Merge "KeyMint VTS: emit values on failure" into main
diff --git a/automotive/can/1.0/default/libnetdevice/Android.bp b/automotive/can/1.0/default/libnetdevice/Android.bp
index 653e773..b42893e 100644
--- a/automotive/can/1.0/default/libnetdevice/Android.bp
+++ b/automotive/can/1.0/default/libnetdevice/Android.bp
@@ -23,10 +23,19 @@
default_applicable_licenses: ["hardware_interfaces_license"],
}
-cc_library_static {
- name: "android.hardware.automotive.can@libnetdevice",
- defaults: ["android.hardware.automotive.can@defaults"],
+cc_defaults {
+ name: "libnetdevice-common",
vendor_available: true,
+ cflags: [
+ "-Wall",
+ "-Wextra",
+ "-Werror",
+ "-DANDROID_BASE_UNIQUE_FD_DISABLE_IMPLICIT_CONVERSION",
+ ],
+ shared_libs: [
+ "libbase",
+ "libutils",
+ ],
srcs: [
"can.cpp",
"common.cpp",
@@ -40,3 +49,14 @@
"libnl++",
],
}
+
+// TODO: migrate to "libnetdevice" and remove
+cc_library_static {
+ name: "android.hardware.automotive.can@libnetdevice",
+ defaults: ["libnetdevice-common"],
+}
+
+cc_library_static {
+ name: "libnetdevice",
+ defaults: ["libnetdevice-common"],
+}
diff --git a/automotive/can/1.0/default/libnl++/Android.bp b/automotive/can/1.0/default/libnl++/Android.bp
index 01c1e55..d929d84 100644
--- a/automotive/can/1.0/default/libnl++/Android.bp
+++ b/automotive/can/1.0/default/libnl++/Android.bp
@@ -25,8 +25,17 @@
cc_library_static {
name: "libnl++",
- defaults: ["android.hardware.automotive.can@defaults"],
vendor_available: true,
+ cflags: [
+ "-Wall",
+ "-Wextra",
+ "-Werror",
+ "-DANDROID_BASE_UNIQUE_FD_DISABLE_IMPLICIT_CONVERSION",
+ ],
+ shared_libs: [
+ "libbase",
+ "libutils",
+ ],
srcs: [
"protocols/common/Empty.cpp",
"protocols/common/Error.cpp",
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl
index 3763f0a..6837a2f 100644
--- a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl
@@ -38,6 +38,8 @@
android.hardware.security.see.hwcrypto.IHwCryptoKey.DerivedKey deriveKey(in android.hardware.security.see.hwcrypto.IHwCryptoKey.DerivedKeyParameters parameters);
android.hardware.security.see.hwcrypto.IHwCryptoOperations getHwCryptoOperations();
android.hardware.security.see.hwcrypto.IOpaqueKey importClearKey(in android.hardware.security.see.hwcrypto.types.ExplicitKeyMaterial keyMaterial, in android.hardware.security.see.hwcrypto.KeyPolicy newKeyPolicy);
+ byte[] getCurrentDicePolicy();
+ android.hardware.security.see.hwcrypto.IOpaqueKey keyTokenImport(in android.hardware.security.see.hwcrypto.types.OpaqueKeyToken requestedKey, in byte[] sealingDicePolicy);
enum DeviceKeyId {
DEVICE_BOUND_KEY,
BATCH_KEY,
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl
index 9cbf272..c74e71f 100644
--- a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl
@@ -36,4 +36,5 @@
byte[] exportWrappedKey(in android.hardware.security.see.hwcrypto.IOpaqueKey wrappingKey);
android.hardware.security.see.hwcrypto.KeyPolicy getKeyPolicy();
byte[] getPublicKey();
+ android.hardware.security.see.hwcrypto.types.OpaqueKeyToken getShareableToken(in byte[] sealingDicePolicy);
}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/OpaqueKeyToken.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/OpaqueKeyToken.aidl
new file mode 100644
index 0000000..fc2dd63
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/OpaqueKeyToken.aidl
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+parcelable OpaqueKeyToken {
+ byte[] keyToken;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl
index b5e7e9d..e472f4c 100644
--- a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IHwCryptoKey.aidl
@@ -19,6 +19,7 @@
import android.hardware.security.see.hwcrypto.IOpaqueKey;
import android.hardware.security.see.hwcrypto.KeyPolicy;
import android.hardware.security.see.hwcrypto.types.ExplicitKeyMaterial;
+import android.hardware.security.see.hwcrypto.types.OpaqueKeyToken;
/*
* Higher level interface to access and generate keys.
@@ -217,4 +218,42 @@
* otherwise.
*/
IOpaqueKey importClearKey(in ExplicitKeyMaterial keyMaterial, in KeyPolicy newKeyPolicy);
+
+ /*
+ * getCurrentDicePolicy() - Returns the client current DICE policy. This policy is encrypted and
+ * considered opaque from the client perspective. This policy is the
+ * same used to create DICE bound keys and will also be used to seal
+ * secrets that can only be retrieved by the DICE policy owner. The
+ * first use of this seal operation will be
+ * <code>IOpaqueKey::getShareableToken</code> and
+ * <code>IHwCryptoKey::keyTokenImport</code>. To start this process,
+ * the intended key receiver will call this function and then pass the
+ * generated DICE policy to the owner of the key that the receiver
+ * wants to import. The key owner will then call
+ * <code>IOpaqueKey::getShareableToken</code> passing the receiver DICE
+ * policy to insure that only that receiver can import the key.
+ *
+ * Return:
+ * byte[] on success, which is the caller encrypted DICE policy.
+ */
+ byte[] getCurrentDicePolicy();
+
+ /*
+ * key_token_import() - Imports a key from a different client service instance. Because
+ * IOpaqueKey are binder objects that cannot be directly shared between
+ * binder rpc clients, this method provide a way to send a key to another
+ * client. Keys to be imported by the receiver are represented by a token
+ * created using <code>IOpaqueKey::getShareableToken</code>. The flow
+ * to create this token is described in
+ * <code>IHwCryptoKey::getCurrentDicePolicy</code>.
+ *
+ * @requested_key:
+ * Handle to the key to be imported to the caller service.
+ * @sealingDicePolicy:
+ * DICE policy used to seal the exported key.
+ * Return:
+ * A IOpaqueKey that can be directly be used on the local HWCrypto service on
+ * success, service specific error based on <code>HalErrorCode</code> otherwise.
+ */
+ IOpaqueKey keyTokenImport(in OpaqueKeyToken requestedKey, in byte[] sealingDicePolicy);
}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl
index 0d0f613..eba4d1c 100644
--- a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl
@@ -16,6 +16,7 @@
package android.hardware.security.see.hwcrypto;
import android.hardware.security.see.hwcrypto.KeyPolicy;
+import android.hardware.security.see.hwcrypto.types.OpaqueKeyToken;
import android.hardware.security.see.hwcrypto.types.OperationType;
interface IOpaqueKey {
@@ -52,4 +53,16 @@
* <code>HalErrorCode</code> otherwise. Format used for the returned public key is COSE.
*/
byte[] getPublicKey();
+
+ /*
+ * getShareableToken() - Returns a token that can shared with another HWCrypto client.
+ *
+ * @sealingDicePolicy:
+ * Token to be used to protect the returned OpaqueKeyToken. It will be used so only
+ * the owner of the sealingDicePolicy can import the key.
+ * Return:
+ * <code>OpaqueKeyMaterial</code> token on success, service specific error based on
+ * <code>HalErrorCode</code> otherwise.
+ */
+ OpaqueKeyToken getShareableToken(in byte[] sealingDicePolicy);
}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/OpaqueKeyToken.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/OpaqueKeyToken.aidl
new file mode 100644
index 0000000..db95c18
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/OpaqueKeyToken.aidl
@@ -0,0 +1,29 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+/*
+ * Implementation defined structure that represents a key and its associated metadata. It is only
+ * valid on the current boot, and its reuse after a session is closed (or between sessions) is not
+ * guaranteed.
+ */
+parcelable OpaqueKeyToken {
+ /*
+ * Opaque type used to send IOpaqueKeys keys to different clients. Its format is implementation
+ * dependant.
+ */
+ byte[] keyToken;
+}