
+using ::ndk::ScopedAStatus;
+
+class MockIRemotelyProvisionedComponent : public IRemotelyProvisionedComponentDefault {
+ public:
+ MOCK_METHOD(ScopedAStatus, getHardwareInfo, (RpcHardwareInfo * _aidl_return), (override));
+ MOCK_METHOD(ScopedAStatus, generateEcdsaP256KeyPair,
+ (bool in_testMode, MacedPublicKey* out_macedPublicKey,
+ std::vector<uint8_t>* _aidl_return),
+ (override));
+ MOCK_METHOD(ScopedAStatus, generateCertificateRequest,
+ (bool in_testMode, const std::vector<MacedPublicKey>& in_keysToSign,
+ const std::vector<uint8_t>& in_endpointEncryptionCertChain,
+ const std::vector<uint8_t>& in_challenge, DeviceInfo* out_deviceInfo,
+ ProtectedData* out_protectedData, std::vector<uint8_t>* _aidl_return),
+ (override));
+ MOCK_METHOD(ScopedAStatus, generateCertificateRequestV2,
+ (const std::vector<MacedPublicKey>& in_keysToSign,
+ const std::vector<uint8_t>& in_challenge, std::vector<uint8_t>* _aidl_return),
+ (override));
+ MOCK_METHOD(ScopedAStatus, getInterfaceVersion, (int32_t* _aidl_return), (override));
+ MOCK_METHOD(ScopedAStatus, getInterfaceHash, (std::string * _aidl_return), (override));
+};
+
+} // namespace aidl::android::hardware::security::keymint::remote_prov
\ No newline at end of file
diff --git a/security/keymint/support/include/remote_prov/remote_prov_utils.h b/security/keymint/support/include/remote_prov/remote_prov_utils.h
index b56c90a..caeb7ff 100644
--- a/security/keymint/support/include/remote_prov/remote_prov_utils.h
+++ b/security/keymint/support/include/remote_prov/remote_prov_utils.h
@@ -94,6 +94,13 @@
const std::string RKPVM_INSTANCE_NAME =
"android.hardware.security.keymint.IRemotelyProvisionedComponent/avf";
+/**
+ * Returns the portion of an instance name after the /
+ * e.g. for "android.hardware.security.keymint.IRemotelyProvisionedComponent/avf",
+ * it returns "avf".
+ */
+std::string deviceSuffix(const std::string& name);
+
struct EekChain {
bytevec chain;
bytevec last_pubkey;
@@ -184,7 +191,9 @@
ErrMsgOr<std::unique_ptr<cppbor::Array>> verifyFactoryCsr(
const cppbor::Array& keysToSign, const std::vector<uint8_t>& csr,
IRemotelyProvisionedComponent* provisionable, const std::string& instanceName,
- const std::vector<uint8_t>& challenge, bool allowDegenerate = true);
+ const std::vector<uint8_t>& challenge, bool allowDegenerate = true,
+ bool requireUdsCerts = false);
+
/**
* Verify the CSR as if the device is a final production sample.
*/
diff --git a/security/keymint/support/remote_prov_utils.cpp b/security/keymint/support/remote_prov_utils.cpp
index 497f478..464d912 100644
--- a/security/keymint/support/remote_prov_utils.cpp
+++ b/security/keymint/support/remote_prov_utils.cpp
@@ -52,8 +52,8 @@
using X509_Ptr = bssl::UniquePtr<X509>;
using CRYPTO_BUFFER_Ptr = bssl::UniquePtr<CRYPTO_BUFFER>;
-std::string device_suffix(const std::string& name) {
- size_t pos = name.find('/');
+std::string deviceSuffix(const std::string& name) {
+ size_t pos = name.rfind('/');
if (pos == std::string::npos) {
return name;
}
@@ -344,15 +344,18 @@
}
auto chain =
- hwtrust::DiceChain::Verify(encodedBcc, kind, allowAnyMode, device_suffix(instanceName));
- if (!chain.ok()) return chain.error().message();
-
+ hwtrust::DiceChain::Verify(encodedBcc, kind, allowAnyMode, deviceSuffix(instanceName));
+ if (!chain.ok()) {
+ return chain.error().message();
+ }
if (!allowDegenerate && !chain->IsProper()) {
return "DICE chain is degenerate";
}
auto keys = chain->CosePublicKeys();
- if (!keys.ok()) return keys.error().message();
+ if (!keys.ok()) {
+ return keys.error().message();
+ }
std::vector<BccEntryData> result;
for (auto& key : *keys) {
result.push_back({std::move(key)});
@@ -857,7 +860,8 @@
return rawPubKey;
}
-std::string validateUdsCerts(const cppbor::Map& udsCerts, const bytevec& udsCoseKeyBytes) {
+std::optional<std::string> validateUdsCerts(const cppbor::Map& udsCerts,
+ const bytevec& udsCoseKeyBytes) {
for (const auto& [signerName, udsCertChain] : udsCerts) {
if (!signerName || !signerName->asTstr()) {
return "Signer Name must be a Tstr.";
@@ -874,8 +878,9 @@
return leafPubKey.message();
}
auto coseKey = CoseKey::parse(udsCoseKeyBytes);
- if (!coseKey) return coseKey.moveMessage();
-
+ if (!coseKey) {
+ return coseKey.moveMessage();
+ }
auto curve = coseKey->getIntValue(CoseKey::CURVE);
if (!curve) {
return "CoseKey must contain curve.";
@@ -883,7 +888,9 @@
bytevec udsPub;
if (curve == CoseKeyCurve::P256 || curve == CoseKeyCurve::P384) {
auto pubKey = coseKey->getEcPublicKey();
- if (!pubKey) return pubKey.moveMessage();
+ if (!pubKey) {
+ return pubKey.moveMessage();
+ }
// convert public key to uncompressed form by prepending 0x04 at begin.
pubKey->insert(pubKey->begin(), 0x04);
udsPub = pubKey.moveValue();
@@ -900,7 +907,7 @@
return "Leaf public key in UDS certificate chain doesn't match UDS public key.";
}
}
- return "";
+ return std::nullopt;
}
ErrMsgOr<std::unique_ptr<cppbor::Array>> parseAndValidateCsrPayload(
@@ -1016,7 +1023,8 @@
const std::vector<uint8_t>& challenge,
const std::string& instanceName,
bool allowAnyMode = false,
- bool allowDegenerate = true) {
+ bool allowDegenerate = true,
+ bool requireUdsCerts = false) {
auto [parsedRequest, _, csrErrMsg] = cppbor::parse(request);
if (!parsedRequest) {
return csrErrMsg;
@@ -1038,8 +1046,12 @@
if (!version || version->value() != 1U) {
return "AuthenticatedRequest version must be an unsigned integer and must be equal to 1.";
}
+
if (!udsCerts) {
- return "AuthenticatedRequest UdsCerts must be an Map.";
+ return "AuthenticatedRequest UdsCerts must be a Map.";
+ }
+ if (requireUdsCerts && udsCerts->size() == 0) {
+ return "AuthenticatedRequest UdsCerts must not be empty.";
}
if (!diceCertChain) {
return "AuthenticatedRequest DiceCertChain must be an Array.";
@@ -1060,15 +1072,20 @@
return diceContents.message() + "\n" + prettyPrint(diceCertChain);
}
+ if (!diceCertChain->get(0)->asMap()) {
+ return "AuthenticatedRequest The first entry in DiceCertChain must be a Map.";
+ }
auto udsPub = diceCertChain->get(0)->asMap()->encode();
- auto& kmDiceKey = diceContents->back().pubKey;
-
auto error = validateUdsCerts(*udsCerts, udsPub);
- if (!error.empty()) {
- return error;
+ if (error) {
+ return *error;
}
- auto signedPayload = verifyAndParseCoseSign1(signedData, kmDiceKey, {} /* aad */);
+ if (diceContents->empty()) {
+ return "AuthenticatedRequest DiceContents must not be empty.";
+ }
+ auto& kmDiceKey = diceContents->back().pubKey;
+ auto signedPayload = verifyAndParseCoseSign1(signedData, kmDiceKey, /*aad=*/{});
if (!signedPayload) {
return signedPayload.message();
}
@@ -1081,13 +1098,11 @@
return payload;
}
-ErrMsgOr<std::unique_ptr<cppbor::Array>> verifyCsr(const cppbor::Array& keysToSign,
- const std::vector<uint8_t>& csr,
- IRemotelyProvisionedComponent* provisionable,
- const std::string& instanceName,
- const std::vector<uint8_t>& challenge,
- bool isFactory, bool allowAnyMode = false,
- bool allowDegenerate = true) {
+ErrMsgOr<std::unique_ptr<cppbor::Array>> verifyCsr(
+ const cppbor::Array& keysToSign, const std::vector<uint8_t>& csr,
+ IRemotelyProvisionedComponent* provisionable, const std::string& instanceName,
+ const std::vector<uint8_t>& challenge, bool isFactory, bool allowAnyMode = false,
+ bool allowDegenerate = true, bool requireUdsCerts = false) {
RpcHardwareInfo info;
provisionable->getHardwareInfo(&info);
if (info.versionNumber != 3) {
@@ -1095,8 +1110,9 @@
") does not match expected version (3).";
}
- auto csrPayload = parseAndValidateAuthenticatedRequest(csr, challenge, instanceName,
- allowAnyMode, allowDegenerate);
+ auto csrPayload = parseAndValidateAuthenticatedRequest(
+ csr, challenge, instanceName, allowAnyMode, allowDegenerate, requireUdsCerts);
+
if (!csrPayload) {
return csrPayload.message();
}
@@ -1107,9 +1123,9 @@
ErrMsgOr<std::unique_ptr<cppbor::Array>> verifyFactoryCsr(
const cppbor::Array& keysToSign, const std::vector<uint8_t>& csr,
IRemotelyProvisionedComponent* provisionable, const std::string& instanceName,
- const std::vector<uint8_t>& challenge, bool allowDegenerate) {
+ const std::vector<uint8_t>& challenge, bool allowDegenerate, bool requireUdsCerts) {
return verifyCsr(keysToSign, csr, provisionable, instanceName, challenge, /*isFactory=*/true,
- /*allowAnyMode=*/false, allowDegenerate);
+ /*allowAnyMode=*/false, allowDegenerate, requireUdsCerts);
}
ErrMsgOr<std::unique_ptr<cppbor::Array>> verifyProductionCsr(
@@ -1153,7 +1169,7 @@
auto encodedDiceChain = diceCertChain->encode();
auto chain = hwtrust::DiceChain::Verify(encodedDiceChain, *diceChainKind,
- /*allowAnyMode=*/false, device_suffix(instanceName));
+ /*allowAnyMode=*/false, deviceSuffix(instanceName));
if (!chain.ok()) return chain.error().message();
return chain->IsProper();
}
diff --git a/security/keymint/support/remote_prov_utils_test.cpp b/security/keymint/support/remote_prov_utils_test.cpp
index 8b18b29..8ffb149 100644
--- a/security/keymint/support/remote_prov_utils_test.cpp
+++ b/security/keymint/support/remote_prov_utils_test.cpp
@@ -25,6 +25,7 @@
#include <keymaster/logger.h>
#include <keymaster/remote_provisioning_utils.h>
#include <openssl/curve25519.h>
+#include <remote_prov/MockIRemotelyProvisionedComponent.h>
#include <remote_prov/remote_prov_utils.h>
#include <algorithm>
@@ -41,6 +42,11 @@
using ::testing::ElementsAreArray;
using byte_view = std::span<const uint8_t>;
+using ::cppbor::Array;
+using ::cppbor::parse;
+using ::ndk::SharedRefBase;
+using ::testing::NotNull;
+
inline const std::vector<uint8_t> kDegenerateBcc{
0x82, 0xa5, 0x01, 0x01, 0x03, 0x27, 0x04, 0x81, 0x02, 0x20, 0x06, 0x21, 0x58, 0x20, 0xf5,
0x5a, 0xfb, 0x28, 0x06, 0x48, 0x68, 0xea, 0x49, 0x3e, 0x47, 0x80, 0x1d, 0xfe, 0x1f, 0xfc,
@@ -76,6 +82,252 @@
0x50, 0x12, 0x82, 0x37, 0xfe, 0xa4, 0x07, 0xc3, 0xd5, 0xc3, 0x78, 0xcc, 0xf9, 0xef, 0xe1,
0x95, 0x38, 0x9f, 0xb0, 0x79, 0x16, 0x4c, 0x4a, 0x23, 0xc4, 0xdc, 0x35, 0x4e, 0x0f};
+// The challenge that is in kKeysToSignForCsrWithUdsCerts and kCsrWithUdsCerts
+inline const std::vector<uint8_t> kChallenge{0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+ 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
+ 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+ 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20};
+
+inline const std::vector<uint8_t> kKeysToSignForCsrWithUdsCerts{
+ 0x82, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x35, 0xeb, 0x56, 0xed,
+ 0x62, 0x13, 0x6a, 0x41, 0x89, 0xf6, 0x72, 0xa6, 0xf1, 0x5c, 0xd1, 0xf6, 0x34, 0xbd, 0x81,
+ 0xdb, 0x2e, 0x0b, 0x4d, 0xf6, 0x69, 0x6f, 0xa6, 0xf3, 0xce, 0x27, 0x2c, 0x78, 0x22, 0x58,
+ 0x20, 0xac, 0xa9, 0x9f, 0x62, 0x81, 0x58, 0xc7, 0x10, 0xd7, 0xb5, 0xa8, 0xa0, 0x7b, 0x11,
+ 0xf5, 0x75, 0xdb, 0xd9, 0xa2, 0x1d, 0x86, 0x34, 0xc6, 0xf4, 0x23, 0x79, 0xcc, 0x8a, 0x87,
+ 0x3c, 0xb2, 0xd0, 0x23, 0x58, 0x20, 0x0f, 0x2c, 0x5a, 0xb7, 0xe1, 0x3b, 0x24, 0xa3, 0x4f,
+ 0xaa, 0x49, 0x51, 0xfc, 0x8c, 0xd0, 0x35, 0x43, 0x7c, 0x21, 0xfa, 0x7d, 0x56, 0x97, 0x69,
+ 0xe1, 0x81, 0xf5, 0x88, 0x15, 0x33, 0xa0, 0x7f, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01,
+ 0x21, 0x58, 0x20, 0xb5, 0xcc, 0xd9, 0x4f, 0x7a, 0xe2, 0xca, 0xac, 0xfe, 0xa5, 0x65, 0x0c,
+ 0x6a, 0xa8, 0x16, 0x45, 0x40, 0x41, 0x1c, 0xb2, 0x64, 0xcd, 0x34, 0xe8, 0x37, 0x88, 0xb9,
+ 0x9a, 0xb3, 0xc3, 0xfd, 0x6a, 0x22, 0x58, 0x20, 0x5e, 0xbe, 0xff, 0x98, 0x60, 0x6e, 0x1d,
+ 0x6b, 0x42, 0x60, 0x59, 0xe9, 0x42, 0x95, 0xc8, 0x2e, 0xc5, 0xb6, 0x66, 0x4a, 0x53, 0xf1,
+ 0x73, 0x02, 0xcb, 0x89, 0x8a, 0x2a, 0xc9, 0xa5, 0xa3, 0x39, 0x23, 0x58, 0x21, 0x00, 0xdb,
+ 0xda, 0x3c, 0x3e, 0x27, 0x71, 0x5e, 0xd0, 0x2b, 0x09, 0xb8, 0x6f, 0xe2, 0x2c, 0xdd, 0x0a,
+ 0xbf, 0x1d, 0x94, 0x36, 0xd2, 0x33, 0x88, 0x6e, 0x66, 0x05, 0x21, 0x92, 0x64, 0x79, 0xa9,
+ 0x10};
+
+inline const std::vector<uint8_t> kCsrWithUdsCerts{
+ 0x84, 0x01, 0xa1, 0x70, 0x74, 0x65, 0x73, 0x74, 0x2d, 0x73, 0x69, 0x67, 0x6e, 0x65, 0x72,
+ 0x2d, 0x6e, 0x61, 0x6d, 0x65, 0x82, 0x59, 0x01, 0x6c, 0x30, 0x82, 0x01, 0x68, 0x30, 0x82,
+ 0x01, 0x1a, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x7b, 0x30, 0x05, 0x06, 0x03, 0x2b,
+ 0x65, 0x70, 0x30, 0x2b, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0c,
+ 0x46, 0x61, 0x6b, 0x65, 0x20, 0x43, 0x6f, 0x6d, 0x70, 0x61, 0x6e, 0x79, 0x31, 0x12, 0x30,
+ 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x09, 0x46, 0x61, 0x6b, 0x65, 0x20, 0x52, 0x6f,
+ 0x6f, 0x74, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x34, 0x31, 0x30, 0x31, 0x37, 0x31, 0x39, 0x32,
+ 0x33, 0x30, 0x39, 0x5a, 0x17, 0x0d, 0x32, 0x34, 0x31, 0x31, 0x31, 0x36, 0x31, 0x39, 0x32,
+ 0x33, 0x30, 0x39, 0x5a, 0x30, 0x2b, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0a,
+ 0x13, 0x0c, 0x46, 0x61, 0x6b, 0x65, 0x20, 0x43, 0x6f, 0x6d, 0x70, 0x61, 0x6e, 0x79, 0x31,
+ 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x09, 0x46, 0x61, 0x6b, 0x65, 0x20,
+ 0x52, 0x6f, 0x6f, 0x74, 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 0x21,
+ 0x00, 0x20, 0xc5, 0xfa, 0x42, 0xe9, 0x23, 0xd3, 0x72, 0x83, 0x96, 0xc5, 0x73, 0x1e, 0xec,
+ 0x07, 0x39, 0x4f, 0xc8, 0xb7, 0xd1, 0x9f, 0x77, 0xb6, 0x0b, 0x59, 0x9e, 0x62, 0xc0, 0xec,
+ 0x06, 0x06, 0xad, 0xa3, 0x63, 0x30, 0x61, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04,
+ 0x16, 0x04, 0x14, 0xec, 0x36, 0x07, 0x83, 0xf0, 0xda, 0x23, 0xfc, 0x0f, 0xb1, 0x08, 0xd0,
+ 0x60, 0x97, 0xc1, 0x9a, 0x14, 0x54, 0xbf, 0x63, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23,
+ 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xec, 0x36, 0x07, 0x83, 0xf0, 0xda, 0x23, 0xfc, 0x0f,
+ 0xb1, 0x08, 0xd0, 0x60, 0x97, 0xc1, 0x9a, 0x14, 0x54, 0xbf, 0x63, 0x30, 0x0f, 0x06, 0x03,
+ 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0e,
+ 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x02, 0x04, 0x30,
+ 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 0x41, 0x00, 0x41, 0xfa, 0x27, 0xfd, 0xe3, 0x42,
+ 0x89, 0x43, 0x68, 0x92, 0x48, 0x39, 0xb1, 0x93, 0x93, 0x8b, 0x69, 0x16, 0x50, 0xbe, 0xc0,
+ 0xc5, 0x83, 0xd6, 0x1e, 0x4b, 0x2f, 0x6e, 0x18, 0x32, 0x78, 0xfe, 0x35, 0x78, 0xed, 0x6d,
+ 0xc8, 0x36, 0xb2, 0x4e, 0x0d, 0x10, 0x23, 0xab, 0x28, 0x32, 0xa1, 0xfc, 0x83, 0x2a, 0xa3,
+ 0xca, 0xe1, 0xca, 0x82, 0xd2, 0x5f, 0xf1, 0x7f, 0xf2, 0xba, 0xbe, 0x86, 0x0b, 0x59, 0x01,
+ 0x70, 0x30, 0x82, 0x01, 0x6c, 0x30, 0x82, 0x01, 0x1e, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02,
+ 0x02, 0x01, 0xc8, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x30, 0x2b, 0x31, 0x15, 0x30,
+ 0x13, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0c, 0x46, 0x61, 0x6b, 0x65, 0x20, 0x43, 0x6f,
+ 0x6d, 0x70, 0x61, 0x6e, 0x79, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
+ 0x09, 0x46, 0x61, 0x6b, 0x65, 0x20, 0x52, 0x6f, 0x6f, 0x74, 0x30, 0x1e, 0x17, 0x0d, 0x32,
+ 0x34, 0x31, 0x30, 0x31, 0x37, 0x31, 0x39, 0x32, 0x33, 0x30, 0x39, 0x5a, 0x17, 0x0d, 0x32,
+ 0x34, 0x31, 0x31, 0x31, 0x36, 0x31, 0x39, 0x32, 0x33, 0x30, 0x39, 0x5a, 0x30, 0x2e, 0x31,
+ 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0c, 0x46, 0x61, 0x6b, 0x65, 0x20,
+ 0x43, 0x6f, 0x6d, 0x70, 0x61, 0x6e, 0x79, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04,
+ 0x03, 0x13, 0x0c, 0x46, 0x61, 0x6b, 0x65, 0x20, 0x43, 0x68, 0x69, 0x70, 0x73, 0x65, 0x74,
+ 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 0x21, 0x00, 0x14, 0xf4, 0x4a,
+ 0x88, 0x56, 0x9f, 0xc0, 0xf5, 0x1f, 0xe5, 0xef, 0xfb, 0xf4, 0x06, 0xbc, 0xb1, 0xe4, 0x4a,
+ 0x37, 0xe5, 0x07, 0xf8, 0x65, 0x95, 0x55, 0x54, 0xfd, 0x90, 0xf9, 0x8b, 0xa7, 0xc6, 0xa3,
+ 0x63, 0x30, 0x61, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xef,
+ 0x05, 0x40, 0x0a, 0x1b, 0x74, 0x3e, 0x4d, 0x2e, 0x22, 0xf5, 0x66, 0x0c, 0xd7, 0xf9, 0xb8,
+ 0x8e, 0x81, 0x3d, 0xab, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16,
+ 0x80, 0x14, 0xec, 0x36, 0x07, 0x83, 0xf0, 0xda, 0x23, 0xfc, 0x0f, 0xb1, 0x08, 0xd0, 0x60,
+ 0x97, 0xc1, 0x9a, 0x14, 0x54, 0xbf, 0x63, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01,
+ 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d,
+ 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x02, 0x04, 0x30, 0x05, 0x06, 0x03, 0x2b,
+ 0x65, 0x70, 0x03, 0x41, 0x00, 0x64, 0x32, 0x42, 0x06, 0xa7, 0x11, 0xb0, 0x67, 0x81, 0x73,
+ 0x19, 0x70, 0xb6, 0x60, 0x1c, 0xd2, 0x43, 0xde, 0x42, 0xec, 0x71, 0x4d, 0x6e, 0xa8, 0xed,
+ 0x6f, 0xe2, 0x59, 0x3e, 0xa3, 0x45, 0x82, 0x8b, 0x25, 0x25, 0xf9, 0xc6, 0xb3, 0xf5, 0xb5,
+ 0x3d, 0x11, 0x7d, 0xcf, 0xf2, 0x50, 0x22, 0xff, 0x2b, 0xc5, 0x14, 0x94, 0x64, 0xbf, 0xbf,
+ 0x52, 0x69, 0xb1, 0xfe, 0x07, 0x81, 0x83, 0xb3, 0x0d, 0x82, 0xa5, 0x01, 0x01, 0x03, 0x27,
+ 0x20, 0x06, 0x21, 0x58, 0x20, 0x14, 0xf4, 0x4a, 0x88, 0x56, 0x9f, 0xc0, 0xf5, 0x1f, 0xe5,
+ 0xef, 0xfb, 0xf4, 0x06, 0xbc, 0xb1, 0xe4, 0x4a, 0x37, 0xe5, 0x07, 0xf8, 0x65, 0x95, 0x55,
+ 0x54, 0xfd, 0x90, 0xf9, 0x8b, 0xa7, 0xc6, 0x23, 0x58, 0x20, 0x8d, 0x38, 0x0d, 0x38, 0xcb,
+ 0x76, 0x73, 0xef, 0x13, 0xd1, 0x08, 0x02, 0xa5, 0x0e, 0xd2, 0x16, 0xd4, 0x0f, 0x2c, 0x29,
+ 0xf8, 0xd0, 0x20, 0xb8, 0x6a, 0x7f, 0xa2, 0xd1, 0x1e, 0xeb, 0xd1, 0x5c, 0x84, 0x43, 0xa1,
+ 0x01, 0x27, 0xa0, 0x59, 0x01, 0x27, 0xa9, 0x01, 0x66, 0x69, 0x73, 0x73, 0x75, 0x65, 0x72,
+ 0x02, 0x67, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x3a, 0x00, 0x47, 0x44, 0x50, 0x58,
+ 0x20, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+ 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+ 0x55, 0x55, 0x55, 0x3a, 0x00, 0x47, 0x44, 0x52, 0x58, 0x20, 0xb8, 0x96, 0x54, 0xe2, 0x2c,
+ 0xa4, 0xd2, 0x4a, 0x9c, 0x0e, 0x45, 0x11, 0xc8, 0xf2, 0x63, 0xf0, 0x66, 0x0d, 0x2e, 0x20,
+ 0x48, 0x96, 0x90, 0x14, 0xf4, 0x54, 0x63, 0xc4, 0xf4, 0x39, 0x30, 0x38, 0x3a, 0x00, 0x47,
+ 0x44, 0x53, 0x55, 0xa1, 0x3a, 0x00, 0x01, 0x11, 0x71, 0x6e, 0x63, 0x6f, 0x6d, 0x70, 0x6f,
+ 0x6e, 0x65, 0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x3a, 0x00, 0x47, 0x44, 0x54, 0x58,
+ 0x20, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+ 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+ 0x55, 0x55, 0x55, 0x3a, 0x00, 0x47, 0x44, 0x56, 0x41, 0x01, 0x3a, 0x00, 0x47, 0x44, 0x57,
+ 0x58, 0x70, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x76, 0x82, 0x58,
+ 0xce, 0x99, 0x1c, 0x29, 0xa1, 0x81, 0x3e, 0x22, 0xe3, 0x02, 0x13, 0xea, 0x2a, 0x25, 0x2e,
+ 0x20, 0x14, 0xeb, 0x45, 0x0d, 0xb8, 0xdb, 0x8c, 0x38, 0xef, 0xeb, 0x25, 0xd6, 0x31, 0x22,
+ 0x58, 0x20, 0xbe, 0x55, 0xba, 0x87, 0x17, 0xc2, 0x5b, 0xb6, 0x56, 0xff, 0x4b, 0xf0, 0x8a,
+ 0x98, 0x57, 0x86, 0xa4, 0x36, 0x0a, 0x90, 0x38, 0xce, 0x66, 0xec, 0xcb, 0x25, 0x30, 0x29,
+ 0x83, 0x02, 0x02, 0xc0, 0x23, 0x58, 0x20, 0x73, 0xdf, 0xc3, 0x4a, 0xe4, 0x2e, 0xbd, 0x04,
+ 0x09, 0xec, 0x91, 0xc7, 0xe7, 0xf1, 0xec, 0x55, 0x10, 0x7e, 0xd1, 0x36, 0x5e, 0x9d, 0x11,
+ 0x71, 0x27, 0xee, 0x30, 0x7b, 0x04, 0x45, 0x5f, 0x95, 0x3a, 0x00, 0x47, 0x44, 0x58, 0x41,
+ 0x20, 0x58, 0x40, 0x44, 0x7f, 0x1a, 0x67, 0x16, 0xa0, 0x49, 0xfe, 0x2c, 0xde, 0x87, 0x38,
+ 0xef, 0xb9, 0xe0, 0x19, 0x25, 0x7d, 0xcc, 0x39, 0x53, 0x27, 0xbd, 0x2c, 0x04, 0x6c, 0xe3,
+ 0x5c, 0x5e, 0xd6, 0x27, 0x09, 0xb9, 0xf7, 0x8c, 0x2b, 0xd2, 0x68, 0xc3, 0xf1, 0x23, 0xcf,
+ 0xc6, 0xfc, 0x21, 0xb3, 0x52, 0x48, 0xe6, 0x8a, 0x89, 0x3e, 0x37, 0x24, 0x13, 0x23, 0x80,
+ 0xb2, 0xc7, 0xa7, 0xc6, 0xf1, 0xec, 0x04, 0x84, 0x43, 0xa1, 0x01, 0x26, 0xa0, 0x59, 0x02,
+ 0x0f, 0x82, 0x58, 0x20, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+ 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a,
+ 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x59, 0x01, 0xe9, 0x84, 0x03, 0x67, 0x6b, 0x65, 0x79,
+ 0x6d, 0x69, 0x6e, 0x74, 0xae, 0x65, 0x62, 0x72, 0x61, 0x6e, 0x64, 0x66, 0x47, 0x6f, 0x6f,
+ 0x67, 0x6c, 0x65, 0x65, 0x66, 0x75, 0x73, 0x65, 0x64, 0x01, 0x65, 0x6d, 0x6f, 0x64, 0x65,
+ 0x6c, 0x65, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x66, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x66,
+ 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x67, 0x70, 0x72, 0x6f, 0x64, 0x75, 0x63, 0x74, 0x65,
+ 0x70, 0x69, 0x78, 0x65, 0x6c, 0x68, 0x76, 0x62, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x65,
+ 0x67, 0x72, 0x65, 0x65, 0x6e, 0x6a, 0x6f, 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f,
+ 0x6e, 0x62, 0x31, 0x32, 0x6c, 0x6d, 0x61, 0x6e, 0x75, 0x66, 0x61, 0x63, 0x74, 0x75, 0x72,
+ 0x65, 0x72, 0x66, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x6d, 0x76, 0x62, 0x6d, 0x65, 0x74,
+ 0x61, 0x5f, 0x64, 0x69, 0x67, 0x65, 0x73, 0x74, 0x4f, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66,
+ 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x72,
+ 0x69, 0x74, 0x79, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x63, 0x74, 0x65, 0x65, 0x70, 0x62,
+ 0x6f, 0x6f, 0x74, 0x5f, 0x70, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c,
+ 0x1a, 0x01, 0x34, 0x8c, 0x62, 0x70, 0x62, 0x6f, 0x6f, 0x74, 0x6c, 0x6f, 0x61, 0x64, 0x65,
+ 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x66, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x72,
+ 0x73, 0x79, 0x73, 0x74, 0x65, 0x6d, 0x5f, 0x70, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x65,
+ 0x76, 0x65, 0x6c, 0x1a, 0x01, 0x34, 0x8c, 0x61, 0x72, 0x76, 0x65, 0x6e, 0x64, 0x6f, 0x72,
+ 0x5f, 0x70, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x1a, 0x01, 0x34,
+ 0x8c, 0x63, 0x82, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x35, 0xeb,
+ 0x56, 0xed, 0x62, 0x13, 0x6a, 0x41, 0x89, 0xf6, 0x72, 0xa6, 0xf1, 0x5c, 0xd1, 0xf6, 0x34,
+ 0xbd, 0x81, 0xdb, 0x2e, 0x0b, 0x4d, 0xf6, 0x69, 0x6f, 0xa6, 0xf3, 0xce, 0x27, 0x2c, 0x78,
+ 0x22, 0x58, 0x20, 0xac, 0xa9, 0x9f, 0x62, 0x81, 0x58, 0xc7, 0x10, 0xd7, 0xb5, 0xa8, 0xa0,
+ 0x7b, 0x11, 0xf5, 0x75, 0xdb, 0xd9, 0xa2, 0x1d, 0x86, 0x34, 0xc6, 0xf4, 0x23, 0x79, 0xcc,
+ 0x8a, 0x87, 0x3c, 0xb2, 0xd0, 0x23, 0x58, 0x20, 0x0f, 0x2c, 0x5a, 0xb7, 0xe1, 0x3b, 0x24,
+ 0xa3, 0x4f, 0xaa, 0x49, 0x51, 0xfc, 0x8c, 0xd0, 0x35, 0x43, 0x7c, 0x21, 0xfa, 0x7d, 0x56,
+ 0x97, 0x69, 0xe1, 0x81, 0xf5, 0x88, 0x15, 0x33, 0xa0, 0x7f, 0xa6, 0x01, 0x02, 0x03, 0x26,
+ 0x20, 0x01, 0x21, 0x58, 0x20, 0xb5, 0xcc, 0xd9, 0x4f, 0x7a, 0xe2, 0xca, 0xac, 0xfe, 0xa5,
+ 0x65, 0x0c, 0x6a, 0xa8, 0x16, 0x45, 0x40, 0x41, 0x1c, 0xb2, 0x64, 0xcd, 0x34, 0xe8, 0x37,
+ 0x88, 0xb9, 0x9a, 0xb3, 0xc3, 0xfd, 0x6a, 0x22, 0x58, 0x20, 0x5e, 0xbe, 0xff, 0x98, 0x60,
+ 0x6e, 0x1d, 0x6b, 0x42, 0x60, 0x59, 0xe9, 0x42, 0x95, 0xc8, 0x2e, 0xc5, 0xb6, 0x66, 0x4a,
+ 0x53, 0xf1, 0x73, 0x02, 0xcb, 0x89, 0x8a, 0x2a, 0xc9, 0xa5, 0xa3, 0x39, 0x23, 0x58, 0x21,
+ 0x00, 0xdb, 0xda, 0x3c, 0x3e, 0x27, 0x71, 0x5e, 0xd0, 0x2b, 0x09, 0xb8, 0x6f, 0xe2, 0x2c,
+ 0xdd, 0x0a, 0xbf, 0x1d, 0x94, 0x36, 0xd2, 0x33, 0x88, 0x6e, 0x66, 0x05, 0x21, 0x92, 0x64,
+ 0x79, 0xa9, 0x10, 0x58, 0x40, 0x87, 0xcf, 0xaa, 0x82, 0x6a, 0xba, 0x25, 0x8b, 0x81, 0xd8,
+ 0x14, 0xca, 0xbd, 0xf4, 0x67, 0xdf, 0xc8, 0x2c, 0xa1, 0x04, 0x57, 0x99, 0xa0, 0x54, 0xe7,
+ 0x9b, 0xb2, 0xd0, 0xaf, 0xdd, 0x07, 0x46, 0x0a, 0xd7, 0xbd, 0xa7, 0xf9, 0xa8, 0x0c, 0x08,
+ 0x1e, 0x9c, 0xae, 0x73, 0x4c, 0x22, 0x6e, 0x56, 0x8b, 0xe4, 0x91, 0x54, 0xa4, 0x7a, 0xb0,
+ 0xf5, 0xe4, 0x5d, 0xa9, 0x8f, 0xae, 0x43, 0x95, 0x7a};
+
+inline const std::vector<uint8_t> kKeysToSignForCsrWithoutUdsCerts = {
+ 0x82, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x50, 0x43, 0xb4, 0xf1,
+ 0xc1, 0x7f, 0x17, 0xc6, 0x3b, 0x56, 0x27, 0x63, 0x03, 0x18, 0x78, 0x9d, 0x63, 0x93, 0x3b,
+ 0x98, 0xed, 0x55, 0x8c, 0x87, 0x1b, 0xd7, 0x89, 0xb6, 0x81, 0x92, 0x5f, 0x24, 0x22, 0x58,
+ 0x20, 0xd5, 0x24, 0x93, 0xda, 0x3e, 0x32, 0x17, 0xfa, 0xe8, 0x8d, 0x1e, 0xa9, 0xe0, 0x84,
+ 0x4e, 0x1c, 0x6a, 0xef, 0x9a, 0xe3, 0xbe, 0x1d, 0xf1, 0x14, 0xe0, 0x9e, 0x82, 0xc8, 0x92,
+ 0x1a, 0x3a, 0x69, 0x23, 0x58, 0x20, 0x29, 0xcb, 0x16, 0x78, 0x61, 0x35, 0x92, 0x3f, 0x71,
+ 0xc4, 0x66, 0x61, 0xd4, 0xd4, 0x20, 0x8a, 0x86, 0x1e, 0xb0, 0x2b, 0x2f, 0x4f, 0x13, 0xb4,
+ 0x0d, 0x89, 0x60, 0x87, 0x77, 0xac, 0x1a, 0x0f, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01,
+ 0x21, 0x58, 0x20, 0x4b, 0xcc, 0x7a, 0x09, 0x99, 0x76, 0xe7, 0xfa, 0x06, 0xb9, 0x19, 0x22,
+ 0x15, 0x3b, 0x9f, 0xa8, 0x34, 0x77, 0x24, 0x27, 0x8c, 0x8a, 0x97, 0x61, 0xf3, 0x6f, 0x29,
+ 0x74, 0x4e, 0x9a, 0x66, 0x23, 0x22, 0x58, 0x20, 0x8f, 0xa8, 0xaf, 0x2b, 0x02, 0x3a, 0xd4,
+ 0x8a, 0xa2, 0x9d, 0x25, 0xa8, 0x01, 0xe7, 0xbd, 0x61, 0x25, 0x88, 0xb4, 0xc9, 0xce, 0x05,
+ 0x43, 0xcc, 0x0d, 0x38, 0x7d, 0xe2, 0xda, 0x03, 0xb3, 0x33, 0x23, 0x58, 0x21, 0x00, 0xc8,
+ 0x67, 0xb8, 0xbe, 0xc4, 0x1c, 0xca, 0x3c, 0x73, 0x3c, 0xbf, 0x52, 0xb2, 0x5a, 0x64, 0x9e,
+ 0x9f, 0xae, 0xc6, 0x9f, 0x02, 0x2f, 0xee, 0x92, 0x1d, 0xdb, 0x01, 0x77, 0x27, 0x12, 0x84,
+ 0x14};
+
+inline const std::vector<uint8_t> kCsrWithoutUdsCerts{
+ 0x84, 0x01, 0xa0, 0x82, 0xa6, 0x01, 0x02, 0x03, 0x38, 0x22, 0x20, 0x02, 0x21, 0x58, 0x30,
+ 0x21, 0x09, 0x81, 0xb2, 0x4c, 0x8e, 0x23, 0x63, 0x46, 0xe5, 0x32, 0x1e, 0x1b, 0xa3, 0x39,
+ 0x47, 0xd1, 0x19, 0x91, 0xc5, 0xe1, 0xd0, 0x51, 0xa4, 0x4e, 0x6d, 0xfd, 0x21, 0x46, 0xf3,
+ 0x65, 0x6b, 0xd3, 0xec, 0x20, 0x21, 0xf8, 0xef, 0x39, 0x50, 0x0a, 0xfc, 0x6d, 0x18, 0xf8,
+ 0x90, 0x1c, 0xc8, 0x22, 0x58, 0x30, 0x80, 0x1f, 0xd8, 0xe3, 0x64, 0x51, 0x48, 0x66, 0xa5,
+ 0xad, 0x05, 0xcb, 0xe4, 0xee, 0x0f, 0x20, 0xc1, 0xca, 0x84, 0xc2, 0xe0, 0xcc, 0x22, 0x06,
+ 0x7c, 0x5e, 0x2c, 0xb3, 0x3b, 0x52, 0xd4, 0xe7, 0xc1, 0xe2, 0x57, 0x9d, 0x8a, 0xa6, 0x5c,
+ 0x08, 0xbb, 0x77, 0x07, 0xa8, 0x39, 0xba, 0x9f, 0x5f, 0x23, 0x58, 0x31, 0x00, 0xff, 0x5f,
+ 0xa3, 0x03, 0x87, 0x70, 0xe5, 0xf0, 0x69, 0xcd, 0x0a, 0x32, 0x9e, 0x4a, 0xe8, 0x07, 0x1f,
+ 0x26, 0xb9, 0x8a, 0x01, 0x83, 0xfe, 0xb9, 0x21, 0x22, 0x49, 0x9d, 0x9f, 0x78, 0x48, 0xf4,
+ 0x24, 0x87, 0xe8, 0x4d, 0xab, 0xd5, 0xe9, 0xd6, 0x90, 0x49, 0x4b, 0x42, 0xb4, 0x68, 0xac,
+ 0xf1, 0x84, 0x44, 0xa1, 0x01, 0x38, 0x22, 0xa0, 0x59, 0x01, 0x28, 0xa9, 0x01, 0x66, 0x69,
+ 0x73, 0x73, 0x75, 0x65, 0x72, 0x02, 0x67, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x3a,
+ 0x00, 0x47, 0x44, 0x50, 0x58, 0x20, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+ 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+ 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x3a, 0x00, 0x47, 0x44, 0x52, 0x58, 0x20,
+ 0xb8, 0x96, 0x54, 0xe2, 0x2c, 0xa4, 0xd2, 0x4a, 0x9c, 0x0e, 0x45, 0x11, 0xc8, 0xf2, 0x63,
+ 0xf0, 0x66, 0x0d, 0x2e, 0x20, 0x48, 0x96, 0x90, 0x14, 0xf4, 0x54, 0x63, 0xc4, 0xf4, 0x39,
+ 0x30, 0x38, 0x3a, 0x00, 0x47, 0x44, 0x53, 0x55, 0xa1, 0x3a, 0x00, 0x01, 0x11, 0x71, 0x6e,
+ 0x63, 0x6f, 0x6d, 0x70, 0x6f, 0x6e, 0x65, 0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x3a,
+ 0x00, 0x47, 0x44, 0x54, 0x58, 0x20, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+ 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+ 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x3a, 0x00, 0x47, 0x44, 0x56, 0x41, 0x01,
+ 0x3a, 0x00, 0x47, 0x44, 0x57, 0x58, 0x71, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21,
+ 0x58, 0x20, 0x2d, 0x41, 0x43, 0x19, 0xf2, 0x91, 0x58, 0x12, 0x65, 0x2e, 0x96, 0xb5, 0x9d,
+ 0x12, 0x18, 0x58, 0x54, 0x11, 0xed, 0x41, 0x30, 0xef, 0xa4, 0xee, 0x69, 0x8f, 0x0c, 0x6e,
+ 0xe6, 0x27, 0xc5, 0x20, 0x22, 0x58, 0x20, 0x21, 0x0e, 0x8f, 0x83, 0xe5, 0xeb, 0x40, 0x89,
+ 0xc2, 0x0a, 0x43, 0x6c, 0x9f, 0xa8, 0x4e, 0xe0, 0xba, 0x9e, 0xba, 0x4f, 0xe3, 0x27, 0xc4,
+ 0xbd, 0x41, 0xa0, 0xd6, 0xe9, 0x55, 0x54, 0x17, 0x78, 0x23, 0x58, 0x21, 0x00, 0xb6, 0x33,
+ 0x44, 0x98, 0xa7, 0x1c, 0x90, 0x13, 0xcc, 0x42, 0x71, 0x43, 0x29, 0xe5, 0xe1, 0x57, 0x89,
+ 0x7a, 0x39, 0x17, 0x7c, 0xcc, 0x03, 0xac, 0xd3, 0x1b, 0xd2, 0xae, 0x29, 0x5f, 0xd6, 0xf8,
+ 0x3a, 0x00, 0x47, 0x44, 0x58, 0x41, 0x20, 0x58, 0x60, 0xc4, 0x54, 0xad, 0x40, 0xa2, 0x07,
+ 0xc7, 0x80, 0xbd, 0x41, 0x77, 0x5d, 0xa7, 0xa2, 0xef, 0xef, 0x92, 0x67, 0x24, 0xab, 0xa1,
+ 0x4a, 0x5e, 0x4f, 0x73, 0xfb, 0x5c, 0x1f, 0xe6, 0x46, 0x2f, 0xb9, 0x1b, 0x71, 0x86, 0x87,
+ 0x29, 0xc4, 0x66, 0xb7, 0x3e, 0x85, 0x13, 0x9a, 0xa3, 0xf8, 0xfc, 0x63, 0x26, 0xe0, 0xba,
+ 0x0b, 0xe0, 0x9b, 0x2e, 0x7d, 0x06, 0x06, 0xb8, 0x2f, 0xdd, 0x0c, 0xa5, 0x90, 0x1c, 0x10,
+ 0x1c, 0x55, 0xf9, 0x65, 0xf6, 0x26, 0x40, 0x41, 0xaf, 0x5c, 0x16, 0x03, 0xf3, 0xee, 0x8d,
+ 0x72, 0x2c, 0x6b, 0x1e, 0xb3, 0x1f, 0x96, 0x97, 0x34, 0x61, 0x0d, 0x5c, 0xe4, 0x94, 0x6a,
+ 0x84, 0x43, 0xa1, 0x01, 0x26, 0xa0, 0x59, 0x02, 0x0f, 0x82, 0x58, 0x20, 0x01, 0x02, 0x03,
+ 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12,
+ 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x59,
+ 0x01, 0xe9, 0x84, 0x03, 0x67, 0x6b, 0x65, 0x79, 0x6d, 0x69, 0x6e, 0x74, 0xae, 0x65, 0x62,
+ 0x72, 0x61, 0x6e, 0x64, 0x66, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x65, 0x66, 0x75, 0x73,
+ 0x65, 0x64, 0x01, 0x65, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x65, 0x6d, 0x6f, 0x64, 0x65, 0x6c,
+ 0x66, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x66, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x67,
+ 0x70, 0x72, 0x6f, 0x64, 0x75, 0x63, 0x74, 0x65, 0x70, 0x69, 0x78, 0x65, 0x6c, 0x68, 0x76,
+ 0x62, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x65, 0x67, 0x72, 0x65, 0x65, 0x6e, 0x6a, 0x6f,
+ 0x73, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x62, 0x31, 0x32, 0x6c, 0x6d, 0x61,
+ 0x6e, 0x75, 0x66, 0x61, 0x63, 0x74, 0x75, 0x72, 0x65, 0x72, 0x66, 0x47, 0x6f, 0x6f, 0x67,
+ 0x6c, 0x65, 0x6d, 0x76, 0x62, 0x6d, 0x65, 0x74, 0x61, 0x5f, 0x64, 0x69, 0x67, 0x65, 0x73,
+ 0x74, 0x4f, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd,
+ 0xee, 0xff, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x5f, 0x6c, 0x65, 0x76,
+ 0x65, 0x6c, 0x63, 0x74, 0x65, 0x65, 0x70, 0x62, 0x6f, 0x6f, 0x74, 0x5f, 0x70, 0x61, 0x74,
+ 0x63, 0x68, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x1a, 0x01, 0x34, 0x8c, 0x62, 0x70, 0x62,
+ 0x6f, 0x6f, 0x74, 0x6c, 0x6f, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65,
+ 0x66, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x72, 0x73, 0x79, 0x73, 0x74, 0x65, 0x6d, 0x5f,
+ 0x70, 0x61, 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x1a, 0x01, 0x34, 0x8c,
+ 0x61, 0x72, 0x76, 0x65, 0x6e, 0x64, 0x6f, 0x72, 0x5f, 0x70, 0x61, 0x74, 0x63, 0x68, 0x5f,
+ 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x1a, 0x01, 0x34, 0x8c, 0x63, 0x82, 0xa6, 0x01, 0x02, 0x03,
+ 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x50, 0x43, 0xb4, 0xf1, 0xc1, 0x7f, 0x17, 0xc6, 0x3b,
+ 0x56, 0x27, 0x63, 0x03, 0x18, 0x78, 0x9d, 0x63, 0x93, 0x3b, 0x98, 0xed, 0x55, 0x8c, 0x87,
+ 0x1b, 0xd7, 0x89, 0xb6, 0x81, 0x92, 0x5f, 0x24, 0x22, 0x58, 0x20, 0xd5, 0x24, 0x93, 0xda,
+ 0x3e, 0x32, 0x17, 0xfa, 0xe8, 0x8d, 0x1e, 0xa9, 0xe0, 0x84, 0x4e, 0x1c, 0x6a, 0xef, 0x9a,
+ 0xe3, 0xbe, 0x1d, 0xf1, 0x14, 0xe0, 0x9e, 0x82, 0xc8, 0x92, 0x1a, 0x3a, 0x69, 0x23, 0x58,
+ 0x20, 0x29, 0xcb, 0x16, 0x78, 0x61, 0x35, 0x92, 0x3f, 0x71, 0xc4, 0x66, 0x61, 0xd4, 0xd4,
+ 0x20, 0x8a, 0x86, 0x1e, 0xb0, 0x2b, 0x2f, 0x4f, 0x13, 0xb4, 0x0d, 0x89, 0x60, 0x87, 0x77,
+ 0xac, 0x1a, 0x0f, 0xa6, 0x01, 0x02, 0x03, 0x26, 0x20, 0x01, 0x21, 0x58, 0x20, 0x4b, 0xcc,
+ 0x7a, 0x09, 0x99, 0x76, 0xe7, 0xfa, 0x06, 0xb9, 0x19, 0x22, 0x15, 0x3b, 0x9f, 0xa8, 0x34,
+ 0x77, 0x24, 0x27, 0x8c, 0x8a, 0x97, 0x61, 0xf3, 0x6f, 0x29, 0x74, 0x4e, 0x9a, 0x66, 0x23,
+ 0x22, 0x58, 0x20, 0x8f, 0xa8, 0xaf, 0x2b, 0x02, 0x3a, 0xd4, 0x8a, 0xa2, 0x9d, 0x25, 0xa8,
+ 0x01, 0xe7, 0xbd, 0x61, 0x25, 0x88, 0xb4, 0xc9, 0xce, 0x05, 0x43, 0xcc, 0x0d, 0x38, 0x7d,
+ 0xe2, 0xda, 0x03, 0xb3, 0x33, 0x23, 0x58, 0x21, 0x00, 0xc8, 0x67, 0xb8, 0xbe, 0xc4, 0x1c,
+ 0xca, 0x3c, 0x73, 0x3c, 0xbf, 0x52, 0xb2, 0x5a, 0x64, 0x9e, 0x9f, 0xae, 0xc6, 0x9f, 0x02,
+ 0x2f, 0xee, 0x92, 0x1d, 0xdb, 0x01, 0x77, 0x27, 0x12, 0x84, 0x14, 0x58, 0x40, 0x6c, 0xd5,
+ 0x66, 0x0a, 0x99, 0xdd, 0x32, 0x47, 0x50, 0x1f, 0x5d, 0x46, 0x40, 0x8a, 0x60, 0x25, 0xa0,
+ 0x1b, 0x3c, 0x2a, 0xcf, 0xa1, 0x92, 0x1a, 0xdc, 0x81, 0xaa, 0xb0, 0x0f, 0xf2, 0xe6, 0x94,
+ 0xce, 0x3d, 0xff, 0xac, 0x25, 0x44, 0xea, 0xf7, 0x0a, 0x89, 0x9d, 0xc4, 0x7e, 0xe5, 0x02,
+ 0xa7, 0xb6, 0xc2, 0x40, 0x06, 0x65, 0xc5, 0xff, 0x19, 0xc5, 0xcd, 0x1c, 0xd5, 0x78, 0x01,
+ 0xd4, 0xb8};
+
inline bool equal_byte_views(const byte_view& view1, const byte_view& view2) {
return std::equal(view1.begin(), view1.end(), view2.begin(), view2.end());
}
@@ -304,5 +556,79 @@
/*allowAnyMode=*/false, /*allowDegenerate=*/false,
DEFAULT_INSTANCE_NAME));
}
+
+TEST(RemoteProvUtilsTest, requireUdsCertsWhenPresent) {
+ auto [keysToSignPtr, _, errMsg] = cppbor::parse(kKeysToSignForCsrWithUdsCerts);
+ ASSERT_TRUE(keysToSignPtr) << "Error: " << errMsg;
+
+ auto mockRpc = SharedRefBase::make<MockIRemotelyProvisionedComponent>();
+ EXPECT_CALL(*mockRpc, getHardwareInfo(NotNull())).WillRepeatedly([](RpcHardwareInfo* hwInfo) {
+ hwInfo->versionNumber = 3;
+ return ScopedAStatus::ok();
+ });
+
+ const auto keysToSign = keysToSignPtr->asArray();
+ auto csr = verifyFactoryCsr(*keysToSign, kCsrWithUdsCerts, mockRpc.get(), "default", kChallenge,
+ /*allowDegenerate=*/false, /*requireUdsCerts=*/true);
+ ASSERT_TRUE(csr) << csr.message();
+}
+
+TEST(RemoteProvUtilsTest, dontRequireUdsCertsWhenPresent) {
+ auto [keysToSignPtr, _, errMsg] = cppbor::parse(kKeysToSignForCsrWithUdsCerts);
+ ASSERT_TRUE(keysToSignPtr) << "Error: " << errMsg;
+
+ auto mockRpc = SharedRefBase::make<MockIRemotelyProvisionedComponent>();
+ EXPECT_CALL(*mockRpc, getHardwareInfo(NotNull())).WillRepeatedly([](RpcHardwareInfo* hwInfo) {
+ hwInfo->versionNumber = 3;
+ return ScopedAStatus::ok();
+ });
+
+ const auto* keysToSign = keysToSignPtr->asArray();
+ auto csr = verifyFactoryCsr(*keysToSign, kCsrWithUdsCerts, mockRpc.get(), DEFAULT_INSTANCE_NAME,
+ kChallenge,
+ /*allowDegenerate=*/false, /*requireUdsCerts=*/false);
+ ASSERT_TRUE(csr) << csr.message();
+}
+
+TEST(RemoteProvUtilsTest, requireUdsCertsWhenNotPresent) {
+ auto mockRpc = SharedRefBase::make<MockIRemotelyProvisionedComponent>();
+ EXPECT_CALL(*mockRpc, getHardwareInfo(NotNull())).WillRepeatedly([](RpcHardwareInfo* hwInfo) {
+ hwInfo->versionNumber = 3;
+ return ScopedAStatus::ok();
+ });
+
+ auto csr = verifyFactoryCsr(/*keysToSign=*/Array(), kCsrWithoutUdsCerts, mockRpc.get(),
+ DEFAULT_INSTANCE_NAME, kChallenge, /*allowDegenerate=*/false,
+ /*requireUdsCerts=*/true);
+ ASSERT_FALSE(csr);
+ ASSERT_THAT(csr.message(), testing::HasSubstr("UdsCerts must not be empty"));
+}
+
+TEST(RemoteProvUtilsTest, dontRequireUdsCertsWhenNotPresent) {
+ auto [keysToSignPtr, _, errMsg] = cppbor::parse(
+ kKeysToSignForCsrWithoutUdsCerts.data(),
+ kKeysToSignForCsrWithoutUdsCerts.data() + kKeysToSignForCsrWithoutUdsCerts.size());
+ ASSERT_TRUE(keysToSignPtr) << "Error: " << errMsg;
+
+ auto mockRpc = SharedRefBase::make<MockIRemotelyProvisionedComponent>();
+ EXPECT_CALL(*mockRpc, getHardwareInfo(NotNull())).WillRepeatedly([](RpcHardwareInfo* hwInfo) {
+ hwInfo->versionNumber = 3;
+ return ScopedAStatus::ok();
+ });
+
+ const auto* keysToSign = keysToSignPtr->asArray();
+ auto csr = verifyFactoryCsr(*keysToSign, kCsrWithoutUdsCerts, mockRpc.get(),
+ DEFAULT_INSTANCE_NAME, kChallenge,
+ /*allowDegenerate=*/false, /*requireUdsCerts=*/false);
+ ASSERT_TRUE(csr) << csr.message();
+}
+
+TEST(RemoteProvUtilsTest, parseFullyQualifiedInstanceNames) {
+ ASSERT_EQ(deviceSuffix(RKPVM_INSTANCE_NAME), "avf");
+ ASSERT_EQ(deviceSuffix(DEFAULT_INSTANCE_NAME), "default");
+ ASSERT_EQ(deviceSuffix("default"), "default");
+ ASSERT_EQ(deviceSuffix("//the/last/one"), "one");
+}
+
} // namespace
} // namespace aidl::android::hardware::security::keymint::remote_prov
diff --git a/tv/input/1.0/vts/functional/Android.bp b/tv/input/1.0/vts/functional/Android.bp
index fad1c90..57d81e2 100644
--- a/tv/input/1.0/vts/functional/Android.bp
+++ b/tv/input/1.0/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_interactive_tv",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/tv/tuner/1.0/vts/functional/Android.bp b/tv/tuner/1.0/vts/functional/Android.bp
index 6187c73..9f3466a 100644
--- a/tv/tuner/1.0/vts/functional/Android.bp
+++ b/tv/tuner/1.0/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_interactive_tv",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/tv/tuner/1.1/vts/functional/Android.bp b/tv/tuner/1.1/vts/functional/Android.bp
index ac835a4..90b2494 100644
--- a/tv/tuner/1.1/vts/functional/Android.bp
+++ b/tv/tuner/1.1/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_interactive_tv",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/tv/tuner/aidl/vts/functional/Android.bp b/tv/tuner/aidl/vts/functional/Android.bp
index 09e63fc..ae4f598 100644
--- a/tv/tuner/aidl/vts/functional/Android.bp
+++ b/tv/tuner/aidl/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_interactive_tv",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"
diff --git a/vr/1.0/vts/functional/Android.bp b/vr/1.0/vts/functional/Android.bp
index 8e23f4f..267a1cc 100644
--- a/vr/1.0/vts/functional/Android.bp
+++ b/vr/1.0/vts/functional/Android.bp
@@ -15,6 +15,7 @@
//
package {
+ default_team: "trendy_team_android_kernel",
// See: http://go/android-license-faq
// A large-scale-change added 'default_applicable_licenses' to import
// all of the 'license_kinds' from "hardware_interfaces_license"