Gitiles
Code Review Sign In
gerrit.omnirom.org / android_hardware_interfaces / ff635634ab625504e9b1f42cb1e6771045d239e7^! / . / security
commitff635634ab625504e9b1f42cb1e6771045d239e7[log] [tgz]
authorVictor Hsieh <victorhsieh@google.com>Thu Dec 05 18:50:40 2024 +0000
committerVictor Hsieh <victorhsieh@google.com>Mon Dec 09 23:48:09 2024 +0000
treed979bee98c86a88c7a57fae558df87761e79fb77
parenta5ad8db5180e60cf101e7351845d56293869504f [diff]
Require DeleteAllKeys to work regardless of rollback resistance tag

Bug: 376261153
Test: VtsAidlKeyMintTargetTest --gtest_filter=*DeleteAllKeys* --arm_deleteAllKeys
Change-Id: Icff430509710ec928ca0b803a5bc4d1fb4e8ab88

diff --git a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
index e8eed71..b57dd8a 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl

@@ -548,10 +548,8 @@
     void deleteKey(in byte[] keyBlob);
 
     /**
-     * Deletes all keys in the hardware keystore.  Used when keystore is reset completely.  After
-     * this function is called all keys with Tag::ROLLBACK_RESISTANCE in their hardware-enforced
-     * authorization lists must be rendered permanently unusable.  Keys without
-     * Tag::ROLLBACK_RESISTANCE may or may not be rendered unusable.
+     * Deletes all keys in the hardware keystore. Used when keystore is reset completely. After
+     * this function is called all keys created previously must be rendered permanently unusable.
      */
     void deleteAllKeys();
 

diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp
index 067db78..416e6c0 100644
--- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp
+++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp

@@ -8305,21 +8305,15 @@
         GTEST_SKIP() << "Option --arm_deleteAllKeys not set";
         return;
     }
+    // This test was introduced in API level 36, but is not version guarded because it requires a
+    // manual opt-in anyway. This makes it easier to run on older devices.
     auto error = GenerateKey(AuthorizationSetBuilder()
                                      .RsaSigningKey(2048, 65537)
                                      .Digest(Digest::NONE)
                                      .Padding(PaddingMode::NONE)
                                      .Authorization(TAG_NO_AUTH_REQUIRED)
-                                     .Authorization(TAG_ROLLBACK_RESISTANCE)
                                      .SetDefaultValidity());
-    if (error == ErrorCode::ROLLBACK_RESISTANCE_UNAVAILABLE) {
-        GTEST_SKIP() << "Rollback resistance not supported";
-    }
-
-    // Delete must work if rollback protection is implemented
     ASSERT_EQ(ErrorCode::OK, error);
-    AuthorizationSet hardwareEnforced(SecLevelAuthorizations());
-    ASSERT_TRUE(hardwareEnforced.Contains(TAG_ROLLBACK_RESISTANCE));
 
     ASSERT_EQ(ErrorCode::OK, DeleteAllKeys());