Test for patchlevels and too much entropy
Add tests for:
- Too much entropy should be rejected with INVALID_INPUT_LENGTH
- All authorization lists should include a vendor and boot patchlevel.
These requirements are in both the KeyMint and the KeyMaster 4.0 AIDL
specificications, but have never been policed before.
Currently disabled with a command-line flag because CF does not have
the patchlevels and so fails lots of tests.
Test: VtsKeyMintAidlTargetTest
Change-Id: Ic9622ef3f1b80e013a34059218e3e029f392eb72
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
index 80bd057..f0dfff1 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
@@ -170,6 +170,7 @@
os_version_ = getOsVersion();
os_patch_level_ = getOsPatchlevel();
+ vendor_patch_level_ = getVendorPatchlevel();
}
void KeyMintAidlTestBase::SetUp() {
diff --git a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
index 95f0c19..88998d5 100644
--- a/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
+++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h
@@ -71,6 +71,7 @@
IKeyMintDevice& keyMint() { return *keymint_; }
uint32_t os_version() { return os_version_; }
uint32_t os_patch_level() { return os_patch_level_; }
+ uint32_t vendor_patch_level() { return vendor_patch_level_; }
ErrorCode GetReturnErrorCode(const Status& result);
@@ -266,6 +267,7 @@
std::shared_ptr<IKeyMintDevice> keymint_;
uint32_t os_version_;
uint32_t os_patch_level_;
+ uint32_t vendor_patch_level_;
SecurityLevel securityLevel_;
string name_;
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index 287b4db..f9a99aa 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
@@ -67,6 +67,8 @@
namespace {
+bool check_patchLevels = false;
+
template <TagType tag_type, Tag tag, typename ValueT>
bool contains(const vector<KeyParameter>& set, TypedTag<tag_type, tag> ttag,
ValueT expected_value) {
@@ -330,6 +332,15 @@
EXPECT_TRUE(os_pl);
EXPECT_EQ(*os_pl, os_patch_level());
+ if (check_patchLevels) {
+ // Should include vendor and boot patchlevels.
+ auto vendor_pl = auths.GetTagValue(TAG_VENDOR_PATCHLEVEL);
+ EXPECT_TRUE(vendor_pl);
+ EXPECT_EQ(*vendor_pl, vendor_patch_level());
+ auto boot_pl = auths.GetTagValue(TAG_BOOT_PATCHLEVEL);
+ EXPECT_TRUE(boot_pl);
+ }
+
return auths;
}
};
@@ -5312,6 +5323,16 @@
EXPECT_TRUE(keyMint().addRngEntropy(AidlBuf(string(2 * 1024, 'a'))).isOk());
}
+/*
+ * AddEntropyTest.AddTooLargeEntropy
+ *
+ * Verifies that the addRngEntropy method rejects more than 2KiB of data.
+ */
+TEST_P(AddEntropyTest, AddTooLargeEntropy) {
+ ErrorCode rc = GetReturnErrorCode(keyMint().addRngEntropy(AidlBuf(string(2 * 1024 + 1, 'a'))));
+ EXPECT_EQ(ErrorCode::INVALID_INPUT_LENGTH, rc);
+}
+
INSTANTIATE_KEYMINT_AIDL_TEST(AddEntropyTest);
typedef KeyMintAidlTestBase KeyDeletionTest;
@@ -5765,6 +5786,10 @@
} else {
std::cout << "NOT dumping attestations" << std::endl;
}
+ // TODO(drysdale): Remove this flag when available KeyMint devices comply with spec
+ if (std::string(argv[i]) == "--check_patchLevels") {
+ aidl::android::hardware::security::keymint::test::check_patchLevels = true;
+ }
}
}
return RUN_ALL_TESTS();
diff --git a/security/keymint/support/include/keymint_support/keymint_utils.h b/security/keymint/support/include/keymint_support/keymint_utils.h
index 53d5b96..e1ead21 100644
--- a/security/keymint/support/include/keymint_support/keymint_utils.h
+++ b/security/keymint/support/include/keymint_support/keymint_utils.h
@@ -38,5 +38,6 @@
uint32_t getOsVersion();
uint32_t getOsPatchlevel();
+uint32_t getVendorPatchlevel();
} // namespace aidl::android::hardware::security::keymint
diff --git a/security/keymint/support/keymint_utils.cpp b/security/keymint/support/keymint_utils.cpp
index e73d602..2dbdfa8 100644
--- a/security/keymint/support/keymint_utils.cpp
+++ b/security/keymint/support/keymint_utils.cpp
@@ -31,10 +31,11 @@
constexpr size_t kPlatformVersionMatchCount = kSubminorVersionMatch + 1;
constexpr char kPlatformPatchlevelProp[] = "ro.build.version.security_patch";
-constexpr char kPlatformPatchlevelRegex[] = "^([0-9]{4})-([0-9]{2})-[0-9]{2}$";
+constexpr char kVendorPatchlevelProp[] = "ro.vendor.build.security_patch";
+constexpr char kPatchlevelRegex[] = "^([0-9]{4})-([0-9]{2})-[0-9]{2}$";
constexpr size_t kYearMatch = 1;
constexpr size_t kMonthMatch = 2;
-constexpr size_t kPlatformPatchlevelMatchCount = kMonthMatch + 1;
+constexpr size_t kPatchlevelMatchCount = kMonthMatch + 1;
uint32_t match_to_uint32(const char* expression, const regmatch_t& match) {
if (match.rm_so == -1) return 0;
@@ -80,15 +81,14 @@
return getOsVersion(version.c_str());
}
-uint32_t getOsPatchlevel(const char* patchlevel_str) {
+uint32_t getPatchlevel(const char* patchlevel_str) {
regex_t regex;
- if (regcomp(®ex, kPlatformPatchlevelRegex, REG_EXTENDED) != 0) {
+ if (regcomp(®ex, kPatchlevelRegex, REG_EXTENDED) != 0) {
return 0;
}
- regmatch_t matches[kPlatformPatchlevelMatchCount];
- int not_match =
- regexec(®ex, patchlevel_str, kPlatformPatchlevelMatchCount, matches, 0 /* flags */);
+ regmatch_t matches[kPatchlevelMatchCount];
+ int not_match = regexec(®ex, patchlevel_str, kPatchlevelMatchCount, matches, 0 /* flags */);
regfree(®ex);
if (not_match) {
return 0;
@@ -105,7 +105,12 @@
uint32_t getOsPatchlevel() {
std::string patchlevel = wait_and_get_property(kPlatformPatchlevelProp);
- return getOsPatchlevel(patchlevel.c_str());
+ return getPatchlevel(patchlevel.c_str());
+}
+
+uint32_t getVendorPatchlevel() {
+ std::string patchlevel = wait_and_get_property(kVendorPatchlevelProp);
+ return getPatchlevel(patchlevel.c_str());
}
} // namespace aidl::android::hardware::security::keymint